Hello and welcome to CostiSer.Ro in 2014 !!
As most people do, I also have my own resolutions for the new year and one of them is to write more articles, come up with more interesting (not necessarily more difficult) quizzes and (hopefully) discuss topics, such as SDN, that are "burning" the minds of all the network engineers.
2014 will be the year that I will have to re-certify my R&S by going for the 2nd CCIE - the only question will be: "what track: Security or Service Provider?"... and, as I usually do, the answer will depend on what I do more in my current employment.
My first post of this year will be a review of Top 5 most commented quizzes from 2013. Here it goes: ... rat-a-tat-a-tat-a (I hear the drums, don’t ask me why)...
Number 1: Quiz #6 – Routing protocols over IPsec (59 comments)
The winner of 2013 is quiz-6 with a only 1 extra comment in front of the second place.
This quiz talks about running routing protocols over tunnels (GRE over IPsec) and the problems appear in case the tunnel destination are learnt/advertised via the tunnel itself, situation known as recursive routing.
In this particular case, tunnel destinations were advertised into the routing protocol due to a "network 0.0.0.0" command.
The solutions were discussed here and talk about filtering tunnel destinations from being sent/received via the tunnel or about setting static routes that points to the physical interfaces.
Number 2: Quiz #9 – BGP peering over a Cisco ASA (58 comments)
The runner-up of 2013 is a quiz about establishing BGP sessions protected by MD5 passwords over networks that involves stateful firewalls in between the peers.
The catch in this case is that BGP uses TCP Option 19 to perform the authentication and firewalls usually clear or drop TCP sessions that contain TCP Options. Besides this, TCP sequence numbers are randomized by most firewalls, which also impacts BGP authentication.
More explanation about this can be found in the post with the solution to this quiz.
Number 3: Quiz #12 – OSPF Improper Path Selection (55 comments)
Although in the 3rd place in 2013, I consider quiz-12 to be one of the most difficult quizzes that I came up with. This is because it involves an OSPF feature that is not widely used/understood: Forwarding Address (FA).
The difficulty of the quiz appears due to special conditions needed to be true in order to set a non-zero FA. The full explanation of these conditions and solution to the quiz can be found in this post.
Number 4: Quiz #4 – BGP over ISP (54 comments)
This quiz-4 shows a situation where an eBGP peering does not get established due to the fact that the peer is reachable over the default route (from routing perspective).
The solution to this quiz also shows that a BGP session will be established when the receiver (server side of the BGP session) gets the session initiation request from a peer reachable over the default route, but it will never act as a requester (client side) towards such a peer.
Number 5: Quiz #16 – BGP Filtering Updates (43 comments)
Another corner-case scenario is represented by quiz-16. When trying to suppress inactive routes from being advertised to other BGP peers, some conditions about the next-hop must be fulfilled - see details in the solution post.
Although not in top 5, probably due to the fact that it was published towards the end of 2013, I would also like to mention another quiz that I consider to be very difficult: quiz-21 about EIGRP used as a CE-PE routing protocol.
Thank you for all your comments to my quizzes in 2013 !!
I will try to continue this work over 2014.
Happy New 2014 !!