Ordered a Bandwidth increase - ISP says that we need to provide a router Networking |
- Ordered a Bandwidth increase - ISP says that we need to provide a router
- Is BGP over vPC a good idea?
- Axis network camera occassionally showing up twice as an LLDP neighbor on one port
- SD-WAN - What Has Your Experience Been Like?
- Help with NAT subnet with L3 terminating on switch behind router
- Are there any tweaks you can make on the NXOSv9000 image so that it could run lower resources?
- F5 BIG-IP vs NGINX for Web App Firewall?
- Help configuring L3 switch into Comcast ENS
- Securing network with switch in shared rack
- Spanning Tree Issue With WAN Uplink
- Engenius WDS Bridge Issue
- We're soon getting an EPL to connect our two sites. Need advice on a few things.
- Multiple Internet Connections for Small Offices
- Making changes to a switch in a Juniper virtual chassis stack
- Service Provider - automatic switchover duration
- SD-WAN Recommendations
- Where do Adblockers fall in the TCP/IP stack?
- Scrum for Network Engineers
- Interviewing for an SE position, and the next round is with sales... what can I expect?
- Can't Budget for a NAC - What Do You Recommend
- Which NAC would you choose for this mixed environment?
- Cisco ASA issue
- Small Church Network Setup
- Script to Remove GLBP Config
- DNS -- Everyone's favorite
| Ordered a Bandwidth increase - ISP says that we need to provide a router Posted: 28 Nov 2018 09:46 AM PST As our Internet usage needs have grown, we have finally convinced management of the need to increase our bandwidth and next month we will be increasing the bandwidth to 250Mb. (YAY!) We've purchased a new FortiGate 200E and have already started pre-configuring it to replace our existing firewall and we thought that we were ready to go BUT we received this message in an email from the $ISP$ Project Manager:
$ISP$ has stated that we can rent a router from them for about $400/month. My questions are:
Thank you! [link] [comments]  |
| Posted: 28 Nov 2018 03:05 PM PST My team is required to make dynamic routing working between multiple data centers and I am considering change the static routes to peer BGP to our firewalls. Since the firewall HA pair is currently configured over vPC, I am wondering if peer BGP from the switch to the firewall over vPC is a good idea. Design Choices: 1. RouterA --- BGP --- SwitchA --- BGP --- FWA | | RouterB --- BGP --- SwitchB --- BGP --- FWB Everything is P2P L3 links and there is no vPC. Pros: a. No need to upgrade the switch. b. We are confident the routing will work. Cons: a. Need to move the cables, previously SwitchA to FWB and SwitchB to FWA cables needs to change to SwitchA to FWA and SwitchB to FWB since crisscross connections are no longer needed b. According to Ciscolive 2016 BRKSEC-2020 Page 109, it is not a good design to minimize firewall failovers. c. Only half of the ports are utilized 2. RouterA --- BGP over vPC --- SwitchA --- BGP over vPC --- FWA | x | x RouterB --- BGP over vPC --- SwitchB --- BGP over vPC --- FWB Pros: a. No need to change the cables b. Good for firewall failover scenarios c. Utilizes all ports Cons: a. Need to upgrade to Release 7 b. Not certain if BGP over vPC is a good idea. The OSPF over vPC post 8 days ago looks very scary. 3. |------------BGP Multihop----------------| RouterA --- vPC --- SwitchA --- vPC --- FWA | x | x RouterB --- vPC --- SwitchB --- vPC --- FWB |------------BGP Multihop---------------------| Pros: a. No need to change the cables b. No need to upgrade the switches. c. Good for firewall failover scenarios d. Utilizes all ports Cons: a. The servers connected directly to the switches might take more hops because the switch cannot make routing decision for certain traffic. Depending where the default route is pointed to, certain traffic will be routed to the router then back to the firewall. [link] [comments]  |
| Axis network camera occassionally showing up twice as an LLDP neighbor on one port Posted: 28 Nov 2018 12:19 PM PST An Axis network camera connected to an IE 2000 switch is pinging. I cleared the counters on the interface and it is receiving input data, no errors, and never flapped. The camera is showing up as an lldp neighbor. Clearing the MAC address table, ARP table, and changing the speed and duplex settings did not help. I do not know the exact model of the camera and show lldp neighbors did not show any more info. The IP of the camera is 10.X.X.X. Note I changed the serial numbers in the MAC address, device names, and the IP for security reasons. ie2000-switch#sh lldp neighbors Capability codes: (R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device (W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other Device ID Local Intf Hold-time Capability Port ID Switch 1 Fa1/1 120 B Gi0 Axis Camera Fa1/5 120 S eth0 Axis Camera Fa1/5 120 S eth0 ie2000-switch#sh run int fa1/5 interface FastEthernet1/5 description Sec-camera-1 switchport access vlan 100 switchport mode access switchport nonegotiate no logging event link-status speed 100 duplex half srr-queue bandwidth share 10 10 60 20 srr-queue bandwidth shape 10 0 0 0 priority-queue out storm-control broadcast level 5.00 service-policy input HOST-INPUT-MARKING end The camera does show up when showing the arp table ie2000-siwtch#sh ip arp | i accc.8eXX.XXXX Internet 10.X.X.X accc.8eXX.XXXX ARPA Vlan100 ie2000-switch#sh mac address-table | i 1/5 100 00f1.caXX.XXXX DYNAMIC Fa1/5 100 4036.5aXX.XXXX DYNAMIC Fa1/5 100 accc.8eXX.XXXX DYNAMIC Fa1/5 A few minutes later entering in sh mac address-table and lldp neighbors on the interface displayed the following: ie2000-switch#sh mac address-table | i 1/5 100 00f1.caXX.XXXX DYNAMIC Fa1/5 100 accc.8eXX.XXXX DYNAMIC Fa1/5 ie2000-switch#sh lldp neighbors Capability codes: (R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device (W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other Device ID Local Intf Hold-time Capability Port ID Switch 1-Fa1/1 120 B Gi0 Axis Camera Fa1/5 120 S eth0 Earlier I set the interface to the default config and I was able to briefly ping the camera, though the problem recurred. I believe that the issue is related to the camera. What would the issue with the camera most likely involve? If it is the switch what would it most likely involve? [link] [comments]  |
| SD-WAN - What Has Your Experience Been Like? Posted: 28 Nov 2018 01:04 PM PST We're looking into SD-WAN as a viable option and have been speaking with multiple vendors about their offerings. We're still scheduling meetings to see a few demos and I was curios to know what you guys take is on the whole thing. For us, we have a mandate by our regulatory body to have all WAN traffic encrypted so that is the main driver of this whole exercise. It was either this or purchase security licenses for all of our 50 ISRs and do VPNs that way. Obviously we wouldn't be taking advantage of the full feature set of "SD-WAN" up front but it would address the immediate need for encryption. Then down the road we can make use of things like "application based routing" and whatnot and throw in secondary cheap internet ckts. So my questions: What has your experience been like and do you have any success stories? Which vendor (there are so many!!!) did you go with? [link] [comments]  |
| Help with NAT subnet with L3 terminating on switch behind router Posted: 28 Nov 2018 02:51 AM PST Hi guys, This one is really making me scratch my head, and driving me crazy because I feel like I should know what's going on here! I'm hoping someone can help out, and also offer any advice for me as well about my setup. So, I have a Cisco 861 and recently did a CCNA Wireless, and thus I've been trying to do some more complicated wireless setups on my home network aka lab network ;) Firstly, starting off with some Ruckus R710's that I am planning on using with Unleashed (controller on the AP). The Cisco 861, as I recently learnt, only supports two SVI's and it can't use any other license than Advanced Security - so, stuck with two SVI's .. poo. I also have an old 3750, which I'm hoping will support more than two SVIs, so my plan now is to terminate all my client and server layer 3 interfaces on the 3750 then have a backbone between the 3750 and 861 - it's a work in progress. I have a mgmt / backbone VLAN (333) on both the router and switch. My data VLAN (1) currently terminates on an SVI on the router. The router is also the default gateway for the switch on VLAN 333. I added SVI for VLAN 5 on the 3750. VLAN 5, at the moment, is testing wireless clients but the concept will become more permanent. The default gateway for VLAN 5 is the switch (192.168.5.254), and the switch also hands out DHCP. Now hopefully that explanation was up to par, and made some amount of sense. The problem I have is that the wireless clients have some really limited connectivity ... From the switch, I can source pings from interface vlan 5 and ping the router's SVIs and the internet. The wireless clients receive a DHCP address from the 3750, and they can ping interface vlan 5 on the switch also (192.168.5.254). They cannot, however ping ANYTHING else on the network, literally just that one hop. They can't ping interface vlan 333 on the switch. They also cannot reach the internet. The switch has a default gateway of 172.31.254.254 (vlan 333 on router). So, what's going on here. What have I missed? As I said, on the switch itself, I can ping everything with a source address from int vlan 5, so it seems like the wireless clients should also be working. Thought it might've been a port config, but then, the clients get the correct DHCP and can ping the switch so my trunk port should be good. Here's a quick and dirty network diagram with some key information on it; https://imgur.com/4ZSqADw Thanks everyone! :) Edit: I do have a route on the 861 to point 192.168.5.0/24 back to 172.31.254.253 (the 3750) for return traffic. [link] [comments]  |
| Are there any tweaks you can make on the NXOSv9000 image so that it could run lower resources? Posted: 28 Nov 2018 03:30 PM PST I run 9.2.1 on GNS3 and the running VM has so much ports on it. Is that something you can cut down? [link] [comments]  |
| F5 BIG-IP vs NGINX for Web App Firewall? Posted: 28 Nov 2018 07:56 AM PST I'm not really sure if this fits here or in a different forum, but I was curious whether folks have had any experience with these two in particular. My research has yielded a lot of posts comparing the two for purposes of load balancing, but not a whole lot on Web Application Firewalls (WAF). My understanding is that WAF is accomplished through the use of extensions and add-on modules. Besides the argument that F5 would be done at the hardware/infrastructure level vs NGINX at the software/commodity hardware level, are there any major differences in practice? I appreciate any experiences that folks can share. This is my first post; sorry if I'm doing any of this in the wrong place. Thanks!! [link] [comments]  |
| Help configuring L3 switch into Comcast ENS Posted: 28 Nov 2018 02:48 PM PST I have a L2 connection set up via Comcast ENS service. It supposed to resemble a large L2 full mesh network. I have inherited several sites working via this service and am pretty green insofar and R&S. I am trying to bring a up a new site using and SFP port on 3560 but I'm unsure on how to configure the port. It's connected via the ENS but does not see any of the other connected devices. I can get to the switch via SSH without issue. [link] [comments]  |
| Securing network with switch in shared rack Posted: 28 Nov 2018 11:47 AM PST Evening all, I have a predicament with how best to secure a switch in a 'shared' rack. The switch itself is in a locked cabinet which only we have access to, but the patch panels are in a shared rack with the other building tenant. I have contemplated implementing either port-security or 802.1x along with shutting all unused ports, but cannot see a way past the following to limit access to our network: Most wall ports are patched to the shared rack and we can configure port-security for the known MACs for these PC's into the switch. There is an uplink to another switch that goes through a patched port in the shared rack, this would mean I would have to configure all downstream MAC's on this port with port-security enabled. Is this correct and achievable? If I was to pursue the 802.1x route the uplink to the other switch would be in a forced authorised state meaning that the uplink could be unplugged at the shared patching rack and unrestricted access to the network would be granted. What is the best practice for securing uplinks when using 802.1x? This is not a position I would like to be in but currently have no choice due to a plethora of reasons out of my control and need to make the best of the situation. I'm also currently limited with the switches I have to use. I have some Netgear FS728TP v2's or some procurves. Personally I hate the Netgears and would never buy them myself unless for very basic distribution/access switches. If anyone can offer some advice on best practices or can suggest a solution I would be most grateful! [link] [comments]  |
| Spanning Tree Issue With WAN Uplink Posted: 28 Nov 2018 11:29 AM PST Hi all: We recently purchased a secondary internet connection which has just been installed. We were given a set of 5 static IPs. The connection is provided to us via a normal patch cable just past the fiber demarc. Connecting a laptop to said patch cable with the LAN interface set with one of the static IPs provided works fine - device can get to internet. To test, I created a vlan to handle this traffic and assigned said vlan a port on our core switch as an access port. I then assigned the same vlan to an adjacent port connected to the same laptop to test, but was unable to get to internet. Long story short, I ended up getting it working by disabling spanning tree on that newly created vlan. The core was reporting that it was receiving BPDU on the non-trunked port the new connection was plugged into, so it was blocking traffic on the VLAN I assigned. Here's the relevant messages from our switch (vlan 505 is the vlan I created, 3/40 is the interface the new connection is on): Nov 28 18:56:54.694: %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk GigabitEthernet3/40 VLAN505. Nov 28 18:56:54.694: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking GigabitEthernet3/40 on VLAN0505. Inconsistent port type. Obviously, I'd prefer not to disable STP on the entire vlan - is there something I'm missing? [link] [comments]  |
| Posted: 28 Nov 2018 01:40 PM PST Using Engenius ENS500ACs in WDS Bridge. 600 feet max between transmitters across a giant parking lot. Maybe 150MBPS max (17 IP cameras topped off at 6000kbps) at Channel 112, Green mode off, 80MHz (AC Only). These things are advertised at 300MBPS and I assume this is in whatever mode. Whatever I do, this group (2 transmitters to 1 receiver) continue to drop off. Power cycling the remote transmitters brings back the connection but will drop off again over and over. Let me know if I can provide any additional details and any insight would be greatly appreciated. [link] [comments]  |
| We're soon getting an EPL to connect our two sites. Need advice on a few things. Posted: 28 Nov 2018 12:58 PM PST Good afternoon, fellas, I'm sysadmin for a company with two offices. Both sites are currently running on a 100down/30up cable service (not ideal, I know), tunnelled via IPSec between the two sites. We're upgrading, after the holiday, to an EPL 100Mbps between the two sites, along with a 100Mbps symetrical fiber internet, and a secondary internet fiber at the second office for redundancy (so that if the head office goes down, the second office can continue working). Both sites have Sonicwall TZ500 firewalls. I'm currently doing research on the best way to configure all this, and I have a few questions :
Thank you in advance for your help! [link] [comments]  |
| Multiple Internet Connections for Small Offices Posted: 28 Nov 2018 04:16 PM PST What are folks doing these days for managing multiple internet connections per location for branch offices? On the high end, I have multiple internet connections with BGP and ARIN-assigned blocks. I've got a couple offices coming online with BGP and /28s SWIPped to us. And then I've got a bunch of small offices we're upgrading to two connections, where budget prohibits me from finding DIA/MIA with BGP peering. I'm currently using IOS IP SLA tracking to fail over from one connection to another, but selection of IPs to track is problematic. The simple fact that tracking a single IP in provider space or on the internet doesn't isn't a reliable way to tell if a circuit or provider is down is really bugging me too. A previous gig used Packetshapers to do slightly more complex Internet gateway selection. So tell me what other options are out there for this space. Thanks [link] [comments]  |
| Making changes to a switch in a Juniper virtual chassis stack Posted: 28 Nov 2018 04:07 PM PST Hey guys i`m trying to figure out how to configure a port in a VC pair of 4 on Juniper 4300 EX switches I can access the master via the VC management IP, but I have no idea how to configure 1 of the other switches in the stack. I tried edit virtual chassis member 1 I saw it switched to member 1 on the cli level, but I still can`t configure anything like ports etc. I`m fairly new to Junos (cisco R&S background) so im lost lol I did some reading and found that the vcp ports are for the vc but all the documentation shows is configuring VC not how to configure an individual switch port on 1 of the other switches in the VC. All I want to do is configure a port as access with a VLAN on 1 of the switches in the stack sigh. [link] [comments]  |
| Service Provider - automatic switchover duration Posted: 28 Nov 2018 12:41 AM PST Recently we've experienced outage, where we some of our traffic got dropped. After some investigation turned out that one of our Service Provider had an outage in their network and it seems they dropped/blackholed some traffic that we send their way and that lasted for about 5min. The reason for loss that they've provided was "cut of fiber". Explanation that in that case traffic will of course get dropped, there is nothing they can do about it and that's how long it takes to bring service back up. I've only worked in Enterprise world, so no experience on my side regarding Service Provider environment, but I'm assuming that SP have similar automatic solution for detection and switchover to alternative route (BGP with BFD?) and that it should take a little bit faster then 5min. Are they trying to make me drop the case or perhaps I should study more about how SP/Enterprise network differences? [link] [comments]  |
| Posted: 28 Nov 2018 06:25 AM PST We are an internet service provider looking for recommendations on a SD-WAN vendor. We have seen this list of SD-WAN providers on packet pushers, and don't have time to evaluate everyone: https://packetpushers.net/virtual-toolbox/list-sd-wan-vendors/ We are looking for something that: - Is suited for small business customers with single locations only. Most of the SD-WAN focus seems to be for enterprises with multiple branch locations who are looking for a MPLS replacement. Our customer's don't have or need MPLS as they are small business single site locations. - Can accept multiple internet connections. Most of our small business customers will have a cable mode, dsl modem, and LTE as a backup. - Most of our customer use hosted voip over the public internet to providers like Vonage and Ring Central. - As an ISP, we would like cloud management where we have a dashboard, and can select a customer to see only their site. - Cost is a concern. Today, most of our customers are using the router built into the DSL/Cable modem, or using something like Ubiquiti Unifiy USG. Ideally the SD-WAN box would be something we can build on our own using low cost x86 boards like https://www.pcengines.ch/ or the device should cost less than $500. -Has some sort of firewall or security service. What I am confused on is there are multiple firewall vendors (Fortinet, Sophos, Meraki) that seem to have a router that can do what I am asking for, but they are not necessarily SD-WAN. Any recommendations are appreciated. [link] [comments]  |
| Where do Adblockers fall in the TCP/IP stack? Posted: 28 Nov 2018 02:31 PM PST I was wondering how advertisement filters work in relation to the TCP/IP Stack? I am assuming they use an application gateway; so does the blocker inspect traffic and drop certain packets? How does it know what an advertisement is since they take many forms (unless it's by domain)? TIA [link] [comments]  |
| Posted: 28 Nov 2018 06:48 AM PST Has anyone used the scrum methodology in their network teams? If you have, how well did it work for your team? Did you see a marked increase in productivity and accuracy during project completion? [link] [comments]  |
| Interviewing for an SE position, and the next round is with sales... what can I expect? Posted: 28 Nov 2018 02:17 PM PST |
| Can't Budget for a NAC - What Do You Recommend Posted: 28 Nov 2018 06:21 AM PST We're a small environment, less than 500 addresses all combined across 5 locations. I've looked into several NAC solutions like ISE, ForeScout, PortKnox, etc.. and they provide some great features but we really can't leverage them enough to justify the cost and management overhead. That said, I'd like some way of keeping unapproved devices off of the network. We're on Meraki Switching and Cisco ASA's with the full FP suite. Should I just look at MAC whitelisting or is there something else you would recommend that's not a full NAC but still helps us keep rouge devices from being connected? Even if I can't block the device, I would be pretty happy with just a notification that something unknown was connected and I could take it from there. [link] [comments]  |
| Which NAC would you choose for this mixed environment? Posted: 28 Nov 2018 01:48 PM PST Choice is between ISE and Clearpass only. Wireless environment is 100% Aruba, switches are 100% Cisco, firewalls are Cisco. Neither of these vendors will be changing in the next 5 years. Initial use case for NAC is wireless only, but intend to use it for wired in future. The current solution is Windows NPS for corporate and external provider for guest portal, both of which will be replaced by the selected system. I know that both NACs are capable of servicing the other vendor's equipment well enough, but I'm looking for advice, recommendations or anecdotes that could help me decide which of these 2 NAC options to use in this scenario. E.g. Would I be missing out on some magical Cisco tie-in to the ASA if I went with Clearpass? Would I suffer from lack of 3rd party integrations if I went with ISE? [link] [comments]  |
| Posted: 28 Nov 2018 09:46 AM PST Hello all, I started having issues with my ASA 5512-X yesterday. It seems to have started after i copied a HostScan image to the flash. Our monitoring software alerted that HTTPS was down on the ASA almost immediately after the file copied. It might have been a coincidence, I'm not sure. After that my ASDM session was not refreshing correctly so I closed it and tried to reconnect but I just get "Unable to launch device manager from <IP of ASA>" The bigger issue is that now when I try to save the config I get an error stating:"The flash device is in use by another task." and I also get that error when trying to view the startup config and it also says "No Configuration" I also get this when I browse to https://<ip of ASA>/admin: The flash device is in use by another task. The flash device is in use by another task. HTTP/1.1 404 Not Found Date: Tue, 27 Nov 2018 20:21:40 UTC Connection: close Content-Type: text/html <HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR=#FFFFFF><H1>404 Not Found</H1>The requested URL /admin/public/index.html was not found on this server. </BODY> Everything else seems to be functioning properly. I've exhausted my online search for answers on this issue. It seems there has been only a handful of cases of this over the years. A lot of people have suggested it could be caused by other sessions viewing the configuration but using "show asp table socket" i only see my ssh session and the anyconnect clients. I have not yet rebooted the device as I'm concerned that if it's not seeing the startup config it's not going to come back up properly. I opened a case with TAC but they have been slow so I just wanted to see if others have run into this issue. [link] [comments]  |
| Posted: 28 Nov 2018 08:13 AM PST Hi, and thanks for reading. I hope I've come to the right place, if not, kindly point me to the right place. I need a bit of advice in best setting up my network at my church building. I recently became responsible for the technology in the facility and that includes the computers and network. I'm an audio sales engineer by profession and have a recently upgraded sound system head end installed (more on that later). To this date, every network device in the building as been on one subnet (192.168.0.0/24). Here's what we're working with. - 5 PC's - 1 networkable copier/printer/scanner machine - Networked Video Recorder, for our security camera system - Audio System o I have several devices that use Dante (digital audio over IP) to move audio around the building; 2 of the PC's need o A few of the devices (digital signal processor, power amplifier, control panels) have network connections for - 2 wireless access points o These are Cloudtrax cloud managed wireless mesh access points that seem to be highly capable, with the ability o The general congregants of the church will use the WiFi during bible class and sermons to send/receive emails, o SSID 2 is for "office" staff, and o SSID 3 is for building equipment (WiFi thermostats, mainly) - General network gear is the following, starting from the outside working in o Cable modem for broadband internet service, which delivers a public IP o Ubiquiti EdgeRouter Lite router with 3 interfaces o 2 Cisco SG300 series managed gigabit switches; a 10-port and a 28-port model, both the PoE+ version § One of these lives beside the modem in the room where the service entry is, there are a few devices connected § The last port of the first switch connects to the second (larger) switch, in the sound booth, where the rest of the My goals are to segment the network so not all devices are not on the same broadcast domain. I'm not sure if I need VLANS, different subnets, or both, nor am I entirely sure on how to set them up in the router. I have decent network knowledge, but mostly from the client side, and this is my first foray into a "network admin" type of role. I just don't want to screw it up. I've done a ton of reading on the subject so what I think I want to do is group the devices as such:
I'm open to suggestions if this grouping makes sense. If you do offer suggestions, a brief explanation of why would be helpful, so I can learn from this experience for the next time I need to do this. My concern is making sure that devices in different groupings can still "talk" to the devices that they need to. For instance, there will be times when I will use my iPhone to control the audio system wirelessly, even though I'll be on the Office WiFi, I will need to get to the non-Dante audio devices subnet. My other concern is addressing, DHCP and such. I think I can set up multiple DHCP servers on my router, and then have it dish out the addresses to the different VLANS/groups. My question is, do I need to set up a different DHCP server for each subnet? Regarding the VLAN's, I just need to make sure the port setup is correct between switches and routers and WAPs. Which are trunk? Which are access? Again, thanks for reading, any and all help is appreciated! [link] [comments]  |
| Posted: 28 Nov 2018 08:07 AM PST I've been working on a project to replace a router running GLBP with one that does not. There were a lot of SVIs that needed GLBP stanzas removed from the config so it could be migrated to the new platform. I've created a script that does this and made it available here. Just past your GLBP interface config in the "Input" field and click "Run". I hope you find it useful. Disclaimer: This form will upload the input data to my server for processing. Please sanitize the input. Do not use this app if it violates your security policy in any way. [link] [comments]  |
| Posted: 28 Nov 2018 08:02 AM PST I'm working on a newish DNS setup for our company; namely migrating from a legacy server which was never configured properly in the first place; to a hopefully-more-robust configuration. After trying to catch back up on DNS and Master/Slave; I'm at a bit of a dilemma on how to configure our local DNS configurations. Namely--what's "best practice" for what we want:
So, I guess what I'm stuck with is how would one plan this out. We're not handling any public-facing queries with these name servers; nor should we ever be needing load balancing for handling queries for some time. With that in mind, we'd like to be able to use Would a simple Master/Slave configuration be suitable for this; or are we trying to make this too simple? [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment