How Does Internet Work - We know what is networking
In case you wondered how to redistribute static routes into dynamic routing protocol you are at the right place. This is normally a basic thing to do, but I will let you know how to do it in different ways on different vendor devices so it might be interesting. We will go through few examples of normal static to OSPF redistribution and then see how it can be partially done with only part of static routes using route filters. I’ll do it on Cisco and Juniper devices so we can see what’s the difference. Cisco In Cisco CLI, redistribute static
How Does Internet Work - We know what is networking
I was preparing lab environment to test configuration of Source-Specific Multicast on Juniper SRX Equipment and needed a tool to generate and measure Source-Specific Multicast streams. I was aware that Iperf is a good enough tool to generate and measure multicast and unicast traffic but support for SSM was missing from current version. Fortunately there are always some developers which are interested in networking so one of them developed a special Iperf version 2.0.5 with SSM support. The idea here is to show how to make this version of Iperf work on your Cent OS or similar Linux machine. Here
How Does Internet Work - We know what is networking
In SSM, Source-Specific Multicast, things are done differently from standard multicast forwarding. SSM is specifying a group of hosts that are receiving same multicast stream using group IP address and additionally using stream unicast source IP. In this article it is shown how to configure Source Specific Multicast on Cisco and Juniper equipment. In standard multicast, forwarding is done using group IP address which is an IP from multicast dedicated range 224.0.0.0/4 (224.0.0.0 – 239.255.255.255) or FF00::/8 in IPv6. Each multicast group IP address is a single address which specifies all hosts receiving a specific stream, streamed towards that group
How Does Internet Work - We know what is networking
QKD – Quantum key distribution is the magic part of quantum cryptography. Every other part of this new cryptography mechanism remains the same as in standard cryptography techniques currently used. By using quantum particles which behave under rules of quantum mechanics, keys can be generated and distributed to receiver side in completely safe way. Quantum mechanics principle, which describes the base rule protecting the exchange of keys, is Heisenberg’s Uncertainty Principle. Heisenberg’s Uncertainty Principle states that it is impossible to measure both speed and current position of quantum particles at the same time. It furthermore states that the state of observed particle will change if and
How Does Internet Work - We know what is networking
I stepped on this issue few weeks ago. I was implementing a new ASA Firewall solution, first time for me with software newer than version 8.4.2 It seems that all those stories about changes in the NAT logic after that version were true. This is what I found out about ASA packet processing. Configuration was really straightforward and everything worked fine except one thing. When connected remotely using Cisco AnyConnect I was able to access all devices inside the network (inside ASA firewall), but not the ASA itself. I wasn’t able to connect with SSH nor with ASDM. I, of course,
How Does Internet Work - We know what is networking
Quantum cryptography is a new technique of securing computer network communication channel. Existing standard crypto systems are using advanced algorithms to create key pairs which are extremely hard to inverse engineer. Quantum cryptography avoids any mathematical algorithm and uses principles of quantum physics. Quantum crypto implements a new technique of generating and exchanging crypto keys which makes it impossible for third party entities to get those keys by snooping or to create man in the middle by snooping and sending copies of original key. Keys generated in this way will automatically destroy themselves if read by third-party interferer. When generated between two sides, using quantum key distribution, secret keys will
How Does Internet Work - We know what is networking
If you want to send or store data and be sure it is safe from being intercepted, you will use Cryptography. Cryptography uses chipper as mathematical virtual lock to make data scrambled so that is not understandable if intercepted by unauthorized third parties. There are different cryptography techniques, some of them are: encryption, hashing, and steganography. Cryptography can be differentiated by usage of different key types: Symmetric Key Encryption Asymmetric Key Encryption Symmetric Key Encryption is sometimes known as Secret Key Cryptography. Main characteristic of this type of cryptography is the same key usage in encryption and decryption of transferred
How Does Internet Work - We know what is networking
I sorry to put here something that is not really technical but with a blog with the name “howdoesinternetwork.com” it would be strange not to follow the story about the future of DNS governance giving the fact that DNS is a crutial part of internet functionality. You probably know how the internet works giving the fast that you are visiting a blog like this. Regardless of that, it will not hurt to explain in few words the importance of DNS (Domain Name System) for normal internet operation. Let’s surf to se how this works If you want to open this webpage
How does Internet work - We know what is networking
I wrote all the details about ISSU procedure steps and explained each step extensively. For a shorter update procedure guide check abbreviated article: Short list of upgrade steps without extensive explanations “Cisco Catalyst 6880-X VSS ISSU Upgrade Steps“ Intro Cisco spoiled us over the years with great and detailed documentation on each technology and hardware component they support. Still, I managed to find a part where documentation is not detailed enough to give you definite number of steps to get things done. While preparing for software upgrade of Cisco Catalyst 6880-X VSS cluster I stumbled on one of the first examples of
ISSU Upgrade of Cisco Catalyst 6880-X VSS Cluster and 6800ia FEX extenders
How does Internet work - We know what is networking
I wrote extensively about ISSU procedure steps in the article: “ISSU Upgrade of Cisco Catalyst 6880-X VSS cluster and its four 6800ia FEX extenders“ This is a short version without comments and explanations for those that need to get things done quickly without reading through my extensive waffle. Let’s start! 1. Get the info on which IOS version is supported to be upgraded with ISSU Google for ISSU or EFSU IOS upgrade support or use this Cisco doc “SX_SY_EFSU_Compatibility_Matrix1” to select supported IOS for ISSU upgrade from your current version. 2. Upload IOS to both Chassis copy ftp://admin:[email protected]/c6880x-adventerprisek9-mz.SPA.151-2.SY7.bin bootdisk: and
How does Internet work - We know what is networking
This is a description on how to deploy a Juniper LAB of 8 vMX routers and making a simple topology in VMware vSphere environment. vMX is Juniper’s virtual production router so this could be the same procedure for deploying vMX device in production except different number of routers and their interconnection with vSwitch setup. As you might have seen from my previous post, I’m trying to get into Juniper configuration lately. One of the things that I needed is to set up a simple lab running Juniper vMX machines with multicast forwarding enabled. It was a simple lab experiment with few commands on each device.
How does Internet work - We know what is networking
I’m fairly new to Juniper CLI. For one of my first tries, I decided to make my life difficult by starting with multicast configuration on virtual vMX routers running as VMs on VMware ESXi. It took a lot of investigation about some part of this configuration specially the tunnel interface which you will see below. I decided to put it here all in one place with the explanation of every step because Juniper documentation tends to assume that you know more than me. If that is not the case, this short description is for you. Here’s how the topology looks like. I have
How does Internet work - We know what is networking
For WoL to work, configuration needs to be done on two sides, on the VLAN10 where server is connected, so that magic packets can be sent, and on the client side VLAN11 to enable that magic packets can be delivered to clients.
How does Internet work - We know what is networking
Virtualization of network devices and path isolation is achieved with VRF on the routers, VLANs separate switch port groups into separate broadcast domains
How does Internet work - We know what is networking
As you can see from my article list, I’m going through some VRF configuration in the last few weeks I ran into this today and it sounded interesting enough to share it with you. The issue with TFTP IOS image copy to flash when having all interfaces in specific VRF and no interface in Global Routing Table. Long story short, you kick in this command for normal IOS download to the router: R1#copy tftp://10.10.10.11/c890-universalk9-mz.154-3.M5.bin flash: Destination filename ? Accessing tftp://10.10.10.11/c890-universalk9-mz.154-3.M5.bin... %Error opening tftp://10.10.10.11/c890-universalk9-mz.154-3.M5.bin (Timed out) …and it isn’t working of course. The issue is in having all interfaces member of
How does Internet work - We know what is networking
Ever needed one extra router? It’s possible to split the router into more logical routers by using VRF. How? Here’s how! Virtual Routing and Forwarding or VRF allows a router to run more that one routing table simultaneously. When running more routing tables in the same time, they are completely independent. For example, you could use same or overlapping IP addresses in both VRFs and it can be used without conflict. It is possible to use same VRF instance on more routers and connect every instance separately using VRF dedicated router port or only a sub-interface. You can find VRFs to be used
How does Internet work - We know what is networking
Routing table will then leave to the switching process the job of load-sharing. That is, route-cache mechanisms like CEF on Cisco device will do load-share per session using source-destination IP.
How does Internet work - We know what is networking
We are going back to networking basics with this post. In few lines below you will find most important theory that makes network gear do its job. The main router job is to making routing decisions to be able to route packets toward their destination. Sometimes that includes recursive lookup of routing table if the next-hop value is not available via connected interface. Routing decision on end device like PC, Tablet or Phone If one device wants to send a packet to another device, it first needs to find an answer to these questions: Is maybe the destination IP address chunk of local subnet
How does Internet work - We know what is networking
CoPP – Control Plane Protection or better Control Plain Policing is the only option to make some sort of flood protection or QoS for traffic going to control plane. In the router normal operation the most important traffic is control plain traffic. Control plane traffic is traffic originated on router itself by protocol services running on it and destined to other router device on the network. In order to run properly, routers need to speak with each other. They speak with each other by rules defined in protocols and protocols are run in shape of router services. Examples for this
How does Internet work - We know what is networking
I recently started studying again, this time as an attempt of deep-diving into some security concepts for one of my PhD courses. It’s interesting how, as much as you try to escape from it, mathematics will sooner or later catch you somewhere and you will need to learn a bit more of it. At least that happened to me… In this process I realised that if you go beyond simple security theory and network device configuration all other stuff is pure mathematics. The reason behind my unplanned course in mathematics is explained through the rest of this text. It will