Posts with #cisco technology - it news tag
Watch this video for an overview on Cisco Digital Network Architecture.
Raakhee Mistry (Marketing Manager, has been with Cisco for over 12 years, serving in product management, partner program and solutions marketing roles.) collected the different audiences’ responses to Cisco Digital Network Architecture. She pointed out: Analysts agree that Cisco DNA is a Game Changer. Yes. The New Cisco DNA is a Game Changer for the Digital Era.
Cisco DNA is short for Digital Network Architecture. The Cisco Digital Network Architecture is a platform that will give our customers both a roadmap to digitization and a path to recognize immediate benefits of network automation, assurance and security. Cisco released it at Cisco Partner Summit 2016.
Cisco DNA complements Cisco’s market leading, data center based Application Centric Infrastructure (ACI) technology by extending the policy driven approach and software strategy throughout the entire network: from campus to branch, wired to wireless, core to edge.
Cisco DNA is delivered within the Cisco ONE Software family, enabling simplified software-based licensing, and helping with investment protection and flexibility.
The IT networking industry continues to demand knowledgeable professionals to help manage, secure and optimize their network infrastructure. Networking jobs can be found worldwide in exciting industries such as fashion, sports, and entertainment. Research indicates that a certification is second only to a four year college degree as a way to qualify people for positions and certifications were rated to be the top criteria in being able to determine an applicant's qualifications.
Cisco Digital Network Architecture Benefits
- Insights. The network touches all things digital – users, devices, applications, sensors and cloud – and networking professionals are in a unique position to help their organizations capture insights in real time that allows businesses to make better decisions instantly and deliver better experiences.
- Automation. This area is centered on IT speed and simplicity. Today’s networking professionals are CLI jockeys, but that will offer less value as time goes on. The network is evolving to software with software-defined networking, open APIs, network function virtualization and more. These new technologies provide networking IT with unprecedented agility that helps IT deliver business requirements faster and can free up cycles to support more strategic projects for their organization.
- Security. While digital technologies have opened up new opportunities, they have also introduced a level of risk. As we see the proliferation of mobile devices and cloud adoption, the network perimeter is evolving and the attack surface has the potential to grow significantly. To combat that risk, networking professionals will be able to offer the business a new approach to inject security pervasively through the network, which can be the sensor and enforcer of security threats.
DHCP is short for Dynamic Host Configuration Protocol. We know that DHCP is used in LAN environments to dynamically assign host IP addresses from a centralized server, which reduces the overhead of administrating IP addresses.
I’ve read an article “DHCP Snooping and DHCP Snooping Configuration” that is about a CCIE’s experience. In that article it also shares the DHCP Option 82 concept.
In this article we will share some info of using the DHCP Option 82.
DHCP also helps conserve limited IP address space because IP addresses no longer need to be permanently assigned to client devices; only those client devices that are connected to the network require IP addresses. The DHCP relay agent information feature (option 82) enables the DHCP relay agent (Catalyst switch) to include information about itself and the attached client when forwarding
DHCP requests from a DHCP client to a DHCP server. This basically extends the standard DHCP process by tagging the request with the information regarding the location of the requestor. (See the Figure “DHCP Option 82 Operation”)
The following are key elements required to support the DHCP option 82 feature:
• Clients supporting DHCP
• Relay agents supporting option 82
• DHCP server supporting option 82
The relay agent information option is inserted by the DHCP relay agent when forwarding the client-initiated DHCP request packets to a DHCP server. The servers recognizing the relay agent information option may use the information to assign IP addresses and to implement policies such as restricting the number of IP addresses that can be assigned to a single circuit ID. The circuit ID in relay agent option 82 contains information identifying the port location on which the request is arriving.
1. The DHCP option 82 feature is supported only when DHCP snooping is globally enabled and on the VLANs to which subscriber devices using this feature are assigned.
2. DHCP and the DHCP option 82 feature have not been validated in the lab for EttF version 1.1. At this time, Cisco recommends considering only DHCP with option 82 for the application servers at level 3.
Mobile devices are so popular today, which range from laptops, tablets, smartphones to others. And now all kinds of mobile device types now connect to your wireless LAN. All these mobile devices might use a mix of new and old Wi-Fi technologies – 802.11ac, 802.11n, and 802.11a connections – for access. To keep the older and slower clients from impeding the performance of newer and faster 802.11ac Wave 1 and 2 connections, there is Cisco ClientLink.
ClientLink is a beamforming capability built into Cisco Aironet wireless LAN access points. When the access point (AP) concentrates signals toward the receiving client, that client is better able to “hear” the AP’s transmission, so throughput is greater. ClientLink also enhances performance in the uplink (client-to-AP) direction, so that the AP can also better hear the client communications. The result is improved performance in both directions.
By comparison, many competing 802.11ac-capable APs offer uplink-only enhancements, from client to access point. Many 802.11ac-capable AP suppliers also base their downlink enhancements on the optional transmit beamforming (TxBF) feature in 802.11ac, which requires TxCBF support in the client device to operate. Cisco ClientLink technology is unique in offering both uplink and downlink performance improvements, and it doesn’t require any special capabilities in the client device to work.
ClientLink works with all client technologies. It makes sure each client type always operates at the best possible rate, as determined by the 802.11 access technology supported, network conditions, and the distance of the client from the Wi-Fi AP. ClientLink helps maintain maximum client rates even at cell boundaries, when clients are farthest away from the AP.
How to Get the Most from 802.11ac?
The 802.11ac standard inherently provides performance increases compared with earlier 802.11 technology versions. But because 802.11-based equipment is backward-compatible with older versions of the standard, it pays to run a mixed-client network to get the most out of your device investments. At the same time, however, your older clients can delay communications for the faster 802.11ac clients, hindering 802.11ac performance benefits.
Cisco ClientLink overcomes this issue for more reliable mobile experiences. In Aironet 802.11ac APs, ClientLink uses four transmit antennas to focus transmissions in the direction of the Wi-Fi client, surpassing the industry norm. This support improves downlink signal-to-noise ratio (for better client “hearing”) and boosts the data rate over range so you can reduce coverage holes and enhance overall system performance. Table 1 illustrates the Cisco performance advantages of using ClientLink technology.
You get beamforming enhancements across your entire client population of new and old devices: Cisco ClientLink beamforming works with all client types, and IEEE-standard transmit beamforming (TxBF) is also built into all Cisco Wi-Fi-Certified 802.11ac access points to benefit the 802.11ac clients that support it.
ClientLink also works with multiuser multiple input, multiple output (MU-MIMO), part of the 802.11ac standard that enables concurrent transmissions between an AP and multiple 802.11ac client devices that also support MU-MIMO. As a result, Cisco ClientLink can now also provide performance boosts across a mixture of 802.11ac, 802.11 n, and 802.11a clients to further benefit your entire wireless network.
The wireless difference is in the implementation details. Turn to Cisco ClientLink-enhanced APs to get best performance from all Wi-Fi clients on your network.
More Related Cisco Wireless Topics…
It is well known that Cisco ASA series supports IPv6 and it can be setup very easily and quickly. In the following part it focuses on a basic ASA setup for a native IPv6 network. As you will see, there are very few commands required to have your ASA firewall join an IPv6 ready network.
Here is a quick way to configure up your ASA firewall for IPv6 connectivity.
In this step we assign a link local address to the interface. There are 2 ways to assign a link local address to the interface
Configure the interface to generate a link local address from its MAC address.
interface GigabitEthernet 0/0 no shutdown nameif inside ipv6 enable
When you enter IPv6 enable, a link local address is automatically generated (this is based on your mac address).
Configure a link local address manually.
interface GigabitEthernet 0/0 no shutdown nameif inside ipv6 address <ipv6-address> link-local
Using the above command you can assign a link local address to the interface manually.
You can verify the link local address by executing the “show ipv6 interface” command.
Next we have to assign the global address to the interface. There are 2 ways of doing this.
You can manually assign a global IPv6 address to the interface.
interface GigabitEthernet 0/0 ipv6 address 2001::db8:2:3::1/64
With the IPv6 address command above, you are manually specifying the global IPv6 address for the interface. You can specify more than one IPv6 addresses for the interface using the command.
You can configure the interface to obtain the address automatically using stateless address autoconfiguration.
interface GigabitEthernet 0/0 ipv6 address autoconfig
Enabling stateless autoconfiguration on the interface configures IPv6 addresses based on prefixes received in Router Advertisement messages.
NOTE: There was a defect (CSCuq62164) in the ASA software that caused the ASA to not assign an address if it received a RA message with both the M and A flags set. This has been fixed in 9.3(1) release and hence we recommend this version if you intend to use SLAAC for configuring the address on ASA interfaces.
Verify IPv6 configuration.
show ipv6 interface inside is up, line protocol is up IPv6 is enabled, link-local address is fe80::e6c7:22ff:fe84:eb2 Global unicast address(es): 2001:db8:2:3::1, subnet is 2001:db8:2:3::/64 Joined group address(es): ff02::1:ff00:1 ff02::1:ff84:eb2 ff02::2 ff02::1 ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 1000 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses.
Step 4 (Optional)
Suppress Router Advertisement messages on an interface.
By default, Router Advertisement messages are automatically sent in response to router solicitation messages. You may want to disable these messages on any interface for which you do not want the security appliance to supply the IPv6 prefix (for example, the outside interface).
Enter the following command to suppress Router Advertisement messages on an interface:
ipv6 nd suppress-ra
Neighbor discovery will continue to be operational even though RA suppression has been configured.
Define an IPv6 default route.
ipv6 route outside ::/0 next_hop_ipv6_addr
Using ::/0 is equivalent to “any”. The IPv6 route command is functionally similar to the IPv4 route.
Using the regular access-list command define the access-lists with IPv6 addresses in them so as to permit the required traffic to flow through the ASA.
access-list test permit tcp any host 2001:db8::203:a0ff:fed6:162d access-group test in interface outside
The above is permitting traffic to a specific server 2001:db8::203:a0ff:fed6:162d.
SECURING THE FIREWALL
If you plan to configure autoconfig for the IPv6 global address on the ASA, you should limit the amount of router advertisements (RA) to known routers in your network. This will help prevent the ASA from being auto configured from unknown routers.
access-list outsideACL permit icmp6 host fe80::21e:7bff:fe10:10c any router-advertisement access-list outsideACL deny icmp6 any any router-advertisement access-group outsideACL in interface outside interface GigabitEthernet 0/0 nameif outside security-level 0 ipv6 address autoconfig ipv6 enable
The above access-list when applied on the ASA will limit receiving router advertisements (RA) from only the router specified. All other RAs will be denied.
Configuring ASA to help autoconfigure IPv6 addresses on hosts behind the ASA
The hosts in the network behind the ASA might be configured to autoconfigure their IPv6 address. Dynamic address assignment happens in 2 ways on IPv6 networks. It could either be a stateful address assignment or stateless address assignment.
Stateful dynamic address assignment
For stateful address assignment, a DHCPv6 server needs to be configured on the network that can assign address to hosts upon request. ASA currently does not have the ability to host a DHCPv6 server on its interfaces. But the ASA can act as a DHCPv6 relay agent. In order to enable stateful dynamic address assignment to hosts behind the ASA, the DHCPv6 relay agent needs to be configured on the ASA.
To configure the DHCPv6 relay agent the following configuration is needed:
ipv6 dhcprelay server 2001:db8:c18:6:a8bb:ccff:fe03:2701 ipv6 dhcprelay enable inside
The first command specifies the address of a DHCPv6 server to which the DHCP requests are forwarded. The command also accepts an optional interface name that specifies the output interface for the destination. The second command enables DHCP relay on an interface. When DHCP relay is enabled on an interface, all the DHCP requests coming on that interface get forwarded to the configured DHCP server.
Stateless dynamic address assignment
In Stateless Autoconfiguration (SLAAC) the client picks up its own address based on the prefix being advertised by the ASA. The prefix is advertised by means of an IPv6 router advertisement. ASA sends out IPv6 router advertisements by default from any interface on which a global IPv6 address is configured. Additionally, a DHCPv6 relay agent can be configured to point to a DHCPv6 server that can advertise a DNS server address and a domain name only.
IPv6 Prefix delegation
ASA does not support IPv6 prefix delegation yet. If the network behind the ASA requires to be assigned IPv6 addresses based on the prefix delegated by a delegation router, then we need to place an ASA between the provider edge (PE) router and the IPv6 capable customer premise router. The ASA must be in transparent mode. This way the ASA protects the entire IPv6 network, including the infrastructure router, on the customer premises. All ICMP6 traffic must be permitted on the ASA running in transparent mode.
The following must be configured on the ASA:
firewall transparent interface BVI1 no ip address ipv6 enable interface GigabitEthernet0/0 nameif outside bridge-group 1 security-level 0 interface GigabitEthernet0/1 nameif inside bridge-group 1 security-level 100 access-list permit_icmp6 extended permit icmp6 any6 any6 access-group permit_icmp6 global
This example uses a link-local IPv6 address on the BVI interface. You can also configure an explicit IPv6 address for in-band management purposes.
The original article was shared from https://supportforums.cisco.com/document/61451/cisco-asa-ipv6-quick-start
More Cisco Firewall & Network Security Topics you can read here...http://blog.router-switch.com/category/reviews/cisco-firewalls-security/
The MIG-2450 is a gateway specifically designed for transportation solutions in environments such as buses, trains and planes.
Now, Cisco is focusing on the Internet of Things and delivering more than a dozen new IoT-focused products and a handful of services for channel partners. IoT can do many things for industries.
The IoT is transforming the mass transportation industry. With smart, connected devices, transit companies can monitor hundreds of details about vehicles, tracks, environmental conditions, and much more. IoT technology can also help businesses deliver the value-add services passengers are beginning to expect, such as onboard Wi-Fi.
The challenge for today’s transportation companies is to find secure, efficient ways to put this IoT technology to work. Connecting devices and endpoints across a complex, wide-ranging transportation network can take a lot of time and resources.
Cisco designed the Cisco Mobile IP Gateway 2450 to help simplify these tasks.
The MIG-2450 is a mobile connectivity gateway that delivers high availability communications between central offices, trackside operators, and transit vehicles by integrating GPS, Ethernet, Wi-Fi, and mobile broadband modems.
The MIG-2450 helps you comply with safety and interoperability regulations. It also gives you a way to collect and analyze data without the need for yet another piece of hardware to fit onboard a vehicle. And its modular design provides powerful connectivity for the services and applications that enhance the transportation experience for passengers and workers alike.
• Automate and improve communication between the back office and transit vehicles.
• Boost efficiency and simplify decision making with visibility into vehicles, workers, and security system statuses.
• Enhance the user experience with new, value-added Wi-Fi services for passengers.
• Improve safety for passengers and employees with telematics, driver performance monitoring, and systems analytics applications.
• Reduce operational costs by automating systems management and streamlining PTC compliance for safety and speed enforcement.
Built for a Wide Range of Use Cases
The Cisco Mobile IP Gateway 2450 helps make your transportation operations more efficient, cleaner, and safer. And less costly to run.
With this critical component in your network infrastructure, you can:
• Provide high-performance passenger Wi-Fi
• Implement and manage onboard information systems
• Make transportation safer with wireless surveillance
• Comply more easily with safety and speed regulations
• Remotely monitor and manage mobile assets
• Monitor driver and vehicle performance in real time
• Run systems analytics applications
Offering Options for the Way You Do Business
The MIG-2450 delivers the following features:
• Hardened, scalable industrial system with a compact form factor, wide operating temperature range, fanless operation, and compliance with AAR Standard S-9401 and EN-50155
• Centralized management to allow operators to remotely monitor, control, and perform diagnostics
• Support for up to 4 Type-1 or 10 Type-2 interface cards for extensible connectivity
• Robust connectivity with support for quality of service (QoS), dynamic roaming, multilink load balancing and failover, and link monitoring
• Durable security through Internet Protocol Security (IPsec), Secure Shell (SSH), AES encryption, and datagram transport layer security (DTLS)
Info from http://www.cisco.com/c/dam/en/us/products/collateral/se/internet-of-things/at-a-glance-c45-735028.pdf
More new IoT-related products announced from Cisco (15 in total) include:
- IE5000 purpose-built switch designed for manufacturing and cities.
- IW3702 wireless access point for mass transit systems and city-wide wi-fi deployments.
- IR 809 and IR 829 series of industrial routers with wi-fi and 4G/LTE connectivity for transportation organizations.
- 4G/LTE modules for CGR 1000 for utility companies, 5921 Embedded Services Routers for industrial networking in remote locations.
- 360° 5MP & 720p IP cameras for situational awareness. They're also outfitted with audio and digital sensors.
- Physical security analytics applications that connect to the IP cameras.
- Fog computing data services for the creation of policies that can monitor and then take action on data that flows through an IoT environment.
- IoT Field Network Director for monitoring and customizing IoT network infrastructure.
- Fog Director for centrally management apps that run at the network's edge.
Cisco fleshed out its Internet of things system, and product line in early June this year.
IoT, the Internet of Things, is one of the most profound transitions in technology today.
The Cisco IoT System is a comprehensive set of technologies and products for enterprises to help accelerate the transition to an intelligent, IoT-based infrastructure. This broad portfolio of infrastructure technologies and products can enable customers to connect, manage, and control previously unconnected devices.
Gain deeper insights with analytics on IoT data. Better secure your physical and digital assets and data. And innovate by creating and deploying IoT applications from the cloud to the fog.
Cisco IoT System can enable industries such as manufacturing, energy, transportation, public safety, and smart cities to deploy and accelerate IoT solutions.
In San Francisco, an integrated, Internet of Things (IoT)-based network with parking, garage, and roadway sensors reduced parking search time by 43 percent. And parking citations dropped by 23 percent.
On the Aegean Motorway in Greece, IoT sensors deliver real-time traffic and weather information, speeding emergency response and improving safety and travel time.
The Internet of Things is driving efficiencies and innovation in industries ranging from energy and utilities to manufacturing, public safety, and transportation. But to realize the potential of IoT, you need reliable, high-quality, high-speed network connections to collect and transmit data from a multitude of deployed devices.
The Cisco industrial router portfolio includes a range of compact, ruggedized modular platforms on which you can build a highly secure, reliable, and scalable communications infrastructure. These products are certified to meet harsh environmental standards. They support a variety of communications interfaces, such as Ethernet, serial, fiber, cellular, WiFi, Wi-SUN RF mesh, and others.
• Reduce downtime and maintain continuous access to applications, data, and content with highly reliable platforms
• Prioritize operational traffic from SCADA networks and allocate network bandwidth using advanced quality-of-service features
• Lower operational costs and simplify new device deployments with zero-touch provisioning; manage, monitor, and update devices remotely
• Improve security with cyber and physical networkwide security policies, secure VPNs, and stateful firewalls, and gain unparalleled visibility and control
• Improve application resilience by distributing intelligence across the network using Cisco IOx, an open, extensible environment for hosting applications
• Boost efficiency and better decision making by tracking and monitoring equipment, assets, workers, and important business system components
The Cisco Industrial Router Portfolio
The complete line of industrial routers include:
Cisco 1000 Series Connected Grid Routers: Rugged routers designed for harsh environments, like those found in the utilities industry. Ideal for integrating multiple applications, such as advanced metering infrastructure (AMI), distribution automation, distributed energy resources (DER), street lighting, and remote workforce automation, onto a single platform.
Cisco 2000 Series Connected Grid Routers: Highly secure, reliable routers for the energy and utilities industries positioned for SCADA monitoring for transmission and distribution.
Cisco ASR 903 Aggregation Services Routers: Full-featured, modular, small-footprint, and fully redundant aggregation platforms. They offer service flexibility and deliver Layer 2, IP, and Multiprotocol Label Switching (MPLS) transport for advanced Layer 2 VPN, Layer 3 VPN, and multicast services
Cisco 500 Series WPAN Industrial Routers: Wi-SUN RF Mesh ruggedized router provide unlicensed 915-MHz, ISM-band wireless personal-area network (WPAN) communications that enables IoT applications, including smart metering, distribution automation, street lighting, and remote supervisory control and data acquisition (SCADA) monitoring.
Cisco 809 Industrial Integrated Services Routers: Very compact cellular (3G and 4G/LTE) industrial routers for remote deployment in various industries. They enable reliable and secure cellular connectivity for remote asset monitoring and machine-to-machine (M2M) solutions such as distribution automation, pipeline monitoring, and roadside infrastructure monitoring
Cisco 819 Integrated Services Routers: Compact, hardened, form factor cellular (3G, WLAN, or 4G options) routers that allow businesses to deploy secure 3G WWAN services and applications, like ATMs, wireless kiosks, digital signage, and more.
Cisco 829 Industrial Integrated Services Routers: Highly ruggedized compact cellular (3G and 4G LTE with GPS and dual SIM) and WLAN (2.4/5GHz) industrial routers supporting for scalable, reliable, and secure management of fleet vehicles and mass transit applications.
Cisco 910 Industrial Router: Highly adaptable routers that you can easily integrate with third-party solutions to deliver smart city applications, such as environmental monitoring, smart parking, smart metering, and more.
Capabilities for Rugged, Industrial Settings
We designed the Cisco industrial routers to withstand harsh operating environments and to offer high-speed connectivity with the scale to handle thousands of devices. Key features include:
- Design for industrial applications, including extended environmental, shock, vibration, and surge ratings; a complete set of power input options; convection cooling; and DIN rail, 19-inch rack or wall mounting.
- Advanced security such as Dynamic Multipoint VPN, stateful firewall, and access control lists to provide multi-layered security architecture across different places in the network.
- Diverse modular interfaces (Ethernet, T1/E1, 3G and 4G LTE cellular, asynch/synch, serial, and others) to interface and backhaul for different existing infrastructures.
- Advanced quality-of-service (QoS) capabilities to support mission-critical communications, such as substation communications or SCADA.
- Cisco IOx, an open, extensible environment for hosting applications at the network edge for distributed intelligence.
- Easy and user-friendly deployment, setup, operation, and management using network management tools such as IoT Field Network Director and Industrial Operations Kit.
Reference from http://www.cisco.com/c/dam/en/us/products/collateral/routers/809-industrial-router/at-a-glance-c45-735008.pdf
More Related Topics of Cisco Industrial Routers
Cisco UCS is a model-driven server management system designed to reduce hardware and connectivity constraints, simplify server lifecycle management, and provide an agile infrastructure to support cloud computing. Based on a 10-Gigabit Ethernet-FCoE unified fabric, UCS greatly reduces the number of server connections and access-layer switches by consolidating compute resources around a unified I/O fabric that supports network, storage, and management traffic simultaneously. What tips you should know about the exact Cisco UCS?
Here 10 Tips to Know about Cisco UCS
1. The most important feature of UCS is its management architecture. The hardware was all designed with unified management in mind in order to reduce the administrative overhead of today’s server environments. As companies move to more highly virtualized environments and cloud architectures, automation and orchestration becomes key. UCS provides the management and provisioning tools at a hardware level to quickly realize the benefits of these types of environments and maximize the inherent cost reductions.
2. UCS is not just about blades. The management and I/O infrastructure is designed from the ground up to manage the entire server infrastructure including rack-mount servers. While blade adoption rates continue to grow, 60% of all servers are still rack-mount. UCS’s ability to manage both rack-mount and blade servers under one platform is a key differentiator with major ROI benefits. This ability will be available by the end of the calendar year.
3. UCS is based on industry standards such as the 802 Ethernet standards and x86 hardware architecture, making it vendor neutral and fully compatible with other systems. The UCS system is interoperable with any existing infrastructure and can be tied into management and monitoring applications already being utilized.
4. Using the Virtual Interface Card (VIC) or Generation 1 Converged Network Adapters (CNA) from Emulex or Qlogic, UCS has a unique capability of detecting network failures and fail traffic paths in hardware on the card. This allows network administrators to design and configure network failover end-to-end, ensuring consistent policies and bandwidth utilization. Additionally this unique feature provides faster failover and higher redundancy than other systems.
5. The management infrastructure of UCS is designed to allow an organization to provision and manage the system in the way that most closely fits its process. If a more dynamic process is desired, UCS allows a single administrator to cross traditional boundaries in order to increase operational flexibility. If the current organizational structure is rigid and changes are not desired, UCS provides tight Role Based Access Control (RBAC) tools to maintain strict boundaries that match the current customer environment. If an organization is looking to UCS to provide an Infrastructure as a Service (IaaS) type environments, the benefits of UCS can be extended into custom self-service portals using the UCS XML interface.
6. UCS reduces infrastructure components and costs by providing advanced tools for I/O consolidation. The UCS system is designed to converge disparate I/O networks onto a single Ethernet infrastructure. This consolidation is not limited to FCoE deployments; it extends these benefits to NFS, iSCSI, RDMA and any other protocol utilizing Ethernet for Layer 2 communication.
7. Current UCS hardware provides up to 80Gbps of converged I/O to each chassis of 4-8 blades. This is done using a pair of redundant I/O modules which both operate in an active fashion. This is not a bandwidth limitation of the mid-plane which was designed for 40Gbps Ethernet and above. Future I/O modules will provide additional bandwidth to the chassis and blades as data center I/O demands increase.
8. The single-point-of-management for the server access layer provided by UCS can be extended to the VMware virtual switching infrastructure, further reducing administrative overhead. Using Pass-Through Switching (PTS) on UCS, the VMware virtual switching environment can be managed through the UCS service profile the same way physical blades are managed.
9. Memory extension on the UCS B250-M1 and B250-M2 blades provide industry leading 384GB of memory density for 2 socket servers. Moreover, because this increased density is gained through additional DIMM slots, lower density DIMMS can be used at significantly lower cost to reach up to 194GB of memory. In addition to the M250 blades, the B440 adds support for the 2 or 4 Xeon 7500 processors with 4, 6, or 8 cores depending on processor model.
10. While the UCS architecture was designed to amplify the benefits of server virtualization and Virtual Desktop infrastructures (VDI), the platform is standards based and can be used with any bare metal x86 based operating system such as Windows, SUSE/Red Hat Linux, etc. UCS can operate with any mix of server operating systems desired for any given customer.
More Related Cisco UCS Info:
Basic tips of configuring Quality of Service (QoS) with VoIP, including the high level QoS methods available to achieve quality voice traffic.
One of the most important things that must be configured in concert with available VoIP solutions is Quality of Service (QoS). Without QoS options properly configured, the quality of voice (and video) could, and probably will be, sacrificed along with the overall demands of general traffic. These options provide a priority channel that is used by the voice traffic so that quality can be maintained while also allowing general traffic flow. This article reviews QoS basics and briefly discusses available QoS options and how they operate to provide quality for voice traffic.
Many of these QoS concepts are integral when studying for a Cisco voice certification. QoS concepts are covered on all of the following exams:
•640-461 ICOMMv8.0 - CCNA Voice
•642-437 CVOICE v8.0 - CCNP Voice
•350-030 CCIE Voice Written - CCIE Voice
QoS Deployment for VoIP Case Study Example
There are a number of QoS factors to consider when configuring a modern QoS implementation on Cisco, or any other vendor’s equipment. However, the most basic of these concepts revolves around what QoS is attempting to accomplish. There are four major factors that need to be controlled in order to have a quality VoIP phone call; these include:
•Bandwidth – The amount of end-to-end available bandwidth dictates whether a call will work correctly or not. With unlimited constant bandwidth, a voice call can work from end-to-end without much issue; however, bandwidth is rarely unlimited. The codec selected for use over a specific line is dictated by the amount of available bandwidth and the number of active calls required.
•Delay – Unlike with data communications, too much delay on a voice call can make the quality of the call unbearable. Of course, all voice communications have some amount of delay which must be kept to a number that is as small as possible. Typically, with VoIP, optimum call quality includes an end-to-end delay of less than 150ms.
•Jitter – Jitter is the amount of delay variation in call traffic. If traffic over a connection is constantly delayed at 100 ms, no issue occurs. However, if for the first portion of the call there is short delay (e.g., below 5ms), followed by a period of long delay (e.g., over 300ms), and then another short delay, the receiving voice device may have trouble synchronizing all of the incoming traffic as it is received in an inconsistent manner.
•Loss – Obviously, the loss of voice packets results in the loss of audio on the connection. Small amounts of loss (< 1%) over the course of a connection will probably not be noticed, but if this loss becomes a large problem then significant loss in voice quality occurs.
There are a number of different methods that can be used to control the QoS of a voice connection; these include:
•Classification and Marking
Classification and Marking
The most commonly used method of QoS classification and marking is Differentiated Services (DiffServ). The general concept of DiffServ is to monitor the traffic coming through a device; all traffic is then classified into a specific traffic classification (for example, Voice Traffic or Data Traffic). Once this traffic is classified, it is marked with this classification using one of a number of methods. Commonly with IP traffic, the ToS field is used in the IP header and is classified with a Differentiated Service Codepoint (DSCP). This marking is then used by successive devices in prioritizing which traffic to process first.
See related article on QoS Marking and Classification
There are a number of different link efficiency mechanisms. The most commonly known mechanisms include IP header and payload compression. Other mechanisms include Link Fragmentation and Interleaving (LFI). These are typically used on slower speed serial links to improve delay by fragmenting larger packets into smaller ones, thus allowing other smaller packets to be processed. Obviously, the more efficient the link, the less delay is subject to a VoIP connection.
The concept of congestion on a connection is rather simple to explain; the more congested a link, the less likely a packet will be able to get through in a timely manner required by VoIP (think, rush hour in NYC or LA). Congestion management mechanisms attempt to control the amount of congestion faced by traffic by processing the traffic in a variety of different ways, some more complex than others. Many of these methods are used in conjunction with markings given to traffic (e.g., DSCP). The most common methods include:
•Priority Queuing (PQ)
•Custom Queuing (CQ)
•Weighted Fair Queuing (WFQ)
•Class Based – Weighted Fair Queuing (CBWFQ)
•Low Latency Queuing (LLQ)
See related article on Queue Configuration and Congestion Management.
Congestion avoidance is another method of QoS; the most common of the techniques used is called Weighted Random Early Detection (WRED). Basically, WRED attempts to predict that congestion will be forthcoming, and when this happens packets are selectively dropped to avoid congestion.
There are a number of different QoS concepts that must be understood in order to properly implement a VoIP network or pass the Cisco voice certification tests. The concepts covered in this article are a simple overview of the high level QoS options available. Hopefully, this article will help the student understand these high level concepts before digging into the depths required for true understanding.
---Original reference from http://www.petri.co.il/voip-quality-of-service-basics.htm
More Related Reference:
More Cisco resources you can visit: http://blog.router-switch.com/
This document describes the password recovery procedure for the Cisco Catalyst Layer 2 fixed configuration switches 2900XL/3500XL, 2940, 2950/2955, 2960, and 2970 Series, as well as the Cisco Catalyst Layer 3 fixed configuration switches 3550, 3560, and 3750 Series.
1. Attach a terminal or PC with terminal emulation (for example, Hyper Terminal) to the console port of the switch.
Use the following terminal settings:
- Bits per second (baud): 9600
- Data bits: 8
- Parity: None
- Stop bits: 1
- Flow Control: Xon/Xoff
Note: For additional information on cabling and connecting a terminal to the console port, refer to Connecting a Terminal to the Console Port on Catalyst
2. Unplug the power
3. Power the switch and bring it to the switch: prompt:
For 2900XL, 3500XL, 2940, 2950, 2960, 2970, 3550, 3560, and 3750 series switches, do this:
Hold down the mode button located on the left side of the front panel, while you reconnect the power cable to the switch.
Note: LED position may vary slightly depending on the model.
For 2955 series switches only:
The Catalyst 2955 series switches do not use an external mode button for password recovery. Instead the switch boot loader uses the break-key detection to stop the automatic boot sequence for the password recovery purposes. The break sequence is determined by the terminal application and operating system used. Hyperterm running on Windows 2000 uses Ctrl + Break. On a workstation running UNIX, Ctrl-C is the break key. For more information, refer to Standard Break Key Sequence Combinations During Password Recovery.
The example below uses Hyperterm to break into switch: mode on a 2955.
C2955 Boot Loader (C2955-HBOOT-M) Version 12.1(0.0.514), CISCO DEVELOPMENT TEST
Compiled Fri 13-Dec-02 17:38 by madison
Base ethernet MAC Address: 00:0b:be:b6:ee:00
Xmodem file system is available.
flashfs: 19 files, 2 directories
flashfs: 0 orphaned files, 0 orphaned directories
flashfs: Total bytes: 7741440
flashfs: Bytes used: 4510720
flashfs: Bytes available: 3230720
flashfs: flashfs fsck took 7 seconds.
...done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
*** The system will autoboot in 15 seconds ***
Send break character to prevent autobooting.
!--- Wait until you see this message before
!--- you issue the break sequence.
!--- Ctrl+Break is entered using Hyperterm.
The system has been interrupted prior to initializing the flash file system to finish
loading the operating system software:
4. Issue the flash_init command.
flashfs: 143 files, 4 directories
flashfs: 0 orphaned files, 0 orphaned directories
flashfs: Total bytes: 3612672
flashfs: Bytes used: 2729472
flashfs: Bytes available: 883200
flashfs: flashfs fsck took 86 seconds
....done Initializing Flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
!--- This output is from a 2900XL switch. Output from
!--- other switches will vary slightly.
5. Issue the load_helper command.
6. Issue the dir flash: command.
Note: Make sure to type a colon ":" after the dir flash.
The switch file system is displayed:
switch: dir flash:
Directory of flash:/
2 -rwx 1803357 <date> c3500xl-c3h2s-mz.120-5.WC7.bin
!--- This is the current version of software.
4 -rwx 1131 <date> config.text
!--- This is the configuration file.
5 -rwx 109 <date> info
6 -rwx 389 <date> env_vars
7 drwx 640 <date> html
18 -rwx 109 <date> info.ver
403968 bytes available (3208704 bytes used)
!--- This output is from a 3500XL switch. Output from
!--- other switches will vary slightly.
7. Type rename flash:config.text flash:config.old to rename the configuration file.
switch: rename flash:config.text flash:config.old
!--- The config.text file contains the password
8. Issue the boot command to boot the system.
File "flash:c3500xl-c3h2s-mz.120-5.WC7.bin" uncompressed and installed, entry po
!--- Output suppressed.
!--- This output is from a 3500XL switch. Output from other switches
!--- will vary slightly.
9. Enter "n" at the prompt to abort the initial configuration dialog.
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets ''.
Continue with configuration dialog? [yes/no]: n
!--- Type "n" for no.
Press RETURN to get started.
!--- Press Return or Enter.
!--- The Switch> prompt is displayed.
At the switch prompt, type en to enter enable mode.
11. Type rename flash:config.old flash:config.text to rename the configuration file with its original name.
Switch#rename flash:config.old flash:config.text
Destination filename [config.text]
!--- Press Return or Enter.
Copy the configuration file into memory.
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?
!--- Press Return or Enter.
1131 bytes copied in 0.760 secs
The configuration file is now reloaded.
13. Overwrite the current passwords that you do not know. Choose a strong password with at least one capital letter, one number, and one special character.
Note: Overwrite the passwords which are necessary. You need not overwrite all of the mentioned passwords.
Sw1# conf t
!--- To overwrite existing secret password
Sw1(config)#enable secret <new_secret_password>
!--- To overwrite existing enable password
Sw1(config)#enable password <new_enable_password>
!--- To overwrite existing vty password
Sw1(config)#line vty 0 15
!--- To overwrite existing console password
Sw1(config-line)#line con 0
14. Write the running configuration to the configuration file with the write memory command.
---Original resources from
No doubt while browsing the web, dealing with home networking solutions or even participating in some form of network development you’ve come across the terms IPv4 and IPv6. Terms like “IPv4 vs IPv6″, or “IPv6 tutorial”, or even the much broader “Internet Protocol”.
Unfortunately, most people have no idea what these terms mean, or what they are in fact referring to. As a general problem the terms are rarely explained well, and when they are, the explanations are not usually in simple form.
IPv4 vs IPv6
To put it quite bluntly, we’re here to answer one question; what do these terms: “IPv4 vs IPv6″, “IPv6 tutorial” and so on mean exactly?
The “I” and “P” in “IPv” stands for “Internet Protocol” which directly refers to the communication protocol, or packet transfer procedure of the internet.
Every device that connects to the internet uses a unique address called an IP address, which works very similar to a home/location address. Pieces of data, called “packets”, are transferred via the internet between machines, which in turn gives us the fully functioning interior workings of the online community. In order for two machines, or devices to communicate via the internet, they must transfer these “packets” of data back and forth. Unfortunately the data “packets” can not be transferred if the devices do not each have their own unique address.
Think of it basically as a home address. You can’t send a mail correctly if you don’t list a proper return address, because basically if the mail doesn’t reach its destination it must have a way of returning back to you. Also, the mail receiver would have no possible way of responding considering they have no idea what address the should reply to.
While the internet does not necessarily return data “packets” that don’t reach their destination, like undelivered mail, proper use or protocol requires two devices to have unique addresses to even begin communications.
The “v” and number (“4″ or “6″) in “IPv4 vs IPv6″ refers to the related protocol version number. “IPv4″ is of course “Internet Protocol version 4″, and “IPv6″ is subsequently “Internet Protocol version 6″.
IPv4 is of course the older, more supported version of the internet address procedure. But ultimately, there are no longer any free IPv4 addresses, meaning all of them have been occupied or taken up. What does this mean exactly?
In a general sense, there will no longer be any alternative IPv4 addresses, directly meaning they will all be occupied and new users will not be able to venture into cyberspace. Although the realistic situation is not quite as dire.
Source from: http://www.thetechlabs.com/tech-news/ipv4-vs-ipv6/
Queue in IPv6, the latest Internet Protocol or address procedure. The older IPv4 only supports a maximum 32 bit internet address, which translates to 2^32 IP addresses available for assignment (about 4.29 billion total). IPv6 utilizes 128 bit web addresses, allowing a maximum 2^128 available addresses: 340,282,366,920,938,000,000,000,000,000,000,000,000; which if you couldn’t already tell is a very big number.
So basically the IPv4 protocol has run out of available addresses which is why most websites or internet servers are adopting the newer IPv6 protocol. In most cases, the two versions are compatible. This contrast between the two protocol versions is exactly what’s being referred to when “IPv4 vs IPv6″ is mentioned.
Worldwide IPv6 Transfer
The Internet society has worked together with several huge ISP companies and online organizations to successfully switch the world over from use of the older IPv4 protocol to the newer IPv6. “World IPv6 Day” is scheduled to occur on June 8, 2011 and will involve several major online organizations switching services to IPv6 to test out its overall functionality and reliability.
This has no direct consequences or relations to home consumers and average internet users (meaning you), the IPv6 protocol switch only seriously pertains to large online organizations with an extensive listing of online hosted content.
More Related: http://blog.router-switch.com/