Clearing Up Some Misinformation RE: eBGP Multihop and TTL

Myth: You have to set ttl to 2 because it is decremented on the way to the loopback.

**This blog is a formatting cleanup and update to a previous blog I posted in 2013 on NetworkWorld.

 

Years and years ago I was trying to learn more about BGP and I was reading some book with a chapter on the topic.  Back then I pretty much believed that if it made it into a book it must be true and my knowledge had to be in error.  :)  So to say I was confused back then would be an understatement.

Why? Well ya see… they basically said that the reason one must set the TTL to 2 for eBGP peers that are directly connected, but peering with their loopbacks, was cause “the TTL gets decremented on the way to the loopback”

When I try to help someone deprogram this brain washing, I find pictures help.  So for those who’d like to get deprogrammed and learn the truth… Let’s go play in the lab!!!

bgp_ttl_0-100274774-orig

In the picture above we have 3 Routers in 3 different BGP ASes.  We all probably know that if we peer R1 and R2 Continue reading

CCIE – How to Prepare for the CCIE Lab

Summary: By preparing a plan and strategy for the CCIE lab, the chance of passing will be a lot higher.

Over the years I have written about the CCIE multiple times and also mentored people on how to prepare for the lab. This post will summarize my experience of how to prepare for the CCIE lab. This post assumes that the CCIE written has already been successfully passed.

The first thing to do if you haven’t done it already is to make sure you have the support from your family before starting to prepare for the lab. Explain to them the time that you will need to put in to prepare and also explain why you want to do it and what the benefits of doing it will be. Preparing for the lab can take 1000-2000h which is a big commitment. Don’t bypass this step as it may seriously affect your family situation if you do.

Once you have commited it is time to grade yourself. Go through the blueprint for the track you are preparing for at the Cisco Learning Network. Grade yourself on each topic from 1-5 on where you believe you are today. Make a realistic assessment, Continue reading

An interactive graphical history of large data breaches

If you're trying to convince your management to beef up the organization's security to protect against data breaches, an interactive infographic from Information Is Beautiful might help.Built with IIB's forthcoming VIZsweet data visualization tools, the World's Biggest Data Breaches visualization combines data from DataBreaches.net, IdTheftCentre, and press reports to create a timeline of breaches that involved the loss of 30,000 or more records (click the image below to go to the interactive version). What's particularly interesting is that while breaches were caused by accidental publishing, configuration errors, inside job, lost or stolen computer, lost or stolen media, or just good old poor security, the majority of events and the largest, were due to hacking.To read this article in full or to leave a comment, please click here

An interactive graphical history of large data breaches

If you're trying to convince your management to beef up the organization's security to protect against data breaches, an interactive infographic from Information Is Beautiful might help.Built with IIB's forthcoming VIZsweet data visualization tools, the World's Biggest Data Breaches visualization combines data from DataBreaches.net, IdTheftCentre, and press reports to create a timeline of breaches that involved the loss of 30,000 or more records (click the image below to go to the interactive version). What's particularly interesting is that while breaches were caused by accidental publishing, configuration errors, inside job, lost or stolen computer, lost or stolen media, or just good old poor security, the majority of events and the largest, were due to hacking.To read this article in full or to leave a comment, please click here

SDxCentral Weekly News Roundup — January 29, 2016

sdxcentral-news-roundup-january-29-2016 Phew! It was a busy week in the realm of software defined networking (SDN) and network functions virtualization (NFV).  Here’s a final roundup: Microsoft launched a technical preview of Azure Stack, software for running a private, on-premises cloud. This opens the possibility of running a hybrid cloud where the public and private halves both run on... Read more →

Welcome 2016 Cisco Champions!

With a good amount of surprise I’ve been nominated Cisco Champion for 2016: Because of your impactful and valuable contributions to the IT community, you have been chosen out of hundreds of nominees to be part of the 2016 Cisco Champion program. Congratulations! Cisco Champion resources Communities Twitter list

Encryption bills pose challenges for Congress

Breaking encryption technology used by terrorists and criminals poses a frustrating dilemma for intelligence agencies and, most recently, congressional lawmakers.Bipartisan legislation to create a commission to study U.S. encryption policies and practices is still weeks away from being introduced as discussions continue, congressional aides familiar with the plan told Computerworld.The commission approach, backed by Sen. Mark Warner (D-Va.) and House Homeland Security Committee Chairman Michael McCaul, (R-Texas) is intended to bring experts together to dive into the differing points of view, where tech companies want to protect privacy with encryption, while the FBI and other law enforcement agencies want to prevent acts of terrorism and crime by monitoring encrypted communications.To read this article in full or to leave a comment, please click here

25 Valentine’s Day gifts for your favorite geeks

Think differentImage by Steve SauerFlowers, jewelry, candy – we've found geeky versions of today's go-to Valentine's Day gifts for sweethearts who dig science, math and technology.MORE IDEAS: Check out our Valentine’s Day gift guides from 2015, 2014, 2013 and 2012To read this article in full or to leave a comment, please click here

PlexxiPulse—BOSNOG Event

This week, Plexxi co-founder Dave Husak hosted interactive discussion on the evolving role of network administrators, the future of cloud environments and bringing order to the chaos of software-defined networking, at a BOSNOG (Boston Network Operators Group) event. Dave and the team enjoyed connecting with other networking professionals in the area and listening to other viewpoints on the future of the network. Take a look at a few photos from the event below and keep an eye on the blog and Twitter for updates on future events.

Dave

dave2

Photo credit: Ethan Banks

Below please find a few of our top picks for our favorite news articles of the week.

ESG Global: Plexxi Draws Google’s Attention – and Money
By Steve Duplessie
Plexxi is one of those “intelligent infrastructure” companies I’ve been harping about as of late. And by intelligent, in this case I mean a network that can self-actualize and alter its very being based on real-time application and usage demands. It’s way cool. And because I love to tell you “I told you so”, which I did over a year ago, I now get to rub your noses in it. This stuff matters. Google Ventures just plopped some Continue reading

Presidential hopeful John Kasich: Work out encryption backdoors in backroom deals

Presidential candidate Gov. John Kasich thinks granting encryption backdoors is something that ought to be worked out in private by the president.During the Republican presidential debate last night the Ohio governor responded to a question about whether cryptographic experts were wrong when they say opening up secret messages to third-party decryption would cause more problems than it would solve.INSIDER: Techies back Democrats in Presidential race “Well, look the Joint Terrorism Task Force needs resources and tools,” he said, “and those are made up of the FBI, state and local law enforcement. And … it's best not to talk anymore about back doors and encryption, it will get solved, but it needs to be solved in the situation room of the White House with the technology folks.”To read this article in full or to leave a comment, please click here

Communication breakdown: US Secret Service needs a radio-system upgrade

The US Secret Service needs to upgrade its radio communications system before it creates difficulties in protecting the White House, the Vice President’s residence and foreign diplomatic embassies. That was the general conclusion of a report issued this week by The Department of Homeland Security Inspector General who stated: In the case of radio communications, a single missed transmission or delay could result in a national incident. Secret Service must ensure that its communications programs work effectively. +More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+To read this article in full or to leave a comment, please click here

Communication breakdown: US Secret Service needs a radio-system updgrade

The US Secret Service needs to upgrade its radio communications system before it creates difficulties in protecting the White House, the Vice President’s residence and foreign diplomatic embassies.That was the general conclusion of a report issued this week by The Department of Homeland Security Inspector General who stated: In the case of radio communications, a single missed transmission or delay could result in a national incident. Secret Service must ensure that its communications programs work effectively.+More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+To read this article in full or to leave a comment, please click here

phpipam v1.2 released

Dear all, I am happy to announce new release of phpipam IP address management – version 1.2.

For this release backend code was completely rewritten, for database connections now pdo has replaced mysqli, so make sure you php supports pdo and pdo_mysql before upgrading. It also fixes lots of bugs, parametized SQL queries and brings lots of new features, most important are:

  • Multiple simultaneous authentication methods
  • PowerDNS integration
  • REST API
  • Mark subnet as full
  • L2 domains
  • ICMP check enhancements (fping support)
  • Firewall zones and nameservers

And much more. You can find full changelog below, please read it.

If you find phpIPAM useful for your company donations would be highly appreciated :)

You can demo it here: http://demo.phpipam.net/
You can download it on sourceforge site: phpipam-1.2 or on github.

 

Before upgrading make sure you first backup current database, you can follow upgrade guide on our site.

 

Some screenshots:

Screen Shot 2016-01-29 at 20.12.45 Screen Shot 2016-01-29 at 20.12.39 Screen Shot 2016-01-29 at 20.12.32 Screen Shot 2016-01-29 at 20.12.19 Screen Shot 2016-01-29 at 20.13.39 Screen Shot 2016-01-29 at 20.15.53

Special thanks to all the people submitting bug reports, translators and feature testers!

Full changelog for this release is:

== 1.20

	New features:
	------------
	+ Added multiple simultaneous authentication methods (Apache, AD, LDAP, Radius, NetIQ);
	+ Added fping scanning support;
	+ Added selectable scanning type (ping/pear/fping);
	+ Added L2  Continue reading

Docker Online Meetup #31: Unikernels

On Wednesday, we hosted a Docker Online Meetup that was all about Unikernels! Amir Chaudhry, Richard Mortier and Martin Lucina joined us and presented an overview on Unikernels including a demo of Unikernels and Docker. The recorded video and slides from … Continued
1 3,173 3,174 3,175 3,176 3,177 3,855