#networking

They couldn't think of why

@hollow marlin but the expensive Cisco 9200 switch is definitely something we don't need at all. We are just looking for layer 2 only features

So for cdw to push something unnecessary expensive like that is nasty at best

We decided on the Dell switch, n1100 that has like 4 sfp+

We get discount for buying from that

unfortunately on the Cisco side, just a layer 2 switch is not much of a thing anymore. Most people just stick with Aruba/hp for layer 2

I know Dell is big in the enterprise world but I would never trust a Dell switch

My wife starts working from home this week. We have gigabit internet with Cox but the modem/wifi combo we have from them only has two ethernet ports. Her work system requires two ports (her phone and pc). We thought about getting a switch like this https://smile.amazon.com/NETGEAR-Ethernet-Unmanaged-Protection-GS105NA/dp/B0000BVYT3/ref=sr_1_9?keywords=gigabit+switch&qid=1560976772&s=gateway&sr=8-9 but her work says that a lot of times their systems won't work with switches. Any idea why that would be? I figured maybe most people are trying to use a switch to share bandwidth for their pc/phone but have low bandwidth connections to begin with. Any help or suggestions would be appreciated.

@coral cedar they say it doesn't work with switches because they don't know how to troubleshoot the problem. If it didn't work with switches then it would work with the LAN ports on the router because that is a switch.

Just make sure you go unmanaged like you linked and you'll be fine

its because cox is likely only providing one public IP and you need a router to share it, not a switch

With the two ports on my modem/router... Cox says port 1 is gigabit, port two is not. Better to hook the switch up to port one then? The other port will be for my personal desktop in another room.

oh its wifi? hmm so it might be a router

No. It has wifi, but we aren't using wifi, except for the ps4 and our phones

then yes, highly likely a switch to port 1 will work

her pc/work phone and my pc all need to be on wired connections to a modem/router that only has two ports

I assumed by the wifi/modem combo you meant you used it as a router as well

https://www.cox.com/residential/support/technicolor-cgm4141.html

that's our modem/router

@little schooner the cat6 installers got everything in exactly 2hr

photo finish

im not getting billed more

TIL technicolor makes that

comcast has that model but hides the manufacturer i think

@waxen scroll anything ontime is a great time.

@waxen scroll Also, looks like our college blocked our main internet port in the room last night

Omg

I told you

They will catch you eventually

No lie.... i thought this was business networking... little bummed..

@ripe whale Some of it is.

Depends on the time of day and what's interesting.

A number of us work for or with companies for networking but generally that’s less interesting than our personal networking things. Whenever people have business networking questions, we do try to help them though

There are better discords for business networking though

Hello People of Discord,
I was wondering if it is possible to turn my router in my room into a 4G/3G hotspot for when im not at home because the mobile data network in our area is still at 1G ._. ?
Is it possible? and if so how much would I have to spend? and / or any alternatives?

Uhhhh

You can build your own cell tower for $200 (not including massive antenna)

ouh O.o

@ripe whale what's your question

😘

@waxen scroll so now what I did was change our default gateway to use another router that's in the room we control. Now our lab has internet connection again... But it has to pass through a production router unfortunately

I've put firewall rules to block Lan to prod though

They are only allowed to reach remote networks not our local production net with all our esxi servers

I don't know why we have to fight to get our original network access back. It was working all semester from jan to literally yesterday

On the flip side, our dual monitor stands came in today!

are server room ups'es batteries changed by external employees like electricians/UPS manufacture or are changed by the IT department?

we have to change them tomorrow and i dont understand if it's done by us or electricians

@subtle glen are you talking about lead acid backups?

not sure on the type of battery but i think they are lead acid ones

I'm talking the big stack of batteries for failover

these things to be clear

not these

@subtle glen just making sure it wasnt the bottom photo because you will need an electrician for sure

Just be careful when changing even smaller ups. They still pump out a a shit ton of amp and the caps can kill you if you touch them

i think i've heard something about "helping someone bring the batteries upstairs" since the pallet weights 500kg...

we will see tomorrow. also since the risk of getting electrocuted is high, i expect the terminals to be covered somehow

i would actually recomend an electrician anyway, we used one for a UPS for 2 racks of servers and storage

it's a big company, so they probably hired an elecrician

its just nice to have someone who actaully knows what he is doing

i definitely know what can get me electrocuted and what not. Anyway i guess there will be an electrician to do the phisical install and check test etc

specially the tests part, they will know what and how it cain fail better than an average guy

yeah i think thats also a standard procedure. cause they told me that they dont have network shutdown and if the UPS'es discharge in a power outage situations, the servers are going to shut down like if you unplug the cord and they dont care cause they "dont fully rely on servers"

i'll see tomorrow how the electrician does it

@subtle glen stay safe and come back alive after this job

lol

i think i'll just going to bring the batteries upstairs from the storage room

My professor made a slight mistake with the monitor stands

He bought them too big

Now he says that we have to figure out a way to use them or they "will find a way to kill me"

what the hell did he do with a monitor stand

So the grant money was used to buy these stands

So if they see he isn't using it right

He will lose all the grant money

i'd definitely prefer swapping UPS batteries than changing the VOIP phones with cisco jabber and usb headphones and have employees getting angry with you or having to answer to their dumb questions like "what happen if my pc is turned off"

i would just stick to that stand and end it there 😄

Yeah whatever is less problems you know

Also it was my first time rack mounting equipment

I got to say, I already made some mistakes xD

I left too many spaces open!

whats hard about rackmounting

ohhhhh

you reduce the air flow

Yeah I was supposed to get three switches and routers touching together

Instead I left one blank in between everything

Ugh waste of rack space

My professor injured his thumb putting in the small rack screw holders

i mean, i dont do professional rack mounting but i mount everything close together. Prob cause my rack is small and i dont want to lose space. later i discovered that if you leave the blank space you gotta put a cover so that the air flow is good

See I didn't know that either

the nut cage you mean?

So there are A LOT of blank spaces now

lol

Yes the nut cage, very tiny things just to hold the screw in

i almost injured myself too with those

I didn't space them correctly

Ugh and now he says he doesn't want to fix it

when the screwdriver slips and almost hit your finger

@subtle glen yep

That's exactly what happened

tell him there are tools to remove them

Could you link me one?

with the only difference that he got hit by the screwdriver

Yeah. So it's called nut cage remover/installer?

https://www.ebay.com/itm/202263049730

seems like a nail clipper

there are also "simpler" models like this one https://www.ebay.com/itm/CAGE-NUT-INSERTION-AND-REMOVAL-HAND-TOOL-ECONOMY-TOOL/202320561501?_trkparms=aid%3D222007%26algo%3DSIM.MBE%26ao%3D1%26asc%3D20160323102634%26meid%3D318a6aa98408459d9c448c734b1a4c9b%26pid%3D100623%26rk%3D2%26rkt%3D4%26sd%3D202263049730%26itm%3D202320561501&_trksid=p2047675.c100623.m-1

Okay thanks

no problem

We have to do this for 3 more racks

wish they let me play with racks too

Omg it's a pain because we have a server rack blowing HOT air at us

While installing

isnt there any AC?

There is. It comes from the floor, upwards

I've never even seen such a thing

if i go behind the servers i hear heat from a distance of like 50 cm, then it's immediately replaced by cold air

i think it's pretty basic

The vents are basically on the floor

Why?

blowing cold air from under the rack so that the hot air goes up easily

It's so dumb

Oh.

Well okay lol

I forgot about that

in the server room where i have access there are floor vents but they are for another purpose, the air comes from the ceiling

i think it's for the smoke detectors under the floor

I have a lot to learn still lol

But it's fun

ikr

definitely better than " i have weird lines on my monitor, its broken etc"

what was the problem?

vga cable not fully plugged in

or a call center employee "my headphones dont work, they are broken".

usb receiver not fully plugged in

I have a question. Can a NAT operate on only one interface (=> subnet)? For example, if I have some kind of NAT device on 192.168.1.X, I want to take a request for 192.168.1.X on port 55555 and redirect it to 192.168.1.64 on port 55555, or a request for 192.168.1.X on port 44444 and redirect to 192.168.1.36 on port 44444. Is that possible?

@edgy seal yes if you have that much control on your device.

huh?

and how?

cuz im only seeing tutorials for setting up a nat with two interfaces

What router do you have?

well it'd have to be a second nat

because it'd be within the network

Again, depends on the device. On a Cisco/juniper router you can do that no problem

ok, well its kind of a shite router

isp package

how would i go about setting it up on say a Linux box

Sorry as I reread it, are you trying to NAT a second time or just trying to port forward

NATing a second time. my router doesnt support nat loopback which is the root of this issue. I'm trying to setup a wireguard VPN with access to multiple computers on the inside of the network from outside. Maybe describing my problem would help

Also, I've heard that NAT loopback isn't necessary to solve most problems anyway and it can be unadvisable to enable it

By NAT loopback I think you are referring to hairpining. It's not needed. So it sounds like you want a VPN but also need the PCs to be accessible?

Yeah I'm not sure what the correct term is. The purpose of a VPN in this case is to access my PCs from anywhere (not also), I just happen to want to be able to access multiple.

Oh that's more clear. Yeah just setup a Linux box and install the VPN, toss it on the same subnet and your in business

no i already have the vpn set up on all my boxes

the problem is actually accessing it

maybe im not being clear

ok lets take scenario 1

im on my laptop outside of the network

i am peered with the server that has the VPN installed and its endpoint is set to my home ip on whatever port

and its port forwarded on my router so I can talk to the server

if i just change ports then i can also talk to server #2

so that works

but then scenario 2

im on my laptop inside the network

if i keep my endpoint set to my home ip then it won't work because of a lack of nat loopback/hairpining

so i have to change my endpoint manually

but that's a pain and i want to avoid that

now unfortunately a limitation with wireguard is that one cannot set two endpoints

so the solution instead is to set your endpoint to a hostname that resolves differently depending on where you are

so at home i can set a custom rule that maps mydomain.com to the server

but there's another problem! i can't map a domain to two ip addresses

so i can only access one server on the inside. not good enough

so what i was thinking to solve this problem was to put a second nat

you map the domain internally to this second nat

then you're good

but apparently a nat cant work in the same subnet according to google

Ok so what I was thinking. But why connect to the vpn while already on the network

That's a good question but on my laptop my share is connected via SSHFS and it would be rather cumbersome to switch ips

If it's working on the VPN, it should be working on the LAN

no its just like on the go

having to remount shares and stuff like that

@hollow marlin because if you're like my employer security is in tiers

wireless goes into firewall before LAN.... VPN needs to be used on LAN to access network gear

i think its dumb, but whatever

they also make business units pay extra for wireless

if you dont pay, your building has no APs

and there are quite a few buildings where they didnt

@unreal wedge you know that feel

lets not give IT a budget and extract the operating costs from each unit

Can I buy an Antenna to extend wifi range instead of using Google WiFi?

WiFi signal is shit.

@hardy kestrel if your access point or adapter has removable antennas then yea. All of the better antennas will be somewhat directional. The ones that claim to be omnidirectional are actually more like donuts and the taller ones will have a more squashed donut of coverage

@waxen scroll so my professor is going to velcro the computer systems to the monitor stands, this way the students won't knock them to the floor

It works against kids so he hopes it'll work against adults too. Velcro strength

Otherwise if we don't use the stands, they will never let him buy stuff again because he said he forgot to research before ordering them

The grant people don't like it when we waste the money

I told him to start out buying one of a given product, test, then do a bulk order

Before he was doing bulk order without testing or measuring

That's why the cables he bought were also too short.

you know you can RMA

its a small pain for the finance people but you can

I did tell him to do that but he was very hesitant to do it

In fact, the cables themselves came from Amazon.com, he could of returned those.

I think the stands are from Dell directly

Looking to upgrade my network with a 1U rack solution. Any recommendations on a switch, or Router, or what might be best for me.

Currently have 3 routers connected and 9 wired computers, and triple that on Wi-Fi

Netgear CM1000 Modem
Netgear AC1650 Gigabit Router 1GB (main router)
Belkin N1 Vision 1GB (secondery router)
Linksys 100mb (third router)

What would be the best solution here as 1U/2U rack switch, router, etc...

and SMOL dell R210 running PFsense or opnsense ?

Done by the ups manufacture

@subtle glen Smaller batteries are typically done by IT staff, it's fine when the system is design for hot plug or quick removal and have easy to use and safe anderson connectors. Once you are dealing with higher voltage DC battery strings not designed for quick access then you only get an electrician to do it. Above certain voltages it's required by law anyway, different countries have different voltages for that but it's typically around 50V DC. That doesn't apply to user serviceable hot/simple plug battery modules that are 72V/96V because they meet the design requirements to allow that.

Here's a photo of my disaster in waiting too lol

39 12V 24Ah VRLA betteries I'm going to use as battery backup for my solar system

Nearly 500V DC of death if I do something dumb

Let Dooley put it in

@little schooner I made labels for my patch panel.

That’s a lot of ZaPiTy Zap.

@strange silo lol wish you good luck

Today I also discovered that the ups was also broken, you couldn't put it in bypass mode and they have been there for 8 hours already and they still aren't done. They started calling for help and they shut down the server room a couple of times causing problems to our 3/4 floors

And it couldn't keep the server running during an outage condition. So thats why there were the guys from the manufacture. They changed the batteries, a couple of pcb's but.they still seem in trouble

@strange silo also are those solar panels batteries like gel types or lithium types?

Jun 21 17:50:02 syslog: [1378789.829000] Line 0: VDSL2 link down
Jun 21 17:50:03 syslog: [1378791.383000] Line 0: xDSL G.994 training
Jun 21 17:50:05 syslog: Clear IP addresses. IP connection DOWN.
Jun 21 17:50:13 syslog: [1378801.395000] Line 0: VDSL G.993 started
Jun 21 17:50:26 syslog: [1378814.306000] Line 0: VDSL2 link up, Bearer 0, us=6888, ds=30477

it shows this in the log when it cuts out is there a fix or do i have to get an engineer

@autumn rose that's the dsl line dropping. You need to have your ISP look at the pairs.

All right I had the engineer round and they said i need a rein inspector @hollow marlin

@autumn rose honestly not sure what a rein inspector no is

Something to do with electrical interference

I don’t really know why I need it since my router is in a garage with 2 sockets and 1 master socket so there is not much to interfere with it so I may be getting bt fttp before York’s ufo comes if they cannot fix it

@autumn rose I started as a DSL engineer and almost everything interferes with DSL. Its just long untwisted copper that is super prone to interference. We even had a case were it was the neighbors christmas lights on a timer that drawing just that much more power where 25ft below it was inducing enough to drop the connection

It doesnt take much. Usually the causes are power, but anything in the 400-900mhz range will cause problems

There is around 1 m of cable coming out of the ground to the master socket then another meter to the router and all that is in there is a drill charger but the annoying thing is that it is turning off and on at certain times

Even the bt engineer was surprised that it goes off and on Monday is the rein person does not find anything I can get fibre for free at no charge

If you can get fiber free fucking go for it

If I have a SAN server that is connected to a switch via two SFP+ 10 Gigabit fiber links and it needs to serve two vlans with high speed, would the solution be creating two Tagged VLANs (10 and 20 in this example)? VLAN 10 will be hosting workstation clients, connected to the same switch as SAN, downloading ISO files from SAN. VLAN 20 will be hosting ESXi servers, that need to save their VM disks to SAN.

With tagged vlans on SAN's interface, I can expect both vlans to be able to use SAN's 20gbps total throughput since it doesn't have to hit a router?

omg why does this not have 10g uplink support

https://www.cisco.com/c/en/us/support/switches/catalyst-4948-switch/model.html

@little schooner You need the 4948-E or this one:
https://www.cisco.com/c/en/us/support/switches/catalyst-4948-10-gigabit-ethernet-switch/model.html

@subtle glen VRLA = Value Regulated Lead Acid. They came from a UPS, batteries are basically new (no more than 2 years) and never actually had a single discharge cycle on them other than the install test.

@waxen scroll Nah I have all the electrical knowledge to do so but I like to be very aware of what can easily kill me lol

mmm never heard this thypes of batteries before

They'll be grouped in to 72V banks connected to my UPS with battery isolator diodes and a charge per bank. Later I'll actually move them off to a proper grid connected hybrid inverter/charger but those are $$$ and I have a safe enough solution in the mean time

@subtle glen They are the same type that came out of the UPS at your work and what you helped carry

thought they were like lead acid ones

they are but there are different types, Value Regulated being one of them

and they use these so that there is no water loss during charge/discharge cycle?

"In a valve regulated lead acid (VRLA) battery the hydrogen and oxygen produced in the cells largely recombine into water. Leakage is minimal, although some electrolyte still escapes if the recombination cannot keep up with gas evolution. Since VRLA batteries do not require (and make impossible) regular checking of the electrolyte level, they have been called maintenance free batteries. However, this is somewhat of a misnomer. VRLA cells do require maintenance. As electrolyte is lost, VRLA cells "dry-out" and lose capacity. This can be detected by taking regular internal resistance, conductance or impedance measurements. Regular testing reveals whether more involved testing and maintenance is required. Recent maintenance procedures have been developed allowing "rehydration", often restoring significant amounts of lost capacity."

TL;DR they still dry out but they don't emit gas requiring ventilation, like car batteries do, which is why they often get called maintenance free

if you didnt sent the picture of the batteries i would assume you are that guy that publishes videos on youtube about his off grid system

HighTechLab or something like that

Nah I just work in IT so can get free stuff like those batteries, they were going to be recycled

Also ElectroBOOM is my favorite 😃

why are they changing all these batteries if you said that are basically not ruined by any discharge etc

lol that guy is gonna get electrocuted

It was time to replace the UPS itself and they went with a different brand that uses different battery bank connection etc

like when the jacob's ladder fell on him

that makes sense then

Funny because within a week the new one failed and ended up pouring lots of smoke in to the room

it would be worse if the sprinklers went off too

I don't actually know what the fault was but it wasn't batteries, luckily. Think the inverter failed

Most places don't use water fire suppression systems anymore

we use some kind of gas

Next year we're converting one of our DCs over to hypoxic atmosphere which can't support flame due to not enough oxygen in the air

Much the same as nitrogen gas system other than it's held in hypoxic state instead of releasing gas when there is a fire

@clear igloo thanks. I just hope the IT department has a spare like that on the shelf. It's funny because we basically have two rooms where the equipment is in, except one is one we can't control while the other one we can use the rack for anything

@strange silo how does human work in that tho

sounds expensive to maintain

@waxen scroll I see one reason why dell switch is not favorable. They limit the number of vlans for one thing.

But they will give us a 48 port 4 sfp+ managed switch for $1100ish

anyone know how to make DHCP server work after window bridging

router - Pc(bridge) - AP

@little schooner i did this for you

@waxen scroll well done. I hope start labeling this time too

In the next rack

i remember where all my cables go

i dont need labels xD

Well, I kinda label my stuff in software, just not physically yet. I mean I don't even got the right rack for crying out loud xD

But that's because of the full tower pc

@waxen scroll You can still breath, it's similar to being in a long haul aircraft but a bit less oxygen. The room does become a restricted zone and you have to sign safety forms etc to be cleared for access but overall it's fine unless you have breathing issues in those planes which means you would also in the server room.

It also doesn't stop self oxidizing fires either

But you can't do shit about those without fire foam anyway

Hi, I have this thing alright... https://rover.ebay.com/rover/0/0/0?mpre=https%3A%2F%2Fwww.ebay.co.uk%2Fulk%2Fitm%2F183247152982 and I can’t have connected 2 pc and as much as I understand and red that it is not possible to have 2 pc connected together at the same time, I thought once I switch off one then this will work and I won’t have to switch cables, but as soon as I plug second cable my pc losing connection. Could someone explain me why? What is better to buy?

i think the problem with that thing is it shares the pinout with both ports.... so wire 1 from the main cable goes to wire 1 on both ports. I think there could be a device where you can make two 100mb connections at the same time on a main cable, but you would need one of those adapters on both sides

i dont know of any on top of my head but ive heard of them existing

Does anyone have a nighthawk pro?

I’m trying to find out if it can handle multiple public static IP addresses with the duma os

Why does this even exist?
We need the best network!!!

o_o

My friend even told me his connection was bad (rubber banding like crazy within vehicles) but i think i found out why

@waxen scroll any ideas for what I can do if a wall panel has 2 ports for CAT6A copper cables but the switch requires sfp+ modules and fiber cable?

Should we ask the network admin to rewire or buy sfp+ copper modules?

If you don't need 10G and the distance is under 300ft, SFP copper

@waxen scroll I need the 10G connection

At most it's probably 200 feet distance from our room to the server room

Don't go copper. Run fiber

@hollow marlin the network admin for the school likes to run away from us

I mean the least he could do it rewire it for fiber then

get him to run fiber. There is no sense in running copper unless it's a must

i'd run away from you too

@hollow marlin if CAT6A is already there, the politics involved to run fiber are probably insane

he should just use 10G copper SFP if the price is right

hes doing shadow IT stuff

they probably dont have the infrastructure in place to allow fiber to that area, so now you have to hire an electrician to install conduits

200ft is on the edge of what copper can do
but if you can get copper to do it thats better

again bending and schiz

i placed an order like this once and im struggling to remember what the cost was

easily $5k

@drowsy fossil copper is worse in everyway

thats literally not true

100% truw

the only minor disadvantage is distance

fiber is such an incredible pain to install correctly
copper is not at all

How is 300ft vs 40km a "minor" disadvantage?

most fiber cant do 40km

Fiber is better with power draw, infinite bandwidth, no interference

not true not true and not true

Fiber can EASILY do 40km on single mode

Haha for real

ethernet vs sfp fiber optic sure

sfp copper vs sfp fiber is different story

and luric single mode is far too expensive

Fiber has lower power draw, can easily do 400Gbps+, and doesn't have to deal with EMI like copper does

If you want to move from 400Gbps to 800Gbps you swap optics and leave the single mode fiber in place and you're good to go

lurick
thats several tens of thousands of dollars of equipment you are talking about

Fiber is actually cheaper than copper

And what's your point? You're trying to say copper is better than fiber

did i?

You literally said not true for every benefit of fiber

im recommending copper over fiber for xeons project

and those werent benefits of fiber

Name one benefit of copper

price

Other than POE

bendability

No, copper is more expensive than fiber

And bending only becomes and issue after wrapping around a pencil

no juan

I can bend fiber up down and sideways all day long and never have an issue. I do it all the time

Dude I fuckinh started as a fiber tech for anISP

are you certified

did you get any training explaining how fiber works?

Yes it was required

so what is the maximum bend radius for 1310?

single mode

Again a fucking pencil with 3-4 turns. It's how we tested by attenuating

with 650 15x diameter is a minimum

Did you not read my 3-4 turns?

i dont care if you are installing things wrong

Also you are bitching about bending being a downside but are defending it

i care what the foa says

if the foa says 15x jacket then i dont bend it more than 15x the jacket

The FOA is not the real world

Nothing in the real world is being bent that much

as one of our tests we had to figure out an issue using one of those machines i forget their name
and the issue with the cable was it was bent 90 degrees over a wall
you see the massive backreflections

And if you say it's a down side vs copper I call bs

as much as 25%

It's called an otdr

yea

Again, not a big problem. You're more likely to run into shotty copper with Al core and broken pairs

Which break easier than fiber

thats solvable for a normal tech

and well

sfp copper is a single copper cable

as breakable as fiber

Solid copper stranded is not as breakable as Al core

Final point is fiber has no downsides over copper.
Lower power draw
80km+
Sfps are cheaper and run way cooler
10-400+gbps
No interference
Smaller diameter

No one can defend copper being better

@ancient vigil it is very hard to break fiber. I tried it on a few patches just to see it's limits you have to be dedicated

the requirements for the project were
10 gb
200 ft
ease of setup

@drowsy fossil not talking about his project

his project is what this whole convo has been about

you wont get 40km on multimode

200 ft

thing is

direct attach copper can do that too

MM is dead. Single mode is all that's being deployed

single mode costs 10x more about

Sure, but the cost difference now is nothing and it makes everything simpler and less mistakes

at least for the sfp connectors

MM is fine from ToR to server but that's about it. 2KM (short reach) SM optics can cost the same as their MM counterparts these days

and for 10gbe singlemode is pointless

@clear igloo exactly

yea

@ancient vigil uh...yes. that's why I'm defending all this

Oh my a whole 6 dollars ...what ever will we do

those arent oem

Don't buy oem

Only fs.com

for gov you basically are required to

@ancient vigil we have orders literally 1000s from them. Maybe 10 or so bad

I will take that over the $1 million+ dollars saved

if its my system to maintain sure

People please

@clear igloo copper is better in every way for xeons use case

It's literally right there, terminated, and available

No political shit

Wireless is the clear winner here, sheesh =/

im looking forwards to the day which wireless is useable

its growing closer every year

WiFI 6 Sounds promising but we’ll have to see.

Buts it’s obviously going to mainly depend on what hardware everyone is running.

Do you expect an iPhone 5 to be able to take full advantage of WiFi 6 speeds? Obviously not.

So it will be interesting to see how the mainstream ISPs adopt to it.

also @hollow marlin non-ISPs are HARD on the MM OM3

SM is def not popular

😍

we run two very big data centers and the whole thing is MM unless a telco is installing a circuit in a room thats too far

ive yet to see anyone do SM everywhere and ive worked multiple colo providers as a DCtech installing peoples shit

lets see what else can i pissing match on @clear igloo

oh yeah fs.com

nope. not an option for a lot of companies. they want it from their var

fs does not work with var

i bet xeons locked into whatever CDW can offer

https://addonnetworks.com/category/network_upgrades/transceivers

these people are sold through some vars

we started using that

ok... wireless.... wireless is usable unless your company skimped

yes, some workloads are best left to wired, but most are doing email, excel, and youtube

So.... It looks like our grant money is going to expire by the end of this week

So we wouldn't be able to hire someone to run fiber

We have to go through purchasing and that lady takes time to get to

then file for an extention

That possible? I'll have to tell my professor

He's managing it

we've done it at other companies

go find out

@waxen scroll sure DC are using MM now but it's being moved away from. There is little point to have both SM and MM in large scale deployments. Slowly but surely MM will eventually be gone. I'm not saying it's soon but it's becoming a tremd

Okay. Yeah because if they can do it... It will be so awesome

i hate finance depts

Tomorrow we are moving our tall rack cabinets to the back of the room

A whole room reconfig

stupid wall street accounting, stupid rules... money just go poof

And he's going to punch a hole in the drywall to run a cable to his office

Something about running a TV display

And mini server?

Maintenance guys say he is free to break walls ;]

Also, I don't remember what year it was, but the room used to get its Internet access from the college network. Then they started to see TeamViewer traffic coming from our room and decided to take all the access away

We got it back but now we lost it again

This time it looks permanent

@hollow marlin that feel when your manager claimed he had 40 fibers run a year ago which you didnt want and an audit showed the work never got done

@waxen scroll so 40 fibers were ran but never used for a year🤔

no, they werent run at all

he did this for a network core migration when all we need to do is simply move the existing patch cables

I meant claimed to be ran lol

so im super happy they werent done

How far was the run

it would have quadrupled the work i needed to do

dunno, im not in that DC. i work in an office somewhere else

if i want work done i open tickets

the cores use VPC. so im going to fail over to core A, delete core B... put new B in and establish VPC. move the patch cables to new B

presto

Is running fiber really that hard of a job?

then repeat this process and replace A

I never done it just wondering

yes and no. most places have fiber trays and patch panels but you still need to put the work in.

So nearby runs would be easier is what your saying

if you prerun all the fibers you still need to figure out 2-4+ patch panels depending how you did it

Hmm

Yeah they only considered two ethernet ports in this room

For a rack full of many servers

I don't understand what they were thinking

if your DC team is /really/ good, they label every patch cable too... so that eats up even more time

Heh, yeah I do see port label on the jack

Above it

Well they did that much I guess

Not cables. No.

@hollow marlin but yeah, manager wanted to duplicate all the fibers to the L2 switches to migrate the cores... its a LOT of cable

I misread that statement

its not needed

@little schooner it depends greatly from site to site. Again I started as OSP and ran cables. Fiber is much easier than copper though

It's still a bitch sometimes to run

I bet.

@waxen scroll but aren't there already dup runs for each vpc to begin with

yes, there are

i dont think he was thinking

Yay managers

i made a lab of what i want to do so he can have the warm fuzzies

I still need more exp with Nexus. We have 2 7ks on one half of the network but the tech that originally installed them is very protective. So I just do everything else

the lab is 2x 7k, 2x 5k

I'll get to play with those someday too

we also have 2x ASR9001's

I'm probably just going to fire up 9k images. I'm about to dabble in VXlan so I'll get a taste then

those images are pigs to run on a PC

i hate them

@little schooner maybe not

the damn cloud!

😄

Yeah I think they are like 4 or 8 gigs of RAM with 2-4 cores a pop

Not as bad as the ARS9ks

@little schooner next black friday go to ciscos site and buy VIRL for 50% off... or whatever it is

Yes, the images are 100% worth it

oh wait no... thats cyber monday i think

or just have work do it like everyone else

EVE-NG + Virl images is literal orgasm

work doesnt pay for mine, but i run it on work hardware. i dont let anyone use it 😄

work needs to PAY

All training material is covered by current and previous job

its a nice perk

we get INE all access, thats about it

Now I would kill for that. $1000 is hard to ask for

per year anyway

i dont know what they pay... i think its a group rate

I am the only one at the company aggressively learning, I could try but it would be a long shot. But if everyone was it would be much different

i dont think any of us use it either

we dont have a lot of down time at work and people have families / activities

they got rid of our year end change freeze

so its work work work

Its summer so ofcourse everyone and their brother wants their service order they opened 7 months ago but never moved on, done now

I need to get 10gig transport done for T-mobile this week while pushing another order

I think there are 10 others I havent even looked at due also

you dont use packetfabric do you?

Never heard of it

ill be watching the LTT discord logo closely

xD

Is this true of any router or just pfsense?

If client hits the LAN interface of its default gateway (192.168.1.1/24) and wants to go to 192.168.5.0/24 network (located on default gateway's OPT2 interface), then as soon as Default Gateway permits Client by the firewall rules located on LAN interface, it doesn't check additional firewall rules found on OPT2 interface inbound?

@little schooner if it's like other manufacturers then it does check incoming rules. If it's destined for the gateway then no

@hollow marlin I am testing it out now, and it doesn't even check OPT2's firewall rule list that says Block all traffic from 192.168.1.0

It hits LAN, which has a rule that says permit LAN to any destination

I am not really sure

is this what you call stateful router?

if its doing this

@little schooner A stateful router is called a firewall lol
But there are two checks, incoming and outgoing. If 192.168.1.1 and 192.168.5.1 are on the same router , they are the same identity. The rules are then applied at incoming and outgoing ports. This is why there is no rules between the two gateways

Makes sense thank you

Ok so I hear the real reason why people aren't allowed to use cellphones on airplanes (outside airplane mode), is because the doppler shift of the cellphone signals would really mess up the bandwidth limitations of the cell phone specification, and essentially DOS the radio communications right above or below the band. The cellphones each would be emitting about 2 Watts trying to search for a signal. (A Walkie-Talkie is limited to 1/4th that power, and still has a range of 3km.) So technically the maximum theorical range of a cellphone is 81km, or the edge of space. Am I getting this correct?

the plane would have to be going many many many times faster than that
and plus the plane cabin is a faraday cage

no rf in or out

the problem is that there are 800 people with devices
and one flight control computer
if there is too much interference bouncing around the inside of the cabin, the flight control systems will not be happy
1600w of electrical power is nothing to scoff at

tho im pretty sure these days cell phones are muuuch lower power than that

@fleet widget My understanding of why they used to ban cellphones on planes is because things like shielding and twisted pairs were not too common, and thus cellphones (particularly 1g devices with powerful transponders) would induce noise within the aircraft electronics. There technically is no 'max range' for cellphones, the unfortunate thing is that the the atmosphere (and other objects) gets in the way. This of course can be exploited, by using the upper atmosphere to bend the radiowaves, but is also accompanied by increase listening time, and increasingly directional antennae. Current infrastructure does no allow for this as it would result in reduced bit rate and terrible latency. The doppler affect should have no affect on the signal of mobiles because they use Quadrature amplitude modulation which digitally encodes the data.

at this point the ban is probably more to reduce emi for the inflight enternainment systems lmao

they only ban them in australia on take off and landing now. Probably due to 60 year old cessnas floating around that still rely on VOR and ILS hardware from the 60's

well
you are required to put away objects that might fly around in case of "complications"

@hollow marlin I work with Twinax SFP+ a lot, fibre any day. Cheaper and easier to cable manage and upgrade path is easier too.

FML having to get 48 Twinax cables to TOR switches

Rather stab my hand with the SFP end

Then some idiot can't get it out of the switch port and breaks off the pull tab, FML even more

lol

agree

i hate those

and they get too short and too long

😦

@waxen scroll I was frustrated the other day. The network admin basically gave us a bucket and several bags of cage nuts and screws that majority of them couldn't fit

And the prof and I had to manually sort through every single one of them

And organize it for him

And that added an additonal 1 hour of work to find the right screws and 2 hours of installation time because sometimes the screw would go in and other times it wouldnt

Also, they had varying cage nut sizes, but the same cage nut color

So confusing for my first time working with a rack

Next time you'll have a cage nut installer tool

@waxen scroll that's right. It's on its way now actually

Today they will bring some people to help us lift our cabinets and move them to the back of the room

We will have even more space once this is done

yeah, BGP hijack

surprised that somehow this company who only had a /24 managed to announce pretty much a /4 to their upstreams without raising any red flags

dunno

any time i want to do anything i have to call and get a filter updated as well as prove i own the subnet

Hi, I have a problem with my pc, sometimes it won’t start. Got to unplug and plug again power cord and boom it starts again. How can I weather its PSU or something else?

#tech-support

Yeah sorry

Just realised

My bad

may be a bad contact or the psu i would assume tho 😄

It affected me. I couldn't use the internet this morning (I was using 1.1.1.1 DNS server though)

Also discord was down for me

discord was down this morning for some time yes

discord was having some internet issues according to their status site

They should have some sort of validation methods for bgp routes. Maybe even some kind of PKI setup

Why should it still be a problem in 2019 if we have people who know how to think of a solution for it? Don't answer that question actually lol

https://blog.cloudflare.com/how-verizon-and-a-bgp-optimizer-knocked-large-parts-of-the-internet-offline-today

BGP is what 20 something years old now?

BGP route validation has beed a big thing recently. No great solutions yet. Mainly IRR based filtering and RPKI. Neither of them are optimal. The internet is a bit cobbled together and only barely works most of the time. I don’t imagine we will see any better solutions any time soon. Maybe if someone makes a better version of BGP that is still compatible with the current version but has additional features if both sides use it

How is BGP cobbled together? Build a neighbor and route-map to block prefixes. Not fucking hard.
Nothing wrong with the current BGP.

No it's not. It's maintained as you build a neighborship

2 extra steps

If my neighboring AS does not originate a network it's being dropped, all else is allowed through. Not doing that is just carelessness and results in the hijack

If that is too much then run a bogon and martian services using DNS queries to authenticate netowork ownership

You know it's hot outside when the switch fans are making a sound they've never made

Not at all what I'm saying

I don't think you understand what i am getting at

Basic BGP security

Just because I drop an illegitimate prefix doesn't mean I'm dropping all prefixes

We know all out neighbors and originating netoworks. Of our neighbor was advertising 1.1.1.0/24 with a single as-path it's dropped, they don't own it

You're idea that you need to peer with everyone is not correct at all. BGP is a combined effort, of everyone did even basic filters there would be no hijackings.

i do that shit internally as it is

when i BGP to a business partner, all of that is locked in

Well according to everyone here you should just allow everything

i have a funny story about that

this business partner decided IPSEC sucked ass and wanted MPLS

ok fine, i dont care... put it in

i ask them if i can just advertise default route since most people order new VRFs to connect to me

they say "sure, fine" and the circuit is turned up with the advertisement at 10pm

geniuses ordered the MPLS on their corporate VRF and i ended up taking a lot of their company down

and if i didnt filter them, my VRF for them would have been flooded with all of their corporate routes

so i had to fill my router with static routes for them

because i cant just advertise blocks of subnets

they wanted all /32 for everything they need to access to avoid conflicts

they cant hide behind FW because of the design they put in

https://twitter.com/eastdakota/status/1143182575680143361?ref_src=twsrc^google|twcamp^serp|twgr^tweet

@hollow marlin I was not saying the BGP was cobbled togerher. BGP works about as good as you could expect it too. It's the internet that's cobbled together. Some people filter, some don't. There are so many different ways that filtering is done. IRR based filtering requires knowing people's AS-SET and if you don't know it, the best database we have is PeeringDB which does not validate AS-SET input for even being a valid name. You can (and some people do) put it in your AS's whois record in a way that makes it very specific but no one that I know of parses that info. bgpq3 does not and it is the most popular tool for generating prefix lists.
While it's not as important, there a number of internal routing protocols such as OSPF and IS-IS that each work differently and can cause varius issues with multihomed customers.
Some routers won't decrement TTL which messes up traceroute. Some people block the ports that traceroute uses by default alltogether. Some people block ICMP alltogether which is even worse.

Large networks will always perfer your direct connection over a non-direct but farther away connection. For example, I have a direct connection to HE in Germany. I have an indirect connection in California. If I did not prepend in Germany, then even connections from the same datacenter as me would prefer the route through Germany since it is direct rather than through one additional AS.
I won't get into IPv6 too much but I will mention that there are many transition tehnologies and while most of the client level ones are fine, there is a bit of weirdness with the carrier level ones.
Main issue is with the huge lack of and inconsistency in filtering. As you said, even a basic filter could eliminate most hyjacking. If we could get everyone to use bgpq3 filtering and RPKI filtering, that would be the best we could imagine at the moment but it's not the best at the moment.
Yes, BGP works. Yes, filtering works (if you actually do it). But both could be improved significantly though that just is not possible at the moment

@fresh copper very well said

I've been dealing with these types of issues for a while now. If I could redesign the routing protocol today, I would make one that implements both internal and external routing, a bgp communities like system that has a large set of default communities for the most commonly used functions (like prepending to a specifc peer or not announcing to a specific peer), routes are signed by the originator in a way that can be validated from information given in IRR or similar (very much like how RPKI works but the actual route it signed too so that even a router pretending to have the correct ASN would not provide a valid route unless it had the correct private key), and a better routing protocol would be implemented other than shortest AS path (perhapse it does an RTT test of a link with a neighbor to use as path cost, manual path costs, metrics, local-prefs, and other fudging methouds would still be included though). Backwards compatabuility with BGP at the least would be included as well so that you could send and recive routes with BGP speakers, all of the features that are not included in BGP would just not transfer. I'm not sure how the routing algorithum would work in that case when determining which route to use between BGP and a non-BGP

This will never happen but It's my dream routing protocol at the moment. I might try and write it for fun some day and maybe I would use it internally.

Hello, is there a simple cheap way to connect to Ethernet ports via wireless methods across a single room?

in another word, i have 2 Ethernet ports in the same room, one on each opposite side. so, I don't to to connect between them via a cable that will cross over the room. Any wireless methods?

this will provide a solution to relocate my TV receiver (provided by telecom operators).

You could do it via an ethernet bridge and a wifi router

yea.. I could, I just thought might be an easier way and faster and easy on the pocket

Is the old FreeBSD PF still good or should I switch to PF Sense like I see most everyone doing now?

I'd probably personally recommend PFSense

PFsense is good I don't personally use it but I have in the past and it's fairly intuitive and easy to understand.

@stable crest we are using pfsense in a classroom lab and in production environment.

The only gripe is that some third party packages crashed our firewall

@little schooner what's your point? I'm confused lol

hey guys. i have a Cisco 3560e 24 port poe switch that has 2 pfs 10gb uplinks.. i also happen to have a motherboard w/ 10ge copper lan ports.. what adapter do i need to connect these two ?

https://www.google.com/search?rlz=1C1CHBF_esES848ES848&ei=A2ESXafhAYS2gwfQv6bIAg&q=sfp%2B+to+ethernet+cisco&oq=sfp%2B+to+ethernet+cisco&gs_l=psy-ab.3..0i30j0i8i30l3.17575.17575..17784...0.0..0.73.73.1......0....1..gws-wiz.CJaMV70s5EU

this, sorry

basically, you need a SFP+ to rj45

compatible with cisco

do i also need an x2 adapter to plug those into?

i think the ones i currently have are only 1g

if you dont have 10 G ports on you borad you will need a PCI expresds card for 10 G. you can use one with 10G rj45 ports or SFP+ ports

my board has 10ge ports copper

https://www.gigabyte.com/us/Server-Motherboard/GA-7PESH2-rev-10#ov

this is SFP, witch is 1G

so i'd need a 10g x2 AND the adapter you linked.. correct?

well

hold on for a moment, we would have to check if its compatible

Cisco Catalyst 3560E-24PD (24 Ethernet 10/100/1000 ports with PoE and 2 X2 10 G
igabit Ethernet uplinks )

then yeah, you would need the 10Gig connector, you may aswell buy the one that outputs rh45

never seen them, but i can only guess they will be something like this

https://www.google.com/search?q=10G+connectors++cisco+for+3560+e&rlz=1C1CHBF_esES848ES848&biw=1920&bih=969&tbm=isch&source=iu&ictx=1&fir=tCtU_u_Zk_Gd_M%253A%252CLYeFTHXyc_ivwM%252C_&vet=1&usg=AI4_-kR3GqQIJ5FMdL_Gx5ORoH6wjKYKrg&sa=X&ved=2ahUKEwiy9rWJnYXjAhWRlhQKHa_vCMMQ9QEwAXoECAAQBA#imgrc=tCtU_u_Zk_Gd_M:

You'll need an X2 to SFP+ connector and then a 10G copper SFP if you don't want to buy a PCIe card for your PC

Easier way would be buy a PCIe NIC with an SFP+ port and then get a multi-mode X2 optic and multi-mode SFP+ optic and go SC to LC with the multi-mode fiber

The X2 to SFP+ adapter is going to run you $110+ alone
https://www.fs.com/products/33676.html
Whereas you can do the easy way for that much total most likely if you buy a used PCIe card

@thin arch

@stable crest oh because you said pfsense is good

I was just agreeing with you

Oh

at a layer 2 level ? im sure many can at layer 3

so i guess any layer 3 from cisco that supports that code

if you want a new fancy one, 9300 model supports it

@clear igloo quick, get your sales guy on here

Sell sell sell sell sell

😛

its a warm lead

Depending on the switching needs, I'm pretty sure the entire N9K line can do it. Not 100% on the 9200 N9K but I know the 9300 platforms all can

@clear igloo ive noticed ryois doesnt talk here anymore

@waxen scroll Haven't seen him talk much anywhere lately

anyone local to BC want to do a group buy? https://www.bcauction.ca/open.dll/submitLogin?language=En&disID=7715390

1 x Check Point Software Technologies IAS D1 Bundle
1 x Check Point Software Technologies IAS d1 HA Bundle
1 x Check Point Software Technologies VSX 10 HP Virtual FW D8
2 x HP A5120-24G
10 x HP ProLiant DL380p Gen8
3 x HP ProLiant DL360p Gen8
1 x Oracle Sun Fire X4270 M2
1 x VSX 10 Virtual FW D8
1 x HP ProLiant BL460c G7
2 x Oracle Sun SPARC T4-1
2 x Oracle Sun X3-2
1 x Oracle sun X3-2L

i would take a couple of the gen 8s and a sparc or two

That’s tempting but I’m not sure I really need more servers. It’s also on the island and I’m on the mainland and the ferry is expensive if you are bringing a car over. They do shipping but shipping a pallet of servers is pretty expensive too.
I’ll have a think about it, so far the current bid is not too bad for a group buy

same, i live in van, so was hoping someone has a truck 😛

I sent it to a friend in Victoria

His response so far

I would love to have on of those oracle sun spark things. They sound really cool. I bet they could get good performance with a source based distro

I would consider splitting it with a few people if it didn’t go much higher but I have a feeling it will

im not great with networking, but im thirsty to know more about it, but i have no idea where to start

so yah im ju7st looking around for a suggesitionm

@stoic tendon start with Odom's ICND1 and ICND2 Cisoc press books. They are a great place to get started even if you are not going for certs

I just wanna know more about networking, as it helps me with website development, and also managing networks in the best way possible @hollow marlin. Thank you.

@stoic tendon there is a lot to know but that should get you cover with what most people need. Good luck man

Ty :D

Anyone here knowledgeable in VOIP? I got an issue where calls placed on park "hold" "busy line feature" are disappearing in space. In other words. When a person place a call on park. We have to reboot our phones in order to see that call on park. If we don't reboot our phones, the call essentially get lost in cyber space and one of two things happen. 1) The caller thinks we forget about him and hangs up on us. or 2) That call is never answered and the caller is left on hold on the parked line.

What I am wondering is. Can a 2001-year switch be the problem. Because I have factory reset and re provisioned these phones. The switch that everything is connected to is a Cisco 2948-G. Yes I know, it's old. I haven't had the funding in ages to buy a new switch, but I think i'm about to force the issue to get the funding for a new switch.

I am not a voip person, but have you tried packet analysis on a working one vs a bad one?

@fresh copper i have some sun fire v100s with sparcs in them

I forget which

I just talked to a few people. I don't think it's the Cisco Switch. Yes, it's old. But, it's likely a firewall/SIP ALG issue.

@hollow marlin where do they start teaching things like igmp? I did not see it in ccna studies

And switch stacking?

@little schooner igmp is in CCIE, actually I'm tackling that next after IS-IS. Switch stacking is in CCNP

Interesting. I don't understand why igmp would be regulated to ccie, it's important to learn especially since my edgeswitch gear has settings that can be configured optimally once I have the proper understanding

Even with routed multi igmp

I guess I'll have to reference it separately

igmp used to be ccnp

@waxen scroll edgeswitch has the worst implementation of it. It's a mess to configure

Also I've had a config get bugged because it allowed multiple states on the interface to exist

Something akin to portfast and trunk enabled at the same time

igmp is annoying period

They do no type of config validation

@waxen scroll yes very

@little schooner it's not a core concept needed to be learned. That's why it's not in the material early on because you need a solid foundation of routing and switching before handling multicast

@clear igloo let's offer this chat Wireshark reading services

$300/2hr?

Y'all got phone issues? @little schooner what do we tell them????

The ...

@everyone anyone in West Virginia US looking to support a small PC business?

https://i.redd.it/h23pdmn2wn631.png

Yo

@waxen scroll dunno, what do you tell them?

I didn't work with voip yet

We had a Russian student come in and explain his resume to us about how he's going for ccnp

And then ccie after. He worked for government like department of homeland security and stuff

We never saw him again after his appearance 2 weeks ago

Why does CAT6A command such a higher price?

required shielding iirc
also actually rated for 10 gig

10 gig the full 100 meters right?

but 6 can still do 10 gig, only at shorter distances, from my understanding

not officially

as in its not required to to pass

ahh. My professor is buying CAT6 cables for the computers

CAT6A would be another $10 per cable

We'll make sure to buy CAT6A for the servers at least

@little schooner 5e can do 10gig up to like 30m

@hollow marlin and the workstations will be super close to the switch anyway

in the same room.

Definitely try a 5e cable and see how well it handles it

@hollow marlin is iperf still a good test?

I know microsoft has their own that I used too that was good

iperf all day

the windows version is totally unreliable

We have dedicated iperf server. Honestly the best way to stress circuits

on a linux distribution?

which is best

what did you put iperf on?

Yeah its just a linux VM on single blade Dell something or other with a 10gig nic

Okay. yeah I will end up doing that. Windows version was just too frustrating

I remember that I couldn't do TCP tests with it

I didnt even know windows had one

yes, they have some binaries for it

iperf is just a simple , quick and effective way to test bandwidth and CRC errors

perfect for us. We will be testing SAN speeds probably later this year

it will be excellent test

We are waiting for grant money. The grant person left for vacation before we could talk to em

In 2 weeks, we should be able to start placing more orders for equipment

@hollow marlin The only other person that I met who was going for their CCIE was this Russian student who came to talk to prof about registering for some classes

it was pretty interesting

By classes do you mean bootcamps?

uhh I mean like semester long courses that run for 12 weeks or so. Fall semester, Spring semester, etc

like LAN management, cisco networking I-IV

Wait they have classes leading up to CCIE?

stuff like that

No.

oh

Yeah none for CCNP or CCIE

We are just CCNA camp

Makes sense, thats past what most people should know

Yeah. Most people stop at cisco network II course, actually

the degree only requires up to level 2

which is enough for CCENT

CCNA is all four levels

Its good that the schools offer it. Two co-workers have masters in Telecomunications and it taught them nothing of what they needed to know

Yeah. For a good 3 years, he was the only professor that could teach it, since none of the other staff met Cisco netacademy's requirement of maintaining CCNA certification to be a trainer

but now he has backup in case he is absence if another prof needs to teach it

The network admin ran away from us again today xD We wanted access to the server room which our dell poweredge blades are stored

we needed to make some changes with physical ports and idrac. Something wasn't configured right on it

You have a switch by chance being fed off eqipment in that room?

that you have access to

We used to, but they blocked the port we were using to access that room for some odd reason

That's why we have to go back in there

aww...I was going to suggest having some fun with loops, forcing them to open the room

that'd be crazy for sure xD

but the switch its connected to, its a cisco 4948 gigabit switch

4900 series, never touched thos

Cisco websites claims its "layer 2-4"

but what would it do special at layer 4 that would make it a nice switch feature?

We don't really use any of the advanced stuff on it. Its just the one they had ready in the rack

Specs say 72mpps which is decent for a switch...if I can recall

no slouch thats for sure

The part that really upsets me is that the uplinks are not 10G

We need it to be 10G uplink for the SAN

we were planning to do dual 10G for 20Gbps aggregate

Looks like there is a 4948 10 gig model

You end up purchasing the FS switches?

I did not yet, no.

or check out Aruba

I am still considering them

I will check aruba too

I am curious about Aruba. They have been the new L2 fuckboi in town where everyone needs a ride

Still getting used to Ciena for our L2 endpoints/transport

we just bought like 10,000 aurbas

for L2

to be fair tho cisco won that bake off and someone high in mgmt did a golf course deal with HPe

sooooo

Less L2!!!!!

im not allowed to touch them and i want to keep it that way, so i cant comment

Id keep it that way. What are they for?

they're for small buildings where the firewall is handling intervlan routing for reasons

10,000 switch + small buildings dont go together lol

retailer

theres many small buildings

ahhhh

some have up to 3 switches

so yeah

i want no part of that side of the business

let those engineers handle it

😄

neither would I. I hate supporting customer endpoints let alone manage them

i do the big picture stuff.... data center, WAN, etc

i hate small repeatable stuff

so boring

• support

I hear you

they actually forgot to even put me on the on call schedule

its amazing

Ive been off on call for 3 months now and its glorius

I dont miss 80 hour weeks, every week on call

my last job was nightmare on call. i would get like 8 calls a week for really stupid stuff most of the time

heh....8 calls

I got that every 2 hours after 4:30

it was a fucking nightmare

the NOC was barely able to help us past opening a ticket with the provider, so i would have my personal life interrupted by this crap

I just wanted the NOC to atleast get enough info for me to call back. "Their hosted PBX dropped and now the hospital said they cannot place calls".....Ok, whats the number to the tech ....oh you didnt get that.

Ill just call their unresponsive system

my job before that one i worked for almost 3 years... only called twice, both during business hours

that was HPe NOC managing our stuff and me and the team only doing engineering and "oh shit" type support

so mostly oh shit stuff then

😃

it had to be bad enough that it needed a redesign for the most part

so i go from that to 8 calls/week on my week and they cant even tell if standard QoS is applied correctly

Thats what my last ISP was. Was engineer for essential a flat medium sized ISP

It had to be overhauled. I fixed a ton but there are still problems due to shitty politics

@hollow marlin I put the route map fix in last night

Cleared up the issue

Also ran into another issue doing it

What did you run into?

match ip prefix-list lurick lurick_lab

lurick doesn't exist

no match ip prefix-list lurick

Doesn't work

no match ip prefix-list lurick ?

Only shows lurick_lab as an option

I had to remove a very important route map line to delete it

I copied it all over line under and corrected the number later

No outage

Suppose I could have made the prefix list and tried that

😄

I don't do my best thinking at night

🔞

@waxen scroll I do great thinking at night . But I'm never dealing with the complex things that you do with isp

I'd prolly need to sleep on those til morning to do right

@little schooner after reading those sentences I think you already need some sleep

@hollow marlin ahh. I was writing like that on purpose xD

I'm troubleshooting why the access point in the lab isn't sending LAN activity

It turns out that while my professor was fishing the cable through the drop ceiling, he managed to somehow pull wires 1 & 2 out from the copper patch cable plug

Nice. Now we have to fish an entirely new cable again...

@little schooner your school should teach troubleshooting a new config at 11pm at night while a WebEx is going and people are growing impatient

@hollow marlin what do

🙏 👏 🙏

Schools need to start teaching real world

@little schooner how about review boards and running changes through them?

I'm having a problem with my ISP (tag me when answering)
Here's the deal:
I have a 30Mbps download and 20Mbps upload connection
In the beginning, my direct ping to my friend's ip was 1-3 (same ISP)

That changed when the ISP name and the ip changed in speedtest.net

We are in the same "ISP" and we get 350ms ping in games that any of us host

But when we play something like CS:GO, our ping is 40 each (what should be equal to a 80ms ping direct to him)

And I can't ping him in cmd anymore (packet loss)

Any ideas?

@rigid root So what actually changed? You are claiming to both be on the same ISP but meantioned that changed as well as the IP.
So either you guys are really not on the same IP or there is info missing

We are on the same ISP

But on speedtest.net the provider changed

It was ILogNet and the ip started with 191.7

That's the new one

Since then, we can't host games for each other

We suspect that this ISP is 1600km (1k miles) from here

@hollow marlin

Looks like rr services is owned by ilognet. There could be a multitude or reasons why it changed. Don't have an answer though because that's in SA

It's probably owned but it doesn't make sense to take my route 1 mile further

And that ping issue

I've already stopped trying to understand and now I'm only looking for a solution

Again it can be from many different reasons. Could be a transit path change, could be a hijack, could be just shitty routing.
There is no solution you could do on your end

I'll bet on shitty routing

Thanks for the help

@waxen scroll the thing about the end user is is that they believe that problems should be fixed immediately but reality is that things can take time to do it right.

Also, fishing the new cable for the access point wasn't that hard. He rolled it up and then threw it across. Then he had to get on top of the rack cabinet to finish dropping down the wire

And then we got new tables in the lab too

Now, we just added two more student computers

Looking good so far. We didn't cable label yet unfortunately :/

But we trust the documentation that we have written so far and will go with that till we can sit down and finalize some nice looking docs

@waxen scroll They should also teach having to deal with useless support from vendors, then the support agent changing every 6 hours so you have to start the entire damn explaining process from scratch

3 times in a row

And it's your phone system which apparently isn't a P1 incident (our end P1 not vendor) even though it's clearly a health and safety problem

@little schooner Two identical APs, one negotiates via CDP for power and the other via LLDP. Identical configurations on both ports. Explain 👏 👏 👏

@strange silo yeah, sometimes i fix it for TAC

zomg

Do eeet?

nah, its too annoying to move my PC and my mobile is only a surface pro 3

Yah, I can't move my pc, lol

i got one of those cases thats all glass

One ART, please

😄

i was in a drawing yesterday with a 1 in 17 chance to win a surface pro 6

didnt get it, i won a azure shirt

not even gonna bother picking it up

lol, yah

it was them bribing us to take azure fundamentals training

im currently waiting on the 3 to die

i use it almost only on vacation and for videos and web

its an i7/8gb ram

its not terrible to use

@clear igloo beats me. Did you test both cables and start from stock config again?

Yup, both same cables, port bounce fixed it 😄

Ahh nice

What is a port bounce?

shut/no shut

Oh that

That reminds me of when port security takes a port down and you have to run Those commands too

Some student plugged in a switch into a portfast port and the prof was wondering what happened

@waxen scroll so all the student workstations in the class are finalized now. The room is capable of 835 mbps up/down synchronously for the internet connection. Before, we were getting capped at 93 mbps

In addition, windows login time went from 2 minutes to 9 seconds (initial profile creation) and 5 seconds (login when profile has already been created).

5 seconds is for the login time, not power on time

And dual monitors for all students

They better bring a seat belt to the class this time

835mbps? Weird cap.

Yeah, I guess they are shaping it or something

It's the schools network

@pseudo blade though I'm not sure if it's a bottleneck of the sg3100 router

Check CPU usage under load?

Yeah I just checked. It does not have hardware support for WAN gigabit speed

Not like that matters much.

I should check cpu usage though

I'm sure the school has multigigabit speeds

Are you aware of the architectural limitations of the four-port section?

I am not.

Those four ports share a bus. (2.5gbps total)

Of the router?

Yes.

Yeah. Unfortunately the professor bought this thing without consulting with me

Shouldn't be a big deal if you pick your ports right, as long as the CPU has the grunt to handle it.

I'm able to do gigabit on worse.

Hmm

What/how many networks does it handle?

And what ports are being used to make that happen?

It's using LAN1, Opt1, and WAN port. It only handles 3 networks. 4 if you count the WAN

Three networks on two ports? VLAN?

Yeah

The four-port switch's limits shouldn't matter much to you, then.

That's what my prof loves to hear lol

You'd hit gigabit ethernet as a limit first.

Can iperf even be tested over the WAN?

I would just need to find a server that has 10g

Why wouldn't that be possible?

Well, the lack of servers on internet that have 10gbps internet

I guess

Public iperf servers that fast

The router has gigabit-only interfaces.

Yes

10-gig isn't necessary to test it.

Oh, no I meant for another pc I was going to test with

It has Intel 10g card to test the port outlet

I was thinking of iperf

Some of our port outlets connect directly to Wan lol

In the classroom

If the switch upstream is multigigabit, could maybe bridge two ports upstream.

Yeah. Well it's something we'll have to figure out

What's opt1 used for ATM?

@pseudo blade well, since the college higher ups blocked our WAN port in the classroom, we are connecting to a different room, from our classroom to another server room that can lead us to the Internet

It's router - - > router - - > Internet

We begged and cried and they wouldn't give the internet back

So this is the Solution we were left with

Well in that case the issue is interpersonal communications, not network communications.

Hahaha yeah

Were up against a culture that doesn't see the bigger picture of why we're upgrading. It's all for the students benefit

If you're not getting good results, perhaps you are communicating with the wrong person?

They purposely are blind to it

Like we explain how we could flip a room that isn't being used to have more student

And they say that, because the idea makes sense, they don't want us to do the work

Tried talking to their superiors about it?

Because it makes them look bad

Easy. Make them look bad.

@pseudo blade yes the department chair. She won't budge on the decision

But I will confess, I didn't specifically ask her though

Teacher did

Who does the department chair answer to?

Not sure.

Find out.

I've had to deal with people like this before and I hated it.

New task for Monday 😄

@pseudo blade I'd say the longest tasks we had to do was the physical rack mounting and cabling

We had varying cage nut sizes and screws that wouldn't fit and it wasted so much time

Ugh the network admin just told us to go look and see what fits

That is not good organization

Well... No. But I'd be talking to that network admin a bit more to see if they know who could make the situation less shit (as this is advantageous for them).

When the power trays both have power and you need to update firmware but it won't update because all 6 plugs (per tray) aren't fully populated with power -.-

Hah design fail

@pseudo blade yes. Only issue is is now he leaves even earlier

It's a "feature"

Strange

@pseudo blade my prof has a hunch that he leaves earlier so we don't ask him for help or favors xD

Remember how I told you he runs away from us?

XD

Don't burn bridges with them, but might be worth seeing if there are way to make their objectives align with yours.

@pseudo blade yeah. We are still friendly and understanding to them

Because if I was a network admin and stuff like this was happening in my network I'd probably be more than a bit frustrated.

Ultimately he has the key to the master server room

Well... I am a network admin, but most of the routers I manage aren't connected to each other :P

But you know what, the prof is doing this (and sometimes even spending his own money) to make the learning experience better for the FALL 2019 students

@pseudo blade yeah we had to ask him for permission first

Initially he didn't understand what we wanted

I'd refuse to spend my own money on principle.

Hehe

I rebuilt the technical college I went to's student network (which was screwed up by a shit, actually employed admin) when I was a student there, but I'll be honest and say I did that for half fun, half "I'd like to be able to use the internet at all times, rather than 80% of the time"

That entire building had a 50mbps pipe, so cutting-edge stuff was not required :P

Ohh that's sounds like it was a big project. We are lucky just to deal with our network only for complexity lol

@pseudo blade oh so like cheap gear then

Yeah their internet speed not so high

I had old, shit Cisco stuff and that was really all that was required, but I brought the network from 10/100 to gigabit to student workstations/desks.

Awesome. Yeah we were at 10/100 for the longest time

Fixed the DNS+AD server, which had sat unloved for multiple years because nobody knew how to use it, despite that being part of the course material.

Hahaha

Least it's getting the love and attention now

It was running in a VM on Server 2012, on a PowerEdge 2900. This was in 2017-2018.