Welcome to the Network Engineering Domain
Pape O. Fall's Blog
This use case consist of a company wanting to temporarily extend the users broadcast domain from one site to another. The issue here is that the sites are geophysically disjointed and each remote site only has a DIA circuit. In order to resolve the problem, we need a solution capable of encapsulating L2 traffic through [ Read More ]
What's a blog called "RouteLeak" without a Route Leaking post. As the name implies, route leaking implies leaking routes or importing/exporting network prefixes between VRFs or between the global routing table and a VRF segment. I will show you different methods to get it configured as follow: Route Leaking between Global and VRF table: Static [ Read More ]
With the evolution of SDN and Network Programmability, the NX-OS has come a long way with the integration of Linux based tools to support: Bash shell Python shell API access Linux containers for custom applications The Bash shell can be extremely powerful if you're proficient in it. I wanted to show you today a few commands [ Read More ]
Packet-tracer is a built in utility on the Nexus 9000 that's used to trace the path of a packet transiting the switch. This is extremely useful in terms of troubleshooting as this tool can confirm whether or not a specific traffic flow is traversing the switch. It's also useful to pinpoint packet loss as it [ Read More ]
Ethanalyzer is a NX-OS protocol analyzer tool based on Wireshark. Wireshark is an open source analyzer that decodes packets captured by libpcap (Capture Library). Cisco NX−OS runs on top of the Linux kernel, which uses the libpcap library to support packet capture. The Ethanalzyer is a command-line version of Wireshark that captures and decodes packets, [ Read More ]
One of the benefits of a DMVPN network is that the encrypted tunnels are built on top of DIA circuits more often than not. In that sense, the remote sites typically defer in terms of circuit bandwidth. Per-Tunnel QoS is an effective way to apply QoS policies on the hub router(s) on a per-tunnel instance [ Read More ]
iPerf is one of my favorite tool as it constitutes a fundamental instrument in the Network Engineer toolkit. It is essentially a measurement tool that outputs the maximum achievable bandwidth, MSS or MTU size in an IP network. We also have the capability of tuning diverse parameters such as TCP window size, buffers and generate [ Read More ]
In this specific use case, I will show you how to enable dual DMVPN clouds going over ASA firewalls as well as IPSec encryption. We will also take it up a notch and demonstrate DMVPN Phase 3 (Spoke to Spoke Communication), VRF configuration (We will be placing the source of the tunnels into their own [ Read More ]
One of the main feature that sets aside Juniper SRX is its capacity to operate in two different modes: Packet Mode or Flow Mode. However, the use of both modes is available starting with JunOS 9.6. Traffic is selectively marked in packet mode forwarding via the packet filtering function while unmarked traffic is by default [ Read More ]
Let’s illustrate how to configure PAT. At this point, if you are unfamiliar with NAT then please read this post here first. We will use the following topology to make our point… This topology above consists of a number of hosts (Host A, Host B, and Host C). The Service Provider has allocated a single usable [ Read More ]
Hi, I'm Pape ! Folks call me Pop. I'm CCIE #48357. I love what I do and enjoy making tech easier to understand. I also love writing, so I’m sharing my blog with you