Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi,

Let's say I'm an ISP and I lease a 10G transport pipe to an IX (Frankfurt or Amsterdam), with the purpose of buying transit from 2 different tier 1 providers (2 resellers, probably) and peering with content providers.

What happens inside the IX?

Do I get one switch port and I have to rent rack space for my own equipment there? The peerings are physical, with cables between my switches and the peer switches?

Or I only get a VLAN and the peerings are inside the IX main router/switch? And I route the traffic from my VLAN to my peer's VLAN?

Or?

I've googled for the past days, but I'm still confused. Anyone has real world experience with this?

Thank you.
0
Will your db performance match your db growth?
LVL 2
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Hi

I have two 48 port switch. ones POE and the other isn't. is it possible to move configs from one to the other. they are both new switches. They are only web ui managed
0
Hi,



Can anyone help in identifying why once my vpn client enabled. I can  ping all other internal IPs except 192.168.4.1(interface DatabaseZone)  and 192.168.3.1. My vpn client assigned 192.168.5.100 which is in  the range ov VpHi,



Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like 192.168.4.1(interface DatabaseZone) . My vpn client assigned 192.168.5.100 which is in  the range of Vpnclients object-group configuration.nclients object-group configuration.

here attached output from "show vpn-sessiondb detail remote"
vpn-sesssiondb-detail.txt
0
Cisco ASR loopback interface is Gigethernet 0/0/0.2, if I want to check bandwidth utilization on this interface,how can I check, because show interface Gigethernet 0/0/0.2 | i rate command doesn't work here
0
I have a cisco 6509 switch with a single sup 720-3b card running ios Version 12.2(18)SXF11. I have 3 WS-X6148 cards installed and just go a WS-6748 card but cant get it to run. Card has red light on front. If I do a sh power everything is good if I do a sh module it comes up with a Diag status of Unknown. Any suggestions?
0
Hello,

I have a Sonicwall TZ 300 firewall being used as a gateway router for a network. The IP address scope is 10.1.1.1-10.1.1.255 on the X0 interface.

I would like to setup another network with the SAME IP address scope of 10.1.1.1 etc.. on the X2 interface to build and test another server which is eventually going to replace the server on the X0 interface. This second network has to be isolated from the the X0 interface so the two servers/networks can exist without seeing each other. Is this possible? How can I do this if so?

I have it working now as long as I use another IP scheme (10.0.0.1...) but I want to use the same IP scope to make it easier to transition to the new server down the line.
0
Can you please suggest best IT security vulnerability reporting software like hackerone which will be also cost effective.
0
Can you please suggest the enterprise level Firewall monitoring solution

Thanks
Naresh
0
looking for a good web filtering
I currently have websense (now forcepoint), I like that is hosted but we areneeding to renew and was wondering if there are others out there that are better such as > blue coat > Baracuda, etc.
0
Hi,

I am working on a tenable nessus audit file for ibm aix.

What i am trying to achieve is 2 compliance check on the /etc/hosts.equiv file:

1. To find all UID less that 100 and UID not equals to the default system user ids (0,1,2,3,4,5)

2. To find all GID less that 100 and GID not equals to the default system group ids (0,1,2,3,4,5)

<custom_item>
type: CMD_EXEC
description: "UID less than 100 and not system default UID"
cmd: ""
expect: ""
</custom_item>

<custom_item>
type: CMD_EXEC
description: "GID less than 100 and not system default GID"
cmd: ""
expect: ""
</custom_item>

I am really new to working with tenable and also new to aix.

Really apperciate if anyone can help me out with what i should put for the cmd and expect statement on how to make the compliance check work.

Thanks really apperciate it!

Link: https://www.ibm.com/support/knowledgecenter/ssw_aix_71/com.ibm.aix.security/passwords_etc_passwd_file.htm
0
Get MongoDB database support online, now!
LVL 2
Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Hi, I would appreciate any help on this issue.

Cisco switch 3750 that is connected to a CenturyLink home modem\wifi-router (192.168.0.1\255.255.255.0)
PC1: 192.168.0.4 \ 255.255.255.0 \ 192.168.0.61- connected to cisco. (fa3/0/5) - vlan1 = default
PC2: 172.24.164.200 \ 255.255.255.0 \ 172.24.164.1- connected to cisco. (fa3/0/6) - vlan 172

PC1 can ping PC2 & 8.8.8.8
PC2 can ping to PC1 but not to 8.8.8.8. also, can NOT ping to 192.168.0.1
I would like that PC's from vlan 172 (PC2)  will be able to 'talk' with the 192 (PC1)  network (its works now) + to be able to ping to 8.8.8.8 as well.

cisco  logs attached.
sh-ip-int-br.txt
sh-run.txt
sh-vlan.txt
0
Hello experts,

A customer of mine currently has an ASA 5506 endpoint in their central office and a remote office with an IOS router (running IOS 15.4).  They have extended ACLs deployed in a very standard way that dictate what traffic is and is not allowed through the IPSec tunnel linking the 2 offices.  All working nicely.

However- they now want to switch to using MAC addresses to filter the tunnel traffic rather than IP addresses.  I have no experience of filtering layer 2 traffic in this way so if anyone has an example they are willing to share I would be very grateful.
0
hi team
I have couple of question on packet loss
1.  what all steps we need to take for packet loss
2. what are avialbale tools for checking packet loss
3. what are possibilities  of packet loss
4. what are the parameters to check packet loss
0
Does anyone have a working config for this?
srxconfig.txt
0
Dear Colleagues,

I have brand new Ubuntu 16.04.2 LTS and I would like to understand how to add persistent route to it.

For real example I have a default route with metric 100 (see attachment) and I would like to make this route metric to 10.

Please shed some light to undertanding this concept.
default_routing_table.png
0
On RH 6 systems running rsyslog 5.8.10 we noticed that if we setup a
client system to use TCP to log to a remote server:
*.*       @@192.168.1.2

Open in new window

If the remote log server is not reachable for some reason no logging takes place, not even local logging to the local system log files.
When the log server is available and rsyslog is restarted  both local logging and remote logging work.   I would like to come up with a config that would ensure that local logging still occurs when  the TCP remote server is down?  I think I need to look at action queues, but was hoping someone could provide an example on how to get this to work.
0
Hi,
I have 1 router Cisco 2911, 2 ISP Link & 3 networks(192.168.72.0/24 servers, 192.168.52.0/24 users, 192.168.32.0/24guest).   I want to pass  networks by 2 different ISPs, like servers will be passed by ISP 1 & users will be passed by ISP 2. I have  untangle bridged between our LAN and ASA firewall. Firewall is attached to the  router which is connected to two isp links. Primary ISP is already online. i also have site to site VPN tunnel between the firewall and another ASA firewall.

How can i do this in 1 router so that  networks will be divided by two ISPs? How the natting will be done for 2 link?? How to load balance traffic to get maximum internet speed?

Can anyone please help me in this issue urgently??
0
I have two ISPs - both with a primary and a secondary link. I want to use both of the primary links and set load-balancing ratio between them and set their respective secondary links as failover links. I can do either one of these but having a hard time doing both. Any ideas? Do I create different groups? If yes, how?
0
I lost OSPF and BGP routing between ESGs in our NSX environment and router. The only non routing error at that time was a message
from kernal concerning vNic1 "going to shrink rx ring". Any idea what this message is saying?

2016-12-13T14:17:03+00:00 esg04-boz.acme.roadrunner.com-0 kernel[]: [default]  :  [kern.info] vNic_1: going to shrink rx ring.
2016-12-13T14:17:03+00:00 esg04-boz.acme.roadrunner.com-0 kernel[]: [default]                                                :  [kern.info] vNic_1: intr type 3, mode 0, 5 vectors allocated
2016-12-13T14:17:03+00:00 esg04-boz.acme.roadrunner.com-0 kernel[]: [default]                                                :  [kern.info] RSS indirection table :
2016-12-13T14:17:03+00:00 esg04-boz.acme.roadrunner.com-0 kernel[]: [default]                                                :  [kern.warning] 0  1  2  3  0  1  2  3  0  1  2  3  0  1  2  3  0  1  2  3  0  1  2  3  0  1  2  3  0  1  2  3
0
What is SQL Server and how does it work?
LVL 1
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Hi experts,

Here are the variables:
  1. Two ISPs with different bandwidth capacities (let's just say ISP1: 1gbps, and ISP2: 200Mbps)
  2. There is the possibility of as ISP3 as backup (100 Mbps)
  3. The first two IPSs are configured for BGP
  4. Two Cisco 7301 routers

Scenario:
I currently have the two Cisco routers identically configured and only one is active. ISP1 and ISP2 are configured and connected to the active router and traffic is "influenced" for ISP1 for performance reasons. ISP2 is there only if ISP1 were to fail and BGP will start sending traffic through it. ISP3 failover if all BGP was down is handled by a firewall outside of this picture. If the active router would experience a hardware failure, I would simply move the ISP handoffs and firewall links to the backup Cisco router. Not a pretty router failover.

The BIG Question:
To make the above scenario fully resilient AND practical, I'd like to place each of the ISP handoffs on the two separate Cisco 7301 routers. I presume they would be configured with HSRP. The trick here is BGP and bandwidth load balance.
Is it possible to continue to "influence" one ISP over the other in the new configuration? or even better, can traffic go out the two paths as routing/bandwidth/BGP see necessary? I'd like to be able to maximize all the bandwidth possible and not have one router just sitting idle there. How about incoming traffic? Can it be …
0
I have an HP Procurve 5412zl switch that I want to add the following ACL on as we have having issues with Meraki SM communicating with our ios devices and Meraki have suggested the we add the following to our ACL:

Destination_IP: 50.115.86.96/27, 185.17.255.128/25, 185.92.120.0/25, 217.89.128.0/24      
Ports: 993            
Protocol: TCP            
Direction: outbound      

Destination_IP: 50.115.86.96/27, 185.17.255.128/25, 185.92.120.0/25, 217.89.128.0/24      
Ports: 60000-61000      
TCP            
outbound      

Destination_IP: 17.0.0.0/8                                                
Ports: 443, 2195-2196, 5223      
TCP      
outbound

Destination_IP: Any                                                      
Ports: 5228-5230      
TCP            
outbound

Destination_IP: Any
Ports: 80, 443
TCP
outbound

HP 5412zl does not have a gui for configuration of ACLs. At least not through the web interface. So I need to be able to do it from command line.

Thanks
0
I'm not sure the best terms to describe what I'm looking for.  We have Cisco 3850s as our core switches, and 2960s in the IDFs.  What I'm hoping to do is make port X on the 3850 switch, and port Y on one of the 2950s have an exclusive relationship where the traffic doesn't think it's "routed", but more like a passthrough.  

We have a situation where we basically need to direct connect one device to another device with network cable, but they are way too far apart physically.  So, if we can get the cisco switches to act as a bridge? tunnel? for the connection, where the two devices don't know that there is anything in between, that would fix the distance issue.

Does this type of setup exist on Cisco switches?
0
I have 4 CB 500 chassis. Each CB 500 has 2 switches. And Connections 1-8 are physical ports. 9-24 are connecting to blades 0-7.
I have configured the ports from 9-24 in switchport trunk mode but they are not passing the traffic. As soon as i am changing them to access mode they are passing the traffic. I am allowing all the vlans in trunk mode.
The switches are in VCS.
Please help me with this..
Thank you.
0
I am deployed 75% of the year, I am working on my CCNP but do not have the devices to train with. I purchased VIRL but my laptop can not support it!! is there any really go Router Simulators out there that I can purchase, that will allow me to perform high level command line such as Policy and so forth
0
Where or how can I pursue IT Network continued education?

Thanks,

SN
0

Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.