Total 254 Blogs

Created by - Orhan Ergun

Bilateral Peering and Multilateral Peering

Bilateral Peering is when two networks negotiate with each other and establish a direct BGP peering session. In one of the previous posts, Settlement Free Peering was explained, in this post, both Bilateral and Multilateral Peering will be explained and both are deployment modes of Settlement Free Peering.  This is generally done when there is a large amount of traffic between two networks. Tier 1 Operators just do Bilateral Peering as they don’t want to peer with anyone, other than other Tier 1 Operators. The rest of the companies are their potential customers, not their peers. Multilateral Peering As mentioned above, Bilateral Peering offers the most control, but some networks with very open peering policies may wish to simplify the process, and simply “connect with everyone”. To help facilitate this, many Exchange Points offer “multilateral peering exchanges”, or an “MLPE”. An MLPE is typically an exchange point that offers a “route-server”, allowing a member to establish a single BGP session and receive routes from every other member connected to the MLPE. Effectively, connecting to the MLPE is the same as agreeing to automatically peer with everyone else connected to the MLPE, without requiring the configuration of a BGP session for every peer. Public Peering and MLPE are almost the same thing and are used mostly interchangeably. Objectives for an interconnection agreement to consider are: Provides for cost savings and performance improvements Ensure the exchange of traffic is secure, stable, and resilient Establish timely cooperation for security and network incidents Usually includes a non-disclosure agreement Business terms are needed as part of the objective. Business terms are negotiated by the network owner. Normally, the team of engineers and others are responsible for the health and welfare of the network. They negotiate utilization, capacity, and management parameters. Legal terms are negotiated by lawyers. While plain language is always best, legal language is what makes it an enforceable agreement. Networks should cover all the necessary business, technical and legal points in the scope, such as term, jurisdiction, and venue. Include all necessary parties in the conversation. Including a wide audience in the conversation helps to set realistic business goals.

Published - Tue, 24 May 2022

Created by - Orhan Ergun

What is CDN - Content Delivery Networks?

Content Delivery Network companies replicate content caches close to a large user population. They don’t provide Internet access or transit service to the customers or ISPs but distribute the content of the content providers. Today, many Internet Service Providers started their own CDN businesses as well. An example is Level 3. Level 3 provides its CDN services from its POP locations which are spread all over the World. Content distribution networks reduce latency and increase service resilience (Content is replicated to more than one location). More popular contents are cached locally and the least popular ones can be served from the origin Why CDN - Content Delivery Networks are necessary? Before CDNs, the contents were served from the source locations which increased latency, thus reducing throughput. Contents were delivered from the central site. User requests were reaching the central site where the source was located.Figure 1 - Before CDN With CDN Technology, the Contents are distributed to the local sites. Figure 2 - After CDN   Amazon, Akamai, Limelight, Fastly, and Cloudflare are the largest CDN providers which provide services to different content providers all over the world. Also, some major content providers such as Google, Facebook, Netflix, etc. prefer to build their own CDN infrastructures and become large CDN providers. CDN providers have servers all around the world. These servers are located Inside the Service Provider networks and the Internet Exchange Points. They have thousands of servers and they serve a huge amount of Internet content. CDNs are highly distributed platforms. As mentioned before, Akamai is one of the Content Delivery Networks. The number of servers, number of countries, daily transactions, and more information about Akamai’s Content Distribution Network are as follows: 150.000 servers Located in 92 countries around the world Delivers over 2 trillion Internet interactions daily Delivers approximately 30% of all Web traffic Their customers include: All top 20 global eCommerce sites, top 30 media companies, 7 of the top 10 banks, 9 of the largest newspapers, 9 out of 10 top social media sites  

Published - Tue, 24 May 2022

Created by - Orhan Ergun

What is OTT – Over the Top mean? OTT Providers

What is OTT – Over the Top and How do OTT Providers Work? Over the Top is a term used to refer to Content Providers. So, when you hear Over the Top Providers, they are Content Providers. Content can be any application, any service such as Instant messaging services (Skype, WhatsApp), streaming video services (YouTube, Netflix, Amazon Prime), voice over IP, and much other voice or video content types. This post is shared based on the information from my latest book ‘Service Provider Networks Design and Architecture First Edition‘. If you want to understand telecom (Distance communications) and Service Provider Business, I highly recommend you to purchase this book. An Over-the-Top (OTT) provider provides content over the Internet and bypasses traditional private networks Some OTT Providers distribute their content over their CDN over their private networks though (Google, YouTube, Akamai). They deliver the content over traditional ISP networks. The creation of OTT applications has created a conflict between companies that offer similar or overlapping services. The traditional ISPs and Telco have had to anticipate challenges related to third-party firms that offer OTT applications and services. For example, the conflict between a Content Provider company such as Netflix and a Cable Access Provider Company such as Comcast, which consumers still pay the cable company for having access to the Internet, but they might want to get rid of their cable TV service in favor of cheaper streaming video over the Internet. While the cable company wants to offer fast downloads, there is an inherent conflict of interest in not supporting a competitor, such as Netflix, that bypasses cable’s traditional distribution channel. The conflict between the ISPs and the OTT Providers led to the Net Neutrality discussion Net Neutrality is the principle that data should be treated equally by ISPs and without favoring or blocking particular content or websites. Those who are in favor of Net Neutrality argue that ISPs should not be able to block access to a website owned by their competitor or offer “fast lanes” to deliver data more efficiently for an additional cost. OTT services such as Skype and WhatsApp are banned in some Middle East countries by some Operators, as OTT applications take some part of their revenue. For example, in 2016, social media applications such as Snapchat, WhatsApp, and Viber were blocked by the two UAE telecoms companies, Du and Etisalat. They claimed that these services are against the country's VOIP regulations. In fact, UAE is not the only country blocking access to some OTT applications and services. Many countries in the Middle East have followed the same model. They either completely blocked access to some OTT applications or throttled them, so the voice conversation over these services became near impossible.If you liked this post and would like to see more, please let me know in the comment section below. Share your thoughts so I can continue to write similar ones.

Published - Tue, 24 May 2022

Created by - Orhan Ergun

What are New in Cisco CCDE v3 Exam?

Currently, in 2022, the CCDE exam version is version 3. There are many new changes in CCDE v3 compared to CCDE v2 and in this blog post, some are the new changes will be explained, also for the things that stay the same will be highlighted as well. Also, I will share my takes in the post about these changes. Before starting the technical changes, let's start with the exam result announcement change. CCDE v2 exam has been announced in 8-12 weeks. This was effectively allowing CCDE exam candidates to schedule the exam two times maximum in a year. Students wouldn't schedule the exam if they fail because the announcement date and new exam date were usually overlapping. This changed anymore. With CCDE v3, exam results are announced in 48 hours. It is almost like CCIE exams. The CCDEv3 Practical Exam will be in the Cisco CCIE Lab locations anymore CCDE v2 Lab/Practical exam was done in Professional Pearson Vue Centers. There were 300 of them and done in many different countries. Unfortunately, this change may not be good for many exam takers as Cisco CCIE Lab locations are not available in many countries and are not as common as Pearson Vue Centers. CCDE v3 exam Scheduling is done via the CCIE/CCDE portal • Registration opens 90 days before the exam date   CCDE v3 exam will be done every year, six CCDE exams are expected. (Previously with CCDE v2 it was 4, even sometimes 3) CCDEv2 exam was done every 3 months, usually 4 times a year. If you fail the exam, because of the exam result policy, you couldn't attend the next one but maybe the one after. So, effectively it was two times a year. Because the CCDEv3 exam will be announced in 48 hours and 6 times a year, if you fail the exam, you can attend the next one, because there will be enough time to schedule the next exam, find a hotel, flight ticket, etc, if travel is necessary. So, making the exam more frequently would increase its popularity of the exam, so I consider it a good move as well. Introduction of Core and Area of Expertise modules in Cisco CCDEv3 exam For many years, we have been hearing from many students about whether there will be Datacenter or Service Provider, Collaboration or Security expertise, etc. Cisco came up with this anymore. There will be 3 different Area of Expertise you can choose any of them and one of the practical scenarios will be based on your selection. Similar to CCDEv2, in CCDEv3 we will have in total of 4 scenarios and a total of 8 hours for all the scenarios. Each scenario will be limited to 2 hours maximum and even if you finish one of the scenarios faster than 2 hours, the remaining time won't be added to the next scenario. 3 scenarios will be named Core Module and 1 scenario will be the Area Of Expertise scenario. The core module covers technologies all candidates must know It comes with the Enterprise technologies (no Data Center/Service Provider) • Core module is vendor-agnostic The area of Expertise module covers specific technology areas: • More detailed knowledge expected • Cisco-specific technologies may appear in the Area of Expertise module CCDE v3 Area of Expertise Modules Area of Expertise options: Large-Scale Networks On-prem and Cloud Services Workforce Mobility You can select any of the above Area of Expertise and you will have 2 hours in the CCDEv3 exam, and around 15-25 questions in the scenario. For now, this is enough, for the other changes and CCDEv3-related content, please check the other posts and our free and paid courses.

Published - Mon, 23 May 2022

Created by - Orhan Ergun

BGP Allowas-in feature Explained in 2022

BGP Allowas-in feature needs to be understood well in order to understand the BGP loop prevention behavior, But also, why the BGP Allowas-in configuration might create a dangerous situation, and what are the alternatives of BGP Allowas-in will be explained in this post. What is the BGP Allowas-in feature? BGP Allow-as-in feature is used to allow the BGP speaker to accept the BGP updates even if its own BGP AS number is in the AS-Path attribute. By default EBGP loop prevention is, if any BGP speaker sees its own AS Number in the BGP update, then the update is rejected, thus the advertisement cannot be accepted. But there might be situations to accept the prefixes, thus there are two options to overcome this behavior. Either accepting the BGP update even if the AS number is in the AS-Path list, with the BGP Allow AS feature or changing the behavior with the BGP AS Override feature. Without BGP Allowas, let's see what would happen. In this topology, Customer BGP AS is AS 100. The customer has two locations. Service Provider, in the middle, let's say providing MPLS VPN service for the customer. As you can understand from the topology, Service Provider is running EBGP with the Customer, because they have different BGP Autonomous Systems. The service provider in the above topology has BGP AS 200. Left customer router, when it advertises BGP update message to the R2, R2 sends to R3 and when R3 sends to R4, R4 wouldn't accept the BGP update, When R4 receives that update, it will check the AS-Path attribute and would see its own BGP AS number in the AS Path. Thus is by default rejected, due to EBGP loop prevention.If the router sees its own BGP AS number, anywhere (Origin AS, any mid-AS, or last AS) in the AS Path, it doesn't accept the BGP update. But what if, like in the above picture, the customer wants to, or needs to use the same BGP AS number in every location that they have. In this case, they need to accept the BGP update, otherwise, end-to-end reachability cannot be achieved. There are two solutions to the above requirement. By the way, not accepting prefixes/BGP updates is not a problem. It is just how BGP works. One of the solutions is, that R2 receives a BGP update from R1 with AS 100, then R3 receives from R2, and in the BGP AS Path, it is still AS 100 at R3. With BGP AS Override feature, R3 can change customers' BGP AS numbers with its own BGP AS number. So, R3 during advertisement to R4 replaces BGP AS 100 with BGP AS 200. Change the AS number with its own AS number.And finally, when R4 receives it since it won't see its own AS number in the BGP update, R4 accepted the announcements, and end-to-end connectivity is achieved.With the BGP Allowas-in feature, R3 when it advertises the BGP update to R4, it doesn't change the BGP AS 100 and sends to R4, BGP AS 100 as Origin AS. The BGP configuration at R4 will allow the prefixes although the AS number in the BGP AS Path list shows as Origin AS as AS 100 which is the R4's own AS number as well.

Published - Mon, 23 May 2022

Created by - Orhan Ergun

CCNP ENCOR vs ENARSI

CCNP ENCOR vs ENARSI is it even related?, or should I ask "comparable?" Yes it is both actually, and in this blog, we will review both of the exams, talk about the agenda, which one should be taken before the other, and results of both of them. Relation between CCNP ENCOR vs ENARSI both the exam belongs to the certificate of Cisco CCNP Enterprise,  and taking each individually will grant you A Certificate! Cisco Certified Specialist - Enterprise Core Cisco Certified Specialist - Enterprise Advanced Routing and Service so it is a win-win scenario, but still, the question is which one should I take first, and that will be followed below Difference between CCNP ENCOR vs ENARSI Agenda ENCOR first, generally a Technology Core exam, focusing on 7 domains of knowledge: Architecture Virtualization (Device, Path, and Network Virtualization) Infrastructure (Switching, Routing, and IP Service) Assurance Security WLAN Automation and NO DEEP DIVE in any of these!!! while for ENARSI: Virtualization (Path Virtualization) Infrastructure (Routing and IP Services) Security and that's it! No Architecture In Virtualization, no Device nor Network Virtualization, and the path of Virtualization is different than ENCOR. As in the ENCOR you get GRE over IPSec, while in the ENARSI there is mGRE with IPSec Infrastructure routing in the ENCOR has (describe EIGRP, configure normal area OSPF, configure direct eBGP) For ENRASI routing, it is kind of unlimited, almost a CCIE level with all of EIGRP, OSPF, and BGP) IP Service and Security are similar NO WLAN nor Automation at all in the ENARSI Take the ENCOR before ENARSI, better! Yes as for the points covered in the ENARSI, all of the topics/protocols are also mentioned in the ENCOR, with of course much more shallow inspecting in the ENCOR, so the ENCOR will be a good introduction to the technologies that you will go deep dive within the ENARSI CCNP ENCOR vs ENARSI study plan The ENCOR will take more, than 7 modules, and 7 domains of knowledge, even though there is no deep dive, the agenda is large enough to take around 30% more of the time required to prepare for the 4 modules of the ENARSI CCNP ENCOR vs ENARSI exams from Cisco With the ENCOR: you will have 100+ written questions, to answer in the time of 120 Minutes + 30 Minutes for non-native speakers With the ENARSI: 60+ written questions, to answer in the time of 90 Minutes + 30 Minutes for non-native speakers *Both the exams can be taken on-site or from home/office *Both the exams do not support backward navigation *Each exam alone grants a different badge/certificate  

Published - Mon, 09 May 2022

Created by - Orhan Ergun

BGP AS Override Feature Explained in 2022

BGP AS Override needs to be understood well in order to understand the BGP loop prevention behavior, But why BGP AS Override might create a dangerous situation, and what are the alternatives of BGP AS Override will be explained in this post. What is BGP AS Override BGP AS Override feature is used to change the AS number or numbers in the AS Path attribute. Without BGP AS-Override, let's see what would happen. In this topology, Customer BGP AS is AS 100. The customer has two locations. Service Provider, in the middle, let's say providing MPLS VPN service for the customer. As you can understand from the topology, Service Provider is running EBGP with the Customer, because they have different BGP Autonomous Systems. The service provider in the above topology has BGP AS 200. Left customer router, when it advertises BGP update message to the R2, R2 sends to R3 and when R3 sends to R4, R4 wouldn't accept the BGP update, When R4 receives that update, it will check the AS-Path attribute and would see its own BGP AS number in the AS Path. Thus is by default rejected, due to EBGP loop prevention. If the router sees its own BGP AS number, anywhere (Origin AS, any mid-AS, or last AS) in the AS Path, it doesn't accept the BGP update. But what if, like in the above picture, the customer wants to, or needs to use the same BGP AS number in every location that they have. In this case, they need to accept the BGP update, otherwise, end-to-end reachability cannot be achieved. There are two solutions to the above requirement. By the way, not accepting prefixes/BGP updates is not a problem. It is just how BGP works. One of the solutions is, that R2 receives a BGP update from R1 with AS 100, then R3 receives from R2, and in the BGP AS Path, it is still AS 100 at R3. With BGP AS Override feature, R3 can change customers' BGP AS numbers with its own BGP AS number. So, R3 during advertisement to R4 replaces BGP AS 100 with BGP AS 200. Change the AS number with its own AS number. And finally, when R4 receives it since it won't see its own AS number in the BGP update, R4 accepted the announcements, and end-to-end connectivity is achieved. In the next post, we will look at what can be the problem if the BGP AS Override feature is used.

Published - Fri, 22 Apr 2022

Created by - Orhan Ergun

BGP Route Reflector vs Confederation

BGP Route Reflector - RR vs Confederation is one of the first things Network Engineers would like to understand when they learn both of these Internal BGP scalability mechanisms. For those who don't know the basics of these mechanisms, please read BGP Route Reflector in Plain English and BGP Confederation Blog posts from the website first. BGP Route Reflector vs BGP Confederation There are many differences when we compare Confederation vs Route Reflector and in this post, some of the items in the comparison chart will be explained.   BGP Route Reflector vs Confederation Scalability Both of these techniques are used in Internal BGP for scalability purposes. But BGP RR changes the Full Mesh IBGP topologies to the Hub and Spoke. BGP confederation divides the Autonomous System into the sub-ASes but inside every Sub-AS, IBGP rules are applied. Inside BGP Sub Autonomous System, full Mesh IBGP or Route Reflector is used. So, we consider BGP RR compare to Confederation to be more scalable because inside Sub-AS still full-mesh IBGP might be used. If RR inside Sub-AS is deployed, then configuration complexity would increase. BGP Route Reflector vs Confederation Loop Prevention BGP Route Reflector in order to prevent the routing loop uses two BGP attributes. Originator-ID and Cluster List. Originator ID is basically if BGP RR sees its own Router ID in the BGP update, it will not accept the update so routing won't form. Luster list is, when the route passes through the routers, revert router adds its Cluster-ID into the Cluster list, if same Cluster-ID update comes, BGP update is not accepted, thus routing loop is prevented. Using Different IGP in BGP Route Reflector and Confederation BGP RR is used in a single BGP AS. Inside single BGP AS, usually single IGP is used. But this is not the hard rule. In theory, there can be multiple IGP protocols in different parts of the network for internal prefixes and customer prefixes, or Internet prefixes still can be carried within BGP. But in practice, as said above, single BGP AS and single IGP routing protocol designs are much more common in real-life networks. But the BGP confederation is almost always the opposite. BGP Confederation is seen in real life because of Mergers and Acquisitions. The companies before the merger and acquisition might be using different IGP protocols and usually, they continue to use different IGP protocols. The reason they continue to use different IGP protocols is, that their network engineers get familiar with the protocol over years, operatinally and design-wise, thus it doesn't make sense to have a common IGP and push the engineers to learn whichever that IGP. Although in the above list and in general there might be many more comparison points between BGP RR vs Confederation, for this post hopefully it is enough and was useful for our readers.

Published - Fri, 22 Apr 2022

Created by - Orhan Ergun

BGP vs EIGRP 10 Important differences between them!

In this post, we will compare BGP and EIGRP. We will look at some of the important aspects when we compare BGP vs EIGRP. Although EIGRP is used as an IGP and BGP is used mainly as an External routing protocol, we will compare from many different design aspects. Also, BGP can be used as an Internal IGP protocol as well and we will take that into consideration as well.   We prepared the above comparison chart for BGP vs EIGRP comparison. We will look at some of those important Comparison criteria from a design point of view. BGP vs EIGRP Scalability One of the biggest reasons we choose BGP, not EIGRP is Scalability. BGP is used as a Global Internet routing protocol and as of 2022, the Global routing table size for IPv4 unicast prefixes is around 900 000. So almost a million prefixes we carry over BGP on the Internet. So, proven scalability for BGP we can say. EIGRP usually can carry only a couple of thousands of prefixes, this is one of the reasons, EIGRPrp is used as an Internal dynamic routing protocol, not over the Internet. BGP vs EIGRP in Full Mesh, Ring and Hub and Spoke Topologies The full mesh may require a lot of logical connections, meaning BGP neighborship or EIGRP adjacencies. BGP Full Mesh is required because of the Split Horizon loop prevention requirement of BGP. But with the BGP Route Reflector, BGP can work well and can scale well in Full Mesh topologies. When it comes to large-scale Hub and Spoke topologies, EIGRP is a very suitable protocol for it. DMVPN is a very good example of this kind of topologies and both EIGRP and BGP are the most suitable protocols for the large Hub and Spoke topologies. Ring topologies are usually a nightmare for many aspects of every routing protocol.  Converge slowly, hard for the capacity planning as well. BGP  vs EIGRP Fast Reroute EIGRP can support IP Fast Reroute. BGP also with BGP PIC, Prefix Independent Convergence supports BGP Fast Reroute, so both protocols can give us data plane protection opportunity. Although Fast convergence in the control plane can be achieved with EIGRP Feasible Successor, because it can't provide a fast reroute, which is a data plane convergence mechanism, we won't further discuss it here. BGP vs EIGRP Standard When we compare EIGRP vs BGP from their standardization point of view, we need to know that BGP is a standard, and there is many standard track RFC for it, EIGRP RFC 7868 is only an informational track, thus EIGRP is not an IETF standard protocol. BGP vs EIGRP Complexity BGP supports many different address families and their purposes, use cases, and configuration, making in real-life BGP much harder to configure, troubleshoot and engineer compare to EIGRP networks. BGP vs EIGRP Policy Support Another most important reason we choose BGP  is when we need to deploy policy, its excellent policy support. This means, that if we want to engineer the traffic inbound or outbound, BGP gives us many tools to do it. EIGRP has only bandwidth and delay, which is used to calculate routing metrics, and it is used for the Outbound traffic engineering/path manipulation purpose only. BGP vs EIGRP Resource Requirement BGP if there are so many prefixes may require a lot of CPU and Memory. EIGRP runs a Dual algorithm for the best path selection and it is considered a much less CPU consumed protocol, even compared to OSPF''s SPF algorithm, the amount of prefixes that EIGRP needs to calculate the best path can be easily handled by the today's modern networking devices. BGP vs EIGRP Extendibility Both BGP and EIGRP are TLV-based protocols, thus both are considered extendible protocols. Similar to IS-IS, they don't require a new version of the protocol when IPv6 support is added to the protocols for example. BGP vs. EIGRP IPv6 Support Both BGP and EIGRP support IPv6 of course. BGP supports IPv6 as just a new BGP AFI, SAFI. BGP vs EIGRP Convergence From the network convergence point of view, BGP is always known as a slow converged protocol. But saying BGP is slow, is wrong. If we understand Network Convergence better, we have two types of convergence. Control plane convergence and Dataplane convergence. It is a huge topic and we have a separate very detailed Network Convergence Course on the website. But overall, Data plane convergence is Fast Reroute and with the BGP PIC feature, BGP can support Fast Reroute, thus, it can converge so fast too. Thus, maybe saying BGP Control plane convergence might be slow, due to a number of prefixes, device hardware, BGP TCP input queue, whether there is BGP RR or Full mesh, and many factors. Although there can be many other criteria to compare EIGRP vs BGP, for this blog post, I think it is enough. If you want to more about it, you can take our BGP course or you can check many of our free blog posts on this topic.

Published - Fri, 22 Apr 2022