Best place to start switch APIs ? Networking |
- Best place to start switch APIs ?
- More Windows vs. Linux / MacOS window scaling throughput differences
- High ping response time every 3 minutes (HP ProCurve 1810-24GE)
- ISE COA + Port Bounce
- Weird configuration that I'm not familiar with, but need to write a report about.
- What is a good solution for a small shop network monitoring and filtering
- Meraki MR42 Access Point as an 802.1X supplicant
- Help with IPSEC/FlexVPN tunnel?
- Configuration requirements for Dual Sup C9410 to support automatic failover and issu
- Cisco ACI L3Out - Cat9500 Router OSPF
- POE flapping between two ports?
- Fiber to Ethernet Media converter vs. ?
- Watchguard BOVPN basic questions
- Cisco ASA VTI IKEv1 VPN with NAT.
- Which tool could add delays in HTTP request body to Test our HTTP server timeouts configuration ?
- Help understanding "Lightning Grade Protection" for switches?
- Changing Corporate Network (60 users) from /24 to /16 (or other) network - Ramifications?
- NFX250 JDM Management Port eth0 not reachable
- subscription question
- How do I connect to the management interface of a dell n3000 switch with just an ethernet cable
- Export access rules from Checkpoint SmartConsole
- Is there a way to see based on a MAC Address, if it's a LAN or WiFi Adapter?
| Best place to start switch APIs ? Posted: 03 Sep 2019 06:36 AM PDT I'm attempting to automate see switch configuration and I'm not sure where to start or which switch OS would be the easiest to do a POC with? Any suggestions? [link] [comments]  |
| More Windows vs. Linux / MacOS window scaling throughput differences Posted: 03 Sep 2019 10:18 AM PDT Following on from https://www.reddit.com/r/networking/comments/alf8h2/tcp_window_scaling_windows_vs_linux_crazy/ (now archived), for the last few months I've been spending far too many hours comparing and contrasting Windows machines with Linux and Mac machines on a superfast symmetric LFN (residential gigabit fibre). Fundamentally, the same symptoms /u/gandalf8110 observed are what I'm also seeing - throughput performance is utterly terrible on the Windows machines, almost irrespective of what I modify/change on the NIC or Windows. The PCs are powerful, easily capable of steady gigabit in a LAN scenario. With either machine booted to Linux, they're also easily capable of sustained maximum throughput in either direction to public or private iperf servers. A Mac running on the same network under same conditions is also fine on both LAN and WAN; the same tests performed under Windows (Windows 10 1908 or Windows 7 Pro) give awful results by comparison. Nowhere near the maximum available bandwidth utilisation in identical conditions. The only thing I've not tried yet is testing over a 10 gig NIC or with a non-Intel chipset NIC, but I doubt it will make any difference. I have a laundry list of variables I've checked, disabled, tried or tuned. The only conclusion I've come to so far is that Windows' TCP windowing behaviour seems erratic at best, horribly implemented at worst. What have they done with their CUBIC implementation combined with how Windows manages the TCP stack which is causing such a huge deterioration in performance? Is there any solution to this at all? [link] [comments]  |
| High ping response time every 3 minutes (HP ProCurve 1810-24GE) Posted: 03 Sep 2019 06:18 AM PDT Our three HP Procurve 1810-24GE-Switches are kinda weird. First I noticed in Zabbix that we have high ping spikes (up to max. 200ms) on all the three switches every 3 minutes. An example: So there has to be some task or so that is blocking my pings or smth like that, right? Any idea what it could be? Exactly these three switches are also the same that do not provide any data to my Zabbix graphs besides the "Ping" and the "Ping response time" [link] [comments]  |
| Posted: 03 Sep 2019 01:22 PM PDT Hey /r/networking, Hope all is well. I have an issue that I need a bit of help with. We try to trigger Change of Authorization from the Web GUI. However, it silently fails every time. Have worked with Cisco TAC and they're even confused why this is happening. Have run all the debug's on our Cisco Switch - nothing out of the ordinary (minus not being able to see when a port change is triggered from the Web GUI). Just the weirdest bug we've run into. Trying to get a bit more info on this, see if there is a simple fix. Can provide more detail if necessary, but if it helps we're on ISE 2.3. [link] [comments]  |
| Weird configuration that I'm not familiar with, but need to write a report about. Posted: 02 Sep 2019 10:08 PM PDT Hey everyone, So we have a vendor that does the networking for our projects and they have always been flat networks. Recently we starting doing vlans and the vendor was tasked with creating a multi vlan network for projects moving forward. We've noticed that some of the projects just have random issues of outages, or wifi not working properly, things taking too long to connect, so on. I was tasked with looking over their config to find any issues and I've noticed that they do things a little differently than what I'm used to. These are brocade switches (I'm a cisco guy, and brocade does things different if I understand correctly with their tags and trunks, thats why I mention it) and here's how they are configured: All ports are tagged with all vlans, we have 5-7 different vlans, and then a dual mode is set to allow only the traffic that should be on that port. This configuration is clearly working because the network DOES work, but I cant help but think it is improperly configured due to the issues they experience. I took it upon myself to redo one of their networks using untagging and only allowing the specified vlan on the port that it needs to be on, and so far, everything works fine and things just seem 'snappier'. Devices get IPs faster, services respond quicker, outages resolve in less time, etc. Am I wrong to say they are doing it iscorrectly and there are better practices? [link] [comments]  |
| What is a good solution for a small shop network monitoring and filtering Posted: 03 Sep 2019 09:02 AM PDT Hi guys, Sorry if this is the wrong place to ask for advice but here we go. I'm a systems management consultant for mainly large companies (datacenter & network monitoring for 5k+ servers, VMware, MS products like System Center Suite etc..) but one of my small business clients asked me if I can setup their network for their new office. They have like 15-20 PCs, 3 servers and as you guess not-so-large budget. I'm comfortable working with enterprise (*expensive) solutions but I really have little idea on the SMB product line. Their only requirement is to be able to limit internet bandwidth and limit access to non-work related websites per user/PC (or group if possible), get reports on which user/PC browsed what websites on a specific day. The PCs will be part of an Active Directory domain (Microsoft DHCP may be installed or not), so anything AD integrated would work. My research shows me I can go with a setup like this; - Fortigate (you tell me which model) firewall at the edge -> I could not find a model that includes all above requirements, if there is, I can skip the squid proxy What would you recommend? Go with a different product line? Thank you in advance. [link] [comments]  |
| Meraki MR42 Access Point as an 802.1X supplicant Posted: 03 Sep 2019 01:16 PM PDT I'd like my Meraki MR42's to use 802.1x on the wired network. I see lots of Cisco documentation to do this on the old Cisco WAPs, but I can't find any documentation on doing this with a Meraki. Do the Meraki APs not support 802.1X on their wired interfaces? [link] [comments]  |
| Help with IPSEC/FlexVPN tunnel? Posted: 03 Sep 2019 12:52 PM PDT Hello r/networking, I am trying to setup a FlexVPN between two ISR4321s. The tunnel is just not coming up. This is my first dabble into tunnels so I'm sure I'm missing something(obviously since its not coming up). Any help would be greatly appreciated! The setup is very simple right now, just trying to get the tunnel config setup right. Both routers are directly connected to each other via Gi0/0/0. Debug crypto ikev2 says it can't find a PSK, but that doesn't make sense to me since it is defined. Copying the relevant configs below: REMOTE: HUB: Again, thank you in advance. [link] [comments]  |
| Configuration requirements for Dual Sup C9410 to support automatic failover and issu Posted: 03 Sep 2019 12:45 PM PDT Hello, Having a bit of trouble finding a config example for failover on a C9410 chassis with dual supervisors. Are there any configuration requirements to support ISSU and failover in the event a supervisor goes down? I have some in a lab environment so I can test it once I'm sure of the config. [link] [comments]  |
| Cisco ACI L3Out - Cat9500 Router OSPF Posted: 03 Sep 2019 08:06 AM PDT Hello fellow network gents, I'm running into a peculiar problem using Cisco ACI L3Out. So the setup is a multi-pod with 2 physical separated sites. We have built an L3Out for each Tenant. So every L3Out has a separate VRF in a separate user Tenant. When we establish a neighbour ship with our router at the other end (OSPF). The router at the other end is a Catalyst 9500 running IOS-xe. When we establish the neighbourship something very odd happens. All routes that have been learned by the 9500 from ACI, from totally different Tenants are withdrawn. They remain withdrawn for at least 12 minutes, after that the Cat9500 will relearn them as type-5 routes. So I am establishing a neighbour from 1 tenant and when it's done, it will withdraw all the learned routes from other L3Outs in separate VRF and separate Tenants. I've tested removing the neighbour and nothing happens, but when I re add it, i can't ping any gateways (Bridge Domains) anymore inside of ACI and the route is removed from the OSPF database on my Cat9500. We are using a redundant vPC connection to the Cat9500 to peer the L3Outs on, using sub interfaces. The OSPF configuration is on the sub interface. [link] [comments]  |
| POE flapping between two ports? Posted: 03 Sep 2019 11:51 AM PDT So, we have two devices that are spamming our logs with POE negotiation over and over[ see log entries below]. This is a remote device at a client site, and I haven't been able to get a lot of information on what is connected to these two ports---probably some kind of cisco video devices. The switch is a c2960cx. It is not learning mac addresses on the ports? Sep 3 11:53:08.854 MDT: %ILPOWER-7-DETECT: Interface Gi0/5: Power Device detected: Cisco PD Sep 3 11:53:09.340 MDT: %ILPOWER-5-POWER_GRANTED: Interface Gi0/5: Power granted Sep 3 11:53:09.616 MDT: %ILPOWER-5-IEEE_DISCONNECT: Interface Gi0/5: PD removed Sep 3 11:53:12.856 MDT: %ILPOWER-7-DETECT: Interface Gi0/8: Power Device detected: Cisco PD Sep 3 11:53:13.444 MDT: %ILPOWER-5-POWER_GRANTED: Interface Gi0/8: Power granted Sep 3 11:53:13.678 MDT: %ILPOWER-5-IEEE_DISCONNECT: Interface Gi0/8: PD removed [link] [comments]  |
| Fiber to Ethernet Media converter vs. ? Posted: 03 Sep 2019 11:29 AM PDT Hey, I have pretty much no fiber experience (RJ45/WIFI only). I have a client with a few point to point fiber connections with rj45 media converters. We are looking to replace the fiber rj45 media converters due to high failure rates and the CTO had expressed an interest in leveraging the fiber connect ports for SFP on their switches. Questions:
Edit* SPF -> SFP [link] [comments]  |
| Watchguard BOVPN basic questions Posted: 03 Sep 2019 05:26 AM PDT I apologize if these are basic questions, but I wear many hats at my company and some fit better than others. We have a rack of co-located web and db servers at a remote location. We use an M270 as a firewall to protect those assets as the web sites are publicly available. The WAN is a /30 from the co-location company and the LAN is a /28 of public IPs. I added a T55 to our office and want to create a BOVPN between our office and our colo so that when files are transferred between office and web/db servers, or our web administration is accessed, or RDP is used the connection is encrypted. My questions are this. Is only traffic between A and B routed through the tunnel? In other words, I don't want ALL traffic from our office (T55) sent through the BOVPN - just traffic to and from the M270's /28 network. And vice versa - I don't want thousands of daily web site visitors routed through the T55. Watchguard support suggested that I set it up so that the config is <=====>. 2nd question is what happens if the BOVPN is down? Do we (T55) lose connectivity to our assets (M270) or will the Watchguards detect that it's down and route traffic normally through the public internet? When I apply the config locally to the T55 will I lose all connectivity to the M270 (so I must configure the M270 first and then trust that when I save changes to the T55 it will work)? [link] [comments]  |
| Cisco ASA VTI IKEv1 VPN with NAT. Posted: 03 Sep 2019 05:23 AM PDT Hello guys, I'm trying to set up a site to site VPN using VTI IKEv1 and it's working well. Traffic can go from network 10.10.3.0/24 to network 192.168.1.0/24 But I don't quite understand how to NAT IP addresses to hide the real network range that sits behind. What I want is traffic that comes from 10.10.3.0/24 to be NAT'd to a made-up IP say 10.10.10.1/32 and then that then NAT'd to 192.168.1.0/24 on the other side. I've done this loads with NAT rules using encryption domains it appears this method does not work with VTI interfaces. Can someone point me in the correct direction? My configs are below. I have a very basic config.. Site1 Site 2 [link] [comments]  |
| Which tool could add delays in HTTP request body to Test our HTTP server timeouts configuration ? Posted: 03 Sep 2019 01:24 AM PDT Hi, I'm currently working on configuring a HTTPd Webdav server, and its different « Request Timeouts » and we want to test it (triggering the timeouts) using a HTTP client. Do you know a tool/application/library, that can add delay to the HTTP request body ? Thanks [link] [comments]  |
| Help understanding "Lightning Grade Protection" for switches? Posted: 02 Sep 2019 08:26 PM PDT Greetings! Sorry if this is a noob question, I've searched around and can't seem to find any answers or information that's helping to bring me clarity. I'm an electrical noob. I'm looking at some HIKVision (shudders) PoE switches, and one model in particular mentions Lighting Grade Protection, 4kva for ports, and 6kva for power supplies. But I don't see that mentioned on much of their other gear. Here is the particular switch in question: https://www.hikvision.com/mtsc/uploads/product/accessory/Datasheet_of_Web-managed_PoE_Switch_20190424.pdf I don't see many switches from other brands mention a rated lightning protection either, but I'm not a networking pro, so I thought I'd come to the hivemind to ask. :D . Wasn't sure if this was just odd vernacular or not? [link] [comments]  |
| Changing Corporate Network (60 users) from /24 to /16 (or other) network - Ramifications? Posted: 03 Sep 2019 11:25 AM PDT Hi, I love the word 'ramification' and am really pleased I can use it today. Has anyone moved their internal IP network from a /24 to a /16 (or /20 for example) network? I inherited this network and would like to increase the available IP addresses in advance of allowing BYOD to connect to our Wifi, amongst other things. We have a Sophos gateway device managing our routing, dhcp and dns. We have fixed IP's only on a few servers, and I intend to keep them the same, changing only the subnet mask. We have a Ruckus Wifi solution and a cloud PBX solution. I intend to do this over a weekend, manually renewing IP addresses on wired clients because we only have about 30. In the process, we will also be merging two wifi networks, and therefore losing one VLAN which I will make sure to delete on the Sophos and any related config on all our switches. Hoping to make my Monday morning as painless as possible, along with everyone elses. EDIT: The primary reason for this is to increase the number of IP addresses available, and to enable seamless AirPlay between all our company and BYOD (typically iPhones) devices and our Barco ClickShare devices and Apple TVs. Our Ruckus Unleashed wifi feature 'Bonjour Gateway' does not seem to work in conjunction with the Clickshare when a device is not on the same VLAN. [link] [comments]  |
| NFX250 JDM Management Port eth0 not reachable Posted: 03 Sep 2019 06:31 AM PDT I have an NFX250 running version: root@jdm# show version I want to upgrade the software via the JDM, so I know I need to upload the package via the Winscp and run a couple of commands. However, first i need connectivity to the JDM Out-of-Band port which is the eth0 in this version as shown below: root@jdm# show If i connect my PC to the management port of the NFX 250, i must be able to ping the eth0 IP: 10.10.10.20/24. However, i'm not able to ping it or connect to it via Winscp. If i ping this IP from inside the NFX it is pinging. Can someone help me with this? [link] [comments]  |
| Posted: 02 Sep 2019 08:15 PM PDT Has anyone purchased the pfsense subscription? If so, what has you experience been thus far? I use my environment for production with multiple clients and wan IPs. I'd like to make the network more secure, but require additional assistance from support, but is it really worth getting? [link] [comments]  |
| How do I connect to the management interface of a dell n3000 switch with just an ethernet cable Posted: 03 Sep 2019 04:02 AM PDT I'm pretty sure this is a very silly question but please I need someone to point me in the right direction. I need to setup the switch for remote access so someone else can do the config. I have the documentation but still can't figure out how to access the console. I've tried plugging it into my pc and setting the default ip (192.168.0.1) but no dice. Pleaseeeeee anyone Thank You!! [link] [comments]  |
| Export access rules from Checkpoint SmartConsole Posted: 03 Sep 2019 01:52 AM PDT So I have 'inherited' some Checkpoint FWs. As I'm only used to ASAs I'm still a bit lost. Can someone help with exporting the access rules to a html file? There must be a way as we have one in our documentation but it's outdated. [link] [comments]  |
| Is there a way to see based on a MAC Address, if it's a LAN or WiFi Adapter? Posted: 03 Sep 2019 01:04 AM PDT basicly whats written in the title. Didn't really know which subreddit would fit for this, but i guess this one should be right?! I got some MAC Addresses, and i wanna find out which are from a Wifi Card and which are from a LAN Connector. Is there any way to find out? THX in advance :) [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment