|
On the paid end, we used WhatsUpGold. It works pretty well with Cisco Equipment, just requires you to add the MIBs for some of the more obscure appliances.
|
#
?
Apr 14, 2014 10:24
|
|
|
|
| # ? May 28, 2024 03:32 |
|
|
Solarwinds here. It's pretty good off the shelf, and I find their Netflow module invaluable. Unfortunately its all Windows based which means not only so you pay for SW but your up for Windows licensing and maybe MSSQL licensing if you scale past what express caters to.
|
|
#
?
Apr 14, 2014 12:42
|
|
|
hanyolo posted:Haven't used it myself before, but from what I can see there is certainly better out there depending on your requirements. If you want something for free and know your way around unix then you can use Nagios / Cacti. It does require a decent amount of time to setup though. Anyone know much about setting up alerts in Cacti? For example, if a connection is pegged at 100mb/s for more than an hour It'd be nice to have an email fire off.
|
|
#
?
Apr 14, 2014 14:17
|
|
|
There are some alerting plugins for Cacti like thold. But often people leave Cacti as purely graphing and use something like Nagios for alarms since that's what each was designed for. Zabbix is one option if you want both functions in one package.
|
|
#
?
Apr 14, 2014 15:49
|
|
|
What about Cisco Prime? Has anyone used it?
|
|
#
?
Apr 14, 2014 15:53
|
|
|
sudo rm -rf posted:What about Cisco Prime? Has anyone used it? Probably the single most frustrating piece of software I've ever set up and configured. Like holy poo poo; the menu layout makes no sense and teaching anybody how to do anything in it is an all-day affair. Once you get it all set up, it's great, but holy gently caress make sure you set aside an extra $200 for all of the drinking you'll be doing after work for that two week period. e: I'm hoping Merkai will rub off on the rest of Cisco a bit, because working with any product that's even loosely associated with their enterprise wireless division is maddening. psydude fucked around with this message at 16:35 on Apr 14, 2014 |
|
#
?
Apr 14, 2014 16:30
|
|
|
Try Observium (free/open source, or could pay a little $ to get some more features). Auto detects all cisco stuff (and 100 other vendors), very useful. Note that alerting is a relatively new feature, but it will show down devices via the web interface.
|
|
#
?
Apr 14, 2014 17:09
|
|
|
sudo rm -rf posted:What about Cisco Prime? Has anyone used it? I'm in the process of getting it setup. Like all Cisco software, the GUI is an awful piece of poo poo. I didn't have a choice for the procurement otherwise I would have absolutely chosen something else, maybe Solar Winds.
|
|
#
?
Apr 14, 2014 18:04
|
|
|
SolarWinds is reasonably good. I am using PRTG now and it's also reasonably good. Except for handling syslog messages (it is really awful at syslog, which is a new feature, but still). Currently: PRTG - Up/down, alerting, historical monitoring, some maps/dashboards Cacti + Network WeatherMap - "real time" utilization map (Cacti is only used as a feeder for the WeatherMap) RANCID - config management (ask me about my Cisco UCS RANCID scripts!) SmokePing - 4 AWS boxes (US-West, US-East, Euro, APAC [Sydney]) (1 master, 3 slaves) LogStash + Kibana - syslog collection (anything high sev + all firewall traffic logs) We were using paid Kiwi for syslog but it dies horribly at 2 million messages-per-hour, regardless of hardware, for no apparent reason. (according to their documentation!  )
|
|
#
?
Apr 14, 2014 18:31
|
|
|
sudo rm -rf posted:What about Cisco Prime? Has anyone used it? We use it for the wireless side, and I'm interested in if it's useful for Collab (since we get free prime collab std in UC 10) - I'm not a huge fan of it's javascript flash combination of things, and it can crash or burp. Not really anything you are going to be doing for large wireless without it, but it's planning tools are lame.
|
|
#
?
Apr 14, 2014 18:35
|
|
|
madsushi posted:SolarWinds is reasonably good. I am using PRTG now and it's also reasonably good. Except for handling syslog messages (it is really awful at syslog, which is a new feature, but still). I think we're using an old Cisco MARS to handle our syslogs.
|
|
#
?
Apr 16, 2014 15:45
|
|
|
Zuhzuhzombie!! posted:I think we're using an old Cisco MARS to handle our syslogs. I actually just chucked one of those into our "storage" building (aka graveyard) not too long ago. No idea how old the thing actually was.
|
|
#
?
Apr 16, 2014 15:47
|
|
|
It broke once and my option was to figure out what died or take the other one in storage and configure it to do the same by the seat of my pants. Cracking the dead one open and finding/sourcing/replacing the broken part was the easier task. Can anyone recommend a good console server?
|
|
#
?
Apr 17, 2014 15:55
|
|
|
Zuhzuhzombie!! posted:Can anyone recommend a good console server? The only ones I've used are TrippLite's, they seemed fine.
|
|
#
?
Apr 17, 2014 16:47
|
|
|
Thanks. Will check it out. I've been using an old 2600 with an Octal cable but for some reason the typical break commands don't work through it and some of the newer guys are hosing up console connections instead of clearing the con lines.
|
|
#
?
Apr 17, 2014 17:20
|
|
|
I'm trying to size up a potential replacement for my existing 1841. I'll be moving from 50Mbps cable to 1Gbps  Google Fiber, so I need something that can keep up.I'm trying to balance cost and performance, so right now I'm considering the 3825 which appears to push about 350K PPS with CEF. I do have some light ACLs, NAT, and QoS going on, so I'm worried that performance will be poo poo because too many packets will get kicked up to the CPU to do the NAT and QoS stuff. I think CEF handles the ACLs just fine. Here's the output from show cef not-cef-switched on my 1841: code:
|
|
#
?
Apr 17, 2014 17:54
|
|
|
Zuhzuhzombie!! posted:Can anyone recommend a good console server? OpenGear's nice, and not exorbitantly expensive.
|
|
#
?
Apr 17, 2014 18:13
|
|
|
Cenodoxus posted:I'm trying to size up a potential replacement for my existing 1841. I'll be moving from 50Mbps cable to 1Gbps Better question: how much real throughput are you expecting on Google Fiber? If you're looking at >200mbps available via google then I wouldn't even bother with Cisco unless you feel like getting an ASR1002
|
|
#
?
Apr 17, 2014 18:34
|
|
|
CrazyLittle posted:Better question: how much real throughput are you expecting on Google Fiber? If you're looking at >200mbps available via google then I wouldn't even bother with Cisco unless you feel like getting an ASR1002 Good point, I do want to fully utilize it as much as I can. Even if I rarely break 200Mbps, I'd still hate for my router to be the theoretical bottleneck. it seems like anything above the 3825/3845 quickly gets out of my price range. I was also considering an Ubiquiti EdgeRouter Lite, but I've heard mixed reviews and I can't get a solid answer on how well it supports/implements 802.1p.
|
|
#
?
Apr 17, 2014 18:58
|
|
|
Doesn't Google give you a router?
|
|
#
?
Apr 17, 2014 19:08
|
|
|
Bob Morales posted:Doesn't Google give you a router? They do, but by all accounts the software is very lovely and the firewall/ACL and port forwarding functions are very lacking.
|
|
#
?
Apr 17, 2014 19:12
|
|
|
What about lower-end G2? Say a 2921? I'm pretty sure it's performance is better than even the highest ISRs, and the price is around 1500 or so.
|
|
#
?
Apr 17, 2014 19:57
|
|
|
Cenodoxus posted:I was also considering an Ubiquiti EdgeRouter Lite, but I've heard mixed reviews and I can't get a solid answer on how well it supports/implements 802.1p. The EdgeRouter's hardware acceleration doesn't work if you enable QoS, but is that actually important for a 1Gbps connection? Stateful firewall, NAT, VLAN tags, and IPsec can all be offloaded for both IPv4 and IPv6. The beta firmware has support for PPPoE offload too, in case it's applicable to Google Fiber.
|
|
#
?
Apr 17, 2014 20:21
|
|
|
Depending on your ACLs requirements you could just use a switch with a L3 image. (Some ACL functionality gets punted to CPU depending on the model).
|
|
#
?
Apr 17, 2014 20:23
|
|
|
SamDabbers posted:The EdgeRouter's hardware acceleration doesn't work if you enable QoS, but is that actually important for a 1Gbps connection? Hmm, good to know. In this case, yes, it's important, but only for upload speeds. Here's the situation - All traffic to and from the ONT is on VLAN 2. Their headend expects upstream frames to be CoS-tagged or else your upload gets throttled to 10Mbps. I believe the recommendation is that DHCP is priority 2, IGMP is 6, and all other traffic is 3. Basically, you can set everything to 3 and forget the rest. Downstream is not class-tagged. Others have reported being able to stick a small managed switch between the ONT and the router to handle stuff like the VLAN and CoS tagging, but I'd like to see if it's possible to cut out the middleman. I'm able to emulate the setup on my 1841 by placing the WAN config on a subinterface on VLAN2, and setting an outbound service-policy to tag all traffic to 3. code:
|
|
#
?
Apr 17, 2014 20:47
|
|
|
Possibly something like an RB1100? Alternatively how about your own choice of router with a cheap switch between the router and google's ONT doing the COS marking?
|
|
#
?
Apr 17, 2014 21:26
|
|
|
I have a short question, not really tech related. Does anyone know the joke about the scientists and the button? There is an older scientist, and a young scientist. The young man presses a button, not knowing what it does, and it doesn't do anything. The older man presses the button, and it works, or a light comes on or something. I haven't heard this joke since a CCNA course I took in high school, and I can't find it online. Can someone help me find it? I figured this would be the place to ask!
|
|
#
?
Apr 17, 2014 22:02
|
|
|
Powercrazy posted:What about lower-end G2? Say a 2921? I'm pretty sure it's performance is better than even the highest ISRs, and the price is around 1500 or so. Come to think of it, why not an NPE-G2? It'll do 2 million pps. Comedy option, "rack a quad core with 4gb RAM and install Vyatta community edition." CrazyLittle fucked around with this message at 04:35 on Apr 18, 2014 |
|
#
?
Apr 18, 2014 04:27
|
|
|
Cenodoxus posted:Hmm, good to know. In this case, yes, it's important, but only for upload speeds. Here's the situation - Given these requirements, I'd go with an EdgeRouter Lite for bang-for-the-buck routing and a Netgear GS108T switch for VLAN/CoS tagging. It's probably the least expensive option (under $200) that can push several hundred kpps. I have both of these devices and tested the configuration successfully. The switch can assign an arbitrary priority tag to all packets coming in on an untagged interface and propagate it out a tagged port. Here are some screencaps. Interface g1 is connected to a desktop and configured to be untagged on VLAN 1; interface g3 is connected to a machine running Wireshark and is configured to receive tagged frames. The second screenshot shows the 802.1q header received on g3 before I set g1 to have a priority tag (it shows 0), and the third screenshot shows priority tag 3 applied.
|
|
#
?
Apr 18, 2014 06:08
|
|
|
Anyone have recommendations for inventory tracking? Spreadsheets are getting out of control trying to track thousands of switches / routers / devices with things like: Vendor Make/Model Serial Individual Line Cards Location details Support Expiration Support Contract IP Information Some vendors do support just on the chassis and everything in it is covered, but more are moving to requiring coverage on the chassis + individual line cards so being able to customize the device within is key.
|
|
#
?
Apr 18, 2014 12:51
|
|
|
While we're talking recommendations... What do people use for circuit inventory? Everything from OCx, ds3, t1, metro e, 10gig etc. We have incomplete spreadsheets all over the place and we've been trying to get in house Dev to fix the tools we have but at this point its been years so I doubt it's going to happen. What do y'all use?
|
|
#
?
Apr 18, 2014 13:18
|
|
|
H.R. Paperstacks posted:Anyone have recommendations for inventory tracking? http://racktables.org
|
|
#
?
Apr 18, 2014 15:34
|
|
|
Panthrax posted:While we're talking recommendations... What do people use for circuit inventory? Everything from OCx, ds3, t1, metro e, 10gig etc. We have incomplete spreadsheets all over the place and we've been trying to get in house Dev to fix the tools we have but at this point its been years so I doubt it's going to happen. What do y'all use? Netcracker
|
|
#
?
Apr 18, 2014 16:19
|
|
|
I need some advice friends. I currently live in a house beside my parents' house. They get cable internet into their home router, and I have a CAT5 cable running from their router over to my house, into my Cisco router (an 1841 I think). I have a VPN box in my segment of the network, but since the flow goes: My PC -> [10.10.*.*] -> [192.168.*.*] -> Internet ...how could I set up a VPN connection to my segment of the network? Is there a way to forward ports from the internet router to my router? Which ports? I'm stumped by this.
|
|
#
?
Apr 18, 2014 17:03
|
|
|
CrazyLittle posted:Come to think of it, why not an NPE-G2? It'll do 2 million pps. YEESSS the 7200 will never die. Get google fiber and put that into an OC3 and create a SONET ring in your house.
|
|
#
?
Apr 18, 2014 17:26
|
|
|
Powercrazy posted:YEESSS the 7200 will never die. 7206vxr represent You can have my PA-GE when you pry it from my cold dead hands *edit* you know you're feeling sassy when you get a c7200-i/o-ge+e because that poo poo doesn't count in your points. CrazyLittle fucked around with this message at 18:33 on Apr 18, 2014 |
|
#
?
Apr 18, 2014 18:23
|
|
|
CrazyLittle posted:7206vxr represent IO-GE counts against points on NPE-400, only G1/G2 have the 3rd dedicated bus. ragzilla fucked around with this message at 18:40 on Apr 18, 2014 |
|
#
?
Apr 18, 2014 18:37
|
|
|
SamDabbers posted:Given these requirements, I'd go with an EdgeRouter Lite for bang-for-the-buck routing and a Netgear GS108T switch for VLAN/CoS tagging. It's probably the least expensive option (under $200) that can push several hundred kpps. Yeah, it looks like offloading the CoS is unavoidable at this point. Along the lines of what you said, I'll probably end up running the WAN drop through a Catalyst 2970G to handle the VLAN and CoS, and then give the routing bit to an EdgeRouter Lite. I was hesitant to use EdgeOS because I had heard bad things about it as far as 802.1p stability, lack of documentation, etc, but as long as it's relegated to some simple ACL, NAT, and DHCP stuff I think it should be alright. I appreciate everyone's input. Now to get my lazy loving neighbors to sign up so I actually get Fiber in the first place. 
|
|
#
?
Apr 18, 2014 19:20
|
|
|
ragzilla posted:IO-GE counts against points on NPE-400, only G1/G2 have the 3rd dedicated bus. npe-400 is for scrubs  Cenodoxus posted:I was hesitant to use EdgeOS because I had heard bad things about it as far as 802.1p stability, lack of documentation, etc, but as long as it's relegated to some simple ACL, NAT, and DHCP stuff I think it should be alright. It's Vyatta.
|
|
#
?
Apr 18, 2014 20:13
|
|
|
|
| # ? May 28, 2024 03:32 |
|
|
QPZIL posted:I need some advice friends. Any reason you're using a router here and not just a switch?
|
|
#
?
Apr 18, 2014 20:27
|
|