Blogpost Friday! Networking |
- Blogpost Friday!
- C9500 Base Configuration Inquiry
- Help with 10Gb Switch Performance
- Cisco DNA opt-out?
- Python script to circumvent .tar file upgrades via ZTP of 2960S/X/XR switches
- Help with VLANs
- Closest Autonomous AP to Cisco that can be configured 100% in CLI
- VMWare Network Connectivity Issues in vSphere connected to Cisco ACI lab Environment (Stuck)
- Correlating command formats with Cisco OSes and versions
- warranty tracking software recommendation
- +10Gbps Speedtest
- Is network engineering tougher and more stressful or software engineering?
- Time to train for CWDP cert
- TFTP Server Not Transferring Data
- AS Prepend based on ip address match?
- Did just Verizon injected a bogus prefix?
- MSR 2003 JG411A End of Life/End of Support
| Posted: 29 Aug 2019 05:04 PM PDT It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts Feel free to submit your blog post and as well a nice description to this thread. [link] [comments]  |
| C9500 Base Configuration Inquiry Posted: 30 Aug 2019 12:49 PM PDT Hello All, My team is in the process of designing a new network infrastructure for our mid-sized organization, and I was hoping to obtain some advice/guidance for a best practice, sanitized base config on a pair of C9500-48Y4C-A core switches. Details below: The Rundown Our team is relatively new, with limited Cisco experience, and we've been tasked with essentially building a brand-new network for the organization (single site, ~350 end-user devices). The equipment has already been ordered, which consists of a pair of C9500s in a collapsed-core design with 9300s in TOR, and 9200s at the access level. We've also got a couple CT3504's and a FortiGate VPN Concentrator. We were hoping to run dual HA connections from the core to a pair of FortiGate firewalls (unless it's frowned upon) at the edge of the network (we have 2 ISPs), which will perform the routing. These firewalls will have HA connections to 2 edge switches, which go out to their respective ISP. This network will mainly be utilized for our in-house production and development environment. We're leasing our Data Center for our customer-facing web/application servers, which we may be looking to implement in-house down the road. We've been inundated with Cisco documentation out the wazoo, and tons of information on configs, features, best practice, etc.; so we've decided to reach out to the Cisco community to see if anyone has experience designing around C9500s, and to see if we could receive a real-world example of a solid sanitized base-config, or some outside resources, that include the following features: Note: We're looking at running XE Gibraltar 16.11.x or 16.12.x. If anyone has insight on which would be preferred over the other, or any other versions for that matter, please let me know.
Any IPs or basic hostname/username settings can be left generic for the purpose of the base-config. I'm sure I left out a ton of information that might be necessary, so please let me know if I need to include any other detail. Below is a basic rundown of the equipment in case any of it is pertinent information, but this is mainly an inquiry into the core config. Thank you for taking the time to read this! The Equipment
[link] [comments]  |
| Help with 10Gb Switch Performance Posted: 30 Aug 2019 05:51 AM PDT <SOLVED !> I manage IT for a SMB company. Most of my background is Systems. I inherited the current setup and I have been cleaning it up slowly. I have two 10Gb switches being used for our Dell/EMC VxRail cluster (3 node). A few VLANs setup for vsan, vmotion. What I am trying to figure out is why if two machines (not part of the cluster) with 10Gb NICs only get 115MB/s throughput when copying files. Backups to a NAS with a 10Gb NIC max out at 200MB/s. The two 10Gb switches do have uplinks to the existing 1Gb switches where workstations/printers/etc are connected. It almost seems as if the path of the data is leaving the 10Gb switch and going through the 1Gb switches and back. Any ideas would be appreciated. Thanks! [link] [comments]  |
| Posted: 30 Aug 2019 08:56 AM PDT I think the whole DNA thing is BS and a way for Cisco to make more MRR. I saw some opt-out sku's for the 3800 series. Looks like they don't work in ccw though. Is there any way to opt out? (specifically for the Cat 9k line) I work at an MSP where a lot of the smaller clients only need layer 3 routing as far as licensing goes. [link] [comments]  |
| Python script to circumvent .tar file upgrades via ZTP of 2960S/X/XR switches Posted: 30 Aug 2019 10:25 AM PDT I made a script to circumvent .tar file upgrades while provisioning IOS switches that don't support .bin upgrades via autoinstall/poap/etc. https://github.com/derek-shnosh/ztp-watcher
This is my first python project using classes and functions, constructive feedback is welcomed as I am still learning. I do realize that it has a bit of a specific use-case, as I wrote it to supplement FreeZTP which has a custom logging feature that logs switch configurations to a directory with custom variables as the file name (look for "custom logging" in FreeZTP's readme). [link] [comments]  |
| Posted: 30 Aug 2019 12:18 AM PDT Hello fellow redditors Until two days ago I thought I was fairly ok with network but I realize I am still big noob. Mostly I work with cisco router and cisco switch. Two days ago, I have assigned to create a network for a client with the VoIP server on it. His network is simple, however because I didn't work before with Cisco router and HPE switch it drives me crazy. Somehow, I manage (easily) to create his network with telephony but the only problem is that the two VLANs cannot speak with each other. His network is: Modem for Internet --> Cisco RV130W and from port 1 of Cisco it goes to port 1 of HPE 1820 Switch Modem for Telephony --> UCM 6204 Grandstream server (configured as router) --> port 23 HPE 1820 Switch I have two VLANs in Cisco Router: VLAN 1 which has untagged the port 1 and VLAN 102 which has tagged the port 1 I have enable the interVLAN routing The VLAN 1 is on 192.168.1.1/24 with DHCP enabled The VLAN 102 is on 192.168.2.254/24 with DHCP disabled I can ping from VLAN 1 to 192.168.2.254 I have two VLANs and one trunk? in HPE switch VLAN 1 which has untagged the port 2-22 VLAN 102 which has untagged the port 23 and 24 and tagged the remaining ports TRK1 (port 1) has untagged the VLAN 1 and tagged the VLAN 102 The Grandstream server has ip address 192.168.2.1/24 with DHCP enabled and default gateway 192.168.2.1 I configure the Grandstream telephones with VLAN tag 102 and they are working fine. Computers are on VLAN1 and are working fine as well. However I can not ping from computer to Grandstream server or to any telephone (192.168.2.x) The only way to connect to 192.168.2.x network is to take my laptop and connect it to port 24 which again I can not ping to computers at VLAN 1. I break my head how to correct this. I have tried to change the default gateway of Grandstream server to 192.168.2.254 but it didn't work. I have tried to make other trunk from HPE to port 4 of Cisco with both of VLANs tagged this time but NO Any ideas what to change? I think the problem is the trunk. Should I try to change and make tagged the VLAN 1 and VLAN 102? [link] [comments]  |
| Closest Autonomous AP to Cisco that can be configured 100% in CLI Posted: 30 Aug 2019 07:28 AM PDT Hi All, I have used Cisco Aironet exclusively for the past 12 years. I have a network of 413 AP's spread across the globe, all in Autonomous mode. You may or may not know, but with the latest line of Cisco AP's (1832/2802), Cisco has abandoned autonomous/standalone IOS. Now your only options are CAPWAP or Mobility Express, which causes headaches with existing networks. It seems Cisco has forgotten that not all of us manage a 3 building school district that can swap out their entire wireless infrastructure in a weekend, or that those of us managing large scale hub-n-spoke networks don't all do things properly and spare no expense when the budget or time is a problem. So, at this point, I'm looking to abandon Cisco Aironet going forward, but I want to replace it with something that works/is configured almost identically to how Aironet autonomous/standalone IOS is configured on the CLI. Let me stress that last part - I HATE the GUI. Looking for something CLI based. I need to broadcast a staff wifi on vlan 1 and a guest wifi on vlan 22, so the radio and gigE interface needs to be capable of sub-interfacing. Suggestions? [link] [comments]  |
| VMWare Network Connectivity Issues in vSphere connected to Cisco ACI lab Environment (Stuck) Posted: 30 Aug 2019 04:08 AM PDT I was creating a VM in my company's non production lab environment, but the device was unable to get a DHCP address from the scope. So I checked the vSwitch's VMKernal port and the ip address associated with vmk1 was not pingable. Okay simple enough, I find a different static address for that VMK and I should be good right..... well not exactly. I changed the IP address to the vmk1 and refreshed to hopefully allow my vm the ability to communicate the outside world/DORA for a DHCP address, and I instantly knew something was wrong. As of currently, I have a constantly pingable ESXI environment that host's the VM, but SSH (Which is turned on) and the Web GUI are unable to be reached (aka no login prompt). The vlan associated with the vmkernal port is being allowed across the trunk and is not being pruned, I insured that. I would think that the login page to get access to the ESXI host environment, would be available if the ESXI host device is pingable. Also with our Lab ACI environment, we currently are not enforcing contracts, but I think that ACI is where the issue may be. The configuration to the best of my knowledge goes like this, ESXI on Server-> 3750X -> N9K Leaf (There is no firewall). The login page can't be hosted on a sub VM inside ESXI connected to a vswitch, otherwise you would never be able to initially setup the environment in the first place, and just overall that makes no sense. Anybody ever run into this? [link] [comments]  |
| Correlating command formats with Cisco OSes and versions Posted: 30 Aug 2019 06:28 AM PDT Specifically, the format of the 'ip sla' commands have changed nearly as often as Cisco's OS feature trains. Anyone know of a tool that can either provide a lookup for when a particular command showed up in their OSes (general use), or just a nice summary of the various incarnations of the 'ip sla' formats per OS versions? [link] [comments]  |
| warranty tracking software recommendation Posted: 30 Aug 2019 02:44 PM PDT I have a whole bunch of network devices. 1000+. I'm looking for recommendations for warranty tracking software. It can be open source or paid. The spreadsheet this company uses is ridiculous. It's outdated and cumbersome. A nice little interface with reminder emails would be nice. What do you use? [link] [comments]  |
| Posted: 30 Aug 2019 09:43 AM PDT Hello everyone! My current server configuration has 40Gbps connection but as most of the high quality speedtest servers on Oakla only support 10Gbps, I am not able to fully test it. The highest speed I get is 10/10. Do you have any advice about how to test it? I am not able to find any server that supports +10Gbps. Looking for you advices. [link] [comments]  |
| Is network engineering tougher and more stressful or software engineering? Posted: 29 Aug 2019 05:33 PM PDT I can write scripts in Python if that helps for network engineering [link] [comments]  |
| Posted: 30 Aug 2019 09:06 AM PDT Im about to start training for CWDP cert. Anybody have advice on the easiest way to study/train? I'm not real worried about passing since I've been very WiFi focused for about 10 years now, but I would love any advice you guys have. How does it compare to CWNA? [link] [comments]  |
| TFTP Server Not Transferring Data Posted: 29 Aug 2019 09:41 PM PDT I am trying to flash firmware to a Yealink SIP-T46G IP phone using TFTPD32 which I've used a lot for Cisco phone and it's worked well. So I point the phone to the IP of the TFTP server, and it starts trying to pull the first file. However, the progress bar on the window that pops up on TFTPD32 usually starts moving and doesn't stay at "O bytes". I've tried rebooting the computer and stuff and wiresharking it. It's obviously communicating with the TFTP server trying to pull files, but it's like it can't make and progress. It just keeps trying with new ones over and over again. Here's what the wire shark says: TFTP 81 Read Request, File: T46.rom, Transfer type: octet, timeout=5, blksize=1468 TFTP 67 Option Acknowledgement, timeout=5, blksize=1468 TFTP 67 Option Acknowledgement, timeout=5, blksize=1468 Some time passes TFTP 67 Error Code, Code: Not defined, Message: Undefined error code TFTP 67 Error Code, Code: Not defined, Message: Undefined error code And this repeats infinitely. Thoughts? Thanks! [link] [comments]  |
| AS Prepend based on ip address match? Posted: 30 Aug 2019 07:10 AM PDT Working at a large community college ... We currently use a single router with two 1GB ISPs. We're using BGP to balance traffic, in an active-active ISP setup. For a while, we were HEAVILY weighted to where most INCOMING traffic was coming in ISP1 and barely a hint of traffic was incoming via ISP2. After doing some looking glass lookups, noticed most AS Paths were favoring ISP1. So, in an attempt to balance the traffic a bit more, we did an AS Prepend on ISP1. However, this has shifted much inbound traffic to ISP 2 now. Around lunch time, ISP 2 caps at the 1GB limit, while ISP 1 sits around 200-300 meg in. Many students on netflix , youtube, etc. So the question is ... can I do an AS Prepend using a route policy where I match for certain IP blocks? (Maybe some of the big data hogs, like Netflix and Akamai servers). I don't want to split the traffic to where i deny certain IP's from coming in one ISP, because we have to maintain a failover environment maybe something like this, to where I prepend the AS # ONCE to ISP 2 if the IP matches a prefix list where i enter a various range of IP's, to attempt to influence their INBOUND route to come in ISP 1 Thanks! [link] [comments]  |
| Did just Verizon injected a bogus prefix? Posted: 30 Aug 2019 03:17 AM PDT Checking my logs I saw this:
More info: https://www.iana.org/assignments/bgp-parameters/bgp-parameters.xhtml [link] [comments]  |
| MSR 2003 JG411A End of Life/End of Support Posted: 29 Aug 2019 10:22 PM PDT I tried to find this on Google but their official site did not have any documents. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment