Do you enjoy your career in networking? Networking |
- Do you enjoy your career in networking?
- DSCP
- Viasat is blocking and spoofing responses for TCP Keepalive packets
- Juniper JunOS training
- Do Meraki switches support BiDi SFPs?
- TCP connection closing after ~22 minutes
- Cost per user for the network
- SSH to one public IP with multiple ports for access to multiple devices for configuration
- LISP ROUTING
- Question about calculating Network Bandwidth Utilization (Explained Inside).
- Comcast / Linode routing issue
- Network Automation - Cisco ISE API Calls (Download policy)
- Problems with PHPipam...HELP!
- Packet Captures for displaying TCP Congestion Control
- Tier 2 vs Spine-leaf broadcast BUM handling
- BIDI Optic - Odd behavior
- Addressing on Tunnel Interfaces
- Dot1x Issues with Lenovo Thinkpad Dock station
| Do you enjoy your career in networking? Posted: 29 Apr 2020 10:50 AM PDT Do you find it fulfilling? Are you passionate about what you do? Do you feel a career in networking affects your mental health? How does a career in networking affect your personal/off-call time? If you could turn back time, would you do something else? [link] [comments]  |
| Posted: 29 Apr 2020 12:42 PM PDT Hi Networking Gurus, I'm trying to wrap my head around some DSCP implementation, and need some advice. I need to map 4G Mission-Critical QCI QoS to L3 DSCP. Currently I'm mapping as follows: QCI=70, DSCP=20 (MC data) QCI=69, DSCP=44 (MC signalling) QCI=65, DSCP=42 (MC voice) But all online documentation recommeds to map QCI=69 to DSCP=41. Is DSCP 41 > DSCP 44? And if so, does anyone care to explain why? Edit: I need signaling to have highest priority, then voice traffic followed by data last. Would my implementation ensure that signaling (dscp44) has higher priority than voice (dscp42)? [link] [comments]  |
| Viasat is blocking and spoofing responses for TCP Keepalive packets Posted: 28 Apr 2020 10:56 PM PDT I've been running packet traces to some of my servers with Wireshark from the Viasat network while generating TCP keep alive packets using https://github.com/davepacheco/tcpkatest and it appears the Viasat router is blocking and spoofing responses to all of these packets, this is causing major TCP connection drop/reliability issues with many of my applications. I've confirmed that the TCP keep alive messages are not making it to my server by running packet captures on the server at the same time as I generate them from my laptop, I've also verified that my test server is capable of receiving TCP keep alive packets by sending them from a virtual private server on a completely different network. In addition the router appears to be spoofing responses to the keep alive messages with the responses coming back faster than the minimum Viasat latency would normally allow for so I'm fairly sure it's the router itself blocking/spoofing these packets. Has anyone else seen anything like this before? [link] [comments]  |
| Posted: 29 Apr 2020 11:43 AM PDT I am mostly familiar with Cisco devices, I have my CCNA and am pretty familiar with networking through that level. My workplace will be switching a lot of stuff out for Juniper and I'm looking for some interactive online training to help get me and my coworkers somewhat spun up on juniper. Any suggestions? Paid or free, curious what you guys have used and liked. [link] [comments]  |
| Do Meraki switches support BiDi SFPs? Posted: 29 Apr 2020 01:58 PM PDT Meraki isn't very discerning when it comes to SFPs, but they don't sell any BiDI SFPs. It doesn't mean it won't work, but it's an unknown. https://www.fs.com/products/11802.html At that price I am planning to just buy a handful and test them, but you could save me some time. Has anyone ever run one and had it actually work? Just in the planning stage here and we have a chunk of single-strand single-mode fiber and it would help the project if we could use it. [link] [comments]  |
| TCP connection closing after ~22 minutes Posted: 29 Apr 2020 04:03 PM PDT This is a bit strange situation. I'm designing a streaming audio player; my own PCB, firmware, from scratch. It connects to Internet radio stations that stream the Shoutcast protocol, which is basically open a TCP connection, send a HTTP type request, get an endless audio stream. Don't suggest off the shelf products, I like doing this type of thing! Anyway, at least some Internet streaming stations play just fine until about 22 minutes in where the other end suddenly closes the connection: a nice, graceful end with a FIN flag. This is very repeatable, and very frustrating. Snooping with Wireshark shows there's some retransmissions, but well under 2%. Here's the kicker: Winamp is doing the same thing, and runs for hours. A previous version of this player I built also will play the exact same stations for hours, and for the most part running the same firmware. Here's the question I have for /r/networking: is there some common rule in place for streaming hosts that like to close connections after around 22 minutes, and for what reason? [link] [comments]  |
| Posted: 29 Apr 2020 07:00 AM PDT Hi all, Bit of an odd one, but an external company has taken over part of our business. The staff will move over but they will remain on our sites, eventually using their own laptops etc. As the network and security dogsbody, I've been asked to come up with a cost per head for their usage of the network/firewalls/Wi-Fi etc to charge back to them. Has anyone else ever had to do this and how did you go about it? [link] [comments]  |
| SSH to one public IP with multiple ports for access to multiple devices for configuration Posted: 29 Apr 2020 10:20 AM PDT Hey guys, I have a high level understanding of SSH/Telnet, NAT/PAT, etc. however I have always worked on the presale aspect of the business and never configured this for production. Now, the company I work for, we support service providers. We manage the deployment and configuration services for different kind of IT equipment. In this case, we provide customers access to multiple public IPs so that they can remotely log in to multiple firewalls for configuration before shipping them to the end user location. My question is, for example, instead of using 10 public IPs to configure 10 firewalls, can we use one public IP (for example 10.0.10.10) with multiple ports? Ex: 10.0.10.10 port 12345 10.0.10.10 port 23456 10.0.10.10 port 34567 ... and so on Sorry if this is a dumb question and I know how PAT works but I guess I'm just confused and need validation from hopefully someone out there that has done this in the past. Also, again maybe another dumb question, but from the client en wouldn't they only need to specify the IP and port number to connect? Thanks and looking forward to getting burned here (hopefully not) [link] [comments]  |
| Posted: 29 Apr 2020 02:00 PM PDT I was reading the new Cisco ccnp/ccie 350-401 official cert guide and came across lisp. The section on it was short and had no config examples. My take away from it was that it is dns like routing in that routers asks and receive routes on demand instead of storing like ospf.
[link] [comments]  |
| Question about calculating Network Bandwidth Utilization (Explained Inside). Posted: 29 Apr 2020 05:11 PM PDT I'm working on a word problem for some python homework, and I've been tasked with writing a script that is responsible for calculating the Network Bandwidth Utilization for every line in a csv file. At a high level, i'm curious to know if there is a universal calculation that is used to derive this value. Now, to dive more specific into the data set I'm using to calculate the values from. There are two CSV files at hand, one is named 'bandwidth.csv' and the other is 'netbitrate.csv'. I've taken a screenshot of the files here: https://imgur.com/a/f6nvmot (they are very small files for the sake of this exercise, 6 & 20 lines each, respectively). Additionally, I'll include the files below: So now that you see the data I'm working with across these two files, my question is how should i go about crafting the calculation that would give me the Network Bandwidth Utilization for each line of the 'netbitrate.csv' file. If you have any questions or would like me to clear anything up for you, please let me know! cheers. [link] [comments]  |
| Comcast / Linode routing issue Posted: 29 Apr 2020 01:21 PM PDT From mid-day today Comcast in Atlanta isn't able to reach Linode in Atlanta. Linode is aware of and working on the problem, and it's not critical for me so that's fine, but I'm just kind of curious how this happens - and it's lasting long enough to look at. Traceroute from the Comcast side dies after 7 hops in 56 Marietta: I found the Comcast route-server and looked for the route to Linode: From the login message on the route server, cities are: So if I'm interpreting this right, my route to Linode should be via 6453 (tata) in NY: I can still access the Linode as long as it's not from Comcast, so via a few bounces I was able to run an mtr backwards and it dies in cogent: At the end of the day I'm SMB so I get to suck a lemon until somebody fixes it, but I'm really curious. [link] [comments]  |
| Network Automation - Cisco ISE API Calls (Download policy) Posted: 29 Apr 2020 05:07 PM PDT Good afternoon all, I am working on an ISE project and I would love to be able to download the policies from one ISE installation, modify them and recycle. Has anyone done this before? What kind of cool API calls, useful stuff have you dont with API calls and ISE? [link] [comments]  |
| Posted: 29 Apr 2020 08:15 AM PDT My company is giving PHPipam a shot and there are a couple things I'm having problems with that I can't find answers to and was hoping you kind people who have been using the software for a while can help with. First off when I scan a subnet I get no hostnames. I've added one of our DNS servers under nameservers, but still no luck. The other issue is I can't scan a /16 network, its ends up locking up the server and timing out. Are we really limited to /20s and less? Thanks for the help! [link] [comments]  |
| Packet Captures for displaying TCP Congestion Control Posted: 29 Apr 2020 04:05 AM PDT Hi all, I'm very here and I need a very urgent help from y'all. I hope you'll able to help me out. I have to give a presentation tomorrow on Congestion Control and Avoidance tomorrow. So initially, I did think it's a straightforward thing where I just give a very brief overview. But I've just been informed that this is a 3 hour sessions and I should show packet captures and what not. Now I must be frank here, I don't work with Networking related aspects at all, and I only know the very very basics. All I know about TCP is the 3 way handshake and I did read up the very basics of congestion control and avoidance over the weekend. If any of you could tell me where I can get the required packet captures from and where I'd be able to learn much more in detail about Congestion Control, I'd be eternally indebted. Looking forward to hearing from y'all [link] [comments]  |
| Tier 2 vs Spine-leaf broadcast BUM handling Posted: 29 Apr 2020 06:25 AM PDT 3 years ago we build small datacenter with vPC using cisco nexus, HRRP all sort of things but later we just started adding more and more racks and now i have 45 racks and and around 100 switches including 2xTOR and core etc.. now it's giant L2 network (yes we are using vPC so every link is active-active) but question is do i need to worry to add more 10 racks in existing network? STP is dangerous for large network but does it act differently with we use with vPC (reduce BPDU etc?), same way i am also worried about BUM traffic in L2 network. Now it's too late to convert Tier 2 design to Spine-Leaf :( we know spine-leaf eliminate STP at leaf level but now question does it going to help with BUM traffic using evpn? (if yes then how much it help with BUM) Soon we are going to open datacenter in one more co-location and i want to make sure i understand everything before we say let do Tier 2 vs Clos design. what do you think? [link] [comments]  |
| Posted: 29 Apr 2020 02:54 PM PDT We have a site where we have a single dark fiber from the local power company, to the local 365 Datacenter a few blocks away. We have a cross connect to a provider where we pick up 10gbps of internet. We have a 40km BIDI and they have a 20km BIDI, they were supposed to get a 40km too when we turned this up back in November, but ordered the wrong thing apparently. Things started off fine, here were the signal stats from back then. My end - TX 4.2dBm, RX -6.6dBm Their End - TX -2.84, RX -1.17 I was checking things back in January and noticed my RX had gotten worse. I had them check their side as well, but it was unchanged My end - TX 4.2, RX -12.3 Their end - TX -2.85, RX -1.64 It was still below any warning levels, and i meant to keep a better eye on it, but i checked it today, and its down further. My end - TX 4.2, RX -16.1439 Their End - TX -2.84, RX -2.49 There have been no plant changes that we know of (we would have seen an outage as a result or been notified, neither happened). Since we are BIDI, if it were any type of fiber or physical issue, wouldnt we except to see their RX values be much worse as well? Looks like it has dropped slightly, 1db, but mine has dropped almost 10db. I had someone on site today and we swapped to a spare optic on a separate switch, and my results were exactly the same. They have a spare optic on site, so ive asked for them to work with the DC to try swapping over to it. Has anyone seen this behavior before? Could the transmit laser on their side be slowly going bad, even without the reported TX value being reported on their equipment changing? [link] [comments]  |
| Addressing on Tunnel Interfaces Posted: 29 Apr 2020 01:37 AM PDT When using tunnel interfaces for IPSEC to enable dynamic routing, what's the right way to address them? I took a /24 from the larger subnet used at this company and broke it up into /30s for addresses on each tunnel. That's all working fine and routing is working properly. This has led to each of those /30s showing up in the routing table across all routers. I'm not sure whether that's a problem and a sign that I'm doing something wrong or if it's normal and I'm just not used to seeing it. Devices are sonicwall. I'm using tunnel interfaces and ospf so that I can control link costs and because many sites have multiple ISPs, Ethernet point to point links, etc. [link] [comments]  |
| Dot1x Issues with Lenovo Thinkpad Dock station Posted: 29 Apr 2020 02:01 AM PDT Hi! We recently tried to deploy wired dot1x in one of our environments (machine authentication), but some of the clients would not authenticate properly. It seems that the users that have a Lenovo Thinkpad 40A1 Dock Station would not "present" their certificate properly (or authentication server simply states that there is an unknown CA in the Certificate Chain), but when the client was directly connected to the switch it would authenticate without any issues (bypassing the dock station). We also got it to work by removing the configuration from the client NIC (and keeping the configuration on the dock station NIC) which complicates things since not all clients are using this type of Dock station and it would be near to impossible to keep apart in the GPO Dot1x settings. It would also cause the client to not authenticate properly if/when roaming to conferance rooms (utilizing other dot1x enabled switchports). Authentication Server: Cisco ISE Switches are 2960X(TS&PS) Do you have any ideas on how we could proceed/investigate this further? Anyone with similar issues? [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment