DAI is preformed to mitigate "man in the middle attack" mainly. This feature on switch makes sure that ARP request is coming from the same ip address and same mac address on particular port according to DAI database.

for further answers please check on course of CCNP (switch)  https://www.networkbulls.com/training-ccnp-course-delhi 

It is a process for authenticating, authorizing and accounting user dynamically, who is joining the network with wired connection its is done with the AAA server setup using 802.1X protocol for end devices which are capable of providing authentication information (username & password).   hope you have got your query resolved for getting more details on this it is recommended to do a course on ... (more)

command to check route table on windows is "route print"

command for linux is "sudo route -n"

In our topology R1 and R3 are VPN peers, having PC1 and PC2 as end client which are going to communicate with each other using secure tunnel and R2 is the router, routing only public IP address.   Before VPN configuration we have made the VPN peers reachable to each other and DIGITAL CERTIFICATE has been enrolled by peers.   We are using AES for encryption algorithm (for IKE phase 1 and IKE... (more)

Cisco router's and switch's interfaces have the capability to work at full duplex as well as half duplex. By default interface works on auto negotiation mode, which negotiate duplex and speed of the link between the 2 devices connected in the segment of the network. And higher performance supported by both is negotiated.  Default configuration on router's interface is shown by   ... (more)

MSS is a OSI Layer-4 data size (in bytes) any segment can carry which doesn't include transport layer's headers where as MTU is a OSI Layer-3 IP packet size (in bytes) which can be transmitted through an interface. for example if we have TCP SEGMENT for IPv4 will always have MSS as 1460 bytes and IP MTU of interface as 1500 bytes, which explains that data size can not exceed 1460 by... (more)

TCP MD5 signature: This MD5 signature is a MD5 hash function of following values. 1. TCP Pseudo-header (which consist of some properties from tcp header and ipv4-header) 2. TCP  header (excluding options and checksum) 3. TCP data 4. Connection key  MD5 hash is made and kept in the option 19th field of tcp header when the segment is received by the receiver then receiving device recalculates th... (more)

    ASA(config)#domain-name cisco with this command we define domain-name to be used when generating crypto keys. ASA(config)#crypto key generate rsa label cisco modulus 1024 with this command we create crypto keys on asa, naming it "cisco" and also defining key size with modulus "1024". ASA(config)#ssh 0 0 inside with this command we define from inside of ASA traffic of ssh will be init... (more)

Site to site on Router using pre-share keys with IKE Version-1   Topology used is following: Commands with explanation: On Router of SITE-A: First thing we do is make IPsec phase-1 configuration by defining ISAKMP policy and parameters and priority to the policy (least is preferred always), Which will make ISAKMP SECURITY ASSOCIATION. #crypto isakmp policy 1 In ISAKMP MODE with this comm... (more)

Time Based Access Control List: Time based ACL are just like normal Extended ACL but in this we define time-range which defines duration for which ACL is going to work. To configure these ACL we need to configure Time-Range and define time in that Time-Range. Time range are of two types  •    Absolute time-Range •    Periodic Time-Range Absolute Time-Range: In this duration of time is f... (more)

DEFAULT-ROUTING     We have configured 2 cisco routers R1 and R2 with statically assigned default route to reach to the network they don’t know   Configuration on cisco router for Default-Routing is as following: Router(config)#ip route 0.0.0.0 0.0.0.0 (next-hop ip address/exit interface-Id) Administrative Distance  Default-route has default Administrative Distance value as 1. So ... (more)