Protocol-level deep dives — BGP, RPKI, DNS, DNSSEC, MTU, hijacks, and the operations side of running networks at scale.
Network engineering teams have always had a diagram problem. Lucidchart solves a lot of it — here's what it does well, where it fits in real workflows, and the honest limitations you should know going in.
Most online MTU calculators stop at 'GRE adds 24 bytes.' Real networks stack encapsulations — VXLAN over IPsec, GRE over IPsec, MPLS-then-VXLAN — and need the actual adjust-mss command for the device you're configuring. So I built one that does both.
A comprehensive guide to prefix-lists and route-maps in Cisco BGP — what they do, how they differ from ACLs, when to use each, and practical configurations for inbound/outbound BGP policy.
Everything you need to know about Autonomous System Numbers — what an AS is, the difference between public and private ASNs, how they work in BGP, 2-byte vs 4-byte ASNs, how to look one up, and the process for getting your own.
A deep dive into Bidirectional Forwarding Detection — why BGP's default failure detection is dangerously slow, how BFD provides sub-second link failure detection, and how to configure it on Cisco IOS-XE, IOS-XR, and NX-OS.
How a 2018 BGP hijack redirected Amazon Route 53 traffic, harvested private keys from MyEtherWallet users, and stole $152K in Ethereum — BGP and DNS weaknesses chained.
How a government censorship order, a leaked more-specific route, and one upstream provider that didn't filter turned into a global internet outage that took YouTube offline for nearly two hours in 2008 — and what it proved about BGP's fundamental trust problem.
A complete breakdown of all five BGP EVPN route types defined in RFC 7432 and RFC 8365 — what information each carries, when each is generated, and how they work together to build a VXLAN fabric.
A deep technical breakdown of VXLAN EVPN — what the underlay and overlay are, how VTEPs encapsulate traffic, why BGP replaced flood-and-learn, and how symmetric IRB enables Layer 3 routing across the fabric.
A look at why organizations are moving away from Cisco ACI toward NX-OS VXLAN EVPN managed by Nexus Dashboard — the operational, strategic, and market forces driving this shift in 2025 and 2026.
A breakdown of every Cisco-supported physical hardware option for Nexus Dashboard 4.2 — from the legacy SE-NODE-G2 to the current-generation G5L and G5S — with specs, NICs, and cabling guidance.
The DNS and NTP requirements for Nexus Dashboard 4.2 are strict. Get them wrong and your cluster won't deploy — or worse, it'll deploy and fail unpredictably later.
Understanding Nexus Dashboard's two-network design, persistent IP addresses, BGP configuration for L3 deployments, and required firewall ports for ND 4.2.
A complete walkthrough of deploying a 3-node Nexus Dashboard 4.2 cluster using VMware vCenter — from OVA download to cluster bringup.
Everything you need to know before deploying Nexus Dashboard 4.2 in VMware ESX — node profiles, hardware requirements, storage specs, and critical restrictions.
BGP was built for trust, not security. RPKI fixes that by cryptographically validating route origins — here's how to deploy it on Cisco IOS-XE, IOS-XR, and NX-OS.
A breakdown of the latest DDoS trends — record-breaking volumetric attacks, HTTP/2 exploits, and how AI is shifting both offense and defense.
How AI is transforming threat detection, anomaly identification, and automated response in modern network security operations.
A practical guide to Nexus Dashboard — what it is, how it replaces DCNM, and how to get the most out of its multi-site visibility features.
