In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.
Course Of The Month
9 days, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Network Architecture
11K
Solutions
11K
Contributors
Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.
Share tech news, updates, or what's on your mind.
Hi,
Let's say I'm an ISP and I lease a 10G transport pipe to an IX (Frankfurt or Amsterdam), with the purpose of buying transit from 2 different tier 1 providers (2 resellers, probably) and peering with content providers.
What happens inside the IX?
Do I get one switch port and I have to rent rack space for my own equipment there? The peerings are physical, with cables between my switches and the peer switches?
Or I only get a VLAN and the peerings are inside the IX main router/switch? And I route the traffic from my VLAN to my peer's VLAN?
Or?
I've googled for the past days, but I'm still confused. Anyone has real world experience with this?
Thank you.
Let's say I'm an ISP and I lease a 10G transport pipe to an IX (Frankfurt or Amsterdam), with the purpose of buying transit from 2 different tier 1 providers (2 resellers, probably) and peering with content providers.
What happens inside the IX?
Do I get one switch port and I have to rent rack space for my own equipment there? The peerings are physical, with cables between my switches and the peer switches?
Or I only get a VLAN and the peerings are inside the IX main router/switch? And I route the traffic from my VLAN to my peer's VLAN?
Or?
I've googled for the past days, but I'm still confused. Anyone has real world experience with this?
Thank you.
4 Comments
Will your db performance match your db growth?
Hello,
I wanted to get an idea of what others are doing in the area of HA for Exchange 2016.
Right now we have two Exchange enterprise servers in a DAG at our HQ and one more at a satellite office. We are using our old 2013 Exchange server as a load balancer. However, this 2013 is a single point of failure and we want to remove it all together from our environment.
Network redundancy is in place, but we are looking for a solution that provides HA between the network and Exchange. I'm trying to avoid DNS round Robin or Network load balancing. Different DNS servers would hand out ordered IP address lists in a different rotation and just like Windows Network Load balancing, we wouldn't have any checks against the Client Access server itself. So if OWA , EWS or any other web application has a fault, clients will still attempt to access that server and see an error message until an administrator resolves the issue.
We have a little shy of 400 active mailboxes and not a tremendous amount of traffic. I know a Network Load balancer will do the trick. But given our size and traffic I do not think load balancing is necessary. However, the functionality to monitor multiple services and if one service is down, such as EWS, only route traffic to ones with working EWS is a bonus.
Bottom line... I just wanted to see what other people are doing out there and get some ideas.
Thank you in advance.
I wanted to get an idea of what others are doing in the area of HA for Exchange 2016.
Right now we have two Exchange enterprise servers in a DAG at our HQ and one more at a satellite office. We are using our old 2013 Exchange server as a load balancer. However, this 2013 is a single point of failure and we want to remove it all together from our environment.
Network redundancy is in place, but we are looking for a solution that provides HA between the network and Exchange. I'm trying to avoid DNS round Robin or Network load balancing. Different DNS servers would hand out ordered IP address lists in a different rotation and just like Windows Network Load balancing, we wouldn't have any checks against the Client Access server itself. So if OWA , EWS or any other web application has a fault, clients will still attempt to access that server and see an error message until an administrator resolves the issue.
We have a little shy of 400 active mailboxes and not a tremendous amount of traffic. I know a Network Load balancer will do the trick. But given our size and traffic I do not think load balancing is necessary. However, the functionality to monitor multiple services and if one service is down, such as EWS, only route traffic to ones with working EWS is a bonus.
Bottom line... I just wanted to see what other people are doing out there and get some ideas.
Thank you in advance.
Is the below capture in any way indication why the host 10.255.0.50 is so dreadfully slow? It's a backup from a host pushing data over to outside cloud.
1: 11:39:11.779866 802.1Q vlan#900 P0 10.255.0.50.60658 > 209.222.83.40.5128: P 3248280326:3248280838(512) ack 4046900626 win 39 <nop,nop,timestamp 21801362 1515457710>
2: 11:39:11.788151 802.1Q vlan#900 P1 209.222.83.40.5128 > 10.255.0.50.60658: . ack 3248280838 win 0 <nop,nop,timestamp 1515457779 21801362>
3: 11:39:11.791813 802.1Q vlan#900 P1 209.222.83.40.5128 > 10.255.0.50.60658: . ack 3248280838 win 31 <nop,nop,timestamp 1515457780 21801362>
4: 11:39:11.791966 802.1Q vlan#900 P0 10.255.0.50.60658 > 209.222.83.40.5128: . 3248280838:3248282206(1368) ack 4046900626 win 39 <nop,nop,timestamp 21801365 1515457780>
5: 11:39:11.791981 802.1Q vlan#900 P0 10.255.0.50.60658 > 209.222.83.40.5128: . 3248282206:3248283574(1368) ack 4046900626 win 39 <nop,nop,timestamp 21801365 1515457780>
6: 11:39:11.791997 802.1Q vlan#900 P0 10.255.0.50.60658 > 209.222.83.40.5128: . 3248283574:3248284942(1368) ack 4046900626 win 39 <nop,nop,timestamp 21801365 1515457780>
7: 11:39:11.792012 802.1Q vlan#900 P0 10.255.0.50.60658 > 209.222.83.40.5128: . 3248284942:3248286310(1368) ack 4046900626 win 39 <nop,nop,timestamp 21801365 1515457780>
8: 11:39:11.792027 802.1Q vlan#900 P0 10.255.0.50.60658 > 209.222.83.40.5128: . 3248286310:3248287678(1368) ack 4046900626 win 39
Hi
I have two 48 port switch. ones POE and the other isn't. is it possible to move configs from one to the other. they are both new switches. They are only web ui managed
I have two 48 port switch. ones POE and the other isn't. is it possible to move configs from one to the other. they are both new switches. They are only web ui managed
Currently have interfaces set up with (2) vlans
mgmt 86
cpe 87
When controller is set to tunnel traffic and use controller as gw - clients are able to get an ip off ruckus ap.
When controller is set for nomadix to be gw - clients are NOT able to get an ip off of ruckus ap.
As it stands, I'm trying to understand what is preventing clients from using nomadix as gw.
Cisco box is currently set to switch mode with the following for int:
interface gigabitethernet1
switchport mode general
switchport general allowed vlan add 87 tagged
switchport default-vlan tagged
!
interface gigabitethernet2
switchport mode general
switchport general allowed vlan add 87 tagged
Please keep in mind that I am testing a ruckus ap on int2 and can access internet if traffic is tunneled to ruckus controller. What's odd to me is that the cpe vlan for the ruckus controller is not even on this cisco switch but I'm able to pull a cpe ip.
To reiterate, I am having trouble getting an ip when controller is set to using the nomadix as a gw for client ips.
Looking for any enlightenment as I've been working on this for a few days already and am stumped.
Thank you!
mgmt 86
cpe 87
When controller is set to tunnel traffic and use controller as gw - clients are able to get an ip off ruckus ap.
When controller is set for nomadix to be gw - clients are NOT able to get an ip off of ruckus ap.
As it stands, I'm trying to understand what is preventing clients from using nomadix as gw.
Cisco box is currently set to switch mode with the following for int:
interface gigabitethernet1
switchport mode general
switchport general allowed vlan add 87 tagged
switchport default-vlan tagged
!
interface gigabitethernet2
switchport mode general
switchport general allowed vlan add 87 tagged
Please keep in mind that I am testing a ruckus ap on int2 and can access internet if traffic is tunneled to ruckus controller. What's odd to me is that the cpe vlan for the ruckus controller is not even on this cisco switch but I'm able to pull a cpe ip.
To reiterate, I am having trouble getting an ip when controller is set to using the nomadix as a gw for client ips.
Looking for any enlightenment as I've been working on this for a few days already and am stumped.
Thank you!
Our current McAfee NIDS is going to be EOSL soon so we're considering
whether to upgrade to Intel McAfee's Threat Defense Lifecycle or
dedicated NIDS or integrate NIDS function into our existing Checkpoint
NGFW firewall?
It's a perimeter NIDS (not internal network NIDS)
Kindly assess in terms of
a) performance : with dedicated NIDS, it won't affect firewall's performance?
b) however, dedicated NIDS, need an extra console? Lack's integration with
firewall (to block bad/malicious source IP ??) ?
c) any other ... ??
I see a trend by vendors coming out with unified products from Cisco,
Sophos, so does this mean this is the way to go ?
whether to upgrade to Intel McAfee's Threat Defense Lifecycle or
dedicated NIDS or integrate NIDS function into our existing Checkpoint
NGFW firewall?
It's a perimeter NIDS (not internal network NIDS)
Kindly assess in terms of
a) performance : with dedicated NIDS, it won't affect firewall's performance?
b) however, dedicated NIDS, need an extra console? Lack's integration with
firewall (to block bad/malicious source IP ??) ?
c) any other ... ??
I see a trend by vendors coming out with unified products from Cisco,
Sophos, so does this mean this is the way to go ?
Hi,
Can anyone help in identifying why once my vpn client enabled. I can ping all other internal IPs except 192.168.4.1(interface DatabaseZone) and 192.168.3.1. My vpn client assigned 192.168.5.100 which is in the range ov VpHi,
Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like 192.168.4.1(interface DatabaseZone) . My vpn client assigned 192.168.5.100 which is in the range of Vpnclients object-group configuration.nclients object-group configuration.
here attached output from "show vpn-sessiondb detail remote"
vpn-sesssiondb-detail.txt
Can anyone help in identifying why once my vpn client enabled. I can ping all other internal IPs except 192.168.4.1(interface DatabaseZone) and 192.168.3.1. My vpn client assigned 192.168.5.100 which is in the range ov VpHi,
Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like 192.168.4.1(interface DatabaseZone) . My vpn client assigned 192.168.5.100 which is in the range of Vpnclients object-group configuration.nclients object-group configuration.
here attached output from "show vpn-sessiondb detail remote"
vpn-sesssiondb-detail.txt
People,
I'm trying to implement email resiliency solution internally and also externally with no Load Balancer access, so I came up with the below Idea:
http://www.tutorius.com/setting-up-a-dns-round-robin-in-windows
http://exchange929.blogspot.com.au/2013/10/high-availability-for-exchange-2013-cas.html
which I will be applying for all of my Exchange Server 2013 Std. Edition running CAS role:
Internally
AutoDiscover.domain.com points to CAS server 1 internal IP address on AD Site 1
OWA.domain.com points to CAS server 1 internal IP address on AD Site 1
AutoDiscover.domain.com points to CAS server 2 internal IP address on AD Site 2
OWA.domain.com points to CAS server 2 internal IP address on AD Site 2
...
AutoDiscover.domain.com points to CAS server N internal IP address on AD Site N
OWA.domain.com points to CAS server N internal IP address on AD Site N
and also Externally
AutoDiscover.domain.com points to CAS server 1 public IP address on the internet.
OWA.domain.com points to CAS server 1 public IP address on the internet.
AutoDiscover.domain.com points to CAS server 2 public IP address on the internet.
OWA.domain.com points to CAS server 2 public IP address on the internet.
...
AutoDiscover.domain.com points to CAS server N public IP address on the internet.
OWA.domain.com points to CAS server N public IP…
I'm trying to implement email resiliency solution internally and also externally with no Load Balancer access, so I came up with the below Idea:
http://www.tutorius.com/setting-up-a-dns-round-robin-in-windows
http://exchange929.blogspot.com.au/2013/10/high-availability-for-exchange-2013-cas.html
which I will be applying for all of my Exchange Server 2013 Std. Edition running CAS role:
Internally
AutoDiscover.domain.com points to CAS server 1 internal IP address on AD Site 1
OWA.domain.com points to CAS server 1 internal IP address on AD Site 1
AutoDiscover.domain.com points to CAS server 2 internal IP address on AD Site 2
OWA.domain.com points to CAS server 2 internal IP address on AD Site 2
...
AutoDiscover.domain.com points to CAS server N internal IP address on AD Site N
OWA.domain.com points to CAS server N internal IP address on AD Site N
and also Externally
AutoDiscover.domain.com points to CAS server 1 public IP address on the internet.
OWA.domain.com points to CAS server 1 public IP address on the internet.
AutoDiscover.domain.com points to CAS server 2 public IP address on the internet.
OWA.domain.com points to CAS server 2 public IP address on the internet.
...
AutoDiscover.domain.com points to CAS server N public IP address on the internet.
OWA.domain.com points to CAS server N public IP…
A few years back I had to fly to a remote data center and was sent several cisco switches that were to be "stacked" I recall unboxing everything and plugging it all in via instructions from my home office. I booted with a console cable and configured the initial IP address. Then home office pretty much took over and although I was able to observe a lot if it did not sink in. I do recall the stacks only had 1 IP address each and since it was a remote data center we had set up switch redundancy. I remember plugging in cables that had to be crossed to the switch below and when it was all done everything was set with dual power supply and I could have sworn it was configured so if a switch failed another one would take over. I had another job after that where a cisco stack was already installed. I recall 5 switches and when we had to shut down power the Master had to do go down last and come up first. At least I think that was the order, it was written on the wall next to the devices. I am asking all this because I have a job interview that will including installing and initializing a lot if Cisco devices including stacks. It sounds like it will be very similar to what I did years ago, installing the hardware and getting it set so the engineers in the home office could take over. I just do not remember the purposes for a stack as apposed to multiple switches. I know you will save IPs by configuring a switch as a stack, but what the other main reasons? I know the remote install …
How do I go about setting the QoS recommendation, ie EF/AF4/Af3 etc for MPLS network? What parameters should I be looking? The SP wants us to tell them what we want?
Percona Live Europe 2017 | Sep 25 - 27, 2017
The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.
Cisco ASR loopback interface is Gigethernet 0/0/0.2, if I want to check bandwidth utilization on this interface,how can I check, because show interface Gigethernet 0/0/0.2 | i rate command doesn't work here
Greetings,
My goal is to allow a 3rd party vendor access to our internet but not to our internal LAN Subnet by using the DMZ port on our Sonicwall TZ300 connected to their hardware router (Linksys EA6400).
1. Is this possible?
2. Is this the easiest method since we already have both hardware routers?
3. Will this truly separate our access to each others LAN networks?
Thank you in advance.
COM1
My goal is to allow a 3rd party vendor access to our internet but not to our internal LAN Subnet by using the DMZ port on our Sonicwall TZ300 connected to their hardware router (Linksys EA6400).
1. Is this possible?
2. Is this the easiest method since we already have both hardware routers?
3. Will this truly separate our access to each others LAN networks?
Thank you in advance.
COM1
We purchased a new company, they have firewall, sonicwLl and t1 fiber. How to connect new company to our existing company so that we can share the resources?
Hi there,
I know its kinda a ridiculous question since the Cisco Nexus Series is high end data center hardware and the Cisco SG500X is SMB. But for my home lab I am planning for the future and a good friend who runs a big data center wanted to sell me some nice Cisco Nexus Stuff. So I could get them very very cheap few hundred bucks vs. the around 1k for the SG500X-24. To be specific it would be a Nexus 5596UP with a 2248TP expension.
Would you go for the Nexus or for the SG500X? What are the gotcha's with the Nexus?
I know that the SG500X does L3 stuff out of the box. The Nexus 5596UP needs the L3 Module and the right License file for it. Also the Nexus 5596UP can't do 100MBit but I guess that's solved with the 2248TP Expension.
Thanks,
Yves
I know its kinda a ridiculous question since the Cisco Nexus Series is high end data center hardware and the Cisco SG500X is SMB. But for my home lab I am planning for the future and a good friend who runs a big data center wanted to sell me some nice Cisco Nexus Stuff. So I could get them very very cheap few hundred bucks vs. the around 1k for the SG500X-24. To be specific it would be a Nexus 5596UP with a 2248TP expension.
Would you go for the Nexus or for the SG500X? What are the gotcha's with the Nexus?
I know that the SG500X does L3 stuff out of the box. The Nexus 5596UP needs the L3 Module and the right License file for it. Also the Nexus 5596UP can't do 100MBit but I guess that's solved with the 2248TP Expension.
Thanks,
Yves
Hi Experts
We had one of our 3750's hardware fail, will not power on. Were currently purchased a new 3750 to replace. Would like some general guidelines on the steps to do so. the most important we want the vlan information to come across.
Do we backup the config on an existing switch and apply it on the new one? - We tried and received a lot of errors
Do we apply the vlan and other port information (below is our existing) to match what we already have.
How do we place the switch back in the stack, unpowered and connect all the stacking cables and then power it on?
What Impact will that have on the stack, will it power down?
What will and will not come across after we add the switch to the stack, do we need to set a password on the new switch, I know after you add the switch the master takes over and it applies some information - firmware.
The switches in the stack has a lower SW Version than the new switch being added will it be downgraded automatically or something we have to do manually. (sw version of the switches in stack 12.2(25) SEB4 \ New Switch 12.2(55)SB
interface FastEthernet1/0/12
switchport access vlan 10
switchport voice vlan 20
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
Thanks Much
We had one of our 3750's hardware fail, will not power on. Were currently purchased a new 3750 to replace. Would like some general guidelines on the steps to do so. the most important we want the vlan information to come across.
Do we backup the config on an existing switch and apply it on the new one? - We tried and received a lot of errors
Do we apply the vlan and other port information (below is our existing) to match what we already have.
How do we place the switch back in the stack, unpowered and connect all the stacking cables and then power it on?
What Impact will that have on the stack, will it power down?
What will and will not come across after we add the switch to the stack, do we need to set a password on the new switch, I know after you add the switch the master takes over and it applies some information - firmware.
The switches in the stack has a lower SW Version than the new switch being added will it be downgraded automatically or something we have to do manually. (sw version of the switches in stack 12.2(25) SEB4 \ New Switch 12.2(55)SB
interface FastEthernet1/0/12
switchport access vlan 10
switchport voice vlan 20
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
spanning-tree portfast
Thanks Much
Any thoughts on the ARUBA IAP-205 WIRELESS ACCESS POINT s?
I have about 4 or 5 outhouses and I want an goof Wi-Fi solution.
Thank you.
I have about 4 or 5 outhouses and I want an goof Wi-Fi solution.
Thank you.
How can I tag traffic on physical interface of a Cisco router?
I know I can create sub interface but I want to know if it is possible on a physical interface.
There is a command vlan-id dot1q available for physical interface but does not work.
I know I can create sub interface but I want to know if it is possible on a physical interface.
There is a command vlan-id dot1q available for physical interface but does not work.
Dear guys, I have this scenario:
- The original IP network which ISP provide: 13.14.24.160/28 (no worry, it's fake)
- I don't know why the IT guy who worked here before request ISP to split that network to 2 subnets: 13.14.24.160/29 and 13.14.24.168/29
- However, I was handover the instructions to get Internet for LAN network as the attached picture without any other explanation
Can anyone help me to answer these?
- Please explain the way end-users in LAN network to go the Internet. Which IP network should we configure in users' PCs?
- Please give me some ideas that clarify the purpose of the splitting?
- Can I place the pfSense firewall in the Router position? If so, is there any device/configuration we need to focus?
Many thanks as always!
Diagram.png
- The original IP network which ISP provide: 13.14.24.160/28 (no worry, it's fake)
- I don't know why the IT guy who worked here before request ISP to split that network to 2 subnets: 13.14.24.160/29 and 13.14.24.168/29
- However, I was handover the instructions to get Internet for LAN network as the attached picture without any other explanation
Can anyone help me to answer these?
- Please explain the way end-users in LAN network to go the Internet. Which IP network should we configure in users' PCs?
- Please give me some ideas that clarify the purpose of the splitting?
- Can I place the pfSense firewall in the Router position? If so, is there any device/configuration we need to focus?
Many thanks as always!
Diagram.png
Dear guys, can you please explain the advantages and disadvantages of Wireless Transmit power? Why do they always recommend -65 dBm for users? If I increase the AP's power to the maximum, is it always good?
These attached pictures display the coverage when changing AP's power. I use VisualRF to test HP AP Aruba 205H, can you suggest some ideas about the results?
- Red color: -45 dBm
- Orange: -55 dBm
- Green: -65 dBm
- Blue: -75 dBm
Auditorium_18dBm.PNG
Auditorium_12dBm.PNG
Auditorium_10dBm.PNG
These attached pictures display the coverage when changing AP's power. I use VisualRF to test HP AP Aruba 205H, can you suggest some ideas about the results?
- Red color: -45 dBm
- Orange: -55 dBm
- Green: -65 dBm
- Blue: -75 dBm
Auditorium_18dBm.PNG
Auditorium_12dBm.PNG
Auditorium_10dBm.PNG
Free Tool: Path Explorer
An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.
One of a set of tools we're offering as a way of saying thank you for being a part of the community.
I have two locations with almost duplicate setups.
Location 1: On a network run by a PDC. The ISP is a cable company. The one office in this location has 3 computers all connected to the network via a Netgear 5 port switch. But also connected to this switch is a DSL connection via a dsl modem line to a preset location.. When the users need to connect to this dsl line they just click on the shortcut created on their desktop that directs them to the preset IP address. All other communication for everything else goes through the regular PDC/cable network. Using DHCP and automatically sees PDC as DNS provider. Works great.
Location 2; On a network but run just by a router, not a PDC, through the local Cable company. Two computers connected via an identical 5 port Netgear switch as in the location 1. They have the the exact same dsl line via the same dsl modem connecting to the same IP address as in location 1. The problem is that you can only connect to one or the other in location 2. If you want to connect to the dsl location via the dsl modem, you have to disconnect the cable from the router from cable company at the Netgear switch. Or if you want to use cable you need to disconnect dsl modem from switch. Also running DHCP and DNS being provided by either the DSL or cable depending on which you are using.
What would cause one to work and the almost identical one won't?
Location 1: On a network run by a PDC. The ISP is a cable company. The one office in this location has 3 computers all connected to the network via a Netgear 5 port switch. But also connected to this switch is a DSL connection via a dsl modem line to a preset location.. When the users need to connect to this dsl line they just click on the shortcut created on their desktop that directs them to the preset IP address. All other communication for everything else goes through the regular PDC/cable network. Using DHCP and automatically sees PDC as DNS provider. Works great.
Location 2; On a network but run just by a router, not a PDC, through the local Cable company. Two computers connected via an identical 5 port Netgear switch as in the location 1. They have the the exact same dsl line via the same dsl modem connecting to the same IP address as in location 1. The problem is that you can only connect to one or the other in location 2. If you want to connect to the dsl location via the dsl modem, you have to disconnect the cable from the router from cable company at the Netgear switch. Or if you want to use cable you need to disconnect dsl modem from switch. Also running DHCP and DNS being provided by either the DSL or cable depending on which you are using.
What would cause one to work and the almost identical one won't?
Hello Everybody ,
need you support RnS Expert Engineer
my scenario , the requirement are the router automatically move the the traffic flow based link delay by using PFR with active/ active by using Active/ Active ISP link utilization .
here are requirement and configuration
LAN subnet :-
188.117.100.172/29
188.117.124.36 /29
my goals to measure the traffic over all the available ISP
the primary path of the first subent is ISP 0A, primary path of the 2nd subnet is ISP02
if the any ISP link experiencing any delay the inbound and outbound shift the traffic automatically .
MY BGP configuration
ip bgp-community new-format
outer bgp 7770
bgp log-neighbor-changes
timers bgp 10 30
neighbor 172.21.8.169 remote-as 41176
neighbor 172.21.8.177 remote-as 41176
!
address-family ipv4
network 188.117.100.172 mask 255.255.255.252
network 188.117.124.36 mask 255.255.255.252
neighbor 172.21.8.169 activate
neighbor 172.21.8.169 send-community both
neighbor 172.21.8.177 activate
neighbor 172.21.8.177 send-community both
ISP's BGP Configuration
neighbor 172.21.8.170 send-community both
neighbor 172.21.8.170 default-originate
neighbor 172.21.8.170 soft-reconfiguration inbound
neighbor 172.21.8.170 prefix-list PFR out
neighbor 172.21.8.170 route-map BGP_COMM in
neighbor 172.21.8.178 activate
neighbor 172.21.8.178 send-community both
neighbor 172.21.8.178 default-originate
…
need you support RnS Expert Engineer
my scenario , the requirement are the router automatically move the the traffic flow based link delay by using PFR with active/ active by using Active/ Active ISP link utilization .
here are requirement and configuration
LAN subnet :-
188.117.100.172/29
188.117.124.36 /29
my goals to measure the traffic over all the available ISP
the primary path of the first subent is ISP 0A, primary path of the 2nd subnet is ISP02
if the any ISP link experiencing any delay the inbound and outbound shift the traffic automatically .
MY BGP configuration
ip bgp-community new-format
outer bgp 7770
bgp log-neighbor-changes
timers bgp 10 30
neighbor 172.21.8.169 remote-as 41176
neighbor 172.21.8.177 remote-as 41176
!
address-family ipv4
network 188.117.100.172 mask 255.255.255.252
network 188.117.124.36 mask 255.255.255.252
neighbor 172.21.8.169 activate
neighbor 172.21.8.169 send-community both
neighbor 172.21.8.177 activate
neighbor 172.21.8.177 send-community both
ISP's BGP Configuration
neighbor 172.21.8.170 send-community both
neighbor 172.21.8.170 default-originate
neighbor 172.21.8.170 soft-reconfiguration inbound
neighbor 172.21.8.170 prefix-list PFR out
neighbor 172.21.8.170 route-map BGP_COMM in
neighbor 172.21.8.178 activate
neighbor 172.21.8.178 send-community both
neighbor 172.21.8.178 default-originate
…
IS-IS router summarization can only be done on L1/L2 router is this correct.
There is now other place to do route summarization.
There is now other place to do route summarization.
Hi All,
I'm currently looking at this proposal & thinking of implementing OSPF & MLPS I'd like some support with the config & any ideas of best practices?
Thank you all.
ospf.PNG
I'm currently looking at this proposal & thinking of implementing OSPF & MLPS I'd like some support with the config & any ideas of best practices?
Thank you all.
ospf.PNG
I have a security camera project that requires a run of about 1000FT for a few cameras.
I know Cat5/6 are not options due to the 300ft limitation. I guess I could use POE switches at 300/600/900 ft as repeaters but that doesn't sound like a viable solution.
any ideas?
I know Cat5/6 are not options due to the 300ft limitation. I guess I could use POE switches at 300/600/900 ft as repeaters but that doesn't sound like a viable solution.
any ideas?
Why would I be getting these errors on my logs. I am running DMVPN.
dest_addr 4.5.6.7, SPI 0x8e584d60
000058: May 15 09:18:21: %IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:000 TS:00000309438262163039 %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle 3, src_addr 1.2.3.4 dest_addr 4.5.6.7, SPI 0x8d670b5e
000059: May 15 09:19:53: %IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:000 TS:00000309529825315373 %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle 3, src_addr 1.2.3.4 dest_addr 4.5.6.7, SPI 0x8d670b5e
000060: May 15 09:39:13: %IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:000 TS:00000310690125718495 %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle 3, src_addr 1.2.3.4 dest_addr 4.5.6.7, SPI 0x8d670b5e
000061: May 15 09:50:40: %IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:000 TS:00000311376506767405 %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle 3, src_addr 1.2.3.4 dest_addr 4.5.6.7, SPI 0x8d670b5e
000062: May 15 09:52:37: %IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:000 TS:00000311493607193615 %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle 3, src_addr 1.2.3.4 dest_addr 4.5.6.7, SPI 0x8d670b5e
000063: May 15 09:53:38: %IOSXE-3-PLATFORM: SIP0: cpp_cp: QFP:0.0 Thread:000 TS:00000311554565979494 %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle 3, src_addr 1.2.3.4 dest_addr 4.5.6.7, SPI 0x8d670b5e
000064: May 15 09:58:38:
Network Architecture
11K
Solutions
11K
Contributors
Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.
Top Experts In
Network Architecture
-
1
Predrag6,000 points -
2
Wirelessnerd2,470 points -
3
Dirk Mare1,392 points -
4
arnold1,000 points
-
5
Jakob Digranes1,000 points -
6
Qlemo1,000 points -
7
masnrock1,000 points
-
8
MinoDC1,000 points -
9
J Spoor1,000 points -
10
Amit1,000 points -
11
Natty Greg750 points -
12
David Johnson, CD, MVP530 points -
13
Dr. Klahn500 points -
14
Experienced Member500 points -
15
mbkitmgr500 points -
16
Stuart Scott393 points -
17
☁ François Peroux ☁375 points -
18
Steve Martin375 points -
19
rauenpc79 points -
20
Akinsd52 points -
21
irom7737 points -
22
Shakshi Shivi33 points -
23
Ray Paseur22 points -
24
Alex Smith20 points -
25
Scot Halvorsen19 points