Search Results

MPLS is nothing more than another method of encapsulation which is primarily used for L2/L3 VPNs and traffic engineering Lets imagine a simple IP Transit network Looking at the diagram we can see that each router needs to know how to reach both Network A a...

LDP is used to exchange, build and maintain labels in MPLS enabled networks and to better understand label propagation, let's have a look at the following diagram On this diagram we can see six MPLS enabled routers with two /24 networks at the edge. Router ...

In our previous example we could see that both networks (A/24 and B/24) had to be a part of LDP exchange and, therefore, had to be learned by the transit routers. That, to a degree, defeats the purpose of MPLS where one of our goals is to avoid that. So what d...

As was discussed in the Introduction section, it's often required to transport the traffic across the core for overlapping networks (a good example of this can be an ISP providing end to end connectivity for Customer A and Customer B). In this case we will r...

First of all a couple of words on MPLS L2 VPNs. Generally speaking we have two types - Point to Point VPWS and Point to Multipoint VPLS. You can think of VPWS operating at Layer 1 and forwarding everything PE learns from Attached Circuit (AC) facing the CE in...

Generally speaking we have two options when it comes to WAN interconnects - either Point to Point or Point to Multipoint And while being perfectly normal for some of the use cases, in some others you might want to start thinking of adding more devices, circ...

So to deal with the challenges described in the previous chapter while also allowing for simplified and centralized management we could introduce an additional SD-WAN layer like this As you can see, nothing changes in our topology and we are still using red...

To answer the question of why VXLAN was even invented, let's have a look at what problems it's trying to address. First of all, if you try building a standard Layer two Clos topology like this, you will end up with STP which comes with two drawbacks - Roug...

So what is VXLAN ? Simply put, a protocol allowing to encapsulate L2 frames into it's own header and then carry those across L3 underlay network. Looking at the above diagram we can see two Virtual Tunnel End Points (VTEPs) having a Layer 3 connectivity be...

server { listen 80; server_name _; return 301 https://$host$request_uri; }

server { listen 443 ssl; server_name null.somedomain.name; ssl_certificate /etc/letsencrypt/somedomain.name/certificates/_.somedomain.name.crt; ssl_certificate_key /etc/letsencrypt/somedomain.name/certificates/_.s...

## # Server Signature ## more_set_headers "Server: <null>"; server_tokens off; ## # SSL Settings ## ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3 (POODLE), TLS 1.0, 1.1 ss...

Adding repository curl -s https://install.crowdsec.net | sudo sh Installing security engine apt install crowdsec Installing IPTABLES remediation component apt install crowdsec-firewall-bouncer-iptables Creating a whitelist for trusted sources cscli all...