Port aggregation is a technique to bind more than one physical port and create a bigger virtual port. It is done for multiple purposes. The biggest advantage of this technique is increasing the bandwidth of a port. If you have two 100Mb ports and you need a port that can support 200Mb bandwidth then you just have to merge two ports and you will get the 200Mb bandwidth. Another reason is redundancy if we want to provide resources with zero second downtime we can use this technique Read more [...]
VLAN Hopping An attack in which an attacker jumps from one VLAN to another VLAN by tagging targeted VLAN number to frame. For example I am an attacker and I am connected to VLAN 10 but I want to get access to VLAN 1 so what I do that I grab the packet before it leaves my NIC and I tag it with VLAN ID 1 so now when it gets to the switch it will tag another VLAN ID which is 10 because I am connected to VLAN 10 but when this frame gets to another switch then the switch will open the first tag VLAN ID Read more [...]
Layer 2 threat mitigation is important, it is defense from an insider who aims to damage the network. There are security devices such as firewall, IDS/IPS, and other systems to protect the network but these technologies do not work at layer 2.There are many threat that can be initiated by an insider in a local network, such as insider could leak or grab information, he/she can cause a denial of service condition to switch or servers. MAC Flooding It is the attack against switches that feeds Read more [...]
QoS is an umbrella term that includes many tools and techniques to improve the performance of network, it is very complex topic as well. QoS is intended to prioritize the traffic on the basis of protocols. For example, the VoIP traffic take 64Kb bandwidth for entire session the call is up and if there is quite a much other traffic in your service then it could affect the VoIP call and there could be dozens of glitters in call. The sole purpose of this technology is Read more [...]
Spanning tree (802.1d) also known as common spanning tree (CST) which means only one big spanning tree for all VLANs.Where Cisco uses per vlan spanning tree (PVST+) which means running individuals spanning tree for each VLAN. Rapid Spanning Tree Protocol It is 802.1w which does not takes 30 seconds to shutdown or turn on loop protocol. This protocol looks for alternate port or back-over port to turn on when primary ports gets fail. Note: Cisco highly recommends Read more [...]
Random Early Detection – RED Random Early Detection (RED) is the mechanism that detects the memory buffer size before it gets full. It looks for the hosts that are sending more data and it drops the packet of host that is transmitting more data and it lets go the host who is sending low data. For example, Host – A is sending 100Mb traffic and Host – B is sending 100Kb traffic now when RED detects the buffer is getting full it will start dropping the Host Read more [...]
We discussed the standard ACL but there is a big limitation in this list that it can only work on source IP address. This can only work on layer 3.The numbers for Standard ACL are 1 – 99 and 1300 – 1999. Extended ACL can work on source and destination IP address, sessions, ports, and protocols. This list an work on layer 3, 4, and 5. Extended ACL could work on more detailed rules.The numbers for Extended ACL are 100 – 199 and 2000 – 2699.A good advice is Read more [...]
By this point we have created ACL and each access control entry (ACE) comes below the existed entries and here we are going to modify and manage the ACLs. Let’s say we have configured the ACL 103 with some entries and a new requirements come to create one more entry. We know that each entry comes below the previous defined entries and this makes rules inappropriate in order. Now there comes a new requirement and we implement another ACE, so this list becomes Read more [...]
We learned about ACL in the CCENT course but there we only tired to understand the standard ACL which filters traffic using source IP address. ACL is basically a filtering mechanism that makes a router a small firewall that inspect the traffic and filters it. Extended ACL are the one we are going to discuss here, they are very powerful because they can work on the basis of IPs, ports, protocols, and more. The important thing in ACL is interface either outbound or inbound. Read more [...]
Advanced Policy Infrastructure Controller – Enterprise Module (APIC-EM) is a collection of tools available via web-interface for modern network operations. Enterprise module is one module from set of tools and it is designed to let you monitor your equipments and to test and diagnose your network. The modules are installed in a centralized server and then the operations are run using API (Application programming interface) calls. This new technology can provide a testing Read more [...]
HSRP Parameters We configured the HSRP on two routers and here is the status of both routers. R2 says it is Active router. R1 says it is Standby router and active router is the one that has IP address 192.168.0.3. Now we turn off the active router and see the status of this router. Now R1 says that it is active router and it is the only router running HSRP because it says that it does not know any standby router. HSRP Roles Read more [...]