DNS- Domain Name Server
Today I am going to talk about the DNS server. I knew some of the you already knew about the DNS. DNS stands for Domain Name Server and is a service to translate hostname into IP address. DNS is a distributed database implemented in a hierarchy of name servers and DNS is an application level protocol for message exchange between clients and servers.
Now question is Why we required DNS service ?
Now question is Why we required DNS service ?
- It is easier to remember a host name than it is to remember an IP address.
- A name has more meaning to a user than a 4 byte number.
- Applications such as FTP, HTTP, email, etc., all require the user to input a destination
- The user generally enters a host name
- The application takes the host name supplied by the user and forwards it to DNS for translation to an IP address
 |
| Fig 1.1- DNS |
How DNS- Domain Name Server Works ?
- DNS works by exchanging messages between client and server machines.
- A client application will pass the destination host name to the DNS process (in Unix referred to as the get host by name() routine to get the IP address.
- The application then sits Continue reading
DHCP Message Types
Today I am going to talk about the DHCP message types and the meaning of all the requests sent by server and client in DHCP process. The messages are shown below
Messages Types
DHCPNACK: Negative acknowledgement from server to client, indicating that the client's lease has expired or that a requested IP address is incorrect.
DHCPDECLINE: Message from client to server indicating that the offered address is already in use.
DHCPRELEASE: Message from client to server canceling Continue reading
Messages Types
- DHCPDISCOVER
- DHCPOFFER
- DHCPREQUEST
- DHCPDECLINE
- DHCPACK
- DHCPNAK
- DHCPRELEASE
- DHCPINFORM
 |
| Fig 1.1- Sample DHCP request |
 |
| Fig1.2 - Sample DHCP Response |
DHCPDISCOVER: Broadcast by a client to find available DHCP servers.
DHCPOFFER: Response from a server to a DHCPDISCOVER and offering IP address and other parameters.
DHCPREQUEST: Message from a client to servers that does one of the following:
- Requests the parameters offered by one of the servers and declines all other offers.
- Verifies a previously allocated address after a system or network change (a reboot for example).
- Requests the extension of a lease on a particular address.
DHCPACK: Acknowledgement from server to client with parameters, including IP address.
DHCPNACK: Negative acknowledgement from server to client, indicating that the client's lease has expired or that a requested IP address is incorrect.
DHCPDECLINE: Message from client to server indicating that the offered address is already in use.
DHCPRELEASE: Message from client to server canceling Continue reading
Introduction to DHCP (Dynamic host configuration protocol)
Well Routers, servers, other key nodes require specific or static IP address and Clients can use an IP from a pool of available addresses. Minimum host configuration for Internet:
- IP address
- Subnet mask
- Default gateway
- DNS server IP
DHCP allows network administrator to assign a pool of available IP addresses for clients with additional configuration information such as default gateway, DNS IP, WINS IP, domain names
Addresses are leased, Cisco default is 24 hours
 |
| Fig 1.1- DHCP Server |
DHCP process
· Client boots up, sends a DHCPDISCOVER broadcast
· All available DHCP servers respond with DHCPOFFER containing proposed IP address, lease time, DNS IP; server checks that IP offered is not in use before making the offer by issuing a default 2 pings
Basics on Riverbed WAN optimization Solution
Today I am going to talk about basics of Riverbed WAN optimization solution. WAN optimization solutions that deliver broad-spectrum improvement of WANs and the name comes into the mind is Riverbed WAN optimization solution. With Riverbed products, enterprises can implement solutions that help them empower their distributed workforce while eliminating IT capital expenditures and simplifying IT management.
- With the help of Riverbed enterprise can Centralize distributed infrastructure like file servers, mail servers, network attached storage (NAS), and remote office backup systems without affecting remote users
- It is a challenge to share large files but with the help of riverbed you can share large files among colleagues on different continents
- Are you afraid of backup and replication over WAN links, well with Riverbed you can perform backup and replication over long distance WAN links and will have complete them during backup windows that were unachievable just a year ago
- Enterprises need not to upgrade the bandwidth of their WAN circuits as with the Riverbed you can deliver significantly more services on existing WANs
 |
| Fig 1.1- Riverbed Steelhead deployment in WAN |
If you guys aware of the TCP, TCP has a window of packets that can be Continue reading
Introduction to PAT- Port Address Translation
Today I am going to talk about PAT- Port Address Translation or so called as NAT overloading. Before we start with the PAT, please check the facts of NAT in the below mentioned link which i explained earlier.
NAT- Network Address Translation
Well with the above mentioned article link, let me brief you about the NAT is short bullet points
- Enables intra-networks that use private IP addresses to connect to the Internet by translating the address to a globally registered IP address.
- Stores mapping of local to global address in NAT table
- Increases network security by hiding internal IP addresses
- Typically operates at the border of a stub network (single connection to neighbor network)
- Private inside addresses = inside local
- Public addresses = inside global
Now let's talk about the PAT- Port Address Translation, below are the points about PAT
- NAT configured to advertise only one address for the entire internal network to the outside world “static PAT” or “address overloading” or “many-to-one”
- Appends a unique source port number to each translation to outside IP address
- Total number available internal addresses per 1 outside address is 65,536 ports
- Attempts to assign first available port number, if already allocated assigns Continue reading
Cisco 6K Switch Supervisor Engines ( SUP 6T Vs SUP 2T)
I have been asked many times from many of the followers of the blogs about the SUP engines in Cisco catalyst 6k Series product mainly in Cisco 6500 Switches. Well first of all i would like to inform you that Cisco already announce Cisco 6500 chassis end of sale and also the previous SUP engines SUP-720 already end of life announcements.
As the question is related to Cisco 6500 Chassis only and the question is which chassis in Cisco 6500 Chassis supports SUP 2T and SUP 6T supervisor engines ?
Well the answer is SUP 2T and SUP 6T supported in the E-series 6500 chassis only. So if I am talking about the E-Series Chassis they are
What are the capabilities of Cisco SUP 2T supervisor engines ?
As the question is related to Cisco 6500 Chassis only and the question is which chassis in Cisco 6500 Chassis supports SUP 2T and SUP 6T supervisor engines ?
Well the answer is SUP 2T and SUP 6T supported in the E-series 6500 chassis only. So if I am talking about the E-Series Chassis they are
- Cisco Catalyst 6503-E
- Cisco Catalyst 6504-E
- Cisco Catalyst 6506-E
- Cisco Catalyst 6509-E
- Cisco Catalyst 6509-V-E
- Cisco Catalyst 6513-E
What are the capabilities of Cisco SUP 2T supervisor engines ?
Supervisor Engine 2T is designed to deliver higher performance, better scalability, and enhanced hardware enabled features. It integrates a high-performance 2-terabit (Tb) crossbar switch fabric that enables 80-Gbps switching capacity per slot on all Cisco Catalyst 6500 Series Switches.
Image of SUP 2T supervisor ?
Below is the image of the SUP 2T
 |
| Fig 1.1- SUP Continue reading |
Cisco Virtual Router for Cloud Services : Cisco CSR1000v
Today I am going to talk about the Cisco CSR1000v router used for the cloud services. With the help of Cisco CSR 1000v router you will able to connect the public and the private clouds and use the applications smoothly.
What is the purpose of Cisco CSR 1000v routers ?
What is the purpose of Cisco CSR 1000v routers ?
With the help of Cisco CSR 1000V we can use the cloud-based networking and security issues to access the public and private clouds applications. Cisco CSR1000v uses the same type of Cisco IOS Software platform that is inside the Cisco Integrated Services Router (ISR) and Aggregation Services Router (ASR) product families, If you talk about the Cisco CSR1000v, the virtual router contains the features like routing, VPN, firewall, Network Address Translation (NAT), QoS, application visibility, failover, and WAN optimization. These functions empower enterprises and cloud providers to build highly secure, optimised, scalable, and consistent hybrid networks.
If Cisco CSR 1000v is a virtual router then how and where it runs ?
Well Cisco CSR1000v is a virtual router and run on VM. for running the Cisco CSR1000v you should have a UCS server where VM will be installed and on top of the VM, Cisco CST 1000v router IOS image will be Continue reading
Why Cisco Catalyst 9K is so special ?
Well today I am going to talk about the new Switches which Cisco introduces in July 2017. These are very much powerful switches and going to replace Cisco 3850 and Cisco 4500 Switches with more innovation and high qualities.
I already wrote two articles on Cisco catalyst 9K series switches and articles are below
Cisco Catalyst 9300 Switch
Cisco Catalyst 9400 Switch
Now the question is Why Cisco Catalyst 9K is so special ?
Cisco Catalyst 9K is a next Generation platform switches introduces to support DNA infrastructure which Cisco just came up this year. Cisco comes up with the innovation and below are the support features set up in Cisco Catalyst 9K Switches.
I already wrote two articles on Cisco catalyst 9K series switches and articles are below
Cisco Catalyst 9300 Switch
Cisco Catalyst 9400 Switch
Now the question is Why Cisco Catalyst 9K is so special ?
Cisco Catalyst 9K is a next Generation platform switches introduces to support DNA infrastructure which Cisco just came up this year. Cisco comes up with the innovation and below are the support features set up in Cisco Catalyst 9K Switches.
- IOT devices convergence : CoAP / IoT Device profiling, Perpetual PoE, IEEE 1588 / AVB and Emerging Standards: MUD
- Mobility Device Features : Fabric Enabled Wireless, Embedded WLC, Distributed Wireless Scale, Unified Control & Policy with Wired & Wireless Guest
- Security : Encrypted Traffic Analytics; 256bit MacSec / IPSec; Trustworthy Systems; Group based policy; Full Netflow for StealthWatch
- Open to Cloud: DevOps Toolkit; Netconf/Yang Models; Streaming telemetry; Patching/GIR and Application Hosting.
- IOS Features : Open IOS-XE with UDAP 2.0 features best in industry.
 |
| Fig 1.1- Cisco Continue reading |
Cisco POE, POE+ and UPOE introduction
Today I am going to talk about Cisco UPOE. Before we are going to discuss about the Cisco UPOE we will run through POE and POE+
Cisco POE : Cisco POE means Power over Ethernet by which you can provide the power to the endpoint in the LAN infrastructure. So now question is where and why we required POE in the LAN infrastructure. Well sometimes we have the infrastructure where we have some power issues or cabling issues while extending the power to the IP phones. The best to provide the power via LAN network POE switch.
Cisco POE : Cisco POE means Power over Ethernet by which you can provide the power to the endpoint in the LAN infrastructure. So now question is where and why we required POE in the LAN infrastructure. Well sometimes we have the infrastructure where we have some power issues or cabling issues while extending the power to the IP phones. The best to provide the power via LAN network POE switch.
 |
| Fig 1.1- Basic POE Switch connected with IP Cameras |
IP telephones need power for operation, and Power over Ethernet supports scalable, manageable power delivery and simplifies IP telephony deployments. As wireless networking emerged, Power over Ethernet began powering wireless devices in locations where local power access did not exist.
As per the Cisco offers a comprehensive range of 802.3af-based Power over Ethernet support across the Cisco Catalyst Intelligent Switching portfolio which includes both 10/100/1000 and 10/100 PoE LAN connections, including a 96-port 10/100 PoE module for the Cisco Catalyst 6500 Switch.
 |
| Fig 1.2- POE switch with IP-Phones |
Well Cisco 802. Continue reading
Introduction to Sophos XG Firewalls
Today I am going to talk about the Sophos Firewall. The article is basically an introduction to the firewalls by Sophos. I am not taking all segment firewalls here and will take you through for Sophos XG firewall series in this article.
Sophos XG Firewall brings a fresh new approach to the way you manage your rewall, respond to threats, and monitor what’s happening on your network. Get ready for a whole new level of simplicity, security and insight.
Sophos XG Firewalls provide the unified policy and provide you the single pane of glass to manage, view, filter of the users on the basis of the traffic flow, application used and other stuff in a single screen, I knew we have other firewalls in this segments who are doing the same. Looking what NGFW is doing now a days, all vendors are working hard to make the innovation in this segment. Palo-Alto and Cisco NGFW are head to head in this space. I am so impressed with the Cisco NGFW and Palo-Alto feature sets what they are providing to their customers.
Here, I am not going to talk about the Cisco NGFW or Palo-Alto as this article is basically Continue reading
Viptela SD-WAN Solution – Cisco Systems Company
Before starting with the SD-WAN solution. I would like to talk about Fabric a little bit, So Fabric is a cloud delivered network that is secure, scalable, open and simple to deploy and if we talk about the Viptela Fabric solution, it enables an Enterprise to extend its network footprint to all infrastructure elements using a single platform. This includes branches, campus, remote sites, Cloud and data center.
What is the basic feature of the Fabric enabled SD solution ?
So SD-WAN so called Software Defined WAN solution, where control plane or management plane is separated from the physical devices, while in the Viptela solution we have following architecture, where we have data-plane on the physical devices (obviously), Control Plane by VSmart or VBond Management tool, Management Plane via VManage and Orchestration plane.
So below is the high level architecture view of the Viptela Managed SD-WAN solution
What is the basic feature of the Fabric enabled SD solution ?
So SD-WAN so called Software Defined WAN solution, where control plane or management plane is separated from the physical devices, while in the Viptela solution we have following architecture, where we have data-plane on the physical devices (obviously), Control Plane by VSmart or VBond Management tool, Management Plane via VManage and Orchestration plane.
So below is the high level architecture view of the Viptela Managed SD-WAN solution
 |
| Fig 1.1- Viptela SD-WAN Solution |
The traditional WAN challenge is to connect various sites, branches, stores, remote-locations, campuses and DCs. This network to be sophisticated with routing, path selection, security, segmentation etc.
Connectivity to the cloud
In the today's era everyone wants to connect to the cloud and want to access the application on the Continue reading
WAN Optimization ( Silver Peak Vs Riverbed)
In today's world WAN optimisation is one of the critical pillar of the enterprise network and there are so many vendors working on the WAN optimization products. Cisco came with WAAS solution but not able to convince customers in the market. Riverbed and SilverPeak are the major leaders in the WAN optimization market.
Silver top’s WAN acceleration solution facilitates firms achieve the rewards of virtualization by means of overcoming network challenges that impact the overall performance of these packages throughout the WAN. extra especially, Silver height addresses latency, packet loss, and bandwidth demanding situations that cause digital packages (e.g. Citrix Xen App) and digital desktop Infrastructures (e.g. Citrix Xen computer, Microsoft computer Virtualization, and VMware VDI) to be unresponsive and/or unreliable across the WAN.
 |
| Fig 1.1- WAN Optimization |
How does Silver height fluctuate from other WAN acceleration carriers with regards to optimising digital applications and computer systems?
Many WAN acceleration vendors, including Silver Peak, offer “basic” optimization techniques that can improve the performance of Citrix and VDI. These include standard compression algorithms (e.g. LZ) and well-established TCP acceleration techniques (e.g. adjustable window sizes and selective acknowledgements).
However, that is where the similarities end. In addition Continue reading
Datacenter Switching : Nexus ( FEX: Fabric Extenders )
Today I am going to talk about the FEX that you generally heard when you are going to connect your datacenter servers in the Nexus Switching environment. It is called as Bridge Port Extension. It means there is a Parent Switch and the port of that parent switch get connected to FEX( that is another Switch) but act as the Interface card for the Parent switch.
- Parent Switch :Nexus 5K or Nexus 7K
- FEX:Nexus 2K ( Another Switch but interconnected with Parent Switch and controlled)
Nexus 7K or 5k is act as Parent Switch but Nexus 2K act as FEX for Parent Switch. So all the function of the Nexus 2K is controlled by the Parent Switch and that is Nexus 7K or 5K. Simply says that Nexus 2000 Series FEX behaves logically like Remote line cards for parent Nexus 5K or 7K Nexus Switch.
Lets talk how we can connect the FEX with the parent switch in the datacenter environment.
 |
| Fig 1.1- FEX Connectivity |
Let's talk about the basic Configurations to configure the FEX.
Step-1 :Enable the FEX feature
N5K-1(config)# feature fex
Step-2 :Create a FEX instance (Note: Its up to you to choose Continue reading
Introduction to Brocade 6510 Switch
Today I am going to talk about the Brocade 6510 Switch with the specifications and the details. Brocade 6510 switch features up to 48 ports of Gen 5 Fibre Channel technology with specifications suitable for hyper-scale, private cloud, virtualized, and other high-bandwidth Fibre Channel environments.
 |
| Fig 1.1- Brocade Fiber Switch with Cisco Nexus 5K Switch Testing |
With an aggregate 768Gb/s throughput and an 18-inch deep 1U footprint, the 6510 supports 2, 4, 8, 10, or 16 Gb/s Fibre Channel across 24, 36, or 48 ports of connectivity and with a feature set that can be extended via add-on licenses for a wide variety of usage scenarios.
The Brocade 6510 represents best-of-class Fibre Channel SAN switching, which is an important asset to the Storage Review Enterprise Storage Lab in order to ensure that network components do not bottleneck storage devices during SAN benchmarks.
 |
| Fig 1.2- Brocade VCS Fabric Extension Over Brocade 6510 Switch |
Let's talk about the Brocade Switch Specifications in detail. Above is the sample diagram showing the use of the Brocade VCS and below is the specifications of the Switch.
Brocade 6510 Switch Specifications
- Fibre Channel ports: Switch mode (default): 24-, 36-, and 48-port configurations Continue reading
Easy and Simple 11 Steps to configure Cisco DSL Router
Today I am going to talk about the easy and the simple 11 steps to configure the DSL configuration. Below is the basic setup of the DSL router in the network.
The above shown diagram is just an example of DSL connection and below is the sample configurations on the cisco routers. Let's talk about the 11 steps to configure the Cisco DSL router now.
 |
| Fig 1.1- Cisco DSL Topology |
Step 1
Configure service time stamp to properly log and display debug output in the troubleshooting section.
ttlbits_router#configure terminal
ttlbits_router(config)#service timestamps debug datetime msec
ttlbits_router(config)#service timestamps log datetime msec
ttlbits_router(config)#end
ttlbits_router(config)#service timestamps debug datetime msec
ttlbits_router(config)#service timestamps log datetime msec
ttlbits_router(config)#end
Step 2
Disable the logging console on your Cisco DSL Router to suppress console messages that may be triggered while you are configuring the router.
ttlbits_router#configure terminal
ttlbits_router(config)#no logging console
ttlbits_router(config)#end
ttlbits_router(config)#no logging console
ttlbits_router(config)#end
Step 3
Configure IP routing, IP subnet−zero, and ip classless to provide flexibility in routing configuration options.
ttlbits_router#configure terminal
ttlbits_router(config)#ip routing
ttlbits_router(config)#ip subnet−zero
ttlbits_router(config)#ip classless
ttlbits_router(config)#end
ttlbits_router(config)#ip routing
ttlbits_router(config)#ip subnet−zero
ttlbits_router(config)#ip classless
ttlbits_router(config)#end
Step 4
Configure an IP address and subnet mask on the Cisco DSL Router Ethernet interface. Enable NAT inside on the Ethernet interface.
ttlbits_router#configure terminal
ttlbits_router(config)#interface ethernet 0
ttlbits_router Continue reading
ttlbits_router(config)#interface ethernet 0
ttlbits_router Continue reading
NAT- Network Address Translation types and configurations
Today I am going to talk about the NAT which stands for Network Address Translation of the IPs in your network. NAT is one of the most important topic of the network space and is used in almost all the enterprise networks. With the help of NAT you can save your IPs from the public domain.
Now question is Why we are in need and the purpose of NAT ?
What kinds of NAT is there, we are using ?
How configurations looks line if we are using the NAT in our networks ?
How it helps me in my network ?
I knew we have multiple questions on NAT and i also knew that many of you guys already knew about the NAT, the concept and the configuration part. This post is generally for the new comers in the network space who really want to understand the basics of it. Lets start from the beginning why and where to start from.
Why we required NAT:
Its a kind of shortage of the public IPv4 address space has forced the all of us to think harder about alternative ways of addressing networked hosts. Network Address Translation (NAT) therefore was introduced to overcome these addressing Continue reading
Interview Questions for CCNA Candidates with Answers- Basics II
After out Part-I, we are again with Part-II
 |
| CCNA Interview Questions |
What command copies router configuration from NVRAM to a file server?
copy startup-config tftp
What command assigns and enables IPX on an interface?
ipx network 4a
How does TCP provide flow control and error checking?
Acknowledgements and windowing.
Using Cisco IOS, what PPP data compression methods can be used?
Stacker and Predictor.
What command can verify Application layer connectivity?
Telnet.
What command switches from User to Privileged mode?
enable
What command will deny all telnet traffic from subnet 2.1.3.0?
deny all telnet traffic from 2.1.3.0
Which of the following exist at the Transport Layer?
LLC
IP
SQL
UDP*
ARP
What command line keyword matches Ethernet_SNAP?
snap
Among the five classes of TCP/IP addresses, how many are available to the public?
3.
After entering the command ‘router igrp 50,’ what command enables IGRP on the router for interace E1, with an address of 155.88.3.5 and a mask of 255.255.255.0?
network 157.89.0.0
In what OSI layer do EBCDIC and ASCII exist?
Presentation.
What command Continue reading
A short Story on vPC- Virtual Port Channel in Cisco Datacenter Environment
Today I am going to talk about vPC and vPC+. These two technologies are used in the datacenter environment over the Cisco Nexus Switches where you bundled the links.
vPC stands for Virtual Port Channel and is a virtualized technology, So it allows links that are physically connected to two different Cisco Nexus 7000 Series devices to appear as a single port channel to a third device. The third device can be a switch, server, or any other networking device that supports link aggregation technology.
There are lot of benefits of vPC which can allow to work better in your datacenter environment
vPC stands for Virtual Port Channel and is a virtualized technology, So it allows links that are physically connected to two different Cisco Nexus 7000 Series devices to appear as a single port channel to a third device. The third device can be a switch, server, or any other networking device that supports link aggregation technology.
There are lot of benefits of vPC which can allow to work better in your datacenter environment
- It actually eliminates Spanning Tree Protocol blocked ports
- with the help of vPC, you can use all the uplink available bandwidths
- Allows dual homed servers to operate in active-active mode
- Providing Fast convergence on link failures
- Providing dual active default gateways for servers
- Simplify your network design and build high resilient and robust Layer 2 Network.
- Excellent Scalability and seamless virtual machine mobility.
So now I will talk about the various components used in the vPC environment. I hope datacenter guys already heard and know about these components. I will just put the component and the meaning of Continue reading
Cisco Router as Terminal Server- Why and how to configure
Today I am going to talk about the Cisco Router as a Terminal server in the datacenter environment. So the question is why and where we are going to use the terminal server?
Let's talk about the Terminal server what exactly is and why we are using the Terminal server in the datacenter environment.
Terminal Server:
Let's talk about the Terminal server what exactly is and why we are using the Terminal server in the datacenter environment.
Terminal Server:
A terminal server commonly provides out-of-band access for multiple devices. A terminal server is a router with multiple, low speed, asynchronous ports that are connected to other serial devices, for example, modems or console ports on routers or switches.
 |
| Fig 1.1- Cisco Router as Terminal Server |
A terminal server works via a reverse telnet operation. Next, connect the asynchronous octal cable(s) to the 2511's 68-pin SCSI interface(s). Then connect a rolled console cable from the COM1 port (serial) on your PC to the console port on the terminal server. Power the device on and use a terminal emulator such as HyperTerm to connect.
The terminal server allows you to use a single point to access the console ports of many devices. A terminal server eliminates the need to configure backup scenarios like modems on auxiliary ports for every device. You can also configure Continue reading
Network Access Control- NAC (Aruba Vs Cisco)
Today I am going to talk about the Network Access Control- NAC and the vendors of the NAC services providers basically Cisco and Aruba. I will talk Aruba's ClearPass and then I will go with the Cisco NAC solution named as Cisco ISE.
As per the market and the Gartner's Magic Quadrant, Cisco ISE is leading the space followed by Fore scout and Aruba Networks. Before we start with the NAC solution, First question you guys expecting is that what is NAC- Network Access Control.
What is NAC- Network Access Control ?
Network access control (NAC) and is also called network admission control, is a method of
strengthen the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy.
So as per the NAC, the end devices are being authenticated to access the network. Hope you understand the use of the NAC- Network Access Control. While the computer is being checked by a installed software agent, it can only access resources that can remediate any issues. Once the policy is met, the computer is able to access network resources and the Internet, within the policies defined within the Continue reading
So as per the NAC, the end devices are being authenticated to access the network. Hope you understand the use of the NAC- Network Access Control. While the computer is being checked by a installed software agent, it can only access resources that can remediate any issues. Once the policy is met, the computer is able to access network resources and the Internet, within the policies defined within the Continue reading