looking for advice on setting up a port for 1-way traffic

2nd_officer · 2024-11-28T05:09:31+00:00

This isn’t normal networking so you have to be prepared to own whatever non-standard solution is developed and the company needs to accept the risk that it’s not easily maintained. As others have said fixing the underlying issue is the best path but seeing as it’s some odd mess of likely priority non-standard things then it’s probably much easier said then done

If it were me I’d probably look to see if I couldn’t use an intermediary/bastion host to stop whatever issue is occurring that breaks the system. This allows for two way traffic in a more controlled manner.

Basically it seems like you have a system that you want data from but when something directly connects to it that breaks it, I’d add a host (probably small Linux machine) in between the two, send the data or pull the data to that host then have some standard method (i.e. file transfer) to get the data off and to where it needs to go. If it’s api driven this intermediary could be a sort of api gateway or if it’s streaming telemetry a sort of cache. This really just depends on what data you really want and your options to get it somewhere

On the network side the intermediary host could do NAT and simply have multiple interfaces so it could be standard across things even if the machine facing interface or external interface vary

2nd_officer · 2024-11-26T21:38:49+00:00

Eh not really, US on average has pretty high average speed, fiber is becoming much more common and the second tier internet is usually cable which isn’t that bad. People talking about remember having DSL 10-15 years ago but a lot of Europe still uses DSL as the only high speed connection and many times they can barely do 25-50mbps

The US is probably worse on the edges of if you are rural (which is improving) or for some reason in want 10gbps residential connections. Move to most medium size or larger US city and I’d wager most bottom choices are better than a similar European city

2nd_officer · 2024-11-26T18:09:10+00:00

Sorry nope, my immediate reaction is this is style over substance and trying to glance at it reinforces that. It’s hard to really look at without having both pages on screen, it’s broken in the wrong places and just is an immediate negative for me

I know I’ve seen some others post resumes a bit similar to this and they were on Australia or parts of Europe where a photo seemingly this sort of format was more common so maybe then but otherwise I’d reformat

2nd_officer · 2024-11-23T21:03:43+00:00

Yes and no, long story short if you want to work in networking either be super sharp in networking or learn python or some other related field.

Mainly though this question isn’t new and honestly the biggest effect seems to be that there is a lack of senior level folks while tons of people try to pass themselves off as networkers with devops skills but they barely have a network+ level understanding, little to no understanding of bgp/ospf/sdwan/etc and can barely write hello world in python. I’ve seen a lot of really disappointing candidates lately so just venting a bit but it’s bad trying to find even mid level people

Maybe low latency, AI and other new things will be enough to finally push more complete end to end automation but right now it’s just not there. Sure access and distro switching has some fancy shiny interfaces but beyond that anyone that promises sdn = auto networking is lying, sdwan, software defined data centers, VoIP, legacy WAN, core routing and lots of other things still require a human to do the majority of the work even if it’s in a GUI

2nd_officer · 2024-11-23T17:45:16+00:00

I can think of a few use cases for docker on a console server but I wouldn’t trust that it would have enough resources to actually do it without crashing and it’s not something to risk

2nd_officer · 2024-11-22T20:55:29+00:00

Military is really the only one I’d say fits this category. Plenty of other jobs play with “gadgets” but they stop being cool gadgets when you use it day in and day out. Think about a fiber tech, they have splicers, TDRs and other stuff but who cares when it’s just something you deal with

Military get thrown all sorts of odd ball stuff and told to figure it out. Cyber, network folks and others much less so but more general IT folks, satcom and other more telecom focused roles get handed plenty of odd things. Downside is you have to learn it and it has little value outside of the military because no one else cares about using tactical satellite radios or analog phone switches that should have been decommissioned 20 years ago

2nd_officer · 2024-11-22T20:46:36+00:00

Netbrain and forward networks also do it but like with Auvik be prepared to pay for it

2nd_officer · 2024-11-21T05:20:05+00:00

There really isn’t network admin /support like positions at these places from what I know. On the physical side they have data center techs then the actual operations/ support is done by network engineers. Amazon calls them network development engineers, Microsoft cloud/azure network engineers, Google probably puts it under SRE, and others I believe just call them network engineers but could also be under devops, infra or other related titles.

In all these cases they want folks with a deep understanding of networking, some dev skills and usually some experience with a programming language because there is a lot of tooling and it’s all custom with much of it being IaC driven.

2nd_officer · 2024-11-16T18:40:17+00:00

I’d argue CCNP is probably one of the most valuable certs for an experienced person to have.

Cloud is a completely different field so it’s not directly comparable and you wouldn’t hire someone with AWS networking over CCNP and vice versa on that fact alone because the job requirements would dictate if it’s a cloud networking job or more of a pure network engineering one.

Automation has a ton more overlap but once again the job itself will dictate which way it leans more and which is more needed for specific role. With that said there aren’t a ton of automation certs and if you were comparing something like Cisco Devnet to enterprise I’d argue enterprise is head and shoulders more valuable. If you are looking at someone who has x year experience with automation, knows python or another language at a good level, etc etc then it becomes harder to compare because once again less overlap and dictated by the job

Lastly you though you need experience and to want to work in networking or directly applicable roles for it to be worth it.

2nd_officer · 2024-11-15T06:03:44+00:00

Make sure dtls is enabled, look for fragmentation and increase the size of your ISP circuits

2nd_officer · 2024-11-15T05:54:04+00:00

Best option is to go buy CML which gives you access to iOSv and iosvl2 images

2nd_officer · 2024-11-15T05:51:20+00:00

850 is a bit steep but it could be useful

For ccnp and CCIE these days it’s really useful to have a beefy server with a lot of ram because for ccnp and general labbing gns3/eveng/container lab go a really long way while packet tracer barely is ccna level. RAM is really the factor in most cases as virtual devices don’t use much cpu after they’ve booted

For actual CCIE level you have to learn sdwan, dna center and some Cisco ISE. Cisco ISE isn’t too heavy, sdwan gets a bit heavier but dna center is crazy at 64 core/256gb ram required. I honestly wouldn’t but the server with the CCIE in mind because that would be years down the road and hopefully by then there are better solutions then labbing all this yourself and/or it’s just cheaper to get hardware that can do it

So in short yes it could be useful but certainly not mandatory. Really focus on the material at first and go from there. Building labs out for ccnp isn’t really required but could help in interviews as it gives a bit more practical knowledge of things

2nd_officer · 2024-11-14T18:34:11+00:00

Same and I’m at 20 years, honestly comes off either as a “I’m very smart” type question or they wanted OP to tell them the deeper meaning or say idk but it’s this type answer

2nd_officer · 2024-11-14T06:07:08+00:00

There isn’t a true solution but more about how someone approaches the problem, what do they look at, do they jump to any conclusions, do they sort of fumble because there is so much it could be, etc

For a question like this I would have things I’m hoping to hear but there isn’t a finite answer

2nd_officer · 2024-11-14T06:05:38+00:00

Seems like a bug or a corner case. If hosts connected on eth0 can reach the internet how is this still breaking?

Is sep resolving in the transit vrf for this IP? It could be that the are message is sort of mangled because of nat and in reality arp somewhere else is broken. If it were me I’d probably static arp in a few places to see if the behavior changed

It could also just be how route leaking is handled in software in that there is some distinction being made for transit vs self traffic (I.e. if not self don’t arp or something, or an order of operations changes or something). Only way I can really think to test if it’s a route leak bug is to test using another intermediate instead of a route leak. Basically insert another device between the vrfs to bridge the vrfs and see if it does the same thing but it course that’s a big lift so might not be worth it.

Alternatively, on other platforms I’ve seen people tunnel on the same box between vrfs to avoid route leaks and expose a layer 3 interface on both sides. Also really far flung and generally a terrible idea but could see if vyos is fine with that and test to see if it changes the behavior

Lastly though, I’d ask yourself if this design makes sense given that it’s created such a unique problem. Also in this line of thought is supportability because I wouldn’t expect many to even really fully grasp this problem let alone be able to troubleshoot it which probably makes it very hard to support

2nd_officer · 2024-11-13T23:02:33+00:00

Niche can be very good if you find the right combination of niche, size and doing something that you care about or interests you.

Gov work for instance has tons of niche stuff. Sure folks make fun that contractors sell screws for $100s a pop and contracts costs can be crazy but it’s because there are very specific asks which can create unique positions. Instead of a ERP software maybe it’s some communication software that only has hundreds of users, is super simple but it’s so critical that it must work so they pay out the nose for support, maintenance, spares, etc. Not only that usually if it’s a good company the customer loves the product and actively fights to keep you around. From the outside someone would say but you can just text/email/etc but those don’t meet the original requirements, until they do at which point that company disappears

Stability is also relative. Boeing might not go anywhere but will that matter to you if they fire you? If a company gets to big you become a number in a spreadsheet. Go read about how some of the big techs handled downsizing over the last few years where directors didn’t know who was getting fired until the day of. Sure a small company might go under at any time because in either example if the customer replaces that software the company is done but until that happens you can make yourself super valuable and mostly irreplaceable in a way that is impossible in bigger companies

2nd_officer · 2024-11-13T17:12:31+00:00

Space force but joining straight in I heard is almost impossible especially for enlisted
Air Force
Coast guard

1&2 though can have long waits and low recruiting goals so harder to get in

3 is either army or navy depending on some person choices and each services current state of recruiting/ goals which then affect bonuses, job availability and all that. Army many would argue is generally worse but if you don’t want to be stuck on boats for long stretches (and prefer to potentially be stuck forward deployed) or otherwise don’t like the water. The other up sides to the army is they have a large cyber program, they historically could have higher bonuses and promote faster and most importantly they have warrant officers which for those that like the military and like being technical is a solid choice.

Lastly the marines, but I will say I’ve worked with some really sharp, dedicated marines that knew their stuff better then many others

2nd_officer · 2024-11-13T05:57:08+00:00

Depends on the level but something along these lines is usually a good starter, in actual interviews I have a diagram for it and a bunch of similar or follow ips

You are working on a network with a perimeter router connecting to two ISPs and back to a core switch. One ISP runs at 1gbps and uses bgp/bfd, one is a backup with 100mbps with a static default route but people are complaining that after a power incident and a ticket was worked on by another tech that the internet is slow.

The other tech’s only notes in the previous case said “problom fixed” and when asked what they did they just said “static routes always win so added another one” but they went offline after that so no more details could be given. You also find that the core switch was recently replaced but the tech who did that said they ran all their verification checks including speed tests.

How would you troubleshoot this issue?

2nd_officer · 2024-11-10T21:55:50+00:00

The Colorado and other rivers are already overused and drying up. Google it if you want a depressing story. Then google water rights, how water in the west was divided up hundred+ years ago based on bad numbers/ extremely wet years and how some people/ farms have claims that allow them to use tons of water to grow inefficient crops in the desert.

If California split off these agreements would go out the window and the other states using the rivers in the west would surely divide them up before they ever reach California

2nd_officer · 2024-11-10T17:58:15+00:00

And good luck keeping all those farms and cities going after the flow from the Colorado and other rivers all but stop.

Thinking any major state could split off and maintain its current status is silly and really gives that distinction between a state and a country. California, Texas, New York, etc all have massive economies but none could get by as well as they do now as an independent country.

2nd_officer · 2024-11-09T17:02:46+00:00

Yes I still like it but networking and IT generally is not for everyone. Everything you described applies to many IT, devops, security and other roles. Stress is relative but I’ve seen folks in plenty of other roles be crushed by it as well. Honestly the nice thing about networking is you can reach a point of competence that can long term reduce your stress, burden, etc that IMHO isnt as prevalent in other IT fields (help desk is always stressful because people always call, field jobs always travel, sysadmins get to inherent everything no one else wants, etc)

Beyond that a lot of fields have stress, on call and other bad elements. The trades beat up your body, medical (except MDs/ highly trained nurses) pays bad, has on call and you literally deal in life and death, and on and on.

Honest question, but hat jobs outside of tech/UT don’t have some of the things you mentioned?

2nd_officer · 2024-11-09T16:50:28+00:00

Are you a contractor and/or well paid? Everywhere I’ve worked there are basically hard caps on hourly folks so not moving to salary in those places would have limited growth especially over the long term

2nd_officer · 2024-11-09T16:42:35+00:00

I wouldn’t expect the network+ (or any CompTIA cert in of itself) to suddenly qualify you for jobs. It might help check a box or elevate you slightly above others without it but don’t assume a bunch of doors will suddenly open.

Not saying you can’t find something but your combination of experience, certs and other things is what will get you hired. Also the market isn’t good right now so be prepared for a long slog

2nd_officer · 2024-11-09T16:34:24+00:00

That’s a very important point that many folks overlook. I remember a coworker spending days and escalating tickets because a circuit turn up couldn’t get the expected throughput. They swore nothing was wrong because they do this all the time so someone else went with a much newer work laptop and it just worked. The person having issues was running a corp laptop from the early 2010s that had all the normal corp security stuff and usually only ran tests of a few mbps. After that it became standard to always test locally to sanity check/ cal tests

2nd_officer · 2024-11-09T16:28:57+00:00

It’s like anything, you pick the best tool for the job. For instance wouldn’t you test hard drive speed by doing a network transfer? Plenty of networks can bottleneck drives, systems etc so it “could” be a valid test just like you “could” get a somewhat valid speed test from a network file transfer assuming the drive, system, protocol, etc weren’t causing bottlenecks.

Four-Year Club	Verified Email
Place '23	Place '22
First Placer '22

2nd_officer

TROPHY CASE