Currently viewing the category: "Routing and Switching"

RIPv2 MD5 authentication – routing trick

By On September 30, 2011 · 5 Comments

I must admit that the following example is more a CCIE exam topic and not a solution that you would add in real network environments.

Let’s assume that we have the following topology:

The Loopback interfaces are there to have some networks which we will advertise into RIPv2. The request for this topic is to have RIPv2 MD5 authentication in place, Router1 to receive all routes from Router2, but Router2 will not have any prefixes in routing table from [...]

Continue Reading

InterVLAN routing using Private VLANs

By On September 23, 2011 · 3 Comments

Private VLANs  is one possible solutions for service providers to offer secure connections to their customers and avoid inter-vlan communication in the same switched environment.

I’m sure that you heard (and most probably practice already) InterVLAN routing. When it comes to Private VLANs the routing part may be a bit tricky. Keep in mind that this is not something that I would recommend to use as a standard in a productive environment, but for things like Cisco exams (e.g. CCIE R&S) or last resort solution, [...]

Continue Reading

Draw network diagrams online (with Cisco stencils)

By On September 17, 2011 · 1 Comment

I’m a Mac and Linux user and if you are like me, then you have the same problems drawing network diagrams. Microsoft Visio does not have a version for this platforms. I’m not saying that there are no alternatives to Visio on Mac or Linux platform, but most of them are either limited in features, expensive or need some tricks to use it (as I described in one of my early post).

Finally I’ve found [...]

Continue Reading

Cisco Easy VPN Router-to-Router

By On September 16, 2011 · 1 Comment

Cisco Easy VPN is not a new technology. Actually it is pretty old, but still used by many companies or people to connect remote site / remote workers to headquarter.

A few days ago I was looking to connect a remote site in a simple way but still secure and a colleagues suggested me to use Easy VPN. It supposed to be a simple configuration and it was after solving all issues that came into play.

First of all, I needed an Easy VPN Router(client) [...]

Continue Reading

Interface software loop

By On August 30, 2011 · 2 Comments

If you ever worked in an environment where you have to deal with leased / dedicated lines provider by your SP (service provider) then you know that whenever it’s a problem on the line they request, if possible, to put a loop on the line from one end toward the other end, so they can do some measurements. Usually from my experience with SP, this is a standard approach in case that they don’t know exactly what problem is with your line or where the [...]

Continue Reading

Cisco: Port-channel load-balancing explanation [Part II]

By On September 30, 2010 · Leave a Comment

As I promised in Part I of this article, here is the second part covering the port-channel load-balancing method explanation. If you didn’t know what I’m talking about, please be sure that you have read the first part of this article. Everything remains the same in this scenario. We have 3 physical interfaces bundled in one port-channel. Together with this port-channel we have some possible sources and destinations.

In this Part II, I will try to explain the remaining 6 methods [...]

Continue Reading

Cisco: How can MSS help to solve issues in VPN communication

By On September 3, 2010 · 2 Comments

Since a week, I’m stretching my brains to solve a communication problem over a VPN connection. The problem was that connections like SSH over VPN were not successfully completed. Imagine site A (Paris – remote end) and site B (Hamburg – local end).

In the back, of this sites, servers and clients. If somebody tried to connect from a client in site A over SSH to a server in site B, the initial authentication protocol was successful, but as soon as a [...]

Continue Reading

Cisco: Port-channel load-balancing explanation [Part I]

By On August 30, 2010 · 7 Comments

Port-channel (or etherchannel) is a great way to increase the transport capacity between 2 switches or between a switch and an end device that suport load balancing (e.g. server). Today I don’t want to focus on how the Port-channel are configured, but more on how they load-balance the traffic over the multiple interfaces included in a bundle.

To configure the port-channel load balance, you have to be in the config mode and issue:

port-channel load-balance method

or

port-channel load-balance method module slot

the method [...]

Continue Reading

Cisco: Speed vs Bandwidth interface command

By On August 3, 2010 · 2 Comments

It’s not uncommon to see people making mistake about the two interface commands speed and bandwidth. Most of the young engineers ( and not only ) assume that bandwidth and speed have the same meaning when applied under the interface and that purpose is to reduce the throughput of the interface up to the limit specified by bandwidth or speed.

Well this cannot be more wrong. The two commands are not doing at all throughput limitation and their scope is totally different. Let’s analyze them [...]

Continue Reading

Cisco: IP Policy Routing with IP SLA and EEM

By On May 31, 2010 · 6 Comments

Considering the same environment like in the post Cisco: Policy Routing with IP SLA, there is another way to achieve the same behavior using again IP SLA and EEM (Embedded Event Manager).

For those of you who are not so familiar with EEM please read http://www.cisco.com/en/US/products/ps6815/products_ios_protocol_group_home.html. You will find a nice explanation and some examples how to use EEM to achieve the desired result.

Now, going back to our example, please conside the same topology like in the previous [...]

Continue Reading