|
routenull0 posted:Why is Network 2 using eBGP internally, when if that's the same AS, it's iBGP....You might be better off MS Paint'ing this with AS'es and such as forum BBcode isn't cutting it. It's running eBGP internally on private AS numbers (i.e. 64512 through 65534) because someone from the last mob that managed the network didn't like IGPs or something. When I say it's running eBGP internally I mean literally all their internal routers have their own AS number etc. apart from a small island of iBGP. In the interests of not looking too retarded here's what I'm dealing with: Blue is BGP, green is EIGRP.  My current plan is to remove the device circled in red and set up EIGRP on the N7K and work inwards from there. This might be the wrong way to go about it I suppose, and I should run eBGP for the time being on the 6500 and work on converting Network 2 DC 1 to EIGRP first.
|
#
?
Jun 20, 2013 04:44
|
|
|
|
| # ? Jun 6, 2024 15:25 |
|
|
 I'm not really sure how that would ever happen unless the routing table was too big for any IGP because of legacy issues (like earlier than 1992 or something). Anyway, yea, just use the 6500 to redistribute BGP into eigrp and slowly add each BGP speaker into your EIGRP AS, then get rid of BGP because why are you running it?
|
|
#
?
Jun 20, 2013 06:52
|
|
|
Really sorry if this is the wrong place to ask (although this is the dedicated Cisco thread, so I wouldn't think so!), or if this sort of question isn't kosher - if it is I'll gladly remove the offending content - but anyway, I'm currently finishing up CCNA2 as part of a Network Administration course I'm doing, and I'm just wondering about which of the final pracs is regarded as the best/simplest/quickest to do, (since I'm running out of time - I've only got a few days left, and I've got the practice+final practical, plus a bunch of Packet Tracer assignments to do) as apparently there's a bunch you can choose from and their difficulty varies a little. (or at least, that's the impression I got from friends who did CCNA2 last semester - apparently the OSPF one is particularly tricky, according to one friend) But yeah, I'm not looking for answers/solutions or anything like that, just a nudge in the direction of the practical assessment you guys think is the best one to take, if I just want to get it done ASAP before the end of term. Thanks for any advice given, I greatly appreciate it! (and sorry again if I shouldn't be asking this in here - the OP mentioned that CCNA questions are fine, but I dunno, I guess this kind of advice-seeking might be frowned upon, even though I'm not after answers)
|
|
#
?
Jun 20, 2013 07:13
|
|
|
Powercrazy posted:
It happened because we took over a network where the old admins loved BGP for everything or something. I don't really know why as they aren't around for me to ask.
|
|
#
?
Jun 20, 2013 08:08
|
|
|
Major Isoor posted:Really sorry if this is the wrong place to ask (although this is the dedicated Cisco thread, so I wouldn't think so!), or if this sort of question isn't kosher - if it is I'll gladly remove the offending content - but anyway, I'm currently finishing up CCNA2 as part of a Network Administration course I'm doing, and I'm just wondering about which of the final pracs is regarded as the best/simplest/quickest to do, (since I'm running out of time - I've only got a few days left, and I've got the practice+final practical, plus a bunch of Packet Tracer assignments to do) as apparently there's a bunch you can choose from and their difficulty varies a little. (or at least, that's the impression I got from friends who did CCNA2 last semester - apparently the OSPF one is particularly tricky, according to one friend) It sounds like you are asking about your university-designed 'Cisco' course. The Pearson-Vue final external exam does not have any optional components.
|
|
#
?
Jun 20, 2013 08:16
|
|
|
Gap In The Tooth posted:It sounds like you are asking about your university-designed 'Cisco' course. Ah sorry, I didn't explain properly - my TAFE Certificate basically just dumps us into the Cisco Networking Academy site (located here) as part of the course (as well as the Microsoft eLearning Academy site, plus a heap of internal subjects, etc), which I believe is the 'proper' Cisco course - since I think in the diploma after my current cert involves CCNP and something else from Cisco, which I think is supposedly a fairly desirable Cisco-issued certificate, right? - especially as we get quite little help from the lecturers at best, as all the coursework is on the website, heh. I could very well be wrong though. Either way, you're not giving me much confidence that I can get out of any extra assignments, even if they are just Packet Tracers!  EDIT: Alright, here's the exact (I hope, anyway! Heh) name of the course that I just pulled from cisco.netacad.net: "CCNA Exploration: Routing Protocols and Concepts", if that helps clear anything up Major Isoor fucked around with this message at 12:46 on Jun 20, 2013 |
|
#
?
Jun 20, 2013 12:38
|
|
|
ruro posted:...because someone from the last mob that managed the network didn't like IGPs or something. People who make design decisions like that should be disqualified from receiving paychecks. Also applies to people who think static routing is easier then dynamic routing.
|
|
#
?
Jun 20, 2013 13:33
|
|
|
ruro posted:I work for a government department that recently absorbed another government department and the previous network team are basically gone so now we're trying to fix up all the weirdness. I will definitely have an extra glass of Johnny Walker tonight in honor of the bullshit you inherited. I'm with Powercrazy on the transition plan, it's about the only cleanest / safest way to pull it off. Are you needing to do this without impact to traffic or an outage? Get a maintenance window for Network 1 and swap it all in one big shot.
|
|
#
?
Jun 20, 2013 14:11
|
|
|
Major Isoor posted:Really sorry if this is the wrong place to ask (although this is the dedicated Cisco thread, so I wouldn't think so!), or if this sort of question isn't kosher - if it is I'll gladly remove the offending content - but anyway, I'm currently finishing up CCNA2 as part of a Network Administration course I'm doing, and I'm just wondering about which of the final pracs is regarded as the best/simplest/quickest to do, (since I'm running out of time - I've only got a few days left, and I've got the practice+final practical, plus a bunch of Packet Tracer assignments to do) as apparently there's a bunch you can choose from and their difficulty varies a little. (or at least, that's the impression I got from friends who did CCNA2 last semester - apparently the OSPF one is particularly tricky, according to one friend) If you're about to take the actual CCNA soon, brush up on OSPF, IPv6, access control lists, NAT, spanning-tree protocol, and VLANs/VTP.
|
|
#
?
Jun 20, 2013 14:18
|
|
|
inignot posted:People who make design decisions like that should be disqualified from receiving paychecks. Also applies to people who think static routing is easier then dynamic routing. It is easier individually, just not in aggregate. That's why you see so many networks where they start out and have a route. Then they need another route, and they say, well, that's only two routes, so let's just put in another static. Then eventually they need more routes, but by now they've established the de facto policy of using static routes. Years later I get hired and have to unwind the rats nest. Circle of life 
|
|
#
?
Jun 20, 2013 19:10
|
|
|
Major Isoor posted:Ah sorry, I didn't explain properly - my TAFE Certificate basically just dumps us into the Cisco Networking Academy site (located here) as part of the course (as well as the Microsoft eLearning Academy site, plus a heap of internal subjects, etc), which I believe is the 'proper' Cisco course - since I think in the diploma after my current cert involves CCNP and something else from Cisco, which I think is supposedly a fairly desirable Cisco-issued certificate, right? - especially as we get quite little help from the lecturers at best, as all the coursework is on the website, heh. I could very well be wrong though. I used to teach the CCNA. What you are doing is the Cisco Networking Academy course for CCNA. There are four modules, after routing comes switching then WAN technologies. These are not CCNP topics, these are all CCNA topics. *IF* you are doing all four (a lot of places, even universities, stop at the end of the routing section), then you will have covered all of the topics that are in the external exam. Completing the Network Academy course gives you a certificate, but it is a certificate of completion of the Net Academy. It is NOT the CCNA. If you show up to a job interview waving this around it is about equal to coming in with your middle school diploma. To get the CCNA, you will need to go and sit an external exam at a Pearson Vue testing center. Your course probably does NOT give you a voucher to do this, so you will need to buy one, and it is in the hundreds of dollars range. Bottom line, the Academy Course and the external exam are two completely different things and if you complete your current program and not sit the external exam you will not have your CCNA.
|
|
#
?
Jun 20, 2013 19:22
|
|
|
inignot posted:People who make design decisions like that should be disqualified from receiving paychecks. Also applies to people who think static routing is easier then dynamic routing. Funny you should mention static routes. Three years ago we absorbed IT services for another department that used static routes across their entire network. DC, MAN, and WAN were all static routes. So the current merger isn't as bad as it could be.
|
|
#
?
Jun 20, 2013 21:55
|
|
|
ruro posted:It happened because we took over a network where the old admins loved BGP for everything or something. I don't really know why as they aren't around for me to ask. There's nothing wrong with using BGP as your routing protocol within an organization, but I have no idea what the hell is going on in your network. If it were me, each site should have one AS assigned to it and use iBGP inside of it.
|
|
#
?
Jun 21, 2013 00:23
|
|
|
Bluecobra posted:There's nothing wrong with using BGP as your routing protocol within an organization, but I have no idea what the hell is going on in your network. If it were me, each site should have one AS assigned to it and use iBGP inside of it. Is there a reason you'd want a different AS for each site? I generally tend to use the same AS across all my sites.
|
|
#
?
Jun 21, 2013 00:37
|
|
|
One of the issues I've heard of with using the same AS for multiple sites is that if your sites aren't truly connected on the back-end (via direct or VPN or something), some peers won't advertise your other site's prefixes to you. Example: Site A - 10.10.10.0/24 Site B - 10.20.20.0/24 When your peer at Site A sees the prefixes for Site B, it might not advertise them to Site A since Site A is the AS that did the advertising. This can cause issues sometimes, depends on if your carrier is willing to force those prefixes.
|
|
#
?
Jun 21, 2013 01:11
|
|
|
Bluecobra posted:There's nothing wrong with using BGP as your routing protocol within an organization, but I have no idea what the hell is going on in your network. If it were me, each site should have one AS assigned to it and use iBGP inside of it. I didn't mean to imply there's a problem with BGP, just that the implementation in the second network we've taken over is wacky. Having said that it wouldn't be my first choice for an internal network and we run EIGRP across the first network without any issues.
|
|
#
?
Jun 21, 2013 01:14
|
|
|
Gap In The Tooth posted:I used to teach the CCNA. Huh, alright then, that seems odd, considering it's labelled as CCNA1 and 2 in the course overview, etc. If you don't mind me asking, what country/ies have you taught in? Since would that make a difference? Not that I'm trying to argue with and/or doubt you - as you obviously know more about the process than I do - but I'm in South Australia, and I'm not even sure we have a Pearson-Vue institute here. (unless you take the exams online, I guess?)  Also, just checked with the friend I mentioned earlier, and my apologies - there must've been a miscommunication somewhere along the line between us; he's currently doing the Cisco NSF course. EDIT: vvv Ah, alright then. Well, that settles that, I suppose! Major Isoor fucked around with this message at 02:12 on Jun 21, 2013 |
|
#
?
Jun 21, 2013 01:28
|
|
|
Major Isoor posted:Huh, alright then, that seems odd, considering it's labelled as CCNA1 and 2 in the course overview, etc. If you don't mind me asking, what country/ies have you taught in? Since would that make a difference? Not that I'm trying to argue with and/or doubt you - as you obviously know more about the process than I do - but I'm in South Australia, and I'm not even sure we have a Pearson-Vue institute here. (unless you take the exams online, I guess?) Pearson-Vue supply secure testing facilities for certifications, if there's not a PV near you there will probably be a DDLS. Many years ago I did the same network academy course you're doing and I had to take the exam externally once I finished to get an actual certification (I'm in QLD).
|
|
#
?
Jun 21, 2013 01:50
|
|
|
Major Isoor posted:Huh, alright then, that seems odd, considering it's labelled as CCNA1 and 2 in the course overview, etc. If you don't mind me asking, what country/ies have you taught in? Since would that make a difference? Not that I'm trying to argue with and/or doubt you - as you obviously know more about the process than I do - but I'm in South Australia, and I'm not even sure we have a Pearson-Vue institute here. (unless you take the exams online, I guess?) Taking the courses does not give you the CCNA. You still have to write the cert exam at Pearson VUE. http://pearsonvue.com/vtclocator/ less than three fucked around with this message at 01:52 on Jun 21, 2013 |
|
#
?
Jun 21, 2013 01:50
|
|
|
The confusion is that Cisco ideally wants you to sit the Network Academy Program, which directly maps to the CCNA exam topics. They are labelled CCNA1, CCNA2 etc because there are four books/courses inside the CCNA NetAcad program. The place I taught at in New Zealand does this but then also includes a voucher to go to the testing center and sit the final external exam. The university I studied at only did CCNA1 and CCNA2 at 200-level, and did CCNA3 and CCNA4 at 300-level. There was no voucher provided, and no expectation to sit the external exam. What I think is happening at your institute is much the same, you are being taught CCNA1 and CCNA2, but you're only being taught half the topics for the exam, for which there is probably no expectation for you to sit. The vast majority of places that teach the CCNA do this. So when you go out to market yourself to employers, the savvy ones will see through all of your diploma/bachelor/associate/trade certificate stuff and see you don't have an actual Cisco CCNA. The poo poo employers will see "CCNA1 and CCNA2" and match the acronym and think, much like you did up until 3 posts ago, that you were earning a CCNA. This means that if you head overseas to work, people won't recognise your Aussie diploma, they will want your Cisco certs, of which you won't have one. Now if your institute hasn't said outright that you'll get a CCNA then technically they haven't done anything wrong. e: sorry I didn't want to come across as a dick there. Just be prepared to go away and study some more when you finish your course before you go to sit the exam and get a CCNA.
|
|
#
?
Jun 21, 2013 03:42
|
|
|
Actually, if I'm not mistaken, (although given my record in this thread, I wouldn't be surprised if I am, heh) the other people I know who have completed this have gotten their certificate from Cisco saying they've completed CCNA2, and I'm doing the exact thing they did. (also when I did CCNA1 I could've sworn I got a certificate too; although I'm not at home so I can't check, although if I didn't - which is also possible, as my TAFE is a bit slack on that front, since I think they didn't give another student their CCNA1 cert until they asked for it the following term - I'll chase that up, since everyone else did, sooner or later) Needless to say, this is getting more confusing by the post! Anyway, I'll see if I can find my CCNA1 cert (provided I got it last year, which I believe I did - if not I'll ask about it as I mentioned above) and then post exactly what it's stating what I'm certified for, etc.
|
|
#
?
Jun 21, 2013 04:40
|
|
|
Major Isoor posted:Actually, if I'm not mistaken, (although given my record in this thread, I wouldn't be surprised if I am, heh) the other people I know who have completed this have gotten their certificate from Cisco saying they've completed CCNA2, and I'm doing the exact thing they did. (also when I did CCNA1 I could've sworn I got a certificate too; although I'm not at home so I can't check, although if I didn't - which is also possible, as my TAFE is a bit slack on that front, since I think they didn't give another student their CCNA1 cert until they asked for it the following term - I'll chase that up, since everyone else did, sooner or later) The pieces of paper you get for completing CCNA1-4 are not the actual certification. It just highlights what you did in that module. Does it look like this? That's not the cert.  The CCNA cert looks like this and will have a unique serial number. (Cert verification number) It'll also have your CSCO ID. (Given to you the first time you write an exam) You can only get it by writing ICND 1+ 2 or the Composite CCNA exam at a Pearson VUE testing centre. 
less than three fucked around with this message at 05:09 on Jun 21, 2013 |
|
#
?
Jun 21, 2013 05:01
|
|
|
^^ less than three has it. You probably have a certificate of completion of NetAcademy Module 1. The actual certificate of being a Cisco Certified Network Associate can only be earned through sitting an online exam at a Pearson Vue testing center. You don't need to pass the NetAcademy to sit the CCNA, and you don't need to intend to sit the exam to pass the NetAcademy.
|
|
#
?
Jun 21, 2013 05:11
|
|
|
madsushi posted:One of the issues I've heard of with using the same AS for multiple sites is that if your sites aren't truly connected on the back-end (via direct or VPN or something), some peers won't advertise your other site's prefixes to you. iBGP requires a full mesh for peers ideally for full route exchanges but there was ways to get past this via RR or confeds. Routes wont pass beyond one peer or accept routes from an AS it traversed (loop avoidance). Here's a great easy read on this. If you're using a provider for MPLS VPNs on layer 3, they can bypass this with AS override. The different ASes you see in that mess is to get routes around.
|
|
#
?
Jun 21, 2013 06:02
|
|
|
less than three posted:The pieces of paper you get for completing CCNA1-4 are not the actual certification. It just highlights what you did in that module. Alright yeah, it's this. Well, looks like I've got some more work ahead of me, after this! Thanks for clearing that up, at least I know what I'll have to do after, now. EDIT: vvv Well, that's interesting - I believe I got mid- to high-80's in the CCNA1 NetAcad course, and in the high 80% range for the second part, (although I've still got that final prac to go) so hopefully I'll wind up getting that! Major Isoor fucked around with this message at 08:11 on Jun 21, 2013 |
|
#
?
Jun 21, 2013 07:58
|
|
|
Major Isoor posted:Alright yeah, it's this. Well, looks like I've got some more work ahead of me, after this! Thanks for clearing that up, at least I know what I'll have to do after, now. Assuming it hasn't changed from like a year ago, if you complete Cisco NetAcad CCNA with at least a 75% average, they give you a voucher for 1/2 off writing the CCNA certification exam.
|
|
#
?
Jun 21, 2013 08:01
|
|
|
How do you get four courses and four books out of the CCNA?
|
|
#
?
Jun 21, 2013 14:08
|
|
|
ElCondemn posted:Is there a reason you'd want a different AS for each site? I generally tend to use the same AS across all my sites. To me it seems much more logical to assign a subnet/AS to a site and have it advertise that network. It also makes it much easier to troubleshoot issues if you're a visual person like myself. Consider the following network: code:
|
|
#
?
Jun 21, 2013 14:15
|
|
|
psydude posted:How do you get four courses and four books out of the CCNA? Chapter one: What is a computer?
|
|
#
?
Jun 21, 2013 15:17
|
|
|
Bluecobra posted:To me it seems much more logical to assign a subnet/AS to a site and have it advertise that network. It also makes it much easier to troubleshoot issues if you're a visual person like myself. Consider the following network: This is a very clean design and if you use private subnets and do not have a clean design well... gently caress you.
|
|
#
?
Jun 22, 2013 03:14
|
|
|
Taking the CCNA would lead someone to believe that having the messiest, most meaningless and stupidly designed subnetting is the norm.
|
|
#
?
Jun 22, 2013 04:27
|
|
|
Lots and lots of corporate networks are messy. Usually because the right people don't make plans for how to handle growth at the right time.
|
|
#
?
Jun 22, 2013 12:00
|
|
|
And acquisitions, gently caress acquisitions.
|
|
#
?
Jun 22, 2013 16:19
|
|
|
ruro posted:Lots and lots of corporate networks are messy. Usually because the right people don't make plans for how to handle growth at the right time. I wish I could explain to you the bullshit I have to fix. A VOIP network built by people who barely know what an IP address is, 10 years ago. Thankfully my boss is trying to talk them into building a new one that doesn't need to come across my network for anything other than upstream.
|
|
#
?
Jun 22, 2013 16:20
|
|
|
ruro posted:Lots and lots of corporate networks are messy. Usually because the right people don't make plans for how to handle growth at the right time. Big Central IT keeps assigning us /24 blocks, which is so loving annoying because we have about 30 different VLANs now.. They should just assign us a /16 block and let us use VLSMs.
|
|
#
?
Jun 22, 2013 16:32
|
|
|
psydude posted:Big Central IT keeps assigning us /24 blocks, which is so loving annoying because we have about 30 different VLANs now.. They should just assign us a /16 block and let us use VLSMs. Ugh. Banks do this too. On one hand a /24 is useful because dumb-rear end application owners don't need to know anything more than .1 for default gateway, and standard 255.255.255.0 for their subnet masks. But on the otherhand, most bank applications only need like 10 or so IP Addresses, so it is extremely wasteful and 10/8 isn't infinite especially considering each remote site is going to get a /22 (broken up into 4 /24s of course) and there were various other mergers and poo poo that take 2 or 3 /16's so you quickly find that you are limited on IP's simply because you are being wasteful. Let the Network engineer's handle the network resources, not the business. Sigh...
|
|
#
?
Jun 23, 2013 04:51
|
|
|
The place, a bank, I started working at (8 years ago) was using 1.25.0.0/16 as the internal address scheme. For a 160 employee place. Got that fixed fast at least.
|
|
#
?
Jun 23, 2013 07:41
|
|
|
FatCow posted:And acquisitions, gently caress acquisitions.
|
|
#
?
Jun 23, 2013 10:03
|
|
|
bort posted:You guys use 10.1 10.10 and 10.100 also? Fancy that! We use 10.1, 10.2, 10.3 primarily. In 7 acquisition in 7 years we have not had a single collision. Pretty lucky.
|
|
#
?
Jun 23, 2013 12:20
|
|
|
|
| # ? Jun 6, 2024 15:25 |
|
|
Are there any limitations imposed based on the size of the peer-link when you configure a Nexus for virtual port-channel? I keep seeing 2x10GE but it's unclear if this is per 20GE VPC or if some kind of magic happens. The reason I ask is that I'm tempted to get a pair of Nexus 5596Ts. I'd configure them initially with 15 virtual port channels composed of 21 ports on each switch. Would I really be ok with just 2x10GE for the peer links? Or would it be a really good idea to plug in some QSFP modules and interconnect them that way?
|
|
#
?
Jun 23, 2013 14:30
|
|