Passive Optical Network (PON) Vendors
Currently using tellabs, not a terrible product. Just curious what other vendors you all use out there. Coming up on LCR for the few sites that use it.
Currently using tellabs, not a terrible product. Just curious what other vendors you all use out there. Coming up on LCR for the few sites that use it.
I am learning concepts like NAT (Source NAT, Destination NAT, NAT Server), VPN(SSL,IPSec), security policies, nat policies and different profiles in firewalls like URL filtering profile or IPS profile. I am not following in what order incoming or outgoing packets are matched against different modules of firewall. I have searched the internet but I couldn't find consistent answer. Does anyone know good sources where I can read about this?
Hi everyone,
I'm trying to get the Cisco Nexus 9300v running in EVE-NG hosted on a Google Cloud VM, but I'm stuck with a black console.
The problem:
The node starts but the HTML5 console stays completely black — no boot output at all. I've waited 15+ minutes, still nothing.
My environment:
- EVE-NG running inside a Google Cloud VM
- 32 GB RAM on the host, plenty free
- Using the HTML5 console for CLI access
Images tried (both same black screen):
- nexus9300v.9.3.9.qcow2
- nexus9300v64.10.3.9.M.qcow2
- vJunos-switch and Aruba CX on the same EVE-NG are working only Nexus fails
My question:
Has anyone actually gotten the Nexus 9000v to boot in EVE-NG specifically on a Google Cloud VM?
Hi all,
I was hoping someone here might have an idea for typical latencies in OADMs (bonus points if anyone has experience with the ones from solid optics)?
Essentially, I'm a scientist using these as spectral filters in an experiment where I'm sensitive to timing disruptions on the sub-nanosecond time scale. I'm finding a null result and one of the causes could be that our OADMs (2 channel, solid optics) are introducing a differential delay of over 3 microseconds. I've never built or seen the inside of an OADM before, but I have a hard time believing that there's over 1km of fiber inside. Especially, to the first drop. If anyone has some more information, it would be greatly appreciated!
Cheers, QoO
Hi! I'm six months into my first IT job as a junior network technician. I've got my Net+ and schooling in CS and networking. Basically, I know enough to know I know nothing.
The environment is a small university, so it's a mix of needs. Our team size is 3, and we use Meraki. I know this is a "non-standard" environment, but I'm starting to wonder if our network is a ticking time bomb of issues and will teach me bad practices. I'm also know I might just be an arrogant junior, so have kept my mouth shut so far.
Some issues include:
-Our firewall, isp, switches, and wireless are all separate dashboard networks. Based on daily/monthly users I believe that combining all but the wireless network would be best practice and allow for better troubleshooting. I really can't see how traffic flows had to use the API to cobble diagrams together. My boss won't commit the documentation or even look at it, so no idea if they are even correct.
-I regularly find acces ports on loop guard. I wanted to add portfast with bpdu, but my boss said we don't use that. I asked why and he said we don't need to.
-During my probation period I shadowed on like 4 tasks, including another AP being switched to loopguard, likely due to a reboot leaking a bpdu (looked it up myself). I'd say Ive had max an hour of interaction a month with my coworkers.
-I have been assigned an API integration project for our monitoring system. I know I can do it, but I am also totally isolated and my meeting requests get ignored, so I don't even get a chance to verify what tools I should be building.
-multiple public-facing APs in low power mode. This could be budget issues, but also like I don't understand how it would be considered an upgrade and no one will explain why.
Im fine working with a broken network and working outside my title, because that's just life. However, my confidence is getting destroyed because I'm left to assign myself projects, rarely get tickets, and when I ask questions regarding our actual operations either get ignored or told to figure it out, despite there being zero (truly zero) documentation.
This post is long enough, so I'll just end it with should I focus in getting my CCNA and RHSCA and leaving sooner rather than later, or is this environment not as messed up as I think and I should stop being a whiny baby and actually learn. I know Reddit can be brutal, so let me have it.
Hi, I'm trying to pass the DevNet Associate exam in the coming months, but I'm having a lot of trouble with study materials. I understand the main concepts of automation, Python, APIs, and networking tools, but memorizing the smaller details is really hard for me. I've given up a couple of times but keep starting again. Can anyone motivate me or give me some suggestions to keep me studying so I can pass the exam? I'm using a book, videos, and DevNet labs as resources. Thanks in advance!
I'm trying to setup WireGuard for our small office.
With a simple port forwarding, WireGuard won't connect. But with DMZ turned on, it connects quickly. Is there anything I'm doing incorrectly? Or it's safe to just use DMZ since the Dream Machine has its own firewall rules?
Thanks in advance for your help.
Been thinking about this a lot lately. Over the past few years it feels like every major vendor is pushing harder than ever to keep you inside their ecosystem. Proprietary control planes, licensing tied to cloud portals, features that only work end to end with their own gear. I get why they do it, that's how they make money. But it feels like the skills you build are becoming increasingly vendorspecific rather than transferable.
I remember when knowing solid routing and switching fundamentals meant you could walk into almost any environment and figure things out. Now half the battle is knowing which version of which software license unlocks which feature on which platform, and that knowledge doesn't always cross over.
What worries me more is the career angle. If your entire experience is locked into one vendor stack and that vendor falls out of favor or gets acquired, how portable are you really? I've seen a few job postings lately that feel more like they're hiring for a specific product than for actual networking knowledge.
Curious if others are feeling this and how you're handling it. Are you deliberately trying to stay vendor neutral, pursuing open standards, or just going deep on whatever pays the bills right now? Is there a smart middle ground here?
Hi! We are considering new sd-wan, next gen firewall for our remote sites.
Currently we have shortlisted CSF220-TD-K9 and PAN-PA-440.
Licensing for both is a mess, but for Cisco it would be TMC license for PA, not sure what is the SKU as the CORESEC bundle has been listed as EOL. Replaced with Precision AI and Precision AI Pro.
Both systems are similar in terms of pricing and offered features. Could you share your experience and thoughts? How to they compare nowadays?
Easy to use and deploy, etc.
Also with Cisco, we would use Catalyst C1300 series, with PA either same switch or other brand.
We have been also considering Versa CSG355 Elite but typical response time is like 3 weeks which has been off putting and pricing was higher than Cisco or PA.
Currently using FG60F but licensing will end next year, so we are looking for alternatives.
Thanks.
Hi,
We have a customer running Nexus 7K switches in a vPC pair with several FEXes connected. We need to upgrade them to a newer software version due to a few bugs we’ve encountered.
I was wondering what the recommended upgrade approach would be. Would you upgrade the secondary vPC switch first, let it rejoin the vPC domain, and then proceed with the primary switch (No ISSU available, disruptive mode).
Also, what’s the best way to verify that all servers and other connected devices are dual-homed across both vPC peers so we can minimize any service disruption during the upgrade?
I’d really appreciate any advice or best practices. Thanks!
I'm a little out of the loop as to what the best solution for this is these days. I'm still using GNS3 myself.
I'm taking the Aruba campus pro cert (HPE7-A01) and need a good lab to practice for it. My company doesn't have extra hardware at all, so I'll need to do all labbing from this Server/PC. I don't have a lot of money to blow on a home server of massive spec, so even if I have to break down each lab to bare minimum just to learn the concepts. (example, to learn basic Clearpass config, having a lab of simply 1 or 2 switches, w/ 802.1x or just spinning up enough switches to practice simple policy based routing or a VSX-MCLAG topology).
TL;DR: What's the bare minimum spec you recommend For a home server to practice for my Aruba campus pro cert, and later down the line some Cisco certs using CML?
I feel like I'm about to pull my hair out so I figured I'd come here to vent first. I was told to upgrade the IOS to 17.16.1, which isn't a starred release. And there's no starred release that supports QUAD SUP on a C9600 with SUP 2's. The only current starred release is 17.15.5.
First off, my standby sup does not take the upgrade. So show redundancy state shows the operational status of SSO as off. And I have to manually remove the blades and independently upgrade each supervisor.
Then I try to apply the standard VSS stackwise domain commands, which the switches take, and reboot. But they also reboot into this odd config, before after a few minutes resetting into the config I have set. The confreg and romvar values seem correct. 0x102.
Then I go to set the VSL links, my first chassis takes it without issue. My second chassis immediately crashes and reboots each time I try to apply this config. This happens regardless of whether they are physically connected to each other or not.
Is this just a buggy release? Do any of you have this running in VSS on 17.18.4?
I'm opening a TAC case on Monday regardless, because none of the documentation for setting up QUAD SUP is any different than setting up VSS on a 9500 pair.
I’ve been with a large isp my entire career in networking, moving up from NOC 1/2/3/eng all the way to Lead operations engineer.
In my NOC days I was troubleshooting and deploying metro-e circuits ranging from straight layer 2, up to multi-leg ip vpls services. I’ve worked on a wide range from Cisco/juniper to Nokia and all in between.
When I made the jump over to the engineering side of the house it has been mainly access network project work. I’ve built out a robust access network spanning the continental United States, supporting DSL/GPON/XGS-PON and VOIP. There have also been core network augments, bandwidth upgrades, and massive migrations. I wear many hats in my position.
In this position I’ve become the single engineer over seeing all of these moving parts. I’m massively underpaid and seemingly with no room for advancement. To say I’m burnt out is an understatement.
I have 2 AS degrees, one in computer science and the other in advanced network engineering. Hovering at 10 YOE supporting enterprise networks with high availability.
I’m feeling lost on how to leverage my experience out of my current position. I know that the job market is not great with lots of other engineers flooding the market due to layoffs.
Any advice on how to escape?
EDIT: - just want to thank everyone who has had an input so far and any advice that’s been suggested. It’s helped out my mental framework tremendously, to anyone else looking to change roles or careers like me I wish you the best of luck. 🤞
The security team at our org doesn’t trust the app-id that is provided by PA because they can’t control it.
Their request is that we create separate policies per app that restrict app-id to specific domains.
Thoughts on how to approach this? Is this contradictory to best practice?
It’s certainly more admin overhead and we’ve already experienced issues where we’re hunting down logs and making multiple changes whereas 1 change with the app-id would have sufficed.
Hello Everyone,
I’m new to the OT world and I’m trying to understand how networking works in OT world. How does it work?
And why do we need switches for OT only or firewalls for OT only? And how does the traffic passes from IT switch or firewall to an OT one.
I appreciate your time and efforts
Hello everyone hope you are well.
2 years ago I got a job as a network engineer in a small isp ,funnily enough back then I was afraid that I don't have good enough fundamentals , now when I look at it most I stuff I was worried about didn't even happen .
Problem is the isp im in is using very old tech , mostly layer 2 backbone (yes ik shocking but its like a 3rd world country so don't be suprised) ,static routing with some bgp for peering.
Now the reason im making this post is I've been seeing talking about mpls backbones ,segment routing ,overlays ,automation.....
I get that huge feeling of FOMO ,like a caveman looking at alien technology and the thing is im gonna be 30 soon so I feel like the window is only getting smaller.
So does anyone know what is a possible solution is building it in simulator enough to understand, or will anyone take me seriously if I say I have experience with new tech cz it building it in eve ng once
Hope this post made sense
Hi everyone,
I'm planning to take the CCNA exam, but I'm trying to find a way to reduce the exam cost.
About 3 years ago, I completed the Cisco Networking Academy CCNA courses and received a voucher. However, I assume it's expired by now.
Does anyone know of any legitimate ways to get a discounted CCNA voucher? For example, through Cisco, Networking Academy, student programs, promotions, or any other method?
I'd appreciate any advice. Thanks!
It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts and projects.
Feel free to submit your blog post or personal project and as well a nice description to this thread.
Note: This post is created at 00:00 UTC. It may not be Friday where you are in the world, no need to comment on it.
What bells and whistles have won you points? We all know that 99% of the changes/upgrades we implement shouldn't be noticable to most users, but it is nice when your vendor rolls out a feature for the end users that is actually worth the lift.
While I am looking for examples to keep in my back pocket, I am mostly just curious. The only example I can think of that I was a part of was rolling out AR pathing/wayfinding through our facilities via your cellphone camera with our access points. That one cut straight through to guests and end users and the company is so proud of it.