DDoS Protection with NetFlow

DDoS Protection: The Problem with NetFlow

“Netflow collection.” This is what I kept hearing from DDoS providers when I asked how they monitored networks.  But there are a couple problems with utilizing NetFlow. Problem 1: Sampling Rates… I’ve very rarely seen a sampling rate of 1 on routers.  Cisco’s CRS shelves and ASR9ks as well as Juniper’s TX Matrix Plus and MX960s are certainly capable … Continue Reading

SSH to a New Cisco IOS-XR Device

If you have a Cisco device you’re wanting to get SSH access to, you can’t just SSH into the box right from the get go. There are a couple things to do first:  Add an IP Address to an Interface (from config mode)

Enable SSH (from config mode)

Create a DSA key (from … Continue Reading

Configure Fabric Extender to Nexus 5k via Port-Channel

First, let’s just enjoy this moment.. This is my first Cisco-centered blog…. EVER! Ok, now that we’re done with that collective “WHAT?!!”, let’s get to business! Cisco has a pretty neat technology called Fabric Extenders. If you follow my blog, then you’re probably a Juniper gear-head, so think of it as EX virtual-chassis’ using the … Continue Reading