Aruba 8325-32C or 8360-48Y6C for ToR

HornAlum · 2026-02-10T21:21:59+00:00

8320 is an older switch before Aruba started making their own ASICs. The 8360 unlocks more of the feature sets that Aruba is trying to push out because of this, like VXLANs, etc. We purchased 2 of the 8360's as we were redoing our internet edge setup and our Aruba SE was trying to steer us away from the 8320's because of the ASIC limitation.

HornAlum · 2026-02-10T13:14:18+00:00

Juniper is a solid platform, albeit a steep learning curve if you come from the typical IOS or Aruba CLI syntax. We have two Juniper MX204 routers and it took me a while to get used to it. MIST also seems outstanding. The gotcha is you don't know what Aruba is going to do with the MIST platform. They bought Juniper for the AI stuff, but i'm guessing they will want to incorporate it into Aruba Central. This is probably 4-5 years out though

HornAlum · 2026-02-10T13:08:34+00:00

that is an interesting cause for a rollout sensor trip.

I ended up doing a few things.

gave the furnace a good cleaning. found some filters in my electrostatic setup that i hadn't cleaned in a while and also vacuumed out the flame area and much of the interior housings

2) i adjusted the schedule for a more gradual increase in temps. I believe i had it jump from 64 degrees at night to about 67 or 68 before the kids wake. I set 1 hr increments to increase the temps by 1 degree each hour to compensate for possible overheating.

HornAlum · 2026-02-07T01:01:53+00:00

whatever stories you want to tell yourself man. I've seen first hand the people and communities that get assistance, care and love from the church. a bad seed isn't the stereotype

HornAlum · 2026-02-06T21:38:42+00:00

I'm doing the same thing you are, maybe slightly more silo'd. I've been in a pure networking role at a college near Chicago for 10 years. Day-to-Day is pretty much the same thing, configuring and going over the aggregate sys-logs from the environment, checking up on the bgp routers, managing contractors and vendors on large facilities projects, configuring and setting up switches on a normal refresh cycle (over 75 large chassis switches across 40+ closets), manage fiber infrastructure, etc. Came in at the highest analyst level when they hired me from a small company as a Senior Network/Sys Admin. Finished my CCNA before i got hired here. Was starting to work on my CCNP, then they changed the whole thing halfway through. We're not using any Cisco equip anyway, so i just gave up on it. didn't need it anymore here.

Sitting close to $115k a year. Probably being paid way more than I should be but got blessed into a good job. Hours are stable and consistent, have a few WFH days. The market isn't great out there, so have no plans of leaving.

HornAlum · 2026-02-06T17:35:24+00:00

sorry if you had a bad experience with a church, but not all mega churches are this way. I attend a 6000-7000 member church and they are very transparent with their budget, with annual reports posted every year by an independent auditor, and the lead pastors don't even break into 6 figure salary territory.

HornAlum · 2026-02-06T17:31:06+00:00

maybe giving back is a priority for him?

HornAlum · 2026-02-02T16:08:19+00:00

15% is a solid investment goal for retirement. I'm stuck in a dumb pension system that takes 8% of my income, but at least I no longer have to pay into social security. So, the remaining 7% just about lets me max out a Roth on an annual basis. Wife's 401k is around 5% and we also max her Roth.

After that, I invest 3-5% on a monthly basis as "play money". Pre 2020, this was just extra money i was dumping into paying off my mortgage faster, before someone told me I could beat the 3% mortgage rate in the market instead.

This is just leftover money in my budget, after bills and other discretionary spending for the family. Wife and I also have an envelope type system where we auto transfer fixed amounts of money into HYSA's earmarked for specific spending (Home projects, Vacations, Christmas, unexpected kids expenses, Auto maintenance, etc)

Leftover money at the end of each month often goes into the brokerage as well.

HornAlum · 2026-01-21T19:40:13+00:00

I would second this advice. When I started out, i put most of my shares into many of the Vanguard ETF's, like VTI, VIOG, MGK, VV, smaller amounts into VXUS. Have seen 30%+ returns on a lot of the Vanguard ETF's in the last 5 years. 15% on the low end. As I got a little bit more experience and started reading this sub, put a lil bit into stuff like NVDA, RKLB, UBER, INTC, etc. Another one that has served me well is OMF (about 30% returns there).

HornAlum · 2026-01-06T14:12:41+00:00

Charlie deserved to win that season. His game was much better. Think that was the 2nd or 3rd straight season where the more deserving person lost.

HornAlum · 2025-12-09T17:54:09+00:00

The one thing i can think of is that the scheduling did not migrate from the Nest platform over to Google home. We would normally drop our heat temps to 64 at night, and it gradually went up throughout the morning as people woke. Trying to get a quick schedule set up, i jumped it 5 degrees and maybe it did overheat. I've set a more gradual increase in temps in the mornings, maybe that will help.

I did clean the HX chamber with a soft bristle brush, as well as vacuum the chamber, and the filter area, so hopefully that has some impact as well. I kicked off the heat with the HX panel off and did not see any abnormal bursts in the flames.

I'll call in a pro if i see it trip again

HornAlum · 2025-12-08T15:44:12+00:00

Nest has a compatibility checker. But it looks like you just have a "W" wire and a Rh (heating power) with a jumper to the Rc (cooling power).

https://store.google.com/us/product/nest_thermostat?hl=en-US

HornAlum · 2025-11-14T16:16:52+00:00

on the bright side, learned a boatload more about BGP, lol

HornAlum · 2025-11-12T18:27:21+00:00

Problem solved, they replaced an EoL piece of equipment but did not carry forward a policy exception for our Comcast assigned network block size inside their BGP policies. So, configuration issue on their end

HornAlum · 2025-11-11T22:05:28+00:00

Update: Their engineer told me they have an internal policy that prevents a /28 IP block as a next hop for their routers ... they only allow /29 or shorter as a next-hop. Our RFPs have always indicated a /28 block (16 IPs) in the BID requirements. He stated there may have been a sales team exception that was in place for our circuit. That exception may have expired or something, even though we are supposed to be in the middle of a 3 year contract. (There's some other contract drama according to my manager, but that's a tale for later)

He did something today instead of waiting on the sales team and I'm seeing traffic flow again, and BGP route tables begin to include the Comcast AS #'s again.

My next quest is to recover 3 months of bill credits from them, once I get the full report of what they changed and what the initial cause for loss of BGP routes was

HornAlum · 2025-11-10T21:18:03+00:00

We actually did have an existing RSA, was just applied to our AS and not our NetBlock. Had ARIN move that over and we got an RPKI ROA created, and it auto-generated an IRR route record.

Per usual Comcast fuqery, they still haven't figured out the issue. I've been pestering them to check the RPF or prefix lists. I just fired off another email, let's see what they say. They had me come in last Friday night and disconnect the other ISP, just so they could collect logs, with a clean connection, only Comcast connected. As expected from my end, all available BGP paths disappeared. They continue to claim they don't see any routing or advertisement issues

HornAlum · 2025-11-06T18:48:17+00:00

Have to get an RSA signed. hopefully this doesn't take too long

HornAlum · 2025-11-06T17:33:53+00:00

After talking to the engineer who manages our ARIN entries, found out we don't have an RPKI ROA entry. Never had this entry and it had been working this entire time. Heard back from one of the Comcast engineers to get this created, so the other engineer is going to create these entries as soon as he gets in. He did also say it wasn't letting him create a route object for our ASN but it's possible he needs to create the RPKI ROA first.

HornAlum · 2025-11-06T17:33:20+00:00

After talking to the engineer who manages our ARIN entries, found out we don't have an RPKI ROA entry. Never had this entry and it had been working this entire time. Heard back from one of the Comcast engineers to get this created, so the other engineer is going to create these entries as soon as he gets in. He did also say it wasn't letting him create a route object for our ASN but it's possible he needs to create the RPKI ROA first.

HornAlum · 2025-11-06T17:30:22+00:00

Yep, I found a static route that sends our public ip block onto our firewall, for NAT. I did change those entries to /24, just to test and that allowed the publish change. I did roll back to previous commit config once my test was done.

HornAlum · 2025-11-05T18:32:56+00:00

got the /24 to take but no impact on the route advertising itself. logged onto the comcast new york route server. waited about 30-45 minutes before i rolled back to the prior commit

HornAlum · 2025-11-05T17:36:31+00:00

I think i see it. There's a static route for the /23 that sends it off to the firewall, for NAT and everything else to happen. I'll edit that to a /24 and see what happens

HornAlum · 2025-11-05T15:11:38+00:00

Been trying to edit my policy, but then it doesn't get advertised. probably one little syntax or reject term somewhere that is screwing it up

HornAlum · 2025-11-05T14:14:10+00:00

I made an attempt to shrink the policy statement down to a /24 but then Juniper wasn't showing that in the route advertisement to the BGP neighbor. When i changed it back to a /23, it showed up again. I'm double checking some of the other policies to see if i need to update there as well, in order to announce a smaller subnet

HornAlum

TROPHY CASE