slideshow 1 slideshow 2 slideshow 3

Python-script for reverse DNS entries on BIND

Had a customer with a huge CPE-installation. I was tasked with IPv6 deployment (no sweat), but the customer needed reverseDNS on the CPEs for management. So manually entering PTR records into DNS (sweat) was bit of workload for the customer.

Since it was a BIND DNS (not impressed), and it was running on a FreeBSD (impressed). I opted for a quick Python script to make life easier..


import sys

Clean and rebuild ports. HOWTO

Seems this is the best way of doin' it.

SSH Pub-key auth on Cisco

Public Key SSH-auth on Cisco NativeIOS, IOS-XE and XR. Large bit keys

Trick here is to wrap the lines of you public SSH key. Since Bruce Schneier opted for 4096bit keys, I did'nt want to stand around with anything less.
But I found that entering large key-strings in IOS, the number of chars are being limited (254). Unless you wrap the lines using a Carrige Return CR. I use fold for this


cat ~/.ssh/ | fold -b -w 72

Clear lines using SNMP. Helpful when someone or something have grabbed all the VTYs on Cisco devices


use Getopt::Std;


$Version = "1.2";
if (index($0,"/") > -1) {
$ProgName = substr($0,rindex($0,"/")+1);
} else {
$ProgName = $0;

Bits, and bytes. Speed vs. Transfer-rate. Get it right.

I often get to talk to people, where terms like Mbit/s, Mbps, MByte/s flies around. And one thing that VERY often gets confused is when to use the different terms in the proper contexts.

Short explanation:
Bits per second (bps) - is what we use to define a transmission speed. It is based on the decimal numerical system.
Bytes per second (Bps) *Capital B - is used to defined the amount of data. It is based on the binary numerical system

Mass-config script for Cisco


# March 1. 2006
# Ver 1.0
# Mass config script for cisco
# By:

#nail down the binaries
DATO=`${DATE} +%Y%m%d`

# Define communication values

Minimum AP config for simple wireless

dot11 ssid MyNetwork
authentication open
authentication key-management wpa version 2
wpa-psk ascii kodeord123
interface Dot11Radio0
encryption mode ciphers aes-ccm
ssid MyNetwork
channel least-congested 2412 2437 2462
speed basic-12.0 18 24 36 48 54 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
No shut
interface Dot11Radio1
encryption mode ciphers aes-ccm
ssid MyNetwork
no dfs band block
channel dfs

OSPF auto-cost reference - Choose the right value.

Python script I made that generates a table over OSPF link costs for a given auto-reference:

# OSPF link cost tabel over OSPFs 16-bit boundery.

import sys

def calc_cost(refbw, bw):
cost = refbw/bw
tag = ""

if cost < 1:
cost = 1
tag = "(less than min)"

if cost > 65535:
cost = 65535
tag = "(greater than max)"

hops_24 = 16777215/cost
hops_32 = 4294967295/cost

return "%5i %20s hops @ 24-bit %10d hops @ 32-bit %10d" % (cost, tag, hops_24, hops_32)

IOS - Often used config

Config I often use

service nagle
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
service password-encryption
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
log config
record rc
logging enable
logging size 10
notify syslog contenttype plaintext
path flash:/BACKUP_CONFIG


int main(void)
int count;
for (count=1;count<=500;count++)
printf("I will NEVER again listen to TAC when telling me to ditch OSPF on FW again./n");
return 0;