Networking Protocols

12K

Solutions

16K

Contributors

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have DMVPN with two hubs and an EIGRP relationship to a firewall (as well as to the spokes.)
The problem I am running into is that all of the DMVPN traffic is trying to egress Via one of the two VPN  hubs - HUB 1 - it's at capacity for passing encrypted traffic.

SPOKE----HUB 1----FW
SPOKE----HUB 2----FW

HUB1 is assigning a metric to the routes it learns from the spokes which is preferable to HUB2.
So that's why the FW is sending all the traffic to HUB1.

HUB1
 redistribute eigrp 300 metric 100000 0 255 1 1500 route-map EIGRP300-TO-EIGRP100

HUB2
 redistribute eigrp 300 metric 100000 10 255 1 1500 route-map EIGRP300-TO-EIGRP100

The firewall and the HUB DMVPN routers speak via EIGRP100. Hub to spokes via 300.

What I want to do is for the firewall to prefer one hub for half of the sites roughly. I could put in some static routes as a quick fix out of the traffic jam. I could remove HUB 1 from half of the spokes and that would make the HUB 2 the best path for half of the spokes. But surely there's a more elegant approach using route maps.

Something to the effect of..

If you match ACL SAVE-MY-DMVPN, you have a better metric than HUB 1. Otherwise you keep the same metric you have now and let HUB 1 keep doing its thing.

???
spiker.png
0
When you are running iSCSI, is TCP sliding window an important consideration? The situation is is Cisco UCS fabric interconnect to a Nexus 5k switch. The switch frequently drops packets inbound from the UCS and this appears to be an issue iSCSI frames from UCS being 1514 bytes which the interface on the Nexus is 1500 and jumbo framing is not enabled. I don't know why the vast majority of frames make it on through yet a significant number (in the millions) are dropped.
The port channel spikes up to about 10Gbps and most of that will be iSCSI. So the connection initiator to target works for the most part. I've planned to enable the jumbo frames as recommended by Cisco so that the 1514 iSCSI will be better processed and not dropped.

But my question is this: With iSCSI, are TCP conversations lengthy or very brief? To what degree would some dropped frames (.003%) in-path cause an issue for iSCSI TCP conversation? Or would this percentage just be noise that TCP connection orientedness should just deal with?
0
I'm in a new gig and I want to understand what happens if a site's Internet link goes down what takes over for their default route.
The routing protocol is EIGRP.

{DATA CENTER}-----WAN EIGRP-----{OFFICE}-----LAN EIGRP----[Cisco ASA]-----{INTERWEBS}

So the switches in the OFFICE are learning their path to the Internet from the Cisco ASA which advertises
a default route inward via EIGRP. The ASA learned it has the default via OSPF from an edge router
outside of it. My guess is that the DATA CENER's default route would propagate over the WAN to
the OFFICE in the event the Cisco ASA stopped advertising the default route inward.

How could I find out the behavior of the lost default route without causing an outage?

Thank you.
0
What logs would house information on NTP?  I'm trying to see if I can ingest these logs into Splunk to check and see if any servers times on the network are off.
0
I have a Peplink Balance One Router at work and intend to connect 2, or more computers from the same LAN to no avail. Only one connections seems possible. Is this by design?
On the router I use L2TP/IPsec and Windows 10 built in VPN client.
0
We just migrated second link on BGP on for customer. The link is up and advrtising customer prefix to the internet and is load sharing the traffic w/ another (different) providers' link (Separate from ours). The customer thinks that the Route distribution on our link is at least 20% less than other providers'. Can anyone comment on what could happening ? I looked thro' looking glass portals and our BGP link is not preferred (Mostly).  Please comment.

My initial question is does it depend on type of ISP Provider, (the other link is provided by Tier 1 ISP Provider)?

Thanks;
0
On internal intranet the C/C++ client sends out REST-like queries via TCP/IP and receives an XML response from the Java server. If the REST query loops fetching 3 records at a time, the total time to accumulate 90000 records is about 10x longer than if we fetch 100 records at a time. We will be performing a number of timing tests to isolate the cause. In anticipation that the problem may be the slow TCP/IP start due to initial small windowing, what settings are there to tell TCP/IP to start off with the largest (or larger) window size possible?

We are on 64-bit RHEL servers, and I assume that since the client/server are run on an intranet self-contained within the company, that we do not have to be concerned about congestion.

Thanks,
Paul
0
Dear Experts

I am looking for the best practice network design to connect 03 offices which is 3 different locations with secured links with redundant links. Below explained
Data center where business applications are hosted in the location 1 here the business applications which are web-based applications, windows AD for authentication, file server, email server are maintained, cisco 1010 FTD and Cisco FMC is in place and two ISP’s.
Location 2 which is far of distance is going to be connected to location 1 data center with MPLS VPN link and for redundancy broad band link planning for SD WAN solution. Finalized and implementation is in progress.
Now that all the employees who were so far working in location 1 that is at data center location to be shifted to the location 3 which is of little distance from location 1.  However, we are not shifting data center and our employess are of 20 users who is going to work from location 3 and they have to login for authentication to location 1 where the windows AD and file server for their document store and business application they use CRM.
1.      Please suggest the best network design to connect location 3 to location 1, should I have to plan for MPLS VPN as one link and secondary link as leased line and use SD WAN solution here or any other best practice please.
2.      How much bandwidth would be needed between location 3 to location 1 for web-based and store documents in the folder
3.  as we have 20 users is it required to setup …
0
Hello we enable these setting to disable NTLM completly in our network.

2019-11-13-10_26_05-.png
Im testing it and one problem i got is that when im trying to connect in RDP from a non domain pc (WIndows 10 1903) to my domain pc (WIndows 10 1903) it's not working

I get this error

2019-11-13-10_24_09-HOME---Royal-TS.png
If i do the same thing from my domain join pc (windows 10 1903) to my non domain join pc (Windows 10 1903) i get the same error but if i add an exception in the GPO above it's working

I also have a problem accessing the \\IP_OF_PC\C$ folder when NTLM is disable

Can we fix that ?

Thanks !
0
Client has a /16 and wants to advertise a /24 within the /16 via a new carrier at one of their smaller sites. Are there any things I need to discuss with the current carrier or the new carrier to make sure the new peering doesn't interfere with the existing route advertisements? Any other gotchas to consider in this operation? Thanks!
0
Dear Experts
We have to restrict internal users to access internet but the requirement is they have to access G-suite email account  via email client software MS Outlook to send or receive emails, We have Cisco 1010 firewall and the same is integrated with Windows AD , please  help what ports to be opened or any url to be allowed at firewall so that users can access g-suite email account through email client software .
0
Hi, we use haproxy with round robin on a few servers which works amazingly well
However now we need to use it for tcp sessions from different ports

basically, gps iot devices create connections to our server via TCP
When I run a netstat, I see lots of devices sending data from same IP address but different port
here is a snap shot
TCP myServerIp:9001 141.86.25.16:60046 ESTABLISHED
TCP myServerIp:9001 141.86.25.16:62084 ESTABLISHED
These are not the same device, they are using a mobile/cell network with same IP but different ports

So I would need a configuration for HA proxy to route to different servers based on IP and PORT
All the examples I’ve seen so far just use IP, which would not work well for me as it would batch a bunch of devices to same server.
I guess it would work, but it may overload one server and under-load another (if that makes sense)

Something else i’m not sure about, some devices also send data using UDP, and these would also need to be routed to same server, not sure if this would work or if i would just have to route all UDP devices to 1 server

Any feedback, pointers and help appreciated
Thanks
0
Hi,
Port 25 is open but I've got the following. Any advice?
C:\Users\Administrator>telnet localhost 25
Connecting To localhost...Could not open connection to the host, on port 25: Connect failed
0
First, I'm a novice with SSIS, having mostly just maintained existing packages.  I have a project that I upgraded from SQL Server 2008 R2/Visual Studio 2008 to SQL Server 2016 (deployment model) in VS 2017.  All of the packages work running locally on my machine just as they always have, with the exception of one.  

This loops through oledb source servers  using a connection string built by variables received from a query.  Then it starts the control flows, which each has a series of data flow queries.    The weird thing is sometimes it runs fine.  Most of the time I get errors like this:

[NetComply - CollectionMembers [212]] Error: SSIS Error Code DTS_E_OLEDBERROR.  An OLE DB error has occurred. Error code: 0x80004005.
An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 11.0"  Hresult: 0x80004005  Description: "Protocol error in TDS stream".
An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 11.0"  Hresult: 0x80004005  Description: "Communication link failure".
An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 11.0"  Hresult: 0x80004005  Description: "TCP Provider: An existing connection was forcibly closed by the remote host.
An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 11.0"  Hresult: 0x80004005  Description: "Communication link failure".
An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 11.0"  Hresult: 0x80004005  
0
I use "Remote Desktop Connection" from my windows PC to connect to remote Linux Virtual Machine running Ubuntu 18.04.2 LTS.
I open terminal window and type following command to clone git repository:

git clone git://git.yoctoproject.org/poky_local_copy

The response is as follows:
git connection failed
I open Mozilla Firefox Web Browser, enter git.yoctoproject.org and connect.  Why Web Browser connects to this site but from terminal cannot connect to this site?
0
Anyone has handon experience with a grpc reverse proxy ?

The context is anonymising queries to speech.googleapis.com. i have a valid api key, express agreement from google, and a production proxy that handles http queries to the same service. But unfortunately not http2

The future would be a smarter proxy that connects and authenticates against google services and multiplexes client requests to the service. I am also interested in simple client implementations in go. the front protocol might not be grpc in that case, though it would make it simpler.

For now, i played quite unsuccessfully with nginx, haproxy, and a bunch of socats and other tools to decapsulate ssl. Unfortunately i fail to undrstand the authentication mechanism used by google. Any knowlege in that field ?

I am also interested in a working grpc stream decoder

Thanks for your time

Ps : please do not answer with a random tutorial. I already read those, and still struggling.
0
Hello,

I've been given two servers for a PHP project inside my company (one for PHP and the other for MS SQL) but my local system administrator has never dealt with remote SQL connections (yeah, I know).

I've managed to use his admin session (thru Skype's desktop presentation) and configured the SQL instance to use a fixed port instead of dynamic (to avoid headaches in the future). I've also created an inbound rule in the SQL server's firewall that allows that same TCP port for the domain. I didn't create an inbound UDP rule for the SQL Browser because I'm not using a dynamic port.

Also, the user that I'm using in my PHP script was created under Security -> Logins but within the database, instead under Security -> Logins for the entire SQL instance. It was created as dbreader and dbwriter only.

This is how my PHP connection looks like (the x are IP address and NNNNN is the port):
$servername = "xxx.xxx.xxx.xxx\\INSTANCENAME, NNNNN";
$connectionInfo = array( "Database"=>"MY_DB_NAME", "UID"=>"loginname", "PWD"=>"somepassword" );
$conn = sqlsrv_connect( $servername, $connectionInfo );

if ($conn) {
     echo "yup";
} else {
     echo "nope";
}

Open in new window


What else can I try to make the connection happen?

BTW, both sqlsrv and pdo_sqlsrv extensions are loading fine in PHP.

Both servers are Windows Server 2016 and SQL is also 2016.

Thanks in advance!
0
BGP Configuration with and without another IGP

in the topology below, I would like to know if :

-- BGP needs to be configured on R1  R2,R3,R4  without any other IGP (OSPF)configured on the same routers.
-- Or BGP can be configured only on R1 and R4, but IGP (OSPF) should be configured on all 4 routers R1,R2,R3,R4

Thanks


b
0
OSPF Address-Family

I have seen  in some examples EIGRP configured with   address-family ipv4 vrf <VRF Name>  autonomous-system <AS Number>
However I have not seen examples where OSPF  is configured with  address-family ipv4 vrf <VRF Name>

for instance, in the topology below Customer Edge CB_1 uses OSPF  and  it is connect to PE_1

Thanks

m
0
Hi, I ran this wireshark network protocol analyzer with no programs open, including no background programs. I ran it for three minutes. I have the report in csv and in pcapng format.(I've changed the latter to a .txt extension to upload).

Can someone let me know if there's any odd network activity going on? Thanks. If you need more information, let me know, this is way over my head.
packet-dissection.csv
packets---Copy.txt
0
Naive Question on the Bandwidth versus Throughput

EE Members / Gurus ,

Need your help to clarify the definition

1. If i hear in a meeting , client has internet link of 40Mb . Does this means his bandwidth is 40Mb or the throughput ?
Does this 40Mb in case if it is bandwidth inclusive upload/download speeds ie 20/20

2. What does the terminology means ' ' pipe can handle 80Gb of traffic ' . Does this mean the backbone / backplane speed can or should handle this traffic

Regards,
Sid
0
NFS on netapp filer - very slow only when over a hop


hi out of the blue. - juniper in the core  CIFS has slowed to crawl off a netapp - engineer did put a route in but only in prep for a change - it seems from that point on NFS browse to the netapp is soo slow its unusable
we since removed the route - but its just as bad no difference
dont even know if what he did was related

anyway if you are on the same subnet as the cifs netapp filer  (eg on a server in the same subnet )CIFS  performace is fine!!!
as soon as a hop to get to filer cifs share - its hopeless

Netapp 8.3 data on tap - Juniper core switched HELP
0
Connect 2 Networks that use Different Routing Protocols.

I would like to know in the case we have 2  separate Networks  , one runs OSPF and the other one runs EIGRP.  If I need those 2 networks to be able to talk to each other without using Redistribution nor MP BGP, would that be possible?  for Instance using VPN GRE Tunnel or IPSEC VPN Tunnel ..

Thank you
0
I need to analyze PCAP files and APIs for an MVNE I am working with.  I can definitely see some things in the PCAP files they sent, but I would like to be able to do a lot more and more deeply analyze it.  I have been using wireshark to break it down but what is the best way to attack analyzing these files.  Is there a resource out there, program, best practice, etc.
0
I am attempting to configure VOIP multicast paging for a member school district. Currently, when a phone page is initiated, the green speaker light on the phone comes on and the mic red (mute) light comes on at same time.However, the page is not able to be heard on any phones. I am told this did work at one time but no one seems to be clear when it stopped working. As of yesterday, I upgraded their WAN switch and I am attempting to get the paging to work again.

Specifics.

Cisco Informacast server (Handles paging) is located on the WAN and is directly connected to a  vlan 110 port (near-end)
VOIP phones are located at the district on the far end of our WAN (far-end)

Near end switch connected to Informacast server on vlan 110:
HP 5412R , J9851A running KB.15.17.0007

Far end switch hands all vlan 110 VOIP traffic off to VLAN 72 (Phones):
Aruba 3810M, JL071A running KB.16.07.0003

Vlan 110 is configured on both switches and vlan 72 is only configured on the far end.


Obviously, the config is non-working (copied over from old switch) and has been modified in an attempt to resolve the issue but I will post for reference and advice on what to change.

near end switch vlan 110 config:
vlan 110
name "VLAN110"
untagged A3,B5-B6
tagged
A4-A9,A11-A19,A21-A22,A24,B1,B4,B7-B8,B13-B22,C1-C24,D1-D24,E1-E24,F1-F22
ip address 10.201.0.1 255.255.248.0
ip igmp
ip igmp forward A1,A3-A24,B1-B2,B4-B8,B10,B12-B22,C1-C24,D1-D24,E1-E24,F1-F22
qos priority 7
forbid B2
0

Networking Protocols

12K

Solutions

16K

Contributors

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.