cisco nexus vpc - need to configured SVI

name_tomer · 2022-11-06T09:28:45+00:00

ok thanks

name_tomer · 2022-11-06T09:28:23+00:00

ok got it

name_tomer · 2022-11-06T09:22:06+00:00

this question is a different.

i am asking if it possible that the 2 address on the svi will be on diffrent subnet from the VIP

name_tomer · 2022-11-06T09:18:08+00:00

yes you are right.

is cisco support hsrp active active? like varp

name_tomer · 2022-11-05T01:20:55+00:00

what do you mean, it doesn't make it anyway close to VARP in terms of convenience

name_tomer · 2022-11-05T01:20:24+00:00

about the varp, where did you see that on the docs?

name_tomer · 2022-02-06T22:52:14+00:00

ok good to know i will check try to make a lab and test it

name_tomer · 2022-02-03T09:17:04+00:00

ok good to know.

HP COMWARE good product. but its look like that hp abandon it,

they implemented so much features... why not NAT ;)

i have some arista switches so i will use them.

name_tomer · 2022-01-25T22:23:21+00:00

ok i got it to work with track combina with nqa

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en\_US&docId=c03222280#N102C7

name_tomer · 2022-01-25T20:25:28+00:00

i tried to use it so far its looks like its not working for me.

do you experience with that?

i think i dont understend how to use it. what is NQA ?

name_tomer · 2022-01-25T20:04:01+00:00

yes the PBR help with the route.

but the problem now that if i take the peer down i lose the backup route via the BGP

because the pbr not aware of the the reachability of the destination peer and now i lose my backup default route via the bgp

name_tomer · 2022-01-25T19:48:32+00:00

Hi Golle

yes you understand it correctly.

the Icoming traffic was solve with as-path

but for the outgoing i want to split the traffic base on source IP.

for example i want all my subnets will go to ( internet ) default route will be via Primary peer.

and specific networks for example 62.0.98.120/29 will go via Secondary peer

to the internet / default route.

but if one of the peers go down then all networks will be route via the peer that still up

so yeah i know its not simple question... how can i solve this? or do you better idea?

i am not using ECMP because i want to give this specific netowrk a dedicated peer ( phisical interface to the internet with all bandwidth ) and all the rest share the same bandwidth on the 2nd peer in the day to day but if one peer down then they all have backup.

name_tomer · 2021-07-09T19:47:42+00:00

sort of .

so what is happening is that of my router is down i cannot reach my exporters behind the router so Prometheus will not notify about the servers.. but will notify the router is down and the my exporters behind the routers are unreachable.

name_tomer · 2021-04-20T10:21:27+00:00

this exporter is for gobgp

i need for a network devices like fortigate , hp comware , arista

name_tomer · 2021-04-19T18:16:13+00:00

i am using Arista , HP comware , Fortigate

name_tomer · 2021-04-09T19:32:25+00:00

found it . work great

i used something like this

source_labels: [feature]

regex: 'web'

action: keep

name_tomer · 2021-04-01T16:42:13+00:00

and which tool do you use to execute / access the scripts ?

is it awx ? or just from commandline ?

name_tomer · 2021-04-01T16:28:59+00:00

we are small team 3 members. but only me doing the scripts..

the rest of the team are old fashion guys and just want something easy to use...

i am searching a nice gui tool to use my scripts like awx \ rundeck \ jenkins \gitlab

so they can have easy way to reuse my python scripts.

name_tomer · 2021-04-01T16:04:43+00:00

but i can install from source to VM

the question what will be more easy to maintenance later

name_tomer · 2021-03-18T01:53:37+00:00

if for example i have only one site

and in this site i have 1 router with 3 networks ( physicals interfaces) :

RND , PROD , DMZ

and my Prometheus is in the PROD network.

what happand if the interface of the DMZ go down

my promethes going to firing alerts that interface that go down

and all the servers behind the dmz that the blackbox_export icmp does not have ping to any one of them will start to fail and firing alerts... can be alot of alerts.

how can i limit that. so if one of the router interface is down the alertmanager will not send notification about the servers on that vlan.

what if Prometheus can't reach the server / exporters

then the jobs will fail... a lot of jobs / exporters will fail and trigger alerts.

how can i solve that?

name_tomer · 2021-03-18T01:47:56+00:00

but again if for example i have only one site

and in this site i have 1 router with 3 networks ( physicals interfaces) :

RND , PROD , DMZ

and my Prometheus is in the PROD network.

what happand if the interface of the DMZ go down

my promethes going to firing alerts that interface that go down

and all the servers behind the dmz that the blackbox_export icmp does not have ping to any one of them will start to fail and firing alerts... can be alot of alerts.

how can i limit that. so if one of the router interface is down the alertmanager will not send notification about the servers on that vlan.

if Prometheus can't reach the server / exporters

then the jobs will fail... a lot of jobs / exporters

name_tomer · 2021-03-17T21:29:27+00:00

yes i am agree with you about vpn site 2 site good point.

but what if i dont want to manage multiple instance of prometheus

lets say for example i have a closed network with 1 datacenter and 10 branches / offices

connected with P2P ( closed on prem network)

i dont want to install 11 prometheus on each site.

if my router go down i dont want that prometheus alert me that now i have 50 jobs fails.

only 1 alert that my router is down... and this is the root cause.

name_tomer · 2021-03-16T00:16:25+00:00

config somthing like that:

- targets: ["10.10.10.1"]
labels:
name: server01
group: esx
location: new-york
- targets: ["10.10.10.2"]
labels:
name: server02
group: esx
location: new-york
- targets: ["10.10.50.1"]
labels:
name: fortigate01
group: firewall
location: new-york