google.com, pub-5331922595023406, DIRECT, f08c47fec0942fa0 Computer Sevak

What is a stub area?

 A stub area is an area in OSPF which when configured does not accept routing updates from outside its autonomous system.

Spanning Tree Protocol Root bridge election

The switch with least bridge priority is elected as Root bridge.

If all switches in a single spanning tree have the same bridge priority, the switch with the lowest MAC address will become the root bridge.
32768 is the default value out of a range 0 to 61440 in increments of 4096. Valid bridge priority values are 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and 61440. All other values are rejected.
You can set the bridge priority to a low value to make it a root bridge manually. The default priority is (8) x 4096 = 32768 for most of the vendors.

What is the difference between Firewall and ACL?

ACL is part part of  Firewall. And Firewall is a whole security package. 

Firewall is a complete network security device or software that monitors and filters incoming and outgoing network traffic based on the security policies applied. 

An access control list (ACL) is a list of rules that specifies which users/systems/IP's are allowed or denied access to a particular system resource or network. 

What is Redistribution in Routing Protocols?

It is a concept by which two different routing protocols can communicate and exchange routing information with each other. 


Note: In below command OSPF shares routes learned from BGP Protocol with its OSPF neighbor. 

router ospf 100

router-id 2.2.2.2

redistribute bgp 10 route -map iBGP2OSPF


What is the Difference between Classless and Classful Routing?- Ask a network expert to learn in simple words

Classful routing do not advertise the subnet mask information along with the network prefix, while classless routing do advertise subnet information. Hence by this in classless routing VLSM will not be supported, even if added or advertised it will still consider the default class of the subnet. 

Packet Flow in Checkpoint Firewall

How Does the Pakcte Flow in Checkpoint Firewall?

SAM Database (Suspicious Activity Monitoring)

Address Spoofing

Session Lookup

Policy Lookup

Destination NAT

Route Lookup

Source NAT

Layer 7 Inspection

VPN

Routing.


Above is the various activities the cpaket is subjected to once a packet reaches a Checkpoint firewall. 

HPE Aruba Switch DHCP Server Setup Commands.

I will try to put the commands for Two vlans, One is a normal vlan - Test1 and the other a voice vlan so that I can include the voice command as well.  Bold characters are the commands and rest are descriptions. 

vlan 3  (vlan number)

   name "Test1" (vlan name)

   untagged 20-30 (untagged/access ports should be unique, 2 ports cannot be in same vlan as untagged)

   tagged 1 (Tagged ports/trunk for the vlan)

   ip address 10.10.10.1 255.255.255.0  (Ip address and subnet for the vlan)

   dhcp-server  (To enable DHCP Server for the VLAN)

   exit


vlan 5 (Vlan number)

   name "Test2" (Vlan name- Voice vlan)

   untagged 10-20 (Unatgged Ports)

   tagged 1-10 (Tagged Ports)

   ip address 10.20.20.0 255.255.255.0 (Ip address and subnet for the vlan)

   dhcp-server  (To enable DHCP Server for the VLAN)

   voice (Enable as Voice Vlan)

   exit


Above are the 2 vlans setup now we will see the commands to setup the DHCP Server, note both commands are to be setup on the same switch. The DHCP Server is setup compared based on the network ip address of vlan and not by name or anything else. 


dhcp-server pool "Test-1" (Changes name and added a - to prove that it will still work and not compare on name )

   authoritative (When DHCP server is configured as authoritative, the server will respond to all the received DHCP REQUEST packets belonging to the subnet. In Non-authoritative DHCP Server, DHCP INFORM packets received from the clients on a non-authoritative pool will be ignored.)

   default-router "10.10.10.1" (Default Router for the Pool)

   dns-server "10.10.10.20, 8.8.8.8" (DNS Servers you use or have)

   lease 08:00:00 (Lease duration this should be in Days-hours-minutes format)

   network 10.10.10.0 255.255.255.0 (Network Ip address and subnet)

   range 10.10.10.100 10.10.10.200 (Range you wanna configure the dhcp clients)

   exit

dhcp-server pool "Test-Voice"

   authoritative

   default-router "10.20.20.1"

   dns-server "10.10.10.20, 8.8.8.8"

   lease 08:00:00

   network 10.20.20.0 255.255.255.0

   option 150 (if you wish to add a additonal option to be considered- option <type> <value>)

   range 10.20.20.100 10.20.20.200

   exit

dhcp-server conflict-logging (Log any conflicts)

dhcp-server enable (Command to enable the DHCP Server- if you want to later change any above values you will have to disable DHCP server by dhcp-server disable command go to the pool and change values and enable again DHCP server by dhcp-server enable command for the changes to take effect)


Please leave comments if you have any questions.