Highest Voted Questions - Network Engineering Stack Exchange

8

votes

1 answer

How to failover static ipsec vpn tunnels?

I have a network with resilient gateways whereby Customer sites use a default gateway to reach the internet edge routers and the primary route for traffic uses a lower metric. ipsec tunnels are initiated from vpn concentrators behind the edge…

cisco vpn ipsec failover

asked Dec 24 '13 at 13:01

MattE

2,087
4
24
34

8

votes

1 answer

Factors that determine compatibility of SFPs with new fibre services?

Whilst I understand that product recommendations are off topic can anyone help by explaining what the critical factors are when looking for SFPs that are going to be compatible with a new service? Is wavelength a defining factor that should be…

fiber cisco-nexus-5k 10gbase sfp

asked Dec 19 '13 at 17:13

MattE

2,087
4
24
34

8

votes

1 answer

Are the SFP/SFP+ int's on WS-X45-SUP7-E autosensing?

I have two Cisco Catalyst 4510R+E systems that I am interconnecting, using the interfaces on the sup's (both have dual Sup7-E's.) They are marked 1G/10G Uplinks (SFP/SFP+) on the sup above the interfaces. I have ordered 10G SFP+ modules, but in the…

cisco-catalyst fiber

asked Dec 18 '13 at 22:41

Will Dennis

461
1
5
16

8

votes

1 answer

What is the expected behaviour of the ARP cache?

I am familiar with the arp cache being relative to the default age timer regardless of whether a packet has been seen or not and that the router should refresh entries by sending an update arp request before the default 240 mins have expired in…

cisco

asked Dec 18 '13 at 22:39

MattE

2,087
4
24
34

8

votes

2 answers

Are ICMP Redirect messages really bad?

Due to potential for MITM attack, ICMP redirect messages should be blocked. However, the original purpose of the ICMP redirect message is to inform the host of a better router (or gateway). Then, is there a speed issue with disabling ICMP redirect…

icmp

asked Dec 06 '18 at 00:48

baeharam

257
2
5

8

votes

2 answers

NAT with VPN Site to Site and Remote LANs with same IP address

I have a ASA5510 to connect clients to my company. I use a site-to-site IPSec VPN with a variety of vendors on the other side (Cisco, Sonicwall, Zyxel, Checkpoint, etc...). For every remote LAN, I translate the network client in a single IP address;…

cisco-asa vpn nat ipsec

asked Dec 17 '13 at 12:32

lmperso

81
1
2

8

votes

2 answers

What's the difference between Ethernet link and Serial link?

Sometimes we see router connected use Ethernet link, sometimes use Serial link, what's the difference between them? and in what scenario we use them?

cisco router ethernet

asked Nov 27 '18 at 08:35

26334_zeal

339
2
5
12

8

votes

4 answers

QoS on a dedicated VOIP network

Is there any point in enabling QoS on a dedicated VOIP network that only has VOIP traffic?

qos voip

asked Dec 16 '13 at 10:11

Brian Parker

83
5

8

votes

1 answer

Run MACsec and VLAN in parallel?

MACsec (IEEE 802.1ae) adds a security tag to an Ethernet frame and encrypts the IEEE 802.1Q field, the EtherType and the payload field. If you want to use VLAN, you need the 802.1Q field to announce the VLAN ID. The EtherType is usually set to…

ethernet security mac

asked Nov 08 '18 at 13:37

null

215
2
6

8

votes

3 answers

Using Fabric on a Cisco device : "Line has invalid autocommand"

I wasn't sure where to ask this but it seems to be something on the switch side so I thought I would start here first. I am working on a little project to automate updates to config files in bulk using Fabric. I have everything installed and…

cisco-catalyst cisco-ios-12

asked May 17 '13 at 15:42

jmreicha

272
2
10

8

votes

4 answers

Why is a TCP Socket identified by a 4 tuple?

Newbie to networking here. I'm reading the Computer Networking (3rd edition) book, and in section 3.2 they are discussing multiplexing / demultiplexing for both UDP and TCP. In the UDP protocol, a socket is uniquely identified by the source IP and…

tcp protocol-theory udp layer4 transport-protocol

asked Oct 30 '18 at 10:27

Steven L.

183
1
1
4

8

votes

7 answers

Juniper EX-series: How can I transfer a config from one switch to another?

I have a lab EX-2200 that has a config on it that I now want to replicate onto four more EX-2200's... I'm sure there's probably an easy way to do this, but couldn't find it on the Juniper KB or by (a minimum amount of) Googling. Anyone here know?

juniper juniper-ex

asked Dec 10 '13 at 18:50

Will Dennis

461
1
5
16

8

votes

2 answers

Cisco Nexus Fabric Extenders with 10G-SFP in path?

We are looking to deploy a new data center build-out with Nexus 7ks and Nexus 2ks(FEX). I know the Nexus 2ks come bundled with the Fabric Extenders to be used to uplink to the Nexus 7ks. Our plan however is to put Gigamon fiber taps in-line of all…

fiber cisco-nexus-2000 cisco-nexus-7k tap

asked Dec 03 '13 at 17:14

ge0ff73

271
1
8

8

votes

3 answers

whois 243.25.203.20

I see this ip address actively accessing gmail account in spite of 2-Step Verification. whois 243.25.203.20 produces following message: No whois server is known for this kind of object. How can I find out what functionality uses this ip?

security

asked Sep 04 '18 at 09:28

Peter J

83
1
5

8

votes

1 answer

Why is the ethernet payload fixed between 46 and 1500 bytes?

Can anyone explain why the ethernet payload size is fixed between 46 and 1500 bytes ? I read so many articles never get the clarification?

ethernet protocol-theory

asked Dec 01 '13 at 06:55

user2720323

1,611
9
20
26

Most Popular