Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

My contractor ran fiber cables between floors.  Today I noticed there's an interesting transition connection from thicker cable to the thinner one.  Taped over with while electrical tape.
I didn't have that fiber patch panel.  They install it all.  Taped like that on both end of terminations.

  Does anyone know if this is how its done normally and should I worry about it?  Thanks.
20181226_121026.jpg
20181226_121022.jpg
0
Thriving as a woman in IT
Thriving as a woman in IT

The IT workforce is diversifying, but the gender gap in tech remains very real. Overcoming stereotypes, and the glass ceiling is important not only for individual women working in the field but for the industry as a whole. Here are eight things women in IT do to succeed.

HI Experts.

I have this policy map on most of the switches at my organization.  
Policy Map AUTOQOSPOLICY

    Class AUTOQOS_VOIP_DATA_CLASS
      set dscp ef
      police 128000 8000 exceed-action policed-dscp-transmit
    Class AUTOQOS_VOIP_SIGNAL_CLASS
      set dscp cs3
      police 32000 8000 exceed-action policed-dscp-transmit
    Class AUTOQOS_DEFAULT_CLASS
      set dscp default
      police 10000000 8000 exceed-action policed-dscp-transmit

We are now replacing the existing phones with a new cloud base phone system and they sent me these requirement for QOS and the vendor gave me this policy to use on the switches

policy-map PM-ASW-IB-User
class CM-ASW-IB-RC-Voice-RTP
set ip dscp ef
police 512000 16000 exceed-action drop
class CM-ASW-IB-RC-Video-RTP
set ip dscp af41
police 768000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-GeneralSIP
set ip dscp af31
police 32000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-Meetings-Control
set ip dscp af31
police 32000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-Other
set ip dscp af21
class CM-ASW-IB-Cust-AF13
set ip dscp af13
class CM-ASW-IB-Cust-AF12
set ip dscp af12
class CM-ASW-IB-Cust-AF11
set ip dscp af11
class class-default
set ip dscp default

Apply on the ports :

interface range Gi1/0/9-20
! no mls qos trust device cisco-phone
! no auto qos voip cisco-phone
! no mls qos trust cos
! mls qos trust dscp
! priority-queue out
! …
0
Hi

I have a network with a Layer2 link back to a datacentre which provides our internet connection, we have no firewall onsite at present but looking to install one.

We have ordered an internet connection on premise.

We want to keep our Layer 2 connection and make use of it somehow.

We want to use the new internet connection on-premise and a firewall to route the internet. What's the best way to do this?
0
School network running Windows Server 2008 R2.  I am trying to add a printer to be shared across the network. the printer is an HP Officejet Pro 8720. I have tried using the Print Server routine in Administrative Tools and also from Add a printer in the devices and printers snap in. Both indicate the printer was installed successfully but nothing prints even though there is no error message and nothing stuck in the Print queue. I can ping the ip address assigned to the printer.  Please advise.

thank you.
Robert
0
I'm listing out IT Infra changes that require CR / change control ie subject to CAB.
1. OS, network device OS patching/update/upgrade
2. Installing or configuring a software/feature
3. Adding/deleting/amending an ACL or firewall rule for Production purpose
4. Configuring DB changes : to list out ...
5. Hardenings & OS changes (permission changes etc)
6. OS/device tunings (including migrating services behind WAF, ...)
7. changing account/object privileges

However, I think the following just require an SR/email:
a. blocking of IOCs (from threat Intels)
b. unlocking accounts/password resets
c. login to check/extract information (Cisco 'show run')
d. restarting / rebooting a service or OS due to fix a problem
0
Hello gents,

I am at a customer site and they have a server in the internal zone, the network has Cisco ASA firewall.

They have a developer and on the server he wants to open ports 7000-7200, Do I use the Cisco ASA to open these ports ? or is this done on the server only.

I am not sure how to address this I need clarity on such type of requests from clients,

Thanks,
0
Run connection test "telnet port 53" failed, is the 23 or 53 port connection issue? How to verify?
0
I am running backupexec 20 and we have a server at a remote site with a slow WAN connection. I would like to run a full backup on the server to storage that is there locally then bring the storage to our data center and send just the incremental data to it each night over the WAN for the backup. The full backup will be about 1TB and the incrementals are 1-2GB. Can we use Symantec BackupExec to accomplish this (the up range is different in our data center from the remote site)? If so, how?
Tia.
0
Hi Guys,
I observed big amount of no buffer drops on my interface facing internet, on my C2911 Router, howerver, I don't see any failed or a lot of missed packets in the buffer counters.
What could be the reason for it?

MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
     reliability 255/255, txload 42/255, rxload 122/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full Duplex, 100Mbps, media type is RJ45
  output flow-control is unsupported, input flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:03, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/76 (size/max/drops/flushes); Total output drops: 3631582
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 48118000 bits/sec, 6878 packets/sec
  5 minute output rate 16759000 bits/sec, 3252 packets/sec
     4022440271 packets input, 4092734377 bytes, 3631387 no buffer
     Received 6062 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     592 input errors, 0 CRC, 0 frame, 592 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     1319074480 packets output, 2459248571 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     1 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped …
0
I have 3 switches. I have 1 vtp mode server (A) and 2 transparent (B & C). I changed the B & C from transparent to client. I added another vlan on A. But only B updated its vlan database. I am not sure why C did not. A is directly connected to B via copper. B is connected to  C via fiber.
0
Answering your cyber security questions
Answering your cyber security questions

It’s in the news. It’s the job title of the main character on every other tech thriller on TV and in the movies. It’s the hot topic in business boardrooms, university classrooms, and just about everywhere else. But what is cyber security, and how do you get a job in it?

Hi,

I’m hoping to get some ideas on this one. I’m having some intermittent latency and sometimes dropouts on the network, which consists of mostly Cisco SX300 switches.

When the latency or dropout happens, the CPU utilisation of the core SG300 Switch would be over 40%. I have been told the issue is caused by spanning tree and turning global spanning tree off on the core switch does help, however, I think it is not the spanning tree or it is more that just the spanning tree.

What other things could I look into in finding the cause?

Any help appreciated!

Jonathan
1
I have problem PXE boot from Microsoft surface 4 (UEFI) to connect to WDS server (Windows 2016). I have updated surface firmware and OS patches etc.. Getting below error

NBP filename is boot\x64\wdsmgfw.efi
NBP filename is 0 Bytes
PXE-E23: Client received TFTP eror from server

All other machines except MS surface are working fine. What step need to do resolve this issue.
0
Hi all,

   I have a very annoying problem in which everything works like a dream, and one application is hanging almost certaintly die to lost file handles.

   The network is exemplary; certified Panduit, server 2012 R2, almost everything on the network is new and now I installed 7 new HP computer with Windows 10.

   What happens is that the application we have that runs on a flat-file database (Clarion) shared on local server is hanging up. For testing purposes on old Win 7 machines everything is working stable.

   I am pulling my hair on this one, and I don't know how to proceed.

   I tried max power management, disabling Green Ethernet, disabling AV program and Firewall, disabling all non ms services, etc. All the time the app behaves the same.

   Any ideas or diagnostic procedures are Welcome.
0
Need to recover passwerd for cisco switch 4507R-E without removing the configuration
0
I have to develop a Runbook that provides operational procedures for obtaining security certs.  Can someone provide me with a template of a runbook or a website where I can find a template?  

Thanks
0
Dear experts,

I am new to the DNS and DNS load test. Now i have task to test Load Test on two BIND9 servers [RHEL6]. I had googled it and i found dnspref is good tool to evaluate throughput and latency. However, I need a script to do this task. I will be very helpful for me if any one share the info.

thanks,
Maddy..
0
Hi ,

we have subsidiary company with around 150 Users . it is linked to us (HO ) over IPVPN (1 MB)  and services getted from Us are :

1- CISCO IP telephone ( currently around 75 Users)
2- ERP ( about 50 USers)

thier existign Setup :

1- Domain COntroller ( seprate totally from us ) + Antivirus server ( 1 physical box)
2-finance system
3-Backup Server
4-Sonicwall NSA2600
5-Switches
7-Router for IPVPN

the managment is thinking to host the setup for the subsidary company so my questions are:

1- how I can do the proper sizing for the link ? so i ensure the users are not feeling slowness
2-what equipment should i move from there and what i should not ? best desing fro myour experince
3- how the internet should be provided to thier users ? from us or locally ?
4- what are the adv and disadvanage for such plan? should we recommend this plan or let them continue as they are
5- risks?
6- what are the pre requisits needed in the HO Data Center for hosting those equipment
0
I am employed in one ISP,  I am trying to do redudant link between my pop Cisco switch to my customer end MIKROTEK Router but it cause loop of the network,  any body have solution to do work proper RSTP between MIKROTEK & CISCO switch???
0
Hi Guys,

 I am trying to use hyper-v extended port acl's as a basic form of firewalling for vms on hyper-v server 2016

My goal is simply to limit incoming connections while generally allowing outgoing traffic (and return traffic).

In essence we are allowing incoming http(s) and dns replies. All outgoing tcp traffic is marked as stateful.

We use the following acl's (cleaned up slightly for readability)
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Deny" -Direction "Inbound" -Weight 20
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -Weight 30 -Protocol 1
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -LocalPort 80  -Protocol "TCP" -Weight 60
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -LocalPort 443  -Protocol "TCP" -Weight 70
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -RemoteIPAddress "8.8.8.8/32" -RemotePort "53" -Weight 130
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Outbound" -Protocol "TCP" -Stateful $True -Weight 150

Open in new window

The issue is as soon as the last stateful entry is added significant latency is observed to the point of things becoming useless.

In the cisco switch acl world you would simply look for the established flag for the packet.

Is there a way we can achieve the same here without incurring these severe performance penalties? Am I doing it completely wrong?

thanks for any insight.
0
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

Dear Experts, please help us this case:

We are using Cisco Router 3925 as the gateway for LAN users, users' IP addresses were NAT overload via the interface that connect to the ISP; however we got a network (192.168.50.0) that could not access a website.

If we NAT static a PC inside that network to a static public IP address (or a pool of public addresses), the PC could access the website; but if we did not NAT static and using NAT overload via gateway interface, PC could not access website.

Do you know why? Please suggest
0
I have configured UDP jitter SLA on my test lab. What do the below counters indicate of my connection? Why is there no latency numbers?
How am I supposed to read this?


ip sla 90
 udp-jitter 38.69.52.4 65050 num-packets 20
 request-data-size 100
 tos 128
 frequency 30
ip sla schedule 90 life forever start-time now


Test_Lab_Router_Place#sh ip sla statistics  de
IPSLAs Latest Operation Statistics

IPSLA operation id: 90
Type of operation: udp-jitter
        Latest RTT: 11 milliseconds
Latest operation start time: 12:03:15 cst Wed Feb 21 2018
Latest operation return code: OK
Over thresholds occurred: FALSE
RTT Values:
        Number Of RTT: 20               RTT Min/Avg/Max: 9/11/17 milliseconds
Latency one-way time:
        Number of Latency one-way Samples: 0
        Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds
        Destination to Source Latency one way Min/Avg/Max: 0/0/0 milliseconds
        Source to Destination Latency one way Sum/Sum2: 0/0
        Destination to Source Latency one way Sum/Sum2: 0/0
Jitter Time:
        Number of SD Jitter Samples: 19
        Number of DS Jitter Samples: 19
        Source to Destination Jitter Min/Avg/Max: 0/2/8 milliseconds
        Destination to Source Jitter Min/Avg/Max: 0/1/1 milliseconds
        Source to destination positive jitter Min/Avg/Max: 1/3/8 milliseconds
        Source to destination positive jitter Number/Sum/Sum2: 5/19/119
        Source to destination negative jitter Min/Avg/Max: 

Open in new window

0
If a want to measure how much bandwidth a data link is consuming I have to add the upload and download of the link?
0
Hi

How to setup up a new domain Controller.
0
Dear Expert,

I will shut down my Checkpoint Firewall R77 and Hitachi San (model: HUS130) . Could you please provide a startup and shutdown procedure for Checkpoint and HItachi SAN manual. In addition, Will share your experience for shutdown /startup process. Thanks
0
My sonicwall is dropping my connection from a second subnet. I understand why, as it is identifying this 96... ip address as a WAN on the LAN. However I just simply want to allow all traffic from that IP to get through. How would I go about configuring the sonicwall?

I tried disabling IP Spoof Checking from the diag.html page, but it refuses to save and only says "there were no changes made".

01/15/2018 12:07:25.640      Alert      Intrusion Prevention      IP spoof dropped      96.67.165.X, 49873, X1      209.63.225.X, 80, X1      

Thanks!
0

Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.