Notes for OSPF DR/BDR Peering priority

  • Higher priority value (0-255) is better.
  • Default value is 1
  • Can be set via neighbor command or interface command.
  • Neighbor command sets neighbor priority while interface command sets its own interface priority. Thus, both commands will not interfere each other. Again, one is for neighbor and other is for its own interface.
  • If the local interface priority is set and the other router uses neighbor priority command, then interface priority will take precedence.

Continue reading

You think you know DTP?

First, What’s DTP? Having a look on Google will reveal quite a few (if not too many) article about DTP. It’s basically a protocol which negotiate whether a link should turn into a Trunk link or not. You might be aware that the newer switches (e.g. 3560 on-wards) will have its link set as Dynamic Auto by default.

3560(config)#do sh int f0/14 sw | i Administrative Mode
Administrative Mode: dynamic auto

Continue reading

Diffie-Hellman usage in IPSec

I’m intrigued with Diffie-Hellman usage in IPSec. Most of the sources you can find in the internet will explain you how Diffie-Hellman work. You might want to visit this YouTube video about Diffie-Hellman Key Exchange and probably another YouTube video if you still not getting it.

Skipped the history side of this, in short, Diffie-Hellman is a method so that you can exchange your secret key without the need to pass that key over the network. It can be done with this 5 simple steps.

Continue reading

CCIE RS Lab Exam failed, for the second time.

It’s been a good experience so far, knowing that I failed my CCIE R&S lab for the second time. Well, certainly not the best outcome but certainly was a good experience.

Last year, 31 May 2012, I failed my first lab exam. That time was pretty rough. I was too emotional and nearly walking out of the building for not knowing enough of the technologies. I came out of the building felling stress out. It could probably be that I went to the exam just couple of days after I finished with Narbik’s Bootcamp. Exhausted and agitated.
Continue reading

Cisco 3560 MLS QOS – Part 3 – Final

This is the third part of Cisco 3560 MLS QOS. Previously I’ve discussed about Classification and Marking and Ingress Queuing.

Egress Queuing

Now, it has come to the part where packets are ready to be sent out. The idea is quite similar with Ingress Queuing but Egress has 4 Queues instead of only 2 for Ingress. Unlike Ingress Queues, Egress Queues has two sets of Queue configuration templates. It is called Queue-set 1 and Queue-set 2. This can be handy if you require to have two different settings for access ports and trunk ports. You will be able to configure Queue-set 1 with particular setup and have another different setup for Queue-set 2.
Continue reading

Cisco 3560 MLS QOS – Part 1

MLS QOS has been one of the greatest fear for my CCIE RS exam. I’ve read it several times, labbed it more than 3 times, but still I just cannot understand it. Then I decided to write my own notes to teach myself and hopefully any of you mere mortals like me.

I’ll start with this Classification and Marking and let see how deep the rabbit hole goes for the next few parts.

Continue reading


There are several things to be satisfied before OSPF can establish its full adjacency. These are Area-ID, Stub-Flags, Interface-Type, Timers, Authentication, and MTU. These attributes must match to the other peering.

Let’s say that you have a scenario to create Q-in-Q which requires you to alter the default MTU to 1504 using system mtu 1504. The verification also shows that your system MTU is indeed 1504.

SWITCH-3560#sh system mtu

System MTU size is 1504 bytes
System Jumbo MTU size is 1504 bytes
Routing MTU size is 1500 bytes

Continue reading