|
jwh posted:Nexus 5k experiences: yay? nay? I've got two 5596UP's (soon to be four) in production along with two 5548UP's. I like them, the VPC technology is really good, the codebase seems stable, and the 40Gbe Expansion cards are to be released Q3 next year if I'm not mistaken. If you are already a cisco switching shop then it's a no-brainer, any benefit (cost or otherwise) you might get from going Arista or Force10 would be immediately lost by having to support another product from another vendor.
|
#
?
Sep 13, 2012 03:32
|
|
|
|
| # ? Apr 23, 2024 14:02 |
|
|
bort posted:It used to be recommended that you didn't use either all-zeroes or all-ones. That might be why they're saying that. It won't.
|
|
#
?
Sep 13, 2012 03:34
|
|
|
Well that's good to know. Is it still considered best practice not to use it?
|
|
#
?
Sep 13, 2012 03:36
|
|
|
No, use 'em or lose 'em. You have to work to engineer your network to have a problem with zeroes or ones networks. edit: DHCP servers don't misconfigure subnet masks. And some guy in 1995 says not using them is obsolete. http://www.ietf.org/rfc/rfc1878.txt Bluecobra posted:I also recently found a reseller that sells Twinax 10GbE cables for dirt cheap which helps keep connectivity costs down for shorter cable runs. bort fucked around with this message at 03:44 on Sep 13, 2012 |
|
#
?
Sep 13, 2012 03:39
|
|
|
ToG posted:Well that's good to know. Is it still considered best practice not to use it? I wouldn't due to the routing loop issue he mentioned earlier. Given how CIDR works these days, you really shouldn't find yourself in that situation, though.
|
|
#
?
Sep 13, 2012 03:40
|
|
|
Thanks both of you. I have ICND2 booked for next month so I'm studying like mad. Sometimes it takes a while to grasp things. I find subnetting okay now. ICND adds the VLSM aspect to it but it's not too difficult. This issue popped up on another forum I go to hence my asking. What I observed was counter to what the books told me. V ToG fucked around with this message at 03:58 on Sep 13, 2012 |
|
#
?
Sep 13, 2012 03:44
|
|
|
Anyone who tells you subnetting was easy while they were learning it is either lying or really loving smart. For me, it really helped to break it down to the binary. Subnet mask calculators can often do this for you.abigserve posted:If you are already a cisco switching shop then it's a no-brainer, any benefit (cost or otherwise) you might get from going Arista or Force10 would be immediately lost by having to support another product from another vendor. Equipment that runs right doesn't need supporting... 
bort fucked around with this message at 03:57 on Sep 13, 2012 |
|
#
?
Sep 13, 2012 03:48
|
|
|
Bluecobra posted:I doubt Cisco can get anywhere near that price for a comparable Nexus switch.
|
|
#
?
Sep 13, 2012 04:01
|
|
|
https://www.subnettingquestions.com do this everyday until you're sick of it and can subnet in under 15 seconds. When I first started it would take me about 2 minutes to get an answer right, and now I don't even have to think about it, I see the address in the question and I already know the answer most of the time. On the test, you get 15 minutes for a survey in the beginning, use that time to write a 'cheatsheet' I wrote something like this on the eraseable board they provided me as soon as I walked in.  The test loves throwing out the .240 maks because people have a hard time adding up 16s so I practiced that a little too.
|
|
#
?
Sep 13, 2012 04:33
|
|
|
The survey is at the end. The time at the start is the 'guide' for doing the exam. I wrote a cheatsheet for ICND1 and ended up not needing it. I want to get to a point where I don't need it. That website is fantastic thanks. I can do /24s and up in my head in a minute or two, but /23s etc throw me occasionally. I just need more practice.
|
|
#
?
Sep 13, 2012 04:42
|
|
|
jwh posted:Nexus 5k experiences: yay? nay? I recently implemented 3 pairs of 5548UPs combined with ~20ish Nexus 2200 switches. Works really well and by using 2000s you can drive down cost per port quite nicely. In one DC we're using the N5ks as distribution switches with the N2ks located EOR using MM fiber, which works great. In the other DC we've centralized cabling racks, so we can place N5ks and N2ks in the same racks. Here we use twinax cabling, that saves money and works equally well. We're using a multihomed fex setup and the N5k's are linked to pairs of N7ks, thus allowing all-the-way VPC. It's an awesome setup. Only thing to keep in mind: N5ks dont do ISSU upgrades when running downstream STP!
|
|
#
?
Sep 13, 2012 10:41
|
|
|
bort posted:What do you use for network interfaces on your servers? Those are dirt cheap. The 4810s are terrific but I spend too much money on optics. Here is their newest card ($930): http://www.colfaxdirect.com/store/pc/viewPrd.asp?idproduct=1399&idcategory=0 The older model is much cheaper now ($415), but is still a pretty good card: http://www.colfaxdirect.com/store/pc/viewPrd.asp?idproduct=514&idcategory=0 On the 4810, if you run "show inventory media" it would say if the SFP+ is qualifed or not. We never had an issue with support about this, obviously we would be responsible for a bad optic or Twinax cable. If you are looking for cheap 10GbE optics that are compatible look here: http://tinyurl.com/9xrfh8d Note that Finisar makes the optics that most vendors OEM, it is exactly the same optic Force10 sells at an outrageously inflated price but with a different sicker on it. If you are looking to buy these optics cheaper then Avnet, I found that this reseller gives us the best price for Finisar.
|
|
#
?
Sep 13, 2012 15:23
|
|
|
ToG posted:Well that's good to know. Is it still considered best practice not to use it? What's your opinion on a /31. Whats your basis for that opinion?
|
|
#
?
Sep 13, 2012 16:50
|
|
|
It can be used for point to point links otherwise it's useless? All the books say to use a /30 just. Thats all I got from searching the cisco site when /31 subnets cropped up studying for ICND1. I didn't do any indepth searches though.
|
|
#
?
Sep 13, 2012 19:21
|
|
|
Thanks, Bluecobra, that is great info. Are you running 8.3.12 on your S4810s? We deployed an early version (8.3.7.3) because it had stacking capability. We recently ran into a bug where a pair came unstacked and have to upgrade.
|
|
#
?
Sep 13, 2012 19:48
|
|
|
bort posted:Thanks, Bluecobra, that is great info. Bluecobra fucked around with this message at 21:27 on Sep 13, 2012 |
|
#
?
Sep 13, 2012 21:20
|
|
|
Yeah, I have similar constraints. I pretty much never upgrade unless I need a fix or a feature. I, too, lack test infrastructure -- somehow that S4810/Z9000 test lab I posit always gets struck from the budget... I figured the full stack had to reboot for the upgrade, but was going to search to see if they had some "warm upgrade" path. So you saved me that time -- thanks again. [/force10chat]
|
|
#
?
Sep 13, 2012 21:54
|
|
|
Thanks guys- these nexus 5ks would replace a smaller installation of 3750s. The vast majority of what we're doing now is Dell m1000e's with 10gbit stacked Cisco I/O modules, and this is just an effort to find more 10gbit ports in a smaller form-factor.
|
|
#
?
Sep 13, 2012 22:28
|
|
|
jwh posted:Thanks guys- these nexus 5ks would replace a smaller installation of 3750s. On our M1000e's for the 10GB stuff, we use the passthru modules with the 10Gb mezz cards in the blades and just terminate to TOR stuff, whether it be Juniper (EX4500/8200) or Cisco (Nexus 5K). TOR stuff for 1Gb, we use Juniper EX4200 TOR, 4500 AGG or Cisco Nexus 2k TOR and 5k AGG.
|
|
#
?
Sep 13, 2012 22:42
|
|
|
CrazyDutchie posted:I recently implemented 3 pairs of 5548UPs combined with ~20ish Nexus 2200 switches. Works really well and by using 2000s you can drive down cost per port quite nicely. This is a good gotcha! But, the other thing that might not be immediately obvious, VPC will work even if the switches are on different code, so you can "fake" issue by dual-homing everything that is important and upgrading the switches one at a time.
|
|
#
?
Sep 14, 2012 04:51
|
|
|
jwh posted:Thanks guys- these nexus 5ks would replace a smaller installation of 3750s. http://gnodal.com/Products/GS-Series/GS7200/ At $36,000, it is a little pricey but is intended for people looking at the absolute lowest latency (~150ns).
|
|
#
?
Sep 14, 2012 13:49
|
|
|
I couldn't find anywhere referencing their over-subscription model but it looks like 2:1. Can anyone verify that?
|
|
#
?
Sep 14, 2012 15:24
|
|
|
Speaking of Nexus deployments, I am currently in the middle of my first one and have a question about ISSU. We have 2 5548UPs in a standard VPC configuration with 2248s. My current plan is to uplink each of the Nexus to our 3560 distribution switches and our 3750 SAN stack. I'm planning on using a VPC on one end and a portchannel on the other for SAN traffic. No big deal there as far as I can see. The 3560s are the root primary and secondary for spanning tree, linked L2, and running HSRP on the VLAN SVIs. If I hook one of each Nexus to one of each distribution switches (creating an upside-down U pattern), am I correct in assuming that the Nexus would be a leaf node at that point? (I'll probably enable uplink fast to up the cost) My understanding is that as long as it isn't partcipating in the chain of STP from upstream switches to downstream switches, I'm ok.
|
|
#
?
Sep 16, 2012 18:14
|
|
|
I am giving up on the Cisco Consultant I hired to install 3 ASA55150-x. I had to add a default route to his config just so he could get the internet up in the test environment. That and he has taken over a month just to get basic configs done. You live, you learn. Sadly my budget takes the hit on this one... How is Smartnet? I purchased it with these. If I hit a config issue, can I call and get a reasonably quick response? Anyways, Has anyone used one of these? http://gridconnect.com/bluetooth-to-rs232.html
|
|
#
?
Sep 18, 2012 05:55
|
|
|
Does the ASA have something like SDM? I don't know a thing about the ASA line other than some experience with a PIX like ten years ago, but I'm pretty sure given a month I could come up with a reasonable config 
|
|
#
?
Sep 18, 2012 05:59
|
|
|
Martytoof posted:Does the ASA have something like SDM? I don't know a thing about the ASA line other than some experience with a PIX like ten years ago, but I'm pretty sure given a month I could come up with a reasonable config ASDM and I have configured several 5505's over the years. He did get HA setup and working, but could not figure out that the modem needed to be restarted when he could not get internet up... I built a dozen configs just playing with ASA's, but simply ran out of time. He came decently recommended and sadly just does not have a clue despite being CCNA/MCITP.
|
|
#
?
Sep 18, 2012 06:24
|
|
|
Martytoof posted:Does the ASA have something like SDM? I don't know a thing about the ASA line other than some experience with a PIX like ten years ago, but I'm pretty sure given a month I could come up with a reasonable config Yeah, they have ASDM. As long as you keep using it and not the CLI (the resulting configs will make your eyes bleed), pretty much anyone with any firewall experience can have one up and running with basic functionality relatively quickly.
|
|
#
?
Sep 18, 2012 06:28
|
|
|
My coworker uses ASDM and I use CLI, I can confirm the eye bleeding.
|
|
#
?
Sep 18, 2012 13:06
|
|
|
Yea something I've noticed with ASAs. If you do only the CLI, you are fine, it's "ios-like" enough for anyone with some cisco experience to understand what is going on, however the ASDM uses a lot of labels, that are named extremely similarly to actual ASA commands, thus if you are trying to parse configuration (Access-lists are the worse for this) it makes it nearly impossible to follow. Pick one, and stick to it, for your own sanity.
|
|
#
?
Sep 18, 2012 13:28
|
|
|
Usually I just copy the config into notepad if there's ASDM in it to make it easier to jump around. For ACL's if you're trying to figure out which one certain access belongs to you can usually simulate a packet through packet-tracer command with "detailed" applied at the end and it will tell you which ACL and object group it used to match it.
|
|
#
?
Sep 18, 2012 14:53
|
|
|
the spyder posted:How is Smartnet? I purchased it with these. If I hit a config issue, can I call and get a reasonably quick response? It's a response that's better than NO response, but be warned: I just had TAC take a 100mbit connection and police it down to 60kbit because the guy failed at basic multiplication.
|
|
#
?
Sep 18, 2012 16:41
|
|
|
ASA failover is easy- it's what, five lines of config?
|
|
#
?
Sep 18, 2012 20:00
|
|
|
So we moved from Procurve to Cisco switches, and I'm really starting to regret that decision. This is our first set of Cisco products, and I had to call to register a Cisco.com account because their online registration system isn't working. Now I can't do something as simple as searching for documentation because I keep getting 404s and pages with no CSS. Is their site always this terrible?
|
|
#
?
Sep 18, 2012 22:11
|
|
|
Erwin posted:So we moved from Procurve to Cisco switches, and I'm really starting to regret that decision. This is our first set of Cisco products, and I had to call to register a Cisco.com account because their online registration system isn't working. Now I can't do something as simple as searching for documentation because I keep getting 404s and pages with no CSS. Is their site always this terrible? I always find documentation on their site via google searches so no its usually not that bad. Nothing like Microsoft's site which is awful
|
|
#
?
Sep 18, 2012 22:13
|
|
|
I've never had to login to CCO to look at documentation.
|
|
#
?
Sep 18, 2012 22:14
|
|
|
Erwin posted:So we moved from Procurve to Cisco switches, and I'm really starting to regret that decision. This is our first set of Cisco products, and I had to call to register a Cisco.com account because their online registration system isn't working. Now I can't do something as simple as searching for documentation because I keep getting 404s and pages with no CSS. Is their site always this terrible? What switches and IOS version?
|
|
#
?
Sep 18, 2012 22:19
|
|
|
ragzilla posted:What switches and IOS version? 2960-S, version 12.2, which is weird because we just bought them, so I would have figured 15.2?
|
|
#
?
Sep 18, 2012 22:24
|
|
|
Erwin posted:So we moved from Procurve to Cisco switches, and I'm really starting to regret that decision. This is our first set of Cisco products, and I had to call to register a Cisco.com account because their online registration system isn't working. Now I can't do something as simple as searching for documentation because I keep getting 404s and pages with no CSS. Is their site always this terrible? CCO is required for Software and Bug reports.
|
|
#
?
Sep 18, 2012 22:42
|
|
|
Erwin posted:2960-S, version 12.2, which is weird because we just bought them, so I would have figured 15.2? http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/scg_2960.html
|
|
#
?
Sep 18, 2012 22:49
|
|
|
|
| # ? Apr 23, 2024 14:02 |
|
|
ragzilla posted:http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/scg_2960.html Awesome, thanks! I'll leave you guys alone now 
|
|
#
?
Sep 18, 2012 22:53
|
|