Rant Wednesday! Networking |
- Rant Wednesday!
- Python for Network Engineers course starts on next Tuesday, Sept 3rd (free course)
- Code execution and admin login bypass in Cisco UCS Director and Cisco IMC
- How do you guys/gals visualize packets as they're flowing through the network?
- Coworker got fired, not going to back-fill. Ask for a raise?
- Any recommendations for Active/Standby ASAs with a single provider ONT
- Anyone heard of Blue Hexagon?
- Nyansa Voyance Experience
- Port Mirroring from Cisco switch to ESX host VM
- Difficult career situation --looking for some insights
- WAN link sizing
- Automated network testing advice needed.
- WiFi positioning system?
- How to decide when you need a network engineer?
- SPAN configuration
- Meraki to UniFi
| Posted: 27 Aug 2019 05:04 PM PDT It's Wednesday! Time to get that crap that's been bugging you off your chest! In the interests of spicing things up a bit around here, we're going to try out a Rant Wednesday thread for you all to vent your frustrations. Feel free to vent about vendors, co-workers, price of scotch or anything else network related. There is no guiding question to help stir up some rage-feels, feel free to fire at will, ranting about anything and everything that's been pissing you off or getting on your nerves! [link] [comments]  |
| Python for Network Engineers course starts on next Tuesday, Sept 3rd (free course) Posted: 28 Aug 2019 01:23 PM PDT We periodically run a free course on Python for Network Engineers (about once a quarter) and that time has come again...so we will be running this course again starting on Tuesday, Sept 3rd. The course is fundamentally about Python, but told with a network engineer's bent (i.e. the examples and exercises are more relevant to network engineers). Later in the course we also get into some more networking specific topics (Netmiko and Jinja2 for configuration templating). The course format is a lesson a week for eight weeks. The lessons are all delivered via email and consist of videos, exercises, and additional content. The course is self-paced. The weekly lesson breakdown is as follows:
The course uses Python3. A bit about me--I am a long-time network engineer (CCIE emeritus, routing and switching). I have been pretty into Python and network automation for quite a while. I am the maintainer/creator of the Netmiko library; I also am one of the core maintainers of the NAPALM library. Recently, I have been doing quite a few things with Nornir and also we have been doing some event-based remediations with StackStorm. Sign-up is available here: https://pynet.twb-tech.com/email-signup.html [link] [comments]  |
| Code execution and admin login bypass in Cisco UCS Director and Cisco IMC Posted: 28 Aug 2019 10:02 AM PDT Code execution and admin login bypass in Cisco UCS Director and Cisco IMC https://raw.githubusercontent.com/pedrib/PoC/master/advisories/cisco-ucs-rce.txt These guys found it: https://www.agileinfosec.co.uk/ [link] [comments]  |
| How do you guys/gals visualize packets as they're flowing through the network? Posted: 27 Aug 2019 08:27 PM PDT This is kind of a random question I had come to mind as I was studying for my last CCNP test. What do you all visualize when someone is explaining a problem or new environment to you? Do you imagine layer 3 links a certain way in your head vs layer 2 links? Do you actually see the MAC when you visualize the ethernet frame or maybe you represent different concepts as different colors. Perhaps an OSPF process is green in your head vs EIGRP which is blue... things like that. Thinking about this while studying made me realize that one could probably accelerate their own understanding of how all of the layers of networking function correctly by defining these things explicitly in their head. What do you all think? [link] [comments]  |
| Coworker got fired, not going to back-fill. Ask for a raise? Posted: 28 Aug 2019 04:25 PM PDT So I've been at my company for just about 4 months. Two months into my job the other other Network Engineer (had a senior title) got fired for some undisclosed reason. For the last two months I've been doing the job alone, and apparently well enough that management decided that there isn't a reason to back-fill the old position. My initial thought was to bust my ass for the rest of the year and then at the year end review ask for the senior title and a raise. My other coworkers (not network) and my wife seem to think I'd be an idiot if I didn't immediately ask for a raise since I now found out I'm going to be flying solo permanently. How would you handle the situation? I want to keep in good graces because the company compensates well, I genuinely like the job and they have a pretty impressive end of year bonus structure. On the other hand, I probably have a lot of leverage if I want to push the issue. [link] [comments]  |
| Any recommendations for Active/Standby ASAs with a single provider ONT Posted: 28 Aug 2019 09:57 AM PDT Hi Guys, First time poster, long time lurker, looking to see if anyone can provide a better idea or some advice for an upcoming network uplift. For employee recreational WiFi we have a 100Mb BTNET circuit in each of our sites (16 in the UK) hanging off a single ASA 5506 or 5508. I've been asked to increase the resilience of this service by implementing a standby for each ASA to allow maintenance and fault tolerance etc. However, the line terminates on a single 21CN ONT which we can only have one copper presented connection from (as far as I'm aware anyway). Currently I've budgeted for a number of 8 port 2960CX compact switches. This will also be a single point of failure, but at least we can get site-hands to pull the cable from the switch and direct patch to the active ASA should it fail. Does anyone have a better suggestion, as weird as it sounds I've thought about those 2 into 1 RJ45 Y splitters that I've seen people use to turn a 1Gig switchport into two 100Meg switchports. But I'm not sure if the ONT will be completely confused by this... Note, this is recreational WiFi for employees, so a second link is out of the question, we have SecurePlus lines for our MPLS but WiFi is not permitted to use this as it's non-critical traffic, seeing if anyone else has some low cost ingenious suggestions. Thanks in advance Guys -Ludo [link] [comments]  |
| Posted: 28 Aug 2019 03:02 PM PDT I had a customer call in using Blue Hexagon (seems to be an ai threat monitoring/mitigation platform) and was wondering if anyone had any exposure to it. This particular customer had mirrored all switch interfaces to a singular interface connected to Blue Hexagon (not sure if it's an appliance, a vm or something else). I was wondering if that is what they recommend or if this was as wrong as it felt to me. So please, if you know about Blue Hexagon (beyond a google search) please share what you know. Thanks [link] [comments]  |
| Posted: 28 Aug 2019 07:50 AM PDT We're a large(5000 devices/60000 clients) Cisco customer looking to get actionable feedback about the performance and user experience on our network. After walking the floor at Cisco Live, Voyance was the one product that really stood out to me. If you have positive or negative feedback about the product, it would be greatly appreciated. I know Cisco DNA Assurance has some similar features, but unfortunately we can't print our own money yet. [link] [comments]  |
| Port Mirroring from Cisco switch to ESX host VM Posted: 28 Aug 2019 01:08 PM PDT Hi all. I'm struggling to get working port mirroring between Cisco 3850 switch ports and a VM on an ESXi host. I've done what I'm told needs to be done to get it to work but I'm having no luck. Aim: To sniff traffic from the ports our firewall is connected to on the 3850 and to copy it to a sniffer VM on our ESX host. Setup: Both of our firewalls connect to our core switch. The ESXi host connects to the same switch. The sniffer VM is on VLAN/port group 10, attached to a standard vSwitch (our license doesn't include distributed switches). The vSwitch has been configured to allow promiscuous mode, and this has also been done on the port group. The switch port connected to the ESXi host is a trunk port. The traffic we want to sniff belongs to several different VLANs so I configured 'monitor session 1 source vlan 20 ,30 both' and the correct destination equivalent but the sniffer VM doesn't seem to be seeing the traffic. The VM has a network adapter connected to VLAN 10 so I'm not sure what's wrong. Any insight would be appreciated! Thanks in advance. [link] [comments]  |
| Difficult career situation --looking for some insights Posted: 28 Aug 2019 11:59 AM PDT I work for a consulting firm, and I am in networking and cyber-security, among other things. I have 23 years experience, a CISSP, CCNP-S, and numerous other industry certifications. When I was brought aboard on my current job 7 1/2 years ago, I made it clear that I wanted to be doing design, implementation, and project management. No first-level support, NOC-style work, late night equipment swap-outs, etc. My employer agreed to this, and for a while I was doing what I wanted to be doing at my current client. Then a few things happened:
Then my boss recently approached me and asked me if I wanted to take over one of the director/chief roles, namely the guy who was overseeing the network infrastructure, telecom etc. for the entire enterprise (this is a huge environment: we have like 1800 Cisco devices and hundreds of miles of fiber. There are 3 network guys including myself) Now if I took this new "role", it wouldn't come with a title change or salary bump--I would basically be doing the director's work, along with the manager of network services, and my own consulting work. The benefit would be having a lot more power, but I am worried that the responsibilities are going to explode, especially on the support side. What would you guys do? [link] [comments]  |
| Posted: 28 Aug 2019 02:56 AM PDT Hello, I will start soon to renegotiate our MPLS contract (approx 20 sites all around the world). I got the actual statistics of the bandwidth usage (with the usual drawback of that monitoring tool: precise date only for the last few days, sample rate from 1 minute...). Do you have engineering rules to determine the required bandwidth using the statistics? I used to take the average bandwidth in business hour and to order a link 5 times bigger (for example: 10Mbps average bandwidth => 50Mbps MPLS link). Anyway, that's only by experience. I would be curious if they are some engineering rules to calculate that. [link] [comments]  |
| Automated network testing advice needed. Posted: 28 Aug 2019 11:11 AM PDT For those who are working in network automation what are you using to test and confirm that the automated changes performed on the network where performed correctly across all affected devices in the network? Edit: Would using ansible be a good starting point for automated testing ? [link] [comments]  |
| Posted: 28 Aug 2019 09:38 AM PDT Does WiFi positioning system work if the laptop has WiFi turned off? [link] [comments]  |
| How to decide when you need a network engineer? Posted: 27 Aug 2019 10:05 PM PDT Hi all, Have a question for everyone here. The short version is: How would you decide whether or not a company needs a network engineer? The longer version: We're a small finance company, ~200 users, ~20 offices, 3 datacenters (2 physical, 1 in Azure), ~500 endpoints including servers. IT team is currently 4 technical people + management, but we're in discussions on expanding that and trying to figure out which role would be best to hire for. We currently have: 1 analyst 1 help desk 1 systems/network admin who is much stronger on the systems side 1 systems/network/security engineer who is primarily security None of our technical staff are what I'd call strong in networking (we understand subnetting/VLANs/ACLs and etc. But not OSPF, BGP, or other higher-level networking concepts). We're currently on an MPLS network for all of our locations managed by our ISP, and looking at moving to SDWAN for better bandwidth/cost savings/availability. If you were in this position, what metrics/infrastructure/etc would you be looking at when deciding if a network engineer is the best use of budget vs outsourcing that function? I'm sorry if the question is vague, or if I'm leaving out what would be considered key details in that conversation. I'm happy to answer questions or add details that would be useful. [link] [comments]  |
| Posted: 28 Aug 2019 05:45 AM PDT Hello everyone, Currently i am about to install a network management software to capture network traffic and to create a network map of the network at work. There are two core switches one for servers vlan and one for users. Both of them are connected to firewall. How do I connect one workstation to both core switches and configure span in order to catch traffic from both core switches? [link] [comments]  |
| Posted: 28 Aug 2019 01:25 AM PDT I need to replace my small Meraki network and UniFi seems like a good option. Just looking for feedback on the proposed UniFi devices. I'll host the controller myself on a Linux VM.
The requirements are pretty basic: - Internet connection is 100/20 (PPPoE). - Currently everything on the Merakis is on one VLAN and I use OPNsense on a VM to segragate some lab traffic. Ideally, I'd like to remove OPNSense and just use the USG. - Don't need QoS but will need sub-interfaces/NAT/firewall rules on the USG. - I've looked at EdgeRouter/EdgeSwitch and can't see any features which I need or would be worth sacrificing the single pane of glass for. Cheers. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment