Rant Wednesday! Networking |
- Rant Wednesday!
- Tools for testing bandwidth and throughput?
- Voip phone stuck at dhcp waiting
- nmap scan - Cisco - Port 33333?
- Panduit NetKey vs PanNet
- Cisco ASA - Dual WAN - Active / Active
- Engineers using large layer 2 vlan trunking architectures, do you use VTP to manage vlans?
- BGP Advertised Route Filtering in Cisco IOS
- Cannot Access Management interface
- Automated AP reboots on scheduled timer
- Secure vendor access to replace vpn
- Books about hardware architectures
- Cant Ping cisco ap in ROM Mode
- Small local management network - equipment options
- Dell Z9100-ON problems and possible issues?
- DAC cable question
- Routing advice for 5G PtP link
- Hosting latest version of CML on a Pay As You Go server
- Looking for Open Source HA Site to Site VPN Solution
| Posted: 27 Jul 2021 05:00 PM PDT It's Wednesday! Time to get that crap that's been bugging you off your chest! In the interests of spicing things up a bit around here, we're going to try out a Rant Wednesday thread for you all to vent your frustrations. Feel free to vent about vendors, co-workers, price of scotch or anything else network related. There is no guiding question to help stir up some rage-feels, feel free to fire at will, ranting about anything and everything that's been pissing you off or getting on your nerves! Note: This post is created at 00:00 UTC. It may not be Wednesday where you are in the world, no need to comment on it. [link] [comments]  |
| Tools for testing bandwidth and throughput? Posted: 28 Jul 2021 09:10 AM PDT I'm prepping for network upgrades, but I want a baseline. What are some tools that I can use to test the raw speed of the network without having to worry about disk speeds or internet speeds being the bottleneck? Is there a way to simulate 40 people in the office when there are none right now? I'd like to test the WiFi and the wired connections. [link] [comments]  |
| Voip phone stuck at dhcp waiting Posted: 28 Jul 2021 03:09 PM PDT I have a Panasonic voip, if i plug in the phone to a poe switch it will sit at dhcp waiting, i can see in dhcp that it was given an ip address but it never gets past this point. If i plug the phone into a regular switch with a poe injector it does the same thing, however if i disconnect the network without removing power long enough for the phone to say cable disconnected and then plug the network back in the phone comes up like it should. This has been working for 2 years until this week with no changes. The switches are all configured as factory defaults, so no configuration. My first instinct is to reboot stuff but i can't reboot until next week as there is an event going on and the phones that are already connected work fine but if unplug a phone it will get stuck at dhcp waiting. Any idea on the cause of this?? [link] [comments]  |
| nmap scan - Cisco - Port 33333? Posted: 28 Jul 2021 10:10 AM PDT Out of pure curiosity, I scanned the external IP of my Cisco 891 and noticed the following: I've never seen this before, and don't recognize the port number. What's interesting is if I launch "telnet i.p.i.p 33333" -- it just turns blank, returns characters, but doesn't do anything, whereas if I were to do a "telnet i.p.i.p 12345" it just dies instantly. I ran a "sh run all" and tried searching for "33333" or "dgi" but came up with nothing. Has anyone ever heard of/seen this before? Thank-you! [link] [comments]  |
| Posted: 28 Jul 2021 03:29 PM PDT I cannot figure out what the difference between the lines are for the life of me. Anyone have any clues? [link] [comments]  |
| Cisco ASA - Dual WAN - Active / Active Posted: 28 Jul 2021 01:50 PM PDT Hello Everyone, I came across this situation: Customer has a Cisco ASA (5505 ??) as a CPE with 2 internet links terminated on it. Behind the ASA is the LAN network, nothing fancy. Customer would like to have the links in a active / active fashion to make the better use of the bandwidth available. I've read about having multiple routes with equal cost, or some cases mentioning GLBP but I don't think it applies here. Is there a way to accomplish this? Thank you! [link] [comments]  |
| Engineers using large layer 2 vlan trunking architectures, do you use VTP to manage vlans? Posted: 28 Jul 2021 01:14 PM PDT Working on a large 'classic' layer 2 design domain with vlan SVIs at distro and dot1Q trunks to trees of access switches - but no VTP. One vlan missed in a segment of the trunks to a set of access switches and the catch up is considerable in terms of time. Seems like a classic case for using VTP and they are all cisco. Do people using complex VLAN/Dot1Q designs use VTP to avoid manually adding vlans to trunks? Seems like a good use case. [link] [comments]  |
| BGP Advertised Route Filtering in Cisco IOS Posted: 28 Jul 2021 12:58 PM PDT I'm poking around with network design in GNS3, using IOSv 15.2 and having trouble getting my route advertising to work as expected. On my L3 switch I have a number of /29 subnets carved out from 17.0.0.0. Rather than put them all under separate network statements I am trying to advertise the entire /8 and then filter using Unfortunately this does not appear to be advertising any of my routes. In prod this works under IOS-XE, but I don't have any virtual XE L3 switch images to work with. Any ideas on how I can make this work? Here are the relevant config sections: [link] [comments]  |
| Cannot Access Management interface Posted: 28 Jul 2021 12:28 PM PDT Setting up initial config on a PA220 -I can access management GUI with default creds when directly connected through management interface. -When I update IP, Mask, and gateway I can access GUI at new IP when directly connected through management interface. -When I plug MGMT port into switch I cannot access the GUI or ping the interface. (Destination host unreachable) When I console into PA220 and run "show arp management dns no" I see the following.. Address HWtype HWaddress Flags Mask Iface 10.3.1.100 (incomplete) eth0 10.3.1.99 ether 8c:8c:aa:3f:f6:f2 C eth0 10.3.1.100 is the gateway 10.3.1.99 is my consoled laptop How can I get my management gateway to associate with the MGMT port MAC address? This is PAN0S 9.1.4 Thank you [link] [comments]  |
| Automated AP reboots on scheduled timer Posted: 28 Jul 2021 11:04 AM PDT Silly question. Is there a way to reboot APs from a wireless controller on a specific timed basis? One site per 2 days at midnight for example. I know you could script something to shut/no shut a port but I'd have to keep a running tally of all APs in enterprise. These have a tendency to get moved without notice :P Any help would be greatly appreciated [link] [comments]  |
| Secure vendor access to replace vpn Posted: 28 Jul 2021 07:33 AM PDT We have been looking at Secure Link to manage vendor access to servers to replace VPN. The licensing is expensive and minimum of five vendor licenses. Is there a decent and secure alternative available that you can recommend? [link] [comments]  |
| Books about hardware architectures Posted: 27 Jul 2021 05:46 PM PDT Is there any books out there that discuss routers / switches hardware different architectures in details? vendor agnostic preferably? The only good book that is out there is Russ White's Cisco IOS software architecture, while it's really good but very outdated and Cisco specific. I looked all around for something to describe more modern approaches but it's really some slides here and there and nothing gives a complete picture (eg. shared vs non shared memory), kernet interactions etc. [link] [comments]  |
| Cant Ping cisco ap in ROM Mode Posted: 28 Jul 2021 04:55 AM PDT Hey, I am trying to change the IOS of a cisco access point, but I until now without any success. I tried to config my access point in this way"first I formated the flash to remove the ios":
and my computer with the ip 192.168.100.1 and GW 192.168.100.100, but I cant ping from my pc to the access point. I disabled the firewall to test, but the result is the same I cant ping .
I also checked the route in my pc, but looks ok:
Any ideia what I should try ? i dont have any antivirus... it is really strange. thank you for your time. [link] [comments]  |
| Small local management network - equipment options Posted: 28 Jul 2021 03:11 AM PDT We are setting up a small local management network for a few dozen machines. This network will be used for local "remote access", NTP, file transfers, and other misc tasks. The machines are already networked but we don't want to use that critical network for any of these non-critical tasks.This equipment will likely get installed and then not changed again until it starts to fail physically. (thinking 10+ years) I am looking specifically for equipment that supports local centralized management and nothing that is either cloud or subscription-based. I was considering the Enterprise 24port switches from Ubiquiti and a dream machine pro as the local controller. Let me know if you have any suggestions for other vendors that I can look into. Thanks The hardware must support
[link] [comments]  |
| Dell Z9100-ON problems and possible issues? Posted: 28 Jul 2021 01:21 AM PDT My company is planning to purchase a bunch of Z9100-ON switch'es for production use (in VLT setup). Everything on paper appears to be normal, we are also planning to perform pre-production testing on those switches but you can never be sure. Did anyone have some kind of history with those switches and could share their experience of possible bugs or issues? [link] [comments]  |
| Posted: 28 Jul 2021 12:37 AM PDT I can't seem to find the answer to this after much searching. If I want to connect 2 devices of different brands at 10G, is it possible to do it with DAC or do I need SFP+ modules for that? For example, Aruba S2500 switch <-> UDM Pro Aruba S2500 switch <-> Server Aruba S2500 switch <-> Synology NAS UDM Pro <-> Synology NAS etc. I'm seeing only DAC cables with both ends being the same brand, is it possible to get a DAC cable for cross-brand linking? [link] [comments]  |
| Routing advice for 5G PtP link Posted: 27 Jul 2021 07:49 PM PDT I've got a bit of an odd issue, looking for suggestions, thank you! I recently joined a 150 employee company with two buildings, 500ft apart. Second building was recently acquired, currently 120 employees in B1 and 30 in B2. Each building has a 20Mbps (i.e. slow) ISP connection. Currently there is an ipsec tunnel between Fortigates at each building. B1 has on-prem VMs that B2 users connect with. Each building is a separate subnet and communication is routed via the Fortigate ipsec tunnel. Main problem is that there are some users in B2 that need to access/transfer large amounts of data (SQL, MP4s, etc) on VMs in B1. We have a 400MB test file we use as a baseline which takes over 6 minutes to transfer over the ipsec tunnel. (Same file on same subnet in B1 takes only seconds of course.) Upgrading the ISP lines is not an option. Moving the impacted users to B1 is not an option. I set up a test 5G PtP between the buildings, which is working great at around 700Mbps. Our 400MB test file takes 15 seconds. So, I'm wondering what the best solution is to make this work?... Only a few users (5 ppl) in B2 need this solution. What is the best way to give them connectivity to BOTH the existing 20Mbps ISP connection (subnet A) and the 5G PtP wifi connection (subnet B)? I'm thinking, connect the 5G to the B2 Fortigate, then create static routes for the appropriate servers and route that traffic through the 5G? Any other/better ideas? Thank you in advance. [link] [comments]  |
| Hosting latest version of CML on a Pay As You Go server Posted: 28 Jul 2021 01:39 AM PDT Hi does anyone know if you can host the latest version CML on a remote server through someone like Equinix? [link] [comments]  |
| Looking for Open Source HA Site to Site VPN Solution Posted: 27 Jul 2021 08:52 PM PDT Does anyone have an experience or know of an open source solution for configuring HA Site to Site VPN's? I have 3 locations to interconnect and have been labbing solutions but I can't find one that works without either loss or substantial downtime as the tunnel re-establishes. Layout is 2 PFSense boxes(running ht latest 2.5.2 release) in a CARP pair in each location using OpenVPN for the Site to Site worked but started to drop packets once we passed traffic through it (using iperf, it's maxing out at about 40 Mbps). I swapped the pfsense configs over to using IPSEC and that passed a full gig with no loss but while failover testing, there's a substantial delay in the tunnel re-establishing when the Master PFSense in the IPSEC responder roll drops and the Backup takes over as responder. IPSEC DPD settings in PFSense reflect in the strongswan config but aren't honored so it doesn't matter how low I set those. At this point I'm thinking I'll have to go with either OpenVPN, StrongSwan or some other VPN server installed solo (straight to whatever OS flavor fits them best) and combine with some sort of vrrp/heatbeat/keepalived solution? which I'm willing to do but I figured I'd reach out to the masses first before I go that route and accept all the pain and headache that comes with it. Also posted specifics and a diagram of my lab setup with 2 sites: https://www.reddit.com/r/PFSENSE/comments/oo6klq/help_needed_pfsense_carp_ipsec_vpn_lab_setup/ [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment