|
Rofl. That reminds me of when the ISP I used to work for sent out a marketing mailer with how fast our packets traveled in miles per hour. IIRC they literally pinged a server in another state, then took the distance from our city to there and half the round-trip time to come up with a speed. It was glorious.
|
# ¿ Aug 2, 2013 00:25 |
|
|
# ¿ May 13, 2024 23:26 |
|
Syano posted:Must be nice. I added my CCNA and got bupkis. Is your linkedin profile filled out to 100% (see the thread in BFC)? I'd get jack poo poo from recruiters no matter what I put on my profile, til one day I finally uploaded a photo. Then bam, multiple emails per week. If your profile isn't complete you basically don't show up in search results.
|
# ¿ Aug 5, 2013 18:12 |
|
The "swatting a fly with a Buick" aspect of IPv6 does amuse me. Oh, a /24 isn't enough for you, tough guy? Ok, here's more address space than all of IPv4. We give no fucks
|
# ¿ Aug 23, 2013 02:33 |
|
Contingency, you just produced the best name/avatar/post combo I have ever seen Have I said this before about one of your posts? Feels familiar. Anyway.jwh posted:The short answer is yes, but the longer, and better answer is no Seconding this. I was in the middle of evaluating Palo Alto when I left my last job, and their poo poo is awesome. It was on the higher end of the price spectrum, but put it up against Cisco and it will look pretty great especially considering what you get for the money. And for the love of god, please try to get management support for taking away local admin. Surely (right? ) if you're talking several hundred users most of them are not special VP or C-level snowflakes that "need" local admin and unrestricted access to Pirate Bay to do their jobs.
|
# ¿ Aug 31, 2013 09:40 |
|
I am so stealing that image. It's the absolute perfect SH/SC.jpg
|
# ¿ Sep 6, 2013 18:44 |
|
Yeah it's not a networking product per se, though it has a networking component. It's basically compute + networking + storage in a box, designed to scale out massively but be centrally managed from one interface. My company's starting to roll them out in a limited fashion. The B-series are a blade chassis, and the C-series are a traditional rack mount form factor. FWIW we have had no loving end of problems with the C series but the B's have been great.
|
# ¿ Sep 12, 2013 22:55 |
|
ragzilla posted:Can you expand on your issues with the C servers? We're looking at adding some for local storage applications. The biggie was some fuckery with the RAID controllers. I wasn't the main guy working on this but if you really want I can ask the guy who was and get you explicit details. But basically you'd provision the box in UCS manager with a RAID config and everything would boot up fine. Then sometimes the disk IO performance would go to poo poo despite the management software not showing any alerts or issues. Reboot box, suddenly the RAID config is gone along with everything on the disks and you get to start over This persisted across a bunch of hardware swaps. The C series boxes are in production now so I assume that's been resolved (since they're acting as database servers, not some stateless throwaway box) but like I said I wasn't personally handling that issue.
|
# ¿ Sep 13, 2013 06:44 |
|
Agrikk posted:The original call was for a join statement to test the availability of a few tables, but that was quickly shot down as being too heavy a transaction for a probe... At one point we noticed that our monitoring software was running a non-trivial query against the production DB many thousands of times per day, despite being configured to run every 5 minutes or something. Turned out collectd had a bug where the setting to specify how often to poll just didn't work and defaulted to every 10 seconds That was a fun discovery.
|
# ¿ Sep 13, 2013 18:29 |
|
dotster posted:What RAID controller were they running? I have run the mez card or PCI controllers but those are just LSI. Looks like LSI MegaRaid 9265-8i.
|
# ¿ Sep 16, 2013 16:37 |
|
Smokeping might be closer to what you want, too.
|
# ¿ Sep 26, 2013 18:53 |
|
Martytoof posted:People who love free junk: Here's the fine print
|
# ¿ Feb 11, 2014 20:15 |
|
Sepist posted:We call it the megatron, it's an ASR9922. If you saw a linecard with 1 or 2 ports chances are it was a 100gb linecard. We have a lot of them deployed in our DC's, here's some pics. You can see the 2x100Gb linecards in the lower part of each chassis I have nothing to add besides holy poo poo, dat router
|
# ¿ Mar 14, 2014 20:46 |
|
Cross-posting from the general IT thread since I just remembered this one exists. My company is hiring if anyone wants a network engineer job in Denver. PM me or reply here with an email address if you want details. Guess I should do a formal post in the job fair thread at some point. Looking for roughly CCNP level experience though the actual cert isn't a hard requirement since we don't in fact run much Cisco gear. Juniper, Force 10, F5. Linux expertise a huge plus. You would be the primary network engineer for a mid-size web property. I hesitate to call it a "startup" since they've been around for going on 10 years but it still has that kind of cultural workplace feel, for better or worse. Full-time remote is not an option but frequent work-from-home may be as long as you're in the general area. I am not the hiring manager, just a sysadmin you'd be working with, but I can pass resumes along and put in a goo
|
# ¿ Mar 24, 2014 06:07 |
|
less than three posted:Yeah our F5s are great, would definitely recommend. Thirding dis
|
# ¿ Mar 25, 2014 01:49 |
|
At a past job we ran some old-rear end EOL load balancers from Coyote Point. They were... adequate. Kind of a poo poo UI but I will say they were rock-solid. Years of uptime with no issues.
|
# ¿ Mar 25, 2014 02:21 |
|
There are some alerting plugins for Cacti like thold. But often people leave Cacti as purely graphing and use something like Nagios for alarms since that's what each was designed for. Zabbix is one option if you want both functions in one package.
|
# ¿ Apr 14, 2014 15:49 |
|
Zuhzuhzombie!! posted:Can anyone recommend a good console server? The only ones I've used are TrippLite's, they seemed fine.
|
# ¿ Apr 17, 2014 16:47 |
|
There's plenty of dedicated IPAM tools you can host yourself that might work better than a spreadsheet. Things like Netdot or the venerable IPPlan.
|
# ¿ Apr 21, 2014 18:02 |
|
No that definitely sounds like an absurdly high failure rate for anything I didn't buy for my kid from the clearance bin at Toys-R-Us. Let alone a serious IT vendor.
|
# ¿ May 11, 2014 05:12 |
|
Yes, all monitoring software sucks. I am not being sarcastic. If you hate text files that much, Zabbix is almost entirely point-and-click to configure. If the devices are similar you can set up one template and attach it to all the devices you want to monitor, and you're done. It handles both graphs/trends and alerts.
|
# ¿ Aug 11, 2014 04:39 |
|
Finally got approval to replace our lovely, ancient Force10 "core router" that doesn't have an adjustable TCAM. Might not actually be completely hosed on 512,000 BGP Entries For Real Day We have it paired with another, less-lovely router but I wasn't really looking forward to losing redundancy since our business operates 100% online. Now to submit the order to our VAR and hope they don't say "lol that product is backordered 6 months out".
|
# ¿ Aug 19, 2014 16:44 |
|
Juniper MX104. The other existing router is an MX80.
|
# ¿ Aug 19, 2014 16:52 |
|
And surely it exposes SNMP so you can roll your own pretty graphs in whatever tool you like.
|
# ¿ Aug 31, 2014 17:06 |
|
Since I had to go digging for it tonight, here's Juniper's response and risk assessment per-product. If anyone finds something relating to Force10 () gear I'd appreciate a link.
|
# ¿ Sep 26, 2014 06:35 |
|
I'm relaying this question for a coworker, sorry if any part of this doesn't make sense. It's my fault for being a networking dunce. We're replacing an old Force 10 "core router" with a new Juniper MX104. To be best of our knowledge, the config is 100% identical, translated from F10 to Juniper. Same IP's on all interfaces, same ACL's. When we put the new router in place, almost everything works... except no traffic can pass out through our firewall, an old-rear end Juniper SSG-520 running software rev "6.3.0r10.0". There's a layer 3 switch (Juniper EX4500 virtual chassis) sitting between the two devices, they aren't directly connected. Is there anyone here with ScreenOS experience that might have a clue as to why that's happening? We've combed the firewall configs 500 times for any reference to an IP or network that was on the old router but not the new or something really obvious like that and come up empty. Happy to provide additional detail or take it to PM's.
|
# ¿ Nov 6, 2014 18:35 |
|
Moey posted:Stupid Experts Exchange. If you find the link on google, you can scroll all the way down and see the answer. But direct links make you have an account. I believe the correct spelling is Expert Sexchange
|
# ¿ Mar 13, 2015 01:54 |
|
Yeah I'm not sure how you'd get around that other than preproccessing the output in some way (like sorting, as you said) and making RANCID diff that instead of the original. What problems did you encounter with that approach? (other than that it's hacky as hell)
|
# ¿ Mar 18, 2015 21:43 |
|
The important thing to remember when it comes to net connections is "god hates you and wants you to be sad". We have two redundant 10Gb fiber links coming into our data center in Colorado over completely different paths. Like, one comes up from New Mexico and one down from Wyoming. One day they were both knocked out at the same time. One due to "vandalism" (we never found out what this meant) and one due to the flooding in Colorado a couple years back creating a gigantic sinkhole in the earth and physically destroying the link. It took techs like 8 hours to splice the fiber in the sinkhole back together in what I can only assume were loving awful conditions. Sometimes all you can do is sit back, say "yeah having enough redundancy to prevent this 1 in a million bullshit wouldn't have been worth the cost" and give the universe a
|
# ¿ Mar 25, 2015 07:02 |
|
We're doing a switching refresh and Arista has been really aggressively courting our network guy for the business. Their main selling point is "WE HAVE SUB PICO SECOND LATENCY! PACKETS LITERALLY TELEPORT DIRECLTY BETWEEN HOSTS!" Which is cool but I don't run a high frequency trading operation and just don't have that kind of requirement in my environment. We're primarily interested in cost, with ease of management and automation support a close second. By those metrics, we ended up going with a bunch of Juniper QFX stuff. Also I assume that was a tongue in cheek comment on the similarity between Cisco IOS and Arista, but yeah.
|
# ¿ Apr 17, 2015 02:49 |
|
CrazyLittle posted:Wireless video baby monitor We have one of these in our house. RIP anyone trying to use 2.4 Ghz wifi when that sucker is powered on.
|
# ¿ Aug 27, 2015 14:00 |
|
Thanatosian posted:Windows server 2010 This doesn't exist 2012?
|
# ¿ Sep 12, 2015 20:31 |
|
I'm trying to set up babby's first Cisco vPC between two Nexus 6k switches. I feel like I must be missing something completely retarded here. From each switch, I can ping the management interface of the other. But I can't get the vpc keepalive link to come up one end. Any idea what is up with this? Switch A: management interface is 10.63.162.45/16 Switch B: management interface is 10.63.178.45/16 Switch A: code:
code:
|
# ¿ Oct 8, 2015 19:28 |
|
Well I've certainly gone down a rabbithole of fail on this project! I got the keepalive link working by adding "vrf default" to the end. I realize this is not the proper config for the reason 1000101 gave, and will try to fix at some point. However, I've now managed to lock myself out of one of the two switches It's still up and passing traffic, thank god, but I can't access the management IP. It's in a data center across town and there's apparently no remote console access (I did not set this up, just took over for someone at a new job), so fixing that will have to wait until the next time I have a reason to go over there. I don't understand how I got locked out, though, so any insight on that would be appreciated! The vPC came up, but I could not reach any of the devices connected to the associated port-channels. After checking the logs, I found that it's because the VLANs those devices were on were set to "switchport mode fabricpath" and I had to convert my poo poo to vPC+. So I did. The last thing I did before getting locked out was editing the port-channel for my vPC peer link. On both ends, I ran "switchport mode fabricpath". When I did that, my SSH connection to switch B immediately dropped and I can no longer reach it. Switch A, with the same config, is fine. Any hope something as simple as shut/no shut on the management interface will restore connectivity, or have I done something seriously retarded? NX-OS bug in our old-rear end version? Pared-down config for the one switch I can still reach below. The other was identical barring interface descriptions: code:
code:
Docjowles fucked around with this message at 19:31 on Oct 9, 2015 |
# ¿ Oct 9, 2015 19:27 |
|
1000101 posted:Ah, so you're using Fabricpath! That changes a couple things. I think the root of my problems is not having a dedicated link for the keepalive. I'll work on that. I'm actually confused as to the purpose of po20 as well. It's one of those things that was already set up when I started and whoever created it is long gone. It appears to be an uplink between the two Nexus 6001's. I'd have thought that since it's configured with "switchport trunk allowed vlan none", nothing would be passing over it. But I see the tx and rx counters incrementing steadily on a "show int port-channel 20". It's not part of a vPC or anything. What I pasted was pretty much the complete config. "show fabricpath topology" doesn't really show anything useful to me: code:
|
# ¿ Oct 14, 2015 16:13 |
|
1000101 posted:Looking at the config you posted I see that VLAN 63 is reachable via po20 and po50. Fabricpath ports forward all fabricpath VLANs all the time. In order to prune a VLAN out of a fabricpath link you'd need to create a separate topology for it. Basically the 'switchport trunk allowed vlan' list gets ignored since the port isn't technically a trunk port. Thats why you see traffic going over po20. Thanks! Knowing that the "switchport trunk allowed vlan none" is just ignored makes things MUCH clearer.
|
# ¿ Oct 20, 2015 19:05 |
|
Ahdinko posted:Honestly the wallboard requirements are really "look cool and make it look like things are happening to impress people". The helpdesk guys all get the alerts come into an inbox, none of them are sitting there staring at the telly waiting for a colour to change on a box. I'd like to see something more funtional than anything else when I or the helpdesk guys actually log in to go look at an issue or pull some stats for a query. Just put this up and call it good http://map.norsecorp.com/
|
# ¿ Nov 6, 2015 18:45 |
|
frogbert posted:I'll look into it thanks. Are you at all familiar with Linux? A little VM running rsyslog is all you need. There are tutorials galore for configuring it on Google.
|
# ¿ Nov 24, 2015 03:07 |
|
I'm dealing with an old-rear end Cisco ASA 5520 (not the -X series, the originals). My boss wants me to update it to the latest software, but it's so drat old it has the original 64MB flash card which only has room for one OS image and one ASDM image. Is it safe to delete the images from a running system, copy over the new ones, update the config, and reload? I'd assume they're already loaded into RAM, but don't really want to test this in production. Either way I'm going to recommend that we just buy a larger flash card, since YOLOing with no rollback possible sounds awful. But I want to present him with all of the options. Docjowles fucked around with this message at 19:50 on Dec 3, 2015 |
# ¿ Dec 3, 2015 19:47 |
|
psydude posted:9.1(6) has some specific RAM and flash requirements. You'll probably have to upgrade both. Somehow the box already has 2GB of RAM. And is already on 9.1(1). It just has this tiny-rear end CF card so I can't upgrade further. I'm guessing whatever VAR we bought it from years ago flashed it up for us using an external card and then pulled it after delivery or something. code:
|
# ¿ Dec 3, 2015 20:24 |
|
|
# ¿ May 13, 2024 23:26 |
|
psydude posted:You could buy a bigger CF card for about $12 and throw both images and the configs on there. I've done that for customers before. This is the plan. You can just use any rando CF card, it doesn't have to be a ~~~CISCO CERTIFIED~~~ $500 256MB one, right?
|
# ¿ Dec 3, 2015 21:26 |