Rant Wednesday! Networking |
- Rant Wednesday!
- One thousand and 99 patch cables in plastic...
- SONOS speakers ARP "flooding" network
- Newbie switch question
- Ecessa PowerLink as GSLB possible?
- CISCO ISE 3.1 patch 2 removed from cisco.com
- Stay in Networks & Security or switch to Devops ??
- Bridging from one VTEP to another VTEP
- Cisco IP NAT Load Balancing
- 30 gauge patch cords and PoE?
- 1 Gig Internet Circuit Testing
- Not getting ip on switch with uplink
- Automate Pings using something like Powershell
- Automatic DNS Server
- Running 10Gb over 1000ft OM3 multimode fibers
- Multi WAN Router Config
- How OSPF sends multicast packets via IPIP tunnel ?
- Setting BGP MED on FTD via FMC Possible ?
- Checksums for time exceeded messages
- Q-in-Q on Juniper QFX
- Cisco sdwan performance issues
- What do you guys think of Juniper/Mist?
- DHCP/DNS Management for a separate vlan
- Troubleshooting ASA.
- Should I take Cloud Support Engineer or stay with my current network engineer role?
- Getting Prolitic USB-RS232 adapter to work on HP 1820 switch
| Posted: 26 Apr 2022 05:00 PM PDT It's Wednesday! Time to get that crap that's been bugging you off your chest! In the interests of spicing things up a bit around here, we're going to try out a Rant Wednesday thread for you all to vent your frustrations. Feel free to vent about vendors, co-workers, price of scotch or anything else network related. There is no guiding question to help stir up some rage-feels, feel free to fire at will, ranting about anything and everything that's been pissing you off or getting on your nerves! Note: This post is created at 00:00 UTC. It may not be Wednesday where you are in the world, no need to comment on it. [link] [comments] |
| One thousand and 99 patch cables in plastic... Posted: 27 Apr 2022 10:59 AM PDT https://i.imgur.com/dGflDm6.mp4 One thousand and 99 patch cables in individual plastic on my bench, one thousand and 99 patch cables. Take three out, and pass it around, one thousand and 96 cables on my bench. (When will the madness of individual wrapped patch cables end?) [link] [comments] |
| SONOS speakers ARP "flooding" network Posted: 27 Apr 2022 06:16 PM PDT I have about 40 speakers on my network with the majority of them connected to a switch. Every month or so the entire network will stop working, so I open Wireshark to find 95% of the packets being ARP requests from all the wired Sonos speakers. I factory reset them and then everything goes back to normal, rarely any ARP requests. The speakers are all wired through NetGear switches (ik, it's just not worth to spend more money on switches). I think this issue stems from something with the switches and spanning tree. Do you agree with me? If so, how should I go about fixing this annoying monthly occurrence? [link] [comments] |
| Posted: 27 Apr 2022 08:00 PM PDT Hi All We are moving offices ( two small offices ) into one collective big office, currently we have an unmanaged 24 port switch in each office and I'm wondering instead of buying a 48 port switch I can just stack the two in the rack. My only concern was ipconflicts, my networking isn't the strongest however I assume my router handles the DHCP and the switches just purely provide the POE. Thankyou in advance :) [link] [comments] |
| Ecessa PowerLink as GSLB possible? Posted: 27 Apr 2022 11:09 PM PDT Hi folks, Having a client who is using a pair of this in their environment, for load balancing multiple WAN links to multiple internal DMZ endpoints. They are planning to build a DR site, which in their architectural design, would need to support both Active-Passive and Active-Active applications (depending on the application capability) Internal stuffs aside (storage, DB, etc.), we are to consider entrypoint as well, which involves external DNS and load balancers. I personally as a SI is more familiar with how F5/Citrix DNS works and with BGP Internet, rather than WAN link load balancer like Peplink or PowerLink. Does anyone use PowerLink in their infra, and can you please share some thoughts regarding this? Thanks in advance. [link] [comments] |
| CISCO ISE 3.1 patch 2 removed from cisco.com Posted: 27 Apr 2022 10:54 PM PDT Hi, just received this email from Cisco: ------------------------------------------------------------------------------------------------------------ We are reaching out proactively to update you on an issue that is affecting multiple customers when installing 3.1P2. If you have downloaded ISE 3.1P2 recommendation is not to install the patch. ISE 3.1P2 has been removed from Cisco software downloads site. Please see additional details below: Be aware, that Severity 1 bug: CSCwb70401 "ISE 3.1 Patch 2 - Services not starting due to "Integrity check failed" has been identified in ISE 3.1 Patch 2. https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb70401 Symptoms: "% Error: ISE Integrity Check Failed! One or more ISE program files appears to % be tampered with. Check system log for specific error(s). % Application failed to start" Issue persists after rollback of patch Condition: Upgraded paths impacted: 2.7 -> 3.1 -> Patch2 2.7 -> 3.0 -> 3.1 -> Patch2 3.0 -> 3.1 -> Patch2 Impact: Patch 2 will not be installed on 3.1 If 3.1 was the first version installed on the box (meaning there were no upgrades) the impact is avoided. Action: Recommendation is not to install ISE 3.1 patch 2 and install patch 3 when available (ETA will soon be available) when upgrading from 2.7 or 3.0 releases Please reach out to Cisco TAC if you have any questions. Exceptions: If software install has completed successfully then the deployment will continue to remain functional Best Regards, Cisco ISE Team ------------------------------------------------------------------------------------------------------------ I hope next time they will not release a patch that is still in "alpha" testing phase.. [link] [comments] |
| Stay in Networks & Security or switch to Devops ?? Posted: 27 Apr 2022 01:16 AM PDT Hello everyone; Currently working in the networking and security area of a large company. I have 12 years of experience, you know, Cisco networks, F5 Balancers, Checkpoint Firewalls, Palo Alto...etc. The thing is, I've been offered a "junior" Devops position approximately, The salary is 40k and I'm currently at 53k (Europe). The question is, do I make the jump? On linkedin there are almost 10 times more devops offers than networking engineering. And I think that the networks are going to be less in favor of the cloud. What do you think? Best regards. [link] [comments] |
| Bridging from one VTEP to another VTEP Posted: 27 Apr 2022 10:18 PM PDT Can a frame come out of one VTEP and enter another VTEP on the same VXLAN gateway? Or is there i know host1 and host3 can communicate [link] [comments] |
| Posted: 27 Apr 2022 04:23 PM PDT G'day, I have a client using ISR4431's as gateways - I haven't done a whole lot with NAT beyond basic overload, inside/outside stuff so am a bit lost and wanting some clarifications to what I've read in the Cisco documentation. The ultimate goal is such that the 4431 is connected to 2 routers from 2 different providers, a /24 in on one, a /24 in on the other. The idea is for internet users in particular, to rotate through external IP's to effectively load balance internet traffic between the 2 ISP's - whilst also using PBR to keep it from an unsquare route (i.e. if NATing ISP 1 IP, use ISP 1 for outbound). I know I can use nat pools, and add valid addresses in there, so I could potentially add provider 1 IP's and Provider 2 IP's and as it rotates through them I get the load balance that way, what I am unsure of is if PBR config is done after connection tracking, and if the tracked connection will ALWAYS adhere to whichever route it took and won't kill the session mid-way by changing providers. It doesn't even necessarily need to be a pool of IP's from each provider, just a single on an outside interface and using ECMP for default route is possible if Cisco track's the NAT right? Anyone done something similar before? Any good examples online that I can read over? I've tried to find a 4431 emulation for GNS3 but not having much luck, from your experience is there a comparable router I can chuck in GNS3 to try out some things? I believe 4431's run just IOS but I'm not sure if this will require certain featuresets that other routers might not have. Thanks in advance :) [link] [comments] |
| Posted: 27 Apr 2022 02:40 PM PDT We've been using the slim 28 gauge patch cords for a while, but now they seem to be falling out of favor (ie, poorer availability) with the vendors, and 30 gauge is taking it's place. Before I give in and buy what's in stock, has anyone used 30 gauge patch cords with PoE? We'd only be pushing 3at power over 2 meter cross connects in the closet at most. [link] [comments] |
| 1 Gig Internet Circuit Testing Posted: 27 Apr 2022 10:03 AM PDT ISP installed a symmetrical 1 Gig dedicated internet circuit yesterday. The tech plugs his laptop into the NID, does a speed test and gets 180 Down, 860 up. We try a couple of our laptops and get the same(ish) results. Engineer on the phone says it's probably an issue with our laptop hardware and that they performed an "RFC Test" and got 960 both ways so the NID and circuit are fine. We connect to our Palo Alto firewall and experience similar speeds. Am I crazy and thinking something on the ISP end is affecting our download speed? [link] [comments] |
| Not getting ip on switch with uplink Posted: 27 Apr 2022 05:28 PM PDT I'm having an issue that I know it's probably one stupid tag or untag but I can't figure it out: I have a cisco sg200 set with port 24 as trunk and vlan 1 tagged, vlan 6 untagged, and vlan 7 tagged. That port is connected to a netgear gs724tpv2 switch. On port 8 of that switch I have vlan 1 tagged, vlan 6 untagged and vlan 7 tagged. The pvid on both is 6. When I plug into any of the other ports on that netgear switch that are all untagged on port 6, I cannot get an IP. If I plug direct into port 24, I get an ip. I don't see anywhere on that switch to set trunking on that port. Maybe I don't need to. I know vlan 1 is working because I can get to both web interfaces of both switches no matter which switch I'm plugged into that is on a vlan 1 untagged port. Head scratcher. Any ideas? [link] [comments] |
| Automate Pings using something like Powershell Posted: 27 Apr 2022 11:27 AM PDT The network that I work for doesn't have any sort of SNMP capability what-so-ever. There is zero way for any of the Net Admins to check the status of the network or specific devices, besides manually remoting into them. Now, before I leave this job out of pure frustration I figured I would give it a shot and try to develop some sort of system to give a small idea as to what the fuck is going on in our network before the users call us to tell us that they have been down for 2 weeks. I'm looking to make a powershell script that pings a list of IPs, and then the script responds back with only the IPs that failed to respond. Does anyone have any idea how that would look? [link] [comments] |
| Posted: 27 Apr 2022 05:29 AM PDT I am looking for a Solution that automatically creates and deletes DNS entries according to the hostname I set on a device. If necessary I can pair that with a DHCP or something else. Does anyone know a Suitable solution? I am currently using the DNS of my Forti but its a pain to upgrade the DNS entries in the lab, since they change very frequently. Thanks in Advance ! [link] [comments] |
| Running 10Gb over 1000ft OM3 multimode fibers Posted: 27 Apr 2022 02:36 AM PDT Hello folks, I'm reaching out to some of you optical wizards with an issue I'm currently facing. We took over a campus that already has fibers between buildings, but those are OM3. In one particular case, the run is 331 meters, which is just over the paper limit of 300m for 10Gb. I do have dB and refraction measurements for all of them, but don't really understand what I'm reading... Do any of you have an experience if 10G is going to work? I found an interesting article, where some mad lads managed to do 640 and 1700 meters over OM2, using LR optics and conditioning cables. They even talk about this working without conditioning cables?? My mind is blown. Is this wizardry commonly used and known to work? As a separate topics, have any of you used those exotic 1Gbps MMF BiDi optics in Cisco devices? Apparently, they can be configured to look like GLC-SX-MMD edit: apparently the loss is only 0.65dB [link] [comments] |
| Posted: 27 Apr 2022 02:07 PM PDT I need to setup a router that allows access for two WAN connections to retrieve data from the same three clients (data collectors or RTU's). Here is a map of my topology: https://i.imgur.com/AQyrZQg.png The goal is for A or B Corp to be able to make a data request to their respective Cell Router and retrieve data back from RTU1/2/3. ie. A Corp requests data from 172.17.48.50:4000 and receives data back from RTU 1. What types of rules (NAT? Firewall? Routing?) do I need to put in place to achieve this? (I'm quite limited in my router experience and would love fairly detailed responses if possible.🤦🏻♂️) [link] [comments] |
| How OSPF sends multicast packets via IPIP tunnel ? Posted: 27 Apr 2022 09:27 AM PDT Hi, I was playing in GRE, IPIP tunneling and OSPF protocol. The textbooks say that IPIP can only handle IPv4 unicasts and has no multicast traffic. So how does ospf work in IPIP tunnel? my lab: https://imgur.com/a/CIUmpDG [link] [comments] |
| Setting BGP MED on FTD via FMC Possible ? Posted: 27 Apr 2022 03:08 AM PDT Has anybody successfully set the MED outbound on a firepower using FMC ? I can set some other attributes like weight and even prepending via FMC but not the MED I have attempted to use FLEX Config , when you preview flex config before you deploy you see the set metric xx under the route map statement but after deploying and inspecting the route-map config the running config on the FTD the set metric is removed the design I have been handed requires MED as GCP does not seem to respect prepending (feel free to correct me here) . I have also raised 2 TAC Cases first one pointed me to flex config but due to red tape i could not alter config for few months and the case was closed (fair nuff) then i raised a second one and TAC is avoiding me like the plague ...... Also had I a choice I wouldn't be running BGP on this platform before someone points this out :) [link] [comments] |
| Checksums for time exceeded messages Posted: 27 Apr 2022 07:54 AM PDT Hi, I wrote a traceroute program for a class project in Python and I've encountered some behavior I am haveing trouble understanding when verifying the incoming ICMP checksums. I have an issue when on MacOS, the checksum verification is wrong for time limit expired messages, but correct for the final Echo Reply in the response from the traceroute target. On Windows and Ubuntu, the same exact code produces the correct checksums. I am extracting the recieved checksum from the header, and then recalcuating the checksum to determine the "expected" checksum. I verified my program is extracting the correct recevied checksum using wireshark. The expected checksums are wrong for time limit expired in MacOS, but correct on Windows and Ubuntu. What could be the cause of this? I have this post on stack overflow if you want to see output/code: Thanks so much [link] [comments] |
| Posted: 27 Apr 2022 05:32 AM PDT Attempting to lab q-in-q in GNS3 but running into an issue. Topology is here. RE-8: RE-1 The issue is, when I send a ping from PC1 to PC2 and run a packet capture on the link between RE-1 and RE-3, the ARP packets do not have two 802.1Q tags. They only have the single C-TAG of 202. Because of this, the packet never makes it past RE-3. I've read over the Juniper doc and everything seems to be configured correctly so I'm not sure if this is a bug with GNS3 or the QFX image or what. [link] [comments] |
| Cisco sdwan performance issues Posted: 27 Apr 2022 11:25 AM PDT Hey guys , can anyone confirm if my TLOC is down can it potentially cause performance issues with my sdwan setup for a particular site ? [link] [comments] |
| What do you guys think of Juniper/Mist? Posted: 26 Apr 2022 04:29 PM PDT A company that a friend of mine works at switched from Aruba to Mist about three months ago for their campus/branch infrastructure (wired and wireless) and he won't stop raving about it. Its making me want to take a look before we upgrade our infrastructure in the next 12-18months, but I'm wondering if its really that good? Basically he is just saying its way easier to deploy and run than Aruba and it has significantly reduced both their help desk tickets and the average time to resolve tickets. He is also talking about how amazing the Mist "AI" is, but I always struggle to separate actual AI functionality from marketing hype. Anyone else out there seen similar results? Is this good enough that it justifies breaking free from Cisco? [link] [comments] |
| DHCP/DNS Management for a separate vlan Posted: 27 Apr 2022 11:07 AM PDT Hello! There are many vlans in our company, a windows server is used for DHCP, BIND is used for DNS. Is it possible to separate the DHCP and DNS management of a department(separated vlan)? Is it possible to manage only the DHCP pool assigned to this vlan with a different server? [link] [comments] |
| Posted: 27 Apr 2022 06:38 AM PDT So I'm having issues allowing port 587 through my firewall. The source is external hitting my "outside" interface. the path is hair pinned on this interface to another server on this interface. There is an object created for this server and I have created a service object for 587 with 587 as the destination and 1-65535 as the source. When setting a packet capture on the outside interface I get a bunch of "TCP port numbers refused" in Wireshark. This tells me that it is being blocked by an ACL but as far as I can tell the outside ACL is allowing it. I did a packet trace from ASDM but it is not really helpful because I can't set the outside interface as both the ingress and egress. Is there anything else that maybe I am forgetting? Most of my firewall experience is on Palo Alto Firewalls, so any help is greatly appreciated. [link] [comments] |
| Should I take Cloud Support Engineer or stay with my current network engineer role? Posted: 27 Apr 2022 04:23 AM PDT Hey all, I'm looking for some wisdom for a tough decision. I've only been with my current company for a year, but I got an unexpected offer from Microsoft for Azure Support Engineer. Should I take it? I'm torn because the current job I'm in has upward mobility, I'm having fun, and they pay well. I am a network engineer and my main responsibilities are wireless networking, plus lots of network expansion and refreshes for new sites, etc. It's mostly your standard enterprise network, but it's on-prem. It's government with a TS security clearance. The Microsoft position would pay more, it's remote, and obviously it's cloud, which is the direction of the industry. I'd love to accept the Microsoft offer, but it would mean going back to support, at least until I get a foot in the door. I also don't want to miss out on the promotions at my current job; and even though cloud is the future, I still think wireless networking can be a very valuable skill. I think my current manager would be very upset if I left, because they've been giving me a lot of responsibilities, and they're counting on me for the long term. Any advice? Thanks! [link] [comments] |
| Getting Prolitic USB-RS232 adapter to work on HP 1820 switch Posted: 27 Apr 2022 09:56 AM PDT Hi all, I'm having a hard time trying to get a Prolitic-based USB-RS232-RJ45 cable to work on my HP 1820-8G-PoE+ switch. In PuTTY I can see the switch booting up (baud rate etc. is all set) but it won't accept any keyboard input. Tried it 2 different machines with the exact same result. Is this an inherent problem with the OS (W10 21H2) or the cable? Any idea? [link] [comments] |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment