MSP is slackin! Need SNMP help. Networking |
- MSP is slackin! Need SNMP help.
- Just had my first zero-touch zero-downtime automated ASA HA pair upgrade!
- Any Networking jokes around here?
- Networks TAPs, optical to copper vs optical to optical
- Verizon SIP requires VPN and public IP range?
- I need to bring in a wireless consultant, what to look for/ask?
- Fiberstore FSOS S8050 switch
- What's your method of stress testing a circuit (INTERNET)
- Options when migrating to the cloud.
- Basic Network Setup
- Weird port security behavior
- Is it ok to just keep using Paramiko?
- Internet egress in cloud?
- How do you guys handle Active/Passive Firewalls at two sites?
- Can anyone explain what a SAM IP is?
- Question - How do I get the best performance out of my Wireless network?
- Customer called me and asked if it's really possible that his network could be hacked through the Fax..
- "Its not an issue with the network"
- Fiber between Ubiquiti and HPE
- Cat 6 Connector ID
| MSP is slackin! Need SNMP help. Posted: 28 Aug 2018 11:21 AM PDT So just got this gig 3 weeks ago, only network engineer on staff and i'm cowboying it one day at a time learning on the job. Still haven't broken anything... yet. We only have lansweeper for asset management, no nms. The msp has been responsible for most monitoring but they are slow to react, slow to communicate, etc. I want to implement an nms along-side of theirs so I can do my job. If I start messing around with SNMP config on devices will it interfere with their configs. Is there a way to run seperate SNMP systems or commands? Any advice/direction is greatly appreciated! Thank you. [link] [comments]  |
| Just had my first zero-touch zero-downtime automated ASA HA pair upgrade! Posted: 27 Aug 2018 10:52 PM PDT I am of course aware that Kirk Byers has a tutorial for a zero-touch ASA upgrade, however we run exclusively HA pairs and I wanted a production ready way to upgrade my remote pairs with zero touch and zero downtime. Additionally, my scripts use NetBox as a backend data source and notify me via Microsoft Teams when taking action. I've been playing with my lab 5515-X pair for the last several days and today scheduled my Corporate pair (the hub for my 30+ sites) and a remote site simply because they run AnyConnect and needed to be upgraded for a vulnerability. Where before I would have scheduled one site per night I'll now be able to schedule all remaining sites in one night and just watch them work. Moving forward this allows me to be more consistent and timely with upgrading. Future improvments will have a web interface from which you can schedule uploads/upgrades and view the current status of jobs, but that's once I get a better understanding of Flask and can figure out non-blocking asynchronous celery sticks, or something. At this time they're simple Python scripts that run in Docker containers, one for uploads and one for the upgrade process alone. A simple shell script allows me to run the containers with a single simple command and some parameters (pair hostname+version). In this case I just scheduled a cron job to run each job. Of course my upload container is separated from the upgrade and intended to be run ahead of time. The upload script does a lot of hoopla but ultimately just uploads via SCP. The upgrade process takes the following steps:
My try/excepts ensure if there's any issues I get a failure Teams message instead of the completion one, and as a last resort my containers all have the hostname appended to their name so I can review the logs if something goes horribly, horribly wrong. Here's my logging snippet.
Next one in 10 minutes! [link] [comments]  |
| Any Networking jokes around here? Posted: 28 Aug 2018 04:42 AM PDT A BGP Update walks into a CRS-1. He walks back out with a corrupt optional transitive attribute. [link] [comments]  |
| Networks TAPs, optical to copper vs optical to optical Posted: 28 Aug 2018 01:59 PM PDT We are looking to tap a fiber connection and it looks like we have two options. Media is LX with LC connectors. Option 1 keeps the connection 100% optical, so the tap doesn't even require power. The split ratio is a new concept to me, and it looks each ratio has a different physical device model number. We'll have to install a fiber NIC in our monitoring server though, a small but extra step. Equipment for option 1: http://www.nextgigsystems.com/net_optics/GigaBit_LC_Fiber_Tap.html Option 2 would be converting the media to copper, which looks like it does a 50/50 split ratio on the optical signal. Our monitoring server already has the copper RJ45 NICs available, obviously. Equipment for option 2: http://www.nextgigsystems.com/net_optics/GigaBit_LX_to_TX_Tap.html All things being equal, what TAP equipment is generally preferred? Is media conversion a potential downside in any way? [link] [comments]  |
| Verizon SIP requires VPN and public IP range? Posted: 28 Aug 2018 11:46 AM PDT I'm at the beginnings of a project to migrate a call platform over to our network and have come across a weird one. One of the SIP carriers is Verizon, there is a p2p link between Verizon and one of our routers, with a vpn pointing towards verizon(not at the p2p ip, just routed towards them), and the LAN subnet associated with this setup is a public range, assigned by Verizon, but not routable over the internet. I've never seen this before and have scheduled a call with Verizon for the end of the week to see why we have it set up this way. Anyone seen similar before? I've never seen VPN's pointing to a sip endpoint when on a private circuit, and definitely never been told we have to use their ip range on the lan [link] [comments]  |
| I need to bring in a wireless consultant, what to look for/ask? Posted: 28 Aug 2018 08:03 AM PDT I don't have much time to invest in addressing some of the odd issues we have with wireless in our corporate office, so I want to bring in some outside help. This will be for two single story buildings, around 12k sq ft each. Client load is low, mostly personal devices (phones), only handful of laptops. 35-50 device average in one building and 15-20 device average in the other. Obviously need a site survey. Never had one, this has always been "throw up some APs and go". Want to design solution around new gear We were using Meraki MR32's originally and dumped those (due to firmware bugs) to Ubiquiti UAP-AC-Pro's for a cheap alternative as it was intended to be somewhat "throw away" once we could do things the right one. I figure go Aruba or Ruckus if I'm starting fresh, or go back to Meraki. Anyway, what should I look for and ask when finding a consultant for this? What would be norm for the site survey itself? What would you say might be a fair cost on the professional services for actual implementation (full gear config and tuning) on something at this size? Lastly, if anyone has some trusted names/companies in the Chicagoland area they want to throw my way, please do. [link] [comments]  |
| Posted: 28 Aug 2018 12:55 PM PDT Anyone using Fiberstore's S8050 switch or really familiar with Arista EOS? (Apparently Fiberstore's FSOS was modeled after Arista EOS). I've never worked with Arista gear. I have a Fiberstore S8050 switch. The switch has four 1G/10G SFP+ ports, twenty 40G ports and four 40G/100G ports. The 10G ports are numbered 1-4. The 40G/100G ports are numbered 1-24. When looking at the switch config, there are only interfaces eth-0-1 through eth-0-24 listed. I'm trying to use the 10G ports, but either the eth-0-1 through eth-0-4 interfaces are configured to use the 40G ports or the 10G ports are just not being detected. I've tried every command I can think of that may switch the eth-0-1 through eth-0-4 interfaces over to the 10G side, but haven't had any luck. I have a ticket into Fiberstore for this, but I'm trying to get a project done quickly and this is putting a cramp in that. Note: I have tried 1G and 10G Fiberstore branded SFPs in the 10G ports (both are listed as compatible). The transceivers are never detected by the switch. If I throw a 40G transceiver in the 1-4 QSFP slots, they are detected fine. If anyone has any ideas, I'm all ears. [link] [comments]  |
| What's your method of stress testing a circuit (INTERNET) Posted: 28 Aug 2018 06:32 AM PDT With MPLS or P2P's my old boss showed me JPerf set up on both ends to get some massive output. I now have an internet circuit I would like to stress test, and was wondering your methods. Thanks. [link] [comments]  |
| Options when migrating to the cloud. Posted: 28 Aug 2018 10:43 AM PDT I'm new to cloud and investigating moving some of our VM's. Is it possible to keep IP addressing the same and still have communications between vm's in the cloud and vm's in our data centre that are on the same network? [link] [comments]  |
| Posted: 28 Aug 2018 01:37 PM PDT Hi guys, I'm setting up a relatively small network in a retail environment 50-60 devices. To do this I have 3 unmanaged gigabit switches so I was going to connect 1 switch to the router and then connect the other two switches to the first switch however I'm worries this will crest a bottleneck for traffic going between switches, so I have 2 questions, is this the best way to do this with the hardware I have and what would be the ideal way to set it up given your choice of hardware? [link] [comments]  |
| Posted: 28 Aug 2018 09:14 AM PDT Struggling this morning to understand what is going on, hope you all can clue me in. Recently there was some re-cabling done on a couple of my access ports. The first issue I am having is that between the two ports neither one of them comes up by itself. Meaning if I have shutdown on one but not the other neither connects, until I put in no shutdown on both of them. Then they come up for about a second only to have port security lock one of them down. So I clear the sticky macs shutdown/no shutdown and bam same issue. Now the MAC that keeps triggering it is from a Cisco VOIP phone. Which would be fine except there shouldn't be a cisco phone on that link. Further the phone MAC that is reported is located at another site entirely about 3 switch hops away. Maybe I'm just dumb or just haven't ran into this but I don't recall port security taking into account any MACS beyond the local switch with regards to port security. Even weirder that phone that is showing up is still connected to that switch 3 hops away, so I don't see how this particular port can be seeing that MAC. I am going to head to the site and verify the cabling is in fact hooked into what I think it is, but this has me scratching my head... Only thing that even comes to my mind is that maybe my cabling guy inadvertently has created a network loop, but since I have the various "guards" to prevent that this is the result however weird. [link] [comments]  |
| Is it ok to just keep using Paramiko? Posted: 28 Aug 2018 05:10 AM PDT When I originally started learning python for network automation, my goal was to "recreate the wheel" and try to write scripts using only Paramiko and included Libraries to do exactly what I was trying to d. I then fully intended to start using NetMiko, PyEZ, and other libraries tailored more towards the gear you use. Only problem is, my Paramiko scripts are so polished now, after constantly adjusting, adding new function definitions, etc, that basically I feel like I don't really "need" NetMiko. Am I just being arrogant? What huge advantages does NetMiko give? I feel like I basically just created my own personal version of NetMiko tailored very closely to my environment, and I don't want to stop using it now. [link] [comments]  |
| Posted: 28 Aug 2018 10:42 AM PDT I've been tasked to explore options for reducing my company's datacenter footprint or going completely to cloud, and one of the thorny DC functions that I'm having a hard time cloudifying is internet egress. It doesn't look like sending general corporate traffic out through AWS would be cost effective due to volume based fees, Cisco Cloud Web Security and similar services all have way too many horror stories, and relying on a carrier for MPLS-based egress e.g. AT&T "network-based firewall" seems like an even less attractive option. Does anyone have a cloud-based alternative that they're happy with to the classic on-premise internet egress model of backhauling traffic to a physical datacenter and passing through an on-prem security stack? [link] [comments]  |
| How do you guys handle Active/Passive Firewalls at two sites? Posted: 28 Aug 2018 09:09 AM PDT TL;DR I have two datacenter sites in Central US and East Coast US. Need firewalls at both sites. What hardware and protocols allow you to failover to another site while still using the same IPs? We would like to setup an active/passive datacenter where our east coast is primary and central US is our DR. Our primary site has two Cisco Firepower appliances in an HA pair. Should we add more Firepowers at the other site? Our main question is how do we make sure the configs match at both sites if we use Cisco ASA 5525's at one site and Firepower appliances at another? We previously had two sites very close to each other and run two ASA 5525's in HA with one at each site. Now that we're spread out more we're concerned latency could add problems with heartbeats and possibly a split-brain scenario. Most everything is still in the air and can be changed relatively easily.. Just looking for some guidance and what you guys are running. [link] [comments]  |
| Can anyone explain what a SAM IP is? Posted: 28 Aug 2018 08:46 AM PDT I've just started a network engineer job and was hoping to find some clarity on what a SAM ip address is. Does anyone have experience with this? Any insight would be appreciated. Background: We have to request SAM ip addresses when working with Cell Tower Back Hall, which i think is a form of redundancy for Carriers? [link] [comments]  |
| Question - How do I get the best performance out of my Wireless network? Posted: 28 Aug 2018 07:30 AM PDT I have a couple of older Cisco WLC-5508s. I am replacing much older 1142 WAPs with newer 1852s and some 2800s. In 2019 I will be replacing the 5508s with newer controllers. Until then I was wondering if anyone had some advice/tips for maximizing throughput with the newer WAPs. Do I just plug them in and use the default settings? Is there some things I can change to get a quick benefit? Thanks!! Also I will be running 8.3.143.0 code on the controllers and WAPs. [link] [comments]  |
| Posted: 27 Aug 2018 05:30 PM PDT My first reaction was taking him literally for a fool. Then I did my homework and discovered this: https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/ Stuff like this is (one of) the reason I drink... Ever heard of it? Opinions? [link] [comments]  |
| "Its not an issue with the network" Posted: 28 Aug 2018 12:24 AM PDT Hey guys, I work for a storage vendor and its a daily conversation that I have with people that we have an issue that requires them to engage their network team. This normally turns badly as they "have already engaged the network team and they said there is no issue." or something along that line. I tend to give a specific statement to give to their network team such as "arp broadcasts are not making it from this device to this device, can we check the vlans". "its not the network" is a meme of sorts with my group of coworkers. It normally comes down to me telling the storage admin that "we can not move forward without engaging the network team, I would be willing to show them X Y and Z." Once I do this they will generally do as I ask, and then its a 45second conversation with the appropriate network guy explaining that someone messed up the vlan on a port. Fixed in 15 seconds. My question: Why does every storage admin hate engaging their network team? What can we do to make it a more pleasant experience? What do you guys think about storage admins? Can we improve this relationship? [link] [comments]  |
| Fiber between Ubiquiti and HPE Posted: 28 Aug 2018 06:43 AM PDT Hello, I need to run a fiber between a HP 2530 and a Ubiquiti UniFi Switch US-48. I will use SFP J4859C in the HP switch and UF-SM-1G-S in the ubiquiti. It will be SM fiber. Anyone got experience with this? I dont want to order stuff that doesnt work because my stupidity.. [link] [comments]  |
| Posted: 28 Aug 2018 06:18 AM PDT Hello r/networking ! I was recently helping pull some new Cat 6 lines for our new VOIP system we are implementing, and ran across these connectors I am hoping to identify. Main reason I am hoping to identify is these are not typical keystone jacks, and the wall panels have clips in them, rather than the clips being on the connector itself. Hoping someone can ID these connectors as well as what 'type' this would be called so I can source the proper ends / wallplate to keep them all in the same box! Thanks in advance and apologies if this is not the place for this. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment