Are POE+ devices connecting to a POE+ switch plug-n-play ? Networking

---

• Are POE+ devices connecting to a POE+ switch plug-n-play ?
• ISIS and QoS
• Cisco C891F - Easiest way to duplicate config?
• PeeringDB / Interconnect - Can someone please clarify
• How to lay and set up fibre optic internet?
• MPLS VPN and OSPF
• Virtualized hardware routers
• How do I SNAT interesting traffic for L2L tunnel, while PAT ‘d all other non-interesting traffic.
• Is SonicWall even relevant anymore?
• Inconsistent Linux server download speed
• Visualize network connections and devices
• Trying to build a 10Gbe network for a client
• Solid networking tool for testing access rules and IPS signatures.
• Looking for some career advice, recently got my CCIE (R&S), looking to move out of operations into a Solution Architect role.
• Question on IP SLA reachability for a tunnel interface source vs IP (Cisco ASR)

Are POE+ devices connecting to a POE+ switch plug-n-play ? Posted: 01 Dec 2018 07:07 AM PST I have a Cisco 2802 APs and a Aruba 2930F (POE+) The APs power-on without any additonal configuration on the switch. Is this enough or do I need to change any of the following settings? https://i.imgur.com/Q8B7z3O.png submitted by /u/hombre_lobo [link] [comments]

ISIS and QoS Posted: 01 Dec 2018 05:04 AM PST I was listening to some networking podcast discussing ISIS as their main topic. And one of the guys mentioned about the ISIS is a pain in regards to QoS implementation. For the life of me, I could not remember the podcast and I am pretty sure it was not Packetpusher. Can someone please go in detail why ISIS is not the best option when QoS is going to be implemented? Any advanages and disadvantages of ISIS vs OSPF or even eBGP? Thanks submitted by /u/pingmanping [link] [comments]

Cisco C891F - Easiest way to duplicate config? Posted: 01 Dec 2018 01:05 PM PST I need to set up a Cisco C891F for a new location (2nd office) the problem is it's above my head. However, I have a properly set up one already existing at another location for the same company (I directly work for this company). I am wondering if I can get familiar enough to download its configuration and apply it to the new one or if anyone has some advice? To give some backstory, I work for a quickly growing software company. The first C891F was installed prior to my employment. I set the second office up using Ubiquiti equipment and it's been fine but the office is quickly growing and the network slowing down (this is where are Developers work). They already have another C891F and are wanting to set it up. So having said that, I am wondering what my options/my company's options. So far what I am thinking is... They hire another contractor to set up the 2nd one This is practical, but not ideal - worth noting that there are discussions of my company paying for my certifications but this doesn't help immediately Possible to put enough time and research to learn enough to copy its configuration and upload it to the new one and making the necessary tweaks since it's for a different network Another idea from a generous person? :D Happy to hear your thoughts & to answer any questions if you have any. ​ submitted by /u/_jreyno [link] [comments]

PeeringDB / Interconnect - Can someone please clarify Posted: 01 Dec 2018 11:32 AM PST I have another post where I requested guidance to set up a Site-to-site VPN to connect two data centers between SF Bay Area and Chennai, India: https://www.reddit.com/r/networking/comments/a1ckbf/connecting_datacenters_between_us_west_coast_and I got some really good ideas on different ISPs to reach. Here's a follow-up question. I know there are these PeeringDB type of sites which show the networks that different ISPs / data centers peer with. Can I query a PeeringDB and figure out which data centers / IP transit points peer with each network, so that I can find the best route with limited hops to set up the interconnects at both end-points with minimal latency / hops? Isn't that one of the purposes of a PeeringDB or is my understanding just plain wrong? Would appreciate if someone can chip in. submitted by /u/Gandalam [link] [comments]

How to lay and set up fibre optic internet? Posted: 01 Dec 2018 10:21 AM PST I live in a rural part of the UK, and at my house we rarely get speeds above 1mbps. Right now I'm getting 0.58mbps. Some houses near us are able to get fibre optic internet, but not us, as for some reason our house is connected to a different cabinet that only has copper wire going to it, and it doesn't look like there are any plans to upgrade anytime soon. It's really frustrating because it takes so long to do anything with such a slow connection. I've heard of satellite internet, but it doesn't sound ideal either. I read about the B4RN project a while ago, where a community got together and laid down their own fibre optic cables directly to their houses, and created their own ISP, which got me thinking about this. However, I know very little on the subject and don't really know where to begin. I've done some reading online but so far it's hard to put it all together. So, could anyone advise me on where to begin with something like this? We have access to farming equipment, but I don't even know whether it would be easier to lay cables underground or overhead. Additionally, fibre optic cables wouldn't actually be necessary, since the other cabinet near me has fibre optic, if we could just get copper wire from it to our house it would suffice, but if we were going to do this, would it be as easy to install fibre optic? And would we even need to go as far as the cabinet - my neighbor a few hundred yards down the road gets 20mbps - would it be possible to just connect to the copper cable at his house? I'm a newbie to most of this stuff, and I realise it's probably really expensive and likely impossible for me, but I'd appreciate any info or advice on where to start reading! submitted by /u/internetnowpls [link] [comments]

MPLS VPN and OSPF Posted: 01 Dec 2018 06:20 AM PST Hello, My company has bought MPLS VPN service from ISP, that connects several sites around Europe. I want to start IGP protocol inside it and tract the entire company as one AS. ISP tells me that we could use his BGP from a MPLS and tract each site as a different AS. Sites aren't big: mostly 3 persons on site, two bigger with 50 employers. What approach would be the best? Connecting each sites using GRE tunnels over MPLS and start using OSPF or BGP from ISP? Fast convergence and faster response to failures in the network (switch to IPSec tunnel if MPLS is down) has a big factor to choose the solution. Thanks for any tips. submitted by /u/ple_ [link] [comments]

Virtualized hardware routers Posted: 01 Dec 2018 01:14 AM PST Does anybody have any experience with virtualized routers running off of a bare metal hypervisor? The thought is to take a business class router that would support later 3 interfaces (IPSec tunnels, ebgp, etc.) and set up a headend in a lab. I would like to set this up as a tool for new techs to use and abuse. This would emulate a multi-site VPN based solution over an emulated internet connection (like an MPLS connection). Doing initial research, it seems like all the SDN solutions are cloud based... I would like to have this as an offline lab with minimal physical components. Thanks bin advance for any input submitted by /u/Karuption [link] [comments]

How do I SNAT interesting traffic for L2L tunnel, while PAT ‘d all other non-interesting traffic. Posted: 01 Dec 2018 02:36 AM PST NAT interesting traffic with IPSEC L2L How do I NAT interesting traffic going through a L2L tunnel? The NAT'ing happens on the same router that it the L2L tunnel terminates on. Below is the config for the two routers. I have an ISP in between, but everything is routing and working correctly w/o the NAT. Once I enable the NAT, my tunnel breaks. All other traffic needs to PAT to an interface, I have a NAT exemption, for the LAN of the L2L, and built a separate SNAT for the VPN L2L traffic. ROUTER1 >>>>> ISP <<<<<< ROUTER2 PAT 10.200.0.0/16 OVERLOAD w/exception of 10.200.10.10 (that's the server that is considered interesting traffic to the tunnel) SNAT 10.200.10.10 to 10.200.10.100 I removed all unnecessary configs such as routing and the server on corp network, as the tunnel works w/o the NAT, but fails w/the NAT. hostname VENDOR crypto isakmp policy 10 encr 3des authentication pre-share group 5 crypto isakmp key cisco address 1.100.50.1 crypto ipsec transform-set VENDOR2 ah-md5-hmac esp-3des esp-md5-hmac mode tunnel crypto map VENDOR 10 ipsec-isakmp description VENDOR2 set peer 1.100.50.1 set security-association dummy pps 20 set transform-set VENDOR2 set pfs group24 match address 100 interface Ethernet2/1 description VPN PEER ip address 192.168.118.2 255.255.255.252 duplex full interface Ethernet2/2 description ISP ip address 1.100.118.1 255.255.255.252 duplex full crypto map VENDOR ip route 0.0.0.0 0.0.0.0 Ethernet2/2 1.100.118.2 access-list 100 permit ip host 50.50.50.50 host 10.200.10.10 access-list 100 permit ip host 50.50.50.50 host 10.200.10.100 log-input access-list 103 permit ip any host 50.50.50.50 log-input object-group network Local-LAN object-group network VPN-LAN description NAT'd host 10.200.10.100 host 10.200.10.10 crypto isakmp policy 10 encr 3des authentication pre-share group 5 crypto isakmp key cisco address 1.100.118.1 crypto ipsec transform-set VENDOR2 ah-md5-hmac esp-3des esp-md5-hmac mode tunnel crypto map VENDOR 10 ipsec-isakmp description VENDOR2 set peer 1.100.118.1 set security-association dummy pps 20 set transform-set VENDOR2 set pfs group24 match address 100 interface Ethernet2/0 description CORP ip address 10.200.50.2 255.255.255.252 ip nat inside ip virtual-reassembly in duplex full interface Ethernet2/5 description ISP ip address 1.100.50.1 255.255.255.252 ip nat outside ip virtual-reassembly in duplex full crypto map VENDOR ip nat Stateful id 100 ip nat inside source list 10 interface Ethernet2/5 overload ip nat inside source static network 10.200.10.10 10.200.10.100 /32 no-alias ip route 10.200.10.100 255.255.255.255 Null0 access-list 1 permit 10.200.10.10 access-list 10 deny 10.200.10.10 access-list 10 permit 10.200.0.0 0.0.255.255 log access-list 100 remark IPSEC access-list 100 permit ip object-group VPN-LAN host 50.50.50.50 log-input submitted by /u/G331234512345 [link] [comments]

Is SonicWall even relevant anymore? Posted: 30 Nov 2018 07:00 PM PST I'm a bit new to the networking world (CCNA level), and I've been working with Palo Altos, ASAs, Merakis, etc for the past 2 years. I joined a smaller MSP who had a lot of SonicWalls deployed. Am I just missing something with them? The pricing for one of them seems pretty hefty. They just don't seem all that special, and the interface just feels so unintuitive. We got a quote for a SonicWall, and it was more expensive than the equivalent Meraki, which IMO for uncomplicated clients, is better in almost every way (minus the no VPN client). I just hear a lot of people swear by them and "They're great once you get used to them", and I just don't see it. Is it just the young punk in me that dislikes them? I don't see why I would pick a SonicWall over Palo Alto/Meraki/Fortinet. submitted by /u/rootbeerdan [link] [comments]

Inconsistent Linux server download speed Posted: 01 Dec 2018 03:42 AM PST Hey all, I've been having this weird issue, where most downloads (TCP transfers to my server from outside) are painfully slow, and some are blazing fast. The server in question runs CentOS 7 and is connected to a gigabit pipe in a DC. The issue: I wget a test file from a near datacenter (2ms, 1GB file) on the server. It will start at 1MB/s and slowly climb to average 15MB/s. I do it again and it's a very similar story I do it once again and it starts at 107MB/s and finishes at 100MB/s average. One more and it is slow again. No such issue with upload speed, I can always saturate the full gigabit connection. I tried to play with TCP congestion control, but it doesn't seem to have much (or any) impact. It also doesn't matter from where I'm downloading from, all downloads from all servers exhibit a similar behaviour. It seems to get worse with distance (latency) though. There is no packet loss. Would be really glad for any pointers, I've been trying to troubleshoot this for few days now. submitted by /u/FHR123 [link] [comments]

Visualize network connections and devices Posted: 30 Nov 2018 08:13 PM PST Hello, can any of you guys recommend a good software to visualize all network connections between network devices? We have SolarWinds right now but I don't think it's doing a good job. It's kind of OK to monitor individual devices, but when you try to see the big picture - it's a mess, especially if I'm trying to see 50 VPN tunnels to 50 different locations. As far as I can tell it's almost impossible unless you do some voodoo custom stuff. As far as devices it mostly Cisco Switches and ASAs, couple Uniquity routers, a lot of HP blades, a few Nexus 5Ks. Thanks, submitted by /u/leugenel [link] [comments]

Trying to build a 10Gbe network for a client Posted: 30 Nov 2018 07:10 PM PST Edit: Thank you all for pointing me in the right direction. submitted by /u/jotafett [link] [comments]

Solid networking tool for testing access rules and IPS signatures. Posted: 30 Nov 2018 06:50 PM PST nsauditor is what ive seen based on some video ive watched on udemy. i want to test how my ips behaves against certain traffic and be able to source from a different ip as well...its on a nonproduction firewall at the moment. submitted by /u/tolegittoshit2 [link] [comments]

Looking for some career advice, recently got my CCIE (R&S), looking to move out of operations into a Solution Architect role. Posted: 30 Nov 2018 04:12 PM PST ​ As the title states just looking for advice from people who have transitioned into that role, currently job searching however most contracts,positions are looking for 5 years experience in a solution architect type role, which I don't have. ​ I'm currently a senior network engineer working for an ISP in service assurance, I was wondering if there are any good steeping stone positions I should be looking for (pre sales, technical delivery manager etc ), Or are there any other certs I should be looking to get that would help my chances in an interview like the CISSP, TOGAF or ITIL. or Any Advice would be greatly appreciated. submitted by /u/roganjosh1 [link] [comments]

Question on IP SLA reachability for a tunnel interface source vs IP (Cisco ASR) Posted: 30 Nov 2018 04:10 PM PST First off I'm trying to determine from logs based on currently configured reachability SLAs if an outage is from our ISP, or if it's from the tunnel/endpoint itself. We have an Amazon DX tunnel interface configured as: IP: 100.64.#.# Source: 192.#.#.# (Amazon block, also configured as a loopback address) Destination: 52.#.#.# (tunnel endpoint) The SLA echoes tracked in config are approx a half dozen for each the interface IP (100.64.#.#) and the source (192.#.#.#). Any time the echoes from the IP (100.64.#.#) fail, the router assumes the tunnel is down and forwards everything to our secondary router. But I guess my question is under what conditions would the echoes from the source (192.#.#.#) fail but not the 100.64.#.# IP? submitted by /u/Oreoloveboss [link] [comments]

You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States