Moronic Monday! Networking |
- Moronic Monday!
- Spanning-tree portfast with voice vlan
- What do you use Ansible for in your environment?
- Updating the RIPE Database using a python script
- Can’t deny SSH into Int VLAN
- Upcoming Networking Conventions in England?
- Aruba/HPE VLANs and management
- Switch is "overloaded" at my business.
- Doublewide EtherSwitch in Router, dual uplink interfaces?
- Linux Device broadcast on L2 and floods the local network
- Netbox Alternative? Free or Cheap.
| Posted: 27 Mar 2022 05:00 PM PDT It's Monday, you've not yet had coffee and the week ahead is gonna suck. Let's open the floor for a weekly Stupid Questions Thread, so we can all ask those questions we're too embarrassed to ask! Post your question - stupid or otherwise - here to get an answer. Anyone can post a question and the community as a whole is invited and encouraged to provide an answer. Serious answers are not expected. Note: This post is created at 01:00 UTC. It may not be Monday where you are in the world, no need to comment on it. [link] [comments] |
| Spanning-tree portfast with voice vlan Posted: 28 Mar 2022 04:23 AM PDT Hello, is it possible to configure "spanning-tree portfast" on a switchport which is connected to a phone AND a workstation via the PC port behind the phone ? The switchport configuration would look like this: I am not sure because although the port is an edge port there are 2 devices connected to the same switchport. Thank you for you help ! [link] [comments] |
| What do you use Ansible for in your environment? Posted: 27 Mar 2022 02:52 PM PDT I understand tasks such as upgrading the software on multiple Junos devices at once or making a config change to multiple devices based on a pre-defined group in the device list file - is there anything fancy I'm missing? What interesting things do you use Ansible for? [link] [comments] |
| Updating the RIPE Database using a python script Posted: 28 Mar 2022 06:50 AM PDT Hello to all, I am currently trying to figure out how to keep the RIPE Database always updated with a python script. The source of the IP Address information is the NetBox and the script is supposed to run like a daemon (I will use cron in this case). Getting the information from NetBox is easy enough using the token and making the connection from the python script. I am able to extract the data that I need from the GET response(estimated 10 000 IP Addresses), however I am having difficulties using the RIPE DB, especially creating/getting and updating the inetnum objects from the python script. Right now I am using the Test Database provided by RIPE for learning purposes, with cURL in my console I can get the objects one at a time by specifying the IP Address range e.g. "curl https://rest.db.ripe.net/ripe/inetnum/193.0.0.0%20-%20193.0.7.255?" I wonder if there are other ways to get all the data from RIPE the way its possible to get all IPs from NetBox from one GET method. I find it extremely difficult without some kinds of examples that I usually got from stackoverflow or from reddit , to implement my project. I already searched this sub and reddit as a whole, sadly without much success because there are just a couple posts regarding RIPE. I would be grateful for any kind of advice how to proceed. [link] [comments] |
| Posted: 27 Mar 2022 08:08 PM PDT I'm having an issue where I am unable to deny SSH into specific Interface VLANs on a 3560G operating in Layer 3. I create an extended ACL with the following: ip access-list extended NOSSH Deny tcp any any eq 22 Permit ip any any Interface vlan20 ip access-group NOSSH in I can still SSH into the interface VLAN IP address for some reason from my host of 192.168.1.104. However, when I build an ACL to deny traffic outbound to other subnets such as: ip access-list extended UNTRUSTED deny ip 172.16.1.0 0.0.0.3 any deny ip 192.168.1.0 0.0.0.255 any deny ip 192.168.3.0 0.0.0.255 any permit ip any any Interface vlan20 ip access-group UNTRUSTED out I verify that from a host I can ping the Interface vlan20 gateway of 192.168.2.1, and a ping to 191.168.1.104 source 192.168.2.1 from the 3560G fails as it should. So why am I unable to deny SSH specific traffic inbound to the interface? I can just apply an ACL with my trusted subnet only as permitted into the vty lines, but I'm wanting to figure out why I can't deny protocol specific traffic inbound on an interface vlan? Any ideas? [link] [comments] |
| Upcoming Networking Conventions in England? Posted: 28 Mar 2022 02:42 AM PDT Hi everyone, What are the Upcoming Networking Conventions in England this year until the end of the year?. this is specifically to do with App and Tech. I know this wont even be related to the flair, but i really need help with this and searching it up, it doesnt come up with what i want. [link] [comments] |
| Aruba/HPE VLANs and management Posted: 28 Mar 2022 01:25 AM PDT Hello everyone, I hope someone can explain what the Hell I'm doing wrong. Core switch : HP J9576A 3800-48G-4SFP+ Switch Access switch : Aruba JL676A 6100 48G 4SFP+ Swch For the time being, I'm mixing two, let's say, brands, HPE and Aruba. I'm trying to pass within the same link, the management of the access switch and the different VLANs. Aruba CX6100 are slightly different from what I know and I guess I'm struggling with the new way to pass VLANs. Still, the configuration is quite simple, I have an Ethernet cable between the Core switch and the Access switch. Core => Port 20 <=> Port 1 <= Access Core configuration vlan 10 name "SYSTEM" untagged 1-19,21-52 tagged 20 ip address 192.168.0.254 255.255.255.0 vlan 20 name "Admin" ip address 192.168.20.1 255.255.255.0 Access configuration interface vlan 10 ip address 192.168.0.65/24 ip route 0.0.0.0/0 192.168.0.254 vlan 10 name SYSTEM vlan 20 name Admin interface 1/1/1 no shutdown vlan trunk native 10 tag vlan trunk allowed all Everything works fine, I can manage my Access switch by using the tagged VLAN and the VLAN Trunk Native Tag command. I also tried with the untagged option from the Core and the VLAN Trunk Native command on the Access. Still working. My issue then appears when I try to pass more tagged VLANs, I immediately lost the management capabilities. So, on the Core switch, I run the VLAN 20 context and then, tagged 20 and I can't manage my Access switch anymore. Running no tagged 20 on VLAN 20 solves the issues but it also means I can't pass my VLANs. I hope I have been clear enough, any suggestions would be highly appreciated. Best regards, Fabien [link] [comments] |
| Switch is "overloaded" at my business. Posted: 27 Mar 2022 04:18 PM PDT So I have a small game development studio, my workers have an 8 port Gigabit "TL-SG108" Tp-link switch on every workstation cluster. The latest switch that we added stops workingonce you plug in port 4. We plug in the "source" cable on the first port and all workstations on the following ones. However it seems like plugging anything into port 4 causes the switch to completely stop delivering internet to any of the other ports. Btw the name of the network is still visible and working, just no internet. We use CAT6 cables TiA Edit: Why do people mass downvote my comments? I am asking for help, burying my comments doesnt help 😂 [link] [comments] |
| Doublewide EtherSwitch in Router, dual uplink interfaces? Posted: 27 Mar 2022 11:01 AM PDT This is the first time that I am deploying a 2U router with an L3 48 port doublewide EtherSwitch module. It shows up with dual uplink ports to the router. I plan on having the switch module do most of the routing, but what is the best practice as far as the dual uplinks go? Possibly split them into trusted(LAN)/untrusted(DMZ/Guest) and then allow specific traffic between the two on the main router, or should I use them as a redundant uplink with load balancing? I don't plan on sending a full gig up to the main router at any given time. [link] [comments] |
| Linux Device broadcast on L2 and floods the local network Posted: 27 Mar 2022 09:08 AM PDT Hi, I have multiple (50-100 on a site) Linux devices with custom Yocto build that talking to local servers via wifi and RabbitMQ. Variscite VAR-SOM-MX6 Linux 4.9.88-10180-gaaecf09-dirty #2 SMP PREEMPT Wed Dec 26 14:04:36 IST 2018 armv7l armv7l armv7l GNU/Linux with WL1837 wifi module : some how this devices talk to each other on L2. I recorded packets with tcpdump and this is the resalt: (Link to recorded pcap file) the sender (TexasIns_64:b9:40) sends: 5 0.190801 TexasIns_64:b9:40 Broadcast LLC 118 U, func=UI; DSAP NULL LSAP Individual, SSAP NULL LSAP Command with this ascii context: Dear switches, we'd like to draw your attention to the fact that address 7c:01:0a:64:b9:40 has moved. the device that I recording on (TexasIns_32:1a:a8) answers : 6 0.190829 TexasIns_32:1a:a8 TexasIns_64:b9:40 XID 20 Basic Format; Type 1 and Type 2 LLCs (Class II LLC); Window Size 127 My question are:
I tried to look at netstat and see what can broadcast but it didn't helped. I disabled services that didn't needed it's also didn't helped. I updated the WL1837 bin file to the latest version it didn't helped nether . lsmod didn't showed me something strange. I am desperate to find a solution... thanks. Serj.M [link] [comments] |
| Netbox Alternative? Free or Cheap. Posted: 27 Mar 2022 04:07 PM PDT I got Netbox going a couple years ago, and while it's decent it is really easy to forget a PC move or replacement and now it's not reflecting reality. Ideally a tool that the service desk folks could use to provision a port, or de provision, record what is plugged in where and update or flag a change, etc. I have solarwinds npm, ncm, but not enough licenses to cover all Ports and devices on those ports. [link] [comments] |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment