In-depth tutorials on OSPF, BGP, 802.1X, and more- for engineers who want to understand the why, not just the how.
Open Shortest Path First tutorials covering LSA types, area design, neighbor states, route summarization, authentication, and OSPF tuning for enterprise and service provider networks.
31 posts
Border Gateway Protocol tutorials covering eBGP, iBGP, path selection, route filtering, communities, and BGP design for enterprise and service provider networks.
30 posts
802.1X port-based network access control tutorials covering EAP methods, RADIUS integration, MAB, dynamic VLAN assignment, and Cisco ISE deployment for wired and wireless environments.
31 posts
In 2016, the SD-WAN pitch was simple and persuasive: replace expensive MPLS circuits with cheaper broadband, steer traffic intelligently to avoid outages, and cut your WAN bill. That value proposition was real. Organizations reduced WAN costs by 30 to 50
Most network teams end up in one of two places. The first is full manual: every switch gets configured by hand, every change is a SSH session, and consistency depends entirely on whoever is doing the work that day. The
Campus networks are getting pulled into the post-quantum conversation faster than most operators expected. NIST finalized three post-quantum cryptography (PQC) standards in August 2024, and Cisco has started making "quantum-ready" claims about the Catalyst 9000 lineup. Before you
Wi-Fi 7 is shipping, Cisco has a full lineup of 802.11be access points, and the industry is doing what it always does: pushing the upgrade conversation. The real question for most enterprise and campus wireless teams is not whether
When a user calls the help desk and says "the network is slow," someone on your team starts digging. You pull up Catalyst Center, check client health, scan the device 360 view for the access switch they'
Every few years, a platform comes along that promises to simplify enterprise networking at a fundamental level. SD-Access was Cisco's answer to the question of how you do consistent segmentation, identity-based policy, and automated provisioning across a campus
The Catalyst 9800 makes backup, restore, and upgrade look simpler than it actually is. The commands are short, the GUI has wizards, and most of the time the process works. The trouble starts on the 2 percent of upgrades that
SD-Access wireless on the Cisco Catalyst 9800 is one of those topics that looks complicated from the outside and becomes straightforward once you understand the mental model. The short version is: in a Software-Defined Access (SD-Access) fabric, the C9800 stops
Local mode and FlexConnect are the two fundamental ways a Cisco Catalyst 9800 can hand off client traffic, and the choice shapes almost everything else in your design — WAN utilisation, failure behaviour during a controller outage, the identity of the
RF is the part of a wireless deployment that punishes shortcuts. You can mis-tag APs and fix it in an hour. You can pick the wrong HA model and swap it in a maintenance window. But an RF design built
A working Catalyst 9800 deployment and a good Catalyst 9800 deployment are two very different things. The platform is forgiving — you can mis-tag APs, leave RRM on defaults, skip SSO, and the WLAN will still serve clients. The problem shows
C9800 NETCONF and RESTCONF: Automation and Programmability The Catalyst 9800 wireless LAN controller represents a shift toward model-driven programmability, moving beyond traditional CLI-based management. This article explores how you can leverage NETCONF and RESTCONF protocols to automate configuration, retrieve operational