Aaron's Worthless Words

Sign in Subscribe

ont

ONT Notes - 802.1x and Encryption on LWAPs

* Traditional WLAN weaknesses * SSID for security * Vulnerable to rogue APs * MAC filtering for security * WEP * WEP weaknesses * Disribution of static keys is not scalable * WEP keys can be cracked easily * Vulnerable to dictionary attacks * No protection against rogue APs * Benefits of 802.1x * Centralized authentication through Radius via AAA * Mutual

ONT Notes - QoS On Wireless Networks

* Wireless LANs (WLANs) * Extensions to wired LANs * Carrier sense multiple access collision avoidance (CSMA/CA) as media access method * Uses distributed coordinated function (DCF) for collision avoidance * DCF is based on RF carrier sense, inter-frame spacing (IFS), and random wait timers * Wifi QoS standards * 802.11e * IEEE standard * 0-7 priority

ONT Notes - AutoQoS

* AutoQoS benefits * Automates QoS for most deployments * Protects business-critical apps to maximize availability * Simplifies QoS deployments * Reduces configuration errors * Cheaper, faster, and simpler deployments * Follows DiffServ * Allows complete control over QoS configs * Allows modification of auto-generated configs * AutoQoS phases of evolution * AutoQoS VOIP – Early version that configures the basics without

ONT Notes - Pre-classify and End-to-end QoS

* VPNs (Didn’t ISCW cover this?) * Provide * Confidentiality * Integrity * Authentication * Types * Remote-access * Client-initiated * NAS-initiated * Site-to-site * LAN-to-LAN * Extranet * L3 Tunneling protocols * GRE * IPSec * Pre-classify allows traffic to be classified before being sent across a tunnel or crypto-ed. * qos pre-classify * Provide

ONT Notes - Congestion Avoidance, Policing, Shaping, and Link Efficiency

* Tail drop drawbacks * TCP synchronization – Dropping TCP packets from different flows can cause them all to window down and back up again at the same time in cycles. * TCP starvation – Non-TCP or aggressive flows can starve everyone else out when TCP throttles back. * No differentiated drop – Tail drop doesn’t

ONT Notes - Queuing

Here are some more notes from my studies. Of course, no one cares about them but me, but it’s my blog. I’m sure someone will find it useful. Please help to correct dumbass mistakes. * Congestion * Speed mismatch – traffic leaves a lower-bandwidth interface than the one it came in

ONT Notes – Classification, Marking, and NBAR

Here’s another set of notes from my ONT studies. I’m sure someone will find it useful. Please help to correct dumbass mistakes. * Classification is done with traffic desriptors * Ingress interface * CoS value on ISL or 802.1P frames * Source/destination IP address * IP Precedence or DSCP value * MPLS