Always Networks Blog

CCIE Written Blueprint: 1.1.b Identify Cisco express forwarding concepts

Sat 09 August 2014

Cisco Express Forwarding - that thing that "just works". You don't really need to know anything about it...until it stops just working. Here's my notes.

1.1.b Identify Cisco express forwarding concepts

CEF maintains its tables to facilitate the routing of packets purely in memory, with no CPU overhead.

If the CPU can’t handle the packet, it “punts” the packet to the software …

Read whole post...

CCIE Written Blueprint: 1.1.a Describe basic software architecture differences between IOS and IOS XE

Wed 06 August 2014

I have had an idea. I decided the best way to focus on the CCIE topics to study for the written exam (and try and reign myself in from just reading the "interesting" stuff!) is to aim for the exam topics...if I know all of them, how can I fail?

The exam topics are available here: Cisco CCIE Written Exam Topics

I have copied …

Read whole post...

Non-Transitive or Transitive? - BGP Path Attributes

Sun 22 June 2014

I was reading about BGP Path Attributes and came across this table (thanks to http://netcerts.net/bgp-path-attributes-and-the-decision-process/):

--------------------------------------------------------------------- ---------------------------------------------------------- LIST OF BGP PATH ATTRIBUTES Attribute Name Category / Class ORIGIN Well-Known Mandatory AS\_PATH Well-Known Mandatory NEXT\_HOP Well-Known Mandatory LOCAL\_PREF Well-Known Discretionary ATOMIC\_AGGREGATE Well-Known Discretionary AGGREGATOR Optional Transitive COMMUNITY Optional Transitive MULTI\_EXIT\_DISC (MED) Optional Non-Transitive ORIGINATOR\_ID Optional Non-Transitive CLUSTER LIST Optional …
Read whole post...

OSPF Network Types - A Neighbour Killer?

Yep, I spell neighbour the British way. No, I don't do it in IOS. But I should be able to. :)

While going over some OSPF stuff today, I found a statement saying that OSPF network types have to match for routers for form a neighbour relationship. Because I'm a nerd, I questioned this. My reason? I don't remember OSPF network type being a field in …

Read whole post...

IronPort Proxy Logs - Viewing something useful

One of the most frustrating things about working with the IronPort proxy servers is how difficult it is to view the log files. The logs are stored on the proxy server in text files - these are often multiple gigabytes in size - downloading takes an age, and opening them in Windows is next to impossible.

Fortunately, if you SSH to the management interface of the proxy …

Read whole post...

Checkpoint VPN Error: According to the policy the packet should not have been decrypted

Magnifying Glass

I encountered an issue recently while trying to allow access to a new subnet over an existing VPN. The far end device was a Cisco router, and had an access list matching an entire class A subnet which was applied to the crypto map. The traffic destined for the new subnet was arriving at our firewall, and showing in the logs as dropped, with the …

Read whole post...

Archiving and deleting IOS images

Thu 16 January 2014

I recently had the need to upgrade the IOS on a Cisco switch (think it was a 3750). As usual, the flash was too small so I needed to remove (and archive/save) the old IOS before putting the new one on. A lot of the images these days include HTML and other things, so are contained in folders rather than a single file. So …

Read whole post...

Bulk DNS Lookup in Windows Powershell – Better than NSLookup!

So firstly, I've just seen that's its been over 3 months since I last posted - for anyone that looks back here regularly, Sorry! Thanks for coming back though, I am going to try to be more active.

I started a new job at the end of August as a Network Engineer as part of the network team in a data centre supporting multiple European sites …

Read whole post...

Parser Views - Cisco Security

A post on techexams.net recently made me look into parser views in more detail.

I read the section in the CCNA: Security Official Certification Guide about them a while back (the entire one page of it), and never really gave it much thought, but I was prompted by the post on the forum to look into them in more detail.

Parser views are a …

Read whole post...

MTU / Fragmentation / ACL Tests….Part 2

Now that ICMP traffic is fragmenting across the network, it's time to change and start using TCP traffic.

This is a follow on from MTU / Fragmentation / ACL Tests….Part 1 and I am aiming to find out what happens to fragmented packets when matched to static extended access lists.

I'm going to use a program called Ostinato for this. It's a freeware tool for generating …

Read whole post...