Overblog Follow this blog
Administration Create my blog
Cisco & Cisco Network Hardware News and Technology

Wireless LAN & Wired (Ethernet) LAN

August 28 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Networking

There are different network infrastructures (wired LAN, Service Provider Networks) that allows mobility, but in a business environment, the most important is the wireless LAN (WLAN). Most modern business networks rely on switch-based LANs for day-to-day operation inside the office.

Productivity is no longer restricted to a fixed work location or a defined time period. People now expect to be connected at any time and place, (you are in when you are out...) from the office to the airport or even the home.

 Traveling employees used to be restricted to pay phones for checking messages and returning a few phone calls between flights. Now employees can check e-mail, voice mail, and the status of products on personal digital assistants (PDAs) while at many temporary locations.

 

Wireless LAN and Wired (Ethernet) LAN

Wireless LANs share a similar origin with Ethernet LANs. The IEEE has adopted the 802 LAN/MAN portfolio of computer network architecture standards. The two dominant 802 working groups are 802.3 Ethernet and 802.11 wireless LAN. However, there are important differences between the two.

 

WLANs use radio frequencies (RF) instead of cables at the Physical layer and MAC sub-layer of the Data Link layer. In comparison to cable, RF has the following characteristics:

i. RF does not have boundaries, such as the limits of a wire in a sheath. The lack of such a boundary allows data frames traveling over the RF media to be available to anyone that can receive the RF signal.

ii. RF is unprotected from outside signals, whereas cable is in an insulating sheath. Radios operating independently in the same geographic area but using the same or a similar RF can interfere with each other.

iii. RF transmission is subject to the same challenges inherent in any wave-based technology, such as consumer radio. For example, as you get further away from the source, you may hear stations playing over each other or hear static in the transmission. Eventually you may lose the signal all together. Wired LANs have cables that are of an appropriate length to maintain signal strength.

iv. RF bands are regulated differently in various countries. The use of WLANs is subject to additional regulations and sets of standards that are not applied to wired LANs.

WLANs connect clients to the network through a wireless access point (AP) instead of an Ethernet switch.

WLANs connect mobile devices that are often battery powered, as opposed to plugged-in LAN devices. Wireless network interface cards (NICs) tend to reduce the battery life of a mobile device.

WLANs support hosts that contend for access on the RF media (frequency bands). 802.11 prescribe collision-avoidance instead of collision-detection for media access to proactively avoid collisions within the media.

 

WLANs use a different frame format than wired Ethernet LANs. WLANs require additional information in the Layer 2 header of the frame.

WLANs raise more privacy issues because radio frequencies can reach outside the facility.

 

802.11 wireless LANs extend the 802.3 Ethernet LAN infrastructures to provide additional connectivity options. However, additional components and protocols are used to complete wireless connections.

 

In an 802.3 Ethernet LAN, each client has a cable that connects the client NIC to a switch. The switch is the point where the client gains access to the network.

 

In a wireless LAN, each client uses a wireless adapter to gain access to the network through a wireless device such as a wireless router or access point.

wirelessLAN.jpg

More Related:

WLAN, WLAN’S Role & Advantages

Cisco Routing Quiz for Preparing CCNA Exam

Core Topics Covered on the CCNA Exam

10 Things to Know About the Cisco CCNA Voice Certification

Read more

Cisco IPv6 Static Address Configuration Tech Tips

August 20 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Networking

Once you have a basic understanding of IPv6, the next logical step on Cisco equipment is to test out the different capabilities that exist within Cisco equipment and IOS. Here we take a look at the configuration of IPv6 addressing on a Cisco IOS device.

 

Cisco IPv6 Static Address Configuration

IPv6 is a little different from IPv4 in that multiple IPv6 addresses can exist on a single network interface; this can include an Aggregatable Unicast Address, Link-Local Unicast address, and/or anycast address. The next few sections review the configuration of these different address types.

 

Configuring Unicast Addresses

There are two common address types that are assigned to each IPv6 interface; this includes an Aggregatable Unicast address and a Link-Local address. An Aggregatable Unicast address is allowed to be globally routed and operates similarly to a public IPv4 address.

 

An Aggregatable Unicast address can be configured in a number of ways. This article goes over the ways to statically address an IPv6 interface, which includes either specifying the whole IPv6 address and prefix-length or by using a prefix and using EUI-64. Table 1 shows the steps that are required to configure an Aggregatable Unicast address, using both a completely manual configuration and by using EUI-64.

 

Table1-IPv6 Aggregatable Unicast Address Configuration

1

Enter global configuration mode

router#configure terminal

2

Enter interface configuration mode

router(config)#interface interface

3

Configure the interface with a manual Aggregatable Unicast address

router(config-if)#ipv6 address address/prefix-length

 

OR

 

3

Configure the interface with an Aggregatable Unicast address using EUI-64. This method uses the prefix and the Interface ID to develop the complete IPv6 address to use.

router(config-if)#ipv6 address address-prefix eui-64

 

A Link-Local address is used to communicate between devices that share the same link; these addresses are only allowed to be used on the local link and are not routed. Link-Local addresses will automatically be configured using the interface identifier (typically the MAC address) when IPv6 is enabled on an interface or the Link-Local address can be manually configured. Table 2 shows the steps that are required to manually configure a Link-Local address.

 

Table2-IPv6 Link-Local Address Configuration

1

Enter global configuration mode

router#configure terminal

2

Enter interface configuration mode

router(config)#interface interface

3

Configure the interface with a Link-Local address

router(config-if)#ipv6 address address link-local

 

Configuring Anycast Addresses

The concept of an Anycast address did not exist within IPv4 and is intended to be (along with additional use of Multicast) a replacement for some of the capabilities of IPv4 broadcast addresses. An Anycast address is intended to be configured on the interface of multiple network devices that provide the same services (i.e. the subnet gateway, DNS server or other server). When a client uses the address, the network will direct it only to the closest device assigned the address to the client. Table3 shows the steps that are required to configure an Anycast address on an interface.

 

Table3-IPv6 Anycast Address Configuration

1

Enter global configuration mode

router#configure terminal

2

Enter interface configuration mode

router(config)#interface interface

3

Configure the interface with an Anycast address

router(config-if)#ipv6 address address/prefix-length anycast

 

While there are certainly a number of differences between IPv4 and IPv6 other than the obvious address length, what should be kept in mind is that the majority of the fundamentals are very similar and anyone familiar with IPv4 should be able to transition with a little research and practice. Hopefully the contents of this article make the static configuration of IPv6 address on a Cisco IOS device a little easier.

Reference from http://www.petri.co.il/ipv6-static-address-configuration.htm

More Info and Tips Related to IPv6:

How to Enable IPv6 Support on a Cisco Catalyst 3560 Switch?

First Hop Redundancy Protocols in IPv6 HSRP + GLBP

What Hardware Vendor IPv6 Support

IPv6 OSPF/v3: Case Study

Read more

Cisco Catalyst 4500 Supervisor Engine 6-E with CenterFlex Technology

August 16 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Cisco Catalyst 4500 Supervisor Engine 6-E with CenterFlex Technology-Secure, Flexible, Nonstop Communications.

The Cisco Catalyst 4500 E-Series, including the new Cisco Catalyst 4500 Supervisor Engine 6-E, three new E-Series line cards, and four new E-Series chassis, is a next-generation extension to the widely deployed Cisco Catalyst 4000 and 4500 Series of switches. Cisco Catalyst 4500 E-Series with CenterFlex technology, provides secure, flexible, nonstop communications to facilitate business resilience for enterprises, small and medium-sized businesses (SMBs), and Metro Ethernet customers deploying business-critical applications.

CenterFlex technology is enabled by the Supervisor Engine 6-E centralized application-specific integrated circuits (ASICs), which deliver the highest centralized performance and configuration flexibility in the industry. CenterFlex technology facilitates granular optimization of real-time voice, video, and data communication, maximizing performance and enhancing user experience. The new E-Series with CenterFlex technology is designed with unprecedented backward and forward compatibility, delivering exceptional investment protection and deployment flexibility to meet the evolving needs of organizations of all sizes.

Figure1. Cisco Catalyst 4500 Supervisor Engine 6-E

Cisco-Catalyst-4500-Supervisor-Engine-6-E-.jpg

Cisco Catalyst 4500 Supervisor Engine 6-E with CenterFlex Technology Feature Highlights

Centralized

• Centralized 320-Gbps switching capacity with 250 Mpps of throughput

• IPv6 support in hardware, providing wire-rate forwarding for IPv6 networks

• Dual 10 Gigabit Ethernet uplinks (X2 optics)

• Hardware forwarding entries: 256,000

• Quality-of-service (QoS) services hardware entries: 64,000

• Security services entries: 64,000

• Low latency

 

Flexible

• Flexibility to operate at 6 or 24 Gbps per line-card slot

• Ability to mix and match 6-Gbps classic and 24-Gbps E-Series line cards, with no performance degradation

• Twin gigabit converter modules that enable flexibility for up to 4 Gigabit Ethernet (Small Form-Factor Pluggable [SFP]) uplinks in the X2 optic slots

• Dynamic hardware forwarding table allocations for ease of IPv4-to-IPv6 migration

• Advanced QoS support with up to 8 queues per port, dynamic queue sizing, and hierarchical policing to provide flexibility and control

• Enhanced security with Unicast Reverse Path Forwarding (URPF) for added protection against network spoofing attacks

• File allocation table (FAT)-based file system for easier network administration

 

The Cisco Catalyst 4500 Supervisor Engine 6-E is compatible with classic Cisco Catalyst 4500 line cards, chassis, and power supplies, providing full investment protection. The Supervisor Engine 6-E delivers 24 Gbps per slot of switching capacity when deployed with the E-Series line cards in a Cisco Catalyst 4500 E-Series chassis. You can mix and match classic line cards and E-Series line cards within a Cisco Catalyst 4500 E-Series chassis with no performance degradation. When you deploy the Cisco Catalyst Supervisor Engine 6-E with classic line cards, all of the new features except the 24-Gbps per-slot switching capacity are inherited.

The Cisco Catalyst Supervisor Engine 6-E also provides flexibility and an easy migration path to 10 Gigabit Ethernet uplinks with dual-purpose X2 slots that can accommodate wire-speed 10 Gigabit Ethernet optics or Cisco Twin Gigabit Converter modules (Figure 2), enabling Gigabit Ethernet SFP optics.

 

The Cisco Twin Gigabit Converter Module, which ships standard with the Supervisor Engine 6-E (unless you order 10 Gigabit Ethernet optics on the configuration tool), converts a single 10 Gigabit Ethernet X2 interface into two Gigabit Ethernet port slots that can be populated with appropriate SFP optics, providing a total of 4 Gigabit Ethernet uplinks if used in both X2 interface slots. With the flexibility offered by the Cisco Twin Gigabit Converter Module, you can initially use the gigabit uplinks and then, as your business demands change, you can simply remove the Cisco Twin Gigabit Converter Module and insert 10 Gigabit Ethernet X2 optics to provide full line-rate 10 Gigabit Ethernet uplinks without having to upgrade. The ability to support both Gigabit Ethernet uplinks and 10 Gigabit Ethernet uplinks on a single supervisor engine further demonstrates the flexibility and the investment protection of the Cisco Catalyst 4500 Series.

Cisco Twin Gigabit Converter Module: Converting 10 Gigabit Ethernet X2 Interface Into Two Gigabit Ethernet SFP Interfaces

Cisco-Twin-Gigabit-Converter-Module.jpg

The increased capabilities and investment protection provided by the Supervisor Engine 6-E and CenterFlex technology facilitates not only scalability for today's network requirements but also investment protection by providing significant hardware resources for future growth.

 

Cisco Catalyst 4500 E-Series Line Cards

Cisco-Catalyst-4500-E-Series-Line-Cards.jpg

Cisco-Catalyst-4500-E-Series-Line-Cards02.jpg

Cisco-Catalyst-4500-E-Series-Line-Cards03.jpg

The Cisco Catalyst 4500 E-Series line cards include the following options:

• 48-port 10/100/1000 E-Series Power over Ethernet (PoE) line card (2:1 oversubscribed)

• 48-port 10/100/1000 E-Series Premium PoE line card (2:1 oversubscribed)

• 6-port 10 Gigabit Ethernet E-Series line card (2.5:1 oversubscribed)

The Cisco Catalyst 4500 48-port 10/100/1000 PoE and premium PoE E-Series line cards are designed for high-performance LAN access applications. The Cisco Catalyst 4500 6-Port 10 Gigabit Ethernet E-Series Line Card can be deployed for high-performance 10 Gigabit Ethernet aggregation in the campus, in small to medium-sized networks as a core switch, or in high-performance wiring closets where additional 10 Gigabit Ethernet uplinks are required. The Cisco Catalyst 4500 6-Port 10 Gigabit Ethernet E-Series Line Card supports standard X2 optics as well as Cisco Twin Gigabit Converter modules as orderable options.

For more information, refer to the Cisco Catalyst 4500 Line Card data sheet at: http://www.cisco.com/en/US/prod/collateral/modules/ps2710/ps5494/product_data_sheet0900aecd802109ea.html.

More detailed reference of Cisco Catalyst 4500 Supervisor Engine 6-E with CenterFlex Technology you can read at: http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps9294/product_data_sheet0900aecd806df543_ps4324_Products_Data_Sheet.html

More Related Cisco 4500 Info and Tips:

Generals Qs of Cisco Catalyst 4500 E-Series and Its CenterFlex Technology

Video Illustrates Cisco Catalyst 4500 Series Switches

Cisco Catalyst 4000/4500 Family, Entry-level Chassis-based Switch

Cisco Catalyst 6500 Switches Vs. Catalyst 4500 Series

Cisco Catalyst 4500 Switch, How to Configure a DHCP Relay on It?

Read more

Configuring Authentication in OSPF

August 12 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Networking

Routing protocols are used to exchange reachability information between routers. Routing information learned from peers is used to determine the next hop towards the destination. To route traffic correctly, it is necessary to prevent malicious or incorrect routing information from getting introduced into the routing table. This can be done by authenticating the routing updates exchanged between routers. Open Shortest Path First (OSPF) supports plain text authentication and Message Digest 5 (MD5) authentications.

Configuration overview:

Only three key point need to be remembered while configuring authentication in OSPF

A) Types of Authentication:

There are three different types of authentication available for OSPF version 2:
1) Null authentication: Null authentication means that there is no authentication, which is the default on Cisco routers.
2) Clear text authentication: In this method of authentication, passwords are exchanged in clear text on the network
3) Cryptographic authentication: The cryptographic method uses the open standard MD5 (Message Digest type 5) encryption.

B) Enabling OSPF Authentication:

OSPF authentication can be enabling in two ways:
1) Per interface: Authentication is enabling per interface using the "ip ospf athentication" command.
2) Area authentication: Authentication for area can enable using "area authentication" command.

C) Configuring Authentication Key:

In either case password must be configure at interface using "ip ospf authentication-key" or "ip ospf message-digest-key" command

 

Configuration Example:

A) Area based authentication Example:

To enable OSPF MD5 authentication:
Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#interface fa0/0
Router(config-if)#ip ospf message-digest-key 1 md5 cisco@123
Router(config-if)#exit
Router(config)#router ospf 100
Router(config-router)#area 2 authentication message-digest
Router(config-router)#exit

To enable clear text authentication
Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#interface f0/0
Router(config-if)#ip ospf authentication-key cisco@123
Router(config-if)#exit
Router(config)#router ospf 100
Router(config-router)#area 2 authentication
Router(config-router)#exit


Interface based authentication Example:
To enable OSPF MD5 authentication:
Router(config)#int fa0/0
Router(config-if)#ip ospf authentication message-digest
Router(config-if)#ip ospf message-digest-key 1 md5 cisco
Router(config-if)#exit
Router(config)#

 
To enable clear text authentication
Router(config)#int fa0/0
Router(config-if)#ip ospf authentication
Router(config-if)#ip ospf authentication-key cisco
Router(config-if)#exit
Router(config)#

 

OSPF commands for each authentication types:

Types of

Authentication

Area authentication

Command

Interface

Authentication

Command

Interface

Authentication

Key command

0-Null

<no command>

ip ospf authentication null

<no command>

1-Clear Text

area number authentication

ip ospf authentication

ip ospf authentication-key Key-value

2-MD5

area number authentication message-digest

ip ospf authentication message-digest

ip ospf message-digest-key key-num md5 Key-value

 

OSPF Virtual Link Authentication:

Virual link is an interface in area 0.This mean if you enable authentication on Area 0 it will automatically turn authentication on virtual link but as discussed above password(Key) must need to enable on interface.As we know Virtual link doesnt have any interface on which you can configure authentication,authentication on virtual link can be configure using"area virtual-link" command under OSPF process.

 

Verification Commands

Authentication failures can occur for two reasons:
1) Authentication type mismatch between neighbors
2) Authentication Key mismatch between neighbors
 

The below “debug ip ospf adj" output indicate mismatch in authentication type.
Router#debug ip ospf adj
OSPF adjacency events debugging is on
*Mar 1 00:02:30.279: OSPF: Rcv pkt from 10.1.1.2, FastEthernet0/0 : Mismatch Authentication type. Input packet specified type 2, we use type 0

*Mar 1 00:02:39.603: OSPF: Rcv pkt from 10.1.1.2, FastEthernet0/0 : Mismatch Authentication type. Input packet specified type 2, we use type 0

Router#sh ip ospf int fa0/0
FastEthernet0/0 is up, line protocol is up
  Internet Address 10.1.1.2/24, Area 0
  Process ID 100, Router ID 10.1.1.2, Network Type BROADCAST, Cost: 10
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) 10.1.1.2, Interface address 10.1.1.2
  No backup designated router on this network
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:06
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 0
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 0, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)
Message digest authentication enabled
    Youngest key id is 1

 

Related Information:

Sample Configuration for Authentication in OSPF

Configuring OSPF Authentication on a Virtual Link

---Resources from https://supportforums.cisco.com/docs/DOC-4449

More Related:

Conditional Route Origination in OSPF Domain

How to Use OSPF Point-to-Multi-Point on Ethernet?

Basic HSRP Configuration Example On Cisco IOS XR

Conditional Route Origination in OSPF Domain

How to Configure Cisco Routers as Frame Relay Switch (FRS)?

Read more

Cisco’s Nexus Switching Portfolio to Transform Your Data Centre

August 8 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco News

The data centre is the heart of the network, delivering business agility and promoting ITNexus-data-center.jpg transformation. As your business evolves and you look towards new technologies and applications to grow, the data centre switching architecture that underpins the delivery of enterprise-wide applications and services must provide the scalability, convergence, and intelligence that will enable your company to thrive.

The Cisco Nexus family of data centre switches, part of Cisco's Unified Fabric, provides you with industry leading products and innovations that enable you to transform your data centre through key capabilities that create a simpler, smarter, more scalable and resilient network.

Delivering Architectural Flexibility and Choice

Data centre functionality, space, and architectures can differ from business to business and even from location to location. The Cisco Nexus family of data centre switches provides a comprehensive product portfolio that can be deployed at the aggregation, core, top of rack, middle, or end of row and as an embedded virtual switch integrated into your server hypervisor. By delivering a flexible architecture we address the requirements of various designs, cabling, and environmental requirements.

The Power of Cisco NX-OS Software Innovations

Cisco NX-OS software, a proven, purpose-built data centre operating system, provides you with an intelligent and scalable network operating system that offers continuous availability and sets the standard for mission-critical environments. Cisco NX-OS software delivers exceptional operational flexibility through a single operating system that is also used on the Cisco MDS 9000 family of storage switches and the Cisco UCS 6100 Series Fabric Interconnects of the Cisco Unified Computing System for consistent operations across physical, virtualized, and converged environments. This allows you to implement a single operating system across network, storage, and compute infrastructures, thus simplifying data center operations, resulting in a positive effect on operational costs.

More about “Transform your data centre with Cisco’s Nexus switching portfolio” you can read PDF file at

http://www.cisco.com/en/US/solutions/collateral/ns224/ns945/cisco_nexus_series_solution_brief.pdf 

More about Cisco IOS:

Cisco IOS Versions and Naming Overview

Read more

One Platform Kit (onePK) for Developers

August 6 2013 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco & Cisco Network

Cisco onePK, short for One Platform Kit, is an easy-to-use developer’s toolkit for innovation, automation, and service creation. onePK delivers the benefits of network programmability on Cisco routers and switches. onePK allows you to tie your network more effectively to ever changing application needs, providing improved business agility and decreased opex. onePK allows your network’s power to be unleashed in new ways for a faster, more flexible, and intelligent infrastructure.

What Problems Does It Help Solve?

Need for deeper access to information stored within network devices

Need to exercise greater or more precise control over flows and routes

Need to extract particular packets for modification and reinjection

Need to improve quality of service based on custom parameters

Need to add services to the network without making a huge infrastructure investment

Need to allow programmers to augment network operation in response to application-specific business logic

Need to bridge the operational gap between disparate systems

Need to deploy a gateway or network service without adding hardware or constraining functionality based on physical connectivity

 

Applications of onePK for Specfiic Customer Types

Improve visibility and control over network operations (all market segments)

Reduce hardware footprint for new services or gateway functions (enterprise and service provider)

Automate new service provisioning for customers (cloud service provider)

Deliver more consistent quality of service to multimedia service customers (service provider)

Achieve higher levels of data security when transmitting over untrusted networks (government/defense)

Improve the perceived speed of the application to users of hyperscale data center services (for example, social media websites)

Orchestrate new services or additional resources more quickly and cost-effectively (data centers and service providers)

Modify packets to enhance security, reliability, or performance for customers (data centers and service providers)


One Platform Kit (onePK)

onePK is a flexible development environment that supports C or Java programs. Your source code can be written and compiled using any tools that you want. The onePK infrastructure is built right into the operating system of all Cisco platforms and communicates with the onePK presentation layer, supporting the developer’s C or Java programs.

onePK-Language-of-Choice.jpg

This architecture gives users maximum deployment flexibility. onePK along with Cisco’s container support allows the user to host applications on the device processor board, a services blade available with some Cisco platforms or a separate server, that communicates to the onePK infrastructure using a secure communications channel.

Because the API is consistent across all Cisco platforms, the developer can write an application once and have that application deployed on any switch or router.

 

What Are the Benefits of onePK?

Build, automate, improve: Create new or improve existing applications and services, increase productivity

Speed and faster adaptability: Provide flexibility for rapidly changing business needs and reduced operating costs

Extend: Extend the functionality of your network

New Revenue Opportunities: Provide monetization of new applications or services, create services more quickly with code that you can write once and run anywhere

 

Simplicity, integration, and the power of choice

Utilize with your programming language and tools of choice

Run it on any server or right in the network device

 

More Related:

Cisco IOS Versions and Naming Overview

Read more