Blogpost Friday! Networking |
- Blogpost Friday!
- Decent Softphone App for iOS/Android
- Wanted: Apple IOS ping app that does continuous ping and has audible alert for timeouts
- Do you use DNS as a control plane?
- PSA: Found solution to POAP deleting system image
- Bridging ethernet connections
- Multiple Untagged /24s within one VXLAN VNI?
- What OS 4 Python
- DDoS on AXTEL Mexico
- Troubleshooting IP routing of connected interfaces when ACLs and NAT is in use - need debug and/or command guidance.
- Filter Based Forwarding Load Balancing across multiple NextHops
- Papers on ML techniques applied on honeypot data ?
- Need advice for a free NMS
- EAP-TLS - No Authentication
- Can’t figure out why Cisco switch keeps rebooting.
- Dell N4000 route-map issues
- Confirm my understanding of VLANS / TRUNKING / PVID
- What kind of network setup would do this
| Posted: 08 Aug 2019 05:04 PM PDT It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts Feel free to submit your blog post and as well a nice description to this thread. [link] [comments]  |
| Decent Softphone App for iOS/Android Posted: 09 Aug 2019 11:28 AM PDT So I used to use Bria and Softphone and neither are great. I really need to be able to send and receive calls from our 3 park lines and preferably see the BLFs so I can see who is on the phone or free. I am not cost sensitive unless its going to be triple digits plus. [link] [comments]  |
| Wanted: Apple IOS ping app that does continuous ping and has audible alert for timeouts Posted: 09 Aug 2019 02:49 PM PDT I'm troubleshooting an issue on our network where devices seem to randomly disconnect. Does anyone know of a good Apple IOS app (paid or free) that can do a continuous ping each second (instead of sending pings as fast as the network can handle), and has audible alerts when timeouts happen? I'm thinking when I hear the alarm I can check the debugs to see what is going on. [link] [comments]  |
| Do you use DNS as a control plane? Posted: 09 Aug 2019 01:33 AM PDT I'm currently following the discussion on DNS over HTTPS and its potential to make it harder for operators to block traffic to known C&C's or to implement local response policies. Based on this I was wondering how common these mechanisms are in your networks? Would DNS over HTTPS cause problems? [link] [comments]  |
| PSA: Found solution to POAP deleting system image Posted: 09 Aug 2019 05:13 AM PDT I just wanted to post this solution here in case there is some other poor soul out there trying to get POAP to work on a cisco nexus switch and finding that the switch keeps deleting it's own nxos .bin file. A while back I posted here asking if anyone else had encountered this, nobody had, which is not surprising since I don't think POAP gets used that much, and cisco even now recommends not using it for security reasons. Nonetheless, here is the solution: If you are using this poap script from github look at lines 393 - 396 under the function init_globals(). This is causing the deletion. When POAP starts, it looks for a switch configuration file on the server specified in the DHCP lease. If it does not find the configuration file, POAP fails and loops again. When it fails, it runs some cleanup and in this process deletes its own system image. Solution: set these values to False We ran into this issue while setting up a workflow to allow our engineers to rack and stack switches, turn them on, and then later push config. The problem is, until the switch config exists, POAP fails, loops, then deletes its own system image unless you alter this bit of code in the poap.py script. Hope this saves someone else some headache if they're also playing around with POAP [link] [comments]  |
| Posted: 09 Aug 2019 03:20 PM PDT Rookie network guy here Could anyone tell me if bridging two 1g Ethernet ports on the server will be beneficial to the users on the network? I seam to get alot better performance just using one cable without a bridge. Gigabit LAN ports on server to gigabit Poe switch to gigabit port on dreytek router. Anyone who can clear this up would be appreciated. Main reason the idea was brought up was improving network load on the rdp server. Many thanks Cheers [link] [comments]  |
| Multiple Untagged /24s within one VXLAN VNI? Posted: 09 Aug 2019 03:42 PM PDT I have an interesting situation I've never seen before- Client has two sets of four EX2200s daisy chained, all ports are untagged. However they have three /24s in use on the hosts connected to these switches, and to make things interesting they are not contiguous. There are devices in 192.168.1.x, 192.168.3.x, and 192.168.4.x subnets with KVM virtual machines that have untagged sub interfaces across all three of those subnets. They did it a second time but with 10.1.1.x, 10.1.3.x, and 10.1.4.x networks, pretty much the exact same setup. Before I got involved, they were looking to buy some EX4300s and just swap the 2200s one-for-one. So obvious VLAN tagging nightmare aside, is my thinking correct that I could employ EVPN VXLAN to virtualize those untagged VLANs into VNIs and emulate their current physical infrastructure? essentially something like VNI 1000 will be an L2 domain including 192.168.1, .3, .4 and VNI 2000 will be a separate L2 domain including 10.1.1, 10.1.3, and 10.1.4 Obviously I would like to move them away from daisy chained switches and nearly pegged out inter-switch 1G links. So my thinking is EX4300-MP top-of-rack switches and two EX4600s to act as spines. I know the QFX line is better suited for EVPN VXLAN but I doubt they'll be using the more elegant features. [link] [comments]  |
| Posted: 09 Aug 2019 03:26 PM PDT I am a windows guys and starting to look into python. I was wondering what you guys use for python. I was thinking of some lightweight linux in a VM.. Wanted to know what you guys use. Also is there a python script with will read a csv file and build access ports? [link] [comments]  |
| Posted: 09 Aug 2019 07:07 AM PDT I'm putting the name of the ISP just in case anyone knows the actual ISP and has more insight into it. So, TL;DR; I was DDoSed on my small bussiness and have no internet access, trying to find if there's a permanent solution that doesn't involve tunneling my traffic trough other ISP. If mods think this doesn't belong in /r/networking i would appreciate if you could help me find it's correct location, purpose of the post: Get Advice or a Solution. Here's the long story: So, my setup: Small bussiness network, with approximately 80~90 Network Nodes, with a HP DL 380 G6 server acting up as a Router with pfSense installed on it, Two incoming ISP providers, both with Fiber Optic, first, AXTEL, working with the ONT in Layer 2 so the server gets provisoned with DHCP IP directly, second, TELMEX, working with the ONT as a Router so server is on a 2-ip-private network with the router and with DMZ pointing towards the server. A couple of weeks back i got DDoS'ed on the main Connection (AXTEL) and for some reason the ISP's reaction for all the incoming traffic is to blacklist my ip in their network, so, i get provisoned with an ip still but i can't connect with the internet past what i'm assuming is one of the main gateways on my zone, but i can still connect with local ip's (like, up to 8km in radious from my location if i have a neighbor who uses the same ISP and i ping his IP i have connectivity to it), but nothing on the "real" internet I Use the secondary ISP to actually have internet on the site, but the second one has no fixed ip and it keeps changing so reconfiguring DNS and cPanel and other stuff in our network every 10 or so hours that the ip changes is very unpractical. The attack i received was a flood of i'm assuming was only network headers data (like ACK or something like that) that used up all my 200mbps of internet, so, yeah firewall was ok dropping all of that stuff but it still blocked my internet. My first solution was to create a VPN Tunnel to another server i have on the US and pass all my network traffic trough that server, so the incoming DDoS was mitigated by the datacenter's infrastructure and that server's firewall and never reached me., problem with this is that my latency of 15~30ms with the internet goes to trash all the way up to 95ms. So, people from Networking, is there a way to protect myself against theese attacks that doesn't require me to ask my isp for help (since they have made it clear that they won't help) and preferibly doesn't make me use a Tunnel to some other host on the internet. [link] [comments]  |
| Posted: 09 Aug 2019 08:51 AM PDT I have a router with 2 ISPs, one primary ISP and if it goes down using IPSLA / Tracking, the route changes over to the backup (satelite). There's a bunch of NAT statements on the primary ISP that map ports on outside to inside server but when it fails over, I just want outbound internet to work until the primary ISP comes back up. That function above works but now I have added some dot1Q sub-interfaces on the inside, one for Guest WIFI which is ACL blocked from the other network (allowing the DNS servers only), one for security cameras, a testing subnet for misc future needs, a VoIP subnet, etc... these new sub-interface setup seems to be working in that all sub-interface networks can get out via NAT - but aren't reliably talking internally between each other. E.g. 192.168.18.x/24 works but if I try to get to a security camera subnet 192.168.2.x/24, I'm getting limited traffic through - about 1-4% of PINGs work, but not 96+% of them... on all of them, some with no ACLs on the sub-interface. So, not wanting to have to clean up a whole config of specific info and post it for help, I do want to learn to troubleshoot this myself... I am looking for debug assistance. I have found that the way IOS handles routing with NAT is that: "Q. Does NAT occur before or after routing? A. The order in which the transactions are processed using NAT is based on whether a packet is going from the inside network to the outside network or from the outside network to the inside network. Inside to outside translation occurs after routing, and outside to inside translation occurs before routing. Refer to NAT Order of Operation for more information." (Source: https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/26704-nat-faq-00.html) So I expect that my locally connected networks should route before looking at NAT statements, right? With the presumption that my statement is correct, and realizing that "show ip route" shows me locally connected routes that should be routing traffic, I am thinking that it's probably NAT that is muddying the waters here - is there a command that can show me not just the whole routing table but what decisions, including NAT and ACLs, the router will make to take from subnet X to reach destination Y? What debug commands can I use to help here? "debug ip routing" didn't help as I expect that is about routing protocols, not routing decisions... showing NAT translations is a HUGE table, and not sure it helps compare NAT to routing and leaves out ACLs... right? Thanks in advance and to clarify - I'm basically looking for guidance on what to look at to understand how to fix my own issue... I don't want to be one of those "here's my whole config, what did I miss" types... :-) [link] [comments]  |
| Filter Based Forwarding Load Balancing across multiple NextHops Posted: 09 Aug 2019 10:30 AM PDT Do Juniper EX4200/4300 series switches support PBR ECMP (Or Filter Based Forwarding across multiple nexthops with load-balancing ??) [link] [comments]  |
| Papers on ML techniques applied on honeypot data ? Posted: 09 Aug 2019 10:17 AM PDT Can anyone post/link some latest research papers on the application of machine learning on data collected through various honeypots. I searched on IEEE website but could find the required papers ? Also, I am not sure if this should be posted here. So please pardon my negligence. [link] [comments]  |
| Posted: 09 Aug 2019 06:29 AM PDT Anyone caring to share any free NMS software with me. I am more interested in Monitoring rather than Managing, although that's a welcoming feature too. My key needs are:
So far, my research uncovered more "Application Monitoring" systems, which have way too many features that i dont need and unfortunately all the monitoring solutions seem to dedicate a lot of UI in that direction. Last monitoring software i used was WhatsUp Gold, but it seems to have changed drastically. I remember using v14, which looks completely different to the current ones. I know it's not a free option, but anything that looks similar to that functionality would be fantastic. I've looked at solutions like Nagios, Zenoss, Zabbix, but it looks like something none of my workers would dare to go for due to the complexity of adding a single node to an existing group. EDIT: forgot to mention that the network consists of various brands. [link] [comments]  |
| Posted: 09 Aug 2019 05:47 AM PDT First and foremost, sorry for repost. Anyway, I've done some extensive investigation and find that the RADIUS packets are dropped over IPSEC. I've verified that "ping -l 1400" is the maximum packet size i can send from the AP to the NPS server. (Over the VPN) The Framed MTU is set to 1300 on the NPS, but this does not seem have an affect, as RADIUS packets are still dropped. [link] [comments]  |
| Can’t figure out why Cisco switch keeps rebooting. Posted: 08 Aug 2019 08:17 PM PDT We have an SG300-52MP Cisco switch that keeps rebooting and I can't seem to figure out why. Fans are not reporting any issues. Is there anything else I should be looking for? I am not seeing any errors that would signify an overload or power issue. [link] [comments]  |
| Posted: 08 Aug 2019 06:05 PM PDT I have 45 vlans with the same route map while I cut over a network. The issue is, on the 46th VLAN, the switch had issues applying the route map. It just said "can't apply route map to this interface". The vlan is configured exactly the same as all the other ones. I was able to get the route map to apply after taking off the IP address. Then I added the ip back. But the route map shows no hits. Is this just dell hell?? I've never had these issues!! [link] [comments]  |
| Confirm my understanding of VLANS / TRUNKING / PVID Posted: 08 Aug 2019 08:15 PM PDT Hey all, Been in the field for ~5 years for all of which I have been a Sysadmin for an MSP. Studied and passed CCNA R&S, but all of my professional experience has been with any vendor that isn't Cisco. Ubiquiti Unifi, EnGenius, Netgear, Ubiquiti Edgeswitch, and HP/Aruba. Every once in a while I find myself in a situation where I think "Do I truly understand EVERYTHING about VLANs?" and im hoping you all can confirm my understanding or give me some guidance. Untagged VLAN - This is the VLAN that traffic will get tagged with, if the traffic is not already tagged with a VLAN. For example I have cameras that should be in video VLAN 200, and I can't spec VLAN200 on the camera so I untag VLAN 200 on the switch port which connects to the cameras. In my understanding, this is the same as an Access port in the Cisco world. "switch access vlan 200" is the same as untagged on 200. Tagged VLAN - In my head, tagged is almost interchangeable with "allowed". Meaning frames tagged with this vlan are allowed to pass through the switch interface. Example: I have an access point which is on a management VLAN 99, and the trusted wifi is on VLAN 75. The switch is tagging it's own management traffic, and the AP is tagging it's frames for the trusted wifi, so on the switch interface I tag both VLAN99 and VLAN75. Trunks in Cisco - All VLANs are tagged by default, but you can scope down which VLANs you want by using "allowed" and only adding those. No VLANs are untagged on the switch port unless you spec a native VLAN. Example... All uplinks and downlinks between networking devices. What is the point of the native vlan on a trunk anyway? To tag the management traffic of the downstream device if it's not managed on the VLAN you want? Any other good examples? PVID - I don't have a clear understanding here at all. Was told to just think of PVID and untagged as outbound and inbound, but in doing some research and lab earlier today, it seems that PVID is close to how I looked at untagged vlan. As in PVID is the vlan that gets assigned to traffic which is not tagging it's own frames? How would you put PVID in lay mens terms? I decided to make this post after a misunderstanding earlier. Management decided we are going to change our "stack" to be EnGenius switches and access points so I took a few switches into lab to make sure I knew how everything was done. I tried to get a phone on the voice VLAN by selecting UNTAGGED on that interface, but it did not get a voice VLAN IP. After changing the PVID to the voice VLAN, it got the correct address assigned. I then was playing around with tagged/untagged for it's switchport while keeping the PVID assigned to voice VLAN, and those settings did not appear to matter. If the PVID was set to voice VLAN, the phone would get dhcp in the voice VLAN regardless of the voice VLAN being tagged/untagged. Thanks! [link] [comments]  |
| What kind of network setup would do this Posted: 08 Aug 2019 06:34 PM PDT A customer uploads data daily via SFTP and I noticed their IP changes every couple of minutes or so. It seems like they use dozens of different IPs in the time it takes them to upload their data. They are all over the place in an x.x.50.1 - x.x.52.254 range although they are uploading from just one machine. They are having problems with flaky uploads so I wondered if that could be part of the problem. They obviously have a nat pool but I don't know if it's normal for it to bounce around so much. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment