A full understanding of the mechanics of uRPF (the different behaviors of the two modes especially), along with knowing the basic configuration and theory of how VACLs work, so when you are faced with tricky word play / config examples of either on a Cisco exam or while on the job troubleshooting a production network! … Continue reading TSHOOT – Unicast Reverse Path Forwarding (uRPF), and VLAN Access-List (VACL) details reviewed for exam day!
Above is a visual of Private VLANs and how they can communicate with each other, however this is going to be a lot of Switch security, so lets get to it. Port Security troubleshooting Some common issues that can cause Port Security not to work: Port Security is configured but not enabled - This is … Continue reading TSHOOT – Port Security, DHCP Snooping, IP Source Guard, DAI, Protected Ports, Private VLANs, and VACL Troubleshooting!
IP Source Guard is similar to Dynamic ARP Inspection in the way that it maps IP Addresses to certain criteria that must match or packets will be dropped, however this is configured solely on the interfaces and ties the IP Address of the device off that interface to its ip source verify table. You can … Continue reading Quick IP Source Guard Review, and how it differs from DAI (slightly) for exam day!
This is very complex (like pulling teeth), prepare yourself for a LOT of info! On an MLS Switch we have the TCAM that covers IP Routing, including Access-Control for Inter-VLAN communication (between VLANs / Subnets) at Layer 3, and for Access-Control for Intra-VLAN Communication (Between Hosts in the same VLAN / Subnet) we have VACLs … Continue reading VLAN Access-Control List / VACL – DEEP DIVE into Configuration, Verification, and a LOT of explanation! Prepare yourself!!