|
Not really a Cisco question but whatev's. Do you guys think a 5m DAC cable is more than enough distance between two TOR switches in two cabinets next to each other in a datacenter with overhead cabling? If I need more than that I have to move up to active optics which drive the price up a bit. I think 15 feet is more than enough as it should be 5 feet up, 3 feet over, 5 foot down but it's been a while since I ran fiber
|
# ? Jan 30, 2017 15:29 |
|
|
# ? Apr 19, 2024 22:54 |
|
Most cabinets are what, 600-700mm wide? It depends on how high the overhead cable trays are, but they normally a foot or two above the top of the rack. So you'd need 1m up, 1m down and about 700mm across, so you'd have loads of room.
|
# ? Jan 30, 2017 16:12 |
|
5m should be plenty to get between adjacent cabinets, even if the tray is a long way up. You'll probably lose ~800mm each end getting the cable from the port to the hole in the cabinet roof.
|
# ? Jan 30, 2017 22:10 |
|
Yeah, 5m for TOR to TOR with standard datacenter racks/trays. Is this for 100G? I've been able to find 7-10m passive DAC for 10/40G typically.
|
# ? Jan 30, 2017 22:58 |
|
40g QSFP. Could only find up to 5m DAC in CCW. Clients not going to pay for it anyway so I'll just be running cat6a
Sepist fucked around with this message at 23:25 on Jan 30, 2017 |
# ? Jan 30, 2017 23:13 |
|
How do you get to the point where you have 40g gear and balk at the ~$250 cost of a cable?
|
# ? Jan 30, 2017 23:35 |
|
Clients can be weird. They also need 24 of them which brings the price up a bit, and they blew the budget on the switch gear because they let a random CDW rep convince them of what they might need before coming to a VAR for the professional services to install it.
|
# ? Jan 30, 2017 23:59 |
|
Sepist posted:Clients can be weird. They also need 24 of them which brings the price up a bit, and they blew the budget on the switch gear because they let a random CDW rep convince them of what they might need before coming to a VAR for the professional services to install it.
|
# ? Jan 31, 2017 03:45 |
|
It's a dumb design because they didn't consult anyone before purchase. They have 8 3172TQ's, they want 4 per stack to all be linked together. Then they want the DMZ and LAN to be on the same switches despite them acknowledging it being a poor design. It's just easier to explain with a visio:
|
# ? Jan 31, 2017 14:15 |
|
What's a good, cheap network tap/port replicator that does SFP and SFP+ for 1/10G? Alternatively, does Unifi support SPAN/port replication?
|
# ? Jan 31, 2017 20:35 |
|
Sanity check since I haven't dealt with switch stacks in a long while. I have a 2960 that I want to add another 2960 to to make a stack. The current switch has priority 10 and is already operating and the one being prepped is wiped/at default (1). Am I wrong in thinking I just rack the second switch, hook up the stack cables, and power the switch up?
|
# ? Jan 31, 2017 20:45 |
|
psydude posted:What's a good, cheap network tap/port replicator that does SFP and SFP+ for 1/10G? Yes, Ubiquiti Edgeswitch and UniFi switches support port mirroring.
|
# ? Jan 31, 2017 20:50 |
|
CrazyLittle posted:Yes, Ubiquiti Edgeswitch and UniFi switches support port mirroring. Awesome. Any idea if it takes a big hit to performance? I'm basically going to use it as an inline tap/port replicator.
|
# ? Jan 31, 2017 21:04 |
|
I can't find anything to suggest that the US‑16‑XG (I assume you'll be using that model) cannot manage a 10G port mirror. Maybe worth dropping a post onto their forums or an email, I'm sure they will be able to confirm.
|
# ? Jan 31, 2017 21:35 |
|
mythicknight posted:Sanity check since I haven't dealt with switch stacks in a long while. I have a 2960 that I want to add another 2960 to to make a stack. The current switch has priority 10 and is already operating and the one being prepped is wiped/at default (1). Am I wrong in thinking I just rack the second switch, hook up the stack cables, and power the switch up? Software versions need to match or it won't join the stack. Newer switches support automatic software upgrade but I don't think 2960 line does. You can save yourself a little bit of time by doing a switch 2 provision (model) on the one to be your new stack master, so you can configure interfaces ahead of time.
|
# ? Feb 1, 2017 00:14 |
|
Sepist posted:It's a dumb design because they didn't consult anyone before purchase. They have 8 3172TQ's, they want 4 per stack to all be linked together. Then they want the DMZ and LAN to be on the same switches despite them acknowledging it being a poor design.
|
# ? Feb 1, 2017 03:33 |
|
Yea it's just 4 switches all layer 2 attached via vPC. They have at least 12 vlans so at least they're separating stuff but they wanted intra-cabinet active/standby dual homing capabilities to the 3ks and the esxi hosts in both cabinets must all be in the same vlans. The 4 iscsi switches are just vpc and a flat vlan Sepist fucked around with this message at 15:21 on Feb 1, 2017 |
# ? Feb 1, 2017 13:49 |
|
single-mode fiber posted:Software versions need to match or it won't join the stack. Newer switches support automatic software upgrade but I don't think 2960 line does. You can save yourself a little bit of time by doing a switch 2 provision (model) on the one to be your new stack master, so you can configure interfaces ahead of time. Yep, both are on the same exact code, and I want the currently powered switch to be the master, not the one being added. I don't think I've used that command before, but reading up a bit looks like it could save some time. Thanks!
|
# ? Feb 1, 2017 16:17 |
|
Here's a question that I am almost embarrassed about asking but can't find clearly answered anywhere else. An ISP wants to terminate two fibers on two routers and then use a routing protocol on their side to handle the redundancy, with the handoff to us being a virtual IP (VRRP). How am I meant to be able to get this truly resilient - since I'd need each router to connect to two switches and by standard they just provision one interface as the handoff. It's easy enough to diagram just by drawing two links on, but is this done in reality by using a switch module in the routers? Should the ISP just be using L3 switches for this? The CPEs they are giving us are Juniper SRX320s.
|
# ? Feb 1, 2017 18:37 |
|
Are they handing you a /29? Perhaps you could run a FHRP on your side.
|
# ? Feb 1, 2017 20:42 |
|
why are they even using vrrp? can't they just originate a route to you? Is that a bad idea in this case?
|
# ? Feb 2, 2017 04:47 |
|
I was unsure of the best place to ask this, but ended up figuring it centres around networking. I work for an ISP and we provide a customer with connectivity to their Microsoft Azure VNet via Expressroute. They now want to get a second Expressroute connection to a separate VNet and have them converse over our network, rather than paying Microsoft to allow that direct communication. We will do this via BGP with a partner who peers with Expressroute and there is no reason why this isn't possible on our network, but I just wondered if anyone had had success with doing this before? As I see it we just need to make sure we advertise each VNet's prefixes to the other.
|
# ? Feb 2, 2017 14:41 |
|
This scales remarkably well. I worked for a MSP/DR provider where we implemented a variety of these interconnects as Inter-AS Option A. We then stitched the interconnect VRF together with the customer service VRF via route policy (typical import/export RT tricks, nothing fancy). It was a better service with the partner providers that had decent APIs so the turn up process was more tightly integrated.
|
# ? Feb 2, 2017 15:43 |
|
Happy Thursday! Your Cisco equipment may die after 18 months in production: http://www.cisco.com/c/en/us/support/web/clock-signal.html#~overview,
|
# ? Feb 2, 2017 16:33 |
|
Jokes on them I'm already dead.
|
# ? Feb 2, 2017 16:37 |
|
psydude posted:Happy Thursday! Your Cisco equipment may die after 18 months in production: Half our offices are affected and we're still tallying how many of our customers are hahahaha
|
# ? Feb 2, 2017 18:30 |
|
I just called my PM to let him know over 100 devices we've deployed for clients in the past 6 months suffer from that issue and he said "holy poo poo left monkey nut cock fucker"
|
# ? Feb 2, 2017 21:01 |
|
Does Cisco TAC let you sent in a CSV of all your devices that need replacing
|
# ? Feb 2, 2017 21:02 |
|
Proactive replacements are done through filling out the attached form and emailing it to the specified address, but if you have a bunch that have already failed I'm sure TAC will take the information in whatever format works best for you.
|
# ? Feb 2, 2017 23:52 |
|
Sepist posted:"holy poo poo left monkey nut cock fucker" is that a technical term Eletriarnation posted:Proactive replacements are done through filling out the attached form and emailing it to the specified address, but if you have a bunch that have already failed I'm sure TAC will take the information in whatever format works best for you. can I submit a flaming bag of dog feces on their doorstep?
|
# ? Feb 2, 2017 23:56 |
|
Hahahahah. Holy poo pooquote:Although the Cisco products with this component are currently performing normally, we expect product failures to increase over the years, beginning after the unit has been in operation for approximately 18 months. Once the component has failed, the system will stop functioning, will not boot, and is not recoverable. And it's suprisingly large swath of products affected.
|
# ? Feb 3, 2017 01:59 |
|
I wonder how long they have known, and if the faulty component will still be shipping in products today.
|
# ? Feb 3, 2017 02:07 |
|
adorai posted:I wonder how long they have known, and if the faulty component will still be shipping in products today. Since November, and no.
|
# ? Feb 3, 2017 02:09 |
|
My night thus far has involved hash cat, several GPU's, and the admin password for our 7010 chassis. I don't even want to talk about how we got here, the short answer is former employee. Even with half a dozen GPU's at my disposal, it would still be 6 months to brute-force the password according to the software. This. This is why you don't let a site manage its own gear. God.drat.It. (Excuse the rant).
|
# ? Feb 3, 2017 08:13 |
|
They really disabled the password recovery? I mean I always knew it was doable but holy poo poo lmao
|
# ? Feb 3, 2017 11:58 |
|
At a certain point it's less hassle to just factory reset the device and rebuild the configuration.
|
# ? Feb 3, 2017 13:14 |
|
Thanks Ants posted:Here's a question that I am almost embarrassed about asking but can't find clearly answered anywhere else. An ISP wants to terminate two fibers on two routers and then use a routing protocol on their side to handle the redundancy, with the handoff to us being a virtual IP (VRRP). How am I meant to be able to get this truly resilient - since I'd need each router to connect to two switches and by standard they just provision one interface as the handoff. It's easy enough to diagram just by drawing two links on, but is this done in reality by using a switch module in the routers? Should the ISP just be using L3 switches for this? The CPEs they are giving us are Juniper SRX320s. I'm not a Juniper man but in the Cisco world theres alot of ways to do it, all of which I can think of require changes at the ISP end. You could have a backup interface configured for the primary interface, or a L3 etherchannel?
|
# ? Feb 3, 2017 13:33 |
|
Thanks. I spoke to the provider and it's a common request they just don't do it as standard for some reason. They can chuck both the physical interfaces into a switch group and then use that virtual interface in the VRRP setup.
|
# ? Feb 3, 2017 13:44 |
|
psydude posted:Happy Thursday! Your Cisco equipment may die after 18 months in production: gently caress me we've put in so many ASA 5506-12's in the last year... this is going to be fun Edit: Double gently caress, only been looking for 30 minutes so far and found a dozen that need replacement. Ahdinko fucked around with this message at 15:20 on Feb 3, 2017 |
# ? Feb 3, 2017 14:45 |
|
|
# ? Apr 19, 2024 22:54 |
|
abigserve posted:They really disabled the password recovery? I mean I always knew it was doable but holy poo poo lmao The most secure switch is one you can't get into.
|
# ? Feb 3, 2017 15:38 |