Hello, I have a project to emulate the STP protocol with ODL and let each switch send LLDP messages to neighbors every second, and send any LLDP packets they receive back to the controller. Calculate the resulting spanning tree using Kruskal’s algorithm, and implement it in the network.
Can you direct me how to proceed? I did some research but didn’t find big things, i’m looking for what is the ODL config file running the default STP, and how i can modify it? and do I have to develop an application from scratch or just modify … thank you for your answe
Hello Brahim
This question has been answered here:
Lazaros
I have a query on the Firemon Tool Traffic Flow Analasys . Its mentioned the following Statement.
“FireMon’s Traffic Flow Analysis or “TFA” does the same thing to monitor traffic through a firewall rule, and instead of allowing all traffic to traverse in all direct
ions, it monitors the empirical behaviors on the network and lets administrators know which rules they can create to allow only the necessary access.”
I know the CISCO Packet Processing Algorithm . How are the following Rules 10 , 11 and 12 are effected by the Above statement aka Network Behaviour ???
Here are the individual steps in detail:
-
The packet is reached at the ingress interface.
-
Once the packet reaches the internal buffer of the interface, the input counter of the interface is incremented by one.
-
Cisco ASA first looks at its internal connection table details in order to verify if this is a current connection. If the packet flow matches a current connection, then the Access Control List (ACL) check is bypassed and the packet is moved forward.
-
If packet flow does not match a current connection, then the TCP state is verified. If it is a SYN packet or UDP (User Datagram Protocol) packet, then the connection counter is incremented by one and the packet is sent for an ACL check. If it is not a SYN packet, the packet is dropped and the event is logged.
-
The packet is processed as per the interface ACLs. It is verified in sequential order of the ACL entries and if it matches any of the ACL entries, it moves forward. Otherwise, the packet is dropped and the information is logged. The ACL hit count is incremented by one when the packet matches the ACL entry.
-
The packet is verified for the translation rules. If a packet passes through this check, then a connection entry is created for this flow and the packet moves forward. Otherwise, the packet is dropped and the information is logged.
-
The packet is subjected to an Inspection Check. This inspection verifies whether or not this specific packet flow is in compliance with the protocol. Cisco ASA has a built-in inspection engine that inspects each connection as per its pre-defined set of application-level functionality. If it passed the inspection, it is moved forward. Otherwise, the packet is dropped and the information is logged.
-
Additional security checks will be implemented if a Content Security (CSC) module is involved.
-
The IP header information is translated as per the Network Address Translation/ Port Address Translation (NAT/PAT) rule and checksums are updated accordingly. The packet is forwarded to Advanced Inspection and Prevention Security Services Module (AIP-SSM) for IPS related security checks when the AIP module is involved.
-
The packet is forwarded to the egress interface based on the translation rules. If no egress interface is specified in the translation rule, then the destination interface is decided based on the global route lookup.
-
On the egress interface, the interface route lookup is performed. Remember, the egress interface is determined by the translation rule that takes the priority.
-
Once a Layer 3 route has been found and the next hop identified, Layer 2 resolution is performed. The Layer 2 rewrite of the MAC header happens at this stage.
-
The packet is transmitted on the wire, and interface counters increment on the egress interface.
Hello Surendra
This question has been answered here: