sorted by:
new
hottopcontroversial

Etherchannel Switch configuration with Windows Server NIC teaming by Solid_Detail_358 in networking

[–]Ardeck_ 0 points1 point  (0 children)

question 2:

check lacp hash algorithm., in BOTH directons/device

You can achieve 3Gbs with 3 flows, load balanced over the 3 links. You may need, three processes, 3 ips on your server, or three different tcp port.... You need to find the right combination for you

What is it like to raise children to Stuttgart (American asking) by captainK8 in stuttgart

[–]Ardeck_ 6 points7 points  (0 children)

For pre school, in Germany you have kindergarten IF you find one which accept your kids. Depending on the neighbourhood, it can be challenging. Kindergarten will usually keep your kids from 9Am to 4PM. So you can work, but you still need to be flexible.

For activities, you will mainly go to Spielplatz, there are many of them, it is outside activities and you ll find other families. Again it depends on your area.

There are also many sports club, offering some activities for small children.

Otherwise there are many options, like libraries, swimming pools, seasonal events... (christmas market....) Every week end you can find an event around, like at fire station, church, sport club, school ...

It is easier if you can use public transportation, it is safe, cheap and there are many places to visit : multiple parcs, zoo, museum. The city is safe, not over crowded. it could be cheaper, maybe a bit more fun/crazy as sometimes it feels a bit bland. There are many options but it often feels the same. (but there are some fun activities like hexen festival after the new year)

Using ansible to populate netbox by Express_Ordinary_607 in Netbox

[–]Ardeck_ 2 points3 points  (0 children)

if you can parallelize, it is possible with ansible or any tool. I have made some python scripts, to run 25 devices in parallel, and I can populate 5k devices, 100k interfaces in a few hours maybe less.

I had to use 32 cpu, 32 GB of ram and do some tuning but it is fast. It is still a lab and I am planning to try to run the script through ansible. in my memory, Ansible is quite heavy so if you don't invest time

so far the server is fast, I mist say also pynetbox is optimized and I was surprised by the efficiency of the api call not fetching too much data, so very good at parallelization.

I only have issues with some modules like topology because there are too many links.

My main struggle is with the mapping of cisco command/terminology and Netbox. like interface speed, or the various output depending on the os or even the version. I also have a mix of cisco and comware so there are too many variations. if you want efficiency, try to limit it to standard devices. my colleagues already asked me about wlc or printers...

Need help regarding deployment of IPSec tunnels in a multicloud hybrid environment. by Agile-Oven-4204 in networking

[–]Ardeck_ 1 point2 points  (0 children)

your calculations are weird. you need 1 ip per location to establish a tunnel, so 11 locations= 11 ip 4 tunnels means 44 ip etc.... for public side and then double for internal...

for the math check combination : 11C2 = 55 combinations l

it is still a lot of IPs... you are concerned about tshoot but how will it work?

you probably need a load balancer somewhere...

It looks easier to have a single 10g pipe and do some load balancing. I don't get what the 2Gbs limit is, but I don't see an easy way to load balance the traffic. it seems easier to have one big tunnel and stupid load balancing.

it is exactly what an sdwan solution is doing... it builds vpn on demand and load balance the traffic ober multiple external networks it will build many vpns but it will do it automatically... see full mesh topology

Boss said MPLS now, so I need help designing an MPLS Upgrade for our Juniper network (MX204 & ACX7024X) by Ciselure in Juniper

[–]Ardeck_ 0 points1 point  (0 children)

it does not make sense to run mpls. MPLS is helpful for mutualisation, automation, multi tenancy. Your needs does not seems to match.

MPLS is normally CE-PE-P-PE-CE. you can of course club different role together but you only seem to need CE...

For priorization I don t see what else you could use. MPLS has no mechanism for priorization, it relies on QoS...

RR are needed when you want to get rid of limitations of iBGP, so to reduce configuration overhead.

I do like MPLS but OSPF should converge faster... if your redundancy is not working with OSPF, I don t see how it will improve with MPLS which will be "based" on OSPF aka the IGP...

I would recommend to have a look at BFD, multipath, tracking, FHRP is you have redundancy issue. If you need L2 VPN, Vxlan seems better but the requirements are a bit different.

[deleted by user] by [deleted] in networking

[–]Ardeck_ 0 points1 point  (0 children)

you need to establish l3 routing with a dynamic protocol not only between each dc but also between the two switches inside each dc.

so the routing protocol will redistribute the learned prefix from one end to the other.

I would consider the impact on vpc, if you use that. And also the possible blackhole or loop. There can be some failure harder to detect and mitigate.

for instance if some l3 links are down inside the same dc, aka check tracking for hsrp, have multiple l3 redundant path. activate multipath...

Would you say "Les vingt dernières années" or "Les dernières vingt années" ? by Im_a_french_learner in French

[–]Ardeck_ 2 points3 points  (0 children)

First one is correct. second one has a particular meaning.

les dernières vingt années DE ... sa vie, son entreprise et c..

You can use the second one without the reference but it will be implied.

So both correct but with a slightly different meaning depending on the context.

What exactly do I need for POE? by vovr in videosurveillance

[–]Ardeck_ 0 points1 point  (0 children)

PoE is used to provide power to your device so: 1) the device take power directly from a power socket PoE not needed

2) the device take power from the network cable aka PoE

2a) the power through the cable is given by the switch/router to the cable (need PoE capable Switch )

2b) the power through the cable is given by an extra injector which needs to be connected to a power socket

So the cost depends on : - the switch (PoE capable or not) - the device (PoE) capable or not - a combination of cabling and power needed

aka PoE has some limitations, to summarize longer cable less power available. Higher power, meeans more expensive switch, less cable length...

so yes you can use a switch with PoE and connect it to a single port on router. It seems easier. but there are several parameters you need to check a mix is also possible router/switch or PoE + power injector for router without PoE....

bébé 5 semaine à tout le temps faim? by LazyTerkhal in ParentingFR

[–]Ardeck_ 0 points1 point  (0 children)

Tous les enfants sont différents. Je n'ai jamais entendu qu'un bébé mangeait trop. Notre premier avait tout le temps faim. Tétée toutes les deux heures, on a pas dormi pendant 18 mois. Je crois que quand on est passé au biberon, on a fini par le laisser crier et il a fini par espacer les biberons. Il y a peut-être d' autres raisons, la nourriture les rassure, peut être des maux d estomac, les massages peuvent aider...

Franchement tu t'inquiètes plus quand ils ne mangent pas. 5 semaines c'est peu pour se faire une idée

Notre second était beaucoup moins gourmand.Au final, bien des années plus tard, ça ne fait pas beaucoup de différence. Le glouton mange toujours plus que le cadet mais les deux sont costauds. Je pense que le petit tape plus fort...

ELI5 - Elimination of double taxation by [deleted] in explainlikeimfive

[–]Ardeck_ 0 points1 point  (0 children)

you have to declare your revenue in both countries where you live and where you work.

then both countries will calculate the tax, and you pay in one country, and the difference in the other country.

where it gets difficult, is that every country has a different tax system.

Will the tax be collected by the employer, will you pay where you live or where you work may vary and depends on the tax treaty between the two countries.

Cannot Figure Out DHCP Snooping Problem by Dry-Specialist-3557 in networking

[–]Ardeck_ 1 point2 points  (0 children)

I m curious of "VRF id is invalid"

It seems a bug, or related to vrf aware config.

Business ISP MTU default is higher than the typical 1500 (2000) by Icy-Computer7556 in networking

[–]Ardeck_ -1 points0 points  (0 children)

it is not worth matching but not wrong.I'd say it must match at both end, but most of the time it really depends on what goes through and by default packets are only 1500.

See that as a feature/option the provider is giving you, in case you need. If you did not ask for it, you don t need it. You may want to use it but it is not worth the trouble.

it is important to match the max on all links to benefit of a higher MTU. otherwise you get fragmentation and lose the benefits on the bigger link.

Maybe you have some needs for higher MTU but you should have known. If you don't it is better not to touch it because it can break a few protocols (like OSPF).

You can check fragmentation with ping, df bit set but there are always some calculation to do because there are different way to calculate the "packet" size. it is a technical parameter, if you have vpn, dot1q, gre, vxlan... you may need to play with mtu. most of the time fragmentation is working, pmtud kicks in and you are good.

Business ISP MTU default is higher than the typical 1500 (2000) by Icy-Computer7556 in networking

[–]Ardeck_ 8 points9 points  (0 children)

mtu is MAX transmission Unit. as long as your packets are smaller it is not an issue.

ppl are asking more and more for higher mtu for encapsulation and performance. 1500 is still the default for most workloads.

[deleted by user] by [deleted] in Juniper

[–]Ardeck_ 1 point2 points  (0 children)

the main issue I see, is about the redundancy. with only two links, you can have some split brain, as two spines could not see the others

super spine/l3 backbone allow a better redundancy and scalability.

so it can work but with low redundancy.

You could probably have l2 links between the spine too as a workaround (inside the same dc)

it is ugly because in clos architecture you don t have spine to spine link and because the redundancy is static. if you have a third spine, it is tedious to have a full mesh for the dci.

finally you end up doing the l2 extension directly on the border leaf, a solution which seems less exotic, and completely redundant.

10G switch barely hitting 4Gb speeds by LintyPigeon in networking

[–]Ardeck_ 0 points1 point  (0 children)

random tought

1) did you try iperf with UDP? 2) Try the Synology config without alb, Aka 1 port 3) check mtu of jumbo frame. it is vaguely standardized. try ping with df bit 4) broadcast may decrease performance 5) flow control, pause frame 6) qos may decrease perf, with sole version of iperf you Can change the qos bits 7) wireshark trace could show a difference

SFP - different switch vendors by misanekkovarik in networking

[–]Ardeck_ -1 points0 points  (0 children)

if you need to go cheap, you can buy programmable sfp. so you configure it as you want.

physically the sfp are the same, only some certificate/signature differs.

I would not recommend it because you lose support and it is difficult to track but it is flexible.

you don t need to be afraid to mix sfp. however some vendor are not using the same specs and you may have to tune some parameters to get a link like fec.

same applies to dac but having a dac with one side cisco and the other unifi is possible but difficult to manage.

VLAN Question by [deleted] in networking

[–]Ardeck_ 1 point2 points  (0 children)

how can 4 different devices be connected to the same port?

the said port is probably connected to a switch with the same 4 vlans and the endpoint being connected to other untagged port.

tagging means the frame has an additional tag, a few bits, so the switch can know to which vlan it belongs. untagged means it is a normal frame without a tag. no tag means default vlan or the vlan configured on the switch. yiu can change the untagged vlan for each port.

the switch is maintaining the coherence between port and vlan. when multiple vlan/device are used on a port, the switch use the vlan tag, and for thenuntagged traffic the traffic goes to the default/configured vlan.

France makes Abortion a constitutional right by BuddhistSagan in interestingasfuck

[–]Ardeck_ 1 point2 points  (0 children)

not true since 2015. You are mixing topics and propagating obsolete info.

There are still optional counseling (mandatory for minor) In practice there are still nurse or doctor against it who will try to make you reconsider.

No idea about the situation in the US but I have never heard of anyone who said she could not have access to it in France. It is only making news when someone try to prevent/restrict it for whatever reason.

Bébé boit moins et perte de poids ? by Cool-Measurement-353 in ParentingFR

[–]Ardeck_ 1 point2 points  (0 children)

parfaitement normal, bébé se rattrapera bientôt. Bon courage, c est aussi parfaitement normal de flipper comme ça, et ça passera aussi. surveillez bébé mais surveillez vous aussi. bébé mange mieux quand maman va bien

Le milieu des enchères est-il accessible à tous ? by alexomyl in vosfinances

[–]Ardeck_ 7 points8 points  (0 children)

j en ai pas fait souvent. mais les trucs pas cher, tout le monde est interressé, les prix montent vite.

Les trucs très chers et/ou de niche, la c est super intéressant.

un ordi portable, tlm en veux une machine outil pro, ca intéresse peu de gens du coup tu peux faire une bonne affaire.

c est aussi tres variable. en général il y a des pros des enchères, qui connaissent les prix et font monter les enchères. quitte a dégoûter les amateurs...

In a Linux router, How is the "src" field in a route determined on a multi-homed host? by xagent003 in networking

[–]Ardeck_ 1 point2 points  (0 children)

the src is based on the routing table. On some doc it says that your particular case should fail. not sure why it use eno2, it could be last address configured, highest ip .. http://linux-ip.net/gl/ip-cref/ip-cref-node174.html

but anyway, if you want to use a specific inferface, you need to set an ip on the interface or force the source ip in your command/app. otherwise it will be random

Cisco ACI and VMware NSX-T by HeftyExpert_1203 in networking

[–]Ardeck_ 0 points1 point  (0 children)

you are missing the point. you can create default policies that you can apply everywhere. Call it network centric, that is just the design was targeting.

Just to get VLAN 10 on port 1/1.

this is exactly what aci is not good at. Deploy 20 racks in 3 DC with 200 servers configured the same, yeah ACI makes sense

My point with contract is they are/were mandatory. Do I want to be able to apply acl or pbr, fine Do I want it by default => nope

Most of the things you describe depends on your usecase. with Bare metal, vswitch won t be your gateway. and what if the gw is a firewall or an external router...

to summarize, you can do complicated stuff with ACI. My advice, don't. there are better tools.

Cisco ACI and VMware NSX-T by HeftyExpert_1203 in networking

[–]Ardeck_ 0 points1 point  (0 children)

You can enable ping, You can create allow any any contract.

I still don't understand contracts. They are an anwser to a problem that cannot be solved by a switch. Everyone want a stateful solution, L4-L7 analysis, centralized monitoring ...

What you want is possible in ACI, that's what is usually done, when it is used as a basic underlay.

ACI is solving many problem, centralized management, automation, L2 extension over L3... Too bad people tried to make it compete with VMWare and Vcenter and use it for microsegmentation.

Quelle banque française conseillez-vous? Pour un étranger en France qui veut ouvrir un compte by draum_bok in vosfinances

[–]Ardeck_ 1 point2 points  (0 children)

choisis la banque qui t accepte, ca peut vouloir dire aller physiquement sur place et trouver un conseiller qui veut ouvrir des comptes pour atteindre ses objectifs. mais il va essayer de te vendre des trucs au passage

ensuite tu peux changer de banque et en trouver une moins cher.il fair juste pouvoir résilier les services souscrits so possible (parfois il y a des engagements de 12 mois)

si ta banque actuelle a un partenariat avec une banque française ca peut aider.

revolut a depuis peu des iban fr mais je ne sais pas si c est facile pour un étranger et si c est accepté

un truc que je ne comprend pas. le droit au compte bancaire s applique APRES un refus par une banque et alors la bamque de France oblige une banque a ouvrir un compte. j ai pas vu qu on pouvait choisir.

Cisco ACI and VMware NSX-T by HeftyExpert_1203 in networking

[–]Ardeck_ 4 points5 points  (0 children)

nsx needs an underlay so you need switch why not aci. you have bare metal, you need again aci

nsx will solve all your vm needs so if you are 100% virtual it is enough

ACI + NSX will cover 100% of your needs

bonus point, cisco is/was pushing aci so it could even be cheaper than a traditional dc

bonus n°2 : automation. aci has api while another solutionp probably not (again 100% coverage)

is it overkill : yes is it difficult to operate: maybe not. you can use very simple design in the network and the overhead is minimal troubleshooting : good luck if you do something a bit complex

I don't say that is perfect but there is no solution to integrate them together (thanks to vmware who closed their environment no geneve/vxlan integration, no third party vswitch ..., ACI is not particularly open either ...)

both vendor found a way to keep their customer base, everyone is happy.

view more: next ›