About dhr.tech1

dhr.tech1 · 09-29-2025

Summary:Proxy ARP is enabled by default on all ASA/Firepower interfaces, but it generally comes into effect only when NAT is configured. Under normal circumstances, when traffic flows between a source and destination located behind the same FTD inter...

dhr.tech1 · 04-01-2025

IntroductionIn this blog we will try to explain how we can prevent an IOS router from advertising a specific sub-network in a large advertise network BGP. We cannot filter the route if we're advertising the routes using a Null Route. When you inject...

dhr.tech1 · 10-17-2024

Hi All,I have a question about tenants. I understand how traffic is send via VXLAN over Nexus 9K switches. we use BGP RT-RD values to ensure that the traffic is landed into right L3 VRF. But how does it manufacture in ACI ? Since we don't use MP-BGP ...

dhr.tech1 · 10-14-2024

Hi All,while reading through many Cisco articles, I am slightly confused on when and where we need to use the contracts.1. Scenario 1: Host A (EPG1/BD1) -Leaf 1 is trying to connect to Host B (EPG2/BD2) - Leaf 2 with pervasive gateways. In this scena...

dhr.tech1 · 10-10-2024

Hi All,We're using ACI in our environment and ran below command. I am not able to figure out on which leaf the tunnel destination "10.9.152.77" resides. I think the tunnel destination is the VTEP assigned to a vPC. How can we search it centrally and ...

dhr.tech1 · 12-25-2025

Hello,I have configured cluster groups on ASA numerous times, but used single interface while configuring cluster interfaces in custer groups. But, I'm sure we can use port channels in cluster interfaces with Cisco FTDs, refer below link for referenc...

dhr.tech1 · 10-15-2024

Thanks Ash, but in a nutshell if there is no contract for inter-EPG communication, traffic will be dropped ? right

dhr.tech1 · 10-11-2024

Thanks Chris, although I am bit new to ACI (closely worked on NSX VXLAN) but I don't think the vPC VTEP exists on all the leaf, it does on for NSX as we use Asymmetric Routing and Bridging but for ACI we use symmetric i.e. MAC VRFs are not required o...

dhr.tech1 · 05-30-2024

Throughput is 'bits routed through the box', they are not double-counted. if a network card has capacity of 100Gbps then it can process 100 Gigabita of traffic per second, it can be ingress or egress traffic from the ports of the card.

dhr.tech1 · 05-29-2024

But how does you SSH into your device, using below interface and IP address ? Remember you cannot get into the design because your ingress interface isn't working well. I would suggest to setup your management interface, you can even use a data inter...

Member Since	‎07-04-2016 06:15 AM
Date Last Visited	‎12-25-2025 04:03 AM
Posts	38
Total Helpful Votes Received	32

User Statistics

User Activity

Proxy ARP on Cisco FTD

Prevent IOS router from advertising sub-network in a large network BGP

ACI Tenants Use

Contracts with ACI

Destination vPC VTEP Address for ACI

Re: Port channel mode cannot be changed to ON for CCL links. Why?

Re: Contracts with ACI

Re: Destination vPC VTEP Address for ACI

Re: Get actual througput in Cisco ASA

Re: unable to ping or access secondary one firewall