Tag Archives: DHCP

CCNP SWITCH Lab show commands

Second post of this little series. While I was using my CCNP SWITCH lab for testing many different protocols, I “showed” and saved the output of those protocols as well. Refer to the lab overview of my last post in order to understand those outputs.

I basically saved them as a reference for myself in case I am interested in the information revealed by them. I won’t explain any details of the protocols nor the outputs here. Just many listings. Fly over them and reflect yourself whether you would understand anything. ­čśë Here we go:

Continue reading CCNP SWITCH Lab show commands

Wireshark Layer 2-3 pcap Analysis w/ Challenges (CCNP SWITCH)

While preparing for my CCNP SWITCH exam I built a laboratory with 4 switches, 3 routers and 2 workstations in order to test almost all layer 2/3 protocols that are related to network management traffic. And because “PCAP or it didn’t happen” I captured 22 of these protocols to further investigate them with Wireshark. Oh oh, I remember the good old times where I merely used unmanaged layer 2 switches. ­čśë

In this blogpost I am publishing the captured pcap file with all of these 22 protocols. I am further listing 45 CHALLENGES as an exercise for the reader. Feel free to download the pcap and to test your protocol skills with Wireshark! Use the comment section below for posting your answers.

Of course I am running my lab fully dual-stacked, i.e., with IPv6 and legacy IP. On some switches the SDM template must be changed to be IPv6 capable such as sdm prefer dual-ipv4-and-ipv6 default .

Continue reading Wireshark Layer 2-3 pcap Analysis w/ Challenges (CCNP SWITCH)

Sicheres WLAN: Was wirklich etwas bringt

Vor ein paar Tagen wurde ich ├╝ber Twitter auf einen Artikel aufmerksam, der sich “F├╝nf Tipps f├╝r ein sicheres WLAN” nennt. Cool, so dachte ich, denn schlie├člich ist das eine oft gestellte Frage, wie man denn sein heimisches WLAN so absichern soll. Leider musste ich schnell feststellen, dass drei von den Tipps einfach falsch sind, da sie keine Relevanz f├╝r ein “sicheres WLAN” haben. Einer davon hat obendrein einen gegenteiligen Effekt, indem er sogar mehr ├╝ber das eigene WLAN preis gibt, als ohne. Oh man! Ich verstehe nicht, wieso auch heute noch falsche Tipps f├╝rs WLAN gegeben werden, wobei die Profis, die solche Artikel schreiben, es eigentlich besser wissen m├╝ssten.

Hier daher eine Auflistung der Tipps, die wirklich etwas bringen. Erg├Ąnzend nat├╝rlich auch die Begr├╝ndung, wieso die anderen nichts bringen.

Continue reading Sicheres WLAN: Was wirklich etwas bringt

DHCP Sequences: Broadcast vs. Unicast

I missed a sequence diagram for DHCP which not only shows the four basic messages (DISCOVER, OFFER, REQUEST, ACK), but also the used source/destination addresses and ports, the type of connection (unicast/broadcast), the differences between the initial and the renewing messages, and the needed firewall rules for allowing DHCP traffic to/from the own interface or to/from a DHCP relay agent.

Here it comes! ­čÖé

Continue reading DHCP Sequences: Broadcast vs. Unicast

Juniper ScreenOS DHCP Relay: “Use Interface as Source IP for VPN”

I had strange looking DHCP packets in my network as I tested around with DHCP relays on the Juniper SSG firewall. Some packets were blocked and I didn’t know why. After some troubleshooting it was clear that the checkmark “Use xy Zone Interface as Source IP for VPN” has a big impact in all environments even without the usage of a VPN!

Continue reading Juniper ScreenOS DHCP Relay: “Use Interface as Source IP for VPN”