|
poo poo, that reminds me. Is there any good way to get any practice in with Nexus gear without actually having access to Nexus gear? I'm starting a new job as a network implementation guy for a Cisco partner and I just realized that means I'll probably end up working with Nexus switches on larger projects. I have plenty of IOS and ASA experience but no NX-OS experience at all. Basically what I'm looking for is something a la GNS3 for Nexus kit.
|
# ¿ Jun 18, 2016 06:45 |
|
|
# ¿ May 6, 2024 01:02 |
|
Thanks Ants posted:What's with the power supply and the zip ties? That's how you build a Netgear stack.
|
# ¿ Sep 11, 2016 21:33 |
|
Does anyone here know how to get useful PCM audio out of a voice hpi capture dump from a CUBE gateway? All the documentation I've seen says "send it to TAC", but what I really want is the actual PCM data from the DSPs.
|
# ¿ Oct 11, 2016 19:10 |
|
Looks like on the second one you've got source 11.11.11.11/32 dest 0.0.0.0/0 port 123, not source 0.0.0.0/0 dest 11.11.11.11/32 port 123.
|
# ¿ Jan 10, 2017 00:22 |
|
psydude posted:Happy Thursday! Your Cisco equipment may die after 18 months in production: Half our offices are affected and we're still tallying how many of our customers are hahahaha
|
# ¿ Feb 2, 2017 18:30 |
|
single-mode fiber posted:Apparently the part in question is the Intel Atom C2000 series, so there may be quite a few things that'll be toast if there's no way to do a firmware patch. There isn't. Intel's put out errata says it'll be fixed in a silicon revision. It's anyone guess as to how much stock of the old busted ones they have. This affects pretty much every Synology NAS too.
|
# ¿ Feb 7, 2017 00:53 |
|
Prescription Combs posted:Oh boy. We have over 7,000 5508's in production effected. What the unholy gently caress
|
# ¿ Feb 10, 2017 04:16 |
|
Hey, does anyone here work in Cisco's partner support? Couple of my guys are having issues getting a problem solved where the Cisco Support Case Manager throws us an access denied error and both TAC and Partner Support are completely unable to solve this problem and just keep throwing us back and forth.
|
# ¿ Feb 23, 2017 21:30 |
|
Any CUCM/UCXN wizards here know if it's possible to build some kind of CTI route point/DN/Unity call handler combination that'll just ringback forever? Looking for something to use to blackhole pesky cold callers.
|
# ¿ Mar 16, 2017 22:39 |
|
At least this new ASA bug doesn't brick the box. On the other hand, it only seems to affect ASAs that are affected by the loving clock bug
|
# ¿ Apr 1, 2017 06:24 |
|
Ugh. ASA code upgrades expose the most hosed up bugs. We patched a 5508-X from 9.6.2 to 9.6.3(1) because of the 213 days of uptime drop bug and now every five days or so the drat thing stops receiving EIGRP updates from adjacencies but continues to transmit them. This leaves the site in a weird spot where the router attached to it knows how to send traffic to the ASA's connected networks but the ASA doesn't know what to do with the return traffic other than "0.0.0.0/0 lol". The solution? Copy the EIGRP configs, no router eigrp <asn>, paste the configs back in.
|
# ¿ Apr 28, 2017 06:34 |
|
Sepist posted:Anyone going to live in Vegas next month? Yep. A good 20 people from my work are.
|
# ¿ May 16, 2017 07:50 |
|
Anyone at Live right now and planning on doing the NetApp FlexPod event?
|
# ¿ Jun 27, 2017 02:31 |
|
Partycat posted:That was a great interim when they moved to SHA1 ( I think?) and immediately hosed up the salt and had to rip it out. I loved that bug notice. Someone said "let's implement PBKDF2-SHA1" and whoever got the feature assignment just... didn't hear the "PBKDF2" part.
|
# ¿ Aug 1, 2017 23:25 |
|
+1 for Routing TCP/IP. We have a copy of that book in the office that people reference daily. I'm seriously thinking about fabricating up a little stand and spotlight for it.
|
# ¿ Jan 25, 2018 04:04 |
|
Weirdest thing I've seen with a 3850 was the TCAM refusing to take new entries until we rebooted it, despite only having a couple dozen entries in it. But I've seen a lot of weird poo poo in 3850s so I'm fairly certain the platform is just cursed.
|
# ¿ Mar 7, 2018 09:54 |
|
Agreed. Sounds like it's more a concern about reducing the amount of troubleshooting they'll have to do if the switch doesn't route something in ASIC. A 3650 for example will drop to process switching if it hits a path that requires policy-based routing or an ACL log entry. In comparison a 4431 with performance license or 4451 is advertised as having a layer 3 routing throughput of 1 Gbps, full stop, so if it doesn't, the ISP can throw it back at Cisco.
|
# ¿ Mar 7, 2018 20:43 |
|
The internet in general has always been poo poo, friend.
|
# ¿ May 1, 2018 00:52 |
|
GreenNight posted:That developer in India no longer exists. "What, we fired him?" "No, he's just gone. Vanished off this plane to go to the great business unit in the sky."
|
# ¿ Jun 5, 2018 19:12 |
|
Sepist posted:I'm skipping live this year, probably won't go until Vegas again Same here.
|
# ¿ Jun 9, 2018 23:31 |
|
Yeah like are these questions like "what is ARP" and "why do we need spanning tree" or are we talking things like "what is the most commonly used protocol that operates on 802.2 LLC SNAP"
|
# ¿ Sep 25, 2018 20:58 |
|
We've still got some outstanding RMA requests on that bug, 18 months later. We're entering the fun zone now.
|
# ¿ Oct 3, 2018 18:04 |
|
DigitalMocking posted:Man, these tariffs are going to gently caress everything in tech bad it feels like. We've recently discovered as a VAR in Canada that if we sell something to a customer in the US, the gear gets hit by the tariff twice. Once when it goes China -> US -> Canada, and once when it goes back into the US. In a trade war, nobody wins.
|
# ¿ Oct 22, 2018 09:47 |
|
9.6(4)3. It's been a while.
|
# ¿ Apr 18, 2019 17:31 |
|
Speaking of Cisco versions and WTF, apparently Unity 11.0 is EOL now and TAC will give you poo poo (like they are currently giving me on the phone please end my suffering) if you open a case on it. I swear that only came out like three years ago.
|
# ¿ Apr 18, 2019 17:38 |
|
Partycat posted:You can tell though they have some big customers who influence things to a point. There are always people who will not want to upgrade or replace anything - the amount of crying about UCM 14 deprecating 15+ year old java computer phones is nutty. I'll be fine until the day they deprecate CIPCs. That little bit of software has saved my rear end more times than I can count.
|
# ¿ Apr 20, 2019 03:12 |
|
If the multicast traffic is hitting the CPU instead of being forwarded through the ASICs then there could definitely be a bottleneck there. "show processes cpu | exclude 0.00" might give a more accurate answer as to what's eating the CPU up. e: Might be able to get CPU drop reasons from "show controllers cpu-interface" as well. Kazinsal fucked around with this message at 18:49 on Apr 29, 2019 |
# ¿ Apr 29, 2019 18:44 |
|
It is. We've got a few servers at work running EVE-NG now because it was worth spending a few hundred bucks on licenses for that and a couple days building images for all the gear we regularly need to lab up instead of fighting with GNS3 or trying to get stuff set up in the back room all the time.
|
# ¿ Jun 17, 2019 04:16 |
|
Dealing with random crashes on small business switches where multiple stacks of them reboot several times a week. Find a bug where someone else is having the same issue. "Terminated - A decision was made not to fix this bug." Motherfucker.
|
# ¿ Jun 19, 2019 21:42 |
|
Partycat posted:The SB has a number of terminated bugs that seem to be limitations - this sounds like a traffic thing that maybe can be filtered to save your bacon at least Current theory is that it's a problem with having more than two active etherchannels per switch on a stack. The stack with 3-4 etherchannels on some switches reboots. The stack with 1-2 per switch does not. They are all the same production run. If there's seriously a limitation of two active etherchannels per stack I am going have lots of short angry words with someone
|
# ¿ Jun 20, 2019 00:41 |
|
That's probably pushing it. Cat9200s are rated for an environmental temperature of 45 C. 3850s as well. Wouldn't be surprised if the rest of the lineup is similar. You might want to look into proper industrial switches. The Catalyst IE4010 is good up to 75 C.
|
# ¿ Jul 2, 2019 16:35 |
|
There's some smaller industrial switches that you can get with 8-12 ports (modular, too) but they're DIN rail instead of half width 1 RU or desktop. Pretty sure they're all PoE. I don't know what the cost difference is between them and the 1RU ones is though. Only problem with the IE series is you need to wire a power lead into them yourself, but IIRC there's a kit included.
|
# ¿ Jul 2, 2019 16:48 |
|
Coincidentally, I work in the same office park that Fortinet's Canadian HQ is in. I have considered walking across the street whenever I have issues with FortiClient (which is, to be on topic, every time I have to VPN into something with loving FortiClient) to voice my displeasure.
|
# ¿ Jul 11, 2019 23:17 |
|
A coworker of mine has a password so long it breaks the TACACS+ process on IOS-XE 16.6.1. Instead of sending "authentication continue" with his password, it sends another "authentication start". Only the one switch in our environment still on 16.6 hits this. Absolutely magical.
|
# ¿ Aug 2, 2019 23:03 |
|
Nuclearmonkee posted:lmao out of curiosity how many characters does it take to break it? Looks like somewhere around 32. My password at around 20-ish is fine, one coworker's at 28 is fine, this coworker's is around 40 and breaks it. Literally every other XE and traditional IOS box we have? No issues. ASAs and FTDs? No issues.
|
# ¿ Aug 2, 2019 23:49 |
|
single-mode fiber posted:That's a first Well, okay, I have other issues with Firepower. Speaking of, the galaxy brain powers that be bought FTD 21somethings for our new head office and I look forward to taking two weeks' vacation when that site gets lit up.
|
# ¿ Aug 4, 2019 01:57 |
|
I'm not sure if there's really a primer so to speak but the vendor lock-in is pretty straightforward. The EEPROM on an SFP has a section in it that holds things like the vendor OUI and name string. IOS will check against that and reject SFPs that aren't theirs (unless you turn on service unsupported-transceiver, you monster). Finisar helpfully publishes a condensed version of the memory map used on SFP and SFP+ modules (https://www.finisar.com/sites/default/files/resources/an-2030_ddmi_for_sfp_rev_e2-20140404_updated.pdf). I think QSFP and related use a different memory map; SFP28 uses the SFP/SFP+ map.
|
# ¿ Aug 12, 2019 05:32 |
|
Anyone been having issues with pages on CCW not loading properly behind Umbrella? We're seeing estimate and quote pages breaking randomly with a whole bunch of 403 statuses on requests for JS and CSS files on apps.cisco.com, but only when using Umbrella for DNS resolution.
|
# ¿ Sep 10, 2019 21:55 |
|
Partycat posted:Yeah they missed a scheduled briefing with no explanation, can’t wait to find out who deleted what this time . Whatever happened it was bad enough that TAC couldn't open cases for a few hours. My team had a few customers left in some lovely positions because of that.
|
# ¿ Oct 11, 2019 16:58 |
|
|
# ¿ May 6, 2024 01:02 |
|
Firepower Device Manager stopped deploying changes intermittently on our 2-month-old HA pair of 2110s about a week ago and completely stopped deploying changes last night, claiming a sync failure in the HA pair. The ASA dataplane, however, was running its HA just fine. Turns out the actual problem is that the FTD side's hard disk on the primary has taken a poo poo and partially went into a split brain state. The ASA portion didn't even flinch. I hate firewalls. And especially loving Firepower.
|
# ¿ Nov 22, 2019 05:37 |