General Query about access-list and prefix list ?
ACCESS-LIST
Access-list is sequential series of filters
Action :Either deny or permit
Matching Criteria can be source address in case of standard access-list or may be source address ,destination address,protocol,port or socket in case of extended access-list.
Its Implicit Deny means that no match occur through all filter in access-list ,it will tend to automatically dropped.
Its sequential,means that filter is checked from top to bottom.If the first match is encountered,the rest of the access -list is ignored.
**Always try to put filtering line in right sequence to avoid access-list mulfunctioning.
Standard Access-list
access-list 1 permit 10.10.10.1 0.0.0.0
access-list 1 permit 10.10.10.20 0.0.0.0
OR
ip access-list standard 1
10 permit 10.10.10.1 0.0.0.0
20 permit 10.10.10.20 0.0.0.0
Extended Access-list
access-list 100 permit ip 10.10.10.10 0.0.0.0 172.16.10.0 0.0.0.255
access-list 111 permit port access-list 111 permit tcp 10.0.0.0 0.255.255.255 172.1.141.0 0.0.0.255 eq 23
access-list 112 permit udp Continue reading
Jennifer Rexford and Nick McKeown have kicked off what could be the next generation of SDN.
Tried VIRL when it first came out. “Why?”, you ask, when you know I work in a Cisco Customer Proof of Concept lab with lots of “real” networking hardware? Answer is because it would be nice to be able to toss together networks to play with… without having to reserve gear, load line cards that are on shelves into empty chassis, cable, code, config… etc etc.
But there was, for me, a major item missing from VIRL when it first came out — the ability to packet capture easily. For what I wanted VIRL for, that was a showstopper for me. So, back into the lab for my “playing” and teaching.
Now? 
Very very happy to pass on to you that VIRL supports packet capturing now!!! Tossed together a quick ~12minute youtube.
I get frustrated by those who take a narrow view of technology, and progress in general. They see things in terms of where they are now, and where they were. But they struggle to see a bit further out. The Internet of Things is a good example of this.
I made the mistake of reading the comments on a recent El Reg article (I know, I know: Never read the comments). I came across this comment about the IoT:
…The innocent child asked “but why would the toaster need to talk to the ‘fridge?” The marketing gurus had no answer and a few years later the outfit went bankrupt. In all the time since, no one has been able to answer that question.
From there the comments devolved into a rather pointless discussion about milk, bread, spam on toast and Twitter. This is a fairly common theme on El Reg articles (along with “cloud has little appeal for 90% of SM server/computing requirements”, but that’s another issue).
I find it frustrating when people take a narrow, short-sighted view when looking at technology trends. We all see things from our own perspective, but it’s good to lift your head Continue reading
Executive moves at Cisco and Ruckus, new training at Juniper, and a DevOps-minded monitoring startup.
Please join us in congratulating the following iPexpert students who have passed their CCIE lab!
Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!
Learn how to virtualize performance monitoring in NFV environments, virtualize the customer edge, and create dynamic interconnects. Sign up now for the Accedian DemoFriday!
Eric Dennington @edennington, Steve Occhiogrosso @StephenO86, and Jason Lavoie join the Packet Pushers to chat about building a new network from scratch. We compiled our notes, and decided on a three phase approach.
The post Show 239 – Design & Build #2 – A New Network From Scratch appeared first on Packet Pushers Podcast and was written by Ethan Banks.
VMware's NSX and Midokura's MidoNet need hardware endpoints. Why not white boxes?
