|
Richard Noggin posted:That and the inadvertent right click inside a PuTTY session. This one got me good a few years ago. Managed to do an entire maintenance 2 hours early in about 2 seconds. 
|
#
?
Jan 31, 2018 01:12
|
|
|
|
| # ? Apr 27, 2024 10:32 |
|
|
Thanks Ants posted:Lmao how the gently caress is making rails a challenge. Off by 1 error.
|
|
#
?
Jan 31, 2018 01:20
|
|
|
Jamsta posted:A dimwit (me) who really should know better entered this into a 2960S's remote console session while in conf t: Did you paste it in all in one go? Because sometimes, the Nagel Algorithm will forgive mistakes like that.
|
|
#
?
Jan 31, 2018 01:22
|
|
|
I don’t know if anyone else here is running firepower 21xx boxes but you may want to hold off on the AC hotfix. I think I’m averaging a lina traceback every 2 hours on 1 pair ever since installing it.
|
|
#
?
Feb 1, 2018 17:57
|
|
|
ate poo poo on live tv posted:Did you paste it in all in one go? Because sometimes, the Nagel Algorithm will forgive mistakes like that. Pasted in one go via RDP -> Fibre -> ADSL -> Putty -> Switch. As soon as the LF followed the shut command it went dead and I followed with a loud poo poo (verbally not physically). Open plan office turned round and looked at me.
|
|
#
?
Feb 1, 2018 22:02
|
|
|
So we are building out a new Datacenter and I am advocating for a Single-Mode Fiber plant with zero multimode. I know SMF is the future, and that as things move toward 400G and beyond, SMF will be the only option. Our other datacenters (we have 4) are all MMF except for specific provider links which are SMF. The problem with advocating for SMF everywhere is that SM Optics are still more expensive if only slightly, then MM Optics. $240 MMF http://approvedoptics.com/arista-sfp-10g-sr-arista/ $320 SMF http://approvedoptics.com/arista-sfp-10g-lr-arista/ And it goes up from there as you get to the more exotic optics. Now I think I have a trump card, but I want to run it by you guys first. We are going to be doing some 100G connections, and as far as I can tell, if you want to use MMF, you must use more then 2 strands in an MPO configuration. I've seen 20 Strands for OM4 which is obviously ridiculous. But is this still true, or is there a way to do 100G over 1 pair of MM Fibers? For reference we are successfully doing 40G over a single pair of MMF in our existing DCs using a special "universal optic" which is basically a condensed CWDM package that is actually 4x10G streams simultaneously over a single pair of fibers. My gut tells me this isn't possible with 100G, because it would have to be either 10x10G's or 4x25G and there isn't enough bandwidth to handle the separation between the 25 gbs channels, nor is there enough to handle 10 10G channels, nor is it possible to get a useful distance with 100G, so a spec hasn't been written for that. Am I wrong? If I'm correct is my reasoning correct? Is there a good write up about why 100G over 1 pair of MMF isn't possible? Or how it is possible?
|
|
#
?
Feb 1, 2018 22:57
|
|
|
Jamsta posted:Pasted in one go via RDP -> Fibre -> ADSL -> Putty -> Switch. Is there any way to do a shut / no shut without some sort of out-of band management or by saving the config, scheduling a reload in 1 minute, and then shutting the port down?
|
|
#
?
Feb 1, 2018 23:00
|
|
|
Apparently 100G over MMF is possible: https://www.lumentum.com/en/products/qsfp28-swdm4-optical-transceiver-100ge-mmf
|
|
#
?
Feb 1, 2018 23:04
|
|
|
Thanks Ants posted:Is there any way to do a shut / no shut without some sort of out-of band management or by saving the config, scheduling a reload in 1 minute, and then shutting the port down? idk about other vendors but on Arista, you can create an alias which is a bunch of commands chained together that get executed by one single call. Which is kinda cool. Like code:
|
|
#
?
Feb 1, 2018 23:06
|
|
|
ate poo poo on live tv posted:So we are building out a new Datacenter and I am advocating for a Single-Mode Fiber plant with zero multimode. I know SMF is the future, and that as things move toward 400G and beyond, SMF will be the only option. Our other datacenters (we have 4) are all MMF except for specific provider links which are SMF. The problem with advocating for SMF everywhere is that SM Optics are still more expensive if only slightly, then MM Optics. Your first problem is you're paying 10x more than you need to. https://www.fs.com/products/36983.html
|
|
#
?
Feb 1, 2018 23:09
|
|
|
How many actual manufacturers of optics are there?
|
|
#
?
Feb 1, 2018 23:18
|
|
|
I am planning to just run a bunch of MTP/MPO OM4 MMF cabling instead. If I need a single strand(s), I can break out into tons of LC. If I need 40/100, it's already there. It's like running 12 fibers at once, but in a smaller package.
|
|
#
?
Feb 1, 2018 23:22
|
|
|
Except when it doesn't go as far. There used to be mode conditioning jumpers you could use to run mm optics on sm cable with some loss due to backscatter. The SMF plant is somewhat future proof. Or it was in retrospective view. I have mmf thats siecor nothing from the 80s, and OM2 through 4, all done because of optic prices. Mmf between buildings is now dead, and soon mmf between floors and racks will be. If you can afford to do it once why not. E: I may have this backwards Partycat fucked around with this message at 01:00 on Feb 2, 2018 |
|
#
?
Feb 2, 2018 00:56
|
|
|
Just use AOC cables 
|
|
#
?
Feb 2, 2018 02:36
|
|
|
If you're pushing MMF outside of your cage, you're doing something very wrong. Also, you can get Cisco optics for FS prices if you try hard enough.
|
|
#
?
Feb 2, 2018 02:47
|
|
|
Partycat posted:Mmf between buildings is now dead, and soon mmf between floors and racks will be. If you can afford to do it once why not. FatCow posted:If you're pushing MMF outside of your cage, you're doing something very wrong. Yeah, I assumed we were talking at MMF distances. The difference between 100G MMF optics and 100G SMF optics is big. FS price is $199 for MMF, $399 for SMF MPO and $699 for SMF LC. If I'm staying within MMF distances, I'm not going to pay for SMF prices.
|
|
#
?
Feb 2, 2018 03:07
|
|
|
I have once again been owned by co-workers because entering "wr" into the CLi is too hard.
|
|
#
?
Feb 2, 2018 18:47
|
|
|
But what if I save something I don't like????
|
|
#
?
Feb 2, 2018 19:12
|
|
|
Copy run flash:/indecision
|
|
#
?
Feb 2, 2018 19:15
|
|
|
Bigass Moth posted:But what if I save something I don't like???? that's what the goddamn backup config is for! Honestly this turned out to not be too bad because I was the one that documented the changes and commands needed to do the work, just someone else was doing it, though it's painfully clear that certain someone's have issues with Following Instructions and fail at the ever so difficult Copy-Paste.
|
|
#
?
Feb 2, 2018 19:16
|
|
|
ragzilla posted:I don’t know if anyone else here is running firepower 21xx boxes but you may want to hold off on the AC hotfix. I think I’m averaging a lina traceback every 2 hours on 1 pair ever since installing it. Apparently it's not just 21xx, it's anything running FTD where you're using FTD features like URL that require secondary flow inspection by the ASA and FTD code (HTTP, FTP, TFTP, and SIP are called out), CSCvh23085 So if you're actually using FTD features, may want to give it another couple of days for them to release the hotfixed hotfix.
|
|
#
?
Feb 3, 2018 00:27
|
|
|
MF_James posted:I have once again been owned by co-workers because entering "wr" into the CLi is too hard. So is running RANCID?
|
|
#
?
Feb 3, 2018 02:34
|
|
|
FatCow posted:So is running RANCID? You're funny, I like you. I work for an MSP.
|
|
#
?
Feb 3, 2018 03:24
|
|
|
What have I got wrong here? This is an Aruba (HP) 2920:code:Edit: Fixed. VLAN 102 was defined as a management VLAN which disables routing on that interface. Identified using 'debug ip forwarding'. Thanks Ants fucked around with this message at 19:32 on Feb 3, 2018 |
|
#
?
Feb 3, 2018 18:26
|
|
|
MF_James posted:You're funny, I like you. I work for an MSP. When I worked for an MSP I implemented RANCID for all of our clients.
|
|
#
?
Feb 4, 2018 02:56
|
|
|
Dear Cisco: gently caress You. quote:UPDATED 2/5/2018: After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available. Please see the Fixed Software section for more information. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
|
|
#
?
Feb 5, 2018 17:56
|
|
|
Settle down and welcome to last page mate.
|
|
#
?
Feb 5, 2018 18:05
|
|
|
Is there a good resource that people use for selecting OSPF area types? It's a pretty small network consisting of 4 provider routers on an MPLS which I assume are already area 0 as it's managed by the ISP and I know they use OSPF. I assume the area between each PE router and the customer equipment can just be stubs as nothing needs to get out to another network via those. And in the instance where one MPLS site connects via VPN hub-and-spoke to other sites, the VPN can be a stub area as well, with the area between the hub and the PE router just a normal area as traffic is traversing this link? Or is the answer here "use iBGP you moron"?
|
|
#
?
Feb 5, 2018 21:42
|
|
|
cheese-cube posted:Settle down and welcome to last page mate. They issued an updated patch today because the original one didn’t actually work
|
|
#
?
Feb 5, 2018 22:44
|
|
|
Docjowles posted:They issued an updated patch today because the original one didn’t actually work Today? Or the ones from the 3rd/4th which I just staged this morning. The Firepower release doesn’t even fix the other sev2s in the hotfix release so I’ve still got people I can’t patch due to the bugs. A quality release all around.
|
|
#
?
Feb 5, 2018 22:59
|
|
|
Yeah looks like today. lmao  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
|
|
#
?
Feb 5, 2018 23:03
|
|
|
This happened with the last critical vulnerability on the ASAs as well. I rushed an update out the door and then a couple of days later guess what, the patch i installed probably only made things worse!
|
|
#
?
Feb 6, 2018 01:23
|
|
|
Thanks Ants posted:"use iBGP you moron" If you need granular control of route advertisement BGP provides more policy knobs.
|
|
#
?
Feb 6, 2018 13:45
|
|
|
What's everyone's favorite box for basically acting as a "modem" on a T1 line? I have a half dozen or so sites that still use T1s for their voice connectivity because nothing better is available and are currently in a state of "hope their Edgemarc doesn't fail". I have a bunch of 2600s in a closet somewhere which is what we used to use for this role, but I'd rather have something with a warranty and current support rather than leaning on ancient hardware we got off ebay a decade ago. None of our current firewall platforms offer T1 interfaces, not even the PC-based ones. I could probably rig something up with one of the Linux-based firewall distros and a Sangoma card but I'd probably choose the 2600s over that if I had to. Basically I'm just looking for the dumbest, simplest, cheapest thing I can buy new with one or two T1 ports, an ethernet port, and support/warranty. No advanced functionality beyond basic routing of the block of IPs required, everything beyond that will be handled by the firewall.
|
|
#
?
Feb 6, 2018 16:44
|
|
|
Isn't Adtran pretty much the go-to for that requirement?
|
|
#
?
Feb 6, 2018 17:03
|
|
|
Thanks Ants posted:Isn't Adtran pretty much the go-to for that requirement? Yeah, I'd recommend Adtran's, that's what we use.
|
|
#
?
Feb 6, 2018 17:56
|
|
|
Thanks Ants posted:Isn't Adtran pretty much the go-to for that requirement? To clarify since I realize now that I chose poor wording by vaguely mentioning voice connectivity, these are data T1s on which we're running VoIP service, not PRIs. Not sure if that makes a difference in your recommendation though, I'm really not familiar with their offerings outside of the TA900 series which are of course quite overkill for this need (though I do have a bunch of those anyways.....)
|
|
#
?
Feb 6, 2018 19:32
|
|
|
wolrah posted:What's everyone's favorite box for basically acting as a "modem" on a T1 line? I have a half dozen or so sites that still use T1s for their voice connectivity because nothing better is available and are currently in a state of "hope their Edgemarc doesn't fail". I have a bunch of 2600s in a closet somewhere which is what we used to use for this role, but I'd rather have something with a warranty and current support rather than leaning on ancient hardware we got off ebay a decade ago. None of our current firewall platforms offer T1 interfaces, not even the PC-based ones. I could probably rig something up with one of the Linux-based firewall distros and a Sangoma card but I'd probably choose the 2600s over that if I had to. This is about as cheap as you'll get: https://www.ebay.com/itm/CISCO-1841-Integrated-Services-Router-DRAM-256Mb-ADVENTEPRISE-15-1T-M-ios/262025506256 At $67 shipped each, including the WIC-1DSU-T1/V2, you can afford to buy some spares. Need a second T1? https://www.ebay.com/itm/Cisco-WIC-1DSU-T1-V2-1-Port-DSU-CSU-T1-Module-1-Year-Warranty/272563447558 Less than $8 shipped. Both vendors offer a "1 year warranty," for whatever that's worth. SamDabbers fucked around with this message at 19:52 on Feb 6, 2018 |
|
#
?
Feb 6, 2018 19:47
|
|
|
MF_James posted:Yeah, I'd recommend Adtran's, that's what we use. Same. Also helps that their support is still good and not run by idiots.
|
|
#
?
Feb 6, 2018 20:15
|
|
|
|
| # ? Apr 27, 2024 10:32 |
|
|
SamDabbers posted:This is about as cheap as you'll get: CrazyLittle posted:Same. Also helps that their support is still good and not run by idiots. Any specific model recommendations on the Adtran side? It's hard to determine exactly which are the lowest end models in their scheme and I only really know the TA600 and TA900 series. wolrah fucked around with this message at 20:22 on Feb 6, 2018 |
|
#
?
Feb 6, 2018 20:20
|
|