Network Engineer – how to become an expert Networking |
- Network Engineer – how to become an expert
- Scan ISP network for cisco devices
- Disable MAC-Flapping notification on Cisco Switches
- OpenSource NMS for some older HP switches
- Does anyone have an explanation for intermittent high latency to Cloudflare and Google DNS servers, which then resolves itself at nearly 5 AM exactly?
- Network engineers in Insurance, what are you doing for IFRS17?
- Best large scale wifi solution?
- Packet Filtering Ruleset for Network
- Why would a NAS not get DHCP from a router or a 24 port switch but does on a 5 port dumb switch connected on the same network?
- VPLS Spanning-Tree Advice
- Branch Workshop - Firewall/Router and WAP
- Microwave router?
- How to workaround a software that only resolves the hostname once and then never again?
- Comcast Business Pricing 100Mbps with static ip and SLA
- Some confusion regarding mobility express APs
- Why doesn't simplex single mode fiber sometimes autonegotiate?
- Recommendation on a Fusion Splicer?
- IPS Recommendations
- Verbiage for AnyConnect Second Factor Prompt
- Continuity test on fiber optic cable
- Fiber Optic networking
- How pevalent is Equal Cost Multi Path (ECMP) BGP? Is it enabled by default?
- I'm needing some help proving that it's ATT's fault.
| Network Engineer – how to become an expert Posted: 30 Jul 2020 12:35 PM PDT Right now, I'd consider myself a Network Engineer with decent knowledge. I administrated multiple companies with around 20-30 switches (mostly Aruba), I'm familiar with stuff like VSF, Spanning Tree, VLANS, Ipsec and have experience with a couple of different firewall vendors. My question, however, is: How do I get to the next level? How can I become an expert, who is capable to design and implement large-scale networks? Are there any books or courses you could recommend? I know that only practice makes perfect, but obviously I don't have the equipment at home to build a large network lab. I've worked with Cisco's Packet Tracer in the past, but as I'm not really working with Cisco equipment, I'm not really happy with that. Do you know any other Lab tools to practice network skills, or maybe any sources for network exercises? I'd really appreciate your answers. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Scan ISP network for cisco devices Posted: 30 Jul 2020 08:11 AM PDT Hello, Hoping to get an advice here. So I work at ISP company and now we want to scan all our hosts and filter out cisco devices. at the moment i'm thinking just to ping all of our possible IP addresses and if its responding run snmp to check if it is cisco device. And if yes just put it somewhere. How would you try to achieve this task? Details asked in comments; 1. Those devices are using local users [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Disable MAC-Flapping notification on Cisco Switches Posted: 30 Jul 2020 01:28 PM PDT So I got two Accesspoints, each connected to its own switch (Cisco Catalyst). A client sits (physically) between the two access points, so it's sometimes connected to AP A, sometimes to AP B. In this case, I'm not interested in MAC Flapping notifications, because those do not indicate a networking issue in this case. Is there a possibility to suppress notifications only for a certain VLAN? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| OpenSource NMS for some older HP switches Posted: 30 Jul 2020 06:38 AM PDT Hey guys,Do you all have any recommendations for an Open Source NMS for mostly HP 5412-96G zls and Aruba 2620 48s? Have about 20 of them in a very segmented environment... trying to get some smarter alerting/monitoring. Unfortunately our budget is $0. Thanks! EDIT: for more specific info, would like to run it on a Windows Server if possible. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Posted: 30 Jul 2020 01:56 PM PDT I have had some problems with network latencies between two of my key sites. One is located on the East coast, while the other is on the West. To try and isolate the problem, I have been collecting various benchmark results for a few weeks now. While reviewing the results, I've noticed an interesting phenomenon. Initially, Cloudflare's DNS was much slower to respond than Google's. On average, Cloudflare's response times were more than twice as slow as Google's. After about a week of monitoring, Cloudflare's response started tracking Google's very closely, albeit with more variability. I'm guessing that Cloudflare uses GCP for some of their infrastructure. However, on multiple occasions, I've seen both Google's and Cloudflare's latency increase by almost a factor of 2 from their typical response time of 18 ms ± 3 ms to ~40 ms. Then, mysteriously, at almost exactly 5 AM ET the following morning, their responses both drop back to their average of 18 ms. Has anyone else observed this trend, or do you have a simple explanation for it? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Network engineers in Insurance, what are you doing for IFRS17? Posted: 30 Jul 2020 07:41 AM PDT Hey guys, the company is starting to implement IFRS17. What was your involvement in making it happen from a network perspective? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Best large scale wifi solution? Posted: 30 Jul 2020 07:05 AM PDT I need to provide wifi to a large area that can support around 10k users. We've mostly used unifi in the past but I'd like to find other options for this. Aruba seems promising but I wanted to see what others thought. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Packet Filtering Ruleset for Network Posted: 30 Jul 2020 09:16 AM PDT Absolute newbie here, I have to write a filtering rule set to block all inbound connections to a Web server (IP address = 200.1.2.3), an external e-mail server (IP address = 200.1.2.4), and some internal workstations with network address of 192.168.1.0/24. Here's my attempt, but I'm not sure if I'm on the right path. Here's my table:
[link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Posted: 30 Jul 2020 03:44 PM PDT NAS is set to static IP but plugged directly into a router it (on the same IP subnet) it isn't recognised. Plugged into a 24 port dumb switch it won't be recognised either. Every other device can be found and recognised when plugged into router or switch, whether set to static or DHCP. Previously, it used to be fine and would be recognised on both. But for some reason it no longer does. But if it is plugged into a 5 port dumb switch, it works. EXCEPT if there is a power outage. If there is a power outage that knocks out the NAS and switches/routers, the NAS is no longer recognised on that port. If I change it to a different port it works until the next power outage and after 5 outages it is no longer recognised on the dumb switch. NAS has been set to DHCP and also factory reset. I'm going to replace it but I am at a loss as to why the above is happening. Any ideas? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Posted: 30 Jul 2020 04:16 AM PDT Hi all, I could do with some advice please on the best way to configure spanning-tree on a VPLS network we are migrating to. We have 2 sites - Birmingham and London - and we want VLANs available in both with the default gateways being hosted on the set of redundant ASA firewalls in Colo. This is with the aim of long term active-active VMWare environments with cross site vmotion. For reference both our sites are using HP Aruba 3810 switches uplinked to on-site provider Huawei equipment with a VPLS Cisco ASA firewall Anyway the provider can map nearly all of VLANs fine except VLAN1, which is our main DATA VLAN (I know we should migrate away from it, but that is a longer term goal than what we need to achieve right now). So from this our network provider is putting VLAN1 on a separate ether-channel to the other VLANS, untagged our side and then tagging it their side 1405 until it gets either site and back to untagged. I have no real training in VPLS technology and wanted to understand it better, so with some spare HP Procurve 2810's I lab replicated our network environment and am playing around how it all works. My confusion is around spanning-tree, I think it is working correct but I wanted to check with more knowledgable people before I go ahead and implement this in production when we migrate. We have the option of MSTP or PVRSTP on our Arubas - I am currently playing around with MSTP. Our provider said that they will not be replicating our spanning-tree regoins on their equipment, so we will be handling it per-site ourselves. I've got it working two different ways on my lab, one where our Birmingham core switch is root for all MSTP instances, and one where each sites individual core switches are root for their instances and wanted advice on what would be best? I am also thinking that my lab is probably going to act differently to how it will work in production as I do not fully know every part of VPLS technology Huawei or Cisco ASA provide compared to my pure HP lab, so if I am wrong about any of this I apologise! For reference Trk4 will carry all of our VLANs on one ether-channel except VLAN1 and Trk10 will carry just VLAN1 on it's own ether-channel So below is method 1 where Birmingham is the root bridge for just two insances with both London and Birmingham on the same region:Birmingham Core Switch London Core Switch Method 2 I had separate regions per site with separate instances to ensure spanning-tree stays local to each siteBirmingham Core Switch London Core Switch Any advice would be much appreciated on the best method forwards! or if I have my thinking totally incorrect and should be looking at it differently. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Branch Workshop - Firewall/Router and WAP Posted: 30 Jul 2020 03:25 PM PDT I have a remote worksite with ~5 employees. I want to add WiFi for the employees and move an offsite backup NAS there. A consumer router would give me the functionality I need but I don't want to put some POS out there that will no doubt join a bot net one day. I need to forward a port to the NAS, keep inbound traffic out, connect a WAP..... and that's about it. No need for a site-to-site VPN, advanced security features, etc. My initial reaction was to use a unifi setup since it would be easy to manage remotely. However, they don't have a great reputation around here and the UDMP is overly complicated for this. I don't want a surveillance app and whatever else on my router. Is there something that is business/enterprise grade that would be a unified system, easy to manage remotely, decently secure, etc? Ideally, I wouldn't need to pay a yearly license. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Posted: 30 Jul 2020 05:15 AM PDT So I'm coming from years on multiply tier levels of support for helpdesk. Have moved to a network admin position at a new utility company and one of the more confusing things for me is they have several "Microwave routers" set up a different sites. Have not found anything helpful online, can someone help me understand what these are? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| How to workaround a software that only resolves the hostname once and then never again? Posted: 30 Jul 2020 07:20 AM PDT I have to use a software that only resolves a clients hostname once, so when the client switches from LAN to Wi-Fi/VPN the software can't reach the client anymore as it doesn't ask DNS for the new IP-address. I was thinking to give the software one completely separate IP-address that isn't used yet and then just NAT the clients real IP-address, which I can get from the hostname, to that "virtual" IP-address that the software knows. If that sounds doable, how would I accomplish this? If you can think of different solutions, please do let me know. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Comcast Business Pricing 100Mbps with static ip and SLA Posted: 30 Jul 2020 12:59 PM PDT Our business contract just ended and I'm wondering what are people paying for 100Mbps fiber, symmetrical, static ip(s) and SLA? Our monthly included the cost of paying to have the fiber run to our location, spread out over three years. Even after talking to our account rep a couple months before the contract ended, and asking for a new one with their best pricing and they haven't bothered. Guess they thought we wouldn't notice and just keep charging us that inflated monthly to see how much they could get from us! [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Some confusion regarding mobility express APs Posted: 30 Jul 2020 12:08 PM PDT Its me again, with another issue with mobility express. If I'm understanding these correctly they're CAPWAP APs but they're forming their DTLS tunnel to the AP currently running as the mobility controller. If that is the case, shouldn't the interface connected to the AP be configured as access instead of trunk? The interface to the Controller should be a trunk? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Why doesn't simplex single mode fiber sometimes autonegotiate? Posted: 30 Jul 2020 01:23 PM PDT I try a switch in my lab setup, connect it over 1G simplex single mode fiber to another switch with a distance of 2m. And autonegotiation works. Then I put the same switch in a POP, distance 5km. But autonegotiation fails. I have to manually force the speeds. Also, I connect it over 10G SFP+ modules, and then autonegotiation wroks over any distance. Can anyone point me in the right direction over why this happens? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Recommendation on a Fusion Splicer? Posted: 30 Jul 2020 08:35 AM PDT Hello, fellow packet-poets and WAN-warriors! I work for a WISP and we have been getting into more fiber lately. So much so that have a fusion splicer on-hand seems like a good idea. I've done some homework and it seems like there's a lot of options out there. Looking for something in the $2k-$6k range. We only use SMF. Relatively short runs (a few miles at most, but mostly will be for terminating fiber on the tower). Any recommendations would be appreciated. Thank you! [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Posted: 30 Jul 2020 08:05 AM PDT Currently run an ASA 5545-X with firepower services managed via FMC. Wanting to keep ASA but replace firepower. I've already looked into pfsense, palo alto, fortinet and meraki. All of them would be a firewall replacement just to replace our IPS and I am not wanting to do that. I am looking for a dedicated IPS solution, not a firewall with an IPS unless the IPS can be ran on its own until I migrated to the firewall. Also looked at Barracuda however there a bit pricey like Cisco. I've considered suricata however, going from an FMC to linux command line ( I know firepower is linux) is a big shift. Still looking into this however I dont see this being a practical replacement as no support is offered. Looking for recommendations. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Verbiage for AnyConnect Second Factor Prompt Posted: 30 Jul 2020 07:27 AM PDT Hi all - Kind of embarrassed to ask this because I thought this would be a simple endeavor and I'm tearing my hair out. We're testing out Okta's RADIUS agent behind our ASA for AnyConnect. We have 2FA enabled on Okta accounts. Password prompt and second factor auth works perfectly. All I want to do at this point is change the verbiage which appears when the second factor prompt appears. By default, it's "Enter a passcode. Enter '0' to abort." I want to customize this to something my less-tech-savvy users can digest. I've scoured the Internet and cannot for the life of me find out whether this prompt is customizable and if so, where it's stored. Anyone have any idea? Edit - Okta got back to me, this challenge text can't be customized. Ah well. Thanks for the guidance everyone! [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Continuity test on fiber optic cable Posted: 30 Jul 2020 06:17 AM PDT I've recently found out that in our rented office space we have a fiber that terminates in the office next door. I want to test to see if it's intact. So i tried shining light from a bright flashlight, but none comes out the other end. Is this because the fiber is broken somewhere, or is it because only IR light will propagate through the fiber? Any help would be greatly appreciated. [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| Posted: 29 Jul 2020 11:24 PM PDT Hello all! My workplace is interested in installing two fiber optic runs between three different buildings, to bridge an existing Ethernet/wireless network. My experience with fiber optics is limited, so I would like to ask for your opinions on this proposed set up, and if I'm missing something it would be greatly appreciated if it could be pointed out. One run is direct burial*, about 150M. The other is planned to be run through a pvc pipe, about 100M. Existing Ethernet network is Cat 5e/6. The ~100M run is expected to have much heavier use than the other. Since we don't have the tools to terminate our own cable, I'm looking at pre-terminated cable on LanShack.com. Budget is "cheap." I'm thinking OM1 should work for both -- I understand it won't work at "optimal" 10G speed over either distance, but it should manage 1G, which is already faster than our existing network. Single/multimode... I know single mode is better for long distances, but I'm not sure if either of these runs would be "too long" for multimode. I'm tentatively looking at multimode. And then either StarTech or TrippLite media converters at either end of each run, to connect to the Ethernet network. Suggestions are wholly welcomed! Thank you for your time! EDIT: *I've been informed that they've decided to run conduit instead for the 150M ish run, rather than direct burial. Conduit is planned to be laid in the next few months for unrelated cabling, and if we decide to implement fiber, it would be the ideal time for that run. The conduit is already laid for the shorter run. Our company undertakes different trenching/conduit laying projects upgrading unrelated machinery almost every year, so it's not a big deal for us. The proposed fiber runs are meant to replace the wireless connections currently between the buildings (Engenius ENH202 bridges) that just aren't working out (poor connection due to interference, uneven terrain, etc, and simply struggling to handle a recent increase in activity). I've considered replacing with a different wireless solution, but hesitate because of the experience with the current one. I've also been successfully convinced/corrected to use singlemode rather than multimode, thank you all, and found that I understand much less about fiber than I previously thought, haha [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| How pevalent is Equal Cost Multi Path (ECMP) BGP? Is it enabled by default? Posted: 29 Jul 2020 07:16 PM PDT I wonder how prevalent is ECMP. Do operators use it when they have equal-cost paths, such as in the case of parallel links: https://www.noction.com/blog/equal-cost-multipath-ecmp Or it's something that is not enabled by default, e.g. due to operational complexity? [link] [comments]  | ||||||||||||||||||||||||||||||||||||
| I'm needing some help proving that it's ATT's fault. Posted: 29 Jul 2020 05:32 PM PDT Hey everyone. I manage a couple Cisco ISR 4000 series routers that are connected to ATT's ciena service switches that they use to provide their ASE service. My customer's internet was upgraded, so I went to go double check the duplex settings. They were 100 megabit/half duplex that were gained from autonegotiation. Since I was directed to set the settings to 1000 megabit full duplex, I did. All of a sudden, traffic on that interface ground to a halt, and I gained a whole host of network problems. So I set it back to what it was, thinking it was a duplex mismatch that caused the problem, and the traffic was fine. I thought that ATT had statically set their duplex settings, which was why my router interface had so many issues when I changed the settings. But when I reached out to the customers IT department, they refused to do anything about it and said I was uninformed and they are refusing to open up a ticket with ATT. Am I utterly wrong? Is there something I'm missing? If not, how can I prove that ATT statically set their duplex settings? [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment