elevator phone line options? Networking |
- elevator phone line options?
- Netbox: Devices not in racks
- Does anyone run Cisco C1000-8P-2G-L? Unclear on whether they're integrated power or an external brick.
- Cisco Nexus 3172 and vPC AND Port-Channel
- Bogus MAC address tripping Port Security.
- How do ISP distribute public IP blocks?
- How to test punch down connection
- Routing issue
- Cisco C9500 MTU
- Windows Loopback to Loopback Traffic?
- SRX license question?
- ASR1002 : Overrun errors
- API management vendors?
- NAT Public IP to another Public IP - ASA
- Typical IP-Address usage per Device
- Dual-Internet Connection "Bonding" via OpenVPN
- Opensource NAC
- alias command equivalents?
- SFP Link Negotiation
| Posted: 28 Jan 2021 07:25 AM PST I have about 8 elevators connected to a VG224. We have 7 of these VG's to service fax lines and other things, but man is it a pain. I have a ton of dead ports and the VG is no longer supported. We've been moving faxes to ATA. What are my other options besides an ATA or POTS line? I know that the ATA cant be powered for 3 days off the UPS that also powers our switches. [link] [comments]  |
| Posted: 28 Jan 2021 11:04 AM PST Netbox users, how do you handle devices that are not in a rack? Examples:
The only idea I have so far is to create a virtual / pseudo rack. Perhaps with a -X suffix on its name to denote that it isn't physical rack. [link] [comments]  |
| Posted: 28 Jan 2021 08:17 AM PST Pretty much what it says on the tin-I can't find any reliable evidence of whether the C1000-8P-2G-L (not the C1000-8P-E-2G-L, which seems to indicate it's explicitly external) has an integrated power supply with C13-compatible port. Is anyone running one and can take me a photo of the back? [link] [comments]  |
| Cisco Nexus 3172 and vPC AND Port-Channel Posted: 28 Jan 2021 09:27 AM PST So it's been a lot of years since I first did this, and I can't remember how to Google this thing apparently...
I still need to put those in a port-channel, right? The fact that I have the vPC really just makes the Nexus boxes look and act like a single chassis, right? Reason I ask is that I CANNOT get one leg of the server to member up on Nexus 2 but it does on Nexus 1. Is my thinking correct on this? [link] [comments]  |
| Bogus MAC address tripping Port Security. Posted: 28 Jan 2021 01:13 PM PST Hello All, Has anybody had an issue where end users usb c ethernet dongles, are randomly changing their MAC addresses to something random like 4865.0000.0000. Up until recently, cant really point it out, we had two cases where users randomly lost connectivity, i see their interface in err-disabled. I check the logs, and notice it was brought down by weird looking mac addresses. Any insight is much appreciated. We use Startech Realtek usb c ethernet dongles. [link] [comments]  |
| How do ISP distribute public IP blocks? Posted: 28 Jan 2021 01:00 PM PST I am trying to leverage one of our extra public IPs to NAT it to a webserver on our internal network. Our ISP equipment has one port where our ASA is plugged into, and a second port where a hypervisor is plugged into (which is also internet accessible). The reason I ask is because I believe I have setup the NAT correctly on the ASA, but I cannot hit the public IP from inside or outside the network. Would I need to contact the ISP and have them associate the entire block of IPs with the port that the ASA is plugged into? [link] [comments]  |
| How to test punch down connection Posted: 28 Jan 2021 12:37 PM PST I'm gonna be terminating some runs I did but I just want to verify that my testing method checks out. At the Switch end they're getting terminated to RJ45 connectors, the other ends I will be punching down into keystone jacks. I don't need to worry about crosstalk or other protocol issues, I just want to verify all 8 conductors line up. Can I place one tester at the RJ45 end and the other tester via patch cable to the keystone jack? Of course the patch cable would need to match the pinout of my terminations, but in theory this should work right? [link] [comments]  |
| Posted: 28 Jan 2021 03:45 PM PST TL:DR. Switch pings out. Attached PC to switch cannot. There is a static route on the upstream router; ===={swtich config}============== root@EXDEBLSW1> show configuration ## Last commit: 2021-01-28 05:17:12 UTC by NOC version 12.3R6.6; system { host-name EXDEBLSW1; root-authentication { -ommited- } name-server { } login { message -ommited- user NOC { -ommited- } } } services { ssh { root-login deny; } web-management { http; } dhcp { traceoptions { file dhcp_logfile; level all; flag all; } pool 10.1.1.0/24 { address-range low 10.1.1.101 high 10.1.1.252; router { } } pool 10.1.2.0/24 { address-range low 10.1.2.101 high 10.1.2.252; router { } } pool 192.168.240.0/24 { address-range low 192.168.240.101 high 192.168.240.252; router { } } pool 192.168.200.0/24 { address-range low 192.168.200.101 high 192.168.200.252; router { } } } } syslog { user * { any emergency; } file messages { any notice; authorization info; } file interactive-commands { interactive-commands any; } } ntp { server 172.16.0.1; } } chassis { auto-image-upgrade; } interfaces { ge-0/0/0 { unit 0 { family inet { address 172.16.0.2/30; } } } ge-0/0/1 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/2 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/3 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/4 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/5 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/6 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/7 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/8 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/9 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/10 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/0/11 { unit 0 { family ethernet-switching { vlan { members LAN; } } } } ge-0/1/0 { unit 0 { family ethernet-switching { vlan { members Wifi; } } } } ge-0/1/1 { unit 0 { family ethernet-switching { vlan { members Wifi; } } } } lo0 { unit 66 { family inet { address 1.1.1.2/32; } } } me0 { unit 0 { family inet { dhcp { vendor-id Juniper-ex2200-c-12p-2g; } } } } vlan { unit 69 { family inet { address 172.30.0.1/24; } } unit 99 { family inet { address 10.1.0.2/24; } } unit 100 { family inet { address 10.1.1.1/24; } } unit 200 { family inet { address 10.1.2.1/24; } } unit 300 { family inet { address 192.168.240.1/24; } } unit 666 { family inet { address 192.168.200.1/24; } } } vme { unit 0 { family inet; } } } routing-options { static { route 0.0.0.0/0 next-hop 172.16.0.1; } } protocols { igmp-snooping { vlan all; } rstp; inactive: lldp { interface all; } lldp-med { interface all; } } ethernet-switching-options { storm-control { interface all; } } vlans { DMZ { vlan-id 69; l3-interface vlan.69; } Guest { vlan-id 300; l3-interface vlan.300; } IOT { vlan-id 666; l3-interface vlan.666; } LAN { vlan-id 100; l3-interface vlan.100; } System { vlan-id 99; l3-interface vlan.99; } Wifi { vlan-id 200; l3-interface vlan.200; } default { vlan-id 66; } } poe { interface all; } {master:0} ================ Routes ============== NOC@EXDEBLSW1> show route inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0*[Static/5] 00:52:17 > to 172.16.0.1 via ge-0/0/0.0 1.1.1.2/32*[Direct/0] 00:09:05 > via lo0.66 10.1.0.2/32*[Local/0] 01:47:47 Reject 10.1.1.0/24*[Direct/0] 00:52:13 > via vlan.100 10.1.1.1/32*[Local/0] 01:47:47 Local via vlan.100 10.1.2.1/32*[Local/0] 01:47:47 Reject 172.16.0.0/30*[Direct/0] 00:52:17 > via ge-0/0/0.0 172.16.0.2/32*[Local/0] 01:47:47 Local via ge-0/0/0.0 172.30.0.1/32*[Local/0] 01:47:47 Reject 192.168.200.1/32 *[Local/0] 01:47:47 Reject 192.168.240.1/32 *[Local/0] 01:47:47 Reject {master:0} ============ vlans ============= NOC@EXDEBLSW1> show vlans Name Tag Interfaces DMZ 69 None Guest 300 None IOT 666 None LAN 100 ge-0/0/1.0, ge-0/0/2.0, ge-0/0/3.0, ge-0/0/4.0, ge-0/0/5.0, ge-0/0/6.0, ge-0/0/7.0, ge-0/0/8.0, ge-0/0/9.0, ge-0/0/10.0*, ge-0/0/11.0 System 99 None Wifi 200 ge-0/1/0.0, ge-0/1/1.0 default 66 None NOC@EXDEBLSW1> show interfaces vlan terse Interface Admin Link Proto Local Remote vlan up up vlan.69 up down inet 172.30.0.1/24 vlan.99 up down inet 10.1.0.2/24 vlan.100 up up inet 10.1.1.1/24 vlan.200 up down inet 10.1.2.1/24 vlan.300 up down inet 192.168.240.1/24 vlan.666 up down inet 192.168.200.1/24 ======== pings ================================ > To port of router upstream; NOC@EXDEBLSW1> ping 172.16.0.1 rapid PING 172.16.0.1 (172.16.0.1): 56 data bytes !!!!! --- 172.16.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.616/2.111/2.657/0.361 ms > To google DNS; NOC@EXDEBLSW1> ping 8.8.8.8 rapid PING 8.8.8.8 (8.8.8.8): 56 data bytes !!!!! --- 8.8.8.8 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 24.043/26.882/32.554/3.248 ms > To PC connected on ge0/0/10; Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::99e5:e1a3:2d5f:3e8c%13 IPv4 Address. . . . . . . . . . . : 10.1.1.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.1.1.1 NOC@EXDEBLSW1> ping 10.1.1.101 rapid PING 10.1.1.101 (10.1.1.101): 56 data bytes !!!!! --- 10.1.1.101 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.965/2.196/2.703/0.260 ms > From PC to switch interface connected to upstream router ; C:\>ping 172.16.0.2 Pinging 172.16.0.2 with 32 bytes of data: Reply from 172.16.0.2: bytes=32 time=5ms TTL=64 Reply from 172.16.0.2: bytes=32 time=2ms TTL=64 Reply from 172.16.0.2: bytes=32 time=1ms TTL=64 Reply from 172.16.0.2: bytes=32 time=1ms TTL=64 > From PC to Routers interface; C:\>ping 172.16.0.1 Pinging 172.16.0.1 with 32 bytes of data: Control-C ^C ========={route table on upstream router}================= Gateway of last resort is x.x.242.1 to network 0.0.0.0 S* 0.0.0.0/0 [254/0] via x.x.242.1 1.0.0.0/32 is subnetted, 2 subnets C 1.1.1.1 is directly connected, Loopback1 S 1.1.1.2 is directly connected, GigabitEthernet0/1 10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks S 10.1.0.0/16 is directly connected, GigabitEthernet0/1 C 10.1.0.0/24 is directly connected, GigabitEthernet0/1 L 10.1.0.1/32 is directly connected, GigabitEthernet0/1 S 10.1.1.0/24 is directly connected, GigabitEthernet0/1 S 10.1.2.0/24 is directly connected, GigabitEthernet0/1 x.0.0.0/8 is variably subnetted, 3 subnets, 2 masks C x.x.x.0/23 is directly connected, GigabitEthernet0/0 L x.x.x.126/32 is directly connected, GigabitEthernet0/0 S x.x.x.218/32 [254/0] via x.x.x.1, GigabitEthernet0/0 172.30.0.0/24 is subnetted, 1 subnets S 172.30.0.0 is directly connected, GigabitEthernet0/1 S 192.168.200.0/24 is directly connected, GigabitEthernet0/1 S 192.168.240.0/24 is directly connected, GigabitEthernet0/1 ISRDEBER1# [link] [comments]  |
| Posted: 28 Jan 2021 04:59 AM PST Hi! We just received our new C9500 core switches. I saw that system mtu was set to 9100 by default. New SVIs are also 9100. Will this affect performance considering the users in these VLANs are at 1500 ? We will also have an SVI for the upstream firewalls (firewalls are using 1500). I know that putting jumbo MTU on L2 interfaces is generally harmless but what about L3 interfaces (routed port, SVI) ? I can't seem to understand how everything fits together (L2 vs L3 MTU, etc.) and what are the best practices. Thank you for the help ! [link] [comments]  |
| Windows Loopback to Loopback Traffic? Posted: 28 Jan 2021 03:16 PM PST So I was getting ready to do a capture and I noticed that my loopback adapter in wireshark was going crazy. Capturing traffic on it shows a ton of TLSv1.2 traffic. What traffic is this and why is my loopback talking to himself (my machine identifies as a dude, so suck it) 😁 [link] [comments]  |
| Posted: 28 Jan 2021 03:02 PM PST Hi, I come from a Cisco background lets just get that out the way. But I've been a Network Engineer for about 3 years now and networking is networking regardless of vendor, its just what you prefer using at the end of the day I've learned so far. So far I've learned I do NOT like Juniper switches or routers but the firewalls are pretty good. They do lack a good RAVPN client and a few other things, but definitely the best device out of the ones I've used so far. I'm currently in the middle of redesigning and upgrading our network at one of our medium sized sites. All the cabling, design work and config is done. The only thing left i have to do is actually do it! Before I can though I need to make sure I (because I'm doing HA with 2 SRX's) that the second SRX we have has a matching license concurrent with our main one at the moment. However it doesn't, the main one at the moment has a license on it with a few features on it and the second is as if its just been zerosized! So I'm wondering what exactly i have to do to get the second ones licenses to match the first so I can go ahead with the whole upgrade. Cheers everyone [link] [comments]  |
| Posted: 28 Jan 2021 03:06 AM PST I'm trying to pinpoint a reason I'm seeing intermittent bursts of overrun errors on a ASR1002. Quite large bursts as well up to around 400,000 in a short 10 minute window. The ASR1002 has the esp-10 and 2 x 10Gb line cards. IT just has one 10Gb uplink and one 10Gb to our supplier on which we have a few hundred customers. Anything you look at online says that overrun errors are caused by the router receiving too much traffic that it can't process in time. We've been monitoring the traffic very carefully and we are averaging around 1.1Gbps to 1.5Gbps through the device. Now it's possible there is some very bursty traffic causing this but we haven't been able to spot it with Solarwinds or netflow enabled on the router. But to be honest even if it was a sudden microburst I don't think it would take it above the routers capacity and all the customers which hang off the router have designated bandwidths so they could only burst up to their allocation. Still it's possible and something we are looking at. As we couldn't find what was responsible our next thoughts were: Faulty optics, They've all been replaced and still we see the overrun errors. It happens maybe 4 times a day (some days not at all) and over a day we can run up to around 1 to 2 million overrun errors. I've got a Cisco TAC case ongoing but they are being pretty useless with finding the cause. They keep basically reading off the Cisco literature and advising that the router is hitting capacity despite them enabling an event manager script to capture traffic on the router and it not actually finding anything of significance. So i've bounced it back to them several times and it's still in their hands. One thing I have noticed which may not be of significance is when I compare this ASR1002's 10Gb link to our provider with our others is that this 10Gb has 'route cache' counters incrementing. Not a huge amount, about 5 a second but I don't see this happen on any of our other ASR routers which have identical setups and similar throughputs. All my reading on the route cache doesn't really point me to an issue but I can't figure out why this one would be incrementing. We've gone down the line that maybe our 10Gb provider is having issues and it's causing buffers to fill up between our ASR1002 and their equipment which then causes the overruns. Our last direction we are looking into is if someone is sending a certain type of traffic through the ASR at certain times of day which is causing issues. This is where we've enabled NETFLOW to try to see if there is a pattern to what data is going through the ASR when they netflow events occur. So far not pattern that we can see. We see some high amounts of ESP traffic going through but nothing crazy or of concern. Looking see if any of you guys/gals may have experienced anything similar? Thanks [link] [comments]  |
| Posted: 28 Jan 2021 02:57 PM PST Looking for a vendor that can handle API management for external-facing API callbacks Example: The customer makes an API call to our proxy/middle ---> Middle Man checks to verify it passes certain requirements --> redirect to Amazon API Gateway/Azure API Gateway We want a middle man/proxy. The only vendor I found was - https://www.okta.com/products/api-access-management/ Does r/Networking know of any other vendors that offer a solution for this? [link] [comments]  |
| NAT Public IP to another Public IP - ASA Posted: 28 Jan 2021 12:24 PM PST Hello -- we are migrating to the cloud and want to test our devices in the field pointing to our new endpoint in the cloud. On our on-prem DC these devices have a public IP hard coded on them (I know) and they are currently hitting the public IP which is NAT'd to a private internal IP inside. I would like that public IP to be NAT'd to the new public endpoint in the cloud. So pretty much traffic hits the firewall then hairpins out to the new public IP. I have the below config in. same-security-traffic permit intra-interface ! object network Cloud-QA-Public-LB nat (outside,outside) static 1.1.1.1 (public IP of the on-prem dc that the devices have hardcoded) ACLs are open as well. Anything I am missing here? or is this possible? Thanks in advance. [link] [comments]  |
| Typical IP-Address usage per Device Posted: 28 Jan 2021 06:18 AM PST TL;DR: Question in mock exam at university: How many IP addresses are needed per physical device? Profs Answer 2,5 to 3 per device with no explanation. Does someone have an explanation for it? I currently study computer science and got across a question from my prof which he couldn't or wouldn't explain to me. According to my professor one hast to usually plan for 2.5 to 3 IP addresses per physical Device connected to the network. 2 IP address kind of makes sense to me, as there could be some devices like notebooks where a LAN or WLAN connection with a different MAC is possible, so therefore 2 would make sense.Not counting any servers. I'm interested to see if someone has an explanation for his assumption or if you've made different experiences? PS: This was a question he asked in a mock exam. I've worked in IT for 8 years mostly in support so I have not a lot of experience in networking. [link] [comments]  |
| Dual-Internet Connection "Bonding" via OpenVPN Posted: 28 Jan 2021 05:42 AM PST Hi all :) I've an interesting problem/requirement that I wanted to see if anyone had any ideas as to how to implement it. If this sort of thing isn't destined for this sub, suggestions as to where/who may be able to provide input would be most appreciated. I've a setup consisting of 2 vDSL internet connections, 2 different suppliers, both with static IPs. Quoted the standard 80Mbps DL/20Mbps UL which I get on both connections without issue. It's nothing special, just your standard BT-Infinity-esque equivalent. Currently load balanced via a Ubiquiti EdgeRouter 4 and I can happily get 143Mbps - 145Mbps DL and 30Mbps - 45Mbps UL. Everything on that front works very well. Weighting is 45%/55% and gets changed as things get busier. I've also a dedicated server in the cloud that has a 1Gbps symmetric connection that I often connect to and sshfs mount for transferring files and running jobs etc. I've a couple OpenVPN connections coming into the property too from other sites that share resources across the network, but that's just to paint a slightly bigger picture of where I may use this "solution". Staying with the dedicated server for a second, what I'd like to know, is there a way that anyone can think (perhaps via OpenVPN or some related tech) to establish a tunnel between the server and each of the 2 vDSL connections, then "bond" them across the tunnel so each end sees the 2 tunnels as one, giving me the full potential of both connections. I've considered creating 2 connections into the network from outside and using EIGRP to advertise the same network across the 2 OpenVPN tunnels, but this seems overkill and I don't think it would "bond" the interfaces in the way I'm expecting. As you'd expect, at present, whenever I create an ssh connection to the dedicated server, it only does so over a single vDSL connection, decided by the router as to whatever isn't busiest at the time. But I'd like to be able to connect to the server via both connections and get 140Mbps down from the server as opposed to just the 70 on one connection. It's not a critical of course but would certainly be a nice to have and something that could be used in the future for a couple of sites I manage that have multiple internet connections via the same/different carriers. All comments and questions welcome, Thanks in advance :) [link] [comments]  |
| Posted: 28 Jan 2021 12:37 AM PST Hi I have been looking into different NAC solutions. Does anyone have some good suggestions for a good NAC solution? I have heard Packetfence is good but i am not able to install it currently something i wrong with the install any other suggestions? [link] [comments]  |
| Posted: 28 Jan 2021 04:12 AM PST Hello. I have been doing some work with the Cisco IOS alias command. And unfortunately some of our other switches do not support that command. I wonder, is there an equivalent of the same command on the following series of devices: -Cisco small business switches -Dell N 40xx switches -Linksys Enterprise switches(old SPS and similar) -Ubiquity Edgeswitch [link] [comments]  |
| Posted: 27 Jan 2021 11:48 PM PST In principle kind of a broad question, but I'll provide the specific scenario: I'm designing a topology for a DMZ in our org, and my constraints are that I have to repurpose hardware from a decommissioned site to do so. It's not too bad, it could be far worse, but my current bottleneck is the router. The router in question is a Cisco ISR 4430. It notably lacks any 10 gigabit ports, copper or otherwise. On the other end of things I have a handful of Netgear switches that will be separated into two stacks that will converge on the router via seperate interfaces. One is a M4300-12x12F and the other a M4300-28G-POE+. Due to the limitations, I can't spare any RJ45 connections to uplink these switches to the router, only SFP+ 10 gigabit ports. The only SFP/SFP+ modules I have are Fiber, no copper. Preferably I want to make it as easy as possible to insert a replacement router down the track that is capable of 10 gigabit, so question is - if I use 10G Fiber SFP+ modules on the switches, and connect to 1G Fiber SFP modules on the router, will link speed auto negotiation occur the same as with RJ45 Ethernet? Or will I need to use a 1G Fiber SFP module in the switches to compensate and replace them with 10G when a better router goes in? [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment