What is BFD?

Bidirectional Forwarding Detection (BFD) provides a low-overhead, short-duration method of detecting failures in the forwarding path between two adjacent routers, including the interfaces, data links, and forwarding planes. BFD is a detection protocol that you enable at the interface and routing protocol levels. Cisco supports the BFD asynchronous mode, which depends on the sending of [...]

Palo Alto CLI cheat sheet

Device management: Show general system-health information –> show system info Show percent usage of disk partitions –> show system disk-space Show the maximum log file size –> show system logdb-quota Show running processes –> show system software status Show processes running in the management plane –> show system resources Show resource utilization in the dataplane –> show running resource-monitor Show the [...]

What is VDC’s in Nexus Switches?

Cisco Nexus 7000 Series switches can be segmented into virtual devices based on customer requirements. VDCs offer several benefits e.g. fault isolation, administration plane, separation of data traffic, and enhanced security. This logical separation provides the following  benefits: Administrative and management separation Change and failure domain isolation from other VDCs Address, VLAN, VRF, and vPC isolation Each VDC acts as an [...]

OSI layer in short with example

7. Application layer-Responsible for initiating or services the request. e.g SMTP, DNS, HTTP, and Telnet 6. Presentation layer-Formats the information so that it is understood by the receiving system e.g Compression and encryption depending on the implementation 5. Session layer– Responsible for establishing, managing, and terminating the session e.g NetBIOS 4. Transport layer-Breaks information into [...]

Important CLI commands for F5 LTM

TMOS commands run util bash -enable shell show sys self-ip -show self IP’s show ltm persistence persist-records -show persistence records list ltm node [node_address] -show node status modify ltm node [node_address] down -disable node modify ltm node [node_address] up -enable node modify net packet-filter all logging enabled -enable logging for all packet filters delete ltm [...]

Hardware terms

Bandwidth Bandwidth refers to the amount of information that can be transmitted over a network in a given amount of time, usually expressed in bits per second or bps Protocol Protocols are the set of rules / algorithm used to learn routes, so that network traffic can be passed from a source to the destination. [...]

VLAN, TRUNKING, VTP

Vlan trunking -Vlan divides the broadcast domain -In New switch, Default Vlan = Native Vlan = Vlan 1 -Native Vlan can be changed from Vlan 1 to Vlan10, 20 etc. -Vlan 1 cannot be deleted even after entering command -Vlan 1 carries critical traffic like CDP, VTP etc. -Access port carries traffic of only one [...]

How DHCP works?

The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks. The DHCP protocol is controlled by a DHCP server that dynamically distributes network configuration parameters, such as IP addresses, for interfaces and services. A router or a residential gateway can be enabled to act as a DHCP server. [...]

What is UDLD?

Unidirectional Link Detection (UDLD) is a data link (layer 2) protocol from Cisco Systems to monitor the physical configuration of the cables and detect unidirectional links. UDLD allow two switches to verify if they can both send and receive data on a point-to-point connection.UDLD works with the Layer 1 (L1) mechanisms to determine the physical [...]

What is metro ethernet?

A metropolitan-area Ethernet, Ethernet MAN, or metro Ethernet network is a metropolitan area network (MAN) that is based on Ethernet standards. It is commonly used to connect subscribers to a larger service network or the Internet. Businesses can also use metropolitan-area Ethernet to connect their own offices to each other. An Ethernet interface is much [...]

How HTTP protocol works?

HTTP functions as a request–response protocol in the client–server computing model. A web browser, for example, may be the client and an application running on a computer hosting a web site may be the server. The client submits an HTTP request message to the server. The server, which provides resources such as HTML files and [...]

How to setup the internet access through the Cisco ASA firewall?

Basic Guidelines for setting Internet through the Cisco ASA firewall: At first we need to configure the interfaces on the firewall. !— Configure the outside interface. interface GigabitEthernet0/0 nameif outside security-level 0 ip address 10.165.200.226 255.255.255.224 !— Configure the inside interface. interface GigabitEthernet0/1 nameif inside security-level 100 ip address 10.1.1.1 255.255.255.0 The nameif command gives [...]

What are the NAT syntax changes in the Cisco ASA firewall

There are major nat syntax changes after the ASA firewall iOS version 8.3. Regular static NAT: In the pre 8.3- static (inside,outside) 192.168.100.100 10.1.1.6 net mask 255.255.255.255 In the version 8.3 and later- object network obj-10.1.1.6 host 10.1.1.6 nat (inside,outside) static 192.168.100.100 Regular static PAT: In the pre 8.3- static (inside,outside) tcp 192.168.100.100 80 10.1.1.16 [...]

What is ICMP?

ICMP is Internet Control Message Protocol, a network layer protocol of the TCP/IP suite used by hosts and gateways to send notification of datagram problems back to the sender. It uses the echo test / reply to test whether a destination is reachable and responding. It also handles both control and error messages.

What is difference between DoS vs DDoS attacks?

In a Denial of Service (DoS) attack, a hacker uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources (e.g., RAM and CPU). On the other hand, Distributed Denial of Service (DDoS) attacks are launched from multiple connected devices that [...]

BIG-IP F5 LTM Load balancing methods

BIG-IP LTM provides a variety of load balancing methods to choose from. There are two types of load balancing methods. statistic load balancing method / mode. dynamic load balancing mode. 1. statistic load balancing mode:- There are two static load balancing modes. 1.Round robin 2.Ratio 2..Dynamic load balancing mode:- 1.least connections 2.fastest 3.observed 4.predictive 5.dynamic [...]

Acronyms

A • AAL: ATM Adaptation Layer • ABM: Asynchronous Balance Mode • ABR: Available Bit Rate • AC: Access Control • ACK: Acknowledgment • ADSL: Asymmetric Digital Subscriber Links • ANI: Automatic Number Identification • ANSI: American National Standards Institute • API: Application Programming Interface • ARM: Asynchronous Response Mode • ARP: Address Resolution Protocol [...]

BGP Quick notes

A transit AS is an AS that routes traffic from one external AS to another external AS   The “show ip bgp” command is used to display entries in the BGP routing table.   The AS-PATH attribute is used to prevent BGP routing loops. When receiving an BGP advertisement, the router checks the AS-PATH attribute, [...]

Passive interface (RIP,OSPF,EIGRP)

Passive-interface command is used in all routing protocols to disable sending updates out from a specific interface. However the command behavior varies from o­ne protocol to another. RIP: In RIP this command will disable sending multicast updates via a specific interface but will allow listening to incoming updates from other RIP enabled neighbors.This simply means [...]

Quick notes for EIGRP

EIGRP  is  a Cisco proprietary protocol which means it will work only on Cisco routers. EIGRP is also called advanced distance vector or Hybrid routing protocol. Multicast or unicast is used for exchange of information. Multiple network layer protocols are supported. 100% loop-free. By default,EIGRP will limit itself to use no more than 50% of [...]

Memorising the BGP decision making process

1. Weight (Bigger is better) 2. Local preference (Bigger is better) 3. Self originated (Locally injected is better than iBGP/eBGP learned) 4. AS-Path (Smaller is better) 5. Origin 6. MED (Smaller is better) 7. External (Prefer eBGP over iBGP) 8. IGP cost (Smaller is better) 9. EBGP Peering (Older is better) 10. Router- ID