Making fiber optic link with 100 Gb/s optics, you have to consider FEC (Forward error correction) Connection with different vendors can cause some issues with. In this case we discuss about making a 100Gb/s link between Arista Switch and Checkpoint firewall. The error correction under the 2 vendors are different and thankfully on Arista is possibly specify how we would …
VoIP – Cisco Phones behind a FIREWALL
When you have to protect your VoIP CallManager in a secure zone of your lan you have to face two problem: SIP and NAT. In our case we handle voip sessions through firewall by configuring an ACL with TCP/UDP port_set. For internal resources, we don’t use NAT mode, here you have the ports from phones to CM: Destinaton port Description …
The fairy tale of the VLAN internal allocation policy
Once upon a time there was a Cisco switch called CatOS, it had the power to transform its ports into a layer3 links, But it had a secret … vlan tale …and yes the secret is this: This conf command! You can find him in CatOS and on more recent IOS Cisco firmware. When we configure a routed-port on a …
FortiAnalyzer a.k.a. FAZ – “No Data” issue
After upgraded to FAZ firmware version to FortiAnalyzer_6.0.5 you can experience a “No Data” visualization problem in FortiView analytics functions. One of the most popular features of the FAZ is the FortiView information aggregator that allows the SOC a general overview of the security status of its network.In fact, in the dashboard where the “No data” problem may exist you …
iPerf3
When you release an ip connectivity the most last important step is TEST, STRESS and TRY-OUT the new line based on customer requirements. There are many tools and blackboxes on the market especially if you need to test 1,10, 40 or 100 Gbps links. We use iPerf3 a great tool for active measurements with a various set of parameters like: …
Using cURL to troubleshoot TLS and SSL
curl is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP,HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command isdesigned to work without user interaction.curl offers a busload of useful tricks like proxy support, user authentication, …
Autotelnet
Today I will show you how I built a simple script to automate telnet connections. Sometimes I had to troubleshoot network issues and chase problems on many devices starting from the output on a log file. At each IP corresponding to a network device that I show up in the logs, I had to open a terminal, type in the …
BGP AS-PATH prepending
AS-PATH prepending stand for announce my prefix with a low priority. This technique, in a multihomed BGP scenario, it is used to lighten the traffic coming from a peer. The BGP route selection process prefer prefix with a short AS-PATH instead a long AS-PATH. FIRST create an ACL to select your source prefix the traffic to prepend: SECOND create a …
SpaceX – Good Luck Doug&Bob
Infos: https://it.wikipedia.org/wiki/SpaceX_Demo_2 https://en.wikipedia.org/wiki/Crew_Dragon_Demo-2 .glitchlist crew
BGPv4 Aggregate routes
Have you ever received many networks from your customers without being able to summarize with an IGP? And… have you ever had to make BGP transit for these messy networks to a carrier that accepts only /20 networks or even worse check on RIPE.NET database? Little trick with aggregate command: Warning: aggregate command not work if you advertize messy networks …