My coworker has a sense of humor and I love him for it! Networking |
- My coworker has a sense of humor and I love him for it!
- FortiGate Network Connections
- Who manages your industrial/SCADA network?
- Ubiquiti p2p interfering itself?
- VRF Help
- Looking to switch to network automation role this summer
- I'm at work, trying to direct certain IPs to LAN and everything else to WiFi. Would love some help!
- Help Choosing New Fiber Optic Modem
- I'm in a little over my head and need some help.
- Change control will only allow L2 switch install after hours. Really? What's your experience?
- Best company to buy refurbished Cisco ASR from?
- Connecting two Cisco switches via Access Ports
- DIR / DIR Bootflash Not displaying any files
- Not sure what other type of QoS I can implement to improve voice quality - sometimes voice quality is amazing, sometimes it pauses every second
- Arista 7150 Switch Hop
- Logging Cisco extended acls port information
- Automated Cisco network crawler
- EigrpV3 Routing Help.
- Anyone here with experience with old Cambium equipment?
- POE powered switch. Help
- HPE/Comware IRF Mis-configuration (loop?)
- Help noob with 871W Setup
- Why not have a big default L2 MTU on network equipment?
- Best Network Monitoring Solution for Multi-Site Deployment?
| My coworker has a sense of humor and I love him for it! Posted: 27 Feb 2019 07:28 AM PST | ||||||||
| Posted: 27 Feb 2019 03:31 PM PST We are using an FG60E for a specific set of traffic we are routing out of one of our remote locations. We don't want this traffic to route back over our Corporate WAN. This is working with no problems. We broadcast an SSID with a particular VLAN. This traffic is sent to the FG60E and sent out through the WAN port to the internet. This is done using LAN1 for the internal traffic and sent out over WAN1. Internally we have a Solarwinds server that receives netflow data from all of our routers. We would like to report on the traffic going out of this firewall to validate and track use, capacity plan, etc. For this my thought was to use another LAN port that we allow onto our network. LAN4. LAN4 will be receiving a DHCP reservation from the onsite DHCP server and thus be on our network. Netflow stats will be sent to our netflow server through this port. Here is where we get issues. Netflow works just fine. When LAN4 gets connected to the network I can connect to the FG60E over the IP of LAN4. However, traffic going over the SSID VLAN loses it's connection to the internet once that connection is made. I've been beating my head against a desk trying to figure out why this won't work. Out of blind luck we had it working for a few weeks then it all of a sudden stopped. I have been thinking it is a policy issue on how traffic is routing. I've tried every variation I can think of to make it work though. I'd be grateful for any suggestions or thoughts on what I might check. [link] [comments]  | ||||||||
| Who manages your industrial/SCADA network? Posted: 27 Feb 2019 04:03 PM PST It seems like in many organizations, the industrial/plant/SCADA networks aren't managed by the IT department, they are managed by the "operations" group. How common is that? Being a networking guy it drives me nuts. It seems like they try to put serial stuff everywhere and giant L2 domains anywhere that serial won't work. In my organization we've had pretty good luck having the IT department manage most of that, and so it's smaller L2 domains and Ethernet over serial wherever possible, but it was a big battle [link] [comments]  | ||||||||
| Ubiquiti p2p interfering itself? Posted: 27 Feb 2019 03:43 PM PST My company has a couple Ubiquiti p2p links. On the dashboard, I keep coming across where it shows that its current channel is over crowded. I'll move it, but then 30 minutes later, the new spot turns red and says it is over crowded. Is this bugged? Am I being targeted? https://i.imgur.com/fdKV71q.png Anyone have experience with this? [link] [comments]  | ||||||||
| Posted: 27 Feb 2019 12:42 PM PST I posted this question a few months: Multiple IPs in the same subnet I've decided the best route is to use VRFs with the overlapping IPs. I have setup two routers with the IPs configured and the ip routes in the VRFs. If I do: I can ping the other side router (which would be another provider) from VRF1, but not from VRF2. Ultimately, I can only ping from whatever subinterface has encapsulation set to vlan 1. Does anyone have an idea why this isn't working for me? Edit: Here is a drawing: https://imgur.com/a/yfWuthK Some background: we run IPSec tunnels to each provider. Currently, one provider VPN tunnel terminates on the ISR I have, the second provider terminates on an ASA. I want them both to terminate on the ISR. Both with public IP addresses. Both providers have some odd reasons for not changing the peer IDs, so I'm trying to figure out how to point each provider at the public IP that was assigned to them during the initial setup. One solution, since they have different routing tables, is to use VRFs. But, I can only ping the provider that has the VRF encapsulation set to vlan 1. If there is another way, I would be interested in it. [link] [comments]  | ||||||||
| Looking to switch to network automation role this summer Posted: 27 Feb 2019 12:21 PM PST Appreciate any pointers in how some folks made the transition in recent times. I've spending quite some time every day these days on restconf, Yang, netconf, python etc. [link] [comments]  | ||||||||
| I'm at work, trying to direct certain IPs to LAN and everything else to WiFi. Would love some help! Posted: 27 Feb 2019 03:59 PM PST I read this comment and this article but apparently I'm still doing something wrong. Here's my scenario. I have my routing table set to send everything over Wi-Fi by default (
Now, I know which ones are class A or B or C, and I know what the "default" subnet mask is for each. But I don't know what entries to make to force these ranges of IPs (like the What am I doing wrong? I know the destination field matches addresses by which is most specific. Where would the IP [link] [comments]  | ||||||||
| Help Choosing New Fiber Optic Modem Posted: 27 Feb 2019 03:43 PM PST For background I am a college student in charge of my fraternity's internet system. I've turned a collection of switches into a functioning network with UNIFI APs and a UNIFI Security Gateway acting as the network's router. I noticed however that although our internet connect is rated for 125/25, the Gateway is only receiving a 100 Full Duplex connection to the modem. The modem, according to our ISP (Metronet), is not supplied by them, although I find no information about the modem when I try to research its model number. I suspect the weak link in the network is the modem, which receives a fiber line from the wall. I was wondering if anybody could suggest a new modem that could support faster 1GBPs throughput , especially if we were to upgrade our service plan. Additionally, would this be a plug and play installation, or would I need to set up the modem? If so, what would that entail? [link] [comments]  | ||||||||
| I'm in a little over my head and need some help. Posted: 27 Feb 2019 10:56 AM PST Good afternoon guys. I landed a sweet internship while I'm in college. First off i work for a company that has 9 buildings and 5 IT guys including myself. As soon as i started working my boss gave me a huge job that I'm kinda in over my head with. So every switch the company owns are all pretty much out of the box default settings. Some had IPs set for management and nothing else was touched. I was tasked to figure out where every switch is and set them up. I took a few classes in college where my teacher actually taught CCNA and various other certification courses which probably helped me land this job. Myself and my boss are the only ones that know much about how to set up switches and the other three coworkers don't know much. Question one: We have a mix of Cisco and HP/Aruba switches scattered through the company. Is there a way to figure out what is physically connected to the port? They have zero documentation and this is part of my job. Eventually they want to vlan stuff out but if I don't know what is plug in which port i cant effectively vlan anything. Question two: is there some documentation out there on best practices on how to properly set up switches? Most of them have default settings and im making my way through them and setting things up slowly. I'm just doing the simple stuff such as setting up console passwords, disabling telnet and enabling SSH setting up other passwords. In this day and age security matters and i would like some guide lines on how to secure these things the best way possible. If this is the wrong place to ask these questions let me know. Thanks guys for any help! Edit: Thanks everyone for the great answers. I know this will be a fun project for me and i hope I learn a lot in the process. [link] [comments]  | ||||||||
| Change control will only allow L2 switch install after hours. Really? What's your experience? Posted: 27 Feb 2019 10:38 AM PST Does anyone have tips on dealing with Change advisory boards who deny change requests for simple items like this and demand it be performed afterhours? In the context of this request. This is a brand new switch....non stackable, that will have a single link extended to it from an existing stack of switches upstream. Already accounted for STP priority and set it accordingly to a value higher than the upstream switch, no vtp, and only 10 vlans. Who is in the wrong here. I see it as change control doesn't understand the technology or the words on the paper I've written so the just default to a "better do it on the weekend just in case" mindset. But a printer has just as much ability to flood a segment with bpdu's as a switch could possibly have. Does that mean you save printers until after hours as well? I guess my rant here is people who lack understanding of technology and create roadblocks in your career or work/life balance. Whats the most effective way to push back on ignorance like this. Or am I the one who is ignorant here? [link] [comments]  | ||||||||
| Best company to buy refurbished Cisco ASR from? Posted: 27 Feb 2019 10:22 AM PST Looking to purchase an ASR1001-x, the 10gb licenses, and smartnet. for under 15k CAD. I've gone through some Cisco partners looking for quotes and the licensing is killer. While the unit price was fine ($8200) the licensing to enable the 10Gb ports, support for the chassis, for the ip base license and for the support on the 10Gb port license totaled $20,000! This is madness. How can Cisco even offer a 2.5Gb default licensed option but not have the 10Gb ports enabled. Ridiculous. Anyone have any advice on buying grey / refurb? I've been on ebay and just random places on the internet and they all sell the router for about the same price as I was getting from the Cisco partners so I don't see the advantage. [link] [comments]  | ||||||||
| Connecting two Cisco switches via Access Ports Posted: 27 Feb 2019 01:58 PM PST Hello All, I know there is many forum posts on this topic, just hoping someone can point me in the right direction. I have a topology in which my switch is being connected to a client's switch. Both sides of the link are access ports but configured on different VLANs. We have a computer in a remote building connected to their switching infrastructure and we are hoping it will grab an IP from DHCP from our router. I made a quick and dirty diagram of what is going on. When traffic enters my switch on the port configured as Access for VLAN5, is the port tagging that traffic as VLAN5 and hopefully should grab a DHCP address from the appropriate scope, the same way as any other client would if they were directly connected to my switch on a port configured as Access for VLAN5? [link] [comments]  | ||||||||
| DIR / DIR Bootflash Not displaying any files Posted: 27 Feb 2019 01:31 PM PST Odd problem I ran across. Do a DIR or dir bootflash: command is not showing any files, even though there ARE files, most importantly the IOS on it. You can even see the show run calling for it in the config below. I also ran a dir all-filesystems and cannot find the IOS in the output at all. Thoughts? router# router##dir bootflash: Directory of bootflash:/ No files in directory 7113240576 bytes total (5711249408 bytes free) router##show run | i isr boot system flash bootflash:isr4300-universalk9.16.06.05.SPA.bin router# [link] [comments]  | ||||||||
| Posted: 27 Feb 2019 08:17 AM PST The pauses im assuming is because of jitter? It seems to occur randomly too, sometimes perfectly clear, other times not. Config: 2 stacked Aruba 3810M switch Cisco 5512-X firewall -> goes into fortigate firewall provided by ISP which goes into their modem IP Phones: Hardwired Yealink T46s Port 1/1 is going from switch to Cisco 5512-X firewall Cisco QoS Internet is Fiber directly to the building (150/150) Our ASA also is making a site to site tunnel to our data center, would that affect anything? VOIP Provider: Ring Central (Cloud hosted) [link] [comments]  | ||||||||
| Posted: 27 Feb 2019 06:00 AM PST Hi All, I'd like to understand the full end to end latency introduced by an Arista 7150s. Per the 7150 Data Sheet its roughly 350 nanoseconds on a 24port in cut-through mode. Cut Through Switching ( Only works under specific scenarios ) Technically frames can be switched after receiving the first 6 bytes which should contain the destination MAC, however most of the switches (including Arista/Nexus) will wait for the first 54 bytes to be received before making the forwarding decision. Errors are usually detected within these bytes. Source - 40GB not always faster then 10GB Store-and-Forward Switching The entire packet is stored in a buffer and then transmitted out, depending on MTU size this can slow the packet down a lot.
Is the total 393.2 nanseconds or am i missing anything ? I'd like to understand what latency if any is introduced going back to the wire? How will interface speed affect this? ingress will be slower to read the first 54 bytes if less than 10GB Thanks! [link] [comments]  | ||||||||
| Logging Cisco extended acls port information Posted: 27 Feb 2019 07:55 AM PST I have a cisco 3850 with two vlans and I have created two extended access-lists applied to these vlans. Each acl has a
When I type "show log" I see VLANXXXX_IN permitted tcp 10.10.10.10(0) -> 11.11.11.11(0) , 1 packet but I dont see any port info, all the lines of ip to ip communication have no ports, I wanted to turn on this type of acl to see the ports to create more granular access lists. I cant find anything on google/cisco to show me how to do this but im sure Ive done it before. [link] [comments]  | ||||||||
| Automated Cisco network crawler Posted: 27 Feb 2019 11:16 AM PST Hey I have in the past had people ask me about my network crawler and it was really complex and not good for normal people to run as it was complex. I did some work with docker and fixed that. Here is a demo of the setup and how to run it if any of you care. Works with Nexus and IOS stuff. Currently it doesn't do EIGRP. https://www.youtube.com/watch?v=koJc_LmFpAI I suggest watching at double speed [link] [comments]  | ||||||||
| Posted: 27 Feb 2019 10:55 AM PST I am currently a networking student working on implementing eigrpv3 across three different routers. From my understanding, Eigrpv3 seems fairly simple to implement. You just enter your AS number and Router ID. Then you enable it on the interface. For some reason, I cannot get router 1 to form an adjacency with router 2. However, router 2 will form an adjacency Router 3 and I'm at a lost. Here is the config I'm testing in packet tracer. Could someone tell me what I'm doing wrong? hostname R1 ! ! ! ! ! ! ! ! no ip cef ipv6 unicast-routing ! no ipv6 cef ! ! ! ! license udi pid CISCO1941/K9 sn FTX1524R4L6- ! ! ! ! ! ! ! ! ! no ip domain-lookup ! ! spanning-tree mode pvst ! ! ! ! ! ! interface GigabitEthernet0/0 ip address 209.165.201.1 255.255.255.252 duplex auto speed auto ipv6 address FE80::1 link-local ipv6 address 2001:DB8:ACAD:2::1/64 ipv6 eigrp 1 ! interface GigabitEthernet0/1 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ipv6 address FE80::1 link-local ipv6 address 2001:DB8:ACAD:1::1/64 ipv6 eigrp 1 ! interface Serial0/1/0 ip address 209.165.200.225 255.255.255.252 encapsulation ppp ppp authentication chap ipv6 address FE80::1 link-local ipv6 address 2001:DB8:ACAD:A::1/64 ipv6 eigrp 1 ! interface Serial0/1/1 no ip address clock rate 2000000 shutdown ! interface Vlan1 no ip address shutdown ! ipv6 router eigrp 1 eigrp router-id 1.1.1.1 no shutdown ! ip classless ip route 0.0.0.0 0.0.0.0 Serial0/1/0 ! ip flow-export version 9 hostname Router 2 ! ! ! ! ! ! ! ! no ip cef ipv6 unicast-routing ! no ipv6 cef ! ! ! ! license udi pid CISCO1941/K9 sn FTX1524A21O- ! ! ! ! ! ! ! ! ! ! ! spanning-tree mode pvst ! ! ! ! ! ! interface GigabitEthernet0/0 no ip address duplex auto speed auto shutdown ! interface GigabitEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/1/0 ip address 209.165.200.226 255.255.255.252 encapsulation ppp ppp authentication chap ipv6 address FE80::2 link-local ipv6 address 2001:DB8:ACAD:A::2/64 ipv6 eigrp 1 ipv6 enable clock rate 2000000 ! interface Serial0/1/1 ip address 209.165.200.230 255.255.255.252 ipv6 address FE80::2 link-local ipv6 address 2001:DB8:ACAD:B::2/64 ipv6 eigrp 1 ! interface Vlan1 no ip address shutdown ! ipv6 router eigrp 1 eigrp router-id 2.2.2.2 no shutdown ! ip classless ! ip flow-export version 9 [link] [comments]  | ||||||||
| Anyone here with experience with old Cambium equipment? Posted: 27 Feb 2019 06:14 AM PST I have a bunch of legacy Cambium equipment I'm dealing with that is not adhering to my modern network knowledge, so here is the background: Got a Cambium master AP at a main office. Have a Cambium AP at a satellite location. Both are PMP320s. These are configured for a VLAN. These two connect just fine, and I can hit the AP anywhere on my network downlink to it. Behind the AP at the satellite location is a Cisco SG300 switch. It has two VLANs (an uplink and a downlink) two IP4 interfaces defined (one for the uplink, the other for the local subnet). The port the 320 plugs into is defined as a trunk. I cannot see the switch past the AP no matter if I change my VLAN id to match the one on the AP or just keep it the ID it was. None of my traffic on the downlink VLAN is tagged. Supposedly, the Cambiums are supposed to take untagged traffic and tag it going on the uplink and vice versa. The AP Cambium is in bridge mode, not NAT mode, as that would not work for this application. I feel like I have to configure a static route or something on this switch to get it past the AP, but my gut is telling me something is still not configured right on this Cambium and information is scant on them, even the Cambium forum admins state that most of the guys that worked on this legacy Wimax equipment have moved on. [link] [comments]  | ||||||||
| Posted: 27 Feb 2019 09:33 AM PST I purchased a ubiquiti nanoswitch passthrough but this is passive POE and always outputs passive POE. I need a switch powered by active POE and does not output passive POE. 4 to 8 port unmanaged. Long of it: Have a location where getting ac power would be unnecessarily complex but need an unmanaged switch with at least 4 ports. Purchased a nanoswitch but this passes the passive POE out to all ports which would damage devices being connected to it. I've been looking online but when you search POE powered switch you get switches that output POE and take ac power it. Its fine if the switch can output POE so long as its not passive poe. [link] [comments]  | ||||||||
| HPE/Comware IRF Mis-configuration (loop?) Posted: 27 Feb 2019 09:13 AM PST Good day, folks. Got a question regarding HPE/Comware & IRF configuration. I've fallen in the standard trope of being immersed in the Cisco-verse and now assisting in managing an HPE environment. I've read through both the Configuration Reference and Command Reference guides and in doing so, believe I've discovered an issue with the IRF/stack configuration in addition to a severe bottleneck between the ESXi hosts and SAN; all installed and configured by a previous MSP. Topology and sanitized IRF related outputs. You will see the hosts are on on a separate stack than the SAN, but interconnected and bottlenecked by a single 1Gb link between an intermediate switch and the SAN stack. Additionally, I believe the IRF configuration on the SAN switch is incorrect and causing a loop. The configuration guide states--
I recently stood up LibreNMS and see on 3 of 4 40G interfaces used in the SAN IRF stack are indicating high levels of discards that appears consistent with this statement. . I believe to correct would require the SAN stack IRF Ports as shown below and per the configuration guide IRF-port 1 members are 1/0/41 & 1/0/42 IRF-port 2 members are 2/0/41 & 2/0/42
. I suppose after all of this, I'm just looking for confirmation. Am I seeing this correctly or missing some crucial bit of information? [link] [comments]  | ||||||||
| Posted: 27 Feb 2019 08:35 AM PST Hey all, I've been trying to get this thing set up for the longest and I'm really having a rough go of understanding the commands. I've checked multiple videos on setting it up and I'm just.. lost. What I'm trying to do is set up the wireless feature and assign the two ports I'll be using properly. If this is the wrong subreddit, please let me know and I will repost in appropriate one. Edit: I think it's very clear that I have no idea wtf I'm doing. I've just recently started studying for CCNA and I thought this would be a good way to get into the mix of things....... [link] [comments]  | ||||||||
| Why not have a big default L2 MTU on network equipment? Posted: 27 Feb 2019 07:28 AM PST I know what MTU is, I know what jumbo frames are, I just don't get it why vendors don't turn jumbo frames by default. What would be the downside? The only thing I can see is jumbo-traffic that's gonna be dropped on some device that doesn't support jumbo frames is gonna traverse the whole network before dropping. Is that the only reason? Edit: guys, I'm not asking about the benefits of turning on jumbos on the servers. I'm asking about the benefits of not turning on jumbos on the networking equipment. [link] [comments]  | ||||||||
| Best Network Monitoring Solution for Multi-Site Deployment? Posted: 27 Feb 2019 03:30 AM PST Hey guys, I'm just looking into a piece of work which requires a Network monitoring solution across 4 sites of medium size (branch offices, but with WLAN and VoIP) and 2 Azure locations. I'm looking into SolarWinds at the moment with distributed pollers but just wanted to see if anyone is running with a similar scenario and could impart any wisdom? I'm thinking that if the branch offices may be fine to be polled from the Azure central location, but just trying to workout the strain on the WAN connection and/or suitability! Thanks for any help/guidance you guys can give! [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment