Author: rtoodtoo
Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN
// JNCIE-SEC #223 / RHCE / PCNSE
As part of improving IPv6 content on this blog, I have chosen to write about how we can integrate these slightly distinct technologies DNS64 and NAT64. On this post, I will try to show how a native IPv6 client can access an IPv4 resource. In my opinion it isn’t really difficult but needs some focus
Read More »
Van Jacobson is a prominent person in networking, especially for TCP/IP. What I didn’t know was (according to wikipedia) original traceroute was also written by him. As this tool is the swiss knife of a Tech Support Engineer, I would like to share the meaning of some of the outputs. If you have any other
Read More »
I would like to focus more on IPv6 on the upcoming posts and I think the best topic to start IPv6 is the discovery phase but before delving into IPv6, I need to write about how address resolution works in IPv4 world. I did read couple of RFCs as well so you may find something
Read More »
Mostly I write about technical stuff but this can be one of the exceptions. After working couple of years with certain technology, it becomes difficult to maintain the same level of passion. I am not even sure if the passion is the right word to describe this but you are looking for some sort of
Read More »
One of the challenges for those who are new to SRX and deploy a dual ISP scenario is to keep the symmetry of the packet flow. One picture worths thousand words so let’s have a look at what I am trying to say. I will explain each steps to see how things may go different
Read More »
Finally my virtual SRX lab is ready for my DPD tests . As you might know, DPD (Dead Peer Detection) is a method used to detect if an IPsec peer is alive or not. Here we will see the ways DPD can be configured also why we really need a monitoring method like DPD. I
Read More »
There is one traceroute option which you might not have noticed so far: It is the monitor. I use this option during packet drop issues from time to time to see if there is any hop on the path which might be causing some drop or latency. It is extremely handy and you can also
Read More »
Today, I have found this exciting research project called Project Turris from Czech Republic’s domain registry CZ.NIC. In a nutshell, it seems to be an opensource firewall which is based on OpenWrt Linux. Hardware design is also open. Security component is called distributed adaptive firewall. Security fixes are also distributed to the nodes from the
Read More »
After my srx for beginners post has become the most popular article of this blog, I have decided to improve it a little bit as it is missing some vital information. Without talking too much let’s summarize what we will do in this post What is a flow session? How can we interpret a flow
Read More »
In this post we will install Junos Space Network Management Platform virtual appliance for VMware ESX and Security Director. As you might know Space platform is the ground application holding other applications such as Security Director which manages SRX firewalls. Hence it is necessary to install Space platform first and Security Director on top of
Read More »
You must be logged in to post a comment.