Dynamic Multipoint VPN (DMVPN)

DMVPN is combination of 4 things:

  1. Multipoint GRE.
  2. Next Hop Resolution Protocol (NHRP).
  3. Crypto IPsec.
  4. Routing that running over the network.

Continue reading


System Messages and Recovery Procedures for the Cisco Nexus 3000 Family

This chapter includes system messages for the Cisco NX-OS Nexus 3000 family of switches. The messages are listed in alphabetical order by the system facility that produces them. Within each system facility section, messages are listed alphabetically by severity and mnemonics. Each error message is followed by an explanation and a recommended action.

Continue reading

Private VLAN’s and PVLAN Edge

Overview of attacks & countermeasures

  • IP spoofing – IP source guards, PACL
  • STP Spoofing – BPDU guard, Root guards
  • MAC Spoofing  – Port Security , Static CAM table entries
  • DHCP Server Spoofing – DHCP Snooping
  • ARP Spoofing – ARP inspection (ASA + IPS )
  • VLAN Hopping – Disable auto DTP *
  • CAM Floods – Port Security , 802.1x
  • DHCP Starvation – DHCP Rate limiting

Continue reading

What Cisco Output Commands Are In A “Show Tech” On The Nexus 5000?

Have you ever wondered what commands were actually in a “show tech” on the Nexus 5000? Well, I did. There seems to be a lot of info in there, and there really is. I compiled a list of commands that a show tech runs on a Nexus 5000 and have listed them below. Enjoy!

Continue reading

Switchport Errors – Determining the cause

Many times we (network engineers) hear the complaint “the network is working, but it is terribly slow”. This is often one user’s perception of a perfectly working network however, other times there is something to the complaint.  One thing to check is if that particular user’s switchport is reporting any errors.  Let’s take a look at the error counters on a typical switchport.

Continue reading