as you may have read recently I was playing with open source routing protocol packages again. from pure CLI familiarity reasons, I kept myself to FRRouting, which is evolution of Quagga, which itself is evolution of Zebra. and Zebra syntax and CLI is based on Cisco IOS. ...
after last blog on sharing full bgp feed for IPv4, I got a number of interesting questions. given many of you were asking to have also IPv6 available, I decided to extend the project to cover that as well. disclaimer you’re doing this ON YOUR OWN. i’m not responsible for anything on your end and service itself. so if it crashes your router, makes all traffic to follow different paths, or essentially anything that you can’t control - you’re completely on your own. ...
Daniel Dib asked recently on Twitter about BGP convergence time for world wide operations. two hours he got in response from his friend seemed a bit too long. I did recently help to spin up new ASN with new IPv4 prefix (well, both came from second hand, but you get the point) and as far as I could tell, propagation took around 15 minutes maximum. so in the interest of self-education, I started digging. ...
one of the interesting and rarely seen configuration options, is ability to have redundant IPv6 tunnel established from source address tracked by HSRP. if you’re limited by other side of communication - in this example Hurricane Electric - to have only one endpoint of tunnel on your side that’s right tool for task. the way this configuration would work, is that router active in HSRP pair will be the one on which tunnel will be active and forwarding. we’ll be demonstrating this on IPv6 over IPv4 example, but tunnel type doesn’t really matter. ...
recently during casual browsing of WLAN controller i spotted that sometimes users are having problems with receiving responses from DHCP server. i was suprised, as family doesn’t complain - and they’d do that immediately. well, so i went troubleshooting element by element. obviously, switches were primary suspect. why? everything was working, and those DHCP problems were very, very rare - that may mean drops on switch interfaces. Cisco QoS configuration on Catalyst and Nexus switches is far from easy. comparing this however to other vendors… there’s really nothing to compare. on one side you can do whatever you want, on the other side - you can shoot yourself in both foots, stomach and then in the head pretty quickly. just assume, that if you haven’t spent couple of weeks labbing QoS on real hardware - it’s area that you shouldn’t wander alone in unsupervised ;) in very simple terms, either use dedicated GUI for managing campus networks - Cisco DNA Center or stop at either enabling QoS globally (mls qos) or disabling it (no mls qos). ...
update this project is still on, but at different IP. please refer to this updated description. old post below recent thread on nanog@ list got me back to old project that i was thinking about long time ago. and here it is - i just launched free-of-charge, load-your-router-with-full-live-bgp-feed service :) if you’re interested in joining the free project, disregard the information below and jump directly to latest version here disclaimer you’re doing this ON YOUR OWN. i’m not responsible for anything on your end and service itself. so if it crashes your router, makes all traffic to follow different paths, or essentially anything that you can’t control - you’re completely on your own. ...
last post in the series about my home lab resulted in a number of interesting emails in my inbox. i have to admit that i really appreciate words of praise. as well as those with constructive, critical feedback :) so after short description what is connected where and how (see link above), let’s focus now on services. first and foremost - remember it’s “always DNS” ;) so let’s tackle that. ...
while I already mentioned couple of times on this blog, that handling dynamic routing on firewall is asking yourself for unexpected problems, sometimes it’s needed. as Cisco, we don’t normally recommend using ASA or FTD boxes as full table BGP routers. not because they can’t be used in this role, but because we don’t believe it’s a good networking and security practice. here’s example from my home lab testing lab cluster of two ASA 5516-X, running 9.13(1) and getting full BGP feed from my upstream ASR 1001-X router: ...
as you can easily guess, i’m networking geek. my home network was thus built with hacking, not with ‘smallest footprint possible’ in mind. it’s great if you can test your “great” ideas before recommending them to anyone, and of course getting feel of new features is also a plus in this case. so, my first assumption was it has to be fast - fiber. both floors are connected with fiber network, that’s aggregated near front door, in the cloakroom. the room itself is however small, and won’t let me put whole 19" rack there… so we need to haul traffic back to my dedicated server room downstairs (yes, my desk along with server room is located below the ground level, which has its own benefits). ...
my 256GB SSD drive in MacPro 2013 started to fill up recently. i went on short googling to see how to extend it without relying on NAS of course. and i get nice offer. it seems that good people in the internet found a way to interface typical NVMe disk drives with the socket Apple uses. and so i became user of 1TB Samsung SSD drive. that upgrade gave me also speed bump - on encrypted drive transfers shoot up from 500MBbs (reading) and 380MBbs (writing) to 1.3GBps for both reading and writing (disk itself can do 2.5Gbps but PCIe bus in MacPro is limiting factor here). ...