April 19, 2014
I don’t think i have ever done this but i did originally write up the websites scope to include thought provoking articles. So anyway a quick thought about Security and how it should matter for everyone, not just from an organisational/enterprise level but even the personal/home computer and network security category.
So where am i going with this ? , well not too long ago there was the huge news of the SSL hole that allowed the data to be bled from RAM of a remote server, there was a miscalculation in the code and this allowed the checksum or something to become overlooked. So what was so scary ?, well the fact that in that “bled” data you could possibly discover login credentials of someone who had authenticated before you etc. I’m not very well versed in the technical terminology here but you get the idea. So this was the first instance where Security was in the front of my eyes and i began thinking about it alot more.
Then i read an article about how people use the same passwords or AKA password recycling across many websites and this is (obviously) poor management, because if one account belonging to yourself is compromised, it’s likely the rest of your online world is too. There was also talk of mitigation techniques that could be integrated into the logon process such as OTP (one time passwords) (Is that the correct acronym ? ) which could be sent to your mobile phone instead of emailing a password reset, it’s likely that if your facebook was hacked and they got into your email they have full control, so the use of the OTP would stop them here. Anyway the article goes on and it makes a very convincing argument to do so.
Then, a friend who also works in the IT world had a rant on Facebook, which again highlighted the importance of security when it comes to passwords. Basically the ISP could read back the Password to the caller over the phone after they had passed a few identification questions. He had asked the company to assure him his passwords where hashed and that his personal data was safe but obviously they weren’t too keen to go into specifics because sharing security measures in place can be counter intuitive but nonetheless the concern here is security, as it would only take one clever nerd to discover the ISP’s flaws (if they exist) and recover 100’s if not thousands of company passwords, as they can obviously be unencrypted to be seen in plain text. The theme here again is Security.
Quickly recapping, we got the heartbleed flaw which enabled data to “bleed” out over during remote requests and this could’ve proven chaotic globally. Then the article on OTP and the reasons behind it, Facebook rant and hashing of passwords or in this case not. So right now your thinking “ok, there is obviously alot of security work to do in the IT world” you’d be right and i had complete faith in most “Security Professionals” basically because my skills, while they do involve security and authentication, it is not a speciality point for me whilst working. It’s the Routing and switching side of things i really love but after you read the excerpt below, i’m gonna make a huge effort to master security too and this is why:
Excerpt from an email received from Learning@cisco , dated 18/04/2014
The Cybersecurity Skills Gap Is Worse Than You Think —
Network World, January 21, 2014
Enterprise Strategy Group (ESG) asked 315 security professionals working at enterprise organizations (i.e., employing more than 1,000 employees) whether they were familiar with multiple types of malware techniques.
- 50 percent of security professionals are “not very familiar” or “not at all familiar” with command and control communications techniques.
- 40 percent are “not very familiar” or “not at all familiar” with polymorphic malware.
- 29 percent are “not very familiar” or “not at all familiar” with zero-day malware.
So that’s just three dot points, which brings us to my point, which here is SECURITY SECURITY SECURITY. If you want it done right, you gotta do it yourself.
Leave a Comment » | Security | Tagged: article, authentication, hacking, hash, heartbleed, it security, network security, one time passwords, passwords, security, security professionals | Permalink
Posted by Josh Gahan
April 19, 2014
DUAL or Diffusing Update Algorithm is responsible for the following.
- Responsible for selecting and maintaing the best path to remote networks
- DUAL also allows EIGRP to execute the following:
- Calculate backup routes (if available)
- Allows support of VLSM
- Allows EIGRP to perform Dynamic Route Recovery
- Questions EIGRP neighbours for any unknown alternate routes
- Queries for alternate routes
- Is the reason EIGRP can converge amazingly fast.
Leave a Comment » | ICND2 Topics, Networking, Protocols, Routers | Tagged: ccna eigrp, cisco dual, Diffusing update algorithm, DUAL, eigrp, eigrp and dual, what is dual for | Permalink
Posted by Josh Gahan
April 16, 2014
This is a brief rundown of RTP and how it is used by EIGRP for reliable communication.
- Proprietary Protocol
- Used and relied on by EIGRP for reliable packet delivery to neighbours.
- Manages inter EIGRP router communications
So EIGRP uses the multicast address 224.0.0.10 and each time a multicast is sent, it is recorded and awaits a reply of receipt. If and when the multicasts fails, EIGRP will switch to unicast packets and continue to await a reply. If there is no response after 16 attempts, that neighbour is declared dead.
So any information these routers send between neighbours is tracked and tagged with sequence numbers, this allows the routers to identify:
- Old
- Out of order
- Redundant Information
Leave a Comment » | ICND2 Topics, Networking, Protocols, Routers | Tagged: ccna, eigrp, EIGRP RTP, eigrpv6, Enhanced IGRP, icnd2, Reliable Transport Protocol, RTP, sequence numbers | Permalink
Posted by Josh Gahan
April 15, 2014
Feasible Distance:
One of the metrics used to calculate the best path and it is the best cost path as determined by the “Local” router
Reported Distance:
Reported or Advertised Distance is a metric that is calculated by a remote neighbour in a remote network.
Nb. The route with the lowed FD is the route that will populate the EIGRP routing table.
Neighbour Table:
Stored in RAM, this table is a record of all adjacent neighbours address and interfaces. Each router will use this table to track the current state information of its neighbours
Topology Table:
This table records destinations as reachable by its neighbours or simply the topology of the network. Any changes will be triggered with partial updates
Routing Table:
Using the information found in the topology table, EIGRP will place the best routes into the routing table. known as successor routes, they provide the least cost to reach the remote network.
Feasible Successor:
An inferior alternate route to the successor, which is located in both the topology and routing table, whereas the feasible successor is only recorded inside the topology table. If the successor route was to fail this would be considered the backup route and take over.
It is good to note that in IOS 15.0 code you can keep upto 32 feasible successor routes in the topology table and previous codes upto 16.
Successor Route:
This is the best route to a remote network, and as mentioned previously it is recorded in both the routing and topology tables.
Leave a Comment » | ICND2 Topics, Networking, Protocols, Routers | Tagged: backup route, best route, convergence, eigrp, eigrp metric, feasible successor, metric, neighbour table, reported distance, routing table, successor, successor route, topology table | Permalink
Posted by Josh Gahan
April 13, 2014
There are alot of new terms and techniques that are needed to be learnt in order to get a grasp of the IPv6 principles and as promised i will go over the types of IPv6 addresses that exist. The one that doesn’t exist anymore is the broadcast. Anyway they are:
IPv6 Multicast
- First 8Bits are 1
- or FF00::/8
This works just like the IPv4 brother and is used to send traffic to a subset of devices, it also functions, at times, like a broadcast. In the new IPv6 world there is no such thing but the multicast addressing does the same thing.
Unspecified
- Devices use this IPv6 address to ask for an IPv6 address from a DHCP server
- Written as ::/128
Does as described, before a device has an IP it will use the ::/128 IP as the source and when a DHCP server responds to the request an unused IPv6 address will be assigned.
Loopback
- Performs the same functions as 127.0.0.1 does in IPv4
- ::1/128
This address is used basically to troubleshoot and test the IP stack on devices.
Link Local
- Every device will generate a link local address
- Only used to communicate on the local broadcast domain, meaning it won’t pass a router or the Layer 2 link.
- Written and identified by FE80::/10
- Link-Local address are generated using the EUI-64 rules aka Stateless Address Auto-configuration (SLAAC)
The link-local address is quite unique and as stated above it will not be used outside the broadcast domain, so without any configuration at all you should be able to connect devices on the same broadcast domain and have connectivity using the Link Local addresses. It’s a pretty cool feature of IPv6 and something to look out for too.
Global
- Can be routed via the internet and between networks
- Reachable by routers globally
- 2000::/3 – First 3Bits must be 001
- AKA Global Unicast Address
Basically this is the address that your local RIR or ISP will allocate to you to use, without going into details you would be given a further subdivided piece of the above address space to use to connect to the internet. Once this is setup and configured you will be reachable by other routers globally.
Anycast
- Allow the use of the same IP addresse in different locations
- Function like Global IPv6 Addresses.
The Anycast feature of IPv6 can be used to allow the use of identical IPv6 addresses in different locations. The reason for this is so that you can setup servers for almost anything and the requesting host will find the destination which is closer, not just via metric but this could mean physically too.
Leave a Comment » | ICND2 Topics, Networking, Protocols, Routers | Tagged: anycast, ccna, ccna exam, cisco, eui -64, eui64, FE80::, icnd1, icnd2, internet protocol, ip, ipv6, ipv6 address, ipv6 link-local, ipv6 loopback, link local, loopback, multicast, router, slaac, unspecified | Permalink
Posted by Josh Gahan
April 7, 2014
IPv6 – Why and When
So what is IPv6, why do we need it and what is it good for ?
It was anticipated back in the 80’s that we would one day run out of IPv4 address’s and the IANA ran out of IPv4 allocations on Jan 31st 2011. This is why IPv6 was developed, it is the successor to IPv4.
We all know that IP, a network layer (Layer 3) protocol is used for logical addressing, so without an IP address any attempt to access services or devices outside your local Broadcast Domain (Layer 2) would prove unsuccessful. With IPv6 now becoming more prevalent in todays networks and the fact Cisco now covers it in the ICND1 exams, it’s a sure sign that it’s time to move with the times. Not only is IPv6 a more efficient protocol, (as we have learnt from IPv4) is also has some cool features which are included within the protocol itself (IPsec being one).
So what’s changed ? , well the most notable is the length of the address and instead of using decimal numbers to represent the address, IPv6 makes use of Hexadecimal to represent it. Each HEX value is worth 4bits and with now 8 groups of 4 hexadecimal values we have increased from a 32Bit addressing system to 128Bit. This means that we now have 3.4×10^38 IPv6 addresses available (Goodluck pronouncing that), this means for any foreseeable future it is very unlikely that we will run out of addresses to use (But they did say who would ever need more then 4kb of storage).
IPv6 Addresses
An Example IPv6 would look like so: FE80:0003:AC33:1111:1200:ADFF:FE43:00D4 (For those keen eyed readers, yes it’s a link local address)
Like IPv4 where we use subnet masks to represent a host and network portion, the same goes for IPv6. a /64 “mask”, using the above example, would mean it is in the FE80:3:AC33:1111 – network. with the other 64bits available for host addressing.
Address Condensing Rules
If you noticed that above i wrote the second group of hex digits as :3 instead of :0003, this brings me to the following rules to condensing an IPv6 address down, cause they are just so damn long now. Anyway they are:
- Leading Zero’s can be dropped – eg 00AB:6500 can become AB:6500
- Double Colons can represent one or more groups of zero’s but it can only be used once – eg 1234:0000:0000:4567 becomes 1234::4567
- To iterate the above rule, you can only do this once, as the router/computer is expecting 8 groups of hex, it will be confused if we use more then one set. As it won’t know how many groupings each double colon represents.
My next posts i will go into detail about the type of IPv6 addresses and something called EUI-64. Check out my twitter if you want to get a peek at what it is. @networkinggahan (Twitter)
Leave a Comment » | Networking, Protocols, Routers | Tagged: ccna, cisco, data-link layer, dual stack, iana, icnd1, icnd2, IPsec, ipv4, ipv6, ipv6 cisco, ipv6 condensing rules, ipv6 shortening rules, layer 2, layer 3, link local, network layer, what is ipv6, why ipv6 | Permalink
Posted by Josh Gahan
April 2, 2014
Hey all,
If you’ve navigated the website and been following the posts, you may have noticed that for the end of last year the topics where being written up in a organised manner, following the flow of the Cisco ICND2 objectives.
It has been some time since i have been able to get into the studying, unfortunately it has been since Christmas but i am, no doubt on track again.
Just want to let you know that in keeping with one of my original goals to use this as a general note taking resource, i will be trying to reflect that method in my future posts. The reason i say that is it may start to look like i’m jumping from topic to topic.
To keep those who are using this to study i have used the appropriate tags to categorise the posts, so by using them you should be able to find related material more easily, or just search using the search over on the right.
One day i do plan to clean it all up but for now it’s a good access anywhere tool for work.
Thanks all i hope to expand my knowledge in this field for a very long time to come. Meaning i’m not going anywhere. 😀
Leave a Comment » | Take a break | Tagged: author, blog, blog posts, joshgahan, update, word from the author. blog update | Permalink
Posted by Josh Gahan
April 2, 2014
Distance vector routing protocols are considered the most efficient routing protocols when it comes to the use of the device resources. Also unlike Link State protocols, who will share the entire routing “map” with every other adjacent device, Link State protocols prefer to share only the bare essentials and advertise only the best route.
To compare, Link Sate will advertise all routes to a destination but in Distance Vector they will only advertise the “best”. This helps keep the routing tables small and like i said at the start, the router operates more efficiently and uses less device resources.
Distance Vector also has some route looping mitigation techniques in operation, to help stop Routing Loops from forming.
They are:
- Triggered Updates
- Route Poisoning
- Maximum Distance (Hops)
- Split Horizon
- Hold Down Timers
These are all on and running by default and usually they won’t need to be turned off. There are some exceptions though where these preventions impair the operation of certain network designs. eg.. Frame relay network setup in a hub-spoke topology, due to things like split horizon certain routes won’t be advertised to adjacent routers, i’ll explain that later.
Leave a Comment » | ICND2 Topics, Networking, Protocols, Routers | Tagged: distance vector, eigrp, frame relay, hold down timers, icnd1, icnd2, loop routing, maximum hops, on by default, RIP, ripng, ripv2, route poisoning, routing loops, split horizon, triggered updates | Permalink
Posted by Josh Gahan
April 1, 2014
EIGRP Notes:
- Reffered to as a hybrid routing protocol or advanced distance vector routing protocol within some documentation
- Supports VLSM and route summarisation
- Cisco proprietary protocol
- Includes Subnet mask in routing updates
EIGRP supports the following features.
- IPv4 and v6
- Classless
- VLSM and CIDR
- Summarisation of networks and discontiguous ones
- Uses Reliable Transport Protocol (RTP)
- Path selection is via Diffusing Update Algorithm (DUAL)
- No broadcasts
The following three values must match between EIGRP enabled routers before they become neighbours and then they can share routes.
- Reception of either a Hello or ACK
- Autonomous System Numbers
- Same K Values
The Hello timer by default is set to 5 seconds, the Hello message is used to establish neighbour relationships with other routers. The Hellos will alert other routers, also of new routers on the internetwork. This also means that when the Hello messages stop, the neighbour relationship will stop.
This brings me onto the Hold Timer, this timer is used to tell the router the time frame it should wait to receive a Hello from a neighbour before it declares that router dead. Once that happens it will be removed from the neighbour table and any routes which used that now dead router will have their paths recalculated.
Leave a Comment » | Networking, Protocols | Tagged: advanced distance vector, ccna, cisco, distance vector routing protocol, eigrp, enhanced routing protocol, hybrid routing protocol, hybris routing protocol, icnd2, Reliable Transport Protocol, routing protocols, tcpip, VLSM | Permalink
Posted by Josh Gahan
January 7, 2014
Well it’s been quiet here on my blog but now the holidays are over it’s time to get back into it all.
Keep an eye out for upcoming material in the coming days. Thanks again.
Leave a Comment » | Uncategorized | Permalink
Posted by Josh Gahan