The ramblings of a computer geek
The first part is a basic deployment of BGP between two routers (Router A and Router B) with a single point to point link. In this example, each router is within its own AS (Autonomous System). Therefore any routes exchanged between each AS are eBGP (external BGP) routes. Routes exchanged within an AS are known … Read more
An unexpected change in behaviour was observed in terms of the interlink ports 57,65. The default beheaviour of the ports on previous software version: 22.6.1.4 was that being they are QSFP (40Gbit) ports that they operated at 40Gbit being that the QSFP DAC cable was 40Gbit, i.e. there was no specific port configuration for the … Read more
There is an available Palo Alto firewall NagiosXI check which utilises the REST API to obtain state information from the firewall, this includes things such as PSU and FAN health. The plugin uses an API Key to allow access but to ensure you only allow the minimal privileges’ to get the information you need please … Read more
A plugin has been developed to allow the monitoring of the status of VPN Tunnels on the Palo Alto Firewall. The script uses the Palo Alto Firewall API to access the relevant part of the API “tree” to find the status of the VPN Tunnel(s). You can find the current version of the plugin here: … Read more
An Autonomous System Number (ASN) uniquely identifies a network or group of IP prefixes under a single administrative control that uses BGP to exchange routing information with other networks. Each ASN is used to tag routes in BGP so that routers can make loop-prevention and policy decisions. When two networks peer, they exchange routes with … Read more
Was working recently with some colleagues on their coursework, where they had a need to configure a Cisco ASA Firewall to prepare a network topology that met certain criteria. They were using Cisco Packet Tracer, but were having a problem creating sub-interfaces (for each VLAN), it seemed that Cisco Packet Tracer (or the current version … Read more
We had a bit of an oddity on an Extreme Networks SwitchEngine (XOS) switch running: 32.7.1.9patch1-26, devices connecting to a specific VLAN that should be authenticated by Netlogin (NAC) via radius were failing giving the error below. Checking the switch, the VLAN very much existed, so it was a mystery why it said it wasn’t. … Read more
If you have a VLAN which used as the source of multicast streams there are considerations on how it is used specifically when you are “stretching” that VLAN across the fabric, i.e. you have the VLAN and router(s) for that VLAN on a particular distribution switch pair, but then you have the VLAN stretched across … Read more
Multicast is a networking method used to efficiently transmit data to multiple recipients simultaneously. Unlike unicast (one-to-one) and broadcast (one-to-all) communication, multicast is a one-to-many or many-to-many method where data is sent only to devices that are interested in receiving it, rather than to all devices on a network. In multicast, devices that want to … Read more
The Palo Alto Firewall GUI is really slick, but sometimes its handy to create using the CLI, perhaps if you have a large number of changes that need to be made at once. Within this example, we’ll create a zone, then an Interface (on an Aggregate Interface), give it an IP address, apply a management … Read more