Cisco telemetry pipeline recommendations? problems with big muddy pipeline :( Networking |
- Cisco telemetry pipeline recommendations? problems with big muddy pipeline :(
- S2S - Route-Based VPNs
- Another post looking for a cable tester
- Copper Ethernet cable flapping situation
- Help require with inter vlan multicast routing on IE2000 series switches
- Redundant routes for a client on two isolated networks
- So, I finally got a cable testing kit and 500ft of shielded cabling. Did my first termination.
- VRF and Core Network Help
- WLAN vs LAN
- How to realize our full potential
| Cisco telemetry pipeline recommendations? problems with big muddy pipeline :( Posted: 02 Sep 2021 09:05 AM PDT Problem: my telemetry stack I am using will not update the influxDB measurements to add new sensor paths no mater what I try.. My system: I was able to set up our Cisco IOS XR to send model driven telemetry data via gRPC to a telemetry stack I stood up. The stack is based off the git repo for big muddy telemetry, found here. Note: the the repo is archived, you need to change the branch to "final" to see code / issues / etc. This stack includes some example subscriptions which I employed and do work. They uses these sensor paths: But I CANNOT for the life of me figure out how to get the pipeline not to drop any new entires I add to its metrics.json file. I tried adding the tcam yang file found here.
The main issue is the big muddy pipeline is dropping any data I am sending to it based off the new JSON structure I created. It DOES preserve the original JSON structured data (CPU, Memory, interface info) but drops any new json structs I add for new yang modules I want to add. This is based on how the big muddy pipeline module uses the JSON format to parse through yang structured data. I have yet to find a automatic way of converting YANG to JSON, so I am forced to trial and error structure (mostly error). Question 1: Has anyone else used the big muddy pipeline with success? How do I add new sensor paths / convert JSON for this system not to drop gRPC data being sent? Question 2: Does anyone recommend some other type of gRPC pipeline gatherer besides the one I am using? I really dont want to use this anymore as its archived and not in development anymore, but its the only thing I found that works made by the Cisco team. I like how the system uses influxDB with Grafana, any recommendations for a pipeline that links to these services would be great. [link] [comments]  |
| Posted: 02 Sep 2021 12:28 PM PDT Hello All, For a route-based based VPN, does the remote-end firewall need to have ping connectivity to its local device for a VPN to establish? Device-A-->Switch-A--> FW-A ---> Internet---> FW-B -->Switch-B XXXX --Device-B For example, prior to a VPN being established let's say two route-based VPN firewalls are attempting to connect via a Site-to-Site VPN across the internet. Device-A initiates the interesting traffic towards Device-B, but Device-B is not accessible via the Site-B (right side). Traffic egresses FW-A but the VPN does not establish. Is the cause for the VPN not establishing between the two route-based VPN firewalls because Device-B is not actually online or is it still an issue with the VPN configuration settings? I understand the concept between IKE-phase-1 and IPsec-phase-2, but wasn't sure if the concept of policy-based VPNs was any different from route-based VPNs in terms of establishing the S2S VPN connections. P.S. Be nice! TYIA [link] [comments]  |
| Another post looking for a cable tester Posted: 02 Sep 2021 01:56 PM PDT We have a few cable runs that we're seeing some issues one. Our HP switches can do some diagnostics and are showing intermittent shorts or open connections. I'd like to be able to verify that with something else and our existing tester isn't doing it. This would be used for testing cables after their run and troubleshooting any issues. Not a heavy duty use item. We probably run 1-2 cables a month, if that. Looking at the Fluke MicroScanner and the Fluke CableIQ. Is the CableIQ worth the extra money? [link] [comments]  |
| Copper Ethernet cable flapping situation Posted: 02 Sep 2021 08:33 AM PDT Hi I have a weird problem that I need some suggestions on: I have an ethernet switch in one rack and a router in another rack in the same DC row. Both pieces of equipment are connected via AC power to their own APC PDU ( in each rack ) When we racked the router, we connected the MGMT port of the router to the switch via a 5m direct ethernet cable in the aisle of the row. we saw that the link negotiated at 100mbps and kept flapping. we checked the config as both the switch and router have 1Gbps ethernet ports. Both interfaces were set at auto neg and nothing defined for speed or duplex. we swapped the 5m cable for another cable fresh from a factory baggie. the same we swapped the cable again the same we set the switch and the router to be 100Mbps full duplex and turned off auto-neg. the link was at 100Mbps and still flapping. We then reviewed the firmware versions on both the switch and the router and upgraded to recommended versions. the link was still the same. as each rack has a RJ45 patch panel back to a central cross connection frame ( that had been tested and certified on installation ), we routed the link through that structured wiring. the link was still the same. we then connected a direct patch between the router and another switch in another rack. 1gbps , rock solid..... we then installed a patch between the original switch port and a laptop. 1gtbps, rock solid. thus there seems to be a weird situation between the original switch and the router, as we linked the router and switch separately to other devices and they both worked well independently. I open a TAC case and after review they said to check the grounding of the equipment/racks. I have had the DC team review the rack grounding and they have confirmed that the equipment is bonded to the rack and the rack is bonded to a ground point somewhere in the DC. the issue persists , will only auto neg to 100mbps and flaps continuously. any suggestions? many thanks [link] [comments]  |
| Help require with inter vlan multicast routing on IE2000 series switches Posted: 02 Sep 2021 05:45 AM PDT Hi Everyone, Hope you are doing well. I require some help with multicast routing between vlans. Scenario: I am using 2 nos. IE2000 switches in network which are connected to ws-c3650-24ts. I enabled the pim sparse mode on all switches with rp point at c3650-24ts. But that not worked with laptop connected at ie2000 on different locations. All the communication at talking about is about multicast. Unicast is working fine in all cases. Then I connected 2 laptops on c3650-24ts with two different vlans then that worked. The for second experiment I connected 2 laptops on same ie2000 switch with different vlan. But it failed. The 3rd experiment I did, connected the 2 laptops in same vlan on same switch ie2000 it worked. Multicasting is ok. I tried configuring the same switch in dense mode also but still same result. Request you to please let know what to do. License is already there in all switches. [link] [comments]  |
| Redundant routes for a client on two isolated networks Posted: 02 Sep 2021 02:00 AM PDT Need some assistance with coming up with a solution for the following: A server that has two network interfaces connected to two seperate isolated networks. These networks are just an 8 switch ring, but have no connectivity between each other. Currently one firewall is in place connected to one of these networks. The issue is that if one of these networks fails in anyway, there is no longer any external connectivity through the firewall. So, I considered a pair of firewalls which are connected to both of these isolated networks. The issue I'm seeing is how the client is going to handle this. As two default gateways is bad practice and (I believe?) unworkable, i'm not sure how the client can handle this. Just a couple caveats: I cannot change the two isolated network infrastructure, nor add/remove interfaces from the server, that MUST remain as it is. Below is an image of what im trying to achieve: **EDIT** - I forgot to mention a rather important point. The server does NOT require outbound access directly. However, external servers have limited connectivity (RDP and a couple other ports) to this server through a Nat'ed rule on the current firewall. I guess then I would need some kind of 'conditional' NAT rule on the new firewalls to ascertain if network A or B is up? Is such a thing possible? Thanks in advance. [link] [comments]  |
| So, I finally got a cable testing kit and 500ft of shielded cabling. Did my first termination. Posted: 01 Sep 2021 05:02 PM PDT I couldn't find anything relevant. Many thanks in advance! [link] [comments]  |
| Posted: 01 Sep 2021 05:15 PM PDT First I am just a jack of all trades master of none type of guy. My network knowledge might be outdated as we had a network guy doing the networking and I was basically handling the virtual environment. and would like some advice... Problem: The network guy quit at my job who manages the datacenter The network in the datacenter has a single modular switch acting as an Access, Distribution, and Core Router so basically SPoF. There are also close to 400 cables going into one cabinet from 8 other cabinets. The worst part is there are about 300 lines of deny ACL statements. I did some reading and it looks like there is something called VRFs. On top of that MSTP is not enabled so getting or plugging in additional network equipment will be fun. I believe I got approval for 2 separate switches and I am hoping to set up some kind of redundancy. I also need to secure it. I was reading through the ACL statements and it is confusing. I did some research and I think there is a better way. Basically, each VLAN is dedicated to the clients. I see there is something called VRF which was not around when I was learning networking. So I was hoping to put each client in their own VRF, but there is one issue we offer some services on our core network. In network terms, I need to "route leak" one VLAN to all other VLANs. I need advice is it better to put the core network on the global routing table and just leak or is there a better way with doing it with OSPF? I saw some articles that use BGP, but I am confused because I thought that was more for configuration on a Edge router. Example: I have a client A 10.20.10.0/24, client B on 10.20.20.0/24 and I have a core network 10.20.0.0/24. I put client A on VRF-A, client B on VRF-B and core network on VRF-Core. I am trying to find a way to add the core network to both client A and client B. Core network should have routes to client A and client B. There is no routing protocol, but my first order is to start setting up OSPF. Sorry again, maybe ACLs are better or I am not totally understanding VRF. Appreciate any help I get. Btw there is no dynamic routing protocol. So this is all part of the fun is setting up. I am enjoying the moment because it is a break of the norm ESXi stuff. I also don't want to take us down. [link] [comments]  |
| Posted: 01 Sep 2021 08:43 PM PDT We have a rather large site coming up with approx 1200 users. This will be a very simple setup with Users using local DIA egress. There are no servers, labs or prod services going to be hosted on-premises. Would it be a good idea to only provide a wireless access and no LAN ports (except for few use cases)? What could be the potential challenges with providing only WLAN assuming we will never have more than 50% attendees with COVID situational. This will avoid having multiple stacks of switches with only few ones on each floor for connecting APs. [link] [comments]  |
| How to realize our full potential Posted: 01 Sep 2021 07:08 PM PDT I'm a rookie K12 SysAdmin (mostly experienced in SOHO) and I took over a few years ago as the solo IT guy at a small, private school. We have been blessed with stable, fast fiber to our building. We currently have a Meraki MX84 that's working great (specs on page 12 here), and our speeds run ~200Mbps and currently (at 9PM) getting 290Mbps down. This ISP offers "our best possible speed" and I know that other locations in our city with this service can get up to 1Gbps, so I'm naturally curious if we could get better speeds by upgrading the Meraki to a newer model. The MX84 specs show "Advanced Security Throughput: 320Mbps", so this seems to align with the 290 that I'm getting right now. (We have Advanced Security running, so I don't expect to get the nominal 500Mbps mentioned on the spec sheet.) The MX85 says "Advanced Security Throughput: 750Mbps", so this might give us quite a boost. We have GbE switches, cat5e & cat6, so this Meraki box is the only candidate for a bandwidth bottleneck (AFAICT). A) How likely is it that upgrading this equipment will "unleash" our WAN speeds? B) Can I test this without a) messing up our current configuration or b) buying the newer MX model? (There are other ethernet jacks in the fiber ONT, but I'm hesitant to just start experimenting with it!) [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment