[lacnog] Consulta sobre cisco
Carlos M. Martinez
carlosm3011 en gmail.com
Mie Nov 9 18:57:58 BRST 2016
(Soy Carlos, no Alejandro :-) )
Me funcionó *casi* bien, con dos observaciones:
- no lo pude hacer funcionar para IPv6
- el timeout cuando una interfaz se baja es un poco largo, como 30 s
(los timeouts x defecto de spanning tree)
Seguramente se pueda mejorar, cabe notar que estoy probando con un IOS
bastante viejo (12.algo)
Te adjunto la configuración.
s2
Carlos
On 9 Nov 2016, at 17:53, Manuel José Linares Alvaro wrote:
> ojala alejandro, sería magnifico.
>
> From: Carlos M. Martinez
> Sent: Wednesday, November 9, 2016 3:40 PM
> To: Latin America and Caribbean Region Network Operators Group
> Subject: Re: [lacnog] Consulta sobre cisco
>
> bridging es algo que los routers soportan, creo que es la solución a
> lo que quieres hacer.
> estoy tratando de hacerlo en gns3 en este momento, si me funciona te
> paso la config
> On 9 Nov 2016, at 17:35, Manuel José Linares Alvaro wrote:
> alejandro. detrás de ese router hay varios servidores, todos
> conectados por interfaces de red diferentes a switchs diferentes.
> quería hacerlo con el router, no creo que sea un bridge.
>
> From: Alejandro Acosta
> Sent: Wednesday, November 9, 2016 3:33 PM
> To: lacnog en lacnic.net
> Subject: Re: [lacnog] Consulta sobre cisco
>
> Aqui hay algo de eso.., un router que haga bridge:
>
> http://blog.acostasite.com/2012/05/inter-vlan-bridging-bridge-entre-dos.html
>
> Saludos,
>
> Alejandro,
>
> El 9/11/16 a las 2:26 p.m., Ariel Weher escribió:
>
> El ejemplo que dí yo es para una conexión entre routers, si lo
> que tienes es un 'router on a stick' puedes ver de armar una BDI entre
> las dos interfaces fisicas.
>
> Hay un feature que puedes investigar, se llama IRB que haría que
> las dos interfaces del router se bridgeen y luego creas una interface
> logica como si fuese una SVI de un switch layer3.
>
> Yo la verdad no lo recomiendo tanto, porque vas a depender de STP
> para mantener la estabilidad de esa implementación, pero puede llegar
> a ser la solución que buscas.
>
> http://www.cisco.com/c/en/us/support/docs/lan-switching/integrated-routing-bridging-irb/17054-741-10.html
>
> S2
>
> On Wed, Nov 9, 2016 at 5:22 PM, Ivan Fernandez Aquino
> <ifernandez.aquino en gmail.com> wrote:
>
> Hola Manuel,
>
> De lado del router seria crear un puerto logico (Port-Channel) y
> asociar todas las interfaces fiisicas que gustes (hasta 8 del mismo
> tipo).
>
> Saludos
>
> On Wed, Nov 9, 2016 at 3:17 PM Arian Trujillo Díaz
> <atrujillo10 en gmail.com> wrote:
>
> Si se llama Etherchannel, pero gestiona el protocolo LACP u
> 802.3ad
>
> El 09/11/2016 a las 15:14, Alejandro Acosta escribió:
> > no.., esto no sería lo que estas buscando.
> >
> > Tu respuesta en el mundo de Cisco es etherchannel ..., nunca
> lo ví en
> > routers pero si en LAN Switches. No se si exista alguna
> solución más
> > moderna y que yo me haya quedado en la prehistoria :-|
> >
> >
> > Saludos,
> >
> > Ale,
> >
> >
> >
> > El 9/11/16 a las 2:11 p.m., Alejandro Acosta escribió:
> >> HSRP? VRRP?
> >>
> >>
> >> El 9/11/16 a las 2:08 p.m., Manuel José Linares Alvaro
> escribió:
> >>> Hola,
> >>> Alguien sabe como configurar un router cisco (tal vez un
> 2900 o
> >>> 2800) con dos interfaces de red
> >>> ethernet redundantes? algo parecido a lo que llamamos en
> linux
> >>> interfaces bond?
> >>> Saludos,
> >>> Manuel Linares.
> >>>
> >>> --------------------------------------------------
> >>> From: "Robert Guerra" <rguerra en privaterra.org>
> >>> Sent: Monday, November 7, 2016 2:31 PM
> >>> To: "Latin America and Caribbean Region Network Operators
> Group"
> >>> <lacnog en lacnic.net>
> >>> Cc: "GT IPv6 LAC / LAC IPv6 TF" <lactf en lacnic.net>
> >>> Subject: [lacnog] IGF 2016 / Se busca contactos sobre el
> despliegue
> >>> de IPv6
> >>>
> >>>> Estimados colegas,
> >>>>
> >>>>
> >>>> Estoy organizando una session sobre IPv6 en el Foro de
> Governance que
> >>>> tendrá lugar en Mexico al mes que viene.
> >>>>
> >>>> Me encantaría incluir la participación de personas
> responsable del
> >>>> despliegue de IPv6 de Latin America. A continuación os
> incluyo
> >>>> detalles
> >>>> de la session.
> >>>>
> >>>> Si teneis alguna pregunta, envíame una nota.
> >>>>
> >>>> saludos
> >>>>
> >>>> Roberto
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> Robert Guerra
> >>>> Twitter: twitter.com/netfreedom
> >>>> Email: rguerra en privaterra.org
> >>>> PGP Keys : https://keybase.io/rguerra
> >>>>
> >>>> Details of the workshop
> >>>>
> ——————————————————————————
> >>>>
> >>>> IGF 2016 Workshop #6 : Can Law enforcement catch bad
> actors online
> >>>> anymore
> >>>>
> >>>>
> https://www.intgovforum.org/cms/igf2016/index.php/proposal/view_public/6
> >>>>
> >>>>
> >>>> Description of workshop:
> >>>>
> >>>> The exhaustion of the IPv4 address supply has been
> predicted since the
> >>>> end of the 1980s. However, the large scale adoption of
> mobile devices
> >>>> and their associated IPv4 addressing needs accelerated
> the exhaustion
> >>>> timetable, and placed increased pressure on network
> operators to
> >>>> conserve IPv4 addresses
> >>>>
> >>>> This pressure has resulted in a marked increase in the
> use of
> >>>> technologies, such as Network Address Translation (NAT),
> that allow
> >>>> pools of addresses to be shared across multiple
> endpoints. These
> >>>> mechanisms enable the reuse of the limited pool of
> available IPv4
> >>>> addresses, resulting in the number of connected endpoints
> vastly
> >>>> outnumbering the number of addresses in use in the public
> internet.
> >>>>
> >>>> This has three important implications for Internet
> technology
> >>>> developers, and those who depend on certain behaviors of
> the
> >>>> technology.
> >>>>
> >>>> Application designers need to consider the fact that an
> IP address
> >>>> does
> >>>> not necessarily identify an endpoint.
> >>>>
> >>>> Law enforcement and forensic functions need to consider
> that an IP
> >>>> address alone may not be sufficient to correlate Internet
> activity
> >>>> observations with an endpoint; and even an IP address
> associated
> >>>> timestamp generally may not suffice.
> >>>>
> >>>> Data retention mechanisms and policies that record or
> reference an IP
> >>>> address need to refactor their actions and requirements
> to consider
> >>>> that
> >>>> in increasingly large parts of the Internet, an IP
> address is merely a
> >>>> temporary identifier. Potentially large volumes of
> ancillary data are
> >>>> required to match an IP address to an endpoint.
> >>>>
> >>>> Description of the plan to facilitate discussion amongst
> speakers,
> >>>> audience members and remote participants:
> >>>>
> >>>> The workshop will be organized as a facilitated dialogue.
> Led by the
> >>>> moderator, subject experts will debate and discuss the
> key
> >>>> questions and
> >>>> issues. Subject experts will give opening comments, after
> which the
> >>>> moderator will turn to those attending the session and
> invited experts
> >>>> in the audience to engage in facilitated dialogue.
> >>>>
> >>>> In addition to the background documents and papers that
> will be
> >>>> prepared
> >>>> ahead of the IGF, additional articles of interest,
> commissioned blogs,
> >>>> reference materials and social media conversations will
> be
> >>>> published and
> >>>> distributed ahead of the workshop.
> >>>>
> >>>> Speakers:
> >>>>
> >>>> The experts listed below have accepted the invitation to
> >>>> participate in
> >>>> the session. They are drawn from the Law Enforcement,
> Government,
> >>>> Academia, Civil Society, The Technical Community and
> Private sector
> >>>> stakeholder groups. A facilitated dialogue will be
> organized so that
> >>>> these experts can bring their knowledge and perspective
> to discuss and
> >>>> debate the challenges brought by IPv4 exhaustion and the
> challenges
> >>>> and
> >>>> opportunities presented by IPv6 adoption.
> >>>>
> >>>> (1) Jeffrey R. Bedser is the founder and CEO of iThreat
> Cyber Group
> >>>> www.ithreat.com. Mr. Bedser has led ICG on its journey
> from an
> >>>> internet
> >>>> investigative firm to a technology driven threat
> Intelligence Company.
> >>>> ICG was formed in 1997 as Internet Crimes Group. Mr.
> Bedser has been a
> >>>> facilitator, panelist and speaker for organizations such
> as POLCYB,
> >>>> ASIS
> >>>> International, Infragard, HTCIA, The Conference Board,
> ICANN and
> >>>> the FBI
> >>>> Training Academy at Quantico. Mr. Bedser has received
> media
> >>>> coverage on
> >>>> multiple occasions discussing topics surrounding
> cyber-crime and cyber
> >>>> security.
> >>>>
> >>>> For the session, Jeff will help present an overview of
> the current
> >>>> challenges being faced by cyber investigators as IPv4
> addresses are
> >>>> exhausted and the transition to a wider deployment of
> IPv6 takes
> >>>> place.
> >>>>
> >>>>
> >>>> (2) John Curran is considered an Internet and
> telecommunications
> >>>> industry expert. Curran was one of the founding members
> and is the
> >>>> current President and Chief Executive Officer of the
> American Registry
> >>>> for Internet Numbers (ARIN), a Regional Internet Registry
> (RIR). He is
> >>>> also a Principal Associate at Isotropic, LLC., a
> cybersecurity and
> >>>> telecommunications service provider. Curran actively
> participates
> >>>> in the
> >>>> activities of the Internet Engineering Task Force (IETF)
> and has
> >>>> served
> >>>> as co-chairman of the Operations and Network Management
> Area and
> >>>> member
> >>>> of IPng (IPv6) Directorate.
> >>>>
> >>>> For the session, John will bring the North American
> Regional Internet
> >>>> Registry perspective to the conversation.
> >>>>
> >>>> (3) Laura DeNardis is an American author and a globally
> recognized
> >>>> scholar of Internet governance and technical
> infrastructure. She is a
> >>>> tenured Professor and Associate Dean in the School of
> Communication at
> >>>> American University. She is a Senior Fellow of the Centre
> for
> >>>> International Governance Innovation (CIGI) and serves as
> the
> >>>> Director of
> >>>> Research for the Global Commission on Internet
> Governance. With a
> >>>> background in Information engineering and a doctorate in
> Science and
> >>>> Technology Studies (STS), her research studies the social
> and
> >>>> political
> >>>> implications of Internet technical architecture and
> governance.
> >>>>
> >>>> She is an appointed member of the U.S. Department of
> State Advisory
> >>>> Committee on International Communications and Information
> Policy
> >>>> (ACICIP). She has more than two decades of experience as
> an expert
> >>>> consultant in Internet Governance to Fortune 500
> companies,
> >>>> foundations,
> >>>> and government agencies.
> >>>>
> >>>> For the session, Laura will bring an academic and
> research perspective
> >>>> to the conversation
> >>>>
> >>>> (4) Robert Flaim has been a Supervisory Special Agent
> (SSA) for the
> >>>> Federal Bureau of Investigation for over seventeen (17)
> years.
> >>>> Currently, SSA Flaim is assigned to the Executive Staff
> Unit of the
> >>>> Operational Technology Division in Quantico, Virginia.
> Since 2004, Mr.
> >>>> Flaim has worked on Internet Governance efforts with the
> Internet
> >>>> Corporation of Assigned Names and Numbers (ICANN) and
> Regional
> >>>> Internet
> >>>> Registries, i.e., ARIN, RIPE NCC, the Internet
> Engineering Task Force
> >>>> and other Internet Governance organizations, to foster
> Internet
> >>>> policies
> >>>> and practices that ensure effective international law
> enforcement
> >>>> investigations. Prior to his current position, Mr. Flaim
> worked at the
> >>>> FBI Washington Field Office on cyber and counterterrorism
> >>>> investigations.
> >>>>
> >>>> Bobby will bring a US and international law enforcement
> perspective to
> >>>> the conversation and dialogue. As well, Robert will bring
> a unique
> >>>> first-hand familiarity of urgent cyber investigations to
> to
> >>>> discussion.
> >>>>
> >>>> (4) Athina Fragkouli is the Legal Counsel at the RIPE
> Network
> >>>> Coordination Centre (NCC), where she is responsible for
> all legal
> >>>> aspects of the organisation. She defines the RIPE NCC
> legal framework,
> >>>> provides advice, and gives legal support for all RIPE NCC
> activities.
> >>>> Athina works with a variety of Internet stakeholders such
> as network
> >>>> operators, governments, and Law Enforcement Agencies
> (LEA). She also
> >>>> represents the RIPE NCC in a variety of fora such as
> technical
> >>>> meetings
> >>>> and EU-organised events.
> >>>>
> >>>> Athina - Will bring a European Regional Internet Registry
> >>>> perspective to
> >>>> the panel. As well she will bring a rights based,
> european and privacy
> >>>> perspective to the conversation.
> >>>>
> >>>> (5) Merike Kaeo is a recognized global expert in
> information security
> >>>> and author of “Designing Network Security.” Prior to
> joining
> >>>> Farsight Security, Merike served as Chief Information
> Security Officer
> >>>> for Internet Identity (IID), where she was responsible
> for maintaining
> >>>> IID’s vision and ensuring the company’s sensitive
> information and
> >>>> technologies are protected. Prior to joining IID, Merike
> founded
> >>>> Double
> >>>> Shot Security, which provided strategic and operational
> guidance to
> >>>> secure Fortune 100 companies. She led the first security
> initiative
> >>>> for
> >>>> Cisco in the mid-1990s. Merike is on ICANN’s Security
> and Stability
> >>>> Advisory Council (SSAC) and the FCC’s Communications
> Security,
> >>>> Reliability and Interoperability Council (CSRIC). She
> earned a MSEE
> >>>> from
> >>>> George Washington University and a BSEE from Rutgers
> University.
> >>>>
> >>>>
> >>>> (6) Dick Leaning has over 28 years’ experience in Law
> Enforcement,
> >>>> leading teams of investigators in the Metropolitan Police
> Service
> >>>> (London), UK National Crime Squad (NCS) and the Serious
> Organised
> >>>> Crime
> >>>> Agency (SOCA) and from 2009 within SOCA’s Cyber Crime
> Department. Dick
> >>>> has been the UK representative at the G8 High-Tech Crime
> subgroup of
> >>>> senior experts and Interpol’s European High-Tech Crime
> Working Group
> >>>> with responsibility for enhancing the abilities of law
> enforcement.
> >>>> Based in The Hague since September 2011, Dick joined the
> United
> >>>> Kingdom
> >>>> Liaison Bureau (UKLB) desk as a Europol Cyber Liaison
> officer, and has
> >>>> recently taken on the role of Seconded National Expert
> attached to the
> >>>> European Cybercrime Center (EC3) at Europol. In his
> current role, Dick
> >>>> has responsibility for Internet Community Engagement
> through which he
> >>>> hopes to achieve significant dialogue with the
> Internet’s
> >>>> multi-stakeholders and Law Enforcement, to work in
> partnership to
> >>>> prevent, disrupt and prosecute cyber criminals.
> >>>>
> >>>> Richard will bring a Internet Registry, Law Enforcement
> and
> >>>> International Cyber Investigation perspective to the
> conversation and
> >>>> dialogue.
> >>>>
> >>>>
> >>>> (7) Ben Butler has been with Go Daddy since 2001. In
> 2002, He
> >>>> formed the
> >>>> Go Daddy Abuse Department, and served as Director of
> Network Abuse for
> >>>> over 10 years. In this role, Ben helped create and
> enforce company and
> >>>> public policies dealing with every form of potential
> abuse that
> >>>> happens
> >>>> online, including spam, phishing, identity theft,
> copyright
> >>>> infringements, cyberbullying, child exploitation issues,
> and rogue
> >>>> internet pharmacies. He recently took on a new role as
> Director of the
> >>>> Digital Crimes Unit. Ben comes from a strong technical
> background
> >>>> including several years as a network and email
> administrator, and has
> >>>> experience in customer service, business management, and
> marketing.
> >>>>
> >>>> Ben will bring a registrar perspective to the
> conversation and
> >>>> dialogue.
> >>>>
> >>>>
> >>>> Description of the proposer's plans for remote
> participation
> >>>>
> >>>> The workshop will be organized as a facilitated dialogue.
> Led by the
> >>>> moderator, subject experts will debate and discuss the
> key
> >>>> questions and
> >>>> issues. Subject experts will give opening comments, after
> which the
> >>>> moderator will turn to those attending the session and
> invited experts
> >>>> in the audience to engage in facilitated dialogue.
> >>>>
> >>>> Background paper (attached)
> >>>>
> >>>
> >>>
> >>>
> >>>> _______________________________________________
> >>>> LACNOG mailing list
> >>>> LACNOG en lacnic.net
> >>>> https://mail.lacnic.net/mailman/listinfo/lacnog
> >>>> Cancelar suscripcion:
> https://mail.lacnic.net/mailman/options/lacnog
> >>>>
> >>>
> >>> * * * * *
> >>> Universidad de Granma
> >>> http://www.udg.co.cu
> >>>
> >>> Participe en el VI Congreso Cubano de Desarrollo Local,
> >>> Hotel Sierra Maestra, Bayamo, Granma, Cuba, del 28 al
> >>> 30 de marzo de 2017.
> >>> _______________________________________________
> >>> LACNOG mailing list
> >>> LACNOG en lacnic.net
> >>> https://mail.lacnic.net/mailman/listinfo/lacnog
> >>> Cancelar suscripcion:
> https://mail.lacnic.net/mailman/options/lacnog
> >>
> >
> > _______________________________________________
> > LACNOG mailing list
> > LACNOG en lacnic.net
> > https://mail.lacnic.net/mailman/listinfo/lacnog
> > Cancelar suscripcion:
> https://mail.lacnic.net/mailman/options/lacnog
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion:
> https://mail.lacnic.net/mailman/options/lacnog
>
> --
>
> Ivan Fernandez Aquino
>
> Network & Communication Engineer | Phone: +51 1 349 7284 | Work
> Cell Phone: +51 960 528 066 | Personal Cell Phone: +51 950 934 518 |
> Work email: ivaferna en cisco.com | Personal email:
> ifernandez.aquino en gmail.com | Lima, Peru
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion:
> https://mail.lacnic.net/mailman/options/lacnog
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
>
> --------------------------------------------------------------------------------
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20161109/b2cd1e6d/attachment.html>
------------ próxima parte ------------
An embedded and charset-unspecified text was scrubbed...
Name: cisco-irb-for-redundancy-carlosm.txt
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20161109/b2cd1e6d/attachment.txt>
Más información sobre la lista de distribución LACNOG