IPv6 Proxies: 2019-06-16

Saturday, June 22, 2019

Setting up internet for business?

This may seem like a really dumb question, but it’s something I really want an answer on. I’m a brand new Sys Admin right out of college. I have my CCNA certification and a two-year Sys Admin diploma to go with a Bachelors in network management. But I never understood this. We have our core layer, our distribution layer, and our access layer when it comes to designing networks. I understand all of the VPN tunnels between our offices, and how our access switches have Ethernet connections to our edge Fortigates.

But in business, how is internet access setup with an ISP? Do they need to be called to run a direct line in? Who covers the cabling? How is the line brought in? It’s something that’s confused me ever since I started my job a month ago. What are the details on this?

If you have a great Engineer experience regardless of which TAC you work with (Cisco, Juniper, etc.) and the Engineer went above and beyond please give a fair survey score and possibly follow up with their manager. Likewise for bad behavior and dodgy behavior!

Most customer service operations will use some type of variation of Net promoter [1], so those surveys you fill in when the case is closed actually have fairly big implications internally.

Some things to also remember:

Certain TACs will pin the survey result on the last Engineer, if you have a bad experience with Engineer A, who requeues to Engineer B then B will have to face the brunt of the bad feedback until managers determine the responsibility. It also feels like a personal kick in the guts
If you come across bad behavior or rude Engineers please contact their managers ASAP (normally their address is in their Email signature) report the bad behavior upfront and if appraising the survey based on a previous Engineer while the current one you had no issues with, please if you have time reach out to the Engineer's manager to appraise their effort individually. It's definitely held as a badge of honor for the Engineer when customers reach out directly to the manager
Be open/forward regarding feedback, good behaviors are more likely to prosper, good Engineers are likely to be rewarded while bad Engineers are likely to be punished and leave the system. This is more important now in a time where a bulk of the support is being sent to lower cost centres and the behaviors are not shared across the entire support structure
Changes to support centres and structures are aligned with constant bad feedback where due

Even flicking a quick "Yo Mgr, Engineer Joe Bloggs really went above and beyond on this case" is enough. Likewise for bad Engineers "Yo Mgr, Pete didn't seem really engaged on the case and avoided my calls. I wasn't happy with his tone on the phone"

[1] - https://www.checkmarket.com/wp-content/uploads/2011/06/NPS-en.jpg

VXLAN vs OTV

We use OTV on some Nexus 7ks to extend layer 2 between our main data center and one DR site. A few weeks ago, one of the 7k blades involved in the OTV VDC failed and caused the OTV overlay to completely flip out. Replacing and reconfiguring the hardware did not stabilize the problem, so we just shut down the OTV VDC on that switch to reach a stable condition.

A couple of weeks later, OTV bugged out again and caused a serious outage. A fantastic TAC engineer has looked this problem up and down thoroughly, but can't find a smoking gun. We're leaning towards this being a bug.

Long story short, because this issue has had high visibility in my company, we're likely moving away from OTV soon. We're basically deciding between VXLAN on our Nexus 9Ks (keep layer 2 extended across the two sites) or simple routing between the sites (no layer 2 extension).

For those of you who are running VXLAN at work, what have your experiences been like?

SSL Inspection and alternatives

Hi All,

We use Zscaler to perform SSL inspection, and basically, some sites are now using PKP and it if the client is using the Zscaler certificate, we're kinda stuck, as the site doesn't really work.

Zscalers solution is to disable SSL inspection on those domains:

https://help.zscaler.com/zia/public-key-pinning-and-zscaler

I was wanting to know, would replacing Zscaler (for specific sites or as a whole) with a proxy work?

As the proxy could establish the connection with the site in question (using the correct certificate), request and scan the data, then it would establish another SSL connection back to the client, and pass the data along?

This is the only solution I can think of that would be acceptable, as it allows us to scan the data for malware, and also allows us to measure it to see what is being sent or done.

Thanks heaps.

DLink Managed Switch - change management VLAN - What am I missing

I decided to crosspost here, as its a bigger community than /r/Network

I am running 99% Ubiquiti Network. USG3 as main router, a few switches, and a few AP's.

VLAN1 - 192.168.10.x - everything used to be on - moving everything off this eventually. I understand vlan1 is bad - thats ok, ill get there

I made a new VLAN5, DHCP 192.168.2.x etc. This is my management network, as I was told it is good practice to have that stuff on their own VLAN. Both the switches and the AP moved to the new network - works great.

VLAN12 is guest - 192.168.100.x - all good and working fine.

I happen to have a small 8 port managed Dlink switch (DGS-1100). It was setup as 192.168.10.20, but I am going to move the switch into VLAN5, and tag/untag ports accordingly. Cord is plugged into eth1

I change the switch to DHCP, grabs a new IP 192.168.10.159 or something. Cool. I go into VLAN area, setup and tag eth1 as VLAN5. It also is tagged as 1 and 12. So now eth1 is tagged as 1, 5, and 12. Still going well.

I go into the management VLAN area, which is currently disabled. Enable, and then it gives me a dropdown menu, to choose 1, 5, or 12. I choose 5. The end. It doesn't pull a DHCP lease from the router, it just disappears. No longer on vlan1 as either 10.20 or 10.159. I have to power cycle it and then it reverts its settings.

Im at a loss here to how to get it to be assigned to vlan5! Any help is appreciated.

Plug and Play VPN Server / Remote device

I live in Japan, but I want to set up a VPN to my parents home in the US. My parents are old and technically sufficient, but walking them through creating a VPN server on a separate computer from one of their home computers would be a nightmare.

Thus, I'm looking for some sort of stand alone plug and play device that is relatively easy to get going that I can ship to them so they can plug it into their router, power on and set up relatively easy and then forget about it.

I've been looking for one online, but everything I've googled just brings me to routers with VPN capability (Again, walking them through setting it up I think might be frustrating for everyone).

My location also makes it more expensive for me to build one here then ship it to them (I realize this is probably the best solution)

Thoughts? Thanks in advance. T1

newbie question

hello , I'm currently working on my ccna r/s and I want to know from you guy , what skill should I go after getting my cert ?

I looked at some "job seeking sites" to have some ideas , and I found a lot of system engineering cert ( mcsa , linux ... ) required with networking skills. The thing is , I'm not really in to Microsoft stuff ( maybe linux )

so I want to know from you experience guys, what is the best choice to do after finishing what I'm currently on ??

Newbie needs help with DIY cat6

So my boss is too cheap to have The usual network tech do a job at my work and I believe it's fairly simple But I need some help understanding some things. All I need to do is run a length of cat6 cable to allow an internet connection to a computer in a new office that just got built. It's pretty close to the server room so it won't be an issue. I have 100 ft of cat6 cable and a box of RJ45 connectors as well as a crimping tool, but I've never crimped ethernet cable before. On the box of connectors it shows the color code pattern for T568-A and T568-B. Can someone explain me the difference between the two and which one is more appropriate for what I'm trying to do? I've crimped cat5e cable once before but never cat6 and I noticed that the cat6 connectors have three pieces as well which I am slightly confused about. Thanks in advance for any advice.

Recommandation needed : Outdoor network cabinets wall mount for Canada?

Hi, my company need an vertical outdoor cabinet which contain enough space for an patch panel and 2-4u. It will contain a Cisco switch and an ups. Any suggestions? Thanks you!

Ping host behind VOIP

Issue at work. Have an access form that displays connectivity in up/down and colored displayed in office layout. VBA runs a ping to each IP and if it’s successful I get a green button etc. anyways that stuff is just for a better picture. We’re super compartmentalized in our roles and I have zero network rights. Network team is abroad internationally so not very much interoperability between us. When I attempt to ping the host that is fed through a voip I get nothing. Is there a workaround for this?

Can any access point work with any firewall?

Hey all. Can you please help me out. I have sophos AP 55c access points set up and and managed through a cyberroam firewall. I want to add more access points, but the company says that it's an older model, and the newer models will not work with the existing firewall, and that I'll need to buy a newer firewall. Is this correct? I'll provide some more details when I get to work.

Thanks

HPE 5900 / Comware 7 MPLS Route recursion

We have MPLS + ISIS +BGP running on HPE 5900 devices. The loopback IPs of other devices signaled via ISIS are resolved with MPLS labels. However, we see that BGP routes with the same loopback IPs as next hop are directly resolved with the remote IP in the local transfer network and not with the mpls label used for the loopback itself. We also see the same behavior for ip static routes to loopback IPs. We would expect to have MPLS forwarding instead of ip forwarding.

We are wondering if there is a configuration option to change this behavior. We have tested a similiar configuration on Arista, Cisco and Juniper and for these platforms the desired behavior is the default.

Does anybody have seen the same effect? How did you manage to solve it?

VLAN hopping(switch spoofing)

Hi I am currently working on my final year project in school, I'm trying to do VLAN hopping specifically switch spoofing on my cisco 2950 switch.

After I configured VLAN 10 and 20 on my switch, I use KALI LINUX on my laptop to connect to fa0/1, I can ping to my other laptop at fa0/2 on 192.168.3.0/24 network, then I do yersinia- G on my KALI to send DTP packets to enable trunking, after I successfully make fa0/1 trunking port I try to ping my laptop on fa0/2 but it failed, I try to change my ip to be on 192.168.4.0 /24 network to ping to my other laptop on fa0/3 VLAN 20 but it failed too, I don't understand why, I did exactly what it states here but it doesn't work please help!!! https://www.exploit-db.com/docs/english/45050-vlan-hopping-attack.pdf

switch configuration:

int fa0/1

switchport mode dynamic auto

switchport access vlan 10

int fa0/2

switchport mode access

switchport access vlan 10

int fa0/3

switchport mode access

switchport access vlan 20

Has anyone built a small (2-3 rack) datacenter? I'm thinking about it.

Using a throwaway because my normal username includes info that when combined with what I'm going to say here might make my normal account too easy to doxx.

I've been in the networking world for 15+ years. I have three friends who together have done server (admin) support for 10+ years, server (hardware) support for 10+ years, programming for 10+ years (and is also now AWS certified). My next door neighbor is a certified electrician working for the city. We could practically run our own full service datacenter. Even though there are cloud storage monsters dominating the network there are still lots of smaller companies that don't trust the cloud and want to own their own offsite storage, or offsite routers/servers for backup links and disaster recovery, etc.

I tossed out the idea over beers one night and we all started brainstorming. One (huge) problem would be getting a loan to renovate (or build) a building. Part of that problem would also be the need to have (relatively) a lot of rack space rented on day one to start paying back the loan. So we started scaling back the plans. Maybe we could build a smaller proof-of-concept data center, and if that works then leverage that into a larger one.

I own a home in a hurricane-prone location. I plan to purchase a generator to help in case of a hurricane. The house came with a cement pad I plan to place the generator on. I have the space to build a "storage shed" large enough to house three 19" 42U racks. What if I built that, had the generator installed, and got redundant internet circuits?

I quickly realized 3 racks full of servers would require so much power and HVAC it would take up the space of the 3rd rack. (Economy of scale helps larger datacenters, we wouldn't have that at the start.) I'd probably have to install a security system. I'd have to to place the "storage shed" near the street to allow access outside normal business hours. I may have to deal with zoning issues. I'd probably have to run all power and data cables above the racks.

I thought I'd post here. Is anyone else doing this? Any lessons learned? Any information I haven't thought of, etc?

Learning python network automation

Are there any free tutorials that help explain and teach network automation using python scripts and maybe some sample projects to work on? If not, how did you learn to create python scripts to automate networking?

Advice on attic mounting networking equipment

I could not find a sub for home networking equipment. I have cat5E ran from my attic to all of my bedrooms, this was done by the previous owner. I want to put my modem, one AP, and my stnology NAS in the attic, currently they are next to my desk in my office. I am mostly worried about heat and dust affecting them. Any suggestions or things to look out for?

Daisy chained network switches.

I work for a company that has their network rebuilt several times over the last few years by several different people. Our current IT guy rebuilt the entire network from the ground up including running new cables to all 4 buildings. He's a 1099 to our company since he runs his own business and isn't always available.

Well just this passed Friday my building lost network access and our IT guy was unavailable which left me being the only one to try and get things running again. Not a problem.

There was a problem though, the switch from the main building wasn't communicating with the switch in my building and seemed to refuse to connect no matter what I did. We have one Dell T610, 2 R210's (1 isn't connected because it went to a building we had to vacate) and the 2 network switches are from Netgear. All what questions you need because Monday if our IT guy doesn't show I'm expected to fix this issue if it still exists.

Are we calling it Wi-Fi 6 or 802.11ax?

I know the differences between the two terms. I'm just wondering how you're referring to the new revision to the standard in conversation

SIEM monitoring and Metasploit attacks

Hi reddit,

I try to create a virtual environment on virtualbox. I will install 2 siem, then I will make attacks with metasploit and see how the siem respond.

I have installed security onion and now I try to install alienvault ossim. Except the big lag, the problem is that I can't access ossim via the chrome browser on Ubuntu.

Has anyone used any of these programs to help me with the process?

Tool to Measure the Amount of Disconnects?

Having issue with Virgin Media, had engineer look at exchange box, formatted Windows and bought new NIC for my PC but I am still having random influx of short disconnects. At peaks, roughly 10-15 disconnects in an hour.

Is there any tool that constantly measures the amount of disconnects on my computer, what time time and how long for? Just need some more data to see whether its my mobo on the PC, or the ethernet cable or the modem.

Ta,

Total Noob Trying to setup trailer park, needs help

Hey all;

First, my apologies, I'm a total newby at this stuff so please forgive my ignorances. I am trying to get the wifi network at my trailer park working better. The guy my boss hired previously installed a Comcast router/modem that has two Engenius ENH202 Outdoor Access points plugged into it.
It very regularly was disconnecting or not working so I tried a few things.
I replaced the comcast router/modem with a Linksys CM3024 Cable Modem and a Linksys EA7500 AC 1900 Router.
That helped a bit but still problems.
I've tried setting the Access points to have two seperate names.

That helped a bit but still problems.
I tried setting a schedule for the access points to reset themselves
That helped a bit but still problems.
I lowered the rts from 2346 to 2000 and I lowered agrehation from 50000 to 10000

That helped a bit but still problems.

So now I am still seeing the Engenius ENH202 access points from time to time say that I can connect to them but no internet is available. But when I connect to the router directly the internet is up and fine.

Does anyone have any advice on what I might try next?

Thank you so so much for any help

I'll paste the logg files of the Access points below in case that helps

Access Point A
Jun 21 18:45:54 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 WPA: pairwise key handshake completed (RSN)

Jun 21 18:45:53 ENH202 user.warn kernel: Node Added (NC = 15)

Jun 21 18:45:53 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: associated

Jun 21 18:45:01 ENH202 cron.info crond[1936]: crond: USER root pid 1480 cmd /usr/sbin/schedule.sh start

Jun 21 18:44:36 ENH202 user.warn kernel: Node Added (NC = 14)

Jun 21 18:44:36 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 WPA: pairwise key handshake completed (RSN)

Jun 21 18:44:36 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: associated

Jun 21 18:44:01 ENH202 cron.info crond[1936]: crond: USER root pid 1316 cmd /usr/sbin/schedule.sh start

Jun 21 18:43:01 ENH202 cron.info crond[1936]: crond: USER root pid 1152 cmd /usr/sbin/schedule.sh start

Jun 21 18:42:40 ENH202 user.warn kernel: Node deleted (NC = 13)

Jun 21 18:42:40 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: disassociated

Jun 21 18:42:40 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:42:37 ENH202 user.warn kernel: Node Added (NC = 14)

Jun 21 18:42:37 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: associated

Jun 21 18:42:36 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: disassociated

Jun 21 18:42:31 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: disassociated

Jun 21 18:42:14 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: disassociated

Jun 21 18:42:01 ENH202 cron.info crond[1936]: crond: USER root pid 988 cmd /usr/sbin/schedule.sh start

Jun 21 18:41:01 ENH202 cron.info crond[1936]: crond: USER root pid 823 cmd /usr/sbin/schedule.sh start

Jun 21 18:40:01 ENH202 cron.info crond[1936]: crond: USER root pid 659 cmd /usr/sbin/schedule.sh start

Jun 21 18:39:02 ENH202 cron.info crond[1936]: crond: USER root pid 493 cmd /usr/sbin/schedule.sh start

Jun 21 18:38:51 ENH202 user.warn kernel: Node deleted (NC = 13)

Jun 21 18:38:51 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: disassociated

Jun 21 18:38:01 ENH202 cron.info crond[1936]: crond: USER root pid 325 cmd /usr/sbin/schedule.sh start

Jun 21 18:37:01 ENH202 cron.info crond[1936]: crond: USER root pid 3957 cmd /usr/sbin/schedule.sh start

Jun 21 18:36:08 ENH202 user.warn kernel: Node deleted (NC = 14)

Jun 21 18:36:08 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: disassociated

Jun 21 18:36:08 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:36:05 ENH202 user.warn kernel: Node Added (NC = 15)

Jun 21 18:36:05 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: associated

Jun 21 18:36:01 ENH202 cron.info crond[1936]: crond: USER root pid 3793 cmd /usr/sbin/schedule.sh start

Jun 21 18:35:58 ENH202 user.warn kernel: Node deleted (NC = 14)

Jun 21 18:35:58 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: disassociated

Jun 21 18:35:58 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:35:55 ENH202 user.warn kernel: Node Added (NC = 15)

Jun 21 18:35:55 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: disassociated

Jun 21 18:35:55 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: associated

Jun 21 18:35:30 ENH202 user.warn kernel: Node deleted (NC = 13)

Jun 21 18:35:30 ENH202 user.warn kernel: Node Added (NC = 14)

Jun 21 18:35:30 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 WPA: pairwise key handshake completed (RSN)

Jun 21 18:35:30 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: disassociated

Jun 21 18:35:30 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: associated

Jun 21 18:35:01 ENH202 cron.info crond[1936]: crond: USER root pid 3629 cmd /usr/sbin/schedule.sh start

Jun 21 18:34:53 ENH202 user.warn kernel: Node Added (NC = 14)

Jun 21 18:34:53 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 WPA: pairwise key handshake completed (RSN)

Jun 21 18:34:53 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: associated

Jun 21 18:34:36 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 WPA: pairwise key handshake completed (RSN)

Jun 21 18:34:34 ENH202 user.warn kernel: Node Added (NC = 13)

Jun 21 18:34:34 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:34:31 ENH202 user.warn kernel: Node deleted (NC = 12)

Jun 21 18:34:31 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:34:29 ENH202 user.warn kernel: Node Added (NC = 13)

Jun 21 18:34:29 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:34:28 ENH202 user.warn kernel: Node deleted (NC = 12)

Jun 21 18:34:28 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:34:28 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:34:25 ENH202 user.warn kernel: Node Added (NC = 13)

Jun 21 18:34:25 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:34:24 ENH202 user.warn kernel: Node Added (NC = 12)

Jun 21 18:34:24 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 WPA: pairwise key handshake completed (RSN)

Jun 21 18:34:24 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: disassociated

Jun 21 18:34:24 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: associated

Jun 21 18:34:07 ENH202 user.warn kernel: Node deleted (NC = 11)

Jun 21 18:34:07 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: disassociated

Jun 21 18:34:07 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:34:03 ENH202 user.warn kernel: Node deleted (NC = 11)

Jun 21 18:34:03 ENH202 user.warn kernel: Node Added (NC = 12)

Jun 21 18:34:03 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: disassociated

Jun 21 18:34:03 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: associated

Jun 21 18:34:01 ENH202 cron.info crond[1936]: crond: USER root pid 3465 cmd /usr/sbin/schedule.sh start

Jun 21 18:33:01 ENH202 cron.info crond[1936]: crond: USER root pid 3301 cmd /usr/sbin/schedule.sh start

Jun 21 18:32:14 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: disassociated

Jun 21 18:32:01 ENH202 cron.info crond[1936]: crond: USER root pid 3137 cmd /usr/sbin/schedule.sh start

Jun 21 18:31:55 ENH202 daemon.info hostapd: ath0: STA a0:4e:a7:08:2b:13 IEEE 802.11: disassociated

Jun 21 18:31:01 ENH202 cron.info crond[1936]: crond: USER root pid 2973 cmd /usr/sbin/schedule.sh start

Jun 21 18:30:33 ENH202 user.warn kernel: Node Added (NC = 12)

Jun 21 18:30:33 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 WPA: pairwise key handshake completed (RSN)

Jun 21 18:30:33 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: disassociated

Jun 21 18:30:33 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: associated

Jun 21 18:30:01 ENH202 cron.info crond[1936]: crond: USER root pid 2809 cmd /usr/sbin/schedule.sh start

Jun 21 18:29:54 ENH202 user.warn kernel: Node Added (NC = 11)

Jun 21 18:29:54 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea WPA: pairwise key handshake completed (RSN)

Jun 21 18:29:54 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: associated

Jun 21 18:29:01 ENH202 cron.info crond[1936]: crond: USER root pid 2645 cmd /usr/sbin/schedule.sh start

Jun 21 18:28:01 ENH202 cron.info crond[1936]: crond: USER root pid 2481 cmd /usr/sbin/schedule.sh start

Jun 21 18:27:01 ENH202 cron.info crond[1936]: crond: USER root pid 2317 cmd /usr/sbin/schedule.sh start

Jun 21 18:26:49 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:26:48 ENH202 user.warn kernel: Node deleted (NC = 10)

Jun 21 18:26:48 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:26:48 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:26:45 ENH202 user.warn kernel: Node Added (NC = 11)

Jun 21 18:26:45 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:26:44 ENH202 user.warn kernel: Node deleted (NC = 10)

Jun 21 18:26:44 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:26:44 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:26:41 ENH202 user.warn kernel: Node deleted (NC = 10)

Jun 21 18:26:41 ENH202 user.warn kernel: Node Added (NC = 11)

Jun 21 18:26:41 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:26:41 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:26:01 ENH202 cron.info crond[1936]: crond: USER root pid 2153 cmd /usr/sbin/schedule.sh start

Jun 21 18:25:01 ENH202 cron.info crond[1936]: crond: USER root pid 1989 cmd /usr/sbin/schedule.sh start

Jun 21 18:24:24 ENH202 user.warn kernel: Node Added (NC = 11)

Jun 21 18:24:24 ENH202 daemon.info hostapd: ath0: STA c4:84:66:1f:41:44 WPA: pairwise key handshake completed (RSN)

Jun 21 18:24:24 ENH202 daemon.info hostapd: ath0: STA c4:84:66:1f:41:44 IEEE 802.11: associated

Jun 21 18:24:10 ENH202 daemon.info hostapd: ath0: STA c4:84:66:1f:41:44 IEEE 802.11: disassociated

Jun 21 18:24:05 ENH202 daemon.info hostapd: ath0: STA c4:84:66:1f:41:44 IEEE 802.11: disassociated

Jun 21 18:24:01 ENH202 cron.info crond[1936]: crond: USER root pid 1814 cmd /usr/sbin/schedule.sh start

Jun 21 18:23:01 ENH202 cron.info crond[1936]: crond: USER root pid 1644 cmd /usr/sbin/schedule.sh start

Jun 21 18:22:01 ENH202 cron.info crond[1936]: crond: USER root pid 1477 cmd /usr/sbin/schedule.sh start

Jun 21 18:21:01 ENH202 cron.info crond[1936]: crond: USER root pid 1313 cmd /usr/sbin/schedule.sh start

Jun 21 18:20:01 ENH202 cron.info crond[1936]: crond: USER root pid 1149 cmd /usr/sbin/schedule.sh start

Jun 21 18:19:01 ENH202 cron.info crond[1936]: crond: USER root pid 985 cmd /usr/sbin/schedule.sh start

Jun 21 18:18:29 ENH202 user.warn kernel: Node deleted (NC = 10)

Jun 21 18:18:01 ENH202 cron.info crond[1936]: crond: USER root pid 820 cmd /usr/sbin/schedule.sh start

Jun 21 18:18:01 ENH202 cron.err crond[1936]: user root: parse error at r:21

Jun 21 18:18:01 ENH202 cron.err crond[1936]: user root: parse error at r:15

Jun 21 18:18:01 ENH202 cron.err crond[1936]: user root: parse error at r:09

Jun 21 18:18:01 ENH202 cron.err crond[1936]: user root: parse error at r:03

Jun 21 18:18:01 ENH202 cron.err crond[1936]: user root: parse error at r:00

Jun 21 18:18:01 ENH202 cron.err crond[1936]: user root: parse error at n:00

Jun 21 18:17:01 ENH202 cron.info crond[1936]: crond: USER root pid 656 cmd /usr/sbin/schedule.sh start

Jun 21 18:16:14 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:16:02 ENH202 cron.info crond[1936]: crond: USER root pid 490 cmd /usr/sbin/schedule.sh start

Jun 21 18:15:58 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:15:01 ENH202 cron.info crond[1936]: crond: USER root pid 322 cmd /usr/sbin/schedule.sh start

Jun 21 18:14:01 ENH202 cron.info crond[1936]: crond: USER root pid 3954 cmd /usr/sbin/schedule.sh start

Jun 21 18:13:01 ENH202 cron.info crond[1936]: crond: USER root pid 3790 cmd /usr/sbin/schedule.sh start

Jun 21 18:12:58 ENH202 user.warn kernel: Node Added (NC = 11)

Jun 21 18:12:58 ENH202 daemon.info hostapd: ath0: STA 9c:e6:5e:80:e3:10 WPA: pairwise key handshake completed (RSN)

Jun 21 18:12:58 ENH202 daemon.info hostapd: ath0: STA 9c:e6:5e:80:e3:10 IEEE 802.11: disassociated

Jun 21 18:12:58 ENH202 daemon.info hostapd: ath0: STA 9c:e6:5e:80:e3:10 IEEE 802.11: associated

Jun 21 18:12:01 ENH202 cron.info crond[1936]: crond: USER root pid 3626 cmd /usr/sbin/schedule.sh start

Jun 21 18:11:34 ENH202 daemon.info hostapd: ath0: STA 28:a0:2b:99:14:c7 WPA: pairwise key handshake completed (RSN)

Jun 21 18:11:33 ENH202 user.warn kernel: Node Added (NC = 10)

Jun 21 18:11:33 ENH202 daemon.info hostapd: ath0: STA 28:a0:2b:99:14:c7 IEEE 802.11: associated

Jun 21 18:11:18 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 WPA: pairwise key handshake completed (RSN)

Jun 21 18:11:16 ENH202 user.warn kernel: Node Added (NC = 9)

Jun 21 18:11:16 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:11:13 ENH202 user.warn kernel: Node deleted (NC = 8)

Jun 21 18:11:13 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:11:09 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 WPA: received EAPOL-Key 2/4 Pairwise with unexpected replay counter

Jun 21 18:11:09 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 WPA: pairwise key handshake completed (RSN)

Jun 21 18:11:08 ENH202 user.warn kernel: Node Added (NC = 9)

Jun 21 18:11:08 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:11:01 ENH202 cron.info crond[1936]: crond: USER root pid 3462 cmd /usr/sbin/schedule.sh start

Jun 21 18:10:01 ENH202 cron.info crond[1936]: crond: USER root pid 3298 cmd /usr/sbin/schedule.sh start

Jun 21 18:09:01 ENH202 cron.info crond[1936]: crond: USER root pid 3134 cmd /usr/sbin/schedule.sh start

Jun 21 18:08:14 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: disassociated

Jun 21 18:08:07 ENH202 user.warn kernel: Node deleted (NC = 8)

Jun 21 18:08:07 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:08:01 ENH202 cron.info crond[1936]: crond: USER root pid 2970 cmd /usr/sbin/schedule.sh start

Jun 21 18:07:05 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea WPA: pairwise key handshake completed (RSN)

Jun 21 18:07:04 ENH202 user.warn kernel: Node Added (NC = 9)

Jun 21 18:07:04 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: associated

Jun 21 18:07:01 ENH202 cron.info crond[1936]: crond: USER root pid 2806 cmd /usr/sbin/schedule.sh start

Jun 21 18:06:42 ENH202 user.info kernel: ar9300_reset[5446]: ar9300_stop_dma_receive failed

Jun 21 18:06:42 ENH202 user.info kernel: ar9300_handle_radar_bb_panic: BB status=0x04000609 rifs=0 - disable

Jun 21 18:06:38 ENH202 user.warn kernel: Node Added (NC = 8)

Jun 21 18:06:38 ENH202 daemon.info hostapd: ath0: STA 58:e2:8f:4f:e6:f9 WPA: pairwise key handshake completed (RSN)

Jun 21 18:06:38 ENH202 daemon.info hostapd: ath0: STA 58:e2:8f:4f:e6:f9 IEEE 802.11: associated

Jun 21 18:06:01 ENH202 cron.info crond[1936]: crond: USER root pid 2642 cmd /usr/sbin/schedule.sh start

Jun 21 18:05:01 ENH202 cron.info crond[1936]: crond: USER root pid 2478 cmd /usr/sbin/schedule.sh start

Jun 21 18:04:01 ENH202 cron.info crond[1936]: crond: USER root pid 2314 cmd /usr/sbin/schedule.sh start

Jun 21 18:03:01 ENH202 cron.info crond[1936]: crond: USER root pid 2150 cmd /usr/sbin/schedule

---------------------------------------------------

Access Point B

Jun 21 18:39:44 ENH202 daemon.info hostapd: ath0: STA a4:e9:75:96:4a:ce IEEE 802.11: disassociated

Jun 21 18:39:20 ENH202 user.warn kernel: Node Added (NC = 7)

Jun 21 18:39:20 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 WPA: pairwise key handshake completed (RSN)

Jun 21 18:39:20 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: associated

Jun 21 18:39:19 ENH202 daemon.info hostapd: ath0: STA a4:e9:75:96:4a:ce IEEE 802.11: disassociated

Jun 21 18:39:01 ENH202 cron.info crond[1936]: crond: USER root pid 3656 cmd /usr/sbin/schedule.sh start

Jun 21 18:38:18 ENH202 user.warn kernel: Node Added (NC = 6)

Jun 21 18:38:18 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d WPA: pairwise key handshake completed (RSN)

Jun 21 18:38:18 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d IEEE 802.11: associated

Jun 21 18:38:01 ENH202 cron.info crond[1936]: crond: USER root pid 3492 cmd /usr/sbin/schedule.sh start

Jun 21 18:37:59 ENH202 user.warn kernel: Node deleted (NC = 5)

Jun 21 18:37:43 ENH202 user.warn kernel: Node deleted (NC = 6)

Jun 21 18:37:42 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d IEEE 802.11: disassociated

Jun 21 18:37:01 ENH202 cron.info crond[1936]: crond: USER root pid 3328 cmd /usr/sbin/schedule.sh start

Jun 21 18:36:01 ENH202 cron.info crond[1936]: crond: USER root pid 3164 cmd /usr/sbin/schedule.sh start

Jun 21 18:35:31 ENH202 user.warn kernel: Node deleted (NC = 7)

Jun 21 18:35:30 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: disassociated

Jun 21 18:35:07 ENH202 user.warn kernel: Node Added (NC = 8)

Jun 21 18:35:07 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 WPA: pairwise key handshake completed (RSN)

Jun 21 18:35:07 ENH202 daemon.info hostapd: ath0: STA 58:cb:52:4a:66:12 IEEE 802.11: associated

Jun 21 18:35:02 ENH202 cron.info crond[1936]: crond: USER root pid 3000 cmd /usr/sbin/schedule.sh start

Jun 21 18:34:44 ENH202 user.warn kernel: Node deleted (NC = 7)

Jun 21 18:34:14 ENH202 daemon.info hostapd: ath0: STA b8:63:4d:d6:f3:33 IEEE 802.11: disassociated

Jun 21 18:34:01 ENH202 cron.info crond[1936]: crond: USER root pid 2836 cmd /usr/sbin/schedule.sh start

Jun 21 18:33:01 ENH202 cron.info crond[1936]: crond: USER root pid 2672 cmd /usr/sbin/schedule.sh start

Jun 21 18:32:01 ENH202 cron.info crond[1936]: crond: USER root pid 2508 cmd /usr/sbin/schedule.sh start

Jun 21 18:31:01 ENH202 cron.info crond[1936]: crond: USER root pid 2344 cmd /usr/sbin/schedule.sh start

Jun 21 18:31:01 ENH202 cron.err crond[1936]: user root: parse error at r:21

Jun 21 18:31:01 ENH202 cron.err crond[1936]: user root: parse error at r:15

Jun 21 18:31:01 ENH202 cron.err crond[1936]: user root: parse error at r:09

Jun 21 18:31:01 ENH202 cron.err crond[1936]: user root: parse error at r:03

Jun 21 18:31:01 ENH202 cron.err crond[1936]: user root: parse error at r:00

Jun 21 18:31:01 ENH202 cron.err crond[1936]: user root: parse error at n:00

Jun 21 18:30:01 ENH202 cron.info crond[1936]: crond: USER root pid 2180 cmd /usr/sbin/schedule.sh start

Jun 21 18:29:01 ENH202 cron.info crond[1936]: crond: USER root pid 2016 cmd /usr/sbin/schedule.sh start

Jun 21 18:28:01 ENH202 cron.info crond[1936]: crond: USER root pid 1841 cmd /usr/sbin/schedule.sh start

Jun 21 18:27:01 ENH202 cron.info crond[1936]: crond: USER root pid 1673 cmd /usr/sbin/schedule.sh start

Jun 21 18:26:55 ENH202 user.warn kernel: Node Added (NC = 8)

Jun 21 18:26:55 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 WPA: pairwise key handshake completed (RSN)

Jun 21 18:26:55 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:26:01 ENH202 cron.info crond[1936]: crond: USER root pid 1504 cmd /usr/sbin/schedule.sh start

Jun 21 18:25:01 ENH202 cron.info crond[1936]: crond: USER root pid 1340 cmd /usr/sbin/schedule.sh start

Jun 21 18:24:01 ENH202 cron.info crond[1936]: crond: USER root pid 1176 cmd /usr/sbin/schedule.sh start

Jun 21 18:23:01 ENH202 cron.info crond[1936]: crond: USER root pid 1012 cmd /usr/sbin/schedule.sh start

Jun 21 18:22:01 ENH202 cron.info crond[1936]: crond: USER root pid 847 cmd /usr/sbin/schedule.sh start

Jun 21 18:21:01 ENH202 cron.info crond[1936]: crond: USER root pid 683 cmd /usr/sbin/schedule.sh start

Jun 21 18:20:01 ENH202 cron.info crond[1936]: crond: USER root pid 517 cmd /usr/sbin/schedule.sh start

Jun 21 18:19:20 ENH202 user.warn kernel: Node Added (NC = 7)

Jun 21 18:19:20 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea WPA: pairwise key handshake completed (RSN)

Jun 21 18:19:20 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: associated

Jun 21 18:19:01 ENH202 cron.info crond[1936]: crond: USER root pid 349 cmd /usr/sbin/schedule.sh start

Jun 21 18:18:01 ENH202 cron.info crond[1936]: crond: USER root pid 3981 cmd /usr/sbin/schedule.sh start

Jun 21 18:17:01 ENH202 cron.info crond[1936]: crond: USER root pid 3817 cmd /usr/sbin/schedule.sh start

Jun 21 18:16:01 ENH202 cron.info crond[1936]: crond: USER root pid 3653 cmd /usr/sbin/schedule.sh start

Jun 21 18:15:59 ENH202 user.warn kernel: Node deleted (NC = 6)

Jun 21 18:15:01 ENH202 cron.info crond[1936]: crond: USER root pid 3489 cmd /usr/sbin/schedule.sh start

Jun 21 18:14:01 ENH202 cron.info crond[1936]: crond: USER root pid 3325 cmd /usr/sbin/schedule.sh start

Jun 21 18:13:58 ENH202 user.warn kernel: Node deleted (NC = 7)

Jun 21 18:13:56 ENH202 daemon.info hostapd: ath0: STA 3c:28:6d:27:82:33 IEEE 802.11: disassociated

Jun 21 18:13:01 ENH202 cron.info crond[1936]: crond: USER root pid 3161 cmd /usr/sbin/schedule.sh start

Jun 21 18:12:20 ENH202 user.warn kernel: Node Added (NC = 8)

Jun 21 18:12:20 ENH202 daemon.info hostapd: ath0: STA 3c:28:6d:27:82:33 WPA: pairwise key handshake completed (RSN)

Jun 21 18:12:20 ENH202 daemon.info hostapd: ath0: STA 3c:28:6d:27:82:33 IEEE 802.11: disassociated

Jun 21 18:12:20 ENH202 daemon.info hostapd: ath0: STA 3c:28:6d:27:82:33 IEEE 802.11: associated

Jun 21 18:12:02 ENH202 cron.info crond[1936]: crond: USER root pid 2997 cmd /usr/sbin/schedule.sh start

Jun 21 18:11:55 ENH202 user.warn kernel: Node deleted (NC = 7)

Jun 21 18:11:52 ENH202 daemon.info hostapd: ath0: STA 3c:28:6d:27:82:33 IEEE 802.11: disassociated

Jun 21 18:11:34 ENH202 user.warn kernel: Node Added (NC = 8)

Jun 21 18:11:34 ENH202 daemon.info hostapd: ath0: STA 3c:28:6d:27:82:33 WPA: pairwise key handshake completed (RSN)

Jun 21 18:11:34 ENH202 daemon.info hostapd: ath0: STA 3c:28:6d:27:82:33 IEEE 802.11: associated

Jun 21 18:11:01 ENH202 cron.info crond[1936]: crond: USER root pid 2833 cmd /usr/sbin/schedule.sh start

Jun 21 18:10:29 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:10:01 ENH202 cron.info crond[1936]: crond: USER root pid 2669 cmd /usr/sbin/schedule.sh start

Jun 21 18:09:59 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:09:36 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:09:01 ENH202 cron.info crond[1936]: crond: USER root pid 2505 cmd /usr/sbin/schedule.sh start

Jun 21 18:08:01 ENH202 cron.info crond[1936]: crond: USER root pid 2341 cmd /usr/sbin/schedule.sh start

Jun 21 18:07:51 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 WPA: pairwise key handshake completed (RSN)

Jun 21 18:07:50 ENH202 user.warn kernel: Node Added (NC = 7)

Jun 21 18:07:50 ENH202 daemon.info hostapd: ath0: STA e4:b2:fb:09:57:35 IEEE 802.11: associated

Jun 21 18:07:06 ENH202 user.warn kernel: Node deleted (NC = 6)

Jun 21 18:07:03 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:07:01 ENH202 cron.info crond[1936]: crond: USER root pid 2177 cmd /usr/sbin/schedule.sh start

Jun 21 18:06:01 ENH202 cron.info crond[1936]: crond: USER root pid 2013 cmd /usr/sbin/schedule.sh start

Jun 21 18:05:01 ENH202 cron.info crond[1936]: crond: USER root pid 1838 cmd /usr/sbin/schedule.sh start

Jun 21 18:04:08 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 WPA: pairwise key handshake completed (RSN)

Jun 21 18:04:07 ENH202 user.warn kernel: Node Added (NC = 7)

Jun 21 18:04:07 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:04:01 ENH202 cron.info crond[1936]: crond: USER root pid 1670 cmd /usr/sbin/schedule.sh start

Jun 21 18:03:59 ENH202 user.warn kernel: Node deleted (NC = 6)

Jun 21 18:03:59 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:03:59 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:03:56 ENH202 user.warn kernel: Node Added (NC = 7)

Jun 21 18:03:56 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: disassociated

Jun 21 18:03:56 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: associated

Jun 21 18:03:47 ENH202 user.warn kernel: Node Added (NC = 6)

Jun 21 18:03:47 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea WPA: pairwise key handshake completed (RSN)

Jun 21 18:03:47 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:03:47 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: associated

Jun 21 18:03:01 ENH202 cron.info crond[1936]: crond: USER root pid 1501 cmd /usr/sbin/schedule.sh start

Jun 21 18:02:34 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d WPA: pairwise key handshake completed (RSN)

Jun 21 18:02:33 ENH202 user.warn kernel: Node Added (NC = 5)

Jun 21 18:02:33 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d IEEE 802.11: associated

Jun 21 18:02:02 ENH202 user.warn kernel: Node deleted (NC = 4)

Jun 21 18:02:02 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:02:02 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:02:01 ENH202 cron.info crond[1936]: crond: USER root pid 1337 cmd /usr/sbin/schedule.sh start

Jun 21 18:01:57 ENH202 user.warn kernel: Node Added (NC = 5)

Jun 21 18:01:57 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:01:57 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: associated

Jun 21 18:01:55 ENH202 user.warn kernel: Node deleted (NC = 4)

Jun 21 18:01:54 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d IEEE 802.11: disassociated

Jun 21 18:01:42 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:01:41 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:01:36 ENH202 user.warn kernel: Node Added (NC = 5)

Jun 21 18:01:36 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 WPA: pairwise key handshake completed (RSN)

Jun 21 18:01:36 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: disassociated

Jun 21 18:01:36 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: associated

Jun 21 18:01:35 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: disassociated

Jun 21 18:01:29 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:01:15 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: disassociated

Jun 21 18:01:13 ENH202 daemon.info hostapd: ath0: STA 88:66:a5:68:2d:ea IEEE 802.11: disassociated

Jun 21 18:01:10 ENH202 daemon.info hostapd: ath0: STA 70:56:81:a7:ee:a1 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:01:08 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d WPA: group key handshake completed (RSN)

Jun 21 18:01:07 ENH202 daemon.info hostapd: ath0: STA e8:93:09:2c:a7:00 WPA: group key handshake completed (RSN)

Jun 21 18:01:07 ENH202 daemon.info hostapd: ath0: STA a4:b8:05:9d:6c:a7 WPA: group key handshake completed (RSN)

Jun 21 18:01:07 ENH202 daemon.info hostapd: ath0: STA 08:05:81:3d:13:79 WPA: group key handshake completed (RSN)

Jun 21 18:01:01 ENH202 cron.info crond[1936]: crond: USER root pid 1173 cmd /usr/sbin/schedule.sh start

Jun 21 18:01:01 ENH202 cron.err crond[1936]: user root: parse error at r:21

Jun 21 18:01:01 ENH202 cron.err crond[1936]: user root: parse error at r:15

Jun 21 18:01:01 ENH202 cron.err crond[1936]: user root: parse error at r:09

Jun 21 18:01:01 ENH202 cron.err crond[1936]: user root: parse error at r:03

Jun 21 18:01:01 ENH202 cron.err crond[1936]: user root: parse error at r:00

Jun 21 18:01:01 ENH202 cron.err crond[1936]: user root: parse error at n:00

Jun 21 18:00:30 ENH202 user.warn kernel: Node deleted (NC = 4)

Jun 21 18:00:30 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: disassociated

Jun 21 18:00:30 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: deauthenticated due to local deauth request

Jun 21 18:00:27 ENH202 user.warn kernel: Node deleted (NC = 4)

Jun 21 18:00:27 ENH202 user.warn kernel: Node Added (NC = 5)

Jun 21 18:00:27 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: disassociated

Jun 21 18:00:27 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: associated

Jun 21 18:00:01 ENH202 cron.info crond[1936]: crond: USER root pid 1009 cmd /usr/sbin/schedule.sh start

Jun 21 17:59:01 ENH202 cron.info crond[1936]: crond: USER root pid 844 cmd /usr/sbin/schedule.sh start

Jun 21 17:58:44 ENH202 user.warn kernel: Node deleted (NC = 5)

Jun 21 17:58:39 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 WPA: pairwise key handshake completed (RSN)

Jun 21 17:58:37 ENH202 user.warn kernel: Node Added (NC = 6)

Jun 21 17:58:37 ENH202 daemon.info hostapd: ath0: STA 74:b5:87:bf:fe:36 IEEE 802.11: associated

Jun 21 17:58:10 ENH202 user.warn kernel: Node deleted (NC = 4)

Jun 21 17:58:10 ENH202 user.warn kernel: Node Added (NC = 5)

Jun 21 17:58:10 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d WPA: pairwise key handshake completed (RSN)

Jun 21 17:58:10 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d IEEE 802.11: disassociated

Jun 21 17:58:10 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d IEEE 802.11: associated

Jun 21 17:58:03 ENH202 daemon.info hostapd: ath0: STA 60:1d:91:8f:8d:7d WPA: pairwise key handshake completed (RSN)

Jun 21 17:58:02 ENH202 user.warn kernel: Node Added (NC = 5)

Jun 21 17:58:02 ENH202 daemon.info hostapd

Friday, June 21, 2019

how can tcp/udp connections work in a DMZ?

I can start connections (ssh, ftp, http, etc) from an internal server to another in a DMZ. What I don't understand is how can the server in the DMZ be able to perform the tcp handshake or send packets back. How does it work?

Is the firewall configured to allow the DMZ to reach the internal net only if the connection was started by the internal network? Does this require a statefull firewall?

Setup Viptela in Eve-ng?

Hi, just wondering if anyone here tried building a viptela lab? I'm setting up a SDWAN Viptela lab but I'm not able to open/run the node. My setup was based on the Eve-ng viptela procedure, After that I have modified the init.php and added the below list on node templates. then I downloaded 4 template which is .yml file and put it to ....html/template.

Added on node template:
'vtmgmt' => 'Cisco SDWAN vManage',
'vtbond' => 'Cisco SDWAN VtBond',
'vtedge' => 'Cisco SDWAN VtEdge',
'vtsmart' => 'Cisco SDWAN VtSmart'

,YML file.
vtsmart.yml, vtbond, vtmgmt, vtedge all .yml.

But when tried running on GUI this error pops up "Template does not exists or is not available (60031)."

Thanks

#network

Описание про работу BGP https://m.habr.com/ru/company/oleg-bunin/blog/456582/

VPN is not able to connect to internal and external resources unless IPV6 is unchecked on home wifi

We are using global protect VPN in our organization, if the users ISP is IPV6 supported they are unable to connect to
corporate resources and internet. It is only working if we uncheck the ipv6 on home wifi. Is there any solution for this? Were anyone experiencing the same issue. Please advice.
It is only happening on WINDOWS 10

Checked the interface metrics VPN has highest priority , Nslookup for domains working fine, ping and browsing not working.

Thanks

Procurve Snmp OID's

We use Autotask/ Datto to monitor our endpoints and we are moving our network equipment to the platform as well although it is not that intuitive, I can get the devices to show up via SNMP but to get the data from the devices it requires manual setup of OID rules, I am having issues finding IOD's that are relevant to monitor, I downloaded a file from HP that has a ton of OID numbers but 1 in 100 actually work for my devices, is there a resource that has common ones that i can use for switch monitoring?

Driver for Sun 4-Port Gigabit PCI-E Ethernet LAN Card Adapter ATLS1QGE

Documentation I found for these said to download the Intel I-350 drivers.

https://downloadcenter.intel.com/search?keyword=%20I350-T4

I'm not seeing any for Windows 2016... I hope I didn't waste cash for our cheapo-lab environment.

I downloaded the complete driver pack but my system says that there's "no intel devices installed" and it cancels it out.

I mean, I guess I could reload the machine with Mint or something, but I'm not sure how to do the DHCP stuff in a linux environment yet.

Virtual PC on Eve pinging issue

I am running a virtual network on eve and I keep on running into an issue with the built-in virtual PC on eve. I can ping from the VPC to the SVI and the interfaces on the switch that they connect too, however; I can't ping outside of the switch to another subnet and other devices can't ping the same VPC. The network that they're on is being advertised out.

Has anyone seen this issue?

Can you try solve my PS4 issue?

I am playing on PS4, my brother is in the same room he has his Xbox on. When he is on his Xbox it will cause my PlayStation to lag, I have tested it and I am 90% confident that is is when the Xbox is on that I lag, is there anything I can do about this. I am unable to move the PlayStation or Xbox.

He plays over WiFi. I play over Ethernet from a WiFi extender.

Thanks

Is there a use case of static routes combined with FHRP south bound?

Here is a simple topology. Will this make sense? What could even be the use case?

https://ibb.co/f850M5R

The R1 and R2 are running HSRP or VRRP pair with VIP as 192.168.0.1 and R1 as the active gateway with R2 as standby. The PC1&2 have default gateway to 192.168.0.1 and 172.16.7.1 respectively and both R1&R2 are default route to 1.1.1.1 on WAN router. The WAN router has two equal cost static routes for subnet 192.168.0.0/24 via 1.1.1.2 and 1.1.1.3.

So if R1&R2 were running dynamic routing protocols with WAN router, the topology would make sense from redundancy/failover perspective...but with static routes everywhere, what could be the benefits of using FHRP then?

Here are failure scenarios from what I can tell:

The R1 is the active gateway for 192.168.0.0/24 subnet. Somehow R1 port eth0/1 is down...PC2 would lose connectivity to PC1, vice versa; (even with track sla on WAN router for the static routes...)
The R1 is the active gateway for 192.168.0.0/24 subnet. Somehow R1 port eth0/0 is down OR R1 is down, communication between two PCs would failover to R2;
The R1 is the active gateway for 192.168.0.0/24 subnet. Somehow R2 port eth0/0 is down OR R2 is down, there should not be any communication impact between the two PCs.

Dedicated "WAN" Ports for individual VLANs on a single Multi-Layer Switch or Router?

Hello r/networking!

I'm looking for a solution for the following scenario:

- 5 Story building with 10 apartments (2 per floor)

- Single Network for the entire building.

- Each apartment will be assigned to a VLAN

- ACLs so that the apartments are isolated from each other.

- Only a single host/server must be accessible to all the VLANs.

- And the part I need help with: each VLAN must have it's own dedicated "WAN" port for a ISP connection. We want to give each apartment its own dedicated internet connection.

I could use all the help I can get.

Thanks a lot a have a great day (:

Convert from extending L2 (VLANS) to L3 routing

I have included a diagram that I quickly put together, https://i.imgur.com/275InwS.jpg

This is the current scenario, I'm extending L2 networks (which reside on the sonicwall) to each building (via fiber) into 48 port edgemax switches. There are about 7 buildings total, they are configured the same as building 1,2,3 in the drawing. All buildings share the same VLANs. Each VLAN does something specific (I have more than 4, but for saving space I only used 4).

For example:

VLAN 1- LAN
VLAN 2- WLAN
VLAN 3- Guest WLAN
VLAN 4- IP Cam Network
VLAN 5- VOIP Network
VLAN 6- Printer Network

My IP Camera Network is 192.168.4.0 /24 which means any IP Camera related component located in any building is assigned a 192.168.4.0 address from the DHCP Serve (Sonicwall). Same concept for LAN, WLAN, IP Phones, etc....

There is some redundancy in the network, I actually have two sonicwalls, configured in HA and two edgemax 16 port fiber switches in the main office, but I only included one of each in my drawing. Instead of two fiber cables going from each building to the edgemax 16 port (in my drawing), one fiber cable goes to one edgemax 16 port fiber switch and the second fiber cable goes to the second edgemax 16 port fiber switch.

Each building, however, only has a single network switch. That works for me (in this scenario) since the devices connecting to the switch only have one NIC.

Regardless, this question is more about routing.

I'm not looking to make any changes at this time, I'm trying to figure out the best way to set this up in a new environment (new property, new site, etc...) or if a rebuild were to happen, down the road, what could I do different.

Here is where I struggle....the design. I'm not sure what the best way to design this would be.

Do I start by going to the sonicwall, building a pt to pt network (/30) from the sonicwall to the first 16 port edgemax switch? Then building a second /30 from the sonicwall to the second 16 port edgemax switch?

From there, I'm not sure how each building talks back to their respective edgemax switches. I'm picturing everything having it own network and the routing protocol takes care of best path (if a link were to go down, etc).

At this point, this is more for learning, I'm not looking for configuration for each component. We do use a VAR and I'm not the only one on the networking team, but the others on my networking team don't want to discuss these types of things. They are either glorified help desk techs or 'older' and are set with how things are and even though I/we are not looking to change things, they don't want to waste time talking about it. With that mindset, I can't get anywhere with my internal resources. I'm sure the VAR would help even though it isn't cisco gear, but they'd also bill for their time, which is understandable, but not something I could approve.

Thanks in advance.

edit- changed /32 to /30, a mistake on my end.

Looking for firewall recommendations for small remote offices

I have two new remote offices with less than 10 devices each that I cannot get a direct circuit back into my mpls with from my service provider. They do have a vpn option where I can get internet services from a local provider and create an IPsec tunnel back into our private network.

We normally use ASAs at our egress points but this seems like overkill. We do have to have a firewall with reporting and monitoring capabilities per our security policies.

Would you have any recommendations for firewalls that's may fit this build?

I can put ASAs in there if necessary but just looking for other options.

Budget is not an issue.

Looking for Guidance/knowledge: why do ISP Routers struggle to maintain a LAN for Businesses?

I’ll try to keep this as short as possible:

I work in software, our company relies on iOS/android devices running our software to communicate over the LAN to external peripherals. Information is sent back and forth from device A to device B over the network and for whatever reason we have blacklisted nearly every ISP router, even ISP “business-grade” routers that we have ran into.

We generally push them to a specific router we have no issues with, my morbid curiosity wants to know why these ISP routers struggle with this though.

Are they just very cheap and poorly made? Why can these devices not maintain these connections over LAN?

Any nugget of knowledge would be greatly appreciated- thank you all!

Looking for "workstation/toolkit" recommendations for remote sites

So here's the thing, I have a client with a moron for a vm administrator. So I can't do the usual thing of getting a small windows or linux vm at each of the locations to run tools from.

I need to come up with something small and dead reliable for things like tftpd. There's a Pi version that runs off poe, so I could theoretically run a linux distro on that to do what I need. I'd just like something a bit more robust.

Any suggestions?

Port Channel Link Performance Question

Our network has two data centers. Uplinks for both went from a HP 5412 at each site to a single 6509, the sole router, at a 3rd location, each on a single 10 gig link. I'm moving this in stages off the router on a stick design to Cisco 9500s at all 3 locations in a 3 point fiber ring using dynamic routing. Once the ring is fully formed, we'll start pushing SVIs down dispersed to all 3 locations where appropriate.

I moved the uplink for one DC, we'll call it DC1 and the other DC2, last night from the single 10 gig trunk that homeruns to the 6509 to a 2 10 gig link port channel on the Cisco 9500 stack on site. From there, it uplinks to the 9500 stack in the same location as the 6509. One of the 2 links was throwing massive CRCs. Not sure why yet. I'll start troubleshooting that at layer 1 piece by piece later. For now, I've disabled it.

iPerf tests to a server in DC1 are now about have the bandwidth they were before the cutover:

4] local 172.22.115.72 port 27267 connected to 172.16.16.131 port 5201

[ ID] Interval Transfer Bandwidth

[ 4] 0.00-1.00 sec 54.2 MBytes 455 Mbits/sec

[ 4] 1.00-2.00 sec 56.4 MBytes 473 Mbits/sec

[ 4] 2.00-3.00 sec 56.0 MBytes 470 Mbits/sec

[ 4] 3.00-4.00 sec 55.8 MBytes 467 Mbits/sec

[ 4] 4.00-5.00 sec 56.1 MBytes 471 Mbits/sec

[ 4] 5.00-6.00 sec 55.4 MBytes 464 Mbits/sec

[ 4] 6.00-7.00 sec 54.4 MBytes 456 Mbits/sec

[ 4] 7.00-8.00 sec 56.0 MBytes 470 Mbits/sec

[ 4] 8.00-9.00 sec 56.2 MBytes 472 Mbits/sec

[ 4] 9.00-10.00 sec 56.1 MBytes 471 Mbits/sec

- - - - - - - - - - - - - - - - - - - - - - - - -

[ ID] Interval Transfer Bandwidth

[ 4] 0.00-10.00 sec 557 MBytes 467 Mbits/sec sender

[ 4] 0.00-10.00 sec 557 MBytes 467 Mbits/sec receiver

Whereas iPerf tests to a server in DC2, still on the legacy link, are about 2x that (and what DC1 speeds used to be before the cutover):

4] local 172.22.115.72 port 27399 connected to 172.16.16.48 port 5201

[ ID] Interval Transfer Bandwidth

[ 4] 0.00-1.00 sec 112 MBytes 935 Mbits/sec

[ 4] 1.00-2.00 sec 111 MBytes 933 Mbits/sec

[ 4] 2.00-3.00 sec 112 MBytes 936 Mbits/sec

[ 4] 3.00-4.00 sec 112 MBytes 939 Mbits/sec

[ 4] 4.00-5.00 sec 112 MBytes 940 Mbits/sec

[ 4] 5.00-6.00 sec 112 MBytes 938 Mbits/sec

[ 4] 6.00-7.00 sec 112 MBytes 940 Mbits/sec

[ 4] 7.00-8.00 sec 112 MBytes 935 Mbits/sec

[ 4] 8.00-9.00 sec 109 MBytes 916 Mbits/sec

[ 4] 9.00-10.00 sec 112 MBytes 940 Mbits/sec

- - - - - - - - - - - - - - - - - - - - - - - - -

[ ID] Interval Transfer Bandwidth

[ 4] 0.00-10.00 sec 1.09 GBytes 935 Mbits/sec sender

[ 4] 0.00-10.00 sec 1.09 GBytes 935 Mbits/sec receiver

My question is, while both links are technically 10G, would the link at DC1 being one half of a two link port channel cause it to run at only around half its capability? Is it somehow expecting the second link to balance and carry the load, even though it's disabled? Would changing this link to a standard trunk instead increase performance? Thanks in advance.

Alternatives to APC

Long ago was surprised to find that non-APC serial cables connected to APC power units caused them to have a power interruption that took down everything connected to them (so much for the 'power backup' part of the product description). So dumpster meat. Many years/jobs pass. New job. Admin for APC units complains that too many SNMP queries in a short time does the same thing or just causes the comm to reboot, and they only do SNMPv1. People still buy stuff like this? Alternatives people have used? Experiences?

Palo Alto %k cluster keeps losing connectivity to LDAP servers

Hello,

We are encountering a weird issue on our Palo cluster.

Sometimes, the cluster loses the connection to the LDAP servers for no reason.

The side effet of this is that some of our username based rules are no longer working...

Have you ever had this kind of bug on your devices ?

How did you solve this issue ?

Thanks.

Firepower FTD SSL Decryption experiences

Hey Guys,

what are your experiences with Firepower FTD's SSL/TLS decryption feature? (Known key method and resign method).

What do you think about the onboard SSL chips? See https://www.lammle.com/post/cisco-21004100-built-ssl-chip/

My only experience is Symantec (former Blue Coat) SSL Visibility Appliance inline decrypting the traffic and pushing it to Firepower.

PS: Please no Firepower rant, we've had enough in r/networking. Some of us have to deal with Firepower, if we like it or not :-)

Have a good friday and a wonderful weekend!

Remote volunteer opportunities?

So I'm a (largely) remote network engineer and I've been meaning to look into volunteer opportunities but have rarely come across anything and anything I did find left people (understandably) nervous about an anonymous person helping. Ideally I'd love to help political campaigns or small-scale non-profits, but I guess I need to start somewhere smaller to build my credibility. Does anyone have any suggestions or leads on where I might start? I also realize there's limited use for a solely remote network professional, but I also have reasonably decent *nix systems management and generic user assistance experience. Anyway, thanks in advance for any thoughts...

Which technique allows to end a sequence of requests without modifying a protocol ?

Hello, I'm studying for an incoming network exam, so I'm redoing old exams to get prepared. One of the question I have trouble with is the following :

Which technique allows to end a sequence of requests without modifying a protocol ?

One answer among the following is the correct one :

a) Sending an empty message

b) Sending an erroneous message

c) Using a timeout

d) Sending an error code

I would say that response A and C are doesn't require to modify a protocol, but I can't choose between them. What do you think ?

BGP: Advertising same IP Prefix at 2 Locations (Active/Inactive)

Hi,

Assuming we are migrating servers from Site A to Site B and we will have 2 ISPs at 2 different locations advertising the same IP Prefix, with an EoIP tunnel for purpose of migration.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Site A Router (IP Prefix configured in BGP) - - 1.2.3.0/24 (ISP A)

|| EoIP Tunnel ||

Site B Router (IP Prefix not configured in BGP) - - 1.2.3.0/24 (ISP B)

++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Question:

If Site B Router is not configured to advertise the IP Prefix in BGP setup, will internet traffic still flow to Site B despite having the IP prefix being advertised by both ISPs?

Ideally, Site B should only go 'live' after migration is fully completed and Site A Router will be shutdown following that. I am trying to simplify the process without involving load sharing/redundancy setup.

Please advise. Thank you :)

Is it possible to get all certs from an ip address running SNI without knowing each CN/SAN?

With openssl, you can dump a cert from an ip address with:

openssl s_client -connect 93.184.216.34:443 | openssl x509 -noout -text

Which gives the single cert on non-SNI hosts, or the default SNI cert on SNI hosts.

Is there an equivalent way to dump every cert on a host using SNI without knowing any of the CN/SAN?

The idea here is to do a quick discovery of all certs on all our Load Balancers. Worked well before, but SNI is throwing a wrench into this.

Best online training service in 2019 ?

Hey, i have a hard time chosing a good online training service. I mainly looked into cbtnuggets and pluralsight. I like the engaging style of cbtnuggets but i feel like pluralsight covers more topics. What are your recommendations ?

Thanks !

Thursday, June 20, 2019

DC guys, how do you lab?

Hi everyone. So I've just continued working on my journey to DC train/certify and I'm pretty sure this would be difficult to lab virtually. What do you guys use for labbing? Rack rentals, cheap switches (nexus?) ?

I got to go inside AT&T’s Yosemite Valley Central Office today.

TLDR: When an AT&T tech asks you if you would like to use the restroom inside the Central Office, you take that opportunity.

I am a Network Engineer for a 110 branch public library system in Central California, this includes having two branches in Yosemite National Park. One of the branches is on the valley floor hidden away in a residential area; most people miss it and it’s not open on the weekends as it mostly services park employees. I was there today with two AT&T techs working on bringing up a new T1 line. We ended up leaving the site without the new T1 working due to a screw up on AT&Ts end. The new circuit was installs long enough ago that someone took it down because it didn’t have a router connected to make it active.

On the way out the door one of the AT&T techs said he was going to drop by the CO to use the restroom and gave me an offer to use it as well. I could not pass up this offer and I purposely ignored the fact that the little Yosemite library does have a restroom. The CO was right down the road so it was a short walk.

The CO was bigger than excepted and of course you wouldn’t know what the building was if you walked right by it. Yosemite Valley is so remote that everything: T1s, POTS lines, DSL, and cell service are all backhauled up and out of the valley over microwave. No copper trunk lines, no fiber. Most of AT&T’s microwave network was replaced with fiber a long time ago, but not here, the NPS won’t let them run fiber into the park.

It was very cool, I did take pictures but I don’t think AT&T would like me posting them all over the internet.

Dual raspberry pi iperf setup?

Good enough to test cat 6 cables consistently?

Cisco AnyConnect client initial starting issue?

The first 1 minutes is very unstable and it will take 2-3 times to reconnect and reconnect , after 1 minute , the session will be stable and no disconnection will happen. The anyconnect logs doesn't give much information apart from saying connected, then attempting again.

Any ideas how to troubleshoot?

Blogpost Friday!

It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts

Feel free to submit your blog post and as well a nice description to this thread.

What happens if I shut down the links between spines and two leafs that connect only servers that only talk to each other. The VXLAN and BGP EVPN configs will remain unchanged

Q Question for the VXLAN/BGP EVPN gurus: I have a pair of leafs that are connected via VPC (switch end) and LACP (server end) to servers. The traffic is just between servers nothing outside of these two leafs is needed. They are configured to use anycast gateway. Do you foresee any problem if I shut down the links between this pair of leafs and the spines but I leave the evpn/vni/anycast gateway and all that there ?

How could I have done this more cleanly? ASA question

Obligatory I didn't initially set this up disclaimer.

My public garbage wifi traffic circuit has a 3850 MDF and a single ASA5525x . This obviously isn't a huge deal if it goes out for a few minutes, which I why I did it today. Plain old router on a stick setup. However, the circuit was bumped from 500 to 1g recently, and as I suspected, it's not going to see all that throughput because the trunk is a single 1g copper. There's vlan interfaces for the clients traffic, management, wifi controller backhauls, pretty standard stuff. Pointing out the obvious here that it's not optimal since all that intervlan traffic is being routed through that same port. I can operate Cisco, but I'm not an expert by any means.

I run over to the DC today to cure that bottleneck. As I feared there aren't any SFP+ cages on the ASA, so instead I decide to build a LAG between the 3850 and the ASA. Backed up both configs to tftp and I also like to paste them plaintext into a notepad++ additionally just in case. I set up the "port-channels"(hate that marketing bullshit term) carve out two unused ports on each device, and get ready to move the vlans from one interface to the LAG. Problem one: The ASA didn't seem capable of moving the vlans to another interface that I could find. I can accomplish this in two clicks on a Mikrotik, so that threw me. I was already in my window, so I copied all the subinterface code out of my handy little notepad++, make no int ge0/1.x commands, ctrl+H the existing commands to say port-channel 1.x, nuke the vlans off the old port Name the LAG "inside" and set security level to 1 and voila!

Problem 2: When I did that, the ASA decided to delete all the inside/outside NAT rules on the box. I pasted them back in from my notepad, but it did cause a brief loss of connectivity and dropped a couple of lan to lan tunnels temporarily. This is garbage traffic so no real harm done, but I want to learn from this. Is there a way to complete a task like this more cleanly on an ASA?

tia

Our company is looking to build a 40 rack data center, what are some tips / best practices to employ?

In our region overseas renting rack space AR data centers is very expensive, so building one inside the floor of a nearby building seems to make the most sense.

We anticipate needing 5 racks, but we should have room for 40 total as the space is 2500 Sq feet.

Some things I have in mind are epoxy floors versus raised (recommended by APC in a recent white paper), redundant power, hot and cold zones, a generator on the roof for backup with an ATS and dual redundant air conditioning. Each rack would also have APC? UPS at the bottom.

I've never built data center before so I am looking for all the advice you may have before we start talking to the contractors.

Opinions, are Bcs,bachelors,masters important when applying for networking roles?

from the wide range of networking roles, job titles varying from entry & senior network engineers,designers,architects, will it be wise to work on these school degrees?

also from a general point of view, the degrees that are a little lower than bachelors, will they also be able to get you roles more easily at big companies like FANG.

What type of fiber are you guys using for 100Gb runs (200m)?

Pretty simple post today -

Looking to run some fiber for a link inside a building, and realistically 40Gb or a few 10Gb would be fine, but the switches on both ends support 100Gb, so I'm looking into that option.

The question is, are there any readily available fiber products to support this distance? Looks like OM5 is starting to show itself in the market now, and I'm trying to figure out what the best option is for 100Gbps at 200 Meters.

Would you guys recommend OM5 with MTP-12 cassettes on both ends? Or move to single-mode? Nothing against it, just haven't worked with it in the past.

Is Cisco Firepower URL Filtering Really Working?

Hi there, we are thinking of moving our URL filtering to Cisco Firepower. Is this product now reliable or it's still buggy and still behind competitors? If yes, what product/products would you recommend?

IDS/IPS and Encrypted Traffic

We are evaluating a number of NGFW/L7 Firewall products, and some of them claim that they have a magic signature matching capability that works even on encrypted traffic.

Has anyone seriously and rigorously evaluated these claims? I get that SSL inspection can solve this problem, but can any vendor really provide meaningful data and protection against encrypted traffic?

Network Refresh

Hi all!

We are in the process of generating an RFP for an entire network refresh for both the wired and wireless network.

We are a medium sized org in higher ed supporting around 600 employees and a few thousand students. We last upgraded our network about ten years ago and a lot of things have changed in the networking world since - 3 of our team of 4 were not here yet and the 4th was not super involved in that process at the time.

I'm wondering if anyone else here has been through something similar and has any stories/tips to share regarding the experience. I am really looking for any advice I can find - things to look out for/look into/avoid/be wary of, ways to help manage it as a small team, handling the negotiating, whatever.

If I were giving these tips, these are the types of things I would probably say. Please feel free to add to these, correct me, or just use it as inspiration:

Watch out for licensing fees. I've heard a company may propose a certain cost in the RFP for the initial purchase but then increase the prices drastically for any purchases afterward once you're locked into a contract. (Is there a way to help avoid that?)
Think about what you need for maintenance. Some vendors (I'm not sure how common it is) will provide basic support just under the warranty of a switch and will suggest you purchase a support contract for just your core switches.
Speaking of core switches, it seems like some companies do this differently. Some have real cores that are huge beasts and sometimes have extra features. You basically need them. Other vendors have a slimmer approach with 1U fiber switches. It obviously depends on a lot of factors and I'm not sure which is more common/best practice, or if one is even preferred.
Since you're upgrading both wired and wireless, watch out for the POE requirements on the wireless. 802.11AX requires more power (802.3bt) and your switches need to support that. What was once able to do everything - 802.3at (POE+) is no longer enough. (Also, how does this affect power costs for your company?)
Think about whether you should buy wired and wireless from the same vendor, or do them separately. (Looking for any advice on this one especially)

Sorry the post is a bit all over the place. The project is a huge scope so I'm really looking for any tips/experiences at all that can help make this successful!

Thanks!

Data center climate monitoring

Can anyone recommend a moderately priced hard wired temp sensor for a small data center? Looking for reliability and durability. The current unit we’re using is way old and has a very wonky limited interface. Thanks in advance!

Aruba Client MAC Authentication Issue

Hello all, first post here for me but I'm running into a strange issue and wanted to see if anyone might have some insight.

I'm working with a client that is having issues with a device that won't content to their WLAN unless it's MAC is deleted from the controller's user-table. They do MAC authentication paired with PSK for these devices.

The device will associate to the SSID but never sends a MAC authentication request. Debug logs from the controller confirm this. I have them checking their authentication server to see if there's any entries for the affected devices and have also requested to see if their AAA profile for the group this device belongs to is configured correctly. Additionally I've requested they look to see if there's any IPS/IDS funkiness going on. As soon as the device is removed from the user-table, it will reauthenticate. It seems to me that there is something going on with their system not purging an entry for these devices, but I'm not familiar enough with Aruba to say that for certain.

I'm still a fairly new Network Engineer, having spent the bulk of my career to this point doing more end user support. I am eager to learn however. Any other avenues I should pursue on this? I can't share the actual debugs, otherwise I'd add them here as well.

Thanks!

Software for creating a network map/schema

Hello

I'm a fresh admin at a small company and the last IT guy left me quite a mess, no documentation whatsoever. I want to put it all on paper (pixel paper), document it correctly so I have a good visual map on how the network looks like. I actually have it on paper, but obviously want to create a proper map that's manageable later.

What I have here are a couple of 50 port switches, 24 port patch panels and a load of smaller switches, some 60 devices plus a server rack with some servers. Because of this I'd really like the software to have the capability of setting up links between devices per port.

What software would you guys recommend for this? Of course if possible, open-source/free, but other options are welcome aswell.

What do you use, what are your experiences?

Looking for a recommendation to replace IP and SIP intercom. Currently using Zenitel TCIS-3 but the button keeps failing.

So we've been using this Zenitel intercom. We use them outside of doors and gates. The user pushes the button, it calls a VOIP phone, the employee picks up and can hit a button to trigger the door or gate to open. Very simple.

The symptom is basically that the button becomes unresponsive. We can communicate with the intercom on the network, configure it, hear audio when its extension is called, etc. Circuit board lights are lit appropriately, power is good, the button to ring is just not functional at all. I can reboot it (POE), but the problem persists.

The thing is that we've had to replace four of this model in the past 12-18 months or so. We're located in the southeast, so it's very humid and we get tropical systems yearly (can mean days of horizontal rain). I assume that's where the issue stems from. The circuit board doesn't appear to have any water intrusion or corrosion, but that's the only thing I can think of that would cause the issue. Our indoor Zenitel intercoms have not had any issues. So it's either weather or poor design. Either way, I need to find an alternative. Does anybody have any tried and true IP/SIP intercom suggestions?

Thanks!

VX-lan / spine leaf benefit vs fabricpath

Hi all,

Looking for some feedback here on why we’d need VXLan and the benefit of spine/leaf. We’re launching a complete DC refresh. Currently have 6 PODs each running a pair of Nexus 5Ks, all going back to a pair of 7Ks running fabricpath. All paths are active/active, and the fabric pretty much builds itself. Super easy to configure / maintain. We probably have 2000-2500 servers of which I estimate 70-80% to be virtualized. The number of physical changes in our DC is low.

Since fabricpath is pretty much dead, we need a new fabric technology that keeps spanning tree out of the backbone and allows us to utilize all links.

Today all our svi’s are on our 7Ks, we trunk all vlans to all the 5Ks and pretty much trunk all to all UCS FI’s as well. This gives compute the flexibility of vmotion without re-ip or networks involvement.

From my understanding with a spine/leaf infrastructure you wouldn’t connect anything other than leafs on the spine. You’d dedicate a pair of leafs for your border/wan connectivity, you’d dedicate a pair as your services leaf and make everything two hops away.

How is this better than terminating your wan Connectivity and services / firewall in the core making it only one hop for all your workloads?

How does vxlan make my DC better than how we have it setup today with basic vlan trunking?

We don’t have a requirement to vmotion offsite nor do active/active DR. No requirement to host the same ip space in a different site. We’re not multi-tenant and don’t need more than 4000 vlans.

Thanks for your thoughts!

Experience with FS fiber patch cables?

Are the FS patch cables (9/125 Duplex UPC) up to par on quality with their transceivers? About to place an order and they are substantially cheaper than the other common brands in our area (Tripp-Lite, Legrand, ...).
We have changed over to them for transceivers. Wondering how their fiber cables are.

Need to replace to DMZ switches, just looking for feedback on if this would be a good replacement.

Basically just need to have a stack of 2 switches, 24 ports each that service for vlans coming off our firewall. They will also have links to the Nexus into the UCS.

Was thinking just (2) WS-C3850-24T-L's?

What do you all think? They will just be servicing on Layer 2 and have some PO's on 'em.

Cisco 9300. Setting bandwidth restrictions per vlan on trunk?

I need to limit varying speeds to different VLAN's which all exist on the same trunk interface on a Cisco 9300 switch.

I though I could just do a policy-map with a shape average and apply it to each vlan but although it doesn't come up with an error when doing this it doesn't take the config. It just doesn't apply it to the vlan interface.

Example:

policy-map 40Mbps
class class-default
shape average 40000000

Interface vlan 10
ip address 10.0.0.1 255.255.255.0
service-policy output 40Mbps

This is how I would usually control the bandwidth allocation per port but this obviously doesn't work per vlan.

Can anyone offer advise as to what the preffered method would be to control bandwidth on a per vlan basis if the trunk is carrying multiple vlans with varying bandwidths:

vlan 10 - 40Mb
vlan 20 - 80Mb etc

Thanks

Nexus 9k & VPC

I'm currently setting up a pair of 93108s and a pair of 9348 as top of cab switches at our core datacentre. The 9348 are to be used for the routing and the 93108's are for the servers / iSCSI traffic etc.

Currently we have 3650's in the core so this should be a big upgrade hopefully.

I have the keepalives running between the pair's via their management interfaces. then have a QSFP LACP connection between each 9348 and 93108.

Picture in this link:

https://1drv.ms/u/s!AqQft0-q9td6h-V7pJ14HYMAhpE_Yg?e=85i04D

However I'm testing the VPC config with a test server in a lab environment and whilst I have the VPC showing as up for the test server (1 port connected to each 93108), when testing shutting an interface to simulate a lost switch I lose connectivity to the server.

Oddly if I shut the interface on the 'bottom' switch (as per the linked picture) I just lose connectivity externally, RDP sessions stay alive and an internal ping to the switch continues . however if I shut the interface on the upper switch I lose everything, the RDP session is lost etc.

Obviously I've miss-configured it somewhere but I'm not 100% as to where I've gone wrong!

Show VPC

(*) - local vPC is down, forwarding via vPC peer-link

vPC domain id : 1

Peer status : peer adjacency formed ok

vPC keep-alive status : peer is alive

Configuration consistency status : success

Per-vlan consistency status : success

Type-2 consistency status : success

vPC role : primary, operational secondary

Number of vPCs configured : 1

Peer Gateway : Disabled

Dual-active excluded VLANs : -

Graceful Consistency Check : Enabled

Auto-recovery status : Disabled

Delay-restore status : Timer is off.(timeout = 30s)

Delay-restore SVI status : Timer is off.(timeout = 10s)

Operational Layer3 Peer-router : Disabled

vPC Peer-link status

---------------------------------------------------------------------

id Port Status Active vlans

-- ---- ------ -------------------------------------------------

1 Po50 up 1,99-100,103-106,112,115,149-152,203,300-302,400-

403,410-412,450,460,600,678,800,820-821,850,900-9

01,990,999

vPC status

----------------------------------------------------------------------------

Id Port Status Consistency Reason Active vlans

-- ------------ ------ ----------- ------ ---------------

48 Po48 up success success 203

I can post the config but there's not a lot to vpc, so I'm not really sure how I've got it wrong!