I think this has to do with the Marvell controller (on a Surface Pro 3) as the same user doesn't have this problem on other devices. I also upgraded him from Win8 to Win10, and have used different user accounts to attempt to log in, and still no luck.
Saturday, June 13, 2020
I need some info on Local Server and NAS...
Is it possible to curate an app to access specific data from NAS? Like a SQL server on WWW, but limited to Local Network: accessible through PC and mobile devices connected to local network by wired or wireless connection. I'm learning C# and JavaScript, so could guide me to that path, please...
400G CDFP to 4x QSFP28 Cable?
I need a few breakout cables for 400G CDFP to 4x 100G QSFP28. We have previously purchased CDFP to CDFP cables from Molex, but they don't appear to make any breakouts. Anybody know where to get something suitable?
telecommunications or network engineers How is the profession? What are your job opportunities?
telecommunications or network engineers How is the profession? What are your job opportunities?
Any help? I'm trying to configure TP LInk r470t+ Load balancer.
Is it possible to consolidate two ISPs so if one goes down the other acts as a backup and not lose connection to the internet? I've been trying to setup failover on load balancer. Unchecked optimized routing, but nothing seems to work. If the primary wan goes down the backup wan won't backup.
Why do routers exist if switches can connect anything anyways?
I don't understand the need for routers.
The first time using RDP need HELP !
Hi everyone
I use an RDP from VULTRVPS for my first time I connect to Australia server
but the problem is when I use an IP checker I use this site ( https://whoer.net/ )
I fount THE IP ADDRESS is more DEFRENT to DNS I fount the DNS in japan and the IP in Australia
pls, I need help !!
Using SPAN port on Ruckus - how do you setup the receiving client?
I am trying to diagnose a weird DHCP/ARP issue for a new network device we're looking to deploy. (Basically, it's not picking up a DHCP lease on our netowrk, vendor says to get a packet capture).
I would like to take a packet capture for all traffic for that device, as soon as it gets plugged in.
I know some switches (e.g. Cisco/Arista) can take packet captures on the switch itself.
For this lab, we just have a basic Ruckus 7150 switch setup - which I don't believe allows that.
(Question - If anybody knows a simple way to take a simple packet capture on the Ruckus switch, please let me know.)
The 7150 can however, configure a port mirror - which is basically a SPAN port, right?
So I was thinking I could setup a port mirror, and plug that port into my Macbook, and capture traffic that way. I do have Wireshark installed on the Macbook.
(My Macbook also obviously has wifi - so I would still have normal network connectivity through that).
My question is - what setup do I need to do on the receiving device? (Macbook)
Monitor what process is using up my upload
Dear all,
dunno if this is the right place to post, but I hope you can help me out.
Apparently one or more of our devices are using up all our upload making our internet extremely slow in periods during the day. The technician from our internet provider guessed it could be some cloud service syncing.
Afaik this have never been an issue beforehand, so I'd like to see if it's possible to detect which process is causing all that traffic jamming our connection multiple times during the day.
Is this possible?
How do public wifi networks track and log web traffic?
Hi, I need to figure out how a public wifi network may log user's web traffic. Which is the best way to do this? Through proxy or DNS maybe?
I tried to look it up online, however, I didn't find much.
Anyone can help?
MAC Address to Host Name and OS resolution
I have about 50 devices on my network. I manage the devices with the following hardware:
- Meraki MX65 (Firewall)
- Unifi Controller
- Unifi Cloud Key
- Unifi 8-Port Switch
- 6 AP's
- Fingbox (Network Management to block kids at their bedtime)
- Synology DiskStation 1019+ (NAS)
I don't have any VLAN's right now, but will probably set it up in the future to separate my work and family networks.
The problem is each network management device has its own way of showing the devices on the network. If I give a device a readable name on the Meraki, it may just show the name as something like hubv2-d052a826xxxxxxx on Fing and the Unifi controller. Also, sometimes the Meraki will show a device having a "Mac OS X 10.9 " when it's a windows device. I'd also like to correct this so it's always showing the correcting OS globally.
Is there a way to associate a mac address to a name, OS, etc ... on a global level on the network so regardless of which tool I use to manage the network, it'll always show the human readable name?
Help needed to troubleshoot Forticlient VPN issue.
Attached is the capture of Forticlient VPN which is initiating from our local network. It is configured as Quick mode with mode config and the first three messages are fine .
Initial message from my network to remote FG FW via UDP 500, then from remote FG FW to my network via UDP 500 and the last message of Phase 1 from my network to remote FG FW via NAT-T.
All these ports are opened in our FW.
But I can see another Aggressive message from Server to client instead of going to mode config message.
But with the same config file, it is connecting via mobile data.
Any suggestions to resolve the issue.
Simple subnet calculation tool
There are many subnet calculators out there, but I've not found one specifically combining the details I'm regularly doing in my head, so I finally sat down and wrote this little thing.
You can go directly to a network by appending the ip/CIDR mask, ie:
https://ip.iceborn.ca/8.8.8.8/24
The tool provides the network and broadcast addresses of the current network, along with usable addresses. There is a binary representation of the address and netmask. You can also quickly browse adjacent networks. This works well for my use case, hopefully it's handy to someone else. Code is open and MIT licensed, you can see that and provide feedback or bugs by clicking the Feedback link on the page.
Help troubleshoot partial collapse or routing issue on a VPN tunnel?
-
We have a site-to-site VPN to a server at Rackspace that is running running a web app. This tunnel operates under the 192.168.1.0/22 subnet.
-
On the other side of that tunnel is an office location with a Cisco Meraki appliance. The local network at the office is using a 10.0.2.0/24 subnet.
-
The Meraki is also running a client VPN (using the 10.0.3.0/24 subnet) for external employees to access the LAN.
So here's the problem. Randomly, the machines in the office (10.0.2.x) will lose the ability to communicate to the server at Rackspace over the site-to-site VPN ... BUT, clients using the office VPN (10.0.3.x) continue working properly. At least for a while. Restarting the site-to-site tunnel fixes the problem.
This appears to be related to traffic coming from both the office subnets (10.0.2.0 and 10.0.3.0) because it never happens outside of business hours (when only the client VPN would be used). And only happens when I have a mixed load coming from inside the office and through the client VPN. Furthermore, it only happens once or twice a day.
Anyone take a guess as to what might be failing, and where? Or what I might want to filter for in terms of a Wireshark? As I mentioned this happens during business hours so I'm sensitive to how much time I have to troubleshoot vs. getting the tunnel reestablished so people can work.
Any thoughts are appreciated.
Cisco ASA5585-SSP-20 strange strom of packets
We are running pair of Cisco ASA5585-SSP20 version asa964-36-smp-k8.bin and everything was good and suddenly my alarms went off and noticed packet drops and my VPN got disconnected so no i can't get into network to see what is going on but after 20 minutes or so automatically things started healing and i am able to get in and then i noticed on my observium monitoring, spike of packets almost 1 million pps on inside interface and outside interface traffic was very low about 100mbps. i didn't see ASA crashed or anything so not sure how do i find what happened, logs not showing anything also i don't have netflow :(
It seems some kind of loop happened and suddenly disappear that make no sense.. loop mostly stay until you break or reboot something. is there any other way we can see on Cisco ASA?
Why is the TP-Link TL-WR940N Mimo nMax 450Mbps so cheap?
Why is the TP-Link TL-WR940N Mimo nMax 450Mbps so cheap compared to other 450Mbs routers? how will it handel 5 devices? I need to get as much speed as possible for the cheapest price, I need it to handle a lot of devices, but I don't need a lot of range, it's a small house
Port Forwarding
I want to play lan games with my friends. But the problem is none of us can port forward due isp blocking all the ports. I tried using hamachi and zerotier but we get 600 ping because of relayed connection. Is there nay other way?
Using IP address to find a physical address
Hello, newbie here.
Does anyone know whether it would be possible to track a mac address or IMEI once we know the IP address linked to an online comment (posted via public wifi)? With this, can we prove who wrote that comment?
I know internet providers keep a log of phsyical addresses. If this user's device later connects to a mobile internet via a private sim card (that has registered personal info on it), that mobile internet provider could arguably link that personal info to the device then to the public wifi spot where the device has been), then cross match the wifi connection time with the time when that comment was post. Is this a reasonable scenario ?
I discovered a port forwarding rule on router I dont recognise?
Hi all
On my BT router i discovered a rule I didnt recognise. It was called "thunder" for desktop PC and needed port 13707. I dont remember setting this rule and cant see anything online about the port or the port name?
Can anyone shed some light on this?
Thanks!
Friday, June 12, 2020
Cheap, feature-thin top of rack switch?
Currently with a few colo sites just sort of randomly buying things since we don't need any features. Just two switches in a rack - one for internal communications between hosts in the rack, one for the external network. All we need is the ability to quickly see stats on individual ports, poll same via snmp, and the most basic of VLAN features on the internal side. Reliability, since some sites are less-local is important.
A nice-to-have is a sensible command-line interface that can at minimum show full port counters and turn a port down or up, but would also accept a clean and quick web UI.
We've so far used some older Cisco switches (3750's), Dells (which appear to be a re-brand of... something), and a handful of Netgear. The Cisco units are overkill, and if bought new, out of our price range. The Dells have had awful UIs and we've had a few die (PSU failure) and the Netgear (pricier line) have been reliable but, again, crappy UI.
All we need on the external side 1Gb/s max, we are very low traffic to the outside world.
On the internal net, we're slowly upgrading and have more and more hosts with 10Gb/s ports, so an entry-level 10Gb switch might be interesting...
Budget-wise, sub-$500 for 1Gb/48 port (new or used). Thoughts?
Cannot bring up certain TLS/SSL pages
Totally stumped. This network was inherited.
Site has a Cisco 1941 with DIA and a cellular card. IPSec tunnels are formed on each interface to the datacenter, 4 tunnels total. OSPF is running for L3 routing between site and datacenter.
Internet access is in datacenter. It goes thru a pair of 5525x running 9.8 and using Cisco WSA via WCCP for SSL inspection, monitoring and filtering.
On 6/7, the WSA config was removed from the ASA. The appliances were shut down a few days later. At this one specific site, I CANNOT get some HTTPS sites to work. The cursor spins and eventually times out. When I take the router out of the mix, all is good. This isn't all https, just select. On the router we are NOT running WCCP, WAAS, or anything else. I've tried setting up new service on the router with no luck. When a computer is connected to the same modem, no problem. DNS resolves perfectly. I cannot figure out why we cannot pull up pages. From wireshark, we see the 3way shake happen, then the server sends a key exchange and the client no longer responds. Then the server closes the connection.
There was a dhcp option configured for wpad, but that was removed at the beginning of troubleshooting. This is the only site affected. We made specific access rules for our test subject, even changed its NAT, all to the same result.
Any remote idea what this could be?
Trent
Split PCI-E x16 to 4x PCI-E x4?
I see there are PCI-E riser cards which can convert x1 or x4 to x16. I am not sure how useful they are for multiple GPUs because of the bandwidth limitation, but probably they are ok for GPU intensive tasks like bitcoin mining. What I want to do is the opposite. I'd like to convert an x16 slot into muliple x4 slots to be able to use multiple ethernet cards. I understand that buying a switch might be a better solution than converting a PC into a switch, I am just curious if this is possible...
PIM config weirdness
Hey All!
This may be a real dumb question but I have been bashing my head against the wall all day trying to figure this out.
Im setting up PIM on our network so i can route multicast audio to another location but I just cant seem to get PIM to do the right stuff. I have a Cisco Nexus 7K router that is hooked up to a Cisco ASR 920, they are showing that they are neighbors but none of my several hundred multicast groups are showing up on the ASRs multicast routing table.
The audio is on VLAN300 with ip pim sparse-mode enabled on the vlan interface. I am routing that network via ibgp to the ASR over vlan 3001, with pim sparse-mode turned on for that vlan as well. I can add an igmp group to vlan 3001 and it shows on the ASR, but none of the groups on vlan 300 are showing up.
I've configured a static RP on the nexus and set the RP on the ASR to the IP of the RP on the nexus. Its like for some reason my PIM on VLAN 300 isnt sending info over. here are the configs for the 7K with the IP addresses changed. I know there are a few things that could be done better, but this is a test environment. Let me know if you need any other config bits.
ip pim rp-address 172.16.2.2 group-list 224.0.0.0/4 override vlan configuration 300 ip igmp snooping querier 172.160.20.1 ip igmp snooping querier-timeout 205 ip igmp snooping query-max-response-time 25 ip igmp snooping version 2 vlan configuration 3001 ip igmp snooping version 2 interface Vlan300 description Livewire no shutdown no ip redirects ip address 172.160.20.1/23 ip address 172.160.20.2/23 secondary ip pim sparse-mode ip igmp version 2 ip igmp report-link-local-groups interface Vlan3001 no shutdown ip address 172.160.254.1/29 ip pim sparse-mode router bgp 64515 router-id 1.1.1.1 log-neighbor-changes address-family ipv4 multicast network 172.160.20.0/23 address-family ipv4 unicast network 172.160.20.0/23 neighbor 172.16.254.2 remote-as 64515 address-family ipv4 unicast Best network server solution?
I work for a small business that doesn't have an IT department. I know enough to setup network printers and basic things to help when I can, but we outsource everything major to an IT company.
We have 2 locations a couple miles apart and both have 200Mbps download speed. Both locations run our custom CRM software for pretty basic management tasks (E-mail, relationship management, etc). We have 1 server that sits at Location A and everything here runs very smoothly. Ex: Printing a contract for a customer will take 15 seconds.
However, Location B runs much slower when doing the same tasks. It must go out over the internet, make contact with the server, then return the information to print, which takes about a minute. Our IT company told us that increasing the download speed will help, but we already increased from 100mbps down and nothing has changed.
I took our server to Location B, changed the IP address to be recognized on the network, and everything ran at the same speed as it does at Location A. I did not run a print job from Location A to Location B, but I assume it would be very slow.
Is there a way to implement a 2nd server, so each location has their own server and updates the server at the other location?
Thanks for any potential help
Traceroute mapping tool
Is there a free tool I can upload a large csv file of traceroutes that will map everything? Things like weighted routing and the like?
Online Meetings getting dropped on our network
Hi everyone,
So we are a small sized public school with multiple locations. There has been a problem with Online Meetings especially Zoom getting interrupted from time to time, true for wifi and wired network. Zoom meetings get disconnected and says "Your Internet Connection is Unstable". This is not happening with our home internet connections. Also our school has 1 Gbps internet, and not sure why this happening.
This was even happening when there is no one at school.
Please let me know if you have any suggestions where I can check.
Layer 3 Multi-Chassis EtherChannel (MEC)
For anyone that didn’t read my last post, the company I recently started working for is undergoing a network refresh. Geographically, it's just a single but extremely large campus LAN with zero branch offices. The current LAN architecture is a full cisco shop, classic 3 tier core, distribution, access layer hierarchical model. The core consists of two VSS linked 6509's where all routing is done, these aren't being touched. The distribution layer in each building/area consists of a single old 3560 which currently has two 1gig fibre uplinks back to each core VSS 6509. All these distribution switches are in scope for this refresh. Layer 2 is currently being spanned all the way up to the core. A friend outside of work has convinced me to bring routing down into the distribution layer.. if not to the access layer even, to protect the core VSS 6509 pair from any broadcast storms or layer 2 issues that could magically happen downstream in the access layer.
From my last post I mentioned I'm planning to put two stacked units to act as the new distribution layer switch for each distribution area of the campus. I've decided I want a Layer 3 link between the core and distribution layer, but I also want resilience, so what I wondered was this - can I run a Layer 3 port channel from the core VSS pair (one interface from each VSS 6509 unit) down to a Layer 3 port channel (cross stack) on a distribution layer stack? Will this work? Picture here: https://imgur.com/GLZCAIC
Anyone done anything like this? or am I just talking rubbish and this won't work/stupid.
anyone else having issues with .mil websites?
We're using Cisco Umbrella for all our client DNS requests. Issues started a couple of days ago. Umbrella wouldn't resolved one of the .mil urls for failing some security checks. Ended up having to route that url outside of Umbrella. We've had a couple of other issues with some other .mil websites as well relating to Umbrella. Just curious if anyone else has seen any issues accessing .mil websites?
Cisco ASA w Cisco switches. What monitoring tool will best allow real-time and historical data for individual internal IP bandwidth consumption?
Happy Friday. I have a client who I'm trying to track and record bandwidth consumption of internal IP addresses real-time and also access historical data. Would this be best accomplished with PRTG monitoring or a similar product?
Two questions about combo ports.
I have been quite struggling to understand some things about combo ports and didn't find the information I needed on google so I thought I'll leave my two questions about combo ports here.
1.Why would I ever want to use 2 physical interfaces acting like 1 logical interface instead of 2 physical interfaces acting like 2 logical ones?
2.In what kind of situations it is better to use combo ports instead of regular ports?
Thanks.
Huawei is offering free online training for their HCIA level tracks
Network disturbances in glassfiber ring setup
Hi all,
I have never tried looking for advice this way, so I'm just giving it a shot because why not! Feel free to ask me anything if you feel my explanation is lacking information.
I am a full-stack developer and have basically been given responsibility over the complete enterprise network of a campus consisting of 4 buildings with 100+ workplaces per building. The downside is that I'm not specialized in networking. This is not really a problem when things go according to plan, but recently we have been experiencing some network downtimes which I feel are out of my league.
The buildings are all connected in a glassfiber ring setup with Huawei managed switches. There are approximately 10 VLANs which are mainly specific to certain offices, but 1 VLAN goes through the complete ring which is used by production to offices for the main company which owns all buildings.
Recently there have been major 'hickups' in the network. The access-control system sends out a mail every time a doorcontroller is unreachable, this way I monitor network connectivity real-time. We don't have a good implementation of real monitoring software, which is a desire we have for the future.
To pinpoint the source of the problems, we have started disconnecting the glassfiber ring to rule out faulty wiring. So in the 'new situation' we don't have a circle anymore but rather two branches (let's call them A and B) from the uplink. Branch A has no issues at all, whereas branch B has major hickups in connectivity.
What I find curious; the hickups occur in the segment on the bottom of the branch.
So let's say switch X is the end-point of branch A and switch Y is the end-point of branch B. In this setup switch Y is experiencing major connectivity issues. When I connect Y to X and disconnecting X from branch A, the new situation is that Y is no longer the end-point of branch B, X is now the end-point of branch B. This change shifts all connectivity issues of Y to X, leaving section Y function completely stable.
So we experience the end-point of branch B to be problematic, whether the end-point is X or Y.
I would really appreciate some advice to find the cause of this. Any advice at all, is greatly appreciated. At this point I am even willing to swap out all hardware and rebuild the complete network.
Management Server deployment
Hi All,
We have a management server that is used for firmware updates. The firmware images are 500-600Mb. We have 150 devices to be updated. The server will be used by another team. Can the server be placed behind a firewall considering updates may saturate bandwidth?
What is the best practice ?
Thursday, June 11, 2020
Electrical ASON protection between two different management domain
Dear All, Is it possible to configure electrical ason protection for 10ge service carried from network A to Network B managed by two different operators? please provide any solution. thank you in advance.
Ports and Cabling for 10 GbE, 25 GbE, 40 GbE, 50 GbE, 100 GbE
Question. Getting back into networking after 4 year break doing storage.
What are the port and cabling options for:
- 10 GbE?
- 25 GbE?
- 40 GbE?
- 50 GbE?
- 100 GbE?
From what I am reading it looks like 10 GbE is either an
- ethernet cable (a sturdy CAT6A cable & proper 10 GbE CAT6Aports)
or
- SFP+ ports with either fiber or copper cabling.
What about the rest of them though? Can we carry 25 GbE, 40 GbE, 50 GbE, 100 GbE on a copper CAT# cable or do we need to use #SFP#+ ports and fiber [or copper]?
NOTE: I believe my confusion came from thinking that ethernet means it has to be on a standard CAT# copper ethernet cable. I just remembered that ethernet is a layer2 data-link technology, so that means the layer1 physical (cat ports & copper cables, or #sfp#+ ports & copper or fibre cables) can be whatever supplies it.
i need help with routes, virtual switchs, TAP adapter
Hello guys, i require your help for a quick question, i'm a total newbie about the routing things and it's probably pretty simple for you.
So the problem is about my PC, i have it plugged to my router using ethernet, i'm using openvpn with tap adapter, the vpn is always on and also i have HyperV with 2 virtual switch that i use only for VMs (one internal switch which use my PC connection (the VPN)) and an external one (the one named extsw) which act like a second pc connected to my router, not sure if i have explained it very well as i'm a noob so maybe i don't use the right words but there is a screenshot:
https://i.imgur.com/CEumQF3.png
Everything is working well for me but i'm wondering if it's normal that my network traffic pass by the Virtual switch named extsw while my VMs are OFF? it seems kinda odd, should i tweak something? do it somehow compromise the security? or everything is fine?
thanks for your time!
telecommunications or network engineers... questions
telecommunications or network engineers How is the profession? What are your job opportunities?
MCI Communications and Cogent
Hello, I am relatively new to the world of networking. I was wondering if enterprise companies like these would sell Ips in multiple blocks. Would it be possible to rent IPs from these providers?
And if possible could someone direct me towards it, or if they recommend any other company of that stature.
Net Devs: Is there any benefit/positives to re-using MAC addresses across interfaces?
Layer 2 MAC addresses are sometimes re-used across network interfaces. The most common case for this is likely VLAN interfaces, where each VLAN interface assumes the MAC address belonging to the physical interface to which it is bound, but there are a surprising number of IoT and small networking device types which re-use MAC addresses across their ethernet and 802.11/wifi interfaces.
Ethernet VLAN-type layer 3 interfaces are logical interfaces, and thus the MAC address must be generated somehow. The easiest/laziest solution to this problem is to simply re-use the MAC address already assigned to the physical port. The only reason this works is that each VLAN interface is of course in a unique layer 2 network.
This is what Cisco and most other switch vendors do on their platforms. On some older platforms it isn't even possible to assign another MAC address to a VLAN interface in configuration.
The linux kernel inherits this behavior too. A newly created eth0.1 and eth0.2 interface will have the same MAC address as interface eth0. This sounds okay... at first.
Here I have in front of me today a small travel router type device which is supported by OpenWRT. It has two physical RJ45 jacks and an 802.11n radio. And all three network interfaces use the same MAC address. This is because the mt76 SoC actually has a single ethernet interface internally, and then it also has a manageable VLAN-aware ethernet switch. The interfaces are named eth0.1 (LAN) and eth0.2 (WAN). The WLAN/802.11 interface also uses the same MAC address, just because why the fuck not.
For most people this works fine, but let's say I want to use my little device here to connect two of it's interfaces to the same layer 2 network. There's a variety of reasons we might want to do this, including bridging, or redundancy, but it's not possible because all of the MAC addresses are the same.
Now let's say I was to make an argument to developers of the linux kernel, Cisco, or whomever that they should select unique MAC addresses for their VLAN interfaces. Are there any good counter-arguments, other than being lazy? Re-using MACs on 802.11 interfaces is of course pure lazy, but for VLAN interfaces it works fine most of the time.
Packet Capture node
fellow networkers: I'm in the process of building a node to capture packets on the wire. We have a traffic aggregator that will send the flows to a port, and the goal is to replace a paid solutions with something more open-ish-source. Have any of you guys used a Windows to accomplish this? I would like to use a Windows Server as the capture node as I think it will be easier for others to use and am considering using Wireshark to do ad-hoc captures with dumpcap for scheduled captures. Anyone set something similar to this up? Any tips? Adding very simple diagram, because pictures are cool: https://imgur.com/gallery/BCQ6atx
Open Network Linux
Hi All,
So I've messed up. I didn't do my research properly and I've bought an edge-core AS5812-54X bare metal switch. My plan was to put Open Network Linux on it and everything would magically work. Like I said, I didn't do my research properly...
I've searched and searched for guides, tutorials, software to allow me to configure this switch. So far I've found nothing useful.
OpenSwitch looked the most promising at first but it isn't compatible with this switch. All the other supported NOS are commercial ones that you have to pay a fair amount for as far as I can tell.
I don't think my employer will give me a lot of money to go out and purchase one of these so, do you guys and girls know of any useful guides or anything that can help me get Open Network Linux up and running as a typical switch? I've read somewhere that Open vswitch can be used on top of a hardware switch as well but I've found no resources for how to set it up on actual hardware.
I also looked at Azure SONiC which strangely lists this switch as compatible but doesn't show any interfaces once it's installed. It looks like it due to the SAI provided by Broadcom not supporting the Trident 2+ ASIC. And if that's the case then I'm not sure why it's listed as compatible. But then it could well be me being relatively new to all of this.
I know... I'm an idiot. I won't be skipping the research next time, that's for sure.
tl;dr - I'm an idiot and I've bought a bare metal switch that I thought was going to be easy to set up. It's not and I need help.
Fiber Gurus - Can I get 10G on OM1 to about 1,000ft?
A client of mine has fiber between two buildings but I just checked it and it is OM1. It appears to be this stuff. Basically, there are fiber patch panels in each building, not at ideal locations, so I need to run fiber between these patch panels and the endpoint switches in each building. It would be about 100ft in one building and maybe 250ft in the other building. There is going to be a Netgear M4300 at one end and a M4200 at the other end. SFP+ modules would be used.. probably 10Gtek brand if possible since they are less expensive than OEM.
My questions are:
- Can I know if this will work without trying it and inspecting packet loss? I guess what I'm looking for here are success/fail stories...
- If so, do I need very specific products to do this? I quickly found using single-mode SFP+ with mode conditioning cables is an option? Blind question as I haven't researched these yet. But, with my long panel to switch patch, not sure this is feasible.
- Does it help if I run OM3 from the switches to some sort of media converter at the fiber patch panels to change from OM1 to OM3?
- Or, should I give up hope and attempt to get OM3/4 installed. It may be tough as they've told me their building to building conduit is full, and I'm concerned about pull strength on new fiber.
Service Provider networking questions - Alternate sub?
I run a small service provider network and am often seeking an appropriate place for technical feedback, this sub mentions "Enterprise networking" a number of times so I'm hesitant to ask service provider network questions.
I've searched around for ISP or service provider networking subs and come up dry. Are those questions welcome here, or can someone point me to where they would be?
8K mac address table. What for?
Maybe this will sound like a silly question to some of you but I have been studying for CCNA exam and while I was in the subject of mac address table I understood the idea, the switch maps mac addresses to ports, so with that concept there's a question that has been in my mind for a few days. What would a 24 port Soho switch need a 8,000 mac addresses table size for? I hand to deploy a Netgear GS324 for a small office with no more than 30 devices connected at the same time, that would be the about 20 connected to the switch and the rest via an access point. So what would be the case scenario where you need an 8K mac address table in a Soho switch?
Maybe there's a basic concept I'm missing here.
Blogpost Friday!
It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts.
Feel free to submit your blog post and as well a nice description to this thread.
Note: This post is created at 00:00 UTC. It may not be Friday where you are in the world, no need to comment on it.
AP Reduction with 802.11ax
I recently took over a wifi network designed with a map and compass by someone with 0 wifi engineering experience. Most of the gaps were filled in with extra APs.
Our current set-up is a bunch of Meraki MR18s (bought within the last 5 years to show how stingy we are) that won't work for much longer. I need to convince my company to spring for a proper survey and WiFi6 APs (they don't like to spend on IT).
I also have no WiFi engineering experience but spitballed that we could probably reduce our AP count by 25-30% with WiFi6 and a proper survey. Is that too ambitious?
Most of our buildings are bricks and concrete, but we currently have up to 12APs per floor on 50x100 buildings.
What do you think? The benefits of WiFi 6 seem too big to pass up right now (Passpoint for brick and mortar buildings), but I think I need a drastic reduction in our APs to get approval.
PRTG Alternatives
Hi All,
I use PRTG at home for Monitoring and alerting, but unfortunately, the free version only supports 100 sensors which I've maxed out, is there any good alternatives the graphs are great but it more of know when something goes down so ping,HTTP, sensors
Maxing out with 946 Mbit/s with my old cat5e ethernet. Do you think I’ll see performance gains with a cat7?
Also been experiencing some packet loss with this ethernet cord lately hoping cat7 will straighten this out...
Cisco Firepower IPS
Hello,
I have some questions about the IPS tuning on Cisco Firepower. (I have more experience on the Palo Alto side)
What do you think about the Firepower Recommandations Rules ? Someone using this on a weekly to make some changes ?
I was thinking to do some layer like :
-Malware (every malware signature = drop and generate events)
-Exploit kit (every exploit signature = drop and generate events)
-Sql injection (every sql injection signature = drop and generate events)
-Custom Application
-FW recommandations (threshold on medium)
-Base Policy
I think it's can be messy to manage manually each signature in big environment. You can have some custom but for the rest. I believe the FW recommandations can add some value because he has the host map context. (which protocol, application , ...)
What do you thinking ?
Thanks
Entry level certification advice
Hello, I'm currently a cybersecurity student at a university currently with an associates in computer networking as well. During the summer I want to finish up my studies that would be enough for a CCNA or Comptia Net+ certification. But I do not know which one would be best to do first or if I should do both. I have thought about doing self-study but I think I'm better off paying for a program that I could take during the summer. I think I have about 50% of the knowledge to pass either one with some refreshment needed of course.
So which do you think would be better to earn and any recommendations on how to do it?
IPsec tunnel hardware
I'm looking for a layer 4 endpoint device that can terminate and retransmit and IPsec connection.
My current issue is I'm working with grossly outdated hardware that uses single DES encryption and SHA1 integrity/hashing, but the controller (A Win10 machine) requires AES256 and SHA256. These historically have been unencrypted over a private network, but we're introducing an external controller and NTP to control timing, which breaks everything.
The hardware can do 3DES, but takes about 18 seconds to decrypt, and AES just times out. Initially, I just wanted to pop in a Big-IP 2000 series, but they're no longer for sale, you can't buy support, and their end-of-life is 2025. I reached out to F5, and the direct replacement, the i2200 is $18,000. Ouch.
I lean towards F5 because it's what I know, but it's definitely overkill in this situation. I know I could use a Virtual F5, but that ends up being more work. I imagine there has to be a simpler device to terminate and re-encapsulate the the IPsec tunnel. Any suggestions?
IoT Deployments and Carrier Networking
Hello Folks,
I wanted to pick your brains on IoT deployments.
We have IoT devices running out in the wild with over 200k devices and counting. A major chunk of this is with cellular carrier "A". Today all these devices are in a private APN, so these are not addressable over the internet. Security by obscurity. We also have a smaller set of old devices with another carrier "B" that is on the internet, much like your phones etc.
With us expanding as a company and also going international, the carrier A option does not scale too well. The business is also working on going multi-carrier to save on cost.
I am interested in learning what others in this field are doing. Our current thoughts are to go with internet connected sims. This leaves the devices open to attacks, but that is something we will need to work on.
Thanks
Trying to Anycast DNS, getting "reply from unexpected source"
I know I'm probably missing something simple here.
I'm trying to anycast a few DNS servers. Routes are announced via BGP and are working/visible. The DNS isn't working though.
If I try and dig something @ the anycast IP:
;; reply from unexpected source: public_IP#53, expected anycast_IP#53
I'm not 100% sure what I'm missing here as it should be working
Prefer path with shorter prefix length
I'm being asked to look into a routing requirement that infuriates me. Trust me, I hate everything about what I'm going to ask. That being said, sometimes you have no other options, and I'd at least like to educate myself to see if there is technically a way.
We're interfacing with some BGP peers. Via on of the peers we receive a summary route (just call it 10.0.0.0/8) and via the other peer we receive a longer prefix (call it 10.1.0.0/24). The location where 10.1.0.0/24 is in use is actually reaching us via the peer that is advertising 10.0.0.0/8 to us, and we because we follow sanity, we route it back via the peer that has the longer prefix length of 10.1.0.0/24. Yes, asymmetric routes, and we have stateful firewalls everywhere so it's obviously dropped as well.
My fix, "just advertise 10.1.0.0/24 to us from the peer advertising 10.0.0.0/8", however I was told "nope sorry we won't do that because we have to make too many changes and it's a huge project.
So, now I'm scratching my head. Two different routes (10.0.0.0/8 and 10.1.0.0/24) both received via BGP and in the RIB, 10.1.0.0/24 does have a longer AS-path but obviously that doesn't matter because the routes themselves are different. So both get injected into the FIB, and when we go to route back to anything in 10.1.0.0/24 we obviously take the more specific/longer prefix length which is to the peer that is advertising us 10.1.0.0/24.
If you had a gun to your head and you had to make this work, can anyone think of a way to route 10.1.0.0/24 traffic back to the peer that is advertising the shorter prefix length of 10.0.0.0/8 and fail over to the path that you are receiving 10.1.0.0/24 from?
I can actually come up with a use case where you might want to do this. Imagine the path between you and the peer advertising 10.1.0.0/24 is dial-up/very low bandwidth but the 10.0.0.0/8 is high bandwidth SD-WAN or something. You want to prefer the SD-WAN path but failback to dial-up. Now, note I said SD-WAN and we all know SD-WAN can be vendor specific and break rules, but this I have no SD-WAN capability and just your normal routing RIB/FIB capabilities.
If you aren't just pure angry at the point, I'll take any suggestions :)
I want to secure and manage 60 (yes, sixty) WANs through SD-WAN on a firewall appliance. What will I need and any recommendations?
I am not new to servers, networking or hardware, but I am new to this side of things.
I have 60 WANs of differing types, but mostly consumer DSL and static IP broadband services. I need to keep all 60 and want to use all 60.
At first I was led to believe that I can use a Layer 2 switch to physically connect each WAN to (like a Cisco Nexus 3064T--but with sufficient ports) and then trunk it to my firewall appliance. The firewall appliance will then allow me to manage all 60 WANs through SD-WAN. This was my initial fairy tale.
However, another engineer told me I need to use a WAN aggregator (not a Cisco 3064T) ahead of the firewall. He mentioned A10 and F5 as two brands to look into, which left my head in a bit of a spin, so I need to ask whether an aggregator really is necessary for this to work period or is it just a way to reduce the count of WANs I expect the firewall to manage?
Thanks in advance to any input you can provide!
Ubiquiti Firewall Rules
First time using a Ubiquiti edgeOS, looking to possibly deploy it for a very small off-site solution to tunnel a couple of machines back into the main site, in my initial testing I'm coming across a weird issue, I have some computers on the 10.8.20.0/24 network, the ubnt is on 192.168.1.0/24, i created an allow rule on eth3 for all source 10.8.20.0/24 destination 192.168.1.0/24 all protocols with no port filtering but devices on the 10.8.20.0/24 seem to have an issue connecting to anything on the 192. a traceroute from a 10. system has it going to some arbitrary 10. addresses that don't exist on the network.... suggestions?
How does NAT work with ARP?
So I’m fairly new to networking, and sorry if this is a low quality / repeated question.
So I understand NAT transforms private IP addresses into a public one, and ARP resolves IP addresses (unsure if either public or private or both) to a mac address.
But if I send a request to google, and my computers private ip is changed to public via NAT, and google sends back a response to my public IP address, how does my router’s ARP table know which private IP sent that request?
Advice on networking and firewalls in Azure
I dont have alot of experience with networking in Azure. Can anyone point me to some resources videos, books, courses or anything else to help me get a foundation. We are thinking of moving everything up there from the Datacenter, and I want to get a good plan together. Also does anyone have any suggestions for a cloud firewall. Currently we are a watchguard shop and rely heavily on branch office vpns to access resources in the Data Center. Is it best to have a separate VPN concentrator in the cloud and a cloud firewall, or can it be accomplished with one cloud instance. Let me know if you have any pointers or resources to help me get started on this journey.
Help finding info about an IP address
Someone keeps trying to enter my email from the IP address: 45.141.63.163 is this a known IP for spam? Is it a vpn? I’m concerned and I’d like to know if it’s simply a spammer/hacker/whatever you want to call it or if it’s an individual masking their IP with a VPN. Any help would be appreciated, thank you!
How do you diagnose retransmits in a pcap?
This seems to be an endlessly complex topic. I’ve read and watched videos on how tcp sequence and acks work, but when faced in front of a packet capture with many retransmits I often find myself scratching my head anyways thinking “what’s actually going on here?” Sometimes I’ll see stuff like several retransmits in a single burst of time and have to wonder if it’s just spamming. Like just one dropped or delayed packet results in a literal spray of several retransmits.
I also remain confused about retransmits in situations where the root cause is packet loss. Which direction will you see retransmits match? (Assuming unidirectional packet loss) will you see more retransmits from the lossy side to the non-lossy side? Or vice versa?
If you’re investigating a slowness complaint, and when you pull up a pcap in wireshark that shows hundreds of retransmits happening, where do you start? How do you delve into that to try to decipher what is actually happening to cause that?
Are there certain filters or charts you like to use in wireshark that can streamline the process?
Thanks for any advice you can give.
Network load balancing virtual machine
Hi all, I'm fairly new to networking so apologies for any glaring idiocies on my part. I currently have access to 3 different wireless networks all with a speed of around 50 Mb/s. I'd like to set up an ubuntu box with 3 wireless adaptors and have it perform some rudimentary load balancing on the connections.
I'm not looking for anything fancy like channel bonding I just want to be able to send users' traffic down whichever network adaptor is the least busy. There's a huge list of open source software that seems to do what I need here, does anyone have experience using any or links to good documentation on the subject? I'd rather learn a bit than just install something and hope for the best.
Can I allow a camera to access the internet?
So we have a camera that needs to access the internet. We have several vlans configured on the switch (3850), one of then is vlan 100 (voice). Everytime we connect the camera to a switchport, it gets its ip from the voice vlan. Is there a solution for this? Sorry if its a stupid question.
SDN Faucet controller config file edit (wildcard size)
Hi guys,
I'm trying to find the faucet SDN controller config file to change the wildcard size of the controller.
Faucet is somewhat like the Ryu SDN controller and I can't find any details on how to change the config of the faucet controller, nor the Ryu controller.
I am researching a (D)DoS using mininet and the faucet controller. I came across a hping3 script which sends every second like 17.000 packets. Now when I look with Wireshark at the connection between mininet and faucet it spikes for one moment to ±170 request per second and than stables out to around 9 per second.
So it seems like the faucet controller sends out a wildcard with information like: "everything other than 192.168.x.x needs to be discarded" (since I'm only using local ip addresses).
Therefore I can't really do a (D)DoS attack.
Do you guys maybe know how I can change the settings of the faucet controller so it doesn't send out wildcard or how to change the time a flow is alive?
This could help me further with my research! Any help would be appreciated!
Accessing a device on a switch port where the device has a static IP
I need to access a POE intercom with a static IP (192.168.1.250) connected to a TP Link switch (172.22.78.253) that is connected to a Mikrotik RB 3011 (172.22.79.5) that is in turn connected back to a core router CCR1036. We have a couple of VLANs on that switch. The Intercom is on VLAN1 which we don't use
Normally, I configure the intercom in the office by directly connecting to it and give it to the engineers to take on the field as they are a bit of a pain to do remotely. This wasn't the case due to COVID And WFH.
Question is, how do I gain access to that intercom?
New to the MSP world as a NOC engineer, bear with me here, not as experienced.
Thanks
Advice on GPON network backhaul link
Will a backhaul link of 1GBPS be sufficient for 500 end users? I am a small ISP and are in the process of rolling out a fiber optic network in a small town of +-500 homes. I have a OLT with 7 ports, each port can supply up to 64 end users. I have the option of a 1GBPS backhaul link and a 10GBPS, will 1GBPS be sufficient for the town? Will the backhaul link be boosted in the sense that each OLT port will have 1GBPS, or will it be 1GBS devided between the 7 ports? 1000mbs devided by 64 will mean the theoretical top speed will be +-15mbps for each user, or is it 1000mbs devided by 500 meaning 2mbs per end user?
Wednesday, June 10, 2020
Network Infrastructure Disaster Recovery Policy and Plan
I am Senior Network Administrator of a Mid-Size Hospital and I am looking for network infrastructure contingency/disaster recovery policy and plan.
What should the policy and plan should cover ?
What's your contingency plan be like when your entire network goes down ?
How should be internet backup plan ?
How should be WAN Redudancy ?
Any suggestion and thoughts, please ?
Half duplex Ethernet on twisted pair
I'm thoroughly stumped and the Google isn't yielding the answer I seek.
Consider an Ethernet utp link, where both ends are configured as 10mbps half duplex. All the documentation I can find tells me the same thing: csma-cd is used in half-duplex configurations of Ethernet utp to allow a shared medium to be utilized by multiple devices by providing rules to mitigate collisions. I would consider a shared medium in this case to be one twisted pair.
My issue is: how many pairs of wire are actually used for such a config. My logical brain tells me that one pair is needed, and would qualify as a shared medium just as a coax 10base-2 lan would be. The problem is hat I cannot find any documentation which specifies this. I find plenty that tell me two pairs are required for any utp Ethernet link of 10 or 100mbps of the most common types. It's almost like the half duplex part is an afterthought.
Can anyone shed some light on what's really going on in a 10mbps utp half duplex physical link?
Please help. The prepended as-path is being preferred.
Hello,
I have two upstream ISPs on two different edge routers and IBGP between them.
Lets call them provider A and provider B. Provider B is prepended x 3 and provider A is not.
However, I still get a lot of traffic from provider B. If i look through a bgp looking-glass, they mostly see me from provider A but a lot are seeing me from Provider B. My FW is not happy as i'm having Async routing to my VPN peer. Traffic leaves provider A (local pref) and when i asked for a trace from my peer, they are coming from provider B and it's messing everything up.
Any clues would be greatly appreciated
Dell EMC S5296F-ON Switch. Cost?
S5296F-ON Switch - 96 X 25GbE SFP28 ports and 8 X 100GbE QSFP28 ports. Anyone have an idea of the cost of it? Have got one figure already - want to confirm.
Is anyone aware of an application like BFD for Windows/Linux?
I would to be able to rapidly detect and record connectivity problems between machines in different subnets. Kind of similar to the way BFD can help you achieve this over transit links.
There's the old classic, continuous "ping" test. But can we do better than that? Ping sometimes gives deceptive results during asymmetric routing, and ICMP is sometimes deprioritized on network gear (and not really representative of User Experience anyway: 1 second polling intervals on a protocol they don't even use..)
Does anyone have any recommendations on how to monitor host machines with that level of granularity?
Microsoft Azure MFA not working with Sprint PCS users for anyone else?
/r/sysadmin/comments/h0ebgv/microsoft_azure_mfa_not_working_with_sprint_pcs/
BlueCat DNS Resources?
I'm starting to think the internet at large has been scrubbed of any reference to BlueCat that isn't their own corporate publication...but anyway!
Having issues on DNS configuration on a BlueCat appliance and, unlike every other DNS management platform, BlueCat seems to have no publically available documentation, YouTube has no tutorials, the whole BAM platform is just a black hole.
So the question - anybody have any references for DNS configuration on BlueCat? Happy to take any crumb I can get.
Software ideas for a Dissertation? (Network based, Automation, or SDN)?
Hi,
For a university dissertation I need to write some object orientated code - preferably network based.
Does anyone have any ideas of potential projects that could potentially solve some of the issues you experience in networking, or that you think would be useful?
Cheers
RG11 connectors cable join, construction workers sliced through internet cable
Hi all
Got a bit off an issue, some construction work was done outside our premises and they have sliced through the RG11 cable which supplies the broadband
We are being told 2-4 weeks to fix it, but I am fairly certain I can repair it temporarily before that.
I just want to confirm if these connectors would be the correct ones to use for the rg11 and then for the cable on the left of the rg11 I am guessing it is just rg6 or rg59 so any f type connectors for those should be fine correct?
and then a female to female in between
Or should I go for the Radiall branded ones here
https://uk.rs-online.com/web/p/products/2956630/
https://uk.rs-online.com/web/p/products/5462728/
Thanks in advance all!
setting up syslog collection for cisco switches on our SIEM, what logging level would be appropriate?
To elaborate, we've never really done any sort of centralized log collection and I feel like setting the log level to debugging is just too much data, but not sure where inbetween 1-7 would give us usable data. I don't have anything in particular I am looking for, just really playing around with a new SIEM solution right now.
SD-WAN
I'll be setting up an SD-WAN for my first time there are two isps and one is going to be setup as a failover, any references or documentation i should take a look at?
Cisco 550X Stack OR Used/Refurb 3850 Stack?
One rack - multiple web servers, NAS devices, etc.... iSCSI 10gb LUNs...
Debating trying the 550X stack, and doing 2x 48 10/100/1000 switches and a 12 SFP+ in a stack.
Would run ~ $6,500
A refurb/used stack of 2x 3850 10/100/1000 + 12 SFP+ stack would be similar in cost....
Is SmartNET 4 hour available on both? I don't see 3850s going EOL anytime soon, not using anything CRAZY so the 3850 is most likely overkill. But in terms of reliability, thats what has me hesitating.
Question: Windows and Cisco Bandwidth Reading
Hi there. I am trying to do some traffic reading on our MPLS circuit and it seems like there's a discrepancy between Windows and Cisco. We were trying to push some files from siteA to siteB using 2 Windows servers going to a single server at siteB. Switch input traffic rate I can see from siteA (dropped the load-interval to 30) is bounding around 24-26 per port so that sums up to around 48-52Mbps outbound on WAN. I have a 60M circuit and shaped it at 60M with overhead accounting of 24 bytes. It's what it says in both outbound rate and policy-map interface that it's doing around that rate and there's a drop of about 500k.
However on Windows task manager, it says it's sending about 30M per server so that sums it up to 60 which is my shape rate.
So is Cisco hiding some overhead? Doing the math based on 24 bytes overhead using the packets per second reading, my overhead should just be less than 1M so I'm not sure how the Windows is seeing 30M each but Cisco router's interface and policy-map counters (including L2 switch counters) match at 48-52?
Any feedback? Thanks!
In your opinion, what's an IMPECCABLE piece of software/hardware?
Flag this as a low quality post, I don't care. Let's share some positivity and appreciation. Let's talk about amazing products. Please no sales pitches from anyone with a conflict of interest...
What product is just amazing and seems to keep getting better. What's one that no one complains about. Could be expensive, could be free download. I know you all have one in mind.
It's always DNS
OK, so we had these problems for a while, now and I'm really stuck.
Randomly we will get "can not reach the webpage /server not found.", and it will work if I refresh the page 3-5 times.
Network i fairly simple-design, clients ask AD-servers. AD-servers ask, another internal DNS, and then out on the internet.
client --- AD_DNS --- Internal_DNS --- ISP/google-DNS.
What have I tried (and didn't work):
*Change DNS on Internal_DNS to google/1.1.1.1^*
*Change AD_DNS to google/1.1.1.1/isp^*
*Change client_dns to google/1.1.1.1/isp^*
*Setup a new BIND-dns-sever for Internal DNS.
*Tunnel all web-trafick over ssh from browser(FF)
What did work was:
*VPN on client out of the house. (To check if it was the lines)
What parly works:
*Setup a new internal_DNS with Unbound server, this works better than before, but not perfect.
If I ping, mtr, traceroute everything works.
I have been working on this for so long, that I suspect I'm missing som obvious point or something.
Any steps I can do to verify or exclude possible error-sources?
Please ask all the basic questions, because I have no formal network training.
But I thought (uptil now) that I had a good understanding for basic network.
^s Means I tried 1.1.1.1, 8.8.8.8 and ISP's DNS.
The BIND logs will have a lot of "query failed (SERVFAIL) for xxxxx"
And I ofcouse tested this on mulitple browsers (incl. curl) on multiple computers in and outside the domain.
Ubuntu in the enterprise environment
Wanted to poll the quorum and see whose enterprise is running Ubuntu in their network and who has shut it out for security and supportability reasons?
Issue with 802.1x Wired Authentication
Issue: We are having trouble on machines where the Machine Authentication succeeds and the machine VLAN is assigned but after login the User Authentication also succeeds but the VLAN is not assigned (machine and user VLANs are different). We have noticed that this issue started when installing any of the Windows 10 cumulative update 2020-01 till 2020-06, which we are currently rolling back the update for the time being until we solve the issue. When disconnect and reconnecting the network cable the machine re-authenticates and get the appropriate VLAN successfully.
System: We have an internal NPS server, Active Directory ,CA Server and HPe Switches.
System settings on network card and NPS User Policy (the machine policy is similar but the VLAN & Domain group is different) are attached.
Event Logs: Shows that user and machine authentication has been successful both on the client and NPS server side.
What check can be done from my end to troubleshoot the issue?
If you require further information do not hesitate to reply :)
📷****📷https://ibb.co/BZn6PsB
Why data is transferred in short bursts?
Can anyone explain to me why data is transferred in short bursts, please?
this question is in my homework but I cannot find any information in the lecture. Thanks.
Thoughts on how to setup a remote (read only) screen for teams stats
Hey r/networking
I hope you can help me out with a rather funky request I have a ticket for.
I had a request from a manager where I work, this request is to have a PC in the office (well its screen contents) be viewable from within the network and be read only.
This is for teams stats, ticket numbers etc that is already setup and it is net connected and working. This is for remote workers to view the stats and has to be read only and only available on the internal network (VPN users included)
I have a theory about setting up a remote session, and setting a DNS record (internal) so users can access from a browser.
The issue I am having is understanding how to setup the cast itself though and any considerations I might need whilst doing this.
What I have:
Windows 10 pro PC - medium specs with older i5 and 8GB RAM in a desktop
Full access to DNS server (to setup an internal address rather than giving end users an IP)
A rather beefy Vsphere environment (so I can cast to a machine/webserver rather than all the try to connect to the PC itself)
What I don't have:
Enough caffeine in my system...
Any software or tips on how to set this up would be great.
It will be about 30 people who would access this so it is not a good idea to have them connect direct to the PC and it has to be read only as end users are end users and will mess with stuff if given the chance.
Thanks in advance,
My Friend John
Questions About Dynamic Internet IPs...
I have question about ISP assigned dynamic IP addresses.
For background, I'm a programmer working on a web application. For security reasons, I need to throttle access to certain parts of our web application. I want to make sure I have a solid understanding of how users are identified.
- Is it ever possible for multiple ISP customers to share one internet facing IP address (e.g. through PAT)? Or is it strictly one customer to one internet IP.
- On average, how long does a customer retain an IP address? Can it suddenly change in the middle of a web browsing session?
- In general, why do ISPs reassign internet IP addresses? As I understand it, it's because internet IPs are limited, but If every customer is assigned an IP addressed at all times, how does the ISP save anything?
- I noticed that I do not have an internet IP assigned to my home ADSL modem. When I perform a traceroute, I notice several hops across 10.X.X.X hosts before seeing an internet rotatable address. What's going on there?
Tuesday, June 9, 2020
Does IOS run in the RAM?
That is what I thought... until I read this from CCNA book:
IOS runs in the CPU and uses RAM.
So, IOS runs in the CPU? it is confusing
could anyone help me please?
Reference:
Book: CCNA OGC 200-301, Page 362
Can your ISP access or see your activities on your SMB server?
If I access my server, can my ISP see what I’m doing or can they also access it?
What do you use to keep organized?
I recently switched from a ticket based role to a build/project based role and am trying to figure out how to keep everything organized.
Before with the ticketing system it kept pretty much everything organized for me and now I’m trying to figure out how to keep track of the projects I’m working on and any tickets with vendors I have open, etc.
I have been using OneNote so far but it doesn’t seem really efficient.
Where's the delineation between infosec/cybersec and your team?
What does infosec do at your org? Are they handling day-to-day maintenance and changes of devices? Do they own any of the security stack or is that totally under your control?
Or are they more responsible for operations...setting/enforcing policy, reviewing logs, advocating for new controls (and getting the CISO to find money for them)?
Curious how other orgs are structured.
Thanks
Rant Wednesday!
It's Wednesday! Time to get that crap that's been bugging you off your chest! In the interests of spicing things up a bit around here, we're going to try out a Rant Wednesday thread for you all to vent your frustrations. Feel free to vent about vendors, co-workers, price of scotch or anything else network related.
There is no guiding question to help stir up some rage-feels, feel free to fire at will, ranting about anything and everything that's been pissing you off or getting on your nerves!
Note: This post is created at 00:00 UTC. It may not be Wednesday where you are in the world, no need to comment on it.
Cisco ISE 2.7 posture
We are moving away from McAfee and going to windows defender. Problem with 95% working from home we have posture on vpn. 2 posture checks for mcafee is it running and definition within 5 days. I needto create a posture check with an either or statement. If you have either mcafee or defender running = compliant. If your definitions are within 5 days for either mcafee or defender =compliant. I know you can make either one optional but can you make them either or?
Hosting a media server and network requirements.
I was tasked with building a media server. We will be using it to host videos for virtual training. My company wants a on premise server. We want to connect or use it to work with LMS on-premise. The way we are thinking is having a link on LMS to the video unless theres a better way to do it. Do you have any ideas or things for me to consider before dropping a few grand. We have a big budget for the project.
Any helps is greatly appreciated.
Can't connect to old Switch via ssh on CentOS 7
Hi everyone,
i'm trying to connect to one old network switch (Extreme Networks G1) with SSH on a CentOS machine.
At first, I saw that it wasn't connecting, using "ssh x.x.x.x" the cursor flashes without responding in any way and not even timing out.
so I decide to try from putty on windows and it tells me "The first key-exchange algorithm supported by the server is diffie-hellman-group1-sha1 " but I can click "continue" and it connects.
So I try a little and add the algorithm to the "ssh_config" file on centos, but it still doesn't work.
I did a lookup of the policies on the internal firewall, and the path is open, in fact other devices on the same subnet dialogue with CentOS, but this switch does not ... I can't even find logs that can tell me what's going on because CentOS does not close the "connection test" even after half an hour.
What should i check? I know that i should update the Switch, but i need to make this work for now...
Thank you to anyone who will try to help :)
Any good tools/platforms that I can use to create virtual network device simulators?
Hey guys,
I'm testing a few systems and require logs from different network devices. Unfortunately, I cant gain access to the devices I want. So, I was wondering if there was a platform or a software that I can fireup, like a VM machine or an AWS instance, that can behave like a designated network device. Looking for firewalls, switches, routers, etc.
Appreciate any suggestions are advice on this topic.
Fibre Attenuation Help.
Hi All,
Getting myself all confused over fibre attenuation. Having to use SFP-10G-LR-S SFPs for some rather short (< 300m) runs due to the 9200L's not having proven compatibility with the SFP-10G-LRM. I'm being told I would need attenuation to protect the reciever and prevent saturation. However, checking the data sheet the max transmission power and max reciever power is the same (0.5 dBm). Therefore, I don't think I need attenuators. Can someone with ,more fibre experience confirm my logic please.
Arguments against ISP offering email service
I'm a network admin for a small local ISP and like most ISPs, we still host email accounts for customers. I've been trying to convince them to move away from hosting email for two reasons.
1.) We are not geared to offer dedicated support for email issues/security
2.) We make very little money from it anyway.
I need a couple of good arguments to move away from email but I'm having a hard time finding any resources on the internet. I can make (and have been making) the argument from what I think but without a couple of websites or articles to back me up I'm not getting anywhere. Does anyone have any good resources I can refer to?
IP address hardware on printer
I want to preface that I am not an IT or networking professional but sometimes will try to fix things to save time and keep from having to call someone in. I was trying to fix a printer at work earlier and noticed that the ethernet card on the back was broken which was preventing the ethernet cable from attaching properly. We had another printer nearby so I removed the card from the broken printer and swapped it with the (until recently) working printer. All the lights lit up and the printer said it was online which told us it should be working. We were still not able to get anything to print to that printer, however, so I gave up and we have been using a workaround while waiting for help.
While thinking about this, I realized that the printers have static IP addresses on the system and was wondering what piece of hardware would that be tied to? Is it possible that the printer should work but the network sees it as being the broken printer rather than the printer we had been using? Or would the IP address be tied to some other piece of hardware inside the printer?
Server not accessible
Hello,
I am a junior network engineer and for a week i've been dealing with a network problem.
The first one, we have 3 work places and we have a server at the first one. From the third location a pc can't access a server which is located at the first work place. He can ping it and i can connect remote to his pc. The connection stopped working last week, we didn't modify anything. We've tried changing the adapter options, we restarted the TCP/IP service and he still can't connect. He is connected through a VPN. The error code is 0x800704B3
EDIT: How i can fix it?
2004 Update breaks 802.1x DHCP IP address assignment
After the last major Windows 10 Pro update, our Ethernet connection doesn't work as before when obtaining a IPv4 address assignment from our Windows 2016 DHCP server. The issue affects all our pc from different vendors. When a domain user authenticates to start a new session, he doesn't receive the correct ip and gateway address, so he cannot have access to the network because the pc stays in a VLAN where that ip doesn't work. The problem needs to be fixed by disconnecting and reconnecting the ethernet cable, then it is stable for the time of the session. After a reboot or a logout, the problem starts again. We have this problem on all the pcs in the LAN after 2004 update.
We tried, with no success, to do the following:
- ethernet driver update (Intel);
- uninstall and reinstall ethernet interface;
- disable IPv6 from network properties;
- install a previous ethernet driver version (Intel);
- disable energy saving properties in ethernet interface;
- disable realtime antivirus functionalities;
- check correct operation at Radius and DHCP server level.
Any further idea about how to fix this issue?
Thank in advance for any help.
Find and prevent user created Tunnels?
Hello,
So we have a lab environment where users use Ubuntu and have root access, from the lab network they are only supposed to be able to access a few select resources on the other networks.
However, they have found a way to bypass this by creating a tunnel to the other subnets by using:
sudo ip route add 10.x.x.x/24 dev tun0
Is there a way to detect and/or prevent this on a network level? We use Cisco equipment (incl. Cisco ASA/Firepower).
Server Cabinet
Hi guys,
This may sound silly to some of you but I need to spec a cabinet for a Dell Inc. PowerEdge R440 and a Meraki Switch MS220-24
I'm paranoid about ordering the wrong cabinet.
Can someone point me in the right direction as to what I should Google, or look for, or is there a standard size which makes this easy to look for in the future?
Let me know if I need to provide more info.
Many thanks, Travis
Monday, June 8, 2020
Question about ISP costs in hosting content
If a national ISP (Ethio-Telecom) were to make a specific learning platform free to access for learners (an Open edX instance), what measures could be taken to minimize cost? I was initially thinking hosting the content on local servers but I'm not sure how much of that factors in the ISPs costs.
Where do ISPs costs lie? Help us make a compelling case to build a free national education platform. Let me know if there is a more fitting sub for this query than this. TIA
[Help] [Router QoS]: can someone tell me how to limit internet access for users on router Huawei hg531s1 v1?
I have limited internet quota, and some users used it up in the first 10 days of the month, so i need to limit the speed and quota (if possible) for every single user... We are nearly 10 users, the router works mainly for wifi, there is only one cable plugged to the router to connect a switch to it, about 5 users use the switch by wifi only too (those 5 who used up the quota), so i read about QoS and MAC addresses, but I couldn’t do all the options well, can someone explain it in details?
Help with an network exercise
Hi, so I'm doing a course of cyber security and we are viewing some basics of networking and in one of the exercises they give me the following ip packet:
" 0100 0111 0000 0000 1111 1000 0000 0001 1001 0010 1111 0101 0011 1111 1110 1101 0000 0010 0000 0110 0101 1100 1111 0000 1100 0000 1010 1000 0000 0100 0011 1011 0000 0010 1101 0100 0000 1101 1010 0101 1111 1111 1111 0000 0000 1111 1010 1010 0111 1100 0000 1010 0010 0000 0000 1111 1000 1000 0101 1100 0000 0000 0001 0110 1010 0111 1111 0001 1110 0000 1001 1011 1111 0000 0100 0111 1011 0111 0111 1000 0110 0000 0000 0000 1111 1000 1100 1100 0111 0110 1001 0010 1000 0000 0000 0000 0100 1110 1001 0010 1000 0111 0100 0000 .... "
And I need to figure out the source ip, the destination ip, what port they're using for communicate, what protocol the communication use (TCP or UDP) and how many TTL this packet will have before it get discard.
I really got stuck and I wish I can get some help, thank you very much !
Cisco Horse Crap
I got a cisco 3850 24 port 1 RU switch with a 4x1GE network uplink module. When I look at the interfaces there's 4 1GE interfaces and 4 10GE interfaces. I assumed if I swap out the 1GE module for a 4 x 10GE module I would have 4 10G interfaces..... boy was I wrong my model of 3850 only supports 2 10GE interfaces even though there's 4 when id run "show interface description".... God I hate cisco sometimes.
CCNA OSPF question concept help
Hi guys, I am studying for my CCNA and am in the section of OSPF. It is going great but i have a question, what is the difference if i add a specific network IP int address, vs the subnet. For ex, R1 has 172.16.10.1 on int g0/0. What would be the outcomes if I add these two commands:
network 172.16.10.1 0.0.0.0 area 0
network 172.16.10.0 0.0.0.255 area 0
I think the differnce is the first would be specific, and the second would allow all other nodes in that subnet?
I just cant grasp the concept well enough where in the lab, i would know the difference of when being asked to do either.
Hope this makes sense and thank you for the help[ in advanced
Options for a redundant internet service at colo facility
Hi All,
Soon we'll be transitioning our data center into a colo facility. We will need internet service, however I'd like to avoid taking separate DIA handoffs from different providers directly. Instead I'm wondering if a provider will sell me a service that utilizes two or more different ISP's and handles the BGP to provide a resilient /26 block to me with dual handoffs to my MLAG'ed cores. At that point we run VRRP or LACP between our routers. Is this a common scenario? Or is everyone just getting their own ASN's and doing the BGP themselves?
Intel X520-DA2 and 10gtek x520-DA1 connection resetting problems
Hey guys, I'm at a bit of a roadblock with my current network configuration. A few months ago I bought a used X520-DA2 and some intel trainsceivers to go with it and I noticed that when I connected my fiber the connection would just keep resetting. This stopped when I plugged it into the other port. Now again I bought another X520-DA2 from ebay and both ports are doing this and I was very perplexed. Trying to do 10gb full duplex would cause the card to reset the connection, but forcing it to 1gb would actually prove to be a stable connection. At this point I thought it was either the cable or the transceivers. I then bought a new 10gtek x520-DA1 variant that supports different transceivers so I bought that with 2 mikrotik S+85DLC03D. This connection also resets so I believe its just the cable at this point that has not been switched out (Im using standard LC-LC Duplex 50/125 Multimode OM3 fiber).
I'm using the latest drivers from Intel's website for my testing.
The Switch I'm using is a mikrotik CRS305-1G-4S+IN
What more can I do? Is there some configuration I'm missing or are these OM3 cables suddenly junk?
What do start and end ports do?
I'm learning how to port forward my router for my video games, but there's something that I'm confused about. There are some games that require a series of subsequent ports to be opened, for example, 61455, 61456, 61457, and 61458. Up to now, I just set each port as its own entry, but my router only allows 20 entries, and this filled all of them up fast.
I've been looking online for what "start" and "end" ports are for, but I could never find a clear answer.
Here's what I want to know, if I set the starting port to 61455, and the ending port to 61458, will it also forward all the ports in between? Or does this mean something else?
Juniper EX2300-24T
I just had a Juniper EX2300-24T bring down all links, copper and sfp. All port link & status lights went out, but the switch was powered and the alarm LED was not lit. Power cycling it brought everything back to normal.
I didn't have a chance to get a console cable on it before power cycling, and it has no remote logging set up. It is currently showing no system or chassis alarms.
Is there a log written to non-volatile storage somewhere that would have survived the reboot? I am a Linux admin, not a networking person, so I'm not super familiar with what my options are and what keywords I need to punch into Google.
The switch isn't under support, so JTAC won't talk to me.
Help locating Dell Force10 Firmware for FN 410S IOA
Currently running 9.6(0.0) and trying to get to latest version. Created a Force10 account but can't seem to get it approved for access.
Very inconsistent speeds.
Just upgraded to gigabit, brand new router modem combo. Pics included
Some websites give me 12mbps, some 250. The speedtest website gives me 250, the google chrome extension gives me 700. Cox says everything looks good. I understand a few mb difference but, hundreds? Cox can't come into homes bc corona. Very confused.
Any ideas?
So I'm hearing that there was a big Cloudgenix outage this weekend?
Anyone got any details?
Thankfully I wasn't the one who had to jump onto the bridge over the weekend but I'm hearing that we had a few hundred sites go offline for a few hours due to some issue on their end that affected many other customers. I was surprised to see nothing popped up relating to this because it seems like it would have been a big deal.
Humble Book Bundle: Digital & Wireless Networks by Taylor & Francis - Pay what you want and support charity
Humble Book Bundle: Digital & Wireless Networks by Taylor & Francis
Learn everything you need to know about digital & wireless networks with the latest book bundle by Taylor & Francis. Get ebooks like Wi-Fi Enabled Healthcare, The Internet of Things in the Cloud, Image Encryption, Mobile Telemedicine, and more.
Completely overwhelmed
It looks like I’m in unfortunate position of being let go at the age of 27. I worked my way up in company to a very well paid position more to do with my communication skills than my technical ability) without having any certifications., which makes me terrified of entering the job market. I’m in a bit of a spiral with deciding to do CCNA, then thinking JNCIA would be better, then wondering if it’s all pointless and I should be doing python and automation skills, I keep going round in circles without ever actually getting anywhere. I end up with this pit feeling of anxiety in my stomach that there’s too much to learn in such a short space of time, and I’ll never catch up and ultimately be left behind. Does anyone else get this feeling?
Recommendations for APs for a densely racked warehouse
I'm looking for recommendations for APs for a warehouse fit out. The customer wants hand held devices to work anyware in the warehouse "live" ie without cacheing. Given that requirement, the wifi coverage needs to be as good as possible.
The warehouse is 24 aisles. The aisles are about 60m/180ft long and the racks are around 18m/55ft tall.
I believe that if we were to put 2-3 APs (ceiling mounted) per aisle then client devices would have close enough to an AP, and only have line of sight to the APs directly above them, fine... However, if every aisle has 2-3 APs, that is 48-72 APs that are on the same plane and more or less have line of sight of each other (racking does not extend quite all the way to the roof) and there will be all kinds of same channel interference even using 5Ghz.
All this makes me believe that we will need to use narrow sector type APs pointing down into the aisle to minimise AP to AP interference. (Not the aruba omnis that the customer already owns and understanably wants to redeploy).
Am I right to be worried about "adding loads of omnis on low power with a channel plan and hoping for the best" as a deployment strategy?
If so, can anyone recommend a system suited to this environement I.E. centrally mannaged sector/narrow beam APs that don't cost the earth. I know and like Ruckus 7782-N and they now have the T310n which is ultra narrow which seems ideal, but Ruckus harware/licencing is $$$
Any insight into this kind of very channinging deployment RF would be appreciated, along with any specific AP/system recommentations
Thanks in advance people :)
TLDR help my buy lots of APs for a warehouse
Coding and Automation Basics - Part 2
Previous sections:
Introduction
In the comments of first post, we got some examples of jobs that people have automated like:
-
upgrading code on hundreds of devices
-
pushing config to dozens of routers at once
-
automatically failing over a firewall if it hit a memory usage threshold
All of these examples have a single thread in common; they took a tedious, easily repeatable problem, and made a computer do it instead. However, in order to do that, they first had to break down the problem in a way that was easy for computers to handle, that is, they had to think about it programmatically.
The purpose of this post is to act as an introduction to programmatic thinking.
Starting with the Basics
As far as we're concerned, there are three basic steps in an automation workflow: Inputs, Processing, and Outputs.
-
Inputs refer to the information that you (or another system) provides that goes into the process. For example, let's say you want to make a new firewall rule. The inputs would be the source/destination addresses and whatever other info the firewall requires.
-
Processing refers to what the computer will do with this information. For example, will it write all of your inputs to a file? Will it interface directly with the firewall to apply your rule?
-
Outputs refer to the results of the processing. You gave the computer an input, it did something with the input, and now you have a result. Often times the output of one process turns into an input of another.
This isn't a programming specific concept by the way. The same idea applies even if you work with a CLI or a GUI. For example, let's say you wanted to create a rule to block traffic.
-
First, you use CLI commands to pass relevant info to the firewall in a format it understands (input)
-
The firewall's underlying programming runs some magic and applies the information you gave it (processing)
-
the rule is now in effect, and you can see that traffic is now being blocked . Alternatively, maybe something went wrong and you get an error. (output)
They key takeaway here is that the fundamentals do not change with automation. In many cases, all you're really doing is presenting inputs to devices more efficiently so you don't have to do it all by hand.
Fundamental Programming Concepts
There are only a handful of things you need to understand in order to get started. Some of this may be common knowledge, but I believe they're worth reviewing. This is by no means a comprehensive list since this is just a general introduction and not a textbook.
Variables
A variable is something that stores information that will be referenced later. Variables can basically be anything, from numbers, to words, to lists of items. Parameterizing configuration is the idea of taking the parts of the config that can vary between devices and replacing them with variables that can be updated dynamically. This is a core concept in automation, and one that you will see over and over.
Arrays and Loops
Arrays, also known as lists, represent a series of related items. These are extremely powerful because they can be coupled with loops to process lots of items at once. A typical workflow is to:
- Load items into an array (input)
- Use a loop to do something to each item in the array (processing)
- Post the result of the process (output)
As an example, this is a simple bash script that loops through a list of IPs and prints the contents to a screen.
#!/bin/bash ip_addresses=(192.168.10.10 172.16.50.8 10.80.90.3) for ip in ${ip_addresses[*]}; do # go through the entire array echo "This is an IP address: $ip" # append some text to each item in the array and print to the screen done Output -------- This is an IP address: 192.168.10.10 This is an IP address: 172.16.50.8 This is an IP address: 10.80.90.3 Again, the syntax doesn't matter here. What's important is the concept.
Automation in Context
Example 1
Now that we've got the basics out of the way, let's move on to the real stuff.
Suppose you get a ticket one day asking you to make a firewall rule that allows certain untrusted addresses to access a trusted web server. Easy enough. You connect to you FW management interface, make a rule that looks something like this, and go on your way.
Name: "allow_http" Source Zone: ["untrust"] Source IP: ["192.168.10.0/24","10.15.0.0/24"] Destination Zone:["trust"] Destination IP: ["172.16.10.200/32"] Application: ["http"] Action: "allow" Let's take a moment to consider the structure of this rule.
-
First, a firewall rule must have certain attributes to be considered valid. For example, it's not possible to have a rule that has no action or no name
-
Second, each attribute only takes certain types of values. For example, the "Name" attribute can't be an array because it doesn't even make sense to have a list of names for a single firewall rule. On the other hand, "Destination IP" must be an array (even if it has a single value) because it's possible to have multiple destinations in a firewall rule.
-
Third, all values must conform to certain rules. For example, I can't just set the destination IP to "the webserver in the back room" and expect the firewall to know what I'm talking about. It must be a valid IP address.
-
Finally, this combination of attributes and their values is what creates an "object". In other words, in order for something to be considered a firewall rule, it must have these attributes that with values conform to set specifications.
Here's why this is important.It means that the representation of data doesn't matter as long as the data itself is valid. You could be using a CLI, or a GUI, or a fancy API. The end result will be the same as long as the device receives commands in a format that it accepts.
If I were using an SRX, the policy above would look something like this. As you can see, the only thing that's really changed is how the information is presented; the actual data and its function does not change.
set security policies from-zone untrust to-zone trust policy allow_http match source-address 192.168.10.0/24 set security policies from-zone untrust to-zone trust policy allow_http match source-address 10.15.0.0/24 set security policies from-zone untrust to-zone trust policy allow_http match destination-address 172.16.10.200/32 set security policies from-zone untrust to-zone trust policy allow_http match application http set security policies from-zone untrust to-zone trust policy allow_http then permit But what if you were tasked with adding a 100 different non-contiguous source addresses to the policy? Setting aside whether or not it's a good idea, the reality is that doing it by hand would be pretty painful. That will be the focus of the second example, which I will present in the third part of this series.
I'm going to stop this post here since it's starting to run a bit long. This is also a good point to pause for discussions and/questions. If there's anything I got wrong or isn't clear, please, please let me know. I'd rather not be another peddler of bad information.
I also mentioned in the first post that I'd be sharing ansible roles. The first one can be found here: https://github.com/wakapeil/palo-alto-ansible-roles/tree/master/role-panos-vpn
Using a Rasberry Pi (or any Linux host) as a Serial Console Server
Kind of feel like this is something I should've known years ago but only recently came across this after watching this YouTube video: https://www.youtube.com/watch?v=T-bBr5WKuH0
Ultimately it turns out the 'screen' command can be used to turn anything Linux (including a Pi) into a Serial Console Server. Still working out how to use it to the best but are already thinking about turning a Pi into a wireless serial server that actually works well (you know the blue/white bluetooth powered ones I am on about!).
Either way for those on watching a 9 minute long YouTube video I've also made a short guide on my personal blog: https://myworldofit.net/?p=11093.
Tired of using mobile data and hotspot, need advice on why my router doesn’t give good speed.
We just bought an internet sim data, and it works awesome on mobile giving speeds over the 100mbps but when I put the SIM in router, the speeds drop to 4-7mbps and the internet gets too slow.
I mainly use internet on my pc, and I’m tired of using hotspot on my iphone which makes the phone really hot.
Is there an alternative to Wireshark that's geared more towards enterprise environments?
I'm looking for an alternative to Wireshark that's geared towards enterprise networks and their complexity.
Remote Branch slowness possible MPLS mis configuration
Running a layer 3 MPLS. To note, for this specific branch the vendor is different from our ISP.
Whats weird is that some websites like reddit and youtube work just fine, while other websites do not load at all...and if they do load the images are all messed up.
I cannot run a speedtest no matter what website I try. But again, youtube and reddit work great. Im so confused. I spent 3 hours on the phone with Palo Alto and they dont have a clue whats going on.
They think its a routing, possibily an asymmetric routing issue. Any help would be appreciated....
Heres a traceroute from the remote PC if it helps
C:\Users\ahmed.admin>tracert -d reddit.com
Tracing route to reddit.com [151.101.65.140] over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 172.17.25.1 (router at remote location)
2 1 ms <1 ms <1 ms 198.18.34.9 (MPLS provider CPE at remote branch)
3 5 ms 5 ms 5 ms 198.18.34.1 (MPLS provider CPE at Corparte DC)
4 5 ms 5 ms 5 ms 198.18.34.2 (my mpls router)
5 7 ms 6 ms 6 ms 172.16.254.1 (my core)
6 6 ms 6 ms 6 ms 172.17.1.234 (palo alto Firewall)
7 6 ms 6 ms 6 ms 206.169.35.33 (my internet out ISP provider [this provider is different than MPLS provider for this specfic branch and its the only branch like that in this point in time)
8 7 ms 7 ms 8 ms 206.80.24.33 (ISP provider internet out )
9 21 ms 21 ms 21 ms 4.69.153.137 (random internet address)
10 22 ms 22 ms 22 ms 4.53.230.114 (random internet address)
11 21 ms 21 ms 21 ms 151.101.65.140 (reddit)
vs msn.com which never works at the remote location:
Tracing route to msn.com [13.82.28.61] over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 172.17.25.1
2 1 ms 1 ms 1 ms 198.18.34.9
3 5 ms 5 ms 5 ms 198.18.34.1
4 5 ms 5 ms 5 ms 198.18.34.2
5 6 ms 6 ms 6 ms 172.16.254.1
6 6 ms 6 ms 6 ms 172.17.1.234
7 6 ms 6 ms 6 ms 206.169.35.33
8 7 ms 8 ms 8 ms 206.80.24.33
9 20 ms 20 ms 20 ms 67.16.162.22
10 28 ms 21 ms 21 ms 4.68.111.21
11 * * * Request timed out.
12 21 ms 21 ms 21 ms 4.68.111.122
13 23 ms * * 104.44.40.151
14 68 ms 68 ms 68 ms 104.44.33.24
15 68 ms 68 ms 68 ms 104.44.17.74
16 69 ms 68 ms 68 ms 104.44.19.114
17 68 ms 68 ms 70 ms 104.44.17.232
18 68 ms 68 ms 68 ms 104.44.19.153
19 67 ms 68 ms 69 ms 104.44.22.210
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26
Subscribe to:
Posts (Atom)