Currently browsing

May 2012

ACLs 101

An ACL contains one or more ACEs (Entries) that permit or deny traffic and have an implicit deny any at the end. 1. Numbered ACLs 1.1 Standard ACLs You cannot edit one individual entry in a numbered ACL. The ACL must be deleted and re-created. 1.2 Extended ACLs 1.2.1 Established …

NAT 101

1. Inside, Outside, Local, Global When defining NAT it is important to understand what Inside/Outside and Local/Global mean. When we use NAT, our router will be at the border between the Inside and the Outside zones. Hosts on the Inside are configured with addresses from the LOCAL Address Space and …

NAT for Overlapping Networks

When we have 2 networks with overlapping addresses, chances are it’s not going to work. Unless, you use NAT. The situation we have to deal is can be seen in the next diagram: We have 2 routers, Router 1 and Router 2, connected via the 12.12.12.0/24 subnet. Each router has …

Policing and Shaping

1. Token Bucket The token bucket is the analogy used to describe the rate of transfer. In order to send data, we have a bucket that regularly fills with tokens. When we want to send data, we must consume 1 token for every bit (or byte, depending on how we …

Congestion Avoidance – WRED

1. Tail Drop What happens when there are more packets than the queue length? By default, all these packets are dropped, a process that is called “Tail Drop”. Unfortunately, we will never know what we dropped, maybe packets of an important flow. 2. Random Early Detection (RED) Random Early Detection …

Legacy Congestion Management

1. Architecture 1.1 Ingress In the incoming direction,there is only one software queue that is always serviced using a FIFO algorithm. To only configuration available for the input queue is the size. You can specify it with: To see information about the hold-queue, use: You can enable Selective Packet Discard …

Classification and Marking

1. Classification 1.1 Classification using MQC Classification is the process of assigning a packet to a category. QoS parameters are assigned to each category, therefore a different QoS level is applied for each packet. Classification of the packets can be done using information at Layer 2, Layer 3, Layer 4 …

Multicast 101

1. Multicast Addressing 1.1 Layer 3 Addressing Multicast IP packets are sent from the source to a destination IP in the range 224.0.0.0/4 (224.0.0.0 – 239.255.255.255). It means every multicast IP address starts with 1110 bits. This range is further subdivided in several blocks. The most important ones are: Local …