Wireless Iperf Graphing – Part Two

Posted on December 28th, 2013 in PHP, Ubiquiti, Wireless | No Comments »

After dusting off the old source for my previous post, I started realizing one of the main limitations to Ubiquiperf — the results aren’t displayed real-time.  If they were, one could easily move radios around and see the impact almost instantly. This got me thinking, and not having worked in Java for a while I knew what to do: Fork JPerf and get to work:

Announcing: UbiquiJPerf

Announcing: UbiquiJPerf

It’s got a long way to go, and comments/suggestions are always welcome. Source (including a pre-compiled .jar) are available at github.

Wireless Iperf Graphing

Posted on December 15th, 2013 in PHP, Ubiquiti, What?!, Wireless | No Comments »

About a year ago, we were doing some wireless throughput/interference testing at the office  to acclamate ourselves to the wireless world. Most importantly, we were trying to answer the question “Why can’t I just lease a 10 foot section on a tower and  install a zillion radios there?”

Despite having a handful of BCP design documents at hand, as well as input from established and respected members of the wireless community, the question kept seeming to pop up. So how does one present a worthwhile answer?

My solution was to build a small section of a tower leg on our back lot using a non-penetrating roof mount, 2 Ubiquiti Rocket M5 90 5G-20-90 degree sectors (mounted 90 degrees from each other, without shielding), 2 Nanostion M5 CPE’s, 4 laptops, and a couple of inverters and car batteries to power 2 of the laptops (the other 2 were run off extension cables).  The two laptops connected at the Access Point side ran as Iperf servers, each laptop ran as a client.

UbiquiperfLayout

Plug this in here, that in over there, and this cable.. here.

The thought was to grab Iperf and AirOS datapoints at every couple of seconds  and see “what happens when I do this?” “THIS ” generally entailed doing something BCPs warned against doing.

To gather the Iperf data and AirOS statistics, I put together a quick script i called “Ubiquiperf“. Basically it polls an iperf test every second, pulls the stats off the radio (Capacity, Quality, RSSI, etc) , generates a CSV file of all the data, and finally creates a graph using the jpgraph PHP libraries.

Due to weather conditions our testing was cut short and our initial results had a simple problem: we needed to turn the transmit power down on all the radios.

For a baseline, we performed a quick throughput test one at a time, where each Access Point operating on the same frequency could perform at about 85Mbps:

ap1-test1

AP1 Baseline

ap2-test1

AP2 Baseline

So what happens if I perform the same throughput test on both units but at the exact same time, over a longer duration?

ap1-test2

AP1 concurrent iperf test

ap2-test2

AP2 concurrent iperf

Well, it obviously cut off about 20Mbps from the first access point. Of course, the power on the radios really needs to be turned down so this test is unfortunately not worth much. We’ll be doing additional testing in the near future, and hope to have meaningful results that include mounts with and without RF Armor, Titanium model equipment, etc. I’ll publish our results when I can.

In the meantime, feel free to play with it yourself. Full PHP source is available on GitHub.

Cisco Switch and Route Completed!

Posted on December 2nd, 2013 in What?! | 4 Comments »

I recently took my CCNP Switch Exam (642-813), passing on my first attempt. While I mostly used GNS3/dynamips to simulate routers for my CCNP Route Exam (642-902), I actually put together physical hardware for the Switch Exam. My switch lab consists of a Cyclades ACS48 terminal server, an APC 7900 switched PDU, 3 Cisco 3550-EMI multilayer switches, a 24 port patch panel, a Cisco SPA942 IP phone, and 2 ZNYX PCI 4-port ethernet cards for my desktop (for a combined 8 NICs dedicated to virtualization).

SwitchLab0

8 strands of cat5e can fit in a 3/4″ conduit, but it’s a tight fit

Initially I had thought there were no emulators for Cisco switches, but upon news that GNS3 would be supporting switching in their upcoming 1.0 release, I started digging. Apparently it’s a well established fact that Cisco switching can indeed be emulated and there are leaked binaries compiled for Linux for a handful of layer 2 IOS images. Hewlett Packard also has a 64-bit VM emulator for their VSR1000 Virtual Services Router Series.

 

GNS3 CrowdHoster

I think it’s safe to say GNS3′s fundraising will be successful when it ends.

 

While IOU is nice to work with, there are a number of bugs in the images. First of all, while you can configure private VLAN’s, they don’t appear to work (and they’re not supported on my physical 3550′s). Testing dynamic arp inspection in the following images also doesn’t seem to work:

  • i86bi_linuxl2-upk9-ms-15.0.bin
  • i86bi_linuxl2-ipbasek9-ms-15.1B.bin
  • i86bi_linuxl2-ipbasek9-ms-15.1A.bin
  • i86bi_linuxl2-upk9-ms-12.2.bin

The utility iou2net (which is used to connect the unix socket to physical hardware) is sometimes wonky,  sending unidirectional traffic much of the time.  So for my exam, I stuck mostly with my physical hardware for switching, emulated routers via dynamips (in GNS3), and hosts spawned by VirtualBox Manager (to make moving them around to different switchports easier).

VirtualBoxNICs

Lots ‘o NICs and Bridge Interfaces

I’m connecting my emulated routers to my physical switches and virtual machines using GNS3′s Generic NIO ethernet interface. Of course, my physical setup isn’t without it’s own issues – the tulip drivers (or my motherboard) appear to have occassional complications, flooding the kernel ring buffer with annoying “slowpath” messages and also preventing traffic. Kernel upgrades haven’t resolved the problem (there were some fixes between kernel 3.9.11 and 3.10.1, but they don’t appear to resolve my issues). Thankfully bouncing the problematic ports will fix the issue.

[2842987.323263] Call Trace:
[2842987.323268]  [<c0455341>] dump_stack+0×16/0×18
[2842987.323272]  [<c012796c>] warn_slowpath_common+0×48/0x5f
[2842987.323275]  [<c013284b>] ? del_timer_sync+0x2b/0x3d
[2842987.323277]  [<c0127992>] warn_slowpath_null+0xf/0×13
[2842987.323280]  [<c013284b>] del_timer_sync+0x2b/0x3d
[2842987.323284]  [<f8606ace>] t21142_lnk_change+0×331/0×507 [tulip]
[2842987.323294]  [<f86021e4>] tulip_interrupt+0x5d0/0×784 [tulip]
[2842987.323298]  [<c015c538>] ? clockevents_program_event+0xe5/0×103
[2842987.323302]  [<c0176516>] handle_irq_event_percpu+0x4d/0×158
[2842987.323305]  [<c0176647>] handle_irq_event+0×26/0x3f
[2842987.323307]  [<c01785fa>] handle_fasteoi_irq+0×63/0x8b
[2842987.323310]  [<c0102862>] handle_irq+0×67/0×71
[2842987.323313]  [<c01024ce>] do_IRQ+0×35/0x8e
[2842987.323317]  [<c045deec>] common_interrupt+0x2c/0×31
[2842987.323319] —[ end trace 80bd835791c79500 ]—

 

For studying, I worked off Chris Bryant’s really solid Bryant Advantage lectures, the official certification guide, and labwork, labwork, labwork. To play with some of the layer 2 and 3 protocols outside of IOS, I put together a small TinyCore LiveCD [gpg] that includes yersinia, hping2, scapy, and tcpdump. (I’ve packaged yersinia separately if anyone would like it here).

TinyCore Yersinia

Versions Prior to 0.7.3 can be problematic and hang in VM environments

I find it’s extremely helpful to see traffic in action and having 8 NICs helps to facilitate that. While you can easily sniff HSRP, VRRP, and GLBP traffic inside GNS3, seeing VTP and DTP frames can be accomplished by creating bridge interfaces on my desktop OS and using the patch-panel to place myself in the middle of switch-to-switch connections.

The exam itself was pretty typical. I find the simulations to be fun although I’m surprised at how bad the Cisco interpreter is. At one point I had placed a VACL on the wrong piece of equipment, went to remove it and place it on the correct switch but couldn’t remove it on the original switch. Trying every variation of “no” proved fruitless, and in the end I’m sure I lost points due to that mistake. What’s annoying is that I tried to correct it. Thankfully, I’m not alone and a LOT of people complain about the interpreter.

If you’re studying for the exam, here are my pieces of advice:

  • You’re paying to take the exam, so get the best grade possible. That means study, study, study.
  • Find a good practice exam engine (like Boson’s ExSim) and take a bunch of practice exams. You’ll find out what you don’t know, then lab, lab, lab.
  • Take some time off work to study if you can. I dedicated 12 hours a day 5 days (over a long weekend) before the exam to studying. Was it excessive, definitely, but there’s no harm in being over prepared (you’re paying to take the exam, work your hardest).
  • If you truly know the material, you know the wrong answers sometimes more clearly than you know the right ones. Always remove the wrong answers from your available options while taking the exam. “No, GLBP uses UDP port 3222 so that answer isn’t for HSRP”
  • Even when you’re absolutely certain of the right answer, read all of the answers before going to the next question. On multiple choice questions, I typically say in my head “No that’s not it, that’s it, that’s not it, that’s not it. Second answer is correct”.
  • Double check your work on the simulations before going to the next question. Make sure you do everything and completely, and test your configurations.
  • Lab work means breaking things. Don’t just configure a working protocol, purposely misconfigure the protocol. Make sure you see the nuances that no book will dedicate the column inches to detailing.
  • Look over the exam topics. I didn’t realize they existed until after I took my CCNA and the CCNP Route and Switch exams, and it really led to a lot of unnecessary anxiety (“What’s on this exam, do I know everything???? HELP!”)

So now, I’m in the process of studying for my final CCNP exam – the TSHOOT. Wish me luck!

GNS3 Crowdfunder

Posted on November 23rd, 2013 in GNS3 | No Comments »

GNS3 - this thing rocks.

GNS3 – this thing rocks.

If you’ve not had the chance to contribute to the GNS3 crowdfunding event, I strongly encourage you to do so. The GNS3 team is working on version 1.o, and as you’ll see on their features list, they’ll be integrating a handful of exciting new features into the GUI — including switching support (ala Cisco IOU I’m hearing).

I woke up at 2am this past Wednesday to get in on the early-bird Premium package, and as of now there’s under 100 left. They met their fundraising goal within 24 hours but why not contribute to some really good FOSS.