Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Bob Morales
Aug 18, 2006


Just wear the fucking mask, Bob

I don't care how many people I probably infected with COVID-19 while refusing to wear a mask, my comfort is far more important than the health and safety of everyone around me!



BaseballPCHiker posted:

Just to pile on, Im just a Cisco guy, but for Cisco we'd have dedicated stacking cables in the back of the switches, not using SFP or copper ports for that.

Are you calling trunk links stack ports? Or is that how HP does stacking?

Also, when I was looking into something similar last year, Cisco had yet to come out with a fiber aggregation switch in their 9000 series of switches. Not sure if thats still the case or not.

You can use HP IRF technology to connect and virtualize A5500 EI switches or A5500 SI switches into a
virtual switch called an “IRF fabric” or “IRF virtual device” for flattened network topology, and high
availability, scalability, and manageability.


You can do a LAG across two different physical switches so I would call it a 'stack'. There are 'stacking ports' but they seem to just be 10GBe interfaces on the rear, it's not a dedicated stacking cable like you mention you'd see with other vendors. The newer Aruba stuff seems to work the same way with their VRF or whatever they call it (we have two closets converted over to the Aruba 2650(?))

We've been converting some closets over to the HPE 5130's, which are newer Comwares, which we have been getting as warranty replacements.

Adbot
ADBOT LOVES YOU

Bob Morales
Aug 18, 2006


Just wear the fucking mask, Bob

I don't care how many people I probably infected with COVID-19 while refusing to wear a mask, my comfort is far more important than the health and safety of everyone around me!



Thanks Ants posted:

I think a pair of Aruba CX 6300 24 port SFP+ switches will do for your 'core', then just use CX 6100s for your copper access.

Trying to get that combination of SFP and copper ports into new devices isn't really going to happen unless you go for a chassis or something weird like a Netgear . Also I don't think trying to stack them all together is worth doing - you won't want to do maintenance on them all at the same time, you won't want to reboot your main core just because your secondary ESXi cluster needs a firmware update. Use something like NetEdit or Aruba Central for management.

This is kind of where I was going, trying to figure out why we need it to be all one stack. We are using Aruba Central now, actually. And guess why we can't replace the fan in switch #2 that's giving us errors! Because we have to bring the whole thing down.

Pile Of Garbage
May 28, 2007





Bob Morales posted:

20M and maybe 300M?

Assuming they're 1Gb the 20M runs could be done with CAT6 but it's kinda pointless if you've also got 300M runs.

Out of interest, what is the location of this network? Like just an office building or an off-shore rig? Asking because the only times I've had to deploy networks with that variety of ranges was on a rig (Specifically a rig that connects to another rig, shortest was 10M between floors of LQ, longest was 250M over the umbilical to the connected rig, also had microwave backup as well as a hilarious RF packet-radio tertiary backup that could do maybe 150KB/s).

Bob Morales
Aug 18, 2006


Just wear the fucking mask, Bob

I don't care how many people I probably infected with COVID-19 while refusing to wear a mask, my comfort is far more important than the health and safety of everyone around me!



Pile Of Garbage posted:

Assuming they're 1Gb the 20M runs could be done with CAT6 but it's kinda pointless if you've also got 300M runs.

Out of interest, what is the location of this network? Like just an office building or an off-shore rig? Asking because the only times I've had to deploy networks with that variety of ranges was on a rig (Specifically a rig that connects to another rig, shortest was 10M between floors of LQ, longest was 250M over the umbilical to the connected rig, also had microwave backup as well as a hilarious RF packet-radio tertiary backup that could do maybe 150KB/s).

Office building

Eletriarnation
Apr 6, 2005

People don't appreciate the substance of things...
objects in space.



Oven Wrangler

Pile Of Garbage posted:

6500 (Are they even a thing anymore?)

From what I can tell they were replaced by the 6800 series, and those in turn were replaced by the 9600. If you want more ports than a 9600, you're looking at a Nexus model.

Pile Of Garbage
May 28, 2007





Bob Morales posted:

Office building

Given your ranges I assume your core is in the MDF on the ground or sub-basement. You'd potentially recoup cable runs by moving it to the IDF of the middle floor of those you service (Like with my previous example which was floors 8-11 so they put core on 10).

uhhhhahhhhohahhh
Oct 9, 2012


You can also just buy Nexus 9300 fibre and copper pairs and vPC them but that's extra management overhead vs stacking. We paid less than £8k per switch for our 93180s, and bought the 10/25/40gbit SFPs and full copper ones.

Jedi425
Dec 6, 2002

THOU ART THEE ART THOU STICK YOUR HAND IN THE TV DO IT DO IT DO IT



So I'm going to be starting a new job shortly that will make use of Aruba hardware (specifically their mobility controllers and possibly ClearPass), which I don't have any experience on. Any good literature out there to familiarize myself with them, or am I stuck with the company's website?

\/\/\/ EDIT: Thanks, Thanks Ants.

Jedi425 fucked around with this message at 18:57 on Apr 12, 2021

Thanks Ants
May 21, 2004

#essereFerrari


Just look at stuff on here, and then look at the personal websites of the people doing the presentations

https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ

Moey
Oct 22, 2010

I LIKE TO MOVE IT


Random design-ish level question.

I am replacing a bunch of Meraki APs across a handful of sites. For guest wireless access, we can have that firewalled off via the Meraki APs themselves, but the replacement APs we are going with don't have a feature like that.

Looking back at my history, we get about 2500 unique devices/month on these guest SSIDs.

Should I be doing a smaller VLAN (isolated via firewall) per site, something like a /24 or /23 depending on site size, or just stretching a larger VLAN around (like a /20) and trusting that the APs Client Isolation and broadcast filtering won't let me down?

These are all non company owned devices. So personal employee devices for non work use, guest meeting access, public spaces, bla bla bla...

Partycat
Oct 25, 2004

See burger
Need burger


Plaster Town Cop

How many do you get in concurrently? Generically, I would size it to accommodate anticipated peak + burst, and size DHCP lease timings to try and minimize cruft for efficient utilization. Assuming you have the routing resources for it a smaller VLAN that routes out from the site with a local controller would seem reasonable, instead of trying to filter mdns/broadcast/whatever. IMO anyway.

Moey
Oct 22, 2010

I LIKE TO MOVE IT


Partycat posted:

How many do you get in concurrently? Generically, I would size it to accommodate anticipated peak + burst, and size DHCP lease timings to try and minimize cruft for efficient utilization. Assuming you have the routing resources for it a smaller VLAN that routes out from the site with a local controller would seem reasonable, instead of trying to filter mdns/broadcast/whatever. IMO anyway.

I would guess concurrent to be around 250, but poo poo keeps changing via COVID fun.

I guess I could start smaller and just expand if needed, while keeping the DHCP lease time to like 8 hours.

No controller for these APs (Juniper/Mist), all cloud based. Sites are all connected via dark fiber, so I am routing (or just stretching this VLAN) back to one firewall cluster.

Edit: Gonna test this out with a /23 and 8 hour lease, see what happens.

Moey fucked around with this message at 18:49 on May 17, 2021

ate shit on live tv
Feb 15, 2004



With wireless and lightweight AP's there is no scaling/performance issue for large subnets. The scaling limits come from number of devices per AP. Stadiums and large public even spaces etc get away with flat /16's and of course use client isolation. I would say plan your subnet's to minimize addresses wasted per controller. If you have a single controller for a region and expect ~3000 clients total at the all the offices etc. Then a /20 is a good size. If you have a remote site that requires a dedicated controller, that will have 20 people in the office, a /24 should be fine. (I don't like going smaller then /24 for user subnets).

Just avoid doing like 32 /29's or a /24 per floor or whatever.

Methanar
Sep 26, 2013
ASK ME ABOUT NOT TIPPING DELIVERY DRIVERS, OR ABOUT MY DIET OF CANNED BABY CORN AND CHICKEN NUGGETS

What is a BGP EVPN and why might I ever care.

And how might stretching a single subnet across DCs work and why would you ever want to do that.

Methanar fucked around with this message at 22:39 on May 18, 2021

Thanks Ants
May 21, 2004

#essereFerrari


If your app is poorly designed you might want to stretch a subnet across locations. Like if the only way of keeping it online is to use VMware HA rather than the app being clustered that can deal with nodes going away.

MF_James
May 8, 2008
I CANNOT HANDLE BEING CALLED OUT ON MY DUMBASS OPINIONS ABOUT ANTI-VIRUS AND SECURITY. I REALLY LIKE TO THINK THAT I KNOW THINGS HERE

INSTEAD I AM GOING TO WHINE ABOUT IT IN OTHER THREADS SO MY OPINION CAN FEEL VALIDATED IN AN ECHO CHAMBER I LIKE


Ask me about supporting physical security companies that have database applications that can only be connected to by thick clients (terminal servers are NOT SUPPORTED DUHHHH) that do a literal broadcast to find the database.

Actually don't ask me because it resulted in a lot of drinking with my previous architect.

ate shit on live tv
Feb 15, 2004



Methanar posted:

What is a BGP EVPN and why might I ever care.

And how might stretching a single subnet across DCs work and why would you ever want to do that.

You don't want that. But it is a potential routed fix for dumb "business critical apps" that can't handle not being layer2 adjacent so you can still have some kind of DR. It won't work well, and will still be a huge outage if anything ever happens, but it will check a box for an audit about DR.

GreenNight
Feb 19, 2006
Turning the light on the darkest places, you and I know we got to face this now. We got to face this now.

Supply chain issues with Cisco switches is eating my rear end. Meraki or Cisco, maybe 4 months out? So I'm setting up a stack of old rear end 3560-X series switches for a new office because we're bringing everyone back, yipee.

Thanks Ants
May 21, 2004

#essereFerrari


Yeah we've been given a 60 day lead time for 50 APs. Going to see if I can get our account manager to sort out discounts in exchange for picking the next product up the range.

GreenNight
Feb 19, 2006
Turning the light on the darkest places, you and I know we got to face this now. We got to face this now.

At least the 3560's have hardware warranty until October which I just had to open a TAC case to use after not booting these switches up in years.

Dalrain
Nov 13, 2008

Experience joy,
Experience waffle,
Today.


What is this arrow P icon supposed to represent, other than Cisco 9k? VXLAN?

https://www.cisco.com/c/dam/en/us/p...07-733228_2.jpg

Jedi425
Dec 6, 2002

THOU ART THEE ART THOU STICK YOUR HAND IN THE TV DO IT DO IT DO IT



GreenNight posted:

Supply chain issues with Cisco switches is eating my rear end. Meraki or Cisco, maybe 4 months out? So I'm setting up a stack of old rear end 3560-X series switches for a new office because we're bringing everyone back, yipee.

Yeah I'm on a project right now where they still haven't finalized the POs, and they think we'll have the hardware on site in 4-8 weeks from when they do. I'm guessing they'll be lucky to see these 9300s this side of Thanksgiving.

Farking Bastage
Sep 22, 2007


More of a wireless question, but this is the only networking thread.

I'm covering a couple of rooms at a facility separated by about a 15 foot outdoor breezeway. What's strange about it is one of these rooms has an odd decorating choice. Both have suspended ceilings, but instead of acoustic tiles the squares are embossed galvanized steel sheet metal. That has to ratchet up the reflectivity up to 11. Luckily there's nothing above that room to worry with, but I'm curious to see if anyone has seen something similar and how to account for it if necessary.

The customer typically likes the AP's above the ceiling grid, but that's clearly not going to work in this case, so I'm thinking wall mounting for aesthetic purposes as opposed to using grid clips.

Thanks Ants
May 21, 2004

#essereFerrari


Or buy APs with antenna connectors and locate a little antenna puck on the ceiling. This will probably cost double what just fitting an AP in a visible location would run to, though.

Adbot
ADBOT LOVES YOU

Partycat
Oct 25, 2004

See burger
Need burger


Plaster Town Cop

Thanks Ants posted:

Or buy APs with antenna connectors and locate a little antenna puck on the ceiling. This will probably cost double what just fitting an AP in a visible location would run to, though.

Yeah that or a patch antenna on the wall facing into the space if it's reasonable for the size, opposite the breezeway with supporting coverage from there? That avoids touching tiles you'd have to perhaps replace if they're damaged.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply