Introduction to TACACS and TACACS+ (Terminal Access Controller Access Control System)
Today I am going to talk about the TACACS and TACACS+ basics with you. I am sure most of you already knew TACACS and TACACS+ as many of you worked and configured the configuration on your devices whether it will Cisco, Juniper or any other vendor in your network.
Here in this article I am Just talk about TACACS and TACACS+ as follow.
What is TACACS and TACACS+ ?
TACACS and TACACS+
Here in this article I am Just talk about TACACS and TACACS+ as follow.
What is TACACS and TACACS+ ?
Well all of you already listern this term so many times but many of you confuse what is TACACS and TACACS+.
Terminal Access Controller Access Control System or called as TACACS is a authentication protocol and is commonly used within the UNIX based networks that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system.
TACACS and TACACS+
TACACS is a simple UDP-based access control protocol originally developed by BBN for MILNET. TACACS+ is an enhancement to TACACS and uses TCP to ensure reliable delivery.
 |
| Fig 1.1- TACACS and TACACS+ Server |
TACACS+ is an enhancement to the TACACS security protocol. TACACS+ improves on TACACS by separating the functions of authentication, authorization, and accounting (AAA) and Continue reading
5 Free Android Apps for Networking Pros
These apps can help network administrators troubleshoot and optimize their networks.
DMVPN or Firewall-Based VPNs?
One of my readers sent me this question:
I'm having an internal debate whether to use firewall-based VPNs or DMVPN to connect several sites if our MPLS connection goes down. How would you handle it? Do you have specific courses answering this question?
As always, the correct answer is it depends, in this case on:
Read more ...Nutanix Claims Object Storage, Compute Coming to Cloud Stack, But Timeline Is Unclear
The services allow Nutanix to better compete against VMware's hybrid cloud offerings.
Difference Between Cisco ACI Multi-Pod Vs Cisco ACI Multi-Site
Today I am going to talk about the difference between the Cisco ACI Multi-Site and Cisco ACI Multi-Pod deployment. I already talk about the basics of Cisco ACI Multi-Site and Cisco ACI Multi-Pod in my earlier posts. If you want to look through it, Please have a look to the below link to understand the Cisco ACI Multi-Pod and Cisco ACI Multi-Site
Introduction to Cisco ACI stretched fabric and ACI Multi-pod Fabric Designs
Introduction to ACI Multi-Site Fabric Design Network
Hope you go through the above links to understand, So let me talk about the basic difference between the Cisco ACI Multi-Pod and Cisco ACI Multi-Site.
Below are the difference as :
Introduction to Cisco ACI stretched fabric and ACI Multi-pod Fabric Designs
Introduction to ACI Multi-Site Fabric Design Network
Hope you go through the above links to understand, So let me talk about the basic difference between the Cisco ACI Multi-Pod and Cisco ACI Multi-Site.
 |
| Fig 1.1- ACI Multi-Site and Multi-Pod Deployments |
Below are the difference as :
- In Multi-Pod you can have, Full ACI functionality across an entire Multi-Pod fabric while in in Multi-Site you can have Tenants, Applications, VRFs, BDs, Subnets, EPGs (including μSeg), policies stretched across ACI fabrics
- Availability Zone: In Multi-Pod, Single availability zone with one APIC cluster for an entire Multi-Pod fabric that provides central point of management while in Multi-Site we have Multiple availability zones.In each fabric with its separate APIC cluster is an availability zone managed by Multi-Site.
- VM Migration : In Multi-Pod, Live Continue reading
Rough Guide to IETF 100 – IPv6
In this post for the Internet Society Rough Guide to IETF 100, I’m reviewing what’ll be happening at IETF 100 in Singapore next week.
IPv6 global adoption rates passed 20% shortly after IETF 99, with a number of countries making substantial strides in IPv6 deployment in the past few months. Belgium still leads the way at over 60%, but India has shot up to over 50% which is extremely encouraging in such a large market. Adoption rates also exceed 40% in the United States and Germany, and with most major content and cloud providers now supporting IPv6, there’s a substantial amount of IPv6-related work happening in Singapore. In fact, there’s no less than five IPv6-related working groups on the first day alone.
The IPv6 Operations (v6ops) Working Group is always one of the key groups, and since the last meeting has published two RFCs on Host Address Availability Recommendations (https://tools.ietf.org/html/rfc7934) and Local-Use IPv4/IPv6 Translation Prefix (https://tools.ietf.org/html/rfc8215). The meeting kicks off on Monday afternoon and continues on Thursday morning, starting with a case study on IPv6-only deployment at Cisco.
There are also seven drafts being discussed including 464XLAT Deployment Guidelines for Operator Continue reading
Linux Network Components Used In Openstack
The components used under the hood in Openstack Neutron networks.Linux Network Components Used In Openstack
In November 2017 I had the chance to attended the Openstack summit in Sydney Australia. I went to a great session lead by Phil Hopkins from Rackspace on how Openstack Neutron utilizes network namespaces and VXLANs in linux to achieve multi-tenancy. The contents of this blog came largely from...Top 5 From The Last 3 Months
In the year 2017, news comes at you fast.
Top 5 From The Last 3 Months
In the year 2017, news comes at you fast. So, it’s easy to miss the important or informational items that just weren’t on your radar when they first arrived. While we believe VMware NSX should be firmly on everyone’s virtualization radar, we understand that you may miss a few items from time to time. That’s why we’re putting together this VMware NSX news round-up.
This news round-up recaps the latest NSX-related material you may have missed over the past few months for you peruse at your leisure. We’ll compile these posts again from time to time, so be sure to keep your eye on this space for more VMware NSX news rounds-ups and informational posts!
Real World Use Cases for NSX and Pivotal Cloud Foundry
From the post: Pivotal Cloud Foundry (PCF) is the leading PaaS solution for enterprise customers today, providing a fast way to convert their ideas from conception to production. This is achieved by providing a platform to run their code in any cloud and any language taking care of all the infrastructure “stuff” for them.
From building the container image, compiling it with the required runtime, deploying it in a highly available mode and connecting Continue reading
Ixia Adds New Visibility for Open Switches With a Software Solution
The packet broker software supports software-defined data centers.
The Internet, Homemade
The following post originally appeared on the APNIC blog.
The Internet can enhance social inclusion and participation and can contribute to economic development. Therefore, it should be a commodity for every citizen, but, as RFC3271 says, ‘it will only be such if we make it so.’
Internet infrastructure and services do not even reach 50% of the global population. The three main issues affecting Internet growth are: not everyone wants or needs it, not everyone has access to it, and not everyone can provide it.
I respect people’s choices with the first issue since the Internet is not a natural thing that we need to sustain or protect ourselves. However, for many, they don’t want or need the Internet because there is a lack of locally relevant content and services or training on how to use it. Metaphorically speaking: Shall I eat the same fast food made far away when I like my local tasty food not offered here?
Without content and services adapted to my local taste and language, it may not be attractive or digestible. At the same time, local access and education are necessary primers to produce such relevant and meaningful content.
The second and third Continue reading
Widespread impact caused by Level 3 BGP route leak
For a little more than 90 minutes yesterday, internet service for millions of users in the U.S. and around the world slowed to a crawl. Was this widespread service degradation caused by the latest botnet threat? Not this time. The cause was yet another BGP routing leak — a router misconfiguration directing internet traffic from its intended path to somewhere else.
On Nov. 6, our network experienced a disruption affecting some IP customers due to a configuration error. All are restored.
— Level 3 Network Ops (@Level3NOC) November 6, 2017
While not a day goes by without a routing leak or misconfiguration of some sort on the internet, it is an entirely different matter when the error is committed by the largest telecommunications network in the world.
In this blog post, I’ll describe what happened in this routing leak and some of the impacts. Unfortunately, there is no silver bullet to completely remove the possibility of these occurring in the future. As long as we have humans configuring routers, mistakes will take place.
What happened?
At 17:47:05 UTC yesterday (6 November 2017), Level 3 (AS3356) began globally announcing thousands of BGP routes that had Continue reading
Telcos Eye Multi-Billion Dollar IoT Opportunity, Panel Says
Telcos own the wired and wireless infrastructure needed for smart cities.
Riverbed SD-WAN Incorporates Zscaler Cloud Security
It provides a migration path from perimeter-based security appliances.