Saturday, September 27, 2014

Latest Updates

Current IP Address is 98.169.34.136.

Please clear your configurations before finishing. Thanks!

1. Check the Lab Console Status Page to see which switches are available.
2. Console logs are available on the Console Log Page. Your IP is stripped off for privacy. Updated every minute. Use this to see what others typed, like what password did someone set?
3. Time on each console line is 80-90 minutes.
4. SW7 Fa0/11 connects to the Linux Lab Host. This connects to GRE tunnels.
5. Feel free to download and save the Lab Topology diagram, or click-here!



telnet 98.169.34.136 49001
telnet 
98.169.34.136 49002
telnet 
98.169.34.136 49003
telnet 
98.169.34.136 49004
telnet 
98.169.34.136 49005
telnet 
98.169.34.136 49006
telnet 
98.169.34.136 49007
telnet 
98.169.34.136 49008


Console / Device Type
----------------------
49001 = Catalyst 3750
49002 = Catalyst 3560
49003 = Catalyst 3550
49004 = Catalyst 3550
49005 = Catalyst 3550
49006 = Catalyst 3550
49007 = Catalyst 3560
49008 = Catalyst 3750

Serial Number / MAC Address
SW1 = CAT0935Z20Q , 00:15:62:64:33:00
SW2 = FDO1123Z5D3 , 00:1C:58:23:64:80
SW3 = CAT1003N35U , 00:16:C8:31:90:00
SW4 = CAT0806Z1FL , 00:0F:24:B7:14:00
SW5 = CAT0802R1S6 , 00:0F:23:3B:8A:80
 SW6 = CAT0826N2S6 , 00:11:92:97:EF:00
 
SW7 = CAT1023N4CK , 00:18:73:30:7E:00
SW8 = CAT0815Y0VD , 00:0F:F7:2C:C6:00
Linux Lab Host = 00:14:D1:23:A2:EA 

If you want to connect your routers or switches to this lab, please email me to setup a GRE tunnel! Thanks!

Introduction

The Cisco switch lab is free and open to the entire world 24x7. No reservations or registration is required.  Just login anytime! Login to whatever you want.

Please follow these simple rules:

1. Do not change the line console settings.
2. Do not erase the IOS image or format the flash filesystem.
3. If you need to set a password, use "cisco"
4. Do "wr erase" and "reload" BEFORE you are done (type "no" when it asks to save the config).

To login, use a Telnet client like Unix/Linux telnet, Putty, Tera Term, or SecureCRT and telnet to TCP ports 49001, 49002, 49003, 49004, etc. Each port goes to a specific console line, and that goes to a specific switch or router.

telnet 98.169.34.136 49001
telnet 
98.169.34.136 49002
telnet 
98.169.34.136 49003
telnet 
98.169.34.136 49004
telnet 
98.169.34.136 49005
telnet 
98.169.34.136 49006
telnet 
98.169.34.136 49007
telnet 
98.169.34.136 49008


If you're coming in from a tunnel or another site, you can telnet to 10.10.11.1 <TCP port>.

The lab has a liberal access policy. You get 80-90 minutes per session on each console line, a 1 hour waiting period, and a 2 hour reset period, on each line. Each line is timed separately (which is a good thing). This means you can have many logins and sessions per day on any console line, and you can login to as many devices as you want that are available. Read the FAQ below and the Lab Details page for more information.

If Windows Telnet causes problems, try running "term len 0" in Cisco IOS, or just use another terminal program.


To check which devices are available, click http://98.169.34.136:8080/labstat.txt .

You can login to all 8 devices to manage the entire lab. The devices include:

Console / Device Type
----------------------
49001 = Catalyst 3750
49002 = Catalyst 3560
49003 = Catalyst 3550
49004 = Catalyst 3550
49005 = Catalyst 3550
49006 = Catalyst 3550
49007 = Catalyst 3560
49008 = Catalyst 3750

All switches are Layer 3 switches, and support IP routing, routed ports, SVI's and routing protocols like RIP, EIGRP, OSPF and BGP. All Cisco IOS commands are available.

Click on the Network Topology below to see the lab. Save the diagram to your computer (or choose view image) to view at maximum size, or click here.



You can also connect your switches and routers to this lab to make a larger lab. You can tunnel directly with me, or route from another lab site. To attach your devices, it is recommended that you have:

1. Any router or Linux/BSD/Unix host that supports GRE and BGP
2. Reliable internet connection
3. Network devices you can share


To see the Routing Tunnel Lab Topology, go to the Routing Tunnel Lab page.


Exact cabling is subject to change. Please email me if you need any cables or GBIC's moved or reseated (e.g., flaky SFP, loose cable, etc).

Always run "sh cdp ne" or "sh cdp ne det" to see all switches, and the current cabling.

The MAC address of the Linux Lab Host at 10.10.11.1/24 is 00:14:d1:23:a2:ea.

More information can be found in the Lab Details page.

Tuesday, July 31, 2012

FAQ


1. How long can I stay login to the switches and routers?

You can login for 80 minutes on each console line (actual time 80-90 mins). After that, your IP address will be blocked for 1 hour on that specific console line to allow others the chance to login. After that, your IP will be un-blocked, and you can log back in on that console line. Accumulated time will also be reset back to zero after 2 hours of inactivity. Each console line is timed and tracked separately, so you might be blocked on one line, but be un-blocked on other lines. This means you can login to multiple free devices quite often if the lab is lightly used. Refer to the Lab Details page for more information.



2. If I'm blocked on one switch, can I login to other switches?

Yes, go ahead and login to the other switches. Each console line is monitored separately, so even if you use up all your time on one line and get blocked, you can still try and login to the other lines.


3. How do I know which switches and routers are available?

To check which devices are available, go to http://98.169.34.136:8080/labstat.txt . This page will list those TCP ports (console lines) that are being used and those that are available. The information is updated every minute, but you must manually refreshed the web page.


4. Is this lab completely free? Do I have to pay any fees, register or make any reservations?

Yes, it is completely free to use. There are no fees, no reservations or registration required. You can login right now or at anytime. Of course, any donations, even a dollar or two, will be most appreciated and will be used to keep the switches and terminal console server running, replace GBIC's, etc.



5. Why don't you make a scheduling system?

There are several reasons. For one, I have to use this lab also. I don't want something where I have to disable or update everytime I use the lab. Another reason is that the intent of this lab is to maximize user access and ease of access. I don't want the lab to be over-engineered and under-utilized. Instead of a few people reserving the whole lab everyday, in this lab there is no limit as to how many people can login everyday. Anyone can login anytime to all lab devices immediately. I did write a script that enforces timing and access control to make user access reasonable.



6. Can the Layer 3 switches route with R1 and R2?

Yes, all seven Layer 3 switches can reach R1 and R2 for a total of 8 routable devices. Just turn on IP routing, manage the trunks on SW5 or SW6, and setup routing with R1 or R2. You can also route directly with R1, R2 and the Linux Lab Host using Fa0/15 (Fa1/0/15 on SW1). Go to the Routing Tunnel Lab page for additional information.



7. How many switches or routers can I login to?

You can login to as many devices as you want that are available. Feel free to login to 1, 2, 3 or all 8 devices. It's up to you. If no one is login to a switch or router, you can login to it.



8. I tried to login to a switch, but the screen disappears or nothing appears, what do I do?

Try to hit Enter a few times to see the Cisco login prompt. If nothing happens, either someone is using that console line, you're blocked temporarily, your firewall is blocking you, or that console line is down for some reason. Try to login to another console line.



9. If someone is logged into a switch, how long do I have to wait?

I recommend trying again maybe in a half hour or so. Their time might expire, they might idle and time out, etc. The serial line will close if the login is idle for 10 minutes. You can also try logging into other switches.



10. Can I login to all the switches at the same time?

Yes, you can login to all the switches if all the console lines are available. You can logon to as many as you want that are available. If someone else is already logon to a specific console line, you have to wait until they logout on that line, or that line times out (there is a 10 minute inactivity timeout).


11. Can I schedule or reserve the entire lab to myself?

No. But, if you're able to login to all six switches and both routers, you will have the entire lab to yourself.


12. I can login to some switches, but not others. What happened?

Maybe someone is login to the console of the other switch, or you could be blocked on that console line.



13. If someone else is login to other switches, how can I isolate my switches from theirs?

Just shutdown all your links to the other switches you're not login to, and that will isolate your switches. Refer to the network diagram or use "sh cdp ne" to check which links you have up.


14. How do I know which device I am on if someone changed the hostnames of the switches or routers?

You can use "sh cdp ne" to give you an idea of where your device is in the Lab Diagram. You can also look at "sh ver" or "sh inventory" to see the Serial Number of the device. For your reference, here are the Serial Numbers and MAC addresses for the Cisco lab devices:

SW1 = CAT0935Z20Q , 00:15:62:64:33:00
SW2 = FDO1123Z5D3 , 00:1C:58:23:64:80
SW3 = CAT1003N35U , 00:16:C8:31:90:00
SW4 = CAT0806Z1FL , 00:0F:24:B7:14:00
SW5 = CAT0802R1S6 , 00:0F:23:3B:8A:80
SW6 = CAT0826N2S6 , 00:11:92:97:EF:00
SW7 = CAT1023N4CK , 00:18:73:30:7E:00
SW8 = CAT0815Y0VD , 00:0F:F7:2C:C6:00


15. Will this lab help me to prepare for the Cisco CCNA or CCNP exams?


Yes, it will. For the CCNA level, practice on Dynamips/GNS3 and Packet Tracer is almost enough. But you still need to get hands on experience with real Cisco hardware, especially switches. That's where this lab comes in. For the CCNP level, you should have some experience with the features in the 3560, 3750, etc.


16. Do the Catalyst 3750 and 3560 support Private VLAN's?

Yes, they do.


17. Are all Cisco IOS commands available?

Yes, you will have access to enable mode. Depending on the device model, all Cisco IOS commands are available for you to explore and configure the lab. Because there are different models and IOS versions, some commands and syntax are different.



18. Can I change the topology, move cables around or shutdown any ports?

You can shutdown or enable any ports you like to reconfigure the topology. If you need any cables or GBIC's moved around, or a switch power cycled, please email me, and I will look into it.


19. Can I telnet or ssh from one switch to another?

You can do that if the switches are configured with trunks or access links, IP addresses on VLAN interfaces or routed ports, and the vty lines are setup for telnet or ssh.




20. The last person who used the switch did not clean it up. What can I do?

Run "wr erase" and "reload". Answer No when it asks if you want to save the configuration. This will wipe out the startup-config. Since you're on the console line, you can watch the entire reboot sequence, such as the interesting Cisco hardware and POST messages that will soon appear. It takes a few minutes for the switch to reload. Then, Cisco IOS will ask if you want to configure the switch, you can answer No (unless you want to answer more questions), then confirm that you want to end the Autoinstall feature. Now, you have a clean switch.


21. I think someone totally f---ed up a switch, someone set a password, or it's been wiped out. What can I do?

If something looks like it's out of control or hanging the switch, first try SHIFT-CTRL-6 or SHIFT-CTRL-6-X. If that doesn't help, you can try to find out what someone did by reading the log in the Console Log Page. You can also post a comment on this blog, or email me immediately. Thank you for alerting everyone!


22. Are these real Cisco switches and routers, or are they from Dynamips/GNS3?

These are real Cisco Catalyst switches and real Cisco routers. Dynamips/GNS3 cannot emulate the ASIC's of Cisco Catalyst switches. You can look at the POST messages and show version to see these are real devices.


23. Are these Layer 3 switches? Can they do routing?

Yes, all of them have Layer 3 IOS images, and you can enable routing, run RIP, EIGRP, OSPF, BGP, etc.


24. How do I turn on routing on the switches?

SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#ip routing
SW1(config)#




25. Why are some trunk ports mismatched, like fa0/1 going to fa0/2, or fa1/0/46 going to fa0/47?

Under some configurations, this can illustrate STP using the lowest sender port ID (prio.nbr) in the path selection process. Of course, you can also manually change the port priority values. Please email me if you want any of the cabling changed.



26. What do you use for a terminal server?

My home Linux machine is the terminal server and firewall. It is currently running Scientific Linux and ser2net. I might try different versions of Linux, FreeBSD or other Unixes. More information can be found in the Lab Details page.



27. In the Routing Tunnel Lab, why should users create their own tunnel (the Lab User Tunnel) to route with a remote lab site?

The Lab User Tunnel is necessary because the Linux host does not normally route with the lab, except for BGP. Users can configure routing on their own and route their own subnets, if they use their own tunnel. If only the Lab Management tunnel is used, users will need help to configure the routing on SW1-SW7, R1, R2 and on the Linux Host.

Please see the Routing Tunnel Lab page for more details.



28. Will you add some end devices?

In the future, I might consider logins into VM's or containers like BSD Jails to offer a client/server experience. There are obvious security and maintenance issues. For now, you can use the 2621XM routers or VLAN interfaces or routed ports on the switches to act as end devices.


29. Will you add devices from other vendors, like Juniper, Brocade or Dell Force 10?


I would like to add some Juniper devices in the future.


30. Where is this lab located?


In my home in the Washington, DC area.



31. I have some routers and switches also. Can I use them with this lab?

Yes, absolutely! You can either tunnel directly with me, or use another lab site, like FreePeerX.org!



32. Who do I contact if I have suggestions, questions or problems with the lab?

Please email Brendan , and I will try to respond as soon as possible.