|
So I didn't realize the CSR1000V 'demo' thing was finally downloadable. Going to lab test it for RR purposes. http://blog.ine.com/2013/04/14/cisco-cloud-services-router-csr1000v/ quote:For those who have never heard of the CSR1000v, in a nutshell it’s an IOS XE image running in a virtualized environment (VMWare support now, Citrix XEN, Amazon, Windows Hypervisor and OpenStack in the near future). The CSR1000v is designed as a virtual router (think Quagga but IOS from Cisco) that resides on the hypervisor server as a client instance and provides any services a normal ASR1000 would provide between the other hypervisor’s client instances (Linux servers, Windows servers, etc) and the network infrastructure. This could be something as simple as basic routing or NAT all the way up to advanced technologies like MPLS VPNs or LISP. Basically anything that a real ASR1000 could provide you can do in the CSR1000v with a small exception. This early release only supports 50Mbps throughput due to licensing restrictions.
|
# ? Apr 25, 2013 02:47 |
|
|
# ? May 8, 2024 01:56 |
|
routenull0 posted:
I'm dont think there is a timer expiration in an upgrade path scenario unless a certain test is retiring. I had taken ROUTE back in Jan 2011 and took BGP+MPLS and QoS July and Aug in 2012 for my CCIP. I plan on taking SWITCH AND TSHOOT later this year once I settle in to my job.
|
# ? Apr 25, 2013 05:43 |
|
I was recently handed several page list of IP's and domains to log for on my Cisco ASA's by a large three letter organization. The only way I am aware of doing this is logging every host/url and downloading the log to compare with the xml document I have. Any suggestions?
|
# ? Apr 25, 2013 19:15 |
|
Just give them the raw log. Don't worry about filtering it for them. Make it easy on yourself.
|
# ? Apr 25, 2013 19:19 |
|
Powercrazy posted:Just give them the raw log. Don't worry about filtering it for them. Make it easy on yourself. Give them all your logs for all your users and let them filter out what information they don't want? Pass. Talk to your legal department.
|
# ? Apr 25, 2013 20:54 |
|
Ninja Rope posted:Give them all your logs for all your users and let them filter out what information they don't want? Pass.
|
# ? Apr 25, 2013 22:42 |
|
bort posted:They have it anyway Well they do.
|
# ? Apr 26, 2013 03:55 |
|
Not sure where to put this, and apologies for being a moron, but I finally have to ask...can someone clearly explain subnetting? How is it different from a VLAN? What is a subnet mask octet designation versus the / designation?
|
# ? Apr 26, 2013 15:39 |
|
pretend to care posted:Not sure where to put this, and apologies for being a moron, but I finally have to ask...can someone clearly explain subnetting? The Magic Number is what made it click for me long ago... There are many, many ways to explain it but this seemed to be an easy one for just about anybody to understand. This video also touches on CIDR (/32, /30, etc.) notation briefly.
|
# ? Apr 26, 2013 16:01 |
|
pretend to care posted:Not sure where to put this, and apologies for being a moron, but I finally have to ask...can someone clearly explain subnetting? Do you mean VLSM(Variable Length Subnet Masks)? VLANs aren't specifically an addressing scheme as much as they are a way to segment the network among other things. The /8,16,24,30 designation is usually for whats called VLSM(and also shows up as CIDR) which is generally how you break up your allotted block of addresses(public or private) so you don't waste address space with giant rear end subnets. IE a default 192.168.1.0 private network has like 254 usable addresses if you use it with no modifications with default subnet masks, ie 255.255.255.0 or /24. If you break it up for say, a 50 host network segment and a 28 host network segment, you end up with a /26 and a /27 network, leaving you with almost half your original address space left to work with for later additions, rather than none if you used the default. Lazer Vampire Jr. fucked around with this message at 16:14 on Apr 26, 2013 |
# ? Apr 26, 2013 16:01 |
|
Subnetting has hundreds of good explanations on the internet so I'll let you find those and if you have specific questions we can help you. As for VLANs by convention 1 VLAN = 1 Network. However this is not a rule you can have multiple networks traveling over the same vlan. A VLAN is a single broadcast domain or single Layer 2 segment. This means in the IP world that if two hosts are in the same network on the same VLAN they can talk to each other without a router. Thus Host A with IP address 10.0.0.1 255.255.255.0 and Host B with IP address 10.0.0.2 255.255.255.0 can talk to each other directly if they are in the same vlan. If they are on different vlans, they won't be able to reach each other at all even though they are in the same network, (well not without some trickery). If you have Host A at 10.1.0.1 255.255.255.0 and Host B at 10.0.0.2 255.255.255.0 (differnet networks) even if they are in the same vlan, they won't be able to talk to each other without a router or default-gateway that knows of both networks to go through first. As the two hosts aren't on the same network.
|
# ? Apr 26, 2013 16:16 |
|
Thanks guys. This stuff helps.
|
# ? Apr 26, 2013 18:03 |
|
Powercrazy posted:If you have Host A at 10.1.0.1 255.255.255.0 and Host B at 10.0.0.2 255.255.255.0 (differnet networks) even if they are in the same vlan, they won't be able to talk to each other without a router or default-gateway that knows of both networks to go through first. As the two hosts aren't on the same network. Do people actually do this? On purpose?
|
# ? Apr 26, 2013 19:19 |
|
We do, for when you're transitioning from one set of addresses to another, but the hosts are the same. Throw up an IP address secondary on the router and migrate clients as required.
|
# ? Apr 26, 2013 19:35 |
|
Fatal posted:Do people actually do this? On purpose? Are you asking if people go about separating computers into different networks? As in not having everything in the same network/broadcast domain/vlan?
|
# ? Apr 26, 2013 19:52 |
|
After watching the Magic Number youtube series I am proud to announce I am a subnetting genius. Looks like someone's resume is getting "Sr. Network Engineer" added to it. Of course I am kidding. But it's good to finally sort out.
|
# ? Apr 26, 2013 19:56 |
|
Fatal posted:Do people actually do this? On purpose? Haha. I've done it in some corporate networks. Basically riding the LAN with my own network (doesn't work for wireless controllers). IPX was great for this as well. IPX will happily ride over any kind of ethernet network.
|
# ? Apr 26, 2013 20:34 |
|
Fatal posted:Do people actually do this? On purpose? More than one customer of mine has had this sort of a configuration as a "security" solution where devices like printers are statically configured to a separate subnet from the main DHCP network and then the print server or other administrative systems which may need to communicate with them have multiple addresses configured on the same interface. In some cases they even had proper VLAN-aware switching in place, they just didn't know how to use it. I've done it as mentioned for transitions and every now and then for a quick test network in my office, but obviously running something like that as a long-term production solution is generally a sign of insanity somewhere in the decision-making chain.
|
# ? Apr 26, 2013 22:27 |
|
I feel kind of dumb for posting this, but I'm not really sure what the problem is with the setup that you guys are complaining about. Are you saying that everything should be on one giant class A network? I mean I'm sure that's not what you're suggesting so I'm just having trouble parsing what is so crazy about 10.1.0.1 and 10.0.0.2 not being able to talk without a gateway in between.
|
# ? Apr 26, 2013 23:30 |
|
They're referring to putting two separate IP subnets on the same VLAN.
|
# ? Apr 26, 2013 23:35 |
|
Oh my bad. Yeah, that is an odd design choice.
|
# ? Apr 26, 2013 23:39 |
Fatal posted:Do people actually do this? On purpose? Hilarious.
|
|
# ? Apr 28, 2013 05:46 |
|
Fatal posted:Do people actually do this? On purpose? Secondary addresses and dhcp smart-relay = easy way to expand a subnet if you're in a pinch (i.e you get back to work and realize you now have an extra 500 wireless users per day and people are beginning to complain). The danger of course with secondary addresses is that most people forget that it's a stopgap and not a permanent solution so you end up with a bunch of mess everywhere.
|
# ? Apr 28, 2013 14:17 |
|
abigserve posted:The danger of course with secondary addresses is that most people forget that it's a stopgap and not a permanent solution so you end up with a bunch of mess everywhere. Yep. We still have a bunch of hosts on "public" IP addresses. We just block the subnet we're using from coming in to the network and treat them like private addresses.
|
# ? Apr 28, 2013 21:04 |
|
Not cisco specific, but is there a difference between these IP addresses? 172.22.208.1 and 172.22.208.01 ??? I'm doing subnetting practice on this website: http://www.subnetting.net/Subnetting.aspx?mode=practice
|
# ? Apr 29, 2013 03:07 |
|
forever gold posted:Not cisco specific, but is there a difference between these IP addresses? No. IPv4 addresses are 32 bit numbers, the last eight are 00000001 in both cases.
|
# ? Apr 29, 2013 03:21 |
|
Filthy Lucre posted:No. IPv4 addresses are 32 bit numbers, the last eight are 00000001 in both cases.
|
# ? Apr 29, 2013 05:13 |
|
adorai posted:To expand on this, 1 is that same as 01, because either way it translates to 1. However, 10 is not the same as 010, which translates to 8. what?
|
# ? Apr 29, 2013 05:23 |
|
Binary vs decimal conversion. And it's actually 2 not eight. 010 in decimal is 10. 010 in binary is 4 is off, 2 is on, 1 is off.
|
# ? Apr 29, 2013 05:59 |
|
We're talking about decimal octets though. 192.168.100.010 and 192.168.100.10 ought to evaluate as the same address.
|
# ? Apr 29, 2013 06:19 |
|
Even if he was trying to demonstrate a decimal to binary conversion, the answer still makes no sense. The dotted quad notation is input as decimal, so any octet with 010 is exactly the same as 10. forever gold, leading zeros do not matter in an octet.
|
# ? Apr 29, 2013 06:20 |
|
Martytoof posted:We're talking about decimal octets though. The only time I could see 010 = 8 would be an octal numbering system, but who the gently caress writes IP addresses in octal?
|
# ? Apr 29, 2013 08:19 |
|
It's as easy as running a ping to verify here. In windows 7 010.010.010.010 will ping 8.8.8.8.
|
# ? Apr 29, 2013 12:36 |
|
From inet(3), note no mention of dotted decimal.code:
|
# ? Apr 29, 2013 13:33 |
|
From inet_aton(3);inet_aton(3) posted:components of the dotted address can be specified in decimal, octal (with a leading 0), or hexadecimal, with a leading 0X). Addresses in any of these forms are collectively termed IPV4 numbers-and-dots notation. The form that uses exactly four decimal numbers is referred to as IPv4 dotted-decimal notation (or sometimes: IPv4 dotted-quad notation). I had no idea dotted addresses could be put in as anything other than decimal. I was wrong, leading zeroes do matter. Edit: Cisco doesn't care about your crazy octal IP addresses. #ping 8.8.8.8 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 49/49/50 ms #ping 010.010.010.010 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) Filthy Lucre fucked around with this message at 16:04 on Apr 29, 2013 |
# ? Apr 29, 2013 14:26 |
|
CrazyLittle posted:but who the gently caress writes IP addresses in octal?
|
# ? Apr 29, 2013 16:53 |
|
Let's talk about wiring and design. Copper or Fiber, Datacenter or Closet. I want to know of interesting resources or methodologies that you use or have seen in you guys' collective years of experience. We've all seen wiring/design nightmares, but what about Good Examples of the above? Any good websites or resources for examples?
|
# ? Apr 30, 2013 17:17 |
|
I'm using Neatpatch in my colo, and it works really well for the distribution switch rack, but it's a little less than optimal for the server rack side since the cables to each server still end up having to make a vertical run. If I had to do it again I'd probably go with panduit and vertical power on the server racks, and neatpatch on the switching racks. https://www.youtube.com/watch?v=k2nG6dFqL48 Also, friends don't let friends do horizontal power strips.
|
# ? Apr 30, 2013 18:36 |
|
I'm going to be taking a new role as the Lead Networking and Security Engineer at a hedgefund firm of around 200 people + their datacenter. They are about 5 years overdue for a network refresh and have stashed some cash away for the upgrade. So given this golden opportunity I'm going to do everything right. I already know their existing cabling structure is a mess and I can't imagine anything better in their datacenter. So before I start making too many decisions, I want to see what's out there. Cabling has been a problem since the Telephone, so I'm hoping in 100 some-odd years there has been a better method invented. I came across neatpatch, but don't see anything particularly special about it. It is nice to have some names though.
|
# ? Apr 30, 2013 19:14 |
|
|
# ? May 8, 2024 01:56 |
|
If you're a scrub and have to do RJ45 patching, I really like Ortronic's EZPatch thingy. I wish I were old enough to have learned cable lacing. It looks amazing. e: Powercrazy posted:I came across neatpatch, but don't see anything particularly special about it. It is nice to have some names though. 1 e.g. the horrible choice between making your own cables or using standard lengths and having some stretched tight and some with too much slack e2: if you have the budget to spend on optics, fiber inhibits less airflow and gives off less heat. Another great thing to look for is reversible airflow in top-of-rack switches. bort fucked around with this message at 19:54 on Apr 30, 2013 |
# ? Apr 30, 2013 19:43 |