LTLnetworker | IT hálózatok, biztonság, Cisco

               IT networks, security, Cisco

Archive for the ‘routing’ Category

Management network topology and asymmetric routing

Posted by ltlnetworker on August 16, 2015

We all want a management network or at least a management VLAN. Regarding those who say they have none, actually they do have a VLAN for management, it is probably just shared with ordinary users (i. e. it is not dedicated). But most IT people prefer a dedicated VLAN that is not used for other kind of traffic and preferably not reachable for users.

In this article we use this definition:
a management VLAN or management network is a dedicated segment for network management traffic which can be used for:

  • administering your network devices (aka device access: switches, routers, firewalls via telnet, ssh, https etc.)
  • collecting monitoring information (syslog, SNMP etc.)
  • hosting syslog, monitoring and management servers (Nagios, Tivoli, Cisco Prime etc.)
  • AAA traffic (RADIUS or TACACS+ to Cisco ACS/ISE)

Read the rest of this entry »

Posted in ASA, Check Point, Cisco, F5, Fortinet, routing, switch | Tagged: , , , , , | 3 Comments »

Route not advertised due to EIGRP zero successor

Posted by ltlnetworker on December 4, 2013

This article’s topic really fits in this blog’s genre. It focuses on a case of classic routing protocol behaviour inspection.

I was looking at the subnets in the routing tables when I noticed that a network I picked up was absent in one of the devices. It is a VLAN routed on a pair of core switches (SW1,SW2). The switches advertise the VLANs by EIGRP and all other routers learn it as external EIGRP routes (due to redistribute connected). However, there’s a router R2 connected to SW2 by a L3 link that doesn’t have the network in the routing table.

Let’s see R2’s EIGRP config :
Read the rest of this entry »

Posted in Cisco, router IOS, routing | Tagged: | Leave a Comment »