FreeBSD is out in his 10.0R version 🙂
- http://www.freebsd.org/releases/10.0R/announce.html
- http://www.freebsd.org/releases/10.0R/relnotes.html
- ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/10.0
I am really pleased to see BSD releases 🙂
Author: clucas
I am disappointed by Ubiquiti Networks
It is been a while I check forums and Ubiquiti products. They are really good products. At the beginning the really interesting thing in ubiquiti was the Open minded / Open Source direction they used. I begun to use their product with SR and XR card (when they don’t seek any final products). It was really easy to make your own product firmware with an embedded MIPS motherboard and their cards. The SDK was available at this time.
I check recently and now it is not. Ubiquiti has been introduce in Wall Street. I am really disappointed because when I was interviewed by them for their papers to be introduce to Wall Street I insisted on the fact of they success OpenSource is one main of it.
I would want to make some patch on kernel to be able to pass PPP/IP DSCP to their Atheros card to be able to do the same thing with IP (http://wiki.ubnt.com/AirMax_-_QoS_DSCP/TOS_Mappings). Now SDK is not available and I am really disappointed.
CCIE RS from v4.0 to v5.0
It is finally out !
The v5.0 of the CCIE exam is here. There are lot of exciting new features to learn 🙂 It will be great. In a first lecture, you can see these new things :
- L2VPN
- DMVPN
- IPSEC
- IS-IS
- EPC (Embedded Packet Capture)
- VSS
- difference between IOS and IOS XE
The things which are removed :
- Flexlink
- L2PT
- Frame-Relay
- RSVP
- WRR/SRR
- WCCP
The Lab is now in three parts :
- TS : as always troubleshooting on virtual equipments (1h30 through 2h (30 minutes shared with CONF))
- DIAG : closed-ended troubleshooting questions (30 minutes)
- CONF : configure the lab (5h30 through 6h (30 minutes shared with TS))
More to read about CCIE RS v5.0 :
- http://www.cisco.com/web/learning/certifications/expert/ccie_rs/docs/ccieRS_examUpdates4-5.pdf
- http://www.cisco.com/web/learning/exams/docs/ccieRS_Lab5.pdf (requires CCO)
Blueprint :
- Blueprint :Â https://learningnetwork.cisco.com/docs/DOC-22703
- Written topics :Â https://learningnetwork.cisco.com/docs/DOC-22705
- Lab topics :Â https://learningnetwork.cisco.com/docs/DOC-22706
Let’s go ! Written is planned to july/august 2014 and Lab in november 2015. Ok. It is said. My plan is on the internet. You are now aware of it and I must follow it !
PPTP and ASA 5510
If you search why your rules are applied by PPTP VPN sessions are not albe to established with an error 619 (on windows plateform) :
ASA# conf t ASA(config)# policy-map global_policy ASA(config)# (config-pmap)# class inspection_default ASA(config)# inspect pptp ASA(config)#
and :
ASA(config)# access-list outbound extended permit gre any any ASA(config)# access-list outbound extended permit tcp any any eq pptp ASA(config)# access-group outbound in interface inside
Have fun 🙂
Frame-Relay : just for fun… v5 will come out shortly.
For those of us like me who are working towards CCIE, you are certainly aware of the fact that CCIE v4 will be raised to v5. For INE.com, it seems that Frame-Relay (replaced by DMVPN), and some other features will be replaced.
I am studying really for fun now : I am studying Frame-Relay now 🙂
Equivalent to CEF on Redback router
This a question which I ask for a long time : is this e Cisco CEF equivalent on Redback router ?
A friend gives me the answer :
[VRF_FOOBAR]75TOTO-SE400-01#sh ip route 172.16.116.98
Longest match Routing entry for 172.16.116.98/32 is 172.16.116.98/32 , version 20
Route Uptime 38w6d
Paths: total 1, best path count 1
Route has been downloaded to following slots
iPPA: 01
Skipped? No
Path information :
Active path :
Known via adjacency, type-hidden route, distance 254, metric 0,
Tag 0, Next-hop 172.16.116.98, NH-ID 0x3450014E, Adj ID: 0x160, Interface 1/5.13717
Circuit 1/5:1023:63/1/2/440
[VRF_FOOBAR]75TOTO-SE400-01#
You can see there that the packet will live the router by port 1/5. You can confirm this by :
[VRF_FOOBAR]75TOTO-SE400-01#show card all fib 172.16.116.98 Slot 1: Prefix Next Hop Interface Next Hop Grid 172.16.116.98/32 172.16.116.98 1/5.13717 0x3450014e [VRF_FOOBAR]75TOTO-SE400-01#
Now, you can see as “sh ip cef … adjacency” :
[VRF_FOOBAR]75TOTO-SE400-01#sh card 1 adjacency | begin 0x3450014e
NH-Grid 0x3450014e
Encap type dot1q, function ether_dot1q_adj_ip_resolved
e05fb9a6 693c0030 88147df0 81000e85 encap_len 18
05fb9a6 693c : destination MAC address
0030 88147df0 : source MAC address
8100 : ethernet encapsulation
0e85 : vlan ID : here 3717
18 : length
For VLAN ID here :
[VRF_FOOBAR]75TOTO-SE400-01#sh bindings 1/5 vlan-id 3717 Up dot1q interface 1/5.13717@VRF_FOOBAR [VRF_FOOBAR]75TOTO-SE400-01#
How to compile statically linux binary
To make a point :
export CFLAGS=-static export LDFLAGS=-static export CPPFLAGS=-static export CFLAGS_APPEND=-static export LDFLAGS_APPEND=-static export CPPFLAGS_APPEND=-static ./configure && make
Unicast Flooding
This is for me a new concept I don’t have any see anymore. I only imagine inter-vlan routing by L3 switch or router on a stick.
But you can make this kind of architecture :
In this case : as the request is originated from S1 (who has RA as gateway) to S2.
- RA acts as router : MAC src = RA ; MAC dsst = S2 in vlan 2
Return :
- S2 sends to his gateway which this time is RB
- RB sends packet tthrough SB which has not MAC address of S1 in his CAM for vlan 1
- So it acts in normal way : IT FLOODS !
You can have other ways where you can see unicast flooding :
- Spanning-Tree TCN changes
- Forwarding CAM table overflow
You can protect your LAN by using ‘Unicast Flooding protection’
From 12.1(14)E version it is implemented : ‘unicast flood protection‘
To check : ‘sh mac-address-table unicast-flood‘.
DF bit for dummies
OSPF : Challenge backup (easy)
How to make the path through R2 to 99.99.99.1 prefered over throught R3 ???