Pinging a Firewall – Is It Up Or Down?
Let’s say you’re trying to find a free IP on a network so you can assign one to your PC to do some work. First off, shame on you for not using proper addressing design with an IP address manager software. Second, you might use basic ping tests to properly identify alive hosts vs. dead hosts (free IP addresses). Most do. In fact, you can use nmap to do simple ping sweeps of entire subnets.Pinging a Firewall – Is It Up Or Down?
Let’s say you’re trying to find a free IP on a network so you can assign one to your PC to do some work. First off, shame on you for not using proper addressing design with an IP address manager software. Second, you might use basic ping tests to properly identify alive hosts vs. dead hosts (free IP addresses). Most do. In fact, you can use nmap to do simple ping sweeps of entire subnets.Address Learning and the TRILL/FabricPath Control Plane
Do you ever find yourself in a conversation with someone where you attempt to explain a concept in detail and you realize that you don't know that concept at the level of detail that you thought you did? That happened to me recently. I thought I had a better handle on TRILL and FabricPath than I really did. Since I retain things far better when I write them down, I'm going to blog the differences between TRILL and FabricPath when it comes to address learning and what role the control plane plays in building the network topology
CCNA Datacenter
I passed 640-916 - Introducing Cisco Data Center Technologies earlier this week. I was going to publish this post on they day of or after the pass, but unfortunately I was put out of commission by the winter bug that’s going around and did not get to give this post the attention it deserved. The first test in the CCNA Datacenter track, which is 640-911 - Introducing Cisco Data Center Networking, was a pretty straightforward test for someone with my background.CCNA Datacenter
I passed 640-916 - Introducing Cisco Data Center Technologies earlier this week. I was going to publish this post on they day of or after the pass, but unfortunately I was put out of commission by the winter bug that’s going around and did not get to give this post the attention it deserved. The first test in the CCNA Datacenter track, which is 640-911 - Introducing Cisco Data Center Networking, was a pretty straightforward test for someone with my background.Multiple Probes In Serverfarm Configuration
Serverfarms allow probes to be associated with them when configured.
Any rserver in the serverfarm configuration will inherit probes from the serverfarm config.
Default probe behaviour is to use OR logic. A single probe failure will cause the rserver to be marked as down.
AND logic for probes can be applied using the fail-on-all command. This means all probes must fail for the serverfarm to be marked as down.
Multicast on TRIO
This post describes how multicast Next-Hop resolution and caching is done on Junos MX routers with Trio based cards. To have more information regarding the multicast replication see my previous post here : Multicast Replication. 1/ Introduction: PIM join...Multicast on TRIO
This post describes how multicast Next-Hop resolution and caching is done on Junos MX routers with Trio based cards. To have more information regarding the multicast replication see my previous post here : Multicast Replication. 1/ Introduction: PIM join...COGNITIVE NETWORKS THE NETWORKS OF THE FUTURE
How does the internet work - We know what is networking
Next project was one of my first networking Science articles. It is a short look at latest achievements from some of the biggest networking scientists today with some short comments from my mentor and me. The work was presented at 19. International scientific conference of International Federation of Communication Associations. International scientific conference “DIT 2012″ accepts […]
Grumpy Cat Hates IPv6
IPv6 will ruin the world! What is so terrible now will be a DESOLATE APOCALYPSE WITH IPV6!! BECAUSE…..IT JUST WILL BE - OKAY YOU GUYS???!?!? Don’t be grumpy - be happy. NAT is not a device. It is a function. An archaic one that should and can be abandoned, and we don’t have to compromise on security to do it.Grumpy Cat Hates IPv6
IPv6 will ruin the world! What is so terrible now will be a DESOLATE APOCALYPSE WITH IPV6!! BECAUSE…..IT JUST WILL BE - OKAY YOU GUYS???!?!? Don’t be grumpy - be happy. NAT is not a device. It is a function. An archaic one that should and can be abandoned, and we don’t have to compromise on security to do it.Find unknown static IP on device
How does the internet work - We know what is networking
If you work in networking sooner or later there will be a situation where someone will bring you a device that you must connect to your network that was used somewhere else before. That can be something like switch, Fiber channel switch, some security appliance, different controllers etc. In that case this device will often […]
Syria shuts down the Internet
As of 10:27 UTC this morning the majority of the Internet in Syria is no longer connected to the rest of the world and can be considered as offline. Syria has only one major provider, AS29256 The Syrian Telecommunications Establishment. This provider is government owned and originates 56 out of 62 Syrian prefixes.
This morning between 10:26 and 10:27 all routes originated by AS29256 (The Syrian Telecommunications Establishment) were withdrawn and became unreachable.
The only Syrian prefixes left in the routing table are 5 prefixes originated by TATA, AS6453. These are the prefixes that are still reachable via TATA:
216.6.0.0/23, 63.243.163.0/24, 116.0.72.0/22, 66.198.39.0/24, 66.198.41.0/24
What happened?
We have no official confirmation about what happened, but similar events in the past [Syria, Egypt] were all government ordered. Because the primary telecom provider is state controlled in Syria, an outage like this is relatively easy to implement by ordering the primary telecom provider to shutdown the external links or BGP sessions with the external providers. External providers that provide services to Syria are:
AS9121 Turk Telecom
AS6762 telecom Italia
AS3491 PCCW Global
AS6453 Tata
Not the first outage
SAP – Session Announcement Protocol
How does the internet work - We know what is networking
Session Announcement Protocol as an experimental protocol designed for the purpose of multicasting a session’s information. IETF issued it as RFC 2974. SDP (Session Description Protocol) is being used by SAP as real-time transport protocol’s session depiction arrangement. With SAP use, correspondent can transmit SDP descriptions from time to time to an acknowledged multicast address […]
The Failing Crusade Against NAT
After watching the recent epic that was the comment thread on networkingnerd’s NAT66 blog post from last year, I was initially persuaded to sit and watch from afar. I’ve had the opportunity to work with IPv6 quite a bit, and though I’ve done a few IPv6-related posts on the site, I still feel like there’s always something missing. After all, much of IPv6 is still just talk (sadly) and not enough wide-spread adoption to really put it through it’s paces.The Failing Crusade Against NAT
After watching the recent epic that was the comment thread on networkingnerd’s NAT66 blog post from last year, I was initially persuaded to sit and watch from afar. I’ve had the opportunity to work with IPv6 quite a bit, and though I’ve done a few IPv6-related posts on the site, I still feel like there’s always something missing. After all, much of IPv6 is still just talk (sadly) and not enough wide-spread adoption to really put it through it’s paces.Cisco UCS Manager 2.1 Highlights
Service Profile Renaming Yes, finally, you can rename service profiles. No more struggling to name your profiles perfectly the first time. When a profile is renamed, all the unique attributes including the MACs, WWNs, UUID, etc, are preserved. This can be done when the server is live and online without any impact. VM-FEX for Microsoft Hyper-V and KVM In addition to vSphere, VM-FEX (which I've written about here) is now available when using the Hyper-V or KVM hypervisors on UCS.Recovery From Corrupt or Missing Software Image on Cisco device
How does the internet work - We know what is networking
This is a movie based on a true story. Is the issue you will have sooner or later if you are into networking and managing devices? Perhaps you will manage to upgrade hundreds of devices before you will see this happening but maybe it will be one of the first devices in production environment to […]
Recovery From Corrupt or Missing Software Image on Cisco device
The Annoyance of AnyConnect Mac Client
AnyConnect Mac I find it annoying that sometimes, the list of remembered connections (which is just one), turns out to be a VPN you never use, or only used once. This is a problem I find only on...[[ Summary content only, you can read everything now, just visit the site for full story ]]