I will give an example of setting up prefix-limit for BGP so that a neighbor does not accidentally send more routes than he should.Continue reading “How to configure BGP prefix-limit on Juniper”
One day I noticed warnings in the MySQL logs:
I will give an example of setting up an ACL to restrict access to Telnet, SSH, SNMP on Huawei S2300 series switches.Continue reading “Restricting access to management on Huawei S2326TP-EI”
For example, I will configure unicast RPF (reverse-path forwarding) on Juniper MX204.
RPF allows you to reduce the impact of DOS-type attacks on IPv4 and IPv6 interfaces.
Once it was necessary to clean the smoke chamber of the Ajax FireProtect Plus sensor, as a dust alarm was triggered (an audible signal was periodically emitted from the sensor itself and a notification in the application).Continue reading “Cleaning the chamber of the FireProtect Plus Ajax sensor”
dhcpperf is a DHCP load testing tool.Continue reading “Testing a DHCP server with dhcpperf”
Once I discovered on the graphs a large burst of Multicast packets on one of the ports of the Cisco Nexus 3064 switch, while the CPU load increased to 30%, before that it was 12% with L2 traffic of 13 Gbit/s.Continue reading “High CPU load on Cisco Nexus 3064”
In this article, I will briefly describe the principle of DDoS DNS Amplification attacks.Continue reading “Description of DNS Amplification Attacks”
OCSP is a protocol for checking the validity of certificates, that is, to make sure that they have not been revoked and whether they were actually issued. Enabling OCSP Stapling on the web server side allows you to increase the speed of site opening, since the request to the certification authority is made not by the browser, but by the web server.Continue reading “Configuring OCSP Stapling”
In this article, I will give an example of SNMP Traps display about Loop Detect in Zabbix.Continue reading “Displaying SNMP Traps about Loop Detect in Zabbix”