Recent posts

Zone-Based Policy Firewall, Part 1

August 12, 2013 | 6 minute read

Cisco’s Zone-Based Policy Firewall (ZFW) can be quite confusing when you first start looking in to it, so over the next couple of blog posts I hope to provide readers with some useful information. Having said that, I’ll do my best to avoid reinventing the wheel given that Cisco has already done a great job of documenting ZFW. ZFW Parts ZFW is ...

Subnetting Made Easy, Part 3

August 04, 2013 | 1 minute read

Note: For the first post in this series, please see the Subnetting Made Easy, Part 1 post. Recently I received an e-mail from a reader who was having trouble with one of their labs. The lab required them to write an ACL which matches only part of a subnet, as opposed to the whole subnet which is what is commonly seen in lab environments. The de...

Shape Average Vs Shape Peak - Part 3

July 30, 2013 | 2 minute read

In my previous post in this series I covered the difference between Shape Average, Shape Peak and Shape with no Excess. Now that that’s out of the way, let’s get down to configuration examples. I’ll use similar specifications to the ones I used last time: CIR = 512kbps (512,000 bps) Bc = 5,120 bps Tc = 10ms (0.001 seconds) Be = 5,120 b...

EIGRP No Auto Summary Command, Part 2

July 20, 2013 | 2 minute read

A few years ago I wrote a blog post about EIGRP and the “auto-summary” command called EIGRP No Auto Summary Command, Part 1. In that post I provided a brief description of what “auto-summary” does and demonstrated how it works by creating a basic lab. Now that you’ve seen the basics though, it is time to dig a little deeper. In the previous pos...

MTU Vs MSS - Part Two

May 24, 2013 | 2 minute read

A little while back I posted an entry called MTU Vs MSS - Part One. At the time the plan was to follow it up with Part Two a short time later, however, here it comes over a year late :) I do apologise for that. What prompted me to get back to writing Part Two was an e-mail from a reader who asked how I came to the conclusion that using the “ip ...