DHCP snooping is a DHCP security feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted DHCP message is a message that is received from outside the network or firewall causing denial of service attacks.
Configure MD5 encrypted passwords for users on Cisco IOS
The enhanced password security in Cisco IOS introduced in 12.0(18)S allows an admin to configure MD5 encryption for passwords. Prior to this feature the encryption level on Type 7 passwords used a week encryption and can be cracked easily and the clear text password (type 0) as anyone would know is completely insecure. Anyone who can gain access to the privilege mode can view/decrypt these passwords.
Comments Off
Categories: General.
High CPU usage when SNMP is enabled in Cisco Routers
Cisco Routers and Switches with L3 routing functions are seen to have problems with High CPU usage when SNMP is enabled. This can range anything from 15% to 40%. According to Cisco, these are low priority processes and other priority processes requiring CPU cycles are given priority over these processes and this level of CPU utilisation can be is normal. However, it is always better to be safe than sorry and get the CPU utilisation caused by SNMP to bare minimum so as to ensure the Routers function smoothly.
Comments Off
Categories: General.
How to create VLAN Interfaces for InterVLAN Routing in Cisco IOS
VLAN Interfaces are required in network scenarios where you have different VLANs and need Inter-VLAN switching on Layer3 (Routing capable) switches. Every VLAN that needs to be routed should have a VLAN interface.
Let’s say we have VLAN 10 which hosts the subnet 192.168.10.0 subnet, VLAN hosts 192.168.20.0 subnet and VLAN 30 hosts 192.168.30.0 subnet. For Inter-VLAN routing to work, we need to have a VLAN interface setup for each of these VLANs and configured with an IP address from the same subnet which will be the default Gateway for that subnet. Lets say, 192.168.10.254,192.168.20.254.192.168.30.254 are the IP addresses for VLAN Interfaces of VLAn 10,20,30 respectively.
Comments Off
Categories: General.
Unable to delete Stale/Obsolete statc routes in Cisco IOS
Today, I had to troubleshoot a very peculiar problem on my Cisco Catalyst 3750 switches in two different sites. To cut a long story short, both the sites originally had IPSec VPNs over ADSL internet andtherefore static routes added to pass through their VPN firewalls. However, with a recent WAN migration with leased lines, all traffic moved to the WAN routers.
Comments Off
Categories: General.
FileZilla FTP Client configuration through BlueCoat proxy
If you are attached to a corporate or an enterprise network and connect to internet from behind a BlueCoat proxy which proxies FTP connections then FileZilla FTP client needs needs to be configured accordingly to get it work properly. There is an FTP proxy configuration and a Generic Proxy configuration that can be set in FileZilla client.
Using a Generic Proxy forces it to use Passive Mode connections.However, if you need to use Active mode FTP connections then FTP Proxy should be configured.
Comments Off
Categories: General.
HP-3Com acquisition: An integrated networking portfolio emerges
The HP Cisco battle is heating up now that the HP-3Com acquisition has closed and the new HP Networking portfolio has emerged. HP promises an edge-to-core networking portfolio with a unified fabric that is cheaper and more power efficient than Cisco’s. But how integrated can the equipment be this soon?
Comments Off
Categories: General.
USENIX LISA 2010: Special coverage
USENIX LISA 2010 is a conference covering large installation systems administration. Keep up-to-date on all SearchNetworking.com coverage from San Jose here, and don’t miss a single update from USENIX LISA 2010.
Comments Off
Categories: General.
Brocade rolls out first switches for Layer 2 data center fabrics
Enterprises see large Layer 2 data center fabrics as the future of virtual server networking. Data center network infrastructure vendors are inching toward delivering this technology. Brocade’s VDX switches are the first to market.
Comments Off
Categories: General.