Rant Wednesday! Networking |
- Rant Wednesday!
- Admin/Engineer Responsibilities - Feedback
- Netflow tool that creates a traffic baseline and reports / alerts based on variance
- Network Automation task that you do daily or weekly
- Slow file transfer over OpenVPN
- Switch with higher priority becoming root bridge
- Strange VPN setup
- IPSEC Head-end selection for cradle-point fleet?
- Do people actually read RFCs, and if yes, which ones should I read?
- Cisco WLC to Aruba ClearPass guest network.
- Site to site VPN for home user
- WISP - FCC477 first time filing help please
- MAC: USB-C to RS-232 DB9 Serial Adapter
- Need to replace Huawei CE6810-32T16S4Q-LI - suggestions?
- Recommendations - Cisco Wireless Issue
- Add Static Route Through Two VPNs
- Arista 7020 don't advertise loopback via ospf
- I'm going to let me Cisco Certs Expire
- Parsing output from parse genie - ansible
- Tasked with the demo of large amounts of fiber. Unsure of safety.
- Is there any reason to have a VLAN untagged on port that is tagged with other VLANs
- Network scripting
- Reset Cisco ASIC drop counters?
- Please help me understand how to connect an edge switch with a new subnet to our central L2/L3 switch.
- Tools for network diagnostics
- Cisco smartnet contract date vs. End of support date.
| Posted: 04 Feb 2020 04:04 PM PST It's Wednesday! Time to get that crap that's been bugging you off your chest! In the interests of spicing things up a bit around here, we're going to try out a Rant Wednesday thread for you all to vent your frustrations. Feel free to vent about vendors, co-workers, price of scotch or anything else network related. There is no guiding question to help stir up some rage-feels, feel free to fire at will, ranting about anything and everything that's been pissing you off or getting on your nerves! [link] [comments]  |
| Admin/Engineer Responsibilities - Feedback Posted: 04 Feb 2020 11:47 AM PST Do any of you work in an environment where duties are split between route/switch networking and VOIP in the Network Engineer role? We are a Cisco shop on both fronts, and I am just curious how realistic this "hybrid" type of role is. Any feedback you can give me on your experience with this would be great. [link] [comments]  |
| Netflow tool that creates a traffic baseline and reports / alerts based on variance Posted: 04 Feb 2020 09:19 AM PST Hello all As per the title, does anyone know of a Netflow collections/reporting tool that will baseline traffic profiles per interface and be able to report/alert based on potential significant variance [link] [comments]  |
| Network Automation task that you do daily or weekly Posted: 04 Feb 2020 10:34 AM PST Hi all Network and System engineers out there! I'm just getting started with Python and network automation (Telnetlib, Netmiko, Paramiko). Can you guys share some tasks that you might and want to do with network automation? I've been doing some backup configuration, get all interfaces status, get all neighbors, check for neighbor status, BGP status,... Most of them is base on text processing (I pull the entire output and process it) It would be nice if i have some real world task to do (I'm currently doing an internship, they told me that would be nice to have scripting and coding skill) Many thanks [link] [comments]  |
| Slow file transfer over OpenVPN Posted: 04 Feb 2020 06:35 AM PST Hi all! Scenario: We have 2 site-to-site VPN connection between HQ and the DC. 1 VPN connection for the new environment and 1 connection for the old one. This setup is made for migrating the infrastructure from old LAN behind old firewall (Fortigate) to new LAN behind new firewall cluster (OPNsense). The new VPN connection is setup with OpenVPN and the other old one is setup with IPSec (IKEv2). Problem: File transfer (SMB) over the IPSec connection is always 4 times faster than over the OpenVPN connection. Question: Is it known that SMB is by definition slower about an OpenVPN than an IPSec? Is there a best practice regarding encryption configuration for the OpenVPN connection? Is this different per CPU type / model? [link] [comments]  |
| Switch with higher priority becoming root bridge Posted: 04 Feb 2020 02:58 PM PST My core switch has a lower priority than my edge switches but the core switch is very rarely elected to be the root, actually almost never. Why would this by happening? Core switch is a Dell S4148F-ON. Edge switches are a combination of Dell N1548P's and N3048's. Core switch shows the following under
Core switch shows the following under Something just seems off about this. Any thoughts? [link] [comments]  |
| Posted: 04 Feb 2020 11:55 AM PST We have multiple locations around the globe that connect to our main HQ for vpn connection. We have some servers that were at HQ move to a data center offsite. We have a site-to-site setup with them. These servers that moved to the data center used to use our japan vpn to talk with some servers over in our japan location. Now usually we would do a simple site to site from japan to the data center or do a DMVPN interconnecting the two locations however.. we dont have access to the data center configs and Japan is very difficult to work with and to approve and test changes. They have requested their side stays the same with out any changes. The way I thought to do this was to use nat translation to convert the ip that is in the data center when it comes in to our HQ as the old ip that was onsite. Would this be possible without doing any changes to the other routers at japan and data center? [link] [comments]  |
| IPSEC Head-end selection for cradle-point fleet? Posted: 04 Feb 2020 08:48 AM PST Hello Folks- I am administering a rapidly growing fleet of cradlepoints, and given that we can no longer rely on static IPv4 addresses to host services behind each cradlepoint, we want to make a VPN headend so our cradlepoints can use standard dynamic cell connections, and still host services behind them in the field. I need to use IP-SEC tunnels, given that is the common-denominator supported tunnel among my cradlepoint fleet. The general use case is that the VPN headend will be able to handle public/external facing traffic, and port forward service requests to the various cradlepoints as needed. The service itself is more IOT traffic, so bandwidth usage is not a concern. 50 megabits of throughput would be plenty. The clients use about 10kbs It seems most people are recommending a Cisco router or ASA. Given the external facing nature of the device, I would feel that an ASA is the better bet of those 2 options, but I was curious if there were other options I should check out. I did look at Cradlepoint's autoVPN, but it didn't scale to the client numbers I needed, so that is not an option. [link] [comments]  |
| Do people actually read RFCs, and if yes, which ones should I read? Posted: 04 Feb 2020 10:09 AM PST JNCIS Certified, that's all I got so far but I want to gain a more fundamental understanding of this stuff, I keep hearing RFCs being flung about but I never saw this as something people actually read? Recommendations? [link] [comments]  |
| Cisco WLC to Aruba ClearPass guest network. Posted: 04 Feb 2020 04:20 PM PST Hey Networking Pros, Are any of you running a guest network on a Cisco WLC offloaded to an Aruba Clearpass web server? I am talking about where the splash page is hosted by the Clearpass server, instead of it done locally on the WLC. I have come across some unofficial documentation that states that this is usually done by means of simply configuring the WLC for External Webauth, as opposed to a Central Webauth as done with Cisco ISE. Do you guys use in your own deployments Mac filtering with AAA override and CoA like when authenticating to an ISE server, or are you just doing it as external auth to the Clearpass web server? Does the Clearpass server even support CoA? Any help is appreciated. -Thanks [link] [comments]  |
| Site to site VPN for home user Posted: 04 Feb 2020 10:31 AM PST Hi all, I've got a home user I need to set up a site to site VPN so they'll have secure connectivity and VoIP back to our office. I have an ASA at the HQ that I've configured a dynamic VPN policy for already. I've never done this in practice, but in theory I'm thinking I can connect the ASA to the users network and let it pull a DHCP address for it's "outside" interface and create a VPN tunnel back to my HQ. As long as I configure an Inside IP scheme that doesn't overlap with existing VPNs then NAT-T should allow the VPN to establish correctly. Is my thought process correct on this? [link] [comments]  |
| WISP - FCC477 first time filing help please Posted: 04 Feb 2020 09:15 AM PST Hi, I've been running a WISP with a friend for a while and we just realized we need to file the FCC477 form for broadband deployment and subscriber data. What happens if I file now? Is the FCC able to go back audit our past and understand how long I've been doing this and fine us? I just don't want to incur in fees that will make me shut down the operations. I guess if I file now it's like we started now. We just want to straight up our position and keep giving people good Internet without chocking in fees. Thanks! [link] [comments]  |
| MAC: USB-C to RS-232 DB9 Serial Adapter Posted: 04 Feb 2020 11:11 AM PST Anyone have issues getting a usb-c to serial adapter to work on the newer mac laptop running 10.14.6? I'm a USB-C to RS-232 DB9 Serial Adapter and I installed the drivers on http://cablematters.com/download Despite, installing the driver (a few times) I am not able to see the adapter on my terminal as /dev/cu.usbserial. (Is this still the right path? It was on 10.13) Ironically, I do see it on the laptop's hardware system information under the USB section. Any thoughts? Thanks in advance. [link] [comments]  |
| Need to replace Huawei CE6810-32T16S4Q-LI - suggestions? Posted: 04 Feb 2020 10:53 AM PST Looking to replace a Huawei CE6810-32T16S4Q-LI (1U of 32x 10Gb copper, 16x SFP+, 4x QSFP28). Thinking I am going to need 2x switches since I didn't see anyone doing anything nifty like that with all those ports in a 1U package. Appreciate any thoughts. [link] [comments]  |
| Recommendations - Cisco Wireless Issue Posted: 04 Feb 2020 09:24 AM PST Hello Friends, I currently have an issue where one of the locations I work with is having issues using the Guest Wifi. There are 10 Cisco WAPS at this location and they go to our Datacenter WLC. Guest network uses it's own ISP which is about 15mb up and down, while the main business wifi goes through MPLS to our internet circuit in the datacenter as well. Right now the business Wifi has no issues, but the Guest Wifi is causing a lot of issues for users on site. The users are able to connect to the SSID, but it seems that they are not able to surf the internet using the Wifi, but instead need to user Cellar data. We have an IT Tech onsite who will take a users phone, select "Forget this Network" and then reconnect them to the Guest wifi and they are able to work on the Guest SSID for a few hours, maybe an entire day and then this process has to be repeated. Right now it appears to only effect IPhones. Any suggestions on this? I'm already starting to think this is an issue with the local ISP. [link] [comments]  |
| Add Static Route Through Two VPNs Posted: 04 Feb 2020 11:43 AM PST I am trying to give a remote user access to a web application. The application is hosted on a third party's internal network. They have allowed our internal network to create a VPN to their internal network. My organization uses a Sonic Wall router. I have configured a client application that creates a VPN between the remote user and OUR internal network. This works well and the remote user is issued an internal IP. I am trying to add a static route that sends any requests for the third party's internal addresses through the remote router, but it keeps routing through the remote user's SIM card connection. All systems involved are Windows based and I've been using tracert and add route commands in powershell. [link] [comments]  |
| Arista 7020 don't advertise loopback via ospf Posted: 04 Feb 2020 09:18 AM PST Hi, I have an Arista A uplinked (p2p) to another Arista B. I configured ospf and neighborship went Full. I use the loopback ip as router ID and I advertise it with network x.x.x.x/32 area 0.0.0.0 but Arista B doesn't receive the prefix. Arista A receive correctly all prefixes (also lo0) from Arista B. Any tips? Configuration is OK. Thanks [link] [comments]  |
| I'm going to let me Cisco Certs Expire Posted: 04 Feb 2020 04:25 PM PST So I find myself in a predicament, any of the CCNP exams are ~$350 each where I am and I am finding it very hard to be bothered studying for it. The Exam changes in a few weeks and my cert expires in a month. I'm 10years now in the industry and I'm thinking it will be good thing as I will stop focusing on Cisco and probably get a Juniper Cert (considering 80% of my day is on juniper). Just wondering if anyone has been in my shoes and either regretted letting their cert expire or used it as an opportunity to break free from Cisco and branch into other vendors / technologies. [link] [comments]  |
| Parsing output from parse genie - ansible Posted: 04 Feb 2020 07:29 AM PST Hi all, I'm looking for some assistance parsing some output I'm getting from the parse genie module for Cisco. Please see my playbook below.
My output looks like this
I'm looking to just grab interface names such as "GigabitEthernet1/0/1" in my output so I can loop them into another task to make changes to those ports. Any thoughts on how to properly do that? [link] [comments]  |
| Tasked with the demo of large amounts of fiber. Unsure of safety. Posted: 04 Feb 2020 04:05 PM PST I'm working in a data center, and have been tasked with demoing large amounts of fiber (over 100 trunks of OM3/OM4 that are hundreds of feet long). This would be something they would hire a vendor for in the past, but it is now falling on us in house. Cutting the fiber trunks into managable pieces for disposal seems like the way to go, but I'm worried about airborne glass, plus the fact that some of the fiber is wrapped in metal conduit. Anyone have experience or safety tips doing a project like this? It's completely out of my field of expertise, so I have no idea where to begin. [link] [comments]  |
| Is there any reason to have a VLAN untagged on port that is tagged with other VLANs Posted: 04 Feb 2020 03:50 PM PST Working with HPE switches. I'm a bit confused on the using "untagged" on port used for interconnecting to another switch. I need to tag/allow all vlans on a port, why would I leave a VLAN untagged? My switch to switch connections should have all vlans tagged.. why does it allow me to have a untagged VLAN? Thanks [link] [comments]  |
| Posted: 04 Feb 2020 03:44 PM PST So I was thinking about experimenting with netmiko, but netmiko does not support telnet? Don't worry we only use telnet on airgapped networks and only if we have to. But is there a netmiko alternative that supports telnet? Hopefully one with lots of examples. [link] [comments]  |
| Reset Cisco ASIC drop counters? Posted: 04 Feb 2020 06:20 AM PST Does anybody know if you can reset the counters for this command? show platform port-asic stats drop Using it on a cisco WS-C2960X-48FPS-L. It seems that the switch keeps the drop counter even if you use: clear counters I would like to reset the ASIC drop counters on the switch, is it even possible? [link] [comments]  |
| Posted: 04 Feb 2020 02:15 PM PST I work at a small school with a flat network. Everything is on 192.168.15.0/24. We don't have VLANs or other Subnets. I've been asked to add to the network, and I don't have enough addresses left. Here's what I've tried (it doesn't quite work). I configured a new switch (TPLink T1600G-28PS) with a mgmt interface of 192.168.17.253, and a DHCP server to hand out addresses in the 192.168.17.0/24 range. As a standalone, it works fine. I can connect a computer to any port and get an address in the 192.168.17.0/24 range. I connected it to our central switch, a FS-S5800-8T12S, over a fiber connection. On the FS, I assigned an IP address of 192.168.17.254 to the port. From the FS, I can ping the TPLink switch, and any client attached to it. From the TPLink, I can ping the FS port of 192.168.17.254. However, the computers attached to the TPLink can't get to anything beyond there, like the rest of the network or the servers or the Internet. I tried adding a static route on the switch: ip route 192.168.17.0/24 192.168.17.254 That didn't make any difference. Can I even do this? It seems like I'm close, but I've obviously missed something. I suspect I've been treating the central switch like a switch, and with the new addition I'm trying to use it like a router. Do I need to do a major reconfiguration of the central switch to make this work? Or can I easily add an extra subnet like I hope? Thank you! [link] [comments]  |
| Posted: 04 Feb 2020 01:11 PM PST Hi, Berkely has shut down the Netalyzr service. I used it to help diagnose internet connection issues for myself or users when i had a tech support job, along with asking for the network info file and tracert. All of those together gave me the best insight into what might be wrong with the users network, but I mostly relied on the Netalyzr. Is there any good alternative to it that tests and shows as much information? What do you guys use? [link] [comments]  |
| Cisco smartnet contract date vs. End of support date. Posted: 04 Feb 2020 12:51 PM PST In 2018 the company I now work for bought a smartnet contract for our CUCM for three years. The server that the application runs on has an end of life date of December 2021 but the SKU of the smartnet policy I bought was for a Business Edition 6000 and that has a November 2020 date for end of support. I'm really confused because my contract supposedly runs until January 2022. Has anyone been in this situation? Will Cisco respect my contract until January 2022 or will I be screwed and have no support after November of this year? Thanks guys! [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment