Networking & Security
There is a group of protocols that you gonna find on the point of contact of LAN, SAN and Data Center, namely : Ethernet, iSCSI, Fibre Channel or FCoE. Some vendors push one of them over the others, but knowing what they are, how do they work and were are placed in network infrastructure is crucial.
The most of attacks on LAN are carrying out, surprisingly from inside (directly or via VPN). It means, that person who my be responsible for break-in may belong to the circle of trusted people or may use access to network resources thanks to one of trusted people. Anyway, if you are network administrator the major rule…
There are 2 kinds of VPN IPSEC tunnels : Policy Based which is based on “crypto maps” and implementation them on the physical interfaces and Route Based which is based on virtual interfaces (tunnel interfaces). In this article I will talk them over, show how to implement them, when we may to pick up particular…
Border Gateway Protocol has two features which enable improving scalability. Thanks to them BGP AS domain with a lots of routers will be working more efficient and seamlessly. They are similar to each other and because of that, they are very often confused. But first, in order to understand RR and Confederations we have to…
FHRP mitigates negative consequences of the failures of switches or routers, provides redundancy, load balancing and even simple traffic shaping. Last one of them, GLBP has been invented around 10 years ago, HSRP and VRRP in 90s. FHRPs are strongly linked with STP protocol. That pair of protocols can be troublesome to implement. How Spanning Tree…
VPN tunnel with deployed IPSec is the best solution in a view of low cost for small companies with at most a few branches. If you can’t afford to deploy VPLS (Virtual Private Lan Service) due to the budget or lack of MPLS infrastructure, VPN and IPSec will come forward to you. Low cost, simplicity (after all),…
If you are planning to build a campus network, there are a few rules and schemes which you have to grab hold of, if your network should function efficiently, faultlessly and if has to be scalable. There are no RFC documents about that, but there is Top Down methodology and best practice which can be used.
One of the most crucial skill in networking is calculating network address and usable network space based on given IP address and prefix only. These actions are also known as reverse engineering and if you won’t get to know this “networking nursery” don’t dream about dealing with computer networks seriously. Applying binary system is cumbersome and very…
Cisco Express Forwarding (CEF) the technology which has been invented by Cisco omitted layer 3 in order to accelerate packets switching. It has increased significantly the efficiency and speed of packets forwarding, but there was a problem because CEF is Cisco proprietary and has worked only with Cisco devices. Then MPLS has been invented as an…
In both routing protocols OSPF and EIGRP route summarization and default route propagation are crucial, especially if you have complex network with a lot of prefixes. Properly implemented summarization can save a lot of router resources. Let’s check how to implement both features and what is “mystery” null0 interface involved in summarization.
The traffic control systems, besides a security function realize the following functions: traffic filtering, bandwidth limitation, collecting information about traffic characteristic. Each of mentioned device in the title, perform similar task but work in different way. Deployment one of them depends on network size, efficiency, utilized solutions (i.e remote access). They may work on different OSI layers and…
Both OSI model and TCP/IP stack (they roles partly overlap themselves) describe standards and framework of network communication. If they didn’t exist communication between network appliances of different vendors wouldn’t be possible. On the other words, 7 Layers of OSI model enable protocols being visible to each other. But what exactly those protocols and layers are? What exactly happens…
Enhanced Interior Gateway Routing Protocol (EIGRP) is considered deprecated routing protocol. In my opinion unfairly. Despite EIGRP is distance vector protocol (or rather hybrid protocol) is still being utilized in small and medium networks. Reliability and efficiency in connection with simplicity of deployment make EIGRP still worth of considering routing protocol, especially, that has DUAL algorithm .
Sooner or later every expanding network has to be divided onto broadcast domains. There are a few reasons why it should have been done, for example to separate broadcast storms, to sort out logical networks accordingly with employees functions or in order to implement higher level of security (Vlan access lists). So, how to separate…