Archive for February, 2013

Far too many times we’re so deep into our IT careers we forget we were once novice engineers and others may have been frustrated by our lack of understanding. However, time and time again I find people state things like “They’re just not that smart” and this is a complete line of crap and this line of thinking needs to be eradicated from all of our minds. I am guilty of this but I find it makes me look dumb to others. I challenge myself to stop thinking such negative thoughts and instead attempt to educate others and make them better engineers. In this field we’re not going to get anywhere if we horde knowledge and shut out others. Now, there are some men/women you just can’t reach no matter how much you care about helping them. If you find yourself explaining yourself over and over just ask yourself ‘Are they ignorant to what I am explaining or do they just don’t care?” Remember, we can actually fix “stupid” by educating but we can’t alter a persons bad work ethic.

Do NOT take the advice this idiot just gave the American public. Blindly discharging a weapon, from your balcony none-the-less, is illegal in most states. First, a shotgun is horribly inaccurate and you risk killing innocent people. Second, it is MUCH SMARTER to go inside your house and call the police and alert the “intruder” that you’re armed and will utilize deadly force to protect yourself. IF that “intruder” attempts to break in, just wait until entry is made and take the necessary corrective measures to protect yourself. If you shot the “intruder” on your yard and they were not visibly armed with a firearm, you could be facing murder charges.

Mr. Biden, I would highly recommend you retract your ignorant statement and apologize to the American public. You should advise the public that you’re an idiot when it comes to weapons and are in no way an expert to advise as to what weapon is more appropriate to defend your home or the homes of other Americans. You should also advise that a shotgun, especially a double barrel, is probably the dumbest weapon of choice for home protection because there really is no “aim” and you get two shots, better hope they land properly on your target or you’re screwed with a pissed off “intruder”.

People, do not take his stupid advice as you’re setting yourself up to be imprisoned for murder. Local authorities and local statutes don’t give a hoot that Joe Biden said this. Save yourself from stupidity and prison and properly educate yourself if you choose to become one of the millions of responsible firearm owners.

I see a lot of confusion about the Type-4 LSA and what it does. This confusion is high in the CCNA world because little is explained about it and one might think it is useless; however, this is valuable when you’re learning or doing route redistributing into OSPF using External type-2 redistributed routes with multple ASBRs redistributing the same external routes. Read more… Read the rest of this entry »

Spanning-tree is the red headed step child of networking and I firmly believe it is not spanning-trees fault, I blame ignorance of the engineer. Spanning-tree is a tool and like any tool it is typically designed with a specific purpose; however, like most tools in life, you can apply the tool against something else not intended to get desired results. The ignorance people have for spanning-tree causes a lot of issues on networks I have had to resolve in the past and they were relatively easy to resolve. I will explain the single most forgotten configuration parameter: bridge priority: Read the rest of this entry »

Quite often I hear people reference the Native VLAN and they’re unsure what exactly they’re talking about. In the RFC standards “Native” is considered an “Untagged” VLAN on a port and that is the preferred terminology. So, this is really simple, “native” means “Untagged” because on each Cisco “Trunk” port you can have a different native VLANs on each Cisco “Trunk” port. Thus, the concept of a native VLAN isn’t always VLAN 1 it is just a convenience that VLAN 1 is the default VLAN on Cisco switches when they’re unpacked and that confuses most people. In reality, you won’t have an untagged port on a Cisco trunk because you’d rather have all inter-switch traffic tagged to prevent VLAN-hopping.

In a VTP environment I would recommend using passwords in your domains to prevent malicious users from screwing with your VTP domain. Just remember, if they have the domain name and a higher revision number, you can kiss your setup goodbye! Make sure the passwords are set on each switch and good luck.

If you’re wondering if you should use this I think you should. Having any traffic unauthenticated is just stupid and you’re asking for issues on your network with someone coming in and sniffing your traffic and discovering that you have hello messages with no or plain text authentication set. One shouldn’t have to explain the benefits; however, do understand that EIGRP has the advantage of using multiple keys in a ring that have expirations which helps rotate keys to prevent someone from getting a key that has been in use for years. OSPF does not have such a feature in IOS.

You can use tcpdump or wireshark but if you have a Linux box handy you can install: cdpr. It makes life easy like this:

cdpr -v

Just follow the prompts for selecting the interface and wait for the cdp transmission to come through. Understand that some values, like Native VLAN, are in hexidecimal and you’ll need to convert it to decimal. Otherwise, happy hunting.

You can’t disable spanning-tree on a per-port bases in IOS but you can disable spanning tree per VLAN using the global command:

no spanning-tree vlan vlan-id