Blog: IOS

Cisco IOS XE devices boot into a Linux kernel first, then load IOS as a module. If you just power off the device (as we are used to doing with IOS devices), you will see disk-errors (assuming you are connected and monitoring the console) when you power it up that get auto-corrected (hopefully). This happens because log files related to the Linux kernel are still in use when you power off the device.
 
To avoid this, the documentation states to issue a reload before powering down to ensure all the log files are closed correctly, but it isn't clear at what point you can then power off. Of course if you dont, it come-back up as a result of the reload command.
 
I found a link online that recommends issuing the 'reload pause' command instead. When the device gets to the pause, it will show you a 'Enter [continue]…' prompt. At this point, you can safely power off the device and it will not have any disk errors when it boots up again.
 
This assumes you are connected to the console. Not a bad assumption as it is a bit hard to physically power down a router or switch remotely. But if you are not on the console (maybe you have a customer that will to pull the plug for you), you can still issue the reload pause command and wait about 60 seconds. That should be enough time for the device to get to that pause.
 

Read Articles without Clutter:  There is a new “Reader” button on Safari, under IOS 5 (ipads, iphones), that allows you to read the web page textual data without the surrounding clutter (advertisements).  This button is located in the url window as shown below.  There is similar functionality for other browsers supplied by Readability:  http://www.readability.com/. [more]

There are some four and five finger gestures on the iPad (iOS 4.3) that can be enabled by downloading Apple’s development kit, Xcode. The gestures can be enabled on the iPhone, too, but they seem much less useful on the smaller screen. Xcode costs $5 to download and you have to install it on a Mac, but you do not have to purchase the developer license. This website explains how to download Xcode and enable the gestures. The gestures include:

• Pinching the screen with all five fingers to close an app and return to the home screen
• Quickly switching between apps by swiping four fingers across the screen
• Opening the multitasking bar by swiping four fingers up the screen

It is possible to boot a Cisco router off of a USB flash drive.  This can come in real handy if you are on-site and the compact flash of the router is bad.  Here are the steps to do it: [more]

1. Format your USB flash drive with a FAT file system.  This needs to be FAT and not FAT32.
2. Copy the system IOS image to the USB flash drive.
3. While the router is powered off, plug in the USB flash drive to the USB port on the router.
4. Power on the router and when it starts to boot up press the Break key to enter ROMMON mode.
5. Once in ROMMON mode enter the following command to boot to USB:
   • boot usbflash0:<system image file name>    (e.g. boot usbflash0:1841-advsecurityk9-mz.124-23.bin)

The following link has some more information about what is supported: http://www.cisco.com/en/US/prod/collateral/modules/ps6247/prod_qas0900aecd80232483.html

During troubleshooting of some VPN connection issues, I was running a traffic dump session on the Ecessa PowerLink.  I noticed some unusual SSH traffic going to the internal VPN router.  When I entered in “show users” at the command line of the router, it showed myself and someone using “root” connected.  The IP address of the “root” user was an external IP address.  I performed a “whois” on the IP address.  It appeared to be originating from St. Louis Missouri. [more]

I talked to another engineer about this and after some investigation and testing, it turns out that when a person is trying to connect to a Cisco device, the show users output will show whatever username is being utilized.  I verified this by connecting to the same router and typing it “admin” at the username prompt.  The show users output showed the name admin.

The newer versions of the Cisco IOS allow you to add a compression algorithm to the transform set that defines how traffic is encrypted.  After adding new crypto map entries at a client using this compression, other VPNs (using the original transform set that does not include compression) started getting odd errors.  The VPN would stay up, but only small ping packets would get through.  And different endpoints had different sized pings that would make it through.  Eventually, I tried removing the crypto map entries using compression and the other problems disappeared.  The lesson I learned from this was to not use a crypto map that mixes transform sets with compression and transform sets without compression.