Worldwide Locations
107 Results Found
As I’ve stated before, I like Border Gateway Protocol (BGP). I think it’s an interesting protocol, and yes — it’s complicated, but I guess that part of why I like it. There are a lot of knobs to tweak in BGP, maybe too many, but that’s another post. Anyway, we are now running BGP version 4 and it has had extensions written that support more than just IPv4 unicast routing. We now have IPv4 multicast, IPv6 unicast and multicast, VPNv4, VPNv6, and a few others.
For smaller companies, configuring a dial plan to account for variations in dialed numbers is often not a problem. However, companies that are larger and more global in nature encounter a number of issues when designing their dial plan approach.
In this post I’ll focus on a topic that’s mentioned in the Cisco FIREWALL training class but isn’t emphasized there or in the online Cisco ASA documentation. When configuring failover on a pair of ASA security appliances, a situation can arise in which network disruption occurs due to the secondary ASA in a failover pair becoming active first and then the primary comes online second. Both the documentation and the courseware point out that this causes the secondary (and active ASA) to swap its interface MAC addresses with those of the primary. Being naturally skeptical about this behavior, I decided to investigate. The rest of this post illustrates my confirmation of this phenomenon.
RIP is a protocol that is used for routing IP networks. It was designed in the early 1980’s for communication between gateways (computers with two NIC’s). It is the oldest routing protocol used by the network industry and is considered by many to be inefficient or bo...
As is frequently the case these days, I get a brainstorm for an article during a Cisco Security training class I conduct. This summer I taught the Securing Networks with ASA Fundamentals class, which concentrates heavily on the Adaptive Security Device Manager (ASDM)...
As is sometimes the case, the idea for this article originated with a student question I received during one of the Securing Networks with ASA Fundamentals classes I have taught this summer. The course material mentions a simple scenario whereby IP Telephony traffic...
I recently was presented with the challenge of logging ALL of the pertinent connection, disconnection, and termination messages associated with the Cisco SSL AnyConnect client without overwhelming the syslog capture display with extraneous messages. This blog will br...
The subject of this week’s post was actually prompted by a question from a former colleague. Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...
What is Network Time Protocol (NTP)? Well, it’s a network protocol used to synchronize clocks between computing systems over a packet switched network. It’s been around since the mid-1980s and was developed by David Mills at the University of Delaware; it is one of the oldest protocols still around on the Internet. NTP replaced other time synchronization technologies that didn’t have some capabilities to adjust time based on location of the time source or time server relative to the receiver or adjusting to the variation of delay found on typical data networks.
When sending data end-to-end through a network, routers are used in internetworking to create a virtual network from one device to another, either locally or globally. Routers are configured to operate with most common network protocols. That means they know the form...