I receive lots of questions from my students, readers, customers, followers on network design. I try to answer as quickly as possible and in detail. Thanks to all of them ! I receive a lot of kind emails, messages from them to put my effort on this blog as well. But for many reasons, I… Read More »
The post ASK your questions and SHARE your opinion appeared first on Network Design and Architecture.
I wanted to take a moment and give a well-deserved congratulations to the 2015 Cisco Learning Network Designated VIPs. These fine folks spend a ton of time giving back to the community by helping others in their learning process.
Again, a very warm welcome and congratulations to this group. Your contribution to the community is much appreciated.
Bios and more information for the 2015 VIPs can be found here–
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.
The post CLN 2015 Designated VIPs appeared first on PacketU.
The Raspberry Pi 2 Model B was recently released and it’s a serious step up from its predecessors. Before we dive in to what makes it an outstanding product, the Raspberry Pi family tree going from oldest to newest, is as follows:
The + models were upgrades of the previous board versions and the RPi2B is the Raspberry Pi B+’s direct descendent with added muscle. So, what makes the Raspberry Pi 2 Model B great?
While working with firewalls for the last few years, I’ve seen many logs polluted with scanning traffic. Obviously this is the type of thing that I want to see when someone is legitimately scanning, or attempting to scan, through the firewall. However, there are a few cases that seeing this traffic is simply an indication of some other issue in the network.
An example I have seen on several occasions is someone configuring a network management station to discover 192.168.0.0/16, 172.16.0.0/12 or 10.0.0.0/8. If not properly handled in the routed network architecture, the associated traffic could make its way to the firewall or even to the ISP. An ASA might block the traffic due to policy, reroute it back toward the internal network, drop it due to the intra-interface hairpin configuration, or forward it onward. In most cases, this traffic will cause a lot of “noise” in the syslogs produced by the firewall.
To fully understand the problem, the diagram below can be used for discussion–
In this example, R1 has a static default route that points to the IP address of FW1. R1 advertises this via EIGRP to its internal neighbors. If a networked host attempts to reach Continue reading
One of the ‘newer’ functions of Kubernetes is the ability to register service names in DNS. More specifically, to register them in a DNS server running in the Kubernetes cluster. To do this, the clever folks at Google came up with a solution that leverages SkyDNS and another container (called kube2sky) to read the service entries and insert them as DNS entries. Pretty slick huh?
Beyond the containers to run the DNS service, we also need to tell the pods to use this particular DNS server for DNS resolution. This is done by adding a couple of lines of config to the kubernetes-kubelet service. Once that’s done, we can configure the Kubernetes service and the replication controller for the SkyDNS pod. So let’s start with the kubelet service configuration. Let’s edit our service definition located here…
/usr/lib/systemd/system/kubernetes-kubelet.service
Our new config will look like this…
[Unit] Description=Kubernetes Kubelet After=etcd.service After=docker.service Wants=etcd.service Wants=docker.service [Service] ExecStart=/opt/kubernetes/kubelet --address=10.20.30.62 --port=10250 --hostname_override=10.20.30.62 --etcd_servers=http://10.20.30.61:4001 --logtostderr=true --cluster_dns=10.100.0.10 --cluster_domain=kubdomain.local Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target
Notice that Continue reading
1 | /c/slb/real 1 |
1 | /cfg/slb/appshape/script take_10/en/import |
Please join us in congratulating the following iPexpert client’s who have passed their CCIE lab!
Esteban Paniagua, CCIE #46910
“I wanted to say thanks to the iPexpert team, since I contacted sales to book my 5 day lab boot camp the service they provided me was truly world-class!! I attended the Collaboration boot camp with Andy; he was really knowledgeable, willing to go over details during his explanations and had great communication skills. I passed my CCIE Collaboration on the first try, I wouldn’t have been able to do it without your materials and boot camp. Thanks again!”
Curtis Raams, CCIE #46953
“I can certainly confirm that your course was very well structured and combined with your virtual lab over VPN I was able to successfully study and pass the CCIE exam. I studied extensively the 900 page DSG and mock labs provided by Andy Vassar which provided sufficient and detailed learning with extensive explanations and use cases.
I would strongly recommend iPExpert to any person Continue reading
One of the the concepts that comes up occasionally is that of precedence. For example, one might consider the following routing table entries.
ip route 0.0.0.0 0.0.0.0 1.1.1.1 //default route ip route 192.168.0.0 255.255.0.0 1.1.1.2 //supernet/cidr route ip route 192.168.1.0 255.255.255.0 1.1.1.3 //network route ip route 192.168.1.0 255.255.255.128 1.1.1.4 //subnet route ip route 192.168.1.20 255.255.255.255 1.1.1.5 //host route
Questions often arise around which path a packet would take when it matches more than one entry. For example, a packet may have a destination address of 192.168.1.20. In this case it matches every single route entry.
The logic is actually simple, even straightforward. A packet will follow the most specific route entry that it matches. So a packet destined to 192.168.1.20 would be routed to a router at 1.1.1.5. If the destination happened to be 192.168.1.21, it would be routed over to 1.1.1.4.
“How should I get started with Network Automation?” I am often asked this question by network engineers looking to build new programming skills. If you are brand new to writing Python scripts and are looking for an easy on-ramp to the network automation superhighway, I’d suggest starting with Jinja2 – the de-facto python template engine. Template building […]
The post Python and Jinja2 Tutorial appeared first on Packet Pushers Podcast and was written by Jeremy Schulman.
