Blogpost Friday! Networking |
- Blogpost Friday!
- Possible fiber cut on the east coast?
- ��Old MAC donald had a route. E I G R P��
- Whats the biggest outage you've caused by accident? What was the fallout?
- Cisco 4451 Crashes and High Memory Usage
- Lightning to Cisco serial cable
- Multicast /Unicast device
- Migrating to cloud-based VOIP
- Cisco meraki
- Cisco Switch Access Limiting
- Learning DWDM
- Openvpn Bridge - can connect but no LAN or WAN
- Sub for DC-type questions?
- Cisco ASA L2L VPN - Phase 1 and 2 up with encaps/encrypts. No decaps or decrypts.
- Power supply of IE4000 needed?
- Mikrotik MPLS Sanity Check
- Something is printing to a particular IP on my network - need help tracking it down
- DevOps: To CI/CD, or not to CI/CD?
- Help with ASA ACL
- EVE-NG Interfaces not lining up
- Need to know the physical location of this host (to reduce latency)- 13.107.136.9
- Need help with Luxul XBR-4400
| Posted: 28 Jun 2018 05:16 PM PDT It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts Feel free to submit your blog post and as well a nice description to this thread. [link] [comments]  |
| Possible fiber cut on the east coast? Posted: 29 Jun 2018 10:22 AM PDT We're getting a lot of outage reports all over. Seems to be a big one. Edit: [link] [comments]  |
| ��Old MAC donald had a route. E I G R P�� Posted: 29 Jun 2018 12:03 PM PDT |
| Whats the biggest outage you've caused by accident? What was the fallout? Posted: 28 Jun 2018 06:54 PM PDT I was working with a customer who was having speed/duplex issues on thier ASA. It was a duplex issue that I just could not get to go full. So I decided maybe the port was bad so I was going to move the outside interface to another port. So I said "no nameif Outside" on the original port and planned to the add nameif to another port. What I did to know was when I deleted the nameif it wiped out all config that was associated to that name. Then when things didn't work I saved and rebooted. I have no idea why I saved before rebooting because that's what really screwed me. I had no backups and to make matters worse was that this was the hub of the business with 17 VPN spokes. I stayed up until 5am reconfiguring this thing while the IT guy from the business slept on the couch. Luckily the ACLs were fairly simple and I knew the environment well enough that I could rebuild with whatever documentation I did have. I got it mostly up and running before the place opened for business and nothing was ever said about it. [link] [comments]  |
| Cisco 4451 Crashes and High Memory Usage Posted: 29 Jun 2018 09:42 AM PDT Hi all, I've got a bit of an issue with my routers. Every few days lately, the routers will reboot. I was SSH'd into one that was acting up and the CLI was very slow and unresponsive. I sent a show command, and it crashed. When it came back the CLI was behaving normally. For all I can gather, I think this is memory related, but I'm not sure what is using all of the memory. show platform software status control-processor brief shows that Committed memory is at 94% right after boot and it stays there. Any ideas? [link] [comments]  |
| Lightning to Cisco serial cable Posted: 29 Jun 2018 03:39 PM PDT I have read, what I think to be, all the do-it-yourself builds for making an iDevice to cisco console cable. There are a few commercial products out there for $70+ that do the trick, but also some dated how-to's for under 10$. Has anyone had any luck creating an updated lightning to Cisco console cable? Mini RS232 - TTL Converter Module Board Adapter MAX3232 looks to be the main item needed, along with the lighting and rollover cable, and possibly a single resistor. Let me know! I would like to give it a shot. Also can't determine whether the iDevice needs to be jailbroken or not. If it does, how do the commercial versions of this solution get around that? [link] [comments]  |
| Posted: 29 Jun 2018 12:50 PM PDT We have a device that needs to communicate with it's other peers via multicast at bldg A,they are all on the same Cisco 4500 blade on the same vlan. This same device also needs to communicate with a server in a different vlan on a different vlan via unicast/tcp in Bldg B. With this set up in mind I did not enable multicast on the interface vlan at bldg A b/c they are all on the same vlan. The vendor confirmed they could all talk to each other. We came back to Bldg B to set up the server and it and the primary device at bldg A could not communicate via unicast. I tested from Bldg B and could not ping the devices at A. I logged into the switch in Bldg A that they are directly connected to and was able to ping the devices. Once I did that they were reachable from Bldg B for about a minute then they would stop replying again. This was the case every time I pinged local to the devices. Finally I enabled PIM sparse-dense-mode on the interface vlan these multicast devices shared at Bldg A and they were pingable, the server could communicate with it's unicast TCP traffic. WTF? Multicast configuration should have no bearing on ICMP or unicast traffic. Why did this make a difference? [link] [comments]  |
| Posted: 29 Jun 2018 12:48 PM PDT We are migrating from an on-prem PBX system to a cloud-based VOIP system and we are hesitant to do a number port initially as we are concerned there could be issues and we want the ability to easily roll back. Assuming everything goes well and there are no issues, we would port our numbers over weeks later. We have around 500 DIDs, most of which are assigned to user stations. What creative options might there be to accomplish this? [link] [comments]  |
| Posted: 29 Jun 2018 11:44 AM PDT I've recently bought 1 Cisco meraki switch and 4 Access points. I can't register them on my account because the serial numbers are all still in use. Is there anything I can do? [link] [comments]  |
| Posted: 29 Jun 2018 10:53 AM PDT I work at a large company with a small IT Shop (surprise surprise). I have fellow non-networking team members that need the ability to clear port sec stick MACs and also shut/no shut interfaces. I am not seeing an easy way of setting this up. I do not want to give them access to change any configs at all. This is purely for clearing port-security. I have researched but am unable to find a Cisco or 3rd party solution. Thanks for the help! [link] [comments]  |
| Posted: 28 Jun 2018 08:18 PM PDT I work for an MSO in the NOC and have been working mostly with local market transport with limited exposure to DWDM. Due to staffing changes, I found out that I have a month to learn the role of our backbone transport guys that work almost exclusively DWDM and take on those responsibilities. I will have side-by-side training on the job during that time where they can cover vendor specific things (how to check for issues on certain platforms); however, I would like to find a resource to educate myself on DWDM that is not vendor-specific. More detail on how it works and common terminology to get a jump start on all of this. Do any of you experienced DWDM engineers/technicians have recommendations for resources to get extra information? [link] [comments]  |
| Openvpn Bridge - can connect but no LAN or WAN Posted: 29 Jun 2018 10:03 AM PDT Hello, I have had a routed openvpn server running for some time. I am trying to set up a bridged connection so that my vpn will be on the same subnet. I have the following config file for the server. When I try and connect, I can, it will successfully do it. But I have no internet connection, local vpn connection. I also cannot ping the VPN sever. Please could I have a hand?! What else do you need to see? VPN IP: 10.0.1.4 Subnet: 255.255.254.0 Gateway: 10.0.0.1
[link] [comments]  |
| Posted: 29 Jun 2018 08:10 AM PDT Sorry for the off-topic post here, but I'm curious if there is a sub on reddit that covers questions for racks, power, and datacenter equipment. thanks in advance! [link] [comments]  |
| Cisco ASA L2L VPN - Phase 1 and 2 up with encaps/encrypts. No decaps or decrypts. Posted: 29 Jun 2018 07:48 AM PDT New VPN setup where we are running into an issue where phase 1 and phase 2 tunnels come up. No traffic is flowing through from either direction. This is between an ASA5505 and an Azure VPN Gateway. I have tried checking some crypto debugs and checking the logs but nothing stands out as an issue. Shows phase 1 and phase 2 coming up without a problem. Here is a show crypto ipsec sa https://i.imgur.com/u4liShp.png Here are the relevant crypto config commands I will note this was up and running. AnyConnect was setup with the ASDM wizard on this ASA5505 which was verified that the IPsec VPN was still up and running without issue and AnyConnect access was working as expected. Some time after this seemed to have stopped working. What I have verified:
Any thoughts? [link] [comments]  |
| Power supply of IE4000 needed? Posted: 29 Jun 2018 01:36 AM PDT Hi Guys, I have some queries in relation to the Cisco IE 4000 switch. At the moment we are ordering the following units. IE-4000 - 4GC4GP4G-E Switches. Along with the PWR-IE170W- PC-DC= power supply. Current spec HERE
These units are being deployed underground.
My question is this. The power supplies function seems to be to take between DC 12-54 V and convert it to 54VDC/3.15 Amps. Is it possible that if the electricians can supply the switch directly with the 54VDC, that we could simply not need the power supply? This would be a savings of about $1300 a cabinet? Do these power supplies provide more than just converting the input to the required output? Do they do any power smoothing or any other functions i might be missing? We do require the full POE budget as it is foreseeable that cameras and Ap's will be utilising these switches at some point?
I also have a question about the current setup , since it's been installed.
We have both power connections going from the switch A & B , to the same powersupply. Is this the correct setup ? or is it more designed that the A\B switch connections are to be fed from a completely separate power supply \circuit? See Photo Mounted in cabinet HERE
Thanks for reading [link] [comments]  |
| Posted: 29 Jun 2018 05:07 AM PDT Could we get a sanity check on our config? We have our Core router CCR1072 with a 10Gb uplink to the internet (sfp-sfpplus1 vlan 803) . We have a 1GB fiber connection from the Core router (sfp-sfpplus3 vlan 3000) to SW1 CRS112 (ether1 vlan 3000). We then have a wireless Ubiquiti rocket AC lite link between SW1 (ether2) and SW2 CRS112 (ether1). The fiber link has a max MTU of 8900. The wireless link has a max MTU of 2024. We set the different interfaces on the Mikrotik router and switches to the max MTU supported by that link. Download speeds before MPLS configuration was around 500Mb down at SW1 and 200Mb at SW2. After MPLS it dropped to 90Mb at both SW1 and SW2. We are eventually wanting to setup redundant wireless links and expand MPLS out to our other towers. We are not seeing any errors on any devices. We did try disabling MPLS on SW1 and the Core with no improvement in download speed. Also, using a VPLS tunnel instead of a EoOP tunnel resulted in slower speeds. Upon further research, It looks like the tutorial I read that recommended changing MTU to the max supported by the backhauls may not have been correct. Or at least it should not have had me set all the MTUs the same. Could this be the issue? Core1 SW1 SW2 [link] [comments]  |
| Something is printing to a particular IP on my network - need help tracking it down Posted: 29 Jun 2018 08:23 AM PDT |
| DevOps: To CI/CD, or not to CI/CD? Posted: 28 Jun 2018 11:49 PM PDT I'm setting up a virtual machine to do some management/monitoring tasks, and I'm using Docker to containerize everything, so extensibility is preserved. When it's all said and done, I'll have extra resources I can put to use. Which leads me to the question of DevOps: Should I implement a CI/CD system to our network? (about 300 devices in a handful of locations, all within a few miles of one another) I've heard good things about Travis, and I'm considering self-hosted GitLab as well. I don't think either will integrate into LibreNMS or Oxidized, so that question is moot. If I'm already using LibreNMS with Oxidized, is it worth it to implement a DevOps-style CI/CD system into the mix? Would that be duplicating or conflicting with those two applications I mentioned or DNA Center? Would it still be worth it as a resume builder? What's your take more broadly on the DevOps movement as it relates to networking. Where do you see this all going, and why? [link] [comments]  |
| Posted: 29 Jun 2018 12:31 AM PDT I'm working on a migration from ASA to FortiGate 60E. Currently moving the ACL's. If there is an ACL like this: access-list HACK_access_in extended permit object-group DM_INLINE_PROTOCOL_5 X.X.X.X 255.255.255.0 any4 And if I look at the assigned interfaces: access-group outside_access in interface outside access-group LAN_access_in in interface LAN access-group PRIV_access_in in interface PRIV access-group CloudMgmt_access_in in interface CloudMgmt access-group CloudExt_access_in in interface CloudExt access-group dev_network_access_in in interface DevNetwork access-group dev_network_access_out out interface DevNetwork access-group Visitor_access_in in interface Visitor access-group global_access global It isn't there, so it means that the ACL is not in use? I understand that if you want to apply an ACL on all inbound connections, you use global ACL's, but this isn't one, right? I'm probably having massive brainfart right now, but I just can't remember this. [link] [comments]  |
| EVE-NG Interfaces not lining up Posted: 28 Jun 2018 06:24 PM PDT I will add two nodes to my lab, connect eth0 to eth0 and start the nodes. I add IP addresses to eth0 on both sides and try to ping across unsuccessfully. Then I try putting the IP address on the other ports until I can ping across. In essence, the connection may say eth0 to eth0 but really its eth0 to eth6, for example. I have ran into this problem with multiple qemu images (Mikrotik, Alcatel). Any thoughts on this and how I can correct this, would be great. [link] [comments]  |
| Need to know the physical location of this host (to reduce latency)- 13.107.136.9 Posted: 28 Jun 2018 09:33 PM PDT 13.107.136.9 I am using office 365 but am having latency issues with the onedrive server assigned to my account. I have found pinging from the East Coast of the USA gives me the best results, but if I could figure out where the datacenter is, I could host a VM there permanently and get much better results. Thanks in advance for your help! 13.107.136.9 is the host IP [link] [comments]  |
| Posted: 28 Jun 2018 04:11 PM PDT I bought a Luxul XBR-4400 off someone on eBay as it was advertised as a "commercial grade multi-WAN gigabit router". As I started to poke around the device I saw it had an open SSH port that I couldn't turn off through the GUI. Luxul support told me they wouldn't help me because the seller sold it to me "illegally", to which I had a few responses. ;-) I'm a bit more motivated after that "customer support" experience to see if I can find a way into the device to reprogram it beyond what the GUI will allow, including disabling SSH and seeing if it might possibly work with OpnSense or similar. There is no serial or monitor port on the device, but there is a spot for a 4 pin header which I'm assuming to be a serial interface. Does anyone have any technical information on this device and know if it can be reprogrammed? Google didn't help me on this one other than regular user manuals. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment