RSS

Posts in 2012

  • Spanning Tree: Root Election and Path Tuning

    Wednesday, September 12, 2012 in Cisco Networking

    The concept is rather simple - The Switches send these probes called the BPDUs (Bridge Protocol Data Units) to discover loops in the network. If the BPDU “returns” – there is a loop in the network! BPDU = 4-bit-PRIORITY + MAC Address Spanning tree is …

    Read more

  • Dot1q Tunneling: 802.1q, QinQ Tunneling

    Monday, July 23, 2012 in Cisco Networking

    When a TUNNEL port receives Customers Traffic - INGRESS PORT adds 2 Byte EtherType field 0x8100 + 2 Bytes for CoS and VLAN Eggress tunnel port STRIPS THESE 4 BYTES ** (config-if)#switchport access vlan 100** ** (config-if)#switchport mode …

    Read more

  • CONTROL Plane Policy

    Thursday, June 14, 2012 in Cisco Networking

    CBAC and Zone Based FW are all DATA Plane policies. Another type of Security Policies is a Control Plane Policy. This is quite similar to Cisco’s MQC used for the QoS traffic shaping and policing. You can also use the commands like from MQC to …

    Read more

  • BANNER and MENU Configuration

    Wednesday, June 13, 2012 in Cisco Networking

    If you need to define a BANNNER to display the user restrictions, have in mind that you can use the variables: $(hostname) $(line) $(domain) You also have an option of creating the DYNAMIC ENTRIES as a banner, and let user use the VARIABLES as a …

    Read more

  • Etherchannel L2 vs L3

    Sunday, June 10, 2012 in Cisco Networking

    PAgP (Port Aggregation Protocol) - Cisco Prop. DESIRABLE or AUTO or NONEGOTIATE *in case the link is configured as ACCESS, or the “switchport nonegotiate” command - Protocol Value: 0x0104 - Same multicast group MAC like CDP LACP (Link …

    Read more

  • Router Security - Best Practices

    Wednesday, May 02, 2012 in Cisco Networking

    First you should define some RULES for the password definitions. For example - Minimal Password Lenght: (config)#security passwords min-length 7 Permit users to have to wait for 1 minute if they attempt to log in for 3 times, and LOG it: …

    Read more

  • SNMP

    Saturday, April 14, 2012 in Cisco Networking

    Send the SNMP traps, Community “Public” to the NMS Server: (config)#snmp-server host 192.168.1.1 traps [Public | Private] If you need to define the VERSION and the COMMUNITY STRING: (config)#snmp-server host 192.168.1.100 traps version 2c …

    Read more

  • Logging on Cisco IOS Devices

    Wednesday, January 25, 2012 in Cisco Networking

    Logging is one of the things the Network Engineers are not really fond of, but you need to really understand why and how it needs to be used, for two reasons: 1. Not to miss a major event on a Device. 2. Not to get “overflown” by …

    Read more

Posts in 0001