Securing a DMVPN spoke – Part 2
In Part 1 we went through protecting the spoke from the outside world on the Internet and using the stateful inspection firewall CBAC, Content-Based Access Control, to dynamically allow returning traffic back in. CBAC works great for a single inside zone and a single outside zone. What if your business requirements have more than two […]
Author information
The post Securing a DMVPN spoke – Part 2 appeared first on Packet Pushers Podcast and was written by Charles Galler.
Healthy Paranoia Show 18: Illusion, Lies and Neuroscience with Alex Stone
Ladies and gentleman, prepare to be mystified and amazed by another episode of Healthy Paranoia. Where even the unicorns are nerdy and the evil bit is always set on your packets. Just in time for Halloween, get ready for some tricks and definitely treats, because we’re going to discuss the intersection of magic, social engineering […]
Author information
The post Healthy Paranoia Show 18: Illusion, Lies and Neuroscience with Alex Stone appeared first on Packet Pushers Podcast and was written by Mrs. Y.
Show 165 – Running Code Is What Defines The Rules
Ethan Banks and Greg Ferro are joined on this week’s Packet Pushers podcast by Teren Bryson, Paul Stewart, and Michele Chubirka. This is a community show, meaning it’s just a bunch of engineers chatting about the industry and our experiences. No vendors looking over our shoulders at all. Here’s what we yammer on about. Topics […]
Author information
The post Show 165 – Running Code Is What Defines The Rules appeared first on Packet Pushers Podcast and was written by Ethan Banks.
F5 LTM Encrypted Cookie Insert Persistence
The purpose of a load balancer is to distribute client connections to multiple servers to increase load capacity and provide high availability. One common requirement of load balanced applications, since most application servers maintain session information on the local box, is that a client must stay locked to a single server for the duration of […]
Author information
The post F5 LTM Encrypted Cookie Insert Persistence appeared first on Packet Pushers Podcast and was written by Eric Flores.
Review: Information Storage and Management
EMC Education Services Safari | Amazon I’m a routing geek. Not a storage, compute, SONET, web design, and mobile phone geek — a routing geek. But even routing geeks need to know something about the stuff that attaches to the network right? In the spirit of learning something new, I recently picked up (and […]
Author information
Back to the Basics…
Now that I’ve finished learning about SDN, and then studied for and passed my latest Cisco certification (CCNA Security, keeping that vendor certification path open!), I’ve gotten into the groove of studying at night (and I as I love IT, and specifically networking, it’s kinda become my hobby… I know, lame, right?) In any case, […]
Author information
The post Back to the Basics… appeared first on Packet Pushers Podcast and was written by Will Dennis.
Bash and Net-SNMP: a low budget, high frequency SNMP poller
Introduction Note: This assumes you’re on a linux machine, but it should work on any box where you can install and run Bash, for example windows with Cygwin. (You’ll also need the date program from GNU Core Utilities too, but that’s installed by default on any normal Linux or Cygwin system.) Note: For simplicity the […]
Author information
The post Bash and Net-SNMP: a low budget, high frequency SNMP poller appeared first on Packet Pushers Podcast and was written by Nik Weidenbacher.
Stateless Routing Through an in-line F5 LTM
When using an F5 load balancer there are 2 predominant ways to setup the network topology. While there are many different names for these methods, in this article I will call them “load balancer on a stick” and in-line. Although the article is about the in-line method, we will quickly review both methods for comparison. […]
Author information
The post Stateless Routing Through an in-line F5 LTM appeared first on Packet Pushers Podcast and was written by Eric Flores.
Hot,Cold, Mash Potato Routing and BGP Route Reflector Design Considerations.
If someone tosses you a hot potato, do you want to hold it a long time? If you like pain maybe the answer is yes – but how many of us like pain? In the same way, hot potatoes are very applicable to the Service Provider environment. When a service provider receives a packet, if […]
Author information
The post Hot,Cold, Mash Potato Routing and BGP Route Reflector Design Considerations. appeared first on Packet Pushers Podcast and was written by Orhan Ergun.
MPLS VPNs and Junos config groups: a match made in router heaven
Introduction If you manage MPLS VPNs on Juniper Networks devices running Junos (or are learning about doing so), this tip should make your life easier. I can’t imagine operating MPLS VPNs on a scale of more than a handful of VPNs without it. Below I’ll describe how it works, and then to make sure it’s […]
Author information
The post MPLS VPNs and Junos config groups: a match made in router heaven appeared first on Packet Pushers Podcast and was written by Nik Weidenbacher.
IPSec Bandwidth Overhead Using AES
Someone asked so lets walk through the overhead introduced when using IPSec with AES; it’s higher than you might think and I haven’t even factored in ISAKMP. Encryption really isn’t ‘my bag’ so if anything is wrong, do let me know; hopefully public scrutiny will mean I can truly rely on these figures. Take a […]
Author information
The post IPSec Bandwidth Overhead Using AES appeared first on Packet Pushers Podcast and was written by Steven Iveson.
Not-Via? Not-What?
In our last episode (it’s been two weeks!), we talked about P’s and Q’s. Now we’ll get down into a few details, and think through what is probably the simplest mechanism ever designed for finding alternate loop free paths through a two connected network: not-via. Let’s use the embedded network as an example. In this […]
Author information
Show 164 – Cool or Hot? Lapukhov + Nkposong’s BGP SDN
On this Packet Pushers podcast, hosts Ethan Banks and Greg Ferro are joined by Petr Lapukhov for a discussion about his IETF draft on BGP SDN, co-authored with Edet Nkposong. Guests Russ White and Ivan Pepelnjak also join in the discussion, quizzing Petr about the details of the draft and how implementation has worked out thus far […]
Author information
The post Show 164 – Cool or Hot? Lapukhov + Nkposong’s BGP SDN appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Why so Rude?
The engineering world has a long standing tradition none of us should be too proud of: rudeness. There was, in fact, a time when I was working the phones on customer support that the general attitude was, “feel free to flame me when I ask a question, just answer the question in the flame.” Flames […]
Author information
The Importance of Setting Expectations
One of my first experiences dealing with a technology customer involved a request to deliver and install a new PC and printer. During the process I expected I would need to educate the user on the features of Windows 3.1. This was before I ever really started working in technology in a full-time capacity. While […]
Author information
The post The Importance of Setting Expectations appeared first on Packet Pushers Podcast and was written by Paul Stewart.
TCP Over IP Bandwidth Overhead
How long will it take to transfer a 100MB file over an IPSec tunnel running across a dedicated 100Mbps Ethernet link? 1 Second? Fail! 8s? You’re getting warmer. It’s almost 8.5s without the IPSec and over 9s with it. What’s the big deal with a 1s difference? Well, extrapolate that increase, let’s say it’s 13%, and […]
Author information
The post TCP Over IP Bandwidth Overhead appeared first on Packet Pushers Podcast and was written by Steven Iveson.
Healthy Paranoia Show 17: How Do I Pwn Thee?
Greetings fair ladies and kind sirs, I present yet another episode of Healthy Paranoia. In this episode we examine the notoriously mad, bad and dangerous to know; pentest dropbox. Joining Mrs. Y are some poètes maudits of the security realm, including; Taylor Banks, Dan Tentler, Kyle Stone, Nick Lennox and Jay James. A dropbox or […]
Author information
The post Healthy Paranoia Show 17: How Do I Pwn Thee? appeared first on Packet Pushers Podcast and was written by Mrs. Y.
Leveraging LISP for IPv6 internet connectivity
Introduction End hosts inside of the enterprise or home can be connected to the IPv6 internet using LISP’s powerful encapsulation mechanisms. This article is structured in three sections exploring the utilization of LISP as means of IPv6 internet connectivity. The first section dives into IOS LISP IPv6 configuration and verification of the control-plane/data-plane. The use […]
Author information
The post Leveraging LISP for IPv6 internet connectivity appeared first on Packet Pushers Podcast and was written by Pablo Lucena.
Make yourself a standout
As people manage their careers, it is common sense that they need to stand above their peers if they want to outperform them from a career perspective. This is why you see people working 14- or 16-hour days. It’s become such common behavior that it is a central meme in just about every movie or […]
Author information
The post Make yourself a standout appeared first on Packet Pushers Podcast and was written by Michael Bushong.
Mind Your Q’s and P’s
In the midst of this series of posts around fast convergence, someone asked if I could explain p and q space a little better. The illustration here might help readers who have more of a visual mind to understand the concepts involved. (feel free to click through to a larger version) Essentially, we can think […]