Go Premium for a chance to win a PS4. Enter to Win

x

Network Architecture

11K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.

Share tech news, updates, or what's on your mind.

Sign up to Post

switch model: Aruba 2920 48G POE+

Adding to a stack which already has 3 switches. Is it just a matter of reordering the stacking cables or is additional config required?
0
Get your Conversational Ransomware Defense e‑book
LVL 1
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Wondering if anyone is using version 8 Arubas yet.  We are still on ver 6 and heard ver. 8 is buggy.
Also ver.8 requires a Mobility Master (hardware or VM)  Ver 6 does not require that.
This is when using two or more controllers for load balancing and redundancy.   Aruba is not advising to start with 6 and upgrade to v8. The topology is very different and will require us to rebuild the network for the upgrade. They recommend V8 from the beginning.
Wonder how mature ver.8 is.

Any information or experience about on that?  Thanks.
0
I got into a discussion recently regarding a recommended switch design for a small customer looking to upgrade their core switching. The existing core is a 3-member stack, which we could consolidate into two switches, either in a stacked design (keeping the current design) non-stacked. The handful of access closets are all dual-homed back to the current core, which each link landing on a separate switch member (so, a single logical link w/ both physical links active). The existing switches are End of Support, and the easy replacement would be a couple stacked switches with redundant power (such as a couple Cisco Catalyst 3650s).

We were discussing this internally, and someone took the stance that it might be a better/recommended design to go with two independent (non-stacked) switches, connected via 1/10-Gig front-panel Ethernet, as "stacks aren't really built to provide redundancy." The argument was that a stack 1) has a single control plane, and if the master switch goes, there'll be an outage for all stack members/ports, and 2) upgrading a stack requires an outage due to having to copy/replace current images and reload.

I'll agree with 1), and somewhat w/ 2), although the resulting outages and how they could be scheduled/minimized would depend on the specific vendor/model architecture. Having said that, I've never really run into a headstrong opinion AGAINST a switch stack design, simply based on the risk of a single control plane. Yes, there'd be an outage for both…
0
Set-up issues


I will preface this by saying I had a UTM120 for three years with the UTM9 OS and right now thinking boy I miss those days.  I was told that my appliance was nearing end-of-life so to renew licensing I went with the XG115.  I had configured UTM9 on my own and generated help desk cases if issues arose.  This appliance is quite a bit different.  Firmware XG115 (SFOS 17.0.0 GA) so on the latest firmware.

What I am trying to resolve right now is that any type of web surfing is extremely painful.  I have an on-premise Exchange server so port 443 is being forwarded to it but I also have the default network rule of WAN to LAN all ports and all services are open.  I have a similar network rule that WAN to LAN port 443 is open thinking of other workstations that initiate SSL traffic it will find its way back to the device that initiated the traffic.  Let's face it.  Most web sites are https.  I am constantly being warned that the certificate cannot be verified and I have to click to still access the site or create an exception for the site depending on the browser.  I cannot log in using an account to any web site.  Some sites I can't even create the exception in Firefox.  I can't use the StartPage search engine.  Amazon looks like crap.  No pictures and just a bunch of links.

A little bit on the network.  Uverse gateway goes to a Cisco ASA appliance that I consider my perimeter (and why not have another layer of defense !).  The XG is in bridge mode.  For a …
0
Hi expert

Currently I encounter issue to convert the local machine to vsphere.

Showing no support emi firmware.

How to resolve.

Kind Regards
Alan Lam
0
Hi All

I have a couple of clients with SonicWALL TZ 300 routers, and am considering having them purchase SonicWALL’s Capture Advanced Threat Protection because it seems like a damn good idea! As I understand it, it's cloud based sandbox system.

Would appreciate hearing everyone's thoughts, concerns or experiences with the product or similar products.

Thank you!

Mark
0
Hi all, please am trying to login to cisco FEX from a switch, but not cleared how to go about it.

I have attached the FEX status on the switch below

If i login to the switch what command do i applied that will let me see all interfaces on the FEX.

Thanks for looking into this for me.
FEX-status.docx
0
I don't how to ask this question in a succinct way - if anyone knows the magic words to describe my issue I'd be grateful.

I have a small office network. Two laptops and a printer, all using wi-fi. The office has a Google WiFi mesh. There is a WD NAS attached to the router. The data is accessed out of the office on Android phones and Apple iPads. Most common applications are Microsoft Office. There is no data intense work (hence wifi being OK).

All data (250GB, growing slowly) is stored on the NAS - no data allowed on the laptops, just OS and applications.

The NAS is backed up nightly to iDrive cloud storage.

The most common way we access data remotely is via OneDrive, as it runs on Android and Apple and most apps (especially MS) will use OneDrive as a data source directly, even on Apple.

Problems.
OneDrive will not sync from a network drive (neither will Google Sync). But the data is on the network drive :-(

WD Cloud has mobile apps to access the NAS remotely, but few apps recognise that as a source for files. You have to 'download' a file to local mobile storage, then access it, then re-upload, which is painful. Much better to open a file direct from OneDrive and save back to it.

iDrive is the same as WD Cloud. It does have mobile apps, but again you have to 'download' a file to local mobile storage, then access it, then re-upload.

OneDrive is linked to an MS account. So multiple users can't access one OneDrive.

Ideal Situation
The…
0
I am trying to understand the purpose of the number that comes after the "/".
example:
ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17

2 means match 2 bits of first octet 10

however whatever I put , the prefix list will care just about the ge 17

to clarify it I have this table before filtering:

R1(config)#do sh ip route 
      10.0.0.0/8 is variably subnetted, 6 subnets, 6 masks
D        10.1.0.0/16 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.2.0.0/17 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.3.0.0/18 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.4.0.0/19 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.5.0.0/20 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.6.0.0/21 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0

Open in new window


if I use : ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17
router eigrp 1
 distribute-list prefix TEST in


R1(config)#do sh ip route

      10.0.0.0/8 is variably subnetted, 5 subnets, 5 masks
D        10.2.0.0/17 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.3.0.0/18 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.4.0.0/19 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.5.0.0/20 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.6.0.0/21 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0

Open in new window


so what 's the purpose of the number that comes after the slash sign "/", example:10.0.0.0/2

Thank you
0
Hi, I need to install the program on all the user's machines. it's a lot of users, how to do without install individually, one time install for every one.Any idea highly appriciated
0
[eBook] Windows Nano Server
LVL 1
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Hello guys,

I´m trying to setup SSTP server on a mikrotik router for multiple multiple.

Is it somehow possible to determinate which SSTP server profile should be used based on Domain?

Example:
I have two domains exmple1.com and example2.com
when some user connects to SSTP server from domain exmaple1 use this SSTP profile when user connects from example2 use another profile.

Any ideas?

Thank you very much!

Regards

Jiri
0
I have a core switch connecting to 13 edge switches. It switxh will connect to the core directly.

The core has 15 vlans for the switches to access the vlans do I need to make all the ports on the core members of the same trunk?
0
I've been watchin a video from Amazon on AWS Direct Connect. I see that a direct connection is made from Amazon Direct Connect PoP to a router in a co-location facility. The from there there is a circuit (say 1Gbps or 10Gbps) to the enterprise itself. The presentation at turns talked about the carrier owning the (a?) router and the customer owning the router. In the diagram attached below - the device labeled "Customer Gateway" is generally owned and configured by the end customer/user of Amazon Web Services? Or is that more typically owned by the carrier that is providing the data circuit? And finally if the carrier owns that device do they configure it or leave that to the customer? Thank you for clarifying this point for me.
AWS-Direct-Connect.jpg
0
Hi, I have a weblogic server running with different port numbers for HTTP and HTTPS. In our workstation we setup HTTP pointing to same port in the ISSPROXY.INI file. We could access from the local IIS URL to connect to the weblogic server; but when try to connect to secured server from IIS gets 2 different errors in the event viewer Event ID 1000 and Event ID 1001. below are the errors captured

EVENT ID 1000:

Faulting application name: w3wp.exe, version: 8.5.9600.16384, time stamp: 0x5215df96
Faulting module name: iisproxy.dll, version: 0.0.0.0, time stamp: 0x59966438
Exception code: 0xc0000005
Fault offset: 0x0000000000030410
Faulting process id: 0x2514
Faulting application start time: 0x01d35a3fff6328df
Faulting application path: c:\windows\system32\inetsrv\w3wp.exe
Faulting module path: \\?\C:\xxxxxx\XXXXXXXXX\lib\iisproxy.dll
Report Id: 3dddc54c-c633-11e7-812e-005056886b10
Faulting package full name:
Faulting package-relative application ID:


EVENT ID: 1001
----------------------

Fault bucket , type 0
Event Name: APPCRASH
Response: Not available
Cab Id: 0

Problem signature:
P1: w3wp.exe
P2: 8.5.9600.16384
P3: 5215df96
P4: iisproxy.dll
P5: 0.0.0.0
P6: 59966438
P7: c0000005
P8: 0000000000030410
P9:
P10:

Attached files:

These files may be available here:



Our iisproxy.ini has the below information:
--------------------------------------------------------------

ISSPROXY.INI

WebLogicHost=ssl-server-name
0
Hi Guys,

I had to switch our two WAN Interfaces on SonicWALL, (Thus X1 & X2)

1.  I switched the public IP configuration under Interface Settings
2.  and changed all the NAT policies, switching X1 & X2 for all rules


My questions,

a.  Is there any other rule(s) that need to be changed to switch primary internet access for LAN users between X1 & X2?

b.  I've noticed that some NAT rules refer to an "address object" rather than the interface (X1/X2) directly.  
These I did not change as the object's public address was still correct.  Is there a difference in referring to the interface (X1/X2) directly, or using an object instead?  
In my case, where I had to switch X1 & X2 ... the rules with objects made things a bit easier as it stayed the same.  Is this the only difference using an object or referencing to the interface directly?
0
Hi all,

Is there any specific minimum cable length for a connection between a patch panel and a switch? The cable would be CAT6 and I wish to use is 1ft.

Thanks!
0
We have an HP 2920-48 port POE switch. We also have 2x HP 2920-48 port NON-POE switches. I was surprised to find today that our new VOIP phones are actually get power when plugged into the NON-POE switch?! Is this possible?? If so, are there possible issues I should consider when configured in this manner. I know we are having issues with the phones losing calls before they can be answered...wondering if related.
0
EIGRP Lab example for Query Scoping.

I have read about EIGRP Scoping , and in most of articles they recommend Summarization at the Edge router. I have tried that, and enabled Debug EIGRP Packets Query on other routers, and shut down interface on one of the routers behind the Edge router, but I still saw a Query sent by the Edge Router to other routers.

I am not sure if that's normal behaviour or the lab is not the right set up to test EIGRP Query Scoping.

Any Lab Example from EIGRP Expert that demonstartes EIGRP Query Scoping might  help understand this topic..

Thank you
0
Imagine a remote site - call it Dallas - with two WAN routers. Router WAN1 connects to the data center in Denver over a 1Gbps circuit and router WAN2 connects to the data center over another 1Gbps circuit. All the routers are participating in OSPF.

[core-sw1]---[WAN1]~~~~ckt1~~~~[DC-Core-1]
[core-sw1]---[WAN2]~~~~ckt2~~~~[DC-Core-2]

The Dallas site has network 172.25.0.0/16 and currently that gets advertised such that traffic to Dallas goes equally over WAN2 and WAN1. I would like a specific subnet say 172.25.200.0/23 to prefer ckt2 unless ckt2 goes down then it would use ckt1. What would I do in OSPF to color the route for 172.25.200.0 so that the data center prefers sending via ckt2?

Thank you.
0
Free Tool: IP Lookup
LVL 11
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

I have a situation.  Moving users to the new office.  Cisco gear however 4 to 6 weeks delayed.  Looking for a temp solution.  
I have a Juniper EX4300 switch.   Can I configure it as layer 3 as a router to serve the purpose.  Would that be any difference than having a router?  It should have GBIC ports for ISP.   And enough mbit ports for the users.   There should be only 10-15 users initially.

Any other temp ideas guys?  Thanks.
0
Hello:
We are using a Sonicwall TZ 205 firewall behind a Barracuda Link Balancer 330. I have two ISP connections coming into the Barracuda (Sprint and Comcast). I have 5 public IPs from each ISP. We currently have the following servers behind the firewall (Exchange 2013, Microsoft Remote Access for VPN and an ISeries database server) that are accessed using the Sprint public IPs.

Internet ---Sprint Router (65.xxx.xxx.17)

Internet ---Comcast Router (173.xxx.xxx.142)

                  |
Barracuda Link Balancer 330 (65.xxx.xxx.18 and 173.xxx.xxx.139)
                  
                  |
Sonicwall TZ205 (65.xxx.xxx.20)

                  |
Internal Servers

In the Sonicwall, the Sprint public IPs are all NAT's to the internal private IPs.

 I would like to setup some inbound redundancy for these servers by mapping them to some of the Comcast public IPs. The Barracuda has only one connection to the Sonicwall so I don't know if I need to add another physical interface to the Sonicwall on interface X2 and configure it with the Comcast information and then put a switch between the Barracuda and Sonicwall. I know how to setup the DNS records to check if one line goes down, but I am unsure as to the physical connections.

Thank you.
0
I have hsrp for gateway redundancy for my fw1. wan1 and wan2 router have hsrp configured with the virtual hsrp 1.1.1.1. Currently. as you can see from the diagram, if sw1 fails, I have to manually move the cables to sw2. How would I make sw2 the backup for sw1? Thx

pic
0
Hello all, this is my 1st questions in this forum.  hopefully, I am in the correct place.  if not, my apologies.

Hoping to get some guidance on dual WAN links configuration... here goes...

I presently have 1 x 100mb fibre from Rogers as our main WAN link.  actually, I also have 100mb BELL MPLS as well, soon to be decommissioned.  Also have 2 x 3750 cisco - stacked.

We recently got another 100mb link to be used as our backup link if the primary fails.

Rogers primary - EIGRP
Bell - OSPF
Rogers Backup - will be EIGRP

presently have VLAN 340 carved out for PRIMARY link.  will use VLAN 350 for BACKUP.

like to get some guidance how to configure the 2nd link to be a failover link in case the PRIMARY goes down.

I am no way a routing expert...
what would be an acceptable configuration that I can apply?  Nothing fancy, just wanted to make backup link available as quickly as possible when primary goes down.

this is what I presently have in my PRIMARY EIGRP:
router eigrp 1
 network 10.30.0.7 0.0.0.0
 network 192.168.30.1 0.0.0.0
 network 192.168.31.1 0.0.0.0
 network 192.168.32.1 0.0.0.0
 network 192.168.33.1 0.0.0.0
 network 192.168.36.1 0.0.0.0
 network 192.168.37.1 0.0.0.0
 network 192.168.130.1 0.0.0.0
 redistribute ospf 1 metric 1500 20000 255 1 1500
 redistribute static
 passive-interface default
 no passive-interface Vlan340

the OSPF lines will go away eventually.


is it best to use VLAN or L3 interface?  does it matter or is …
0
Hi,
 
    Please see the diagram attached for a better idea of the setup. I am planning on deploying a pair of ACS servers in a cluster. Is it best to deploy the ACS servers in datacenter 2 behind a load balancer such as a F5? Also, is there a document/books which can be recommended which explains the different cluster deployment scenarios and how to pretty much configure an ACS from scratch?

Thank you
Diagram1.JPG
0
Hi All,
 
We currently have Business Voice Edge VIOP from Comcast which is their proprietary voice platform. They have provisioned and require a 50Mb circuit over their fiber backbone to our office to services SLA for their voice platform. Thus far, as far as reliability, I have to say that we have had no real issues with call quality over the past year of usage.
 
Management has decided to move offices earlier than expected, and we overlooked Comcasts terms and conditions regarding portability of service to locations that do not currently have a Comcast fiber  backbone in their building – which the location we are moving to does not have Comcast fiber. They are also not willing to work with hhus to temporarily provision over another circuit. At this point, we have three options – ranked in order of preference, and I wanted to know if anyone has experience and any recommendations to help in making the right decision. Here are the scenarios:
 
Upgrade with Comcast to the new location and wait 6 months for them to build out their own fiber (includes city permits) to the new office.
One of two options in this cast to get service to our new office:
                                                               i.      Implement RingCentral month-to-month as a temporary VOIP platform while we wait. Forwarding temporary numbers to main numbers.
                                                             ii.      Implement a Ethernet Dedicated E-Line (point to point) between our …
0

Network Architecture

11K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.