Network Operations





Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

My contractor ran fiber cables between floors.  Today I noticed there's an interesting transition connection from thicker cable to the thinner one.  Taped over with while electrical tape.
I didn't have that fiber patch panel.  They install it all.  Taped like that on both end of terminations.

  Does anyone know if this is how its done normally and should I worry about it?  Thanks.
Become a CompTIA Certified Healthcare IT Tech
LVL 12
Become a CompTIA Certified Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

HI Experts.

I have this policy map on most of the switches at my organization.  

      set dscp ef
      police 128000 8000 exceed-action policed-dscp-transmit
      set dscp cs3
      police 32000 8000 exceed-action policed-dscp-transmit
      set dscp default
      police 10000000 8000 exceed-action policed-dscp-transmit

We are now replacing the existing phones with a new cloud base phone system and they sent me these requirement for QOS and the vendor gave me this policy to use on the switches

policy-map PM-ASW-IB-User
class CM-ASW-IB-RC-Voice-RTP
set ip dscp ef
police 512000 16000 exceed-action drop
class CM-ASW-IB-RC-Video-RTP
set ip dscp af41
police 768000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-GeneralSIP
set ip dscp af31
police 32000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-Meetings-Control
set ip dscp af31
police 32000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-Other
set ip dscp af21
class CM-ASW-IB-Cust-AF13
set ip dscp af13
class CM-ASW-IB-Cust-AF12
set ip dscp af12
class CM-ASW-IB-Cust-AF11
set ip dscp af11
class class-default
set ip dscp default

Apply on the ports :

interface range Gi1/0/9-20
! no mls qos trust device cisco-phone
! no auto qos voip cisco-phone
! no mls qos trust cos
! mls qos trust dscp
! priority-queue out
! …
Hello Experts,

I am at a client site and he has a bluecoat packetshaper s200, the client has ordered a replacement hard disk and it has arrived, I would like to replace the hard drive on this device. I am hoping someone can guide me through the process,

I know that I have to open the box and remove the old drive and put the new drive. I need help in backing up the configuration file and IOS, One more thing I like to know is to determine which drive needs a replacement, I do have access to the gui but need the right steps to do that.

We use Cisco StealthWatch and are disturbed at some of the activity we're seeing.

What's the best technique to research large downloads/uploads from a particular IP address, such as: transferring 3 gigs?

Per , I see this is registered to Microsoft so I don't think it's malicious.

The only IP's I've been able to figure out so are:
Windows Update:

Is there good site that knows what IPs microsoft uses and for what purpose?


I have a network with a Layer2 link back to a datacentre which provides our internet connection, we have no firewall onsite at present but looking to install one.

We have ordered an internet connection on premise.

We want to keep our Layer 2 connection and make use of it somehow.

We want to use the new internet connection on-premise and a firewall to route the internet. What's the best way to do this?
School network running Windows Server 2008 R2.  I am trying to add a printer to be shared across the network. the printer is an HP Officejet Pro 8720. I have tried using the Print Server routine in Administrative Tools and also from Add a printer in the devices and printers snap in. Both indicate the printer was installed successfully but nothing prints even though there is no error message and nothing stuck in the Print queue. I can ping the ip address assigned to the printer.  Please advise.

thank you.
I'm listing out IT Infra changes that require CR / change control ie subject to CAB.
1. OS, network device OS patching/update/upgrade
2. Installing or configuring a software/feature
3. Adding/deleting/amending an ACL or firewall rule for Production purpose
4. Configuring DB changes : to list out ...
5. Hardenings & OS changes (permission changes etc)
6. OS/device tunings (including migrating services behind WAF, ...)
7. changing account/object privileges

However, I think the following just require an SR/email:
a. blocking of IOCs (from threat Intels)
b. unlocking accounts/password resets
c. login to check/extract information (Cisco 'show run')
d. restarting / rebooting a service or OS due to fix a problem
Dear Experts,

I am at a client location today and they have a local server that will be accessing different sites with various ports. The client has ASA firewall and Cisco Firepower my question is do I add the access rules in Firepower or directly in ASA?

I am always not sure and the client has no preference.

Please let me know from your experience how to tackle this .

1.pngso all of a sudden some emails stop flowing and my connector is not validating, been setup for years and we did not change any server or network settings

i have Office 365 and a hybrid server - exchange 2010

the emails that are failing are coming from my mercury server and flows thru my exchange to office 365. i have contacted microsoft support but they are saying its an internal issue.
Hello gents,

I am at a customer site and they have a server in the internal zone, the network has Cisco ASA firewall.

They have a developer and on the server he wants to open ports 7000-7200, Do I use the Cisco ASA to open these ports ? or is this done on the server only.

I am not sure how to address this I need clarity on such type of requests from clients,

Cyber security certifications or degree?
Cyber security certifications or degree?

Cyber security is in demand—big-time. So what do you need to build a career in this lucrative field? Is a degree a must-have, or are industry-leading certifications more sought-after? Is it possible to break into cybersecurity without a bachelor’s or master’s degree in the field?

Run connection test "telnet port 53" failed, is the 23 or 53 port connection issue? How to verify?
Hello Experts,

I have 2 sites connected via OSPF neighbor relationship using MPLS  and I also have direct connect between the two sites. I had issue with the point to point connection and I removed the static routes between the two sites and OSPF was able to pick the routes again.

Now my Point - to - point connection is up again and I added the static routes but the issue I have now is that the traffic is still going through the ospf and not using the point-to-point path.

How can I make sure the path is reverting back to the point-to-point path, I thought by adding the static path it would pick it up again.

Hello Experts,

I have these SIP audio alerter devices on site, and we use CUCM, what is the best  way to find the phone numbers of extensions assign these devices , I only have a sample Mac address of a device but need help.

Thank you,
I am running backupexec 20 and we have a server at a remote site with a slow WAN connection. I would like to run a full backup on the server to storage that is there locally then bring the storage to our data center and send just the incremental data to it each night over the WAN for the backup. The full backup will be about 1TB and the incrementals are 1-2GB. Can we use Symantec BackupExec to accomplish this (the up range is different in our data center from the remote site)? If so, how?
Hi Guys,
I observed big amount of no buffer drops on my interface facing internet, on my C2911 Router, howerver, I don't see any failed or a lot of missed packets in the buffer counters.
What could be the reason for it?

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 42/255, rxload 122/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full Duplex, 100Mbps, media type is RJ45
  output flow-control is unsupported, input flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:03, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/76 (size/max/drops/flushes); Total output drops: 3631582
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 48118000 bits/sec, 6878 packets/sec
  5 minute output rate 16759000 bits/sec, 3252 packets/sec
     4022440271 packets input, 4092734377 bytes, 3631387 no buffer
     Received 6062 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     592 input errors, 0 CRC, 0 frame, 592 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     1319074480 packets output, 2459248571 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     1 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped …
I have 3 switches. I have 1 vtp mode server (A) and 2 transparent (B & C). I changed the B & C from transparent to client. I added another vlan on A. But only B updated its vlan database. I am not sure why C did not. A is directly connected to B via copper. B is connected to  C via fiber.
Hello Experts,

I am at a site location and they have BlueCoat Packet shapper S200 , I know the management IP and I know the port number and switch that the management IP is connected too.

I see there are other 2 ethernet cables connected to it and I want to find out their IP addresses and neighboring devices. Is there a way I can find the info from the portal? what will be the best way. I could go to the datacenter and find out but just want to know if there is in anyway I can do this from the portal.

Wonder your folks opinion.  How do you approach this questions from executives.  
 "what do you think is better 74Mb DSL or 60Mb cable?"  :)
We have some older model Siemens PLCs that I'm told have an IP address, but no gateway. Can anyone confirm if they have seen something like that?

Second and more important is my part in this challenge: If it is possible that a device has no gateway, how to get it to talk/route to a different subnet?

Edit: I see some Siemens documentation that talks about using subnets and supernets to get around the issue. So if it helps, my destination subnet is and my PLC is
Expert advice: How to get hired in cyber security
Expert advice: How to get hired in cyber security

Phil Richards knows cyber security. He’s the Chief Information Security Officer for Ivanti—and he has great advice for anyone looking to build a career in cyber security.

What's the best way to setup Cisco 3850 switches by copying configs over the new one. 2 identicals are already in place.  
The additional will server same functions as access switches.
I have a brand new Cisco 9300 access layer switch that is trunked to a Dell Force 10 core switch.  The core switch is a VTP Server for several VLANs.  While the 9300 ports were configured for hosts, it was NOT a VTP client yet so it had no knowledge of our current VLAN structure.  To give an example, I had a port configured "switchport access vlan 14."  Once the server was brought online as an active access layer switch, it was configured as a VTP Client in our custom VTP domain.  However, any device on vlan 14 cannot communicate past the 9300 switch even though the port channel tagged on the Force 10.  In fact, I am simply re-using the port channel configured on the core switch to connect the trunk ports to the new 9300 switch. If I do a "show vlan" on the 9300 it shows my vlan 14 with the proper name as it is configured on the VTP server.

My question is, if a port was configured to exist on a particular VLAN before the switch was a VTP client, are there two conflicting VTP entries in the vtp.dat database on my 9300, one local and one obtained from the VTP server? It doesn't seem like this could be happening since "show vlan" looks identical to a different access layer switch that is a vtp client in the same environment.

I’m hoping to get some ideas on this one. I’m having some intermittent latency and sometimes dropouts on the network, which consists of mostly Cisco SX300 switches.

When the latency or dropout happens, the CPU utilisation of the core SG300 Switch would be over 40%. I have been told the issue is caused by spanning tree and turning global spanning tree off on the core switch does help, however, I think it is not the spanning tree or it is more that just the spanning tree.

What other things could I look into in finding the cause?

Any help appreciated!

With Solar Winds NPM v12.1 I want to get an alert via email if the following snmp
trap is received:

snmpTrapOID = PAN-TRAPS:p​anROUTINGR​outedBGPPe​erEnterEst​ablishedTr​ap

I don't see a specific direct means in Orion for creating an alert from a trap. But
perhaps this could be done with a custom SQL query? Any insight appreciated.
I'm drafting an SOP doc & need to spell out the specific roles/duties of
Firewall admins vs IT Security (governance) :

I'm not sure if RBAC (Role Based Access Control) comes into play here
but my view is:

a) all Firewall rules requests as well as proxy requests (say to whitelist
    a URL or permit certain file types to be saved/downloaded) are to
    be reviewed & approved by the IT Security governance as well as
    requestor's managers  while Firewall admins implement them:
    is this what's generally practised?

b) reviews of Firewall logs/events are jointly done by a network admin
     or lead or manager who is not an implementer of firewall rules &
     counter-reviewed by IT Security gov : certainly we hope to automate
     this by SIEM with UEBA but Audit still requires such events/logs reviews
     to be signed off by 2 parties

c) What about firewall rules review : which parties should review them?
    Certainly not firewall admins as they're the creator of the rules so
     they'll just sign off as "No issue" : it's a conflict of interest.  We had
     run into case where a critical & sensitive Prod server was permitted
     for access to entire organization.  Tools like Tuffin only review for
     "dormant" rules but not such rules created for "testing" but forgot
     to be removed.   Any tools could help with such detection?
I have problem PXE boot from Microsoft surface 4 (UEFI) to connect to WDS server (Windows 2016). I have updated surface firmware and OS patches etc.. Getting below error

NBP filename is boot\x64\wdsmgfw.efi
NBP filename is 0 Bytes
PXE-E23: Client received TFTP eror from server

All other machines except MS surface are working fine. What step need to do resolve this issue.

Network Operations





Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.