Handy tools? Software? Want to help my team spend end of year budget Networking |
- Handy tools? Software? Want to help my team spend end of year budget
- Is there any legitimate reason to have Telnet enabled on newer switches?
- I created a Simple Network Automation Program
- OSS contributions during leave of absence?
- Cisco Switch Models - 24TD vs 24PD vs 24PS etc...
- LAN file transfer speeds bottlenecked by Windows auto-tune
- Internet Reduncancy
- Comcast SD-WAN?
- Cisco SAN Zone Creation HELP!!!!
- Finding prices for research
- I’m stuck... I can’t figure out if my updates messed things up or if our ISP is just crap. Any advice appreciated.
- Network status map
- NAT and Access rules - Cisco ASA Firewall
- Query WISP pfsense, dns server, qos?
- Is the fa0 management port worth 3x as much?
- blocking traffic based on tcp flags
- What determines whether a fiber switch is multi-mode or single-mode?
- ELRP vs STP
- Is it possible to configure routers other than Cisco?
- Using ISE as a Guest WLC Anchor replacement?
- configure terminal revert
- Handling redundant switches
- Automating graphs / metrics
- Adding legacy AP firmware to new WLC
| Handy tools? Software? Want to help my team spend end of year budget Posted: 02 Oct 2019 09:06 AM PDT Hi r/networking!! Boss told me we have an "undisclosed" amount of money and is taking suggestions on the network teams wish list of tools or ideas to spend it. Anything handy or cool you guys use? Not looking for super expensive automation software or stuff like that; just the smaller stuff [link] [comments]  |
| Is there any legitimate reason to have Telnet enabled on newer switches? Posted: 02 Oct 2019 10:39 AM PDT I do mostly sysadmin/desktop support tasks but I mess with a few network things since we're a small team. I remember hearing long ago telnet wasn't secure before I even got into IT so I don't know how people with years of experience don't know this. Anyway, I've been looking into CCNA and increasing my network knowledge. Upon poking around our network in the year I've been here I've noticed every switch has telnet enabled. This is a big NO NO right? They're not old switches either (2960-x). I don't want to ruffle too many feathers being the new guy but I feel like this needs to be brought up... [link] [comments]  |
| I created a Simple Network Automation Program Posted: 01 Oct 2019 09:56 PM PDT I call it SNAP. Why: I work for a customer that has new devices coming in and going out all of the time. Needed a way to quickly load a pre-generated configuration on the device and send it on its way, I also have guys that I work with that use the program as well to load configurations, its simple and works. Works with console ssh and telnet. User Credentials are not stored. Load configs easily and walk away. I added some buttons for troubleshooting easy issues. Single exe can be found here. While the source code can be found here. Credits: Netmiko, PyQT5 *Thanks for all of the positive feedback. I am looking forward to any ideas for ways to improve. [link] [comments]  |
| OSS contributions during leave of absence? Posted: 02 Oct 2019 12:46 PM PDT Long story short, I'm taking what will mostly likely be a months-long LOA to help my wife battle cancer. I know I'm gonna get bored at some point; anyone have any interesting OSS projects here I might want to check out and try to contribute to? [link] [comments]  |
| Cisco Switch Models - 24TD vs 24PD vs 24PS etc... Posted: 02 Oct 2019 01:33 PM PDT What do the two letters that follow the number of ports signify? What are these letters called and is there a guide that I can reference when determining which switch is best for which use? If I compare a 2960X-24PD to a 2960X-24PS, they both look like the same switch in every way except for the cost. [link] [comments]  |
| LAN file transfer speeds bottlenecked by Windows auto-tune Posted: 02 Oct 2019 03:15 PM PDT Windows 10, Vers. 1903. Onboard Realtek GBE. Issue: With Receive Window Auto-Tuning Level set to "Normal", network file transfer speeds are significantly reduced. Upload speeds are about 8% while download speeds are about 50% of what they are when Auto-Tuning is set to "Disabled". So, I've disabled auto-tuning as a workaround but surely this will have other implications on network performance. Knowing the issue lies with auto-tuning, is there a more precise fix or setting configuration I can look into? [link] [comments]  |
| Posted: 02 Oct 2019 10:29 AM PDT Hello, We are a medium-sized organization with roughly 200 locations. All of these locations come to a central data center for internet service. A few weeks ago, we experienced a carrier outage at the central site. This outage caused all of our sites to lose internet connectivity. How does your organization handle situations like this? Do they run redundant internet connections? SD-Wan? Only helpful answers please, I didn't design the network, I'm trying to improve it. [link] [comments]  |
| Posted: 02 Oct 2019 02:24 PM PDT I have a customer that we are doing an assessment for that has purchased this but not yet installed it. Does anyone know what hardware vendor they use and what firewalling they use if any in conjunction? Is there an IPS add-on option if not included? What level of control does the customer get? [link] [comments]  |
| Cisco SAN Zone Creation HELP!!!! Posted: 02 Oct 2019 04:15 PM PDT Need some help sorting out best practice vs what other people decide to do. I have been tasked with creating a new storage zone for a new server in our system. SAN Switch: Cisco MDS 9250i - 2 for fabA, 2 for fabB. Storage: Hitachi Gwhatever Platform: Cisco UCS with VMware Questions I have:
[link] [comments]  |
| Posted: 02 Oct 2019 03:46 PM PDT I'm working on a risk review / case study for a security class and part of it is estimating prices for what I want to recommend to install. I'm having trouble tracking down legitimate prices of solutions as everyone wants to sit down with you and give you their pitch before they'll discus price. As a full time night student, father, and full time employee, I don't have time to go through that with every little device. Is there somewhere I can quickly go and find prices for common solutions? For example, I want to install an IDS, Computer World says a CISCO Secure IDS starts at $8000, but I can't find where to verify that price, or what model and version that is referencing from a first hand source. [link] [comments]  |
| Posted: 02 Oct 2019 08:33 AM PDT Rule notes
System use: - we are a warehousing company with a main building, two out buildings, and 6 acres of open lot to store random stuff outside (think soaps people sell on amazon inside and tractors outside.) Our employees use iPads with Bluetooth ring scanners to know what they need to do during the day. Internet access is a must Budget: we are a startup but understand the value of paying network/system engineers and the "coding people". I am not asking for help in order to bypass paying a knowledgeable professional. I've been doing most of this myself because a) I enjoy it and b) I've done a pretty good hub until recently and c) I own the company and really enjoy giving our Christmas bonuses to my employees. (At the end of the year, I make sure we have three months of operating capital in the account and then dump the rest to our employees based on what they have contributed to the company that year.) I try to be a good-guy boss. Okay, I hope the above meets the criteria and requirements of the rules. Now to the problem - we have Suddenlink as our ISP, there are no other options beyond Suddenlink in our area. They were recently sold and have been having big problems lately. Our internet was down for 5 days last month and we had to resort to using AT&T hotspots to keep things moving. No internet=no work done. We have a mix of Netgear, Linksys, and ubiquity gear which are all set up as assess points to a netgear router. That was serving as The school server with cloudflare 1.1.1.1 & 1.0.0.1. Things were cool A week ago I set up a dual PiHole in order to block external websites except the ones needed to do work. We had an employee hide in a tractor and watch porn, so having the iPads open to external sites seemed like a bad idea. The pihole setup has been working great. A few days ago, we had some nasty actors try and get into our network. After some Google fu, I found pfSense and OPNsense, I went with OPNsense. We set OPNsense up on a dedicated server and things were great for about 12 hours. I had external access turned on. Then things went to crap. Only may laptop, the one I used to set things up, had internet access and my machines IP was the public ip. Ie not and internal up, my machines local address was the external address. I thing else had access. When I disconnected my laptop from the network and renewed the lease, I still had that up and nothing else did. I freaked out and switched everything back to the router for DCHP and thing are still no-bueno. For our switch setup, the internet comes in from the modem. It goes into a switch. That switch is what has all the routers and hard wires connected to it. The old netgear dchp server and the OPNsense were connected to that switch. When I switched everything back, it, I turned off the OPNsense server and changed the netgear router back to a modem and not access point. Now we have a working WiFi network, but no internet. The modem won't connect and we just get 000s for everything. The reason I'm asking a a question is that Suddenlink has been having Halle issues lately and I'm not sure if what I did caused problems or if it was Suddenlink. They are sending out a tech this evening, but I'd prefer them not having g the option of blaming me for their crappy network if the problem is actually with them. So - is there anything major that stands out as a no-no in the networking world? I'm 100% self taught and networking is a newer field for me. Any advice is appreciated. Mod note: If I need to modify something to comply with the rules, please let me know. [link] [comments]  |
| Posted: 02 Oct 2019 03:13 PM PDT I want to implement a network status map that is informative, concise and attractive, and I am looking for suggestions. My key requirements are as follows:
Currently use A combination of observium, grafana and xymon but the visual representation is limited, and we want a nice war games map for management to point at and go ooh, but it would be great if it was also useful. Can pull the source data either directly from devices or via other means (open to suggestions). python would be the language of choice if programming is required. [link] [comments]  |
| NAT and Access rules - Cisco ASA Firewall Posted: 02 Oct 2019 12:44 PM PDT Hi All hoping you can help me out, have created some access rules and some nat rules, but im having a few issues. let me give you a run down So what im trying to achieve is suppling a 3rd party vendor with one of my public ip address, this is going to allow the 3rd party to remote onto some of my servers by public ip and assigned port. im trying to use 1 public ip address to do this so i have created the access rules Source - Object group - containing 3rd party ip address destination - end host - host 1 (1.1.1.1) service - tcp 1112 destination - end host - host 1 (1.1.1.2) service - tcp 1113 Now nats been setup source int - inside - dest int outside source - host 1 and host 2 destination - any Translated packet source origional - my public ip 3.3.3.3 destination origional Source Int - out , Dest int in source any destination - my public ip 3.3.3.3 service any translated packet source - origional destination - host 1 N host 2 My issue is when 3rd party trys to rdp in they can only hit 3.3.3.3:1112 they are unable to rdp into 3.3.3.3:1112 and 3.3.3.3:1113 at the same time (only seems to hit 1 port) how do i get around it so it will allow external to rdp onto both servers at the same time from the same public ip but hitting different port for each server (just to confirm both connections work - just not at the same time) [link] [comments]  |
| Query WISP pfsense, dns server, qos? Posted: 02 Oct 2019 02:28 PM PDT Hello, I work in a small wisp in my city and I would like to implement something to improve the performance / quality of the service we offer. We have about 400 clients and the plans we give are not very large (2 and 3 M down x 1M up both). We do the routing with mikrotik and the wireless network with ubiquiti. In the mikrotik routers I have a couple of rules created to limit the netflix and youtube connection and in this way we achieve that the clients do not saturate their connection. It works quite well, but I would like to improve the performance of the network to be able to offer more bandwidth and if possible not increase the price of the service. First I thought about making my own dns server, we currently use google dns (8.8.8.8) but I don't know if this will make a notable improvement, I ask your opinion about it. What do you find convenient? improve QoS on mikrotik routers? I install pfsense and do QoS there? (I have no experience with pfsense) I am looking forward to your response. (I'm from Argentina and wrote all this with the google translator) [link] [comments]  |
| Is the fa0 management port worth 3x as much? Posted: 02 Oct 2019 02:15 PM PDT tl;dr - 8-port 2960-L is sufficient but doesn't have the fa0. 24-port 2960X does, but costs 3x as much. Worth it for that one feature? I'm speccing out two Cisco L2 edge switches for a branch office with ~50 users. Dual ISPs, dual edge switches, dual firewalls, etc. The usual redundant package. I won't be on site. We don't need many ports for this, an 8-port is fine, but none of the 2960-L switches come with a dedicated management port. Usually I've connected our OOB system into these management ports, to give me unfettered remote access to things via a Cradlepoint cellular router. I can get a 2960X that has the management interface, but it costs $1500 vs $500 for the little 2960L and we don't need the extra interfaces. Part of me say it's silly to pay that much just for the fa0, but the other part of me wants that extra remote control factor given that I'm on the other side of the country. What's the /r/networking groupthink on this? [link] [comments]  |
| blocking traffic based on tcp flags Posted: 02 Oct 2019 09:48 AM PDT Cisco ASA can NOT do this (funny as somewhere I saw that cisco network devices can with ACLs). Does anyone know if Firepower and/or Palo Alto FWs can do this? Thanks! [link] [comments]  |
| What determines whether a fiber switch is multi-mode or single-mode? Posted: 02 Oct 2019 02:53 PM PDT Is it the SFP module that determines whether a switch can accept multi-mode or single-mode fiber or is it an inherent part of the switch design? Does this mean one could theoretically mix and match fiber types into the same switch (ignoring bandwidth discrepancies)? From the point of view of a network switch, are the SFP's (whether it be multi, single, or ethernet) transmitting data in the same way to the switch? [link] [comments]  |
| Posted: 02 Oct 2019 04:51 AM PDT Hi there, Anyone there with Extreme networks switches and particularly Extreme Loop Recovery Protocol? Can you do a comparison between the proprietary ELRP and STP? Pros and cons, experiences/horror stories? While STP is far from perfect, slow, inefficient, it's still the standard and is well known and understood protocol. Call me an old fart (cause I am one), but as the saying goes, better the Devil you know. Is there a way to have an STP domain with an ELRP domain? Even if there is it's probably a really bad idea, better just configure the Extreme Switches with STP. [link] [comments]  |
| Is it possible to configure routers other than Cisco? Posted: 02 Oct 2019 02:18 PM PDT I'm currently studying computer networking and we configure lots of Cisco routers. Usually we do it with PuTTY to connect to the routers and config the different modes. Is it possible to configure, for example, a Linksys router like that? If not, how these routers are configured? [link] [comments]  |
| Using ISE as a Guest WLC Anchor replacement? Posted: 02 Oct 2019 04:57 AM PDT I am coming up to replace me Cisco WLCs with new 3504s. our VAR told us we could use our ISE with ACLs to completely replace our Guest WLC Anchor that is located in our DMZ. While i understand that it should work. but i am worried on how secure this will be. from my limited knowledge of Cisco Wireless the Guest WLC Anchor is used to isolate the Guest in the DMZ so it is completely off the Production network. Should i go ahead with my VAR suggestion or stick with Guest WLC Anchor. what is consider more secure or best practice? [link] [comments]  |
| Posted: 02 Oct 2019 05:55 AM PDT I've seen so many old posts on this i don't know how commonly it is used. We are running IOS 15.5 or IOS XE Everest on our devices. Is anyone using it regularly on either of these IOS versions? I know some older versions had issues, so I'm wondering if we can feel safe on newer IOS versions. [link] [comments]  |
| Posted: 02 Oct 2019 11:24 AM PDT So I'm tasked with expanding our network topology and trying to determine the best practice for this. We've currently got a pair of dell switches in a chassis that are stacked together which then connect by a pair of LACP links to another stack of old switches that are also acting as the L3 gateway. I've received a pair of new brocade switches to replace the existing old ones, but these don't support stacking in our configuration so I'm trying to figure out how best to do things. The L3 side of things is easily handled by VRRP and I don't see any challenges there. Systems will naturally be connected to both switches in case of a failure or need to update/reboot one. While I can leverage the independent teaming feature within our HyperV servers for the host side of things I'm debating how to handle the connection between the new switches and the stacked switches in the chassis. The simplest method would probably be some LACP links between each switch and then just use STP to take care of things. Ideally I'd probably look into tweaking the STP timers to try and reduce failover times as well. Is STP really the best way to do this? What other technologies exist to sort out this problem? [link] [comments]  |
| Posted: 02 Oct 2019 09:17 AM PDT Hey all, We use a combination of LibreNMS and Grafana / Influxdb / Telegraf for graphing and metrics. LibreNMS makes it possible to just drop in a device and go. It also currently does our alerting. We use grafana with telegraf separately due to the fact we can get much better and more granular graphs this way, with 30 second polling. One thing that's been nagging me for a while is figuring out how to automate the creation of graphs with telegraf and grafana. Anyone have any good experience with automating the telegraph / grafana part of this picture? LibreNMS is great as a catch all for graphs, but grafana is far better for graphing. [link] [comments]  |
| Adding legacy AP firmware to new WLC Posted: 02 Oct 2019 02:50 AM PDT Hi Guys, noob here. At work I've stumbled into this task where I needed to update our virtual WLC from 8.1.133 to 8.10.2.2. However in addition to new APs (9120) there are still APs (2702) in use that are not supported by the new WLC. I've been told to just upload the bundle containing the old firmware to the WLC and I should be good. At the moment I am struggeling with that task. I've been provided an ap3g2 bundle as an tar archive. Could someone kindly point me to where to upload this to the WLC. download > code is not working since this is not accepting the file type. All I find are guides on how to update WLC SW with an provided AES file. Am I missing something obvious here? Thanks for your help! [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment