Thursday, June 28, 2012

Password recovery on a Cisco ME3400 Switch

Continuing my notes on password recovery on various bits of kit. Today's task was an ME3400 Switch.

Perform the following steps to regain access to your switch:
  1. Power up the switch and send the Break sequence (dependant on the system you are working from) to access Password Recovery
  2. Load the helper files:                                         switch#load_helper
  3. Next, verify the name of your config file:            switch#dir
  4. Rename said config file:                                     switch#rename flash:config.txt flash:config.txt.old
  5. Reboot the system:                                           switch#boot
  6. Next you'll be prompt to enter the auto config process. Enter No
  7. Enter the PRIV EXEC mode:                           switch>en
  8. Rename your config file:                                   switch#rename flash:config.txt.old flash:config.txt
  9. Copy the config in the Memory:                       switch#copy flash:config.txt system:running-config
  10. Next change your passwords as you see fit
  11. Last part is to check the state of your interfaces. You may need to #no shut your appropriate ports.
     Finally apply your changes via switch#wr mem and reboot.

Monday, June 25, 2012

CCNP - ENTERPRISE - Duplex Mismatch

Right, not done any posts for a while so here we go with a note on Duplex Mismatches...

A Duplex Mismatch occurs when 2 devices are directly connected with different duplex modes. One end might be set to auto whilst the other could be set mannually to Full Duplex.

The situation is usually the result of manual configuration of an interface and the result can cause a number of effects on the network.

The most common situation for a duplex mismatch is the example above, one end set to auto (negotiate) and the other set to Full Duplex. With one end trying to negotiate whilst the other end is not the result is that the negotiation fails and the interface fails back to Ethernet standards and sets it's self to half duplex. This default action when negotiation fails allows for older hubs to be in operation in the network.

With one end now automatically set to Half Duplex and the other end manually set to Full Duplex you get the duplex mismatch.

The activity observed on the network can be varied. For example a duplex mismatch will not affect PING as the single packets are sent at 1 second intervals and therefore the link can process the traffic with out any issue being observed. Telnet will be seen as slow but you should still be able to run your session.

The main issue you will see is when both ends of the link attempt to send traffic at the same time. The end set Full Duplex can sendand receive data at the same time. No problems there, however, the end set to Half Duplex will not receive any data because it is busy sending first. The combination will result in packets from the Full Duplex end being lost whilst packets from the Half Duplex end will be slow or lost as that end perceives a collision is occurring and will run CSMA/CD.

As packets are now being lost TCP attempts to perform error recovery and retransmit the packets. This will fail as well due to the mismatch in place.

In the Full Duplex end you will see Frame Check Sequence errors and/or runt frames as packets are lost in transit.

The key to the operation to configure both ends the same. Use only Auto OR Full.

Simply change the setting on one end of the link to match the configuration of the other end.