DMVPN Best Tutorial

DMVPN stands for Dynamic Multipoint VPN and it is an effective solution for dynamic secure overlay networks. In short, DMVPN is combination of the following technologies:

1) Multipoint GRE (mGRE)
2) Next-Hop Resolution Protocol (NHRP)
4) Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)
3) Dynamic IPsec encryption
5) Cisco Express Forwarding (CEF)

Ref: -> http://blog.ine.com/2008/08/02/dmvpn-explained/

EIGRP Load balancing without using variance

First of all, the variance command assigns a multiplier that says when two routes are “close enough” to load balance. Normally, when presented with a route of metric 100 and one of metric 200, routing protocols will choose the former and ignore the latter. With “variance 2″, both routes will be considered equal and make it to the routing table. Depending on the setting of “traffic-share”, the routes will be used proportionally to their metrics. How Does Unequal Cost Path Load Balancing (Variance) Work in IGRP and EIGRP? describes it in detail.

http://ccnprecertification.com/2005/09/16/eigrp-load-balancing-without-using-variance

Default network - How to configure?

Use the ip default-gateway command when ip routing is disabled on a Cisco router. Use the ip default-network and ip route 0.0.0.0 0.0.0.0 commands to set the gateway of last resort on Cisco routers that have ip routing enabled. The way in which routing protocols propagate the default route information varies for each protocol.

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094374.shtml#ipnetwork
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094a74.shtml

Switching - some key points.

While starting troubleshooting, following commands make life easier,

logging synchronous
no exec-timeout
no ip domain-lookup

Never use vlan 1 for client traffic or management purpose.
VTP is essentially a replication protocol for VLAN data.
Etherchannels are L2 and L3. For L3 issue no switchport command in port channel.

int range x-y
 channel-group 1 mode on
show etherchannel
int port-channel1
 no switchport.

System and method for determining FTE of integrated network and security operations helpdesk

Network and security operations helpdesk performs incident and problem management for IT components of any enterprise. It includes managing IP (internet protocol) traffic flow management (routing, switching and quality of services implementation), device monitoring (routers, switches, firewalls, intrusion detection systems, and traffic shaping modules/devices.) and security policies (firewall policies, security signatures, routing etc.) management for complete enterprise network. To achieve a 24*7 management, the operation is managed using a helpdesk approach. The document illustrates the system with layered approach of analyzing the tasks performed at helpdesk and method to calculate FTE (Full time equivalence) for the tasks performed at helpdesk.