At times I have trouble focusing on writing articles for some of the presentations I am exposed to at Tech Field Day. Because of that, I really wanted to try something different. This article is more of my free-formed thoughts about NSX and why I’m excited to deploy it at my current $job. From the […]
AS-Path Filtering
Before we get into the how, let’s talk about the why. According to the CIDR Report, the global IPv4 routing table sits at about 525,000 routes, it has doubled in size since mid 2008 and continues to press upwards at an accelerated rate. This momentum, which in my estimate started around 2006, will most likely […]
Using Deny ACEs in your PBR ACL on your Nexus 7k
Quite a while ago I had a need for some network duct tape… Policy Based Routing while useful should only IMHO be used as a temporary fix. But as you know, temporary things soon become part of production and they end up staying around far too long. But I digress. I had a need for […]
Time-based ACLs
Ever since Cisco released IOS 12.0.1T we’ve had the ability to broaden the reach of the extended ACL to allow the influence of time. Time-based ACLs reference a time range that is identified by a name, during that time the ACL is in effect. The time range relies on the router system clock. While router […]
Using Discontiguous Wildcard Masks in ACLs
Unlike subnet masks, wildcard masks allow you to use discontiguous bits which enable you to match on a range of values. Using these within routing protocols is typically frowned upon, if not outright prohibited. Unfortunately, there are those individuals who strive to trim every line they can from their ACLs. Can you say job security […]
IOS ACL Resequencing
This is one of those tricks you wish you learned about 10 years ago, but never did. You know how easy it is to mess up a nice looking access list. You get one setup on the router, and then you end up tinkering with it over the next month and the next thing you […]
