|
Could someone give me an idea on BE and BC when it comes to setting policy maps? Example: Let's say I have a customer requesting 300mb connection. code:
Zuhzuhzombie!! fucked around with this message at 20:15 on Mar 16, 2011 |
# ¿ Mar 16, 2011 19:59 |
|
|
# ¿ Apr 27, 2024 19:45 |
|
Bardlebee posted:I need some advise, fellow Network Engineers. I just got a job offer to work for a small business of roughly 25 people. In it, 5 of them are network engineers. The job will basically be a setup and design position for school districts and hospitals. Being a small business I doubt they will be able to pay me at the same rate as a large corporate network. The thing is they offer to teach me as I got, on the job training and what not. I'm in a similar situation. Kind of. I'm in a large ISP that gets to deal with BGP, EIGRP, fiber, T1, vwic, voip and voice vlans, etc. But I get paid about 20K less a year than I should be. But I learn a ton. Should be getting CCNA within the next four or five months. Here, though, it's kind of the exact opposite. I find 80K a year + jobs all the time, bjut they want you to be super Cisco admin + Windows support + everything else, and I don't want to really do that.
|
# ¿ Mar 16, 2011 20:23 |
|
Bardlebee posted:Anyone have an idea what the hell? Why they wouldn't use spanning tree? No idea. Other than maybe they want to have a huge headache when some hardware fails. As someone else mentioned, spanning-tree port-fast and switchport port-security violation restrict will solve issues of douche nozzles loving with your switch. Bumping my Q Could someone give me an idea on BE and BC when it comes to setting policy maps? Example: Let's say I have a customer requesting 300mb connection. code:
What I don't understand is why CIR is in bits, but bc and be are in bytes.
|
# ¿ Mar 17, 2011 15:01 |
|
I had a very very similar issue like that. A PoE phone was bad. It worked fine whenever it was on an unpowered 3550 and had it's own power source. When we upgraded everything to 3750s and had all phones powered by PoE, this one phone basically started a spanning tree loop that brought down the entire intranet for our main office. Took a good 5 hours to figure that out.
|
# ¿ Mar 17, 2011 17:06 |
|
Powercrazy posted:Whenever you have spanning tree loops you have to figure out where the TC Frames are coming from. Usually this is pretty easy as TC frames are always layer2, which means everything is restricted to one collision domain. Isn't PVST on automatically? Also, we use Calix ONTs for fiber and have somewhat high fail rate with them. We also use Myrio for our IPTV stuff and I hate it.
|
# ¿ Mar 21, 2011 22:13 |
|
jwh posted:I turned up some additional transit with Cogent the other day, and I hadn't before seen their approach to BGP: This is kind of how they all work though, isn't it? /32 is still within the /30 range, and is where their BGP routes come from. Route server is basically dedicated hardware to issue routes instead of having to waste processing time on a router, plus easier BGP management per customer. Zuhzuhzombie!! fucked around with this message at 15:27 on Mar 22, 2011 |
# ¿ Mar 22, 2011 15:07 |
|
quote:If each VLAN is a subnet, what do you do when the other half of your subnet is at a different physical location? I don't know, or else I wouldn't be asking. Depends on how you want to do it. Layer 3 then subinterface your interfaces on the routers and encapsulate them to carry over the vlan tags. Create a DHCP pool one one router, put an interface vlan ### on each switch with management IPs, and you should be set to go. Or just trunk one switch to another.
|
# ¿ Mar 22, 2011 22:13 |
|
BGP, IIRC, will always require some form of internal routing.
|
# ¿ Mar 24, 2011 17:43 |
|
I have a 2811 that loses it's running config on reload. The saved config stays fine. Copy start run brings it right back to where I want it. What can I do to fix this?
|
# ¿ Mar 24, 2011 21:30 |
|
Powercrazy posted:Do you do 'copy run start' before you reload? It will still be wiped once it reloads. I'll get config register tomorrow. I'm doing late night updates out in the field right now.
|
# ¿ Mar 25, 2011 03:51 |
|
Powercrazy posted:Then my vote is your config register is 0x2402 Configuration register is 0x2142
|
# ¿ Mar 28, 2011 15:35 |
|
PainBreak posted:Not entirely, 100% Cisco, but I'm having a bit of trouble wrapping my mind around this today. I was presented with the following question: Telnet into the switch and from the switch telnet into the PoE device to make your changes?
|
# ¿ Mar 29, 2011 21:46 |
|
We use Lucent and... uh... Tel...something? That's another department. Only time we use Cisco for that stuff is basically for routing purposes only. VOIP is a huge bitch.
|
# ¿ Mar 31, 2011 13:16 |
|
Voip problem here. PoE Polycom phones require static IPs (for some reason) and often lose the ability to make/receive calls. Phones are registered in the ARP table and pingable from the Gateway and the Switch. We have a Cisco router on a stick out in a remote location handling three 3750s. Everything inside is NATed to a public IP that's assigned to the router. The router is behind a cable modem. There are three VLANS. One for physical access to serve PCs. One for the wireless LAN controllers. One for VOIP phones. Each VLAN has it's own IP range and each range has a DHCP pool and .1 0 .50 is reserved through each pool. Gateway has sub interfaces to carry the individual vlan tags across the point to point to our internet equipment. And that's all I got. No problems with wireless or PCs and their connectivity. Phones will stay working for an indeterminable amount of time until problem. Bouncing the interface does nothing. Phones have to basically be reset and IP put back in. On the DHCP pool for the phones we have option 66 enabled, another option I can't think of off the top of my head, and a "default-router" that supposedly points the phones to an FTP/config server. An earlier problem that was fixed with static IPs on the phones was, we believe, created by the phones booting and trying to contact the FTP/config server before it gets an IP address from the DHCP pool. It would attempt to contact server, time out, not pull any config information, and then sit there dead. So I guess I have two VOIP problems, as a solution to either would basically make my day and, honestly, would put an end to a several months long problem.
|
# ¿ Apr 6, 2011 03:50 |
|
CrazyLittle posted:How are you assigning the VLAN to the polycom phones? Are you using "voice vlan"? Yup. Running auto qos voip trust on the interface as well. I'll give these ideas a shot fellas. Really really appreciate it.
|
# ¿ Apr 6, 2011 12:54 |
|
code:
These phones are registereding to a Broadsoft server but I can't recall if it's on the public network or if it's on the private, but I do know that at least with the DHCP pool the Option 66 IP was an IP on our public range and everything else was private.
|
# ¿ Apr 6, 2011 14:53 |
|
Our engineers spend most of their time in NetCracker.
|
# ¿ Apr 15, 2011 14:20 |
|
Anyone noticing anything strange with XO/L3? Cogent is dropping packets according to the IHR and while checking our connections in PRTG I noticed some weird spikes/drops on our other two backend connections.
|
# ¿ Apr 15, 2011 20:53 |
|
Apr 20 2011 08:13:26: %ASA: Deny IP due to Land Attack from 11.11.11.11 to 11.11.11.11. Keep seeing this on our firewall logs. We've tracked it down to a user's Mac Book. Not seeing it happen with any other Apple products that hit our wifi network or any other laptop. Any idea what could cause this? EDIT Just to be clear, I know what this type of attack is. But what would cause this to come from legitimate user on a Macintosh computer? Zuhzuhzombie!! fucked around with this message at 15:32 on Apr 20, 2011 |
# ¿ Apr 20, 2011 15:21 |
|
I took the IP out since we have very sensitive stuff on our network. But it's the same IP in and out. It is valid. It's a NAT'd IP as well.
|
# ¿ Apr 20, 2011 16:01 |
|
His laptop syncs with DropBox, a (Apple's?) cloud computing service. Thinking this may have something to do with it. EDIT Nope. Zuhzuhzombie!! fucked around with this message at 17:31 on Apr 20, 2011 |
# ¿ Apr 20, 2011 16:46 |
|
CrazyLittle posted:Wow, didn't think I'd bump into this problem again... Any of you guys ever find a good way to do NAT reflection on IOS? Assuming he has a Cisco router on his end, it should be something as simple as setting up a DHCP pool for the IP addresses and then make sure to do the IP NAT Inside Overload command.
|
# ¿ Apr 21, 2011 03:57 |
|
DarthJon posted:Can't use TFTP, have to use SSH Maybe a TCL script?
|
# ¿ May 9, 2011 21:54 |
|
What all should I focus on for the CCNA outside proper subnetting and proper acl creation?
|
# ¿ May 9, 2011 22:01 |
|
quote:Can you pick out which ports on which switch will be in what state given base switch MAC addresses? No idea what this means. :P We ordered a 10 gig card for some 6500s. The big wigs were throwing around "switching fabric" and "sups" and I was mostly out of the loop. Mostly something about the Sup needing to failover to an earlier version or something or the other. Anyone clarify? My team will be making the actual swaps, and the co worker that's more knowledgeable on the matter is away for the next few days to answer any questions I may have. One of the reasons I ask about Fabric is cause the Wiki entry on it doesn't jive with what I assumed it to mean. Zuhzuhzombie!! fucked around with this message at 22:33 on May 9, 2011 |
# ¿ May 9, 2011 22:24 |
|
Question. 6500 (FA) to a 3750(Gig) to a customer. Noticed one of our customers was running half duplex on our 3750. 6500 was set duplex auto. No specific duplex settings on the 3750. Set Duplex Full and the 3750 int goes down. Set to Duplex Auto and it comes back up. Duplex Auto Speed 100 int goes down. No duplex settings Speed 100 and it's half duplex. 6500 has been full duplex the whole time. So I remove all duplex/speed provisions from the 3750 and do similar testing 6500. Same issue. Tried a new cable. Same issue. Then I clear all duplex/speed provisions from the 6500 and the 3750 bumps up to full duplex. Just curious as to what exactly happened.
|
# ¿ May 16, 2011 17:46 |
|
Yeah, sorry. Basically we have a 6500 core router that hands off certain traffic to a distro 3750 that then sends that off to a layer 2 transport network. Some time that's us,sometimes it's AT&T, etc. Noticed the issue when we were checking something else related to flood outages and the like. 6500 was always full duplex. When I first looked at it last Thur it was full Duplex, had Duplex Auto. That is the only provisioning. 3750 side had no duplex or speed provisioning and was half duplex. Duplex auto kept it at half. Forced duplex full shut it down. Speed 100 shut it down. Etc etc.
|
# ¿ May 16, 2011 18:02 |
|
tortilla_chip posted:Disabling auto-neg disables auto mdix. Use a crossover cable. I was/still am.
|
# ¿ May 16, 2011 19:51 |
|
tortilla_chip posted:What does Nothing. No MDIX line in the phy properties.
|
# ¿ May 17, 2011 15:00 |
|
Rebooting core 6500 and our ASRs next week to upgrade iOS and install 10 gig blades and modules.
|
# ¿ May 18, 2011 13:45 |
|
Anyone here have experience with EIGRP Authentication?
|
# ¿ May 18, 2011 15:21 |
|
Doing some research and gonna build a lab. Only concern is whether or not we have to roll EIGRP authentication out on every device at the same time in order to avoid having neighbors cut off from each other.
|
# ¿ May 18, 2011 16:57 |
|
10 gig Cisco modules have these big huge heat sinks on them.
|
# ¿ May 24, 2011 21:34 |
|
Anyone having any trouble with Level 3 tonight?
|
# ¿ May 25, 2011 03:54 |
|
We got a ticket in with them. They just completely died on us. Hmmm.
|
# ¿ May 25, 2011 04:08 |
|
falz posted:Probably something local to you. Call it i and check their looking glasses for info about your net and the link net you peer with them on. We went for years without having a single issue with them to having multiple issues this year. Their circuit with us malfunctioned some how. When we shut our side down they were trouble shooting the wrong issue. They got it fixed around 3am.
|
# ¿ May 25, 2011 15:13 |
|
FatCow posted:The longer you use Level 3 the more you realize that something is always broken somewhere with them. They are my least favorite transit provider, behind Cogent and XO even. God help you if you don't take full routes from them and expect to route to other parts of your network. We used to have weekly blackholeing of data between their data centers. Actually we've had more problems with Cogent. Part of our problem last night was that they were NOT advertising a default route to us via BGP so when Level 3 crashed our ASR was left with no where to go. We get partial from XO and Cogent and full with Level 3. When we asked them about this, they told us it was out fault for not specifically telling them we want a default route. And I'm sitting there thinking "Are you loving kidding me?"
|
# ¿ May 25, 2011 21:54 |
|
routenull0 posted:Why not have a backup weighted static route? How can I give priority to default routes advertised over BGP?
|
# ¿ May 25, 2011 22:29 |
|
jwh posted:Solarwinds NetFlow module for Orion. We have peers with XO, Cogent, and L3. L3 we have full routing tables, partial with the other two. They're our back ups.
|
# ¿ May 26, 2011 17:25 |
|
|
# ¿ Apr 27, 2024 19:45 |
|
I just had a 3750 crash on me. Plugged it into the RPS. Cycled the RPS into active, and boom, one of the 3750s goes down.
|
# ¿ May 26, 2011 22:09 |