Network Architecture

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

LVL 17

Question by

Tiras25

2017-09-11Solved

Azure AD Connect for AD replication

Can Azure AD can be used for replication between AD sites/DCs? Say one DC in US and another one in China.
Install AAD Connect on both Domain Controllers. Can they be synced through AAD? Or, has to be a direct connectivity?

Question by

m_jundi

2017-08-26Solved

URL Redirect

Hello

I have a couple of WAN connections and used by few users to access company services like : Mail,Web Applications...etc.
Both Lines have "A" Records with our ISP. if one line is down, is it possible to redirect the users to access services through the back up line ? or can you suggest best scenario ?

Best Regards
Mahmoud

7 Comments

Hi there, I need to create wifi network with official lan.
I need to now know to do it and things to keep in mind.

Also, It would be better if a person has to provide his official credentials to join the wifi group.

Regards
Anil Chauhan

Question by

Tamray

2017-08-21Solved

Spanning Tree MST Topology / excessive changes

Debug info attached

I have configured a HP Procurve 3500 YL with the following Spanning Tree config:

spanning-tree
spanning-tree instance 2 vlan 109-285
spanning-tree instance 2 priority 0
spanning-tree priority 0

This config works well on other switches on our WAN. However, in this instance (only this switch), the topology count changes several times a minute. I believe it has something to do with ports 19 and 23. Each is configured with a single vlan and are directly connected to a Cisco 2960 switch. All others ports are connected to HP Aruba switches.

Ideas?
spanning-tree-debug

6 Comments

Question by

Yashy

2017-08-16Solved

Does Solarwinds also discover your PC's?

hi guys

I've installed a trial version of the network performance monitor from Solarwinds. However, it only discovered printers and switches/routers.

Can it discover PC's? Or do you need agents installed on them for it to discover those?

Thanks for helping
Yashy

1 Comment

Question by

amigan_99

2017-08-09Solved

Israel Internet

I'm at a client which has an Internet feed from their Israel office which egresses in NYC. Nobody seems to know why it was put in that way. Might any experts on here with middle east experience know why you might want to egress on the other side of the Atlantic rather than just using a local ISP? Or at least Europe? Security issue? Tax issue? Something else??

4 Comments

Question by

Katrach0

2017-08-07Solved

Ubiquiti Network Setup

Hello IT Pros.

I'm new to Ubiquiti, and wondering if someone here has experience setting up a network using Ubiquiti hardware?
Nothing has been implemented so far.

Any leads will be fully appreciated.

11 Comments

LVL 17

Question by

Tiras25

2017-08-04Solved

Connection from China to US

Anyone has experience connecting Chinese office to US? One of the options is going through Hong Kong but the connection if very poor we heard.

Any other vendors or solutions we should look into? Fiber connectivity? Just need to have a reliable connection to one of our US data centers. Please advise. Thanks!

Question by

Reinert Wentzel

2017-07-31Solved

Network switch question

Hi experts,
i need some advice. i have about 50 pc's on our company network with 1 file server that these pc's access for AD,DNS, DHCP and our financial application(uses access database). we currently have a 48 port 10/100 switch with 2 gigabit uplink ports as the backbone and then 2 gigabit switches connect to this backbone switch. i was aiming to replace the 10/100mb backbone switch with a full gigabit switch but budget is a problem at the moment. would the following work as a temporary solution for about 3 months: I will install a very entry level 8 port dlink gigabit unmanaged network switch as the backbone, connect my server and links to other switches to this 8 port switch. so from the 8 port switch i will connect all 4 network cards on my server to this switch as well as the link cables from my 3 larger switches. I know this is not the best solution but i just need something that will do the job for a few months? or would this small 8 port switch take too much strain?

Will your db performance match your db growth?

LVL 3

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question by

Alfonso Perez

2017-07-30Solved

SonicWall TZ215 Wireless

Hello Experts, I need some assistance since I'm not that familiar with SonicWall

I have a TZ215 FW with both, LAN and WLAN active configurations, I upgraded my ISP BW from 10Mbps to 20Mbps (cable provider) and just realized that everything connected to the LAN interfaces on my sonicwall (X0) are getting the full 20Mbps (or really near with speedtest.net) but all my wireless clients only get up to 10Mbps...

Does anyone has any idea of what is going on here?

Thanks for your support

25 Comments

Question by

jskfan

2017-07-30Solved

BGP Route Reflector

on the topology above I configured Route-Reflector on R5 to get full reachability.
My Confusion is I have seen some examples where they configure Next-hop-self.
for instance this :https://www.youtube.com/watch?v=QMkJfnMNZm8

Any BGP expert out there to clarify when Route-Reflector should be used and when Next-hop-self should be used ? If I had used Next-hop-self in my scenario, will that work fine just as Route-reflector did ?

Thank you

======

R2,R5,R3 are on the same AS (AS2), they are IBGP Routers
R1 is in AS1 and R4 in AS3

R1#sh run | beg router bgp
router bgp 1
network 1.1.1.0 mask 255.255.255.0
network 192.168.12.0
neighbor 192.168.12.2 remote-as 2

R2#sh run | beg router bgp
router bgp 2
network 2.2.2.0 mask 255.255.255.0
network 192.168.12.0
network 192.168.25.0
neighbor 192.168.12.1 remote-as 1
neighbor 192.168.25.5 remote-as 2

R3#sh run | beg router bgp
router bgp 2
network 3.3.3.0 mask 255.255.255.0
network 192.168.34.0
network 192.168.35.0
neighbor 192.168.34.4 remote-as 3
neighbor 192.168.35.5 remote-as 2

R4#sh run | beg router bgp
router bgp 3
network 4.4.4.0 mask 255.255.255.0
network 192.168.34.0
neighbor 192.168.34.3 remote-as 2

R5#sh run | beg router bgp
router bgp 2
no synchronization
bgp log-neighbor-changes
network 5.5.5.0 mask 255.255.255.0
network 192.168.25.0
network 192.168.35.0
neighbor 192.168.25.2 remote-as 2
neighbor 192.168.25.2 …

Question by

jskfan

2017-07-28Solved

IBGP and EBGP configuration

I have the topology above.
I configured BGP on R1:AS1 ,R2: AS2 and R4:AS2 ,R5:AS3 , I have also configured OSPF on R2,R4,R3
BGP is not configured on R3, just OSPF

Now when I try to ping R5 from R2 or the R1 from R4 I get the UUUUU

Below is the configuration of all 5 Routers

R1#sh run
Building configuration...

Current configuration : 1385 bytes
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!         
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
! 
!
!
!         
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
 !
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex half
 !
!
interface Ethernet1/0
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/1
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/2
 no ip address
 shutdown
 duplex half
 !
!
interface Ethernet1/3
 no ip address
 shutdown
 duplex half
 !
!
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 2
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
!
!
!

Open in new window

…

13 Comments

Question by

jskfan

2017-07-27Solved

Using BGP with OSP

I have the topology shown above. R1 and R5 are running BGP, R2 and R4 are running BGP and OSPF , R3 is running just OSPF

I would like to know if I need to run BGP on R3 in addition to OSPF, or just redistribute BGP into OSPF and OSPF into BGP on R2 and R4

Thank you
Screen-Shot-2017-07-27-at-2.33.23-PM.png

Question by

patricktam

2017-07-26Solved

Cisco 2960x Stackable switches expansion

We are provisioned Two 2960x Cisco Switches and linked up with a FlexStack Plus cables/modules. All connected devices (e.g. Windows Servers) has two UTPs connecting to the switches, one to switch A and another one to switch B. The switches are implementing Channel Group using LACP where port from Switch A and Port from Switch B are belongs to the same Channel Group for network resilience purpose. Also, we have created TWO VLAN on the switches where each VLAN span across the two switches some network device are belong to VLAN 1 and some are VLAN 2. This is a floor level implementation and we have an uplink router (Core Switch) to route packet between VLANs.

We are planning to add more devices and we are running out of switch ports. Our expansion planning are as follows:

Option 1) Add another two network switches (i.e. 2960x) to the FlexStack cluster and create additional channel groups with switch port from Switch C and Switch D. So that the new devices can connecting to the new Switch C & D while still maintaining the resilience requirement as well as able to communication with the original devices connecting to switch A & B.

Option 2) Option 1 is only feasible if we have enough room to accommodate another two switches on the same rack. If however, we need to put the new two switches on another rack with is around 10-20 meters away still connecting themselves with FlexStack Plus, we are planning to purchase a 10G SFP+ module on the switches and link up Switches A/B …

Question by

ksfrist

2017-07-26Solved

Netgear Swtich/Fiber Connection Issue.

Good afternoon Experts,

Our Security Manager asked me to upgrade his existing IP camera network from 10/100 to Gigabit from our Control Room to our guard stations, roughly 150 meters away. The existing network we have been using is 2 Comnet devices, model CNFE6+2USPOE. More details on this device here:

http://www.comnet.net/comnet-products/ethernet/self-managed-switches/cnfe62uspoe.html

I decided to purchase 2 Netgear, model ProSafe-GS110TP:

https://www.netgear.com/support/product/GS510TPP.aspx

Connected with TrendNET TEG-MGBSX SFP Modules

https://www.trendnet.com/products/proddetail?prod=200_TEG-MGBSX

My issue is that I get no link light when I set up a switches in both locations. I have tested the units side by side and it all works, but for some reason when I get them set up in their specific location I no longer get link lights. I'm using the existing fiber run that the Comnet devices are on, and have confirmed it's 50/125 fiber, and I've tested the new short fiber cables we bought and they work as well. The TrendNET SFP modules should be rated at 550 meters.

In my other experience things like this just fire up, then you make sure the VLAN's are correct, but in this case I get link down in the Netgear GUI and obviously no sweet flashing green light.

Am I missing the forest through the trees here?

Thank you for any guidance.

Question by

jsarinana

2017-07-26Solved

Linksys LRT224 router VPN

I set up a Linksys LRT224 router about a year ago
it does some pass-throughs ti the following
-security camera NVR only two users can access

-Windows Server 2012 running an SQL database about 10 users

-VPN connection so users can get to all servers and appliances
This was suppose to be for only two users, but now they want all 10 users to be able to use VPN

Question?
should I continue to use this router? will is start to degrade in speed
some users say the VPN is starting to slow down

any suggestions are appreciated

4 Comments

Question by

PeraHoman

2017-07-25Solved

VRFs on interfaces

Can you configure a routed interface to use both the global and VRF routing table?

1 Comment

LVL 3

Question by

Shark Attack

2017-07-25Solved

prefix-list for EIGRP

Hello

I dont understand why I would have this in my eigrp config. What is this filtering at this point? To me, this looks as not having any distribution list at all.

Router#
Router#sh run | sec eigr
router eigrp 2
 distribute-list prefix BLOCK-EIGRP-DEFAULT in
 network 10.0.0.0
 passive-interface default
 no passive-interface Tunnel0
 eigrp stub connected
Router#
Router#
Router#
Router#
Router#
Router#
Router#sh ip prefix-list BLOCK-EIGRP-DEFAULT
ip prefix-list BLOCK-EIGRP-DEFAULT: 2 entries
   seq 5 deny 0.0.0.0/0
   seq 10 permit 0.0.0.0/0 le 32
Router#

Open in new window

LVL 17

Question by

Tiras25

2017-07-24Solved

Network Design for remote offices

Before designing new network for the remote offices.
What information is critical (must know) before making a decision on design, connectivity, device models, etc, etc. Just need to be prepared before throwing a design. Want to make is a standard base across all remote offices.
Appreciate all the recommendations and ideas!

Question by

YaYangTeah

2017-07-24Solved

Wi-Fi network issue

We are implement the multiple VLans and Wi-Fi in our company:

Vlan 1:default Vlan (192.168.1.0/24)
Vlan 2:Office Vlan(192.168.2.0/24)
Vlan 101:production Vlan (172.16.0.0/24)

We are using Aruba instant virtual controller to control all the APs. In the core switch default gateway is 192.168.1.254 which is the router Interface.

We had no problem for the connectivity using wired. But we found the if connected using office wifi (Vlan 2) and try to reach those device have wired connection in (Vlan 101) is no issue. But If the device is connected using Wi-Fi then we can not reached.

IN the Wi-Fi controller we never set any policy to block it.Please advice ?

I need to run ONE CAT6 cable to 40 offices.

Each office is to have three Ethernet points but only ONE Ethernet point will be in use at a time.

Three Ethernet points are there for desk orientation only.

Don;t want to have to re-patch on demand etc.. Any ideas?

6 Comments

LVL 2

Question by

Technical Information

2017-07-19Solved

Move configs HP Switch

Hi

I have two 48 port switch. ones POE and the other isn't. is it possible to move configs from one to the other. they are both new switches. They are only web ui managed

Our current McAfee NIDS is going to be EOSL soon so we're considering
whether to upgrade to Intel McAfee's Threat Defense Lifecycle or
dedicated NIDS or integrate NIDS function into our existing Checkpoint
NGFW firewall?

It's a perimeter NIDS (not internal network NIDS)

Kindly assess in terms of
a) performance : with dedicated NIDS, it won't affect firewall's performance?
b) however, dedicated NIDS, need an extra console? Lack's integration with
firewall (to block bad/malicious source IP ??) ?
c) any other ... ??

I see a trend by vendors coming out with unified products from Cisco,
Sophos, so does this mean this is the way to go ?

Question by

Hamid Akbari

2017-07-15Solved

Maximum bandwidth in Etherchannel

Hello
I have 2 switch that connect each other with 4 layer 2 etherchannel links(4*1G)
my load balance method is src-dst port.
Zabbix show me that traffic goes among beetwen link Approximately equal.
Can i say we have maximum 4G bandwidth in my network?