Moronic Monday! Networking

---

• Moronic Monday!
• What are the networking websites that you visit daily/weekly to catch up on newest trends?
• MikroTik Dynadish 5 or QRT 5 for a 1.6 KM distance point to point wireless connection?
• Cisco and Meraki Price Increases due to Tariffs
• What is a 'flash: ' directory ? I am using a jumpStation
• Passing link state in L2 topology
• I got virgin media business but can't connect to it
• ASA HA/Failover pair and the outside IP. Does my outside connection need a standby IP?
• Palo v Check Point: I posted this on the Check Point board, but sharing here as keen to hear thoughts from a broader community. Please let me know your thoughts!
• Suggestions on setting up active-standby firewalls for primary/backup datacenters.
• Ruckus AP Management and VLANs
• How long would you expect it to take for BGP to failover?
• ADFS vs. F5 BIG-IP
• Getting paid to fill a Cisco credential quota??
• Packet broker what are you using?
• Large Enterprise - What NMS are you using and why?
• IPFIX on OVS Switches :: Issues I've Encountered
• Fiber adapter options
• NPS/RADIUS issue
• Cisco 2960x to Cisco 3850 - SFP?
• Securing a Cisco router connected to Internet
• Wireshark SIP Signaling: Double Packets
• Public Peering
• VXLAN EVPN over ISP MPLS
• ACI - Bridge Domains

Moronic Monday! Posted: 02 Jun 2019 06:04 PM PDT It's Monday, you've not yet had coffee and the week ahead is gonna suck. Lets open the floor for a weekly Stupid Questions Thread, so we can all ask those questions we're too embarassed to ask! Post your question - stupid or otherwise - here to get an answer. Anyone can post a question and the community as a whole is invited and encouraged to provide an answer. Serious answers are not expected. submitted by /u/AutoModerator [link] [comments]

What are the networking websites that you visit daily/weekly to catch up on newest trends? Posted: 03 Jun 2019 10:25 AM PDT submitted by /u/bgptcp179 [link] [comments]

MikroTik Dynadish 5 or QRT 5 for a 1.6 KM distance point to point wireless connection? Posted: 03 Jun 2019 07:46 AM PDT Hello I'm not sure of the difference between these two devices. The MikroTik router will be placed at the source of the network and on the receiving side I already have a Ubiquiti Powerbeam M5 400. background noise is moderate in a semi urban area. Can someone who knows this stuff help me please? here are the links for the devices: https://mikrotik.com/product/RB911G-5HPnD-QRT https://mikrotik.com/product/RBDynaDishG-5HacDr3 submitted by /u/stopbanningmeples [link] [comments]

Cisco and Meraki Price Increases due to Tariffs Posted: 03 Jun 2019 01:26 PM PDT submitted by /u/SquizzOC [link] [comments]

What is a 'flash: ' directory ? I am using a jumpStation Posted: 03 Jun 2019 09:35 AM PDT So I am an intern at a company that writes python scripts to automate the testing of networking devices. I learned something new today and I was wondering if anyone can clarify this for me. Today I was to test a switch and login it using putty (SSH). So what in putty I can access the python console. When you are in the python console, you can run any script you want as long as it's in your current directory. I had trouble running a script today because my python files were in the C drive on the local directory of the jump station. However, python was saying there is no file with a certain name in this directory. So I type commands to tell me what directory putty/python is in currently: >> import os >> os.getcwd() and the output was: 'flash: ' What is this directory ? A coworker told me it is a RAM but I'm a little confused here. Keep in mind this is a terminal for a switch. Can anyone describe to me what is a 'flash: ' directory ? Thanks for the help! submitted by /u/binarySearch_recurse [link] [comments]

Passing link state in L2 topology Posted: 03 Jun 2019 09:02 AM PDT Hey everyone, looking for some advice regarding a L2 customer aggregation project we're working on. We recently bought some NCS 5001s to use in Satellite mode with our ASR 9Ks for the sole purpose of 1G customer aggregation. ASR9K would be all 10G ports, NCS all 1G with a bundle between the two. 10G customers would peer (BGP) directly to the ASR, 1G customers to the NCS in satellite mode (managed by the ASR). Turns out the NCS in satellite mode forces auto negotiation, and Cisco's solution is to "tell customers they must use auto negotiation " which is not a viable solution for us. So now we have NCS 5001 that we are trying to not have to RMA. Using the NCS as a standalone L3 device would be simple enough, although buying the licenses for this would be pretty expensive, as well as more work from a management / provisioning perspective. As such we are trying to come up with a L2 solution. Where we keep getting stuck is how to pass link state from the NCS to the ASR, so that we can have BGP on the ASR shutdown due to the NCS port going down, vs needing to wait for the BGP hold-down timer to expire. The few things we've looked into (l2vpn w/ l2transport propagate remote-status, Static L2TPv3 Pseudowire, and q-in-q) all boil down to have the same problem of not being able to shut the sub-interface on the ASR side of the trunk when the remote side goes down. This could also be solved by using 1-1 port mapping between the ASR and 5001, but that would defeat the purpose of this port aggregation switch. I am almost certain a technology is out there that will accomplish what we need, I just do not have enough experience to have run across this in the past. Wondering how you guys would tackle this problem if faced with the same situation. Let me know if I can clear anything up, thanks! submitted by /u/Ohh_Hashmere [link] [comments]

I got virgin media business but can't connect to it Posted: 03 Jun 2019 02:54 PM PDT So here's the issue: Today I had two VMB (Virgin media business) technicians come and fit a new modem for me and switch my current residential VM Voom 200 connection to a Voom 500 line with 5 static IPs They spent a good three hours getting it connected and having my pc reach 500Mbps, only issue was they manually set the IP, Subnet, Default gateway and DNS servers manually on that pc, wired directly to the modem. I intend to use this connection for server hosting and for end users (Content consumption, Web development ect) so manually configuring them all isn't an option. I have my own networking equipment but I'm having a nightmare getting it to work and was wondering what I'm doing wrong, or if I reset everything, how I am meant to configure it. Equipment: Unifi USG Cloud key controller gen 1 Unifi switch 24 Unifi AP Nano using PoE Unifi AP Pro using PoE Please let me know what I can do to get networking online and then how I assign my static IPs to virtual machine servers submitted by /u/RTCustomSolutions [link] [comments]

ASA HA/Failover pair and the outside IP. Does my outside connection need a standby IP? Posted: 03 Jun 2019 02:20 PM PDT So I have my int gig 0/0 for my outside ip address 1.1.1.1 255.255.255.240 (no standby, do I need to waste an ISP IP for this?) ​ I'm not even sure if I need the second ip for the inside interface. I have the failover working, I'm just not sure what's necessary for sure. ​ my inside gig 0/1 ip address 2.2.2.2 255.255.128.0 standby 2.2.2.3 ​ my failover gig 0/2 LAN FAILOVER failover interface ip FailoverLink 169.254.50.1 255.255.255.252 standby 169.254.50.2 submitted by /u/networkguyhere [link] [comments]

Palo v Check Point: I posted this on the Check Point board, but sharing here as keen to hear thoughts from a broader community. Please let me know your thoughts! Posted: 03 Jun 2019 01:57 PM PDT submitted by /u/BlueHorseShoe64 [link] [comments]

Suggestions on setting up active-standby firewalls for primary/backup datacenters. Posted: 03 Jun 2019 01:52 PM PDT Hello everyone, This new job I started a couple of months ago has two sonicwall firewalls. The CIO wants to have one in the primary datacenter (small site with three racks) and the second firewall on the redundant/failover datacenter (also another small site). According to sonicwall's tech support, I cannot put them in L3 mode and cant do active-passive via L2, they have to have a physical connection between them. Both datacenter sites (and all 23 production sites of the company) are on a private AT&T MPLS cloud. We only have AT&T as the ISP, with a POP on each datacenter. So if you dont mind, what would be a good strategy to set this up? If I cant set this up with sonicwall, what are some other names that will allow me to set this up? As always thanks for the suggestions. EDIT: The sites are about 20 miles apart, so a L3 connection is the only option. Cant do dark fiber. submitted by /u/StoopidZoidberg [link] [comments]

Ruckus AP Management and VLANs Posted: 03 Jun 2019 09:44 AM PDT Hello everyone, I'm having some VLAN trouble, and I really hope you can help me out. I'm not new to networking nor VLANs. However, I find VLANs on Ruckus APs a bit confusing and can't get it to "click" for me. Current configuration of switch and AP in question... VLANs Native 1, 10T, 100T, 200T, 210T Routing is enabled and configured between all VLANs as necessary. ZD 1200 Native VLAN 1, 192.168.1.0/24 R500 POE:Trunk, Untagged 1 LAN: General, Untagged 100. Members 1, 10, 100 [Switch] port 8 (uplink) vlan config: 1U, 10T, 100T, 200T, 210T port 4 (AP) vlan config: Native 1, 10T, 100T, 200T, 210T Right now, the ZD and APs are configured on the default VLAN 1 and are functional. This VLAN is still on a usable subnet on my network with limited accessibility. I have three SSIDs each with a tagged VLAN (100, 200, 210) and are also functional. All of my network equipment EXCEPT my ZD and R500s use VLAN 100 as management VLAN without any issues. I'm near completion of phasing out VLAN 1 and moving all default VLANs to an unused vlan 999 and setting my management VLANs to 100 is my last step. Wanting to start slow (smart!) I decided to begin with just 1 of my APs... here are the changes I made FROM ZoneDirector AP configuration: Routing is enabled and configured between all VLANs as necessary. VLAN 100 as management has access to *all* other VLANs. ZoneDirector on VLAN 1 has access to other VLANs where necessary for AP communication. ZD 1200 Native, VLAN 1 192.168.1.0/24 R500 IP/SN/GW 192.168.1.0/24 --> 192.168.10.0/24 POE: Trunk, Untagged 1 --> Trunk, Untagged 100 LAN: General, Untagged 100. Members 10, 100 LAN port is configured for a tagged IP phone on VLAN 10 and Untagged for IP phone pass-through to MFP on VLAN 100 [Switch] Changed native/untagged VLAN to match that of AP untagged POE trunk 100 port 4 (AP) vlan config: Native 100U, 10T, 200T, 210T Upon saving this configuration, I lose all access to the AP and have to factory reset to be able to access it again. I don't get it! See network map below of desired config and desired outcome. **\* mini network map **\* ​ Thanks for any help y'all can provide. submitted by /u/BigBot89 [link] [comments]

How long would you expect it to take for BGP to failover? Posted: 03 Jun 2019 01:18 PM PDT I've just tested our new internet service's failover from the 1/1Gb fibre, to the 80/20Mb DSL, and I was wholly unpressed with the situation... I wanted to simulate a break in the fibre, rather than a local hardware failure, so I unplugged the fibre from the BTOR 21CN media converter. I gave it a maybe 2 minutes to fail over to the secondary line, but it didn't. I reinserverd the fibre, but the primary service didn't recover. I eventually had to power the Juniper router off, then back on, for it to get back to life. I spoke to the ISP, who informed me that BGP failover may take up to 6 minutes to fail over - SIX MINUTES! This was definitely not mentioned in the sales literature :| I used to manage and maintain several pairs of Cisco 3925 routers in a few colo datacentres, using HSRP and OSPF on the inside, and HSRP & BGP on the outside. When we tested BGP failover, we hardly even lost any packets - maybe 2 or 3, when the switchover took place. Our service consists of a Juniper SRX340 linked to the BT Openreach media converter (primary link), and also to a Comtrend DSL modem, running PPPoE passthrough to the Juniper - I think (secondary link). How long would you expect it to take for the route to failover? submitted by /u/furriephillips [link] [comments]

ADFS vs. F5 BIG-IP Posted: 03 Jun 2019 01:14 PM PDT Does ADFS provide some special thingies that are useful in AD environments, comparing to doing IdP with F5 BIG-IP? Server guys like to push ADFS but seems that you need a server for each AD environment you're hosting, while single pair of F5 devices could handle those all. Or is it just that the MS documents say that SAML federations should be done with ADFS :) ? Thanks for any thoughts! submitted by /u/PublicSectorJohnDoe [link] [comments]

Getting paid to fill a Cisco credential quota?? Posted: 03 Jun 2019 12:23 PM PDT Sooo, this was totally new to me and seemed a little to good to be true so I wanted to poll the crowd on this one. I'm a recent CCNA trying to break into networking, I applied for a network admin job and they emailed me saying they already filled the position but they had 2 spots to fill to reach their Cisco credential or something... Apparently they have some deal with Cisco and they have to have a certain amount of CCNA's on the payroll and they want to pay me to just be on that list but I wouldn't actually work for them....wut. Anyone done this before?? Preceding with caution lol. submitted by /u/maplemagician [link] [comments]

Packet broker what are you using? Posted: 03 Jun 2019 11:30 AM PDT Looking for a packet broker, I have an IXIA and while it is fine, even with the "advance feature card" It still seems very limited compared to the now discontinued Network solutions box I POC'ed 3 years ago. ​ That allowed me to do: network 1.1.1.0/24 just store headers. and network 1.1.2.0/24 only take 60 bytes or pretty much what ever i want to do on what ever port i wanted. were the IXIA only does this on 2 ports and only offers filtering the traffic out altogether, so very limited. ​ anyone have any recommendations, need to support 40G, 100G would be a plus submitted by /u/turbov6camaro [link] [comments]

Large Enterprise - What NMS are you using and why? Posted: 03 Jun 2019 11:03 AM PDT I'm looking for an enterprise NMS to replace our currently aged and not very nice to use NMS. ​ Scope of network: thousands of remote locations connected via multiple WAN services, multiple datacenters across the USA. MOSTLY all Cisco, we have some situations where we are not, but that's typically just on the switching side. ​ ​ What you got? submitted by /u/lancemsnyder [link] [comments]

IPFIX on OVS Switches :: Issues I've Encountered Posted: 03 Jun 2019 09:38 AM PDT Hi all, Forgive the long post. I'm trying to get IPFIX sampling working on an OVS switch, and it's a long road… ​ SUMMARY So about a year ago, I read that an OVS switch could sample traffic and export IPFIX flows, using the "ovs-vsctl" command (here). That sounded great, as my company's environment uses a lot of OVS switches. So I found and adapted a freeware IPFIX collector (libipfix, here) and got it working. My adaptation also writes the flow data into a MySQL database, which is useful for troubleshooting large data sets, as you'll see later. I've done a lot of verification work, and I'm certain the collector is working properly. But I'm concerned about the OVS switch when it samples and exports traffic. For the past month, I've been using iPerf3 (a freeware traffic generator) to send X amount of bytes through the switch and see what the switch exports. The results are not encouraging. I'm writing this post to see if anyone else has tried something similar? Or has any advice? ​ MY TEST ENVIRONMENT A few words about my test environment… I am working on a single Ubuntu box: root@ubuntu1:~# more /proc/version Linux version 4.4.0-64-generic (buildd@lgw01-56) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4) ) #85-Ubuntu SMP Mon Feb 20 11:50:30 UTC 2017 root@ubuntu1:~# And running OVS ver 2.9.3. Within the box, I have an OVS switch, named "mySwitch." Connected to that switch are three VMs: A client host, 10.0.0.15. Sends test traffic A server host, 10.0.0.16. Passively receives test traffic from client My collector, 10.0.0.10. The below ovs-vsctl command instructs the switch to export all IPFIX flows to this host. When I turn on IPFIX sampling, here is the specific ovs-vsctl command: ovs-vsctl -- set bridge MySwitch ipfix=@i -- --id=@i create IPFIX targets=\"10.0.0.10:4739\" cache_active_timeout=60 obs_domain_id=11111 obs_point_id=22222 sampling=1024 other_config:enable-input-sampling=false In the above example, I've set the following: Sampling rate to N=1024 Cache timeout to one minute Only sampling on egressing traffic, to make sure I'm not doublesampling when a flow enters and leaves the switch. In this command, I've pointed exports to my collector, exporting on TCP 4739. From talking with colleagues, I'm certain that I have to set the cache timeout and the egress-sampling-only. (I'll skip those reasons for now, but let me know if you'd like more information.) But no-one I consulted was certain what my N should be. So I tested with various N's, as you'll see below. Finishing up my test environment… I am using iPerf3 as my traffic generator app. If you don't know iPerf3, its freeware that is flexible and detailed for this kind of work. When I send my test traffic, I use this iPerf3 command on the client host: iperf3 -c 10.0.0.16 -t 900 It simply means I send test traffic on TCP 5201 (the default L4 port) for 900 seconds, or fifteen minutes. ​ TESTING RESULTS The results were really, really discouraging. For example, when my test host sent 537 Gbytes, OVS IPFIX only reported 14.7 Gbytes between client and server. (N=1024) That's a terrible delta. Results with different values of N were no better. Worried that my collector was worthless, I then wired in our company's production IPFIX collector into my little testbed. I can't reveal the vendor, but this IPFIX collector monitors our production environment and is considered rock-solid by our Ops guys. So I had faith that Collector the Second would give me an accurate baseline. While the production collector didn't agree with my collector, it also reported terrible results from the OVS switch: When the client sent 559 Gbytes, the production collector reported 1.2 Tbytes. Gah! So below is the full testing matrix. In each test, I am sending test traffic for exactly 15 minutes, then noting how much was actually sent and how much the two different collectors reported: COLLECTOR N iPERF3 SENT (BYTES) COLLECTOR REPORTED (BYTES) --------------------------------------------------------------------------------- No Sampling n/a 534,000,000,000 n/a --------------------------------------------------------------------------------- libipfix 5 162,000,000,000 50,972,945 libipfix 10 220,000,000,000 109,149,720 libipfix 128 411,000,000,000 1,718,089,216 libipfix 512 487,000,000,000 7,402,192,896 libipfix 1024 537,000,000,000 14,742,994,944 --------------------------------------------------------------------------------- Production 5 208,000,000,000 29,973,000,000 Production 10 306,000,000,000 60,657,000,000 Production 128 531,000,000,000 804,570,000,000 Production 512 555,000,000,000 1,239,000,000,000 Production 1024 559,000,000,000 1,248,000,000,000 Not good, right? ​ OBSERVATIONS… AND POSSIBLE OVS BUGS? Okay, if you've made it this far, I'll assume you're seriously interested in IPFIX in an OVS environment. Let me share my own observations… and possibly some bugs in the OVS/IPFIX code? First, the simple stuff: When I don't do any IPFIX sampling, I get a client-to-server throughput of about 534 Gbytes. That suggests that an N=1024 is the right call here, because all other N's see a performance hit. Neither collector comes close to describing the actual traffic moving through the switch. My collector consistently underestimates; the production collector skews pretty widely in both under- and overestimation directions. SPECIFIC OBSERVATIONS AND WEIRD CLUES Remember when I mentioned that my collector exported its IPFIX data into a MySQL database? Here is where that becomes handy. When I look up the results for the N=1024 test, I see this: mysql> mysql> select timestamp, 1_octetDeltaCount, 8_sourceIPv4Address, 12_destinationIPv4Address from myTable where 8_sourceIPv4Address = '10.0.0.15' and 12_destinationIPv4Address = '10.0.0.16'; +------------+-------------------+---------------------+---------------------------+ | timestamp | 1_octetDeltaCount | 8_sourceIPv4Address | 12_destinationIPv4Address | +------------+-------------------+---------------------+---------------------------+ | 1558551066 | 1536000 | 10.0.0.15 | 10.0.0.16 | ...and lots more data... | 1558551965 | 1536000 | 10.0.0.15 | 10.0.0.16 | | 1558551965 | 1536000 | 10.0.0.15 | 10.0.0.16 | | 1558551966 | 1536000 | 10.0.0.15 | 10.0.0.16 | +------------+-------------------+---------------------+---------------------------+ 9620 rows in set (0.01 sec) mysql> Wait, WHAT??? Nearly 10,000 rows?!? Each row in the database is one IPFIX data record that the collector received. So to report on my single TCP transfer from Host A to Host B, OVS sent 9,620 data records? That seems… wrong. So wrong. If you recall, when I set my ovs-vsctl command on the OVS switch, I specified "cache_active_timeout=60" as an option. That should instruct the switch to aggregate flow data for 60 seconds' worth, then export all of that data as a single flow record. After fifteen minutes of traffic, I should see 15 flows from the switch and 15 rows of data in my database. No more. (Again, I've done a lot of work verifying that my collector is accurately reporting what the switch is sending and verifying that everything the collector sees is stored in the database. This is not an error with neither the collector nor the database.) I got really, really suspicious and ran smaller tests, sending only 1 Kbytes of data, and sure enough, it really, really looks like the switch samples one packet, then immediately exports a flow record. No aggregation. This is true whether you are using the "cache_active_timeout=60" option or not. Another thing that bothers me… In my research on IPFIX, "octetDeltaCount" seems to the be actual payload of sampled flow. Okay; now notice the value of "octetDeltaCount" that I saw in my flows: +------------+-------------------+---------------------+---------------------------+ | timestamp | 1_octetDeltaCount | 8_sourceIPv4Address | 12_destinationIPv4Address | +------------+-------------------+---------------------+---------------------------+ ...lots more data... | 1558551965 | 1536000 | 10.0.0.15 | 10.0.0.16 | | 1558551965 | 1536000 | 10.0.0.15 | 10.0.0.16 | | 1558551966 | 1536000 | 10.0.0.15 | 10.0.0.16 | +------------+-------------------+---------------------+---------------------------+ Hmm… I am seeing 1,536,000 bytes per flow. That seemed weird, and it got me thinking: How much data does iPerf3, my traffic generator, send in one packet? I did a Wireshark capture to find out: Frame 21: 1514 bytes on wire (12112 bits), 1514 bytes captured (12112 bits) on interface 0 ...etc... Ethernet II, Src: RealtekU_62:32:cc (52:54:00:62:32:cc), Dst: RealtekU_38:43:f3 (52:54:00:38:43:f3) ...etc... Internet Protocol Version 4, Src: 10.0.0.15, Dst: 10.0.0.16 ...etc... Total Length: 1500 <=== ...etc... Okay. The payload size of the iPerf3 packet is 1,500 bytes, which seems correct. Also, I'm testing with N=1024. I can't help noticing that: 1500 x 1024 = 1536000 That seems like too much of a coincidence… right? Do you guys think its possible that the OVS switch is doing the following: Watches all flow traffic, randomly selects 1 out of 1024 for IPFIX sampling Takes the IP payload of that packet, multiplies that value by N to offset the sampling Immediately exports the flow record If the above is the case, I'm at a loss at how I'm gonna get this to accurately work in my environment. Has anyone gotten this working? Or any advice? ​ Much appreciated, -redapplesonly submitted by /u/redapplesonly [link] [comments]

Fiber adapter options Posted: 03 Jun 2019 09:26 AM PDT Hi, ​ I'm pretty sure I'm going to have to replace a switch which is housing connections for about 12 SC OM1 duplex multimode fiber lines. ​ The replacement switches SFP modules use LC and I want to reuse the existing runs. Is there a better way to do this aside from getting a ton of individual SC -> LC adapters and LC patch cables? ​ I guess I'm looking for some kind of block adapter? I think I've seen them before, where there is a whole bunch of connectors for adapting a large number of fiber lines from one connection type to another, but I'm not sure what they are called and I'm having a hard time finding one because of it. submitted by /u/ServerBreaker [link] [comments]

NPS/RADIUS issue Posted: 03 Jun 2019 08:41 AM PDT submitted by /u/sc302 [link] [comments]

Cisco 2960x to Cisco 3850 - SFP? Posted: 03 Jun 2019 07:20 AM PDT Hi guys, A first time task for me is to connect a switch and router via fiber cabling and am trying to get quotes for the necessary equipment. I'm confused as to whether I need an SFP module or not to connect the switch and router. Fiber cable has been run between the two comms rooms, (both devices are in separate rooms). The fiber will connect, as I understand it, to the fiber panels then connect via SC connector to the devices. I thought I need an SFP port to connect the two as well. Am I misunderstanding the concept? Sorry for the basic question, just want to make sure! submitted by /u/hweb47 [link] [comments]

Securing a Cisco router connected to Internet Posted: 03 Jun 2019 07:03 AM PDT We use a front door VRF on our Cisco ISR4000 series routers for DMVPN. We would like to use this front door VRF as local site Internet handoff. On the south side of this router is a firewall that inspects all the user traffic destined to the FW so there is no need for the router to do anything there. ​ My major concern is securing the router from attacks from the Internet. Other than ACLs, can you all think of any other technology available on the ISR 4000 series I could implement to protect the router? ​ Edit: I'm thinking Snort and ZBFW, but I'm not 100% sure. We also use WCCP already for WAAS, so I believe ZBFW is out of the question anyway. submitted by /u/3DPhreak [link] [comments]

Wireshark SIP Signaling: Double Packets Posted: 03 Jun 2019 07:03 AM PDT Troubleshooting some SIP Signaling. I recently updated to the latest Wireshark on the PBX and while capturing packets it looks like all the Signaling is doubled according to the flow sequences. But look at the Time column, they are same. In the actual packet output I cannot find the duplicate packet. See below: https://imgur.com/a/rT8V6mG ​ Is this a UI bug? Am I missing something? Thanks for taking a peek. submitted by /u/SkiRek [link] [comments]

Public Peering Posted: 03 Jun 2019 07:02 AM PDT Due to general dissatisfaction with our current IP providers and few options in our rural area, I started looking at alternatives. I am a public peering noob but DE-CIX has caught my eye as they offer peering with a number of our top ASNs (about 70% of our traffic). We could theoretically bring an ELine into NYC to connect. I am unclear on the details of the connection though. ​ When you connect do you maintain a single BGP session with DE-CIX only, or do you setup individual sessions with each ASN you peer with? They imply that you're able to connect to networks that would otherwise be restricted. For example CentryLink is on their peering list, but the peering policy is "no". So, CenturyLink is connected at DE-CIX not peering with anyone, or their general policy is no peering, but DE-CIX is getting you around that? Similarly, does peering with Amazon or Microsoft get around setting up and paying for ExpressRoute or Direct Connect? ​ Is anyone here using DE-CIX that's not with an ISP? Anyone know what it costs to connect? It seems too good to be true, and their connected peers list suggests that maybe it is and maybe it makes sense for ISPs only. Thanks for any info! submitted by /u/bix0r [link] [comments]

VXLAN EVPN over ISP MPLS Posted: 03 Jun 2019 06:53 AM PDT Hey guys, ​ For those of you running VXLAN EVPN over an MPLS environment do you have any documentation regarding the requirements to do this? ​ Also, when designing the MPLS for the VXLAN EVPN fabric, you are using the underlay VRF correct? ​ Looking for some clarification on this, since Cisco does not provide hardly any details. submitted by /u/LynK- [link] [comments]

ACI - Bridge Domains Posted: 03 Jun 2019 06:48 AM PDT Question for the Cisco ACI folks out there - how many bridge domains are you building in your fabric? I'm thinking based on the EPG design, we won't need many bridge domains (many 5-10 max?). Are you building multiple subnets under a single bridge domain? How big are the subnets you are building? I am digging around Cisco docs as well, but if you have some handy that would be helpful. submitted by /u/dpkline87 [link] [comments]

You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States