Rant Wednesday! Networking |
- Rant Wednesday!
- L2TPv3 over GRE/IPsec MTU
- Reskilling Advice required
- Format flash: good enough?
- Cisco 9200 licensing
- Network Automation products
- ROAT vs L3 Switch
- Cisco FMC - VPN traffic is not matching the rules
- Job advice, approached by new company
- Older(EOL) Brocade FWS 624G switch
- IGMP with Standalone Switch
- Ubiquiti Point to MultiPoint Question
- Need advise regarding fiber line and contractors
- Trying to wrap my brain around a routing question.
- HPE 562SFP+ & Aruba 2540
- What do you think of the philosophy of "Hosts have IP addresses, not interfaces"?
- Prefix-list sequence
- Panasonic tda600 incoming calls outbound calls not working
- Double Access Inquiry
- Weather map with location alerts?
- Clearpass onboarding trust chain issue
- Speed Up Gigabit Ethernet Network Connection
- Can Ncat scan a range of ports?
| Posted: 13 Jul 2021 05:00 PM PDT It's Wednesday! Time to get that crap that's been bugging you off your chest! In the interests of spicing things up a bit around here, we're going to try out a Rant Wednesday thread for you all to vent your frustrations. Feel free to vent about vendors, co-workers, price of scotch or anything else network related. There is no guiding question to help stir up some rage-feels, feel free to fire at will, ranting about anything and everything that's been pissing you off or getting on your nerves! Note: This post is created at 00:00 UTC. It may not be Wednesday where you are in the world, no need to comment on it. [link] [comments]  |
| Posted: 14 Jul 2021 04:25 PM PDT I was curious how MTU worked with a L2TPv3 over an IPsec VTI. If I put the ip MTU command on the tunnel interface, it is unable to send a fragmentation needed message to the host for PMTU discovery because there's no route to the host in a pseudowire/xconnect configuration. And even if it could, it would not be the correct MTU size because it would take into account the L2TPv3 encapsulation. What am I missing here? Is it possible to set the mtu in the pseudowire class? [link] [comments]  |
| Posted: 14 Jul 2021 06:52 AM PDT Hello Friends, I work in an IT consulting company and have 10+ years of experience in the Telecom domain. My work experience is a mixture of carrying out various network related activities like tracing the E1/T1 SONET circuits, extracting the network dump report from EMS/NMS and correlating it with the design of the network nodes, VPN circuits in the network inventory system and correcting the design in case of any mismatch. In short, I didn't got a chance to work on the core technical networking job. Now, I want to upgrade my technical skill sets and would like to know where should I focus onto. My focus is constantly shifting from Network Security (Cisco ASA) ,SDN to vMWARE virtualization and then to DevOps, cloud and now to Data Engineering. I am not able to focus on one skill and continuously changing the direction. Please suggest something. [link] [comments]  |
| Posted: 14 Jul 2021 03:02 PM PDT Curious if there is any reason not to use this to wipe a ton load of 3750s? Don't care about the person who buys the equipment. Their problem. [link] [comments]  |
| Posted: 14 Jul 2021 12:14 PM PDT I have installed and licensed 9200's before, but never any that were stacked. I am getting a bunch of them tomorrow that I need to make stack and install right away, and I don't see the licenses in the portal yet. My question is this - if I stack them and configure them, when I go to license them later, will I just license the stack the same way I did an individual switch, but it will consume the number of licenses as switches in the stack? Is there anything else I need to know about doing it this way? [link] [comments]  |
| Posted: 14 Jul 2021 07:37 AM PDT My company is currently using NetMRI for network automation, config backup, some health monitoring and we're up for renewal later this year. I've been doing some research on alternatives but it seems NetMRI sort of has a niche for this in terms of the features you get at a reasonable price. Does anyone use something they feel is a better product at a reasonable price point? Obviously, we could probably do everything NetMRI does with a product like Solarwinds or Cisco DNA, but that isn't in the cards or budget. [link] [comments]  |
| Posted: 14 Jul 2021 10:50 AM PDT Are now a days still viable getting ROAT on your branches? Let's suppose you have say a Catalyst 9300 with advantage license, you just need your basic EIGRP protocol, maybe some ACL, DHCP services and your routing. Do you really need a router if the switch can perform all those functions? Are there any benefits on having a router? What's faster the router or the switch? A little backstory, back in my college days I interned in a networking solutions company installing network equipment on clients sites, and on on particular client (which didn't had much money) paid a pretty big sum of cash on their network refresh project, I understand some ISR can act as gateways, so you obviously need your ISR Router with the module card BUT this sales guy at the time sold them a router on each site, plus new catalyst 9300 switches, which even if you get them with the essentials license, you're still able to get a site up and running, but in this case the sales guy go them advantage. In my opinion the sales guy just wanted to add as much to the bill since the sales people work on commission, that's just my opinion, but what's really the benefit of having a router if you can perform the same tasks as a L3 switch? [link] [comments]  |
| Cisco FMC - VPN traffic is not matching the rules Posted: 14 Jul 2021 08:51 AM PDT Hi Guys, I noticed that all the HITS COUNTS of all OUTSIDE rules are empty. I enabled LOGGING but I can't even see the traffic coming from Outside to Inside Outise > IPSEC Tunnel > Inside Any ideas why thanks [link] [comments]  |
| Job advice, approached by new company Posted: 14 Jul 2021 08:42 AM PDT Hi networking, currently working in London for an MSP as a Network engineer (ccna qualified, 5 years experience, daily work on firewalls, Routers, switches... ) and got approached by another MSP for a new job. New company is smaller, has better clients (financial sector), works with better kit (palo alto Firewalls etc), 5k pay rise, more holiday time etc. Everything looks great. But I'm focusing on my CCNP, and after being at my current company for a year, I'm happy. What are peoples takes on jumping to work on something new? [link] [comments]  |
| Older(EOL) Brocade FWS 624G switch Posted: 14 Jul 2021 08:28 AM PDT So, I am having some trouble with these, I don't do a ton of actual programming and I am trying to get them sorted out. Yes I am aware that they are EOL, but they are what I have at the moment. I am having trouble finding the documentation on the commands for it as well. I have 5 older brocades total, slightly different models but all FWS. I did not do the original programming and the person who did is currently dead so can't really go back and ask him about it and I don't really want to reset them to factory either. I have 1 port that is giving me trouble as I am going through them. I get this in the details of the port when I run: show interface ethernet 0/1/13 detail Member of 3 L2 VLANs, port is tagged, port state is BLOCKING I need to change this so that it is set like this instead in the details like port 14 next door to it. Member of L2 VLAN ID 2, port is untagged, port state is FORWARDING Any direction on where to find the documentation on this would be great, if someone knows the exact commands needed that would be super helpful. [link] [comments]  |
| Posted: 14 Jul 2021 08:15 AM PDT We have a standalone L2 switch that is running A/V traffic. The switch that we have is a no-brand switch but it only supports Snooping and not Querier. Does anyone see potential issues of a standalone switch running multicast with only Snooping enabled? Is a Querier/Router required if the multicast traffic is only on 1 switch? [link] [comments]  |
| Ubiquiti Point to MultiPoint Question Posted: 14 Jul 2021 07:53 AM PDT Hello networking, I have a point to multipoint setup (one hub and two spokes) and have been having performance issues. I will drop pings going to either spoke location after a couple days of operation. When I reboot the units they will go back to functioning properly. Both locations are ~2500 feet from the main hub (see attached document). Any tips for optimizing these for reliability? The application in use does not care a bit about bandwidth (2Mg is more than enough) only reliability. Would I be better off using different channel widths? Do these units scan for congestion and move channels if required? Any advice would be greatly appreciated. Drawing: https://imgur.com/1q7OhMV As always, thanks r/networking! [link] [comments]  |
| Need advise regarding fiber line and contractors Posted: 14 Jul 2021 05:48 AM PDT We have lots of construction going on at one of our buildings and the electrical contractor ran temporary fiber to get out of the way for demolition. Since the temporary fiber is in, every day or two I'll have a random 2-3 minute outage at that building. Last night, that building went offline for a whole 45 minutes. I keep telling the contractor that I think there's something wrong with the fiber they put in place, but they seem like they don't know what they could do as a next step. I haven't had to deal with contractors and installing fiber before. Any advise on what I could tell them to do/check to start making some progress? Update: I also noticed they ran dark blue fiber lines (which I believe is single mode) and our original fiber line was orange (multimode) [link] [comments]  |
| Trying to wrap my brain around a routing question. Posted: 14 Jul 2021 01:22 AM PDT I have two sites. Both sites have their own internet (redundant internet in fact). Both sites have FW clusters on their egress. Each site is also connected to the other over a double-redundant L1 dedicated fiber on the inside with diverse pathing. Cuts on one path do not effect the other, I incur no noticeable outage in that event. Each site has a default-gw to egress out it's local internet connection. My question is this: How would I maintain local internet-egress at each site, while also auto-failing a site to the others internet in the event of an outage? Most of the options I can think of end up favoring one site or the other. I do peer BGP out both sites internet connections, I'm no where near strong enough in BGP to try to do anything fancy with it internally. My other possible option is to setup SLAs on my cores, pinging out to (maybe) my bgp peers, and then rewriting my default route on the internal cores to flip it to the other site in the event that both ISPs shit the bed. In case anyone is wondering how likely it is this would happen, I'm about 150 yards from the surf in hurricane central. My Dr site is currently 60 miles inland. Thanks for the responses in advance. [link] [comments]  |
| Posted: 14 Jul 2021 04:07 AM PDT Goodmorning, I have an HPE 562SFP+ (flashed with the last firmware: https://support.hpe.com/hpesc/public/swd/detail?swItemId=MTX_c967b9da294b44c9b2454162a3#tab2 ) that I should connect to an Aruba 2540 switch, unfortunately regardless of the i40 driver version in use (currently 2.13.10) the switch continues to report port-flapping. At this point I am concerned that the DAC cable (j9283D-C) is not fully compatible with the NIC/Switch. Has anyone encountered a similar problem? If I want to abandon the DAC in favor of fiber cables + transceivers which transceivers should I get? It seems that all those compatible with the HPE 562+ are not compatible with the Aruba switches. Thanks in advance [link] [comments]  |
| What do you think of the philosophy of "Hosts have IP addresses, not interfaces"? Posted: 14 Jul 2021 01:36 PM PDT I've heard this a couple times, and it always refers to not be in a situation where multiple interfaces on one computer have different addresses, but rather the whole thing has one address and the interfaces are simply a means to access that address. However, it seems to only come into play with really basic networks (SOHO ones) or bleeding-edge dynamic routing meshes. What do you think of this? [link] [comments]  |
| Posted: 13 Jul 2021 11:57 PM PDT Hi, I need to modify prefix-list. Currently my output is: R1#show ip prefix-list PL ip prefix-list PL: 2 entries seq 10 permit 192.168.1.0/24 seq 999 deny 0.0.0.0/0 le 32 I need to change subnet mask from /24 to /25 so which version of implementing this is correct and more reasonable? ip prefix-list PL seq 9 permit 192.168.1.0/25 no ip prefix-list PL seq 10 permit 192.168.1.0/24 Or no ip prefix-list PL seq 10 permit 192.168.1.0/24 ip prefix-list PL seq 10 permit 192.168.1.0/25 Apologies for bad formatting. Thank you in advance. [link] [comments]  |
| Panasonic tda600 incoming calls outbound calls not working Posted: 14 Jul 2021 03:29 AM PDT Panasonic tda600 incoming calls outbound calls not working For more then a week our system isnt working good,i cannot make calls outside or receive calls from outside sometimes works but 95% of the time doesnt work. anyone had the same experience? what do you recommend me to do? + When i call outboud. [link] [comments]  |
| Posted: 13 Jul 2021 08:21 PM PDT I am not a networking expert and cannot seem to find an answer to my situation. I own a small business (too small to hire an IT guy so I am it), an auto parts store and am wondering if its possible to connect to two firewalls at the same time. Ill try to explain how our network is set up. ISP>Modem>Firewall 1>Switch>APs/Devices & Firewall 2>Switch & Server>Devices. A little background, I do not have enough wrinkles in my brain to understand everything network related but have a general understanding and can research or lookup most things you suggest. I also do not have the financing to afford high end equipment so the best we were able to do is Ubiquiti's Unifi. I am familiar with navigating the Unifi controller and am just wondering if this can be done. A simple point me in the right direction is good enough for me. Best way to learn is to jump in and start doing. Thanks. Basically the software for our inventory ordering and parts lookup for vehicles is controlled by our parent company and any computer that needs to look up or order parts must go through firewall 2 and the server that is provided by them; unfortunately, their firewall has multiple restrictions on it that won't allow for simple things like credit card readers or VOIP to connect through it (thus they are connected through firewall 1). Is it possible to set up something where firewall 2 is behind a vlan (say V2) and everything is connected to the same switch that is on V1. This would need to be so where V1 can access and see V2 but not the other way around. I am thinking of it this was so I can use wireless computers for inventory management and have the access points on V1 but they can still use the parent company's software. I could just install APs behind firewall 2 but that then means I will have to have 2 ssids to connect to for simple things like emails access (also blocked on firewall 2). I have 4 workstation computers that we purchased from said parent company that also receive their updates from them but cannot access competitor websites for price comparison (these are all ethernet lines to the switch behind firewall 2). I am an independently owned store and our parent company prices are way to high so I have to compare with competitors to keep our pricing low enough to compete. If this is outside the realm of this community, please let me know so I can take it elsewhere. Furthermore, the way I am currently getting around this is by having wifi adapters on the workstations and using ethernet. When we need to look up parts or place orders, we simple turn off the wifi in windows. When we need to check prices or emails and such, we simply unplug the ethernet cable and use the wifi. [link] [comments]  |
| Weather map with location alerts? Posted: 13 Jul 2021 06:46 PM PDT Hello, My job requires me to monitor for WAN outages and a common theme is for weather related outages. I was wondering if there was a selfhostable app or website where I can load in a list of locations and if there is bad weather in that area then send an alert for those sites? Thanks [link] [comments]  |
| Clearpass onboarding trust chain issue Posted: 13 Jul 2021 06:09 PM PDT Hey guys, I'm building out a new onboard setup in clearpass and I'm running into an issue with Mac OS 12 that I was hoping maybe someone else has encountered (though in all honesty, I haven't tried other platforms yet). The services are all built, everything works in policy manager, all good. In the network settings, I have a wildcard cert trust listed under trusted server names and I have the root CA uploaded in the trusted certificates section. The documentation doesn't specify you need the full chain for the EAP in that section so I'm leaving just the root. However, the problem I'm seeing is not in regards to the EAP cert, it has to do with the device cert. The device cert is onboarded fine, however the .cer that is downloaded when you go through the onboarding only includes the root CA for device certs and not the signing intermediate so the device cert shows as untrusted. How can I get onboard to A) Include the full chain in the profile B) If A is not possible, include the root and intermediate in the mdps_profile.cer that is downloaded. Thanks. [link] [comments]  |
| Speed Up Gigabit Ethernet Network Connection Posted: 14 Jul 2021 03:09 AM PDT Hi guys, I need to speed up the office ethernet connection. Configuration:
The Nas is connected to the switch using 2 Eth. cable (ethernet link aggregation). Each PCs transfer a big file at 110 mb/s (PC-NAS or PC-PC). We need more speed over the network/NAS. Can you give me some advice? 10GbE network? Thanks [link] [comments]  |
| Can Ncat scan a range of ports? Posted: 13 Jul 2021 05:08 PM PDT I'm aware that Nmap is much more effective for such tasks, but I'd still like to know. I've searched online but am having a hard time finding an answer. When I run: It outputs. Whereas when I use traditional netcat it works. Thank you. [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment