Network Operations





Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have created new 26 vlan in cisco switch. But when i checked spanning tree instance for those vlan i see spanning tree instance only for 4 vlan for rest of vlan i did not see any instance.

Below is the message#

INND-S-D-01-AUS#sh spanning-tree vlan 626

Spanning tree instance(s) for vlan 626 does not exist

Note: All vlan are up,At present no port assign to these Vlan.
Turn Raw Data into a Real Career
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

Anyone knows Aruba controllers well?   They normally pass through the same VLAN on the main switch, or the management VLAN.
Wonder why Aruba not recommending doing a direct heartbeat between Active and Passive controllers.  Using 7030 controllers at this point.
Normally I do a direct heartbeat between Cisco controllers.  But Cisco has a dedicated HA port for this.  Arubas not.  7030 controllers have 8 fiber and 8 copper ports.
 Anyone knows about it and have an advice?
In the groups of apartment that I stay, there's  a free Wifi for the community
which I could access from my phone/laptop when I move around the vicinity.
However, a reading room right in the centre of this area, the Wifi signal is
often cut off (or intermittently at 1 bar).

Is there anything I can get/install so that I could get the signal in the reading
room (which is a 5m x 3.5m room with glazed glass panels in front, a thick
wooden door & concrete walls on the roof & other sides of walls)?  Even if
I open the wooden door, the Wifi signal strength did not improve.

Until I shift my chair & laptop & sit just 1m outside the wooden door, then
I get 3-4 bar signal.

I don't mind a USB dongle with a 4m USB extender cable (which could be
slipped under the door but do recommend specific eBay/Amazon links
to the items that could be shipped to Singapore.

Btw, I don't have access to the AP and I can't get the management/admin
of this community to boost the signal so this is not an option.
I have to develop a Runbook that provides operational procedures for obtaining security certs.  Can someone provide me with a template of a runbook or a website where I can find a template?  


I have a pfSense router at an office I manage.  I'm not very familiar with it but I've gone through the options on it and read up about it a bit.  I'm having a problem that I'm not sure how to resolve.  The ISP has notified the office that there has been malicious requests our IP address directed at other servers.  The information they sent shows that the "PORT HIT" was "x.x.x.x:49039->x.x.x.x:23".  I found a packet capture on the pfSense and set it to listen on the LAN interface and put 49039 in for the port number.  I started the packet capture but I don't see it reporting anything nor do I know where to find the log or output of the packet capture.  It looks like this pfSense router is from a July version in 2015 so it looks like the firmware needs to be updated.  This router looks very powerful and I'd like to learn more about it.  I'm used to using Sonicwalls routers mainly so this is a little different.  Oh, and here's a real strange thing that's going on there.  I called the ISP and told them that I wasn't sure where the IP address that is reporting the malicious activity is at.  The IP on the WAN side of the router ends in 69 and the reporting IP is 71.  They said that they were not able to see any devices ARPing to that IP address at that moment.

If I check the WAN IP on one of the networks in the office (there are 7 suites--so there are at least 8 VLANs), it ends in 71.  I've scanned all 8 of the computers on that reporting network but nothing came up …
I have a 10Gbps Direct Connect circuit from our enterprise data center to AWS. Each VPC has a different
sub-interface and different BGP peer. See snippet below. What's happening is that ping tests to some BGP
peers might have NO loss be other BGP peers are seeing 2 to 10% packet loss from the perspective
of our monitoring system in the data center. If I look at the Ethernet port or the PortChannel port there
are no incrementing errors nor discards that I can see. If I try to show anything about the subinterface
(say show interface port-channel3.1002) - error information is not available. I'm not sure how I can
look at the interface of the router on the AWS side of the connection.

My question: how can I go about troubleshooting the ping loss to these sub-interfaces/bgp peer addresses?

inherit peer aws-dx-peering
description peering to preprod

inherit peer aws-dx-peering
description peering to prod

interface port-channel3.1001
  description DX for preprod
  encapsulation dot1q 1001
  bfd interval 300 min_rx 300 multiplier 3
  no ip redirects
  ip address
  ip router ospf 1 area

interface port-channel3.1002
  description DX for prod
  encapsulation dot1q 1002
  bfd interval 300 min_rx 300 multiplier 3
  no ip redirects
  ip address
ip router ospf 1 area
Dear experts,

I am new to the DNS and DNS load test. Now i have task to test Load Test on two BIND9 servers [RHEL6]. I had googled it and i found dnspref is good tool to evaluate throughput and latency. However, I need a script to do this task. I will be very helpful for me if any one share the info.

I wanted to find the real IP address of a site as sometimes Akamai (came across a few cases) CDN
cause issues & if I browse the actual IP (without going thru Akamai), the sites load Ok without

I found the following link but seems like they 'hang' or can't load:  did anyone manage to get
the sites below to work or can offer alternative ways to find the actual real IP (not the CDN IP)?   ==> this url is ok   ==> not this, connection error  ==> not this : connection error
We have a Technicolor Modem/wireless router combo device given by Spectrum.  When Spectrum tech first set it up I could connect to is wirelessly and I could see the public wan IP as ie.  We plugged it into our Sonicwall device and everything is working fine.  Bridge mode is enabled and we have a dynamic public ip so I set it to DHCP.   I just want to know why  I'm getting a address of showing on my WAN.  I was expecting to see the public ip instead like

Wan interface
We have two VLanes, "V-LAN1 & VLAN2 Wi-Fi"

We have configure traffic between the two, but our email is not working. "Meaning if I connect my cell phone or laptop to the Wi-Fi, I can not received emails. That s with VLAN2 Wi-Fi".
VLAN1 is hardwire .

Exchange:                                                                                     Server:                                                              Firewall:
- Exchange Sever 2007  Version 08.01.0436.000                   - Windows Server 2008 R2 Enterprise         - SonicWall NSA 2600
The IT Degree for Career Advancement
The IT Degree for Career Advancement

Earn your B.S. in Network Operations and Security and become a network and IT security expert. This WGU degree program curriculum was designed with tech-savvy, self-motivated students in mind – allowing you to use your technical expertise, to address real-world business problems.

I was given a list of potential malicious sites by some intel but when I ping them, they don't resolve to any IP.

How to know if they were there before or had been taken down??

Will post them in the post below
Would the following configuration elements be sufficient to export netflow information from  Nexus switch from a particular vlan?

feature netflow

flow exporter splunk
  transport udp 20066
  source loopback0
  version 9

flow record netflow-record
  match ipv4 source address
  match ipv4 destination address
  match ip protocol
  match transport source-port
  match transport destination-port
  collect counter bytes
  collect counter packets

sampler netflow-sampler
  mode 1 out-of 4956

flow monitor flows01-monitor
  record netflow-record
  exporter splunk

interface vlan 100
 ip flow monitor flows01-monitor input sampler netflow-sampler

(cisco Nexus 6004 Chassis; Version System version: 7.1(3)N1(2))
Dear Experts, is  there any method to check the uninstalled apps in a PC/laptop? Can we do it via CMD or powershell?

Many thanks in advance!
Hello Experts-
We have subscribed to MPLS IPVPN via Service Provide to connect our branch offices with HQ.
We have been given /30 subnet at HQ and each offices and running BGP between CE Router and ISP. We suppose to send the routes to ISP and then take will foreward via MPLS Cloud.

We want to install firewall at the HQ between MPLS Router and L3 Switch.

I am just concerned what routing protocol I should between MPLS Router and L3 Switch at HQ so that all HQ hosts can reach to branch offices.. Shall I used IGP or Static Routes ?
How to inject the routes from MPLS routes to firewall ? Is it advisable to run a routing protocol between them
How I can achieve redudancy if a router or firewall fails in HQ Office.

I am attaching a basic design.
Any suggestions and comments are welcome.
Hi ,

we have subsidiary company with around 150 Users . it is linked to us (HO ) over IPVPN (1 MB)  and services getted from Us are :

1- CISCO IP telephone ( currently around 75 Users)
2- ERP ( about 50 USers)

thier existign Setup :

1- Domain COntroller ( seprate totally from us ) + Antivirus server ( 1 physical box)
2-finance system
3-Backup Server
4-Sonicwall NSA2600
7-Router for IPVPN

the managment is thinking to host the setup for the subsidary company so my questions are:

1- how I can do the proper sizing for the link ? so i ensure the users are not feeling slowness
2-what equipment should i move from there and what i should not ? best desing fro myour experince
3- how the internet should be provided to thier users ? from us or locally ?
4- what are the adv and disadvanage for such plan? should we recommend this plan or let them continue as they are
5- risks?
6- what are the pre requisits needed in the HO Data Center for hosting those equipment
All of a suddent, I'm getting these error messages and I'm not sure why.  It's not giving me the IP address of the other switch, I'm not sure what the T46.... number referenced is?
Any thoughts?

I have a perplexing VLAN routing issue that I need help with.

My network has three VLANS:
Data - VLAN 1 Default ( /24)
VOIP - Vlan 20 ( /24)
Wifi - Vlan 30 ( /24)

Vlan 1 is untagged on the switches (all Procurves) and the remainder tagged.  I initially configured this network five years ago and it has worked fine.  IP routing is configured on my L3 switch (HP3800) and I can ping between VLANS with no issue.
However, I am trying to add a new VLAN and I can't get it to route.  I configured it the same as the others and assigned it an IP address (  I can ping .70.1 from my PC (Data VLAN) with no problem but I can't ping a server that is on VLAN 70.  What I get is a "Destination Host Unreachable" from, which is the default gateway for the Data VLAN on the L3 switch, even though the server is attached to a port on the switch.  If I telnet into the switch I still can't ping the server.  I looked in the ARP tables and I don't see any IP in the range.
If i manually configure a PC with a VLAN 70 address, however, I can ping the server but I can't ping the other VLANS.  In other words, the VLAN works but it won't route.
Troubleshooting steps I have taken include:
1 - updated the firmware of all the switches (this entails rebooting)
2 - cleared the ARP table on the L3 switch

I sure it is something obvious but it sure has me stumped.  Any thoughts on what I should be looking for?
- (1) Cisco SG250 26P PoE switch
- (2) Ruckus WiFi ZoneFlex R610 access points (using their Unleashed setup)

I'm about to create/implement my first VLAN's, I'm pretty stoked I finally get to play with VLAN's. I've been doing IT/networking since 1991 but never did VLAN's. I've configured Sonicwall firewalls from scratch but this is my first Cisco device I get to admin; thankfully it has a GUI. I've already researched the heck out of VLAN's, trunk ports, tagging, & more, & I feel I'm ready to do it. I have the freedom to create this new network as if it were the original network built for this office. Almost all the employees are out of town for next week so it's an ideal time to build a new network. There are no Windows servers or any network services on this WiFi network; all that stuff is on the "corporate" network. This WiFi network I'm replacing/upgrading is what could be referred to as a "rogue" network that this department installed themselves just so they'd have faster Internet.

I'm creating VLAN's so our business can separate the Guest WiFi traffic to its own VLAN but also allow some inter-VLAN routing to allow our screen-sharing solution (Airtame) that guests will be using to talk to our big screens in the conf rooms, which will remain on our internal/business VLAN.

We currently have a Netgear Orbi Pro WiFi network setup but that's not quite robust/sophisticated enough for what we need to do. I'm keeping this existing Orbi WiFi network hardware …
hey guys,  I used this module for 1Gb fiber ISP link.  SFP-1G-LR

Are there 10Gb modules available for the same Catalist 3850 switches?  SFP-10G-LR

I am using cisco catalyst 3850 48port

appreciate your help!
Cloud Class® Course: C++ 11 Fundamentals
LVL 12
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

We are noticing some really odd slow down when we use our ERP system ( hosted inside our networks) and syncing using Smart Connect with Dynamics 365. When a user enters information into our ERP system schedulers are run every 5 minutes through smart connect and ideally should update the Dynamics 365 pages at its slowest 5 minutes or so, but the updates at times are taking 10-30 minutes to populate back to the Dynamics 365 page.

Is there any software I can monitor the passes through and see at where process the times takes the longest. It could be how our smart connect is configured however there are too many variable right off the start.

Our ISP is 10mbs\10mbs. with a Sonicwall Firewall in between.
We have about 30 small branch offices (ie the spoke) that are connected back to the data centre (ie the hub),
each via leased line.

There are 2 services that we would like to restrict to each of the branches (ie don't want the Tcp port accessible
elsewhere in the corporate & not accessible between the branches) & the services listens on Tcp 8000 & 8222.

If I want to apply ACLs on each branch's WAN router to block the 2 TCP ports from being reachable, should the
ACL be applied on the WAN router's LAN interface (ie facing the branch's LAN) or the router's serial interface
(facing the leased line towards the datacentre)?

Can correct/review my suggested extended ACL below?  Assuming a.b.c.d is the IP address of the  branch's
1st server listening on Tcp8000 & e.f.g.h is the IP of the 2nd server listening on Tcp8222

Assuming it's applied on the LAN/ethernet interface of the router, I think (but do correct me), it looks like:
interface Ethernet0
ip access-group 102  in   [or should it be  'out' ?]
access-list 102 deny tcp any any eq 8000 log
access-list 102 deny tcp any any eq 8222 log
access-list 102 permit ip any any

What if it's applied on the serial interface, how does the ACL looks like?

I am seeing a lot of collisions and errors on a WAN port (Sophos SG210) which connects to fiber NTU ( Cisco ME 3400E)

This is 100Mb up/down fiber but I am getting around 60Mb download and 3Mb upload. I think the cause of the slow upload speed is because of the packet collisions and errors.

I get around 70Mb/70Mb when I connect my laptop directly to the NTP.

What would be the cause of the problem?

Here is ifconfig on the WAN link on SG210.

eth1   Link encap:Ethernet HWaddr xx:xx:xx:xx:xx:xx
          inet Mask:
          RX packets:373271 errors:0 dropped:0 overruns:0 frame:0
          TX packets:220080 errors:2306 dropped:0 overruns:0 carrier:2306
          collisions:128842 txqueuelen:1000
          RX bytes:527821557 (503.3 Mb) TX bytes:48346583 (46.1 Mb)

 ethtool eth1
Settings for eth1:
        Supported ports: [ TP ]
        Supported link modes: 10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Supported pause frame use: Symmetric
        Supports auto-negotiation: Yes
        Advertised link modes: 10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Advertised pause frame use: Symmetric
        Advertised auto-negotiation: Yes
Brief: SonicWALL IP Spoof on WAN from Similar Subnet.

While this article seems like the resolution doing what it detailed did not resolve the issue: tion.html

I have a Unifi Controller behind a SonicWALL.
We have multiple sites we control from it.

If the site is on a static IP from the same ISP (only 2 ISPs in town) and has the same first 3 octets the traffic passes fine.
Server site WAN IP:
Client site WAN IP:

However if a site is on a different octet then they cannot communicate due to "IP Spoofing" detection.
Servers site WAN IP:
Client site WAN IP:

I've talked with SonicWALL and their engineers are working to find a resolution but I don't know if they can come up with anything.

The server site ISP WAN IP is a /30 net mask.
Trying to connect Netgear WNDA3400 to act as a wireless access point behind a SonicWALL SOHO. I read post from other users about same issue. I tried but no success. Can anyone help me figure this out?
Got called in to look at a very strange network the other day...  They were running a business off a (A) Linksys E2500 home wireless router.  Now off of this router is one cable going to a (B) Mako dual wan appliance, which then goes to a (C) Cybera appliance which hosts a VPN connection as well as a (D) Cisco RV042 router.  Now the other cable off the original router goes to another (E) E2500 Linksys router which only has a laptop and provides wireless to a printer and cell phones for employees.  

Now router (A) is controlling PPPoE from a bridged DSL modem.  Router (A) IP is and servicing everything via DHCP (This will change in near future).  Router (E) acting as an access point is also LAN IP of and handing out DHCP.  The laptop connected to (E) also has a secondary NIC via USB that connects to some point in the other side of the network.  The Mako fails over to secondary ISP (Cellular) after only a few minutes and generally won't return.  I believe either the laptop router (E) is creating the problem.  Router (A) is experiencing over 2,000ms latency and over 5% packet loss.  So I removed router (A) and reconfigured the DSL modem to handle the PPPoE and this now becomes router (A) in the equation.  This router is set to and has around 25ms latency with less than 2% packets loss and everything works great!  We are keeping an eye on this for a week or so, before any more changes are made.

Eventually the Mako should be the router and…

Network Operations





Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.