Tutorial about MPLS Implementation with Cisco Router, this third of three chapter discuss about how to Optimize MPLS Networks, especially for L3VPN / VPRN, by using Route Reflector (RR) Technology
Tutorial about MPLS Implementation with Cisco Router, this second of two chapter discuss about MPLS Configuration, LDP Configuration, VPN Services, L2VPN (VLL & VPLS) and L3VPN (VPRN).
it also contain case study and implementation of VLL, VPLS, and VPRN
The document discusses the configuration of static MPLS label switched paths (LSPs) across a network topology consisting of routers in various cities. It describes how each router is configured to either push a label, swap a label, or pop the top label as packets traverse the LSP from Jakarta to Makasar and back. Traceroute outputs are provided to show the functioning LSP paths versus normal IGP routing. Complete configuration snippets are included in an appendix.
The document discusses various methods of configuring MPLS in a network, including:
1. Configuring LDP to automatically establish label-switched paths between routers.
2. Configuring RSVP signaling to establish an explicit LSP from Batam to Ambon with a bandwidth reservation of 500Mb.
3. Integrating LSP routes into the unicast routing table and verifying LSP establishment through traceroute.
IP Infusion Application Note for 4G LTE Fixed Wireless AccessDhiman Chowdhury
SKY Brazil is one of the largest Pay TV provider in Brazil with 5Million+ subscribers created world’s first disaggregated 5G-ready Fixed Wireless Access (FWA) network using IPInfusion’s disaggregated Cell Site Gateway Solution to serve 35K broadband subscribers.
Learn how the deployment was done, read this application note to know more about the usecase and OcNOS configurations.
The document provides an overview of MPLS (Multi-Protocol Label Switching) concepts and components. It discusses how MPLS separates routing from forwarding by using labels to forward packets based on the label rather than the IP address. It describes MPLS components like edge label switching routers (ELSR or PE), label switching routers (LSR or P), and the label distribution protocol (LDP). It also provides examples of MPLS forwarding and MPLS VPN operation.
This document compares routing implementations between Cisco IOS and MikroTik RouterOS. It summarizes key differences in areas such as routing components, general routing, OSPF, BGP, route redistribution, and MPLS. The document is presented by Lay Minh, who has 10 years of experience in the ISP industry and holds certifications including CCIE and MikroTik Certified Trainer.
MLAG provides invisible Layer 2 redundancy across switches by making them appear as a single logical switch. It establishes dual-connected ports across switches and synchronizes MAC address tables and BPDUs to eliminate duplicate packets and prevent spanning tree loops. MLAG configuration involves bonding dual-connected ports with a common CLAG ID and running the CLAGD protocol over a peer link to synchronize state.
The document provides information about an upcoming training course on deploying MPLS L3 VPNs. It includes details about the trainers, Nurul Islam Roman and Jessica Wei, their backgrounds and areas of expertise. It also outlines the course agenda which will cover topics such as MPLS VPN models, terminology, operation, configuration examples and service deployment scenarios.
Tutorial about MPLS Implementation with Cisco Router, this second of two chapter discuss about MPLS Configuration, LDP Configuration, VPN Services, L2VPN (VLL & VPLS) and L3VPN (VPRN).
it also contain case study and implementation of VLL, VPLS, and VPRN
The document discusses the configuration of static MPLS label switched paths (LSPs) across a network topology consisting of routers in various cities. It describes how each router is configured to either push a label, swap a label, or pop the top label as packets traverse the LSP from Jakarta to Makasar and back. Traceroute outputs are provided to show the functioning LSP paths versus normal IGP routing. Complete configuration snippets are included in an appendix.
The document discusses various methods of configuring MPLS in a network, including:
1. Configuring LDP to automatically establish label-switched paths between routers.
2. Configuring RSVP signaling to establish an explicit LSP from Batam to Ambon with a bandwidth reservation of 500Mb.
3. Integrating LSP routes into the unicast routing table and verifying LSP establishment through traceroute.
IP Infusion Application Note for 4G LTE Fixed Wireless AccessDhiman Chowdhury
SKY Brazil is one of the largest Pay TV provider in Brazil with 5Million+ subscribers created world’s first disaggregated 5G-ready Fixed Wireless Access (FWA) network using IPInfusion’s disaggregated Cell Site Gateway Solution to serve 35K broadband subscribers.
Learn how the deployment was done, read this application note to know more about the usecase and OcNOS configurations.
The document provides an overview of MPLS (Multi-Protocol Label Switching) concepts and components. It discusses how MPLS separates routing from forwarding by using labels to forward packets based on the label rather than the IP address. It describes MPLS components like edge label switching routers (ELSR or PE), label switching routers (LSR or P), and the label distribution protocol (LDP). It also provides examples of MPLS forwarding and MPLS VPN operation.
This document compares routing implementations between Cisco IOS and MikroTik RouterOS. It summarizes key differences in areas such as routing components, general routing, OSPF, BGP, route redistribution, and MPLS. The document is presented by Lay Minh, who has 10 years of experience in the ISP industry and holds certifications including CCIE and MikroTik Certified Trainer.
MLAG provides invisible Layer 2 redundancy across switches by making them appear as a single logical switch. It establishes dual-connected ports across switches and synchronizes MAC address tables and BPDUs to eliminate duplicate packets and prevent spanning tree loops. MLAG configuration involves bonding dual-connected ports with a common CLAG ID and running the CLAGD protocol over a peer link to synchronize state.
The document provides information about an upcoming training course on deploying MPLS L3 VPNs. It includes details about the trainers, Nurul Islam Roman and Jessica Wei, their backgrounds and areas of expertise. It also outlines the course agenda which will cover topics such as MPLS VPN models, terminology, operation, configuration examples and service deployment scenarios.
This document explains MPLS Layer 3 VPNs. It discusses how Layer 3 VPNs allow routing information to be shared between customer sites using protocols like OSPF and BGP across the service provider's MPLS network. It describes how Virtual Routing and Forwarding instances (VRFs), MP-BGP, Route Distinguishers (RDs), and Route Targets (RTs) work together to separate routing information for different customers and establish VPN connectivity between their sites while avoiding overlapping address spaces.
This document provides an overview of EtherChannel concepts and configuration. EtherChannel allows linking multiple physical Ethernet ports together to form a single logical trunk with increased bandwidth. It uses protocols like PAgP and LACP to dynamically establish and maintain EtherChannel bundles. EtherChannel load balances traffic across physical ports and treats the bundle as a single logical port for functions like spanning tree. The document outlines terminology, configuration, verification commands, and considerations for optimizing EtherChannel deployment.
This document provides an overview of CCNP Switch topics including:
- How Layer 2 switches work by learning and recording MAC addresses and forwarding frames based on the MAC address table.
- The different types of multilayer switching (MLS), including demand-based switching using a MLS engine and route processor, and topology-based switching using CEF.
- How ACLs are implemented in switches using Ternary Content Addressable Memory (TCAM) tables to make packet forwarding decisions.
- Campus network design principles including redundancy protocols like HSRP, and wireless LAN configuration.
- Quality of service (QoS) features that prioritize certain traffic through ingress queueing and egress scheduling
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
The document summarizes an experiment in Packet Tracer where the routing protocols EIGRP and OSPF were implemented on a simulated enterprise network with multiple hosts and routers. EIGRP and OSPF were configured on the 3 routers to exchange routing update tables and allow routing between all hosts. The experiment demonstrated how each protocol operates, including configuration of EIGRP with autonomous system numbers and OSPF with areas to establish routing adjacencies between routers. Pings between hosts across the routers confirmed correct routing was achieved with both protocols.
The document discusses IP routing protocols RIP, RIP version 2, EIGRP, and OSPF. It provides details on configuration and features of each protocol, including route summarization, route filtering, default routing, and stub routing. It also covers troubleshooting routing loops caused by interface summaries in RIP and using leak maps in EIGRP.
Packet Tracer: Load Balancing with GLBP and FHRPRafat Khandaker
This document discusses simulating failsafe protocols like GLBP and FHRP to provide load balancing and redundancy. It provides an overview of GLBP, explaining that it uses Active Virtual Gateways and Active Virtual Forwarders to assign routers as primary and secondary access to the virtual gateway IP. It also discusses FHRP protocols like HSRP and VRRP, noting that HSRP is Cisco proprietary while VRRP is an IETF standard. The document goes on to describe configuring GLBP across three routers to demonstrate how traffic would be load balanced and how a backup router would take over if the primary fails.
This document discusses configuring point-to-point WAN links in Packet Tracer using different encapsulation types such as HDLC, PPP, and Frame Relay. It provides configuration examples for HDLC and PPP links which were successfully implemented. Frame Relay configuration posed more challenges to troubleshoot due to static routing requirements and Packet Tracer limitations. The author learned about Frame Relay configuration but was unable to fully implement it in this lab.
This document discusses configuring VLAN trunking and routing on a stick between two switches and a router. It explains that VLAN trunking is used to separate broadcast domains and transmit VLAN traffic between switches and routers. The trunk ports between the switches and the switch to router link are configured, as well as subinterfaces on the router with different IP addresses for each VLAN. The configuration of the switches and router is shown, along with ping tests verifying connectivity between hosts in different VLANs works after routing is configured.
VRF (Virtual Routing and Forwarding) is a technology that allows multiple instances of a routing table to
co-exist within the same router at the same time. This increases functionality by allowing network paths
to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also
increases network security and can eliminate the need for encryption and authentication. Internet
service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs)
for customers; thus the technology is also referred to as VPN routing and forwarding. Because the
routing instances are independent, the same or overlapping IP addresses can be used without
conflicting with each other.
How to configure vlan, stp, dtp step by step guideIT Tech
The document provides step-by-step instructions to configure VLANs, VTP, STP, and DTP on Cisco switches and a router. It describes how to configure a VTP server, create VLANs 10 and 20, assign ports and PCs to each VLAN, configure trunk ports between switches, and configure a router interface for each VLAN to allow inter-VLAN communication. The configurations are verified by checking STP port status and pinging between PCs in different VLANs.
This document provides an overview of Multiprotocol Label Switching (MPLS), including its history, key concepts, applications, and use by service providers. MPLS was developed in the late 1990s to meet the needs of scalable routing and quality of service on the growing internet. It works by assigning fixed length labels to data packets, allowing routers to forward based on these labels rather than long network addresses. Major applications of MPLS include traffic engineering, virtual private networks, and bandwidth management. The document discusses how service providers like MegaPath use MPLS in their backbones to provide integrated data and voice services, and nationwide networking solutions for corporate customers.
This document discusses layer 3 redundancy protocols. It describes routing issues with redundancy and protocols like HSRP, VRRP, and GLBP that provide a redundant default gateway. HSRP defines an active-standby router group that uses a virtual IP address. GLBP provides load balancing across multiple routers and gateway redundancy through automatic failover.
For some very basic VRF configuration follow the steps:
1. Enters VRF configuration mode and assigns a VRF name.
Router(config)#ip vrf vrf-name
2. Creates a VPN route distinguisher (RD) following one of the 16bit-ASN:32bit-number or 32bitIP:16bit-number explained above
Router(config-vrf)#rd route-distinguisher
3. Creates a list of import and/or export route target communities for the specified VRF.
Router(config-vrf)# route-target {import | export | both} route-distinguisher
4. (Optional step) Associates the specified route map with the VRF.
Router(config-vrf)# import map route-map
EtherChannel allows grouping multiple physical Ethernet links into a single logical link to provide fault tolerance and increased bandwidth. Key points for configuration include using the same port types, speed and duplex settings across all ports in the channel. Settings like VLAN lists and STP settings must also be consistent. Layer 3 EtherChannel requires assigning an IP to the port-channel interface, while Layer 2 only requires adding the physical ports to the channel group. Verification can be done with show commands.
Switching – A Process of using the MAC address on LAN is called Layer 2 Switching.
Layer 2 Switching is the process of using hardware address of devices on a LAN to segment a network.
Switching breaks up large collision domains into smaller ones and that a collision domain is a network
segment with two or more devices sharing the same bandwidth.
Four switches have been installed with redundant uplinks between access and distribution layers. Spanning tree removes redundant links to prevent loops. The document describes configuring Multiple Spanning Tree (MST) on the switches to group VLANs into instances to reduce CPU load from multiple spanning tree calculations. MST is configured by assigning VLANs 20-50 to instance 1 and VLANs 80,100 to instance 2 while the rest remain in the default instance 0. Identical MST configurations must be applied to all switches for proper operation.
The document describes the configuration of a Layer 3 VPN network with multiple VRF instances. Key steps include:
1. Configuring IP addresses, loopbacks and OSPF routing between core routers R1 through R5.
2. Establishing iBGP peering between R1, R3, and R5 to exchange VPN routing information.
3. Creating VRF instances VPN-MY on R1 and R3, and VPN-SG on R5, each with a unique RD and RT.
4. Connecting customer edge devices CE6 to R1, CE7 to R3, and CE8 to R5 through interfaces associated with the corresponding VRFs.
5.
Rapid Ring Protection Protocol (RRPP) is a proprietary Huawei link layer protocol used to prevent broadcast storms on Ethernet rings. It provides fast convergence of less than 50ms when links fail. RRPP supports various topologies including single, crossed, and tangent rings. It also supports multiple instances on a single ring for load balancing. The document provides an overview of RRPP, compares it to other ring protocols, describes its features and functions, and provides sample configurations for a single RRPP ring with multiple instances.
There are three types of First Hop Redundancy Protocols (FHRP): HSRP, VRRP, and GLBP. HSRP and VRRP elect an active router to forward traffic for a virtual IP address, while GLBP allows multiple routers to act as active forwarders. Only GLBP supports load balancing traffic across multiple routers. All FHRP protocols run per VRF and VDC.
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comRishabh Dangwal
EIGRP is a hybrid routing protocol that uses DUAL algorithm. It supports IP, IPX and Appletalk and uses reliable transport protocol. EIGRP has internal administrative distance of 90 and external of 170. It uses hello packets, update packets, query packets and reply packets. The default metric is based on bandwidth and delay. EIGRP can experience stuck in active issues if queries are not responded to within timers. EIGRP stub routing allows selective route advertisement.
Este documento describe una configuración de red para proporcionar acceso a Internet desde un VPN MPLS utilizando una tabla de ruteo global. Se configura una ruta estática predeterminada en el VRF del cliente que apunta al gateway de Internet, y una ruta estática en la tabla de ruteo global para las redes del cliente para permitir la conectividad bidireccional. Esto permite el acceso a Internet desde el VRF del cliente y la conectividad VPN entre los sitios del cliente a través del núcleo MPLS.
This document explains MPLS Layer 3 VPNs. It discusses how Layer 3 VPNs allow routing information to be shared between customer sites using protocols like OSPF and BGP across the service provider's MPLS network. It describes how Virtual Routing and Forwarding instances (VRFs), MP-BGP, Route Distinguishers (RDs), and Route Targets (RTs) work together to separate routing information for different customers and establish VPN connectivity between their sites while avoiding overlapping address spaces.
This document provides an overview of EtherChannel concepts and configuration. EtherChannel allows linking multiple physical Ethernet ports together to form a single logical trunk with increased bandwidth. It uses protocols like PAgP and LACP to dynamically establish and maintain EtherChannel bundles. EtherChannel load balances traffic across physical ports and treats the bundle as a single logical port for functions like spanning tree. The document outlines terminology, configuration, verification commands, and considerations for optimizing EtherChannel deployment.
This document provides an overview of CCNP Switch topics including:
- How Layer 2 switches work by learning and recording MAC addresses and forwarding frames based on the MAC address table.
- The different types of multilayer switching (MLS), including demand-based switching using a MLS engine and route processor, and topology-based switching using CEF.
- How ACLs are implemented in switches using Ternary Content Addressable Memory (TCAM) tables to make packet forwarding decisions.
- Campus network design principles including redundancy protocols like HSRP, and wireless LAN configuration.
- Quality of service (QoS) features that prioritize certain traffic through ingress queueing and egress scheduling
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
The document summarizes an experiment in Packet Tracer where the routing protocols EIGRP and OSPF were implemented on a simulated enterprise network with multiple hosts and routers. EIGRP and OSPF were configured on the 3 routers to exchange routing update tables and allow routing between all hosts. The experiment demonstrated how each protocol operates, including configuration of EIGRP with autonomous system numbers and OSPF with areas to establish routing adjacencies between routers. Pings between hosts across the routers confirmed correct routing was achieved with both protocols.
The document discusses IP routing protocols RIP, RIP version 2, EIGRP, and OSPF. It provides details on configuration and features of each protocol, including route summarization, route filtering, default routing, and stub routing. It also covers troubleshooting routing loops caused by interface summaries in RIP and using leak maps in EIGRP.
Packet Tracer: Load Balancing with GLBP and FHRPRafat Khandaker
This document discusses simulating failsafe protocols like GLBP and FHRP to provide load balancing and redundancy. It provides an overview of GLBP, explaining that it uses Active Virtual Gateways and Active Virtual Forwarders to assign routers as primary and secondary access to the virtual gateway IP. It also discusses FHRP protocols like HSRP and VRRP, noting that HSRP is Cisco proprietary while VRRP is an IETF standard. The document goes on to describe configuring GLBP across three routers to demonstrate how traffic would be load balanced and how a backup router would take over if the primary fails.
This document discusses configuring point-to-point WAN links in Packet Tracer using different encapsulation types such as HDLC, PPP, and Frame Relay. It provides configuration examples for HDLC and PPP links which were successfully implemented. Frame Relay configuration posed more challenges to troubleshoot due to static routing requirements and Packet Tracer limitations. The author learned about Frame Relay configuration but was unable to fully implement it in this lab.
This document discusses configuring VLAN trunking and routing on a stick between two switches and a router. It explains that VLAN trunking is used to separate broadcast domains and transmit VLAN traffic between switches and routers. The trunk ports between the switches and the switch to router link are configured, as well as subinterfaces on the router with different IP addresses for each VLAN. The configuration of the switches and router is shown, along with ping tests verifying connectivity between hosts in different VLANs works after routing is configured.
VRF (Virtual Routing and Forwarding) is a technology that allows multiple instances of a routing table to
co-exist within the same router at the same time. This increases functionality by allowing network paths
to be segmented without using multiple devices. Because traffic is automatically segregated, VRF also
increases network security and can eliminate the need for encryption and authentication. Internet
service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs)
for customers; thus the technology is also referred to as VPN routing and forwarding. Because the
routing instances are independent, the same or overlapping IP addresses can be used without
conflicting with each other.
How to configure vlan, stp, dtp step by step guideIT Tech
The document provides step-by-step instructions to configure VLANs, VTP, STP, and DTP on Cisco switches and a router. It describes how to configure a VTP server, create VLANs 10 and 20, assign ports and PCs to each VLAN, configure trunk ports between switches, and configure a router interface for each VLAN to allow inter-VLAN communication. The configurations are verified by checking STP port status and pinging between PCs in different VLANs.
This document provides an overview of Multiprotocol Label Switching (MPLS), including its history, key concepts, applications, and use by service providers. MPLS was developed in the late 1990s to meet the needs of scalable routing and quality of service on the growing internet. It works by assigning fixed length labels to data packets, allowing routers to forward based on these labels rather than long network addresses. Major applications of MPLS include traffic engineering, virtual private networks, and bandwidth management. The document discusses how service providers like MegaPath use MPLS in their backbones to provide integrated data and voice services, and nationwide networking solutions for corporate customers.
This document discusses layer 3 redundancy protocols. It describes routing issues with redundancy and protocols like HSRP, VRRP, and GLBP that provide a redundant default gateway. HSRP defines an active-standby router group that uses a virtual IP address. GLBP provides load balancing across multiple routers and gateway redundancy through automatic failover.
For some very basic VRF configuration follow the steps:
1. Enters VRF configuration mode and assigns a VRF name.
Router(config)#ip vrf vrf-name
2. Creates a VPN route distinguisher (RD) following one of the 16bit-ASN:32bit-number or 32bitIP:16bit-number explained above
Router(config-vrf)#rd route-distinguisher
3. Creates a list of import and/or export route target communities for the specified VRF.
Router(config-vrf)# route-target {import | export | both} route-distinguisher
4. (Optional step) Associates the specified route map with the VRF.
Router(config-vrf)# import map route-map
EtherChannel allows grouping multiple physical Ethernet links into a single logical link to provide fault tolerance and increased bandwidth. Key points for configuration include using the same port types, speed and duplex settings across all ports in the channel. Settings like VLAN lists and STP settings must also be consistent. Layer 3 EtherChannel requires assigning an IP to the port-channel interface, while Layer 2 only requires adding the physical ports to the channel group. Verification can be done with show commands.
Switching – A Process of using the MAC address on LAN is called Layer 2 Switching.
Layer 2 Switching is the process of using hardware address of devices on a LAN to segment a network.
Switching breaks up large collision domains into smaller ones and that a collision domain is a network
segment with two or more devices sharing the same bandwidth.
Four switches have been installed with redundant uplinks between access and distribution layers. Spanning tree removes redundant links to prevent loops. The document describes configuring Multiple Spanning Tree (MST) on the switches to group VLANs into instances to reduce CPU load from multiple spanning tree calculations. MST is configured by assigning VLANs 20-50 to instance 1 and VLANs 80,100 to instance 2 while the rest remain in the default instance 0. Identical MST configurations must be applied to all switches for proper operation.
The document describes the configuration of a Layer 3 VPN network with multiple VRF instances. Key steps include:
1. Configuring IP addresses, loopbacks and OSPF routing between core routers R1 through R5.
2. Establishing iBGP peering between R1, R3, and R5 to exchange VPN routing information.
3. Creating VRF instances VPN-MY on R1 and R3, and VPN-SG on R5, each with a unique RD and RT.
4. Connecting customer edge devices CE6 to R1, CE7 to R3, and CE8 to R5 through interfaces associated with the corresponding VRFs.
5.
Rapid Ring Protection Protocol (RRPP) is a proprietary Huawei link layer protocol used to prevent broadcast storms on Ethernet rings. It provides fast convergence of less than 50ms when links fail. RRPP supports various topologies including single, crossed, and tangent rings. It also supports multiple instances on a single ring for load balancing. The document provides an overview of RRPP, compares it to other ring protocols, describes its features and functions, and provides sample configurations for a single RRPP ring with multiple instances.
There are three types of First Hop Redundancy Protocols (FHRP): HSRP, VRRP, and GLBP. HSRP and VRRP elect an active router to forward traffic for a virtual IP address, while GLBP allows multiple routers to act as active forwarders. Only GLBP supports load balancing traffic across multiple routers. All FHRP protocols run per VRF and VDC.
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comRishabh Dangwal
EIGRP is a hybrid routing protocol that uses DUAL algorithm. It supports IP, IPX and Appletalk and uses reliable transport protocol. EIGRP has internal administrative distance of 90 and external of 170. It uses hello packets, update packets, query packets and reply packets. The default metric is based on bandwidth and delay. EIGRP can experience stuck in active issues if queries are not responded to within timers. EIGRP stub routing allows selective route advertisement.
Este documento describe una configuración de red para proporcionar acceso a Internet desde un VPN MPLS utilizando una tabla de ruteo global. Se configura una ruta estática predeterminada en el VRF del cliente que apunta al gateway de Internet, y una ruta estática en la tabla de ruteo global para las redes del cliente para permitir la conectividad bidireccional. Esto permite el acceso a Internet desde el VRF del cliente y la conectividad VPN entre los sitios del cliente a través del núcleo MPLS.
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
This document discusses deploying MPLS L3VPN. It begins with an overview of MPLS and VPN terminology. It then covers the MPLS reference architecture and different node types. It describes how IP/VPN technologies use separate routing tables at provider edge (PE) routers to provide independent virtual routing and forwarding (VRF) instances for each VPN customer. The control plane uses multiprotocol BGP (MP-BGP) to distribute VPN routes between PE routers using route distinguisher (RD), route target (RT), and labels. The forwarding plane uses these labels to encapsulate and transport customer IP packets across the MPLS core. The document then discusses various IP/VPN services including load sharing, hub-and-spoke
Este documento explica los conceptos fundamentales de MPLS/VPN. MPLS/VPN permite crear redes virtuales privadas (VPNs) sobre una red compartida mediante el uso de MPLS. Los routers de borde (PE) intercambian información de rutas de VPNs utilizando BGP multiprotocolo y asignan etiquetas MPLS para encaminar el tráfico entre VPNs a través de la red compartida.
This document discusses inter-autonomous system (inter-AS) MPLS VPN connectivity. It describes how MPLS VPN providers can exchange routes and traffic across autonomous system boundaries to extend MPLS VPN services across geographical locations. There are two main inter-AS connectivity models - back-to-back VRF connectivity for fewer VRFs, and external MP-BGP for VPNv4 prefix exchange to support a larger number of VRFs across multiple service providers. The control and forwarding planes are established through MP-BGP sessions between PE-ASBR routers to exchange VPN routes and encapsulate traffic with labels across autonomous system boundaries.
VPN allows for secure communication over public networks through tunneling protocols like PPTP, L2TP, and IPsec. There are three main types of VPN implementations: intranet within an organization, extranet between an organization and outside users, and remote access for mobile users. VPNs provide advantages like reducing costs of long-distance lines and charges while allowing flexibility and efficiency. However, they also have disadvantages like requiring expertise in security issues and performance depending on external factors. Industries like healthcare, manufacturing, retail, and banking commonly use VPNs to securely transfer private information between locations.
The document provides the configuration steps for a lab exercise on BGP. The steps include:
1. Configuring IBGP and EBGP neighborships between routers as shown in the topology diagram using loopback addresses.
2. Advertising loopback networks in BGP to ensure all routers have the routing information.
3. Configuring route reflectors to reduce the number of neighbor relationships needed.
4. Setting preferences for best paths between routers for certain networks.
The document discusses Linux networking commands and tools. It provides examples of using ip commands to view and configure network interfaces, routes, neighbors, and rules. It also shows tcpdump for packet capture and nmap for port scanning. Firewalls are configured using iptables to allow traffic from a specific source to a web server port.
The document discusses various techniques that internet service providers can use to prevent IP reflection attacks, including:
- Implementing BCP38 and BCP140, which involve validating the source IP address of incoming packets to prevent spoofing. This is recommended to be deployed as close to the edge of the network as possible.
- Enforcing validation using access control lists (ACLs) to filter packets and unicast reverse path forwarding (uRPF) to check the return path of source IP addresses. Strict uRPF is recommended for customers.
- Example ACL and uRPF configurations are provided for Cisco and Juniper routers to filter traffic from customer networks connected to the ISP edge router.
PFRv3 – новое поколение технологии Performance Routing для интеллектуального ...Cisco Russia
PFRv3 – новое поколение технологии Performance Routing для интеллектуального управления трафиком.
Запись вебинара: https://cisco.webex.com/ciscosales/lsr.php?RCID=996604735650402b828d47ff1f7b7578
Клуб Cisco - ciscoclub.ru
This document provides an introduction to migrating to IPv6 and the IPv6 features supported in ProCurve switch software release K.13.01. It discusses dual-stack IPv4/IPv6 operation, connecting to IPv6 over IPv4 tunneling devices, and the IPv6 configuration, management, security, and troubleshooting features supported, including stateless and stateful address assignment, neighbor discovery, and diagnostic tools.
Installation of pfSense on Soekris 6501robertguerra
The document provides instructions for configuring a pfSense firewall to use a Clear Wireless 4G connection for primary internet access and failover to an existing office internet connection. It describes setting up the Clear Wireless WAN interface and a multi-WAN gateway group in pfSense. Traffic is configured to use the Clear Wireless gateway by default with failover to the office connection if the primary goes down. Initial tests of the Clear Wireless connection achieved speeds suitable for typical office use and zero packet loss. Configuring the Westell 6100 modem to bridge mode is also described to allow use of an external router.
Installation of pfSense on Soekris 6501robertguerra
This document provides instructions for configuring a pfSense firewall to use multiple WAN connections for failover. It describes setting up a Clear Wireless 4G connection as the primary WAN and using the existing office connection as a backup. Specific steps include adding the WAN interfaces, creating a gateway group for failover, and configuring firewall rules to use the gateway group. Initial testing showed the Clear Wireless connection providing adequate speeds for typical office use while offloading over 6GB of data from the office connection in just 3 days.
The document describes a set of exercises to configure basic routing and OSPF routing on routers. It includes instructions on configuring interfaces, static routing, and OSPF routing. Participants will work in groups to configure three routers and four switches with a common IP addressing scheme and network topology. The exercises progress from basic router configuration to static routing and finally dynamic routing using OSPF.
This document discusses monitoring internet connections of WAN links using only routing configuration in MikroTik routers. It describes how typical ISP failover solutions have problems when the primary ISP gateway responds to checks but internet is still unavailable. The document proposes monitoring multiple remote hosts per WAN link and using routing tables to configure failover without scripting or external tools. Failover is achieved by creating default routes through virtual hops and routes to remote hosts through the actual ISP gateways. This allows automatic switching when checks to remote hosts on the primary WAN link fail.
This document provides an overview and summary of Frame Relay and PPP technologies:
- Frame Relay uses DLCI to identify virtual circuits and supports point-to-point, multipoint, and hub-and-spoke topologies. It uses LMI, inverse ARP, and static mappings for L2-L3 address resolution.
- PPP can be used over Frame Relay virtual circuits to provide routing between sites. A virtual-template interface is used to represent each PPP session.
- Authentication for PPP connections can be provided by PAP or CHAP protocols. CHAP provides one-way authentication via a three-way handshake by default.
This Booklet is designed to help CCIE candidates to prepare themselves for the CCIE written and/or the lab exam. However, this is not a complete study
reference. It is just a series of the author’s personal notes, written down during his pre-lab, and further studies, in a form of mind maps, based mainly on
CISCO Documentation for IOS 12.4T. The main goal of this material is to provide quick and easy-to-skim method of refreshing cadidate’s existing knowledge.
All effort has been made to make this Booklet as precise and correct as possible, but no warranty is implied. CCIE candidates are strongly encouradged to
prepare themselves using other comprehensive study materials like Cisco Documentation (www.cisco.com/web/psa/products/index.html), Cisco Press books
(www.ciscopress.com), and other well-known vendor’s products, before going through this Booklet. The autor of this Booklet takes no responsibility, nor
liablity to any person or entity with respect to loss of any information or failed tests or exams arising from the information contained in this Booklet.
This document provides an overview and summary of Frame Relay and PPP technologies:
- Frame Relay uses DLCI to identify virtual circuits and supports fragmentation, congestion control, and inverse ARP for L2-L3 mapping. PPPoE can be used to transport PPP over Frame Relay.
- PPP supports authentication using PAP or CHAP and can be used to provide remote access over various WAN links like Frame Relay.
- Multilink PPP allows combining multiple physical links to be treated as a single logical link and provides increased throughput and redundancy.
1. The document provides instructions for configuring iptables firewall rules on a SUSE Linux server to set up a network with internal servers and clients.
2. It outlines steps to allow specific services and access between servers and clients like SSH, DNS, file sharing, remote desktop, and internet access.
3. The configuration includes setting up masquerading and destination NAT rules to enable connectivity and allow internal clients to access the internet through the firewall server.
The document describes the configuration of an MPLS VPN network with two VRF instances to provide connectivity between sites. Key steps include:
1. Configuring IS-IS routing in the backbone to establish an MPLS core network.
2. Configuring VRFs and BGP to enable MPLS VPN services between CE routers.
3. Configuring a second VRF to connect additional CE routers and establish routing between them.
The document provides useful commands for configuring VLANs, routing, and displaying information on an Aruba Mobility Access Switch. It includes commands for creating VLANs, assigning ports, IP addresses, switching profiles, trunking, routing, DHCP, and display commands for viewing VLAN, interface, and routing information.
This slide is presented in Dec., 2013 as part of Triangle OpenStack meet up sponsored by Cisco System in Raleigh-Durham area, North Carolina.
We did proof of concept back in June, 2013 to evaluate IPv6 readiness of OpenStack as the initial step to make IPv6 and Cloud work together seamlessly.
After 6-week of intensive efforts, we enabled OpenStack Grizzly release over IPv6. Later on, we also successfully launched dual-stack VM in Havana release. This slide summarized what problems we tried to tackle and how we resolved them. The presentation is based on the whitepaper we published at:
http://www.nephos6.com/pdf/OpenStack-Havana-on-IPv6.pdf.
The ideas captured in this slide will be leveraged by OpenStack Neutron IPv6 sub team to fulfill mid-term goals suggested by Neutron IPv6 roadmap. The target release is IceHouse in April, 2014.
We will publish more white papers and slides when we reach next milestone. Stay tuned!
The document discusses how Network Address Translation (NAT) and Port Address Translation (PAT) can help solve the problem of limited IP addresses by allowing private IP addresses to be translated to public IP addresses, and describes how to configure various NAT and PAT functions on a Cisco router including static NAT, dynamic NAT, port overloading, and handling overlapping networks.
This document provides the questions and answers for the CCNA Exploration 3 - FINAL Exam Version 4.0. There are 26 multiple choice questions that cover topics related to LAN switching and wireless networking. The questions test knowledge of VLANs, trunking, STP, VTP, wireless networking concepts, and inter-VLAN routing configurations.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfflufftailshop
When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
4. Bank BCA wants to subscribe MPLS Link over
all of the branches in indonesia using
L3VPN/VPRN through our backbone network.
The branch offices are 8 : Jakarta1, Jakarta2,
Bogor, Bekasi, Surabaya, Malang, Madiun,
Banjarmasin
Datacenter is located in Tangerang City
All BCA Routers connected to each 9 PEs.
6. One of VPRN/L3VPN problem is, to comply with such
topology, and to connect all client routers, iBGP
Peering on the PEs must be fully meshed on each
others.
This could become a painful jobs when we add one or
more network into current vrf, we need to reconfigure
all related vrf PE, to do full mesh iBGP peering.
Peer formula = n(n-1)/2,
n stands for number of routers,
For example 9 routers, will need 41 peer connection
10 routers, will need 45 peer connection
25 routers, will need 300 peer connection
50 routers, will need 1225 peer connection
7. Full Mesh iBGP Peering
iBGP Peering in huge
VRF is such a mess and
painful configuration
17. Route Reflector / RR are an alternative way to
provide full meshed iBGP peers. One or more
routers configured as a route reflector, while
the remaining iBGP routers are configured as
clients and peer only with route reflector
forming a Route Reflector Cluster. This
reduces the number of connections required
to the number of clients. Routing updated
received by a client are sent to the Route
Reflector and it will forward to other clients in
the cluster.
18. iBGP Peering with Route Reflector
RR Reflects all BGP
received, towards all
of the neighbor
19. RR Deployment Methods
Option 1 involves using the PE router as the VPNv4 RR as well.
◦ This type of setup is not recommended due to additional
constraints of memory and CPU imposed on the PE router
that acts as RR, which is handling both the functions of
providing services to client edge routers as well as reflecting
routes to several other PEs in the same MPLS domain.
Option 2 involves using the P router as an RR for both IPv4 and VPNv4.
◦ The P router handles not only the function of route reflection
for IPv4 and VPNv4 routes, but also performs data
forwarding operations for IPv4 and VPNv4 traffic.
◦ This scenario may not scale well in large MPLS VPN
environments due to memory and CPU constraints imposed
on the RR that not only provides IPv4 and VPNv4 routing
services but also data forwarding functionality.
20. Option 3 involves using a P router as a RR only for VPNv4.
◦ This implementation can be used in large-scale MPLS VPN
environments in which the provider network wants to
isolate IPv4 functionality on the VPNv4 RR.
Option 4 involves a dedicated router performing the function of
reflecting IPv4 and VPNv4 routes. The router does not perform
any data forwarding functions.
◦ This scenarios also increases the provider's operational
costs because the provider has to dedicate routers RRs
for IPv4 and VPNv4 prefixes as well as ensure their PE
routers have physical connectivity with each other for
data forwarding functionality or are connected to a
dedicated P router, which perform data forwarding
functionality.
21. Option 5 involves a dedicated router as a RR for only VPNv4
routes and not for data forwarding. Like the last option, there
is considerable savings in CPU and performance improvements
can be realized but at the cost of additional routers providing
provider router functionality and increased cost in providing
physical connectivity between PE and P routers.
Option 6 involves partitioned RRs, which is primarily in large-
scale environments in which using a dedicated VPNv4 RR does
not scale to the demands of a large provider carrying a large
number of VPNv4 prefixes.
26. IPv4 BGP Peering is fully
meshed (light red color)
but VPNv4 BGP peering is
configured through dedicated
RR
27. BGP VPNv4 peering for each
VRF are divided to different
RR, to reduce the load of
BGP Process
28. Due to lack of operational budget, team will use
Option 1 for RR Deployment Method. This
solution is Temporary, and is proposed on next
budget to bought additional dedicated RR Routers
to do the job.
Positive impact :
◦ Simplify BGP Configuration
◦ BGP Peering kept Redundant
◦ It also makes BGP process low on all non RR PE Routers.
◦ Easy to do expansion for the current VRF
Negative impact :
◦ High BGP Process loads on the RR