What has networking in common with fashion? Answer, it moves in cycles. One year flares are in and you are looking good, and the next you find yourself behind the trend and struggling to keep up. In the early 80’s, the approach to networking solutions was based around a ‘centralised’ model. Remember IBM green machines: dumb terminals, 64k floppy disc drives? The ‘intelligence’ and ‘data resources’ of the network were mainframe centric, a centralised deployment. Since then we have been on a long and inexorable journey towards a ‘de-centralised’ model. Where intelligence, functionality and data resources have been increasingly pushed to the edge of the network and peripheral devices: high powered laptops, notebooks, PDAs, mobile phones etc. So what? I hear you say. Well there is a new word in town and it will have major implications, if not already. Move over ‘convergence’ and make way for ‘consolidation’. Due to advancements in data centre technology and increasing government legislation requiring companies to manage and secure all data for periods up to 5 years, consolidation of data resources in a central secure environment will be an ever increasing priority for most companies. What’s the point? Point is, as we consolidate data, what becomes more important? The NETWORK. The network is the enabler. Data centre and networking technologies are becoming interdependent. This is reflected in the fact that we see a lot of people attending Cisco courses who are primarily from a desktop background!! One last thought, Google are launching their own Notebook. It has no hardrives, no application support. It is just a browser that allows you to access applications and data that you have handed over to the Google cloud. Is this the return of the dumb terminal? Are we coming full cycle? Are flares back in fashion?
Try a free router!
… Well not quite.
Although there are lots of route servers that you can play on for FREE. These routers are live and working and used to check for issues related to your IP address space. To try one then just telnet to router1.ccie-security.com and login using rviews as the username.
Try these commands for fun:
show ip route
sh version
Enjoy!
Grant Wilson
IPv6 Testing Day: June 8, 2011!!
The internet will soon be running out of IP addresses, which means that we inevitably will have to move to IPv6 addresses very soon. There are supposedly 91 million addresses remaining, which might seem like a lot, but considering the number of devices coming online each day, these addresses will only suffice for around a month or two. After that, no new devices will be able to connect to the internet.
IPv6 “should” take over sometime in 2011.
A few popular services namely Google, Facebook, Yahoo! and Akami have decided to test out IPv6 on the 8th of June this year along with the Internet Society, an organization which handles internet standards. The exercise is being done to eliminate any issues that might crop up during the worldwide transition to IPv6. IPv6 currently has provision for about four billion IPs. Moving to IPv6 will allow four billion times that number. Google has already been running an IPv6 server (http://ipv6.google.com) since 2008. During the test, sites such as Google and Youtube.com will run on a separate IPv6 server.
If you want to see if your device or system is IPv6 ready, visit http://www.test-ipv6.com
ASA 8.4 – With IKE v2 and Etherchannel!
IKE v2.
Internet Key Exchange version 2 (IKEv2) is the latest key exchange protocol used to establish and control Internet Protocol Security (IPsec) tunnels. The ASA now supports IPsec with IKEv2 for the AnyConnect Secure Mobility Client, Version 3.0(1), for all client operating systems.
On the ASA, you enable IPsec connections for users in the group policy. For the AnyConnect client, you specify the primary protocol (IPsec or SSL) for each ASA in the server list of the client profile. IPsec remote access VPN using IKEv2 was added to the AnyConnect Essentials and AnyConnect Premium licenses.
Site-to-site sessions were added to the Other VPN license (formerly IPsec VPN). The Other VPN license is included in the Base license.
The following commands have been modified: vpn-tunnel-protocol, crypto ikev2 policy, crypto ikev2 enable, crypto ipsec ikev2, crypto dynamic-map, crypto map.
Etherchannel.
You can configure up to 48 802.3ad EtherChannels of eight active interfaces each. Note You cannot use interfaces on the 4GE SSM, including the integrated 4GE SSM in slot 1 on the ASA 5550, as part of an EtherChannel.
The following commands have been modified: channel-group, lacp port-priority, interface port-channel, lacp max-bundle, port-channel min-bundle, port-channel load-balance, lacp system-priority, clear lacp counters, show lacp, show port-channel.