DMVPN provides the capability for creating a dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers, including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key Management Protocol) peers. DMVPN is initially configured to build out a hub-and-spoke network by statically configuring the hubs Read more…
Layer 2 VPNs are a type of Virtual Private Network (VPN) that uses MPLS labels to transport data. The communication occurs between routers that are known as Provider Edge routers (PEs), as they sit on the edge of the provider's network, next to the customer's network. Internet providers who have Read more…
A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data as if their computers were directly connected to the private network. A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a Read more…
Normally, routes are propagated regardless of the existence of a different path. The BGP conditional advertisement feature uses the non-exist-map and the advertise-map keywords of the neighbor advertise-map command in order to track routes by the route prefix. If a route prefix is not present in output of the non-exist-map Read more…
Layer 3, or VPRN (virtual private routed network), utilizes layer 3 VRF (VPN/virtual routing and forwarding) to segment routing tables for each customer utilizing the service. The customer peers with the service provider router and the two exchange routes, which are placed into a routing table specific to the customer. Read more…
Route redistribution is the process of sharing routes from one routing protocol and distribute them into another. By default, routers only advertise and share routes with other routers running the same protocol. As such if one router is configured for OSPF and the other EIGRP and need to share routes, Read more…
Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. The Border Gateway Protocol makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator and is involved in making core routing Read more…
Network Address Translation (NAT) in its most simple form is a method of translating a one IP address to another. For example a public IP address is translated to a private IP address and vice versa. Without NAT computers on private networks would be unable to reach any Internet resources Read more…
ISP failover is the ability to failover from one ISP to another, or more specifically from one route to another, in order to ensure availability and access. In order to facilitate this functionality we must use a feature called IP SLA . IP SLAs sends data across the network to measure reachability Read more…
Zone-Based Firewalls (ZBF) is a firewall methodology of placing interfaces into zone and defining traffic definitions to allow traffic to pass or drop. In the past firewalls were comprised of access-list that would define both source and destination as well as having the option to specify a port. This type Read more…