Cryptography

If you want to send or store data and be sure it is safe from being intercepted, you will use Cryptography. Cryptography uses chipper as mathematical virtual lock to make data scrambled so that is not understandable if intercepted by unauthorized third parties.

There are different cryptography techniques, some of them are: encryption, hashing, and steganography.

Cryptography can be differentiated by usage of different key types:

  • Symmetric Key Encryption
  • Asymmetric Key Encryption

Symmetric Key Encryption is sometimes known as Secret Key Cryptography. Main characteristic of this type of cryptography is the same key usage in encryption and decryption of transferred data. Every change in the secret key will make data decryption impossible.

Asymmetric Key Encryption is known as Public Key Cryptography technique. Main characteristic of this type of cryptography is usage of two sets of keys which are generated for the process. One key is public and other is private. Public key encrypts the data. We can only decrypt that data using appropriate private key. The best part of asymmetric cryptography is that is giving us a technique to share encrypted data and enable the receiver to decrypt that data without sending the decryption key across unsecured network.

| Continue Reading.. |

ICANN and the future of DNS and internet

I’m sorry to put here something that is not really technical but for a blog with the name “howdoesinternetwork.com” it would be strange not to follow the story about the future of DNS governance given the fact that DNS is a crucial part of internet functionality.

You probably know how the internet works given the fact that you are visiting a blog like this. Regardless of that, it will not hurt to explain in few words the importance of DNS (Domain Name System) for a normal internet operation.

Let’s surf to se how this works

If you want to open this webpage or send an email to someone, you must enter a destination to your computer so it could know where to sent your stuff. As you are most surely a human, being, you would like to use a name like google.com for opening a webpage or an e-mail address in order to send a message to your colleagues (rather than some strange numbers separated by dots or colons). Almost all humans are like that and they want to use names and addresses. Computers, on the other hand, know to reach each other only by IP addresses.

You can see that we needed someone to take the role of the “address book” as soon as we got the internet.

| Continue Reading.. |

ISSU Upgrade of Cisco Catalyst 6880-X VSS Cluster and 6800ia FEX extenders

For a shorter update procedure guide check abbreviated article: Short list of upgrade steps without extensive explanations “Cisco Catalyst 6880-X VSS ISSU Upgrade Steps

Intro

Cisco spoiled us over the years with great and detailed documentation on each technology and hardware component they support. Still, I managed to find a part where documentation is not detailed enough to give you definite number of steps to get things done.

While preparing for software upgrade of Cisco Catalyst 6880-X VSS cluster I stumbled on one of the first examples of outdated and vague procedure for upgrade of Cisco device. Here is my successful ISSU (In-Service Software Upgrade) procedure which I done few days ago. I hope it will help you avoid sweating and hoping that you typed the right thing on a VSS cluster that should not go down at any point 🙂

I included an Acronym Guide at the bottom of the post to guide you trough VSS, ISSU, Cluster, and other mentioned abbreviation which are not described in details here

In my case the environment was Catalyst 6880-X and four 6800ia Fabric Extenders FEX. The same procedure is valid for more on for no FEX extenders.

Cisco Catalyst 6880-X VSS

Cisco Catalyst 6880-X VSS

Get the info on which IOS version is supported to be upgraded with ISSU

Not all IOS images can be upgraded to new IOS versions using In Service procedure to avoid network traffic downtime. In order to get things working, you need to get into Cisco docs and find ISSU supported upgrade matrix document.

| Continue Reading.. |

Cisco Catalyst 6880-X VSS ISSU Upgrade Steps

This is a short version without comments and explanations for those that need to get things done quickly without reading through my extensive waffle.

For detailed update procedure with all the explanations check extended article: ISSU Upgrade of Cisco Catalyst 6880-X VSS cluster and its four 6800ia FEX extenders

Let’s start!

1. Get the info on which IOS version is supported to be upgraded with ISSU

Google for ISSU or EFSU IOS upgrade support or use this Cisco doc “SX_SY_EFSU_Compatibility_Matrix1” to select supported IOS for ISSU upgrade from your current version.

2. Upload IOS to both Chassis

copy ftp://admin:[email protected]/c6880x-adventerprisek9-mz.SPA.151-2.SY7.bin bootdisk:

and same for slavebootdisk:

| Continue Reading.. |

Juniper vMX Lab Setup on VMware

This is a description on how to deploy a Juniper LAB of 8 vMX routers and making a simple topology in VMware vSphere environment. vMX is Juniper’s virtual production router so this could be the same procedure for deploying vMX device in production except different number of routers and their interconnection with vSwitch setup.

Juniper vMX router

Two VMs interconnected with VLAN801 – making one Juniper vMX router

As you might have seen from my previous post, I’m trying to get into Juniper configuration lately. One of the things that I needed is to set up a simple lab running Juniper vMX machines with multicast forwarding enabled.

It was a simple lab experiment with few commands on each device. As it turns out, being a Cisco fellow, each of those commands presented a complicated googling routine until the thing finally started to work.

Most time I spent configuring Virtual Machines and boot them properly, after that Juniper Configuration Guides were enough to make fist lab scenarios.

Googling went somewhat like this:

  • How to set up Juniper vMX on Vmware ESXi 6.0 and interconnect 8 instances of vMX?
  • How to configure Vmware network and vSwitches to make this work?
  • How to configure VCE and VPE vMX Control and Forwarding plane VM communication?
  • How to configure interfaces and map them to VMware vSwitch interfaces?
  • How to configure Juniper eth interfaces, OSPF, Multicast with PIM Sparse mode?
  • Why this does not work from the first try? Do I need vMX Evaluation licence to do that?
  • What for …. does ‘tunnel-services statement on one or more online FPC and PIC’ mean?

…so when it actually finally worked, I decided to share it so you can have one post that would describe it from start all the way to VLC Multicast streaming.

| Continue Reading.. |