Paul Stewart, CCIE 26009 (Security)

Author Archives: Paul Stewart, CCIE 26009 (Security)

Cisco IOS – Understanding IGP Network Statements

One of the things that I find both counterintuitive and often misunderstood is the role of the network command in interior gateway protocols. This command is used in the router configuration mode on Cisco devices. While there are some protocol specifics that should be understood, it behaves similarly between RIP, EIGRP and OSPF. The common misconception is that the network statement determines what will be advertised. While it can affect what is being advertised, that is not the direct purpose of this command.

If you have mistakenly thought the network command determines what is being advertised, you’re certainly not alone. We can even find verbiage in the output of “show ip protocols” that lends credibility to this position. Let’s take a look at the following configuration.

R1toR2NetworkStatement

In the above example, I have enable EIGRP on all of the interfaces.

R1 Configuration

interface Loopback0
 ip address 1.1.1.1 255.255.255.0
interface Loopback1
 ip address 2.2.2.1 255.255.255.0
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.0
router eigrp 1
 network 1.1.1.1 0.0.0.0
 network 2.2.2.1 0.0.0.0
 network 192. Continue reading

Book Recommendations — Jeff Aiken Series by Mark Russinovich

BookSmallLast week, I spent a the majority of my commute time listening to a cybercrime novel by Mark Russinovich. This book, Trojan Horse, is the second of three books in the Jeff Aiken Novel series and didn’t disappoint in any way. In the past I read the electronic version of the first book, Zero Day. Whether or not you work in information security, you’ll likely find these books enjoyable. Having some grasp of the reach and dependance on information systems, I find these books are reasonably plausible. I plan to listen to the final installment in the series during my travels this week.

Links

Disclaimer: I have nothing to disclaim about this article. The links shared are not affiliate links and PacketU receives no compensation from Mark Russinovich or the vendors distributing his work.

Readers of this article may also enjoy:

  1. Success, the Path to Failure

The post Book Recommendations — Jeff Aiken Series by Mark Russinovich appeared first on PacketU.

Reading a Certification Blueprint

Those studying for certification exams should know what they’re studying for. This is typically found on some sort of syllabus or blueprint. In Cisco parlance, we simply call this the exam blueprint. So those taking ICND1 in hopes of achieving CCENT, would typically research the ICND1 exam blueprint. This is found selecting the link in the Exam Topics section of the exam overview page.

While reading through this type of document, it is important to keep a few things in mind. For example, it is beneficial to continually think about how a vendor may validate knowledge of a particular competency.  It is also important to pay attention to keywords like describe, configure and troubleshoot. The keyword describe would typically indicate only a conceptual understanding is required. Configure or troubleshoot might be used to indicate working proficiency with a technology is expected.

As a candidate assesses a given blueprint, they should think about how they could assess someone else’s knowledge. For example, one might consider the task of hiring a network administrator. How could the understanding of collision domains and broadcast domains be assessed? By thinking in these terms, the challenges that networking vendors face in assessing candidates begins to surface

Looking at a blueprint Continue reading

Interview with David Major, Discussing CLN

During Cisco Live 2014, the Cisco team tracked me down and talked to me about my role and the value of the Cisco Learning Network.

Broadcast live streaming video on Ustream

Links

Readers of this article may also enjoy:

  1. Cisco VIRL – The Virtual Internet Routing Lab
  2. Cisco Live 2013 – Just Around the Corner
  3. 7 Quick Tips for Cisco Live Attendees
  4. 7 Keys to Unlock Your Technology Career (CLN) — Watch the Prerecorded Session
  5. Special Announcement — Upcoming Career Webinar

The post Interview with David Major, Discussing CLN appeared first on PacketU.

Who Understands Network Statements?

A couple of weeks ago, I asked some questions about an obscure OSPF configuration. I found the scenario fun to write and share. Therefore, I wanted to offer another odd configuration that might challenge readers to think through the resulting behavior of a Cisco device. This particular challenge is a quick and dirty RIP configuration based on the following scenario.

RIP Statements

R1 Configuration

interface FastEthernet0/0
 description To Host1
 ip address 10.1.1.1 255.255.255.0
!
interface FastEthernet0/1
 description To R2
 ip address 10.100.100.1 255.255.255.0
!
router rip
 network 10.100.100.0

R2 Configuration

interface FastEthernet0/0
 description To Host2
 ip address 10.2.2.2 255.255.255.0
!
interface FastEthernet0/1
 description To R1
 ip address 10.100.100.2 255.255.255.0
!
router rip
 network 10.100.100.0

Question

Assuming Host1 and Host2 are configured with the appropriate address and default gateway, which following two statements are true?

  • Host1 can reach Host2
  • Host2 cannot reach Host1
  • show run will reveal the configuration above
  • show run will reveal differences from what is shown

A question like this can reveal whether or not an individual has experience configuring interior gateway protocols. Those who have worked with IOS will Continue reading

Classful IP Networks: An Introduction to IP Address Classes

When the concept of subnetting comes up, there is a need to first establish what networks were like before the Internet Standard Subnetting Procedure was introduced in RFC950. Prior to the use of subnet masks, networked devices made assumtions about the network and host portion of the address. This process by which these assumptions is made was defined in RFC791

Addresses are fixed length of four octets (32 bits). An address
begins with a network number, followed by local address (called the
“rest” field). There are three formats or classes of internet
addresses: in class a, the high order bit is zero, the next 7 bits
are the network, and the last 24 bits are the local address; in
class b, the high order two bits are one-zero, the next 14 bits are
the network and the last 16 bits are the local address; in class c,
the high order three bits are one-one-zero, the next 21 bits are the
network and the last 8 bits are the local address.

If that leaves you a bit confused, you are in the right place. This article works through the concept of the IP Address Class. Readers should gain the understanding required to decipher things Continue reading

1 7 8 9