All Entries in the "Cisco" Category
Cisco: How to determine the serial number of hardware components
Some days ago I had to check for the serial number of a faulty fan tray that need to be exchanged in C6500 series. Now most of you I believe know the commands “show version” or “show hardware” which will get all the information that you need most of the time, but not always. I decided to put in this post some useful commands to identify the Cisco hardware components and their respective identifiers (serial nnumber) on different platforms.
I will use for my example a C6500 series switch, because this support most of the commands that I know. Also the real serial numbers will be stripped out and replace with a fake one, as I don’t want this to be used by third parties.
show version – Any network administrators who work with Cisco devices are more than likely familiar with the show version command. The most common use of this command is to determine which version of the Cisco IOS a device is running, but this command also offers different usesful information like the IOS version, ROM bootstrap, uptime, RAM quantity, FLASH capacity and many more. Coming back to our topic from this post, show version ouput the Processor board ID which should be the same serial number like the one printed on a sticker on the back of the Cisco device. This is also used as the device serial number in any service contract that you might have. You can see below an excerpt of the show version command on C6500 platform:
Cisco Internetwork Operating System Software
IOS ™ s72033_rp Software (s72033_rp-JK9SV-M), Version 12.2(18)SXD6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 17-Aug-05 17:48 by evmiller
Image text-base: 0×4002100C, data-base: 0×42698000ROM: System Bootstrap, Version 12.2(17r)S4, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-JK9SV-M), Version 12.2(18)SXD6, RELEASE SOFTWARE (fc1)r8-c6500 uptime is 6 weeks, 3 days, 20 hours, 32 minutes
Time since r8-c6500 switched to active is 6 weeks, 3 days, 20 hours, 31 minutes
System returned to ROM by reload at 18:50:17 PDT Sat Apr 7 2007 (SP by reload)
System image file is “disk0:s72033-jk9sv-mz.122-18.SXD6.bin”If you require further assistance please contact us by sending email to
export@cisco.com.cisco WS-C6506 (R7000) processor (revision 3.0) with 458720K/65536K bytes of memory.
Processor board ID SAL00000XXX
SR71000 CPU at 600Mhz, Implementation 0×504, Rev 1.2, 512KB L2 Cache
Last reset from s/w reset
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.
1 Virtual Ethernet/IEEE 802.3 interface(s)
42 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0×2102
show module – beside giving you a list of the modules and slots where they are connected (e.g. on C6500 series), it also return status, model, hardware address, software / hardware version and the most important for us today, the serial number of each module / sub-module. Check C6500’s output of show module command:
Mod Ports Card Type Model Serial No.
— —– ————————————– —————— ———–
1 0 FRU type (0×6003, 0×450(1104)) 7600-SSC-400 JAB000000XX
2 2 IPSec VPN Accelerator WS-SVC-IPSEC-1 SAD0000X0X
3 16 SFM-capable 16 port 1000mb GBIC WS-X6516-GBIC SAL0000000
4 6 Firewall Module WS-SVC-FWM-1 SAD000000X
5 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAL0000XX00
6 16 SFM-capable 16 port 1000mb GBIC WS-X6516-GBIC SAL0000XXXXMod MAC addresses Hw Fw Sw Status
— ———————————- —— ———— ———— ——-
1 0013.60a4.c688 to 0013.60a4.c6c7 1.0 Unknown Unknown PwrDown
2 0001.c9df.65ba to 0001.c9df.65bd 1.3 Unknown Unknown PwrDown
3 0009.11e3.1c84 to 0009.11e3.1c93 5.0 Unknown Unknown PwrDown
4 0019.5671.803a to 0019.5671.8041 4.0 7.2(1) 3.2(10) Ok
5 0013.c347.2e90 to 0013.c347.2e93 5.3 8.4(2) 12.2(18)SXD6 Ok
6 000d.65f7.1a8c to 000d.65f7.1a9b 5.5 6.3(1) 8.3(0.156)RO OkMod Sub-Module Model Serial Hw Status
— ————————— —————— ———— ——- ——-
5 Policy Feature Card 3 WS-F6K-PFC3B SAL0000XXX 2.3 Ok
5 MSFC3 Daughterboard WS-SUP720 SAL0000X0X0 2.6 OkMod Online Diag Status
— ——————-
1 Unknown
2 Unknown
3 Unknown
4 Pass
5 Pass
6 Pass
show inventory – retrieve and display the Unique Device Identifier (UDI) information from any Cisco product that has electronically stored such identity information. A UDI consists of the following elements: Product identifier (PID), Version identifier (VID) and Serial number (SN).
The PID is the name by which the product can be ordered; it has been historically called the “Product Name” or “Part Number.” This is the identifier that one would use to order an exact replacement part.
The VID is the version of the product. Whenever a product has been revised, the VID will be incremented. The VID is incremented according to a rigorous process derived from Telcordia GR-209-CORE, an industry guideline that governs product change notices.
The SN is the vendor-unique serialization of the product. Each manufactured product will carry a unique serial number assigned at the factory, which cannot be changed in the field. This is the means by which to identify an individual, specific instance of a product.
The raw parameter on the show inventory command is useful mostly for troubleshooting purpose. Compared with the previous commands, this one give you a better overview of the full range of hardware components installed (e.g. fan-tray, power source….) Below you can see an excerpt from the command output:
NAME: “WS-C6506″, DESCR: “Cisco Systems Catalyst 6500 6-slot Chassis System”
PID: WS-C6506 , VID: , SN: SAL00000XXXNAME: “WS-C6K-VTT 1″, DESCR: “VTT FRU 1″
PID: WS-C6K-VTT , VID: , SN: SMT0000X000NAME: “WS-C6K-VTT 2″, DESCR: “VTT FRU 2″
PID: WS-C6K-VTT , VID: , SN: SMT0000X000NAME: “WS-C6K-VTT 3″, DESCR: “VTT FRU 3″
PID: WS-C6K-VTT , VID: , SN: SMT0000X000NAME: “WS-C6000-CL 1″, DESCR: “C6K Clock FRU 1″
PID: WS-C6000-CL , VID: , SN: SMT0000X000NAME: “WS-C6000-CL 2″, DESCR: “C6K Clock FRU 2″
PID: WS-C6000-CL , VID: , SN: SMT0000A000NAME: “1″, DESCR: “7600-SSC-400 0 ports FRU type (0×6003, 0×450(1104)) Rev. 1.0″
PID: 7600-SSC-400 , VID: V01, SN: JAB000000XX
show diagbus - in order to find the serial number of port adapters that plug into the Flex WAN module, issue the show diagbus command from the MSFC command-line interface (CLI), like in the example below:
Slot 2: Logical_index 4
2 port adapter Enhanced FlexWAN controller
Board is analyzed ipc ready
HW rev 2.0, board revision A0
Serial Number: JAB0000000 Part number: 73-9539-03Slot database information:
Flags: 0×2004 Insertion time: 0×249E4 (18w3d ago)Controller Memory Size:
192 MBytes CPU Memory
63 MBytes Packet Memory
255 MBytes Total on Board SDRAM
Cisco IOS Software, cwlc Software (cwpa2-DW-M), Version 12.2(33)SXH3a, RELEASE SOFTWARE (fc1)PA Bay 0 Information:
T3+ Serial PA, 1 ports
EEPROM format version 1
HW rev 1.00, Board revision B1
Serial number: 15225203 Part number: 73-3762-02
Slot 2: Logical_index 5
2 port adapter Enhanced FlexWAN controller
Board is analyzed ipc ready
HW rev 2.0, board revision A0
Serial Number: JAB0000000 Part number: 73-9539-03Slot database information:
Flags: 0×2004 Insertion time: 0×209C0 (18w3d ago)Controller Memory Size:
192 MBytes CPU Memory
63 MBytes Packet Memory
255 MBytes Total on Board SDRAM
Cisco IOS Software, cwlc Software (cwpa2-DW-M), Version 12.2(33)SXH3a, RELEASE SOFTWARE (fc1)
show idprom – In order to determine the serial number for the chassis and other components. This command has multiple parameter to issue in case that you want to restrict the information that is returned to you show idprom [parameter]. Some parameter option would be: backplane, fan-tray, module, interface and others which you can discover with well known help command show idprom ? . An example you can see below:
show idprom backplane
IDPROM for backplane #0
(FRU is ‘Catalyst 6500 6-slot backplane’)
OEM String = ‘Cisco Systems’
Product Number = ‘WS-C6506′
Serial Number = ‘SAL0000XXX’
Manufacturing Assembly Number = ‘73-3436-03′
Manufacturing Assembly Revision = ‘B0′
Hardware Revision = 3.0
Current supplied (+) or consumed (-) = -
As i said before not all of this commands are working on every Cisco device, that’s why I choose a C6500 for the example as it support all of them. Also this are the commands that I used mostly to obtain information about Cisco hardware components, if there are another ones that you find useful please add them to the comments section and I’ll add them to this article.
Popularity: 7% [?]
10 tips that I can tell you about Cisco CCIE exam preparation
Since now I’m closer than ever to my CCIE lab exam, I thought that it would be a good opportunity to share some of my preparation experience with you. Even if this post is focused of the CCIE preparation, I believe that you can take my advices into consideration even if you are preparing for some other exam.
As most of you, when I started the preparation I searched on the Internet about some advices like what should I read, how much time to dedicate to study and how to achieve the maxium results. This are only a few example, the entire list is much more longer and boring I believe.
I found a lot of tips, tricks, advices and many more. Some of them were really useful and helped me, but a lot (and I mean a lot) had no idea what they are talking about. I was dissapointed to find out that some advices there were just lines on a web page and the author had no idea what he or she was talking about, just taking the ideas from another blog (usually one which belong to a network engineer) and posting on his or her blog, webpage article.
So, why I’m writing this post. Well I hope that the way I see things and the advices that I give based on my personal experience can really help some of you.
Don’t trust everything and everybody – If somebody tell you that you should read at least xy number of books and take 1-2-3 bootcamps, stop one second and think. Compare your experience with the one of the person you are speaking to. Maybe you have 7-10 years of experience in related field and you already know most of the theoretic things. Don’t spend time reading just because somebody praise himself on mailing list or some forum with how many materials he read.
Don’t get discouraged – If you are reading on Internet (e.g. forum, mailing lists) ideas that get you discouraged on and on…quit reading them; YOU are the only one aware of your knowledge and you have to trust yourself not opinions on the Internet. Just because somebody say that you will fail on your first attempt, does not mean that it will be like that.
Do not learn if you are tired – You will only get more tired and more frustrated. Do not compare the time you are learning with the one of other CCIE pretenders. You don’t have to learn 12 hours / day just because somebody does it. Maybe that persons has not other thing to do, no work, family, pets or he / she are more slow learners than you. It’s not a competition who’s learning more in a day. If you are tired after a work day, just go to bed, sleep and then when you can you will learn. You’ll see that you can learn in 2 hours when you’re rest more that in 4 hours when your tired.
Don’t quit, just relax - If you encounter some problems during your lab preparation, and you just cannot see the solution, take a 30 minutes break, and maybe than you can see the task with “different eyes”. Sometime the solution is just in front of you, but you cannot see it right away.
Trust your knowledge – I’m not saying here to solve one lab or task during preparation and to praise yourself being so smart, but the right imagine about you can help. Remember that the more trustful you are in our skills, the more chances to obtain a positive results you have.
Don’t hesitate – When you are doing labs, task, questionnaires usually the first idea you have is the best one. Analyze the request correct but don’t start questioning yourself if are doing well, maybe you should apply other solution, or maybe…all of this will confuse you and give you headache. At least now you are in preparation and you can check if you are thinking in the right way. Also you can learn from your mistakes.
When you are not learning try not to think that you should do it – This is one of the most hard thing to achieve, and I have to admit that in most of the time I cannot follow this advice. But if you can, do it. As an example, you really want to see movie, you go to the cinema, but your mind is just making you think of networking, topologies, cisco and so on…At the end you will see that you did not enjoy the movie at all, didn’t relax and didn’t learn either. You gain nothing.
Do not neglect your closer ones during preparation – You will see that you have much more to earn if you give up 1-2 hours of learning in weekend and get out with your family, girlfriend, friends or pet. Try to understand that you have more to gain from their support sometimes than from those 2 extra hours of learning.
Prepare yourself – In a consistent and rigorous mode. After all any exam and especially Cisco CCIE exams are hard to pass. This kind of exams can really improve your professional and personal life.
Be kind and share knowledge to those who are in need – You never know when somebody will return the favor to you. I’m not saying here to let somebody (even more if that somebody is making money from your help) to take advantage of you, but helping make you feel better and prove to you that you didn’t learn for nothing.
Maybe you expected more technical advices and tips and you are a little bit disappointed, but I can assure you that the lines above can really help you in your preparation. Nothing is more important that to understand that CCIE exam is design to help you improve your life not destroy it. If you neglect everything in favor of preparation and then you have bad luck and do not pass it from the first attempt, you could become frustrated because you’ll realize that you spent a long time just learning and now you have nothing. This will stop you from going to the second or third attempt and you’ll end with lost time and without any degree.
Popularity: 5% [?]
Cisco: How to achieve network redundancy with 2 interfaces
Sometime ago, during my preparation for Cisco CCIE certification, I encountered a task that I had to admit made me think a little bit, even I should see the solution from the first minute. The idea, at least as I see it, is that as much as you learn for some certification you start to see only the complex and painful part of the networking and this made me skip over the simplest solution. Something like, I learn to fly to the moon but I forget how to step on earth…
Before I start please have a look to this network topology. The task was having some statement that due to the monthly cost, R1 should use only one line (Frame-Relay) to communicate to the networks behind R2 (I took in this example Loopback0: 2.2.2.2 /32) and in case that the R1’s protocol interface to Frame-Relay cloud is going, the connection to R3 should become active and traffic should flow through there. The scope was to achive some redundancy from R1 to the rest of the network. As I said before the solution was much more simplest that I start initially to think of and you can see it immediately.
Regarding the routing since this is not the main point discussed here, I just add 2 static routes on R1 to 2.2.2.2; one route through R2 and another one through R3 (with higher distance metric). Of course I put the necessary static routes and tracking on R2 and R3.
One advice if you want to try this on your own with this topology. Do not manually shutdown the main interface to enable the backup one, as it will not work. For testing you have to find a way that the main interface is down, but not administratively down. This is just not to get angry that this method is not working.
Popularity: 5% [?]
How to protect your network and users with not additional costs
One of the biggest problems in today’s network security is users surfing on the Internet. I’m not against offering Internet access at work place or schools, for example, but I believe that some measures should be taken by the network administrators to limit the users from being able to access (intentionally or not) the webpages with threatening content (hijack, malware, spyware and so on…).
If big corporation have the money to invest in security development and devices, than the SOHO business would rather invest those money in something else. Sometime ago, I was having in my home a small network meaning on one PC and a notebook in my apartment and some few devices in other friend flat from the same building. Since the other partners that I was sharing the network with, where not so familiar with the bad things on the Internet, I had to come with a solution to limit the monthly problems with strange software being installed on their PCs after a night of web surfing. You know what I talking about, right? Nice banner pop-up, user click on it then something like spyware getting installed on his/her device.
Instead of investing in some firewalls, or configuring a Linux machine to filter traffic, I let some smart machines to filter my traffic: Domain Name Servers. So, I arrived at opendns.com. Free service that let you use their NS services, provide you with stats and filtering. Exactly what I needed. From that point everything was easy. I announced their NS IP addresses in my home network from our Cisco router through DHCP as default DNS servers, and I was protected. I assume that you also have a Cisco device, but if not, please have a look here where you might find your device and how to configure it.
One note has to be mentioned, before I invite you to see the tutorial below. OpenDns.com stated clear in their Terms of Use, that their services are for home users. So, if you have so kind of small or medium business, please send ask them before you use their service as explained below.
Please click on the image below to see the presentation:
Popularity: 5% [?]
