Blogpost Friday! Networking |
- Blogpost Friday!
- What gateway are devices using - Cisco Router
- Minimum distance for Single Mode fiber -LR SFP?
- SSH AND Telnet Libraries to use in same Python Script?
- VoIP Latency issue, looking for opinions / advice
- OSPF question
- please point me to which f5 networks product i should be looking at.
- Thoughts about UBNT
- ipsec over Dmvpn Spoke to spoke not working ?
- SNMP Traffic Monitoring on Subinterfaces
- Any Advice? Infected Network
- vPC question
- Cisco switches - changing from 1G RJ45 to 10G SFP
- Server mapped out and printed.
- How are you using the "location" and "contact" fields in SNMP?
- VoIP latency conversion figures
- Multi-mode SFPs with SMF, link-light. Multi-mode SFPs with MMF, no link-light.
- Finally figured out traceroute mac on Cisco L3 switches
- BGP Optimization Solutions?
- Best Cat6 Outdoor/Indoor rated cable (Suggestions)?
- What is the big deal with Ubiquiti?
- BGP prefix-list question
- VMware is looking for a Solutions Engineer (Bay Area, CA)
- Visio Stencils - Minimalist Flat Design
- WAN Serial PPP Link (AT&T Fiber, business)
| Posted: 02 May 2019 05:04 PM PDT It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts Feel free to submit your blog post and as well a nice description to this thread. [link] [comments]  |
| What gateway are devices using - Cisco Router Posted: 03 May 2019 02:19 PM PDT My company's standard is to use x.x.x.1 as the default gateway for a subnet. We bought a company that uses x.x.x.254. A coworker replaced the router a while ago at one of their warehouses and did this... He also changed dhcp to hand out .1 as the default gateway. Here is my problem, there is still a random mix of static devices out there that use .254 as the default gateway and I want to remove .254 from the config. I know I can log into each static device manually and look at the network config or remove the gateway and see what breaks but this situation got me thinking. I have no idea how I would be able to tell what gateway is used by what device from the router or another tool. Even a packet capture will only show the destination MAC address but the same MAC is used by both gateway IP addresses... Anyone have any ideas on how to track what the default gateway is set to on a device without logging into it? I'm mostly just curious. Edit: I may need to clarify my question. I know what devices are set to static already. There are about 60 printers with static IP addresses and my guess is there is 20 of them that still use the gateway (192.168.5.254) my goal is to be able to tell what printers are still using that gateway with out logging into all 60 one at a time. [link] [comments]  |
| Minimum distance for Single Mode fiber -LR SFP? Posted: 03 May 2019 08:16 AM PDT Hi all, I am in the process of purchasing what is necessary to move our infrastructure over to SMF. Im particularly interested in minimum distance needed for -LR SFP's. It is 2m according to https://www.cisco.com/c/en/us/products/collateral/interfaces-modules/transceiver-modules/data_sheet_c78-455693.html However, is that overall length or does patch cabling affect this? Id like to use 1m cables from switch stack to patch. Does the amount of patch cables affect this as well? Ex, stack, to LIU, to LIU (middle LIU), to LIU, to Core. Appreciate any help! EDIT: I should have noted that I am not experienced in fiber. This, in fact, would be my first network overhaul that would not be predominantly copper backbone. Thank you all for the input! [link] [comments]  |
| SSH AND Telnet Libraries to use in same Python Script? Posted: 03 May 2019 02:20 PM PDT I'm fairly new to scripting so please bear with me. I built a script that uses Netmiko to go out and check firmware on our devices. I wanted to incorporate telnet into this as well. We have a shop of mixed vendors as well as a mix of SSH/Telnet (don't ask) and i'm having trouble trying to do this. I don't think there's a way to load a json file to use with Telnet like there is with Netmiko correct? If that's the case, what's the best way to load a list of devices, where I could only call one file, rather than make two separate files. Sorry if this is vague. If you need more info, please let me know. Thanks. [link] [comments]  |
| VoIP Latency issue, looking for opinions / advice Posted: 03 May 2019 01:37 AM PDT First of all, I'm by no means a network admin, please keep that in mind. We're experiencing issues with our VoIP calls, it always has a delay in communication when making external calls. Our setup:
When I do an local call, from 1 VoIP phone to another I have no issues at all. No latency. When I make an outbound call it's really noticeable. Probably half a second of delay. I've done all I could think of, so that's why I'm reaching out for help.. Things I've tried as well:
IS it a reasonable possibility, our ISP itself the issue?? I've got no idea what other steps I can take to test things. Advice would be greatly appreciated! [link] [comments]  |
| Posted: 03 May 2019 09:07 AM PDT Would a change in route cause a network/internet outage? Basically i took out a static route from one device so it could be redistributed via ospf from another. Apparently this coincided to an outage throughout the campus (clients unable to go to the internet). The route in question wasn't our default route (also via ospf) but i'm guessing maybe since ospf was changed the time it needed to reset caused all of this. TIA [link] [comments]  |
| please point me to which f5 networks product i should be looking at. Posted: 03 May 2019 02:48 PM PDT i am working on a large scale Bosch Video Management System and hitting a roadblock with there support. Even with level 3 support on the network design. At the hub I have the MGMT and pieces up and running, at the spoke I have the Cameras and Storage. Per the docs I have to port forward 500xx to the camera over the VPN (We are using Meraki) to the 443, i knew this part was going to be a problem but the sales and support upfront said our product will work just fine. Well it didn't and i stood up a NGINX machine as a proxy for TCP and UDP.
this solution works however I want to get the machine off my vmware cluster and on a hardware semi easy platform for anyone to add entries in. Each camera starts to stream up to 1.5mb and going live with 900 cams as this project ramps up. So please point me to a f5 1u appliance, new models or older models i can check out. thanks! [link] [comments]  |
| Posted: 03 May 2019 02:34 PM PDT Hello I am looking to use UniFi point to point to set up some cameras roughly 600 feet away for a business. I have heard a few bad things from my product reps that say "Ubiquiti is cheap for a reason and after a year or so venders are having to rip it out and replace it with real products." Is this true? does anyone have experience running UniFi P2P? I have heard a few other brands being mentioned rukus, fluidmesh and so on. But the cost is almost 3 times UBNT pricing. [link] [comments]  |
| ipsec over Dmvpn Spoke to spoke not working ? Posted: 03 May 2019 09:53 AM PDT Hi, I'm having connectivity issue from spoke to spoke communication. Both spokes can reach the hub. Here the details and configuration. 📷 Configuration: Hub: interface Tunnel1 ip vrf forwarding test ip address 1.1.1.1 255.255.255.0 no ip redirects ip mtu 1400 ip nhrp map multicast dynamic ip nhrp map group test service-policy output test-out ip nhrp network-id 1111 tunnel source Loopback0 tunnel mode gre multipoint tunnel key 1111 tunnel protection ipsec profile prof1 shared crypto isakmp policy 10 encr 3des authentication pre-share group 2 crypto isakmp key address 0.0.0.0 no-xauth crypto isakmp keepalive 10 crypto ipsec profile prof1 set transform-set tras1 crypto ipsec transform-set tras1 esp-3des esp-md5-hmac mode transport Spoke1: interface Tunnel1 ip address 1.1.1.2 255.255.255.0 no ip redirects ip mtu 1400 ip nhrp authentication 1111 ip nhrp map 1.1.1.1 111.1.1.1 ip nhrp map multicast 111.1.1.1 ip nhrp network-id 1111 ip nhrp nhs 1.1.1.1 ip nhrp server-only tunnel source 192.168.1.1 tunnel mode gre multipoint tunnel key 1111 tunnel protection ipsec profile prof1 end crypto isakmp policy 10 Spoke2: interface Tunnel1 ip address 1.1.1.3 255.255.255.0 no ip redirects ip mtu 1400 ip nhrp authentication 1111 ip nhrp group test ip nhrp map 1.1.1.1 111.1.1.1 ip nhrp map multicast 111.1.1.1 ip nhrp network-id 1111 ip nhrp nhs 1.1.1.1 ip nhrp server-only tunnel source 172.16.1.1 tunnel mode gre multipoint tunnel key 1111 tunnel protection ipsec profile prof1 crypto isakmp policy 10 encr 3des authentication pre-share group 2 crypto isakmp key ippccwsec address 0.0.0.0 no-xauth crypto isakmp keepalive 20 3 ! crypto ipsec transform-set trans1 esp-3des esp-md5-hmac mode transport crypto ipsec profile prof1 set transform-set trans1 Verification: Hub: #sh crypto isakmp sa | i 111.1.1.1 80.1.1.1 QM_IDLE 54023 ACTIVE 111.1.1.1 122.2.2.2 QM_IDLE 54022 ACTIVE #sh dmvpn | beg Tunnel1 # Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb ----- --------------- --------------- ----- -------- ----- 1 80.1.1.1 1.1.1.2 IKE 1d00h DN 1 122.2.2.2 1.1.1.3 UP 00:25:03 DN #show ip nhrp tunnel 1 1.1.1.2/32 (test) via 1.1.1.2 Tunnel1 created 1d01h, expire 01:54:25 Type: dynamic, Flags: unique registered used nhop NBMA address: 80.1.1.1 Group: GRPMAP-TMS-MGMT-1M (Claimed NBMA address: 192.168.1.1) 1.1.1.3/32 (test) via 1.1.1.3 Tunnel1 created 01:44:44, expire 00:08:21 Type: dynamic, Flags: registered used nhop NBMA address: 122.2.2.2 (Claimed NBMA address: 172.16.1.1) Spoke 1: #sh crypto isakmp sa IPv4 Crypto ISAKMP SA dst src state conn-id status 111.1.1.1 192.168.1.1 QM_IDLE 1002 ACTIVE #ping 1.1.1.1 (HUB) Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 900/907/919 ms #ping 10.10.10.3 source 10.10.10.2 (spoke2) Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.3, timeout is 2 seconds: Packet sent with a source address of 1.1.1.2 ..... Success rate is 0 percent (0/5) Spoke 2: #ping 1.1.1.1 (HUB) Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 590/603/622 ms #ping 10.10.10.2 source 1.1.1.3 (Spoke1) Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds: Packet sent with a source address of 1.1.1.3 ..... Success rate is 0 percent (0/5) Please let me know if you need more details and output.. trying to get more tshooting tips as possible as I'm still new with advance tshooting. Thanks [link] [comments]  |
| SNMP Traffic Monitoring on Subinterfaces Posted: 03 May 2019 06:01 AM PDT Quick question.... We recently purchased some Nexus 3064PQ switches, and I have set up some subinterfaces for one of our customers to separate their public/private/voice/etc networks. I have them set up as the gateway for all those networks, however I have prtg and I am trying to monitor each subinterface individually. PRTG recognizes the subinterfaces and lets me add the sensors, however, there is no traffic being reported and when I run sho int et1/1.x on the switch, there are no packets in the counters for inbound or outbound. Is there a feature I need to enable, or is the nexus not able to report snmp traffic on subinterfaces? Thansk. [link] [comments]  |
| Posted: 03 May 2019 03:27 PM PDT So, we have a PFSense router running our main LAN and a Microtik running the Guest LAN, and I've been struggling with a network infection for a few months now. Got WebRoot and Malwarebytes installed on all the PCs and my PC also runs Symantec. The first thing we're noticing is a blocked Trojan when web browsing. The site doesn't seem to matter, it's the same blocked Trojan every time: xmr omine org and IP 59 127 213 219, the port changes every time. The second thing we've noticed is porn popups from the site bongacams when web browsing. Third is reported by Symantec when I navigate to our Microtik's IP address: "Web Attack: JSCoinminer Download 61." To troubleshoot, I've run regular scans with Malwarebytes, WebRoot and SuperAntiSpyware on every computer. Then, I've reinstalled Windows 10 on computers reporting the popups. Finally I installed Snort on our PFSense router and configured it to use the security IPS profile and enabled blocking after removing some false-positives. Nothing has stopped the infection, and I'm not entirely sure what to do next. Any suggestions? [link] [comments]  |
| Posted: 03 May 2019 11:20 AM PDT I'm setting up a vPC (having never done so before) between our N7Ks down to our N5ks. I'm sure curious as to whether the vPC network in This Link will work with a single VPC domain, or if i would need to make a domain per 5k? Looking at Cisco's best-practice for VPCs, all of their images I saw only had a single downstream per domain for single layer VPC. Thanks in advance. EDIT: Let me know if more information is needed. I thought this would be enough for the question. Also this is a not a layer 3 VPC. [link] [comments]  |
| Cisco switches - changing from 1G RJ45 to 10G SFP Posted: 03 May 2019 10:52 AM PDT Hello We're upgrading from 1G copper RJ45 switches to 10G switches and plan to use SFPs on the switch side. Is there a specific type of copper SFP model we need in order to support our endpoints? We'd like to re-use the existing copper cabling so that we can just move the switch side connections when we come to move the servers from old switch to new switch. Thanks AK [link] [comments]  |
| Server mapped out and printed. Posted: 03 May 2019 08:31 AM PDT Does anyone do anything like this? I might be calling it the wrong thing but basically I plan to map out the server in a physical form. A simple excel sheet with the ports, color coded to the config we have and what they connect to. Along with other important info SNs,Macs,and where to find the base config for the switch itself. Just trying to stay ahead if something were to fail and there is little to no access to any local PCs that would house the info I plan to put on these sheets. Good idea? Shit idea? Better way to do it? [link] [comments]  |
| How are you using the "location" and "contact" fields in SNMP? Posted: 03 May 2019 02:23 PM PDT I'm at a point where I'm deciding what the standard should be to standardize all of our SNMP field devices across 8 sites (mostly colocations, but also two offices). I'm trying to think of how I want to use these two fields. # Location: I see a few options:
# Contact: A few options
I'm thinking in the context of network monitoring tools, as well as inventory and provisioning systems. All of these are underdeveloped in our environment so I have a hard time coming up with a solid case for which of those options fill our current needs. One of our monitoring tools does automatically group devices based on SNMP location, and then you can put other data in the NMS about that location (like GPS coordinates). What are you doing? Have you seen any clever re-use of any of these fields? [link] [comments]  |
| VoIP latency conversion figures Posted: 03 May 2019 08:01 AM PDT Is there a resource online where I can get conversion latency figues from Analog to E1, or Analog to IP, or E1 to IP for say Cisco kit or similar? I have a bench setup which has a round trip delay of circa 250 ms, and the tech support guys are trying to convince me the my analog to IP conversion will be nearly 50ms worth of latency. Obviously that means 4 conversions in a round trip test which is circa 200ms,but that can't be right... how do international circuits work if these or the figure I get on a simple bench LAN setup [link] [comments]  |
| Multi-mode SFPs with SMF, link-light. Multi-mode SFPs with MMF, no link-light. Posted: 03 May 2019 06:22 AM PDT New remote site, we thought there was MMF in place from the DMARC to MDF, but turns out it was SMF. We ordered MM SFPs for the DMARC side (Ciena) and MM SFPs for the MDF side (Meraki SW). Tech onsite connected the fiber (1 long 220ft LC-LC fiber jumper) we got link light, but our throughput was only 10mbps. Turns out it was SMF connecting DMARC to MDF. Order a new LC-LC 220ft fiber jumper but made sure it was MMF. Ran the fiber, connected both ends, no link-light. Tried swapping the cable ends (think ciena was just passthrough), no luck. Tried swappign SFPs, no luck. Here's the notes I have two simply diagrams I made. --DMARC-- Ciena 3903x (To MDF) SFP Port2: Ciena SFP (XCVR-B00G85) (From Street) SFP Port3: Ciena SFP (XCVR-A10Y31) --MDF-- Meraki MS120-24p SFP Port25: Meraki SFP (MA-SFP-1GB-SX) Link-light - https://i.imgur.com/IBr6wDV.png [link] [comments]  |
| Finally figured out traceroute mac on Cisco L3 switches Posted: 03 May 2019 01:51 PM PDT Just want to put this out there for whoever needs it. For those who don't know, the "traceroute mac" command will perform a L2 traceroute to tell you the switch and port that the MAC is found on. Syntax is like this: Pretty handy, but it wasn't working for me consistently. If you're using traceroute mac and it keeps failing, it's probably for one of two reasons:
I've been racking my brain trying to figure out why it failed on some MACs but no others, and there's not a lot of documentation about it. Hope this helps someone in the future! [link] [comments]  |
| Posted: 03 May 2019 09:36 AM PDT Hey everyone, I was looking at a couple of solutions for BGP optimization for the enterprise edge routers, I came across solutions provided by Noction and by Expereo. I was wondering if anyone here had tested these or any other ones. Are they any good? Do they Work as advertised? Any bad experiences? Please do share. [link] [comments]  |
| Best Cat6 Outdoor/Indoor rated cable (Suggestions)? Posted: 03 May 2019 01:19 PM PDT Looking for recommendations on outdoor rated cat6 cable or cat5e. Looking online there are more than a few selections and I know to look out to avoid aluminum cooper. Suggestions are welcome. Thanks! [link] [comments]  |
| What is the big deal with Ubiquiti? Posted: 03 May 2019 04:31 AM PDT Am I missing something? Why is Ubiquiti hardware so highly regarded right now? My FOMO meter is off the charts.. [link] [comments]  |
| Posted: 03 May 2019 03:39 AM PDT Hey networking, Had a quick question in regards to BGP outbound filtering using prefix-list. My configuration below: If I run a "show ip bgp neighbor 192.168.1.1 advertised-routes", I shows that I am correctly advertising the /19. However, if someone on the other side wants needs to reach 172.16.5.0/24, which is part of the /19, it fails; there's no reachability at all. In order to make it work, I have to create a new statement in the prefix-list allowing the specific 172.16.5.0/24, and then it works. I though that the /19 outbound would cover anything that falls under the /19, including the 5.0/24 network. So people on the other side trying to reach the 5.0/24 should have no problem, correct? Can someone shed some light into why this is? EDIT: I understand that not allowing the /24 through will mean that the other side won't see it, since it doesn't have any ge/le statements, it will only allow the /19 through. However, this is more of a case as to why my BGP peer isn't using the /19 to reach the /24, when clearly the /24 falls under the /19. The /19 should serve as a catch all for all 172.16/19 networks trying to reach me; I shouldn't have to allow all my specific prefixes through for this to work. [link] [comments]  |
| VMware is looking for a Solutions Engineer (Bay Area, CA) Posted: 03 May 2019 02:19 PM PDT Hi, I'm a fan favorite of this subreddit for years now. I didn't see anything against the rules about posting positions so I hope I'm not violating any. I do however see a lot of talent in /r/networking. My team located in the Bay Area, CA is looking for a Senior Solutions Engineer. The listing is here - https://careers.vmware.com/job/palo-alto/solutions-engineer/1567/11265733 . I'm happy to be available to answer any questions regarding day to day work, culture, team dynamics, ect. [link] [comments]  |
| Visio Stencils - Minimalist Flat Design Posted: 02 May 2019 07:14 PM PDT Hi There I'm wanting to redo all my logical network diagrams and have traditionally used the Cisco stencils in the past. I'm wanting to go with a very minimalist sleek flat diagramming style now and was wondering whether there are any recommended stencils out there for network diagrams that are flat and minimalist, and look really good? Thanks [link] [comments]  |
| WAN Serial PPP Link (AT&T Fiber, business) Posted: 02 May 2019 08:30 PM PDT AT&T gave us what appears to be a PPP encapsulated serial WAN link handoff. I have a Unifi router. I want to avoid a Cisco router or device. I'm looking for something that can plug into the serial handoff, do the deencapsulation, and give me IP/Ethernet. I'd imagine there is a family of devices that does this and this alone. What might these be referred to? Google is failing me. Cisco pays for a lot of placement! [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment