Posted by: Carole Warner Reece
on Sep 28, 2009
I've recently been looking at BGP designs using route reflectors (RR). As a best practice for RR designs, the logical iBGP sessions should follow the physical topology. But what could happen if you don't follow this practice?
Posted by: William Bell
on Sep 26, 2009
If you have recently migrated to a Cisco UC appliance model or plan on migrating, you may have asked yourself this question. Cisco provides some recommendations in their various installation guides. I happen to like copSSH myself and I thought I would provide some information on the application and how I like to use it.
Posted by: William Bell
on Sep 26, 2009
Recently I have had a few customers that needed to have a basic queuing function but did not want to have a Contact Center/ACD application in their environment. In one instance, the customer was led to believe that they would need a UCCX server to do basic queuing. This is simply not true, there is an option available to administrators.
Posted by: Rob Chee
on Sep 24, 2009
With most network management systems and network security systems, SNMP is a critical component. One great tool for checking SNMP functionality is net-snmp. This tool works with Windows and Linux. From a security perspective, this net-snmp can be used as another troubleshooting tool to ensure that Cisco MARS and Cisco NCM are working correctly.
One basic tool, included with the toolset, is snmpwalk. This can be used to determine the OIDs used for a network device. Here's a partial execution of the command against a Cisco 2523 router.
Posted by: Carole Warner Reece
on Sep 21, 2009
You probably know a couple of ways to use BGP in an enterprise environment. Most commonly, BGP has been used in the enterprise to provide connectivity to the Internet, supporting multihoming solutions, traffic policies, and summarization. BGP has also been used in the core of large enterprise environments as a tool to enhance network scalability and support separate administrative control domains. However, another way to use BGP in the enterprise is on a single router supporting networking virtualization with VRF-Lite. (VRF-Lite is also known as Multi-VRF).
Posted by: William Bell
on Sep 18, 2009
David Hailey recently posted a blog on the differences between Integrated Message and Unified Messaging. After reading Hailey's blog I was reminded of a design discussion with a customer over messaging options on Unity Connection. With Unity Connection you have multiple options on how you handle voice messaging for a subscriber. The conversation on UM versus Integrated Messaging can also be extended to include voicemail only, voicemail relay, and voicemail accept and relay.
Posted by: Pete Welcher
on Sep 18, 2009
I've been working with two customers that I'd describe
as "rural fiber network providers". For background info, see http://www.netcraftsmen.net/resources/blogs/rural-fiber-networking.html. As I noted there, one of my customers had the need for some IP multicast (IPmc) within a VRF, initially at least, to support IP telephony. Since it is a school system, I have a suspicion multicast "channels" of video might be lurking in their future.
Posted by: Pete Welcher
on Sep 18, 2009
I've been working with two customers that I'd describe as "rural fiber network providers". Their designs and business objectives differ somewhat. (For more about one, Google "Michael Minnich" and "fiber farms" -- and thanks to Mike for getting me and Chesapeake Netcraftsmen involved in his project, and to Brian / Scott and BCC for their project. They're the entrepreneurs, putting their credit at risk to make their vision happen!)
Posted by: Pete Welcher
on Sep 18, 2009
I just spent some time on an interesting and somewhat obscure ASA troubleshooting problem. It ended up being resolved by a note in some of the Cisco web pages, something I suspect is an often-missed but important little tidbit. And I suspect it is quietly a potential problem or irritant for all those of us who missed it. It applies to any router or firewall doing NAT.
Posted by: Rob Chee
on Sep 17, 2009
Do you have security policy requirements that need to be enforced on your routers and switches? One option to accomplish this task is to periodically check the configurations of all routers and switches. This approach is painful and time consuming. Another option is to use an application to automate this process. This is one of the areas where Cisco Network Compliance Manager (NCM) can assist. With NCM you can create policies that regularly check for elements of your security policy and alert you if they are not being met. NCM does this by first grabbing the router and switch configurations on a periodic basis. NCM then matches these configurations against the NCM policies that you create to meet your security policy. Here’s an example showing how this would be configured within NCM.
