ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Tags
    3. routing
    Log in to post
    • All categories
    • JaredBuschJ

      HP Switch config question

      Watching Ignoring Scheduled Pinned Locked Moved Solved IT Discussion hp hp switch switch routing
      12
      0 Votes
      12 Posts
      1k Views
      notverypunnyN

      @pete-s said in HP Switch config question:

      The person who set this up would clearly know what he was doing or he wouldn't have been able to make it work.

      I'm guessing it was a move in the making. The intention was probably to move over to pfsense, drop the fortigate and perhaps remove routing from the switch. It's possible the fortigate is old and can't handle routing at line speed, hence the L3 routing in the switch.

      I'm guessing the fortigate and the switch was setup long before pfsense.

      If the fortigate is the actual edge device, maybe this was setup as a simple way to bypass the pfsense for fussy devices or troubleshooting?

      I could see setting something like this up so that you can tell a remote user "go plug it into xyz switch and let me know if it starts working"

    • DashrenderD

      Help setting up routing

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion routing firewall
      21
      1 Votes
      21 Posts
      2k Views
      scottalanmillerS

      @FATeknollogee said in Help setting up routing:

      @JaredBusch Just curious, what it the /23 on eth3, is that one of your LAN IP blocks from AT&T?

      AT&T can't issue private IP addresses.

    • DustinB3403D

      Vyos Configure DHCP Server

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion vyos lab routing
      6
      0 Votes
      6 Posts
      4k Views
      EddieJenningsE

      @JaredBusch said in Vyos Configure DHCP Server:

      @EddieJennings his second error is related to DNS.

      This is a working DNS setup.

      set service dns forwarding cache-size 150 set service dns forwarding listen-on eth7 set service dns forwarding listen-on eth7.2 set service dns forwarding name-server 1.1.1.1 set service dns forwarding name-server 8.8.8.8 set service dns forwarding options server=/domain.local/10.202.0.21 set service dns forwarding options server=/domain/10.202.0.21

      Correct. I gambled from his title the immediate interest was DHCP. I lost. ๐Ÿ™‚

    • DustinB3403D

      Windows Domain routing question - dual-nic

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion lab question routing dhcp dns windows
      21
      0 Votes
      21 Posts
      2k Views
      DustinB3403D

      @Dashrender said in Windows Domain routing question - dual-nic:

      Though - if you have a second layer network like this, you'll need to inform your external router on the internal networks and how to route them.

      Routing to the internet is mostly just a nice to have.

    • J

      Cisco ASA

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion cisco cisco asa routing firewall vlan
      9
      0 Votes
      9 Posts
      1k Views
      JaredBuschJ

      @Dashrender said in Cisco ASA:

      @Jimmy9008 said in Cisco ASA:

      A and B can also RDP/ping devices sitting on C.

      If this is true, it's just a matter of rules/route allowing C back to A/B or a route specifically for C -> A/B.

      172.16.0.0 vlanโ€ฆ switch IP = 172.16.0.1, ASA = N/A, gateway on the vlan is 172.16.0.1 (the switch)

      this is legacy. What appears to happen is that the switch has 0.0.0.0 set to 192.168.50.10 (the ASA) on a vlan2. So, traffic from 172.16.0.0 hits the switch IP at 172.16.0.1, then hope out 0.0.0.0
      ^ I think its this that's causing the issue.

      This should be fine, this is what allows the C network to get to the internet

      so, when on the 172.16.0.0 network, the request goes to the switch's IP (172.16.0.1) which forwards it to 192.168.50.10 (the ASA), The ASA then doesn't have a rule allowing traffic from 172.16.0.0 to talk to 10.x, so it just dumps the traffic.

      At least that's what it looks like to me at this time.

      โ€œCโ€ network really?

    • steveS

      Network Address Translation - CompTIA Network+ N10-007 Prof Messer

      Watching Ignoring Scheduled Pinned Locked Moved Training comptia network+ prof messer networking youtube video training it training it career nat routing firewall security
      3
      2 Votes
      3 Posts
      672 Views
      IRJI

      @mary said in Network Address Translation - CompTIA Network+ N10-007 Prof Messer:

      Is there any kind of slowdown when using just one port if you are getting a lot of traffic?

      No not really. The most commonly used ports are 80 and 443. They process quite a bit of traffic on your average workstation.

      In fact, most servers are designed to work with a single port or just a handful of ports open. For custom applications using a specific port makes it easier to troubleshoot issues and restricts non application traffic. Many apps are defaulting to 443 these days. Although, keep in mind SSL /TLS can operate on other ports.

    • steveS

      Dynamic Routing Protocols - CompTIA Network+ N10-007 Prof Messer

      Watching Ignoring Scheduled Pinned Locked Moved Training prof messer comptia network+ routing router dynamic routing networking it career it training video training youtube certification
      3
      2 Votes
      3 Posts
      402 Views
      melvinsilvaM

      @mary It depends of manufacturer or vendor. Now in this times everyone is using "Standard Protocols"

    • steveS

      IGP and EGP - CompTIA Network+ N10-007

      Watching Ignoring Scheduled Pinned Locked Moved Training prof messer comptia network+ networking routing router igp egp certification youtube it career it training video training
      5
      1 Votes
      5 Posts
      503 Views
      scottalanmillerS

      @melvinsilva said in IGP and EGP - CompTIA Network+ N10-007:

      @scottalanmiller I Will Add; "Only by WAN Network Administrators".

      No, internal too. In fact, most, by far, are internal. You only have a few big WAN connections with most companies. But you might have hundreds or thousands of internal routes that have to be managed.

    • steveS

      Static and Dynamic Routing - CompTIA Network+ N10-007 Prof Messer

      Watching Ignoring Scheduled Pinned Locked Moved Training prof messer comptia network+ networking routing static routing dynamic routing router video training certification it training it career youtube
      4
      2 Votes
      4 Posts
      466 Views
      melvinsilvaM

      Both required a good initial configuration, but when "issues" occurs like link flaps or ISP outage (when MPLS fails), Dynamic may affect Router performance (CPU, Memory, etc).

      Using Dynamic Routing; if you have no backup link or you dont have a proper failover configuration with correct threshold, the network updates will cause router performance degradation. It constantly will try to reach destination via default gateway.

      Using Static Routing; If you have not a recovery plan or a back door to enter the remote router, you will have zero access to that device until link or issue is restored. Packets will be forwarded to a dead route.

      For both, Initial design and configuration is the Key, when issues happens troubleshooting is a nightmare when things are not well done.

    • mlnewsM

      Another Major BGP Mishaps Redirects US Traffic to China

      Watching Ignoring Scheduled Pinned Locked Moved News networking google youtube bgp routing ars technica
      3
      1 Votes
      3 Posts
      607 Views
      dafyreD

      @scottalanmiller said in Another Major BGP Mishaps Redirects US Traffic to China:

      I noticed that YouTube was down yesterday for a little bit. Very short, though.

      Even Facebook got taken out for a bit too... Don't know if it's related or not, but still...

    • EddieJenningsE

      Traffic not flowing for hosts behind NAT - Edge Router Lite

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion edgerouter lite nat routing troubleshooting shouldvewenttojared
      44
      2 Votes
      44 Posts
      8k Views
      dbeatoD

      @eddiejennings said in Traffic not flowing for hosts behind NAT - Edge Router Lite:

      @dbeato said in Traffic not flowing for hosts behind NAT - Edge Router Lite:

      @eddiejennings said in Traffic not flowing for hosts behind NAT - Edge Router Lite:

      Take 3 is a partial success. All hosts except the IIS host has full Internet connectivity. The IIS host is accepting web and FTP traffic (so NAT's doing its job now :D); however, I can't ping outside my local network, and it can't resolve DNS.

      So what is the DNS Server on that Server?

      Same as all of the other servers that could resolve DNS. The issue was forgetting to reconfigure the source NAT rule.

      Makes sense now!

    • JaredBuschJ

      Hitting the limits of the Ubiquiti EdgeRouter

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion vyos edgeos routing qos traffic shaping
      20
      3 Votes
      20 Posts
      7k Views
      JaredBuschJ

      @krisleslie said in Hitting the limits of the Ubiquiti EdgeRouter:

      @jaredbusch My apologies, I meant QoS!

      Well then, yes, better QoS performance because better processors.

    • DustinB3403D

      Cross Post - Help sorting out a Firewall Issue on a Debian Box

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion firewall routing icmp debian help crossover
      7
      0 Votes
      7 Posts
      2k Views
      stacksofplatesS

      @Dashrender said in Cross Post - Help sorting out a Firewall Issue on a Debian Box:

      A default gateway on the debian box?

      My thought. I don't think I've seen a system firewall not accept icmp by default.

      If you stop iptables and still can't ping it's not the firewall.

    • Mike DavisM

      SonicWall route traffic destined for one IP over VPN tunnel

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion sonicwall routing router vpn
      1
      0 Votes
      1 Posts
      864 Views
      No one has replied
    • thwrT

      SoftEther VPN server in CentOS 7 Hyper-V 2012R2 VM

      Watching Ignoring Scheduled Pinned Locked Moved Solved IT Discussion softether hyper-v promiscuous mode routing nat
      4
      1 Votes
      4 Posts
      3k Views
      thwrT

      Bridging issue solved, kind of a Late-Friday-Problem: Promiscuous mode was turned on, but on the wrong interface - the DMZ facing one.

      It worked instantly the second I switched it off on the DMZ and instead turned it on on the target network interface.

      How to turn on MAC spoofing / Promiscuous mode on Hyper-V using PowerShell

      Get-VM -Name XXXXX | Get-VMNetworkAdapter | Where-Object { $_.MacAddress -eq "XXXXXXXX" } | Set-VMNetworkAdapter -MacAddressSpoofing On
    • travisdh1T

      ER-X static routing

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion ubiquit er-x routing
      6
      2 Votes
      6 Posts
      2k Views
      travisdh1T

      @JaredBusch said in ER-X static routing:

      I would use a source and destination NAT rule to force it.

      Thanks. I'll have to wait till after lunch or tomorrow to get that setup. Redoing the server over there as well, so no remote access at this point ๐Ÿ˜ž (I want my jumpbox back!)

    • mlnewsM

      Linksys Embraces DD-WRT

      Watching Ignoring Scheduled Pinned Locked Moved News linksys dd-wrt linux open source routing networking
      19
      2 Votes
      19 Posts
      4k Views
      MattSpellerM

      @JeffReady said:

      There was once a good old day when Linksys was good...

      I run DD-WRT on a Netgear Blackhawk (D7000 iirc, not one of the new ones), and it's been solid. Of course Comcast decided to push a friendly firmware update to my cable modem this weekend which reset the config, took it out of bridge mode and re-enabled the modem's own DHCP and routing services (and Lord knows what else), taking me offline. Annoying (not to mention a potential security nightmare)... mostly because I spent an hour jacking around before it even occurred to me to login to the modem and check it's settings.

      Are you me? lol

      This happened to me a couple weeks ago - same setup, same software, different router.

    • DashrenderD

      Hairpin routing

      Watching Ignoring Scheduled Pinned Locked Moved IT Discussion router routing hairpin
      45
      1 Votes
      45 Posts
      10k Views
      scottalanmillerS

      Definitely most everyone that I have seen is on .local. It was the advised standard for so long and it was so during the era when the majority of companies moved to AD. Even though the new standard has been around for a little bit now, nearly every company I deal with moved to AD prior to that time period. New companies get new AD, obviously, but as a market percentage they aren't so much yet, that I've seen.

    • 1 / 1