LDP

Label Distribution Protocol (LDP) is one of the protocols that can be used for MPLS to distribute labels. Other protocols are RSVP-TE, BGP, and IGPs (ISIS and OSPF). This short post addresses LDP and how it works. I’m using two routers to talk about LDP in this post. R2 and R3 that are connected like this: Configuration LDP is very simple to configure. It is basically just one command needed.

mVPN – Profile 0 aka. “Rosen Draft”

mVPN Profile 0 is the original way of doing mVPN when we had no extensions to LDP. This means we need PIM in the underlay – the SP core. Specifically the profile is called: Profile 0 Default MDT - GRE - PIM C-mcast Signaling Topology I’ll use the following topology to go through and explain the concepts and workings of Rosen Draft with Data MDT. Default MDT MDT (Multicast Distribution Tree) is referring to the SPs global environment – the underlay.

Ubuntu netplan static IP address

It has been a few years since I last touched a Linux box. Tonight I decided to install an Ubuntu Server and wanted to give it a static IP address. As I went to /etc/network and wanted to edit the interfaces file, I realised that things have changed. Now you configure the NICs using netplan. So I fired up putty after reading some examples on how to do this and got hit by this error when trying to apply the configuration:

Deploy ASAv using Ovftool

If you ever get stuck with the “A required disk image was missing” error when deploying an OVA directly on an ESXi host, you might want to check this out – ASAv specific, but should work for other OVAs like I wrote about regarding� Deploy ISE PoV 2.3 OVA using ovftool First of all you download the ASAv from CCO and unzip it. Second you create a text file with the command to deploy the OVA on the ESXi host.

DNAC HA

The DNAC is currently sold as an appliance (part number� DN1-HW-APL). It costs a whopping $80k list per box! So why do you need three of them when doing a HA setup? It is because of Quorum. The definition of quorum is: "The number of members of a group or organization required to be present to transact business legally, usually a majority." - source: dictionary.com Say you only have two hosts in a cluster.

DNAC – External Authentication with ISE Radius

You probably want to use an existing Identity Store such as Active Directory when managing your network infrastructure – including DNAC. Below is a guide on how to configure this functionality. When you enable external authentication in DNAC it will not exempt you from using the locally defined users on DNAC – at least not the built-in admin user. DNAC External Authentication Configuration Locate the “External Authentication” page in Settings -> System Settings -> Users

CCIE Lab Passed

April 4 2018 I did my 4th attempt of the CCIE R&S Lab in Brussels. This time I passed! Now I know how to approach the lab and through my failed attempts I learned what works for me in terms of strategy. I will go through it here: First of all you need to master all topics in the blueprint. This goes without saying. Not only do you need to know the technologies inside out, but you must also master how to troubleshoot, diagnose, and configure them – fast!

DNA Center – Reinstall

If you messed up your DNAC or just want to start over, you can do so by downloading the ISO for the appliance. Get the ISO on the below link: Download DNA Center ISO from CCO After downloading the ISO, you� must� create a USB installer by using� Etcher If you use Rufus or any other tools for the USB installer creation, it might not work due to insanely long file names in the ISO.

DNAC Integration with ISE using a self-signed Certificate

NOTE! Using ISE 2.3p3 is not an option due to CSCvi94778 If you’re deploying a DNAC and you want to integrate with ISE, you might have read the following documents: Perform Post-Installation Tasks Cisco ISE Integration Limitations I did and ended up with this error in DNAC when adding ISE: Clearly this is a certificate error. The thing is that Cisco mentions that SAN (Subject Alternate Name) is essential for the trust between DNAC and ISE.

Deploy ISE PoV 2.3 OVA using ovftool

When you want to deploy the ISE Proof of Value OVA in a ESXi 6.5 this happens: We create a new VM, specify the name and select the ova:[ ]1 In the last step, you’ll receive an error that “A required disk image was missing.” Most likely due to� CSCvf26967 Instead of combining the 5 zip files you downloaded from box.cisco.com (.001-.005), you should extract them and use ovftool to deploy the vm.