Orhan Ergun 2 Comments

Microwave or Fiber which one is faster ?

Microwave or Fiber which one is faster ? I will explain  the faster connectivity option and some of the use cases for each, deployment considerations a bit in this post. Why latency is important for some special businesses  ? Have you heard about HFT (High Frequency Trading) ? If you like the discussion points, after reading the post, share your comment, let me know it so I can write more on this subject.

 

Read more

Orhan Ergun No Comments

What is IRU ? Indefeasible Right of Use ?

What is IRU (a.k.a Indefeasible Right of Use)  ?  If you are working in the Operator, Service Provider or Telco/Carrier networks, you probably heard this term. If you haven’t, you need to learn it. Read more

Orhan Ergun No Comments

What does P router mean in MPLS ?

What does P router mean in MPLS ? It is used in MPLS VPN networks mostly but can be used with any MPLS application, use case.

 

Read more

Orhan Ergun No Comments

BFD is not a Fast Convergence mechanism !

BFD is not a fast convergence mechanism. BFD stands for Bidirectional Forwarding Detection. It is an important tool for the IP layer but there is a confusion in the network community about it. Read more

Orhan Ergun 1 Comment

GRE Tunnels – Generic Routing Encapsulation – Use Cases

GRE Tunnels 

GRE tunnels are by far most common tunnelling technology. Very easy to setup, troubleshoot and operate. But in large scale deployment, configuring GRE tunnels become cumbersome, because GRE tunnel is a point to point tunnel.

 

Read more

Orhan Ergun No Comments

Study tip – How you should read the posts on any website

You search something on Google, or read the materials by referrals. You do research on a particular topic and find many resources. How you are organizing your study ? What is the most important thing even before you start reading any technology topic ?

Read more

Ahmed Eldeeb 2 Comments

ARP, ARP Inspection, ARP Types and Deployment Considerations

Layer 2 security –  ARP and ARP Inspection

 

Introduction

 

This article is the second of our layer 2 attacks identification and mitigation techniques series, which will be a part of a bigger series discussing Security Infrastructure. Dynamic ARP Inspection relies on DHCP snooping technology explained in the previous article. It’s strongly recommended to be familiar with DHCP snooping, if you are not, just take a quick look at it.

Read more

Ahmed Eldeeb 2 Comments

Layer 2 security – DHCP Details, DHCP Snooping

Layer 2 security – DHCP Details, DHCP Snooping 

Introduction

 

This article is the first of a series explaining layer 2 attacks identification and mitigation techniques, which will be a part of a bigger series discussing Security Infrastructure.

 

We will be discussing the most common attacks and how to mitigate them; but more important, we will discuss deployment and design considerations.

 

During this series of articles, I will follow two different approaches;

1) Explain attacks related to OSI model layers (Like this layer2 security series)

2) Securing a specific traffic flow (Like securing user Internet traffic)

There will also be video lectures, webinars, and open discussions at the end of each major part. If you are interested in security infrastructure architecture, stay tuned.

 

Background

Read more

Orhan Ergun 3 Comments

Is Fate Sharing bad thing in network design ?

Is fate sharing bad thing in network design? Someone asked this question recently on my youtube channel and I want to share a post for the website followers as well.

First of all, what is fate sharing ? Below is the Wikipedia definition of fate sharing.

” Fate-sharing is an engineering design philosophy where related parts of a system are yoked together, so that they either fail together or not at all ” Read more

Orhan Ergun No Comments

Spanning Tree Best Practices

Spanning Tree Protocol (STP) is a control plane mechanism for Ethernet. It is used to create a Layer 2 topology (a tree) by placing the root switch on top of the tree.

Since classical Ethernet works based on data plane learning and Ethernet frames don’t have TTL for loop prevention, loops are prevented by the STP blocking the links.

As you can see from the below figure, some links are blocked by the spanning tree. If Spanning Tree wouldn’t block those links, loop would occur in the below topology.

Read more

Orhan Ergun 2 Comments

What is flow-based load balancing ?

Flow-based load balancing is used mostly in layer 2 networks, although in Layer 3 routing, packets can be load balanced per packets or per flow, flow-based load balancing is commonly used with the Local area network, datacenter and datacenter interconnect technologies.

There are two important load balancing mechanisms in layer 2. Vlan-based load balancing and Flow-based load balancing. Understanding the differences of these two is important for network engineers, thus please read Vlan-based load balancing post from here as well.

Load-balancing is probably a wrong term though and load-sharing should be used for stateless devices and I explained the differences between load-balancing and load-sharing here.

Let’s look at below figure to understand flow-based load balancing.

flow-based load balancing

Figure -1 Flow based load balancing with basic switch topology

Read more

Orhan Ergun 4 Comments

What does PE-CE mean in MPLS ?

What does PE-CE mean in the context of MPLS ? What is CE , P and PE device in MPLS and MPLS VPN ?

 

These are foundational terms and definition in MPLS.

 

MPLS is one of the most commonly used encapsulation mechanism in Service Provider networks and before studying more advanced mechanisms, this article is must read.

 

In order to understand PE-CE, we need to understand first what are PE and CE in MPLS.

 

Let’s take a look at below figure.

 

Note: If you are looking for a much more detailed resource on this topic, please click here.

 

MPLS VPN PE-CE

Figure -1 MPLS network PE, P and CE routers Read more

Orhan Ergun No Comments

Why Are Dynamic Routing Protocols Used?

Why are dynamic routing protocols used is usually asked by newbies in the networking field, especially after they have heard about routing protocols. Besides that, they often asked this question: What is the difference between static routing and the dynamic routing protocols?

And the common answer is that dynamic routing protocols are scalable.

In other words, there is no need to configure a manual entry for each destination as well as specifying the next hop IP address or interface with the dynamic routing protocols. 

These are good reasons. But do we really have only such benefits? In very small networks, scalability is reasonable and correct. But for more sophisticated networks, there are other important reasons.

Before I explain the other reasons, let me clarify why static routing requires lots of manual configurations and why it is not scalable, compared to dynamic routing protocols.

why dynamic routing protocols are used

Figure- 1 Why are dynamic routing protocols used?

Read more

Orhan Ergun 1 Comment

HSRP VRRP GLBP Comparison

HSRP VRRP GLBP Comparison– In this post I am going to cover the similarities and the differences between HSRP VRRP and GLBP protocols.

All these technologies provide first hop redundancy for the hosts.

I will use the below table for HSRP VRRP GLBP Comparison and the design attributes listed in it.

For the more technology comparison tables such as MPLS , Quality of Service , Multicast, VPNs , Security and more please click here.

 

Read more

Orhan Ergun 1 Comment

OSPF Area Types

OSPF Area Types – Different Areas in OSPF are used to create smaller fault domains. There are two OSPF area types in total.

OSPF Backbone area and OSPF non-backbone area

Backbone area in OSPF is Area 0. OSPF prevents loop by using backbone area concept.All the non-backbone areas should be connected to the Backbone area.

There are many Non-Backbone OSPF Area types. These are; Normal Area, Stub, Totally Stub, NSSA and Totally NSSA Areas.

In this article I will explain the non-backbone OSPF areas from the design point of view and share some caveats about the OSPF design.

Read more

Orhan Ergun 35 Comments

HSRP – VRRP – GLBP

HSRP, VRRP and GLBP are the three commonly used first hop redundancy protocols in local area networks and the data center.

In this post, I will briefly describe them and highlight the major differences. I will ask you a design question so we will discuss in the comment section below.

hsrp vrrp glbp

source: Orhan Ergun CCDE Study Guide – Workbook

Read more

Orhan Ergun 4 Comments

What is OAM – Operation, Administration, Maintenance ?

OAM is a set of tools that have been used to provide network fault indication, performance information, fault localization, data and diagnosis functions.

In different standard bodies usage of OAM is slightly different thus it creates a confusion among the engineers.

IETF published a best practice RFC to clarify the OAM acronym. RFC 6291 ” Guidelines for the Use of the “OAM” Acronym in the IETF “.

Let’s take a look at How different standard bodies such as ITU-T, MEF and IEEE defines the OAM and then I will share IETF approach.

Read more

Orhan Ergun 3 Comments

Common Networking Protocols in LAN, WAN and Datacenter

Spanning Tree, Link Aggregation , VLAN and First Hop Redundancy protocols are used in Campus, Service Provider Access and Aggregation and in the Datacenter environment. There are definitely other protocols which are common across the Places in the Networks but in order to keep this article short and meaningful I choose these four. Read more

Orhan Ergun 31 Comments

OSPF protocol

OSPF Protocol – OSPF, Open shortest path first is a dynamic routing protocol which creates a topology between the routers to distribute routing information inside an Autonomous system.

If you are not familiar with OSPF, don’t worry ! In this article OSPF will be explained in great detail.

Are you interested in design aspect of OSPF, many OSPF design examples will be covered in the article.

Maybe OSPF network engineering interview question is what you are looking for. Read more

Orhan Ergun No Comments

Multicast Design – Podcast

Efficient data transfer, optimised resource usage , simplified configuration, optimum bandwidth usage are the main characteristics of Multicast.

In the diagram below; unicast and multicast flows are shown.

From the source, if same packet will be sent , with unicast transport you send two copies. Read more

Orhan Ergun 3 Comments

The difference between Load balancing and Load Sharing

It is important to understand the difference between load balancing and load sharing.

Routing protocols after calculating the routes from their databases , they automatically put equal cost routes into the routing table. Only exception to this behaviour is BGP.   Read more