CF Memory Cards and the Squeeze Command

Im currently upgrading some devices for a customer all over the world, nothing I didnt do before but today I ran into something suprising, at least for me. The C2811 I was going to upgrade was not having enough flash space to hold the old and the new IOS (my prefered way for upgrades) so I had to delete the old IOS to be able to upload the new one.

But after the IOS was deleted, the router did not free the flash space, this was something I was used to on older devices (C2600 for example) but not with the newer ISR routers. Quick check on google did approve what I thought, I have to use the squeeze command to free up the flash after the IOS was deleted.

I´ve found the reason after another lookup, it seems that there are 2 different file systems installed in ISR routers (guess its not for ISR2 routers but I´m not sure) a Class B and a Class C file systems. The troubleshooting guide writes the following about those two types:

Cisco 3800 series routers, Cisco 2800 series routers, and Cisco 1800 series routers use external CompactFlash (CF) memory cards to store the system image, some software feature data, and configuration files. The CF memory cards use the following file systems. The file system that is supported depends on router mode

Class B flash file system, also known as the low-end file system (LEFS)

Class C flash file system, similar to the standard DOS file system

If the router uses a Class C file system deleted files will free the space on the flash (the one I was used to) while Class B file systems require a manual intervention to free up this space. Freeing up the space on those Class B file systems is done with the squeeze command:

Router# squeeze flash:
Squeeze operation may take a while. Continue? [confirm]
squeeze in progress...
sssssssssssssssssssssssseeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Rebuild file system directory...
Squeeze complete

If you are using a Class B flash file system, after you enter the delete flash: command, the memory space of the deleted file remains occupied, although the deleted file cannot be recovered. To reclaim the memory space occupied by a deleted file, enter the squeeze flash: command, in privileged EXEC mode.

Which Class is used on the router can be checked with the command show flash all, the Class B file system will not show any geometry and format information while the Class C file system will. Examples are shown below and are taken from the guide Troubleshooting and Maintenance: Using CompactFlash Memory Cards

Class B file system

Router# show flash: all
Partition   Size    Used      Free      Bank-Size  State          Copy
Mode
1        125184K  20390K    104793K        0K      Read/Write
Direct

System Compact Flash directory:
File  Length   Name/status
addr      fcksum  ccksum
1   6658376  c28xx-i-mz
0x40      0xE0FF  0xE0FF
2   14221136  c2800-telcoent-mz
0x6599C8  0x5C3D  0x5C3D

[20879640 bytes used, 107308776 available, 128188416 total]
125184K bytes of ATA System Compact Flash (Read/Write)

Class C file system

Router# show flash: all
-#- --length-- -----date/time------ pat
1      6658376 Mar 01 2004 04:27:46 c28xx-i-mz
25268224 bytes available (6664192 bytes used)
******** ATA Flash Card Geometry/Format Info ********
ATA CARD GEOMETRY
Number of Heads:      4
Number of Cylinders    490
Sectors per Cylinder   32
Sector Size            512
Total Sectors          62720
ATA CARD FORMAT
Number of FAT Sectors  31
Sectors Per Cluster    8
Number of Clusters     7796
Number of Data Sectors 62560
Base Root Sector       155
Base FAT Sector        93
Base Data Sector       187

Cat4500-E Sup 6/7-E Etherchannel Egress Queueing

QoS on Cat4500-E with a Sup 6/7-E is more aligned to the Modular QoS CLI (MQC) known from router platforms then on a Cat6500, even though it still got restrictions based on the architecture compared to routers. The Cat4500-E switches perform all QoS actions on the supervisor engine, therefore the line cards do not add to the QoS complexity with their own queueing structure. The whole chassis uses an 1P7Q1T (1 Priority queue, 7 normal Queues, 1 Threshold) queueing structure. But there is a gotcha for QoS on Etherchannel (how surprising 😉 ), the QoS documentation shows the following restrictions:

  • Queuing actions are only allowed in the egress direction and only on the physical port.
  • Percentage-based actions like policer cannot be configured on a VLAN, Port and VLAN (PV) and EtherChannel.
  • Port channel or VLAN configuration can only have a policing or a marking action, not a queueing action.

The example configuration below shows what this means in terms of configuration. The priority queue has to be defined on the physical ports while the policing action is configured on the port-channel interface.

Example Configuration

class-map match-any PRIORITY-QUEUE
 match  dscp ef
!
policy-map EGRESS-QUEUING-PHYSICAL
 class PRIORITY-QUEUE
  priority
 class class-default
policy-map EGRESS-QUEUING-LOGICAL
 class PRIORITY-QUEUE
  police cir 2g
!
int po 1
 service-policy output EGRESS-QUEUING-LOGICAL
!
int te1/1
 service-policy output EGRESS-QUEUING-PHYSICAL
!
int te1/2
 service-policy output EGRESS-QUEUING-PHYSICAL

Cat6500-E Sup2T Etherchannel Egress QoS

Cisco is now using a more MQC like QoS configuration with the Sup2T Supervisor Engine which is called C3PL (Cisco Common Classification Policy Language). C3PL is not only used for QoS configuration but also for other tasks:

Cisco Common Classification Policy Language is a structured replacement for feature-specific configuration commands. C3PL allows you to create traffic policies based on events, conditions, and actions

If you know MQC you´ll find it more confortable to use the new C3PL instead of the old mls QoS configuration but the Cat6500 architecture still plays a role. If you want to configure egress QoS on an etherchannel, you have to configure the egress queuing policies on the physical port members of the etherchannel, it cannot be configured on the logical Etherchannel interface. If you try to, you´ll get an error message like this:

MQC features are not supported in output direction for this interface

The documentation for this can be found in the Cat6500 Supervisor 2T Qos Design At-a-Glance  Guide.

Conclusion

As explained above you have to configure egress queueing policies on the physical port members to make use of egress queueing policies on an etherchannel:

class-map type lan-queuing PRIORITY-QUEUE
match dscp ef
!
policy-map type lan-queueing EGRESS-QUEUING-PHYSICAL
 class PRIORITY-QUEUE
 priority
class class-default
!
int te1/1
 channel-group 10 mode active
 service-policy type lan-queueing output EGRESS-QUEUING-PHYSICAL
!
int te1/2
 channel-group 10 mode active
 service-policy type lan-queueing output EGRESS-QUEUING-PHYSICAL

Interesting Links 13.05.2013

SDN

Packetlife´s What the Hell is SDN?A short overview from Packetlife about the SDN topic which kinda floods the networking news at the moment:

If you follow any number of news feeds or vendor accounts on Twitter, you’ve no doubt noticed the term “software-defined networking” or SDN popping up more and more lately. Depending on whom you believe, SDN is either the most important industry revolution since Ethernet or merely the latest marketing buzzword (the truth, of course, probably falls somewhere in between)

Build your own free IOS-XE lab

Cisco recently made a virtual CSR available which allows (amongst the real use) to create a virtual lab based on the CSR 1000v. Please take care on this, the CSR 1000V requires at least 4 GB of memory, it wont work with less!

Miroslaw Burnejko´s Build IOS-XE Lab for Free
INE´s Installing the cloud services router 1000v in ESXi 5.1

Nexus 1000v

Cisco´s Capture Traffic on Nexus 1000V Series Switches

This document describes the use of the vempkt command in order to capture traffic on Nexus 1000V Series Switches.

It is difficult to troubleshoot issues on the Nexus 1000V Series Switches because there is no physical switch to put your hands on. Much of the time, a packet capture is necessary in order to determine if the packets are sent upstream.

Technical Document Updates

Cisco´s Technical Documentation Updates

You should check out this link if you want to get an overview on the Cisco technical documentation updates.

VSS and QoS on Cat6500 SUP2T


I really don’t like QoS on Cisco Switches, its too complicated and totally depends on the chassis or even on the line card in chassis based switches. What made things worse is how QoS and VSS is implemented on the Cat6500 (and documented). I recently had to create a QoS design for a customer which had VSS on Cat6500 with SUP2T and 16-port 10GE line cards. The VSL Links were on the SUP using the two 10GE ports and I had to configure QoS towards the WAN on two out of the three 1GE ports on the SUP.

Continue reading

Interesting Links 11.02.2013

I try to get this up again (once more), on a weekly, bi-weekly or monthly base (depends on how much time I get to actually read something out there in the internet). Hope it works out better this time 😉

Cisco´s CiscoLive365
This has probably become one of my number one ressources for knowledge (not sure if Google is in front or directly behind it).  Cisco offers a direct access to (nearly) all presentations from the different Cisco Live meetings across the world, and its for free. Whenever I´m in need for information on a new topic (which happens quite often) or have to review something I´ve learned somewhen, this is the place I go first.

Cisco´s SMART Business Architecture

Another usesfull ressource from Cisco is their SMART Business Architecture which contains Borderless Networks, Data Center and Colaboration Design Support and Guidelines. I currently use it as a base to refresh my Design/Best Practice knowledge, to prepare for Design Workshops with customer and as a base for an Assessment I am developing.

PacketPushers: 15 Reasons You’re Technical Documentation Sucks

A nice overview on how a documentation should/could be written and what points you should have a lookt at.

Packet Pushers: 5 Tips for Escaping Troubleshooting Hell

This article is not discussing on how to do troubleshooting itself, its more about a few key points to remember during troubleshooting. The one I like most is to write down what you have done to not loop yourself into checking the same thingthing over and over.

Installing Virtual Riverbed Steelhead Appliances

Im currently creating a lab for internal testing purposes and proof of concepts for Riverbed WAN optimizations. A few years ago, I did install quite some Riverbed Steelhead Appliances (Hardware) and the installation (not configuration) was quite straight forward ( if you dont mess up the cabling :)). But its a bit different now with virtual Appliances, we got licenses (amongst others) for two virtual Steelhead Appliance for the lab. Installing the Appliance itself is not too hard (if you know vSphere and I dont, but I got a nice coleague which did give me a little Howto). Choose the .ova file from the Riverbed page and put it into the ESX/vSphere and start the Appliance, go to the console and use the startup wizard to configure the basic settings for the system. The virtual Appliance can now be accessed over the GUI.

What got me was the licensing and the assigned hardware for the appliance ( I dont like to read installation manuals ;)).
There are currently two different virtual Steelhead appliances:

Virtual Steelhead xx50 Models
Virtual Steelhead CX xx55 Models

The former line is now end of life and the CX xx55 models are now new available since about a month or two. Both lines do have only one installation file, the specifications of the different models within the line are activated over the corresponding license key. Crossupgrading between the two lines does not work.

The license I got is one for a VCX1555H, the virtuall appliance with the highest throughput and concurrent connections but the base installation is the one for a VCX555M (smallest appliance) and thats what the installation file does request from vSphere. To be able to use the virtual Appliance as a VCX1555H vSphere has to assign more CPUs, RAM and Disk Space for the Datastore. The corresponding values can be taken from the table below:

Riverbed vSHA Hardware Requirements

The license for a 1555H can be installed even if the appliance does not have enough hardware, but it cannot be activated.

Review of the year 2012

So its now the last day of the year 2012 and I think its time to have a little review of the year and some thoughts about the coming year.

2012 for myself was a year with a lot of changes and interesting challenges. After the move from Switzerland to Germany (which is something that most people think its crazy cause normally its the other way around) I had to start at a new company in a new country  with a totally new field of work. Its quite a difference to work for a company which is not creating any revenue with what you do (I call it internal IT) compared to a company which makes revenue out of your work. But after a year I can say, that this was the right decision to make I love my job (99% of the time, but hey nothing is perfect ;)) and the company is great. I do get a lot of support and opportunities to grow from the company and my colleagues, and this wont stop in 2013. I did start with a clear technical focus (hey Im a geek, put me into the cellar and give me some light and a computer with internet access and Im fine ;)) but it somehow shifted now during the last year. Im now doing more (technical) consulting than pure technical stuff, I even got the opportunity to develop a method to analyse the infrastructure of customers regarding their IPv6 readiness and show them a possible way to get selected services IPv6 enabled.

The probably most interesting thing is the shift of thinking, instead of thinking about systems/devices and how they connect together (aka the Network) the focus relies now on services which use the network as the underlaying system which is also another interesting point of view.

2013 will get me more into this direction since we are going to increase our consulting services and some colleagues and me are selected to develop those offers.

 

2012 was also a real calm year in terms of my blog, this post is only the second post for 2012! Not much I know but time and mood didn’t permit to write more 😉 I did also think about the future of this blog and what I should do with it. The conclusion out of this is to change the focus of this blog, in the past the blog was pure technical related. Trying to explain protocols and other stuff to the community, but It always took me (dunno how this is for others) a long time to write an article, check it for technical errors (you can keep grammar and spelling errors if you find them ;)). There are a lot of other blogs around which are explaining this and a lot of them are probably doing it even better than I can, I decided to write more about things I stumble upon during my projects or other things I think they might be worth sharing. Ill leave the technical explanations to people that actually do it better 🙂

 

Maybe one last thing. I sometimes get comments or mails from people asking me to help them with their CCIE studies. I am not going to give advice nor help, guys there are a lot of companies, blogs and mailing lists around for those things which have more actual information (hey I did pass the lab in 2008, guess how many times the lab did change during this time…). And something you really should add to your skills is to do your own research before asking to be spoon feed with information. A teacher once told me:

 

You don’t have to know everything, you just have to know where to find it

 

No one (maybe with some small exceptions) is able to know everything and if you are like 99.999% of mankind you should really make yourself comfortable with doing research by yourself, this skill will help you a lot in life (no matter if its at work or in your private life).

Ok enough of useless writings, I wish you all a happy new year and may 2013 bring you what you are looking for.

Busy time

Hi there

Its some time ago now since I did write the last post. Its not that I dont want to write, but my life did change quite a lot over the last 2-3 month.

I did decide to move from Switzerland to Germany last year in november and start at a new company here. Since december last year I do work as a Network Design Engineer at Dimension Data, one of the biggest Cisco partners in Germany. It feels now that Im on the right place to work, I do work a lot more with different technologies, protocols, boxes or whatever than before, can use my knowledge and learn a lot of new stuff or get deeper into something I did once years ago and there is still a lot of space to grow.

I also still got my flat back home until the end of the month (still in the movement process) and quite a lot of work did not really help to get time or the mood to write something 😉 I hope to find more time in the future to get up with with writing articles again 🙂

Interesting Links

Probably a category which is found in a lot of blogs, but the more I think about it, the more I like this kind of post. My google reader blog list grows and grows and there are those posts I’d like to save somewhere, so I could either make myself a (some when) blown up link list or why not share it with others, and create a category on my blog for it, so I got a full searchable link archive?

I don’t know yet how often I will post such an article, so lets see how it will evolve 🙂

IPExperts Cisco’s STP Toolkit

Overview about the STP Enhancements from Cisco

Cisco was not going to sit and wait around for the standards bodies to enhance Spanning-Tree Protocol so that it would converge faster and be more safe to implement. Instead, Cisco has been hard at work creating tools that could improve the protocol. Here is some review about these various tools.

Continue reading