Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have created new 26 vlan in cisco switch. But when i checked spanning tree instance for those vlan i see spanning tree instance only for 4 vlan for rest of vlan i did not see any instance.

Below is the message#

INND-S-D-01-AUS#sh spanning-tree vlan 626

Spanning tree instance(s) for vlan 626 does not exist


Note: All vlan are up,At present no port assign to these Vlan.
0
Turn Raw Data into a Real Career
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

Anyone knows Aruba controllers well?   They normally pass through the same VLAN on the main switch, or the management VLAN.
Wonder why Aruba not recommending doing a direct heartbeat between Active and Passive controllers.  Using 7030 controllers at this point.
Normally I do a direct heartbeat between Cisco controllers.  But Cisco has a dedicated HA port for this.  Arubas not.  7030 controllers have 8 fiber and 8 copper ports.
 Anyone knows about it and have an advice?
0
I have to develop a Runbook that provides operational procedures for obtaining security certs.  Can someone provide me with a template of a runbook or a website where I can find a template?  

Thanks
0
I have a 10Gbps Direct Connect circuit from our enterprise data center to AWS. Each VPC has a different
sub-interface and different BGP peer. See snippet below. What's happening is that ping tests to some BGP
peers might have NO loss be other BGP peers are seeing 2 to 10% packet loss from the perspective
of our monitoring system in the data center. If I look at the Ethernet port or the PortChannel port there
are no incrementing errors nor discards that I can see. If I try to show anything about the subinterface
(say show interface port-channel3.1002) - error information is not available. I'm not sure how I can
look at the interface of the router on the AWS side of the connection.

My question: how can I go about troubleshooting the ping loss to these sub-interfaces/bgp peer addresses?

neighbor 172.18.1.189
inherit peer aws-dx-peering
description peering to preprod

neighbor 172.18.1.195
inherit peer aws-dx-peering
description peering to prod

interface port-channel3.1001
  description DX for preprod
  encapsulation dot1q 1001
  bfd interval 300 min_rx 300 multiplier 3
  no ip redirects
  ip address 172.18.1.130/31
  ip router ospf 1 area 0.0.0.0


interface port-channel3.1002
  description DX for prod
  encapsulation dot1q 1002
  bfd interval 300 min_rx 300 multiplier 3
  no ip redirects
  ip address 172.18.1.132/31
ip router ospf 1 area 0.0.0.0
0
Dear experts,

I am new to the DNS and DNS load test. Now i have task to test Load Test on two BIND9 servers [RHEL6]. I had googled it and i found dnspref is good tool to evaluate throughput and latency. However, I need a script to do this task. I will be very helpful for me if any one share the info.

thanks,
Maddy..
0
Would the following configuration elements be sufficient to export netflow information from  Nexus switch from a particular vlan?

feature netflow

flow exporter splunk
  destination 172.20.1.99
  transport udp 20066
  source loopback0
  version 9

flow record netflow-record
  match ipv4 source address
  match ipv4 destination address
  match ip protocol
  match transport source-port
  match transport destination-port
  collect counter bytes
  collect counter packets

sampler netflow-sampler
  mode 1 out-of 4956

flow monitor flows01-monitor
  record netflow-record
  exporter splunk

interface vlan 100
 ip flow monitor flows01-monitor input sampler netflow-sampler

(cisco Nexus 6004 Chassis; Version System version: 7.1(3)N1(2))
0
Hi ,

we have subsidiary company with around 150 Users . it is linked to us (HO ) over IPVPN (1 MB)  and services getted from Us are :

1- CISCO IP telephone ( currently around 75 Users)
2- ERP ( about 50 USers)

thier existign Setup :

1- Domain COntroller ( seprate totally from us ) + Antivirus server ( 1 physical box)
2-finance system
3-Backup Server
4-Sonicwall NSA2600
5-Switches
7-Router for IPVPN

the managment is thinking to host the setup for the subsidary company so my questions are:

1- how I can do the proper sizing for the link ? so i ensure the users are not feeling slowness
2-what equipment should i move from there and what i should not ? best desing fro myour experince
3- how the internet should be provided to thier users ? from us or locally ?
4- what are the adv and disadvanage for such plan? should we recommend this plan or let them continue as they are
5- risks?
6- what are the pre requisits needed in the HO Data Center for hosting those equipment
0
Good afternoon All

I am looking for community help to get me started on a Dell PowerConnect X4012 (2switch stack) configuration for 3 Dell XC servers with Nutanix on them.  I also have a TOR switch stack of 2 x Dell 3024 switches.  I have found in the past best practice documents for configuring Dell kit for VMware but I can't find anything conclusive for the above.

What vlans am I going to require for Nutanix AHV HCI?  

Any help gratefully received.

Thanks
0
I am employed in one ISP,  I am trying to do redudant link between my pop Cisco switch to my customer end MIKROTEK Router but it cause loop of the network,  any body have solution to do work proper RSTP between MIKROTEK & CISCO switch???
0
Hi Guys,

 I am trying to use hyper-v extended port acl's as a basic form of firewalling for vms on hyper-v server 2016

My goal is simply to limit incoming connections while generally allowing outgoing traffic (and return traffic).

In essence we are allowing incoming http(s) and dns replies. All outgoing tcp traffic is marked as stateful.

We use the following acl's (cleaned up slightly for readability)
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Deny" -Direction "Inbound" -Weight 20
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -Weight 30 -Protocol 1
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -LocalPort 80  -Protocol "TCP" -Weight 60
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -LocalPort 443  -Protocol "TCP" -Weight 70
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -RemoteIPAddress "8.8.8.8/32" -RemotePort "53" -Weight 130
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Outbound" -Protocol "TCP" -Stateful $True -Weight 150

Open in new window

The issue is as soon as the last stateful entry is added significant latency is observed to the point of things becoming useless.

In the cisco switch acl world you would simply look for the established flag for the packet.

Is there a way we can achieve the same here without incurring these severe performance penalties? Am I doing it completely wrong?

thanks for any insight.
0
Top Threats of Q1 & How to Defend Against Them
LVL 1
Top Threats of Q1 & How to Defend Against Them

WEBINAR: Join WatchGuard CTO and our Threat Research Team on Aug. 2nd to hear the findings from our Q1 Internet Security Report! Learn more about the top threats detected in the first quarter and how you can defend your business against them!

Dear Experts, please help us this case:

We are using Cisco Router 3925 as the gateway for LAN users, users' IP addresses were NAT overload via the interface that connect to the ISP; however we got a network (192.168.50.0) that could not access a website.

If we NAT static a PC inside that network to a static public IP address (or a pool of public addresses), the PC could access the website; but if we did not NAT static and using NAT overload via gateway interface, PC could not access website.

Do you know why? Please suggest
0
I have configured UDP jitter SLA on my test lab. What do the below counters indicate of my connection? Why is there no latency numbers?
How am I supposed to read this?


ip sla 90
 udp-jitter 38.69.52.4 65050 num-packets 20
 request-data-size 100
 tos 128
 frequency 30
ip sla schedule 90 life forever start-time now


Test_Lab_Router_Place#sh ip sla statistics  de
IPSLAs Latest Operation Statistics

IPSLA operation id: 90
Type of operation: udp-jitter
        Latest RTT: 11 milliseconds
Latest operation start time: 12:03:15 cst Wed Feb 21 2018
Latest operation return code: OK
Over thresholds occurred: FALSE
RTT Values:
        Number Of RTT: 20               RTT Min/Avg/Max: 9/11/17 milliseconds
Latency one-way time:
        Number of Latency one-way Samples: 0
        Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds
        Destination to Source Latency one way Min/Avg/Max: 0/0/0 milliseconds
        Source to Destination Latency one way Sum/Sum2: 0/0
        Destination to Source Latency one way Sum/Sum2: 0/0
Jitter Time:
        Number of SD Jitter Samples: 19
        Number of DS Jitter Samples: 19
        Source to Destination Jitter Min/Avg/Max: 0/2/8 milliseconds
        Destination to Source Jitter Min/Avg/Max: 0/1/1 milliseconds
        Source to destination positive jitter Min/Avg/Max: 1/3/8 milliseconds
        Source to destination positive jitter Number/Sum/Sum2: 5/19/119
        Source to destination negative jitter Min/Avg/Max: 

Open in new window

0
If a want to measure how much bandwidth a data link is consuming I have to add the upload and download of the link?
0
Hi

How to setup up a new domain Controller.
0
Dear Expert,

I will shut down my Checkpoint Firewall R77 and Hitachi San (model: HUS130) . Could you please provide a startup and shutdown procedure for Checkpoint and HItachi SAN manual. In addition, Will share your experience for shutdown /startup process. Thanks
0
My sonicwall is dropping my connection from a second subnet. I understand why, as it is identifying this 96... ip address as a WAN on the LAN. However I just simply want to allow all traffic from that IP to get through. How would I go about configuring the sonicwall?

I tried disabling IP Spoof Checking from the diag.html page, but it refuses to save and only says "there were no changes made".

01/15/2018 12:07:25.640      Alert      Intrusion Prevention      IP spoof dropped      96.67.165.X, 49873, X1      209.63.225.X, 80, X1      

Thanks!
0
Hi,

We are running an intranet in our organization...now we are thinking to provide the access of our intranet to the users even through their mobile..How can we do this... and is this possible?

Thanks in advance,
Srikanth Nandyala.
0
Hey guys,
We have just acquired a client that uses Cisco stuff.  I am looking at the show run file for one of their devices.  I see non default vlans added to the ports, but I don't see any list of vlans.  Somewhere at the top of the file I see, "vlan internal allocation policy."  The stuff that I am reading about it is confusing, but it seems that what this is doing is importing vlans from another device.  Is this correct?
0
hello,
i.ve scom 2016 and need to specify some service that i need to show using the visio to make dashboard. so if i need to check health of the DNS service in my 3 domains how can i do that and shall i choose. also if  i need to check the status of my DHCP subnets can i do that?
i'm using visio 2013 and the scom addin installed but it's for system centre 2012 does it make any effect?
also if i need to just click on the service from the visio should it gives me the status of this object only?
thanks
0
Cloud Class® Course: Certified Penetration Testing
LVL 12
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

On a Cisco ASA, how can send only logging from a single access control list rule to a syslog server.?
Configuration with ASDM please

- Jac
0
We have an old Asterisk (v.2.x) phone server in our office.  I'm new to the system and need to change an extension number from a rapid busy signal to a working extension.  Also, we have several extension that simple hang-up when dialed (no tones of any sort).  How do we edit those extensions?

I'm new to Linux, but I've figured out how to browse directories and edit conf files.
0
What is the best option for a router or managed switch for a new fiber connection we have coming into our building?

Any recommendations other than a Cisco switch?

Basically we have a tail coming in with 50/50 fiber and 2 ip’s and 2 businesses need to leverage off it, our business and another.

Both businesses are separate but contributing to the connection and aside from QoS just need something to be able to push 1 internet ip to 1 lan and 1 ip to another.

Was assuming a managed switch or router with a vlan switch to 1 port and a vlan to another. Each business will have their own router and firewall from that point

No data can cross.

So was just looking for the best option and what unit would be reasonable whether a router or switch and just setup vlans

Any assistance greatly appreciated.
0
I want to know how to integrate Chocolatey into SolarWinds N-Central?

Any suggestions would be appreciated.
0
I have a core switch connecting to 13 edge switches. It switxh will connect to the core directly.

The core has 15 vlans for the switches to access the vlans do I need to make all the ports on the core members of the same trunk?
0
Hi

How yo untag port example 40 in Cisco firewall?

Currently we have situations port 40 was in the server vlan.

If we untag port 40 in the switch It might compromise security issue.

is there a workaround Solutio to untag port 40.
0

Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.