May 30, 2016

XKCD Comics

May 27, 2016

Network Design and Architecture

What is MP-BGP – Multiprotocol BGP

MP-BGP (Multiprotocol BGP) is an extensions to BGP protocol. Standard BGP only supports IPv4 unicast address family, whereas MP-BGP supports more than 15 different BGP address families. RFC4760 defines the extensions for BGP protocol and states that ” in order to bring extra functionality to BGP protocol, new BGP AFI (Address Family Identifier) and BGP SAFI […]

The post What is MP-BGP – Multiprotocol BGP appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

by admin at May 27, 2016 11:41 AM

XKCD Comics

May 26, 2016

My Etherealmind

DELL OS10 – FIB Optimisation

Dell OS10 is an open network operating system ounces its open network operating system(NOS) called OS10. Here are my thoughts and reactions. Operating System OS10 is a open source linux for networking devices. The base operating system has limited features in the same way that Windows or Linux on x86 has limited features. You can purchase […]

The post DELL OS10 – FIB Optimisation appeared first on EtherealMind.

by Greg Ferro at May 26, 2016 09:47 PM

Useful Tools for Firewall Rules Checking

This app looks useful for testing firewall rules after they have been applied

The post Useful Tools for Firewall Rules Checking appeared first on EtherealMind.

by Greg Ferro at May 26, 2016 05:11 PM

Networker's Online

TCP Protocol: Three-way Handshake

We all know by now that the basic function of the TCP protocol is to send a stream of bytes that has no shape or fixed size over a network reliably to a receiver. We all also know that reliable delivery involves building a connection between two end-hosts, and this will be the first step that …

The post TCP Protocol: Three-way Handshake appeared first on Networkers-online.com.

by Mohamed Kamal at May 26, 2016 01:17 PM

Potaroo blog

DNS Privacy

The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a common means of implementing various forms of content access control. But all this is poised to change. Now that the Snowden files have sensitized us to the level of such activities, we have become acutely aware that many of our tools are just way too trusting, way too chatty, and way too easily subverted. First and foremost in this collection of vulnerable tools is the Domain Name System.

May 26, 2016 12:00 PM

May 25, 2016

Network Design and Architecture

BGP Next-Hop Behaviour in IP and MPLS Networks

One of my CCDE bootcamp students asked a question about next hop in MPLS VPN network. So, I would be very pleased to explain the BGP next hop behaviour both in IP and MPLS network in this post. Let’s start with this IP network shown below (Figure-1). Figure-1 IBGP Next Hop handling in IP networks In […]

The post BGP Next-Hop Behaviour in IP and MPLS Networks appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

by Orhan Ergun at May 25, 2016 12:51 PM

XKCD Comics

May 24, 2016

My Etherealmind

Response: Fibre Optic Multi-Core per Core Is Exciting

This article has opened my eyes to a future where a single fibre cable can have multiple cores. The future of Ethernet is yet to be determined as the IEEE community fights over whose technology patents will be used so that revenue from FRAND licensing can justify their own positions. So while we wait for […]

The post Response: Fibre Optic Multi-Core per Core Is Exciting appeared first on EtherealMind.

by Greg Ferro at May 24, 2016 10:51 AM

May 23, 2016

Networking Now (Juniper Blog)

More on Ransomware

mischa_animated.gif

2016 is shaping up to be the year of ransomware. In addition to Locky, we’ve seen TeslaCrypt, 7ev3n, 7ev3n-HONE$T, a failed Locky clone, Petya, Rokku, Jigsaw, and many more. Hospitals and medical centers have been hit by ransomware, including the SamSam variant that targets vulnerable JBoss servers. In this post, we’ll look at some recent ransomware samples and how Sky ATP handles these threats.

by AsherLangton at May 23, 2016 11:06 PM

My Etherealmind

Blessay: Proof of Concept Testing Should Never Happen

Its “best practice” to assume that IT vendor products are faulty, have serious bugs and will fail in normal operation at anytime.

The post Blessay: Proof of Concept Testing Should Never Happen appeared first on EtherealMind.

by Greg Ferro at May 23, 2016 06:45 PM

Network Design and Architecture

EIGRP Feasible Successor

One of the advantages of EIGRP Feasible Successor is that it speeds up the EIGRP. In fact, if there is a Feasible Successor in the EIGRP network, such network converges faster than OSPF or IS-IS. But what is EIGRP Feasible Successor and how can we find EIGRP Feasible Successor? Or, if there is EIGRP Feasible […]

The post EIGRP Feasible Successor appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

by Orhan Ergun at May 23, 2016 12:50 PM

XKCD Comics

May 21, 2016

Network Design and Architecture

PIM Sparse Mode Vs PIM SSM

One of my students asked me this question a month ago. “What is the difference between PIM Sparse Mode and PIM SSM (Source Specific Multicast)?” But, since I had two CCDE bootcamps in one month, I didn’t have time to answer the question on this platform. By the way I have seen this mis understanding […]

The post PIM Sparse Mode Vs PIM SSM appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

by Orhan Ergun at May 21, 2016 10:22 AM

May 20, 2016

Network Design and Architecture

What is VLAN Load Balancing?

In layer 2 switching, the Ethernet frames should be received from the same port where it was sent, otherwise layer 2 switching or switching loop occurs. Let me explain this concept with the topology depicted below (Figure -1). . Figure -1 VLAN load balancing In the above figure, either Port 1 or Port2 is used […]

The post What is VLAN Load Balancing? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

by Orhan Ergun at May 20, 2016 09:20 AM

My Etherealmind

Cisco Nexus 6000 is EOL

Cisco has killed the Nexus 6000 product line and you have 12 months to get your last orders in. This is long overdue. I’ve never understood why Cisco has so many different different Ethernet switch products that are effectively identical. The impact of merchant silicon and the success of the Nexus 9000 product overshadowed this […]

The post Cisco Nexus 6000 is EOL appeared first on EtherealMind.

by Greg Ferro at May 20, 2016 09:19 AM

Networking Now (Juniper Blog)

“Indistinguishability Obfuscation” And Malware Detection

random.png

 

Recent breakthroughs in cryptography, widely reported on in the media showed that it is possible to reassemble any given program into a mathematical jigsaw puzzle so complicated that, although it functions identically to the original, divining its purpose without running it is effectively impossible. We’ll look at the security implications of these findings.

by rsinayev at May 20, 2016 07:25 AM

XKCD Comics

May 19, 2016

Internetwork Expert Blog

Congrats to Neil Moore – **NINE TIME** CCIE & CCDE!

Congratulations to Neil Moore on passing the CCDE Practical Exam this week, and becoming a NONTUPLE (9x) CCIE & CCDE!

Neil was a student in both my CCIE Data Center Bootcamp and CCDE Bootcamp within the past few years, and is truly an inspiration to us all. Neil’s brother Kelly is also a CCIE in Data Center. Neil likes to introduce himself and his brother to people at Cisco Live that they have 9 CCIEs between the two of them! ;) This year Neil gets to bump that up to 10 CCIEs and CCDE between the two of them!

Neil for sure will win the longest badge this year at Cisco Live 2016 Las Vegas!

Neil currently works for VMWare as an NSX Systems Engineer, is a VMware Certified Implementation Expert — Network Virtualization (VCIX-NV), and has plans to pursue the VMware Certified Design Expert (VCDX).

Congrats Neil!

by Brian McGahan, CCIE #8593, CCDE #2013::13 at May 19, 2016 02:47 PM

Network Design and Architecture

What is DFZ (Default Free Zone)?

In the context of the Internet and BGP routing, DFZ – commonly known as Default Free Zone – refers to the collections of all the public IPv4 BGP prefixes without default route on the global Internet. Most of the time, you hear full-route or full-Internet-route terms which are the same with Default Free Zone term. Having all BGP routes, […]

The post What is DFZ (Default Free Zone)? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

by Orhan Ergun at May 19, 2016 12:51 PM