Networking Valentine's Day Reminder Networking |
- Networking Valentine's Day Reminder
- OpenConfig - are you using it?
- How to draw huge network diagram?
- EIGRP Adjacency flapping, IPv6
- Cisco FTD deployment times
- Disjoint Spanning tree instances, all ports forwarding.
- Confusion over advertising routes between VRFs
- Cisco ASA Compatibility Question
- 2x DHCP hosts - slighty different results with trace route
- Linux is sending a single pkt larger than 15KBytes
- LAN Standardization
- What happens to the L2 portion of a packet when it gets to the first router?
- Devices for measuring length of MM fiber cable? 10g/40g
- Seeking advice on MDU deployment...
- Anyone seen unicast flooding but the destination MAC is in the CAM table?
- Cisco VIRL Question
- Need assistance for upgrading Cisco Catalyst 2960XR-48FPD-I stacked Switch
- Trying to connect 1GBASE-LX to Netgate XG-7100 with Intel X553 SFP+ - is this possible?
- x-Post from Sysadmin: Debate on IP Phone pass through
- not sure if this should go here, currently Cableone and level 3 are having some communication issues
- What is wrong with my IPv6 Announcement?
- Should I setup an additional Firewall to EC2 Instances in AWS or Security Groups are enough!
- VIOP Question Plz Help
| Networking Valentine's Day Reminder Posted: 13 Feb 2019 05:25 AM PST Did you forget to get your SO a valentine's day present? It's not too late guys: https://youtu.be/Z8MWl9UGwQo [link] [comments]  |
| OpenConfig - are you using it? Posted: 13 Feb 2019 03:29 PM PST I've been looking into alternatives to our current monitoring platform and found some information on OpenConfig out there which looks interesting. Have any of you looked into this, done a PoC on it, or have any thoughts to share? It does seem to be updated fairly regularly (latest commit 2 months ago?) and has several issues open on its github repository with updates in the last week or two, so it's fairly active. I can't find a whole lot of information on real use cases or success stories at the moment. [link] [comments]  |
| How to draw huge network diagram? Posted: 13 Feb 2019 12:40 PM PST Have 400 switches with 60 stack configurations. Firewalls, servers and wifi access points, ports, ip, hostmanes etc. How can i represent such huge topology? Attempt at visio resulted in 2 gig file. Recommendation? [link] [comments]  |
| EIGRP Adjacency flapping, IPv6 Posted: 13 Feb 2019 04:10 AM PST Feb 13 11:52:38.554: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::2 (Ethernet0/0) is down: holding time expired *Feb 13 11:52:46.255: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::1 (Ethernet0/0) is up: new adjacency *Feb 13 11:52:50.946: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::2 (Ethernet0/0) is up: new adjacency *Feb 13 11:53:01.260: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::1 (Ethernet0/0) is down: holding time expired *Feb 13 11:53:01.262: EIGRP: Build goodbye tlv for FE80::1 *Feb 13 11:53:05.955: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::2 (Ethernet0/0) is down: holding time expired *Feb 13 11:53:27.259: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::1 (Ethernet0/0) is up: new adjacency *Feb 13 11:53:32.060: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::2 (Ethernet0/0) is up: new adjacency *Feb 13 11:53:42.267: %DUAL-5-NBRCHANGE: EIGRP-IPv6 100: Neighbor FE80::1 (Ethernet0/0) is down: holding time expired *Feb 13 11:53:42.276: EIGRP: Build goodbye tlv for FE80::1 [link] [comments]  |
| Posted: 13 Feb 2019 04:38 PM PST Does anyone here have as much hate as I do towards Cisco FMC/FTD's? I'm looking to see if anyone has been able to cut down deployment times. I've talked with a few others in the area that have tested out/have the FTD's and the the general consensus is that deployments in general take a painfully long time. Right now, our deployments take around 15 minutes (I just had one take 30 minutes). This is already painfully long (especially if the deployment doesn't finish and we have to wait ~55 minutes until the deployment times out). I would honestly love to get these pulled out of production and move to something that causes less headaches. But, I want to know if anyone on here has come across similiar issues/has a fix. Here is a basic hardware overview: (2) Cisco FTD 4140's (Clustered) (1) Cisco FMC 1000 [link] [comments]  |
| Disjoint Spanning tree instances, all ports forwarding. Posted: 13 Feb 2019 12:36 PM PST Reddit, I'm looking for some advice as my google-fu seems to be failing me in finding the answers I'm looking for. I have diagramed the topology/network segment I'm referring to: https://imgur.com/a/CWxBio5
This was all configured prior to me joining the company and have come in blind as there was no documentation on anything. I am i no means a networking engineer and I am seeking some guidance. When checking the STP configuration on the Cisco stack and HP Switch1/2 both port channels are in a forwarding state on both sides. To me this would mean there is a networking loop. The HP switches are not stacked and not MLAG capable. I am confused as to why this would be the case. I can only assume it's due to the disjointed STP instances and BPDU's not making it through correctly. My aim is to move the port channels from the Cisco stack to the Huawei stack. I am unsure on how STP would react when carrying this out. If both portchannels remained in a forwarding state could this 'loop' be more catastrophic? On the HP side the portchannel has "no spanning-tree auto-edge-port" defined in it's config. There's no specific spanning-tree config on the Cisco interfaces/portchannels. there's no BPDU filtering that I can see it just seem's the Cisco stack is not passing them and not allowing for loop detection to take place. Can anyone help shed some light or point me in the right direction on how best to proceed? Thanks, [link] [comments]  |
| Confusion over advertising routes between VRFs Posted: 13 Feb 2019 03:21 AM PST Hi all A bit of background - i've recently started a new job and my employer has a complicated (at least by my standards!) networking implementation. The previous network admin left suddenly and didn't create much in the way of useful documentation, so i've had to reverse engineer a lot of things. From what I can gather, the sites were connected using MPLS and GetVPN, and some sites have been migrated to a DMVPN solution. The problem I have is that a site (Site1) connecting to a site in another continent (Site2). Both sites are connected to the same MPLS provider but the traffic is routed via the DMVPN Hub site, because the routers in Site1 aren't advertising any routes into the MPLS, so Site2 sends traffic to the MPLS default route which is the hub site, and the traffic from there enters the DMVPN cloud. This is causing a huge amount of latency for the users. I've simplified and/or obfuscated IP addresses where possible Site1 = 2x Cisco 892 routers connected to both an MPLS and internet circuit. Router is using EIGRP on the inside and BGP on the outside. HSRP configured on the inside. Site2 = 2x Cisco 2800 routers connected to an MPLS circuit. Routing done using EIGRP. Site2's config is very simple so I don't think the issue resides here. The internal network is 192.168.0.0/16 , 172.16.0.1 is the next hop on the LAN side Site1's config on the other hand ... There are two VRFs configured. One for MPLS and one for INET. There is a firewall behind the router and there are two transit VLANs used, one for internet traffic and one for traffic to the other sites, i'm not really clear on why this was done. The actual internal network of Site1 are a few different subnets e.g. 172.20.1.0/24 but it's connected through a spaghetti of other devices with different interfaces in between. Site2's routers can see the MPLS interface of Site1 advertised through EIGRP but not the LAN: Site1 doesn't have any routes to this network so traffic goes to the hub site over the DMVPN: So, I read about route leaking (https://www.netcraftsmen.com/using-vrf-lite-eigrp-and-static-routes/), I thought a configuration like this would work, but I still don't get the routes visible from the remote sites Can anyone point me in the right direction? I feel like this isn't the complete config but i'm not sure what else im missing... sorry for the long post, my head hurts!! Diagram: https://i.imgur.com/orh0SUe.jpg [link] [comments]  |
| Cisco ASA Compatibility Question Posted: 13 Feb 2019 09:50 AM PST Not a Cisco guy, but I have a 5515-x K8 that is EOL and we're not ready to pull the trigger on replacing it at this point in time, even though we cannot get a new SmartNet on it. I've seen refurbished 5515-x K9's out there. I assume this is a newer model, than the K8. What I want to know is if I had a K9 here as a 'warm spare' and in the event of a failure of the K8 pushed a copy of the running config on the device or a full image of the K8 to the K9 would it operate correctly? I'm curious about this as an interim BCP plan that we know is flawed, but kicks the can down the road until we can bite the bullet for Palo Altos that we want so badly. [link] [comments]  |
| 2x DHCP hosts - slighty different results with trace route Posted: 13 Feb 2019 08:09 AM PST **SOLVED** - You are all great. Ty! I have 2x PC that are getting 2 different results with traceroute out the VPN. Path: PC -> Switch (L3 gateway) -> FW -> (VPN) -> ..... Now the gateway of the switch is the FW, not the best setup, babysteps. However, I'm hitting the switch as first hop, he is not. What could be causing this behavior, we both have the same GW configured. Essentially the both reach the destination, but I'm hoping this isn't a bomb waiting to explode. TL;DR - 2x PCs pulling DHCP connected to the same switch, using TraceRT - only 1 shows the switch (Default gateway L3) as a hop. [link] [comments]  |
| Linux is sending a single pkt larger than 15KBytes Posted: 13 Feb 2019 01:10 AM PST I see a single packet larger than 15KBytes on the wire. In a simple 3 node topology in a straightline. NodeA<------ NodeB<--------NodeC Traffic is flowing from NodeC to NodeA. Capture is done from egress side of NodeC and ingress side of NodeB. wireshark is capturing over 15KBytes as displayed in the "Frame Length" field (I've disabled Tcp follow stream). I could blame it on the NIC not following standards etc, but want to understand this a little more and ways to avoid it. Reading online, there are some Large Send Offload settings that may trigger this. Has anyone seen pkts larger than 10K in their network? [link] [comments]  |
| Posted: 13 Feb 2019 11:14 AM PST Hi everyone and thanks in advance! A little background here. We have 2 offices and 2 data centers with each site having DIA and MPLS circuits running DMVPN. Right now the VLAN/Subnet architecture is all over the place, with no consistency, and no rhyme or reason. I would like to standardize the network and make it so that each office site has consistent VLANs (e.g. VLAN 20 would be VoIP at each office site). This makes sense to me for the offices, but for the data centers I'm unsure of how to approach this, as there is talk of possibly spanning layer 2 between the data centers, so I'd like some guidance or reference material to study up on best practices for LAN standardization in data centers. [link] [comments]  |
| What happens to the L2 portion of a packet when it gets to the first router? Posted: 13 Feb 2019 08:10 AM PST I am reading through this page about networking and had a question about the ARP table portion. This is the network in question. This is the packet being sent. I understand that L2 has the host as source and to leave the first network, it has an L2 Destination of the first router. However, once it gets to the Router, the L2 is "complete" right? It reached its destination. However, the packet still needs to make its way over to the Red Network. Does that mean the L2 destination gets written over with the next destinations MAC Address? Thus, does L2 change multiple times through a packet transmission? Thanks for any insight! [link] [comments]  |
| Devices for measuring length of MM fiber cable? 10g/40g Posted: 13 Feb 2019 01:59 PM PST Does anyone have familiarity with devices for testing fiber cable lengths? Did a little googling but so far am not finding what I'm looking for. I don't really need to test for faults although that would be a nice bonus. Looking for something that you can plug 40G or 10G LC/LC and/or MTM connector cables into.. are there things that can do both? [link] [comments]  |
| Seeking advice on MDU deployment... Posted: 13 Feb 2019 07:54 AM PST My team was recently brought in to take over where a previous contractor failed to meet timelines along with overall failure of the projects. One of the terms of the contract they signed was to build networks (7 of them were "completed") which provided 10Gbps backhaul from an MDU to anywhere from 2 to 30 IDFs, whether these be in a high-rise building or structured more like an apartment complex. The consistent issue across the board is that OM1 MMF was originally deployed between the MDF and each IDF. Where the complexity comes in is the MDF core switch is a Brocade ICX7750, which while it is a powerful switch and full-featured, it requires special 10GBASE-LRM optics in addition to only accommodating 12 10GB-LRM in a single chassis. We didn't know this when we got involved to take over the contract, and are looking for a way to continue deploying at each of these sites where OM1 fiber is in place, at distances of 900+ feet, and where 10GB is a requirement. With that being said, we have considered mode-conditioning fiber cables so that we can use 10GB-LR modules on MMF which may help some, but it's still not ideal. I am completely unconvinced that 10GB-SR would be feasible to operate on this since all of the links are >30 meters. So, aside from the idea of stacking media converters or going to the client and asking them to replace a 48 port 10GB/6 port 40GB switch with something that's more accommodating for this build, what would you guys do? I've considered going as far as placing a stack of Routerboard CRS317 units with 2 DACs for the uplinks to the 7750 and then 10GB-LRM off those to each IDF which would be fairly reliable and expensive to deploy, but I am trying to avoid any additional equipment in these sites since so many of the racks are near capacity. [link] [comments]  |
| Anyone seen unicast flooding but the destination MAC is in the CAM table? Posted: 13 Feb 2019 05:11 AM PST This is from some catalyst switches, I've confirmed the unicast flooded traffic's MAC destination is in the CAM table. Storm-control is triggering ingress from the access ports. I know what the common solutions are to this, but I am finding a hard time understanding why it's happening if the MAC is there in the table to forward it up. TCAM utilization is fine. [link] [comments]  |
| Posted: 13 Feb 2019 11:28 AM PST I've got VIRL installed but keep getting 'Advanced key value store' failure during the VIRL bootup and do not have the address for the UWM listed above the virl@virl:$ prompt in order to get the GUI functioning. Anyone here have VIRL king fu? [link] [comments]  |
| Need assistance for upgrading Cisco Catalyst 2960XR-48FPD-I stacked Switch Posted: 13 Feb 2019 10:49 AM PST Iam planning to upgrade IOS in stacked switch 2960XR. Cisco doesn't have any documentation for steps for upgrading image in this switch model however it does have a document for upgrading image in 3750 stacked switch (link below). I have few questions:
[link] [comments]  |
| Trying to connect 1GBASE-LX to Netgate XG-7100 with Intel X553 SFP+ - is this possible? Posted: 13 Feb 2019 10:37 AM PST So we are setting up a test lab in a data-centre, and I'm learning all this stuff trial-by-fire...lol. The datacenter provides internet connectivity via 1G LX (Single Mode). So my plan was to source 1GBASE-LX SFP modules. For the router, we are ordering Netgate XG-7100's, which have two in-built SFP+ ports. It also has a PCIe slot - so I thought I could add additional ones if needed via an Intel X520-DA2. However, I've been told that the XG-7100 won't take SFP+ cards, due to insufficient cooling/power. Furthermore, apparently the in-built Intel X553 SFP+ ports do not take SFP modules =(. What are our options here? Should we bite the bullet, and get media converters? Or is this a SFP+ module that will work with 1G LX? [link] [comments]  |
| x-Post from Sysadmin: Debate on IP Phone pass through Posted: 13 Feb 2019 09:32 AM PST It's amazing to see the comment contrast on /r/sysadmin when it comes to IP phone pass through: https://old.reddit.com/r/sysadmin/comments/aq5afb/again_with_the_ip_phones/ Compare this to the debate thread that we just had a couple weeks ago in regards to phone pass through. Really puts it into perspective how different sectors in IT think. [link] [comments]  |
| not sure if this should go here, currently Cableone and level 3 are having some communication issues Posted: 13 Feb 2019 09:29 AM PST this is PSA for anyone who might be looking for info for this issues. but looks like CableOne looses its connection when handing off to Level 3. as of right now they are the only isp i have found that is having this issue. [link] [comments]  |
| What is wrong with my IPv6 Announcement? Posted: 13 Feb 2019 07:44 AM PST I'm trying to get the basics of IPv6 ready in my SP deployment (Yeah we're years behind of any config and knowledge). IPv4 is easy enough to deploy and turn up new BGP peers, but something is kicking my ass with this IPv6. Any insight into what I'm missing here? Thanks! [link] [comments]  |
| Should I setup an additional Firewall to EC2 Instances in AWS or Security Groups are enough! Posted: 13 Feb 2019 07:36 AM PST |
| Posted: 13 Feb 2019 07:29 AM PST I need to set up three Cisco IP Phone 7940 connected to each other to simulate a network. The phones only need to be able to make calls to each other no other networking is needed. I am doing this for my college and they already use VOIP that I cannot interfere with. What is the easiest way to make these phones work without any other networking? Thanks in advance. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment