DOCSLIB.ORG

IOS XE : Enabling the Digital Network Architecture

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
IOS XE : Enabling the Digital Network Architecture IOS XE : Enabling the Digital Network Architecture Muhammad A Imam BRKARC-3300 Cisco Spark Questions? Use Cisco Spark to chat with the speaker after the session How 1. Find this session in the Cisco Live Mobile App 2. Click “Join the Discussion” 3. Install Spark or go directly to the space 4. Enter messages/questions in the space Cisco Spark spaces will be cs.co/ciscolivebot#BRKCRS-3300 available until July 3, 2017. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public The goal of this session is to give you an understanding of what IOS-XE 16.x is, why would you care and how it works. BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Agenda • Cisco IOS and its Evolution • The Vision of IOS XE • IOS XE Architecture • Benefits of the New Architecture • Wrap up & Summary Muhammad currently works as a Sr. Manager Technical Marketing for Data Center & Enterprise Muhammad A Imam Switching Group. Muhammad joined Cisco in Sr. Manager Technical Marketing 2008 and has around 15 years of experience in the networking industry. Currently he leads a CCIE#27739 team of Catalyst Products TMEs. He is one of the first TMEs to work on Catalyst 3850/3650 and has worked on all Catalyst Switching products over the years. He also contributes to Enterprise Network designs and Next Generation Platform Architectures. In the past he has held roles in Development, Test and Support of different products ranging from Routers, Switches, Firewalls, etc. @m_a_imam Muhammad holds a Masters degree in Electrical & Computer Engineering. He also maintains a [email protected] CCIE #27739 in Routing and Switching. BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Historical View of Cisco IOS NX-OS 2008 IOS-XR 2004 12.2SX 12.2SE IOS 1986 12.2S 12.2SR 12.2SG IOS 9.x 10.x… 11.x... 12.x IOS XE Operating IOS XE IOS 15.x IOS XE Denali System IOS 9.x BinOS M&T Release NOVA 16.1 LAN Switching, 6.0 3.x 3.x Cat3850 Remote Access, WAN Switching ASR1000, ISR Cisco’s Cat3850 Cisco was Shipped First Cat4K born AGS Router ASR1000 1984 1986 1993 2007 2009 2010 2015 Timeline unevenly distributed BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Historical View of Networks BYOD, Video, Cloud Connect multiple Networks Internet Era BYOD, Video, Cloud Digitization LAN Switching, Routers & Switches Cat3850 Remote Access, WAN Switching ASR1000, ISR Cisco’s Cat3850 Cisco was Shipped First Cat4K born AGS Router ASR1000 1984 1986 1993 2007 2009 2010 2015 Timeline unevenly distributed BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 Introduction to DNA Network Requirements for the Digital Organization Insights & Automation Security & Actions & Assurance Compliance Drive Business Speed, Simplicity Real-time & Dynamic Innovations and Visibility Threat Defense Cisco Digital Network Architecture (DNA) © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Digital Network Architecture – What’s New Network-enabled applications Cloud Service Management DNAPolicy |Center Orchestration OpenAPIC APIs -| EM,Developers ISE, environment NDP Automation Identity Analytics Intent Network Policy Identity Access Policy Network Data Insights SD-Access & Assurance Open & Programmable | Standards-based Infrastructure Physical & Virtual | Network Function Virtualization | App Hosting Secure | CloudCAT9K-enabled | Software-delivered © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public The Vision of IOS-XE Denali Forward Vision – IOS XE Denali 16.x.y Manageability Prime Infra. APIC-EM WebUI CLI, SNMP, RESTConf, NETConf Operating System Unified Software Stack (IOS-XE 16) Platform ASICs/CPU Switches Wireless Routers One OS Across Enterprise Platforms BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 One OS Network • Enables rapid deployment of new Administrator solutions • Simplified Network administration • Similar CLI • Ease of scripting • Software lifecycle management • Faster learning curve! CLI, SNMP BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Open IOS XE Architecture Open IOS-XE IOS IOS XE 3.7.x(SE) Open IOS XE 16.5.1 IOS IOSd Hosted Apps IOSd Hosted Apps IOS Sub WCM SystemsIOS Sub LXC* LXC* Features IOSd Blob SystemsIOS Sub Features Components Components Systems Wireshark LXC* Wireshark Common CommonCommon InfrastructureInfrastructure / / HAHA Infrastructure / HA Management ManagementManagement Interface Interface Interface IOS-XE ModuleModule DriversDrivers Module Drivers DB KernelKernel Kernel Same Binary Image Across all Catalyst 9K Family BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17 Open IOS XE – Key Architectural Enhancements IOS XE Denali 16.5.1 IOSd Hosted Apps IOS Sub Systems IOS Sub SystemsIOS Sub LXC* LXC* IOSd Blob SystemsIOS Sub Systems LXC* Wireshark IOS XE Database Common Infrastructure / HA (Crimson Database) Management Interface IOS-XE Module Drivers DB LXCs Support Kernel BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Open IOS XE – IOS Sub Systems BGP IOS Sub Systems IOSd Blob IOS Sub Systems OSPF IOS Sub Systems MPLS, etc Failure of one of the Sub Systems Keeps Rest of the System intact IOS-XE DB IOS Sub Systems Enhances IOS Resiliency BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 IOS XE – IOS-XE 16.x (Illustrative View) Session FMAN- Manager RP Wireless HA Controller FMAN-FP Consolidate d Logging IOS Sub IOS Stack Manager Systems (3K) Internal IPC IOS Sub IOS Licensing Systems IOS Sub IOS Services Systems Features PD Comet Crimson DB External Libraries/ SMAN Transports ServiceServices Utilities Platform UADP (TCP/SCTP/ s ASIC Chassi Drivers UDP) Services Drivers Chassiss Blob Low Level APIs ManageFS r Process FrameworkAvailability PacketLSMPI, Delivery LFTS Service FED Manager IOSd Kernel © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 Open IOS XE – DB Link STP OSPF Logs State State State Link MST Logs State State IOS-XE DB BGP Tunnel State State The DB contains the Operational and Configurational States BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21 Open IOS XE – DB Higher Application UP Time IOSd Sub Systems IOS-XE DB Config & Operational Quicker Recovery States Decoupling Code & Data protects the Operational & Configurational States Better Convergence BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 Distributed Database – Lets take an example… Processes (Code) States (Data) BGP EtherChannel Netflow Crimson DB Multicast ??? Data & Code Separation BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 Open IOS XE – DB Link STP OSPF Logs State State State Link MST Logs State State Data Models BGP Tunnel State State Open IOS XE enables Programmability & Data Models BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 IOS-XE Database – Enabling Programmability APP1 APP2 APP3 APP4 Model Driven APIs XML JSON GPB netconf Restconf gRPC Yang Models Crimson Interface Open Apps Crimson DB App Hosting Environment Control Plane Linux Kernel Data Plane BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 Open IOS XE – Containers IOS XE Denali 16.5.1 IOSd Hosted Apps LXC* LXC* LXC* Wireshark Common Infrastructure / HA Management Interface IOS-XE Module Drivers DB Kernel Decoupled Execution Space BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 Benefits of Modern Architecture RAFA (Run Any Feature Anywhere) RAFA (Run Any Feature Anywhere) • Feature Velocity Across Platforms • No Need to touch Platform Independent Pieces of Software MPLS • Platform Dependent Piece of software need to be done AVC BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 29 NAT/PAT on Catalyst 9500 Static ALGs ( FTP, TFTP, ICMP) NAT in Hardware Up to 8K flow 14K Scale Dynamic (3/5-tuple) INSIDE OUTSIDE A X A B C X Y Z B Y C Z BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 30 MPLS on Catalyst 3850/9K POS Medical Device Network Other Network Doctor Staff Line of business – BU segmentation Payment Card Industry Hospital Network INTERNET Bring-Your-Own-Device (BYOD) Mergers and Acquisitions Multi-Tenancy BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 AVC on Catalyst 3850/9K • Filter Monitoring Over Ingress/Egress interfaces and direction • Identify Top Talkers • Monitor Data over 2, 24 or 48 hours • Monitor percentage Bandwidth usage BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32 Model Driven Programmability Model-Driven Programmability Stack Apps App1 App2 App3 Model-Driven APIs APIs YANG Development Kit (YDK) Protocol NETCONF RESTCONF gRPC Encoding XML JSON Transport SSH HTTP YANG Models (native, open, common) Models Data Model Database BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 Cisco Device (YANG) Model Types (Open) Common (Cisco) Common (Cisco) Native Model Model Model • Industry definition • Cisco definition • Cisco definition • Compliant with standard • Common across 2 or • Unique to a single Cisco (IETF, ITU, etc.) definition more Cisco operating operating system systems • Compliant with customer definition (ie OpenConfig) Example: Example: Example: ietf-diffserv-policy.yang cisco-vxlan.yang Cisco-IOS-XR-ipv4-bgp- (IETF Diffserv data model) (IOS-XE/NX-OS VxLAN data model) cfg.yang (IOS-XR BGP data model) BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 35 NETCONF protocol stack CONTENT XML (based on YANG) OPERATIONS GET, EDIT-CONFIG, ETC MESSAGES RPC SECURE TRANSPORT SSH BRKCRS-3300 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 36 Options for accessing NETCONF YANGExplorer YANG Developer Kit (YDK) Cisco-developed GUI tool Access data models using for exploring data models, off-box Python scripts.
Load more

Recommended publications
  • Cisco Router Block Wan Request
    Cisco Router Block Wan Request Equalitarian Fletcher sometimes daggled any aftershock unchurch conceptually. Computational Felix never personifies so proficiently or blame any pub-crawl untunably. Precedential and unsupervised Scott outspoke while cephalic Ronny snag her midlands weak-mindedly and kotows unsafely. Can you help me? Sometime this edge can become corrupted and needs to be cleared out and recreated. Install and Tuning Squid Proxy Server for Windows. Developed powerful partnerships with each physical network address on wan request. Lot we need to wan request to establish a banner for each nic ip blocks java applets that you find yourself having different. Proxy will obscure any wan cisco require a banner for yourself inside network address in its child and password: select os of attacks? Authorized or https, follow instructions below and see if a cisco and share your isp and sends vrrp advertisements, surf a traveling businesswoman connects after migration done on. Iax trunk on vpn for ospf network devices and how will have three profiles to be found over time a routing towards internet security profile. Pfsense box blocks as your wan cisco router request cisco router block wan requests specifically for commenting. Centralize VLAN, outbound policy, firewall rules, configuration profiles and more in minutes. Uncheck block cisco router wan request check box displays detailed statistics: wan request through our go. Fragmentation is choppy and asa would be the cisco request to content; back of connect wan rules for outside world? Is to configure static content on the result in theory this may block cisco wan router request check out ping requests.
    [Show full text]
  • AWS Site-To-Site VPN User Guide AWS Site-To-Site VPN User Guide
    AWS Site-to-Site VPN User Guide AWS Site-to-Site VPN User Guide AWS Site-to-Site VPN: User Guide Copyright © Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. AWS Site-to-Site VPN User Guide Table of Contents What is Site-to-Site VPN ..................................................................................................................... 1 Concepts ................................................................................................................................... 1 Working with Site-to-Site VPN ..................................................................................................... 1 Site-to-Site VPN limitations ......................................................................................................... 2 Pricing ...................................................................................................................................... 2 How AWS Site-to-Site VPN works ........................................................................................................ 3 Site-to-Site VPN Components .....................................................................................................
    [Show full text]
  • IOS XR Attestation Trust Me, Or Trust Me Not?
    IOS XR Attestation Trust me, or Trust me not? Dan Backman, Portfolio Architect @jonahsfo BRKSPG-1768 Cisco Webex Teams Questions? Use Cisco Webex Teams to chat with the speaker after the session How 1 Find this session in the Cisco Events Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda • Risks to the Network Infrastructure • Measuring and Validating Trust in Cisco IOS-XR routers • New commands for Trust Integrity Measurement in IOS XR • Building a Service to Report on Trust Evidence • Conclusion BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Trusted Platform “Integrity, not just security.” © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public “Network devices are ideal targets. Most or all organizational and customer traffic must traverse these critical devices.” Source: US-CERT Alert (TA18-106A) Original release date: April 16, 2018 “The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations.” Source: US-CERT Alert (TA16-250A) Original release date: Sep 6, 2016 BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Growing Concerns for Service Providers Targeted attacks on Critical Infrastructure Impact on Economy Untrusted Locations Complex to Manage BRKSPG-2415 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 How do I know my device has not been compromised? What is Trustworthy and Why Does It Matter? To build a trustworthy platform The network infrastructure must be constructed on a platform of trustworthy technologies to ensure devices operating are authentic and can create verifiable evidence that they have not been altered.
    [Show full text]
  • Glossaire Des Protocoles Réseau
    Glossaire des protocoles réseau - EDITION LIVRES POUR TOUS - http://www.livrespourtous.com/ Mai 2009 A ALOHAnet ALOHAnet, également connu sous le nom ALOHA, est le premier réseau de transmission de données faisant appel à un média unique. Il a été développé par l'université d'Hawaii. Il a été mis en service en 1970 pour permettre les transmissions de données par radio entre les îles. Bien que ce réseau ne soit plus utilisé, ses concepts ont été repris par l'Ethernet. Histoire C'est Norman Abramson qui est à l'origine du projet. L'un des buts était de créer un réseau à faible coût d'exploitation pour permettre la réservation des chambres d'hôtels dispersés dans l'archipel d'Hawaï. Pour pallier l'absence de lignes de transmissions, l'idée fut d'utiliser les ondes radiofréquences. Au lieu d'attribuer une fréquence à chaque transmission comme on le faisait avec les technologies de l'époque, tout le monde utiliserait la même fréquence. Un seul support (l'éther) et une seule fréquence allaient donner des collisions entre paquets de données. Le but était de mettre au point des protocoles permettant de résoudre les collisions qui se comportent comme des perturbations analogues à des parasites. Les techniques de réémission permettent ainsi d'obtenir un réseau fiable sur un support qui ne l'est pas. APIPA APIPA (Automatic Private Internet Protocol Addressing) ou IPv4LL est un processus qui permet à un système d'exploitation de s'attribuer automatiquement une adresse IP, lorsque le serveur DHCP est hors service. APIPA utilise la plage d'adresses IP 169.254.0.0/16 (qu'on peut également noter 169.254.0.0/255.255.0.0), c'est-à-dire la plage dont les adresses vont de 169.254.0.0 à 169.254.255.255.
    [Show full text]
  • Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 6.X First Published: 2013-11-20 Last Modified: 2014-09-26
    Cisco Nexus 9000 Series NX-OS Fundamentals Configuration Guide, Release 6.x First Published: 2013-11-20 Last Modified: 2014-09-26 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • Ipv6 at Home
    IPv6 at Home Jeremy Duncan 20 November 2014 tachyondynamics.com © Tachyon Dynamics – Confidential 1 11-5-23 Overview • IPv6 and the residential service providers • IPv6 residential deployment scenarios • Hurricane Electric • SixXs • GoGo6 • Tunnel providers to never use • Demo with Hurricane Electric and PFSense © Tachyon Dynamics – Confidential 2 Service Provider Status • Comcast • Verizon FiOS • Cox • Time Warner • Mobile • Anyone else? © Tachyon Dynamics – Confidential 3 Comcast • The largest IPv6 residential deployment in the world to date • Information page: http://www.comcast6.net/ • Provides an extensive set of tools for IPv6 • Can test IPv6 capability: http://test- ipv6.comcast.net/ • Can test IPv6 speed using custom Ookla on native XFINITY speed test site: http://speedtest.comcast.net/ © Tachyon Dynamics – Confidential 4 Comcast © Tachyon Dynamics – Confidential 5 Comcast © Tachyon Dynamics – Confidential 6 Verizon FiOS “Verizon is rolling out IPv6 address space in a "dual stack" mode … The upgrades will start in 2013 and the first phase will include Verizon FiOS customers who have a dynamic IP address. Unless there is a need to enter an IP address directly, these changes will generally be transparent our customers” • Some limited commercial deployments, no residential – very far behind • Virtually no communication – no roadmap © Tachyon Dynamics – Confidential 7 Verizon FiOS Moving to new Greenwave G110 • 802.11ac (1.3 Gbps WiFi), Zigbee, IPv6 © Tachyon Dynamics – Confidential 8 Verizon FiOS ActionTech - MI424WR-GEN3I © Tachyon
    [Show full text]
  • Alternative Open E Free a Cisco IOS
    Alternative open e free a Cisco IOS • OpenWrt è una distribuzione Linux specifica per dispositivi embedded come router CPE, Smartphone pocket computer, o microcontrollori. • The OpenWrt Project is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use https://openwrt.org/ of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned. • As of January 2018, both the OpenWrt and LEDE projects agreed to re-merge back under the OpenWrt name. OPENWRT - https://openwrt.org/ Dispositivi supportati ToH – Table of Hardware https://openwrt.org/supported_devices • DD-WRT è un firmware libero in grado di supportare decine di router Wi-Fi differenti. È distribuito sotto licenza GNU GPL v2. • Le versioni di DD-WRT fino alla v22 sono basate sul firmware Alchemy della Sveasoft, che a sua volta è basato sul firmware Linksys originale. Dalla versione v23 il firmware è stato in gran parte riscritto. Dopo la v24 esistono soltanto versione beta. ftp://ftp.dd- wrt.com/ • Il firmware implementa diverse funzioni non gestite dalla versione https://dd-wrt.com/ originale, tra le quali: WDS, IPv6, QOS avanzato, RADIUS, controllo della potenza radio, possibilità di overclocking, routing statico, gestione di reti VPN.
    [Show full text]
  • Cisco RISE Integration Overview
    Cisco RISE Integration Overview This chapter provides an overview of the Cisco Remote Integrated Service Engine (RISE) protocol with an external service appliance and the Cisco Nexus Series switches. Cisco RISE is an architecture that logically integrates an external service appliance, such as a Citrix NetScaler Application Delivery Controller (ADC) appliance appears and operates as a service module within the Cisco Nexus switch. The Cisco NX-OS software in which RISE is supported supports the Cisco Nexus Series switches. Note Support for the RISE feature has been deprecated in Cisco NX-OS Release 8.4(1). This chapter includes the following sections: • Licensing Requirements, on page 1 • Finding Feature Information, on page 1 • Citrix Netscaler Application Delivery Controller (ADC), on page 2 • Cisco Prime NAM Appliances, on page 2 • RISE Functionality, on page 2 • One-Arm Mode Deployment, on page 3 • High Availability, on page 4 • Virtualization, on page 4 Licensing Requirements For a complete explanation of Cisco NX-OS licensing recommendations and how to obtain and apply licenses, see the Cisco NX-OS Licensing Guide. Finding Feature Information Your software release might not support all the features documented in this module. For the latest caveats and feature information, see the Bug Search Tool at https://tools.cisco.com/bugsearch/ and the release notes for your software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the “New and Changed Information” section or the "Feature History" table. Cisco RISE Integration Overview 1 Cisco RISE Integration Overview Citrix Netscaler Application Delivery Controller (ADC) Citrix Netscaler Application Delivery Controller (ADC) The Citrix Netscaler Application Delivery Controller (ADC) is a network switch that performs application-specific traffic analysis to intelligently distribute, optimize, and secure layer 4 to layer 7 network traffic for web applications.
    [Show full text]
  • Vyos Documentation Release Current
    VyOS Documentation Release current VyOS maintainers and contributors Jun 04, 2019 Contents: 1 Installation 3 1.1 Verify digital signatures.........................................5 2 Command-Line Interface 7 3 Quick Start Guide 9 3.1 Basic QoS................................................ 11 4 Configuration Overview 13 5 Network Interfaces 17 5.1 Interface Addresses........................................... 18 5.2 Dummy Interfaces............................................ 20 5.3 Ethernet Interfaces............................................ 20 5.4 L2TPv3 Interfaces............................................ 21 5.5 PPPoE.................................................. 23 5.6 Wireless Interfaces............................................ 25 5.7 Bridging................................................. 26 5.8 Bonding................................................. 27 5.9 Tunnel Interfaces............................................. 28 5.10 VLAN Sub-Interfaces (802.1Q)..................................... 31 5.11 QinQ................................................... 32 5.12 VXLAN................................................. 33 5.13 WireGuard VPN Interface........................................ 37 6 Routing 41 6.1 Static................................................... 41 6.2 RIP.................................................... 41 6.3 OSPF................................................... 42 6.4 BGP................................................... 43 6.5 ARP................................................... 45 7
    [Show full text]
  • Cisco IOS Appletalk Configuration Guide Release 12.4
    Cisco IOS AppleTalk Configuration Guide Release 12.4 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Customer Order Number: DOC-7817505= Text Part Number: 78-17505-01 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • Securing Your Home Routers: Understanding Attacks and Defense Strategies of the Modem’S Serial Number As a Password
    Securing Your Home Routers Understanding Attacks and Defense Strategies Joey Costoya, Ryan Flores, Lion Gu, and Fernando Mercês Trend Micro Forward-Looking Threat Research (FTR) Team A TrendLabsSM Research Paper TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information Contents and educational purposes only. It is not intended and should not be construed to constitute legal advice. The information contained herein may not be applicable to all situations and may not reflect the most current situation. 4 Nothing contained herein should be relied on or acted upon without the benefit of legal advice based on the particular facts and circumstances presented and nothing Entry Points: How Threats herein should be construed otherwise. Trend Micro reserves the right to modify the contents of this document Can Infiltrate Your Home at any time without prior notice. Router Translations of any material into other languages are intended solely as a convenience. Translation accuracy is not guaranteed nor implied. If any questions arise related to the accuracy of a translation, please refer to 10 the original language official version of the document. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or Postcompromise: Threats enforcement purposes. to Home Routers Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro makes no warranties or representations of any kind as to its accuracy, currency, or completeness. You agree that access to and use of and reliance on this document 17 and the content thereof is at your own risk.
    [Show full text]
  • Cisco IOS Shell Configuration Guide, Cisco IOS Release 15SY
    Cisco IOS Shell Configuration Guide, Cisco IOS Release 15SY Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]