Configuring BGP Route Maps
Today I am going to talk about the next step in the BGP. As we discussed on BGP Synchronisation and BGP multihop concept in my earlier articles. If you would like to have a look on that topics please check with the below links for your references.
BGP Synchronization Rule
BGP Load balancing ebgp-multihop
Some of the other articles on the BGP where we have BGP basics , BGP configurations on HP Routers and other articles are
BGP Basics Overview
Cisco Routers Sample BGP Configurations : Quick and Easy
Juniper Routers Sample BGP Configurations : Quick and Easy
In this article, I will take through the concept of the route maps and the configuration of the route maps in the BGP environment. All these configurations showing below will be on Cisco router.
Why we are using the BGP route maps, well route maps are used to control BGP routing information. Route maps are to define the condition by which routes are redistributed between routing domains.
Note : Route maps cannot be used to filter incoming BGP updates based on IP address. You can, however, use route maps to filter outgoing BGP updates based on IP address.
With the use of Continue reading
BGP Synchronization Rule
BGP Load balancing ebgp-multihop
Some of the other articles on the BGP where we have BGP basics , BGP configurations on HP Routers and other articles are
BGP Basics Overview
Cisco Routers Sample BGP Configurations : Quick and Easy
Juniper Routers Sample BGP Configurations : Quick and Easy
In this article, I will take through the concept of the route maps and the configuration of the route maps in the BGP environment. All these configurations showing below will be on Cisco router.
Why we are using the BGP route maps, well route maps are used to control BGP routing information. Route maps are to define the condition by which routes are redistributed between routing domains.
Note : Route maps cannot be used to filter incoming BGP updates based on IP address. You can, however, use route maps to filter outgoing BGP updates based on IP address.
With the use of Continue reading
BGP Synchronization Rule
Today I am going to talk about one of the basic feature of the BGP named as BGP Synchronization. Your first question : what is BGP Synchronization ?
BGP Synchronization means that the BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP. Hope it clears the concept. Let me explain you in another way. It means if you got a ebgp route from the external neighbor via router A (as a assumption) and you want to send it to router B which is connected to another ebgp neighbour, the routes can only be learned to router B once learned by internal routers via IGP protocol.
Let me take an topology and explanation to it and further we can go with the configuration where we will disable the Synchronization as we don't want the traffic to be known to the IGP protocol.
BGP Synchronization means that the BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP. Hope it clears the concept. Let me explain you in another way. It means if you got a ebgp route from the external neighbor via router A (as a assumption) and you want to send it to router B which is connected to another ebgp neighbour, the routes can only be learned to router B once learned by internal routers via IGP protocol.
Let me take an topology and explanation to it and further we can go with the configuration where we will disable the Synchronization as we don't want the traffic to be known to the IGP protocol.
 |
| Fig 1.1- BGP Synchronization |
As shown in the above topology, if Router C sends updates about network 170.10.0.0 and received by Router A. Now Routers A and B are running IBGP as shown in the diagram so Router B receives updates about network 170.10. Continue reading
BGP Load balancing ebgp-multihop
Today I am going to talk about the BGP configuration where i will tell you about the load balancing between the two links connecting two service providers via BGP protocol. We have two different methods to achieve this one is use of ebgp multihop command or the other way is to use the ttl security command and both these methods are applicable on the BGP neighbor command.
In this article, We are going to take through the ebgp multihop command on to the neighbours between two service providers. I knew many of you already knew the load balancing concept in the BGP.
In my example, I am taking two serial links between two routers which shares the e-BGP information between them which means each router belongs to the specific AS number. Below is the topology for your reference.
In the above topology, Router A is in AS100 have two serial links connected to Router B which is in AS 200 and for both the links, e-bgp is sharing information.
Below is the configuration on Router A and Router B for your reference. All the IPs and the topology uses here has no relevance Continue reading
In this article, We are going to take through the ebgp multihop command on to the neighbours between two service providers. I knew many of you already knew the load balancing concept in the BGP.
In my example, I am taking two serial links between two routers which shares the e-BGP information between them which means each router belongs to the specific AS number. Below is the topology for your reference.
 |
| Fig 1.1- use of ebgp multihop |
Below is the configuration on Router A and Router B for your reference. All the IPs and the topology uses here has no relevance Continue reading
Configuring Voice VLANs
Today I am going to talk about the Voice VLAN. The Voice VLAN feature enables the VLAN to carry the voice traffic. So you have a switch with is connected to the IP Phones, it can be of Cisco Avaya or any other and is connected to the specified VLANs or you can name them Voice VLANs in your network. So when switch is connected to the IP phones, the connected switch sends the voice traffic with layer 3 IP precedence and Layer 2 class of service in short name as COS values which are set as default of value 5. That is the reason because the sound quality of an IP phone call can deteriorate if the data is unevenly sent, the switch supports quality of service (QoS) based on IEEE 802.1p CoS.
 |
| Fig 1.1- Sample Topology- Switch and IP Phone |
We can configure an access port with an attached Cisco IP Phone to use one VLAN for voice traffic and another VLAN for data traffic from a device attached to the phone. We can configure access ports on the switch to send Cisco Discovery Protocol (CDP) packets that instruct an attached phone to Continue reading
MPLS Scenario: Manually Configuring a BGP Router ID per VRF
Today I am going to talk about the configuration part of the BGP router id per VRF. In my example we took two different VRFs name NB and ttlbits and defined that VRF configurations.
The IP addresses are used here is for the demo purposes only and has no relevance with any of the enterprise network. These configurations are the demo configurations and will help you out for the configuration on your live network.
Below are the steps to configure the BGP router id per VRF. These steps are
Below is the basic configuration of defining the VRF
Defining VRF ttlbits on the router
The IP addresses are used here is for the demo purposes only and has no relevance with any of the enterprise network. These configurations are the demo configurations and will help you out for the configuration on your live network.
Below are the steps to configure the BGP router id per VRF. These steps are
- Defining VRF_ttlbits on the router
- Defining VRF_NB on the router
- Configuring Loopback with the IP address
- Configuring Ethernet interfaces with VRF
- Configuring VPNv4 and IPv4 address family
 |
| Fig 1.1- Basic Sample MPLS network topology |
Below is the basic configuration of defining the VRF
Defining VRF ttlbits on the router
!
ip vrf vrf_ttlbits
rd 45000:1
route-target export 50000:50
route-target import 40000:1
!
Defining VRF NB on the router
!
ip vrf vrf_NB
rd 65500:1
route-target export 65500:1
route-target import 65500:1
!
Configuring Loopback with the IP address
!
interface Loopback0
ip address 10.10.10.1 255.255.255.255
!
Configuring Ethernet interfaces with the IP address
interface Ethernet0/0
ip vrf forwarding vrf_ttlbits
ip address Continue reading
Providers Edge to Edge VPLS Configuration on Cisco ASR 9000 Series Routers
Today I am going to talk about the VPLS configuration on Cisco ASR 9000 series routers. Before we will start with the configuration part, lets talk about the basics of the VPLS.
VPLS stands for Virtual Private LAN Service and enables geographically separated local-area network (LAN) segments to be interconnected as a single bridged domain over an MPLS network. So with the help of VPLS customer can extend the Layer 2 traffic across the globe on MPLS enabled service provider network.
If customer wants to share the L3 information with the service provider to route it from their networks towards the remote site, then we can use routing at the edges of the PE routers and MPLS in the core while if customer don't want to share the L3 information with the service provider they always go with the VPLS type of services where we have L2 protocols like Frame-Relay, Ethernet, ATM services at the edges of the PE routers and MPLS on the core.
This is the basic difference between the MPLS and VPLS technologies. Some times you saw like EoMPLS ( Ethernet over MPLS) which is another VPLS technology as Layer 2 ethernet information shared over Continue reading
DMVPN Configurations on Juniper Router
Today I am going to talk about the configurations of DMVPN on Juniper routers and then associate Dynamic VPN with remote clients step by step. I talked about DMVPN earlier in my articles as well where i explained the basics of the DMVPN. I promised at that time that I will come up with the configurations of DMVPN on each and every vendor. Now I am coming up with the DMVPN configurations on Juniper routers first and I will come up with the configurations on Cisco, Huawei and HP routers later on.
Below are some of the links where i started with the DMVPN explanations
DMVPN Basics
DMVPN Vs IPSEC Basics
Quick Comparison: IPSEC vs DMVPN vs EasyVPN vs GETVPN
The configurations used here are for the demo purposes and has no relevance with any of the live and the enterprise networks. What kind of Topology it looks like, So i am pasting here the sample DMVPN topology and has no relevance with the configuration defining below. The configuration is just for your reference to take it further.
Below are some of the links where i started with the DMVPN explanations
DMVPN Basics
DMVPN Vs IPSEC Basics
Quick Comparison: IPSEC vs DMVPN vs EasyVPN vs GETVPN
The configurations used here are for the demo purposes and has no relevance with any of the live and the enterprise networks. What kind of Topology it looks like, So i am pasting here the sample DMVPN topology and has no relevance with the configuration defining below. The configuration is just for your reference to take it further.
 |
| Fig 1.1- Sample DMVPN Topology |
To configure the VPN tunnel,
First you need to configure the IKE policy.
Step -1 : Continue reading
OSPF Show Commands : Cisco, Juniper, Huawei, HP and Arista Networks
I am going to talk about the OSPF show commands in this article on different vendors which includes Cisco, Juniper, Huawei, HP and Arista Networks. These commands are working as per the device you have. Please let me know if you knew any other commands in general for OSPF in different platforms which includes Cisco, Juniper, Huawei, HP and Arista Networks.
Above is the sample topology and below are the sample OSPF show commands which will help you to troubleshoot OSPF in your network for the various platforms
Cisco OSPF show Commands
 |
| Fig 1.1- Sample OSPF topology |
Above is the sample topology and below are the sample OSPF show commands which will help you to troubleshoot OSPF in your network for the various platforms
Cisco OSPF show Commands
ttlbits@cisco#sh ip ospf
ttlbits@cisco#sh ip ospf data
ttlbits@cisco#sh ip ospf database database-summary
ttlbits@cisco#sh ip ospf neighbor
ttlbits@cisco#sh ip ospf nei det
ttlbits@cisco#sh ip ospf int
ttlbits@cisco#sh ip ospf virtual-links
ttlbits@cisco#sh ip ospf database self-originate
ttlbits@cisco#sh ip ospf adv-router X.X.X.X
ttlbits@cisco#sh ip ospf stat
Juniper OSPF show Commands
ttlbits@juniper> show ospf route
ttlbits@juniper> show ospf route detail
ttlbits@juniper> show ospf route extensive
ttlbits@juniper> show ospf3 route detail
ttlbits@juniper> show ospf route topology voice
ttlbits@juniper> show ospf database
ttlbits@juniper> show ospf database detail
ttlbits@juniper> show ospf database extensive
ttlbits@juniper> show ospf Continue reading
Configuring Private VLANs on Juniper Switches
Thanks for the huge support on all my previous articles. Today I am going to talk about the Private VLANs configuration on the Juniper Switches. Earlier I wrote a article where i talk about the basics of the Private VLANs and the vendors supported to Private VLANs. If you want to have a look on that article, please go through the below mentioned link for the Private VLANs
Basics of Private VLANs
I am sure after reading the above article you will come to know about the basics of the Private VLANs. In this article I am going to cover the Configurational part of the Private VLANs on Juniper Switches, as it is demanded by some of the candidates on the blogs.
I will soon come up the configuration and the topology for the Private VLANs on Cisco and Huawei as well in another article.
A lot of people asking me about the VLANs, before starting with the configuration of the Private VLANs, let me quickly go through the VLANs and Private VLANs.
VLANs : Virtual Local Area Networks
VLANs is the way to partition the various Layer 2 network with in one Local Area Network which simply means that Continue reading
Basics of Private VLANs
I am sure after reading the above article you will come to know about the basics of the Private VLANs. In this article I am going to cover the Configurational part of the Private VLANs on Juniper Switches, as it is demanded by some of the candidates on the blogs.
I will soon come up the configuration and the topology for the Private VLANs on Cisco and Huawei as well in another article.
A lot of people asking me about the VLANs, before starting with the configuration of the Private VLANs, let me quickly go through the VLANs and Private VLANs.
VLANs : Virtual Local Area Networks
VLANs is the way to partition the various Layer 2 network with in one Local Area Network which simply means that Continue reading
Juniper Q-fabric Solution
Today I am going to talk about the Juniper Q-Fabric solution which is an alternate approach to the Cisco SDA - Software Defined Access solution in the market. If you check the SDA in detail, Cisco uses Fabric network and on the top of it they are using LISP and VXLAN in the campus environment as a overlay protocols. On top of it there is Automation, Analytics and Authentication which is then connected via different APIs in the network.
Let's talk about the Q-fabric which is introduced by Juniper in the market. The so called Q-fabric of juniper is composed of multiple components working together as a single switch to provide high-performance, any-to-any connectivity and management simplicity in the data center or in the campus as well that depends where the requirement actually have.
QFabric System flattens the entire data center network to a single tier where all access points are equal, eliminating the effects of network locality and making it the ideal network foundation for cloud-ready, virtualized data centers.
With the help of QFabric System you can actually improves application performance with low latency and converged services in a nonblocking, lossless architecture that supports Layer 2, Layer 3, Continue reading
Let's talk about the Q-fabric which is introduced by Juniper in the market. The so called Q-fabric of juniper is composed of multiple components working together as a single switch to provide high-performance, any-to-any connectivity and management simplicity in the data center or in the campus as well that depends where the requirement actually have.
QFabric System flattens the entire data center network to a single tier where all access points are equal, eliminating the effects of network locality and making it the ideal network foundation for cloud-ready, virtualized data centers.
With the help of QFabric System you can actually improves application performance with low latency and converged services in a nonblocking, lossless architecture that supports Layer 2, Layer 3, Continue reading
Juniper VXLAN Configs: Configuring VXLANs on Juniper MX Series Routers
Today I am going to have the scenario where i am going to explain and provide you the VXLAN configurations on Juniper MX series router with the topology. VXLAN as you already knew that these are Virtual extensible LAN used to extend the layer 2 and layer 3 traffic across the public or private network or generally in the case of two datacenter connectivity.
I wrote some of the articles where i put some of the configurations and the basic information about the VXLAN. Below are the links if you want to review the same
Above are some of the topics on the VXLAN and I will come up with more VXLAN topics in the near future. Below is the topology of the VXLAN where VXLAN is configured to run on a default bridge domain. In this topology, the VTEP interfaces sources are configured to the loopback address, and VLAN groups are configured under bridge domains with VXLAN enabled. Here the interfaces are configured for VLAN tagging and Continue reading
IPSEC configurations between two routers across Internet
Today I am going to talk about the IPSEC configurations between two routers in the LAN segments. I know most of you understand the theoretical and the configurational part of the IPSEC in details. In this article I am just taking the example of the IPSEC configuration between two routers in a LAN network or you can say that it is a LAN to LAN IPSEC configurations between two routers.
The article is based in the assumption of the routers as i took Cisco routers in the example, These models are Cisco 3640 routers which is i knew end of sale as of now. Cisco 3640 is a modular Access routers and uses in small or branch offices.
Lets take below mentioned topology to understand the configuration of IPSEC on one of the router named Router A. So in the below example we have the LAN to LAN IPSEC tunnel between the routers via Internet link. where the host behind the router A wants to talk to host behind the router B. Make sure you know that IPSEC is generally used where the intermediate network is Internet via which you have the secure connectivity.
The other way to connect the same Continue reading
The article is based in the assumption of the routers as i took Cisco routers in the example, These models are Cisco 3640 routers which is i knew end of sale as of now. Cisco 3640 is a modular Access routers and uses in small or branch offices.
Lets take below mentioned topology to understand the configuration of IPSEC on one of the router named Router A. So in the below example we have the LAN to LAN IPSEC tunnel between the routers via Internet link. where the host behind the router A wants to talk to host behind the router B. Make sure you know that IPSEC is generally used where the intermediate network is Internet via which you have the secure connectivity.
The other way to connect the same Continue reading
BGP Configurations on HP Routers
Today I am going to talk about the BGP configurations on the HP routers. I already posted the articles on the BGP configurations earlier where i defined the basic configurations on the Cisco and Juniper routers. Apart from these configurations I already put the basic information of the BGP as well. Below are some of the articles for which you can refer to study yourself step by step.
BGP Basics
BGP basics on Juniper Routers
BGP configurations on Cisco routers
Today I am going to have the basic configurations on HP routers with the topology. Below is the basic topology and the basic BGP configuration as below. The Topology and the IP addresses used here are only for the demo purposes and has no relevance with any of the live or enterprise networks.
Below is the demo topology showing the use of the HP routers where BGP is configured in the MPLS environment. This is just a example to showcase the topology. I will come up with the configurations on HP routers in the MPLS environment in later stage. As of now first we need to talk about the basic BGP on the HP routers and step by step we Continue reading
BGP Basics
BGP basics on Juniper Routers
BGP configurations on Cisco routers
Today I am going to have the basic configurations on HP routers with the topology. Below is the basic topology and the basic BGP configuration as below. The Topology and the IP addresses used here are only for the demo purposes and has no relevance with any of the live or enterprise networks.
Below is the demo topology showing the use of the HP routers where BGP is configured in the MPLS environment. This is just a example to showcase the topology. I will come up with the configurations on HP routers in the MPLS environment in later stage. As of now first we need to talk about the basic BGP on the HP routers and step by step we Continue reading
Cisco Datacenter: Default Cisco OTV Configurations
Today I am going to talk about the Cisco OTV configuration and what components we need to configure when you are extended your L2 traffic over the L3 interface between the two Datacenter.
What is Cisco OTV ?
Cisco OTV stands for Overlay Transport Virtualization, So OTV is a Cisco propriety protocol used in Cisco Datacenter environment basically on Cisco Nexus device Cisco Nexus 7k to extend the L2 traffic via L3 route between two different datacenter.
OTV will provides a native built-in multi-homing capability with automatic detection, critical to increasing high availability of the overall solution. Cisco OTV has the concept of dynamic encapsulation for Layer 2 flows that need to be sent to remote locations.
Each Ethernet frame is individually encapsulated into an IP packet and delivered across the transport network. Cisco OTV eliminates the need to establish virtual circuits, called Pseudowires, between the data center locations and you can say that it os one of the demanding technology in datacenter environment where you have Cisco Nexus devices.
Each Ethernet frame is individually encapsulated into an IP packet and delivered across the transport network. Cisco OTV eliminates the need to establish virtual circuits, called Pseudowires, between the data center locations and you can say that it os one of the demanding technology in datacenter environment where you have Cisco Nexus devices.
Cisco OTV required the one single VDC to work, it means if you are going to have a one Cisco Nexus 7k switch you need to have the separate Continue reading
Implementing VXLAN Routing- Arista Networks
Today I am talking about the VXLAN protocol routing. VXLAN routing is enabled by creating a VLAN interface (SVI) on a VLAN that is associated to a VNI. As you know that VXLAN is called as Virtual extensible LAN. VXLAN is a way to extend the Layer 2 subnets over layer 3 network. VXLAN is now one of the demanding way of extended the Layer 2 traffic.
Earlier we have so many technologies to do so like we have VPLS, MPLS and OTV( Cisco) in the Datacenter network. But VXLAN is used for the fabric network where you can have end to end tunnels within your LAN network. Now a days if you are looking the enterprise network you will find that VXLAN is used in the Datacenter and Campus networks with the Software defined.
Let's talk about the VXLAN implementation routing on Arista devices. We have two switches connected via core routers and end devices are connected to that switches. In the case of VXLAN you should aware about the three things and these things are
Earlier we have so many technologies to do so like we have VPLS, MPLS and OTV( Cisco) in the Datacenter network. But VXLAN is used for the fabric network where you can have end to end tunnels within your LAN network. Now a days if you are looking the enterprise network you will find that VXLAN is used in the Datacenter and Campus networks with the Software defined.
Let's talk about the VXLAN implementation routing on Arista devices. We have two switches connected via core routers and end devices are connected to that switches. In the case of VXLAN you should aware about the three things and these things are
- VLAN : Virtual LAN and i guess everybody knows about it
- VNI: Virtual Network Identifier, VXLAN network identified by a unique VNI is Continue reading
SD-Access ( Fabric Network, Automation and Analytics LAN ) – Campus Networks
Today I am going to talk about new generation technology which Cisco launches in the LAN Campus network. The Next generation is dedicated to the Software defined network and thats what Cisco takes this approach to the LAN network as well with orchestration. Cisco put the pillars and made a architecture around it which includes - Campus Fabric Network, Automation, Authentication and Analytics. All these features are built into the SD-Access technology and will going to replace the traditional approach of Campus Network.
I knew you have some questions around it like
How traffic flows in Campus Network?
What and how fabric works?
Is there VLAN approach works?
Do we need to have SVIs ?
Well take a look into SD-Access approach you will come to know what approach Cisco takes to make it successful in the Campus
SD-Access = Campus Fabric+ DNA Center
Campus Fabric:
Campus Fabric have these three protocols works together to make it excellent way to communicate.
I knew you have some questions around it like
How traffic flows in Campus Network?
What and how fabric works?
Is there VLAN approach works?
Do we need to have SVIs ?
Well take a look into SD-Access approach you will come to know what approach Cisco takes to make it successful in the Campus
SD-Access = Campus Fabric+ DNA Center
Campus Fabric:
Campus Fabric have these three protocols works together to make it excellent way to communicate.
- LISP- Location/Identifier Seperation Protocol- Control Plane
- VXLAN- Virtual Extensible LAN - Data Plane
- Cisco Trustsec- Segmented Tags
I will explain all these protocols one by one in later articles and then i will come up with the solution with Continue reading
Comparison: Cisco Catalyst 9500 Vs Cisco Catalyst 4500 Vs Cisco 3850 Switches
Today I am going to talk about the fixed core chassis Cisco catalyst 9500 which Cisco released a month back. Cisco 9500 is actually enhanced version of Cisco catalyst 4500 chassis and also Cisco 3850 Switch. There are lot of other best features in Cisco 9500 Chassis as some of the features are just amazing in this device.
So we have Cisco 3850, Cisco 4500 Catalyst Switches, Cisco 6500 Catalyst switches, Cisco 6800 Catalyst switches and now Cisco 9000 catalyst switches with 3 flavours ( Cisco 9300 catalyst switches, Cisco 9400 catalyst switches and Cisco 9500 Catalyst switches)
How topology and the demand changes, below is the example topology showing the changes which leads to the next generation fabric network with cloud ready solutions and automation. CLI is gone for the campus fabric, All policy is driven with the SDN controller.
If we have Cisco 4500 and Cisco 3850 fixed chassis why we required Cisco 9500 chassis ?
I knew this is one of the question which you actually thinking and for this i would like to say that you need to understand the next generation campus requirements where customer wants to be Continue reading
So we have Cisco 3850, Cisco 4500 Catalyst Switches, Cisco 6500 Catalyst switches, Cisco 6800 Catalyst switches and now Cisco 9000 catalyst switches with 3 flavours ( Cisco 9300 catalyst switches, Cisco 9400 catalyst switches and Cisco 9500 Catalyst switches)
How topology and the demand changes, below is the example topology showing the changes which leads to the next generation fabric network with cloud ready solutions and automation. CLI is gone for the campus fabric, All policy is driven with the SDN controller.
 |
| Fig 1.1- Network topology and Next Generations |
If we have Cisco 4500 and Cisco 3850 fixed chassis why we required Cisco 9500 chassis ?
I knew this is one of the question which you actually thinking and for this i would like to say that you need to understand the next generation campus requirements where customer wants to be Continue reading
VTP modes and versions : VTPv1, VTPv2 and VTPv3
This topic is basically on the VLAN trunking Protocol which is called as VTP. I am talking about this topic as i am getting a lot of queries about the VTP protocol. Some of the questions i will summarised with this article. There are some of the questions which often asked at the time of the interview and are the basic questions.
Below are the questions about the VTP.
- So what actual VTP do ?
- How we manage VLANs with the VTP ?
- What are the various versions of VTP ?
- How they differ from each other ?
- what is the range of the VLANs supported ?
- What is VTP Pruning ?
- What are VTP modes ?
- What are the different kinds of VTP advertisements ?
I understand there might be more queries on the VTP but let's start with the general talk about the VTP first. May be with this article most of the queries will be understandable.
 |
| Fig 1.1- Sample Switched Network |
So VTP is a called as Layer 2 messaging protocol that contains VLAN configuration information by managing the addition, deletion, and renaming of VLANs within a VTP domain. A VTP domain (also called a VLAN management domain) is made up of one Continue reading
Brocade : Zone‐Based Firewall
Today I am going to talk about the configuration of the Brocade router as Zone-Based Firewall. The first query in your mind will be that what is this zone based firewalls are ?
Well Zone based Firewalls are interfaces that are grouped into security “zones,” where each interface in a zone has the same security level.
In the Zone Based Firewalls, the packet-filtering policies are applied to the traffic flowing between the various zones in the network which is defined by the network administrator . So the concept is simple that the traffic flowing between interfaces that is there in the same zone is not filtered and flows freely because the interfaces share the same security level and the traffic flowing between the different zones will be filtered accordingly as security level can be different for different zones.
I will come up the Zone based Firewalls for Cisco soon in another article where i can share the configurations with the topology. This article is purely of Brocade where it is worked as Zone Based Firewall.
So below is the network where we defined three different zones which is defined by network administrator as per the demand in the network. The Zones are
Well Zone based Firewalls are interfaces that are grouped into security “zones,” where each interface in a zone has the same security level.
In the Zone Based Firewalls, the packet-filtering policies are applied to the traffic flowing between the various zones in the network which is defined by the network administrator . So the concept is simple that the traffic flowing between interfaces that is there in the same zone is not filtered and flows freely because the interfaces share the same security level and the traffic flowing between the different zones will be filtered accordingly as security level can be different for different zones.
I will come up the Zone based Firewalls for Cisco soon in another article where i can share the configurations with the topology. This article is purely of Brocade where it is worked as Zone Based Firewall.
So below is the network where we defined three different zones which is defined by network administrator as per the demand in the network. The Zones are
OSPF Configurations in Huawei Routers
Today I am going to talk about the basic configuration of OSPF in Huawei Routers. There is already have a article on OSPF configuration on Cisco routers
OSPF Basic configuration Step by step on Cisco Routers
Apart from the above we have another articles on OSPF as shown below
OSPF Basics
OSPF Point to Multipoint Configuration- Cisco and Juniper
OSPF States
Difference between OSPF and RIP
Lets take an Topology here and below is the diagram for the configuration. We have the following topology as :
OSPF Basic configuration Step by step on Cisco Routers
Apart from the above we have another articles on OSPF as shown below
OSPF Basics
OSPF Point to Multipoint Configuration- Cisco and Juniper
OSPF States
Difference between OSPF and RIP
Lets take an Topology here and below is the diagram for the configuration. We have the following topology as :
- Router A is connected between Area 1 and Area 0
- Router B is connected between Area 2 and Area 0
- Router C is a internal Area 1 Router
- Router D is a internal Area 2 Router
- Router E is a internal Area 1 Router
- Router F is a internal Area 2 Router
 |
| Fig 1.1- |
# Configure Router A
Below is the basic configuration of OSPF on Router A
[TTLBITS_A] router id 1.1.1.1
[TTLBITS_A] ospf 1
[TTLBITS_A-ospf-1] area 0
[TTLBITS_A-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[TTLBITS_A] ospf 1
[TTLBITS_A-ospf-1] area 0
[TTLBITS_A-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[TTLBITS_A-ospf-1-area-0.0.0.0] quit
[TTLBITS_A-ospf-1] area 1
[TTLBITS_A-ospf-1-area-0.0.0.1] network 192.168.1.0 0. Continue reading
[TTLBITS_A-ospf-1-area-0.0.0.1] network 192.168.1.0 0. Continue reading