Recent posts

Zone-Based Policy Firewall, Part 2

August 13, 2013

In my previous post I touched on the four parts (Zones & Zone Members, Class Maps, Policy Maps and Zone Pairs) which make up a ZFW configuration. In this post I will explain the “actions” which are used to tell the router how to handle inbound and outbound traffic flows. Actions Actions are applied to Class Maps which as they’re being nest...

Zone-Based Policy Firewall, Part 1

August 12, 2013

Cisco’s Zone-Based Policy Firewall (ZFW) can be quite confusing when you first start looking in to it, so over the next couple of blog posts I hope to provide readers with some useful information. Having said that, I’ll do my best to avoid reinventing the wheel given that Cisco has already done a great job of documenting ZFW. ZFW Parts ZFW is ...

Subnetting Made Easy, Part 3

August 04, 2013

Note: For the first post in this series, please see the Subnetting Made Easy, Part 1 post. Recently I received an e-mail from a reader who was having trouble with one of their labs. The lab required them to write an ACL which matches only part of a subnet, as opposed to the whole subnet which is what is commonly seen in lab environments. The de...

Shape Average Vs Shape Peak - Part 3

July 30, 2013

In my previous post in this series I covered the difference between Shape Average, Shape Peak and Shape with no Excess. Now that that’s out of the way, let’s get down to configuration examples. I’ll use similar specifications to the ones I used last time: CIR = 512kbps (512,000 bps) Bc = 5,120 bps Tc = 10ms (0.001 seconds) Be = 5,120 b...

EIGRP No Auto Summary Command, Part 2

July 20, 2013

A few years ago I wrote a blog post about EIGRP and the “auto-summary” command called EIGRP No Auto Summary Command, Part 1. In that post I provided a brief description of what “auto-summary” does and demonstrated how it works by creating a basic lab. Now that you’ve seen the basics though, it is time to dig a little deeper. In the previous pos...