Blogpost Friday! Networking |
- Blogpost Friday!
- how to reboot network devices with Ansible
- New UniFi "datacentre" switches
- Avaya Data VLAN DHCP Issue
- Today, I managed to keep an SSH session alive between restarts
- Quick Question - iBGP peering on Border Routers
- CNAM or equivalent in the UK
- Cisco Catalyst 9120 Series Access Points Licensing
- Swapping Airflow Fans on S4820-T
- Thanks /r/networking: 1 year ago I asked you for feedback/your opinion on FTD/Firepower
- TATA communication in CHI has 20% packet loss, how to open a ticket?
- Looking for advise for how to tackle this problem
- Is there a CLI command to determine GRE over IPsec?
- Why does enterprise Wifi use GRE tunnels between AP and controller?
- Deploying Unifi AC APs to Cisco PoE Switch?
- T1 Circuit Bouncing
- Can console port on a router also work as management port. Any advantage of management port?
- What's the issue with using a Linux/Unix box (PC hardware) with extra PCIe Ethernet ports instead of a Cisco or Juniper router?
- Setting Static IP on VLAN on Cisco SG200 boots me out of the web interface
- PAC File influence application like Outlook Office 365?
- Can a Buffalo BS-MP2008 translate between Jumbo Frames / MTU9000 and standard frames / MTU1500?
- Virtualized LNS recommendations
| Posted: 02 Jan 2020 04:04 PM PST It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts Feel free to submit your blog post and as well a nice description to this thread. [link] [comments]  |
| how to reboot network devices with Ansible Posted: 02 Jan 2020 07:38 AM PST With Ansible Engine 2.9 there is now improved handling for wait_for_connection with network devices. This means that network devices can lose connectivity (for something like a reboot) and the Ansible Playbook can continue working as expected. You can perform some tasks, perform a reboot, the continue operating the Ansible Playbook programatically. This requires two important steps that may be new for Ansible novices! (One), you need to deal with prompts, which are super common with network devices during a reboot, and (two), dealing with the connection going down programmatically. For (One) you can use the cli_command module which deals with prompts, here is an example for a Cisco IOS routers-> For (Two) you need to use the meta: reset_connection like this-> With the combination of (One) and (Two) you can now use the wait_for_connection with network devices. You can do something like this hopefully this will help some folks that need a programmatic way to reboot routers! I have written a small blog post here, but I didn't want to break rule #3 for reddit so I rewrote some portions to help folks that prefer only using reddit! [link] [comments]  |
| New UniFi "datacentre" switches Posted: 02 Jan 2020 12:12 AM PST |
| Posted: 02 Jan 2020 11:30 AM PST Hello All, Recently, we moved our Phone DHCP server to Server 2016. In doing so, it appears the Data DHCP server is not handing out proper information. I have the Data DHCP server setup with options, VLAN 14 is our Phone VLAN: 176 L2Q=1,L2QVLAN=14 242 L2Q=1,L2QVLAN=14 However, when clearing phone values, the phone does not grab the VLAN14 from this configuration. All of my other phones are working properly, but only if the values are not cleared on the phone. This issue happens on any phone that i clear values back to default. I have switch(es) Tagged for VLAN14 and untagged for data network. Any other thoughts here? [link] [comments]  |
| Today, I managed to keep an SSH session alive between restarts Posted: 02 Jan 2020 01:36 PM PST I run Debian 9 on VirtualBox on a Windows 10 host. I happen to live in an area with seasonally chronic network shenanigans, so every now and then, I have to Avada Kedavra (tilde-dot) my broken SSH sessions, but I witnessed this weird one today. I hibernated the host, turned off my phone's hotspot and went for a walk. I dehibernated to Windows' lockscreen 2 hours (give or take) later, but I still wasn't hyped about refactoring, so I left it at the lockscreen. After some 45-ish minutes of funny YouTube, I ditched the bed for my workspace again. This time, I pushed past the lockscreen, manually reconnected Windows to my phone's hotspot and made for the VM, where I met a seemingly dead SSH session. I typed in a command and hit return with a shrug, but it actually spat out appropriate results. After about 3 internal WTFs, I ran more commands, just to make absolute sure I was on the remote machine. I'm still on the the immortal session, with all but one question for y'all who actually know their RJ45s... How? [link] [comments]  |
| Quick Question - iBGP peering on Border Routers Posted: 02 Jan 2020 06:33 AM PST I do not see a problem with this, but I want to bounce this off a few of my peers. There is obviously a need for iBGP when you have two or more border routers to ensure the best path to any network on the internet. I've seen the P2P iBGP link be private IPs and public IPs. Can you use either? Or is it only BP to use public IPs to peer your border routers with iBGP? [link] [comments]  |
| Posted: 02 Jan 2020 05:59 AM PST I'm trying to set up caller name for a company in the UK such that when someone receives a call from us, they see our company name with/instead of our telephone number. I know that this is possible in the US using the CNAM system, but I'm struggling to find out if this is possible in the UK. Anyone had any luck with this? Thanks. [link] [comments]  |
| Cisco Catalyst 9120 Series Access Points Licensing Posted: 02 Jan 2020 08:36 AM PST Hello, We recently bought some Cisco Catalyst 9120 Series Access Points and were obligated by the third party vendor to purchase these licenses with them (per AP): AIR-DNA D-CISCODNAS-SEE-T PI-LFAS-AP-T WLC-AP-T AIR-DNA-A-T AIR-DNA-NWSTACK-A AIR-DNA-A We do not use Cisco DNA nor Cisco Prime infrastructure. Is this normal? [link] [comments]  |
| Swapping Airflow Fans on S4820-T Posted: 02 Jan 2020 04:07 PM PST Hey guys, So I just realized that I bought two fan modules and a single power supply module to change the direction of airflow for my Dell switch. Currently everything is plugged in via reverse airflor, from PSU to ports. But the switch needs to pull from ports and push out PSU so normal airflow is needed. On these 4820's they have individual fan modules, unlike the older 4810s and s60s which have a PSU and fan modules in one module/component. So in my haste I ordered two fan modules and a replacement PSU for a PSU that had gone bad. Since the PSU had gone bad I figured I would also swap out the airflow fans to make it cool more effectivly. I realize now that by swapping two fan modules and one PSU that there will still be the orginial PSU that is reverse airflow, as oppossed to normal airflow. So I was reading the documentation on the switch or about the switch, and it says that both switch modules need to blow the same direction or the switch will shut down. So I'm thinking that the PSU airflow doesn't matter, but the fan airflow does. Does anyone have any experience with swapping out fans on the Dell 4820T? Can I leave the single reserver airflow PSU in, while swapping out the single PSU normal airflow, and the two switch modules normal airflow? [link] [comments]  |
| Thanks /r/networking: 1 year ago I asked you for feedback/your opinion on FTD/Firepower Posted: 02 Jan 2020 04:07 PM PST In October 2018 I created this post to gather some feedback on using Firepower/FTD in production. We did try it ourselves in production though so we could form our own opinion, overall it really was as bad as described in the texts you see on the internet. Usually you don't expect everything to be really good, sometimes the documentation is not really that well or maybe the interface is performing not fast enough so you use the CLI which you don't really mind... but for FTD it is really the overall experience where almost every single part was horrible from the beginning and you could not reasonable argue for such a product at all. From initial deployment, software upgrades, daily operation and troubleshooting... just everything. Negative aspects:
Positive aspects:
They had to compete against Palo Alto and it really was straight forward, I was very impressed how Palo does things, especially the central management which provides quite a few features you normally have to use a 3rd party tool like Algosec or Tufin. There was a lot of politics involved as we have been an all Cisco shop so far and a few people really did not like to move away from it, but the evidence was more than enough against them and stability was the key argument. In the end we migrated most of our productive clusters within 2019 and are very happy Palo Alto customers. But honestly I think almost every other major Firewall vendor would be better than what we saw with Firepower. Something I noticed when comparing them is that Cisco is still putting out fires and doesn't seem to have the time or ressources for appropriate development of the product (the still rush half-finished features into the field). We still bought a few Firepower hardware appliances and run ASA software on them if we don't have the need for NGFW features (e.g. dedicated ClientVPN Firewall) and even on those we face major issues with the delivered performance. In 5 years everything might be different but for now: stay away from Firepower/FTD if you can. Happy new year [link] [comments]  |
| TATA communication in CHI has 20% packet loss, how to open a ticket? Posted: 02 Jan 2020 03:53 PM PST they have 25% packet loss, we do not have service directly with them and we have confirmed with our ISP the loss is not on the hand off and it is inside the TATA network however they hardly exists does anyone know how to get ahold of someone? ping to 63.243.129.120 are dirty and 63.243.129.121 are clean (i'm guessing the same box) we vaey from 0% to 30% loss and it will run clean for 2-4 minutes then go bad again for 2 ish minutes [link] [comments]  |
| Looking for advise for how to tackle this problem Posted: 02 Jan 2020 12:06 PM PST Hello all, As you can see in the picture, i have drawn up a mock scenario of the current situation I'm in. We have separate networks at our site for admin and production. We currently placed a temp building down about a block away and have a point to point to this building using the production network. We now need to add a VoIP phone and desktop computer that connects to the "admin" network. My question is how should I accomplish this. I figure I VLAN off the Network A devices that are on Network P, set up routing and access list on FW, and setup IP helper THROUGH the firewall. Thoughts and suggestions? Here's a drawing of the Mock Network [link] [comments]  |
| Is there a CLI command to determine GRE over IPsec? Posted: 02 Jan 2020 11:56 AM PST I'm a student implementing a GRE over IPsec on GNS3 however not really sure if I implemented IPsec over GRE (if possible). Any hints/commands that can clarify that I really did what I was required off. And how do I know if it's site-to-site or point-to-point? Any suggestions are greatly appreciated. [link] [comments]  |
| Why does enterprise Wifi use GRE tunnels between AP and controller? Posted: 02 Jan 2020 02:03 AM PST I have previously used Unifi APs - in general, these tend to be pretty simple affairs - the AP grabs a IP address, clients connect to it, and they get internet connectivity. At most, you can use different VLANs for different SSIDs. However, I'm now using Aruba APs - and they seem to establish a GRE tunnel between the AP and a local Wifi controller. Also, they have a separate controller, through which all traffic passes, which is different ot Unifi. I'm looking into Ruckus and they seem to do the same - and from research, it seems many Enterprise Wifi vendors (Cisco) do the same, with GRE tunnels, as well as a dedicated controller. My question is - what are the main advantages of this approach, over the simpler Unifi/consumer-style approach? [link] [comments]  |
| Deploying Unifi AC APs to Cisco PoE Switch? Posted: 01 Jan 2020 07:17 PM PST Hello everyone, I'm planning on using the Unifi AC Pros for our wireless network implementation. A simple preface that this is my first time working with Ubiquiti. I currently have a Fortigate 100D that is acting as our layer 3 device. It is in charge of Inter-VLAN routing, internet access (SFP fiber), and access policies. I have grouped together about 7 ports into a hardware switch (LAN) and created/assigned 5 VLANs to this hardware switch on the Fortigate. The VLANs on the Fortigate also provide DHCP and DNS, here are the VLANs: VLAN 10 - Guest (192.168.10.0/24) I have a Cisco SG200 8-Port PoE switch which I plan on connecting the Unifi APs into. I hoped that I could use one of the ports on the switch as a trunk port to the Fortigate for the VLANs I want for wireless and then plug in the APs to the other ports. Is this implementation possible? And what would I need to do to configure the APs in this environment? Thank you. [link] [comments]  |
| Posted: 01 Jan 2020 08:02 PM PST Hello, One of my sites has bundled T1s. The circuit has been bouncing for the last day or so. I have a ticket open with the provider, but want to make sure it isnt anything on our end. I am a fairly new engineer and am not sure how to interpret some of this data. I see the interfaces flapping, but there are errors on the T1 controllers.. would this point to a provider issue at all? Or am I facing a hardware issue? I appreciate any input on this. Here is the output from the show controllers T1 command: T1 0/1/0 is up. Applique type is Channelized T1 Cablelength is long gain36 0db No alarms detected. alarm-trigger is not set Soaking time: 3, Clearance time: 10 AIS State:Clear LOS State:Clear LOF State:Clear Framing is ESF, FDL is ansi, Line Code is B8ZS, Clock Source is Line. Data in current interval (824 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs Total Data (last 24 hours) 0 Line Code Violations, 204 Path Code Violations, 0 Slip Secs, 7066 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins, 41 Errored Secs, 8 Bursty Err Secs, 33 Severely Err Secs, 7054 Unavail Secs T1 0/1/1 is up. Applique type is Channelized T1 Cablelength is long gain36 0db No alarms detected. alarm-trigger is not set Soaking time: 3, Clearance time: 10 AIS State:Clear LOS State:Clear LOF State:Clear Framing is ESF, FDL is ansi, Line Code is B8ZS, Clock Source is Line. Data in current interval (823 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs Total Data (last 24 hours) 0 Line Code Violations, 159 Path Code Violations, 1 Slip Secs, 7066 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins, 30 Errored Secs, 8 Bursty Err Secs, 22 Severely Err Secs, 7063 Unavail Secs T1 0/1/2 is up. Applique type is Channelized T1 Cablelength is long gain36 0db No alarms detected. alarm-trigger is not set Soaking time: 3, Clearance time: 10 AIS State:Clear LOS State:Clear LOF State:Clear Framing is ESF, FDL is ansi, Line Code is B8ZS, Clock Source is Line. Data in current interval (822 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs Total Data (last 24 hours) 0 Line Code Violations, 105 Path Code Violations, 2 Slip Secs, 7077 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins, 31 Errored Secs, 12 Bursty Err Secs, 18 Severely Err Secs, 7097 Unavail Secs Here is the output from show logs: *Jan 1 19:48:44.550: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink1, changed state to down *Jan 1 19:48:44.562: %BGP-5-NBR_RESET: Neighbor 10.10.4.50 reset (Interface flap) *Jan 1 19:48:44.565: %LINK-3-UPDOWN: Interface Multilink1, changed state to down *Jan 1 19:48:44.571: %BGP-5-ADJCHANGE: neighbor 10.10.4.50 Down Interface flap *Jan 1 19:48:44.571: %BGP_SESSION-5-ADJCHANGE: neighbor 10.10.4.50 IPv4 Unicast topology base removed from session Interface flap *Jan 1 20:06:27.957: %CONTROLLER-5-UPDOWN: Controller T1 0/1/0, changed state to up *Jan 1 20:06:27.962: %CONTROLLER-5-UPDOWN: Controller T1 0/1/1, changed state to up *Jan 1 20:06:28.954: %CONTROLLER-5-UPDOWN: Controller T1 0/1/2, changed state to up *Jan 1 20:06:29.958: %LINK-3-UPDOWN: Interface Serial0/1/0:0, changed state to up *Jan 1 20:06:29.962: %LINK-3-UPDOWN: Interface Serial0/1/1:0, changed state to up *Jan 1 20:06:30.956: %LINK-3-UPDOWN: Interface Serial0/1/2:0, changed state to up *Jan 1 20:06:38.357: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0:0, changed state to up *Jan 1 20:06:38.358: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/1:0, changed state to up *Jan 1 20:06:38.375: %LINK-3-UPDOWN: Interface Multilink1, changed state to up *Jan 1 20:06:38.377: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink1, changed state to up *Jan 1 20:06:39.028: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/2:0, changed state to up *Jan 1 20:06:42.670: %BGP-5-NBR_RESET: Neighbor 10.10.4.50 active reset (BGP Notification sent) *Jan 1 20:06:42.670: %BGP-5-ADJCHANGE: neighbor 10.10.4.50 Up *Jan 1 20:46:31.862: %CONTROLLER-5-UPDOWN: Controller T1 0/1/1, changed state to down *Jan 1 20:46:31.867: %CONTROLLER-5-UPDOWN: Controller T1 0/1/2, changed state to down *Jan 1 20:46:32.857: %CONTROLLER-5-UPDOWN: Controller T1 0/1/0, changed state to down *Jan 1 20:46:33.864: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/1:0, changed state to down *Jan 1 20:46:33.864: %LINK-3-UPDOWN: Interface Serial0/1/1:0, changed state to down *Jan 1 20:46:33.877: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/2:0, changed state to down *Jan 1 20:46:33.879: %LINK-3-UPDOWN: Interface Serial0/1/2:0, changed state to down *Jan 1 20:46:34.857: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0:0, changed state to down *Jan 1 20:46:34.857: %LINK-3-UPDOWN: Interface Serial0/1/0:0, changed state to down *Jan 1 20:46:34.861: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink1, changed state to down *Jan 1 20:46:34.869: %BGP-5-NBR_RESET: Neighbor 10.10.4.50 reset (Interface flap) *Jan 1 20:46:34.870: %LINK-3-UPDOWN: Interface Multilink1, changed state to down *Jan 1 20:46:34.876: %BGP-5-ADJCHANGE: neighbor 10.10.4.50 Down Interface flap *Jan 1 20:46:34.876: %BGP_SESSION-5-ADJCHANGE: neighbor 10.10.4.50 IPv4 Unicast topology base removed from session Interface flap *Jan 1 21:04:13.113: %CONTROLLER-5-UPDOWN: Controller T1 0/1/0, changed state to up *Jan 1 21:04:13.118: %CONTROLLER-5-UPDOWN: Controller T1 0/1/1, changed state to up *Jan 1 21:04:15.113: %LINK-3-UPDOWN: Interface Serial0/1/0:0, changed state to up *Jan 1 21:04:15.118: %LINK-3-UPDOWN: Interface Serial0/1/1:0, changed state to up *Jan 1 21:04:23.109: %CONTROLLER-5-UPDOWN: Controller T1 0/1/2, changed state to up *Jan 1 21:04:25.110: %LINK-3-UPDOWN: Interface Serial0/1/2:0, changed state to up *Jan 1 21:04:25.204: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0:0, changed state to up *Jan 1 21:04:25.205: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/1:0, changed state to up *Jan 1 21:04:25.226: %LINK-3-UPDOWN: Interface Multilink1, changed state to up *Jan 1 21:04:25.228: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink1, changed state to up *Jan 1 21:04:31.731: %BGP-5-ADJCHANGE: neighbor 10.10.4.50 Up *Jan 1 21:04:33.204: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/2:0, changed state to up [link] [comments]  |
| Can console port on a router also work as management port. Any advantage of management port? Posted: 02 Jan 2020 10:40 AM PST I am new into networking industry, and I've been told to provide management port access to configure a router (Cisco 2900). This is to be done by connecting the router to one of our access switches. I want to know if configuration can be done by providing console access via my laptop through putty. I dont know how to provide management port access. Does management port have any advantage over console port. [link] [comments]  |
| Posted: 02 Jan 2020 06:18 AM PST This has been a lot on my mind lately. Cisco IOS routers are basically just underpowered embedded computers, why not opt for a cheaper solution and just use a x86-64 PC/server instead? [link] [comments]  |
| Setting Static IP on VLAN on Cisco SG200 boots me out of the web interface Posted: 02 Jan 2020 07:09 AM PST Hello everyone, Quick question that has me stumped. This is a brand new Cisco SG200 switch I have, 8 ports. I've connected to the default 192.168.1.254 web-interface and created some VLANs, including a management VLAN. However, when I try to set a static IP to the VLAN, the web-interface immediately locks up and I'm no longer able to ping the default IP address or access the web-interface anymore . Does anyone know why this is the case? [link] [comments]  |
| PAC File influence application like Outlook Office 365? Posted: 02 Jan 2020 03:20 AM PST Hi All, We are using PAC file in our environment and Outlook O365 which the server name is configured using the address of https://mail.company.com/xxxx and I want to confirm the below. My question is regarding the forwarding of Outlook, Does it used the PAC file which includes the proxy server to connect to the cloud mail server https://mail.company.com/xxxx since it is bound to internet via https? If Yes, Is there any application or can we verify if pac file being used for outlook to reach the server? or this PAC file being used by the browser only and not by outlook application? Thank you [link] [comments]  |
| Can a Buffalo BS-MP2008 translate between Jumbo Frames / MTU9000 and standard frames / MTU1500? Posted: 02 Jan 2020 04:21 AM PST Hi, sorry I am not an export in networking, but have to operate a small office IT with mixed requirements. I have some Linux servers, a Synology NAS and different kind of clients (Macs, PCs, ... ) with different networking requirements. One (soon two) desktops are used for video editing. Hence, they would benefit utilizing jumbo frames between them and the NAS for sure. As I can configure our 10Gbit switch Buffalo BS-MP2008 on every port to use or not to use jumbo frames, I wonder if it is capable to translate between MTU9000 and MTU1500. To my understanding, this would have to be the case. But I am not sure. Thanks for your input! [link] [comments]  |
| Virtualized LNS recommendations Posted: 01 Jan 2020 09:55 PM PST I currently land my VPDN tunnels and PPP subscribers on old Cisco hardware, the function of which I'm looking to replace. I'm considering virtual options for portability and future proofing, and was after some recommendations borne of experience. Requirements are pretty basic; Terminate VPDN tunnels and land PPP subscribers either in the global table for internet subscribers or in a client VRF. I currently do this in Cisco land by returning various attributes based on the login username. I've looked at vMX and Mikrotik but haven't found many other options. On the surface they both look like they'll do what I want, possibly with some drama sorting out the VRF thing. Does anyone have experience with these products in this function, or alternative recommendations? [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment