Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«392 »
  • Post
  • Reply
Bigass Moth
Mar 6, 2004

I joined the #RXT REVOLUTION.

he knows...


Technically the BE6000/7000/4000 I guess. Theyíre usually written as BE6K etc.

Adbot
ADBOT LOVES YOU

Eletriarnation
Apr 6, 2005

People don't appreciate the substance of things...
objects in space.


Pillbug

10000 'series', although there was only ever a 10008 chassis. Strangely there was also a 10720 which had nothing to do with these, a 2RU box intended for providing connectivity between Ethernet and an OC-48 RPR/SRP ring.

Eletriarnation fucked around with this message at Oct 7, 2018 around 14:58

ragzilla
Sep 9, 2005
don't ask me, i only work here




The 15454.

ate shit on live tv
Feb 15, 2004

LBGT United
Did nothing wrong.

There was the GSR 12000 series. 12008/12012/12016, though I guess those aren't >three zeros, but still a thing vv

Dalrain
Nov 13, 2008

Experience joy,
Experience waffle,
Today.


Is there a good resource anyone can recommend for learning EVPN concepts and deployment? I'm a Cisco-background guy if it makes any difference.

tortilla_chip
Jun 13, 2007


https://cumulusnetworks.com/lp/evpn...center-oreilly/

Dalrain
Nov 13, 2008

Experience joy,
Experience waffle,
Today.


Thanks, that book is exactly what I needed! The foreword is really correct, Google searches were returning results too complex for me.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

Does anybody know if itís a good idea to split a 7 AP Aruba Instant cluster across two sites linked via a VPN? Or should I run one cluster per location and manage them separately?

Thereís not going to be the possibility of roaming from one site to the other, theyíre about 20ms apart, and I assume that no actual user traffic would traverse the link. Trying to avoid having to manually sync changes between two instances.

Edit: I have answered my own question and it doesnít seem like IAPs can even be told where to look for a controller - if they canít see it on the same L2 domain then they donít want to know.

Thanks Ants fucked around with this message at Oct 12, 2018 around 13:12

CrazyLittle
Sep 11, 2001







Clapping Larry

yeah donít extend the LAN past ďlocalĒ. Iím guessing Aruba uses bonjour or
Another broadcast/multicast announcement protocol.

adorai
Nov 2, 2002

10/27/04 Never forget

Grimey Drawer

Thanks Ants posted:

Does anybody know if itís a good idea to split a 7 AP Aruba Instant cluster across two sites linked via a VPN? Or should I run one cluster per location and manage them separately?

Thereís not going to be the possibility of roaming from one site to the other, theyíre about 20ms apart, and I assume that no actual user traffic would traverse the link. Trying to avoid having to manually sync changes between two instances.

Edit: I have answered my own question and it doesnít seem like IAPs can even be told where to look for a controller - if they canít see it on the same L2 domain then they donít want to know.

I have an aruba wireless controller ( i don't use it ).

1) the APs can be configured over layer 3. No worries there. DHCP option or DNS.
2) You can separate two controllers in a single controller across layer 3. I did not do this myself but was assured it is possible. They sync config and APs can be configured to register to either.

ate shit on live tv
Feb 15, 2004

LBGT United
Did nothing wrong.

There is no reason why any modern wireless setup would require layer2 adjacency. It's an obsolete concept tbqh.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

Iím happy for them to throw some artificial limitations into Instant because itís dirt cheap and I can always move to Central or a controller if Iím that fussed about it.

Currently this is two sites so managing the tiny number of changes I might need to make in both places isnít the end of the world. Any more locations and Iíll move up the product range.

I have a couple of APs that havenít been installed yet as they are waiting for the fitout to complete, so I might try pointing them at the current Instant setup with DHCP options and see what happens.

ate shit on live tv
Feb 15, 2004

LBGT United
Did nothing wrong.

I'm turning up some new circuits to an ISP, going ot be speaking BGP and taking full tables. Which type of connectivity would you choose, and why?

There are also a few other options, but I'm limited to terminating the ISP circuits on the actual routers, not through my "core" switches.

There are 4 total 10G links and each of those routers has another 20G port-channel to a different provider. The 10G links are local to the facility, so the odds of something happening ot the physical links are lower then losing the BGP adjacency because of provider maintenance etc.

tortilla_chip
Jun 13, 2007


I would just ECMP and not rely on MLAG.

Methanar
Sep 26, 2013

It always was

tortilla_chip posted:

I would just ECMP and not rely on MLAG.

SamDabbers
May 26, 2003

QUITE.


Fallen Rib

Multipath routing > multipath switching

madsushi
Apr 19, 2009

Baller.

I'd prefer #1 just to avoid any MLAG junk, just leave it as a regular port-channel.

Also, depending on your business, I actually like port-channel here. For defending against DDoS, I'd rather have a logical 20Gb circuit that's always ~balanced than two 10Gb circuits.

Is there a line between your edge routers (iBGP)? If not, then #2 might be better, since an individual upstream switch/router failure doesn't mean one of your routers loses that ISP's routes. Or just set up iBGP so that if Edge1 loses connectivity to ISP1, it can hand the traffic off to Edge2.

ate shit on live tv
Feb 15, 2004

LBGT United
Did nothing wrong.

tortilla_chip posted:

I would just ECMP and not rely on MLAG.

Agreed, but we will only have 2 bgp neighbors, so I'd have to do some kind of ECMP with static routes for each link. Which might not be the worst. With the new routers (MX204's) I'm putting in, I could just have 4 eBGP neighbors for each

madsushi posted:

I'd prefer #1 just to avoid any MLAG junk, just leave it as a regular port-channel.
I'm leaning towards this.


madsushi posted:

Is there a line between your edge routers (iBGP)? If not, then #2 might be better, since an individual upstream switch/router failure doesn't mean one of your routers loses that ISP's routes. Or just set up iBGP so that if Edge1 loses connectivity to ISP1, it can hand the traffic off to Edge2.

The edges aren't ibgp neighbors. They are BGP neighbors with the core switches though and each edge router can handle the full maximum load (40G) by itself, if two routers are up, then each only has to handle 20G max, so a total ISP loss isn't a problem. If the router loses both ISPs it won't be advertising the default anymore, so it won't take any traffic.

madsushi
Apr 19, 2009

Baller.

ate poo poo on live tv posted:

The edges aren't ibgp neighbors. They are BGP neighbors with the core switches though and each edge router can handle the full maximum load (40G) by itself, if two routers are up, then each only has to handle 20G max, so a total ISP loss isn't a problem. If the router loses both ISPs it won't be advertising the default anymore, so it won't take any traffic.

It's more about :

ISP1 has a good route to users in Florida, ISP2 has an ~okay route to users in Florida.

If Edge1's connection to ISP1 is down, it still gets half the traffic (advertising default to core) but can't take the better route to Florida. Not as important if your transit is ~equal but if your transit is ~equal then why take full tables? Anyway just a thought. A lot of times transit is transit so it's fine either way.

Partycat
Oct 25, 2004

Rule Number Dos:
A lot of you maggot people are gonna see some things that you're not used to seein'. I'm talking about nudies! That's right! Botticelli may show a titty or two and Michelangelo may show a mans willy dong long prong... but you are not, I repeat, you are not to titter !

Plaster Town Cop

See and I would have gone for the vPC/SMLT or whatever just to mitigate equipment issues - but yeah each mfr and equipment varies in its ability to balance and direct that traffic.

That being said you can still arrange and route the traffic over a disparate topology so I having resilience in your pay isnít a bad thing.

DigitalMocking
Jun 8, 2010

Wine is constant proof that God loves us and loves to see us happy.
Benjamin Franklin

Man, these tariffs are going to gently caress everything in tech bad it feels like.

Ordered a pair of cat9ks like 3 months ago, still don't have them, don't know if we're going to get them in the October shipment.

Adbot
ADBOT LOVES YOU

ate shit on live tv
Feb 15, 2004

LBGT United
Did nothing wrong.

madsushi posted:

It's more about :

ISP1 has a good route to users in Florida, ISP2 has an ~okay route to users in Florida.

If Edge1's connection to ISP1 is down, it still gets half the traffic (advertising default to core) but can't take the better route to Florida. Not as important if your transit is ~equal but if your transit is ~equal then why take full tables? Anyway just a thought. A lot of times transit is transit so it's fine either way.

Full tables is important for me because I sometimes have to force traffic to go over one provider or another in order to avoid over-saturation of the link (some of our larger Datacenters will regularly exceed 20Gbs out.)

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«392 »