Blogpost Friday! Networking |
- Blogpost Friday!
- Question about a POE-only appliance
- Troubleshooting Latency on Cisco Boxes
- Need some help with Modbus TCP, detailed breakdown inside, wireshark stuff
- Question about Meraki
- AT&T moving their mobile assets to Azure
- What is the "correct" way to go about getting IP Geolocation DBs updated?
- Automatic rerouting/failover around upstream ISP issues
- Firepower has stopped logging to the Event Viewer??
- AWS Lab - Multi-Region Network
- Setting up Layer 3 switches
- Preferring OSPF routes over BGP
- WebRTC Troubleshooting Advice
- QinQ L2 Transmission question
- Creating a list of smallest common denominator subnets from list of IPs?
- Easy CCNP Recertification
- Upgrading the SFR Firepower module on an ASA
- A central fat access point that can configure thin access points.
| Posted: 01 Jul 2021 05:00 PM PDT It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts. Feel free to submit your blog post and as well a nice description to this thread. Note: This post is created at 00:00 UTC. It may not be Friday where you are in the world, no need to comment on it. [link] [comments]  |
| Question about a POE-only appliance Posted: 01 Jul 2021 02:11 PM PDT I need some help in sourcing an appliance to provide POE for some Primex clocks that are going into a new construction area. Does such a thing exist, even? We have a construction project which has multiple Primex clocks going into the new area. These clocks are only powered by the network, and are kept synchronized via radio waves. edit: I've been suggested to look through Amazon for POE injectors. I guess I was overthinking the issue 2nd edit: Thank you all for your responses. I'll present these ideas to the project manager (not my manager) and let him work it out. [link] [comments]  |
| Troubleshooting Latency on Cisco Boxes Posted: 01 Jul 2021 12:46 PM PDT Hey all. I am just curious what steps everyone takes when troubleshooting latency on an all Cisco shop, with no 3rd party tools at their disposal. If you had to just use the IOS commands, and all you were given was a source and destination IP, and someone states that they believe there is latency within the path, what (logical) steps would you take in order to decipher if there is indeed latency within your network. [link] [comments]  |
| Need some help with Modbus TCP, detailed breakdown inside, wireshark stuff Posted: 01 Jul 2021 08:06 PM PDT Here's the situation. I have a device that supposedly uses Modbus TCP to communicate and I'm trying to write a python script to talk with it. I've been alternating between pymodbus and pymodbusTCP libraries. I'm able to make a connection to the device through python, but I can't get any data out of it as it doesn't seem to like my requests. The manufacturer gave me some of their own software to talk to said device, probably written by their engineers, and it works. I'm able to get live data from the device. So it must be that I'm doing something wrong. Important things to note: - Device's IP address is 192.168.2.250 - Device's port is 6601 - My laptop's IP address: 192.168.2.5 Ok so lets look at some wireshark data (today was the first time I've ever used it, so go easy on me). First thing I did was listen to the manufacturer's software talking to the device. My thoughts were that maybe I could see how the packets/frames were arranged and then compare them to my python script's frames that it sends out. Manufacturer's Wireshark Data: https://i.imgur.com/EN0Oz1q.png What I'm noticing here, that may be irrelevant, is that it's always sending 8 bytes of data. And the arrangement doesn't really make much sense to me. I can't tell just by looking at the Data section where the unit ID is, or the function code. But, everything's happy and talking. My Python Script's Wireshark Data and Script: https://i.imgur.com/oW48ifO.png Here I'm noticing that my data that I'm sending the device is in Modbus TCP format. It's clear where the Transaction and Protocol ID are, Unit ID, function code, etc. But for some reason the device won't give me a response. (Also note that I was messing around with random Unit ID's, from 0 to whatever). It sends 12 bytes of data, and really doesn't look similar at all to how to manufacturer's software arranges the data. Something odd as well is that wireshark is telling me these frames are the TCP protocol. But I've seen screenshots where the protocol is displayed as Modbus TCP. So I'm wondering why it's not showing that for me. And here is my python script I have my script printing what's returned after client.open() to make sure that it's connecting, and it is. Really hoping some of you experts might be able to see something I'm doing wrong here, or overlooking. ANY help is greatly appreciated. Probably really simple. [link] [comments]  |
| Posted: 01 Jul 2021 08:17 PM PDT I'm browsing my local second hand website for a POE switch and came across a Cisco Meraki MS220-8P. Seems great but it states I need a Meraki license to use the managed side of switch. I looked at Meraki website and I guess its enterprise stuff only, no details on pricing. Now I don't necessarily needs a managed switch, can I just use it as an unmanaged switch without any license? I am pretty new to using a switch and only need the ports and POE. [link] [comments]  |
| AT&T moving their mobile assets to Azure Posted: 30 Jun 2021 11:00 PM PDT what are your thoughts about this news from AT&T about placing all their mobile assets onto Azure cloud? https://www.reuters.com/business/media-telecom/att-run-core-5g-network-microsofts-cloud-2021-06-30/ AT&T are not the first to do that. is this the end of the service providers world as we know it? running the entire network in the cloud is doable but is it efficient? is it performing? is it reliable? i have my doubts... [link] [comments]  |
| What is the "correct" way to go about getting IP Geolocation DBs updated? Posted: 01 Jul 2021 02:21 PM PDT A month or two ago I took a /24 block out of NY and started advertising it in London. Users in that block are still being treated as if they are coming from the US for sites like Netflix, Amazon, etc, etc. Eventually these Geolocation databases seem to catch up - but is there a way to be a bit more proactive about it? [link] [comments]  |
| Automatic rerouting/failover around upstream ISP issues Posted: 01 Jul 2021 08:38 PM PDT I'm looking for recommendations on ways to automate "failover" of traffic between carrier-redundant internet circuits when the issue is further upstream in our primary ISP's network. Our current setup: enterprise network with ASN and PI prefixes, two internet circuits on different carriers, all-BGP edge environment, "active/passive" design for path selection, using higher local preference internally on primary for outbound path selection, and BGP communities via outbound route maps with each carrier to influence their LPs for inbound path selection. Today we had an issue with our primary carrier where our circuit and their metro area were all operational, but they had issue with interstate backbone that led to roughly 50% packet loss / 90% throughput reduction - a bad time for our users. But because BGP neighborship stayed up and default route still advertised to us, our routers were blind to the issue and so no rerouting to our secondary occurred. Because there was another ongoing unrelated incident tying up our on-call resources we were slow to notice the problem so by the time we identified what was happening and got traffic rerouted over to the other carrier we had enough users blowing a gasket to turn this into a Big Deal™. About 1hr from on-set to workaround (would have been faster if we had a pre-set runbook for manual reroute). Are there any common, reliable (and ideally free but don't want to be a cb here) solutions to automatically identify upstream ISP issues like this and automatically adjust routing accordingly in order to more rapidly respond to incidents like this? We're running Cisco ASRs on our edge if that makes a difference. [link] [comments]  |
| Firepower has stopped logging to the Event Viewer?? Posted: 01 Jul 2021 06:43 PM PDT Right so, almost pulling my hair out as to WHY Firepower here isn't logging to the Event Viewer, and yes, I do have logging enabled on my polices. But it seems to have globally stopped logging any traffic to be honest. The last log was from half an hour ago and obviously a lot of traffic has passed since then. What on earth is stopping this annoying apparatus from doing this! Holy cow it is pissing me off here! Thanks in advance guys [link] [comments]  |
| AWS Lab - Multi-Region Network Posted: 01 Jul 2021 01:26 AM PDT Hey folks, In the last few weeks, I've been working in a lab to help me studying and testing new ideas. The main requirements for me were to create a lab that was easy to deploy/destroy with one command so I would only pay for those resources while testing some ideas. The Lab in the repo will help you to deploy and destroy a Global Network in AWS with only one command. It does require some initial setup but nothing too long or complicated. Lab Features - Isolation between Dev and Prod environments is achieved by using Transit Gateways Routing Tables. - 4 Regions - 2 x Dev VPCs + 2 x Prod VPCs per region - Fully meshed TGW Peering for full redundancy - You can access EC2s via SSH to test connectivity from region to region. - Extra: Invoking an AWS Lambda from Terraform to tag the TGW Attachment Names. (Only used in cell0000 - eu-west-2) While working in this lab, there were a few things I learned and noticed: - The more I use Terraform, the more I like CDK. At some point, I'd love to migrate this deployment to CDK or Pulumi and see what challenges I find in the process. - DRY code in Terraform is tough. There seem to be some ways to help with this problem, like Terragrunt or even using Terraform modules but my main focus was to build the lab and advance with my studies. - Terraform does generally a great job at keeping the state and the dependencies of the resources, but sometimes you need to work around problems by using depends_on to tell Terraform to actually wait for other resources to be created. - Prefix Lists in AWS: I could only use them for the TGW Peering Connections as the exit path would always go via the TGW Peering connection. However, I wish there was a way to create a prefix-list without a Next-hop. For example, a way to easily propagate all the Prod TGW Attachments by associating them with Prefix lists and then use that prefix-list to propagate routes into the Prod Transit Gateway Route Table. Similar to how you associate an ACL with a route-map and use that route-map to import routes into your routing table. All in all, this has been a pretty fun experience. If you are learning about AWS, I'll leave you the repo so you can play with it and modify it to your liking. https://github.com/danielmacuare/aws-net/tree/master/terraform/tgw-multi-region [link] [comments]  |
| Posted: 01 Jul 2021 02:30 PM PDT Just looking into Layer 3 switches from a learning point of view and my understanding is they are a benefit on larger networks when you dont want devices goig back to the firewall to route traffic on the same switch. When it comes to setting them up to use this functionality do you need to config static routes or any additional config?? I have a few cheap Netgear GS110TP switches and they are apparently Layer 3 but wasnt sure if L3 requires additional setup to work?? I have no need for Layer3 just trying to learn about it further. [link] [comments]  |
| Preferring OSPF routes over BGP Posted: 01 Jul 2021 02:20 AM PDT I have a branch office switch learning some routes via BGP and OSPF (same routes on both). At the moment the BGP routes come over the primary WAN connection and the OSPF over secondary WAN. This works fine as the lower AD BGP routes are preferred and OSPF routes only become active when the BGP WAN drops. If I needed to reverse the behavior, i.e. prefer OSPF over BGP, what would be the simplest way to do this? I've considered sending summary routes over BGP to make them less preferred but cant as the networks are not contiguous. Would my only option be to raise the AD of the specific BGP routes (above 110) via an ACL and the distance command? I guess I would have to do that at every router that currently receives the routes in question though? Is there a way to change how the routes are advertised at source to make them less preferred (than ospf) across all other routers? [link] [comments]  |
| Posted: 01 Jul 2021 02:04 AM PDT Hey guys. I've been asked to help figure out why users are having connection issues when dialing into a Babl call. They can connect to a call but straight away get disconnected. I'm not familiar with webRTC so I've no idea on where to start. I was told that users were only having issues in the office but they're also having issues when outside the office. They use Chrome as their browser. I was going to analyse for packet drops/WiFi connectivity issues within the office but after hearing about the issues out of the office it sounds like an external issue. Where would you start with this? [link] [comments]  |
| Posted: 01 Jul 2021 01:32 AM PDT Hello, #interface ethernet 1/2 #interface ethernet 1/1 #interface ethernet 1/3 What if i don't want to do that selectively but just passthrough all the vlans in that qinq transmission? I just don't wanna know what vlans is my client use and have no impact to that (f.e. adding extra vlans in the future). I want to add that this qinq will go through Edge-CorE and TP-Link switch. [link] [comments]  |
| Creating a list of smallest common denominator subnets from list of IPs? Posted: 01 Jul 2021 01:24 AM PDT Hi guys - I was wondering if anyone knows how to (programmatically) generate a list of subnets from a list of discrete IP addresses? We are currently receiving a looong list of IPs from an external provider which we need to input to one of our tools. Visually inspecting this list I can see that there are many common subnets, so rather than inputting each of these IPs individually we are exploring ways to process this list to determine a list of subnets which would cover all these IPs. Ideally the lowest common denominator so that we don't include anything that shouldn't be there. After some googling, there seem to be a lot of resources out there to convert CIDR / IP & netmasks to IPs, but I'm struggling a bit with finding any good resources for going the other way. Has anyone come across this before and solved the problem, and if so, how did you go about doing it? Edit: I've found this web utility but I'm looking to understand how this works so that we can implement it ourselves: https://ip2cidr.com/bulk-ip-to-cidr-converter.php [link] [comments]  |
| Posted: 01 Jul 2021 12:31 AM PDT Hello everyone, My CCNP is about to expire and I need to take an exam to keep it up to date (employer requirement). I took a CCNP specialist exam a couple months ago thinking that would renew/extended my certification's expiration date. I was wrong. Are any of the exams easier than the others? Previously I would take the troubleshooting exam to recertify, but I don't know the new exams. I'm leaning towards the VPN exam (300-730) just because I work a lot with site-to-site vpns, but not the other types of vpns. Any recommendations are greatly appreciated. Thanks in advance. [link] [comments]  |
| Upgrading the SFR Firepower module on an ASA Posted: 30 Jun 2021 04:25 PM PDT Hi, what is the best way to go about upgrading the SFR module? Can it be done via FMC or is there a way of doing it via CLI? ASDM would be my last choice but what is the best way of going about it or if anyone could send any links to decent articles then hit me up, haha. Thanks [link] [comments]  |
| A central fat access point that can configure thin access points. Posted: 30 Jun 2021 06:02 PM PDT I am currently studying wireless networks and recently got a question wrong, but I cannot figure out why this is true for the life of me. I am trying to figure out if the question is wrong or if I misunderstand something. "Your wireless network includes one centralized AP that you configure. This AP forwards the configurations to other APs in your wireless network. Which of the following BEST describes these APs?" the correct answer is: The centralized AP is a fat AP, and it configures thin APs in your network How on earth would a fat access point configure a thin access point? I was under the impression that thin/fit access points got their configurations from a wireless LAN controller. I started thinking maybe clustering could do this, but from my experience, this would only work with other fat access points. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment