|
http://www.rad.com/10/SFP-Format-TDM-Pseudowire-Gateway/3134/ Get stoked.
|
#
?
Feb 18, 2018 00:13
|
|
|
|
| # ? Apr 25, 2024 13:58 |
|
|
ragzilla posted:Ask me about my Cerent original 15454 which experienced a dual clock failure. Oh and it was the primary box fronting our class 5. Well surely you just talked to Cerent and got a 4 hour on-site replacement right?  Also am I mis-remembering or doesn't a T3 have an RJ45/48 media as opposed to coax you could get? Cause I swear I remember plugging in a cable into some kind of Cisco card, maybe on an ISR or a 7200 and it was a 45Mbs T3 frame, NOT Ethernet. ate shit on live tv fucked around with this message at 00:20 on Feb 18, 2018 |
|
#
?
Feb 18, 2018 00:15
|
|
|
ate poo poo on live tv posted:Also am I mis-remembering or doesn't a T3 have an RJ45/48 media as opposed to coax you could get? Cause I swear I remember plugging in a cable into some kind of Cisco card, maybe on an ISR or a 7200 and it was a 45Mbs T3 frame, NOT Ethernet. There was HSSI back before port adapters with built in CSUs. But that was a 50 pin SCSI-2 connector not RJ45.
|
|
#
?
Feb 18, 2018 00:40
|
|
|
ragzilla posted:There was HSSI back before port adapters with built in CSUs. But that was a 50 pin SCSI-2 connector not RJ45. Yeah a classic T3 non-coaxial is 25 pairs
|
|
#
?
Feb 18, 2018 09:26
|
|
|
This seems like the best place to ask: Do any of you have experience with exporting portable projects from gns3 and including the base images with IOU images? I'm having a hell of a time getting it to work. lovely IOSv images export with base just fine. This is from a remote server set up, so I can't even use the GUI help option to dump debug data and the single gns3 log on the server is useless. If not, do one of you kind people have gns3 set up to use IOU? If so would you be willing to test my portable project and see if you can import it?
|
|
#
?
Feb 19, 2018 22:20
|
|
|
5 hours into playing with our lab 4216 I found a bug that crashes both RSPs and puts the box in a state that only a power cycle fixes. This is shaping up to be a poor 454 substitute.code:
|
|
#
?
Feb 20, 2018 01:54
|
|
|
So I've hit an interesting thing today. Not sure if it's the switch, they way it's setup or the server, but I'm leaning toward the server because all the other hosts on the switch are working fine. But for some reason the switch isn't learning a mac address. The setup: We have two Arista 7048Ts in a rack setup with MLAG. They are the layer3 gateway for hosts on this vlan. The vlan is a /27 with 12 hosts on it. Some of the hosts are port-channeled to both switches, some are single homed. Two hosts are not able to talk to each other, but are able to talk to all other hosts, and beyond. i.e. I can ssh to both hosts from another subnet. Now the weird part. I have 3 servers. A, B and C. A is single homed to one of the switches as a simple access port and is working exactly as expected i.e. can reach both B and C and others and if you look on the switch you will see a mac-address associated with the port in the switch it is connected to as well as an arp mapping to that port like so: (show arp) 10.0.240.151 0 54a0.5086.620d Vlan2293, Ethernet28 htor93#sh mac address-table interface eth28 Mac Address Table ------------------------------------------------------------------ Vlan Mac Address Type Ports Moves Last Move ---- ----------- ---- ----- ----- --------- 2293 54a0.5086.620d DYNAMIC Et28 1 0:36:29 ago 2293 54a0.5086.6210 DYNAMIC Et28 1 0:35:59 ago B is single-homed to the same switch in the same way, but cannot talk to server C but can talk to A and anything else. However the arp entry is not-learned and the port that I know the server is connected to doesn't have a mac-address: (show arp) 10.0.240.157 0 54a0.5086.62a5 Vlan2293, not learned htor93#sh mac address-table interface eth27 Mac Address Table ------------------------------------------------------------------ Vlan Mac Address Type Ports Moves Last Move ---- ----------- ---- ----- ----- --------- Total Mac Addresses for this criterion: 0 Even though I am able to SSH to the server, and ping out etc etc. So how is this possible, and what is going on?
|
|
#
?
Feb 22, 2018 17:30
|
|
|
Have you tried looking at the whole mac address table for the specific mac address? I suspect you've got a LAG configured with a single member in which case the mac learning will be associated with the logical interface and not the physical member.
|
|
#
?
Feb 22, 2018 17:52
|
|
|
tortilla_chip posted:Have you tried looking at the whole mac address table for the specific mac address? I suspect you've got a LAG configured with a single member in which case the mac learning will be associated with the logical interface and not the physical member. There are a few lags with only a single member, but of the three hosts I’m talking about two are non lag, single homed standard switchport access. And one is dual homed with proper bonding etc setup again on a single vlan. Oh and yea, the mac address of the ARP entry doesn't show up anywhere in the mac-address table. ate shit on live tv fucked around with this message at 19:12 on Feb 22, 2018 |
|
#
?
Feb 22, 2018 18:57
|
|
|
A Clue!pre:htor93#sho platform petraA ip route | i 240.157 |0 |10.0.240.157/32 |ROUTE| L3FloodPetra0 |2293 | 54:a0:50:86:62:a5 |218 |C0 | pre:htor93#sho platform petraA ip route | i 240.151 |0 |10.0.240.151/32 |ROUTE| Et28 |2293 | 54:a0:50:86:62:0d |146 |C0 |
|
|
#
?
Feb 22, 2018 19:52
|
|
|
Depending on how the servers are connected they may get assigned to different tables (LPM vs LEM). This is going to be dependent on the silicon in the switches, to be honest I'm not too familiar with the Petra line. Hopefully this gives you enough breadcrumbs for the Arista docs.
|
|
#
?
Feb 22, 2018 20:20
|
|
|
tortilla_chip posted:Depending on how the servers are connected they may get assigned to different tables (LPM vs LEM). This is going to be dependent on the silicon in the switches, to be honest I'm not too familiar with the Petra line. Hopefully this gives you enough breadcrumbs for the Arista docs. They are connected identically, plan old 1Ge Copper, no bonding. Also I have a ticket open with support so hopefully they will be able to give me an answer besides "reboot the switch."
|
|
#
?
Feb 22, 2018 21:02
|
|
|
Other telecom guys. Where do you get your 734/735 coax assemblies? I need ~250 simplex HDBNC-BNC connections in the next few months and the place we used to use almost doubled their price.
|
|
#
?
Feb 27, 2018 01:33
|
|
|
FatCow posted:Other telecom guys. Where do you get your 734/735 coax assemblies? I need ~250 simplex HDBNC-BNC connections in the next few months and the place we used to use almost doubled their price. I’ve always used clink-inc (formerly ds3crossconnect.com), didn’t shop them extensively but I’ve been (mostly) happy with the material we’ve gotten from them.
|
|
#
?
Feb 27, 2018 02:12
|
|
|
This is more wifi than networking, but meh. In Meraki world, if I want to trigger an email alert if an asset disappears from the wifi network, I would need to buy System Manager? Retail customer wants to track wireless POS units and alert if they walk out the door, I mentioned RFID but they want to know what they can do with their existing infrastructure. Meraki makes it sound like I need system manager to get the alerting feature of this solution.
|
|
#
?
Feb 28, 2018 19:44
|
|
|
Sepist posted:This is more wifi than networking, but meh. It's kinda duct tape and bubblegum, but couldn't you just write a powershell/bash/whatever script to ping it every minute and send an alert if it fails two or three times in a row?
|
|
#
?
Feb 28, 2018 19:49
|
|
|
Sepist posted:This is more wifi than networking, but meh. Do these devices have Bluetooth radios in them, and do you have APs with Bluetooth beacon support?
|
|
#
?
Feb 28, 2018 20:03
|
|
|
Great questions. Client is against one-off scripts and wants an off-the-shelf solution. These are really dumb POS units, nothing but wifi.
|
|
#
?
Feb 28, 2018 20:15
|
|
|
Then I'm not aware of anything on the Meraki MR series that will let you trigger that alert. Glue those anti-theft tags onto the scanners if it's that sort of retail store?
|
|
#
?
Feb 28, 2018 21:14
|
|
|
Couldn't literally any NMS just poll or ping them and send an alert? Observium for example, add or discover the devices, set up an alert to notify when device is down.
|
|
#
?
Mar 1, 2018 00:23
|
|
|
falz posted:Couldn't literally any NMS just poll or ping them and send an alert? Tracking wireless clients that way (especially kiosk scanners or inventory tools) is useless. Those devices typically have an aggressive sleep function. Lack of ping is going to result in nothing more than 99% of your cases having people physically verify that “Oh, it’s just in the cradle charging” or “It’s been hanging off my belt for the last 20 minutes”. If you use RF triangulation based on signal strength readings from multiple APs, you’ll never catch anyone since by the time it’s algorithmically triggered, they’re probably already 10s of meters beyond your physical perimeter. BT tracking is more accurate, but again by the time you trigger an alert and get an on-site person to react it’s far too late. All of that is reacting to event that has already occurred, even if we discount the extremely high false positive rate for that kind of use case. If you’re serious about stop loss on the devices taking a walk out of a location, you really need to use a solution tailored around that. RFID with scanners at egress points is probably the best way.
|
|
#
?
Mar 1, 2018 00:40
|
|
|
Ah, I misread it and thought that they wanted to track the APs themselves, not actual clients on the APs. Seems like the retail customer should use some other system to track the POS units, like employee policies or guards or RF tags as others suggested.
|
|
#
?
Mar 1, 2018 01:12
|
|
|
I think the APs with the Bluetooth radios in can pick up BT-LE devices like the tiles. So that might be an option as well.
|
|
#
?
Mar 1, 2018 01:51
|
|
|
Sepist posted:This is more wifi than networking, but meh. Yes, for geo-fencing you need System Manager. It lets you define various geo-fencing tags, then associate a latitude and longitude along with a radius in meters. Haven't really used it except once with a stolen laptop (it worked reasonably well) so can't provide much more detail than that. Also no idea if it sends emails when clients move outside of the fence. I'd assume so. Edit: here's what the page looks like. Sheep fucked around with this message at 13:39 on Mar 1, 2018 |
|
#
?
Mar 1, 2018 13:33
|
|
|
So at $NewJob we're swapping out a bunch of end of life Nexus 5010s and FEXs, and to replace the FEX units' 1GB ports we're standing up a stack of 3850s, each with a 4-port 10G fiber module for uplink. One of them wouldn't light... until we started to unscrew the module to swap it out. Tighten it down, everything dies. Loosen it up, the ports light up. We're replacing the chassis because that's stupid, but  all the same. Anyone seen this before?Cisco: it only works when you don't secure it.
|
|
#
?
Mar 7, 2018 07:20
|
|
|
Weirdest thing I've seen with a 3850 was the TCAM refusing to take new entries until we rebooted it, despite only having a couple dozen entries in it. But I've seen a lot of weird poo poo in 3850s so I'm fairly certain the platform is just cursed.
|
|
#
?
Mar 7, 2018 09:54
|
|
|
Here's a dumb question that might have come up previously. If an ISP is handing us off a 1Gb circuit (Internet) is there any reason why they'd want us to buy an ISR4000-series router over just using a L3 switch? As far as I can tell it's just routing between two public address spaces and taking part in a VRRP relationship - no VPNs, no dynamic routes etc. Edit: And this is ethernet
|
|
#
?
Mar 7, 2018 19:22
|
|
|
The only reason I can think of is that they're concerned about the L3 throughput on the switch and are just trying to head off questions of why you're not seeing a full 1Gbps.
Filthy Lucre fucked around with this message at 19:34 on Mar 7, 2018 |
|
#
?
Mar 7, 2018 19:31
|
|
|
Filthy Lucre posted:The only reason I can think of is that they're concerned about the L3 throughput on the switch and are just trying to head off questions of why you're not seeing a full 1Gbps. +1 - they've qualified the ISR as capable of terminating a full 1G worth of 64b packets. (* - probably not, they just read the router performance pdf from cisco) I've seen people want to terminate 1G on just about anything that has a 1G network port, which includes things like your cheap home router/nat boxes and then blame the ISP.
|
|
#
?
Mar 7, 2018 20:33
|
|
|
Agreed. Sounds like it's more a concern about reducing the amount of troubleshooting they'll have to do if the switch doesn't route something in ASIC. A 3650 for example will drop to process switching if it hits a path that requires policy-based routing or an ACL log entry. In comparison a 4431 with performance license or 4451 is advertised as having a layer 3 routing throughput of 1 Gbps, full stop, so if it doesn't, the ISP can throw it back at Cisco.
|
|
#
?
Mar 7, 2018 20:43
|
|
|
Thanks, I wrongly assumed that a L3 switch could do routing without policies at wire-rate.
|
|
#
?
Mar 7, 2018 21:49
|
|
|
Thanks Ants posted:Thanks, I wrongly assumed that a L3 switch could do routing without policies at wire-rate. If you're just doing basic layer 3 forwarding between routed ports and/or SVIs, then just about any commodity L3 switch that does static routing should be able to do it at line speed. It should be fine as long as you don't expect to do any filtering, logging, non-static routing, or anything that may hit the CPU at all. Edit: Also pay attention to the ARP/NDP table limit, as some cheapass "L2+" switches might have a stupidly low capacity like 32 entries. SamDabbers fucked around with this message at 22:00 on Mar 7, 2018 |
|
#
?
Mar 7, 2018 21:55
|
|
|
unknown posted:I've seen people want to terminate 1G on just about anything that has a 1G network port, which includes things like your cheap home router/nat boxes and then blame the ISP. Very much this. The ISP like Verizon and AT&T U-Verse don't give a poo poo about what you plug in for the home-game gig links because they can just tell you to gently caress off. Business links carry SLAs and guarantees, so they're going to make sure they stack the cards so that it's likely to work without issues. SamDabbers posted:If you're just doing basic layer 3 forwarding between routed ports and/or SVIs, then just about any commodity L3 switch that does static routing should be able to do it at line speed. It should be fine as long as you don't expect to do any filtering, logging, non-static routing, or anything that may hit the CPU at all. This too - The minute anything goes wrong, you'll need some diagnostic info and a managed switch doing L3 forwarding isn't going to be able to keep up. Routers connected to ISP public internet links also reduce the switch TCAM and MAC processing/security requirements in the ISP edge network as well, since a L2/L3 switch is going to pass all the MAC addresses upstream instead of routing IP like it should when the end user forgets to actually "route" through the switch's L3 backplane. For example, AT&T's ASE offering is limited to 250 MAC addresses per EVC. UVerse gigabit IIRC is limited to one MAC connected to the ONU. CrazyLittle fucked around with this message at 22:14 on Mar 7, 2018 |
|
#
?
Mar 7, 2018 22:08
|
|
|
CrazyLittle posted:stuff Totally unrelated to anything, what is the source image for your avatar? It looks awesome.
|
|
#
?
Mar 8, 2018 01:39
|
|
|
CrazyLittle posted:This too - The minute anything goes wrong, you'll need some diagnostic info and a managed switch doing L3 forwarding isn't going to be able to keep up. What? First off, a L3 switch will behave exactly like a router when it routes packets when it comes to MAC addresses. The MAC will only pass through to the ISP if it is switched traffic. So put an L3 interface on the switch and have your hosts send their routed traffic to the L3 interface on your switch. The extra paranoid can put a L2 ACL on the interface to prevent other traffic from stealing the MAC of the SVI. That's only on the scenario where the ISP is giving you a large block for you to number your hosts with. That seems to be getting rarer. What I've typically seen is a /3[01] or /29 for the interconnect between the L3 devices then a larger block statically routed to your VIP/IP. The MAC issue is pretty much impossible unless the implementation is completely broken in that scenario. Also, "L3 switch" is largely being used as "lovely cheap L3 switch" here. I'm pretty sure a 4948 can do most of the use cases the people in this thread need.
|
|
#
?
Mar 8, 2018 01:56
|
|
|
Use a router if you want NAT, use a l3 switch if not. Anything Cisco/juniper should be fine as far as l3 switch goes.
|
|
#
?
Mar 8, 2018 02:22
|
|
|
falz posted:Use a router if you want NAT, use a l3 switch if not. Anything Cisco/juniper should be fine as far as l3 switch goes. Use a router if you have a sub-rate Ethernet circuit from a carrier who strictly polices the circuit, because shaping on switches sucks.
|
|
#
?
Mar 8, 2018 02:35
|
|
|
Depends on model I guess, but yeah a software based router will likely shape better. And die quicker in a ddos.
|
|
#
?
Mar 8, 2018 03:03
|
|
|
Spoke to the provider, explained we didn’t need NAT because the customer was has handling that, so they moved to ASRs and dropped the monthly price. Thanks thread.
Thanks Ants fucked around with this message at 09:46 on Mar 8, 2018 |
|
#
?
Mar 8, 2018 09:43
|
|
|
|
| # ? Apr 25, 2024 13:58 |
|
|
Jedi425 posted:So at $NewJob we're swapping out a bunch of end of life Nexus 5010s and FEXs, and to replace the FEX units' 1GB ports we're standing up a stack of 3850s, each with a 4-port 10G fiber module for uplink. One of them wouldn't light... until we started to unscrew the module to swap it out. Tighten it down, everything dies. Loosen it up, the ports light up. We're replacing the chassis because that's stupid, but I have not specifically had this problem, but what I will say based on similar problems is that if you’re securing these items by using a screwdriver and tightening the connections then you can easily cause this. I treat the retaining spring screws as thumb screws, and at minimum you need to make sure you sort of screw and tighten them at the same time. We had many issues with stacking cables and that on other devices due to whomever put them on cranking one screw down first, then torquing the other when it invariable won’t turn easily. This seems to either bend or warp the connecting surface, and or stresses it leading to issues like yours or eventual failure after enough time and heat cycling. Whoever designed the screws with slots in them is a sadist.
|
|
#
?
Mar 8, 2018 12:23
|
|
