|
We could, but that would be inaccurate. TFTP was originally for small files, 32MB was a limit not too long ago, but that limit can be exceeded by using pumpkin as your server.
|
#
?
Aug 2, 2013 20:05
|
|
|
|
| # ? May 28, 2024 22:46 |
|
|
Powercrazy posted:We could, but that would be inaccurate. TFTP was originally for small files, 32MB was a limit not too long ago, but that limit can be exceeded by using pumpkin as your server. RFC 2347 is from 1998, so a while ago
|
|
#
?
Aug 2, 2013 20:15
|
|
|
ragzilla posted:RFC 2347 is from 1998, so a while ago Heh. The fast paced world of networking.
|
|
#
?
Aug 2, 2013 20:21
|
|
|
I was using a server that could support 4G (SolarWinds), but apparently the TFTP client in the IOS image running on all of our switches is capped at 16. Judging from what I've seen on support forum posts, 15.0 can handle up to 32 megs.
|
|
#
?
Aug 2, 2013 20:45
|
|
|
psydude posted:I was using a server that could support 4G (SolarWinds), but apparently the TFTP client in the IOS image running on all of our switches is capped at 16. I regularly push around 100MB+ images with 12.2SR code, heck my old 7500 images are 20MB which we pushed around with TFTP. Are you sure you aren't filling your flash?
|
|
#
?
Aug 2, 2013 22:03
|
|
|
What irks me about TFTP when copying IOS images is the sub 100k transfer speeds via ethernet. Maybe the flash bus is the bottleneck but that makes it no less annoying.
|
|
#
?
Aug 2, 2013 22:44
|
|
|
ragzilla posted:I regularly push around 100MB+ images with 12.2SR code, heck my old 7500 images are 20MB which we pushed around with TFTP. Are you sure you aren't filling your flash? This was 12.2 on a 3560. I was able to get the image for 15.0 over via FTP no problem.
|
|
#
?
Aug 2, 2013 22:52
|
|
|
Gap In The Tooth posted:What irks me about TFTP when copying IOS images is the sub 100k transfer speeds via ethernet. Maybe the flash bus is the bottleneck but that makes it no less annoying. TFTP's a big bottleneck, the guys who make RANCID also have a lightweight RCP daemon which is much better transfer speeds and a similar (ie, none) security model to TFTP, useful as a drop-in replacement if you don't/can't use ssh/http/ftp.
|
|
#
?
Aug 2, 2013 23:38
|
|
|
routenull0 posted:I was involved a bit in the bake off for DCB deployment for DoD between QFabric / Nexus / Brocade........was fun. How did Brocade fare in this? We're looking at their VDX line for one of our datacenters.
|
|
#
?
Aug 2, 2013 23:51
|
|
|
FatCow posted:How did Brocade fare in this? We're looking at their VDX line for one of our datacenters. I have about 16 VDX's deployed, but they just do straight L2 work. Decent gear. RE: TFTP Guys, we have SCP and HTTP/HTTPS transfer now on IOS.....
|
|
#
?
Aug 3, 2013 01:00
|
|
|
routenull0 posted:RE: TFTP
|
|
#
?
Aug 3, 2013 01:02
|
|
|
ruro posted:Unless you're stuck with ciscoworks (pity me). Script it with something else?
|
|
#
?
Aug 3, 2013 01:39
|
|
|
DoS doesn't like Linux (it's open source! people could hack it!) or Unix. And I'm not allowed to install an RCP server on Windows for whatever reason. So yeah, I'm basically limited to s/ftp and tftp.
|
|
#
?
Aug 3, 2013 01:56
|
|
|
Gap In The Tooth posted:What irks me about TFTP when copying IOS images is the sub 100k transfer speeds via ethernet. Maybe the flash bus is the bottleneck but that makes it no less annoying. Makes you appreciate TCP and the sliding window eh?
|
|
#
?
Aug 3, 2013 09:48
|
|
|
psydude posted:DoS doesn't like Linux (it's open source! people could hack it!) or Unix. And I'm not allowed to install an RCP server on Windows for whatever reason. What guidelines does DoS use for equipment / OS hardening?
|
|
#
?
Aug 3, 2013 14:59
|
|
|
routenull0 posted:I was involved a bit in the bake off for DCB deployment for DoD between QFabric / Nexus / Brocade........was fun. Could you talk about what worked out and some of the "whys" ?
|
|
#
?
Aug 3, 2013 21:17
|
|
|
1000101 posted:Could you talk about what worked out and some of the "whys" ? Not that the moment as I am bound by a few agreements, but when that is all over, I'll put up some things.
|
|
#
?
Aug 4, 2013 14:53
|
|
|
Can anyone confirm that BFD works in VRRP for IOS-XE 3.x? I can't enable BFD globally right now on our ASR in the lab so I can't get the subcommand to pop up.
|
|
#
?
Aug 5, 2013 15:13
|
|
|
I'm going to assume that IOX has feature parity with the 6500, thus it will work. Or rather I can't see why it wouldn't.
|
|
#
?
Aug 5, 2013 16:03
|
|
|
So after getting my CCNA and updating my Linkedin I've been getting some really really good job offers.
|
|
#
?
Aug 5, 2013 16:18
|
|
|
Sounds like it's time to go job hunting. It is hard to find quality engineers right now, the world is your oyster as long as your competent.
|
|
#
?
Aug 5, 2013 16:49
|
|
|
Sepist posted:Sounds like it's time to go job hunting. It is hard to find quality engineers right now, the world is your oyster as long as your competent. I'm at the point where I can get a good Core network up and running and managed and I have the competence/skill set to research what I may need to add on top of it. Also I have no qualms with asking for help when it comes to it. :P
|
|
#
?
Aug 5, 2013 17:23
|
|
|
Zuhzuhzombie!! posted:Also I have no qualms with asking Google for help when it comes to it. :P Pretty much all you need.
|
|
#
?
Aug 5, 2013 17:24
|
|
|
Hmm, random question. Can I turn the interfaces of an ASA into switchports? I'm running an ASA5520 as a firewall/NAT boundry between publics address space and my internal network. I have 4 interfaces Gig0/0 - Gig0/3 Gig 0/3 is currently on my public /24. Is there a way I can plug some hosts into one of those other interfaces and give it a public IP address?
|
|
#
?
Aug 5, 2013 17:27
|
|
|
From what I understand it works just like any other l2 interface works. As long as there is an SVI with a public IP address on it, you should be able to switchport access vlan # on the interface in question to fix your problem. Unless it's different for that particular model/OS.
|
|
#
?
Aug 5, 2013 17:31
|
|
|
On a 5505 you would use switchport trunk, but on anything higher you need to make use of subinterfaces.
|
|
#
?
Aug 5, 2013 18:01
|
|
|
Zuhzuhzombie!! posted:So after getting my CCNA and updating my Linkedin I've been getting some really really good job offers. Must be nice. I added my CCNA and got bupkis.
|
|
#
?
Aug 5, 2013 18:03
|
|
|
Syano posted:Must be nice. I added my CCNA and got bupkis. Is your linkedin profile filled out to 100% (see the thread in BFC)? I'd get jack poo poo from recruiters no matter what I put on my profile, til one day I finally uploaded a photo. Then bam, multiple emails per week. If your profile isn't complete you basically don't show up in search results.
|
|
#
?
Aug 5, 2013 18:12
|
|
|
Subinterfaces would work for hosts that understand trunking. I want to plug in a normal host configured with an address of say 7.7.7.20/24 where the ASA has an address of 7.7.7.1/24. If the ASA was a switch I'd do this: int vlan 100 ip address 7.7.7.1 255.255.255.0 int gig0/2 switchport switchport access vlan 100 How do I do this on an ASA?
|
|
#
?
Aug 5, 2013 18:36
|
|
|
interface e0/0 (whatever the interface is) nameif whatever ip address 7.7.7.1 255.255.255.0 Just think of ASA's 5510+ as routers with a firewall module, makes things easier. 5505's are L3 switches.
|
|
#
?
Aug 5, 2013 18:52
|
|
|
So if they are routers, then can I created a BVI?
|
|
#
?
Aug 5, 2013 18:55
|
|
|
Introduced in 8.4 code: http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_complete_transparent.html#wp1382356
|
|
#
?
Aug 5, 2013 18:58
|
|
|
Looks like I can only do what I want with a dedicated switch :/ I'm so limited on my switch ports. The poor closet switch only has like 4 left. What a mess.
|
|
#
?
Aug 5, 2013 19:07
|
|
|
This is why you run away from ASA and into the warm embrace of a Palo Alto, where you can do bonkers stuff, like run vwires, tap, layer-2, and layer-3 interfaces all at the same time and across separate virtual systems.
|
|
#
?
Aug 5, 2013 19:15
|
|
|
Docjowles posted:Is your linkedin profile filled out to 100% (see the thread in BFC)? I'd get jack poo poo from recruiters no matter what I put on my profile, til one day I finally uploaded a photo. Then bam, multiple emails per week. If your profile isn't complete you basically don't show up in search results. Well there you go... off to take a picture!
|
|
#
?
Aug 5, 2013 19:39
|
|
|
LinkedIn definitely requires a picture* *If you're white My boss told me I am smiling way too hard in my linkedin picture :[
|
|
#
?
Aug 5, 2013 19:51
|
|
|
jwh posted:This is why you run away from ASA and into the warm embrace of a Palo Alto, where you can do bonkers stuff, like run vwires, tap, layer-2, and layer-3 interfaces all at the same time and across separate virtual systems. Haha. I'd love to, but alas we are a "100% Cisco shop" including Cisco 
|
|
#
?
Aug 5, 2013 20:23
|
|
|
I found out the other day you can't attack secondary addresses to ASA interfaces. At least, not 'really'. You have to add bunch of arp and route hackery. It's like Cisco is determined to make my life miserable.
|
|
#
?
Aug 5, 2013 20:27
|
|
|
Powercrazy posted:Haha. I'd love to, but alas we are a "100% Cisco shop" including Cisco ungh
|
|
#
?
Aug 5, 2013 23:59
|
|
|
|
| # ? May 28, 2024 22:46 |
|
|
Powercrazy posted:Haha. I'd love to, but alas we are a "100% Cisco shop" including Cisco I feel your pain. I've only just convinced management that we should migrate to F5 from ACE.
|
|
#
?
Aug 6, 2013 00:07
|
|