Are you over 18 and want to see adult content?
More Annotations
A complete backup of https://mojtrg.rs
Are you over 18 and want to see adult content?
A complete backup of https://cpl.co.uk
Are you over 18 and want to see adult content?
A complete backup of https://thebeachwaterpark.com
Are you over 18 and want to see adult content?
A complete backup of https://naturalhydrationcouncil.org.uk
Are you over 18 and want to see adult content?
A complete backup of https://nancy.fr
Are you over 18 and want to see adult content?
A complete backup of https://jazztimes.com
Are you over 18 and want to see adult content?
A complete backup of https://dk3wn.info
Are you over 18 and want to see adult content?
A complete backup of https://eplconcursos.com.br
Are you over 18 and want to see adult content?
A complete backup of https://gst.com.cn
Are you over 18 and want to see adult content?
A complete backup of https://zazenlife.com
Are you over 18 and want to see adult content?
A complete backup of https://boss-sochi.ru
Are you over 18 and want to see adult content?
A complete backup of https://commercialistatelematico.com
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of vanburendriveintheatre.com
Are you over 18 and want to see adult content?
A complete backup of nichesiteproject.com
Are you over 18 and want to see adult content?
A complete backup of slowfoodwesternslope.org
Are you over 18 and want to see adult content?
A complete backup of sensoflooring.com.au
Are you over 18 and want to see adult content?
A complete backup of schuldenberatung.at
Are you over 18 and want to see adult content?
A complete backup of victoryproductions.org
Are you over 18 and want to see adult content?
Text
ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. NETWORK DESIGN PROJECT INITIAL QUESTIONS 2. Desired characteristics and capabilities. What is the current state of the network (baseline), to compare after the implementation of the new design? Are there any documentation available, features in use, versions, is standardization consistent? What is the financial investment (cost/budget, cost-benefit analysis) x desired business CHECK POINT CCSA NOTES SOME BASIC EEM APPLETS Some basic EEM applets. Below you will find some very basic Cisco IOS EEM applets which can be used as a module in more complex applets, such as configuration wizards. Obviously, EEM applets are able to be implemented for many automation use cases; i.e. monitoring SLA/tracks, making actions based on syslog patterns, re-configuring route-maps CISCO DCI DESIGN & IMPLEMENTATION The Catalyst 6500s deployed at the DCI Layer in each of the two data centers have similar hardware deployments, as listed below: VS-S720-10G-3C. WS-X6708-10G-3C. As mentioned, the links between the VSS pairs in each data center are 10 Gigabit Ethernet, and bundledinto a MEC.
HOWTO : LOGGING TO TERMINAL ON JUNOS HowTo : Logging to terminal on JunOS. In Cisco IOS, if you had logging configured, by default you could see logs on console, or using terminal monitor with a terminal connection. It’s almost the same with JunOS. You have to get your logging parameters configured and then entering monitor start LOG_FILENAME. moghaddas@ebay-de-core-srx1>show
SIMPLE HOW-TO FOR BIRD ROUTING Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency. ENTERPRISE CORE ROUTING DESIGN MODELS WITH BGP DCI L2 EXTENSION BETWEEN REMOTE DCS DCI LAN Extension for VMware VMotion. MEC is the easiest solution with which to deploy redundant Layer 2 links. It can be implemented with either the Cisco Nexus 7000 Series vPC or the Cisco Catalyst 6500 Series VSS. Cisco specifically recommends MEC for metropolitan area network (MAN) distances between remote sites where theinterconnections
DETERMINE CHECKPOINT MODEL FROM CLI How to determine a Checkpoint device model via CLI. Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency.ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. NETWORK DESIGN PROJECT INITIAL QUESTIONS 2. Desired characteristics and capabilities. What is the current state of the network (baseline), to compare after the implementation of the new design? Are there any documentation available, features in use, versions, is standardization consistent? What is the financial investment (cost/budget, cost-benefit analysis) x desired business CHECK POINT CCSA NOTES SOME BASIC EEM APPLETS Some basic EEM applets. Below you will find some very basic Cisco IOS EEM applets which can be used as a module in more complex applets, such as configuration wizards. Obviously, EEM applets are able to be implemented for many automation use cases; i.e. monitoring SLA/tracks, making actions based on syslog patterns, re-configuring route-maps CISCO DCI DESIGN & IMPLEMENTATION The Catalyst 6500s deployed at the DCI Layer in each of the two data centers have similar hardware deployments, as listed below: VS-S720-10G-3C. WS-X6708-10G-3C. As mentioned, the links between the VSS pairs in each data center are 10 Gigabit Ethernet, and bundledinto a MEC.
HOWTO : LOGGING TO TERMINAL ON JUNOS HowTo : Logging to terminal on JunOS. In Cisco IOS, if you had logging configured, by default you could see logs on console, or using terminal monitor with a terminal connection. It’s almost the same with JunOS. You have to get your logging parameters configured and then entering monitor start LOG_FILENAME. moghaddas@ebay-de-core-srx1>show
SIMPLE HOW-TO FOR BIRD ROUTING Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency. ENTERPRISE CORE ROUTING DESIGN MODELS WITH BGP DCI L2 EXTENSION BETWEEN REMOTE DCS DCI LAN Extension for VMware VMotion. MEC is the easiest solution with which to deploy redundant Layer 2 links. It can be implemented with either the Cisco Nexus 7000 Series vPC or the Cisco Catalyst 6500 Series VSS. Cisco specifically recommends MEC for metropolitan area network (MAN) distances between remote sites where theinterconnections
DETERMINE CHECKPOINT MODEL FROM CLI How to determine a Checkpoint device model via CLI. Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency.ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. A BRIEF INTRODUCTION TO FABRICPATH A brief introduction to FabricPath. FabricPath is a technology which combines the benefits of Routing protocols, here will be Intermediate-System-to-Intermediate-System (IS-IS), and Layer 2 Network Ethernet environments. To list some of FabricPath advantages: No spanning-tree anymore, hurray! Each switch will have its own viewof Layer 2
CHECK POINT CCSE NOTES Check Point Security Gateway classifies VPN sources in two categories with respective DoS protection mechanisms: Identified: an allowed source machine/IP; the gateway by default requires the peer to respond to an IKE notification in a way that proves that the IP address of the peer is not spoofed. TOR & EOR DATA CENTER DESIGNS One significant drawback of the Top of Rack design is the increased management domain with each rack switch being a unique control plane instance that must be managed.. For example, in a data center with 40 racks, where each rack contained (2) “Top of Rack” switches, the result would be 80 switches on the floor just providing server access connections (not counting distribution and core MPLS FUNDAMENTALS: 3 show mpls ldp neighbor detail mpls ldp discovery transport-address {interface | ip-address}. When a router has multiple links toward another LDP router, the same transport address must be advertised on all the parallel links that use the same label space. When the per-platform label space is the only label space used between a pair of LSRs, one LDP session suffices. MPLS FUNDAMENTALS: 5 MPLS Fundamentals: 5 – MPLS-VPN. Most popular were Frame Relay or ATM technologies, providing VPN service at Layer 2. The provider had a Frame Relay or ATM backbone and supplied Layer 2 connectivity to the customer routers. This was commonly referred to as the overlay model. The service provider might have actually owned or managed the edge MPLS FUNDAMENTALS: 6 MPLS Fundamentals: 6 – MPLS TE. The role of TE is to get the traffic from edge to edge in the network in the most optimal way. MPLS TE takes into account the configured (static) bandwidth of links. MPLS TE takes link attributes into account (for instance, delay, jitter). MPLS TE adapts automatically to changing bandwidth and link attributes.IPV6 SUBNETTING
Each character in an IPv6 address represents 4 bits (a nibble). Since 0xF is 1111 in binary, it’s easy to fall back into an IPv4 habit and forget that 0x11 is actually 0001 0001 in binary. 2.) Each IPv6 set represent 16 bits (4 characters at 4 bits each). Keeping this in mind can make breaking up subnets a DO YOU NEED AN IT CERTIFICATION? A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. DRBD WITH CLUSTER FILE SYSTEM ON DEBIAN JESSIE DRBD ® refers to block devices designed as a building block to form highly available (HA) clusters. This is done by mirroring a whole block device via an assigned network. DRBD can be understood as a network based raid-1. OCFS2 is a general-purpose, shared-disk, clustered filesystem for Linux, which is capable of providing bothhigh
ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. NETWORK DESIGN PROJECT INITIAL QUESTIONS 2. Desired characteristics and capabilities. What is the current state of the network (baseline), to compare after the implementation of the new design? Are there any documentation available, features in use, versions, is standardization consistent? What is the financial investment (cost/budget, cost-benefit analysis) x desired business SOME BASIC EEM APPLETS Some basic EEM applets. Below you will find some very basic Cisco IOS EEM applets which can be used as a module in more complex applets, such as configuration wizards. Obviously, EEM applets are able to be implemented for many automation use cases; i.e. monitoring SLA/tracks, making actions based on syslog patterns, re-configuring route-maps CISCO DCI DESIGN & IMPLEMENTATION The Catalyst 6500s deployed at the DCI Layer in each of the two data centers have similar hardware deployments, as listed below: VS-S720-10G-3C. WS-X6708-10G-3C. As mentioned, the links between the VSS pairs in each data center are 10 Gigabit Ethernet, and bundledinto a MEC.
HOWTO : LOGGING TO TERMINAL ON JUNOS HowTo : Logging to terminal on JunOS. In Cisco IOS, if you had logging configured, by default you could see logs on console, or using terminal monitor with a terminal connection. It’s almost the same with JunOS. You have to get your logging parameters configured and then entering monitor start LOG_FILENAME. moghaddas@ebay-de-core-srx1>show
CHECK POINT CCSA NOTES SIMPLE HOW-TO FOR BIRD ROUTING Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency. ENTERPRISE CORE ROUTING DESIGN MODELS WITH BGP DCI L2 EXTENSION BETWEEN REMOTE DCS DCI LAN Extension for VMware VMotion. MEC is the easiest solution with which to deploy redundant Layer 2 links. It can be implemented with either the Cisco Nexus 7000 Series vPC or the Cisco Catalyst 6500 Series VSS. Cisco specifically recommends MEC for metropolitan area network (MAN) distances between remote sites where theinterconnections
DETERMINE CHECKPOINT MODEL FROM CLI How to determine a Checkpoint device model via CLI. Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency.ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. NETWORK DESIGN PROJECT INITIAL QUESTIONS 2. Desired characteristics and capabilities. What is the current state of the network (baseline), to compare after the implementation of the new design? Are there any documentation available, features in use, versions, is standardization consistent? What is the financial investment (cost/budget, cost-benefit analysis) x desired business SOME BASIC EEM APPLETS Some basic EEM applets. Below you will find some very basic Cisco IOS EEM applets which can be used as a module in more complex applets, such as configuration wizards. Obviously, EEM applets are able to be implemented for many automation use cases; i.e. monitoring SLA/tracks, making actions based on syslog patterns, re-configuring route-maps CISCO DCI DESIGN & IMPLEMENTATION The Catalyst 6500s deployed at the DCI Layer in each of the two data centers have similar hardware deployments, as listed below: VS-S720-10G-3C. WS-X6708-10G-3C. As mentioned, the links between the VSS pairs in each data center are 10 Gigabit Ethernet, and bundledinto a MEC.
HOWTO : LOGGING TO TERMINAL ON JUNOS HowTo : Logging to terminal on JunOS. In Cisco IOS, if you had logging configured, by default you could see logs on console, or using terminal monitor with a terminal connection. It’s almost the same with JunOS. You have to get your logging parameters configured and then entering monitor start LOG_FILENAME. moghaddas@ebay-de-core-srx1>show
CHECK POINT CCSA NOTES SIMPLE HOW-TO FOR BIRD ROUTING Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency. ENTERPRISE CORE ROUTING DESIGN MODELS WITH BGP DCI L2 EXTENSION BETWEEN REMOTE DCS DCI LAN Extension for VMware VMotion. MEC is the easiest solution with which to deploy redundant Layer 2 links. It can be implemented with either the Cisco Nexus 7000 Series vPC or the Cisco Catalyst 6500 Series VSS. Cisco specifically recommends MEC for metropolitan area network (MAN) distances between remote sites where theinterconnections
DETERMINE CHECKPOINT MODEL FROM CLI How to determine a Checkpoint device model via CLI. Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency.ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. TOR & EOR DATA CENTER DESIGNS One significant drawback of the Top of Rack design is the increased management domain with each rack switch being a unique control plane instance that must be managed.. For example, in a data center with 40 racks, where each rack contained (2) “Top of Rack” switches, the result would be 80 switches on the floor just providing server access connections (not counting distribution and core A BRIEF INTRODUCTION TO FABRICPATH A brief introduction to FabricPath. FabricPath is a technology which combines the benefits of Routing protocols, here will be Intermediate-System-to-Intermediate-System (IS-IS), and Layer 2 Network Ethernet environments. To list some of FabricPath advantages: No spanning-tree anymore, hurray! Each switch will have its own viewof Layer 2
CHECK POINT CCSE NOTES Check Point Security Gateway classifies VPN sources in two categories with respective DoS protection mechanisms: Identified: an allowed source machine/IP; the gateway by default requires the peer to respond to an IKE notification in a way that proves that the IP address of the peer is not spoofed. MPLS FUNDAMENTALS: 5 MPLS Fundamentals: 5 – MPLS-VPN. Most popular were Frame Relay or ATM technologies, providing VPN service at Layer 2. The provider had a Frame Relay or ATM backbone and supplied Layer 2 connectivity to the customer routers. This was commonly referred to as the overlay model. The service provider might have actually owned or managed the edge MPLS FUNDAMENTALS: 3 show mpls ldp neighbor detail mpls ldp discovery transport-address {interface | ip-address}. When a router has multiple links toward another LDP router, the same transport address must be advertised on all the parallel links that use the same label space. When the per-platform label space is the only label space used between a pair of LSRs, one LDP session suffices.IPV6 SUBNETTING
Each character in an IPv6 address represents 4 bits (a nibble). Since 0xF is 1111 in binary, it’s easy to fall back into an IPv4 habit and forget that 0x11 is actually 0001 0001 in binary. 2.) Each IPv6 set represent 16 bits (4 characters at 4 bits each). Keeping this in mind can make breaking up subnets a MPLS FUNDAMENTALS: 6 MPLS Fundamentals: 6 – MPLS TE. The role of TE is to get the traffic from edge to edge in the network in the most optimal way. MPLS TE takes into account the configured (static) bandwidth of links. MPLS TE takes link attributes into account (for instance, delay, jitter). MPLS TE adapts automatically to changing bandwidth and link attributes. DO YOU NEED AN IT CERTIFICATION? A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. DRBD WITH CLUSTER FILE SYSTEM ON DEBIAN JESSIE DRBD ® refers to block devices designed as a building block to form highly available (HA) clusters. This is done by mirroring a whole block device via an assigned network. DRBD can be understood as a network based raid-1. OCFS2 is a general-purpose, shared-disk, clustered filesystem for Linux, which is capable of providing bothhigh
ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. SOME BASIC EEM APPLETS Some basic EEM applets. Below you will find some very basic Cisco IOS EEM applets which can be used as a module in more complex applets, such as configuration wizards. Obviously, EEM applets are able to be implemented for many automation use cases; i.e. monitoring SLA/tracks, making actions based on syslog patterns, re-configuring route-maps NETWORK DESIGN PROJECT INITIAL QUESTIONS 2. Desired characteristics and capabilities. What is the current state of the network (baseline), to compare after the implementation of the new design? Are there any documentation available, features in use, versions, is standardization consistent? What is the financial investment (cost/budget, cost-benefit analysis) x desired business CISCO DCI DESIGN & IMPLEMENTATION The Catalyst 6500s deployed at the DCI Layer in each of the two data centers have similar hardware deployments, as listed below: VS-S720-10G-3C. WS-X6708-10G-3C. As mentioned, the links between the VSS pairs in each data center are 10 Gigabit Ethernet, and bundledinto a MEC.
HOWTO : LOGGING TO TERMINAL ON JUNOS HowTo : Logging to terminal on JunOS. In Cisco IOS, if you had logging configured, by default you could see logs on console, or using terminal monitor with a terminal connection. It’s almost the same with JunOS. You have to get your logging parameters configured and then entering monitor start LOG_FILENAME. moghaddas@ebay-de-core-srx1>show
CHECK POINT CCSA NOTES A BRIEF INTRODUCTION TO FABRICPATH A brief introduction to FabricPath. FabricPath is a technology which combines the benefits of Routing protocols, here will be Intermediate-System-to-Intermediate-System (IS-IS), and Layer 2 Network Ethernet environments. To list some of FabricPath advantages: No spanning-tree anymore, hurray! Each switch will have its own viewof Layer 2
SIMPLE HOW-TO FOR BIRD ROUTING Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency. DCI L2 EXTENSION BETWEEN REMOTE DCS DCI LAN Extension for VMware VMotion. MEC is the easiest solution with which to deploy redundant Layer 2 links. It can be implemented with either the Cisco Nexus 7000 Series vPC or the Cisco Catalyst 6500 Series VSS. Cisco specifically recommends MEC for metropolitan area network (MAN) distances between remote sites where theinterconnections
DETERMINE CHECKPOINT MODEL FROM CLI How to determine a Checkpoint device model via CLI. Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency.ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. SOME BASIC EEM APPLETS Some basic EEM applets. Below you will find some very basic Cisco IOS EEM applets which can be used as a module in more complex applets, such as configuration wizards. Obviously, EEM applets are able to be implemented for many automation use cases; i.e. monitoring SLA/tracks, making actions based on syslog patterns, re-configuring route-maps NETWORK DESIGN PROJECT INITIAL QUESTIONS 2. Desired characteristics and capabilities. What is the current state of the network (baseline), to compare after the implementation of the new design? Are there any documentation available, features in use, versions, is standardization consistent? What is the financial investment (cost/budget, cost-benefit analysis) x desired business CISCO DCI DESIGN & IMPLEMENTATION The Catalyst 6500s deployed at the DCI Layer in each of the two data centers have similar hardware deployments, as listed below: VS-S720-10G-3C. WS-X6708-10G-3C. As mentioned, the links between the VSS pairs in each data center are 10 Gigabit Ethernet, and bundledinto a MEC.
HOWTO : LOGGING TO TERMINAL ON JUNOS HowTo : Logging to terminal on JunOS. In Cisco IOS, if you had logging configured, by default you could see logs on console, or using terminal monitor with a terminal connection. It’s almost the same with JunOS. You have to get your logging parameters configured and then entering monitor start LOG_FILENAME. moghaddas@ebay-de-core-srx1>show
CHECK POINT CCSA NOTES A BRIEF INTRODUCTION TO FABRICPATH A brief introduction to FabricPath. FabricPath is a technology which combines the benefits of Routing protocols, here will be Intermediate-System-to-Intermediate-System (IS-IS), and Layer 2 Network Ethernet environments. To list some of FabricPath advantages: No spanning-tree anymore, hurray! Each switch will have its own viewof Layer 2
SIMPLE HOW-TO FOR BIRD ROUTING Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency. DCI L2 EXTENSION BETWEEN REMOTE DCS DCI LAN Extension for VMware VMotion. MEC is the easiest solution with which to deploy redundant Layer 2 links. It can be implemented with either the Cisco Nexus 7000 Series vPC or the Cisco Catalyst 6500 Series VSS. Cisco specifically recommends MEC for metropolitan area network (MAN) distances between remote sites where theinterconnections
DETERMINE CHECKPOINT MODEL FROM CLI How to determine a Checkpoint device model via CLI. Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency.ABOUT NETWORKS!
A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi, who is the Principal Network Architect at LinkedIn and another time with Hosein Khosravi who is a successful instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. TOR & EOR DATA CENTER DESIGNS One significant drawback of the Top of Rack design is the increased management domain with each rack switch being a unique control plane instance that must be managed.. For example, in a data center with 40 racks, where each rack contained (2) “Top of Rack” switches, the result would be 80 switches on the floor just providing server access connections (not counting distribution and core A BRIEF INTRODUCTION TO FABRICPATH A brief introduction to FabricPath. FabricPath is a technology which combines the benefits of Routing protocols, here will be Intermediate-System-to-Intermediate-System (IS-IS), and Layer 2 Network Ethernet environments. To list some of FabricPath advantages: No spanning-tree anymore, hurray! Each switch will have its own viewof Layer 2
OSPFV2 IN NX-OS
OSPFv2 for Cisco NX-OS complies with RFC 2328. Use the rfc1583compatibility command in router configuration mode if your network includes routers that support only RFC 1583. You must configure RFC 1583 compatibility on any VRF that connects to routers running only RFC1583 compatible OSPF. Reference bandwidth for link cost calculation. 40 Gb/s. DETERMINE CHECKPOINT MODEL FROM CLI How to determine a Checkpoint device model via CLI. Author: Mo Moghaddas Yet another full-time traveler, casually investing in hopes and ideas solving problems or making life easier, landscape photographing as a hobby, and enthusiastic about Blockchain/Cryptocurrency. ENTERPRISE CORE ROUTING DESIGN MODELS WITH BGP Reading through the well-written CCDE Study Guide book by Marwan Al-shawi, came to a section about having BGP as the Enterprise Core Routing Protocol and its possible Design models. To make it a little bit brighter to myself, I’m gonna explain them in a different way with different diagrams and matrix based on my own design experiencewith these models.
شبکه ها!
به عنوان یک مدیر شبکه نیاز است تا برای مدیریت و خطایابی ساختار، با ابزارهای مختلفی آشنایی داشته باشید. در دنیای شبکه، ابزارهای متفاوتی برای خطایابی وجود دارند که در میان آنها ping و tacerouteاز
سفر به اعماق پروتکل های مسیریابی: DISTANCE VECTOR ها (۲TRANSLATE THIS PAGE سلام به همه ی مهندسين گرامی. در اين قسمت سعی داريم تا با هم بررسی کنيم که پروتکل های مسیریابی Distance Vector برای حل مشکلاتی که در پايان قسمت قبل مطرح کرديم، چه راهکارهايی رو به کار می برند.. اگر از قسمت قبل به یاد داشتهباشید
صفحه میل پوئت عالیه! یک ایمیل جهت تایید عضویت شما براتون ارسال شده. لطفاً ایمیل رو چک کنین و روی لینک تایید کلیک کنین.شبکه ها!
پیرو حملات DDoS در ایران و رویداد #سوارابرها، بارها دیدهشده افرادی که خیلی هم در حوزهی خودشون متخصص هستن، در تفاوت خدمت DDoS Protection برای سرویسهای IaaS که از منظر شبکه بصورت Unicast ارائه میشه، با نحوهی DDoS Protection برای سرویسSkip to content
ABOUT NETWORKS!
Sketches of IP, Routing, Internet, Security and Life!Menu
* Who am I?
* networks in Persian* Let’s talk :)
* Foursquare
* Google+
* Spotify
* Feed
GOOD READ: DO YOU BLOCK ICMP AT ALL PLACES IN NETWORK? If your answer is Yes, or you believe that blocking ICMP increases security, then please give some second thoughts for the poor support guy who gets called at 2 A.M. and needs to ping some hosts to ensurereachability….
THE PROBLEM
Many network administrators feel that ICMP is a security risk, and should therefore always be blocked at the firewall. It is true that ICMP does have some security issues associated with it, and that a lot of ICMP should be blocked. But this is no reason to block all ICMPtraffic!
ICMP has many important features; some are useful for troubleshooting, while some are essential for a network to function correctly. Here are details of some of the important ICMP traffic that you should know about, and consider allowing through your network. Read the full article at http://shouldiblockicmp.com/Share this!
Author Mo Moghaddas Postedon January 13, 2017
Categories Good read, Network Security
Tags ICMP
, Network ComplexityLeave a comment on
Good read: Do you block ICMP at all places in Network? GOOD READ: MONEY WELL SPENT?? A Short Story for Engineers _You don’t have to be an engineer to appreciate this story._ A toothpaste factory had a problem: Due to the way the production line was set up, sometimes empty boxes were shipped without the tube inside. People with experience in designing production lines will tell you how difficult it is to have everything happen with timings so precise that every single unit coming off of it is perfect 100% of the time. Small variations in the environment (which cannot be controlled in a cost-effective fashion) mean quality assurance checks must be smartly distributed across the production line so that customers all the way down to the supermarket won’t get frustrated and purchase another product instead. Understanding how important that was, the CEO of the toothpaste factory gathered the top people in the company together. Since their own engineering department was already stretched too thin, they decided to hire an external engineering company to solve their empty boxes problem. Continue reading “Good read: Money well spent??”Share this!
Author Mo Moghaddas Posted on July 14, 2016June 25, 2017Format Quote
Categories Good readTags engineering
, mindset
, rethinking
2 Comments on Good read: Moneywell spent??
WHY SSL INSPECTION MATTERS? Having SSL Inspection has been always a matter of IT and Organisationfight.
In an architecture project, the only objection to my design was SSL Inspection and I had to bring some convincing reasons for that. First of all, without SSL Inspection, basically there is zero visibility into what’s happening inside an encrypted traffic like HTTPS, SMTPS, POP3S, etc. Just imagine an attacker popping a machine, tunneling command and control via a HTTPS tunnel. Or an unfortunate employee, exposing confidential data by uploading them to some random cloud service… 0 visibility! Second business driver I can think of is related to Data Loss Prevention; If a breach is detected tomorrow, there’s hardly any ways to detect what has been lost. Benefits aside, a noteworthy drawback to SSL Inspection would be administrative overhead; you should distribute the CA cert to all nodes. That being said, in case of a Directory environment like Microsoft AD, it’s not a big deal, although Linux machines or some browsers need special configuration; beside, some web applications have to be excluded from inspection, mainly the onesutilizing Java.
> Not really a drawback, but the administrators should be liable and > trusted as they can _easily_ intercept the traffic, unencrypted. > This not only applies to the Proxy admins, but to a Mail admin, > System admin, etc; which makes it an HR matter. > Note that any product which does MITM has the opportunity to expose > data, and so its admins. Here, YOU HAVE TO SEE THE TRADEOFF; I believe the gained visibilityworths it!
Sometimes CxOs might say that SSL is sacred! Yes, it is, but they have to decide how sacred they want SSL to be versus how interested they are in what information might be leaving the environment without authorization; or how much malware command and control (C&C) they
might want quietly going out via SSL without being torn open forinspection.
Note that you have to design a way that all egress web traffic (both users and servers) must be ENFORCED TO GO THROUGH THE PROXY, otherwise the whole proxy plan is pointless. Besides, you have to follow some practices: * Know the business and business processes and demands. Every sector has its own limitations or requirements where might be against SSLinspection.
* Plan some whitelisting policies to disable inspection in specificcases where needed.
* Know your traffic and the percentage of encrypted requests. * Make sure that your appliance supports the amount of traffic; SSL Inspection means decrypting the connection, inspecting it and thenre-encrypting it.
_P.S. Yes, my drawing skills are awful! ?_Share this!
Author Mo Moghaddas Posted on June 29, 2016October 15, 2017Categories Design
, Network Security
Tags Data Loss
Prevention ,
decryption , DLP
, encryption
, inspection
, proxy
, SSL
2 Comments on Why SSL Inspectionmatters?
DO YOU NEED AN IT CERTIFICATION? A couple of times in recent days I had the discussion of Certifications with two friends, once with Shawn Zandi , who is the Principal Network Architect at LinkedIn and another time with Hosein Khosraviwho is a successful
instructor and engineer! I thought that it might be a good idea to blog on this topic with my own words and the conclusion of my own experience till now. > DISCLAIMER: I’m neither against nor with certifications. I’m > not telling you to be certified or not; I’m not devaluing people > who have made legit efforts to get certified and totally respect > them and their achievement. > I’m just looking at it from my own perspective. You can find lots of posts on this topic in the Internet from all the experts. Usually you’ll find two types of answers; the “marketing” and the honest ones! You can detect the marketing persuasion by phrases like: * You have to be certified to be hired! * You have to be certified as an indication of your knowledge andexpertise!
* This certification guarantees your job! * This is the most valuable certification on the market! * Your earnings will boom! * Holders of this certification get paid the most! Well, they could be true, but only _to_ _some extent_; but I believe less than 10% of the time! I’m not saying neither certification is bad nor it is good. Let me dig deeper into it. Basically, achieving a certification means that you have put enough efforts and dedication to pass an exam. That’s great,congratulations!
Similarly, earning a University mainly means that you have been agood learner.
First, I’ve to admit that STICKING TO A PLAN FOR A CERTIFICATION COULD BRING DEDICATION INTO YOUR STUDIES. Personally, I’ve also many times started to gain knowledge about a concept by following a certification path; but that should never be an end and boundary tograsp a technology!
Have in mind that the reality is usually different from exams. Exams usually teach you the techniques but not the tactics. You’ve to be prepared for the complexities and harsh situations; you’ve to be able to manage your time, keep pace with new technologies, use them to make your work more efficient and play a part in connecting people and services! Besides, You should be able to network with people and learn how to discuss your ideas and present yourself. Be curious and find the original idea behind a thing; i.e. was there a problem out there that made engineers to create that protocol? Did itsolve their issue?
Imagine yourself in different situations and scenarios; then challenge your creativity to propose something. This is a bestpractice!
Read the standards and scrutinize the concepts in detail; google and read what others say about the concept; think out of the box and try to figure out other possibilities; dig the RFCs deep and even maybe you can contribute to one! Again, studying and learning is always good, whatever the reason is. Just you should be cautious of not getting bound to a vendor. Get to know what’s going on around, know the market and today’s business need; read, read and read and make some educated guesses for the future! Have in mind that the half-life of IT skills is less than 2years
.
You should be fast otherwise you’ll be left behind. So, I believe the honest and truthful answer is that, you have to earn the knowledge by DEDICATION, HARD WORK, EXPERIENCE, CURIOSITY and CREATIVITY. A vendor’s certification can’t be a good measure of someone’s knowledge in the IT era today; you’re not bound to vendors anymore; at the end of the day we’re going to live in the IoT and SDN world. (Yeah, they’re the new fancy words) YOU SHOULD ADD VALUE TO THE CERTIFICATE; NOT THE CERTIFICATE TO YOU! If you’re confident of having the knowledge, and you’re able to discuss and demonstrate your skills, then you’re at it! Don’t panic and let your expertise talk for itself. A good approach could be to become certified when it’s needed; yes, sometimes vendor partners need certified people for specific projects to get discounts and support contracts; I call it a practical approach. This brings a win-win result. You get the knowledge, certification, and money. It’s not a vendor to approve If you’re an engineer, architect, consultant, etc.; IT’S YOU AND YOUR KNOWLEDGE! From all the articles out there, Russ White has done a great job writing on this and related topics; I totally recommend reading the posts below: * Why I Support Certifications * Degree vs. Certification * Cultivate questionsShare this!
Author Mo Moghaddas Posted on February 22, 2016August 2, 2016 Categories Other thingsTags certification
, certified
, degree-vs-certification, neutrality
, vendor neutral
2 Comments on Do you need an IT Certification? ENTERPRISE CORE ROUTING DESIGN MODELS WITH BGP Reading through the well-written CCDE Study Guidebook
by Marwan Al-shawi , came to a section about having BGP AS THE ENTERPRISE CORE ROUTING PROTOCOL and its possible Design models. To make it a little bit brighter to myself, I’m gonna explain them in a different way with different diagrams and matrix based on my own design experience with these models. > DISCLAIMER: Please have in mind that the number of routers drawn, > doesn’t reflect the reality of the design, and is just been this > way for the sake of simplicity; obviously there would be redundant > routers in real World, and also the Core could span different PoPs. > Besides, the bigger border routers could reflect two separate ones, > one on Core, and one on Branch side.DESIGN MODEL 1
This model is suitable when least Administrative Domain Control is required; though it still overcomes an end-to-end IGP design, providing better management between remote campuses. > Core IGP is mainly used to provide Next-hop reachability for iBGP > speakers. Please note that this is applicable to all models where > iBGP is used in the Core. The downside to this design is moderate operation complexity; which could arise i.e. by IGP-into-BGP Redistribution and iBGP full-mesh/RR/Confederation management in the Core. Continue reading “Enterprise Core Routing Design Models with BGP”Share this!
Author Mo Moghaddas Posted on January 29, 2016March 9, 2018Categories
BGP , CCDE
, Design
, Routing
Tags eBGP
, iBGP
, IGP
, MPLS
, MPLS-VPN
Leave a comment on Enterprise Core Routing Design Models with BGPPOSTS NAVIGATION
Page 1 Page 2 … Page 14Next page
140 CHARACTERS!
My Tweets
LET’S CONNECT!
RECENT POSTS
* Good read: Do you block ICMP at all places in Network? * Good read: Money well spent?? * Why SSL Inspection matters? * Do you need an IT Certification? * Enterprise Core Routing Design Models with BGP * Check Point CCSE Notes * Some basic EEM applets * Network Design Project Initial Questions * Check Point CCSA Notes * DRBD with Cluster File System on Debian Jessie * Cisco ACI – 2 – Provisioning a fabric * Determine Checkpoint model from CLI * A brief introduction to FabricPath * Cisco ACI – 1 – High level architecture overview * Typical access-list on edge router * BGP – Controlling the Entry Point (HLD) * Advanced Cisco BGP features: Selective Next-hop * Advanced Cisco BGP features: NSF * Advanced Cisco BGP features: BFD * Internet routing table and damping on JunOSCATEGORIES
* CCDE
* CCIE
* CCIE R&S
* CCIE Security
* Configuration
* Juniper
* Data Center
* Design
* Good read
* Linux
* Network Security
* Other things
* Routing
* BGP
* MPLS
* OSPF
* Switching
MOST USED:
* AS-path
* attribute
* book notes
* CEF
* channel-group
* Check Point
* checkpoint
* cloud
* Etherchannel
* fabric
* FEC
* filtering
* firewall
* forwarding
* GAiA
* ha
* high-availability
* howto
* IGP
* junos
* LDP
* load-balancing
* load-sharing
* LSA
* LSR
* MED
* MPLS-VPN
* MPLS fundamentals
* nexus
* NSF
* OSPF
* policy
* prefix-list
* QoS
* script
* SecurePlatform
* service-policy
* spanning-tree
* SPLAT
* SSO
* switchport
* terminal
* VLAN
* vPC
* VRF
* Who am I?
* networks in Persian* Let’s talk :)
* Foursquare
* Google+
* Spotify
* Feed
about Networks! Privacy Policy Proudly powered by WordPressDetails
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0