|
Zuhzuhzombie!! posted:"Cause=Heartbeat Timeout" It's saying "I couldn't talk to the controller in time, so I guess the controller is dead." Googling helped me find this: https://supportforums.cisco.com/thread/2140595 tl;dr is -Check your latency on the connection to the controller, and failing that, get off of the 6 train if you're on it.
|
#
¿
Mar 29, 2012 21:57
|
|
|
|
| # ¿ May 6, 2024 06:23 |
|
|
You don't have to do both, but it's probably not a bad idea. The smaller one is the "rescue image" for when it's super broken and you have to boot into something. (Or at least that's how I understand it.)
|
|
#
¿
Apr 3, 2012 13:07
|
|
|
This isn't Cisco specific, but I think the expertise is probably here for what I need to know. I'm setting up an IPSec VPN for our students/employees, and wanted to know if there is any reason I should NOT use a pre-shared key for Phase 1 IKE (that would pretty much be publicly known). Phase 2 needs a username/password anyway, so it seems like it should still be secure as a service. (Or at least as secure as any username/password combo goes.)
|
|
#
¿
Feb 7, 2013 15:40
|
|
|
Sounds like an ARP caching issue, the switch still associates the MAC of the original firewall with the "shared" IP, and until the firewall stepping in sends traffic to the switch, the table doesn't get updated. Is it possible to have the standby firewall send some kind of traffic to the LAN side immediately when it takes over?
|
|
#
¿
Sep 30, 2013 15:36
|
|
|
It's very common in .edu space, since most got their addresses before ARIN existed. It makes routing/firewalling soooo easy. Comedy answer: So what? Any modern IPv6 network is all public. What rock do you live under? 
|
|
#
¿
Nov 3, 2013 16:03
|
|
|
Is anyone here already into SDN (openflow) kind of stuff? If so, are there any recommendations for the "traditional" network admin to train into the world of SDN? I think I get it conceptually, but I have no idea how to practice my skills with the new paradigm.
|
|
#
¿
Jul 6, 2015 23:09
|
|
|
1000101 posted:Openflow is a form of SDN but not all forms of SDN are openflow. Thanks! I'll probably try and work into NSX a bit, since it's accessible to me right now. I'm currently a CCNP R&S, so it's good to know that the L3 stuff will help. Is there a good way you know of to "lab it up" and really try some of these things at home?
|
|
#
¿
Jul 7, 2015 03:08
|
|
|
bad boys for life posted:Do you want to do just SDN? Do you want to look at NFV as well? Do you want to work with this in the Enterprise? Datacenter? ISP? I'm not sure yet? My background is in enterprise, with brushes against the datacenter. I guess part of my problem is that my understanding thus far of the concepts has gone to "I can dynamically assign the contents of the forwarding table in hardware, allowing lots of flexibility." I know the overlay idea is that you can have PBR-on-steroids, in a sense. However, without hands-on, I'm feeling lost, hence the posting. bad boys for life posted:If you have a server with a couple xeon processors, you can spin up a OpenStack/OpenDaylight lab. I like this idea! Are there any instructions to ease the beginner into the concepts? What do you think of throwing an image on Digital Ocean? I could probably throw a lot of hardware at a lab for a couple hours at a time, if that's what it takes. bad boys for life posted:SDN is extremely immature right now and there isnt really a set standard for everything. ... Yeah, I agree on this point. However, I feel that if I can get into the concepts, I'll be better prepared for what's coming. I presume you're also deep in IT somewhere and saw what happened to the traditional Linux sysadmins when "devops" came along. I know I watched it - and traditional network admins are in for the same if we don't get ready for config management in the network space.
|
|
#
¿
Jul 7, 2015 18:44
|
|
|
inignot posted:What problem is SDN solving for me? This part I *can* answer. So the real value right now is in the data center, and part of it is that it eliminates the network administrator from new virtual machine turn-ups. In the case where you programmatically launch servers, you can also allocate network resources to the physical hardware without ever contacting a human. In fact, the same programmatic process that does your capacity build-out on the server side will just handle it. Spanning tree goes out the window, and your network can actually balance itself using software rules to push flows over all available links. You can push multiple paths for different types of traffic, so you have the potential to go beyond QoS and really prioritize flows over different hardware. In short, if you're small to medium size right now, it doesn't mean a lot. If you're enterprise and/or data center, it's going to be pretty cool. Traditional network admins have several years before it really trickles down beyond very large IT orgs, most likely. I'm in Silly Valley, and even here it's probably a 2 year horizon outside of Google and and the other ISP-like IT orgs.
|
|
#
¿
Jul 7, 2015 20:22
|
|
|
Barracuda Bang! posted:for just under $800, h If you're willing to drop 800 anyway, consider the e-learning course from Cisco themselves: https://learningnetworkstore.cisco....ars-v2-0-015705 It has interactive lessons, and they did a little bit of gamification that's helpful for motivation. Try the demo, see if the format is something you like.
|
|
#
¿
Jul 8, 2015 15:33
|
|
|
adorai posted:doesn't that lead to hosed up routing metrics though? My initial problem was that I was unable to have a backup VPN at a given site, because all my routes were external. Yes, you're hitting on the correct reason you want to avoid lazy redistribute connected. They will all be "injected" as external, and depending on your metric type, the paths won't be calculated correctly for internal use. (E1 vs. E2) Passive and network statements are by far preferred for a "professional" OSPF environment. Of course, if you've only got 5 devices and will literally never grow or have enterprise needs, it probably won't come up as an issue. Probably.
|
|
#
¿
May 17, 2016 16:31
|
|
|
Does your switch support high power PoE? (802.11at)? It's possible you're booting at lower power, then the device requests full power, can't get it, and reboots. Edit: I suppose it's possible it's rebooting for another reason. Is there any kind of serial or debug port on these devices?
|
|
#
¿
May 4, 2017 16:43
|
|
|
Cisco's e-Learning is astoundingly good for learning routing. Get the ROUTE course and don't look back. It has interactive labs, videos, and graphics along the way. The other e-Learning is meh, but the R&S courses are so good. https://learningnetworkstore.cisco.com/on-demand-e-learning
|
|
#
¿
Sep 22, 2017 18:31
|
|
|
I recently got on-site to one of my employer’s data closets to find a spaghetti mess of copper and fiber, and I think I’ll be spending the weekend trying to tame this crap. Can anyone recommend a resource (videos? books?) that teach how to properly loom 2-post racks to make the results not-terrible? I freely admit I’m not a data center guy, I haven’t done pulls and don’t have the experience to do much more than velcro wraps and basic cosmetics. I was curious if there are any special tricks to hiding the slack and so forth, such that future coworkers won’t curse my name as I’m doing for whomever did this total pasta-job.
|
|
#
¿
Nov 11, 2017 20:01
|
|
|
Darn, that’s not what I was hoping to hear.  I guess since I’m an “individual contributor” with no influence or budget, I may just be up a creek on it. Oh well, at least I have my roll of velcro. 
|
|
#
¿
Nov 11, 2017 20:34
|
|
|
Thanks, all! NeatPatch looks pretty nice, though their website needs a little help. Still, it appears to be a reasonably good way to stow the extra lengths of cable. For the other tips, I’ve used as appropriately sized cables as I have access to. The results for my equipment (WAN routers, ASRs) are pretty good, now I just need to clean up the rest of it for the other teams. 
|
|
#
¿
Nov 12, 2017 06:23
|
|
|
In terms of programmatic configuration in enterprise networks, are there a set of products or software commonly in the market yet? I've been looking at some job reqs, and they call out Python scripting experience and sometimes SDN. As someone who hates to let their skills atrophy, I'm curious what the current best practice config management looks like. (For me, this usually means Cisco devices.) I'm quite familiar with NSX, but not what is commonly meant by SDN for some of these job reqs. (LinkedIn is an example company asking for these skills) Is it likely homegrown? I didn't think ACI had much market penetration yet.
|
|
#
¿
Jan 18, 2018 19:51
|
|
|
What's the meraki cost? Silver peak also has SD-WAN with acceleration available, but you'd be looking at 200/mo per site at least for 200M
|
|
#
¿
Sep 7, 2018 00:56
|
|
|
If you have distance between your offices, you could look at their Boost option as well. SP is sort of the original WAN accelerator, that's just the name for adding that tech on top of their path selection. If you have VMware, velo is an obvious choice for more basic path stuff
|
|
#
¿
Sep 7, 2018 01:19
|
|
|
If you're going to have VTP on for some reason, then you should define it so that it doesn't pick up the domain from some unknown source in the future. I believe the default behavior is to join the first one it sees.
|
|
#
¿
Sep 7, 2018 18:03
|
|
|
Is there a good resource anyone can recommend for learning EVPN concepts and deployment? I'm a Cisco-background guy if it makes any difference.
|
|
#
¿
Oct 10, 2018 23:33
|
|
|
Thanks, that book is exactly what I needed! The foreword is really correct, Google searches were returning results too complex for me.
|
|
#
¿
Oct 11, 2018 19:37
|
|
|
I'm taking a programmatic config course, and Cisco mentions both NETCONF and RESTCONF, is there more market acceptance or desirability between the two? Edit: I guess the REST portions are just a subset of NC functions, so it's just a choice on how to access the device. I'm just not educated enough to understand why you would want to use the web interface vs SSH or vice versa. Dalrain fucked around with this message at 23:10 on Jan 3, 2019 |
|
#
¿
Jan 3, 2019 22:09
|
|
|
Same with us, not supported, they got it anyway. Same solution as well, you had to use a dedicated PC on a small VLAN to stream to it. It's very consumer oriented, no unicast option I could discern.
|
|
#
¿
Jun 19, 2019 14:45
|
|
|
What is this arrow P icon supposed to represent, other than Cisco 9k? VXLAN? https://www.cisco.com/c/dam/en/us/p...07-733228_2.jpg
|
|
#
¿
May 21, 2021 00:53
|
|
|
Can you explain what kind of redundancy you’re looking for? (Or what failure you’re explicitly trying to work around?) I *think* you’re implying that you are worried about the case where a P2P link fails, and traffic arrives at the “wrong” router. If you don’t like link tracking, or you want to be able to detect routing condition failures further down the BGP chain, you could just have the routers speak BGP to each other on the LAN side through the switch or via a back to back link capable of all the traffic the site could generate. You could then end up in a suboptimal but “fine as a backup” condition where traffic arrives at router 1 and immediately gets redirected to router 2 in case router 1’s link gets lost.
|
|
#
¿
Aug 6, 2023 18:32
|
|
|
|
| # ¿ May 6, 2024 06:23 |
|
|
MR is access points in Meraki terms. You’ll have more luck searching on Meraki than Cisco, since that’s what you have. For licensing, they have two models - co-term and per device. Per device is more popular now, but they still offer co-term. You’ll want to see which model of licensing you’re on, then you can decide from there. In the Dashboard, check Organization (Left side) -> Configure -> License Information It does sound like overkill for literally 3 people, but of course we don’t know what your actual costs are. Licenses are 1-1 with Meraki, you need a license for each device you have.
|
|
#
¿
Apr 11, 2024 21:30
|
|