|
I'm looking for a Cisco router for internal testing, one functional requirement is for PGM Router Assist, however only the 12.0(5)T notes list supported platforms, and most of those are now eol: http://www.cisco.com/en/US/docs/ios/12_0t/12_0t5/feature/guide/pgmscale.html quote:•Cisco 1600 series What is the cheapest model I could get today that supports PGM Router Assist, performance not an issue? I have quote at HK$74,100 for the 3825. Network diagram would be something like this: code:
|
#
¿
Apr 15, 2008 10:04
|
|
|
|
| # ¿ Apr 25, 2024 18:09 |
|
|
Pussy Noise posted:Have you looked at the Cisco feature navigator at http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp? Its a bit confusing, the platform is the model number, but is there any way just to search for unique model numbers? It lists 108,221 results for PGM, and bizarrely 123,926 for DLR enhancements (additional to PGM) 
MrMoo fucked around with this message at 03:56 on Apr 16, 2008 |
|
#
¿
Apr 16, 2008 03:53
|
|
|
So to test a basic cascade like this, I could use two 1841's? I found a manufacturer refurb at $799.56 ($880 new) on compuvest, compared with $1,230 for 2801, and $1,423.32 for a 2811. http://www.compuvest.com/Description.jsp?iid=564912 http://www.compuvest.com/Description.jsp?iid=141936 http://www.compuvest.com/Description.jsp?iid=483093
|
|
#
¿
Apr 16, 2008 04:50
|
|
|
Multicast & Bonjour routing, I have a HP ProCurve 2848 which I think mistakenly I thought could allow multicast between VLANs. It does have multicast support but only with an external multicast router, can anyone suggest the easiest method to upgrade so that I can do this? Is a Cisco router the only way forward? How much is it going to cost getting to get one full source port, i.e. 1 gb/s multicast routing? Basic routing would be nice for DAAP, mDNS, multicast-NTP, but I'm really after getting PGM working cross VLAN.
|
|
#
¿
Sep 8, 2008 05:14
|
|
|
When using GNS3, why do I need to create bridged tap devices like this? http://www.sadikhov.com/forum/index.php?showtopic=147181 I'm creating a simple network to test multicast and PGM routing,  Two 2600's with advanced IP services, EIGRP routing and sparse mode PIM. Unicast works fine both directions. Multicast sends from tap1 can be seen with tcpdump or Wireshark on tap0 but I see nothing on a socket subscribing on that interface.
|
|
#
¿
Jan 11, 2010 05:43
|
|
|
MrMoo posted:When using GNS3, why do I need to create bridged tap devices like this? Found an explanation, if obtuse, https://lists.linux-foundation.org/pipermail/virtualization/2008-July/011289.html So ended up with the following, 
|
|
#
¿
Jan 11, 2010 15:46
|
|
|
Powercrazy posted:Since I'm fairly new I don't have intimate knowledge of the datacenter tech we may or may not use, but as far as I know we don't touch infiniband, iSCSI, FCoE, etc. Only GigE. We do have a SAN setup somewhere, but I don't know where yet. You're muddling up technologies, you can use InfiniBand as a faster Ethernet or simply a very fast fabric. One use is for storage. Voltaire is currently pushing their systems in finance for messaging, i.e. use TIBCO or LBM on top with Ethernet shims or native IB verbs.
|
|
#
¿
Jan 28, 2010 00:55
|
|
|
For reference, some overly conservative latency figures on different fabrics by Apache Qpid:
ZeroMQ reached 13.4μs on IB, STAC Research report 10G at 38μs (19μs one-way) for LBM on Cisco 4900Ms using OpenOnload, I can manage 300μs on 1G UDP multicast at 32kpps. MrMoo fucked around with this message at 03:37 on Jan 28, 2010 |
|
#
¿
Jan 28, 2010 03:33
|
|
|
InferiorWang posted:What's the defacto standard for dealing with multicast? Is it IGMP snooping or CGMP? But you get to choose between sparse mode, sparse-dense mode, dense mode, or source-specific-multicast. Get your developers to update their poo poo to use SSM.
|
|
#
¿
Mar 17, 2010 05:12
|
|
|
Docjowles posted:This doesn't exist Actually I think there is a multi-point server 2010, also 2011 and 2012 
|
|
#
¿
Sep 13, 2015 03:05
|
|
|
Any play much with IKEv2 in iOS 9? I managed to finally get EAP-TLS up and running because the client always sent an EAP request, I started with an Agile (Microsoft Windows 7) VPN configuration on StrongSwan using no-EAP certificate auth. The post to IETF suggests that no-EAP certificates should work though? I guess it needs an enterprise profile configuration to force the authentication method?
|
|
#
¿
Oct 15, 2015 02:12
|
|
|
Methanar posted:Can someone write some words about why you would ever want to use a software router/firewall like BIRD or vyOS instead of a hardware Cisco or Juniper product? There are some interesting notes by Google or about Google or Facebook somewhere. Basically Cisco are completely unable to solve their network issues for any amount of money, and you know if they could it would be not even remotely financially viable.
|
|
#
¿
Nov 30, 2015 17:32
|
|
|
I have it setup across three sites in CT, NJ, HK and test tools report it can yield lower latencies but I just don't know the best way forward with private networks to hide internals services to match the paradigms deployed for IPv4. It is a PITA having IPv4-only management interfaces on some hardware.
|
|
#
¿
Jan 7, 2016 01:00
|
|
|
Moey posted:At what point will I benefit with running it internally? When there are IPv6-only services that are too tedious to access through a proxy, so almost never if you follow todays paradigm of operation. The real benefits are using public IPs for every host and scrapping NAT, see the usage cases for Windows DirectAccess. You would probably need a new generation of admins to start seeing this.
|
|
#
¿
Jan 8, 2016 22:43
|
|
|
sbyers77 posted:I work for a small company that recently had a Security Risk Assessment done, and one of their recommendations was to install a higher-grade firewall. An interesting note from the pfSense team on compliance issues: quote:Prospective pfSense users commonly inquire about the ability to meet security requirements applicable to their specific environments. Some of those include PCI, SOX, GLBA, HIPAA, amongst numerous other similar regulations for publicly traded companies, financial institutions, healthcare institutions, and others.
|
|
#
¿
Jan 23, 2016 00:58
|
|
|
Software licenses? Usually that's fibre switches though.
|
|
#
¿
Mar 23, 2016 23:45
|
|
|
Methanar posted:I might still need to embed Expect somehow to automate the SSH password part. Just add SSH keys, simplifies everything?
|
|
#
¿
Aug 17, 2016 14:26
|
|
|
FYI: just spotted an outstanding iOS and it appears Sierra feature with IKEv2 and Strongswan with MOBIKE & DPD should be resolved in the next revision of Strongswan (5.5.1): https://wiki.strongswan.org/projects/strongswan/wiki/AppleClients
|
|
#
¿
Oct 13, 2016 19:46
|
|
|
Netgate appear to have released a new tiny system for upto 300mbps firewalls: I wish they would swap over to USB-C or micro-USB powering instead of the terrible prop bricks.
|
|
#
¿
Nov 1, 2016 20:45
|
|
|
Working with EdgeOS today and it has automatic firewall rules for DHCP but not for DHCPv6  Took far too long to find that out. Also it appears some parameters changed format in releases, i.e. prefix-length went from a /56 to a 56 format, of course with no validation other than completely wiping the interface declaration on reboot. Nice.
|
|
#
¿
Jan 2, 2018 20:45
|
|
|
OpenVPN on EdgeOS died today for some reason and it wasn't obvious why so I replaced it with IKEv2 IPsec and it worked, and even went via IPv6. It is a good day.
|
|
#
¿
Aug 10, 2018 18:01
|
|
|
Thanks Ants posted:Has anybody looked at the Azure Virtual WAN service? Did you try it? Is it just ghetto MPLS with IPsec?
|
|
#
¿
Aug 28, 2018 02:39
|
|
|
https://coloradosun.com/2023/11/13/fastest-internet-service-terabits-denver-sc23/ This sounds pretty neat, 6Tb interwebs connection for a convention.
|
|
#
¿
Nov 15, 2023 04:38
|
|
|
Eletriarnation posted:Well, yes, IPv6 is also decades old at this point and your addressing system doesn't have much to do with how fast you're going. Facebook and others use IPv6 because the headers are smaller and less processing needed in routing, something like 10% faster? China raised an order that all new equipment must support IPv6, so it helps to court their monies no doubt.
|
|
#
¿
Nov 15, 2023 16:41
|
|
|
|
| # ¿ Apr 25, 2024 18:09 |
|
|
Eletriarnation posted:The headers aren't smaller, if you're just talking about raw IP traffic. IPv4 headers are 20 bytes and IPv6 headers are 40 bytes. Technically IPv4 headers can be up to 60 bytes, but the real issue is the number of fields that network devices need to process. IPv6 reduces that from 6 to 4. Copying bytes is "free" in an ASIC, evaluating the content is not, hence why network switches are cheaper than network routers. https://www.microsoftpressstore.com/articles/article.aspx?p=2225063&seqNum=3 uhhhhahhhhohahhh posted:ipv6 is slower because it takes the computer longer to type the address in (it has more characters) I like that devices end up with multiple addresses and some with short term lifetimes, idk how the designers of IPv6 expected the typical IT technician or network engineer to cope with that. Like most apps record a device with a single IPv4 address, now you have multiple with different lifetimes, and each one very terse to read, awesome. Because mDNS is going to actually reliably work everywhere, any day now. MrMoo fucked around with this message at 17:14 on Nov 15, 2023 |
|
#
¿
Nov 15, 2023 17:10
|
|