NDNA and the GRASP tool-set can be used (taking just a few minutes ) to identify any network ports that are running at half duplex in an "NDNA discovered" Cisco Data Center. ,This will allow you to pull information on thousands of router and switch-ports in minutes and parse that information in seconds. Note: We first run it using a "filtered" interface command, so you don't run into the 64k limitation with high output, as you probably would if you just ran automation using "show interface" without filtering the output (especially for core devices.) Once you know what devices are running at h ..read more

This is "part two" in my series on identifying different vendors in an "NDNA discovered" Cisco Network "Data-Center". OUIs were obtained from the following URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob_plain;f=manuf They were then parsed using the GRASP tool-set to build a list of Palo-Alto OUIs. (This list is, again, pre-built for you) and identified in step 3 of this article. This article is basically identical to part one of the series, with the exception of the Juniper file names becoming Palo-Alto and parsing the Palo-Alto OUIs. This shows how easy and repeatable t ..read more

This procedure assumes working DNS in the environment on the hosts for both A records and PTR records: 1. Using NDNA, you can run the vendor neutral custom script, using the core IP and command shown below, you'll run the following command on the end hosts first hop (e.g. L3 core) of your VLANs, depending on if it's an IOS or NXOS device. For an IOS core sh arp For an NXOS core sh ip arp Again, you can use your Python custom vendor neutral script to do this. 2. Review the config output - this example shows the file with a name of "sh-arp-config.txt" (real file name would be different if you u ..read more

I've just presented a tech talk at McAfee's 6th annual DevCon (Internal McAfee Developers Conference) for NEURAL called: "NEURAL: no-code network automation" It was pretty cool to get to present it both to our internal Development teams/techies, and to the Company as a whole.... Stay tuned for more info ..read more

Here's how you can utilize the NDNA program to do this: 1. First, put all your L3 IPs (Enterprise Wide) inside the file "enterprise-wide-routers-IPs.txt" in the following folder: /usr/enterprise-wide-routers These would be the IPs you create using the "create-enterprise-ios-nxos-routers-list.sh.x" script located in the following folder: /usr/enterprise-wide-routers/Create-Enterprise-IP-Lists-Scripts. e.g. cd /usr/enterprise-wide-routers/Create-Enterprise-IP-Lists-Scripts ./create-enterprise-ios-nxos-routers-list.sh.x This will create an IP list of all your L3 Routers across all Data-Centers/A ..read more

​​ Here's a list of upcoming posts (in the works) relating to creative ways to use the NDNA program: 1. Quickly troubleshoot flapping routes in an MPLS WAN, e.g. locate where this is or this is NOT occurring within a network 2. Quickly identify network nodes not synchronized with NTP. 3. Quickly identify all VRFs in a Data Center 4. Locating ports that hosts are connected to via mac-address-table look-ups 5. Creative ways to deal with output exceeding the 64k file size 6. Quickly locate devices with interfaces having high input/output errors 7. Quickly locate all routers advertising full rfc1 ..read more

This is "part one" in a series of multiple-posts on identifying different vendors in an "NDNA discovered" Cisco Network "Data-Center". OUIs were obtained from the following URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob_plain;f=manuf They were then parsed using the GRASP tool-set to build a list of Juniper OUIs. (This list is pre-built for you) and identified in step 3 of this article. Note 1: The OUI database information from the Wireshark website has the following format: 00:00:0D e.g. Uses a colon every two characters, and uses all CAPs. Note 2: Cisco IOS and NXOS ARP ..read more

GRASP is an acronym I came up with that’s built upon various utilities and programming languages that work together to create a “unified toolset”. I’ve found it to be very useful for a Network Engineer. All of these tools are standard on most Linux installations. The reason I came up with the acronym GRASP is, like most engineers, I sometimes have a hard time remembering all of the tools available that I’ve used in the past. Using the mental association and recall abilities you get from an acronym, I’ve found that it’s now really easy to remember that I have these tools at my disposal. I lear ..read more