This Cacti template should work with any autonomous Cisco AP. It will SNMP poll and display all active Dot11 Associations on the access point. Note the AP I am testing with has an AIR-RM3000AC-A-K9 module, giving me an extra radio.

Cisco Dot11 - Active Wireless Clients

If you do not have a 802.11AC radio installed in your AP then after importing you may need to modify the Graph Template and remove all the Radio2 graph template items; not doing so may cause the graph not to display properly.

SNMP OIDs queried: [SOURCE]

ActiveWirelessClients (for 2.4Ghz radio) = OID: .1.3.6.1.4.1.9.9.273.1.1.2.1.1.1
ActiveWirelessClients (for 5Ghz radio) = OID: .1.3.6.1.4.1.9.9.273.1.1.2.1.1.2
ActiveWirelessClients (AIR-RM3000AC-A-K9) = OID: .1.3.6.1.4.1.9.9.273.1.1.2.1.1.10

This Cacti template will import/update the following items:

GPRINT Preset

  • Normal
  • Exact Numbers

Data Input Method

  • Get SNMP Data

Data Template

  • Cisco Dot11 – Radio0 Associations
  • Cisco Dot11 – Radio1 Associations
  • Cisco Dot11 – Radio2 Associations

Graph Template

  • Cisco Dot11 – Active Wireless Clients
05. January 2016 · Comments Off on Traceroute script to detect route changes. · Categories: Linux, Linux Scripts, Networking · Tags: , , ,

The following script relies on MTR and is meant to be run in cron. It could be useful to log and/or detect route changes you the downstream provider path to multiple endpoint IP’s. Additionally the log-file is compressed using XZ tools so you do not have to worry about the logs growing to an unmanageable size very quickly.

#!/bin/bash
## Crontab Example: @hourly /opt/mtreport.sh -p
 
HOSTS="10.100.100.43 192.168.3.4 172.16.16.10"
LOGFILE="/srv/mtreport.log.xz"
 
# FUNCTION: End Script if error.
DIE() {
 echo "ERROR: Validate \"$_\" is installed and working on your system."
 exit 0
}
 
MTRRUN() {
 /usr/sbin/mtr --report --report-cycles 1 --raw --no-dns $HOST |\
  awk 'NR%2==1 {printf  " "$NF;} NR%2==0 {printf "|"$NF/1000;}'
}
 
# Validate script requirements are meet.
type -p /usr/sbin/mtr > /dev/null || DIE
 
if [ "$1" == "-p" ]; then
 
 # Main Loop.
 for HOST in $HOSTS
  do echo "$(date +%s)$(MTRRUN)" | xz -9 -c >> "$LOGFILE"
 done
 
elif [ ! -z "$1" ]; then
 
 xzgrep "$1" "$LOGFILE" | while read LINE
  do ARRAY=( $LINE )
 
   ## Show the Timestamp ##
   echo; date -d @${ARRAY[0]} +'%Y/%m/%d_%H:%M:%S'
   ARRAY=("${ARRAY[@]:1}") # Drop the timestamp array element
 
   ## Itirate through hops ##
   for HOP in "${ARRAY[@]}"
    do [ -z "$COUNT" ] && { COUNT=0; }
     echo "$COUNT|$HOP ms"
     let COUNT++ # Increment Hop Count
    done | column -ts\|
   done
 
else
 
 echo "Poll --> $0: -p"
 echo "View --> $0: x.x.x.x"
 
fi
28. December 2015 · Comments Off on Config example of a Cisco router as a DNS server/forwarder. · Categories: Cisco, Networking · Tags: , , ,

For a quick and dirty DNS server you can configure a Cisco router. In the following config snippet I have configured a router as a DNS forwarder. Any ip host statements entered in the router will be resolvable by the clients.

!!! Host statements will be resolvable by clients !!!
ip host rtr.SITE.LAN     192.168.0.1
ip host gi0-0-0.SITE.WAN 10.0.0.254
ip host gi0-0-1.SITE.LAN 192.168.0.1
ip host servera.SITE.LAN 192.168.0.10
ip host serverb.SITE.LAN 192.168.0.11
ip host serverc.SITE.LAN 192.168.0.12
ip host serverd.SITE.LAN 192.168.0.13
ip host servere.SITE.LAN 192.168.0.14
 
!!! ACL to limit who can query the DNS server service !!!
ip access-list standard RFC1918-dns
 permit 10.0.0.0 0.255.255.255
 permit 172.16.0.0 0.15.255.255
 permit 192.168.0.0 0.0.255.255
 
!!! DNS name-list is used to control what zones/hosts can be queried !!!
ip dns name-list 1 permit .*
 
!!! Create a DNS view !!!
ip dns view default
 domain name-server 8.8.8.8
 domain name-server 8.8.4.4
 domain name SITE.LAN
 dns forwarding source-interface GigabitEthernet0/0/0
 
!!! Create a DNS view-list !!!
ip dns view-list LAN
 view default 1
  restrict source access-group RFC1918-dns
  restrict name-group 1
 
!!! Enable DNS server service and use the view-group !!!
ip dns server view-group LAN
ip dns server

If running an ISR g3 I recommend upgrading to at least 15.5(3)S1a.

28. December 2015 · Comments Off on Extract DNS Hostnames from rancid backups · Categories: Cisco, Linux, Linux Scripts · Tags: , , , ,
## To be ran from against rancid configs directory ##
# 1st loop greps and out all interfaces from the config.
# sed sterilizes the output, converts to lowercase and shorten interfaces names.
# 2nd loop prints the output and excludes uninteresting lines.
 
for CONFIG in ~rancid/rancid/configs/*
 do grep -e ^"interface" -e ^" ip address" $CONFIG 2> /dev/null |\
  tr -d '[:cntrl:]' | sed 's/interface /\n/g' | grep "ip address [1-9]" | awk '{print $1,$4}' |\
  sed 's/\(.*\)/\L\1/;s/vlan/vl/;s/loopback/lo/;s/gigabitethernet/gi/;s/fastethernet/fa/;s/port-channel/po/;s/tunnel/tu/;s/serialf/se/;s/dialer/di/' |\
  awk '{print "'$(basename $CONFIG)'",$0}'
 done | while read HOST INTERFACE ADDRESS
  do INTERFACE=`echo $INTERFACE | sed 's/\//-/g;s/\./-/g;s/:/-/g'`
   [ "$(host "$INTERFACE.$HOST" | awk '{print $NF}')" != "$ADDRESS" ] && { printf "ip host $INTERFACE.$HOST $ADDRESS\n"; }
 done
18. November 2015 · Comments Off on Bulk clean corrupted MySQL tables under Linux · Categories: Linux, Linux Admin

Recommend shutting down the MySQL running service: /etc/init.d/mysql stop

To scan all DB files for errors: myisamchk -s /var/lib/mysql/*/*.MYI

To fix a courted Database: myisamchk -r –update-state /var/lib/mysql/DIR/file.MYI

To automate the scanning and fixing of all DB files:

myisamchk -s /var/lib/mysql/*/*.MYI 2>&1 | grep ^MyISAM | awk ‘{print $2}’ | sed “s/’//g” | sort | uniq | while read DBFILE; do myisamchk -r –update-state $DBFILE; done