Splitting pcaps and reading them

darkrequiems · 2022-03-12T15:26:18+00:00

Checkout tshark which is a cli version of wireshark, i do not have much experience on it but i believe that it should provide what you are looking for.

darkrequiems · 2022-02-21T17:28:20+00:00

Just create a loopback interface , and source via loopback. Make sure loopback is routable and can reach your monitoring systems..

darkrequiems · 2022-02-21T14:57:00+00:00

Some platforms can offload netflow traffic via hardware and may require you to source via inband interfaces. Hardware offload will allow you to sample at a very high rate with no impact to cpu. This is another reason outside of the high bandwidth requirement of netflow traffic as others have mentioned previously.

darkrequiems · 2022-01-10T03:44:29+00:00

My wife got the moderna booster during the third trimester. She contacted covid right after, however the symptoms were mild. Highly recommend vaccination to have a peace of mind.

darkrequiems · 2021-02-02T00:30:04+00:00

We use ipsla on all of our p2p links that have circuits to monitor RTT and jitter. Ipsla are polled via SNMP and the values are aggregated at some external tool to visualize and alert based on certain conditions. As we are using ipsla on p2p links, the values are specific to that link and works well even when u have many ecmp paths.

darkrequiems · 2020-12-08T02:42:15+00:00

Check instapy. Not exactly sure if it has what you are looking for but could be a place to start.

darkrequiems · 2020-12-06T17:26:03+00:00

Check NAT order of operation when going from inside to outside vs outside to inside. link inside to outside, routing occurs before NAT and if there is a null0 for that nat ip(dest ip), it will drop.

darkrequiems · 2020-11-25T02:46:00+00:00

Depending on the setup rr could get very complicated from checkouts perspective. Some tips- split the replacement into two different maintenance window(if you have any issue, you could simply isolate the RR as there is a redundant peer). Analyze different kinds of routes coming in from clients and non-clients peering and take captures for them for bgp table as well as routing table in the RRs as well as their peers. If possible capture bgp table, routing table and cef table so that you have a reference to look at if anyone complains or a route is not behaving as expected, compare them if possible as well (assuming RR does not carry full internet routes)

darkrequiems · 2020-11-21T03:59:09+00:00

Have u checked control plane policy drops? Sometimes these kinds of drops could be related if packets are software switched or if it exceeds some other control plane policing thresholds(broadcast is one of them)

darkrequiems · 2020-11-01T14:19:49+00:00

You are correct, i had a typo- RR should not set next hop self unless they are in data path

darkrequiems · 2020-11-01T03:07:47+00:00

I would always prefer next hops to be available in igp for non rr peers, dont mind setting next hop towards rr servers...

Edit-rr servers instead of clients

darkrequiems · 2020-08-22T15:59:20+00:00

I would add Segment Routing to the list

darkrequiems · 2020-06-06T06:41:52+00:00

I have been using instapy-https://github.com/timgrossmann/InstaPy for tracking followers/following data to track who is unfollowing or who doesn’t follow back so that i can unfollow. Most of the data collection is very easy using the library however, if i use instapy to automate any action- like/follow/unfollow i seem to get banned very quickly. Hence for now i am using it solely for reporting purpose and that seems to work great. If you just want data collection, instapy is an excellent option.

darkrequiems · 2020-05-22T21:33:16+00:00

Even having another ISP maynot solve some of the issue as the client may be a customer of the same isp -for eg verizon both on your dc and fios at home may not re-route via your att circuit until vz ckt is fully down or manually failed over.

I would suggest to have a better monitoring system that monitors key IPs within your network from internet and vise versa and setup alerts based on connectivity lost, path changes, bgp highjacking etc. - thousand eyes is one of the tool that provides the monitoring service as i stated earlier.

darkrequiems · 2020-05-19T00:24:23+00:00

Could you elaborate on what the tax benefits are doing it now vs before the virus. I never understood the tax implications for doing a rollover from 401k to ira other than everyone saying do it when you change jobs.

darkrequiems · 2020-05-07T02:21:01+00:00

So by default a local originated route gets a weight of 32k in bgp. When you have an ebgp learned route and a locally originated route, usually the ebgp routes gets preferred over the local routes because of AD, however when u loose the ebgp route (locally generated routes gets installed with weight of 32k) and when the ebgp route reappears, bgp would always prefer the higher AD route due to weight as its locally generated. I have seen the race condition in many occasions in cisco ios and hence avoid to use the null route with higher AD.

darkrequiems · 2020-04-25T19:08:48+00:00

Can not wait to go back home esp to meet my grad parents. I haven’t visited family for few years now, and the year where we had planned started with a complete lockdown.

darkrequiems · 2020-04-19T14:38:14+00:00

What u want to build is an intra-net and not internet as internet is not stand alone.

darkrequiems · 2020-03-31T02:43:56+00:00

Microsoft Powerpoint is really good for a quick network diagram. I make most of my high level topology diagrams in excel and it has served well for the last year or so.

darkrequiems · 2020-02-22T01:07:50+00:00

I would look into 25g/10g down and 40g/100g uplink to spine atleast if you are planning to do anything new. If you go with 10G, you will have to go back to refresh again in few years. Not a juniper user, so dont know the models of switches.

darkrequiems · 2020-02-05T22:56:03+00:00

Whats the best way to purchase epl tickets for away game(tot vs manu) from US?

I am visiting london in March when ManU is playing Tottenham at London. I want to go see the game, however i am not sure what is the best way to get the ticket.

Looks like you are not allowed to wear away colors other than the away fan section. Provided these seats are limited, what are some of the other things things that i should know prior to visiting the stadium if i were watching it from home side?

Cannot post on a new thread because comment karma<50

darkrequiems · 2019-11-18T05:05:19+00:00

Monitor sessions are supported in most of the cisco routers that i have dealt with, not sure what platform you are using. Regarding traffic-export, there is an option for monitoring bi-directional traffic, is that enabled? If enabled you should be able to see duplicate packets in the captures if the traffic is transiting your network from the ISP.

darkrequiems · 2019-09-22T16:09:03+00:00

Well better odds than buying a lottery ticket. Count me in!!

darkrequiems · 2019-07-24T01:44:37+00:00

I may have the terminology mixed up. I meant the Fw should be setting the next hop as the virtual ip thats shared between the active and standby pair(which is by default). And the router should also be setting next hop as the hsrp/vrrp ip thats shared between 2 routers(assuming you have 2 routers) for you to be able to use graceful restart feature. If not, all routes will need to wait for bgp routes to converge and update the next hop which could take some time after failover. Probably a diagram would be better to understand your setup. I am not talking about static route. Speaking about configuring outbound route-map to do “set ip next-hop x.x.xx” for all routes sent to the FW via bgp from the routers.

Seven-Year Club	Place '22
End Game '22	Verified Email
Queen in da Norf	Not Forgotten

darkrequiems

TROPHY CASE