Monday, December 13, 2010

DMVPN Best Tutorial

DMVPN stands for Dynamic Multipoint VPN and it is an effective solution for dynamic secure overlay networks. In short, DMVPN is combination of the following technologies:
1) Multipoint GRE (mGRE)
2) Next-Hop Resolution Protocol (NHRP)
4) Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)
3) Dynamic IPsec encryption
5) Cisco Express Forwarding (CEF)
Ref: -> http://blog.ine.com/2008/08/02/dmvpn-explained/

Posted by at No comments:

Friday, December 10, 2010

EIGRP Load balancing without using variance

First of all, the variance command assigns a multiplier that says when two routes are “close enough” to load balance. Normally, when presented with a route of metric 100 and one of metric 200, routing protocols will choose the former and ignore the latter. With “variance 2″, both routes will be considered equal and make it to the routing table. Depending on the setting of “traffic-share”, the routes will be used proportionally to their metrics. How Does Unequal Cost Path Load Balancing (Variance) Work in IGRP and EIGRP? describes it in detail.

http://ccnprecertification.com/2005/09/16/eigrp-load-balancing-without-using-variance
Posted by at No comments:

Wednesday, March 3, 2010

Default network - How to configure?

Use the ip default-gateway command when ip routing is disabled on a Cisco router. Use the ip default-network and ip route 0.0.0.0 0.0.0.0 commands to set the gateway of last resort on Cisco routers that have ip routing enabled. The way in which routing protocols propagate the default route information varies for each protocol.

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094374.shtml#ipnetwork
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094a74.shtml





Posted by at No comments:

Saturday, February 27, 2010

Switching - some key points.

While starting troubleshooting, following commands make life easier,

logging synchronous
no exec-timeout
no ip domain-lookup

Never use vlan 1 for client traffic or management purpose.
VTP is essentially a replication protocol for VLAN data.
Etherchannels are L2 and L3. For L3 issue no switchport command in port channel.

int range x-y
 channel-group 1 mode on
show etherchannel
int port-channel1
 no switchport.
Posted by at No comments:

Sunday, February 21, 2010

System and method for determining FTE of integrated network and security operations helpdesk

Network and security operations helpdesk performs incident and problem management for IT components of any enterprise. It includes managing IP (internet protocol) traffic flow management (routing, switching and quality of services implementation), device monitoring (routers, switches, firewalls, intrusion detection systems, and traffic shaping modules/devices.) and security policies (firewall policies, security signatures, routing etc.) management for complete enterprise network. To achieve a 24*7 management, the operation is managed using a helpdesk approach. The document illustrates the system with layered approach of analyzing the tasks performed at helpdesk and method to calculate FTE (Full time equivalence) for the tasks performed at helpdesk.
Posted by at No comments:

The “Lean” way of resolving application performance issues on network layer

In general there are two types of incident for network issues. These fall in the category of outage incidents and performance incidents. Troubleshooting outage incidents in datacenter is quite straightforward. When it comes to analyze performance incidents, things become quite tricky. Generally network team’s opinion on most incidents is based on ping and traceroute results. However these two tools are not of much use in figuring out the performance related issues. Imagine a situation when you are called by application team. One major application behavior has just got aberrant in last 24 hours. Transactions are getting failed and they have given a bulky application layer log with errors. This issue calls for a detailed analysis of TCP transactions. Ping and trace can only reflect the issues with latency or any node’s outage. What is the best way to start?
Posted by at No comments:

Wednesday, January 6, 2010

How to SPAN ACE port for ethereal?

Instructions for spanning the ACE Tengig port.

Let's say your ACE is in slot 3. It's backplane interface would then be Te3/1. You then use the monitor command to configure the source (SPAN) port to this interface.

monitor session 1 source interface TenGigabitEthernet 3/1 both
monitor session 1 destination interface GigabitEthernet x/y

Configure the destination (SPAN) port as a trunk port so that the VLAN IDs will be preserved:

interface Gix/y
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
Posted by at No comments:
Labels:

Wireshark tool

Playing with ethereal captures is a lot fun. Sometimes major issues are cracked with the help of tcp dumps analyzing tools.

http://wiki.wireshark.org/DisplayFilters
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)