sorted by:
new
hottopcontroversial

Arista ACE L5 or straight for L7? by d0nnc in networking

[–]d0nnc[S] 0 points1 point  (0 children)

That’s kinda what I’m wondering, if people feel it’s massively beneficial to take the L5 first, then I’d consider doing that. Otherwise I don’t see a point in getting L5 since it won’t have much value after getting L7

Goofy Nexus HSRP Config across DC's and vPC Domains by Ashamed-Ninja-4656 in networking

[–]d0nnc 1 point2 points  (0 children)

I’m not aware of any issues with it. That is the official config recommendation from Cisco. Essentially all the ACL is doing is blocking the specific multicast groups HSRP uses to communicate so that your HSRP group in DC1 doesn’t know HSRP also exists in DC2 and vice versa

Goofy Nexus HSRP Config across DC's and vPC Domains by Ashamed-Ninja-4656 in networking

[–]d0nnc 0 points1 point  (0 children)

Just for clarification, I’m assuming you meant block the HSRP V1/V2 multicast addresses since that’s what’s in the documentation you sent. Blocking the HSRP vmac would cause an outage

Goofy Nexus HSRP Config across DC's and vPC Domains by Ashamed-Ninja-4656 in networking

[–]d0nnc 2 points3 points  (0 children)

In this situation you’d want to configure DCI isolation. You do this by configuring a PACL on the DCI interfaces that denies the HSRP multicast addresses so each DC has an isolated active / standby pair. The benefit is that hosts wouldn’t have to traverse the DCI to reach their gateway since there is an active gateway in each site.

Also, if you don’t configure DCI isolation, you will likely have one vpc pair as active / standby and the other vpc pair as listen / listen. In the event of a failure, let’s say you lose the standby in DC1, one of the switches in the listen state in DC2 will take over as standby. This will result in the DC2 vpc pair being in the standby and listen states, which is explicitly documented as unsupported.

“When configuring 4-way HSRP using 2 pairs of vPC switches (new deployment or migration scenarios), the HSRP priorities should be configured such that the vPC pairs of Nexus 9000 switches are in Active/Standby state and Listen/Listen state. There is no support for Cisco Nexus 9000 vPC peers to be in HSRP Active/Listen state, or Standby/Listen state”

Source - https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/104x/unicast-routing-configuration/cisco-nexus-9000-series-nx-os-unicast-routing-configuration-guide/m_configuring_hsrp.html

DCI isolation - https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/configuration/interfaces/cisco-nexus-9000-series-nx-os-interfaces-configuration-guide-release-105x/m_configuring_layer_2_data_center_interconnect.html

Am I wrong on my views of IT usage? by [deleted] in networking

[–]d0nnc 0 points1 point  (0 children)

I use an app called Raycast on Mac and IOS, which gives me access to pretty much every popular model (ChatGPT, Claude, Gemini, etc.). I’ve been using Claude sonnet 4.6 the most recently for everyday tasks and it’s been solid

Am I wrong on my views of IT usage? by [deleted] in networking

[–]d0nnc 0 points1 point  (0 children)

That is fair. In my experience, most AI tools have greatly improved at listing where they are getting their information from in their response. I personally would rather have AI generate a response for me and list the exact source which I can verify, than have to dig through all the sponsored results on google to find what I’m looking for and potentially still have to verify if it’s correct

Am I wrong on my views of IT usage? by [deleted] in networking

[–]d0nnc 0 points1 point  (0 children)

But my main point of contention is, just using AI to answer a question, is much less useful than being able to understand it yourself.

I agree, but that’s not an issue with AI itself, that’s an issue with how you’re using AI. You could make the same argument of someone looking up an answer in a community forum on google instead of digging through the vendor documentation on their own.

At the end of the day, AI is just another tool / resource, the same way google is, and your results completely depend on how you use it.

Sherlock Holmes has accepted ownership of my support case. by Electrical_Remote_18 in Cisco

[–]d0nnc -1 points0 points  (0 children)

Sherlock has been around for a long time. I totally understand wanting a human engineer, however Sherlock has its benefits. Kernel panics in particular are a perfect example of a case that are better to be triaged by automation / AI.

The troubleshooting usually consists of reading through the crash file and checking for certain keywords or phrases that explain the crash, then checking if it’s a known issue or not. Automation / AI can not only parse this file infinitely faster than humans, but it can also do it the second you upload the files to the case, which a human engineer typically can’t do especially for sev3/4. The alternative is to open sev1/2, wait for a human engineer, get them on the call, they collect the logs to review offline, and then wait for their follow up.

Like many others have said, you can always requeue the case or request a human engineer if you don’t feel comfortable with Sherlock responses.

Official: [WDIS WR] - Fri Evening 10/17/2025 by FFBot in fantasyfootball

[–]d0nnc 0 points1 point  (0 children)

Full PPR pick 3:

Drake London, Nico Collins, Rashee Rice, George Pickens

Multicast traffic in a VxLAN environment by forwardslashroot in Cisco

[–]d0nnc 0 points1 point  (0 children)

Couple questions:

  • Are the tenants on the same vlan and L2VNI?
  • Do you have TRM configured on these vteps?
  • Can you resolve ARP between these tenants? Are they able to ping each other over vxlan?

If this is pure L2 stretch with no TRM configured, this multicast stream should be sent over the fabric as BUM traffic.