My lazy dog

October 8, 2015

802.1X Host Modes

Filed under: Cisco — Tags: , , , — Per Tenggren @ 3:21 pm

Capture

August 19, 2015

Cisco Email Security Appliance (ESA) – Handling Incoming and Outgoing Messages Differently

Filed under: Cisco — Tags: , , — Per Tenggren @ 1:31 pm

The Email Security appliances uses two different sets of mail policies for message content security:

  • Incoming mail policies for messages are messages received from connections that match an ACCEPT HAT policy in any listener.
  • Outgoing mail policies for messages are messages from connections that match a RELAY HAT policy in any listener. This includes any connection that was authenticated with SMTP AUTH.

Cisco Email Security Appliance (ESA) pipeline

Filed under: Cisco — Tags: , , — Per Tenggren @ 1:23 pm

Capture

August 12, 2015

Cisco Email Security Appliance (ESA) message flow

Filed under: Cisco — Tags: , , — Per Tenggren @ 2:42 pm

Capture

April 6, 2014

Convert AF to DSCP / DSCP to AF

Filed under: Uncategorized — Per Tenggren @ 10:30 am

AFxy=(8*x)+(2*y) 

AF13 = (8*1)+(2*3) = DSCP 14

AF31 = (8*3)+(2*1) = DSCP 26

AF43 = (8*4)+(2*3) = DSCP 38

 

AFxy where, x = Floor Value [(DSCP Value)/8], y = [(Remainder)/2]

DSCP 14 = AFxy where, x = Floor Value of (14/8) = 1, y = (Remainder)/2 = 6/2 = 3, so AFxy = AF13

DSCP 26 = AFxy where, x = Floor Value of (26/8) = 3, y = (Remainder)/2 = 2/2 = 1, so AFxy = AF31

DSCP 38 = AFxy where, x = Floor value of (38/8) = 4, y = (Remainder)/2 = 6/2 = 3, so AFxy = AF43

 

Thanks Mijanur!

Source: http://dreamforccie.wordpress.com/2010/04/23/convert-phb-af-to-dscp-decimal-and-vise-versa-its-so-easy/

November 27, 2011

BGP Best Path Selection Algorithm (Cisco)

Filed under: BGP — Per Tenggren @ 4:31 pm
  1. Prefer the path with the highest WEIGHT.
  2. Prefer the path with the highest LOCAL_PREF
  3. Prefer the path that was locally originated via a network or aggregate BGP subcommand or through redistribution from an IGP.
  4. Prefer the path with the shortest AS_PATH.
  5. Prefer the path with the lowest origin type.
  6. Prefer the path with the lowest multi-exit discriminator (MED).
  7. Prefer eBGP over iBGP paths.
  8. Prefer the path with the lowest IGP metric to the BGP next hop.
  9. Determine if multiple paths require installation in the routing table for BGP Multipath.
  10. When both paths are external, prefer the path that was received first (the oldest one).
  11. Prefer the route that comes from the BGP router with the lowest router ID.
  12. If the originator or router ID is the same for multiple paths, prefer the path with the minimum cluster list length.
  13. Prefer the path that comes from the lowest neighbor address.

Source: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml

September 14, 2010

Default Administrative Distances

Filed under: Uncategorized — Per Tenggren @ 12:06 pm

0 – Connected
1 – Static
5 – EIGRP summary route
20 – eBGP
90 – EIGRP (internal)
100 – IGRP
110 – OSPF
115 – IS-IS
120 – RIP
160 – ODR
170 – EIGRP (external)
200 – iBGP
255 – Unreachable

December 9, 2009

Different QOS values

Filed under: QOS — Per Tenggren @ 8:44 pm
Per Hop Behaviour (PHB) DiffServ Code Point (DSCP) IP Precedence
Default 0
000000
Assured Forwarding Low Drop Probability Medium Drop Probability High Drop Probability
Class 1 AF11 AF12 AF13 1
001010 001100 001110
Class 2 AF21 AF22 AF23 2
010010 010100 010110
Class 3 AF31 AF32 AF33 3
011010 011100 011110
Class 4 AF41 AF42 AF43 4
100010 100100 100110
Expedited Forwarding EF 5
101110


DSCP Binary Decimal
Default 000000 0
CS1 001000 8
AF11 001010 10
AF12 001100 12
AF13 001110 14
CS2 010000 16
AF21 010010 18
AF22 010100 20
AF23 010110 22
CS3 011000 24
AF31 011010 26
AF32 011100 28
AF33 011110 30
CS4 100000 32
AF41 100010 34
AF42 100100 36
AF43 100110 38
CS5 101000 40
EF 101110 46
CS6 110000 48
CS7 111000 56

Create a free website or blog at WordPress.com.