Are you over 18 and want to see adult content?
More Annotations
A complete backup of road2recovery.com
Are you over 18 and want to see adult content?
A complete backup of asubtlerevelry.com
Are you over 18 and want to see adult content?
A complete backup of elbowchocolates.com
Are you over 18 and want to see adult content?
A complete backup of islaminstitut.de
Are you over 18 and want to see adult content?
A complete backup of fa-fa-fa-slot-online.com
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of danskstudiecenter.dk
Are you over 18 and want to see adult content?
A complete backup of lesparticuliers.fr
Are you over 18 and want to see adult content?
A complete backup of dautuchungkhoan.org
Are you over 18 and want to see adult content?
A complete backup of mall-loft.myshopify.com
Are you over 18 and want to see adult content?
A complete backup of husqvarnaoutlet.com
Are you over 18 and want to see adult content?
Text
CHEAT SHEETS
Download All (.zip) Cheat Sheets Wall Posters (36" x 24") Interior Gateway Protocols. v1.0 (1 page) ProtocolsPACKET CAPTURES
Routers 1 through 4 are configured to view the non-broadcast frame relay network as a point-to-multipoint topology. Adjacencies are formed without the need of a DR or BDR. Note that inverse ARP was used to dynamically learn the addresses of neighbors. ARP Frame Relay IPPACKET CAPTURES
A hard reset (clear ip bgp) is performed on R1 for its adjacency with R2. Packet #7 shows R1 sending a packet with the TCP FIN flag set, indicating the connection is to be torn down. The TCP connection is then reestablished and UPDATEs are retransmitted. BGP Ethernet IP TCP.Packets: 32.
PACKET CAPTURES
packet-c.cap 675.0 KB. Submitted Jan 31, 2012 by Slaingod. This is a packet capture from a SonicWall. We were troubleshooting DHCP packet flows. The SonicWall saw the DHCP Discover and Sent an Offer. We never saw the DHCP acknowledgement. In the adjacent core stacked switching we were running "debug ip dhcp server packets" we only saw discover SPANNING TREE CHEAT SHEET VERSION 2.0 Spanning tree cheat sheet version 2.0. The old spanning tree cheat sheet had numerous problems (as dutifully pointed out by a number of readers), so I decided to rework it from scratch. Today I've uploaded the new STP cheat sheet, version 2.0. The new sheet is two pages, expanded to include full IOS configuration examples of both PVST+ andMST.
OSPF · P ART 1
packetlife.net by Jeremy Stretch v2.1 OSPF · P ART 2 Configuration Example interface Serial0/0 description WAN Link ip address 172.16.34.2 255.255.255.252 /30 ADDRESSING SHORTCUT In a /30 network, the network address will always be divisible by 4: 88/4 = 22. Broadcast address +1 will always be also divisible by 4: (91+1)/4 = 23. If they are not divisible by four you are between the two nearest numbers divisible by four: 88/4 = 22 < 90/4 = 22.5 < (91+1)/4 = 23. This rule also applies for all subnets, a subnetaddress is
HSRP/VRRP/GLBP CHEAT SHEET HSRP and VRRP are practically identical, while GLBP expands their functionality to offer load balancing. Interestingly, VRRP does not support IPv6, as IPv6 can provide more robust router discovery through its Neighbor Discovery Protocol. Cisco has included IPv6 support in DISSECTING A U.U.U PING RESPONSE Dissecting a U.U.U ping response. Once every so often, in the course of troubleshooting, you'll encounter a somewhat odd response to a ping: U.U.U. Recall that the dot signifies that a response was not received before the request timed out, while the U indicates an ICMP unreachable message was received from a router somewhere along thepath.
PACKETLIFE.NETBLOGCHEAT SHEETSCAPTURESTOOLBOXBOOKSHELFABOUT Imagine a scenario where we've got 2,000 physical servers split across 50 racks. Each server functions as a hypervisor housing on average 100 virtual machines, resulting in a total of approximately 200,000 virtual hosts (~4,000 per rack). In an ideal world, we could allocate a /20 of IPv4 space to each rack.CHEAT SHEETS
Download All (.zip) Cheat Sheets Wall Posters (36" x 24") Interior Gateway Protocols. v1.0 (1 page) ProtocolsPACKET CAPTURES
Routers 1 through 4 are configured to view the non-broadcast frame relay network as a point-to-multipoint topology. Adjacencies are formed without the need of a DR or BDR. Note that inverse ARP was used to dynamically learn the addresses of neighbors. ARP Frame Relay IPPACKET CAPTURES
A hard reset (clear ip bgp) is performed on R1 for its adjacency with R2. Packet #7 shows R1 sending a packet with the TCP FIN flag set, indicating the connection is to be torn down. The TCP connection is then reestablished and UPDATEs are retransmitted. BGP Ethernet IP TCP.Packets: 32.
PACKET CAPTURES
packet-c.cap 675.0 KB. Submitted Jan 31, 2012 by Slaingod. This is a packet capture from a SonicWall. We were troubleshooting DHCP packet flows. The SonicWall saw the DHCP Discover and Sent an Offer. We never saw the DHCP acknowledgement. In the adjacent core stacked switching we were running "debug ip dhcp server packets" we only saw discover SPANNING TREE CHEAT SHEET VERSION 2.0 Spanning tree cheat sheet version 2.0. The old spanning tree cheat sheet had numerous problems (as dutifully pointed out by a number of readers), so I decided to rework it from scratch. Today I've uploaded the new STP cheat sheet, version 2.0. The new sheet is two pages, expanded to include full IOS configuration examples of both PVST+ andMST.
OSPF · P ART 1
packetlife.net by Jeremy Stretch v2.1 OSPF · P ART 2 Configuration Example interface Serial0/0 description WAN Link ip address 172.16.34.2 255.255.255.252 /30 ADDRESSING SHORTCUT In a /30 network, the network address will always be divisible by 4: 88/4 = 22. Broadcast address +1 will always be also divisible by 4: (91+1)/4 = 23. If they are not divisible by four you are between the two nearest numbers divisible by four: 88/4 = 22 < 90/4 = 22.5 < (91+1)/4 = 23. This rule also applies for all subnets, a subnetaddress is
HSRP/VRRP/GLBP CHEAT SHEET HSRP and VRRP are practically identical, while GLBP expands their functionality to offer load balancing. Interestingly, VRRP does not support IPv6, as IPv6 can provide more robust router discovery through its Neighbor Discovery Protocol. Cisco has included IPv6 support in DISSECTING A U.U.U PING RESPONSE Dissecting a U.U.U ping response. Once every so often, in the course of troubleshooting, you'll encounter a somewhat odd response to a ping: U.U.U. Recall that the dot signifies that a response was not received before the request timed out, while the U indicates an ICMP unreachable message was received from a router somewhere along thepath.
PACKET CAPTURES
Routers 1 through 4 are configured to view the non-broadcast frame relay network as a point-to-multipoint topology. Adjacencies are formed without the need of a DR or BDR. Note that inverse ARP was used to dynamically learn the addresses of neighbors. ARP Frame Relay IPPACKET CAPTURES
packet-c.cap 675.0 KB. Submitted Jan 31, 2012 by Slaingod. This is a packet capture from a SonicWall. We were troubleshooting DHCP packet flows. The SonicWall saw the DHCP Discover and Sent an Offer. We never saw the DHCP acknowledgement. In the adjacent core stacked switching we were running "debug ip dhcp server packets" we only saw discover DHCP SNOOPING AND DYNAMIC ARP INSPECTION DHCP Snooping and Dynamic ARP Inspection. By stretch | Wednesday, August 18, 2010 at 3:01 a.m. UTC. DHCP snooping is a feature which allows a Cisco Catalyst switch to inspect DHCP traffic traversing a layer two segment and track which IP addresses have been assigned to hosts on which switch ports. This information can be handy for generalPACKET CAPTURES
RIPv2_subnet_down.cap 1.3 KB. Submitted Sep 14, 2009. RIPv2 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #7. Capture perspective from R1's 10.0.0.1 interface. EthernetIP RIP UDP.
CREATING AN MPLS VPN Hi Jeremy, Thanks for the post. It is a great use for MPLS beginners like me. One small query. You had mentioned that an IGP needs to run at core( that is, between PE routers and P routers - OSPF mostly).This is needed for PE routers to believe that IGP connectivity is available and they can proceed with exchanging the prefixes.PORT SECURITY
Port Security. By stretch | Monday, May 3, 2010 at 4:21 a.m. UTC. Port security is a layer two traffic control feature on Cisco Catalyst switches. It enables an administrator configure individual switch ports to allow only a specified number of source MAC addresses ingressing the port. Its primary use is to deter the addition by usersof "dumb
OSPFV2 AUTHENTICATION CONFUSION Suppose we have two directly connected IOS routers running OSPF, configured as follows: R1 router ospf 1 router-id 1.1.1.1 ! interface FastEthernet0/0 ip address 192.168.0.1 255.255.255.252 ip ospf authentication message-digest ip ospf authentication-key Foo ip ospf 1area 0 R2
ROUTE PREFERENCE
2) prefer route sources with the lowest AD. -now we have ONLY the best routes for each prefix in routing table. -and then. If router receive a packet, it looks through the whole routing table (or in CEF case, part of FIB) for longest match. So result is the same, but the order is completely different.VRF EXPORT MAPS
First, let's remove the route-target export 65000:101 from the Customer_A VRF. This will remove both Customer_A routes from the Services VRF. ip vrf Customer_A no route-target export 65000:101 no export map Customer_A_Export. Next, we'll recreate our prefix list androute-map to
HSRP/VRRP/GLBP CHEAT SHEET HSRP and VRRP are practically identical, while GLBP expands their functionality to offer load balancing. Interestingly, VRRP does not support IPv6, as IPv6 can provide more robust router discovery through its Neighbor Discovery Protocol. Cisco has included IPv6 support in PACKETLIFE.NETBLOGCHEAT SHEETSCAPTURESTOOLBOXBOOKSHELFABOUT Imagine a scenario where we've got 2,000 physical servers split across 50 racks. Each server functions as a hypervisor housing on average 100 virtual machines, resulting in a total of approximately 200,000 virtual hosts (~4,000 per rack). In an ideal world, we could allocate a /20 of IPv4 space to each rack. ABOUT PACKETLIFE.NET Hi. My name is Jeremy Stretch, and I'm a network engineer. This is my web site. I started Packet Life back in March of 2008 when I deployed to Iraq as a defense contractor after fulfilling my enlistment as a 3C251 in the US Air Force. Initially, I just wanted a place to record my notes while studying for Cisco's CCNP certification, and ICHEAT SHEETS
Download All (.zip) Cheat Sheets Wall Posters (36" x 24") Interior Gateway Protocols. v1.0 (1 page) ProtocolsPACKET CAPTURES
A hard reset (clear ip bgp) is performed on R1 for its adjacency with R2. Packet #7 shows R1 sending a packet with the TCP FIN flag set, indicating the connection is to be torn down. The TCP connection is then reestablished and UPDATEs are retransmitted. BGP Ethernet IP TCP.Packets: 32.
PACKET CAPTURES
RIPv2_subnet_down.cap 1.3 KB. Submitted Sep 14, 2009. RIPv2 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #7. Capture perspective from R1's 10.0.0.1 interface. EthernetIP RIP UDP.
COMMON PORTS PACKETLIFE.NET TCP/UDP PORT NUMBERS COMMON PORTS packetlife.net TCP/UDP Port Numbers 7 Echo 19 Chargen 20-21 FTP 22 SSH/SCP 23 Telnet 25 SMTP 42 WINS Replication 43 WHOIS 49 TACACS 53 DNS 67-68 DHCP/BOOTP 69 TFTP 70 Gopher 79 Finger 80 HTTP 88 Kerberos 102 MS Exchange 110 POP3 113 Ident 119 NNTP (Usenet) 123 NTP 135 Microsoft RPC 137-139 NetBIOS 143 IMAP4 161-162 SNMP 177 XDMCP 179BGP 201
OSPF · P ART 1
packetlife.net by Jeremy Stretch v2.1 OSPF · P ART 2 Configuration Example interface Serial0/0 description WAN Link ip address 172.16.34.2 255.255.255.252BGP · P ART 1
packetlife.net by Jeremy Stretch v2.1-r1 BGP · P ART 2 Configuration Example interface Serial1/0 description Backbone to B ip address 172.16.0.1 255.255.255.252 SPANNING TREE CHEAT SHEET VERSION 2.0 Spanning tree cheat sheet version 2.0. The old spanning tree cheat sheet had numerous problems (as dutifully pointed out by a number of readers), so I decided to rework it from scratch. Today I've uploaded the new STP cheat sheet, version 2.0. The new sheet is two pages, expanded to include full IOS configuration examples of both PVST+ andMST.
DISSECTING A U.U.U PING RESPONSE Dissecting a U.U.U ping response. Once every so often, in the course of troubleshooting, you'll encounter a somewhat odd response to a ping: U.U.U. Recall that the dot signifies that a response was not received before the request timed out, while the U indicates an ICMP unreachable message was received from a router somewhere along thepath.
PACKETLIFE.NETBLOGCHEAT SHEETSCAPTURESTOOLBOXBOOKSHELFABOUT Imagine a scenario where we've got 2,000 physical servers split across 50 racks. Each server functions as a hypervisor housing on average 100 virtual machines, resulting in a total of approximately 200,000 virtual hosts (~4,000 per rack). In an ideal world, we could allocate a /20 of IPv4 space to each rack. ABOUT PACKETLIFE.NET Hi. My name is Jeremy Stretch, and I'm a network engineer. This is my web site. I started Packet Life back in March of 2008 when I deployed to Iraq as a defense contractor after fulfilling my enlistment as a 3C251 in the US Air Force. Initially, I just wanted a place to record my notes while studying for Cisco's CCNP certification, and ICHEAT SHEETS
Download All (.zip) Cheat Sheets Wall Posters (36" x 24") Interior Gateway Protocols. v1.0 (1 page) ProtocolsPACKET CAPTURES
A hard reset (clear ip bgp) is performed on R1 for its adjacency with R2. Packet #7 shows R1 sending a packet with the TCP FIN flag set, indicating the connection is to be torn down. The TCP connection is then reestablished and UPDATEs are retransmitted. BGP Ethernet IP TCP.Packets: 32.
PACKET CAPTURES
RIPv2_subnet_down.cap 1.3 KB. Submitted Sep 14, 2009. RIPv2 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #7. Capture perspective from R1's 10.0.0.1 interface. EthernetIP RIP UDP.
COMMON PORTS PACKETLIFE.NET TCP/UDP PORT NUMBERS COMMON PORTS packetlife.net TCP/UDP Port Numbers 7 Echo 19 Chargen 20-21 FTP 22 SSH/SCP 23 Telnet 25 SMTP 42 WINS Replication 43 WHOIS 49 TACACS 53 DNS 67-68 DHCP/BOOTP 69 TFTP 70 Gopher 79 Finger 80 HTTP 88 Kerberos 102 MS Exchange 110 POP3 113 Ident 119 NNTP (Usenet) 123 NTP 135 Microsoft RPC 137-139 NetBIOS 143 IMAP4 161-162 SNMP 177 XDMCP 179BGP 201
OSPF · P ART 1
packetlife.net by Jeremy Stretch v2.1 OSPF · P ART 2 Configuration Example interface Serial0/0 description WAN Link ip address 172.16.34.2 255.255.255.252BGP · P ART 1
packetlife.net by Jeremy Stretch v2.1-r1 BGP · P ART 2 Configuration Example interface Serial1/0 description Backbone to B ip address 172.16.0.1 255.255.255.252 SPANNING TREE CHEAT SHEET VERSION 2.0 Spanning tree cheat sheet version 2.0. The old spanning tree cheat sheet had numerous problems (as dutifully pointed out by a number of readers), so I decided to rework it from scratch. Today I've uploaded the new STP cheat sheet, version 2.0. The new sheet is two pages, expanded to include full IOS configuration examples of both PVST+ andMST.
DISSECTING A U.U.U PING RESPONSE Dissecting a U.U.U ping response. Once every so often, in the course of troubleshooting, you'll encounter a somewhat odd response to a ping: U.U.U. Recall that the dot signifies that a response was not received before the request timed out, while the U indicates an ICMP unreachable message was received from a router somewhere along thepath.
BOOKS - PACKETLIFE.NET Bookshelf. Here I've listed some of books I have, used to have, or would like to have. They are roughly arranged by subject matter. (However, like my actual bookshelf, COMMON PORTS PACKETLIFE.NET TCP/UDP PORT NUMBERS COMMON PORTS packetlife.net TCP/UDP Port Numbers 7 Echo 19 Chargen 20-21 FTP 22 SSH/SCP 23 Telnet 25 SMTP 42 WINS Replication 43 WHOIS 49 TACACS 53 DNS 67-68 DHCP/BOOTP 69 TFTP 70 Gopher 79 Finger 80 HTTP 88 Kerberos 102 MS Exchange 110 POP3 113 Ident 119 NNTP (Usenet) 123 NTP 135 Microsoft RPC 137-139 NetBIOS 143 IMAP4 161-162 SNMP 177 XDMCP 179BGP 201
CISCO TYPE 7 REVERSER Cisco Type 7 Reverser. Paste any Cisco IOS "type 7" password string into the form below to retrieve the plaintext value. Type 7 passwords appears as follows in an IOS configuration file. UDLD - PACKETLIFE.NET UDLD. By stretch | Monday, March 7, 2011 at 3:49 a.m. UTC. Unidirectional Link Detection (UDLD) is a Cisco-proprietary layer two protocol devised to automatically detect the loss of bidirectional communication on a link. It is often mentioned in discussion ofROUTE PREFERENCE
2) prefer route sources with the lowest AD. -now we have ONLY the best routes for each prefix in routing table. -and then. If router receive a packet, it looks through the whole routing table (or in CEF case, part of FIB) for longest match. So result is the same, but the order is completely different.ANNOUNCING NETBOX
NetBox is a web application for IPAM and DCIM. Its target audience comprises network engineers, data center techs, and systems administrators. NetBox is written in Python, utilizing the Django framework and a PostgreSQL database. Similar applications include: DHCP SNOOPING AND DYNAMIC ARP INSPECTION DHCP Snooping and Dynamic ARP Inspection. By stretch | Wednesday, August 18, 2010 at 3:01 a.m. UTC. DHCP snooping is a feature which allows a Cisco Catalyst switch to inspect DHCP traffic traversing a layer two segment and track which IP addresses have been assigned to hosts on which switch ports. This information can be handy for general DISABLING DYNAMIC TRUNKING PROTOCOL (DTP) Disabling Dynamic Trunking Protocol (DTP) Cisco's Dynamic Trunking Protocol can facilitate the automatic creation of trunks between two switches. When two connected ports are configured in dynamic mode, and at least one of the ports is configured as desirable, the two switches will negotiate the formation of a trunk across the link. LINK LAYER DISCOVERY PROTOCOL (LLDP) ON A CATALYST 3560 Link Layer Discovery Protocol (LLDP) on a Catalyst 3560. Many network vendors have developed proprietary layer two discovery protocols (e.g. Cisco's CDP, Extreme's EDP, and so on) to help administrators document and troubleshoot physical links. As there is much overlap in the features these protocols provide, an effort was made to develop a PROBABLE REASONS BGP ISN'T INSTALLING A ROUTE Jeroen Roos. November 19, 2008 at 7:30 p.m. UTC. A very useful command for this is "show ip bgp rib-failure", which shows an explanation on why a route which is in the local BGP table (so it is not rejected by a filter) is not installed in the routing table. You can recognize those routes by an 'r' in front of it in the show ip bgp output. PACKETLIFE.NETBLOGCHEAT SHEETSCAPTURESTOOLBOXBOOKSHELFABOUT Imagine a scenario where we've got 2,000 physical servers split across 50 racks. Each server functions as a hypervisor housing on average 100 virtual machines, resulting in a total of approximately 200,000 virtual hosts (~4,000 per rack). In an ideal world, we could allocate a /20 of IPv4 space to each rack. ABOUT PACKETLIFE.NETPACKETLIFE OSPFPACKETLIFE NET LIBRARY CHEAT SHEETS Hi. My name is Jeremy Stretch, and I'm a network engineer. This is my web site. I started Packet Life back in March of 2008 when I deployed to Iraq as a defense contractor after fulfilling my enlistment as a 3C251 in the US Air Force. Initially, I just wanted a place to record my notes while studying for Cisco's CCNP certification, and ICHEAT SHEETS
Download All (.zip) Cheat Sheets Wall Posters (36" x 24") Interior Gateway Protocols. v1.0 (1 page) ProtocolsPACKET CAPTURES
A hard reset (clear ip bgp) is performed on R1 for its adjacency with R2. Packet #7 shows R1 sending a packet with the TCP FIN flag set, indicating the connection is to be torn down. The TCP connection is then reestablished and UPDATEs are retransmitted. BGP Ethernet IP TCP.Packets: 32.
PACKET CAPTURES
RIPv2_subnet_down.cap 1.3 KB. Submitted Sep 14, 2009. RIPv2 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #7. Capture perspective from R1's 10.0.0.1 interface. EthernetIP RIP UDP.
COMMON PORTS PACKETLIFE.NET TCP/UDP PORT NUMBERS COMMON PORTS packetlife.net TCP/UDP Port Numbers 7 Echo 19 Chargen 20-21 FTP 22 SSH/SCP 23 Telnet 25 SMTP 42 WINS Replication 43 WHOIS 49 TACACS 53 DNS 67-68 DHCP/BOOTP 69 TFTP 70 Gopher 79 Finger 80 HTTP 88 Kerberos 102 MS Exchange 110 POP3 113 Ident 119 NNTP (Usenet) 123 NTP 135 Microsoft RPC 137-139 NetBIOS 143 IMAP4 161-162 SNMP 177 XDMCP 179BGP 201
OSPF · P ART 1
packetlife.net by Jeremy Stretch v2.1 OSPF · P ART 2 Configuration Example interface Serial0/0 description WAN Link ip address 172.16.34.2 255.255.255.252BGP · P ART 1
packetlife.net by Jeremy Stretch v2.1-r1 BGP · P ART 2 Configuration Example interface Serial1/0 description Backbone to B ip address 172.16.0.1 255.255.255.252 SPANNING TREE CHEAT SHEET VERSION 2.0 Spanning tree cheat sheet version 2.0. The old spanning tree cheat sheet had numerous problems (as dutifully pointed out by a number of readers), so I decided to rework it from scratch. Today I've uploaded the new STP cheat sheet, version 2.0. The new sheet is two pages, expanded to include full IOS configuration examples of both PVST+ andMST.
DISSECTING A U.U.U PING RESPONSE Dissecting a U.U.U ping response. Once every so often, in the course of troubleshooting, you'll encounter a somewhat odd response to a ping: U.U.U. Recall that the dot signifies that a response was not received before the request timed out, while the U indicates an ICMP unreachable message was received from a router somewhere along thepath.
PACKETLIFE.NETBLOGCHEAT SHEETSCAPTURESTOOLBOXBOOKSHELFABOUT Imagine a scenario where we've got 2,000 physical servers split across 50 racks. Each server functions as a hypervisor housing on average 100 virtual machines, resulting in a total of approximately 200,000 virtual hosts (~4,000 per rack). In an ideal world, we could allocate a /20 of IPv4 space to each rack. ABOUT PACKETLIFE.NETPACKETLIFE OSPFPACKETLIFE NET LIBRARY CHEAT SHEETS Hi. My name is Jeremy Stretch, and I'm a network engineer. This is my web site. I started Packet Life back in March of 2008 when I deployed to Iraq as a defense contractor after fulfilling my enlistment as a 3C251 in the US Air Force. Initially, I just wanted a place to record my notes while studying for Cisco's CCNP certification, and ICHEAT SHEETS
Download All (.zip) Cheat Sheets Wall Posters (36" x 24") Interior Gateway Protocols. v1.0 (1 page) ProtocolsPACKET CAPTURES
A hard reset (clear ip bgp) is performed on R1 for its adjacency with R2. Packet #7 shows R1 sending a packet with the TCP FIN flag set, indicating the connection is to be torn down. The TCP connection is then reestablished and UPDATEs are retransmitted. BGP Ethernet IP TCP.Packets: 32.
PACKET CAPTURES
RIPv2_subnet_down.cap 1.3 KB. Submitted Sep 14, 2009. RIPv2 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #7. Capture perspective from R1's 10.0.0.1 interface. EthernetIP RIP UDP.
COMMON PORTS PACKETLIFE.NET TCP/UDP PORT NUMBERS COMMON PORTS packetlife.net TCP/UDP Port Numbers 7 Echo 19 Chargen 20-21 FTP 22 SSH/SCP 23 Telnet 25 SMTP 42 WINS Replication 43 WHOIS 49 TACACS 53 DNS 67-68 DHCP/BOOTP 69 TFTP 70 Gopher 79 Finger 80 HTTP 88 Kerberos 102 MS Exchange 110 POP3 113 Ident 119 NNTP (Usenet) 123 NTP 135 Microsoft RPC 137-139 NetBIOS 143 IMAP4 161-162 SNMP 177 XDMCP 179BGP 201
OSPF · P ART 1
packetlife.net by Jeremy Stretch v2.1 OSPF · P ART 2 Configuration Example interface Serial0/0 description WAN Link ip address 172.16.34.2 255.255.255.252BGP · P ART 1
packetlife.net by Jeremy Stretch v2.1-r1 BGP · P ART 2 Configuration Example interface Serial1/0 description Backbone to B ip address 172.16.0.1 255.255.255.252 SPANNING TREE CHEAT SHEET VERSION 2.0 Spanning tree cheat sheet version 2.0. The old spanning tree cheat sheet had numerous problems (as dutifully pointed out by a number of readers), so I decided to rework it from scratch. Today I've uploaded the new STP cheat sheet, version 2.0. The new sheet is two pages, expanded to include full IOS configuration examples of both PVST+ andMST.
DISSECTING A U.U.U PING RESPONSE Dissecting a U.U.U ping response. Once every so often, in the course of troubleshooting, you'll encounter a somewhat odd response to a ping: U.U.U. Recall that the dot signifies that a response was not received before the request timed out, while the U indicates an ICMP unreachable message was received from a router somewhere along thepath.
BOOKS - PACKETLIFE.NET Bookshelf. Here I've listed some of books I have, used to have, or would like to have. They are roughly arranged by subject matter. (However, like my actual bookshelf, COMMON PORTS PACKETLIFE.NET TCP/UDP PORT NUMBERS COMMON PORTS packetlife.net TCP/UDP Port Numbers 7 Echo 19 Chargen 20-21 FTP 22 SSH/SCP 23 Telnet 25 SMTP 42 WINS Replication 43 WHOIS 49 TACACS 53 DNS 67-68 DHCP/BOOTP 69 TFTP 70 Gopher 79 Finger 80 HTTP 88 Kerberos 102 MS Exchange 110 POP3 113 Ident 119 NNTP (Usenet) 123 NTP 135 Microsoft RPC 137-139 NetBIOS 143 IMAP4 161-162 SNMP 177 XDMCP 179BGP 201
CISCO TYPE 7 REVERSER Cisco Type 7 Reverser. Paste any Cisco IOS "type 7" password string into the form below to retrieve the plaintext value. Type 7 passwords appears as follows in an IOS configuration file. UDLD - PACKETLIFE.NET UDLD. By stretch | Monday, March 7, 2011 at 3:49 a.m. UTC. Unidirectional Link Detection (UDLD) is a Cisco-proprietary layer two protocol devised to automatically detect the loss of bidirectional communication on a link. It is often mentioned in discussion ofROUTE PREFERENCE
2) prefer route sources with the lowest AD. -now we have ONLY the best routes for each prefix in routing table. -and then. If router receive a packet, it looks through the whole routing table (or in CEF case, part of FIB) for longest match. So result is the same, but the order is completely different.ANNOUNCING NETBOX
NetBox is a web application for IPAM and DCIM. Its target audience comprises network engineers, data center techs, and systems administrators. NetBox is written in Python, utilizing the Django framework and a PostgreSQL database. Similar applications include: DHCP SNOOPING AND DYNAMIC ARP INSPECTION DHCP Snooping and Dynamic ARP Inspection. By stretch | Wednesday, August 18, 2010 at 3:01 a.m. UTC. DHCP snooping is a feature which allows a Cisco Catalyst switch to inspect DHCP traffic traversing a layer two segment and track which IP addresses have been assigned to hosts on which switch ports. This information can be handy for general DISABLING DYNAMIC TRUNKING PROTOCOL (DTP) Disabling Dynamic Trunking Protocol (DTP) Cisco's Dynamic Trunking Protocol can facilitate the automatic creation of trunks between two switches. When two connected ports are configured in dynamic mode, and at least one of the ports is configured as desirable, the two switches will negotiate the formation of a trunk across the link. LINK LAYER DISCOVERY PROTOCOL (LLDP) ON A CATALYST 3560 Link Layer Discovery Protocol (LLDP) on a Catalyst 3560. Many network vendors have developed proprietary layer two discovery protocols (e.g. Cisco's CDP, Extreme's EDP, and so on) to help administrators document and troubleshoot physical links. As there is much overlap in the features these protocols provide, an effort was made to develop a PROBABLE REASONS BGP ISN'T INSTALLING A ROUTE Jeroen Roos. November 19, 2008 at 7:30 p.m. UTC. A very useful command for this is "show ip bgp rib-failure", which shows an explanation on why a route which is in the local BGP table (so it is not rejected by a filter) is not installed in the routing table. You can recognize those routes by an 'r' in front of it in the show ip bgp output.* Blog
* Cheat Sheets
* Captures
* Toolbox
* Bookshelf
* About
TEMPLATING DEVICE CONFIGURATIONS TUESDAY, OCTOBER 8, 2019 AT 12:57 P.M. UTC BY STRETCH One of the core functions of network automation is the ability to generate network device configurations from a template. This is a discrete, intentional process which unfortunately is often conflated with the totally separate act of _applying_ a rendered configuration to a device. In this article we'll look at how to establish a template from existing configurations, define and organize variable data, and ultimately render a series of configurations automatically using a simple Python script.WHAT IS A TEMPLATE?
The term _template_ describes any sort of mold or pattern from which new, identical objects can be created. For instance, a cookie cutter is a sort of template that can be used to create an arbitrary number of identically-shaped cookies from a sheet of dough. But in our case, we're inexplicably more interested in creating network device configuration files than baking cookies, and creating wholly identical copies of a file isn't terribly useful, since each network device typically has a handful of unique characteristics such as hostname, authentication credentials, IP addresses, and so on. To address this need to define changing pieces of data within an otherwise unchanging document, we employ _variables_. A variable serves as a placeholder within the template, signifying a particular piece of data that needs to be filled in. The below form is an example of a simple template.Continue reading
15 comments
------------------------- REAL WORLD APIS: SNAGGING A GLOBAL ENTRY INTERVIEW WEDNESDAY, AUGUST 7, 2019 AT 12:19 A.M. UTC BY STRETCH As my new job will have me traveling a bit more often, I finally bit the bullet and signed up for Global Entry (which is similar to TSA PreCheck but works for international travel as well). A few days after submitting my application and payment, I was conditionally approved. The next step was to schedule an “interview,” which is essentially a 10-minute appointment where they ask a few questions and take biometrics. The interview must be done in person at one of relativelyfew CBP locations.
Here in Raleigh, North Carolina, my two closest locations are Richmond and Charlotte. Unfortunately, CBP’s scheduling portal indicated no availability for new appointments at either location. No additional context is provided, so I have no idea whether I should keep trying every few days, or attempt to schedule an appointment at a remote location to coincide withfuture travel.
My only hope at this point is that spots will eventually open up as other applicants cancel their appointments or CBP adds sufficient staff to meet demand. But that means manually logging into the portal, completing two-factor authentication, and checking both of my desired appointment locations each and every time. Sounds like a great use case for automation, doesn’t it?Continue reading
12
comments
-------------------------CONNECTION RESTORED
FRIDAY, AUGUST 2, 2019 AT 12:46 P.M. UTC BY STRETCH I was embarrassed to realize recently that it’s been well over two years since my last blog post. Life has a way of getting away from you, I suppose. But I’ve decided to try and reboot the blog, and hopefully get back to writing regularly. Let me kick things off my sharing what I’ve been up to recently. GOODBYE, DIGITALOCEAN! After nearly five years working at DigitalOcean, I made the difficult decision to part ways with the company. In my time there, I was fortunate to work with an amazing team, and witness the truly amazing evolution of a startup company from niche player to major cloud provider. Most of all, I’m thankful to DigitalOcean for the opportunity my role provided in extending from traditional network engineering into development and automation. I’ll miss working with my DO team, but I’m excited to see where the future will take them. Continue reading 21 comments ------------------------- THREE MONTHS WITH GOOGLE FIBER FRIDAY, JANUARY 6, 2017 AT 2:40 P.M. UTC BY STRETCH I'm one of the lucky few to benefit from Google Fiber's recent expansion into new regions (before they nixed the whole thing).
I've had the service fire three months now and figured I should write up my experience with it thus far.THE INSTALLATION
Google Fiber announced that it would be expanding to the Raleigh-Durham metro area, known locally as "The Triangle", in January 2015. It's been a long game of hurry-up-and-wait since then, watching crews laying fiber all over town without hearing a peep from Google regarding availability. But in the fall of 2016, people were finally able to start signing up for service. Here's how my installation went.SEPTEMBER 3
Google Fiber registration opens! I sign up for service and pay a paltry $10 deposit, which gets credited toward my first bill. Over the next couple weeks, various utilities swing by to mark their lines in the ground. (Here's the color codefor utility
markings in the US, if you're curious.)SEPTEMBER 24
Google's contractor arrives on site to lay fiber from the curb to my house and to many of my neighbors' houses. Surprisingly, they cut my trench by hand, possibly due to the steep incline of my side yard. The outside installers ran a single pair of fiber to a box mounted on the side of my house, with the remainder of the installation to be completed by the indoor tech. (As with Verizon FiOS, only one strand is needed for service.)SEPTEMBER 27
I receive a notification to schedule my installation. Of course, I pick the first available slot: 9:40am on October 3. Continue reading 16comments
------------------------- LEGACY TLS CIPHER SUPPORT IN FIREFOX WEDNESDAY, OCTOBER 12, 2016 AT 5:45 P.M. UTC BY STRETCH After upgrading Firefox recently, I noticed that I could no longer access certain embedded devices via HTTPS. It seems that recent versions of Firefox and Chrome no longer support certain TLS ciphers due to recently discovered vulnerabilities. That's all well and good, except the error returned offers no recourse if you need to connectanyway.
Firefox returns the error SSL_ERROR_NO_CYPHER_OVERLAP with no option to temporarily allow connectivity. (Chrome reports a similar error named ERR_SSL_VERSION_OR_CIPHER_MISMATCH.) Presumably, this choice was made by the developers with the intention of forcing people to upgrade outdated devices. Unfortunately, in order to upgrade an out-of-date device, we typically must first be able to connect to it. I wasted a fair bit of time digging up a solution, so I figured I'd document the workaround here for when I inevitably run into this problem again a year from now and have forgotten what I did.Continue reading
12 comments
------------------------- THE OVERLAY PROBLEM: GETTING IN AND OUT FRIDAY, SEPTEMBER 30, 2016 AT 1:47 P.M. UTC BY STRETCH I've been researching overlay network strategies recently. There are plenty of competing implementations available, employing various encapsulations and control plane designs. But every design I've encountered seems ultimately hampered by the same issue: scalabilityat the edge.
WHY BUILD AN OVERLAY? Imagine a scenario where we've got 2,000 physical servers split across 50 racks. Each server functions as a hypervisor housing on average 100 virtual machines, resulting in a total of approximately 200,000 virtual hosts (~4,000 per rack). In an ideal world, we could allocate a /20 of IPv4 space to each rack. The top-of-rack (ToR) L3 switches in each rack would advertise this /20 northbound toward the network core, resulting in a clean, efficient routing table in the core. This is, of course, how IP was intended to function. Unfortunately, this approach isn't usually viable in the real world because we need to preserve the ability to move a virtual machine from one hypervisor to another (often residing in a different rack) without changing its assigned IP address. Establishing the L3 boundary at the ToR switch prevents us from doing this efficiently.Continue reading
22 comments
------------------------- TAKING THE CCIE LAB IN RTP FRIDAY, JULY 29, 2016 AT 2:13 A.M. UTC BY STRETCH Cisco's campus in Research Triangle Park , North Carolina, is one of only two places in the United States where candidates can complete a CCIE lab exam (the other being in San Jose, California). People fly in from all over the eastern US and beyond to spend a day taking the exam. Lots of folks who've taken the exam have written up their experiences, but I haven't seen many talk at length about their time in RTP outside of Cisco's building 3. I've lived just a few minutes away from the testing site for the past few years, and it occurred to me recently that visitors might benefit from some local knowledge.GETTING HERE
Most people fly in via Raleigh-Durham International Airport (RDU) . RDU is a medium-sized airport with two terminals. Most flights operate out of Terminal 2, except for Southwest Airlines, which is based in the newly-renovated Terminal 1. As airports go, I'm a big fan of RDU. It's a very modern, clean, and well-organized facility. The interior of Terminal 2 is beautifully designed to resemble an early airplane wing and is flooded with natural light during the day. (It's also one of very few places where you can find a Five Guys that serves breakfast.) The TSA folks here tend to be very professional and polite. Wait times in security are rarely long. And this isn't just the biased opinion of a local: in 2014, RDU was ranked among the top ten airports in the US.
Continue reading 7 comments ------------------------- NETBOX V1.1.0 RELEASED THURSDAY, JULY 7, 2016 AT 6:45 P.M. UTC BY STRETCH One year ago today, I made the first commit to a repository named "netbox" hosted internally at DigitalOcean. It was the first iteration of a tiny little app I scratched together using the Django Python framework to track IP prefix utilization. A year later, NetBox has grown into an extensive tool that we use to track IPs, racks, devices, connections, circuits, and even encrypted credentials. And I'm happy to say that it's now opensource!
Continue reading 18comments
-------------------------ANNOUNCING NETBOX
WEDNESDAY, JUNE 15, 2016 AT 1:16 P.M. UTC BY STRETCH UPDATE: NetBox has been released!
Several years ago, I lamented the few options availablefor a
provider-grade IPAM solution. Specifically, I explained why building a custom application would be undesirable: > Could I create a custom IPAM solution with everything we need? Sure! > The problem is that I'm a network engineer, not a programmer (a > natural division of labor which, it seems, is mostly to blame for > the lack of robust IPAM solutions available). Even if I had the time > to undertake such a project, I have little interest in providing > long-term maintenance of it. But I suppose time makes fools of us all. Nearly one year ago, I started developing an IPAM application as part of my day job. Leveraging my experience with the Django Python framework, I had a working proof-of-concept in just a week. Over the next several months, the project grew more mature and began to take on additional roles: data center infrastructure management, circuit tracking, and credentials storage. Today, the tool functions as our "source of truth" for many aspects of our infrastructure. We call it NetBox. Continue reading 29 comments ------------------------- DON'T BE DISCOURAGED BY PLAGIARISTS WEDNESDAY, MARCH 9, 2016 AT 3:28 A.M. UTC BY STRETCH Recently, a friend pointed out that an individual had taken one of mycheat sheets ,
superimposed his own logo and URL on it, and published it as his own work. This is certainly not the first time I've been plagiarized, nor will it be the last, I suspect. I called out the individual on Twitter, and I'm very gratefully for the many people who helped me compel him to remove the illegitimate content. Eventually. I wanted to write a quick post sharing my thoughts on this incident for the benefit of everyone who has expressed interest in starting their own blog or web site. I've heard plenty of people comment over the years to the effect of, "Why bother starting a blog if someone's just going to harvest the RSS feed and re-publish it on their own site to make a few bucks?" Indeed, this has always been a concern among producers of both free and paid content. I wish I could tell you that plagiarism isn't that big a deal, or that it won't happen to you. But the truth is plagiarism is a huge problem in our industry (and across the Internet in general), and if you produce public content you will inevitably have to deal with it.Continue reading
25 comments
-------------------------BLOG SPOTLIGHT
GESTALT IT
STEPHEN FOSKETT, ARJAN TIMMERMANBLOGROLL
Brad Hedlund CCIE or Null!CloudShark
Daniel's Networking Blog Darren's BlogDas Blinken Lichten
Ethereal Mind
Evil Routers
FryGuy's Blog Gestalt ITHacking Cisco
Herding Packets
IPyandy Keeping It
Classless Lindsay HillLoopback Mountain
Mostly Networks
Network Janitor
NetworkStatic
New RFCs
Packet Pushers Roger's CCIE BlogThe Networking Nerd
ipSpace.net
Download OPML for Import* Home
* |
* Blog
* |
* Cheat Sheets
* |
* Captures
* |
* Toolbox
* |
* Bookshelf
* |
* About
MORE COOL STUFF
* networking-forum.com* |
* r/Networking
* |
* Internetworkpro
* |
* firewall.cx
* |
* Network Engineering @ StackExchangeDetails
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0