180 Results Found
A Dynamic Multipoint Virtual Private Network (DMVPN) can be used with other networks like Multiprotocol Label Switching (MPLS), but streaming multicast is accomplished quite well using "Default" and "Data" Multicast Distribution Trees (MDTs) with MPLS.
Cisco Unified Computing Solution (UCS) is a very popular and powerful solution. Cisco continues to provide updated UCS management options for the full range of data center installations.
The first big push toward implementation of IPv6 was mobile devices. Now, one of the driving forces is the Internet of Things. As the name implies, this means everything, including machine to machine communication (M2M).
Like it or not, Internet of Things (IoT) is upon us. There are a number of factors that will impact its adoption rate, and the inevitable privacy (or lack of) discussions will likely happen sooner than later. This is going to change the world as we know it, in many cases for the better. But we will need to keep an eye on the extent to which it invades our personal lives if it is going to be the positive force it has the potential to be.
While there are differences between the IP Multicast configuration in the IOS and the Nexus OS, the Protocol Independent Multicast (PIM) protocol remains fundamentally the same. If you feel comfortable configuring Multicast in the IOS, you should be able to acclimate fairly easily to the changes in the Nexus OS.
Multicast Sparse Mode and its derivatives are supported in the Nexus OS. This white paper explains how it has been implemented in the Nexus platform to provide optimum performance in both virtual PortChannel and FabricPath environments.
Now that we are moving towards IPv6, the logical move would be to also run OSPF for that protocol suite, which makes sense and reduces the learning curve for implementation and support. But, that would mean that you have to run two OSPF processes — one for IPv4 unicast and one for IPv6 unicast. That means two sets of policies have to be applied, including security for OSPF itself. Running OSPFv3 for both IPv4 and IPv6 reduces the number routing protocols and the configuration that goes with that. It makes it easier to implement policy in a consistent way for both protocol suites.
What is PBR? Policy-Based Routin (PBR) is the process of using a route map to match on something more than the destination and then defining the path out of the router based on those conditions. PBR could match on destination only, but typically we would match on more. PBR is considered to be an exception to the RIB and is looked at before examining the RIB.
Cisco provides a wide array of connectivity and isolation tools within the datacenter. This white paper addresses Virtual Routing and Forwarding (VRF), which is a Layer 3 isolation mechanism for routing protocols.
As I’ve stated before, I like Border Gateway Protocol (BGP). I think it’s an interesting protocol, and yes — it’s complicated, but I guess that part of why I like it. There are a lot of knobs to tweak in BGP, maybe too many, but that’s another post. Anyway, we are now running BGP version 4 and it has had extensions written that support more than just IPv4 unicast routing. We now have IPv4 multicast, IPv6 unicast and multicast, VPNv4, VPNv6, and a few others.
Where should you apply the CSS, and why are there two places to apply it? One approach is to pick one of the parameters and apply the permissions there. Quite often, an administrator will pick the phone-level CSS and configure it there so that it applies to all calls made from all lines. The goal is to specify what partitions are allowed to be called.
For smaller companies, configuring a dial plan to account for variations in dialed numbers is often not a problem. However, companies that are larger and more global in nature encounter a number of issues when designing their dial plan approach.
Border Gateway Protocol (BGP) is a fascinating protocol because there are a lot of things that can be done with BGP. However, there has always been an issue with BGP, which is convergence (the time the network or protocol takes to accept change). BGP was designed for scale, not speed, so it’s something that we’ve had to tolerate from its inception.
License provisioning has always been a bit of a challenge in the CUCM environment. Prior to CUCM v9.0, licensing was managed on a per-cluster basis with each cluster requiring its own license files that were tied to the media access control (MAC) address of the cluster’s publisher. This approach to license management was limiting in the fact that one cluster might have unused licenses while another cluster may be at its limit and sharing between clusters was not possible.
Occasionally I am asked to configure the ability to block calls based on Caller ID. Prior to Cisco Unified Communications Manager (CUCM) v8, the only way to block these calls was to configure voice translation rules and profiles on the gateway receiving the calls. This has changed in CUCM v8 with the introduction of an additional parameter in translation patterns: Route Next Hop By Calling Party Number.
Moving data from one networked device to another requires several different functions. Each function has its own protocol or protocols that define how it is accomplished. Also, the process of delivering data from one device to another can vary. The main factor in data delivery is determining whether the two devices are directly connected or remotely connected.
Moving data from one networked device to another requires several different functions. Each function has its own protocol or protocols that define how it is accomplished. Also, the process of delivering data from one device to another can vary. The main factor in data delivery is determining whether the two devices are directly connected or remotely connected.
While most organizations have not yet fully (or in many cases even partially) adopted cloud computing, the trend is growing in all but the smallest businesses.
The process of learning how to subnet IP addresses begins with understanding binary numbers and decimal conversions along with the basic structure of IPv4 addresses. This paper focuses on the mathematics of binary numbering and IP address structure.
While the Internet uses IP addresses assigned by an Internet authority such as the American Registry for Internet Numbers (ARIN), there are too few of these numbers to uniquely identify the millions of computers and computing devices in the world. Therefore, most enterprises use private addresses which allow them to identify the aforementioned computers. Of course, these IP numbers cannot be allowed on the Internet because all private networks use the same ones so there would be vast overlapping of addresses, and the addresses are not compliant anyway. Therefore, it is necessary to change the identity of a private host to a legal public host. This process is called Network Address Translation (NAT) and may be implemented on Cisco firewall products and Cisco routers. The firewall device(s) at the Internet demarcation point is by far the more popular way to implement NAT, but routers are used in small offices or small-to-medium-sized networks in which a separate firewalling solution is not possible or affordable. The focus of this paper is on the router-based NAT solution.
Spanning Tree Protocol (STP) is dead, or at least it should be. It’s too slow to converge when there’s a change, and it causes issues with performance because there is only one forwarding path. It was developed in 1985 by Radia Perlman at Digital Equipment Corporation to allow for redundant paths within a Layer 2 topology, which was great in 1985. In fact, it was huge! So much so, that it was later standardized by the IEEE as 802.1D, and we’ve been living with it ever since.
Cisco Access Control Lists (ACLs) are used in nearly all product lines for several purposes, including filtering packets (data traffic) as it crosses from an inbound port to an outbound port on a router or switch, defining classes of traffic, and restricting access to devices or services. Knowing how to design, configure, and troubleshoot ACLs is required for all network engineers working within a Cisco network.
RTMT provides a set of canned views of both system resources and application counters that provide you with a snapshot of your environment right out of the box. Read on to learn how you can make RTMT even more helpful by customizing it to show you different views of your resources and CUCM environment.
In the spring of 2013, Cisco announced major updates to their Cisco Certified Network Associate (CCNA) curricula, including a new version of the CCNA Routing and Switching exam (200-120 CCNA). This paper provides a review of the CCNA Routing and Switching exam's critical concepts, as an aid to students preparing to pass the latest version of the CCNA Routing and Switching exam.
Many companies are already using VoIP while incorporating video capabilities into their portfolio of services. One question that I am often asked is, “How can we ensure that the voice and video quality is good and consistent when using VoIP?”
If you’re in IT, you’ve likely heard the saying, “In technology, the only thing constant is change itself,” and boy is that right! For technical companies, if you are not moving forward, then you’re falling behind. There is no such thing as standing still! A perfect example of this mindset is in Cisco’s evolution of video conferencing and telepresence.
According to Cisco marketing, Dynamic Multipoint VPN (DMVPN) “will lower capital and operation expenses, simplifies branch communications, reduces deployment complexity, and improves business resiliency.” Okay. But what is it, really, and why should we care?
With the advent of video use in our everyday communications, a number of questions commonly surface. One of them is the question of terminology. What's the difference between video conferencing and telepresence? What is meant by immersive technologies? Frankly, there is no one single right answer.
The short answer (and a common one in our industry): it depends. When comparing Cisco IOS with Juniper Junos, the decision to choose one over the other is difficult and often boils down to cost. Of course, there are other factors to consider.
Instructor Carol Kavalla talks about the advantages of taking a Cisco Data Center Unified Fabric Implementation class from Global Knowledge.
In this report, I've reviewed the 15 most popular certifications according to our more than 12,000 North American respondents to our annual IT Skills and Salary Survey. For each certification, you'll find a brief description, the average salary, and some insight into why it is popular.
You know you need to invest in training, but how do you get the best return on investment (ROI) from your training dollars? To help you make smart training decisions, we've put together this guide, which illustrates some alternative and little-known payment options, the types of discounts and promotions available with training and a suggested list of courses that give you excellent value.
Need to control the digits contained in the telephone number that enter or leave a gateway? Digit manipulation involves adding, subtracting, and changing telephone numbers. You can manipulate calling numbers, called numbers, and redirecting numbers, as well as the numbering plan and ISDN number type. Learn about the techniques that are applied to incoming or outgoing calls, or globally to all calls. You can also manipulate telephone numbers before or after a dial peer is matched.
Frequently, questions come up in the Cisco Contact Center Express classes I teach concerning the ability of the system to perform this or that task. In this blog post, I will cover some of the more popular questions I get during class.
Instructor John Harmon explains subnetting using binary numbers and decimal conversions.
Instructor John Harmon continues his explanation of subnetting by showing how subnet masks can be used to sub-divide networks.
In numerous Cisco classes, students learn about IPv4 and IPv6 address subnetting, complex subnetting, variable length subnet masking (VLSM), summarization, prefix routing, and address aggregation. These are valuable skills. In order to apply these skills efficiently, a network designer should possess one additional skill. Planning the IP address space for a Class A or B IPv4 address is necessary to apply the complex skills listed above properly. Complex subnetting, VLSM, and IP address summarization can be implemented simply and efficiently with proper planning.
John Barnes, Global Knowledge's Cisco Course Developer, discusses enhancements to our UCS Troubleshooting Boot Camp and suggestions for students in preparation for this course.
Meet Global Knowledge course director and lab topology architect Joey DeWiele, a specialist in Unified Communications. Joey will walk you through the benefits of our exclusive Cisco UC lab architecture - a more scalable and stable approach to the all-important labs featured in unified communications courses. Our labs feature upgraded hardware and software including Custom Lenovo T61 PCs, 7965 IP Phones, 3560 Switches and Call Manager 7. With our flexible UC architecture, students are able to view and experience the full lab architecture regardless of which Cisco UC course they are taking or the skill set they are seeking. The lab architecture features a realistic network with redundant environments that are made rich with multiple machines, pre-deployed tools with shortcuts, online documentation that is particular to individual pods, and multiple OS support for all virtual machines (Windows, Linux, VMware).
Global Knowledge instructor Doug Notini discusses the benefits of our FIREWALL 2.0 - Deploying Cisco ASA Firewall Solutions course.
Diane Teare, Global Knowledge's Cisco Course Director, discusses the advantages to taking our CCNA Boot Camp.
Global Knowledge Course Director and Lab Topology Architect Joey DeWiele, a specialist in Unified Communications, explains presence.
A video covering our Cisco Unified Communications courses - ACUCW1 & ACUCW2 - by Global Knowledge Course Director and Lab Topology Architect Joey DeWiele, a specialist in Unified Communications.
Global Knowledge Course Director and Lab Topology Architect Joey DeWiele, a specialist in Unified Communications, discusses Cisco Unity, Unity Connection & Unity Express.
Course director Jim Thomas explains how our custom labs, which utilize external hosts, ISR routers, and DMZ, provide a real-world environment for students.
Rodger Foster, our senior Cisco instructor, reviews how multiple gateways are used to provide redundancy in the network.
This is another topic of heated debate, and it changes from network to network, but I found a simple approach that works in most cases. Since I have four queues and four classes of traffic, I need to categorize my important traffic into four classes. Strictly for explanation purposes I took some liberty in defining four categories of traffic that are very effective in both large and small networks. These classes are: Real Time Protocol (RTP), Network Management (NetMgt), Business Critical, and the Default.
That depends on their configurations. For example: While it makes very good sense to include redundant physical links in a network, connecting switches in loops, without taking the appropriate measures, will cause havoc on a network. Without the correct measures, a switch floods broadcast frames out all of its ports, causing serious problems for the network devices. The main problem is a broadcast storm where broadcast frames are flooded through every switch until all available bandwidth is used and all network devices have more inbound frames than they can process.
As we discussed previously, Cisco created the Nexus Operating System (NX-OS) to power its next-generation data-center switching platform. While this new OS shares many similarities to the original IOS, there are some definite differences that you need to be aware of as you begin using it.
The most obvious difference is that hubs operate at Layer 1 of the OSI model while bridges and switches work with MAC addresses at Layer 2 of the OSI model. Hubs are really just multi-port repeaters. They ignore the content of an Ethernet frame and simply resend every frame they receive out every interface on the hub. The challenge is that the Ethernet frames will show up at every device attached to a hub instead of just the intended destination (a security gap), and inbound frames often collide with outbound frames (a performance issue).
Global Knowledge Course Director and Lab Topology Architect Joey DeWiele, a specialist in Unified Communications, explains the difference between Cisco's Call Manager Express & Call Manager.
This week we'll review the IPv4 Address Classes including subnet masks, examples of Class C, Class B, and Class A subnet masks, and planning IPv4 addresses.
Both technologies, Ethernet and FC, satisfied the two conditions at that time, but there was a catch. Read more.
In the previous post, we discussed the need for VXLAN in the cloud along with the issues it solves. In this post, we will focus more on how VXLAN works.
Global Knowledge Course Director and Lab Topology Architect Joey DeWiele, a specialist in Unified Communications, explains QoS.
Configuring a wireless lab for study and testing capabilities is a bit more involved than you might think at first glance. Most of the requirements take place on the management devices, but the underlying switch infrastructure requires some preparations as well. The tasks involved are as follows:
Anyone who’s managed switches over the years knows that the Spanning-tree protocol (STP) is both the best and worst thing to ever happen to the data center at layer 2 of the OSI model. On the plus side, the Spanning-tree protocol is what first allowed us to create redundant paths within our switching infrastructure, making our data center much more resilient to outages than ever before. Anyone who’s experienced a “broadcast storm” knows the full value of Spanning-tree in the traditional switching environment. We’ve also seen many improvements in Spanning-tree over the years to make it work faster and more efficiently (i.e. Rapid Spanning-tree, Bridge Assurance, and many others).
Previously, I talked about the logical and physical steps to building a basic certification lab, concentrating mostly on the CCENT/CCNA Routing and Switching level. Once you have that set of certifications under your belt, there are several options for specialization. Each of these advanced technology tracks serve as methods of enhancing your professional skill set as follows:
The Cisco UCS is truly a “unified” architecture that integrates three major datacenter technologies into a single, coherent system: Computing Network Storage Instead of being simply the next generation of blade servers, the Cisco UCS is an innovative architecture designed from scratch to be highly scalable, efficient, and powerful with one-third less infrastructure than traditional blade servers.
The official Cisco CCNP Security FIREWALL training course (as well as other documentation) recommends enabling the inspection of the Internet Control Message Protocol (ICMP), even though it’s disabled by default. The image below displays the recommended practice as configured in ASDM, but the curious student might wonder what the unchecked “ICMP Error” box is. That’s what I’ll focus on in this post.
In this post I’ll focus on a topic that’s mentioned in the Cisco FIREWALL training class but isn’t emphasized there or in the online Cisco ASA documentation. When configuring failover on a pair of ASA security appliances, a situation can arise in which network disruption occurs due to the secondary ASA in a failover pair becoming active first and then the primary comes online second. Both the documentation and the courseware point out that this causes the secondary (and active ASA) to swap its interface MAC addresses with those of the primary. Being naturally skeptical about this behavior, I decided to investigate. The rest of this post illustrates my confirmation of this phenomenon.
Although the GSS can be configured to be authoritative for an entire domain, e.g. cisco.com (option 1), the GSS is designed to be integrated into an existing traditional BIND-based or any DNS system. The GSS operates as an A-record DNS server for Hosted Domains (HD) for which it has been delegated authority from a higher-level name server, which generally would be a name server (NS) controlled by an Enterprise or ISP. In addition to A-record support, the GSS is able to proxy for other query types using NS Forwarding and a back-end name server such as BIND.
The Global Site Selector (GSS) leverages the Domain Name System (DNS) to provide clients with reliable and efficient content services. Domain to IP address mapping is performed with consideration for availability, location, and load of content servers. Using the GSS in combination with Cisco’s Content Services Switch (CSS), Cisco’s Catalyst 6000 Content Switching Module (CSM), or Cisco’s Application Control Engine (ACE) allows users to create Global Server Load Balancing (GSLB) networks.
In this hour-long webinar, Global Knowledge instructor John Barnes will guide you through implementing Cisco private VLANs. He will review VLANs and 802.1q, and he will discuss private VLAN fundamentals and operation, covering primary VLANs and secondary VLANs. He will cover VLAN mapping and discuss using private VLANs between multiple switches. He will also provide a use case example.
Global Knowledge Course Director and Lab Topology Architect Joey DeWiele, a specialist in Unified Communications, explains the difference between our Cisco Unified Communications courses - ACUCW1 & ACUCW2.
According to the OSI layer concept, routing, or best path selection, takes place on Layer 3 and is based on the logical address. In this post, we want to discuss some of the points in that statement.
According to the OSI layer concept, routing, or best path selection, takes place on Layer 3 and is based on the logical address. In this post, we want to discuss some of the points in that statement.
This week’s post highlights some of the features and implementation specifics regarding the Datagram Transport Layer Service (DTLS) protocol used in Virtual Private Networks with the Cisco AnyConnect® SSL client. I’ll provide some background as well as some screenshots and supported CLI commands.
In this webinar, you will examine the need for IPv6 and whether it's possible to survive on IPv6 alone. You will learn ways to phase in IPv6 and how to successfully migrate to IPv6.
One command that had a fairly long history first with the PIX Firewall and now the ASA is the shun command. In this post we’ll examine this command’s history, why it’s useful, and its new-found resurgence in threat detection implementation.
Interior Gateway Routing Protocol (IGRP) was a Cisco-proprietary Distance-Vector (D-V) classful routing protocol - basically an improved version of RIPv1. Like other D-V protocols, each IGRP router periodically flooded its routing table, but it differed from RIP in two ways. First, RIP’s advertisement interval was thirty seconds but IGRP’s was ninety seconds, which allowed IGRP to scale to larger networks than RIP. Second, RIP used a simple hop count metric, but IGRP’s more sophisticated metric was based on minimum path bandwidth and total path delay, with options to include link reliability and interface loading.
When the hostname.domainname associated with my Small Office Home Office (SOHO) failed to update after a power outage, and a new DHCP-assigned external address was assigned to my router, I was reminded of the need for Dynamic DNS. This article will explore the implem...
As is frequently the case these days, I get a brainstorm for an article during a Cisco Security training class I conduct. This summer I taught the Securing Networks with ASA Fundamentals class, which concentrates heavily on the Adaptive Security Device Manager (ASDM)...
As is sometimes the case, the idea for this article originated with a student question I received during one of the Securing Networks with ASA Fundamentals classes I have taught this summer. The course material mentions a simple scenario whereby IP Telephony traffic...
I recently came across an opportunity to use a relatively new feature in Cisco Unified Communications Manager (CUCM). Suppose you are the telecom administrator at a community hospital. During business hours, the Facilities Department is staffed and team members simpl...
Occasionally as I'm teaching a Cisco training class, I get an idea for a blog post and it happened again this week. The Securing Networks with ASA Fundamentals curriculum is mostly based on the Adaptive Security Device Manager (ASDM). While the class describes the us...
The subject of this week’s post was actually prompted by a question from a former colleague. Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...
Learn how to calculate QOS Bandwidth Percent vs Bandwidth Remaining Percent using a Cisco-defined formula. Read on for answers and examples from the experts at Global Knowledge!
There are many interesting new issues that seem to have come with the addition of voice and video to the data network. Most of the engineers that are now working on VoIP networks come from either a pure data network background or a traditional phone system background...
In my last post, we learned that the Dynamic Host Configuration Protocol (DHCP) is a computer networking protocol used by hosts, identified as DHCP clients, to retrieve IP address assignments and other configuration information. DHCP uses a client-server architectur...