Ivan Pepelnjak
One of the most common questions asked by our enterprise customers is “Who needs IPv6?” Since IPv6 does not add any significant new functionality (apart from larger address space), you can’t gain much by deploying it in an enterprise network … unless you’re huge enough that the private IPv4 addr...
Ivan Pepelnjak
To complete the information about the DHCP address change behavior, I’ve collected a few more debugging printouts and combined them with the information from the previous posts into the Cisco IOS DHCP client behavior section of the DHCP client address change article in the CT3 wiki.
Ivan Pepelnjak
Last week I’ve described how you can use EEM to detect long-term interface congestion which could indicate denial-of-service attack. ...
Ivan Pepelnjak
I’ve had an interesting discussion with Nicolas who optimized my OSPF neighbor loss EEM applet assuming the OSPF-5-ADJCHG message reports only OSPF neighbor state transitions from DOWN to FULL and from FULL to DOWN. ...
Sanjeewa Alahakone
Sanjeewa Alahakone
log-adjacency-changes detail
November 17 at 5:15pm
Ivan Pepelnjak
Continuing from my first excursion into the brave new world of HQF, I wanted to check how well the intra-class fair queuing works...
Ivan Pepelnjak
Someone sent me an interesting question a while ago: “is it possible to detect DOS flooding with an EEM applet?” Of course it is (assuming the DOS attack results in very high load on the Internet-facing interface) and the best option is the EEM interface event detector.Interface event detector is ...
Ivan Pepelnjak
With the recent Cisco’s push into the Data Center environment and all the (not so very unreasonable) fuss around IPv4 address depletion and imminent need for IPv6, I wanted to check whether an all-Cisco shop could do the first step: deploy IPv6 on Internet-facing production servers. ...
Ivan Pepelnjak

Ivan Pepelnjak What DNS is NOT ... highly recommended reading

Source: queue.acm.org
Ivan Pepelnjak
Several readers told me that the Hierarchical Queuing Framework introduced in IOS releases 12.4(20)T and 15.0 (why do I always have the urge to write 12.5?) works much better than CB-WFQ...
Ivan Pepelnjak
Most of the respondents to my last week’s challenge got it almost right. The minor (common) error was the assumption that police rate percent 50 would result in a TCP session getting 50% of the bandwidth. ...
Ivan Pepelnjak
ITU (the organization formerly known as CCITT) is having a bit of a relevance problem these days: its flagship technological achievements, including X.25, ISDN, ATM and SDH are dead or headed toward oblivion … and a former pariah, a group of geeks, is stealing the show and rolling out the I...
Ivan Pepelnjak
Last week I’ve published two posts that deserve a follow-up/summary. Don’t worry, it’s coming. I’ve...
Ivan Pepelnjak
I have to admit I was somewhat surprised by the lab test results I’ve published in my previous CB-WFQ post. It looks like we’ve been fed misleading information about (classic) CB-WFQ behavior for years. Do...
Ivan Pepelnjak
Decades ago when I was still in high school and working on a programming project during the summer break, an IT old-timer gave me the following bit of advice: “Remember, God created professions so that everyone could do the job he’s qualified to do”. It t...
Ivan Pepelnjak

Ivan Pepelnjak Fast flux DNS zones: disgusting from the user's perspective, interesting from the technology standpoint.