Port Aggregation

Port aggregation is a technique to bind more than one physical port and create a bigger virtual port. It is done for multiple purposes. The biggest advantage of this technique is increasing the bandwidth of a port. If you have two 100Mb ports and you need a port that can support 200Mb bandwidth then you just have […]

Layer 2 Threat Mitigation Part 2

VLAN Hopping An attack in which an attacker jumps from one VLAN to another VLAN by tagging targeted VLAN number to frame. For example I am an attacker and I am connected to VLAN 10 but I want to get access to VLAN 1 so what I do that I grab the packet before it […]

Layer 2 Threat Mitigation

Layer 2 threat mitigation is important, it is defense from an insider who aims to damage the network. There are security devices such as firewall, IDS/IPS, and other systems to protect the network but these technologies do not work at layer 2.There are many threat that can be initiated by an insider in a local network, such […]

Quality of Service

QoS is an umbrella term that includes many tools and techniques to improve the performance of network, it is very complex topic as well. QoS is intended to prioritize the traffic on the basis of protocols. For example, the VoIP traffic take 64Kb bandwidth for entire session the call is up and if there is quite a much other […]

Spanning Tree Protocol Part 3

Spanning tree (802.1d) also known as common spanning tree (CST) which means only one big spanning tree for all VLANs.Where Cisco uses per vlan spanning tree (PVST+) which means running individuals spanning tree for each VLAN. Rapid Spanning Tree Protocol It is 802.1w which does not takes 30 seconds to shutdown or turn on loop protocol. This protocol looks for alternate port […]

Quality of Service Part – 2

Random Early Detection – RED Random Early Detection (RED) is the mechanism that detects the memory buffer size before it gets full. It looks for the hosts that are sending more data and it drops the packet of host that is transmitting more data and it lets go the host who is sending low data. For […]

Access Control List Part – 2

We discussed the standard ACL but there is a big limitation in this list that it can only work on source IP address. This can only work on layer 3.The numbers for Standard ACL are 1 – 99 and 1300 – 1999. Extended ACL can work on source and destination IP address, sessions, ports, and protocols. This list an work […]

Access Control List Part – 3

By this point we have created ACL and each access control entry (ACE) comes below the existed entries and here we are going to modify and manage the ACLs. Let’s say we have configured the ACL 103 with some entries and a new requirements come to create one more entry. We know that each entry comes below the previous defined entries and […]

Access Control Lists

We learned about ACL in the CCENT course but there we only tired to understand the standard ACL which filters traffic using source IP address. ACL is basically a filtering mechanism that makes a router a small firewall that inspect the traffic and filters it. Extended ACL are the one we are going to discuss here, they are very powerful because […]

Using APIC-EM

Advanced Policy Infrastructure Controller – Enterprise Module (APIC-EM) is a collection of tools available via web-interface for modern network operations. Enterprise module is one module from set of tools and it is designed to let you monitor your equipments and to test and diagnose your network. The modules are installed in a centralized server and then the operations […]

Hot Standby Router Protocol (HSRP) Part 2

HSRP Parameters We configured the HSRP on two routers and here is the status of both routers. R2 says it is Active router. R1 says it is Standby router and active router is the one that has IP address 192.168.0.3. Now we turn off the active router and see the status of this router. Now R1 says that it is active router and it is […]

External Gateway Routing Protocol

Border Gateway Protocol (BGP) is an exterior routing protocol that connects two separate networks that are owned by two completely different authorities. This is the protocol that is used in the Internet. BGP always work with an IGP to route the traffic. BGP is not intelligent it does not calculates bandwidth and any other mechanism for traffic transmission, all it does […]

Hot Standby Routing Protocol (HSRP)

HSRP is the redundant gateway to the other network. It is Cisco proprietary. Suppose that you are working with the network architecture shown as above and you are sending traffic using a routing protocol, we do not know what path will the router choose to send the traffic because we do not know the underlying routing […]

Spanning Tree Protocol Part 2

Once again this is our architecture and in this lecture we will learn how to change the priority number to change the root bridge. This is lab design where we are working. Types of Roles In STP the ports are assigned to 3 roles. ·       Designated is the port which is allowed to forward traffic. ·       Root is the port […]