Moronic Monday! Networking |
- Moronic Monday!
- Fold-down Vertical-mount Rack
- Network Layout Advice
- Q: Resolving a FQD to an internal address without a DNS server.
- GNS3 Build
- Best practice for network segmentation
- Service Contracts/Foundation Care on access layer switches?
- isolated un-managed network - lag build up over a few hours - how to debug?
- Weird problems caused by SFP DAC plugged into one switch but not the other.
- Port forwarding with a SIM card router?
- Does anyone worked with Huaweii SmartLogger 3000 ?
- Is there a Ethernet Router on market I don't need WiFi.
- Keeping up with the various brands and hw software updates?
- Aruba AP virtual controller management access
- 2 STP versions on same switch
- Cisco known good state capture
- HyperV host connected to network via VirtualSwitch; is this normal
- Q: Planet switch issue
- Used Dell S-series switches
- Mounting WAP with magnets
- Question on securing Server Management Interfaces with out ACLs or Firewalls
| Posted: 28 Nov 2021 04:00 PM PST It's Monday, you've not yet had coffee and the week ahead is gonna suck. Let's open the floor for a weekly Stupid Questions Thread, so we can all ask those questions we're too embarrassed to ask! Post your question - stupid or otherwise - here to get an answer. Anyone can post a question and the community as a whole is invited and encouraged to provide an answer. Serious answers are not expected. Note: This post is created at 01:00 UTC. It may not be Monday where you are in the world, no need to comment on it. [link] [comments] |
| Posted: 29 Nov 2021 05:33 AM PST Networking friends! I am desperately trying to find a product that I am pretty sure I saw a few years ago, but I am now wondering if I dreamt ... I need a lockable vertical-mount 19in 2u cabinet to house a short depth piece of hardware along with some cable management, but would prefer if the rackmounting and hardware (but not the whole cabinet) could fold down to a horizonal position when needed to allow cabling / troubleshooting, and then fold back up vertically and lock in place for normal operation. I've seen the Tripp Lite vertical SmartRack cabinets, and honestly they will probably do the job, but obviously without my probably-dreamt fold-down brackets. Any ideas if this thing actually exists?! [link] [comments] |
| Posted: 29 Nov 2021 08:37 AM PST Hi Everyone, I want to redesign our network setup to be more secure. Currently we have 3 VLANS which we can call 2, 20, and 29. Our WiFi network has 3 SSIDs, MH, User, and Guest. VLANs:
WiFi:
Some ideas I had:
What is the best way is to limit access to some servers across VLANs but leave some servers available for access? Would I just give them an IP on the server network and the user network? What is the recommended WiFi encryption method these days? Any advice and informative references like YouTube videos or other documentation would be greatly appreciated. I would love to hear about your network setup if you feel it is applicable here. [link] [comments] |
| Q: Resolving a FQD to an internal address without a DNS server. Posted: 29 Nov 2021 08:23 AM PST Some Background: We have 40 organizations that connect back to our building using Peer IPSec connections. They are limited to a specific subnet where the servers they need exist. We have SSL certificates in-place that use Fully qualified names that resolve to internal addresses within our network. We can't program the internal address within the web hoster to resolve that way. The big problem, is that our internal DNS server is not in reach of that subnet and the company will not change that policy. With PC's, we got around this with host file modifications. We can't do the same thing on Phones/IPads though without jailbreaking. This has kinda got me stuck.... Question: Is there a way to use the firewall (mostly Sonicwalls) to do the basic DNS translation? Most of the organizations have DNS servers, but some don't have the technical/financial resources to make that happen. [link] [comments] |
| Posted: 28 Nov 2021 06:07 PM PST Were a small ISP, over the past year we've started using GNS3 more and more in lue of using physical gear in our lab to test different scenarios and validate configs. Were also leveraging it more for training. Our current GNS3 server is an old HP server with specs below. We installed ESXI and the GNS3 appliance and basically devoted all the server resources to it. It's been working well but now our labs are getting bigger and have sometimes 3-4 people logged into it at the same time. CPU and Mem are getting maxed out at times and things are slowing to a craw. I got management to approve getting a replacement server, my question is do I go the same route of applying all resources to a single GNS3 VM for everyone to work in one enviroment or build multiple GNS3 VM's? How many vcpu's and mem can a single GNS3 VM handle? Any recomendations or input appreciated as I haven't been able to find a clear answer on this. OLD Server: 2 x six core xeon 72GB DDR3 memory 2 X 500GB SAS (Raid 1) New Server: 2 x twenty-two core xeon 384GB DDR4 Memory 10 x 900gb SAS (Raid 10) Current GNS3 VM: 22 x vcpu 64GB memory [link] [comments] |
| Best practice for network segmentation Posted: 29 Nov 2021 09:25 AM PST What is this? This project was created to publish the best practices for segmentation of the corporate network of any company. In general, the schemes in this project are suitable for any company. https://github.com/sergiomarotco/Best-practice-for-network-segmentation Where can I find diagrams? Graphic diagrams are available in the Release page The schema sources are located in the repository [link] [comments] |
| Service Contracts/Foundation Care on access layer switches? Posted: 29 Nov 2021 05:47 AM PST We're putting together a network refresh of around 100 access layer switches - all Aruba - a mix of 6400 chassis and 6300m's. We planned on getting 5 years of 9x5, nbd replacement foundation care for each switch/chassis, but the cost for that is eating up about 1/3 of our budget. My question is - do you guys think it's worth it? Should we just grab a few spare line cards and switches and drop the foundation care? Have you found a value for it? If we roll out Clearpass and need to call TAC regarding an issue involving Clearpass configuration on the switch, will they thumb their noses at us? [link] [comments] |
| isolated un-managed network - lag build up over a few hours - how to debug? Posted: 29 Nov 2021 03:19 AM PST Disclaimer: networking is not my expertise and i am learning as i go. I have a computer lab connected with an unmanaged isolated network. the lab consists of 5 windows and an unmanaged netgear switch. The windows machines have never been connected to the internet and are running the OEMs windows 10 Pro install. There is no router, DHCP/DNS server running - every machine has static IP set. each machine is running different pieces of software and they communicate with various protocols. Mostly UDP broadcast, some Mulitcast and some TCP. The Problem: after a few hours of everything thing running, lag builds up between machines. a simple ping across the switch shows a ~900 ms response time. (in the software it looks like several seconds response time). The strange part is stopping all the software and/or rebooting the machines does not solve the problem. The only "fix" I have found is removing the power to the switch (full discharge) and rebooting. leaving the machines off but the switch on overnight does not clear the blockage. I have tested a quick swap for a different switch and lag immediately disappeared. Testing in progress:
my uneducated questions:
[link] [comments] |
| Weird problems caused by SFP DAC plugged into one switch but not the other. Posted: 29 Nov 2021 08:58 AM PST We're doing a bunch of fairly major changes. I cause some problems (I cant use the word ou ta-ge?), because I plugged the SFP's into one switch, and left the other side hanging. So, is it a bad thing to plug in one end of a SFP DAC and not the other? or do I have a bad SFP? [link] [comments] |
| Port forwarding with a SIM card router? Posted: 29 Nov 2021 06:25 AM PST I'm gonna get a public IP today, or atlesat try. Is it possible to port forward with this type of router? [link] [comments] |
| Does anyone worked with Huaweii SmartLogger 3000 ? Posted: 29 Nov 2021 02:28 AM PST Hello, I need to establish connection between a router I have (Cisco ISR 4000) to a endpoint device of a customer (Huawei SmartLogger 3000). In my router I can see the IP and MAC of the endpoint: Protocol Address Age (min) Hardware Addr Type Interface Internet 10.104.55.237 - a0ec.f977.c4a0 ARPA GigabitEthernet0/0/0 Internet 10.104.55.238 141 68e2.0937.1a15 ARPA GigabitEthernet0/0/0 I can't ping 10.104.55.238 , the IP defined in the endpoing Huawei SmartLogger. My problem is that this equipment isn't mine, and the person who is managing it is in another country, so communication can be tricky. Anyone here has experience with this Huawei equipment? Anyone with the same issue? Thank you in advance! [link] [comments] |
| Is there a Ethernet Router on market I don't need WiFi. Posted: 29 Nov 2021 09:11 AM PST Hello All, Can someone tell me in this day and age if there is a router with jus Ethernet. My Current Setup is ISP Modem .. Linksys WiFi Router.. Linksys Velop Mesh in Bridge Mode. 500MBPS is my Net Package. I have the WiFi off currently on my Router with Velop Mesh system handing all the WiFi.. The current Router I have is a Linksys EA8300 is there something better in market that will handle my setup I have like 30 Devices connected via WiFi. The Linksys Velop is rubbish in Router Mode keeps disconnecting so is better in bridge mode.. I would upgrade the mesh but I don't have budget right now to buy new mesh system. Thanks [link] [comments] |
| Keeping up with the various brands and hw software updates? Posted: 28 Nov 2021 12:06 PM PST How do yall keep up with all the software updates or do you stick to checking the FW sites at a scheduled date of every month for e.g? E.g I manage systems running switching, routing and wireless and all that with vendors such as HP/Aruba, Cisco, ICX/Ruckus, Juniper, and more. [link] [comments] |
| Aruba AP virtual controller management access Posted: 28 Nov 2021 08:56 PM PST Hi all, New to Aruba. There is a client who has an existing Aruba virtual controller based WiFi network using several IAP-225s. The issue is, I can only connect to the management web GUI using the virtual controller or preferred master IP addresses. Trying to connect to the non-master/slave APs makes the web GUI login page reload after entering the credentials. However, SSH access works on the non-master APs (can't enter config mode though). I would naturally assume that all configuration must be done using the virtual controller or preferred master IP addresses but the client's IT admin keeps saying that previously they were able to log in to the non-master APs using the web GUI. Appreciate you help on this. [link] [comments] |
| Posted: 28 Nov 2021 11:58 AM PST Hi All, looking at a new request. Clients core switch is running MST on their Core switch and their new Setup (TOR switch and below) is configured with RPVST. Now we have a requirement is For uplink interface between tor & core switch client wants us to run MST. has someone ever done something like this. If Yes? Care to shed some light on how can it be done. Is it going to be same steps as running a rpvst on a switch? Is MST backward compatible with RPVST? Have read on internet that it is, but not sure if anyone has performed something like this or not. Topology: (MST) Core Switch (MST)----> (MST) Tor Switch 2 (RPVST) Tor Switch 1 (RPVST) [link] [comments] |
| Cisco known good state capture Posted: 28 Nov 2021 09:53 PM PST Hey Everyone, What commands do you like to document when you first launch a new network? Some context, a 3rd party was tasked with building a network for a new development. (before we had our own network department) and I'm building a list of required documentation as part of the final commissioning. Any show commands that you feel provide great information on current network status or that is useful for troubleshooting future issues? Here's what I'm thinking so far. Show run show version show license show switch show ip int bri show cdp neighbor show int desc Show interface transceiver brief show vlan bri show vtp status show spanning-tree show snmp community show ip route [link] [comments] |
| HyperV host connected to network via VirtualSwitch; is this normal Posted: 28 Nov 2021 07:00 PM PST So the current setup on one HyperV host (Server 2019) has the following under 'Network Connections':
It seem strange that the host is connected to the Virtual Switch, and that the IP address is assigned there, but is this typical? [link] [comments] |
| Posted: 28 Nov 2021 10:01 PM PST Hi guys, we have a Planet switch in part of our university network that acting weird, it was working for more than 3 years without any problem, but now it disconnect once in a while without any reasons, and all LEDs on it blinks so fast even those LED not connected to any client! and when you turn off and on again you see the problem is solved, and after 2 or 3 days, problem comes back, we reset the switch (didn't work) and even changed the switch itself with new one but the new switch has this problem either, We do not have this problem in other parts of the network, we have more than 50 switch in our network, none of them has this issue, I don't know how to solve this problem, all I can do now is manually restart the switch every 2 or 3 days, beyond that I don't know what to do, plz help [link] [comments] |
| Posted: 28 Nov 2021 01:10 AM PST Does anyone know how Dell OS10 Enterprise licensing works if you buy used switches? The switches come with OS10 Ent licenses installed, but it seems you can only download software updates from the Dell Digital Locker. Can you add the licenses to the Dell Digital locker to access updates? Or will Dell add the licenses to the digital locker if you register a transfer of ownership with them? [link] [comments] |
| Posted: 27 Nov 2021 05:02 PM PST I've inherited a rather large network and discovered that most of the WAPs were mounted to different metal surfaces using pretty strong magnets. During my time at this company we seem to have various wifi issues (par for the course, I know) but I want to make sure that this mounting solution isn't causing some of the issues we are seeing. A quick google search doesn't seem to have much info on the topic. Any insight on this would be much appreciated. [link] [comments] |
| Question on securing Server Management Interfaces with out ACLs or Firewalls Posted: 27 Nov 2021 05:26 PM PST I work for a large organization (University) that is in the process of moving from public IP Ranges to private IP Ranges and in the process the organization has decided to move away from Access Control Lists (ACLs) on the internal routers. As a result, all of the internal networks will now be able to communicate with all other internal networks. For the most part, this will not be an issue as we can use local firewalls to stop any unwanted network traffic that comes from networks that we do not want to access our assigned networks and devices. The problem that I have is that I have 50+ servers of various ages (1 to 10 years) that are now accessible from any other network in the organization. In the past, we would use ACLs to restrict access to these server's management interfaces (IPMI/iDRAC/IMM). With the ACLs being removed I am trying to find an alternative to the ACLs as a means of restricting access. Most server management interfaces have rudimentary firewall capabilities (i.e. you can whitelist one IP range) I have no access to the routers/firewalls/switches, and all requests for ACLs have been denied. I am looking for a way to restrict access to these servers so I can lock them down so that they can only be accessed from three different sub-nets. Does anyone have any ideas that would allow me to secure my servers without using ACLs or network firewalls? [link] [comments] |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment