I wanted to share a quick post on a feature that I have found incredibly useful on the ASA and has been extended to Firepower Threat Defense. The feature is called Packet Tracer and is an easy way to apply “packet walk” logic to a flow that would be initiated through the platform. Like most things FTD, the Firepower Management Console is the point of contact for initiating the process.
To initiate Packet Tracer in FTD, open the Firepower Management Console and choose ‘Devices‘ then ‘Device Management‘. Next, select the device that you want to perform the operation and select the icon that looks like a screwdriver and wrench.
This will produce the screen that provides health monitoring and troubleshooting for the device. Selecting “Advanced Troubleshooting” will change the view to a multi-tab troubleshooting screen.
Selecting the Packet Tracer tab will allow for input like Source/Destination, Protocol, Port, SGT, etc.
After filling out this information and choosing “Start“, the device would be put through the same process as an initial packet of a new connection. The resulting packet walk is shown in an expandable tree view or raw text (user selectable).
While Cisco Live this year was far more about the campus than the DC, Cisco did announce the Cisco Nexus 9364C, a spine-oriented switch which can run in both ACI mode and NX-OS mode. And it is a monster.
It’s (64) ports of 100 Gigabit. It’s from a single SoC (the Cisco S6400 SoC).
It provides 6.4 Tbps in 2RU, likely running below 700 watts (probably a lot less). I mean, holy shit.
Cisco Nexus 9364C: (64) ports of 100 Gigabit Ethernet.
And Cisco isn’t the only vendor with an upcoming 64 port 100 gigabit switch in a 2RU form factor. Broadcom’s Tomahawk II, successor to their 25/100 Gigabit datacenter SoC, also sports the ability to have (64) 100 Gigabit interfaces. I would expect the usual suspects to announce switches based on these soon (Arista, Cisco Nexus 3K, Juniper, etc.)
And another vendor Innovium, while far less established, is claiming to have a chip in the works that can do (128) 100 Gigabit interfaces. On a single SoC.
For modern data center fabric, which rely on leaf/spine Clos style topologies, do we even need chassis anymore?
For a while we’ve been reliant upon the Sith-rule on Continue reading
The debate on encryption in the EU has followed a familiar path in pitting national security against concerns about civil liberties and privacy. On the one hand, Governments and intelligence agencies have increasingly claimed that the widespread use of encryption could threaten national security.
The FTC doesn’t want the deal to quash competition with Cisco.
Juniper Research also predicts 5G revenue could top $269 billion by 2025.
ADVA has been on a streak of bolstering its optical networking and virtualization platforms.
The reshuffling could result in layoffs.
Submarine Cable is probably the most important topic for the International traffic. More than 99% of the International traffic , including data, voice and video is carried over Submarine Cables. But still submarine cables is not very well known topic among the network engineers, especially if you are not working in the Service Provider, […]
The post Submarine Cable Basics appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
The post Worth Reading: A brittle and fragile future appeared first on rule 11 reader.
curl -L https://github.com/Exa-Networks/exabgp/archive/4.0.0.tar.gz | tar zxNow define the handler, acl.py, that will convert BGP FlowSpec updates into standard Linux netfilter/iptables entries used by Cumulus Linux to specify hardware ACLs (see Netfilter - ACLs):
#!/usr/bin/python
import json
import re
from os import listdir,remove
from os.path import isfile
from Continue reading