Network Certifications Networking

---

• Network Certifications
• In our tests Docker only lags 5% in performance while paired with HAProxy makes our bidders 50% slower, any clue why ?
• Why can't I VPN/RDP to this PC?
• Is it possible to maintain a record of all the devices that connect to my router?
• 802.1X on virtual machines
• Avaya VSP7254 default MTU 9216??
• Using Bluecoat with ICAP to OPSWAT and Download Speed Drop to ZERO
• Noob question
• DHCP Relay Assistance Please
• Brainstorming on a possible PBX/PRI problem and could use some help...
• Quick question about sessions.
• Is there a SSL cert serial number database?
• DHCP help (Portable setup)
• Anyone get a "Confirm your Cisco Account" email recently?

Network Certifications Posted: 30 Jun 2018 07:53 AM PDT Hi all, I'm a tier 3 linux admin by heart but I've been with the current company since it was 23 employees. Since then, we have grown to almost 200 in the past 1.5 years. I have been self-teaching the entire way through about implementing QoS (still having a hard time here), teaching myself how to setup VLANs, etc. Right now (because of me) we have a lot of Ubiquiti edgerouters and edgeswitches across a few sites that I have linked to an OpenVPN server in "the cloud" (or the butt?). I need to get some network certifications under my belt due to projected expansion. My issue is that I could go for CCNA then CCNP, but these are Cisco certifications so I am unsure of how beneficial these would be in this situation as we do not currently use any Cisco gear. What would be the CCNA and CCNP equivalent of non-Cisco gear? Should I do CCNA and CCNP, anyways? submitted by /u/amperages [link] [comments]

In our tests Docker only lags 5% in performance while paired with HAProxy makes our bidders 50% slower, any clue why ? Posted: 30 Jun 2018 02:57 PM PDT https://github.com/venediktov/vanilla-rtb/tree/master/docker_swarm More details besides README on GitHub. Our bidders use persistent connections, we configured HAProxy to use http-keep-alive , without http-keep-alive it runs even slower. We disabled docker mesh routing and added HAProxy due to mesh dropping connections to our bidders . Btw, Traefik proxy runs even slower then HAProxy. Here are the numbers on my machine 22K QPS single bidder response outside of docker 20K QPS single bidder response in docker 5K QPS with HAProxy + 1 bidder in docker , HAProxy is part of swarm but mesh routing to HAProxy is disabled 2.5K QPS with Traefik proxy with 1 bidder behind proxy , swarm mesh is disabled , sticky session in traefik enabled Tested HAProxy outside of docker talking directly to bidder running outside of docker too - 7K QPS QPS - Queries Per Second submitted by /u/vanilla-rtb [link] [comments]

Why can't I VPN/RDP to this PC? Posted: 30 Jun 2018 10:58 AM PDT Hello, Okay, so I only have a few months here at this new site. This cubical has like 3 computers and two users. One day, I was trying to setup a new intern on this unoccupied desktop and I couldn't sign in with my credentials. I figured that this PC had a bad network configuration and so I called someone that new the credentials to the local admin account. The computer was in fact on a separate VLAN(.30) than everyone else(.10). However, we didn't know why since it shouldn't have been. We have all the PCs going to Cisco switches to a Cisco ASA. After simply turning the NIC off and on, it got on the right VLAN. I don't have the credentials to the switch. This PC I am currently having issues with is in that cubical and in the wrong VLAN and we cannot RDP to it when we use the VPN. I can VPN, RDP to a different PC and RDP to that PC. It's kind of strange, I don't see why I can't RDP to this PC. I can assume that it's a firewall issue but what configuration is doing this? submitted by /u/OswaldoLN [link] [comments]

Is it possible to maintain a record of all the devices that connect to my router? Posted: 30 Jun 2018 02:17 PM PDT Total noob in networking here. I wanna make sure I know who logs onto my router (and preferably when), and save it in a file, for security reasons. I know I can look at the currently connected devices MAC addresses in the router menu, but is there a way to automatically collect this data and maintain a record of it? With some program maybe? Sorry if I violated sub's rules. submitted by /u/Lursmani1 [link] [comments]

802.1X on virtual machines Posted: 30 Jun 2018 08:08 AM PDT Is it possible to lab 802.1X authentication using virtual machines? For example to create virtual WLAN or use something like OVS to connect virtual machines and try "wired 802.1x"? I saw an Aruba Clearpass workshop video where the instructor used virtual machines on ESX and got me wondering. Using passthrough USB WLAN dongle would probably work but you'd still need physical AP for that. submitted by /u/simosilakka [link] [comments]

Avaya VSP7254 default MTU 9216?? Posted: 30 Jun 2018 10:36 AM PDT Hi, I was looking more into the use of jumbo frames, and it's pretty obvious it should only be used with internal storage. Now, I also read that in your LAN all your devices should support jumbo frames before you enable it anywhere. Because when enabled on your router, but disabled on your L2 switches you could have lots of issues with retransmissions etc. Is this information correct?? Second of all, why does an Avaya VSP7254 (for example), have MTU default set to 9216? Shouldn't it be set to ~1500 to avoid network performance decreasing? Thanks for the information. submitted by /u/TheAffinity [link] [comments]

Using Bluecoat with ICAP to OPSWAT and Download Speed Drop to ZERO Posted: 30 Jun 2018 10:26 AM PDT OKAY..So I am not getting anywhere with this, might as well add it here. We use bluecoat proxies with ICAP to OPSWAT AV scanning, adding to it, we have packet brokers inline which transfer everything to the Cisco IPS. Recently we upgraded to OPSWAT v4 from v3, and now out of nowhere when downloading files in the +1GB range we notice the speed starts fluctuating, reaching 0 and then coming backup. This happens multiple times, and eventually if it doesn't come up, the download simply dies with a "Network error" in the browser. At times though even with fluctuation it makes it and the download completes. Thoughts please.. submitted by /u/thenetworkking [link] [comments]

Noob question Posted: 30 Jun 2018 03:39 PM PDT Can you explain like I'm 5 what a "commodity Internet" and Internet 2 are? I am familiar with NIPRNet and to me Internet 2 another restricted backbone network. Am I right compare this to NIPRNet? Is the commodity Internet the same thing? submitted by /u/pingmanping [link] [comments]

DHCP Relay Assistance Please Posted: 30 Jun 2018 01:39 PM PDT Imagine the topology of my network as this: hosts --> layer 2 --> core switch --Layer3--> firepower box --Layer3--- > DHCP server. Originally the firepower box was a pair of 5580's, and I've migrated them to firepower firewalls. Works fine. However, I was reviewing my config tonight (3 weeks after my migration) and I realised I had forgot to put DHCP relay config on the firepower boxes. YET, the DHCP service is issuing new IP's without issue. This has just defied my logic of how DHCP relay works. Currently the core switches have a DHCP relay configured to point at the DHCP server. But the firepower box has 0 DHCP relay config. I thought all layer 3 devices in the transit path towards the DHCP server required a relay agent. Is this not the case? What magic is happening here. submitted by /u/sg4rb0sss [link] [comments]

Brainstorming on a possible PBX/PRI problem and could use some help... Posted: 29 Jun 2018 07:39 PM PDT Hey everyone! I'm not really looking for solutions on this, I just want to make sure my troubleshooting....thought process...is correct. So we have an old Toshiba CTX100 at one of our remote sites. The phone system has been having significant problems as of lately and I am completely out of ideas as what else to try. I am not a VOIP person at all BTW. The phones in the office can find the PBX and connect to it without a problem. They are on their own VLAN with QoS. The network is very simple... two VLANs: voice and data... Gigabit ethernet Cisco 2960 switch with PoE. Switch is working fine. No changes have been made to the network, or the PBX at all. Here is the issue... Phone calls are randomly dropped. They are not disconnected, just audio drops. Also, when you hang up on the outside, the phone does not terminate the call (not a big deal) Here is what I know so far... Can ping PBX Can ping Phone PBX sees phone Phone sees PBX Phone and PBX both see VM server on a separate subnet/VLAN (I know that ACL's are fine.) Phone has dial tone, can dial out local and limited long distance Can dial from outside to phone with no issue. I was able to call in from my cell and maintain a connection for at least 20 mintues. (I had a timer and just let it keep going while I was reading about the PBX). I was also able to do the opposite, and maintained a call for the same amount of time. I did experience random dropouts though, but I do not think they are the providers fault We have a PRI line, but like I said I think the line is fine. We have a school next door with the exact same setup and no issues, with the same provider (though not on same phone circuit, same WAN circuit). Internal calls (extension to extension) are having the same problem I checked the cabling and it was fine I checked for known service outages and there were none. My suspicion is that the line cards in the PBX are failing. It is an older system... I think 10+ years old, so we are not to crazy about supporting it. The office will be vacant in a month so we are trying to build a case to forget about it. Is there anything I am missing though? I hate VOIP with a passion, unless it is Alworx, AVAYA, or Cisco. I can handle those... submitted by /u/Machinica [link] [comments]

Quick question about sessions. Posted: 29 Jun 2018 08:26 PM PDT From time to time at my job I have to investigate some security events on a firewall. I was discussing session DoS attacks with a colleague when he stated that you only need one packet / in one direction to establish a session with a edge device thus overwhelming a device with a large amount of sessions is easy. I figured the edge device has to acknowledge it some how. I am now curious I guess about the requirements of starting a session and how a device decides to close them? Just session timers or is there more to it? Is he even right? I did some digging but could not find anything this specific online. Anyone care to chime in? Thanks! submitted by /u/Pumpkinb0y [link] [comments]

Is there a SSL cert serial number database? Posted: 29 Jun 2018 09:50 PM PDT I've came across a suspicious SSL certificate which I suspect is backdated. Is there a database of all issued certificate which I can search using the serial number and figure out when it was issued? I've heard that after the whole WoSign controversy, key players have created a database which CA has to update daily or something. If that's true, can you point me in the right direction? Thank you! submitted by /u/pikru [link] [comments]

DHCP help (Portable setup) Posted: 29 Jun 2018 09:41 PM PDT I hope this is the appropriate place for this. Feel free to send me elsewhere if not. Basically I'm building a case for SAR usage that has a SFF PC, screen, radio stuff and a router in it. The basic idea is I can put it on a table and start working. We don't generally have internet or networking gear initially (we might be based in a woodshed or rugby clubrooms) but as resources arrive we get better infrastructure or on the odd occasion, we operate from somewhere with networking infrastructure existing. The logging software we use is all networked to a database server on one of the computers so it can run without internet, however internet is preferable. Because of the maybe/maybe not aspect of being connected to external networks, I'd like to have the DHCP server enabled on the router in my case but don't want to run the risk of DHCP foul ups when externally connected. Has anyone got any bright ideas? Set my case to a different subnet with DHCP and use the gateway address of the other router for internet? Plug the other router into the WAN port of my router? I know just enough to be dangerous here!! Thanks submitted by /u/falcon5nz [link] [comments]

Anyone get a "Confirm your Cisco Account" email recently? Posted: 29 Jun 2018 06:55 PM PDT I got an email today with the text "Due to Cisco's security policy, we must ask you to confirm your Cisco Account information every year. Otherwise, you may not be able to obtain Cisco services.". I've had a Cisco account for nearly 20 years and this is the first email like this I've ever seen. Seems like a phishing attempt. Confirm? submitted by /u/jimboni [link] [comments]

You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States