So, lets dig into LISP Routing a little more. If you have not done so, I would recommend you read my first post, since I am not going to review the concepts here. In this post, I am going to break things down into three steps: 1) how packets are forwarded (i.e. the data plane operation), 2) how mapping information is propagated (i.e. control plane operation), and 3) how we internetwork with non-LISP locations.
For starters, lets head into the weeds and take a look at the LISP header format. In the last post, I mentioned there is some flexibility in how handles IP addressing. The two examples below show a couple of scenarios: pure IPv4 and a IPv4/IPv6 hybrid:
Read More »
Tags: Cisco ONE, ip, IPv6, LISP, LISP Routing, routing, vm mobility
In a previous blog, I discussed questions you should ask before peering with your SP and possible configuration options. Since the Internet edge is where this peering occurs, it should also be the first point where you start to apply your organization’s security policies. Security is a critical part of IPv6 integration because IPv6 opens up another transport path into your network.
Read More »
Tags: Cisco Services, IPv6, IPv6-security, NAT, NPTv6
The Global Certification Team (GCT) is pleased to announce the Cisco Adaptive Security Appliance Services Module (ASA SM) blade for 6500 series & 7600 series on software version 9.0.(0)16 or later has received USGv6 Certification from University of New Hampshire – Interoperability Laboratory. The UNH-IOL uses this collaborative testing model to distribute the cost of performing trusted, third-party testing and validation. USGv6 testing covers 27 categories of USGv6 NPD tests. You can find the listing for Conformance testing v1.2 (12424) at the UNH Interoperability Lab. For more information, visit the Lab at https://www.iol.unh.edu/services/testing/ipv6/usgv6tested.php and Cisco.com GCT Security.
Get up to the minute updates on Cisco product certifications from the official GCT twitter, @CiscoCertTeam!
Tags: 6500, 7600, Adaptive Security Appliance, ASA, cat6k, catalyst, GCT, IPv6, Module, service, SM, USGv6
I was interviewed recently for an article in Tweakers. It’s a good article, but I think a shade of meaning was lost in translation between Dutch and English. Hence, I’d like to restate the article in my own words.
The nuance of meaning revolves around the words “danger”, “threat”, and “crisis”. Joost opened the interview asking me whether I thought that IPv4 depletion presented a threat, and whether the Internet was in danger. I replied that there was a crisis, but not a threat.
Read More »
Tags: ipv4, ipv4 address exhaustion, IPv6
Do you remember the Internet coffee pot? Back in the earliest days of the Internet, researchers at the University of Cambridge put a constantly-updating image of their break-room coffee pot on the Internet. It had a utilitarian purpose – why go to the break room if the pot was empty? But it was also a bit of an Internet sensation. I still remember showing friends the coffee pot on the Mosaic browser and breathlessly exclaiming, “And this is all the way from England, and it’s live…”. There really wasn’t a lot of content on the Internet in those days.
Compare then to this: a coffee maker that tracks your usage, and wirelessly “phones home” to order refills when you’re close to using up all of your coffee pods. If you think this is unusual, then you better strap yourself in, because from here on, things will get faster. The next phase of the Internet is arriving sooner than you think with the Internet of Everything.
Read More »
Tags: Internet of Everything, IoE, IPv6, Smart Grid