dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2876
share rss forum feed


tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1
reply to DarkLogix

Re: [Config] Performance due to VLAN, incomplete STP, or loop backs?

said by DarkLogix:

That's when you use the intranet. or the backup intranet

you assume that you're not designing a wan architecture based on dmvpn-esque architecture.

the target market for meraki is distributed enterprise (think of coffee shops or 1-5 person remote offices). in this space -- you're not going to pay for a private mpls circuit to this size of site -- you're going to use a cheaper internet circuit and provide a vpn overlay to access corporate resources.

its *always* easy to design the biggest and most redundant network available. the challenge is aligning technology to meet business requirements and goals, all while staying within budget.

pulling 'backup private wan' circuits out of your ass is not a cheap endeavour.

q.
--
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to TomS_

I suggest hardware only because its the only way to achieve a real core with proper links.

I aim for ideal anything else is IMO half-ars*
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv



tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1

said by DarkLogix:

I suggest hardware only because its the only way to achieve a real core with proper links.

better tell that to *every* service provider out there that has built out a *huge* metro access topology using fiber rings.



q.
--
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to tubbynet

said by tubbynet:

said by TomS_:

I call that a conflict of interest. :-P

there's no conflict. my wallet size is my only interest ;-P

q.

LOL

my only interest is the best performance possible.
if it were my wallet then I'm doing it wrong.
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv

aryoba
Premium,MVM
join:2002-08-22
kudos:4
reply to tubbynet

said by tubbynet:

said by DarkLogix:

That's when you use the intranet. or the backup intranet

you assume that you're not designing a wan architecture based on dmvpn-esque architecture.

the target market for meraki is distributed enterprise (think of coffee shops or 1-5 person remote offices). in this space -- you're not going to pay for a private mpls circuit to this size of site -- you're going to use a cheaper internet circuit and provide a vpn overlay to access corporate resources.

Unless you have "unlimited" budget


tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1

said by aryoba:

Unless you have "unlimited" budget

the proverbial unicorn for the sales team.

q.

aryoba
Premium,MVM
join:2002-08-22
kudos:4

said by tubbynet:

said by aryoba:

Unless you have "unlimited" budget

the proverbial unicorn for the sales team.

q.

Indeed. Unfortunately you have to have certain presence to meet the criteria


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to aryoba

said by aryoba:

One occasion was that there was rich customer, willing to spend $$$$ as necessary. The customer was famous (or rather infamous) of jumping from one consultant to another. The problem was that the customer did not seem to understand what exactly they looked for and never provided clear requirement. Even when you did get a requirement and you provided your best suggestions in return, the customer did not take the suggestion due to the fact that you were just consultant and not an employee.

It was definitely unique customer attitude to work with

Arrg I get users like that alot, they say what they think they want but they don't really know.

like a user asking for a big external harddrive because their H drive is full, its only as full as the quota I set shows and I can make it bigger in a few seconds without buying anything.

(that's just one example I've had many more issues like that)

Normally I push them to say what they want to do or what the real problem is
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to tubbynet

said by tubbynet:

you assume that you're not designing a wan architecture based on dmvpn-esque architecture.

well at the place I was at before they had a warehouse that was maybe 5-6 people but still spent the money (before me) for a fractional T1 MPLS

though they didn't have DHCP service, oh what a pain it was dealing with that site till I got my bearings (statics every enduser) did a simple ip helper on their router and bam DHCP.
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to tubbynet

said by tubbynet:

said by DarkLogix:

I suggest hardware only because its the only way to achieve a real core with proper links.

better tell that to *every* service provider out there that has built out a *huge* metro access topology using fiber rings.



q.

Fiddi is different.
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1

said by DarkLogix:

Fiddi is different.

swing and a miss.

this isn't fddi. sp's haven't used fddi in 10 years.
i'm talking about pure ethernet metro access. with things like cisco's rep using 1588 synch-e and mpls-te and frr -- i can achieve near sonet convergence time (i.e. a protect circuit is 50ms) over ethernet protocols. oh yeah -- and i'm doing it over rings.

q.
--
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."


Nsane_iceman
Premium
join:2001-02-26
North Richland Hills, TX
reply to HELLFIRE

said by HELLFIRE:

Another immediate thought... what does "show processor cpu history" "show processor mem" and "show log"
on each device show? Anything constantly showing high or pegged CPU? Any indications of high memory
util or repeating events like link flaps?

Some other commands to run on each switch :

- "show interface status | exclude full"
- "show interface | i 5 min"
- "show interface | i error"

Just some dumb / simple thing(s) to check here.

Regards

Good Afternoon HELLFIRE, thank you for your reply.
Nothing really sticks out to me and seems within range. :huh:

sh proc cpu his - last 72 hr - max
SW 01: 50%
SW 02: 60%
SW 03: 20%
SW 04: 20%
SW 05: 30%
SW 06: 60%
SW 07: 20%
 

sh proc mem - total / used / free
SW 01: Total: 106301996, Used: 36795504, Free: 69506492
SW 02:
Processor Pool Total:   78518384 Used:   21344208 Free:   57174176
      I/O Pool Total:    8388608 Used:    3599320 Free:    4789288
Driver te Pool Total:    1048576 Used:         40 Free:    1048536
SW 03: Total: 106301996, Used: 34563160, Free: 71738836
SW 04: Total: 106301996, Used: 34574336, Free: 71727660
SW 05: Total: 103548496, Used: 35884192, Free: 67664304
SW 06:
Processor Pool Total:   78518384 Used:   19717156 Free:   58801228
      I/O Pool Total:    8388608 Used:    3588984 Free:    4799624
Driver te Pool Total:    1048576 Used:         40 Free:    1048536
SW 07: Total: 106301996, Used: 35314008, Free: 70987988
 

sh log
SW 01: No flaps, just few up/down on ports
SW 02: Link flaps back on Jan 15th - vlan 6 - f0/38 & g0/2
SW 03: No flaps, just few up/down on ports
SW 04: No flaps, just few up/down on ports
SW 05: No flaps, just few up/down on ports
SW 06: Apr 13th repeat up/down on f0/31
SW 07: No flaps, just few up/down on ports
 

sh int status | exc full
SW 01: 
Fa0/5                        connected    8          a-half  a-100 10/100BaseTX
Fa0/6                        connected    8          a-half  a-100 10/100BaseTX
Fa0/17                       notconnect   11           auto   auto 10/100BaseTX
Fa0/23                       notconnect   20           auto   auto 10/100BaseTX
Fa0/24                       notconnect   2            auto   auto 10/100BaseTX
Fa0/25                       notconnect   20           auto   auto 10/100BaseTX
Fa0/29                       notconnect   20           auto   auto 10/100BaseTX
Fa0/32    Justin Office      notconnect   20           auto   auto 10/100BaseTX
Fa0/35                       notconnect   20           auto   auto 10/100BaseTX
Fa0/37                       notconnect   10           auto   auto 10/100BaseTX
Fa0/41                       notconnect   1            auto   auto 10/100BaseTX
Gi0/4                        notconnect   1            auto   auto Not Present
 
SW 02:
Fa0/1                        notconnect   20           auto   auto 10/100BaseTX
Fa0/2                        notconnect   20           auto   auto 10/100BaseTX
Fa0/4                        notconnect   20           auto   auto 10/100BaseTX
Fa0/5                        notconnect   8            auto   auto 10/100BaseTX
Fa0/6                        notconnect   20           auto   auto 10/100BaseTX
Fa0/8                        notconnect   20           auto   auto 10/100BaseTX
Fa0/9                        notconnect   20           auto   auto 10/100BaseTX
Fa0/10                       notconnect   20           auto   auto 10/100BaseTX
Fa0/12                       notconnect   10           auto   auto 10/100BaseTX
Fa0/16                       notconnect   20           auto   auto 10/100BaseTX
Fa0/18                       notconnect   20           auto   auto 10/100BaseTX
Fa0/20                       notconnect   20           auto   auto 10/100BaseTX
Fa0/23                       notconnect   11           auto   auto 10/100BaseTX
Fa0/24                       notconnect   250          auto   auto 10/100BaseTX
Fa0/25                       notconnect   20           auto   auto 10/100BaseTX
Fa0/26                       connected    20         a-half  a-100 10/100BaseTX
Fa0/27                       notconnect   20           auto   auto 10/100BaseTX
Fa0/28                       notconnect   20           auto   auto 10/100BaseTX
Fa0/29                       notconnect   20           auto   auto 10/100BaseTX
Fa0/30                       connected    20         a-half  a-100 10/100BaseTX
Fa0/33                       notconnect   20           auto   auto 10/100BaseTX
Fa0/36                       notconnect   20           auto   auto 10/100BaseTX
Fa0/39                       notconnect   10           auto   auto 10/100BaseTX
Fa0/42                       notconnect   10           auto   auto 10/100BaseTX
Fa0/43                       notconnect   8            auto   auto 10/100BaseTX
Fa0/44                       notconnect   10           auto   auto 10/100BaseTX
Fa0/47                       notconnect   20           auto   auto 10/100BaseTX
Fa0/48                       notconnect   10           auto   auto 10/100BaseTX
Gi0/3                        notconnect   1            auto   auto Not Present
Gi0/4                        notconnect   1            auto   auto Not Present
 
SW 03:
Fa0/8     Rad PLC   connected    50         a-half   a-10 10/100BaseTX
Fa0/13                       notconnect   20           auto   auto 10/100BaseTX
Fa0/18                       notconnect   10           auto   auto 10/100BaseTX
Fa0/20                       notconnect   8            auto   auto 10/100BaseTX
 
SW 04:
Fa0/2                        notconnect   10           auto   auto 10/100BaseTX
Fa0/5                        notconnect   10           auto   auto 10/100BaseTX
Fa0/7                        notconnect   10           auto   auto 10/100BaseTX
Fa0/10                       notconnect   10           auto   auto 10/100BaseTX
Fa0/17    Rack & Pinion PLC  connected    20         a-half   a-10 10/100BaseTX
Fa0/20    Dead Port (Shut)   disabled     20           auto   auto 10/100BaseTX
 
SW 05:
Fa0/10    Transmission PLC   connected    20         a-half   a-10 10/100BaseTX
 
SW 06:
Fa0/1                        notconnect   1            auto   auto 10/100BaseTX
Fa0/2                        notconnect   20           auto   auto 10/100BaseTX
Fa0/4                        notconnect   20           auto   auto 10/100BaseTX
Fa0/5                        notconnect   5            auto   auto 10/100BaseTX
Fa0/6                        notconnect   5            auto   auto 10/100BaseTX
Fa0/8                        notconnect   255          auto   auto 10/100BaseTX
Fa0/10                       notconnect   20           auto   auto 10/100BaseTX
Fa0/11                       notconnect   20           auto   auto 10/100BaseTX
Fa0/12                       notconnect   20           auto   auto 10/100BaseTX
Fa0/16                       notconnect   20           auto   auto 10/100BaseTX
Fa0/18                       notconnect   20           auto   auto 10/100BaseTX
Fa0/19                       notconnect   10           auto   auto 10/100BaseTX
Fa0/20                       notconnect   20           auto   auto 10/100BaseTX
Fa0/22                       notconnect   20           auto   auto 10/100BaseTX
Fa0/24                       notconnect   20           auto   auto 10/100BaseTX
Fa0/25                       notconnect   10           auto   auto 10/100BaseTX
Fa0/28                       notconnect   20           auto   auto 10/100BaseTX
Fa0/30                       notconnect   20           auto   auto 10/100BaseTX
Fa0/37                       notconnect   250          auto   auto 10/100BaseTX
Fa0/39                       notconnect   20           auto   auto 10/100BaseTX
Fa0/45                       notconnect   20           auto   auto 10/100BaseTX
Fa0/47                       notconnect   20           auto   auto 10/100BaseTX
Fa0/48                       notconnect   20           auto   auto 10/100BaseTX
Gi0/2                        notconnect   1            auto   auto Not Present
Gi0/3                        notconnect   1            auto   auto Not Present
Gi0/4                        notconnect   1            auto   auto Not Present
 
SW 07:
Gi0/1                        notconnect   1            auto   auto 1000BaseSX SFP
Gi0/2                        notconnect   1            auto   auto 1000BaseSX SFP
 

--
Avatar by: dandelion | Tell me, tell me what you're after. I just want to get there faster.


Da Geek Kid

join:2003-10-11
::1
kudos:1

1 edit
reply to Nsane_iceman

just to clarify something... Switch 1 and Switch 2 are Core switches... Switch 6 and partial switch 7 config show they are just layer 2 switches... 3560's have plenty of beef to get this tiny network going.

what is 10.16.255.6???


HELLFIRE
Premium
join:2009-11-25
kudos:15
reply to Nsane_iceman

@Nsane_iceman
Make sure any interfaces in half duplex aren't an uplink to another connecting switch... just to be sure.

And now that I look at Da Geek Kid See Profile 's question and your configs, what's up with all the static routes?
If Switch01 and Switch06 are your "core" switches with the VLAN SVIs, why are you pointing everything at that
address? Methinks you may want to redo your diagram WITH the interface-to-link status AND an addressing scheme
as well.

Regards



Da Geek Kid

join:2003-10-11
::1
kudos:1
Reviews:
·Callcentric

switch 6 has one vlan and it's not considered a core, but rather L2 switch. Another Major issue that was mentioned is that the core switches 1 and 2 do not have the same IOS which will break the network if configured improperly... In this situation, since there are no routing protocols running on either switch, it should be ok. All I can say is, 100% pure amateur design "Foe-Sho!"


HELLFIRE
Premium
join:2009-11-25
kudos:15

said by Nsane_iceman:

Core switches are 1 and 6 in the server room and 7 is connected to the servers.
Others are out on the warehouse floor along with ~4 unmanaged Netgear switches due to very very long Ethernet runs (warehouse is 1 million+ sq feet).

...in the OP's own hand Da Geek Kid See Profile from earlier in the thread, FYI.

Let's see if the OP posts up anything more...

Regards

HELLFIRE
Premium
join:2009-11-25
kudos:15
reply to Nsane_iceman

said by Nsane_iceman:

and corporate is looking at going with Cisco Meraki for the gig upgrade.

said by DarkLogix:

just googled "cisco Meraki" "Cisco Meraki is the leader in cloud controlled WiFi,"

said by tubbynet:

the target market for meraki is distributed enterprise (think of coffee shops or 1-5 person remote offices). in this space -- you're not going to pay for a private mpls circuit to this size of site -- you're going to use a cheaper internet circuit and provide a vpn overlay to access corporate resources.

Funnily enough, I found a recorded webex session about Meraki that I watched, just out of personal interest.
Unfortunately, it's under NDA between Cisco and my employer, otherwise I'd share it. The way cramer See Profile
put it is about the size of it -- distributed management "in the cloud" with limited or remote-based IT resources.
They didn't state so specifically, but pretty sure so long as your WAN link is up, "the cloud" gives you(r NOC)
remote management capabilities without relying on onsite / inperson / truckroll support. And as cramer See Profile
points out at this level where Meraki's targetted for, persistent OOB or backup WAN access isn't likely to be
an expense or set up for.

Just for chuckles, I browsed through the Cisco Meraki product listing :

- cheapest security device has 5GbE / 100Mbps thruput / WAN Opt / layer 7 firewall / traffic analysis for $495 -- I'd
like to see ASA550X do the last 3 points for that price.

- switches start from 8port GbE for $985 -- IIRC, cheapest IOS all-Gig switch is a 2960S which at retail is
around $10K. Layer 3 switches price-wise start at $5305, while a 3560 AdvIPServices is around twice that, IIRC.

- the "cloud management" is all web based, and looks pretty easy to navigate -- but coming from an IOS / CLI
background, it kinda hurt to see a pane set up SPECIFICALLY for ping / traceroute / remote access / throughput
test, etc. But for a remote NOC / limited IT support, I could see this working.

Not to sound like an advertisement for Meraki, but just my initial impressions.

@OP
Let us know if you are able to share more details about your network as I'd requested or not.

Regards


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3

um you can get a 2960s for $1,796
»www.provantage.com/cisco-systems···O33M.htm

where do you get the cheapest gig IOS is $10k?
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


HELLFIRE
Premium
join:2009-11-25
kudos:15

...I recalled incorrectly, then

Regards



DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3

you can get a loaded 3750x for $13k (IE UPOE, 48port, IPadv)
ya if it were 10k for a 2960s now then when I bought my 2960g it would have been much more than the just under a grand I paid (its 20 port gig plus 4 combo ports, though for me it might as well be 24 port gig as I don't plan to get any SFP's)
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


HELLFIRE
Premium
join:2009-11-25
kudos:15

Yeah, but within the scope of the market that Meraki's targetting, do you see a schoolboard or "national retail chain"
more likely going for a Meraki L3 switch or a 3750X?

Let's just say it was instructive viewing that webex session though...

Regards



DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3

I see (have seen) a school board go with a 6513

back before I even had gotten a real job I interned at a school district and they had multiple 6513's and had a band approved near the end of my internship for more 6513's (also the bond was to upgrade the existing 6513's with gig line cards) (btw this wasn't even a big school district just the one for Baytown, I'd imagine HISD would be more impressive)

so um ya I don't see a school district getting Meraki (unless they're so small that they are more likely to just get a Linksys, in which case still a no to meraki)
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv



tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1

there is a huge school district in colorado (i know the account team) that is deploying meraki.
i believe them to be the largest in colorado, and among one of the largest in the nation.

blanket statements are dangerous. the goal of any account and engineering team is to ensure a synergy between business and technology goals to achieve the desired outcomes. the gear is simply a facilitator.

q.
--
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."



Da Geek Kid

join:2003-10-11
::1
kudos:1
Reviews:
·Callcentric
reply to Nsane_iceman

first of all Meraki is Cisco... Second, I am not sure if I stated this clearly but 2960S switch is an utter Mule Dung! If I see it anywhere with any type of issues, I'd pull it and replace it with Netgear or anything else worth 50cents because that would be an upgrade. There's just not enough forum posts that I can express the trashness of this utter device. I could only refer to the IOS version upgrades that you can check which get released, sometimes, weekly.

there's no way to compare a Cat6 with any other Cisco switch. The Cat 3750X which has been my Fav chassisless switches now have been replaced my most fav. 3850... 3850's are what I wanted from Cisco about 15/20 years ago but now they are here. They are capable of Mobility Controller as well as Netflow with Stack power and IOS XE which are the same as the ASRs... The new Cat4K Sups also come with it.



TomS_
Git-r-done
Premium,MVM
join:2002-07-19
London, UK
kudos:5
reply to tubbynet

omg you said synergy



DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to Da Geek Kid

said by Da Geek Kid:

2960S switch is an utter Mule Dung!

on that note, if I had the authority then due to the craptaculerness of juniper I'd toss every juniper I see into the nearest trash can

I just can't express how very bad any juniper device is.
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1
reply to TomS_

said by TomS_:

omg you said synergy

i've been working with our sales teams way too much.
i need to do 50 "conf t's" in apology.

q.
--
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3

said by tubbynet:

said by TomS_:

omg you said synergy

i've been working with our sales teams way too much.
i need to do 50 "conf t's" in apology.

q.

you must seek absolution
so help me with my nat issue on my new router.
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1

said by DarkLogix:

so help me with my nat issue on my new router.

thats not how it works, sparkplug.

q.


TomS_
Git-r-done
Premium,MVM
join:2002-07-19
London, UK
kudos:5
reply to DarkLogix

said by DarkLogix:

I just can't express how very bad any juniper device is.

Until you can, quit giving them a bad wrap.

If you cant elaborate, clearly theres not much wrong.