Monthly Archives: January 2017

VRF Series Article 5 – Stateful Inter-Vrf connectivity

This is the fifth and final article in a series that focused on Segmenting Layer 3 Networks with VRFs. In the third article, we discussed creating a shared services VRF and using it within the otherwise segmented network. In that … Continue reading

Posted in Uncategorized | Tagged , | 2 Comments

VRF Series Article 4 – VRF-lite in a DMVPN Network

As we’ve progressed through the Segmenting Layer 3 Networks with VRFs series, we have continued to build out a network that looks more like what we would see within an enterprise environment. This post takes it one step further and … Continue reading

Posted in Uncategorized | Tagged , | 1 Comment

VRF Series Article 3 – Creating a Shared Services VRF

For those following the VRF Series, we currently have a topology built that consists of a segmented Layer 3 first hop network and remotely networked by carrying the isolation from the BrWan router to Main. This article covers, shared services, … Continue reading

Posted in Uncategorized | Tagged , | 2 Comments

VRF Series Article 2 – Extending L3 Segmentation with VRF-lite

In the last article, we took an initial look at L3 segmentation with VRFs. In that case, we created a basic first hop configuration that had isolated pci and data segments. In reality, most networks are far larger and more … Continue reading

Posted in Uncategorized | Tagged , | 2 Comments

VRF Series Article 1 – Basic L3 Segmentation with VRFs

Network engineers are well aware of the Layer 2 isolation properties of VLANs. Their use is so pervasive that they are second nature to most. This article is the first in a series that outlines specifically how VRFs can be … Continue reading

Posted in Uncategorized | Tagged , | 2 Comments

Segmenting Layer 3 Networks with VRFs

I am creating a multi-part series that focuses on Layer 3 network segmentation. This post serves as a landing point and aggregation place for these topics. As the series is built out, the individual links will be available below. Articles … Continue reading

Posted in Uncategorized | Tagged , | 6 Comments

APIC-EM Data Export

I was at a Cisco DNA customer event on Thursday. Someone in the audience asked a very good question. Basically they wanted to know if there was a way to extrapolate data from the APIC-EM network management tool. At first … Continue reading

Posted in Uncategorized | Leave a comment

ASA Pro Tip — A Better Prompt

The Cisco ASA FW has a simple and robust failover mechanism. It works so well that sometimes an administrator may not realize that the load has moved from the primary device to the secondary device. When connecting to the IP … Continue reading

Posted in Uncategorized | 2 Comments

ASA Active/Standby with BDI/BVI

I see a lot of ASA designs and they are typically flanked with switches. One of the reasons for this is that the failover requirements typically dictate that the devices to be layer 2 adjacent in each security zone. There … Continue reading

Posted in Uncategorized | 8 Comments