Jun
12

DCCP – Datagram Congestion Control Protocol

DCCP transport layer protocol is used to control the datagram congestion. It provides an excellent procedure to stop the internet fall down, if it is caused by the congestion. In fact, this protocol is a brilliant competitor to be used as a substitute of UDP protocol.

DCCP account DCCP congestion control trait by means of a reliable acknowledgments delivery (in form of packets instead of bytes) will provide actually a congestion control with dynamism. DCCP will also make available the negotiable blocking control mechanism, but it will be up to the particular application’s specific requirements too. Moreover, these mechanisms come with a number of specific features, so to go well with different types of applications. The bandwidth consumption can be enhanced as the size of packets in case of DCCP is increased.

Jun
05

Don’t use 192.168.1.0/24 on work LAN

This story will be a turning point for my blog future starting with a change in writing methods and changing those methods to a more causal fashion.

INTRO

Flame VirusFor now all my text here where somehow depersonalized and tech oriented in a way that it was all written like in some book. User manual to me concise. Maybe this is the main reason that now when I got back to revise some parts of the texts there was an impression that those text are very boring. There is something missing inside them, maybe me?
Of course, I didn’t start to write this blog two years ago because there was a huge need for someone new to write about old networking stories about protocols and networking standards. I did start to write because I was young enthusiastic freshy networker who was in his all day job searching, part-time Cisco teaching and CCNP studying period.
That was actually not job free time for me, but it was intense and fulfilling time. Having some experience with web before and now spending whole days with my head inside Cisco Press books it was somehow natural to start a blog. Yes I know, everybody wants to write something on the web, but that is the main reason for this post, I you wondered what is this all about. I can now finally say that if I did not give up writing this blog until now then it’s the real proof that there is actually somebody reading it and that I can finally consider myself a networking blogger but more that all an networking geek. Jup, that’s right, there are people who are not ashamed of being geeky technicians.

May
07

What is static floating route

Static floating route is static route like any other but with added administrative distance in the configuration

R1(config)#ip route 172.16.10.0 255.255.255.0 10.10.10.2 200

static floating routeDefining the packets route using Static Floating Routes is very interesting topic so I decided to give you a short description of Static floating routes with an example. Static floating route is the same as normal static route except that this kind of static route has Administrative distance configured to some other value than 1.

Remember that if we configure normal static route like this:

R1(config)#ip route 172.16.10.0 255.255.255.0 10.10.10.2

It will send all packets destined for 172.16.10.0/24 network to the neighbor with interface address 10.10.10.2 and of course that static route will have Administrative distance (AD) of 1 by default. If we make the configuration like this:

R1(config)#ip route 172.16.10.0 255.255.255.0 Serial 0/0

In this case the AD will be zero (0). Pretty cool right? I didn’t know that difference for a long time but there is another article in the process of writing that explains why that is so.

In either cases of course, this would be normal because almost every time we configure the static route to override some routing protocol decision. But what if we want to use a static route to make something completely opposite? If we want to use static route only to be a backup route to some subnet then we will need to give the precedence to the path learned by some IGP (Interior Gateway Protocol) like OSPF for example. We know that most paths (routes) learned by OSPF protocol have Administrative Distance of 110. In that case the Administrative distance of some static route needs to be bigger than 110 if we don’t want to kick out the OSPF route from routing table.

May
03

What is Jitter in Networking?

Simply said, time difference in packet arrival time to their destination can be called jitter. Jitter is specific issue that normally exists in packet networks and this phenomenon is usually not causing any communication problems. TCP/IP is responsible for dealing with the jitter impact on communication. On the other hand, in VoIP network environment, or better say in any bigger environment today where we use IP phones on our network this can be a bigger problem. When someone is sending VoIP communication at a normal interval (let’s say one frame every 10 ms) those packets can stuck somewhere in between inside the packet network and not arrive at expected regular peace to the destined station. That’s the whole jitter phenomenon all about so we can say that the anomaly in tempo with which packet is expected and when it is in reality received is jitter.

jitter

In this image above, you can notice that the time it takes for packets to be send is not the same as the period in which the will arrive at the receiver side. One of the packets encounters some delay on his way and it is received little later than it was asumed. Here are the jitter buffers entering the story. They will mitigate packet delay if required. VoIP packets in networks have very changeable packet inter-arrival intervals because they are usually smaller than normal data packets and are therefore more numerous with bigger chance to get some delay.

Mar
14

What’s that % sign after ipconfig IPv6 address?

I see a % after my IPv6 address?!  Zone IDs After Link-local Addresses? What the hell is that?

If that’s you after typing ipconfig on Windows machine with IPv6 enabled then this article is for you. Maybe at first you are looking at this ipconfig output and it seems that there is still no reason for thig %”some number” to be there. I will try to be short in this explanation and explain you crearly why is really there.
That IPv6 address with that strange % sign is called Link-Local IPv6 address. It’s by design an address that has network part same for all computers in the world. That part is called network identifier and is written fe80:0000:0000:0000 or to be short fe80::

So in you have one network card in your comuter everything is working fine and your computer can speak IPv6 to all others in the local network. But!! What if you open your computer and insert second network card NIC to it? Your computer will have two network interfaces and both of them will be with the same network identifier of course fe80:0000:0000:0000. If you go in the netowrking fundamentals you can recall that there can not be a host with two interfaces in the same subnet. Why? If you want to ping the address fe80::5c9f:bc10:bb38:63ec from your computer and your computer has two NICs with addresses fe80::1111:1111:a000:0001 and fe80::5555:5555:5555:1111. Out of what interface will the ping exit the computer? Hm, on both, only on random one? This is not going to work.

Mar
13

RADIUS server Infrastructure

In short RADIUS means Remote Authentication Dial-In User Service server or proxy.  This is the best technology and as far as I know the only technology for all centralized accounting and authorization for connecting to networks. It is a standard. This technology will help you control who will be able to connect to your network and who will not be granted for the access.

It can control the access for all sorts of networks, wireless, VPN, dial-up, direct device to device like router to router connections, basically wherever you put it the middle of communication he can do the control.

There is also RADIUS proxy configuration where proxy only receives and accepts the connection requests but for the decision making it will be connected to other server who will do the RADIUS role.

There are two major ways to deploy radius server and that are:

  • Deployment of FreeRADIUS server on UNIX servers. This is by many network engineers basically a best daemon which implements radius protocol and makes your UNIX server a RADIUS enabled server.
  • Deployment of IAS role - Internet Authentication Service on Windows Server machine will allow you to make your Windows Server machine respond to RADIUS requests and act as a real RADIUS server. It includes some AD stuff implemented in so it will be able to authenticate the users from Active Directory domain. Which is his biggest advantage over UNIX deployment of course if you have AD deployed in you organization, and you have surely.

RADIUS server connects to user account database which is Active Directory in Windows Server or some normal user database in UNIX. Can be normal SQL table with users in it and can checks access credentials. If the user is authorized to access some network that is secured with RADIUS, he will authorize the access for that user and writes a log of the user entrance to the network.

Components of a RADIUS infrastructure

radius components

Mar
11

IPv6 Address Autoconfiguration

As you will see here there are two kinds of IPv6 address autoconfiguration. One of them is the old well know way to automatically configure IP address from IPv54 world, DHCP. The other way to make the autoconfiguration in IPv6 world in new and really interesting as it leaves the host the ability to make the autoconfgiuration by themselves without the need to communicate to any other system.

IPv6 is meant for various purposes but one main purpose it serves is that it makes life of the network administrators easier, especially when it comes to dealing with vast address space provided by IPv6 provides as compared to IPv4. In order to meet this need the automatic address configuration, autoconfiguration was created.

ipv6

As a result an IPv6 host can configure its complete or part of the address automatically, which depends on the type and method it uses for autoconfiguration. The method types include:

  • Stateful autoconfiguration
  • Stateless autoconfiguration using EUI-64 addressing process (SLAAC)

    Read more

Feb
19

PBR – Policy-based Routing configuration example

Policy-Based Routing Configuration

Here we will show different examples for configure specific PBR types:

  • Enabling PBR on the Router
  • Fast-Switched PBR
  • Local PBR
  • CEF-Switched PBR

Enabling PBR

This command will define that the router will use PBR and that the PBR will use route-map named TEST. 

R1(config)# route-map TEST permit 10

Feb
08

PBR – Policy Based Routing using Route map

About Policy-Based Routing

Policy-Based Routing – PBR gives you very simple way of controlling where packets will be forwarded before they enter in the destination-based routing process of the router.

It’s a technology that gives you more control over network traffic flow because you will not always want to send certain packets by the obvious shortest path. That is the job of routing protocol. If you want to send some traffic to the destination using some other path, you will need to use a method that will catch the packet as soon as they enter into router and decides where to send packets before they enter destination-based routing process. That’s Policy-Based routing all about.

Feb
05

Proxy and Reverse Proxy Server

This will be a short Reverse Proxy Caching Overview that will explain what proxy is and what is reverse proxy all about.

Normal proxy cache topology is one where the server called proxy server will be some kind of intermediate device between client and server. Proxy will receive all requests from clients and it will forward those requests to servers. The clients will think that the proxy is really the server with the content and the server will think that the Proxy is really the client asking for some resources. Proxy server is used to intercept the communication from client and evaluate the request or control the request for security reasons. On other side clients are sometimes using proxy servers to hide their identity and location because server will only see the location and IP address of proxy server and it will think that that is really the client.

We can say, normal proxy is when proxy server is proxy for clients.

In the reverse proxy, the reverse proxy server acts as a proxy for the server.

Reverse proxy is used for replication of content to different far locations and in other case for replication of content for load balancing.

Go to top
How does Internet work - contents page