Moronic Monday! Networking |
- Moronic Monday!
- Looking for Reviews/Experiences with GPON Equipment Vendors and Support
- Install vs Bundle Upgrading Cisco 9300 Stack
- Fortigate using virtual IPs to configure port forwarding
- Barracuda Cloudgen in VirtualBox or VMware Player
- Decentralised Network Latency Reduction Question
- SSH KEY Cisco switch
- ISP, how do you distinguish global and national/domestic Internet traffic?
- BGP - Peering/Neighbor IP best practices?
- How Do I Get Data From Console Port In Catalyst AX9115?
- Need help with infuriating dedicated fibre line setup
- Any tips for learning new stuff?
- First Meraki network, potentially
- Cloud VPN option
- Has anyone successfully installed Windows 10 on EVE-NG?
- Log in and logging ssh from the Linux CLI - user script
- Avoiding single point of failure with only one ISP handoff
| Posted: 02 Aug 2020 06:04 PM PDT It's Monday, you've not yet had coffee and the week ahead is gonna suck. Lets open the floor for a weekly Stupid Questions Thread, so we can all ask those questions we're too embarrassed to ask! Post your question - stupid or otherwise - here to get an answer. Anyone can post a question and the community as a whole is invited and encouraged to provide an answer. Serious answers are not expected. Note: This post is created at 01:00 UTC. It may not be Monday where you are in the world, no need to comment on it. [link] [comments]  |
| Looking for Reviews/Experiences with GPON Equipment Vendors and Support Posted: 03 Aug 2020 10:15 AM PDT We are going to be looking into rolling FTTH and I'm needing to find more vendors and what their offerings are. The only two I have experience with is Calix and Ubiquiti. Calix has some pretty decent support but it does take them quite some time to get someone on the phone. Their equipment does appear to perform well. Rarely have issues with any of their stuff. I absolutely hate their CLI (Both AXOS and EXOS). Also, their CPE products look and feel really old and dated. Even their brand new router. I have used Ubiquiti's hardware but not their GPON Offerings. I've also never had to get them on the phone for any kind of support. It was easy stuff to figure out. Also, the vyatta based interface is something that I am used to. The products look very good and something I think our customers would be impressed with when they see it. Cannot say the same with Calix's stuff. [link] [comments]  |
| Install vs Bundle Upgrading Cisco 9300 Stack Posted: 03 Aug 2020 11:51 AM PDT Hi All, I do not have access to a lab at the moment as I am working remotely. I have a question regarding upgrading a cisco 9300 stack that is on 16.6 code in BUNDLE mode. I want to upgrade to 16.12.3 but am concerned about doing the install mode command. Will the other members of the stack convert to the new mode or will I need to manually convert each switch to install mode? If that is not clear, please let me know and I can answer any questions. Current stack is in bundle mode. Looking to upgrade direct to new code using the install activate method to have the switches in install mode. Do the other members of the switch automatically convert to the new code and install mode? Thank you! [link] [comments]  |
| Fortigate using virtual IPs to configure port forwarding Posted: 03 Aug 2020 03:27 AM PDT Hi, I would like to use Virtual IPs (VIPs) to configure port forwarding on a FortiGate. I tried to do this with two different services - unsuccessfully. What do I wrong? Itest - VLAN20 Dnal - VLAN120 Zone "LAN" with VLAN20 and VLAN120 - Setting "Block intra-zone traffic" on It works one week before but I do lot of changes in my network and do factory reset on my FW, connect switch, create vlans, create zone. Before all works on just internal interface. Debug dopped this Error: 2020-08-03 12:29:45 id=20085 trace_id=2022 func=init_ip_session_common line=4632 msg="allocate a new session-0001ccae" 2020-08-03 12:29:45 id=20085 trace_id=2022 func=fw_local_in_handler line=395 msg="iprope_in_check() check failed on policy 0, drop" Thank you or any help [link] [comments]  |
| Barracuda Cloudgen in VirtualBox or VMware Player Posted: 03 Aug 2020 11:59 AM PDT Has anyone here successfully run the Barracuda Cloudgen in VirtualBox or Vmware Player? I wanted to have it on my PC for training purposes, but I failed miserably. I followed the guide here, but that's for ESX. It seems like I can't get any network connection in the vm. [link] [comments]  |
| Decentralised Network Latency Reduction Question Posted: 03 Aug 2020 09:53 AM PDT Hello, Bit of a noob when it comes to all things networking! For my comp sci degree I've been tasked to come up with an experiment to test and evaluate a latency reduction method for a decentralised network, the full problem is below: "Reducing Latency in Decentralised Connectivity for the Internet of Things in Distributed Systems" I've been doing broad research into the topic, latency reduction methods, centralised vs decentralised for IoT, etc (even stuff like fog computing and edge computing). But honestly? I'm not really getting far with it at all. I'm struggling to pinpoint something I can investigate, test and get results from. I just can't get my head around it and find a good foothold. Is there areas I should be looking into more? And are there emulators / programs / algorithms than could be useful in undertaking this? [link] [comments]  |
| Posted: 03 Aug 2020 07:48 AM PDT For Cisco switches (2960, 3560x, 3750), instead of doing this command "crypto key generate rsa modulus 2048" to enable SSH. Is there a certificate out there in which will automatically distribute the RSA keys? Or do i just need to do this command manually? There's a quite a few switches and was wondering if there was a better way of doing it. [link] [comments]  |
| ISP, how do you distinguish global and national/domestic Internet traffic? Posted: 03 Aug 2020 05:25 AM PDT Hey folks working at ISPs, Got a customer asking if our networking solution could separate and do traffic policing for global Internet and national Internet traffic. In simple words, during peak, limit the global Internet bandwidth of their consumers, and if necessary, raise or lower the bandwidth for domestic traffic as well. Having worked only for enterprise with no such requirements, I don't even know where to begin with this topic. Do they differentiate traffic based on routes or AS or whatever? Thanks in advance. [link] [comments]  |
| BGP - Peering/Neighbor IP best practices? Posted: 03 Aug 2020 09:06 AM PDT Hey all, As I more more locations over to MPLS with BGP peering, I'm wondering what the best practice for peering IP addresses is. For the last site I just used 192.168.1.2/24, with the provider using .1. Wondering what other people are doing here? I suppose it doesn't really matter what IPs I use for BGP peering? [link] [comments]  |
| How Do I Get Data From Console Port In Catalyst AX9115? Posted: 03 Aug 2020 02:02 PM PDT Just got a AX9115. Pretty sure its in CAPWAP mode since we didn't get the EWC version. But need to convert to EWC. Do I plug in the other ethernet port for power? What serial settings? Are there drivers required? I tried serial direct to the back of a desktop then with a serial to usb adapter to a laptop. [link] [comments]  |
| Need help with infuriating dedicated fibre line setup Posted: 03 Aug 2020 01:40 PM PDT Hello, we have a bit of an issue with a leased line (a dedicated fibre to the premises line) which has been setup for our client. The provider has run the line into the comms cupboard and they've provided a box which is the edge of the network. We have no access to that box, but there is an SFP+ port where the line from the outside world comes in, and a little green light to indicate that it's live, and an SFP+ port for the internal network access which also has a little light which is red to say it's not happy (this is the infuriating part). They did provide a transceiver already in the slot, but there was some confusion about that so I've also ordered several other options, some of them customised from fs.com for that specific model. Anyway, on the other side we've got a Draytek Vigor 3910 which we want to use to run that WAN connection via it's SFP+ port, and also a second connection which will be a failover. The leased line provider has given me the following details: WAN Subnet xxx.xxx.xxx.0 or 255.255.255.252 depending on who you ask from their team WAN Subnet Mask /30 WAN IP xxx.xxx.xxx.2 WAN Default Gateway xxx.xxx.xxx.1 Routed IP's Network Number xxx.xxx.xxx.44 Routed IP Mask /30 Routed First Host xxx.xxx.xxx.45 Routed Second Host xxx.xxx.xxx.46 Routed Last Host xxx.xxx.xxx.46 Routed Broadcast Address xxx.xxx.xxx.47 DNS servers xxx.xx.xxx.12, xxx.xx.xxx.6 Now I'm a total novice in this particular area, and I can't figure out if I'm doing something wrong, but the access light on their box will not go green. I'm confident that it's not an issue with the transceivers as I've tried so many different options, and in every case the light on our Draytek is green, it's only red on their box. In terms of the network settings, on the Draytek I've configured WAN 1 to use the SFP port with the following details: IP Address xxx.xxx.xxx.2 Subnet Mask xxx.xxx.xxx.0 and/or 255.255.255.252 Gateway IP Address xxx.xxx.xxx.1 DNS servers, as above or 8.8.8.8, 8.8.4.4 And it just doesn't work. But then there is something else that worries me, all that stuff about the routed IPs network number with the 2 usable hosts, what's that even for? Is that where I'm going wrong? The providers support has been less than useless, honestly the worst I have ever experienced. They really don't want to help troubleshoot the issue, basically they're happy for the line to never ever be used and apparently that's the end of it because they're confident that the issue is on our side, because they've run the same stupid test over an over which shows that the access status light on their equipment is red. So I implore anyone who actually knows about networking, have I actually used the details that they've provided correctly, or is there something really obvious that I'm missing, or is it all about that second set of details with the routed IPs? Thank you so much to anyone who can shed some light on this. [link] [comments]  |
| Any tips for learning new stuff? Posted: 03 Aug 2020 09:17 AM PDT I've always been a quick learner when it comes to understanding how things work. Lately I noticed I'm having difficulties learning new stuff - new technologies, preparing for exams, etc. Since networking is a field which requires constant learning and a sharp mind, it's really affecting my confidence and stressing me out. Has anyone found a way to improve their ability to learn? Maybe it's related to stress? Or perhaps it's just age? :( I'm a 36 yo male. [link] [comments]  |
| First Meraki network, potentially Posted: 03 Aug 2020 03:14 PM PDT Hey guys - total noob to Meraki. I've used Ubiquiti almost exclusively but am considering installing a basic Meraki WAP in a client office. Is there anything I need to know with respect to equipment licenses, etc? I really like using the Ubiquiti products for pricing simplicity's sake and my past experiences with their PoE switches, EdgeRouters, WAPs.. has been positive. Would a Meraki WAP play nicely with a UI EdgeRouter? Any helpful thoughts, comments? [link] [comments]  |
| Posted: 03 Aug 2020 02:36 AM PDT So as part of networking degree i have been tasked with setting up a Site-To-Site VPN with the others in my team. Initially we were looking for a Cloud VPN/Router to enable us to connect all the devices together and allow routing between them but have struggled to find a solution thus for as from what i can see the 2800 will only doing ISAKMP and the services i have found all run IKEV2 Anyone able to point me in the right direction or a possible solution ? Thanks [link] [comments]  |
| Has anyone successfully installed Windows 10 on EVE-NG? Posted: 02 Aug 2020 04:01 PM PDT Hey all. Not sure where to post this. I'm setting up a lab and it involves a PC node, in which I have a windows 10 image. I got it up and running but it is ridiculously slow. No settings tweaks that I have done have sped things up. I have so far allocated two CPU's along with 8 GB of RAM and it crawls. For example, I did a simple 'ipconfig' in the command terminal and the output was as if someone was typing it out manually, letter by letter. I'm starting to suspect a QEMU setting of some sort but the only few videos on see on youtube, I matched the settings and it didn't make a difference. I don't really see much else on the subject. Any ideas? And again, if this doesn't belong here, mods, feel free to remove this post. Thanks. [link] [comments]  |
| Log in and logging ssh from the Linux CLI - user script Posted: 03 Aug 2020 08:17 AM PDT So, network security engineer here. I use Linux as my primary OS and ssh from the CLI for every session to FWs and routers and wanted to share how I manage my sessions. Sure I could use .ssh/config, but I have 2 additional requirements - 1) MFA login to RADIUS servers; 2)Full session logging. install oathtool (for MFA) and xclip set shell var $PW=to_your_passowrd set script name to whatever (like edgefw) - I have 81 different ones - with tab completion, it's real fast.
Then, put it in your path, execute and middle click to paste PW on prompt. The logfile is saved to your ssh_logs dir and each line is timestamped. I found it handy and you might too. [link] [comments]  |
| Avoiding single point of failure with only one ISP handoff Posted: 03 Aug 2020 07:28 AM PDT Currently the network I maintain has two firewalls for HA failover, but only 1 hand-off from our fiber ISP. We are able to use the HA pair because we have one Brocade (for Internet 2) in front of the pair which splits the SFP+ hand-off. So if one firewall dies, the other can takeover with no intervention, simply using its own WAN SPF+ connection from the Brocade. This leaves us with the Brocade being a single point of failure. Even if the brocade could fail-open, that wouldn't solve the issue as the firewall WAN ports are configured to use the Brocade IP and not the ISP hand-off directly. My question is: if we were to remove the Brocade completely from the setup and we STILL had a single hand-off from the ISP, what could we put in-between the single hand-off and the HA paired firewalls that wouldn't introduce a single point of failure? Is there some type of dumb switches which we could mirror and/or fail open in such a way that the live switch could still use the ISP hand-off plugged into the dead switch? Is there any solution which wouldn't require intervention (like having to go and move the single hand-off from one box to another in the event of a failure)? I'm not sure if our ISP would be able to give us two hand-offs which were mirrored (whether it's possible, or without incurring a large monthly cost). Of course two hand-offs would eliminate the need for anything in-between the ISP and HA paired firewalls. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment