Rebooting core switches? Networking

---

• Rebooting core switches?
• What is the best way to document company network?
• Cisco DNAC Rant
• Do you give your loopbacks a description?
• Wireless roaming from Cisco to Aruba
• Commercial HTTPS proxies that allows inline HTTP payload modification?
• Network Services Billing tool/app/system
• Love your job but want to learn more?
• How to upload, maintain, & update Assets that cannot be on the network
• Can't apply firewall to WAN
• VLAN Identifying tool

Rebooting core switches? Posted: 02 Nov 2019 09:38 AM PDT Recently the server guy in my team has been proposing to reboot the 6509 core switches as a matter of practice in order to "clear stuff out". As of last night, core1 was up for two years, four months, and core2 has been up for seven years, five months. I'm not sure why there is a mis-match on the uptimes. Is this a good idea to perform a "maintenance" reboot just because? submitted by /u/Doogie312 [link] [comments]

What is the best way to document company network? Posted: 02 Nov 2019 09:32 AM PDT Hi fellow redditors, I am network engineer for one small company. Recently my company started growing very fast. Currently I document our network by drawing diagrams using draw.io. As our network becomes very complex, I wonder if there is a better solution? submitted by /u/Creator1995 [link] [comments]

Cisco DNAC Rant Posted: 02 Nov 2019 12:09 PM PDT Am I stupid? Or is this thing extremely stupid and non intuitive to set up? Every step of the process has been a pain in the ass. submitted by /u/SS324 [link] [comments]

Do you give your loopbacks a description? Posted: 01 Nov 2019 11:43 PM PDT Talking about loopback interfaces on routers. Do you add an interface description? If so what? I think this is one thing that has enough wiggle room to be unique and entertaining. The two we use are "INDEPENDENT_INTERFACE" and "I_AM_AN_INTERFACE_THAT_NEVER_GOES_DOWN" Hahahaha! Edit: I'm not looking for suggestions on what to call my loopbacks. I'm looking for the descriptions you give to yours. For entertainment. Nerd shit. submitted by /u/LarrBearLV [link] [comments]

Wireless roaming from Cisco to Aruba Posted: 02 Nov 2019 12:20 PM PDT We're starting to replace our Cisco wireless LAN with Aruba, starting with our new building that's finishing soon. There is a connecting hallway from older building, I'm wondering what happens when wireless clients move from Cisco network to Aruba. How smooth is the transition, if we drop the clients to same VLAN on the controller side and use the same RADIUS servers (Clearpass in our case) There are some special devices like some self driving forklifts that use wireless, not really sure though how they communicate. I can test this once the building completes but I'm curious if anyone has experiences with this. Is there something we could configure to make the roaming better? There are some 802 standards for roaming but I'm guessing those are used when the different wireless networks terminate to different IP subnets? Thanks for any ideas! submitted by /u/simosilakka [link] [comments]

Commercial HTTPS proxies that allows inline HTTP payload modification? Posted: 02 Nov 2019 03:57 PM PDT I need to modify the payload for a HTTP POST request to a particular HTTPS webapp. I've managed to do to it using a short Python script in mitmproxy, just to test things. However, I'm wondering which commercial MITM proxies allow you to modify HTTP request payloads inline? A lot of products seem to have their documentation and help articles behind paywalls/subscription only, which is actually quite frustrating when you're trying to evaluate things like this 🙁. PAN has an article on modifying headers but I don't see payloads mentioned. "HTTP Header Insertion and Modification" https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-new-features/app-id-features/http-header-insertion.html submitted by /u/victorhooi [link] [comments]

Network Services Billing tool/app/system Posted: 02 Nov 2019 09:11 AM PDT Our network getting bigger and bigger, my team would like to build an internal billing system to associate network resources usage to specific department or teams. For example, we provide centralized Internet to many location/offices, we would like to give visibility and eventually bill individual location based on their real usage. The idea would be to become a "carrier/isp" within our business. I know where/how to collect stats and/or usage data, but I've never worked to integrate this data into some sort of billing system. I'm beginning my exploration phase. I'll have to talk to internal teams (procurement/accounting) to know which app they use to bill other services (not network related). On the more technical side, I'm wondering where/how to store billing related data. First intuition is to simply use our network management platform data to collect information (stats, usage, etc), then to "push/pull" this data into a crunching system (calculate 95centile, calculate numbers of ports in use, consolidate/aggregate some data for redundant services, etc). Finally, this "crunched" data would go into a billing system and service/price would be associated to it. Any tips, ideas, experience with "network data" to "service billing" would be appreciated. submitted by /u/SalsaForte [link] [comments]

Love your job but want to learn more? Posted: 02 Nov 2019 02:47 PM PDT Does anyone else experience this with there career? I absolutely love my job. I'm an IT Manager and my boss is the CEO. However, the CEO is an Operations guy and has no IT experience. So it's tough for me to learn from someone who has experience in the field. I absolutely love what I do. I'm a jack of all trades type, the only IT guy in the company but I'm terrified of not being competitive in the market because I spent so much time riding this gravy train and not learning anything new? Most of my work nowadays is Project Management for software implementations. Just curious what ratio of folks in this sub have stayed where you were or had to venture out because you knew you needed more knowledge? submitted by /u/slamdeathmetals [link] [comments]

How to upload, maintain, & update Assets that cannot be on the network Posted: 02 Nov 2019 02:06 PM PDT BRIEF OVERVIEW Hi everyone, I have an issue. My company is trying to move its assets management data to Spiceworks. This was previously managed using an excel sheet. My company is an MSP and we are looking to also introduce this to our client tenants. Also, we would like to be able to monitor the inventory of the clients as well for documentation. OBSERVATION I have tested the Spiceworks asset manager, did a network scan of inventory and I have seen all the detailed goodness it can provide for managing devices that can be connected on the network, for example, printers, laptops, desktops, scanners, copiers, mobile phones, etc. PROBLEM But my problem is about devices that cannot be on the network, for example, physical tools, chairs, desks, appliances, cables, etc. and other stuff that are in an office but are not able to be put on the network. How are these managed in Spiceworks asset manager? QUESTIONS Is it possible to manage devices that are not connected to the network in Spiceworks asset manager? How do I upload these OUT-OF-NETWORK items to the database? how are these OUT-OF-NETWORK item records in the database updated and maintained? (for example, I want to state that this specific laptop disconnected from the network was upgraded from a 4gig ram to 8gig, or a vendor serviced an appliance on a given date and is due for servicing on another given date) Also, does this mean only one administrator gets to update the database for the various department's inventories that are in the company? or how do the various department have access to update the inventory for their various teams? If possible, how can this solution be deployed by an MSP to tenants and how can tenants' various department database assets be maintained both at their location and centrally from our company (the MSP)? If this cannot be achieved by Spiceworks, is there any solution to achieve what I'm asking for?? Any assistance available will be highly appreciated submitted by /u/Dhrayco [link] [comments]

Can't apply firewall to WAN Posted: 02 Nov 2019 09:15 AM PDT Hi, I've got an issue that I've been working on for a while that I was hoping someone could provide some insight on. We have google fiber and whenever I try to apply an ACL on the WAN interface I lose internet access. The WAN interface is DHCP, and I have the static IP on a subinterface and a couple of port forwards and a routed ipsec tunnel. Basically I'm trying to apply OUTSIDE_IN to GigabitEthernet0/0/1 via: ip access-group OUTSIDE_IN in Basically I just want a firewall on the WAN that only allows the port forwards and the IPSEC. I'm somewhat of a novice here and I really appreciate any insight. Happy to answer any questions. Here's the obfuscated config: crypto isakmp policy 26 encr 3des authentication pre-share group 2 crypto isakmp key KEY_IPSEC address IPSEC.PEER.IP.2 crypto ipsec transform-set EBIZ26 esp-3des esp-sha-hmac mode tunnel crypto map EBIZ local-address GigabitEthernet0/0/1.1 crypto map EBIZ 26 ipsec-isakmp set peer IPSEC.PEER.IP.2 set transform-set EBIZ26 set pfs group2 match address ACCESS_LIST_IPSEC interface GigabitEthernet0/0/1 ip address dhcp no ip unreachables ip nat outside negotiation auto crypto map EBIZ interface GigabitEthernet0/0/1.1 encapsulation dot1Q 20 ip address WAN.IP.ROUTING.178 255.255.255.248 ip access-group OUTSIDE_IN in crypto map EBIZ interface Vlan1 ip address 10.45.0.7 255.255.255.0 ip nat inside ip nat pool inside_pool WAN.IP.ROUTING.178 WAN.IP.ROUTING.178 netmask 255.255.255.248 ip nat pool outside_pool 10.45.0.1 10.45.0.254 prefix-length 24 ip nat inside source static tcp 10.45.0.90 80 WAN.IP.ROUTING.179 80 extendable ip nat inside source static tcp 10.45.0.90 443 WAN.IP.ROUTING.179 443 extendable ip nat inside source static tcp 10.45.0.90 943 WAN.IP.ROUTING.179 943 extendable ip nat inside source static tcp 10.45.0.2 1192 WAN.IP.ROUTING.179 1192 extendable ip nat inside source static udp 10.45.0.90 1194 WAN.IP.ROUTING.179 1194 extendable ip nat inside source list NAT-SOURCE-NETS pool inside_pool overload ip forward-protocol nd ip http server ip http authentication local ip http secure-server ip route 192.168.200.0 255.255.255.0 10.45.0.1 ip access-list standard NAT-DEST-NETS permit WAN.IP.ROUTING.178 ip access-list standard NAT-SOURCE-NETS permit 10.45.0.0 0.0.0.255 ip access-list extended EBIZ26 permit ip host 136.40.199.178 host 144.160.96.131 ip access-list extended ACCESS_LIST_IPSEC permit ip host WAN.IP.ROUTING.178 x.x.0.0 0.0.255.255 permit ip host WAN.IP.ROUTING.178 x.x.0.0 0.0.255.255 permit ip host WAN.IP.ROUTING.178 x.6.0.0 0.0.255.255 permit ip host WAN.IP.ROUTING.178 x.8.0.0 0.0.255.255 permit ip host WAN.IP.ROUTING.178 x.9.0.0 0.0.255.255 ... Continues for about 20 lines ... ip access-list extended OUTSIDE_IN permit ip host IPSEC.PEER.IP.1 any permit ip host IPSEC.PEER.IP.2 any permit ip object-group fiber_subnet any permit ip any host 10.45.0.90 submitted by /u/Dillydally42 [link] [comments]

VLAN Identifying tool Posted: 01 Nov 2019 04:26 PM PDT I am looking for an inexpensive tool that will identify what VLANs are tagged on specific switch ports. I know fluke makes some, but they're also kind of pricey. If it could identify if it had POE that would be cool too, but it's not a necessity. I've dealt with too many networks where I need to know what VLAN information I am receiving for my equipment, but the IT teams are not helpful or have things configured incorrectly. submitted by /u/ACombs35 [link] [comments]

You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States