Juniper VXLAN Configs: Configuring VXLANs on Juniper MX Series Routers

Today I am going to have the scenario where i am going to explain and provide you the VXLAN configurations on Juniper MX series router with the topology. VXLAN as you already knew that these are Virtual extensible LAN used to extend the layer 2 and layer 3 traffic across the public or private network or generally in the case of two datacenter connectivity.

I wrote some of the articles where i put some of the configurations and the basic information about the VXLAN. Below are the links if you want to review the same

Above are some of the topics on the VXLAN and I will come up with more VXLAN topics in the near future. Below is the topology of the VXLAN where VXLAN is configured to run on a default bridge domain. In this topology, the VTEP interfaces sources are configured to the loopback address, and VLAN groups are configured under bridge domains with VXLAN enabled. Here the interfaces are configured for VLAN tagging and Continue reading

What is FlexConfig in Firepower Threat Defense?

Earlier this year, Cisco released Firepower 6.2.0. With that release came a feature called FlexConfig. Someone is digging around the UI might not initially understand the purpose or function of this configuration option. A really quick answer to this is that the user interface is incomplete when compared to the underlying feature capability found in Firepower Threat Defense.

A good way to better understand FlexConfig is to work through an example. Those with an ASA background will understand the modular policy framework (MFP). This feature exists in Firepower Threat Defense but its non-default configuration options are absent from the user interface. So if there is a need for a specific configuration, FlexConfig is the tool to complete this task. One use case might be the need to disable SIP inspection. In the ASA configuration, this would typically be as simple as the following.

policy-map global_policy
 class inspection_default
  no inspect sip

Since Firepower Management Console is GUI driven and is the UI for FTD, this is not an option. Ideally, there would be a complete menu system and API. Since this is not currently the case, FlexConfig is the tool that provides us an override of the defaults that aren’t exposed in the UI.

Continue reading

Rough Guide to IETF 99: A Sampling of Encryption-Related Activities

Encryption is once again a hot topic, and there’s much to discuss at IETF 99 this week in Prague. This time the hottest action will definitely be in the Transport Layer Security (TLS) working group. TLS is considering everything from privacy implications for TLS1.3 to how to reduce handshake latency. As mentioned in previous Rough Guide blogs on the topic, the working group is busy on the completion of the TLS 1.3 specification. It has completed working group last call, and the working group is addressing the comments received during that process. Draft 21 was released on 3 July in anticipation of this week’s discussion.

Karen O'Donoghue

Free Knowledge Sharing Group for Service Providers !

Recently I initiated a knowledge sharing group on Skype. Goal of the group is just a knowledge sharing. What technologies, protocols, equipments are other people using in the in their networks, what are their services , what are their paint points and benefits of using particular technologies and so on. Currently group has around 100 […]

The post Free Knowledge Sharing Group for Service Providers ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

The Real Need for Cybersecurity

According to the US Department of Homeland Security, “Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace.” Digital infrastructure has infiltrated most aspects of our daily lives. When you start thinking about this in depth, it is easy to see how quickly things can turn s ugly.

Have you ever considered what would happen if our power grid was attacked? Beyond some of the domino effects the power grid itself has, think about the work to bring it back online. We are all accustomed to managing systems with other systems. A widespread power issue could create some very interesting chicken and egg problems.

Maybe some are smug enough to think they cannot be affected–with their resilient systems and diesel generators. Ever consider the likelihood of that fuel supply being available for the long term if there’s no utility power available at other places? The affected part of the world would be so challenged by such an event that everyone would be impacted, directly and indirectly. No power, no computers, no network and no ability to transact business in the ways that we are accustomed to. In other words, the possibility of impacting physiological layer of Continue reading

The Real Need for Cybersecurity

According to the US Department of Homeland Security, “Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace.” Digital infrastructure has infiltrated most aspects of our daily lives. When you start thinking about this in depth, it is easy to see how quickly things can turn s ugly.

Have you ever considered what would happen if our power grid was attacked? Beyond some of the domino effects the power grid itself has, think about the work to bring it back online. We are all accustomed to managing systems with other systems. A widespread power issue could create some very interesting chicken and egg problems.

Maybe some are smug enough to think they cannot be affected–with their resilient systems and diesel generators. Ever consider the likelihood of that fuel supply being available for the long term if there’s no utility power available at other places? The affected part of the world would be so challenged by such an event that everyone would be impacted, directly and indirectly. No power, no computers, no network and no ability to transact business in the ways that we are accustomed to. In other words, the possibility of impacting physiological layer of Continue reading

The Real Need for Cybersecurity

According to the US Department of Homeland Security, “Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace.” Digital infrastructure has infiltrated most aspects of our daily lives. When you start thinking about this in depth, it is easy to see how quickly things can turn s ugly.

Have you ever considered what would happen if our power grid was attacked? Beyond some of the domino effects the power grid itself has, think about the work to bring it back online. We are all accustomed to managing systems with other systems. A widespread power issue could create some very interesting chicken and egg problems.

Maybe some are smug enough to think they cannot be affected–they have built resilient systems and have a diesel generator. Ever consider the likelihood of that fuel supply being available for the long term if there’s no electricity? The affected part of the world would be so challenged by such an event that everyone would be impacted, directly and indirectly. No power, no computers, no network and no ability to transact business in the ways that we are accustomed to. In other words, the possibility of impacting physiological layer of Maslow’s pyramid Continue reading

IPSEC configurations between two routers across Internet

Today I am going to talk about the IPSEC configurations between two routers in the LAN segments. I know most of you understand the theoretical and the configurational part of the IPSEC in details. In this article I am just taking the example of the IPSEC configuration between two routers in a LAN network or you can say that it is a LAN to LAN IPSEC configurations between two routers.

The article is based in the assumption of the routers as i took Cisco routers in the example, These models are Cisco 3640 routers which is i knew end of sale as of now. Cisco 3640 is a modular Access routers and uses in small or branch offices.

Lets take below mentioned topology to understand the configuration of IPSEC on one of the router named Router A. So in the below example we have the LAN to LAN IPSEC tunnel between the routers via Internet link. where the host behind the router A wants to talk to host behind the router B. Make sure you know that IPSEC is generally used where the intermediate network is Internet via which you have the secure connectivity.

The other way to connect the same Continue reading

Network Engineer Evolution

About two years ago I made a learning roadmap for network engineers who want to transform their skills towards Software Defined Networking. I presented it at various events including Cisco Live. It was good, but it looks like I didn't provide the full story. So let's discuss it again, and we will start from the very beginning.


Any network engineer who just starts his or her career today will begin in Phase 1: as the User of networking products where the engineer only knows how to configure the product, hopefully by reading the documentation from the vendor's website first. This type of engineer is what I call "Config Monkey" (sorry, monkey!). If you think you are still in this phase, please don't get offended: I started my career here too. There is no innovation at all, only follow the manual to make the products run.

Then we will move to Phase 2: as Advanced User of networking products. This is the phase where the engineer understands how networking protocols work in detail. He is a domain expert now and can start fine tuning the protocols to optimize the infrastructure. IGP timers, fast re-route, BGP attributes etc. and the engineer Continue reading

Ten Years of Spousetivities

A long time ago in a galaxy far, far away (OK, so it was 2008 and it was here in this galaxy—on this very planet, in fact), I posted an article about bringing your spouse to VMworld. That one post sparked a fire that, kindled by my wife’s passion and creativity, culminates this year in ten years of Spousetivities! Yes, Spousetivities is back at VMworld (both US and Europe) this year, and Crystal has some pretty nice events planned for this year’s participants.

Registration is here, and here’s a quick look at some of the activities planned for VMworld US in Las Vegas:

  • On Monday, August 28, Spousetivities will kick the week off with a “Welcome Breakfast”, including—as usual!—the opportunity to win some great prizes. iPads, Apple Watches, VR headsets, GoPro cameras, and more have all been prizes in previous years. (What? You expected me to spill the beans on what’s being given away this year?)
  • The breakfast is followed by a scavenger hunt, including a visit to an ice bar and the chance for more prizes. Veeam is sponsoring the scavenger hunt.
  • On Tuesday, August 29, there is an option for a very cool helicopter tour Continue reading

Ten Years of Spousetivities

A long time ago in a galaxy far, far away (OK, so it was 2008 and it was here in this galaxy—on this very planet, in fact), I posted an article about bringing your spouse to VMworld. That one post sparked a fire that, kindled by my wife’s passion and creativity, culminates this year in ten years of Spousetivities! Yes, Spousetivities is back at VMworld (both US and Europe) this year, and Crystal has some pretty nice events planned for this year’s participants.

Registration is here, and here’s a quick look at some of the activities planned for VMworld US in Las Vegas:

  • On Monday, August 28, Spousetivities will kick the week off with a “Welcome Breakfast”, including—as usual!—the opportunity to win some great prizes. iPads, Apple Watches, VR headsets, GoPro cameras, and more have all been prizes in previous years. (What? You expected me to spill the beans on what’s being given away this year?)
  • The breakfast is followed by a scavenger hunt, including a visit to an ice bar and the chance for more prizes. Veeam is sponsoring the scavenger hunt.
  • On Tuesday, August 29, there is an option for a very cool helicopter tour Continue reading

Ten Years of Spousetivities

A long time ago in a galaxy far, far away (OK, so it was 2008 and it was here in this galaxy—on this very planet, in fact), I posted an article about bringing your spouse to VMworld. That one post sparked a fire that, kindled by my wife’s passion and creativity, culminates this year in ten years of Spousetivities! Yes, Spousetivities is back at VMworld (both US and Europe) this year, and Crystal has some pretty nice events planned for this year’s participants.

Registration is here, and here’s a quick look at some of the activities planned for VMworld US in Las Vegas:

  • On Monday, August 28, Spousetivities will kick the week off with a “Welcome Breakfast”, including—as usual!—the opportunity to win some great prizes. iPads, Apple Watches, VR headsets, GoPro cameras, and more have all been prizes in previous years. (What? You expected me to spill the beans on what’s being given away this year?)
  • The breakfast is followed by a scavenger hunt, including a visit to an ice bar and the chance for more prizes. Veeam is sponsoring the scavenger hunt.
  • On Tuesday, August 29, there is an option for a very cool helicopter tour Continue reading

Cumulus content round up

To help you stay in the know on all things data center networking, we’ve gathered some of our favorite content from both our own publishing house and from around the web. We hope this helps you stay up to date on both your own skills and on data center networking trends. If you have any suggestions for next time, let us know in the comment section!

Our fav new pieces at Cumulus Networks

BGP in the data center: Are you leveraging everything BGP has to offer? Probably not. This practical report peels away the mystique of BGP to reveal an elegant and mature, simple yet sophisticated protocol. Author Dinesh Dutt, Chief Scientist at Cumulus Networks, covers BGP operations as well as enhancements that greatly simplify its use so that practitioners can refer to this report as an operational manual. Download the guide.

Magic Quadrant report:  Cumulus Networks has been named a “Visionary” in the Data Center Networking category for 2017 Gartner Magic Quadrant. With 96% of their survey respondents finding open networking to be a relevant buying criterion and with the adoption of white-box switching to reach 22% by 2020, it’s clear that disaggregation is the answer for forward-looking companies. Continue reading

Worth Reading: Converge your network with priority flow control

Back in April, we talked about a feature called Explicit Congestion Notification (ECN). We discussed how ECN is an end-to-end method used to converge networks and save money. Priority flow control (PFC) is a different way to accomplish the same goal. Since PFC supports lossless or near lossless Ethernet, you can run applications, like RDMA, over Converged Ethernet (RoCE or RoCEv2) over your current data center infrastructure. Since RoCE runs directly over Ethernet, a different method than ECN must be used to control congestion. In this post, we’ll concentrate on the Layer 2 solution for RoCE — PFC, and how it can help you optimize your network. —Cumulus

The post Worth Reading: Converge your network with priority flow control appeared first on rule 11 reader.

What is IoT?

The Internet of Things, at its simplest level, is smart devices - from refrigerators that warn you when you’re out of milk to industrial sensors – that are connected to the Internet so they can share data, but IoT is far from a simple challenge for IT departments.For many companies, it represents a vast influx of new devices, many of which are difficult to secure and manage. It’s comparable to the advent of BYOD, except the new gizmos are potentially more difficult to secure, aren’t all running one of three or four basic operating systems, and there are already more of them.A lot more, in fact – IDC research says that there are around 13 billion connected devices in use worldwide already, and that that number could expand to 30 billion within the next three years. (There were less than 4 billion smartphone subscriptions active around the world in Ericsson’s most recent Mobility Report.) To read this article in full or to leave a comment, please click here

What is IoT?

The Internet of Things, at its simplest level, is smart devices - from refrigerators that warn you when you’re out of milk to industrial sensors – that are connected to the Internet so they can share data, but IoT is far from a simple challenge for IT departments.For many companies, it represents a vast influx of new devices, many of which are difficult to secure and manage. It’s comparable to the advent of BYOD, except the new gizmos are potentially more difficult to secure, aren’t all running one of three or four basic operating systems, and there are already more of them.A lot more, in fact – IDC research says that there are around 13 billion connected devices in use worldwide already, and that that number could expand to 30 billion within the next three years. (There were less than 4 billion smartphone subscriptions active around the world in Ericsson’s most recent Mobility Report.) To read this article in full or to leave a comment, please click here

1 1,949 1,950 1,951 1,952 1,953 3,809