Am I alone in the feeling that landing a job right now (mid-level) is a hellscape? Networking |
- Am I alone in the feeling that landing a job right now (mid-level) is a hellscape?
- Cloudimized - Oxidized for Google Cloud Platform
- Anyone else found FirePower 1010's Unreliable?
- reputable market for 2x /22
- Cisco AironetAIR-BR1310G-E-K9 shuts off at certain time 2 nights on the run now
- Raritan DSX2-16M with Airlink LX60
- Routing traffic over network namespaces with veth pairs?
- Ansible vs VTP
- Android Cellular and Wireless Network Bridging
- VTP Pruning Mode?
- Fiber backbone
- DMVPN w/IKEv2 securing
| Am I alone in the feeling that landing a job right now (mid-level) is a hellscape? Posted: 02 Mar 2022 03:31 PM PST I left my position in mid 2021 due to mental health issues. I have decided to jump back in after finding some resolve (what am I working for?) Now I am feeling crushed all over again. I am going on 3 months of looking for a position. I mostly avoid roles that mention 'Senior' in the title, even though these are the most commonly posted. I have been in a feedback loop of thinking two things:
I try my best to let the interviewers know that I do not mind harsh, honest feedback, as I want the opportunity to grow and learn from my failures. I have not received any negative feedback, or any indication that my technical knowledge was lacking. However, I have received silence to some of these probes for answers. Part of me believes it is best to assume the worst and just study whatever was asked in the interviews where I was not invited to the next stages of the process. At this point, I am not even sure what to go back and study. Regardless, I open up GNS3 and go over some core network engineer skills. I even learned some basic network automation with ansible a couple weeks back. I am more than willing to put the work in, but I lack the social network to help me in knowing what skills I should strengthen foremost, or what even my faults are that these interviewers are noticing that I don't. I would appreciate any hints in the right direction to help me in future interviews. For example, what study sources did you use to become a master on BGP? I've spun up labs, but perhaps my real world experience is lacking. [link] [comments] |
| Cloudimized - Oxidized for Google Cloud Platform Posted: 03 Mar 2022 06:41 AM PST Hi, Just wanted to share a script that I've been developing for some time now, share it for other to use and get some feedback. As company started using GCP, we as a Network team needed to have visibility on changes that happen on network related configuration. As we used Oxidized for our on-premise network I thought it would be helpful to have something similar for Cloud environment. Initial draft of this script was purely for Network resources, but currently it can monitor any resource. Would appreciate feedback if something like that is useful for community. EDIT: fixed URL [link] [comments] |
| Anyone else found FirePower 1010's Unreliable? Posted: 03 Mar 2022 06:18 AM PST We have recently installed 16 FirePower 'FTD1010's and they've had a litany of problems across the board. HA keeps stalling in one setup and another where I'm using 2 ports in a layer 2 configuration to share circuit access just stopped passing traffic... Is anyone else experiencing this? Some shared experiences would help me argue to right off the tech debt and switch to something else... [link] [comments] |
| Posted: 02 Mar 2022 10:56 PM PST are there any legit markets to offload 2 /22 from RIPE? my IPs are virigin (no email, spamming, bots) and no longer in use since refactored code made them redundant a while ago wont need them and would love to make a buck before simply just tried my luck with a bit of googling and even enganged an agent. it looks like people want to lease IPs and not buy them outright. just sounds like a bad deal. [link] [comments] |
| Cisco AironetAIR-BR1310G-E-K9 shuts off at certain time 2 nights on the run now Posted: 02 Mar 2022 09:05 PM PST Hi, for the second time in a row i have been woken up at 4:30am (oncall engineer) about a Meraki switch that is "down", this switch gets connectivity from a Cisco AIR-BR1310G-E-K9 bridge that syns with another about 15 feet away from it. For whatever reason that i can't find at the moment, the only fix i have is for ask the security guard to pull the plug on the Meraki and restart it, which fixes the issue, i'm still at a bit of a loss as to why this might be happening. Any thoughts? [link] [comments] |
| Raritan DSX2-16M with Airlink LX60 Posted: 03 Mar 2022 04:29 AM PST Hi All! Our company purchased the Raritan DSX2-16M which we would like to use with an USB-connected external 4G/LTE modem. The DSX2 Administration Guide recommends for this connection the Sierra Airlink ES450 gateway modem. This devices reached EoL, the replacement device is LX60. Is the LX60 will work as an USB-connected external modem, too? [link] [comments] |
| Routing traffic over network namespaces with veth pairs? Posted: 03 Mar 2022 04:29 AM PST Hi, I'm having some real trouble trying to route traffic on an IP address to another network namespace in linux, I've found a few people having similar issues but no good solutions. Basically I'm doing this:
Running tcpdump will reveal that ns0 receives a ton of ARP requests but since it responds on the loopback interface they're not able to find each other. Is there any smart way to route traffic to the network namespace without creating a separate subnet and assign individual gateways on both ends of the tunnel? Any other interface type that can help me achieve this? I've tried to enslave veth1 to a bridge and route the through it but I couldn't get that to work either. [link] [comments] |
| Posted: 02 Mar 2022 03:01 PM PST We are moving to an all Cisco shop and I'm debating between Ansible and VTP for VLAN management. VTPv3 seems to eliminate the usual horror stories of the past. My main worries are accidental pruning or bugs, new channels for security issues, or even user error. Ansible would be more hands on but is still automation, just more tightly controlled. However, I'm not sure what the equivalent of automatic pruning would be for Ansible. I would guess that's not a huge benefit to begin with, so long as trunks are configured for the necessary VLANs. Just wondering what others have done and if this comparison is even relevant. Thanks. [link] [comments] |
| Android Cellular and Wireless Network Bridging Posted: 02 Mar 2022 02:37 PM PST Our desktop team has a need to manage the android phones via cellular in case the phone needs to be wiped outside our facility. But the connection will be bridged between cell and corp wireless networks. If someone hacks an android device are they able to access both the cellular and wireless networks? We have thoughts on an always on VPN solution turning off the device etc. My concern is with bridging the two networks and the risk that brings. [link] [comments] |
| Posted: 02 Mar 2022 03:51 PM PST In all the places I've worked, I have never seen VTP Pruning Mode Enabled on a network. Its always been wide open trunks or sw trunk allowed vlan XXX-XXX. No one has ever said why, and I assumed it was along the lines of "hard code good, negotiate bad". I can see the advantage of enabling VTP pruning mode, if it behaves like its supposed to. Less config time, unnecessary traffic, and spanning tree instances sound like a good thing. What I'm looking for is the draw backs. Letting a switch decide for itself doesn't always work so well. I'm not interested making a stable network less so. I'm curious of it would affect mgmt SVIs if the mgmt vlan was in the prune list. Apparently VTP Pruning doesn't work for switches in Transparent mode , and the downlinks to such switches need pruning disabled (sw trunk pruning vlan none?) Does anyone trust VTP pruning mode in their medium to large networks? Has VTP Pruning mode Enabled specifically caused problems for anyone. [link] [comments] |
| Posted: 02 Mar 2022 05:05 PM PST If you were contracted to run fiber from a first floor DEMARC to a suite some floors up, would you run it home run from the DEMARC or would you terminate in an enclosure on the floor of the suite and then run a new line from the box to the suite server room? Because it's a multi tenant building I would terminate in the DEMARC and on the suite floor telecom room. Would I be wrong in that thought process? [link] [comments] |
| Posted: 02 Mar 2022 02:33 PM PST Finally got my single-hub/single-cloud dmvpn working with ikev2 in the lab. Seemed like writing to nvram then rebooting helped, but I also cheated and left the IKEV2-KEYRING [peer dmvpn; address 0.0.0.0 0.0.0.0] and ikev2-profile [match identity remote any] wide open. Little background
With some experimentation, I have discovered (I think?) that the IKEV2-KEYRING is looking to match the nbma addresses, and using the /24 containing all of the loopbacks appears to be working. Such as: crypto ikev2 keyring IKEV2-KEYRING peer dmvpn address 33.1.1.0 255.255.255.0 pre-shared-key <string> **My config for the IKEV2PROFILE is as follows:** crypto ikev2 profile IKEV2PROFILE match fvrf any match address local 33.1.1.4 match identity remote any authentication remote pre-share authentication local pre-share keyring local IKEV2-KEYRING dpd 30 3 on-demand Instead of "match identity remote any", are they looking for the nbma subnet?(33.1.1.0/24) tunnel ip subnet?(192.168.0.0/24) or any traffic that passes through the tunnel?(including LAN subnets and tunnel subnet)??? Also, I am finding it difficult to test as my security associations are persisting until they expire and not getting instant up or down? Does "clear crypto sessions" wipe both ikev2 sa and the ipsec sa? Cheers [link] [comments] |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment