Tag Archives: CiscoIOS

Role Based Access Control in IOS

I don’t believe this is well known: Cisco IOS has Role Based Access Control (RBAC) which can be used to create and assign different levels of privileged access to the device. Without RBAC there are two access levels in IOS: a read-only mode with limited access to commands and no ability to modify the running config (also called privilege level 1) and enable mode with full administrative access. There is no middle ground; it’s all or nothing. RBAC allows creation of access levels somewhere between nothing and everything. A common use case is creating a role for the first line NOC analyst which might allow them to view the running config, configure interfaces, and configure named access-lists. Continue reading Role Based Access Control in IOS

What the *, traceroute?

If you’ve ever done a traceroute from one IOS box to another, you’ve undoubtedly seen output like this:

R8# traceroute 192.168.100.7
Tracing the route to 192.168.100.7
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.0.1 4 msec 3 msec 4 msec
  2 192.168.100.7 4 msec *  0 msec

That “msec * msec” output. Why is the middle packet always lost?? And why only on the last hop?? Continue reading What the *, traceroute?

IOS and NX-OS Platform Identifiers

I was preparing a presentation the other day about the high level differences between IOS, IOS-XE and NX-OS and one of the things I included in the presentation was the various platform and branch identifiers that’s used in each OS. It’s just a bit of trivia that I thought would be interesting and might come in handy one day. I’m posting the information I collected below so everyone can reference it.

Continue reading IOS and NX-OS Platform Identifiers