|
Everything in IT is the worst
|
# ¿ Oct 30, 2015 23:39 |
|
|
# ¿ Apr 19, 2024 00:09 |
|
Walked posted:So networking isnt my forte (or focus area); but something I obviously interface with periodically. Is it a Cisco switch or not? I've seen switches from some manufacturers let you specify the untagged VLAN as well as the PVID per port for reasons I have no idea about, and if they didn't match then no traffic would pass. I would assume the guy hasn't created a private VLAN so that can probably be ruled out, but it might be worth a look.
|
# ¿ Nov 5, 2015 00:16 |
|
The subnet mask tells the device what it should be able to contact without having to go through a gateway. When a request is made to connect to a device in the same subnet, an ARP request is sent to get the MAC address of the destination, and the communication happens at a layer 2 level (that's a really bad explanation and I apologise). If you ping an address you have never pinged before in IOS you will often see the first ping fail as the address isn't in the ARP cache yet. The second ping command will show 100% success.
|
# ¿ Nov 19, 2015 20:14 |
|
I misread your IPs. 10.0.10.0/24 is 10.0.10.1-10.0.10.255, 10.0.20.0/24 works in the same way. To get packets between those two networks they need to be routed. The routing table on your router knows about those already because they are interfaces on the router and it's directly connected to both. If you had a second router and they only had an address in the 10.0.10.0/24 subnet in common then you would need to tell each router about the other networks available on the connected router. The most basic way to do this is with static routes.
|
# ¿ Nov 19, 2015 20:33 |
|
Japanese Dating Sim posted:Okay, got it. Thanks for spending time on something that's extremely basic as far as this goes, I really do appreciate it. Not a problem, I need to get off my arse and schedule my exam so answering questions in the meantime helps keep it all fresh.
|
# ¿ Nov 20, 2015 00:09 |
|
Are you just checking SNMP status or generating traps?
|
# ¿ Nov 23, 2015 14:42 |
|
I wouldn't have an issue using a firewall virtual appliance as long as it was being deployed into a stable environment. You can back them up with whatever you currently back VMs up with, easily deploy a fresh image and move configuration across for larger software updates, and take an exact clone for diagnostic purposes without having to work in a maintenance window or risk causing service interruptions. On your manufacturer support point, loads of the large vendors are doing virtual appliances now - Juniper have vSRX, F5 do virtual appliances, Palo Alto do etc. It's not a choice between big vendor hardware with support contract or virtual appliance with community support. Thanks Ants fucked around with this message at 12:35 on Nov 29, 2015 |
# ¿ Nov 29, 2015 12:32 |
|
Panda Time posted:Soo I'm trying to build a smalish network for our next office move and I'm considering Ubiquiti gear. Our only budget is the difference in price we'd save versus remaining with the lovely service provided by "the building". The USGs are absolute poo poo, there's no more of a firewall/security function in them over what you can do on the EdgeRouter.
|
# ¿ Dec 7, 2015 20:57 |
|
Japanese Dating Sim posted:I was about to tell you that I did already have that configured, and then I looked at R3 and nope, no routing configuration of any kind done. Christ. If you'd done show ip route on all the routers ready to paste here you'd probably have spotted that it looked off. It's all learning
|
# ¿ Dec 7, 2015 20:59 |
|
Flexoptix always perform well in my experience
|
# ¿ Dec 9, 2015 00:40 |
|
You shouldn't be seeing MPLS LDP messages spilling out of your side of the connection.
|
# ¿ Dec 10, 2015 01:03 |
|
In the world of a huge number of services being hosted on public cloud providers, and those services all using HTTPS, how are people ensuring the correct QoS is applied to different services? Say I have a web application that all the company employees practically live in, it's hosted on AWS and maybe it pulls files attached to records out of S3. If the marketing department uses a file transfer service that uses S3 at the backend, how are people ensuring that the large download is treated at a lower priority than the smaller requests to the business application? Are there firewall features that can look at how much traffic has been transferred in a certain time period in one session and decide it's a download, do I need to hope that the applications work in such a way that I can identify their requests by looking at the DNS hostnames, or is the correct answer to use something like AWS Direct Connect for the business app and let everything else happen over the Internet?
|
# ¿ Dec 19, 2015 21:09 |
|
I'm rusty at this but I don't think you can summarise 10.1.1.0 thru 10.1.4.255. You can do 10.1.0.0/19 to get 4 /24 subnets, but that doesn't include 10.1.4.0/24
|
# ¿ Dec 31, 2015 20:32 |
|
Jesus I can't type. Not sure where I got the /19 from up there. Sorry if that confused anyone.
|
# ¿ Dec 31, 2015 21:02 |
|
Which leaves who? Cisco? I hate their newer stuff because it feels really cheap compared to the 7962 range that I was spoiled with a while back. Thanks Ants fucked around with this message at 23:44 on Jan 9, 2016 |
# ¿ Jan 9, 2016 23:41 |
|
The Newsroom started off with Cisco in season 1 and then moved to Avaya in season 2 and 3, sometimes with uncomfortably long pauses on the phones.
|
# ¿ Jan 11, 2016 00:31 |
|
CrazyLittle posted:I still have poly501's in service. Kill me.
|
# ¿ Jan 12, 2016 01:36 |
|
Does anybody that you work for understand how "best value" and "lowest purchase cost" are not the same things?
|
# ¿ Jan 16, 2016 21:14 |
|
Bigass Moth posted:I don't know if you're serious or joking
|
# ¿ Jan 25, 2016 18:55 |
|
falz posted:all firewaslls are the worst.
|
# ¿ Jan 27, 2016 00:29 |
|
If you want to do a short patch then use an SFP+ DA cable.
|
# ¿ Jan 28, 2016 00:16 |
|
Number19 posted:It's time for me to do some firewall shopping. Right now I have a Juniper SRX210 that's woefully underspecced for the work it needs to do these days. I'm not really tied to a vendor and was curious what recommendations people have these days. Ideally, I need something that can do the following: I did this dance recently and settled on Fortigate because I wanted something point-and-click and 5.4 actually looks usable. I picked a 50E because it's only for a 20Mbps line and was dirt cheap, you might want something with a bit more poke for 100Mbps. There aren't really any good firewalls, just pick one that pisses you off the least. Thanks Ants fucked around with this message at 22:56 on Feb 4, 2016 |
# ¿ Feb 4, 2016 22:54 |
|
It sounds like you're in the same position I am in. I have a full-time job already and take care of IT for a friends company for mainly historical reasons. Day to day support is done by an MSP, I just help out with strategy and new stuff. So I needed something I can talk someone else through setting up. I'll let you know if it's not crap when it arrives, the E range of Fortigates are quite new.
|
# ¿ Feb 4, 2016 23:03 |
|
Which led to this hilarity http://www.cisco.com/c/en/us/support/docs/field-notices/636/fn63697.html
|
# ¿ Mar 1, 2016 09:19 |
|
Seems to be affecting the Meraki dashboard login as well
|
# ¿ Mar 19, 2016 09:46 |
|
I can't even reach that IP. For what it's worth I'm coming from:code:
|
# ¿ Mar 21, 2016 15:47 |
|
Is there anything inherently wrong with Brocade FCX-S switches that a 48 port PoE model isn't worth £300? Vendor is having a bit of a fire sale.
|
# ¿ Mar 23, 2016 23:18 |
|
I think he's been given a link to a bug that is viewable under whatever CCO access he has, but is looking for a way to search for known bugs rather than just opening TAC cases each time he hits a suspected bug.
|
# ¿ Mar 28, 2016 19:01 |
|
So they're going to spin off Xclaim or just shitcan the range I assume
|
# ¿ Apr 4, 2016 16:19 |
|
Can anybody explain why switches exist that let you have more than one VLAN untagged on a port and then have you set the PVID separately? Is this a hangover from stuff that didn't really support dot1q or is there a legitimate reason for it?
|
# ¿ May 3, 2016 23:07 |
|
I have been tearing my hair out over trying to get a fibre link up between two switches - an HP 2920 and a lovely ex-3com HP (1910) which is due to be replaced but until then is causing me problems. Has anyone seen a fibre strand die but the link stay up and only work in one direction? The stats from the 2920 for the transceiver show: code:
code:
Looking at the far-end switch the only entry in the MAC table is the laptop that is directly plugged in. The only explanation I can think of for this is that the far-end switch is able to send that information to my 2920, but can't receive anything back in the other direction. But I've never seen a link do that - it's either up or down. What the gently caress is going on?
|
# ¿ May 10, 2016 21:15 |
|
The far end is unfortunately poo poo and doesn't display that information. I am getting the guy on-site to make up LC loopback cable to test the SFPs out with. Edit: Lol, took another look at the interface stats as opposed to just the SFP stats code:
So this looks like mystery solved. Thanks for the autoconfigure suggestion, I probably wouldn't have looked at the interface stats without being nudged in that direction. Thanks Ants fucked around with this message at 21:47 on May 10, 2016 |
# ¿ May 10, 2016 21:29 |
|
It was a dead port - using the shared copper port shows a ton of Tx errors as well. Moved the SFP to 46 and everything came up as it should have. RMA time!
|
# ¿ May 11, 2016 14:41 |
|
It should have come with ASDM, or if you register it you can download. AFAIK the web UI for actually managing the non-Firepower stuff hasn't made it to the lower-end boxes yet.
|
# ¿ May 20, 2016 17:05 |
|
adorai posted:Believe it or not, people wear multiple hats at smaller firms. It depends on what the hats are. Like maybe the guy who does the infrastructure is expected to do desktop support. But if someone is employed as the office manager it's unlikely that they'd be tasked with plumbing. This is before you even get to the damage to efficiency and quality of work by getting someone to do something they are not familiar with and not absorbed in day-to-day.
|
# ¿ May 21, 2016 14:33 |
|
You can do a router on a stick type configuration with virtual interfaces and VLANs.
|
# ¿ May 27, 2016 22:51 |
|
Where does a 1941 sit in the scale of worth-keeping to junk?
|
# ¿ Jun 1, 2016 21:48 |
|
I am more annoyed that the entire 800 range bar the 890 isn't rack mountable, and putting them on a rack shelf makes them slightly over 1U.
|
# ¿ Jun 4, 2016 13:15 |
|
commit confirmed needs to be stolen by every other vendor.
|
# ¿ Jun 15, 2016 08:02 |
|
|
# ¿ Apr 19, 2024 00:09 |
|
Is there a pattern with SFP types and not coming up?
|
# ¿ Jun 23, 2016 20:30 |