Some notes:
If IPsec, then check input access list| 1 Source: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml
Real source: http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/WAASDC11.html
|
Life of a Packet—IOS Basic Order of Operations
April 2, 2013
The Helmet
March 14, 2010
“There are many things, that you can point to, and prove humans are not smart. But my personal favorite would have to be, that we had to invent the helmet. What was happening, apparently, is that we were involved in a lot of activities that were cracking our heads.
We chose not to avoid these activities but instead come up with some sort of device to help us to continue to enjoy, our head-cracking lifestyle. The Helmet !
Even that didn’t work, because enough people weren’t wearing them, so we had to come up with the helmet law, which is even stupider because the idea behind the helmet law is to preserve a brain, who’s judgment is so poor, that it doesn’t even try to stop the cracking of the head it’s in!”
– Jerry Seinfeld
Its BLUE MOON today
January 30, 2010As seen by my lil berry … 🙂 couldn’t gasp it to the full of it though.
Men at work :)
January 30, 2010Heh, not the best posture but it works !!! For long bitch-fest meetings and chronic bridges … 🙂
Lahore’s live temprature.
January 2, 2010So it just clicked my mind – not sure if its a good idea or not but I have a temp beacon working on my roof top, and I’m relaying the temperature updates over to twitter after every 30 mins from Lahore 🙂 ENJJOY it here :
Technology Rulez
February 11, 2009so here’s a short funny side of technology –
i saw my aunt calling from Faisalabad (Approx. 200 Kms away from Lahore) to my mom on PTCL landlin number and asking her to call her husband (who is also in Faisalabad) on cell phone so that he can bring bread and eggs while coming back to home. Weird isn’t it ? here’s the key – since my aunt got PTCL Unlimited Nation wide calling – she called on a landline for free and my mom’s cell phone is of same service provider as uncle’s is – so its a win-win on both side
howzaat ? funny isn’t it 🙂
do you have any first hand account of your family/friends using technology to the most – feel free to comment.
BGP Multihome and my fluic condition :|
October 5, 2008So finally i made up my mind to finish up an old research i was working on – this to multihome with two ISP between two different locations.
I ended up waking around 4 AM in the morning due to my flu and then thought to use my time for this task.
As many people end up with questions and problem and dream to achieve it without any issues, i’m gonna post out the details .
Task Details:
Subnet : 2x.1x.2x.0/23 needs to be advertised via two ISP for redundancy between datacenters.
Upstream providers:
Global Crossings, Level 3
I’m assuming following steps has been followed already before configurations:
Step – 1 : would be to own and register a public ASN
Step – 2: would be to talk with both upstream providers and get appropriate filters updated so that you can advertise your IP block as you want on both providers. Some ISP’s dont allow to go under /24 – ideally in filters i would break a /23 like below:
- 2x.1x.2x.0/23
- 2x.1x.2×1.0/24
- 2x.1x.2×2.0/24
This way you have two options,
- Redundancy by prepaending AS PATH
- Load-balancing by subneting and advertising more specifics
– Scenario:
Both routers needs to run IGP between, my personal prefference is EIGRP which is NOT COMPLEX and is MORE FLEXIBLE than running OSPF 🙂 (i beg to differ)
As both routers are not connected directly, but have IP routing internall, i have made up a GRE IP to IP Tunnel between both routers:
Philadelphia Router:
interface Tunnel9999
description %TUNNEL TO LEVEL3 DIA ROUTER%
ip address 192.168.192.1 255.255.255.252
ip tcp adjust-mss 1436
ip summary-address eigrp 1 0.0.0.0 0.0.0.0 250
keepalive 10 3
tunnel source 10.x.x.x
tunnel destination 10.x.x.x
end
Pittsburgh Router:
interface Tunnel9999
description %TUNNEL TO GBLX DIA ROUTER%
ip address 192.168.192.2 255.255.255.252
ip tcp adjust-mss 1436
ip summary-address eigrp 1 0.0.0.0 0.0.0.0 250
keepalive 10 3
tunnel source 10.x.x.x
tunnel destination 10.x.x.x
end
EIGRP Configs:
Philadelphia Router:
router eigrp 1
passive-interface default
no passive-interface Tunnel9999
network 192.168.192.0 0.0.0.3
no auto-summary
eigrp router-id 10.x.x.x
eigrp stub connected
!
Pittsburgh Router:
router eigrp 1
passive-interface default
no passive-interface Tunnel9999
network 192.168.192.0 0.0.0.3
no auto-summary
eigrp router-id 10.x.x.x
eigrp stub connected
!
I’ll post out the BGP configs in another post as can’t any more. Current challenge i have to cover is the ICMP/TRACEROUTE requests which are being tagged by 192.168.192.x address when primary ISP is down and traffic is routed from Level3 over to Philadelphia by GRE Tunnel. Its a bit complex and requires a debugging. Good practice is to always make a very specific ACL and use it for debugging instead of open debugging as your router will immediately sieze it self in processing DEBUG messages and you would end up loosing connection.
Following is my output:
*Oct 5 01:39:43.526: IP: s=2x.2x.1x.1x (Tunnel9999), d=2x.1x.2x.1, len 28, rcvd 0
*Oct 5 01:39:43.526: UDP src=49862, dst=33482
*Oct 5 01:39:43.526: IP: tableid=0, s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), routed via FIB
*Oct 5 01:39:43.526: IP: s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), len 56, sending
*Oct 5 01:39:43.526: ICMP type=3, code=3
*Oct 5 01:39:46.522: IP: s=2x.2x.1x.1x (Tunnel9999), d=2x.1x.2x.1, len 28, rcvd 0
*Oct 5 01:39:46.522: UDP src=49863, dst=33483
*Oct 5 01:39:46.522: IP: tableid=0, s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), routed via FIB
*Oct 5 01:39:46.522: IP: s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), len 56, sending
*Oct 5 01:39:46.522: ICMP type=3, code=3
*Oct 5 01:39:49.522: IP: s=2x.2x.1x.1x (Tunnel9999), d=2x.1x.2x.1, len 28, rcvd 0
*Oct 5 01:39:49.522: UDP src=49864, dst=33484
*Oct 5 01:39:49.522: IP: tableid=0, s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), routed via FIB
*Oct 5 01:39:49.522: IP: s=192.168.192.1 (local), d=2x.2x.1x.1x (Tunnel9999), len 56, sending
*Oct 5 01:39:49.522: ICMP type=3, code=3
The best ever thing on PTV !
August 6, 2008This clip is the last episode of Dhuwan ! the serial on PTV in 1990s – this was one of the best ever made drama by PTV in my opinion … the most interesting thing about this show was the reality – well most of the portion of this drama is true and applicable to most of the good police offers who were killed in the line of duty. I myself belong to a family full of law enforcement officers in police, intel and my own old affiliation with law enforcement, my khalo, my father, my mamon, myself , my younger brother and many others … i remmember a kidnap threat of me by a well known terrorist in punjab against my father when i was very young and one day for some reason, whole police in the town was looking for me while i was stuck in no where due to bad chain in bike with one of our bait officer … and then the hand grende threats .. those were some days 🙂 leaving all apart – here’s the video which i found today :
Returning – Half way around the world
August 2, 2008so finally after a long time, i’m returning back to Pakistan. Truly, this was my longest stay ever away from my home almost 3 months (except my boarding days at FC Colllege but i guess i used to see my family atleast in a month). It was a trip full of fun, travelling, learning and work.
I’m blessed to work in a company which has a unique vision, unique problems and unique infrastructure. Me along with my boss and our COO – share a strong ideology i.e. to get more and more jobs back in Pakistan – We started from 300 people 3 years ago and now we stand at a strong figure of 1000+ only in Pakistan. Hopefully we’ll be increasing this capacity in coming days in all fields starting from Software, IT till CSRs.
returning to my trip – it was part of my job duty as being global head of network operations which makes me travel annually to some places in and out of Pakistan. I travelled through Karachi, Doha, Dallas and returned to Philly’s town called “King Of Prussia”. Travelled throughout east cost starting from New York, New Jersey, Baltimore, Pittsburgh and till Florida.
The biggest achievement of my trip was to get hold of car provided by company and driving on interstate highways – so i finally got good grip on a right hand drive and it made my life easier in last 2 months – i was easily able to travel around – enjoy the Pizza at Tuscani, Coffee and late night sittings at Starbuck, and not to mention sandwiches of Taco Bell and Pot Belly 😀
Though i hear bad things about PK here, but i’m anxious to be with my family, some jack a$$ :@friends and Hamza kiddo. I wish i was back in Lahore when he was there for a month – i miss these days when he has started speaking in beautiful kido language saying Mamoon and Nano 😀 GOD ! i wanna fly directly to him in Isloo and give him hugs and gifts 😛
well i’m writing these lines from my office – sweeting all over – after cleaning up the data center along with my boss for AMEX visit on Wednesday. InshAllah i’ll write more when i get back in PK around 13 Aug.
tc amigos, tada
Priceless Moments
July 7, 2008
my 1s and 0s 