Hello All,
I am tasked with replacing an old linux router setup with Juniper gear
in the near future. Though I am a Cisco guy myself.
Does anyone know of any older cheap Juniper gear I might find on Ebay so
that I may build a home lab without going broke?
Thanks!
--
Steve King
Network/Lin
rDNS should not affect the performance of an SSL device.
On 5/18/10 11:06 AM, Bobby Mac wrote:
> Hi All:
>
> Will having correct reverse DNS mapping improve SSL performance on a 11503
> during peak load? My guess is no but I don't want to pound my prod device
> to find out.
>
> -Bobby
>
--
S
I believe they call this a Gratuitous ARP Request. It is used
automatically when interfaces are brought up to detect IP conflicts.
On 6/17/10 5:45 PM, Chris Woodfield wrote:
> Looks like all the replies I got were private, so thanks all - to summarize,
> I got everything from "Read The Fine Kerne
I am very curious to see how this would play with networks that
wouldn't support such a technology. How would you ensure communication
between a network that supported 33-Bit addressing and one that doesn't?
On 7/24/10 3:26 PM, IPv3.com wrote:
> 33-Bit Addressing via ONE bit or TWO bits ? does NA
The last company I worked for moved to eBGP Multi-Hop where there were
two connections to the same provider (same AS). This allowed them to
utilize both links in both directions vs only one link in one direction
and have failover.
As you have mentioned link state detection gets a bit crazy with t
Cisco uses their own ASICS is their higher end flag ship devices.
Devices such as the Catalyst 6500 series or the 2960 switches. You
pretty much singled out all the major players, including those who have
been bought out (Foundry by HP) and claimed they do not provide their
own, yet 3rd party flaw
On 9/25/10 5:35 AM, Richard A Steenbergen wrote:
> On Sat, Sep 25, 2010 at 03:11:25AM -0400, Steven King wrote:
>> Cisco uses their own ASICS is their higher end flag ship devices.
>> Devices such as the Catalyst 6500 series or the 2960 switches. You
>> pretty much sing
I have had the same issue in the past. The best fix for this has been to
set the Layer2/3 aging timers to be the same.
Matthew Huff wrote:
> Unicast flooding is a common occurrence in large datacenters especially with
> asymmetrical paths caused by different first hop routers (via HSRP, VRRP,
>
I wouldn't consider this a defect. Historically L2 and L3 devices have
always been separate. When you get L3 switch those functions are just
combined into one device. In Cisco devices that support CEF, the CEF
table is used to make all forwarding decisions. But the CEF table is
dependent the ARP an
Relying on a TCN would yield very inconsistent results.
Lee wrote:
> On 6/18/09, Brian Shope wrote:
>
>> Thanks for all the good info..
>>
>> So it sounds like changing my CAM timeout to 4 hours is the best
>> suggestion. Anyone have any problems when implementing this?
>>
>
> Not as lon
Very true Eric. Microsoft even acknowledges the issue, and still has not
fixed it. I have had a few customers use NLB and have this issue.
Eric Gauthier wrote:
> Brian,
>
>
>> The first is preventing it in the first place.
>>
>
> As annoying as this might sound, this is one of the
> standa
Most MTAs don't come preconfigured with port 587 either. It is amazing
how many people/organizations go with the "if it isn't broke, don't fix
it" mentality, even though it clearly needs to be revised and something
new needs to be done/supported. Email needs to be revamped on a larger
scale than ju
We use the 7600 platform as a Customer Border device. It attaches
directly to our core, and directly to our customers. This has been a
solid platform. Before this we used to use the 7600 as a load balancer
for a DNS cluster. Worked fairly well. We use the 6500 series for our
main network infrastruc
We use eBGP multipath where I work. We usually get two or more
connections to each provider we have. Using multipath we are able to add
hardware redundancy with bandwidth balancing (to an extent) with this
method. There are some providers who will only allow multipath eBGP and
not even let you run
Those are very good points Jack. We stopped using multihop for those
same reasons.
Jack Bates wrote:
> Matthew Petach wrote:
>>
>> I've outlawed the use of multihop eBGP for load-sharing here; when we
>> get
>> multiple links off the same router to a peer or upstream, they are
>> configured
>> wit
We use multipath setups for our EIGRP and iBGP configurations for our
internal routing as well. Although for larger networks iBGP multipath
might be of use due to memory limitations on a lot of devices.
Doug Lane wrote:
> On Tue, Nov 10, 2009 at 3:50 AM, Matthew Petach wrote:
>
>> I've outlawe
It would only be a redundant connection if the AS your peering with is a
transit AS. The AS that I work with is a stub AS and can not function as
a fully redundant link.
Just something to watch out for.
Paul Stewart wrote:
> Thanks! That's a really good one and surprised myself I missed it..;)
>
;
> Paul
>
>
> -Original Message-
> From: Steven King [mailto:[EMAIL PROTECTED]
> Sent: October 29, 2008 6:22 PM
> To: Paul Stewart
> Cc: [EMAIL PROTECTED]; nanog@nanog.org
> Subject: Re: Peering - Benefits?
>
> It would only be a redundant connection if the
Kind of a side question but we have not implemented IPv6 in our network
yet, nor have we made any plans to do this in the near future. Our
management does not see a need for it as our customer base is not
requesting it at this time.
Does anyone see any benefits to beginning a small deployment of I
st obvious one is to feel
> confortable about ipv6
>
>
>
>
> --- On Wed, 10/29/08, Steven King <[EMAIL PROTECTED]> wrote:
>
>
>> From: Steven King <[EMAIL PROTECTED]>
>> Subject: Re: Another driver for v6?
>> To: "Bruce Curtis" <[EMAIL PR
My company will be peering with two other SPs in the area purely for
business strategic purposes. It turns out that at least one of these SPs
owns the fiber running to the first CO in our transit back to Chicago.
So it helps to be buddies with these companies.
Paul Vixie wrote:
> "Paul Stewart" <[
>From my experience it just takes time. As users mark your email as
legitimate and not as spam your domain will build a good report Google.
Also, try implementing DKIM to help Google to verify the email.
Frank Bulk wrote:
> Have you worked through this Q/A process?
> http://mail.google.com/support
I disagree with the RADIUS suggestion. TACACS+ is a much more secure
protocol. It encrypts the packet contents and has a more secure
handshake procedure.
Leslie wrote:
> The best answer actually does seem to be to use freeradius instead of
> tacacs, so I will probably go with that (though if anyon
We saw our bandwidth drop on our Level3 OC-48 to about half of what we
were doing. We had to stop announcing our subnets to Level3 to get
traffic to fail over properly throughout the world. We have a ticket
open with Level3's NOC but have not received word on what happened or
when to expect a resol
LMAO thats great. I am so glad we don't peer with Cogent.
Steve Fischer wrote:
> That is too funny!
>
> -Original Message-
> From: neal rauhauser [mailto:nrauhau...@gmail.com]
> Sent: Friday, January 09, 2009 3:06 PM
> To: nanog@nanog.org
> Subject: Cogent haiku
>
> Cogent drops packets.
Comcast has an Ethernet service?
John Martinez wrote:
> Does any one here use comcast's ethernet services?
> If so, what is their price range?
>
>
> Thanks in advance.
>
>
>
>
--
Steve King
Network Engineer - Liquid Web, Inc.
Cisco Certified Network Associate
CompTIA Linux+ Certified Profess
I can't even get reliable home cable internet service from them. No way
I would ever consider using them for transit. I would only consider a
stub peer with them to help out the poor Comcast customers who are also
trying to get to my data centers.
Owen DeLong wrote:
> Fair warning, Comcast is tota
I don't think the expectations are that high for the money spent. They
are promising a service for a particular price. They either deliver on
that service in a 100% working condition or its false advertising and
thus is not honest. It isn't the customers fault they decided to promise
a service at a
I am a network engineer for a large web hosting company. We are having
an issue with our distribution routers flooding traffic in one of our VLANs.
We have a customer with a routed mode ASA 5550. They have their own
private VLAN that is a /23 This VLAN is 145. The outside interface of
the firewall
I saw that one before. Thats what we based our current fix on.
Frank Bulk wrote:
> Steven:
>
> This was recently discussed on cisco-nsp:
> http://marc.info/?l=cisco-nsp&m=121316151010190&w=2
>
> Frank
>
> -----Original Message-
> From: Steven King [mailt
Maybe I am missing something, but how does VRRP/HSRP cause latency?
On 12/19/09 3:45 AM, Scott Berkman wrote:
> Anycast?
> http://www.nanog.org/meetings/nanog29/abstracts.php?pt=NjcxJm5hbm9nMjk=&nm=n
> anog29
>
> Might need to know a little more about the layout here for a better answer.
>
>
n what is the best way to provide this
> type of redundancy at the host level?
>
> The application will only use one target address.
>
> On Sat, Dec 19, 2009 at 1:17 PM, Steven King <mailto:sk...@kingrst.com>> wrote:
>
> Maybe I am missing somethi
You would need at least one router for this.
Personally I would connect both DSL modems into a small Cisco router or
multi-layer switch. Use that router as the default gateways for each LAN
and have two static routes as the default gateway on the router to
specify each DSL line. This would allow f
Have you applied the ESX patches. I don't run ESX, but ESXi, and there
was a firmware patch that addressed some networking issues on Linux
systems. Might give that a try if you have not already.
On 2/19/10 3:52 PM, LEdouard Louis wrote:
> Has anyone experience problems using Intel 10 Gb NIC on VMw
Along with bpduguard, Cisco switches also continue to look for loops
with loopguard. They continuously look for the Keepalive packets that
they send out each port. So as long as you have not turned off STP all
together on the port, you will be fine.
On 3/26/10 6:21 PM, Matthew Huff wrote:
> Bpdugu
35 matches
Mail list logo
