Titaniumdo you know how to switch a N5k between the different modes?
Titaniumfor FC
Titanium(enable the features)
veersslot X then define the ports
veersand yeah, a lot of our network engineers get bit by the whole 'feature' thing
Titaniumnpv/npiv/normal
veers"why can't I create this VLAN interface"
veersoh that yeah
veersfeature npv; no feature npv; after backing up the config
veersbecause cisco seems to think dumping it is the right thing to do
Titaniumdo config in notepad
Titaniumotherwise u lose it
veersyeah
Titaniumdont paste more than like 20 lines at once
Titaniumit will screw it up
veersI tend to do each individual stanza when I paste in
Titaniumone of these days il find out if putty or the device is responsible :)
Titaniumbut i think its NXOS
Titaniumdo you know where to configure FCOE with VPC to a rackmount?
veerswell some things you need to "exit" out of before you paste in the next batch or it'll fall over
Titaniumyeah in vlans, you need to exit before config is applied
veersyou mean building the vfc interface and binding it to a port-channel? or something else?
Titaniumdoes this version have vlan configuration mode?
Titaniumyeah
Titaniumto the port-channel
Titaniumi wonder if they make you configure spanning-tree port edge trunk
Titaniumon ports going to ucs
Titaniumi would take off points
veersfor configuring edge trunk? or not configuring it?
Titaniumit MUST be configured pointing to a UCS
Titaniumif its not configured its wrong
veersyeah; unless they tell me to make it run in switch mode :(
Titaniumlol
dhankswhere does DFA terminate tunnels? in 1kv and tors?
Titaniumin switch mode, how is the cableing different?
veersI used to yell at one of our engineers because he'd always leave it off
Titaniumand why?
Titaniumin switch mode, there is no uplink tracking
Titaniumso you need a connection between the FI
veerswell now it's a switch so yea you have to treat it like a switch
Titaniumotherwise it blackholes traffic
Titaniumon 1000v, what is the only correct configuration for ethernet port-profiles?
veershrmm not sure I follow the context but that's basically going to be an uplink port-profile
Titaniumone of the lines of config has about 6 choices
veersshould be using MAC pinning if you're using UCS though
Titaniumyes
Titaniumeverythign else is wrong
Titaniumif you did that and i was allowed to grade it... i would fail you for that point alone :)
veersif I configured mac pinning you'd fail me even though that's the preferred way? haha
Titaniumsomethign else :)
Titaniumsorry
Titaniumalso, make sure to create a vlan on a 1000v
Titaniummake sure you know how to get to vlan manager page on UCSM in the old code
veersand don't forget my system vlans!
Titaniumso you can do disjoint
Titaniumdont forget system vlans, especially on vmkernel ports
Titaniumuplinks are not enough
veersoh yeah hahah believe you me I've run into some customers that forget
Titaniumdo you know how to fix a 1000v if you forgot a system vlan?
Titaniumi ran into customers that never created the system vlans to begin with
veersit's been a while but it'll come back to me
Titaniumtheres several ways
Titaniumyou can move back to vSwitch
Titaniumbut it kills all your vmk ports
Titaniumor you can do esxcfg-vswitch -U dvsname
Titaniumand esxcfg-vswitch -L vmnic1 vSwitch 0
Titaniumto unlink and link
veersyeah that bit I'm pretty familiar with haha
Titaniumthe vmk ports are harder
Titaniumgotta delete and re-create
veersI've got a decade of VMware experience under the belt going into this thing
Titaniumthe easy way
Titaniumis to use vemcmd show prot
Titaniumto get the LTL of the interface with broken system vlan
Titaniumand then use vemset to make it a system vlan
veersI usually create new on the standard to make any repairs
Titaniumits temporary
Titaniumas soon as the vem re-connects to the 1000v it goes back to normal config
veersyeah I blow 'em away when I'm done
drkat...
TitaniumSAVE YOUR CONFIG :)
veersoften!
Titaniumsystem switchover != reload
Titaniumhow do you check if any VEMs are detached from your 1000v?
Titaniumshow mod vem missing
kuaharaAm I going to need experience working with SNMP in order to answer SNMP questions on the icnd1?
Titaniumwhat port does SNMP use?
Titaniumis it TCP or UDP?
kuahara161 or 162?
Titaniumdo you need experience to know the answers to these?
kuaharahad to look on wiki
Titaniumthen yes you need experience
Titaniumi doubt they will have you create SNMP ACLs or unload mibs
kuaharasnmp was not covered in the cbt nuggets series for icnd1
veerson this exam? not likely
kuaharasomeone asked about like 5 things last night that I had never heard of before
Titaniumits fair game for you!
kuaharaafter having finished the series
kuaharalooks like SNMP is run over udp
Titaniumwhy?
kuaharabecause (and I am quoting someone else here) in a congested network, there is a better chance of the data being transferred
kuaharaif I had to guess at an answer myself though, I'd have said something completely different
kuaharaI'm guessing the data it needs is being sent periodically anyway and if the data is lost on one send, there will be several others regardless
Titaniumwho knows how to configure a 1000v for carp?
kuaharait wouldn't seem there is a need to congest the network further by using tcp
TitaniumSNMP uses reports or somethign in SNMPv3 so you can get acks for every trap
Titaniumfor queries it can re-try
Titaniumit does not need to be lossless
Titaniumwhats a trap?
kuaharaan alert that gets sent when certain conditions or events happen
Titaniumwhats a SNMP GET, SNMP GET NEXT, SNMP GET BULK, what are the 2 parameters of getbulk and what do they do
kuaharano idea
onefst250rTitanium: ITS A TRAP!
kuaharawhile I do want to know, is this icnd1 ?
Titaniumtrap is syslog for SNMP :)
Titaniumprobably not
Titaniumi like SNMP, i wrote my own snmp library
kuaharaI hate asking that question only because it makes me sound like I am unconcerned with the information; which is not true.
Titaniumit can generate invalid packets and one day i hope to crash something
kuaharabut in a crunch, I have to prepare for an exam and then go back and likely relearn some things anyway
kuaharajust because in a job, it'll probably be needed information
civillianonefst250r: I lol'd
onefst250rcouldnt resist
kuaharathe material to be familiar with is starting to feel a little endless
Titaniumi prefer to only take an exam when i think i can pass without preparing much
mgeorgethe nikkei is down over 550 points
mgeorgehaha
mgeorgethe Dow Jones is going to tank tomorrow morning
Titaniumwhat will bitcoin do?
mgeorgewell
mgeorgemake that down 600 points now
Titaniumwhy?
mgeorgemarkets around the globe are entering a correction
mgeorge10% or more because stocks do not match economic data
Titaniumi dont care what it does, i care why it does it
mgeorgeim waiting for the twitter bubble to burst
Titaniumis there any kind of long term shorting?
mgeorgetwitter is valued at 65.25 per share yet the company does NOT have a positive cash flow
mgeorgeanywho its my bedtime, looking forward to seeing the dji drop tomorrow morning
mgeorgemy prediction is that it will open up nearly 250 points down because the global markets tanked
mgeorgeanywho g'nite :)
ubuntuskillskidi hear octopus predict stocks well
ubuntuskillskid;P
blackOffwhat is the normal capacity of a bridging table?
hjohnsonwhee that was fun
ubuntuskillsskid[Chemical Brothers - Do it Again]
ubuntuskillsskid;P
KickStarRabbitcya
DareDevil_Hi guys, on a dmvpn network the Hubs public ip address has to be pingable?
DareDevil_Has to be reachable?
Someonefromhellall public ips have to be reachable really...
Someonefromhellthey don't have to actually reploy to icmp echos, if that's what you're asking
Someonefromhellbut filtering those will probably make your life harder
n1njamaking acl's to block icmp from certain countries doesn't hurt either
Symmetriaurgh
Symmetriaabout to start upgrades on 11 P/PE routers 9k routers
Symmetriathis is gonna be a whore I can see it
n1njasweet
n1njawish I had an asr 9k at my house
n1njaoh the things I could do.. the so many things
n1njawondering if anyone has setup voice in their home to accept local calls and re-route through voip, so you can bounce calls with your cell phone to call international for free.
n1njamake me a guide. my voice skills aren't there yet.
Azeei got my ccna. going for my ccnp switching exam this week.. what kinda jobs i should be looking for as an entry level ?
Someonefromhellsupport in a noc would probably be ideal
Azeethanx
DareDevil_I know my question is retarded, but an issue that I am having just made me doubt about it.
DareDevil_About the fact that all the ips have to be pingable
DareDevil_Although the two Peer NBMA Addr from the HUBS are not pingable or responding UUUUU. The tunnel is still Up
DareDevil_Why would that be?
DareDevil_The two dmvpn Peers NMBA Addr are responding UUUU when I ping it from the spokes but still the State is Up
Azeeaccess list ?
Azee(just throwing it out there)
Someonefromhellhaven't played with dmvpn, but I'd assume the tunnel itself would be kinda stateless
Someonefromhellie, as long as your source interface is up, the tunnel will be up no matter what
Someonefromhellwhich is why you shouldn't rely on the tunnel state for routing, use an igp
Someonefromhellsame is true for vanilla gre ( assuming you're not running keepalives )
^NaLiN^vanilla gre ?
Someonefromhellas opposed to dmvpn
^NaLiN^maybe typical gre tunnel static ?
zgjonbalaji had a router/internet speed question, this the right place to ask?
zgjonbalajHave a cisco/linksys E3000 router
noirsHey guys
noirsI cisco talent connection good to go to?
noirsIt's today in stockholm but Idk if I should go
newtmewtACTION is waiting for the day one of our routers dies at one of these locatiosn and we can't reach the property since thier phones run though it....
newtmewtthis is a new set up for us
FungiFoxnewtmewt: you have alternate point of contact info?
FungiFoxcell phone, whatever
newtmewtnope
newtmewtonly pots line is a fax...
newtmewtand they ignore it half the time
FungiFoxtheir own damn fault then.
newtmewtyah
newtmewtjust sucks cause all we can do is guess then or send a tech
newtmewtsince we can't talk to them to power cycle the box or anything
newtmewtor check the lights on it
FungiFoxthey using voip phones?
newtmewtsomesort of voip
newtmewtwe don't actually do it
newtmewtwe just provide transport for their data and vpn
ndnihilanyone know how to route ipsec traffic over an outside interface that has an address assigned by pppoe?
ndnihildefault route is ip address pppoe setroute
ndnihilbut need to add a specific route for vpn subnet to that
dadrciptables … -m policy --pol ipsec?
ndnihillol, tables on an asa? that would be nice and easy
ndnihils/tables/iptables/
dadrcUgh. This isn't #strongswan.
dadrcYeah. Sorry.
ndnihilheheh
ndnihiltypically I just use a route statement like route outside a.b.c.d 255.255.255.0 1.2.3.4 with the nexthop matching the default route
ndnihilbut this one is in a jungle somewhere connected by some monkeys whistling through some tin cans connected by string
ndnihiland outside interface is assigned by pppoe
ndnihilmaking my usual route statement for ipsec subnet not work
dadrcSounds painful.
ndnihilit is
newtmewtIRRC you just replace where you put the next hop with the interface
newtmewtso "dialer 1" or what ever
dadrcI hate working with other people's crap setups.
newtmewtdon't quote me on that though...
newtmewtACTION uses adtrans at work and often muddies the 2 together since they are similar
ndnihilnewtmewt: not on the asa, it wants a hostname or ip as next hop
newtmewthmm
newtmewtACTION also has never used an asa
dadrcGuess it's ASA bashing time again.
newtmewtACTION gets the popcorn for ASA hate hour
ndnihilI used to love pix/asa
ndnihilbut starting like mid-7 things went downhill
ndnihileven early 7
ndnihilbut I've got a couple dozen of these out in the wild, and I'm stuck with them
newtmewtACTION is only really familar with ISR G1's and Cat's
ndnihilthis is the only one using pppoe, and suddenly some ass in a tie decided that it was ueber urgent that it have ipsec vpn
dadrcNothing wrong with having a decent VPN
ndnihilthere is if the idiot device you're trying to set it up on wont route it
ndnihilfuuuuck
ndnihilACTION just dropped it off the network, and no way to get anyone in there...
dadrc"Yo, bossman, the ASA just kicked it. Buy me a new one?" ;)
ndnihillol
ndnihilsince it was statically allocated addressing, I was just going to assign it straight and see if that worked, but being 3am I kinda forgot that the vpn tunnel to another device inside that network was my only way to access it
ndnihilsoooo
ndnihilACTION crawls back under his rock
ndnihilthanks for the chat
mikey__Hello.
mikey__I'm setting up an anyconnect VPN with an asa 5505, and I'm experiencing a problem where my vpn client's routing table is updated with a route to 0.0.0.0 using 0.0.0.0 as a gateway for device cscotun0.
Azeeis there a simulator/emulator for cisco layer 3 switches for ccnp switch exam ?
mikey__I want for the VPN to only connect me to the 10.1.1.0/24 network, and nothing else.
mikey__ANy ideas?
gypsymaurohi
gypsymaurohow can I see if in a stackable cisco, there is a user defined member priority?
Plazmashow switch
lorenzohi! where can I download packet tracer for linux from?
ImrpovedWho here posted a funny networking meme-site a couple of weeks ago?
yautja_cetanuHi, Does anyone know if its possible to buy wireless 3G dongles/modems that are better then the normal consumer stuff?
dagbyautja_cetanu: define "better"
yautja_cetanuI don't know yet, I've been trying to read about it and I'm kind of trying to look at what is out there. I think "better" means more likely to pick up a stronger wireless signal if placed in the same location.
dagbyautja_cetanu: so you want a device that allows for connecting an external antenna.
yautja_cetanuWe used a normal wireless dongle plugged into a draytek and found the signal was bad. We used a "Mifi" kind of thing and found the signal was better. Which makes me think we might be able to find something better then just the stuff you get from phones4u
yautja_cetanuSure that could work
dagbmy experience with 3g dongles and modems are that they are made as cheap as possible, and then the software (for windows) is generally branded and/or locked to specific operators and generally not available nor updated.
dagbso I would very much recommend forgetting the entire 3g modem idea, and get a 3g router&ap instead
yautja_cetanuSure
dagbwith an external antenna port
yautja_cetanuI've looked at those, they can get pretty expensive, which is fine but I was wondering if they were mroe expensive because of all the router related features
dagbconsidered how much time I have pissed away at getting 3g modems to work, they are not expensive... :-)
dagbthey -> 3g routers
Symmetriaanyone know the FIB size on an Me3600?
yautja_cetanuCool, I'm googling 3G router with external antenna, this is looking more promising. Is there any particular models you'd recommend?
yautja_cetanu*Are
hkklSymmetria: 20k for ipv4 / 6k for ipv6
yautja_cetanuI'm looking at http://www.3grouterstore.co.uk/index.html now, this looks promising
Symmetriahkkl I presume those are shared?
hkklSymmetria: but depends on sdm carving. so not shared.
Symmetriaso usage of all 6k v6 drastically reduces v4 available?
dagbyautja_cetanu: I would like to try out the huawei 5776, but haven't gotten to it yet
hkklwith ip profile you get 24k/4k
Symmetriaok
nightcrowhi
nightcrowhow can I tell what routes are being distributed in my OSPF?
nightcrowI want to see the routes that my router is advertising, not the ones that it is receiving.
yautja_cetanudagb: Ah, thats more mobile wifi right? Its not something you'd plug into an existing network?
dagbyautja_cetanu: true
newtmewtwe normally use the cradlepoint stuff
dagbfor that, cisco 819 and 892, if my memory serves me right
yautja_cetanudagb: We're looking for something to supplement our satelitte modem that is powering a network of about 30 people. Its not ideal but its what happens when you try and make an office in the middle of nowhere! :P
yautja_cetanudagb: Thanks for your help though
yautja_cetanudagb++
dagbyou're welcome
nightcrowhey guys, any ideas regarding my question
dagbyautja_cetanu: hm not cisco 892, no
newtmewtyautja_cetanu: we use the cradlepoint crb450, granted it seems they have disconntinued that model
yautja_cetanudagb: Was that aimed at me? This doesn't like a 3g router? (I think we actually use Drayteks... dunno if people will mind me saying that here :P)
dagbyautja_cetanu: yeah. if you want a 3g router to plug into your network, look at the cisco 819
newtmewtthe 819 is a M2M with 3g/4g
newtmewtlooks like the new cradlepoint model is a COR IBR650, closeset thing
newtmewttakes a USB stick connection in
newtmewtand most of the USB sticks we get have spots for external antenna
newtmewtoh i guess the IBR series has the modem built in...
newtmewtbut has external antennas
yautja_cetanunewtmewt: really? I haven't found any USB sticks with antennes? The USB sticks we've used have been pretty terrible :(
newtmewtyautja_cetanu: look at this http://www.cradlepoint.com/products/machine-to-machine-routers/cor-ibr650-3g-4g-router-no-wifi
newtmewtlooks about what you want
yautja_cetanuyup it does
yautja_cetanuSo you'd put the SIM card into that thing itself right?
newtmewtyep
newtmewtyou have to buy the right version for the provider/tech
newtmewtbut this one of the common usb sticks we get http://www.amazon.com/Sprint-Sierra-Wireless-Broadband-Adapter/dp/B009ZY10GK
yautja_cetanucool, will have to research it a little more cause I'm in the UK but this look good
yautja_cetanuThanks!
yautja_cetanunewtmewt++
newtmewtyautja_cetanu: what type of network you looking for? HSPA+? or LTE?
yautja_cetanudon't think they do karma here but oh well!
yautja_cetanuDon't know yet so I think HSPA+ , really just thinking what is possible at the moment
dagbnewtmewt: looks nice. do you have first hand experience with cradlepoint products?
newtmewtyah cradlepoint has a version with HSPA+
newtmewtdagb: not that exact model but some of the other ones
newtmewtmainly the CBR450 and CBR1200 and 1200
newtmewt1200b*
newtmewtthey seem to be turning into ubiquiti in terms of expanding markets...
dagbI assume the ipsec sessions are site-to-site, right?
newtmewtthey have multi wan and edge routing and shit lol
newtmewtdagb: we don't use them for that, so no clue
newtmewtwe just use them as USB 3g/4g dongle to ethernet more or less :D
yautja_cetanucool this is ridiculously helpful :)
yautja_cetanuWhat does it mean when it says Machine to Machine?
newtmewtthey are refering to liek having an ATM talk back to the server
newtmewtso its machine(atm) to machine(server)
yautja_cetanuRight so I don't really need to worry about that. I can plug it directly into a laptop or into a router to power a network?
newtmewtyep
newtmewtwe do it all the time
yautja_cetanuDo you open them up to put the SIM card in? I can't see any slots
newtmewtwe don't have that model
yautja_cetanuah yeah I see it now
newtmewtbut i see a little cover slot thingy
newtmewtlike i said the ones we use don't have internal modems but the USB dongles
yautja_cetanucool this looks good, I think it will be worth testing
yautja_cetanuDo you know of any tools where I could take it into this Field we work in and test which network would have better signal... other then just looking at the bars on a phone?
newtmewtnot any tools really
yautja_cetanucool ok thanks
newtmewtif we have no clue we normally just send out multiple usb dongles from allt he carriers we use and find the best on site
dagbnewtmewt: :-D
dagb3g dongles suck
dagbquestionable quality and all sorts of weirdness with software, firmware and operator locks
MrJayPChttp://metro.co.uk/2014/02/04/rats-bigger-than-sheep-could-roam-earth-says-dr-jan-zalasiewicz-4289966/ Someone take something before writing that article? :p
newtmewtdagb: even worse when they get legs :D
dagbnewtmewt: people steal them?
newtmewtwe have them go missing on occasion
newtmewtwe have hundreds and we don't own the end locations so its bound to happen
newtmewtprobaly once a quarter
newtmewtno biggy
newtmewtbiggest thing is gettnig the carrier to stop service ASAP
newtmewtso they can't rack up usage
MrJayPCI hate using my mobile to call premium rate numbers :(
nullvaluereally 1800-hot-wymin is premium, didnt know
dagbMrJayPC: do you suffer from OCD? :-)
MrJayPCdagb, it costs more to call it from my mobile
dagbdon't do it, then
MrJayPCI need to in some cases though as my mobile can record calls so if a company tries to dick me over I have the call recorded
xousMrJayPC: don't you work at like a retail store?
MrJayPCYes and your point being?
xousI dunno
yautja_cetanudagb: yes they do! :(
xousI just assumed it'd just be all coporate bullshit
xousand stupidity
xousrather than an active attempt to fuck you over.
MrJayPCNo facility to record calls in store though lol
xouswhy would you need to record a call?
xousyour boss often call you up and say 'I need you to take $500 out of the register and spend it on strippers!'
dadrcAnd no complaining, it's mandatory!
MrJayPCBecause insurance comapny being a pain in the arse, tried to change vehicle and they wanted a stupid monthly premium which was annoying because online they quoted half the price, so they've told me to take out a new policy at the lower price then call them with the new policy number and they'll cancel my current policy with no charge.... I don't fancy getting screwed over on it lol
xousah
xousso it's personal shit
xousthat makes more sense
MrJayPCYep :)
xousI need a fuckin' drink
MrJayPCPhone call on mobile would cost about 2 pounds, cancellation fee is 70 pounds
eirirs_ACTION toss a beer over to xous 
xous... i fucking hate how our internal corporate shit is setup
xousit's all mixed in with the ISP shit
xoushttp://www.cad-comic.com/cad/
xousbaah
xoushrm
xousso I don't work for another 5 hours
xousi could go back to sleep
xousget food
xousor get food and go back to sleep
xousor sleep and get food
xousdecisions!
dadrcYou could become a sleepeater and do both at the same time.
xoussounds messy
metheo_irchi ppl
metheo_irchkkl, here ?
hkklyup
metheo_irchi )
metheo_irca few odd questions )
metheo_ircfirst, does the configuration of mtu under the "vlan" context (on IOS, cat swtiches, like 3560) is it meaningful ?
hkklmostly no, if there is system mtu
metheo_ircwell
hkklfor example in sup2t system mtu overrides your interface mtu config
metheo_ircon current switch (4900) I see "sh system mtu" as : Global Ethernet MTU is 1552 bytes
metheo_ircthe paticular vlan traverses through two trunks (physical interfaces) that have mtu setting 9000
hkklhmmh, i think 4900M / 4500 is different in that sense
metheo_ircissuing "sh vlan xxx" command I see MTU 1500
hkklas we also have system mtu at 1500 and run interfaces with 9198 mtu
metheo_ircso question is do I have to change vlan mtu setting from default 1500 to let jumboes pass
hkklonly if you are routing i'd guess
metheo_ircMy understanding is the same
metheo_ircIt's meaningful only if I do routing through svi
hkkl'that is atleast how it works for us'
hkkl(very annoying that different platforms work that differently.)
hkklin regards of configs
metheo_ircanother question about ring topology )
metheo_ircYou use it , right ?
hkklsomewhat.
metheo_ircIf we have an L2 ring on cisco switches
hkklthough nowadays it's quite limited to spanning-tree and datacenters, as metro is mpls
metheo_ircwell, we avoided using rings and STP but now..it seems we have to )
metheo_ircso..
metheo_ircwhat you can suggest to use - pvst+ or mst ?
xousREP
eirirs_mst
Someonefromhelll3 and mpls :p
eirirs_metheo_irc: mst are IEEE and newer, pvst are cisco proprietary
xouswhy the hell do you want a ring toplogy?
metheo_ircxous, unfortunately, REP (and ERPS) not supported on that ioses and that hardware
xoususing 2950s :P
hkklmetheo_irc: mst
dagbmetheo_irc: use REP
metheo_ircxous, redundancy and availability, man )
LeoloveWhat is the difference between CCNP service provider and ccnp service provider operations in layman terms? I am unable to explain the difference.
xouswhat hardware do you have?
xousLeolove: one is for managers
xous:P
Leolovewhich one? :p
xousops
metheo_ircxous, 3560E, 4900M
xoushow many?
xous3560E a TOR switch?
xous10G or 1G uplinks
metheo_irc3 x 3560E + 1 x 4900M in ring with vlan termination through 4900M
metheo_ircxous, does it matter the link capacity for the question ?
xousyes
xousthe number of interfaces do
metheo_ircthe ring is 10G
xousyeah
xousso the number of interfaces and 10G (and cheapness) is dictating the topology.
metheo_irclets assume, that we have four l2 switches in a 10G ring and whant to use some flavour of STP to use it
hkklmst for sure
hkkleven if r-pvst is easier it doesn't really scale to any decent number of vlans that l2 metro would have
metheo_irchkkl, ok, tnx . think, it will be mst (like more carrier-grade ))
xousuhh
xousthere usually ain't a whole lot of switching in carrier networks :P
hkklxous: l2 metros are quite often
metheo_irchkkl, any suggestions on mst settings (timers, etc) ?
hkkll2 ring with dual pe:s terminating all
xousI suppose so
xousheh. dual pe's if you aren't cheap
hkklxous: ok, add that :)
xouswe have a 1G rep ring in yvr
xoussingle pe
xousfucking hilarious
hkklwe ran pretty much default timers. most important thing is to make sure all non-core links are correctly stp edge ports
xouswe used to have them without UPS
hkklalso planning mst config vlan wise is quite important to think about a moment
hkklas changing it afterwards is ... challenging :)
xousyvr had a nasty problem with power about 2 years ago
xousthat was fucking funny.
hkkls/mst config/instance config
hkkland over engineering instances can make your life hard
Someonefromhelland by challenging you mean disruptive ;)
xousfuck planning
hkklwe had like 10+ instances
hkklthat was awful
xouswe just ripped out two core switches on a days notice
dadrcYikes.
hkkland always instance you wanted was blocking in wrong place
xoushkkl: I thought the idea was the instance should be designed with the physical toplogy in mind
xousif it was a straight up ring why would you want more than two?
metheo_irchkkl, as I understand an single instance should be configured for several vlans with same tail/head ends ?
hkklalas, it wasn't
hkklmetheo_irc: yes, pretty much. of course if you don't need anything differing you can just run everything in single instance
hkklor divide vlans to half or so
metheo_ircwhen first enabling mst ... does it stops the current traffic flow on ports (for a time for port iterations, blocking, learning forwarding etc.) ?
hkklok, how do i bind eem script to tracker down up if i don't have event 'track' available?
hkklsyslog?
xouscisco has a very long document somewhere about upgrading to mst
hkklmetheo_irc: if everything isn't correct, it will do that for sure
metheo_ircpain-in-the-ass ))
xousdesign shit right the first time :P
metheo_ircand do lab testing
metheo_irc)
xousand don't pick your design after you bought the hardware :P
Someonefromhellsyslog or snmp , depending on what you want the trigger to be
hkkl*Nov 1 14:47:24.243: %TRACKING-5-STATE: 206 ip sla 206 reachability Down->Up
hkkli get that
hkkland i want to also add ipv6 route after ipv4 route with tracker has gone up
hkklas ipv6 route tracking seems to be only on some very newish ios-xe
hkkland i have these sucky 4500/sup6es as datacenter aggregation routers :/
hkklso i guess i will try ipv6
hkkls/ipv6/syslog
Someonefromhellsyslog is probably the easiest choice
nierosoi
lroeI'm looking for an inexpensive (< $300) to test light levels on fiber (SM and MM) any suggestions?
void64Iroe: Fluke and JDSU I think make some inexpensive simple light meters
lroeis that what I'm looking for a 'light meter'
void64Though I've only seen them work on > 1200 nm
void64Yes, a light meter
void64or OLP
void64Optial Power Meter
void64Fluke, JDSU or EXFO all make them… EXFO might be a bit more higher end and lot more $$
void64JDSU makes a nice set with a power meter and a generator/identifier
kuaharayou won't get a decent jdsu for under $300 though lol
kuaharaor even $3000
void64http://www.jdsu.com/en-us/Test-and-Measurement/Products/a-z-product-list/Pages/mp60-and-mp80.aspx
void64Pretty sure thats about $300 or under
lroethat's kind of neat. I'm assuming it's windows only
kuaharanot even sure what that is =o
void64It's a power meter with optical scope I think
void64all done in software
void64not sure about compatibility
dadrcit's a … thingy.
kuaharaonly JDSUs I've had to work with are the v1 - v3 meters used by AT&T field techs
kuaharathe cheapest ones run $3k. the version 3 meters are $7k
void64Windows only probably…. but nothing VMware fusion or virtualbox can't fix
void64oh… best test set I've used are the EXFO's, but those are like $15k
void64But those are full test sets, not just power meters… line rate 10GE, reflector/generators and all the standard cert tests
lroeright, I am sure there are excellent expensive tools in this category, I'm looking for a cheap investment to 'double check' our fiber tech
void64actually generators field test reports PDF with your company logo on it you can hand right to the customer
void64Check out that JDSU one….
lroewhat do I use as a light source?
void64If you're looking for something simple just to give you a Db loss, ie: meter only, el-cheapo,then fluke is probably your best option
void64Iroe: you use whatever is on the TX side
void64or you loop it from the far end
mynd|centmorn' gents
void64but that would give you total loss on both spans, not end to end
lroeoh, I don't need a calibrated light source to accurately determine loss?
void64No, the meter usually has a wide enough optical rx window
void64I've never used it for MMF/850nm, so…. I can't speak for that
void64but for 1310+ works fine
void641200+ rather, just check the specs on the optical rx
void64that JDSU mini one looks like it does 850+
void64might not see some higher range CWDM/DWDM channels
void64that MP-60 says it's good for 850, 1300, 1310, 1490 and 1550
MrJayPCI think I found where all the remaining nazis went... my insurance company ¬_¬
void64Most insurance agents go to work wearing ski masks
kuaharamine's really pissed off that my card expired last month and I won't give them the new info
hkklhehe
MrJayPCI changed the the purchase date on the car by a week on the insurance quote and it jumped up to £164 / month lol o.0
hkklfriend used that method to get his xbox gold subscription
hkklcanceled credit card
kuaharanext time they call to harass me for it, I'm going to let them know that despite what they think, they are not the most important bill I have to pay each month.
worstadminI have a network dropping packets late at night during san backups - Im attempting to locate this problem - what Im thining is simply clear interface counters and pummel it. Anything else I should do?
oisterhow do you know its dropping packets?
nieroshe can feel his packet senses tingling?
worstadminI use pingdom
worstadminfrom the outside world - getting it every night at the backup time
rstyI'd say that might be your problem
rstyeither way, i'd start with your netflow box... if you don't have one... there are free ones out there and turn netflow on the neccessary devices
oisteryou're pinging from the internet and seeing packet loss while your san backups are running?
nierosyour switch probably just isn't up to the task.
worstadminthanks
rstydo you have netflow or snmp set up for utilization, etc ?
worstadminrsty: yes using Zabbix - builds mrtg graphs - but I dont see anything standing out in the graphs
worstadminIm looking into netflow now however
rstysnmp is good for where but netflow is good for what
rstyzabbix might have a netflow plugin, i've never used zabbix
SuperNulli need to get me some netflow.
SuperNullwe got DOSed last night and it would of only been easily stoppable with the help of netflow
krthnzASA HATE HOUR NOW!
krthnzBE PART OF IT!
rstyand bosses like graphs, so its good for us in that aspect too
rstythey have to be colorful though
rstyits helped us plenty of times
SomeonefromhellSuperNull : netflow is nice, span is even nicer
Someonefromhellassuming you're not at a scale where it's really impractical/expensive
Titaniumerspan v3 is yet even nicer
mepholicguys
mepholichow much additional resources does PFS on IPsec actually use?
nierosasa's do netflow
FrankDWorkOH EM GEE GRAPHS
nierosor are we ASA hate houring for a different reason
oisterworstadmin: look at the devices that share the SAN backup traffic and external monitoring
SuperNullmy co-worker constantly listens to archer. its dumber than i thought it would be.
kmcelroy1archer is hilarious
SuperNulldenied.
kmcelroy1you now honorarily suck
nierosarcher IS hilarious.
kmcelroy1see, he knows
SuperNulli dont trust a guy with a beard that beastly.
kmcelroy1from the fine folks that brought you sealab 2021 and frisky dingo
nierosYou're a fool then
SuperNullfrisky dingo was okay
kmcelroy1frisky dingo was fucking amazing
nierosMy beard makes most people feel safe
nierosand most women feel wet.
SuperNullits the absorbant properties they like.
nierosit's the handlebars.
nierosneed something to hold onto see
kmcelroy1have you bitches seen broad city yet?
kmcelroy1that shit is hilarious
SuperNulli have been watching that new cartoon Rick and Morty.. *cough*
SuperNulldoesn't have nearly the amount of cocaine in it tho
kmcelroy1that is pretty weird, but seems entertaining
Someonefromhellso, 3600s don't do l2tpv3
Someonefromhellthey allow you to configure it with no errors logged at all
Someonefromhellthey even show that the tunnel is established
SuperNullgotta love this, this guy wrote software that ALWAYS expects a voicemail box to exist..
Someonefromhell...they just forward nothing :P
SuperNullwhich never gets created for virtual/forwards.
SuperNullso in portions it just fails cause.. fails.
kmcelroy13600s? the AP or the router? :P
Someonefromhellme3600x
kmcelroy1or that, :P
kmcelroy1weird, you would think that could do l2tpv3
routerprodoes anyone know if you can change a PPPoE dialer interface username/password , will it drop the connection? I can't remember if pppoe does auto only on initialization or all the time
kmcelroy1i would think if you pulled the u/p it would drop it
kmcelroy1but if you have to change that, it would probably not be up anyway
routerproit is up currently
kmcelroy1then don't change it?
routerproits weird
routerproits wholesale dsl
SomeonefromhellI would think it won't drop
routerproits using the last mile providers user/pass yet the isp wholesaling is saying it needs to use theirs so they can view it
Someonefromhellhowever, if you're not sure, schedule a window
Someonefromhellif you're sure, schedule a window anyway
Someonefromhell^ golden rule of networking :p
eirirs_windows task scheduler
kmcelroy1really? i would think it would since it no longer has credentials, but i am not sure
routerprono other way in to the router unfortunately
routerproso i need to figure out how to make the change and not lose connection
kmcelroy1routerpro: smart hands
Someonefromhellhow about making another username/password and doing something stupid like, allowing both pap and chap with different creds on each ?
kmcelroy1or you could just EEM script the u/p change
kmcelroy1i have done that on things i will lose connection to, works well
routerproanother dialer interface you mean
kmcelroy1the script will keep going and finish the job for you while you are disconnected
routerproyea i was thinking that eem maybe
Titaniumthis assumes you wrote it correct
Someonefromhellno, on the same dialer, different pap and chap creds, it should try both of them
Someonefromhellbut eem works as well
kmcelroy1Titanium: well, you test it on something else first obviously :P
kmcelroy1but i have done things like that with eem before
Titaniumnot as obvious as you would think
routerprotwo dialers one interface ;)
eject_ckHi all
mepholicgod damnit
mepholici fucking hate sonicwalls
kmcelroy1agreed
kmcelroy1don't we all
circuit:)
kmcelroy1could be worse, could be a checkpoint
eject_ckI have switch: Cisco IOS Software, C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(55)SE7, RELEASE SOFTWARE (fc1). I can't get ipv6 working between my local machine and ISP when I'm using switch (I have no way to test it without switch because of Fibre Optic port). Q: do I need to configure anything specific to get ipv6 traffic working on this switch ?
kmcelroy1that is a layer 2 switch, so it shouldn't matter
pffsdunno, I remember my 3550 breaking ND
pffswhich makes ipv6 not work so well
kmcelroy1well, the 3550 is layer 3 and old as shit :P
pffsdon't hate on my 3550 :(
pffsit was cheap!
archuser2just make a dump and see what's going ot
archuser2on*
kmcelroy1by dump i assume you mean span the port and sniff :P
archuser2what for?
archuser2dump it on your pc.
archuser2check all those NS/NA/RS/RA.
russixeject_ck: make sure you're learning the respect MAC addresses per port & they're in the same VLAN. 'sh ipv6 int' can also give some ND hints
pffsdoes 12.2 have any ipv6 support?
eject_cksec
eject_ckyes I think
eject_cksh ipv4 int return empty line
eject_ckI don't need ipv6 on this switch
pffsit would be show ip int or show ipv6 int
pffsshow ipv4 int shouldn't even work
eject_ckI'm connected via usb cable :)
eject_ckusing console via tip
eject_ckhttp://pastebin.ca/2625134
eject_ckthis is my config
eject_ckI don't need access this switch via ip
eject_ckAgain I have ISP on GigabitEthernet1/0/1 and my router on GigabitEthernet1/0/28
pffsI mean, the IP portion of it shouldn't matter because it should only be looking at the ethernet header
eject_ckI have two vlans where 545 is IPv4 interface and 544 is Ipv6
straterraHmm..can you use Twinax/DAC cables to directly connect servers, without going to a switch first?
pffseject_ck: why do you have two vlans?
eject_ckwhen I assign ipv6 address to vlan544 on my OpenBSD router I don't see traffic between my router and ISP]
eject_ckwhere ipv4 works perfect on both interfaces
pffseject_ck: does your router have an interface on that vlan?
archuser2ipv6 mld snooping
archuser2where is trust on uplink port?
eject_ckISP LINUX box -> vlan544, vlan545 ------ FIBRE OPTIC ------ 2960S switch with FO port -> Cooper Port on server (router under OpenBSD)
eject_ckarchuser2: sorry I don't understand :)(
pffseject_ck: again, does your router have an interface on that vlan?
eject_ckpffs: yes
mepholichm
pffsdoes your switch show its mac address?
pffsI also don't really know why you need two vlans
nitramdamn.
pffsseems kinda dumb to me to segment ipv4 and ipv6 by vlan
eject_ckI've tried to assign IPv4 address on vlan544 (virtual interface) on my and on ISP side and it works
nitramucs, vm-fex, kvm
nitrami do a live migration of a vm
kmcelroy1pffs: that's cause it is :P
nitramafter first migration, traffic continues to flow in vm
pffskmcelroy1: if you don't have the ipv6 SDM turned on, will it break switching ipv6 packets?
nitramafter migration back, there is no more connectivity to vm
nitramany ideas?
Someonefromhellit is dumb
pffsIt doesn't seem like it should matter since it should never look beyond the ethernet frame
Someonefromhelland it will switch ipv6 frames just fine regardless of the sdm
Someonefromhellit might have trouble routing them though
kmcelroy1pffs: it shouldn't matter
pffsI don't think the 2960-S will router ipv6 frames no matter what
kmcelroy1since it is purely switching them, it shouldn't give a damn
nitramif i migrate a third time, the traffic to the vm works again
nitramafter the forth it stops
nitramit will only continue to work on the target host of the first migration
archuser2l2 multicast addresses are kinda different in ipv6
archuser2so it probably give a damn
eject_ck544 90e2.ba0e.f795 DYNAMIC Gi1/0/28
eject_ck 544 90e2.ba29.95a0 DYNAMIC Gi1/0/1
eject_ck 545 90e2.ba0e.f795 DYNAMIC Gi1/0/28
eject_ck 545 90e2.ba29.95a0 DYNAMIC Gi1/0/1
Someonefromhellno it won't
kmcelroy1^
Someonefromhellit might not do mld snooping
Someonefromhellbut that's pretty much it
archuser2hmm
archuser2well I run ipv6 over old l2 3com or something like that
eject_ckSomeonefromhell: I've added it during troubleshooting
archuser2but I never thought why 3333.* works...
SuperNullanyone know isc dhcp decent ?
gewtmulticast is evil
kmcelroy1gewty gewt, multicast is the future
gewtbut it's also evil
kmcelroy1taste the future
gewtTASTE THE RAINBOW
pffstaste mah balls
pffseject_ck: I'm assuming that those correspond with the correct MACs for each vlan?
pffsalso, why do you have two vlans?
eject_ckyes
eject_ckit was ISP's idea
eject_ckone vlan for ipv4 and one for ipv6
kmcelroy1sounds like an amazing idea
eject_ckwjy not ?
kmcelroy1i would ignore the ISP :P
pffsIt's a terrible idea
kmcelroy1also, why turn off spanning tree?
pffsDo you have any reason to segment devices into ipv4 and ipv6 only?
eject_ckboth vlans are using same physical interface on server (inet6 alias 2a01:d0:0:31::2 64 vlan 544 vlandev em0 )
mepholicdddddddddddd
kmcelroy1and there is the problem
eject_ckspanning tree ?
mepholicspamming tree
eject_ckI've disabled it during reoubleshoting
eject_ck:)
kmcelroy1same physical interface for 2 different vlans :P
eject_ckwhy ?
mepholic>Disable STP. network status = now in ruins
mepholicgj
archuser2anyway, did you dump it?
KenMatlockmepholic: only if you actually have a loop in L2, otherwise it really doesn't affect anything
archuser2and prolly debug ipv6 something on 2960
mepholicKenMatlock: yeah
mepholicmost simple networks are fine, but if you have an actual infrastructure
mepholicusually bad idea
eject_ckwell, I have ipv4 traffic working in this setup
eject_ckin both vlans
eject_ck544 and 545
eject_ckissue is only with ipv6
pffsyou probably won't be able to debug anything ipv6 on the switch because I don't think it'll actually see anything
pffsI don't think you can even turn on ipv6 on the 2960-S
kmcelroy1you can
kmcelroy1for management and shit
kmcelroy1it just isn't going to do any routing
pffsThat should require changing the SDM though, right?
kmcelroy1looks like it
kmcelroy1change that and a reload
pffsand I don't think the 2960-S has the ipv6 SDM
kmcelroy1but i doubt he needs that right now
kmcelroy1it says it does
kmcelroy1http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/15.0_2_se/configuration/guide/swipv6.html#wp1216524
pffsmaybe I misread the 2960 page
kmcelroy1the 2960 lite image won't do it
kmcelroy1but the rest will
pffshttp://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swipv6.html
archuser2ya keep talking about routing on l2 switch...
kmcelroy1no one is talking about routing
archuser2it should do mld snoopings and first hop security.
kmcelroy1we are talking about management
archuser2oh
kmcelroy1remember that part where i mentioned managment and not routing?
kmcelroy1that was good times
archuser2yeah...but who needs to manage switches over v6 through...
kmcelroy1people with IPv6 networks probably
kmcelroy1but besides those people, fucking no one bro
archuser2ipv6 only networks, I believe.
kmcelroy1you believe correct bro
worstadminmrw when I realize nothing in this cabinet supports netflow
kmcelroy1but those will never exist
kmcelroy1worstadmin: that is the worst, ha
worstadmin3560's, asa 5520's and 4948s
eject_ckpffs: Switch(config)#sdm prefer ?
eject_ck default Default bias
eject_ck lanbase-routing Lanbase routing
razorzHmm, if you hot plug in a CF card into an ASA5510 you need to reboot for it to be initialized?
kmcelroy1wait, the ASA should do netflow
pffskmcelroy1: I thought it was needed for the management too, dunno
drkatsup
pffscould be entirely wrong
drkatclappers to the front.. thats what I say
kmcelroy1worstadmin: http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/monitor_nsel.html#wp1132168
kmcelroy1maybe?
kmcelroy1can't say i have messed with it, but it should work
worstadminhmmm okay, trying it
SuperNullonline 'dating' is such a nightmare sometimes.
SuperNullchick is all cute..
kmcelroy1but crazy?
SuperNullfinish reading.. see 'MtF' .. LOL
kmcelroy1mtf?
SuperNullfucking .. male to female.
SuperNullis my guess.
kmcelroy1hahaha
kmcelroy1gonna get you a tranny?
SuperNullbet 'she' knows how to suck a dick..
kmcelroy1mouth's a mouth, right? :P
kmcelroy1just squint and you will think it is a chick anyway
SuperNullas long as they know when to keep it shut too
worstadminjust be gay
worstadmineasier
ehndeanyone know what setting to change to make commands typed in putty a different color from the command prompt?
ehndeit would make it easier to scroll up through output and see what i need to copy/paste
drkatwow
drkatcisco, trannys and putty oh my
SuperNullbring up trannys and drkat hes all excited
ehndelike mgeorge did here: http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-gns3-ethernet-nio-cloud/
drkati love me some trannys
ehndegreen prompt, blue typed text
drkatthanks for getting me into the lifestyle SuperNull
drkati owe you big time
SuperNullits all good.
SuperNulli put my nieros beard on for you baby.
nieroswot
void64ehnde: I can do that in secureCRT, not sure about putty
kmcelroy1ehnde: under window/colours
nieroslook at my beard, my beard is amzing
ehndegood point,maybe it's not putty?
kmcelroy1should let you adjust each color individually
nieroslol, I was just asked to put together an upgrade plan for all of our customers network gear
nierosSoooo
nieros100 customers
ehndekmcelroy1: yes, maybe it's cursor text
ehndeACTION tries that
kmcelroy1nieros: have fun :P
nierosand at least 20 different vendors
kmcelroy1ehnde: yea, not sure which one is correct, but it should be there. let me know when you find out :P
nierosannnd drink and drink and drink and drink
noirsI have CCNP 1
noirsanyone impressed?
Plazmanoirs: nope
kmcelroy1what is CCNP 1?
drkatthe #1 CCNP
drkatduh
drkatlike AND 1
kmcelroy1apparently
Plazmaoh i thought he left in shame
Plazmabecause he should have
myndhaven't heard of AND 1 in years
drkat5th homocide of the year so far kmcelroy1
drkatwe're chugging along nice
kmcelroy1always good
kmcelroy1go ahead and get them knocked out before i get there
void64ehnde: I'm pretty sure that text color is echoed back from the remote side as terminals are generally full duplex, so the color codes would have to come from the terminal side, not the client… but there may be some magic putty can do
drkatso i started watching "The Following", pretty bad ass
drkatvoid64 wtf are you talking about?
mynddrkat: it's pretty good yea
ehndevoid64: yeah i couldn't figure it out, you could be right
drkatmynd - I think its amazing..
drkatwatched like 8 episodes over 24 hours
void64drkat: the text you type comes from from the device… not from the terminal program… consoles are not half duplex
void64so the ansi color codes are sent by the device, not the terminal emulator
drkatare you developing something? or is this "good to know" info
mynddrkat: idk, i really like it for the most part, but in the first season, it seemed like there were plenty of chances (that were barely missed) on both sides to end it
myndguess i got annoyed by it, but i'm sure that's just TV
drkatmynd I havent gotten there yet. I see what you're saying though
drkatit may have been a good mini series
drkatcuz I cant see it running 10 seasons
drkata movie even!
myndthink it would have been a great movie, indeed
myndor "may be" even
drkatkevin bacon aged terribly
myndyea he did
drkatof course that's what booze and coke does to a man
noirsokay :(
pffsanyone had issues installing CCX Editor in Windows 7?
ReverendDSGot a question for you fine folks. Can you think of a situation where layer three would cause a halving of circuit speeds?
pffsI think 8.6
drkati have not
drkati dont use ccx
void64ReverendDS: more info? could be several factors
ReverendDSI've got an EoC backhaul from a provider into my noc.
pffsI can't get the damn thing to install :(
ReverendDSOver a thousand endpoints.
pffsMight have to see if I can grab a newer version off Cisco
ReverendDSOnly this one endpoint is having a problem.
pffsIt crashes explorer
ReverendDSTesting off prem, to the CO shows that they see 1MB down on a 2MB down circuit.
ReverendDSThey swear that it's layer three.
ReverendDSBut I can't think for the life of me how that could be.
drkatwhats the upload?
void64ReverendDS how are they testing that throughput ?
ReverendDSdrkat: if that was directed at me, it's 2MB and is fine.
pffsJust looks like the upgrade files on CCO
drkatno half-duplex connections in the circuit?
ReverendDSvoid64: they run testing pattern on the loop.
ReverendDSdrkat: Confirmed as no.
void64ReverendDS: is it a bidi test or uni-directional test ?
drkatare they testing from your equipment or the demarc?
ReverendDSvoid64: Checking now. Looks like uni
ReverendDSdrkat: Both, plus CO.
drkatwell then why arent they fixing it?
drkathow is it l3 and your problem if its at the CO?
ALucaskmcelroy1: do you remember talking about site to sites and using natting to public IP's to prevent overlapping?
ReverendDSExactly my question.
drkatsounds like they're giving you the run around
ReverendDSThat's why I wanted to run it by you guys... because I thought I was going crazy.
drkatwhos the carrier?
ReverendDSMegapath
drkati thought we had a guy in here that worked for mp or something
pffsguhhh I want to export the list of registered devices from RTMT and I dunno how to copy
ReverendDSI've got one tech on this ticket swearing it's not a Layer 3. The rest of them all swear it is, except the field tech who did the testing.
void64If you're running a uni-direction test between two points on the last mile circuit, between routers, not through routers, how is that a L3 problem?
drkatpffs eh?
ReverendDSvoid64: Thank you for confirming I wasn't losing my mind.
drkatvoid64 exactly, typical carrier
pffsdrkat: trying to pull a list of registered devices
pffsI can do the devices search in RTMT
drkati thought you could do that without rtmt
pffsbut it only shows the first 200
myndALucas: that's a good way to ensure no overlap and is the way i've normally created L2L vpns
pffsReporting shows configured device counts
void64EoC sucks. they probably have that leg oversubscribed to hell and back
kmcelroy1ALucas: yes, vaguely
void64TWC does it all the time
drkatits like frame all over again
drkat"how many customers can we put on this "
void64drkat: well hopefully not that bad lol
drkatwow that many? ;)
ALucaskmcelroy1: I'm thinking about doing a big nat rule for everything local to a random public ip range, and apply it to the site to sites that need it, is that stupid?
kmcelroy1should be ok
drkathmm
drkatCLEC or LEC
void64I know some people, all they can get is EoC, but understand what you're getting…. you're shared until you get to the node… so depending on how many subs are on that leg off the node, it's a crap shoot… but if their SLA says you get it, hold them accountable
ReverendDSYeah, that's what we're doing.
kmcelroy1ALucas: just to clarify, when you say random, do you mean random you own or random like you just take someone else's? :P
ALucasoh random as in russian ip range...haha
ALucasno i'm kidding.
pffsdrkat: do you know of a report that lists currently registered devices that I can export?
drkatpffs cucm 8 right?
pffsor sartan_ or tanner
oister1pffs: i wish it could do that
pffsyeah 8.6 I think
tannerpffs RIS does, probably pull it via SNMP
drkathmm no idea
pffshrm
tannerpffs ccx editor should work in Windows 7, you may have to set compatibility mode for XP SP3
pffswould it show model numbers?
pffstanner: tried that, it doesn't even start the installer
pffsI might need to reboot and try again
pffscan't even kill the installer, just chilling in task manager laughing at me
void64argh IPv6 PTR's are going to be a pain in the ass
SuperNullthats our next big project .. dat 6.
SuperNulljust been to lazy to get it all going. heh.
mepholicogod
mepholicfullscreen rdp on linux ._.
void64Well dual stack routing is the easy part, last mile customer CPE shit.. forget it… and DNS PTR's are going to be nearly non-existent except for server hosts
SuperNullyeahhh
SuperNullim not to worried about 'core' stuffs.
SuperNullwe will only provide 6 to enterprise at first anyway im sure.
void64We've actually got v4/v6 dual stack working down to the ONT level pppoe… all good there… customer device however is a crap shoot
SuperNulloh god PPPoE.
kmcelroy1glad we don't have residential customers :P
SuperNull;)
drkatim gonna fucking croak
kmcelroy1all enterprise and other carriers here
SuperNullim glad we only use PPPoE for our wireless system that cant do l3 auth.
drkatnetscreen? seriously..
SuperNullhey.
SuperNulli like our SSG.
void64pppoe has always been fine for us… if you deploy it correctly
drkatthis thing is OLD
SuperNullits okay.
drkatso I guess this customer has a netscreen and a sophos utm, one terminating a dual frontier connection and the other with a time warner 'dmz' connection
SuperNulljust annoying that it is required perhaps
drkatwho designed this...
kmcelroy1haha
void64Gives us a lot more flexibility on the provisioning side to just push down attributes to any connection
SuperNullour old wireless area uses a 7206 for dat PPPoE .. it works well
kmcelroy1netscreen seems to be near universally hated
SuperNullav-pair stuff void64?
drkatthis is a fucking pain
drkatgonna have to go on site for this shit
drkati dont wanna leave the house
void64yes, acl's, statics, subnets, service policies, etc
SuperNullnice.
kmcelroy1drkat: find some smart hands :P
SuperNullthat does workout well for that kind of stuff..
SuperNullfor us it means we have to develop all that for our systems.. if they dont do it like that.
SuperNullex: our new radio system
void64Well we have a test out there that even makes it so no auth creds are needed, it will just auth off the agent-id of the ONT....
SuperNullluckily its radius, just custom attributes.
void64so username/password not needed and are arbitrary
SuperNullthis is for C7 mainly right?
void64I've always found DHCP is more management heavy as far as scopes and scaling
void64Everything we have is PPPoE, very little DHCP
drkatso i was sleeping the other morning and my 1yr old starts hitting me and her diaper is off.. and the diaper is next me.. full of shit!
drkattell me it aint time for a fucking potty
kmcelroy1just stop feeding them, they will quit shitting
circuitummmm
drkatyeah that works too
SuperNullPPPoE is way easier to lock down for sure.
SuperNullraw L3 requires.. shit.
SuperNulllike secure arp
SuperNulldhcp authed arp
drkatoh you guys and your nerdy talk
SuperNullyour just mad your not getting cuddles.
kmcelroy1SuperNull is touching himself
drkati am..
void64yeah and IPv6 will add new challenges to that with first-hop security and people fucking around
SuperNullyep.
SuperNullhopefully they have secure arp for 6.
SuperNullheh.
void64good luck with that, secure ND ? sure… lol
kmcelroy1SuperNull: arp...ipv6...bwah?
SuperNullarp is irrelevant for 6 ?
kmcelroy1it doesn't exist :P
kmcelroy1that is neighbor discovery
SuperNulloh shit. LOL
void64Currently PPPoE VI for V6 will use a pool for /64 to a WAN interface, SLAAC to the customer and then RADIUS attribute and/or DHCP prefix-delegation if the client requests it
kmcelroy1damn son, time to drink some coffee :P
SuperNulltells you how much i play with 6 so far LOL
drkati play with a solid 6 all the time
drkat... dice
kmcelroy1penis
drkatthat too
void64In testing, Windows 8.1 works fine dual stack/BRAS PPPoE… perfectly (which is a surprise)
drkatcuz you know..
drkatpenis is good?
void64OS X is broken PPPoE dual stack
kmcelroy1your boyfriend has a 6er?
void64you need a ppp script for it to work
drkatkmcelroy1 yeah, tell your dad I think the operation went well
kmcelroy1cool
SuperNullfuck running the PPPoE Agent on PCs.
kmcelroy1he will be happy
SuperNullwe did that.
drkatill send him to SuperNull
drkatsince he's into that m2f online dating shit
kmcelroy1SuperNull likes the trannys
drkatwww.plentyofts.com
kmcelroy1you the pitcher or catcher SuperNull?
void64SuperNull: yea we don't do that normally, usually a router is in place, does the PPPoE and then it's all native IPv6 prefix delegation and SLAAC behind the router… that's the cleanest deployment
drkathe's verse
kmcelroy1ha
void64SuperNull: but it does work
drkathe's a little bit country, little bit rock n roll
kmcelroy1bwaha
drkatwhats funny is he isnt THAT far from me.. so he technically could kill me
SuperNulldrkat void64 is even closer to you.
drkathe on my street?
kmcelroy1i will be there in june, so i will come shit on your lawn
drkatkmcelroy1 Ill be moved by then
SuperNullkmcelroy1 make sure to eat ice cream all day.
drkatthank god
kmcelroy1ha
drkatkmcelroy1 - Coming to the hilton carnival?
drkat:P
kmcelroy1shit, frozen custard bitch
kmcelroy1abbots
drkatget your white hots
kmcelroy1and a white hot
drkatyou gotta try dogtown
drkatits on Monroe
void64supernull: Orly
drkatwww.dogtownhots.com
drkatvoid64 where in NY
void64Albany
kmcelroy1fuck, i have to get an abbotts cone
drkatahh he's still 5 hourrs
drkatheh
SuperNullwe will team up.
void64Well it's not 5 hours to Hudson/Catskills, so he's not closer
kmcelroy1drkat: guess that means i am on your side then drkat, ROC unite
drkatfo sho
SuperNullPACKET WAR!!!!!!
drkatits not uncommon for SuperNull to want to tag team a guy
drkatbut damn..
pffsguhhhh ccx editor why do you hate me
kmcelroy1ha
kmcelroy1i will crush you SuperNull :P
tannerpffs the force is not strong with you
tanner:)
SuperNulldrkat keep your dreams to your self
pffsfo reals.
pffsI even tried rebooting
SuperNullunless they include kmcelroy1s hot /slutty cousin
tannerpffs what are you trying to do with uccx?
pffsset compat to xp sp3
pffsmodify a script
kmcelroy1SuperNull: my slutty cousin is in Florida again i think
kmcelroy1she bounces all over
drkatkmcelroy1 bring her to roc with you
kmcelroy1destroying men
drkatill show her a good time
kmcelroy1ruining lives
SuperNullis there a queue for that kmcelroy1?
kmcelroy1probably
SuperNullif so is there a policy for that queue..
drkati am in queue
void64lmfao
SuperNulli dont want to get tail dropped
drkathaha
kmcelroy1she apparently has the magic puss, cause they keep coming :P
drkathmm
SuperNullliterally.
pffsSuperNull: probe then discard?
drkatis she hot
kmcelroy1she was a stripper
kmcelroy1i will leave it at that
drkatin florida?
kmcelroy1i forget where
pffspics or gtfo
SuperNullkmcelroy1 how old is she?
drkatyeah tits or gtfo
kmcelroy1like 30 something now
drkatdamn.. just my type
drkatwashed up stripper
SuperNullthats getting old for a stripper.
kmcelroy1haha
void64you mean used up
SuperNullshe got money?
kmcelroy1she doesn't strip now, she is in the business of using men now
drkatvoid64 right, they never wash
void64yea she got your money
drkatkmcelroy1 can I write her an IOU?
kmcelroy1she is a nutcase
kmcelroy1she gets the DTs if she doesn't drink :P
drkattake out "ruined life" on credit
kmcelroy1she is a clepto
void64a #cisco train
drkather name is Anna DTF
kmcelroy1so watch your shit
SuperNullw00t w00t
drkatkmcelroy1 damn yo
SuperNulli hate fucking clepto bitches.
kmcelroy1she has a kid
SuperNullmy roommates EX GF is a fucking clepto
SuperNulland she even took my shit
kmcelroy1don't worry, she doesn't take care of it :P
SuperNullwtf.
kmcelroy1yea, she is pretty messed up, ha
drkatwow
drkatwhat a woman..
kmcelroy1we used to hang out a lot when we were kids, but she went looney tunes when she got older
void64you can't afford her cocaine habit in other words
SuperNullkmcelroy1 is her daughter legal ?
kmcelroy1i think her daughter is like 3 or something, ha
drkatSuperNull so only in china
SuperNullvoid64 sounds like she needs something more parent friendly.. like meth.
drkatnothing teams up better than meth and disney flicks
SuperNulltrue.
SuperNullfantasia
drkatfucking All dogs go to heaven
SuperNullbecomes synthesasia (spelling?)
SuperNulloh man.
SuperNullold school.
drkatand WOAh dont talk about the sequel
drkatCharlie aint dead
SuperNullwhat about the final video 'god doesnt like animals so fuck you'
drkatfunny how there wasnt a single jew in those movies ;)
SuperNulldrkat not true.
SuperNullall the guys taking money from the revenue were jews.
drkatheh
kmcelroy1SuperNull: aren't they always? BOOM
SuperNullanyone else get freaked out by the packetlife bald guy?
void64Jeremy ?
kmcelroy1not really, ha
SuperNullkmcelroy1 true.
kmcelroy1he seems ok
SuperNulljeremey.. yeah.. lol
SuperNullkinda reminds me of my cousin..
SuperNullif he didnt waste his life on cocaine and loose pussy.
kmcelroy1sounds like a good time
SuperNullmmm.
void64must have been a rock star
SuperNullmy roommate is figuring out quickly how his past 'good times' are hurting him now as an 'adult'
nitramarg
SuperNullnah.. but drugs def loose a bitch up around this area.
nitramwhat is wrong with this vm-fex setup
void64By the apparently FU tattoos on his forehead?
SuperNullvoid64.. he got caught underage doing petty theft at a job when he was 16..
pffssartan: make uccx not hate me
tannerpffs don't suck at it
sartanok, poof
SuperNullhes not 26 and everyone is taking a shit on his chest for his previous bullshit
sartantanner taught me a lot of stuff about uccx
pffsI can't even install the damn editor
sartan<uccx noob
SuperNullsartan: did he explicitly teach the 'dont hate me' script ?
tannerUCCX makes up 90%+ of my business :)
void64Has anyone played with VMware NSX yet ?
SuperNullNSX?
SuperNullis it sponsered by japanese ?
void64If it does what they say it does, might be pretty cool
kmcelroy1ugliest sports car ever?
void64VMWare's first iteration of SDN I guess…
toastrit's not that ugly
SuperNullkmcelroy1 dont anger the nieros lol
kmcelroy1SuperNull: meh, he has to know how ugly it was :P
kmcelroy1and slow
SuperNulli remember when just deploying non VMed shit was a pain.
kmcelroy1it was gayballs
SuperNullnow dis vmware.
pffsoh hay, I got it to crash that time
SuperNulli have some VM-regrets
pffsthat's a start
void64Is it me or has all this virtualization shit taken complexity to epic proportions…. damn
SuperNullspecifically that i wasn't expert level vmware when i did the first vmware project.
SuperNullvoid64 .. network + servers at the levels were at have taken it to extremes.
void64These fucking devops guys lol
void64server virtualization isn't good enough, we want to fuck up the whole network with a single script :)
SuperNullall our IPTV is vmware so if something borked we could easily move it.
void64Don't get me wrong, we virtualized 90% of our servers and VMWare with vmotion and storage vmotion is the shit for failover and migration
void64not buying into the whole SDN thing yet… you want to trust web programmers to control your network? … the same ones that have security holes in their applications you can drive a truck through most times… sure… i guess. lol
toastrevery time i hear devops i think devops_borat on twitter
kmcelroy1seems like a good idea
drkatim ready to quit.. devops will rule the world
drkatand we'll all be assimilated into a script
drkatbut...
void64I watched the whole NSX thing and seems neat and you can contain it to certain physical and logical topologies…. it's the whole "can control major network components" thing that bothers me
drkatDev Ops: Seemed like a good idea at the time
void64devops: a meeting of the minds
SuperNullvoid64 the NSA wont touch it .. thats for sure....
void64Guy that works here has some monthly devops meetings here with other local dorks
drkatshit i missed the money train
void64several times lol
drkatyeah i'm always late for it
drkathence why im not in trend analysis
void64money goes to money
pffsmoney is cohesive above a certain threshold
drkatwhich is
pffsunderwhich it is adhesive
drkatI hear 70K is the magic
kmcelroy1magic what
drkatthe magic #
drkatfor cohesiveness
void64what
kmcelroy1neat
pffsfor moneyballing
drkatof course I'd like 1M
void64hows that
pffsdunno, 70k seems like it'd die pretty fast
drkat75 sorry
pffsand not a huge interest return
drkathttp://blogs.wsj.com/wealth/2010/09/07/the-perfect-salary-for-happiness-75000-a-year/
void64you mean 70k income or 70k as in having a big wad of money to spend/invest?
pffsOh, salary
pffsI thought you meant wad o cash
drkatoh no
drkatwad o cash of 75K?
drkatthats going in a g-string
void64lmfao
void64that'd be a big ass gstring
pffsjust one?
kmcelroy170k would die fast? shit, you could turn that into a lot more cash :P
kmcelroy1especially now
tannerat 75k/yr I might hang myself
circuithookers and blow are the way to go
drkatcircuit of course
pffsI'd be excited to get 75k/yr
pffsthat'd be awesome
void6475k might be ok in Farmville, WI
pffsACTION is so poor
kmcelroy1i'd be annoyed, cause i would be making less, ha
drkattanner move somewhere cheaper :P
circuit75k is an amazing salary
noirsI don't need money
kmcelroy175k is ok
void64Fuck in NY 75K is border line po
oister75k buys a lot of heroine
pffsnoirs just takes what he wants
pffsgives nothing back
noirshaha
drkatvoid64 in albany?
void64anywhere in NY
drkat75K in Rochester isnt terrible
void64unless you live in rural adirondacks
void64in which case you're driving a year to get to work
mikejones2553afternoon all. i'm having a hard time trying to put into words for management why a large layer2 isn't so smart. i wonder if you all could help me find the right phrasing
noirshehe
kmcelroy1mikejones2553: broadcast storm :P
void64fuck man, I got a friend who live in FL, no state income tax and his property taxes are half of mine on an assessment thats 3X more than mine
kmcelroy1but in general it sucks
mikejones2553kmcelroy1: "but we can turn on storm control"
kmcelroy1i have a legacy layer 2 network that spans the country and it sucks nutsack
kmcelroy1have to have trunks all over, makes my life a pain in the ass
kmcelroy1have to deal with spanning tree
void64mandates in NY kill property owners
kmcelroy1it is dumb as shit
kmcelroy1and i hate that it was designed like that, so we are migrating from it shortly
mikejones2553kmcelroy1: "but mc-lag says we don't need spanning tree"
mikejones2553(i don't agree with either of those statements btw)
kmcelroy1mc-lag?
mikejones2553for me the biggest issue is, when there's a problem, i can't find it quick
mikejones2553multi-chassis lag.
void64hahaha right
mikejones2553vpc/mct/vlag. lots of names
kmcelroy1yea, hashing is awesome to load balance :P
kmcelroy1fucking routing is where it is at
mikejones2553"but how is ecmp any different"
drkatvoid64 hows the job market in albany
kmcelroy1the control you gain is so worth it
void64drkat: great if you're a short order cook or a lawyer
kmcelroy1i can't wait to get rid of this damn layer 2 network i have to deal with
drkatRochester isnt much better
kmcelroy1the only other stopping point is the damn SPAN network they use for SIP monitoring
void64drkat: albany is the political cesspool of the state
tannerhah
oisterwe have a large L2 network and its really starting to become a problem for growth
void64though few tech companies now in saratoga county
kmcelroy1oister: it always is :P
mikejones2553oister: how so?
drkatvoid64 hmm
drkatSaratoga is nice
drkatmy sister in law went up at skidmore
oistermikejones2553: adding a new network requires adding a vlan to a bazillion trunks
void64drkat: Saratoga is great if you can live *and* work close by
void64if you live in saratoga but commute to Albany, it's a nightmare
drkatlotta old money in saratoga
oisterand now that everything is virtualized they are spinning up networks like crazy
mikejones2553oister: i can see that. we don't add new networks often
void64I gotta get the hell out of NY lol
oisterwell if you do it will become a big pain
void64F this place
circuitcanadia!
drkattell me about it
mikejones2553void64: head west :D
drkatfucking NY is killing me
kmcelroy1you don't want to head west
void64I'm heading south
drkati hear NC is the place to be
void64NC, SC, FL or TX
kmcelroy1you don't want to go south either :P
circuitcanadia!
kmcelroy1texas and florida suck
circuitnorth!
Dalt0ncanadia!
drkatNorth Carolina nicca
mikejones2553circuit: why would i want to go to michigan?
mikejones2553*cough*
kmcelroy1texas is an arid desert wasteland that i can only describe as a living hell with shopping everywhere
drkatima go to ATL
void64Almost landed a job with Apple at their maiden dc in NC, but they didn't want to shell out for reloc..
void64cheap fucking apple and their billions
drkatyeah finding someone to relo is gonna be a bitch
void64and who the fuck are they going to find in maiden
tannervoid64 were you going to make >100k at Apple?
void64it's in the middle of nowhere
pffsvoid64: I almost took a job there
pffsbut it's so far from my house
void64tanner: yes.
pffsand wasn't paying that much
tannersounds like you made a bad business decision
pffslike 35k for a job 50 miles away
void64tanner: not really, I make over that now
pffsMight be worth looking into again when I'd be considered for something other than basic NOC monkey
tannerthen it sounds like you didn't want the job
mikejones2553anyone else care to interject on the benefits and drawbacks of a large l2 ?
drkatwish i made >100k
kmcelroy1there are no benefits to a large layer 2 :P
kmcelroy1just headaches
void64tanner: it costs like $35k to reloc by all said and done, apple has 100's of billions in cash, they could of at least givena sign on bonus to help cover some of it
oisterdrkat: tallest blade of grass is first to get hit by the lawn mower
mikejones2553kmcelroy1: ip mobility comes to mind as a benefit
void64A lot of companies do
pffsmikejones2553: if you make l2 big enough you never need a l3!
drkatoister that was deep
tannervoid64 what benefit is it to them to do so? and 35k to relocate? What are you moving, pallets of gold?
void64Had a job offer fro Cymru in Orland, almost took it, they would of paid like $20k to reloc, but the salary wasn't there
dextaevening
oisterdrkat: we had a guy here making over 100k and he was the first to get let go when times got tough
oisterof course he didnt deserve the $ either though
kmcelroy1oister: yea, but then they can go to the next job and demand similar salary
diozyou don't deserve $
void64tanner: $35k by the time you go through paying realtors, and it's easily $15-$20k to move all of your shit 1000 miles away
kmcelroy1you always want as much as you can get
diozsup kmcelroy1?
kmcelroy1yo
circuitvoid64: what kind of work are you doing now
oisterkmcelroy1: his skillset didnt demand that kind of $ though
oistersomehow weased his way into it
kmcelroy1meh, lots of people get overpaid :P
tannervoid64 weird. cost me less than $10k to move 3000sq ft of crap from NY to AZ
kmcelroy1we have had complete idiots getting paid 6 figures over and over
void64circuit: network architect for service provider here in albany
void64tanner; did you hire a moving company?
tannervoid64 yup
LeoloveHi, I am CCNP Voice and preparing for my CCIE Voice. Voice was always my first choice due to interest. I would like to follow other track as well now. So, which track do you think suites and create combo with voice?
void64tanner: damn man when was that, 1980 ?
tannerpacked, loaded, unloaded and unpcked
tannervoid64 2012
void64tanner; thats strange because I just talk to a guy who moved from Albany to AZ and it cost him nearly $20k
tannervoid64 don't use mayflower? :)
void64tanner: who knows
diozshould i have a beer at 11 in the morning?
MrJayPCJust hire a truck and do it yourself :p
tannervoid64 yeah, strange indeed.
oisterdioz: if you're on vacation go for it
diozfuck ya!
void64tanner: It probably wouldn't cost $35k in the end, but I'm sure it's almost $25k when all is said and done
diozi'm in calgary
circuitit's never to early to start drinking
diozgonna snowboard for a few days
diozbut it's cold as shit here right now
dioz-30 celcius
dioztomorrow is supposed to be nicer
tannervoid64 with having to sell a house, I'm not sure why you figure it will cost you anything, unless you are upside down on it; in which case that really sucks
oisterfuck that
oister-10:?
tannerit's cold here too, ~53F :(
void64tanner: I'm not upside down, but realtor still gets 7% off the top, so on a $250k house, thats a big chunk
mepholictanner: lol
mepholicok
mepholicWHINE MORE :<
tannervoid64 yeah but you'd still be up, so it's not actually a cost (just less profit, presumably)
SuperNullwalk to convience store, co-worker tells me of story of his friends being high on MDMA, calling up 2 hookers that cost $120 total, ending night with limp erections unable to do anything anyway.
void64tanner: I agree, but still; apple still could of done something I think. But hey, if thye think they're going to pull someone experienced out of Maiden, go for it; or find someone close, maybe… who knows.. It was a wash in the end for me, so I decided it would probably be more of a PITA at the time
SuperNullW T F.
kmcelroy1SuperNull: those are some cheap hookers
tannervoid64 yeah
SuperNullthats what we both siad..
drkatvoid64 wut u do
SuperNullwhat kind of 'quality' do you get for $120
SuperNullfor 2.
kmcelroy1the best?
SuperNullheh.
SuperNullthe best Down town albany can buy
SuperNullACTION leers at void64
drkatgood
circuit60 a hooker?
circuithave fun with herpes
SuperNulli think so circuit.. not sure.. if volume discount
void64haha, you don't want none of that up here, your shit will fall off
kmcelroy1well, you don't bareback a $60 hooker
circuityou dont fuck 60 hooker regardless
diozdid you guys know that carp isn't like vrrp or hsrp ?
diozit isn't like it at all
SuperNullcarp is a fish.
diozthere are infact no similarities
kmcelroy1make sense
diozi just wanted to share that
kmcelroy1thanks
kmcelroy1i will treasure it always
diozACTION hands the feather to kmcelroy1 
diozyour turn to share!
kmcelroy1what should i share?
SuperNullvoid64 if i ever get your name im sending the $60 hookers to ya.
SuperNulllol
SuperNulljk
dioz$60 hookers with the snaggle teef
void64Im sure there are a lot of them about six blocks from here….
kmcelroy1teef are when they don't touch
SuperNullsix blocks?
SuperNullyour not on pearl ?
circuiti cant fathom bagging a $60 hooker
SuperNullyou're.
diozblackberry pearl
circuitmakes me cringe
void64Yeah, downtown Albany is surrounded by bad areas lol
SuperNulloh i know.
diozOH kmcelroy1 share something about SAN
void64Yup, i'm right downtown
diozi'd love to know stuff about SAN
void64next to the arena
SuperNullyou know where L3 is on washington ?
SuperNulloh god void64.
void64194 washington
diozdid i tell you i got a proliant 380 with 6 x 300gb 10krpm scsi drives?
diozsomeone gave it to me
kmcelroy1i heard SAN means storage area network
kmcelroy1that's what i heard
Voyagehi
void64we have a 10G that goes up to 194 Wash for L3
SuperNullvoid64 i had to go there early early am one day for a software upgrade/card or some shit
SuperNullscary night.
Voyagehow can the communication be secured for peer 2 peer via cisco mediasensse ?
void64Thats up by Lark Street
SuperNullwe used to use L3 for one of our uplinks
diozi need to poor he beer into a cup
void64That place is bad
SuperNullyep.
diozcause if the old lady sees i'm drinking a beer this early in the morning
diozshe'll black the fuck out
SuperNullvoid64 during the day its more business..
SuperNullat night.. the corn rows come out
void64LMFAO yup
Riker0x00b1no
SuperNulllark isn't horrible by bombers usually..
void64and on the weekend it's like a ghosttown down here, I swear I saw a tumble weed down here one saturday
SuperNulldont go down the lower side streets heh.
void64Yes, at night all the critters are out
SuperNullplus there is a half way decent smoke shop across from dunkin lol
void64if you go north of state street, you better be armed to the teeth
SuperNullvoid64.. you know where 'the bayou' is ?
diozi think i want some fucking eggs and bacon and a beer
SuperNullhey we both got pistol permits so..
void64Yup, it's not the Bayou anymore
SuperNulloh really ?
SuperNulllol
SuperNullshit man.
SuperNullwell anyway..
SuperNullwhen it was..
SuperNulli used to smoke cigs so i went out for one in the freezing cold...
SuperNullmass hysteria after 10 seconds..
SuperNullsome black guy.. came up to some 'random' supposedly.. and stabbed him directly in the neck. dude died and was bleeding everywhere
void64dang
void64when was that?
circuiti highly doubt it was random
circuitrandom acts of violence generally dont transpire
circuitit's usually targetted
pffsdrkat: I ended up just copying and pasting the devices->phones menu into excel and pivot tabling it
ehndecan you change MTU in gns3?
void64I remember when they closed down the Pearl here, they busted it for like 40 underage kids drinking there
ehndei am getting this: % Interface FastEthernet0/0 does not support user settable mtu.
pffsNow to figure out wtf is wrong with the CCX editor...
SuperNullmm prolly 5 years ago
pffsI may just find an XP box and install it there
tannerpffs sounds like operator error :)
SuperNullwait...
SuperNulllonger.
pffstanner: probably
void64ehnde: I think you can only change it if the emulated software allows you to
SuperNullmy exroommate wasn't knocked up yet.
pffsActually I think they have a Unity server, I could install it there
SuperNullvoid64 we pretty much stick to bombers, then cafe hollywood after for drinking if required.
SuperNullyou ever meet any of the firstlight women ?
squibbylooks like Lync has no intercom function
squibbythat's going to piss some people off here
SuperNullWe're still trying to determine if any of them are hot.. cause they sound hot (they sound semi-dumb)
drkatvoid64 you work at an isp?
void64SuperNull: Only one, our sales rep
void64drkat: yes… ILEC consortium of ISP's
SuperNullhes owned by dat lec.
SuperNulls
drkathuh?
void64several lec's
drkatyoure a consultant?
SuperNullits kind of an interesting situation
SuperNulli cant think of anything like it .. around this area but im sure it exists else where.
void64no we are a consortium, LLC, we work for all of them
drkatoh gotcha
SuperNullthey make it easier for small shit telecom companies to offer broadband ;) lol
void64We do all the broadband aggregation, transport and internet access for all of them
void64SuperNull: pretty much. They do the last mile we do everything else
void64Been deploying several ASR903's in some of the smaller service areas, been working well
SuperNullvoid64 im surprised you guys dont have an IPTV offering for them (yet) ?
void64SuperNull: We kicked around the idea several times about a central headend, but they couldn't agree on lunch so ...
SuperNullprobably a nightmare to do with support tho
SuperNullTV has the most shitty problems btw.
void64SuperNull: everyone wanted to do something different… MPEG4, MPEG2, etc… whatever… video is a mess… when it comes to any other than transport I'd rather not deal with it
SuperNullwhy you wouldn't do mpeg4 as a new deployment is .. completely retarded.
void64SuperNull: plus all the licensing, retransmission agreements, franchise agreements, etc. F that
SuperNullother than possible transcoder costs
SuperNullvoid64 yeah. these guys have been around since the 70s so .. they have been 'eased' into all the bending over
void64Well part of the problem is that some of them already had HFC plants with MPEG2
void64so they're like "we don't need MPEG4"
void64Whatever
SuperNulllol
SuperNullthey probably are thinking RF overlay..
void64They are
SuperNullas in .. they gotta upgrade all their set tops
SuperNullfuck that. run iptv new.
SuperNullwe have that issue also.
void64Like I said, I stay clear of that, video to much politics for me
SuperNullour HFC is mpeg2 and all the 'classic' STBs are mpeg2 only.
SuperNullonly the newest stbs are mpeg4 capable so we have millions in mpeg2 stbs
void64so now a few of them deployed their own MPEG4 headends, all IPTV and it works, but now they don't know what to do with it… lol
void64They forgot the sales, marketing and support portion of it
void64lol
SuperNullsupport is the biggest.
void64I'm sure
SuperNulliptv requires real knowledge.
diozall i know is that carp is nothing like vrrp or hsrp
diozthat is all i know
SuperNulldioz but can you get 2 hookers for $120 at 10am on a saturday.
void64There is no money in video unless you can sell mass quantity, it's all about scale
SuperNullvoid64 im told the money is in on demand services.
diozWould spraying LYSOL on the genitals before and after sex prevent the transmission of HIV/AIDS from one partner to another?
SuperNullbe it porn (lol people pay for it?), new video releases
dioz LYSOL is advertised as killing 99.99 % of household viruses and bacteria.
SuperNulldioz part of me thinks you tried doing inhalents with lysol.
circuitdioz: i dont think it works like that
diozmustard gas
Harlockdioz you have to spray it inside
diozinside what?
circuitlol...
Harlockpenis, vagina, etc
void64SuperNull: yup, on-demand and PPV
circuiti wonder what a google search of lysol vs aids would provide
diozHAH you said penis/vagina
diozACTION giggles uncontrollably
HarlockRECTUM
diozHAHAHAHAHAHA
diozdamn near KILLEDUM
diozi think i bring the average IQ of the channel down TBH
diozthank you guys for allowing me to stay
SuperNulldioz, in the great words of 'half baked': You have smoked your self retarded
diozfull-on retarded
circuityou never go full retard
diozoh?
circuiti heard it's like if you cross your eyes too many times they stay that way
diozreminded me of a joke "what's the hardest part about eating vegetables?"
dioz"the wheel chair"
circuitthat joke will honestly never got old
circuitlmao
circuitit's fucking terrible
circuitthough
SuperNullim biased to dead baby jokes
SuperNullone of my co-workers is totally .. a closet serial killer of babies
SuperNullso its relevant
void64What's one good thing about a pedophile ? At leas they drive slow by the school.
circuitlolol
circuit"the wheelchair"
circuitgood god
circuittoo much
SuperNullvoid64 i dont suppose you saw that video going around reddit of the cops planting crack in function submit911(&$request,&$user_id,$manual,$exten) {
SuperNull require_once('../lib/constants.php');
SuperNull $ds = new dashCSAPI;
SuperNull $exten = ((strlen($exten) == 9) ? "1$exten" : $exten);
SuperNull $res = $ds->addLoc("{$request->HouseNumber} {$request->Predirection} {$request->StreetName}",
circuitowned ^
SuperNullWOOOOOOOOOPs
SuperNullhow much of that did you get? LOL
void64up to $res =
shaunoodd place to hide your crack (5 lines)
SuperNullLOL
SuperNullyeah well.
SuperNulli pasted something accidentally
SuperNuller.. there was a smoke shop the schenactady that got crack planted by the police..
SuperNullbad news for the police was they got caught on camera planting it
void64Not surprised
shaunowhoops
SuperNullscumbag level police.
void64Consider the source lol
SuperNullcould be legitimately doing work, instead plants crack at legal shop
SuperNulli just hate NY period.
SuperNullthinking about NH or TX perhaps.
circuiti live next to a police officer
RedShifthey guys, anyone got AIR-CT2500-K9-1-9-0-0-FUS.aes?
void64NH is great…. if you don't mind this kind of weather
SuperNullcircuit i used to ..
SuperNullmade me paranoid if i ever smoked weed.
SuperNulli swear one day the cops were knocking on my door but i wasn't sure.. cause i was in a multitenant building.
circuityeah it fucking sucks
SuperNullthats when i started the my usual rule of 'if you knock your a cop' and everyone we know should just walk in
ReverendDSI implemented a "Knock and walk" rule.
void64good plan
ReverendDSKnock, wait for a 3 count, then walk in.
ReverendDSOtherwsie, I don't know you and probably don't want you in my house.
SuperNulleither way we dont answer if you knock
void64What if it's the pizza dude?
ReverendDSThe three count is so that if someone's fucking in the living room you give them time to grab a blanket or something.
squibbyI used to get knocks from the cops for domestic violence
squibbywhen the neighbors would be fighting and I'd walk over and slap the shit out of them
SuperNullvoid64 i live in Athens, we dont do delivery around these parts lol
void64SuperNull: I hear ya
RedShiftmmm pizza
SuperNullvoid64 a check from down town albany: http://i.imgur.com/zWPcR5H.jpg
gypsydangerwhat is the command for setting interfaces to passive by default and allowing ospf updates on active
gypsydangerlan
void64SuperNull: LMFAO
squibbygypsydanger: have you looked in the router ospf submenu?
void64thats great
RedShiftsubmenu?
gypsydangergot it thanks
RedShiftwhat is this, a GUI?
squibbyhey f ah you, you!
squibbyWHAT IS THIS, AN OSPF CONFIG FOR ANTS
squibby hey guys serious question
diozsrs
squibbygonna be installing a network with 2 ISPs (phone and data)
void64anyone working on ccde ?
squibbyI don't wanna policy route because that's gay
squibbyis this a good use for VRFs?
squibbyI don't really do VRF
RedShiftthat's not how VRF's work
diozvlans
diozstp
squibbybasically I just want to throw the data on a vlan and the voice on a vlan and then somehow those vlans have separate routing tables
RedShiftyou're going to need policy routing anyway, with or without VRF's
squibbywhy?
RedShiftyou aren't going to implement some kind of failover?
squibbyno this is a low budget sort of thing
diozlowendbox
squibbythey'll have sketchs for redundancy and scale out recommendations
RedShiftwell you can still do failover even with low end equipment
diozsell them the cloud IMO
diozthe cloud = full redundant
RedShiftyeah in that case VRF's would be OK
RedShiftit's actually pretty easy to do
squibbyso I can't somehow have two subinterfaces on a router facing a catalyst then just have a different default route for each vlan?
RedShiftyes you can have
squibbycool cool
squibbynot saying this is ideal
RedShiftyou can make subinterface member of a VRF
squibbybut every extra piece of gear we add gets this client closer to saying no
squibbyalrighty that's what I wanted to know. thanks
void64If you don't use VRF's you're going to have to get into ACL's and policy based routing…. VRF's would actually make it a lot cleaner and easy to manage
squibbythey run throughput intensive UDP applications on their data connection so there's no way in hell I'm supporting an ITSP on this
squibbyother times I've been able to get away with tcp shaping/policing to protect voip
RedShiftyou're going to need access lists anyway, void64
pffswelp
pffsinstalled CCX editor onto the worlds slowest win2k machine
void64RedShift: well yes, for admission control I suppose…. can't trust the customer to make the right routing decision? lol
RedShiftwin2k? Haven't seen one of those in ages
RedShiftadmission control? what about NAT, etc...
pffsThat's why its slow
pffsp3 maybe
void64RedShift: didn't know NAT was required… but I guess
RedShiftwell it's a cheap setup, so it's going to be a consumer DSL/cable line which uses DHCP and only gets you one public IP, etc...
void64Redshift: I didn't see those specifics in the initial question, so my bad if I missed it
pffsGod this server takes forever to reboot
pffsI think it may actually be server2k not just 2k
squibbyprobably a bunch of ROMs on the board that need to load
squibbystorage etc
squibbymodern HPs still boot painfully slow
SuperNullHP sucks.
RedShiftservers?
pffsThis was like 10 minutes slow
SuperNullwe got 1 server from them. i have much experience.
SuperNulllol
pffsI still haven't actually had the program start yet
pffsstill initializing
RedShiftHP boots pretty quick
pffsI might just make virtualbox xp install and do it there
RedShifthave you worked with an IBM server that has UEFI? those things are *pain*
RedShiftthose boxes take 10 minutes to get to the bootloader, it's ridiculous
MrJayPCo.0
RedShiftI shit you not
pffsI could probably install virtualbox and windows xp in less time than this will take to load CCX Editor.
MrJayPCThis old single core 1.6Ghz laptop I have boots faster
RedShiftthrowing money at the problem doesn't help
RedShiftthrowing HP at it, that does help ^_^
SuperNulli wish the netbook 'fad' stuck longer.. what ever happened
MrJayPCI have an HP Microserver here at home
squibbyman I was beside myself when I learned that you have to licensing the RAID level options on the onboard RAID controller
squibbyoh I'm sorry you want to actually create an array? pay us
squibbythis is when gen8s
DoxTheFoxsquibby, what hardware is this for?
squibby*with
squibbyproliant gen8s
DoxTheFoxThat would make my blood boil
MrJayPCsquibby, some companies just like to screw themselves over
Captain_matrix1841 with 64MB ram , can it do ips ?
squibbyCaptain_matrix: not if you value your experience
Captain_matrixhaha
RedShifthold on hold on, stuff is getting better at HP, I read this message:
Captain_matrixsquibby: can I take ram out of another 1841 and increase it to 128MB , will that be a better experience ?
MrJayPCThe lab my friend and I have started putting together is coming along nicely now the extra routers arrived
envirocbrAnyone here have some OTV experience
RedShift"Important note: HP ProLiant Server firmware access
RedShiftStarting February 2014, an active warranty or contract is required to access HP ProLiant Server firmware updates. View your existing contracts & warranties or get help linking contracts or warranties to your HP Support Center user profile. To obtain additional support coverage, please contact your local HP office, HP representative, or visit Contact HP. Click here for more information."
MrJayPClol
RedShiftI puked and shat myself at the same time when I read this
MrJayPCI just read 'We don't want to sell servers now!!!'
mastermindwtf?
envirocbrIf I have two Data Centers and I need to span a VLAN across them, VLAN 200, can I have an SVI on both sides? 10.100.0.1, for example?
envirocbrthe same SVI
jzu_well... jusr rhe same what happened when Oracle took over Sun Microsystems ;)
envirocbrI almost want to say no
SuperNullwhen did making a product mean you could bend over the customer because your software sucks.
pffsenvirocbr: sounds like an ip address conflict unless it's a VIP
jzu_SuperNull: since Oracle
SuperNullDAMN YOU ORACLEEEEEEEE
envirocbrpffs: No VIP, which is why I thought no
SuperNullgotta love the 'you never own the software' model.
MrJayPCSuperNull, annoyingly it's no different to cisco? :/
envirocbrpffs: I am in a very interesting situation right now
SuperNullcisco is bad with that shit too mrjaypc.
SuperNulli dunno if you remember the 4 days i was freaking out because of our 20gig connect not tunneling right.. ended up being sofware
jzu_Oracle has been killing Sun products quite heavily
MrJayPCThey wonder why so much grey market shit goes on.... well duh....
jzu_Sun Ray was discontinued
SuperNullsoftware cisco didnt want to talk to us for less than $1000 about
pffsenvirocbr: hsrp between them!
void64We gave up on Sun as soon as Oracle bought them. Everything Oracle touches turns to crap
pffsor something dumb
imemyself_envirocbr: we've used OTV. Typically for default gateways people use an FHRP
SuperNullnameless #cisco lover of mine 'donated' software to me and boom resolved.
imemyself_with FHRP isolation
SuperNullvoid64 makes me want to avoid MySQL for sure
jzu_void64: had shitloads of SPARCs?
imemyself_so that each site can have an active FHRP forwarder
jzu_void64: got M8000/9000 for me?
pffsAlthough I'm assuming you want to have the same gateway at each site but still have them talk to each other?
envirocbrpffs: and imemyself_: We're using OTV for migration purposes
envirocbrto gain an extra 5 days
void64jzu_: We had several Netras at one point… I think we only have one or two decomissioned ones left, most of them we were able to replace with UCS
envirocbrbecause we can't wait 5 days to move non-ciritcal servers until the Metro-E is here
void64jzu_: I think just a couple of Sunfires left
SuperNullanyone running Sync Ethernet ?
jzu_void64: right, know the models?
void64SuperNull: we are
SuperNullwhat are the benefits you are realizing from it .. ?
jzu_void64: I have +40 Fire's ;)
void64jzu_: let me look
razorzWe have like 10 Sun boxes in the corner here, pretty much scrap
razorzI think we sell the power supplies and hard drives from them, that's all, not worth shipping
imemyself_envirocbr: are you using an FHRP within each site?
SuperNullwe only have Sun stuff we were forced to buy into due to CATV vendors
void64SuperNull: We're just using input from BITS to carry that signal around the metro core and some transport to cell tower… but right now as I know it' they've not required timing from us
envirocbrimemyself_: No, our old "DC" is a hot mess
void64SuperNull: at least not over the Ethernet
razorzSunFire V240, V440
void64jzu_: Sunfire V245
SuperNullCell people pay buku.
imemyself_can you enable HSRP during the cutover?
envirocbrwe have a 4510R which is so old it only runs Telnet
ralfiboyso is there a way to express a BGP as-path ACL that allows you to pad the AS path w/o updating the BGP peer?
envirocbrand the MSTP instance doesn't work with my other, newer, 2960s switches
envirocbrimemyself_: Nope
ralfiboy... only thing I can think of is two lines -- ^ASN and ASN$
envirocbrimemyself_: THe IP shema is screwed up
envirocbrBut I guess I can take a look at that too
envirocbrI mean, they have to be L2 adjacent
envirocbrBUt I see your point
envirocbrI can switch the active members as need be, correct?
ralfiboywhere ASN is the same value ...
imemyself_hmm. Even if you were able to isolate the traffic, I think you'd potentially have issues with the ARP cache on hosts
imemyself_if the default gateway's MAC is changing
void64SuperNull: Also I'm not sure how it works between vendors, luckily in our case it's all Cisco ASR's (9K or 901/903's, so they seem to sync up well over the network) Not sure about these one offs or what SP's have at the tower
SuperNullvoid64 do you guys use any NIDs ? like accedian or what ever?
SuperNulltrying to find some people who use it other than the cell customers directly..
imemyself_with FHRP isolation, usually there'd be one active member at each site. You'd have to remove some ACL's if you wanted hosts from one site to hit the router from the other site for outbound traffic
void64SuperNull: We do not, but the last mile providers are using Accedian that much I know, but I have no experience with them
envirocbrimemyself_: I drew it out, I'll probably lab that up
pffswelp, tried installing it on server 2k and server 2k3, just sits there
void64Accedians have all that SLA crap VZW wants to see
SuperNullvoid64 im looking into some NIDs for our peoples.. mainly for remote testing abilities and all that.
SuperNullyep
SuperNullwe have these nice ethernet 'service level meters' basically hand held gigabit traffic generators with BIT testing, RFC2544, lots of stuff.. it would be nice if each customer had an RFC2544 end point
SuperNullYouthInAsia ?
void64SuperNull: We have the EFXO test sets around somewhere. I mentioned them earlier, they are pricey but very cool. You can just fire off a PDF or even print a test report right off the unit with company logo, etc right on it
SuperNullditto.
SuperNullthese ones also have T1/PRI integrated for.. the Lulz.
SuperNuller DS3 also. but not something we use
void64SuperNull: Lots of places looking for Y.1564 results now, and I think the EXFO's do those as wel…
SuperNullyeah i dunno if these do that actually.
Captain_matrixso what cisco product do you guys recommend for ids/ips ?
void64I don't think we have any TDM circuits left for IP term… only TDM I know we still have floating around is DS3s' for SS7 and OC3/12 ATM for some DSL still
MrJayPCNone :p
toastrsnort
Captain_matrixor do you suggest using something like snort?
Captain_matrixreally? so snort is the *best* ids out there ?
Captain_matrixI figured proprietary cisco stuff would have an edge on it
void64Captain_matrix: Snort is pretty good if you want to build something
SuperNullvoid64 we have SIP->PRI so the PRI portion of it is okay. T1 is .. a once a year thing maybe.
SuperNullwe dont have any real TDM transport stuff so it usually is a end to end t1 kinda thing
toastrsourcefire (cisco) will still probably sell you commercial boxes if you want
Captain_matrixvoid64: how would you setup snort in an enterprise though ?
Captain_matrixI mean do you just setup a linux box and put it betewen asa and a router/swtich ?
void64Captain_matrix: Well if it's just IPS (for reporting) that depends on where you want to intercept the traffic
Captain_matrixor did you mean as a hips/hids?
void64Snort for IDS is a bit more complicated to deploy and setup
j0byou do not get the performance
void64The only IPS/IDS we're actually using and have deployed are FortiNets'….
j0bwith snort on a pc
toastryou can have snort+barnyard+snorby setup in a couple hours
j0brun in production were we had it distributed
j0bnot even then
MrJayPCNot had a problem with it at home :|
void64Captain_matrix: it all comes down to how much money and time you have to throw at it
toastrthere's always security onion if you want something that has most if rolled up already
Captain_matrixvoid64: time plenty ,money none :P
void64Captain_matrix: then take toastr's advice
toastrj0b: you can get pretty good performance if you have multiple instances running
Captain_matrixso normally you just copy normal traffic to a snort server and it just generates reports?
void64I love all these enterprises that want network security but don't have a dime to spend on it
j0bCaptain_matrix: port mirroring
Captain_matrixfigured it'd sit somehwere in between transparently and kill connections
MrJayPCYou mean don't want to spend a dime...
Captain_matrixj0b: that's ids though ,not ips right?
j0bids yes
void64Captain_matrix: IDS yes… IPS takes more work
j0bwell both
j0bif you want
toastryou're still going to spend money on signatures if you don't want stuff from 30 days ago
Captain_matrixso are the free rules any good ? or do you *need* the subscriptions ?
toastrunless you're using like emergingthreats open ruleset
SuperNullWhat do you guys do for DOS incidents with link overload ? ex: some ass clown pushing 4gigabits to a 1gigabit device.
Captain_matrixahh,just answered my question :)
void64SuperNull: RTBH
j0bSuperNull: not a PC, thats for sure;)
j0bwell, the packet rate is interesting. 4 gig says nothing because it will handle it self
SuperNullRTBH = ?!
void64http://packetlife.net/blog/2009/jul/6/remotely-triggered-black-hole-rtbh-routing/
SuperNullohhh.
SuperNullim gonna have to look into that.
SuperNullACTION 'bookmarks'
void64We use a combination of netflew at the edge and when we see a host trigger a certain threshold we think is suspect we have a IBGP route server that we can send host routes into BGP which will propagate host routes to null at the borders and upstream
circuitrtbh sounds like tar pitting
void64No it's blackholing
void64no tarpit about it
circuitahh i guess youre right
SuperNullhmm
SuperNullso your upstream providers accept /32 routes ?
j0bnetflow is a must if you should deal with these things
void64If you mean by tarpit just gracefully rejecting ot dropping traffic
void64SuperNull: Each ISP is different, most will accept a /32 route with a blackhole community
j0bhave tried to get my former employees to understand that
j0bbut no
void64SuperNull: we use an internal community that gets translated at the edge for each upstream connection to trigger their community
j0bvoid64: what do you use for analyzing tool for netflow?
SuperNullj0b good question
void64Some providers like Cogent use a route server instead
j0bsearching for a good open source one
j0bntop
void64j0b: flowtools
j0bis the best from what i can find
void64ntop: can't handle our traffic volume
j0bvoid64: can not parse the netflow file or what?
void64we use "flowd" (freebsd port) which does the collection
void64then we use perl flowtools to parse what we need
squibbyI like flow-tools
squibbyalthough the version that seems to be in the package managers of teh linuxez is the buggy version
squibbyso I end up downloading it from google direct
void64flowd comes with flowd-reader ….
void64the biggest PITA is figuring out the right sampling-rate for your traffic… not to overload your linecards or your flowd receiver
MrJayPCThese Superchargers are veritable electron fire hoses, delivering DC energy directly into the battery at rates up to 80 kW, bypassing the on-board 10-kW (or optional 20-kW) inverter(s), and gaining 150 to 160 miles in range in 30 minutes. As Tesla says, stops on long drives often take that long anyway, if you use the bathroom, stretch, and grab a snack.
SuperNullwhat kind of hardware horse power is needed for netflow receiver ? nothing really?
void64I think we only sample 1 in 1000 or maybe 1 in 10000 packets
MrJayPCOuch.... that's a fast charge o.0
void64superNull: depends on how many flow samples you're collecting and sending
SuperNullwell fuks.
SuperNullhm.
void64SuperNull: how many edge router devices, and how many PPS you're sampling
void64I can tell you
void64flowd is by far the fastest and most lightweight
void64nTOP is a pig
SuperNullvoid64 we gotta get our netflow up DDOS is becoming more and more a problem..
void64good for smaller connections but not service provider 10GE uplinks
oistergoing through some old junk and stumbled upon a fasthub 400
MrJayPCI stopped using nTOP at home because it was such a resource hog
void64SuperNull: I sleep better at night with RTBH setup
void64knowing I can mitigate a target almost instantly
SuperNullvoid64 we canceled a customer for pissing off someone on xbox..
SuperNulllol
void64SuperNull: sometimes you have to
SuperNullhe saturated one of our 10giges ..
void64Our ISP's do for repeat offenders
kmcelroy1SuperNull: bwahh?
SuperNullkmcelroy1 was managements decision ..
kmcelroy1i don't understand how they knew they were pissing someone off on xbox :P
kmcelroy1and how that made them cut them off, ha
SuperNulldude pisses off guy in charge of botnet, botnet owner sends about 15gigabit of traffic to one ip which was his.
void64SuperNull: thats the way it starts
SuperNullcall of duty or something.. they admitted it..
squibbyhey guys looks like you'll be able to get a payday loan from the post office soon
SuperNullparent calls in 'my stupid son blah balh'
squibbydon't get terribly excited
SuperNulllol
void64SuperNull: it's funny we'll watch a customer draw a DOS and thier PPPoE session disconnects they come back, get a new IP and the attack follows their IP
SuperNullhaha
void64SuperNull: thats how you know someones fucking around
SuperNulloh yeah.
squibbyremember smurf
squibby'always good for a laugh
SuperNullif you get what we get.. you gotta have fucking 40gig uplinks for all things LOL
MrJayPCThat's how you know some dipshit is using a dynamic domain name :p
kmcelroy1or he just pisses that many people off
void64SuperNull: It's been a while, but we've seen attacks almost 40Gbps… saturating 4 10GE uplink, lol….
MrJayPCPeople like to use a dynamic domain name so they don't need to remember the IP address to give to friends.... but it does backfire lol
squibbyhow do you get 40 gig of dos
squibbyit almost sounds like misconfigured gear there
squibbylike a persistent forwarding loop or something
void64YOu piss the wrong person off that's in control of a large bot army
kmcelroy1squibby: by having 40gig worth of bandwidth hitting you?
MrJayPCDecent botnet and 40gig is easy
mepholicyeah...
squibbyreally
squibby40 gig is common
kmcelroy1for large botnets, sure
d00nNTP + DNS Amp == Pretty simple
mepholic100g isn't uncommon
GraNNy-kmcelroy1: as you predicted, I cancelled my appointment with the recruiter. They want all my info before the interview, plus they won't tell me what job I'm supposedly applying for, good luck finding someone, jackass.
mepholiceven
kmcelroy1GraNNy-: ha
kmcelroy1gotta love 'em
squibbyGraNNy-: I thought you were already under contract.
SuperNull10gig of botnet is like.. common shit.
GraNNy-squibby: nah, I've been stay at home mom for a bit
squibbyso you didn't end up taking that remote circuit turn up job?
SuperNullim def gonna look into that remote blackhole stuff.. talk about getting my tits hard.
MrJayPClol
MrJayPCHello GraNNy-
GraNNy-squibby: never heard back from them either. they only got an resume.
squibbyah.
GraNNy-hello MrJayPC
kmcelroy1SuperNull: creepy
void64SuperNull: You can't survive without it, like I said, I sleep better at night knowing we have something to mitigate that shit quick
SuperNullkmcelroy1 dont be jealous cause you're not the cause.
GraNNy-squibby: recruiters want your managers info because a) they want to verify who you are and see if you are a good fit but also b) have their info in their system. Thus, I don't usually give recruiters shit until there is actually a job interview in hand. I don't need my former managers angry at me becuase they keep getting calls.
squibbylet it be known that kmcelroy1 is NOT the cause of nipple hardening, ladies and gentlement
kmcelroy1not in dudes
SuperNullits true.
SuperNullhes not.
squibbyGraNNy-: yeah my experience is to not have to give references until after the inteview
SuperNullthe nakkeds we took off his ipaq of his cousin are tho.
kmcelroy1what happened to your other broad you were trying to bang SuperNull?
SuperNullher BF is getting angry that i am.
kmcelroy1go figure
GraNNy-O_o
SuperNullso i added him on facebook.
SuperNullnow were 'friends'
GraNNy-o_O
SuperNulland i try to touch her while hes over for parties.
MrJayPClol
SuperNullit made it easier actually.
kmcelroy1nice
squibbyGraNNy-: I told one recruiter via email not too long ago that he was a joke and I want him to stop sending me e-mails. For whatever reason he has me on some list of hiring managers and not somebody seeking a position
kmcelroy1has it worked yet?
SuperNullnow hes cool with her being at my house
squibbyplus he had a 5 word job description
kmcelroy1this has to go on record as the slowest bang in history
GraNNy-squibby: lol
SuperNullkmcelroy1 eh.
SuperNullif it happens it does.
eirirs_lol
GraNNy-SuperNull: is this a revenge type thing?
SuperNullgranny- semi at this point.
SuperNullagainst her if anything tho.. for being dumb.
SuperNullshes a tease
kmcelroy1i am surprised he hasn't lit your house on fire
SuperNullehhhh
MrJayPCSuperNull, I did similar a while ago.... my ex's new boyfriend called me threatening to beat me up so I slept with her :D
SuperNullhaaaaa
SuperNullbeat dat puss up
kmcelroy1i doinked my ex, then i remembered why she is the ex
SuperNullyep.
SuperNullExes have one use.. and thats it
SuperNullthen they need to go
MrJayPClol
kmcelroy1well, she is kinda bad even at that
SuperNulluhg.
kmcelroy1but she takes it up the butt, so that's cool
SuperNullhow care you bad at just laying there..
eirirs_tmi
ReverendDSExes at least have that one use... most people are useless.
eirirs_haha
squibbydo you call it doinking as you're getting it on
MrJayPCI got a photo of her half naked in my bed wearing his hoodie.... just for the evidence lol
squibby"turn around baby I'm gonna doink you so hard"
SuperNullMrJayPC should of left some stains on the hoodie
kmcelroy1nah, doink is just for you guys
kmcelroy1cause you are so special
MrJayPCSuperNull, lol
SuperNullkmcelry1 you always make me feel like im special
kmcelroy1that's cause you are
SuperNullderps!
MrJayPCI wish I'd thought of that when I was looking for something to wipe it on after :(
SuperNullmy boss is doing something furious in the bathroom i dont really want to go in there but i had like 2 big coffees.
kmcelroy1SuperNull: haha
void64LOL
MrJayPClol
kmcelroy1race to destroy the shitter
squibbyhttp://i.lvme.me/joywxr5.jpg
void64This has been a very productive channel, now I know why all these devops dorks want to replace us with SDN :)
SuperNullMrJayPC im the kind of dick head that would of smeared it all over to the point she would of just thrown the jacket out
kmcelroy1we work hard and play hard
pffswait, we work?
kmcelroy1kinda
squibbywhat exactly is SDN going to replace? you still need to understand and architect networks
kmcelroy1that one time
pffsDamn, I totally missed that memo.
void64squibby: Yes, I know… but apparently some think SDN is just that
SuperNullnot sure if boss shitting, masturbating or doing lines
pffsACTION stabs this old server in the face
SuperNulleither way i dont want to go sit on the same seat he was on
kmcelroy1SuperNull: why not all 3?
void64SuperNull: probably rails
kmcelroy1nothing like a coked up yank
SuperNullhe literally was causing noise to come from the bathroom like he was moving around a lot
SuperNullhes got a tiny little coke head gf .. so im not sure why he would be going balls out
void64SuperNull: Maybe he had a seizure, you should go check it out
pffsme "I need Java too" sysadmin "it has java" *points out the java folder is empty* *he installs java, program loads* *attempt to load program on my login, complete failure*
SuperNullvoid64 funny you say that..
MrJayPCI do love the conversation in here at times
SuperNullhe had brain surgery and has seizures every once in a while
kmcelroy1so he makes sure to do coke to fix that?
void64Ok then you probably really should check it out ;)
SuperNulli believe that is the idea.
SuperNullwe lit up a new year J at the end of day
kmcelroy1if he is seizing, pee on him and steal his wallet
MrJayPCWhy didn't you come in and check I was ok? ...Uhhh I thought you were masturbating....
SuperNullkmcelroy1 no need to steal from him .. his coke head gf does already.
SuperNullaparently he lost 4k in cash sitting 'in the center of my truck'
kmcelroy1well, if you pee on him and steal his wallet, then you could have the coke head gf
SuperNullwithout the doors locked.
SuperNullhe blames my co worker..
SuperNullwho is his only 'friend'
kmcelroy1she probably does whatever you want if you have coke
SuperNullmy coworker just got divorced so he wasl iving with him for like a month or two..
kmcelroy1you could probably choke her out and shit
SuperNullhe moves out after this ..
void64oh boy
kmcelroy1fun times
SuperNulla month after that..
SuperNullmysteriously another 3k goes missing from his truck
SuperNullhe blames my co-worker again.
MrJayPChttp://www.youtube.com/watch?v=IfmMylMp74A&noredirect=1 Friend!
SuperNullLOL
MrJayPCI miss the Inbetweeners :(
RedShiftany way I can improve the encryption performance of a 2921 router?
oisterMrJayPC: bus wanker!
oisterRedShift: sell it and buy a bigger router :P
kmcelroy1RedShift: http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps12202/data_sheet_c78-682436.html
MrJayPCI tried the US version of Inbetweeners and what did they do to it? :/
oisterMrJayPC: worse than the US version of top gear?
SuperNullMrJayPC any British show that goes US .. gets horrible.
void64WTF just got a area code 268 one ring scam call on my cell phone, anyone else see that?
SuperNulleven hells Kitchen/kitchen nightmares
RedShiftkmcelroy1 thanks
kmcelroy1the office was better
sartanscam call!
sartannever heard of it!
kmcelroy1sorry, UK office was terrible :P
kmcelroy1US one was way funnier
void64http://en.wikipedia.org/wiki/Area_code_268
d00nsure don't belive me when I tell you it is Phone Sex from the Antigua :)
kmcelroy1any of you fags seen Broad City yet?
kmcelroy1that shit is hilarious
SuperNullno fags in here sir.
SuperNullmy pile of sticks is offended by your comments.
MrJayPCReminds me of something from Kevin and perry go large
MrJayPChttp://www.youtube.com/watch?v=8Tw-XW277Oo&noredirect=1
circuitSuperNull: not true.
circuitthink of shameless
circuitthe american verison is amazing
SuperNulldidnt realize there was a british version
circuitit's derived from it
Harlockvoid64 time to put those guys into a different country code
Harlockcaribbean as a whole i mean
kmcelroy1maybe we should just bomb the caribbean, tell them to knock it off
sartanACTION bombs kmcelroy1 
void64Harlock: Ya, you'd think
kmcelroy1http://www.rockpapershotgun.com/2014/02/04/survival-rpg-reroll-wants-to-map-most-of-the-world/
kmcelroy1wild as a mothafucka
Harlockhopefully it is not a dumb zombie game
squibbyman
squibbyI got one of those credit card scam calls just yesterday - tried to get connected to an agent to troll - call drops
sartanreview period.
squibbygot yourself a bonus incoming?
sartannot sure
sartani hope so!
squibbyor maybe a nice sack of shit wrapped up in a box
sartansalary increase comes as part of this
sartanapparently i pissed some people off
sartanwe'll see.
Harlocki had those recorded ones you have one a trip or free airmiles or something
squibbyI didn't get a salary increase this year because I was "too new" when reviews came around
sartani did get a bonus yesterday thoguh
Harlocki hit 9 to connect to someone them put the call on hold
squibbysartan: do you have to fill out any of those self appraisal forms
Harlocki should make a custom hold audio fine for them
sartanyeah
Harlockfile
squibbysartan: I just discovered that lovely system this year too
squibbywhat a pain
sartanbeen doin it everywhere for yeras
sartani have lots of reports to fill out.
sartanit takes a lot of time
squibbyfuckin' nonsense
squibbyis that a bank/finance thing?
Harlocki also gets calls at work from telemarketers who claim to hp
MrJayPCI wish I got a pay rise from my review
circuiti wish i had a job
kmcelroy1you do have a job, you are a circuit
sartanwhat, reviews?
sartani hope you're being reviewed.
kmcelroy1i wish i had reviews, ha
kmcelroy1but i got a nice bonus beginning of this year, so maybe that will keep up
adaptrthe year ? or the bonus
kmcelroy1the bonuses
kmcelroy1if all goes well we are supposed to get 4 a year
kmcelroy1but they have been on a spending tirade
MrJayPCI had my review last week and my manager couldn't find anything to fault me on my performance :/
sartanmy boss always finds picky shit
RedShifthey guys, anyone got AIR-CT2500-K9-1-9-0-0-FUS.aes?
kmcelroy1so he blew you then called you a fag?
sartanis that an AP firmware?
RedShiftAP controller firmware
RedShiftField Upgrade
squibbyyeah I got a pretty stellar review as well
sartanshouldn't your controller just push whatever firmware as applicable
squibbybut they said I was fat and kind of a dick and I should work on that
kmcelroy1squibby: sounds spot on
sartani do well enough on my reviews, but the consensus is i can be arrogant
sartanwell, i'm just better than you.
squibbykmcelroy1: I made that last part up
squibbyit's true but they didn't say that
kmcelroy1the part about you working on it?
RedShiftsartan: it's not for an AP, it's for a WLC
squibbykmcelroy1: lol are you mad at me today
squibbyI can feel the tension oozing out of my monitor
kmcelroy1ha, nah, just tugging your nuts, i'm bored
sartanRedShift: guess i'm confused
ehnde"ou need to assign the IP Address 10.1.1.254/24 to interface FastEthernet0/0 as well ass hard code"
ehndemaybe a little juvenile but i'm amused
pffsbonuses would be nice
circuitan income would be nice
kmcelroy1circuit: i get the feeling you are jobless and want that to stop, am i on the right track here?
circuitkmcelroy1: well im a student so at the moment being jobless is kind of normal lol
circuitalthough im graduating in august
pffsgod dammit CCX
pffswoooo finally got the editor working
squibbyso I went out to my car to get my lunch and this happened today. please also take note of my ms paint skills. http://imgur.com/QKKl0L8
kmcelroy1are those makeshift balls?
squibbyI dunno it's pretty good though I like it
squibbyI should switch professions
squibbyI think I'm going to print this out as is and stick it on his car
kmcelroy1you should find a job where you can draw dicks and balls on things
kmcelroy1i think you missed your calling :P
s1skosquibby, why did you block the blue car? :)
squibbys1sko: I'm sure if you repeated that question to yourself a couple of times you'd figure it out
s1skojust kidding ;)
circuitthe right testicle looks like a halo2 helmet
squibbylol what
kmcelroy1or does the halo2 helmet look like the right testicle?
kmcelroy1that is the real question here
squibbyI think technically it's the left testicle. from a pov standpoint
circuitok now youre just being picky
squibbyI mean fuck that guy
squibbylook at the size of that space
s1skoI think its the bad influence of the car that makes him a shitty driver
s1skowe have a lot of those people here in DE
circuitsquibby: that happened to me at school about a year ago.
circuitwanna know what i did?
kmcelroy1bmws start eating at people's brains and causing them to forget how to park
circuitnot forget to park, forget how to give a fuck about other people
kmcelroy1nah, they probably never gave a fuck about other people
kmcelroy1that is generally how you end up in a BMW
s1sko^this
circuitjesus that is so fucking true
squibbyone of my friends is a fancy car dbag
circuitremind of me people who own macs
circuitfuck them
GraNNy-lol
GraNNy-I own a mac, no bwm's
squibbyinstead of a house he decided to get a 100K nissan
GraNNy-what are you, linux fanatic?
SuperNulli feel old looking at these magic cards that came out that are new to me..
mepholicpotato
squibbyGraNNy-: did you see my link
sartani'm a linux fan!
SuperNullin 2011 :( im old.
GraNNy-squibby: nope, re-url?
GraNNy-went to lunch
squibbyhttp://imgur.com/QKKl0L8
squibbywhat should I do
s1skoask the reception to call him "because he left the lights on"?
s1skojust for the lulz?
ehndei've got a macbook at work and it's a piece of crap
ehnde2010 macbook
ehndeso slow
GraNNy-ok, that wasn't the most horrible parking. I thought I was going to see someone doing an almost 45-degree parking
squibbyI can't get in the car!
myndsquibby: should glue the handle, or put gum (or something sticky) under it :-)
circuitrofl ^
circuitgum under the handle is actually perfect
GraNNy-squibby: aaaah, context
squibbythese aren't compact spaces or anything
GraNNy-squibby: always have chalk in the car
kmcelroy1shove razor blades under the handle
GraNNy-squibby: chalk the pavement with "asshole" take a picture, and viral it
MrJayPCI once keyed a BMW ;o
kmcelroy1go buy some lye at the store and use some petroleum jelly to hold it under the handle
kmcelroy1that would be hilarious
s1skoI mean if you look for retaliation...find is edge port :)
GraNNy-squibby: another thing you could do is put up a fake parking ticket
circuitsquibby: do you have any idea who it might be
void64any good disaster movies coming out worth a damn?
squibbyno I already asked facilities and he says he's not any of our plates
circuitthat means open season
circuitbasically
MrJayPCGo get a big truck and drag it somewhere
kmcelroy1cover it in gasoline and light it on fire
GraNNy-borrow some lipstick and put "park better asshole" on his front windshield
RedShiftset the world on fire, aye aye aye
circuitall valid solutions
FungiFoxfor a cisco tech....
GraNNy-squibby: so no way you can in through the other side door?
kmcelroy1you could break into the car, hide in the back seat and kidnap him, then rape him
FungiFoxkmcelroy1: is thinking arch now.
kmcelroy1arch?
FungiFoxlinux distro.
kmcelroy1yea, but that was random
squibby GraNNy- oh I can
RedShiftwhat if you just leave him an angry not?
RedShiftyou know, be canadian about it
MrJayPCHow smooth is the carpark surface? Go get a couple of big trolly jacks then lift the whole thing and move it ;)
RedShiftwrite a strong worded letter
GraNNy-kmcelroy1: the AIDS dude, the AIDS.
FungiFoxMrJayPC: lol, grand theft auto charges and everything.
MrJayPCAnd just for extra lolz leave it on brick stacks
kmcelroy1i am confused
MrJayPCMotor vehicle theft (sometimes referred to as grand theft auto by the media and police departments in the US) is the criminal act of stealing or attempting to steal a car. <-You're not stealing it, just moving it lol
GraNNy-squibby: if he had his windows cracked, maybe a small baggie of baking soda and a call to the cops saying you see drugs in his seat?
MrJayPClol
s1skolong term strategy: wait until he parks tomorrow and block his car in return - but leave very late
circuitGraNNy-: fuck that if youre going to do this use real drugs
kmcelroy1other option, duct tape nails to the ground behind his front tires
MrJayPCWe used a forklift at work one day to move a customers car
GraNNy-squibby: got any friends on /b/ ?
kmcelroy1or remove his valve cores, that is hilarious
SuperNullwhat the fuck ? http://imgur.com/JpxwXr1 how does the latency and the jitter graph make any sense in correlation to each other?
squibbyGraNNy-: lol no
Bluedog2ton of mac hate here, lol
squibbyI'm too old for that shit
SuperNullkmcelroy1: you know RFC2544 testing ? http://imgur.com/JpxwXr1
Bluedog2SuperNull: that a provider link ?
Bluedog2good performance there, lols
SuperNullthat is a small radio link
Bluedog2ahh
SuperNullonly good for 50megabit aproximately.
Bluedog2that makes more sense.
kmcelroy1what exactly are you worried about?
SuperNullwe have it split 25/25 meg
squibbyyeah what's with all the mac hate anyway
SuperNulllook at the jitter vs latency
SuperNullhow does that logically make sense.
kmcelroy1does it measure them at the same time or separate measurements?
Bluedog2SuperNull: is that averaged out
Bluedog2or just a single snapshot
Bluedog2that seems off to me
SuperNullyou would expect the latency and jitter to correlate linearly together some what?
Bluedog2unless you got some jacked up transport gear in the middle that can't handle variable frame sizes too well
Bluedog2:)
kmcelroy1assuming they did the measurements properly :P
Bluedog2SuperNull: not necessarily
SuperNullthis is a bench top test..
SuperNullend to end with a loopback
SuperNulland a legit rfc2544 meter
Bluedog2SuperNull: that gets into specific performance characteristics of how each vendor handles certain packet sizes, etc
kmcelroy1SuperNull: and i see your note on the bottom homo :P
void64Radio links are generally half duplex, no?
SuperNullvoid64 this is TDD.
SuperNullso .. yes... ultimately.
Bluedog2void64: ive ususally dealt with gear with 2 separate channels.
SuperNullif its microwave its FDD
SuperNullkmcelroy1 what ever are you talking about
void64Yeah my knowledge for wireless ends at WIFI so, got me
SuperNullthis is not wifi .. for sure.
SuperNullits actually 'cell' or atm based.
Bluedog2sidenote: I find it funny everyone doing microwave from CHI to NYC to beat fiber route latency
SuperNullor at least it was..
Bluedog2for their trading bullshit
void64Is that one way latency ?
SuperNullbluedog2 in theory microwave is about the same speed... if electronics dont slow it down much
SuperNullwe got a request for it
SuperNulli laughed.
squibbyyeah. signals propagate faster through the atmosphere than fiber
Bluedog2SuperNull: true, but they are pointing it directly at NYC rather than any physical turns for whatever reasons
Bluedog2squibby: i dunno aout that
Bluedog2about
SuperNullsquibby faster due to direct shot vs .. fiber route
kmcelroy1i think it is probably more because the microwave is a straight shot and the fiber link has hops
Bluedog2its a matter of physics, fibers go all over the place due to logisitical reasons, microwave can be shot *
Bluedog2kmcelroy1: yeah
SuperNullyou wouldn't make a direct shot without hops kmcelroy1.
kmcelroy1which means the fiber is probably a longer distance
SuperNulllongest range microwave stuff is like 100miles~
kmcelroy1maybe they do some mega tower shit, i don't fucking know :P
Bluedog2SuperNull: people have gone as far to lease repeater space
kmcelroy1but either way, the fiber will be a hodge podge
SuperNullnah they just back to back dem bitches.. and its still less distance
chumpnot if you build an express route
Bluedog2i express route all my packets
Bluedog2the toll fees are a bitch
chumpthose algorithmic traders pay top dollar for microseconds
Bluedog2chump: which i think is a matter of debate in regards to actual value (why are we jerking over .001 second... srsly)
Bluedog2but i digress
SuperNullHFT
Bluedog2yeah.
SuperNull$crye where are you
chumpBluedog2: because they can get their massive trades in before the competition
SuperNullScrye may know some things about dat HFT
chumpand influence pricing
SuperNullchump better yet its probably an 'order' or 'program' to do so.
SuperNullhigh end traders have on site equipment
kmcelroy1more you catch the trade at a different price and can see it higher or lower on the other spot, thereby knowing the future if you will
Bluedog2chump: oh, i know the technicals fairly well, i just think it is kinda silly how fast it is going
chumpyeah right in the exchanges
SuperNullIts theft.
kmcelroy1only from other trades, so no one cares
kmcelroy1traders
SuperNullit affects everyone ?
chumplondon to frankfurt is another big one
SuperNull'big'.
SuperNulllol
SuperNullisnt that smaller than the US is wide.
SuperNulli think the better question is..
kmcelroy1i think he meant big as in popular
kmcelroy1since london is a major financial center
SuperNulloh oh.
SuperNullcity of london mmm
FungiFoxneed quantum bit computer to do my stock trading.
SuperNullno need, start a central bank, print all you need.
Bluedog2i understand the need for liquidity, but i feel that is becoming a way to hide the real gains
FungiFoxi buy em all and nothing at the same time.
Bluedog2(for them)
chumpI'm at about 17ms from CHI/NYC
FungiFoxwhat you ping?
chumpI mean our fiber route
chumpfor ultra low latency
SuperNullso kmcelroy1 if we put a mask on you, are you down with the gang bang?
chumpstandard is about 23ms
chumpNY to London is about 64ms
SuperNullone of our vendors was telling us how they had to make special radio firmware for the HFT people..
kmcelroy1SuperNull: all you man, all you
SuperNullshe only has one version of hepatitis right?
kmcelroy1that will be a surprise for you
SuperNullthe HFT stuff was much slower throughput but removed all the forward error correction and massive buffers so that it wouldnt add any crazy latency.
SuperNulli will bring my portal hep C test with me.. just gotta remove some scab juice
SuperNullthe new microsoft CEO makes me think 'apple'
kmcelroy1he is like a brown steve jobs
SuperNullyeah.
SuperNullmaybe he will introduce the microsoft newton.
GraNNy-so is anyone here going to NANOG in ATL?
GraNNy-guess not
eirirs_whats it
SuperNullgranny- they dont let the real engineers go to shows here..
GraNNy-eirirs_: like RIPE for the americans
GraNNy-americas
squibbyso I guess republicans are pissed off at coca-cola for some commercial
eirirs_ah
squibbynot feature 100% english in
GraNNy-squibby: http://publicshaming.tumblr.com/post/75447787843/speak-english-racist-revolt-as-coca-cola-airs
eirirs_shaming
GraNNy-it's amazing what stupid crap people will say on twitter
void64Need to check the NANOG schedule.
sartanhmm cisco might give me clcs to hit up live this yera.
void64hmmm
void64How much in credits is a live pass ?
sartani don't know, id' have to look it up
sartan1:$100 ?
void64I'd have to check the balance of credits we have ….
void64No I think it's more than that
void64I could be wrong
void64actually that might be about right, so probably like 30 credits?
void6425-30
RedShiftanyone got 2960G switches in production?
RedShiftare they still any good?
jamesdRedShift: i'm sure many people do..
GraNNy-define "good"
kmcelroy1GraNNy-: not bad
GraNNy-kmcelroy1: I don't think i've seen a cisco switch be "bad"
GraNNy-well, i take that back
kmcelroy1the 4948 is kinda lame :P
kmcelroy12960 lan lite
GraNNy-2948g's were crap. and the 3524xl/3548xl's were terrible.
kmcelroy1that was pretty lame
RedShiftwell there was this one series that had bad powersupplies
mAniAk-_1GraNNy-: 2960 and 2960g are pretty shitty
myndGraNNy-: i concur
RedShift3560G's I think?
myndhad quite a few 3500XL's at last gig ... always had issues with them
void64I like the 4948E's
void644948E-F anyway
GraNNy-OTOH, cisco > Extreme any day of the week
Titaniumveers hey
Titaniumyou pass?
void64I'll tell you though, performance wise, Brocade CES vs a 4948E I think the CES still has an edge.
void64But software feature wise IOS still kills Brocade
RedShiftIIRC 2960G isn't wirespeed?
void64I actually miss the Foundry days, I think Brocade has dropped the ball on their Ethernet R&D
veersTitanium: next Friday
void64I know they have on their ServerIrons… they're getting crushed by F5 and A10
veersthat's D Day hahah
drkatshit i managed a network for 3548's
drkatand 3550
drkatugh
hkkli think we only have 3548s and other XLs in oob network anymore
j0bgreat switches
hkkli think last was decommissioned from production network year ago or so
hkkl3550s are still used for production and oob network :)
j0bused 200 of them, then we switched too 3560
jamesdACTION uses 3550's for production i my home network... but i'm a crazy geek
j0bproduction and home network... i dunno:p
j0bdoesnt sound right hehe
j0bno offense
kmcelroy1offense taken
Dez_Bryanthello all
Dez_Bryanthow is everyone doing?
kmcelroy1horrible
j0bkmcelroy1: :(
GraNNy-Dez_Bryant: HTTR!
jamesdj0b: the more your family depends on it the more it feels like production... kids can't get to facebook or email and they would put in a critical ticket if i had a ticketing system ;-p
Dez_Bryantwould anyone here be willing to offer me some career advice
Dez_Bryantbecause i am n00b
j0bjamesd: true true:D
GraNNy-Dez_Bryant: what do you want to know?
mepholicvery noob choice
kmcelroy1sure, don't get into IT, be a banker, make money, get bitches
jamesdDez_Bryant: mcdonalds.com
j0bhaha
drkatDez_Bryant goto college
drkatget an MBA
drkatlive
j0bwhore
j0bmaybe
GraNNy-you guys are terrible :P
Dez_BryantGraNNy-: basically, how do i get my manager to give me the engineering position i deserve
kmcelroy1GraNNy-: you mean we are right? :P
drkatDez_Bryant suck him off?
GraNNy-Dez_Bryant: you leave for a better job
jamesdj0b: thanks, i am a whole, aka contractor, i will do anything, just approve my paycheck
Dez_BryantGraNNy-: but how am i supposed to get an engineer job without an engineer's experience?
mepholicDez_Bryant: leave for a better job
Dez_Bryanti've been trying to move up but my manager is making it impossible
Dez_Bryanti don't want to move vertically in my career....
mepholicDez_Bryant: how did I do it?
GraNNy-Dez_Bryant: leave, your manager is not letting you grow
kmcelroy1you mean horizontally?
j0bDez_Bryant: just leave
GraNNy-what do you do now
mepholicnone of my past titles have had the word "engineer" in it
j0bhave been in the same situation
mepholicmy current title does
kmcelroy1vertically seems like the move you want to do
Dez_Bryantkmcelroy1: yes horizontally
Dez_Bryantsorry
drkatim a big fan of lateral
j0btheres always jobs in IT
j0bfo real
mepholicand it doesn't even have the word "junior" next to it
kmcelroy1just leave
GraNNy-Dez_Bryant: what do you do now?
kmcelroy1or take my real advice and be a banker
Bluedog2IT is one of the few fields where upward zigzaging at the beginning of your career isn't frowned on.
Dez_Bryanti've just invested so much of my time and energy and they won't give me the damn engineer role
Dez_BryantGraNNy-: NOC :(
kmcelroy1make money, get bitches
GraNNy-Dez_Bryant: do you have enable?
GraNNy-NOC isn't a bad thing
Dez_Bryantenable? like enable access?
GraNNy-ya
Dez_BryantGraNNy-: yeah but i only have NOC experience... no engineer experience and i want an engineer job!
Dez_BryantGraNNy-: yes
GraNNy-Dez_Bryant: dude, I could give a shit at that point.
GraNNy-interview for engineer jobs
Dez_BryantGraNNy-: but i've never touched the "important protocols" in production
Dez_Bryantthey'll never hire me
GraNNy-well, if you have that attitude, you won't
Dez_Bryantwell if looking for a new job is all i've got then i guess i'm going to have to do that
GraNNy-listen, you are in the NOC and you can troubleshoot things right? Are you good at troubleshooting?
Dez_Bryant /sigh
jamesdDez_Bryant: do you have a server that you work with?
Dez_BryantGraNNy-: yes i am
jamesdor cisco gear...
drkatugh
drkatlets not bring the NOC into this
Dez_Bryantjamesd: i have a lab at home. i have a CCNP just no experience to back it up... i THOUGHT i would get that experience when i get moved up to engineering. but after 5 years my manager is still saying there isn't a position open
drkat:P
Dez_Bryanti only have shitty NOC monkey experience
GraNNy-5 years? who stays at a job for 5 years?
drkatDez_Bryant look my resume is like 80% fabrication cuz of the HR monkey requirements, just wing it
drkatGraNNy- people who dont contract?
kmcelroy1i will have been at my job for 3 years next month
GraNNy-drkat: most people stay at a job at most 2 years and then jump in IT
Dez_BryantGraNNy-: what? no way
GraNNy-Dez_Bryant: where do you live?
Dez_Bryantthe newest guy in my team has been here 2.5 years
kmcelroy1people move around a lot in IT
Dez_BryantGraNNy-: i live next to Fort Hood, TX
kmcelroy1it is like sales, people move back and forth
Dez_Bryanti wanted to stick it out until i got that engineer opportunity because people told me to get out of the NOC monkey rut i needed to move up within my own company
GraNNy-you are like 60 miles away from austin. get a job there and have them help pay for moving expenses.
jamesdDez_Bryant: look on job boards... apply, bullshit HR, (you helped a number of small clients setup there small bussiness networks, did a few Proof of concept, nothing more that a week or two), impress the other engineers with your knowlege, poof your an engineer.
Dez_Bryantnow i'm 5 years older and still no engineer job and no engineer experience to get the job
Dez_Bryanti feel so cheated
Dez_Bryantand frustrated
drkatoh god
squibbywhy are finance department people so socially awkward and awful
GraNNy-Dez_Bryant: are you a troll? the woe is me is getting old
drkatDez_Bryant - well you're gonna have to umm.. fake it til you make it
kmcelroy1should have been a banker
void64Rackspace is going gangbusters hiring people in Austin and San Antoinio
squibbyevery god damned time I'm near the CFO's office he wants me to provide a cost and benefit analysis on a service we're using
jamesdsquibby: they ask the same about IT guys.
squibbyand I'm not even the damne cto - dude needs to fuck off
Dez_Bryantjamesd: i can't just lie...
kmcelroy1lie bitch
drkatlook
kmcelroy1lie through your fucking teeth
kmcelroy1get paid
jamesdDez_Bryant: you are stretching the truth... its just to get past HR, the engineers will test your knowledge.
myndjust over emphasize
kmcelroy1capitalism rewards the biggest douche, so get on board
drkateither lie and get the job, or be honest and be unemployed
drkatyour choice
squibbyjamesd: he wanted to know why we have to put up with archiving with the o365 system and then launched into a series of questions about how it saves the company money or benefits us somehow
jamesddoing a lab is like setting up a bussiness lan, just you didn't get paid for it.
GraNNy-oh please, I don't think i've ever lied on my resume. when they asked, i told the truth, but spun it positively.
Dez_Bryantwow that sounds terrible but i guess it's my only choice
Dez_Bryanti guess that's what i needed to hear
Dez_Bryantthanks guys
GraNNy-Dez_Bryant: you need a career counselor
jamesdGraNNy-: i am doing the same... i did everthing i have said just did it for my self for fun, and didn't get paid...
drkatGraNNy- so when asked about a tech you've never used before?
kmcelroy1you need to just learn to do whatever benefits you the most :P
GraNNy-drkat: i don't put it on my resume?
void64Lying on your resume just to get in the door can be disastrous… lol
void64Especially for a experienced engineering job
kmcelroy1shit, there are people who make 25 year careers off lying :P
Dez_Bryantvoid64: and that's what worries me
kmcelroy1and still keep getting jobs
Dez_Bryantvoid64: but i guess i can "over emphasize"
GraNNy-kmcelroy1: yeah, sociopaths called CEOs :)
drkatGraNNy- well here's a perfect example of some of the jobs that are posted. Half the technologies he's never done?
drkatso how is he suppose to get the interview
drkathe doesnt have those skills
GraNNy-drkat: because he's still got half. dude, most jobs reqs are bullshit
jamesdvoid64: proof of concept contractor... (fills the 18 month gap when no one was hiring ) and just documents anything fun i played with while unemployed...
void64The larger the company the more resources they have to confirm your history/references
Dez_Bryantdrkat: i have them but only book knowledge
tgunris there any way from a 7206 to see if a dhcp mac-address bound address has been issued to the client?has been
Dez_Bryantfrom my CCNP studies
Dez_Bryantwhich my manager told me to get so i can move up to engi
GraNNy-drkat: you find the hiring manager on linkedin and talk to him/her instead.
GraNNy-i can't remember the last time i submitted to the HR blackhole
drkatGraNNy- I tend to be told to apply online and HR will be in touch with that method :)
Dez_BryantGraNNy-: so you just contact people directly? instead of spam clicking jobs on indeed/monster?
drkatthey're probably being nice
kmcelroy1drkat: gotta show
void64Interviews are usually three part when I get them, phone with the recruiter person, then they setup a general Q&A with other leads to make sure you're not an idiot before they invite you in for an actual… Some interviews are straight forward others will be like a SIX HOUR process.
drkatkmcelroy1 ?
GraNNy-Dez_Bryant: do you know how many people spam click that shit?
kmcelroy1gotta show some balls man, then you get in the door
drkatshow my penis?
kmcelroy1yea
kmcelroy1or sack
jamesdvoid64: i don't list it on the job app just my resume... everything is verified, by that point i have a job offer, note i didn't say i made money doing it, just a few small contact deals.
kmcelroy1nut cleavage
Dez_BryantGraNNy-: a million i suppose. what's the best method if yo don't mind sharing
void64I heard the Rackspace ones are fucking six hours! WTF… If I'm there six hours, i"m getting paid lol
GraNNy-Dez_Bryant: search for the company and see if you can find CTO / CEO / VP of IT/Engineer. Then either email firstname.lastname@company.com or contact them via linkedin.
kmcelroy16 hours for a fucking interview?
kmcelroy1jesus christ
Dez_Bryantwow! aiming for the CTO/CEO? jeez
kmcelroy1i'd tell them to suck a fucking cock
void64I've been contacted from AWS recruiters, to bad the only positions they have are in Seattle
void64Yeah no shit, seriously
jamesdgoogle used to fly people out to the interview it took all day, and people used flew in the night before all paid
drkatwell in larger organizations CIO dont care bout you
drkatgood luck with that
void64Well yeah, they'll pay your travel expenses
GraNNy-drkat: you are just bitter cuz you live in bumbleville.
void64they all do that
drkatmaybe im bitter. I'll be quiet
drkatGraNNy- :(
drkatis it too early to drink?
GraNNy-drkat: nope
drkatgood
drkatcuz i been drinking since noon
Dez_Bryantalright y'all well i appreciate all of your help today. i can honestly say i have a lot more perspective now about how things work. thanks again
void64I'd love a job with AWS, I think it'd be a great company and challenge, unfortunately Seattle is on my list of "fuck that" .
drkatshit i need someone to just write my resume for me.. i hate writing
kmcelroy1drkat: there are people who will do that
drkatim not paying for it
GraNNy-drkat: have i seen your resume yet?
drkatGraNNy- which version? heh
void64There are some cheap resume builder sites that are pretty good
drkator the truth...
void64I think livecareer might be one
jamesddrkat: apply to stuff on monster, your head hunter will proof read and give you hints on improving your resume, they want to get you hired.
drkatmy professional summary should read: "Dick head cant keep a job cuz he punks on techs"
void64LMFAO
void64HIRED!
SuperNulldrkat it totally has nothing to do with the pedo side of you.. thats for sure
drkatWell thank god for that
drkatcuz I was worried
drkatthat day care never called me back
drkat:(
kmcelroy1they did, you just missed the call
GraNNy-Dez_Bryant: http://www.yelp.com/biz/wolfgang-career-coaching-austin
void64drkat: at least we appreciate you driving slowly by schools
void64safety first
drkat:)
SuperNullty for your safety drkat.
SuperNullof course hes not trying to hurt them hes trying to provide fun after all.
drkatI also wear protection when raping
kmcelroy1it isn't rape if they smile
drkatsafety first
kmcelroy1those are the rules
GraNNy-i thnk it's time to go back to idling
kmcelroy1haha
GraNNy-ACTION &
drkatdont you work?
drkat:P
kmcelroy1we scared GraNNy- off
void64Ok this digressed fast… ok I'm outta here talk to you maniacs tomorrow
kmcelroy1we aren't legally maniacs
kmcelroy1or at least i am not, i haven't ever been formally diagnosed
kmcelroy1i may come from a family of a few maniacs, but i am legally fine
SuperNulllegally..
SuperNullbut mentally..
Dez_BryantGraNNy-: thanks. i appreciate your advice
kmcelroy1hey, we are talking about what they can prove here
SuperNullthe voices told you they cant prove shit right?
kmcelroy1we are good to go, cause we know they can't prove nothin'
generalshenanigaAnybody experienced with PCI security? Do I *have* to get a dedicated firewall, or will a 2901/K9 suffice?
squibbygeneralshenaniga: that's a fairly vague question
generalshenanigapretty simple setup... DIA with a /29 of public IPs
generalshenanigaPCI scope will be limited to a single IP based credit card terminal
generalshenanigaalready planning to create a separate VLAN for the cc terminal, NAT to one of the public IPs, and using SPI... is that sufficient?
generalshenanigaso in theory there's full logical isolation between the PCI scope and the rest of our equipment (one internal server, a few workstations, and wireless)
squibbygeneralshenaniga: PCI assessments usually include a questionnaire that goes over their network security expectations
generalshenanigaI was told by our payment processor that they have to do a "scan" of our network (public IP) before we can start using it
generalshenanigadefinitely not the self-assessment obne
drkatgeneralshenaniga that would satisfy most PCI audits
generalshenaniga*one
squibbystep 1) complete questionaire. answer yes to everything. step 2) hire a bullshit automated penetration testing firm like scansafe to scan your public IP and give you a thumbs up
generalshenanigaThe weird thing here is that our payment processor seems to want to do the scan on their own, and require that before they'll release any funds to us from it
squibbytotal fucking scam industry
drkatgeneralshenaniga they will run a vulnerability assessment
drkatmost payment processors do it to give you the thumbs up
squibbyprovide snakeoil security audit results - rinse and repeat - profit
drkatyeah i had a customer dinged on a open web port
drkatthat was for like a HVAC machine
generalshenanigaMy net eng mentioned that one of the most common dings is ISAKMP on the default port of 500
squibbyit sounds like generalshenaniga is small business, this is a no sweat ordeal
squibbyoh for fuck sake
generalshenanigaIn this case it's small business, though our main account number with the payment processor is medium sized
squibbysuch bullshit
drkatisakmp is not a violation of pci
drkateven on port 500
generalshenanigaI don't even know what ISAKMP is, but Google tells me it's related to IPsec, which we're not using
squibbywhat you don't want is an onsite auditing team
squibbyif you're large enough to require that, I would hope you'd be a little more familiar with security anyway
generalshenanigayeah, especially with the employees that work there. "What's your password?" "Here you go"
drkatall they need to determine is the CC processor is OFF your regular lan and not accessible
kmcelroy1why would port 500 isakmp be a violation?
generalshenanigaNot necessarily a violation, but something that commonly gets flagged on scans
squibbybecause the snakeoil scan sites need to pretend like they're doing something
kmcelroy1seems retarded :P
squibbyhave you ever done PCI?
squibbyit's a joke
kmcelroy1i haven't
generalshenanigaNext question- I have a 2901 and a 3560G (layer 3)... 2901 will be used as a voice gateway. Where should I put the NAT configs? on the 3560? (No NAT needed for Voice, just data)
generalshenanigacan a l3 switch do NAT?
kmcelroy1i don't believe the 3560 can do NAT :P
kmcelroy1but i honestly don't remember
bmoracacan it?
bmoracai didn't think it could
bmoracalast i checked, the 4500 couldn't even do NAT
kmcelroy1i think you are correct
generalshenanigaI've got it set up as ROAS. Thinking of treating the 3560 as a l2 switch
kmcelroy13560 should stay layer 3
kmcelroy1be your internal routing
kmcelroy1then use the 2901 as the edge
bmoraca-workrouter on a stick is dumb if you have a 3560 :)
kmcelroy1do your NAT there
generalshenanigawhere would you put your DHCP pools? 3560?
kmcelroy1a server
bmoraca-workgeneralshenaniga: a windows server
kmcelroy1cisco DHCP is a pain in the ass
kmcelroy1but if you must use it, do it on the switch
generalshenanigawe don't do DHCP on the Windows side. DNS is definitely Windows, but our DHCP needs are minimal
kmcelroy1would still do it on the server
generalshenanigawe don't have a DC at that location, don't want to lose DHCP in a WAN outage
kmcelroy1just run DHCP at the central site then
kmcelroy1dhcp relay
SuperNullcisco routers can use a remote dhcp 'database' file.. not sure what happens if you lose connectivity to that database
generalshenanigaYeah, that's my worry. especially when our phones use SRST, local DHCP is a must
kmcelroy1put a 24 hour lease on
im_on_138.
kmcelroy1or longer
kmcelroy1tada
kmcelroy1not like they are getting new addresses 24/7
generalshenanigathis is true
SuperNullyeahhh could always do week long leases and cross your fingers you never lose the database.
kmcelroy1what database?
kmcelroy1no one wants to run your weird remote dhcp bullshit :P
kmcelroy1he is talking about host DHCP
SuperNullthe lease database..
SuperNullbe it file, or memory.
SuperNullits a nightmare if you lose it with a shit ton of time left on most devices.
kmcelroy1the lease database would be in the god damn server, not the router you gomer
kmcelroy1pay attention
SuperNull<-- run dhcp network for 20k-30k devices devices
SuperNullkmcelroy1 thats the point .. hes saying he doesnt want centralized dhcp
kmcelroy1he probably has like 20 devices there
SuperNullcause loss of connectivity
SuperNulldevices devices!
kmcelroy1which doesn't matter, just run long leases
kmcelroy1if your IP link is down more than 24 hours, you have bigger problems
SuperNullwhat happens if all phones get the lease the same time and boom miraculously the fail happens as they need to renew
SuperNullLEMME TELLYA SOMETHING
kmcelroy1that won't happen
kmcelroy1and if it does, setup a local lease in 30 seconds and move on with your life :P
kmcelroy1also, SRST is a waste of time :P
squibbySuperNull: I want you to know I get it but I didn't laugh
squibby;)
sartansrst is not a waste of time
sartanare you kidding
kmcelroy1it is
sartanACTION cracks knuckles
kmcelroy1no one uses it
SuperNullsquibby did you happen to watch 'in living color' years ago ?
kmcelroy1they just like buying it, cause on paper it sounds neat
sartanwell, i'm using it
sartansaves my ass
squibbySuperNull: yes - that's why I'm letting you know I got it
kmcelroy1to do what?
sartani don't want to pay for a subscriber server fuckign everyhwere.
SuperNull;)
toastrwe use it to and it has saved the bacon
sartanyou go ahead and take calling ability away from people who bill at 1500 dollars an hour.
sartanI just dare you!
sartanany environment that doesn't deploy srst is immature and run by wannabes
SuperNullsquibby one of the common customer tech support phrases used to be 'ride the snake'
squibbyyeah I'm afraid I don't know that skit
SuperNullsomeone should overlay IT support audio http://www.youtube.com/watch?v=PlLPogmB8M8
squibbyI know homie the clown and fire marshall bill
SuperNullsquibby it was a skit for methamphetamine as a weight loss supplement..
SuperNullHELL YEAH
SuperNullhomie
SuperNullHOMIE DONT PLAY DAT
SuperNullthe skit with the old man dragging a dead dog around used to crack me up as a kid. unfortunately im not a kid anymore.
pffsYou know what's awesome?
dwxreaperthe juicer one is the best, jim carrey as the juice man?
pffsCelebrity Jeopardy.
pffsHow great was that shit.
egadsonI'm trying to set up OSPF at two different sites. Should each site have its own area 0, or should I put area 0 at the L2L VPN connections on each ASA that are connecting the private networks between sites?
dwxreaperhttp://www.youtube.com/watch?v=01uYKLSmN74
pffsegadson: are they on the same ospf?
KickStarRabbithey yo
egadsonpffs: not currently...wondering if I should set them up as separate ospf networks
egadsonor ospf instances rather
egadsonASA L2L VPNs connect the sites -so I'm not even sure I could set those L2L VPNs up as part of the OSPF network since the ASAs won't have an IP interface on the L2L nets
kmcelroy1you will do separate as the ASA won't pass the routing info across
kmcelroy1you can use reverse route injection and redistribute the static into OSPF
baristatamis there documentation somewhere where I can show the tech that "activation key not valid" on the ASA is only for the sec+ license
drkatsh ver?
baristatamdrkat, sh ver doesn't really prove anything, especially since NOW it has a beefed up license
drkatwhat are you specifically looking for?
kmcelroy1have you tried farting on it
baristatamtech claimed he couldn't do his job because it said ""The Running Activation Key is not valid, using default setting"
baristatamand I want to contest the bill
baristatambecause he's retarded
squibbywhat security level did he order
baristatamidk?
baristatamwhat?
drkatshow activation-key detail?
baristatamall he was doing was setting up a s2s VPN he didn't need any advanced features
squibbyASAs have varying feature keys. what did he specify in his ordewr?
kmcelroy1that error should be related to the 3des/AES license from what i can see
kmcelroy1which means he wouldn't be able to do the VPN
kmcelroy1https://learningnetwork.cisco.com/thread/47509
kmcelroy1get your license, fix your shizzle
kmcelroy1he was probably right
squibbyASAs should do like 10 ipsec tunnels with base license
squibbywhat model?
kmcelroy1if you lose the 3des license, you won't be able to do shit from what i remember
kmcelroy1i have had to recover one before
squibbyand you typically need to license 3des and aes separately, yeah
sartanhow could you lose a license?
baristatam"It indicated "The Running Activation Key is not valid, using default setting" this will not allow me to save any config on the ASA after a reboot and would cause multiple re-configs in the future with this not fixed"
baristatamI think you misunderstand squibby
squibbyunless he's happen with DES
kmcelroy1sartan: you wipe the whole thing and it kills the key
kmcelroy1it is weird, but it seems to be somewhat common
sartanodd, haven't heard of that
drkatwell even in the default setting it shouldnt have affected l2l
drkatmeh
kmcelroy1mine happened with an upgrade from what i remember
baristatamI ordered the ASA. Base license. It's only going to be used for a s2s VPN. Called a tech to go set up the VPN and that's what he claimed on the bill
baristatamwhen it was just set to ignore system config
baristatamand I changed that
baristatamno
baristatamkmcelroy1, no it was because confreg was set to ignore system config
baristatamIt fixed it, that's all I had to do
baristatamit's 5505 it was a brand new ASA
baristatamonly one VPN needed to be set up
baristatamNo one lost a license -_-
baristatamyou guys are being retarded too
squibbyhey
squibbyI wasn't advocating his position
squibbyI was just asking a question
kmcelroy1maybe you should setup your equipment properly :P
baristatamkmcelroy1, why should I set up my equipment when that's what I'm PAYING THE TECH FOR
baristatamthen I would just do it myself
kmcelroy1maybe you should have, ha
baristatamWell I ended up doing it
squibbyso they're just running des on their l2l ?
baristatamI don't know what these words mean
baristatamI bought an ASA so that I could create a VPN from another building to our office. That's all I wanted to happen
squibbybaristatam: des is a really old legacy cipher which is the only thing enabled with the base license
baristatamso are you guys saying I did need the activation key?
baristatamCause Scrye says I didn't
squibbyfor 3des/aes, yeah
squibbyscrye doesn't care about security - has he mentioned this yet?
squibbyhe doesn't give two shits
baristatamwell see
baristatamlisten
baristatamthe tech claimed he couldn't save ANY config on the thing
baristatamand it was the activation key's fault
squibbyyeah we got that , he's a herp derp and doesn't understand what confreg is
razorzlol
kmcelroy1i was more concerned with the license issue, which was the original complaint :P
squibbywe're just trying to tell you that base license for l2l isn't a great idea
baristatamget your order squibby ? ;)
squibbybaristatam: I haven't paid yet.
squibbyI'm being a bum
squibbyI'll paypal it today or tomorrow
baristatamwell did you get the picture?
squibbyhah. no.
baristatamaw damn I ruined the surprise
squibbycool
squibbymaybe I'll pay now then
squibbyhaha
baristatamwooorth it
squibbyhe's not planning on e-mailing it right
squibbyI like being married atm
kmcelroy1ass to mouth?
generalshenanigaasynchronous transfer mode?
baristatamsquibby, probably should let him know then
baristatamor just not request things that would break your wife's trust =p
drkatlol
drkatwives
drkatmarriage
drkatoh you guys
kmcelroy1drkat: i hear some people like their wives :P
squibbybaristatam: you know I did kinda ask in jest - didn't think he'd take it serious
squibbyit's paid btw
sartanlatte, please
baristatamyou very well knew I'd deliver
squibbyI guess there is no not serious with scrye
squibbyoh I see is bmcgahan's pics the surprise?
drkatthat guy
baristatameveryone knows what bmcgahan looks like
mgeorgehmmm got a dmca takedown notice from disney for downloading the movie brave
mgeorgeexcept i never downloaded the movie brave
mgeorgelol
kmcelroy1that will teach you
drkatyou disney fan
mgeorgeoh yeah you know me
mgeorgefat guy with pop corn watching disney movies haha
drkatheh
drkatbetter than masturbating to said disney movies
mgeorgewife did not download it nor did I
drkatwhile eating pop corn
mgeorgeso either someone knows my wifi key or i got malware on one of my machines
squibbylol it triggered a fraud notification
drkatkid at one of my jobs downloaded book of eli
drkatthe company got a letter
mgeorgelol
drkatkid was not fired
bmcgahanACTION looks around
mgeorgeoh man who let brian in here?
drkatbut if it were me? i'd have been out the door
mgeorgegot to play with a PaloAlto firewall today
mgeorgequite nice actually
squibbymgeorge: yeah I like mine
squibbygood app firewall
drkatim doing iboss
drkatits neat
squibbysupports GRE and VTIs too
squibby.
generalshenanigadumb question: router on a stick, trying to add a management subnet, can't get ping responses. created Vlan on switch, trunk interface to router, subinterface on router, but no connectivity
generalshenanigashould I be using a 'switchport trunk native vlan' on the trunk interface of the switch and assign the IP on the main interface (as compared to a subinterface)?
squibbygeneralshenaniga: switches in L2 mode only support one active management SVI
squibbyhave you verified that he SVI is up and up
generalshenaniganot sure on SVI (don't know SVI...), the mgmt vlan is up/down
generalshenanigawould I have to use Vlan1?
squibbygeneralshenaniga: pastebin your switch and router configs
generalshenanigadurr, vlan wasn't allowed on the trunk, just kidding
jatoI had that issue once
jatobut in my case it was GNS3 being odd, I quit and restarted everything and it worked, but for a good 15 minutes I thought I was retarded
squibbygeneralshenaniga: you have int vlan 1 shutdown right
generalshenanigaI do now :)
squibbygeneralshenaniga: bounce the problem svi too
generalshenaniganot sure what that means :X
squibbyoh come on
squibbyshut and no shut
generalshenanigaanother 'durr' moment: SVI = subinterface?
squibbyyes!
generalshenanigaYeah, not quite CCNA ready yet :P
squibbythe manaagement vlan int
squibbywhat vlan did you put the management IP on on the switch
generalshenaniga240
squibbyright so shut down int vlan 240 and then no shut it
generalshenanigaIt's good to go now, I didn't have 240 as an allowed vlan on the trunk to the router
squibbyI thought you said you were just kidding
generalshenanigaSadly, I wasn't...
generalshenaniganext question: I know how to selectively route traffic based on destination, how about based on source (vlan)?
KazfdSOURCE
FungiFox* Received a CTCP SOURCE from Kazfd (to #cisco)
cbt998hi, i'm trying to setup ibgp and exchange full bgp tables bidirectional, is that possible?
sartanthat was.. unusual
sartancbt998: yeah it is possible
sartanbut you might want to be more specific in your design topo
sartangeneralshenaniga: you can do source based routing yes, it's called policy routing
generalshenanigathanks
sartanip access-list ext VLAN15; permit ip 192.168.15.0 0.0.0.255; route-map PBR_VL15 10; match access-group name VL15; set ip next-hop 10.0.15.1; int vlan1; ip policy route-map PBR_VL15
j0bkeeping it real
cbt998sartan: well, i have rouer A with 3 ebgp, all sending full tables to that router, router B has 1(different) ebgp sending also a full table, now i setup ibgp between A and B and A is sending B a full table but B is only sending about 1400 routes..
oisterare you using next-hop-self or peering with loopbacks?
mgeorgehttps://scontent-b-iad.xx.fbcdn.net/hphotos-prn2/t1/1554428_187752678101022_1560242104_n.jpg
sartanall ther otues should be sent but they might not be inserted into the RIB because they're not the best path to that destination
sartanoister: nailed it. was baout to mention that too
sartanadditinoally the ibgp peer needs to know the next-hop of those received routes. in this scenario you'd probably use next-hop-self
terabitVERSION
j0bterabit: djeeez
j0byou just made a fool of your self
j0b:p
terabitsry
j0bhehe
squibbyI've got your CTCP response right here -
squibbyACTION unzips his pants
terabitACTION hides
j0bhaha
j0b /exec uname -mrs
j0b23:38 FreeBSD 9.2-RELEASE amd64
j0bthere you go man
terabitdidn't think I'd get any reply
squibbyfuckin' baller status
squibbyfreebsd? j0b doesn't give fucks
j0bkeep it real
cbt998sartan: if i setup a deny all prefix list on router A then a full tables from B is received
sartancbt998: both routers will only install the best route to that destination...
sartanaspath is probably way shorter on A than it is on B?
cbt998sartan: yes
sartanok, so what would you like to change?
sartanyou'll have to influence some of the routes somehow
sartanwhat would you like outbound traffic to look like?
cbt998sartan: to be honest i like to be sure that if maby 2 ebgp connections on A fail, i'm safe and routes will be sent from router B
sartanyea as long as the paths are valid.
sartanon router C (assuming) do a sh ip bgp <prefix> and make sure you have more than one htere both with >
sartan> is for valid, and * will be the best path, and only one of those should be in the routing table (routing information base, RIB) since the router can really only use one right now
yeledanyone seen `no ip redirects' actually adding CPU on a 3750
cbt998sartan: to be clear, B is only sending 1400 routes so there are a couple of > on A
yeledfrom a flat 15% to a peaky 40-60%
yeledcould it really just be all that bad traffic entering and leaving the one interface..
yeledyes, just found some graphs to prove it :(
sartancbt998: ufnortunately this sort of questino is really dependant on the routes you're receiving, but in other words bgp is functioning normally
cbt998sartan: so basically if i want to use the table of B the i need to manipulate routes on A to make them prefer B so B can send them to A - or i nee to get an upstream on B that has a shorter aspath ?
jato_Probably not enough coffee. Logged into one of our internal routers (not a cisco) to find all the firewall rules missing
jato_Turns out I was just filtering incorrectly, they are all actually there
jato_Brown pants moment for a brief second
sartancbt998: right. you can modify the routes by maybe setting a local preference on the received routes from B so your entire ASN prefers one path over the other
sartanyou can do this with a simple incoming route map
xerathjato_: I've found myself nearly calling the NOC in panic because i thought all our BGP sessions were down. Turns out I was logged in to a lab router... Monday morning.
sartanhahaha
cbt998sartan: to be clear, both routers have the same AS number...
sartancbt998: yup. clear.
sartanno offense but it seems you don't have too much experience with bgp?
cbt998sartan: lab setting :-)
sartanbasically speaking, your entire ibgp routing domain will share the same view of the bgp table
sartanthere are a number of rules in place that tell routers which paths to prefer to tohers, which ones to install to their routing table (they don't have to be installed) and which will be preferred
sartanone of the rules in bestpath is the local preference attribute. a local pref setting will allow your entire asn to prefer a particular prefix over the other, regardless of where it came from
sartanwhat you want to do is assign a local preference of 100 (or whatever) to incoming routes. apply a route map to the ebgp peer on router A to set the local preference to 100, so that those routes will always be preferred to the ones learned from B's ebgp peer
jato_Haha, mornings especially without coffee are the best
cbt998sartan: i think it's clear, B get's routes from A and they are better than the other ebgp that is connected to B so B does not send those routes to A
sartansome of the specific language there doesn't make sense but i think you get the idea?
sartananyway, the great thing about bgp is that everything can be influenced to do what you want it to do
sartanhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml start at 'how the best path algorithm works'
sartanoh, it's a dragon
drkatmeh
squibbya dragon. http://www.homestarrunner.com/sbemail58.html
drkat...
diozsup drkat
drkata whole lot of nothing
drkatu
dioztwerkin
drkatclappers to the front
squibby-.-
drkat..
drkatif i counted how many hours I've wasted on irc
sartanif i had time in a bottle
ill_rek_uwhy not both?
drkat?\
MrJayPChttp://www.independent.ie/irish-news/young-man-dies-after-drinking-a-pint-of-whiskey-in-social-networks-game-29971505.html For some reason I found this a little amusing
drkati am noticing the network tech/engineer market in my area is very poor.
sartanfor the employer?
drkatnobody advertises open positions seeking network engineers
MrJayPCA friend had a neknomination.... He ended up drinking beer, blue wkd, vodka and protein powder lol....
drkatvery few
ill_rek_umove to a better city?
drkatalways easier said than done ill_rek_u
ill_rek_uya depends on age too
MrJayPCStarting to hate the atlantic ocean
blackOffa pint killed someone?
blackOffin ireland?
MrJayPCMust be some super strong whiskey or something....
MrJayPCOr he wasn't pure Irish lol
blackOfflol
MrJayPChttp://www.environment-agency.gov.uk/homeandleisure/floods/142151.aspx Few flood warnings for the UK.....
MrJayPC"Rough seas and extreme weather might look exciting, but getting too close can be risky. So respect the water and, in particular, avoid exposed places where big waves could sweep you off your feet."
blackOffPot-influenced car fatalities up
KickStarRabbitwhy cant i study, get paid, and drink all at the same time
MrJayPCAnd that reminds me.... I was going to go for a walk along the beach :)
blackOffbecause you have bad alcohol habits
blackOffor the word you're looking for is also known as church
MrJayPCDon't use language like that in here please :p
blackOfflol what
blackOfftruth hurts
blackOffbring it to your mother next time
MrJayPCThe C word is unacceptable in here
blackOffic
MrJayPCWe're all going in hell in here and have come to accept it lol
blackOffbuy your way out
squibbymy wife thinks spicy food combats fever
blackOffdunno
Titaniumsounds like a good way to discourage people from becoming sick to me
tmx1spices are a natural antibiotic
tmx1shes right
KickStarRabbitif no sick then no sick days
drkatsquibby it does
drkatso does soup
adamaspices are a what?
blackOffand still alive
squibbydrkat: I would love to know how
squibbyI would think that spicy food potentially raises your body temperature\
blackOffabsorbs easier
squibbybut my science is pretty bad
adamasquibby: spicy food increases metabolic rate, which can help
squibbythanks
adamabut no, they are not a "natural antibiotic"
tmx1imbecile
tmx1a lot of spices act as antibiotics
tmx1educate your retarded brain
adama[citation needed]
tmx1go vaccinate yourself now!
tmx1get dumber!
adamadid you read it on www.omgthisonesecrethealthtipannoysdoctors.com ?
mnathaniDoes citrix or vmware have a program similar to microsofts technet for no time limit full versions of software meant for evaluation?
blackOffvaccines aren't bad
squibbytmx1: get autism?
adamarofl
squibbyI still run into anti vac moms
adamai should have expected antivaxxer from someone who thinks chilli is an antibiotic :)
adamado you even know what an antibiotic is?
squibby"'THEY ARRESTED THE DOCTOR WITH THAT RESEARCH IT'S NOT REAL"
Titanium"LALALALAL I CANT HEAR YOU"
squibbyadama: wait what
squibbyyou really jumped to conclusions that fast
adamasquibby: nto you, the derp
adamaTHE DERP
squibbyahhhh kkk
adamayeah
adamai once had a huge argument with one of those fucktards
adamawho was on a "lemon juice diet"
adamato "reduce acidity"
adamaOK
adamaYES
adamaVERY GOOD
squibbyhahahaha
tmx1lol
adamaDO YOU KNOW WHAT LEMON JUICE IS?
squibbynow that is easy enough for me to understand
tmx1wtf is lemon juice diet?
Titaniumyou cannot argure with them... they have zero chance of changing their 'facts'
adamaIT HAS A PH OF 3, YOU FUCKING MORON
squibbyadama: I'm presuming you've seen the Penn and Teller bullshit episode
Titaniumyou can only argue with someone that is at least open to new information and re-evailuating their position
adamaTitanium: yes, they are the far left equivalent of the far right
adamadon't forget
squibbywhere they curb stomped anti vaxxers
tmx1lemon juice will destroy your teeth enamal within minutes
adamait /used/ to be the far left who were anti-science
adamaback when science was all oil and bombs
adamaand they'd moan about how everything 'chemical' was evil
Titaniumi dont think most people know what science is... so how can they be agaisnt it?
tmx1adama did you get your 1000x flu shots?
adamai've had them try to tell me that concrete is totally A-OK for the environment
adamabecause it comes out of the ground
adamaand well, anything from the earth is cool
tmx1because of the big bad FLU boogyman?
adamatmx1: dude, you're a fucking moron
adamabut i expect nothing else from #cisco
tmx1the FLU BOOGYMAN will get you!!!!!!!!! oh noee
adamathis is retard central
squibbyadama: fun fact - my grandmother has had this lemon tree in her backyard for my entire life - it's not really a lemon tree, it's one of those hybrid fruits. nobody has the guts to tell her
adamahaha
squibbybecause 12 years ago we told her to ease up on the salt and she has been crying about it for 12 fucking years
adamai only have lime, no lemon :(
adamafun fact: you can eat more sodium salts if you eat more potassium salts
squibbyshe's never found it odd that her lemons are 2 x the size of normal lemons on average
adamahaha
squibbyshe just thinks she has a super lemon tree
tmx1ever seen chinese lemons?
tmx1or grapefruits?
adamamexicans lemons are green
adamafucking pisses me off
adamacos mexican limes are yellow
adamaWHAT THE FUCK
adamaSORT YOUR SHIT OUT, MEXICO
tmx1Meyer lemons are the best
Titaniummy grandma told me she never adds salt to food
Titaniumand then poured salt on her hamburger (because the chef should have done it)
squibbyin costa rica we ordered shit like rum and coke with the spanish/cuban names
squibbycuba libre
squibbykinda cool
adamaTitanium: haha
adamasquibby: haha
adamai just speak english really loud
Titaniummy grandparents had orange trees
squibbyI mean it's nothing but americans at this resort
adamaeventually someone translates for me
Titaniumfresh picked oranges, freshly squezed by hand to make juice is awesome btw
adamaTitanium: i have a mandarin tree in the garden, not seen it fruit yet
adamai missed it last season
adamai think it should have mandarins in a couple of months
Titaniumyummy
Titaniumare they a pain to peel?
adamafucking rabbits ruined the dragonfruit vines
adamaand the banana trees
Titaniumthis is why you need an automated airsoft turrent
Titaniumprogrammed to shoot rabbits
adamafun fact 2: a rabbit can cut through a banana tree trunk in like 15 minutes
adamathey're my wife's pet rabbits
Titaniumthey make automatic ones, and they look like they hurt
adamawhich multiplied
Titaniumdoes that mean you cant shoot them?
adamawell
adamai can
adamacos, well, i won that argument
Titaniumwhen wife is out?
Titaniumlol
adamabitches are going the fuck down
adamabut they're destined for soup
adamaso i can't kill them until we have someone who can clean them
Titaniumdo you live within 1000 feet of a shool?
adamaa what?
Titaniumschol
adamaa school? :>
adamahrm, not sure, there are schools everywhere here
Titaniumif so, think twice about fireing a gun
adamameh
adamathis is mexico
Titaniumoh
adamaa) no guns
adamab) no guns
adamac) no guns
Titaniumcrossbow?
adamaairsoft or machette
adamaoh man
adamafucking longbow
adamai wish
adamai'd shoot the neighbour's dog through the wall
Titaniumhowabout a large rock?
adamanoisy cunt
adamawell
adamayou hold them by the back legs
Titaniumwait
adamaand kinda karate chop them
Titaniuma slingshot and a meteor
adamait's really easy, they have very fragile bones
adamathey also hold still cos they have retarded brains
adamai do want to buy an airsoft gun
adamaso i can shoot the cats and street dogs
adamai think that'd get me arrested though
Titaniumdid you see the squirle squit gun?
Titaniumsquirt
toastri want an airsoft gun so i can shoot my coworkers
adamathere's this pack of street dogs 2 blocks from me, one of them always tries to bite the driver side wheel
adamajust one inch closer, mofo
Titaniumget some hubcaps with spikes :)
adamasenor jeep aint stopping for no street dog, yo
adamahaha
toastrhang a bone off a stick attached to the back bumper and make him chase you around the block a couple hundred times
adamahaha
FungiFoxtoastr: hmmm, hack a electric airsoft to a usb nerf gun.
squibbyI dunno it seems real simple - keep your dogs fenced in and then they really can't bother anyone. much.
toastrthere's a small town near where i grew up that chihuahuas run around like rats in the streets
MrJayPChttp://www.caraudiodirect.co.uk/vibe-fastplug Why would anyone use that :s
KickStarRabbitstudying ATM & UNI signaling ....
MrJayPCAnderson plugs make those vibe things look like toys
GraNNy-KickStarRabbit: ewww, why?
KickStarRabbitbored
KickStarRabbiti might fall asleep
KickStarRabbitoh hey granny did you get your sec+
GraNNy-O_o sec+ ?
blackOffsec+
GraNNy-I don't recall talking about wanting to get it?
blackOffonly reason to get that is for microsoft certs
KickStarRabbitok
blackOffif you couple it with server+,a+, or network+
KickStarRabbiti am up for a net sec eng position
KickStarRabbitand they want me to know that
blackOffic
GraNNy-KickStarRabbit: usually that means firewall, unless you're going to be doing pentesting or something
blackOffyou should get some LPIC certs
KickStarRabbiti just want the job
blackOffand or just keep going in general
KickStarRabbiti am studying the exam cram
GraNNy-KickStarRabbit: exactly what do they want you to do for a net sec position?
GraNNy-do IN, not for
Titaniumsecurity is fun
Titaniumi found a security flaw and got it a CVE number :)
Titaniumnow i need to beat my personal high score
KickStarRabbitgranny https://megapath.tms.hrdepartment.com/jobs/1327/Network-Security-Compliance-EngineerAustin-TX
Titaniumcompliance?
Titanium:(
blackOffwhat's it pay?
KickStarRabbiti am not qualified for this one but there is a position open 1 level below
MrJayPCCISSP and CCIE certifications or equivalent experience required ...lol
KickStarRabbityeah thats funny
Titaniumcissp is hard
GraNNy-MrJayPC: i was just about to say the same thing
blackOffcissp is good
blackOffthat is the standard
KickStarRabbiti know the sr engineer and he will help me get the cissp
Titaniumbut 5 years
GraNNy-In depth knowledge of information security practices related to PCI, HIPAA, SOX, CPNI, and OWASP application security
KickStarRabbitonce he gets me hired
GraNNy-gawd
GraNNy-do you even know unix?
KickStarRabbiti gotta submit my resume asap so am adding a bunch of filler
KickStarRabbiti know unix pretty well
sartani could do that job
Titaniumjust pick 4 letters at random and say you are an expter
GraNNy-this job sounds like they want everything but the kitchen sink
sartanrun the department that does that job
blackOffthat's like a $100k/year position
blackOff80+
KickStarRabbiti might have to move to austin
MrJayPCGraNNy-, I was half expecting daily hand jobs to be in there too
sartanso, a huge pay cut?
GraNNy-MrJayPC: lol
blackOffi probably wouldn't take less than 100k for that position
blackOffor more
GraNNy-i have to agree with blackoff
Titaniumyou can find people willing to deal with PCI, HIPAA, and SOX all day for that little?
MrJayPCI just wouldn't take it.... there are easier ways to earn money lol
sartanopen at 145k
sartanlet them negotiate down
KickStarRabbitwell the job below that is maybe 75- 85
blackOffengineers can make less than that
KickStarRabbiti hope I have a in with then already
blackOffbut not for long
sartanthat job posting is like 4 different jobs each one senior
sartanthe hiring manager is pretty insane
GraNNy-KickStarRabbit: i hope you get the job, you'll learn a lot
GraNNy-or blow your brains out
KickStarRabbiti know
KickStarRabbitbrains blown
KickStarRabbitalready
KickStarRabbiti have read two sec+ books already
KickStarRabbitin 2 weeks
MrJayPCHow did you hear about this job? <-There doesn't appear to be an option for while the job was being mocked in IRC :/
KickStarRabbitthe senior sec engineer reached out to me personally
KickStarRabbitas I lost out on the network service technician already then kinda know me
MrJayPCMust resist jokes....
KickStarRabbithaha
GraNNy-KickStarRabbit: well, if you have a good reccomendation that will go far
KickStarRabbiti plan to bullshit my way in!
KickStarRabbitwhats an acceptable bullshit ratio on resumes now
GraNNy-i don't think that's wise
blackOfflol, in security?
MrJayPCDepends how stupid you want to look later on when you don't know something you should
blackOffdon't get killed.
KickStarRabbiti assume most of that has got to be hands on
GraNNy-KickStarRabbit: i'd look at what they want in that job posting and figure out what exactly you can do, and focus on those things and tell them that
GraNNy-This role breaks down to 80% project, 20% hands on and will involve a lot of coordination, understanding and communication of security concerns throughout the organization.
KickStarRabbitthat sounds solid
GraNNy-Ability to define security strategies that ensure every client deployed MegaPath application, system design and architectural enterprise security solution design is in fact, secure to industry standards. <--- LOL
sartani tried to hire someone like that with a posting i put up
sartanthose people are really hard to find
sartanif at all
KickStarRabbityeah ... I( maght be in for a "blowing my brains out"
GraNNy-KickStarRabbit: http://securityreactions.tumblr.com/
GraNNy-that might also be a good way to learn. even I don't understand some of the acronyms they use for the security jokes
sartanACTION lhttp://mistrust.ca/static/drop/netsec.txt
dwxreapersecurity is a weird thing you could spend millions and a 14 year old could figure something out. I found a few vulnerabilities over the last few years and updated the vendors. PCI compliance wouldn't of mattered
KickStarRabbitwhose that sartan
MrJayPCWhen manager telling you : “We don’t need SSL on internal network”.
sartanone of my employees, KickStarRabbit
MrJayPClol
sartanbasically, here's a $desc
GraNNy-KickStarRabbit: do the best you can, if you don't get the job, meh, you'll find something else
sartani hope to get maybe 2 out of 10 requirements
MrJayPC7+ years experience in routing and switching in Cisco IOS & JunOS environments.
MrJayPC:D
KickStarRabbitso should I list certs i am pursuing on resume or is that a big nono
sartanKickStarRabbit: it's irrelevant
sartani'm working on 15 phds
KickStarRabbithaha
freaxlol
blackOffsartan, you're trying to get 15 phds?
sartanyes, see, it says right here on my resume
freaxdood tbt
KickStarRabbitso a big nono on embelishing on the future
shaunoI'd tailor it to what they're looking for. I've seen a position that required a ccna, but preferred that you were looking toward the ccnp. so I'd parrot exactly that because it's what the HR droid is looking to tick off
GraNNy-sartan: hey, where are you located again? toronto?
sartancalgary
GraNNy-oh
sartanyour 5x CCIEs don't count, you're missing your A+ and CCNA, sir
MrJayPCI saw a job up a while ago that wanted a CCIE or preferred CCNA.... found that pretty funny
sartani wonder if i have a copy of my own description anywhere
KickStarRabbitlet me see your resume sartan so I can copy
sartani'll pass on that
KickStarRabbithaha
sartani should probably update it
KickStarRabbiti am curious how to list 5 phds
sartanin bold, each on their own page
sartanhiring mangaers only look at the first 2 pages of your resume
sartanhaving one phd in awesome and another phd in good worker
KickStarRabbitso i need alot of tech info in a small pt
sartanhow small can you fit it?
mgeorgeman im way to impatient to trade forex
mgeorgelo
mgeorge>.<
blackOffwhat is the best monitor/tablet/laptop for reading ebooks/pdf's on?
blackOffmy kindle doesn't like my books
sartanblackOff: technical books?
blackOffyeah
sartanhmm, ipad?
blackOffyou might be right
sartani buy my tech books dead tree
blackOffyeah i like real books
MrJayPCTech books are a pain in the arse to read because of how thick they are :|
tmx1good ole papyrus
blackOffnah, just read
hjohnsonanyone here played with WAAS?
KickStarRabbitwifi as a service
sartanjust steelhead
sartanriverbeds~
KickStarRabbitds3 is 28 T1s right
onefst250rits as wide as your mom
onefst250rso, huge
KickStarRabbitshes a champ
onefst250rdude
rlin_ACTION hates juniper with nexus vpc
onefst250rfix your network in seattle
onefst250rpeople on my network with giges are getting garbage speeds from your speedtest servers
onefst250rand bitching to my noc
KickStarRabbitlet me chk
dwxreaperI like how some speedtest site somehow equates to anything at all
rlin_iperf is for the real men; speedtest.com is for dummies
KickStarRabbitwhat CO
KickStarRabbitor whats the common network element
onefst250ryeah, but, 1) most people dont know what iperf is and 2) doing iperf on an internet circuit is difficult for most customers as they only own one end of the internet
dwxreaperit's not a good test though, you can browse the web on an xp box, and then on ubuntu, and see a 10x increase in speed
rlin_true. that's why most providers should provide a free iperf server fro the customer to test their "bandwidth"
rlin_that would be nice
rlin_i know some providers have files that you can download to test your bw. that's it
rlin_btw..is jperf just a graphical front end of iperf?
dwxreaperthat extended windowing that older OSes don't have makes a huge difference when browsing the web etc
Titaniumyes
Titaniumbut it crashes a lot
Titaniumthe graphs are worth it
rlin_oh i see
rlin_i actually want to modify iperf to be part of our active monitoring toolset...
Titaniumcareful
Titaniumiperf can kill a network
nemiththats kinda the point
Titaniumno, it can send UDP traffic to a multicast address
Titaniumat 10gbps
Titaniumwell
Titanium1gbps i think or something
drkateh
garrettskjyarg.
drkat...
civillianherp
dissolvedammit i was clearing a password to a 2003 server and i blanked it like an idiot instead of editing the pw. now it wont let me edit it saying pw is set to *BLANK* cannot edit
dissolveremedy?
dissolvenm the password becomes *
Titaniumdid you know i can copy and paste the star?
dissolvetf
dissolvew
drkathuh
drkatcant wait til my 24" monitor gets here
drkatthis work on my laptop shit sucks balls
steve_mfinally got a chance to sit down and set up a stratum 1 ntp server with a GPS receiver + PPS... pretty neat stuff
hjohnsonACTION returns
onefst250rdissolve: try hunter2
cosbycoin /ns identify root hunter2 *****
onefst250rdissolve: also, you're fucked if that is the only admin account
onefst250ryou'll have to EDR commander it or something
hjohnsonsteve_m: do you really needtiming that accurate?
hjohnson:P
steve_mhjohnson: no, of course not
hjohnsonhehe
steve_mhjohnson: i actually just don't even know if I can believe what I'm seeing
hjohnsonmy last job we had a GPS frequency base, but we actually needed the traceability for a frequency standard
steve_mmy average offset with the kernel PPS driver and this GPS receiver is in the 500 nanosecond range now
gewthjohnson: he probably does it the same reason i want to accept a 24-processor server that requires 6.44kW to run
gewt"because I can"
hjohnsoni'm actually surprised with how well ntp works over satellite
hjohnsonI've watched the clock and verified against WWVB and it was pretty damned on
steve_mmakes sense
hjohnsonyeah
hjohnsonat least on low jitter links like ours
steve_mat 500 nanoseconds I think this is pretty much precise down to around the time it takes light to go 150 meters
hjohnsonheh
steve_mfor an $85 receiver that's pretty amazing
hjohnsonyeah
steve_mfor my next trick I'll probably try attaching a wwvb radio receiver to the line in and fudging it
hjohnsonI'm building a project around a trimble GPS block
hjohnsonway way more accurate timing than I'll ever need
hjohnsonbut, eyah, because I can
drew__haha these guys i work with want to buy a fucking ntp box
drew__im like.. get a fucking $35 usb gps idiot
hjohnsondrew__: there are a few things where it's needed
hjohnsonbut we needed a traceable frequency standard
hjohnson(since we were selling RF translators and stuff where frequency accuracy is paramount)
steve_mthere is USB GPS that can be had for around that price that actually has pretty accessible pins on the GPS and a pad to solder the PPS pin to the DCD line on the serial chip
steve_mthat will get you microsecond precision
steve_mfor $30
hjohnsonsteve_m: real men connect it to the interrupt line on the ISA bus!
hjohnsoner... wait...
hjohnsonman, though... I wish that 3560-8PCs were more reasonably priced
steve_mI wish I knew more about this time stuff
hjohnsonI have a bunch of places where I could use them, and would be much nicer than throwing a 24 port switch
steve_mit is pretty high nerdery
hjohnsonsteve_m: I've met the ultimate time geek. :)
steve_mis that david mills himself?
hjohnsonpretty cool guy... was working in his office, and see this hunk of metal on the shelf
steve_mah
hjohnsonask what it is.. "Oh, that's the prototype of the atomic clock I built as part of the GPS program"
hjohnsonisotopically pure titanium, fused windows for the laser ion trap, etc...
steve_msee, you just said at least 8 things I don't understand
steve_mI clearly need to learn more
gewtisotopically pure titanium?
Zexeslol, hjohnson... no big deal, right?
gewtthe alloyed elements are without impurities?
hjohnsonok, so atomic clocks work based on a physical property of certain ions
gewtcaesium clocks are best clocks!
hjohnson(usually sodium)... that produces an ultra precise frequency
hjohnsoner ceasium
steve_myea I know that much
hjohnsongewt: it's a single isotope of titanium
steve_mI've ready a book I recommend called Splitting the Second
steve_mpretty interesting
gewthjohnson: ahh
steve_mand have a text book I'd like to chew through on the history of timekeeping
hjohnsongewt: I don't know what that would cost to purify like that, or how you'd do it
gewthjohnson: probably a lot. :P
steve_msome cesium isotope changes state at something like 9.192ghz and ah-ha that is the atomic standard
steve_mbut then everything just flat out snowballs into craziness
gewtACTION hands steve_m a smoke alarm bomb
hjohnsongewt: yeah
hjohnsonwell, you need it to be in an ionized state for it to work
hjohnsonyou also need it to be super cold in order to reduce the noise in the signal
hjohnsonso the way you make it super cold is by cooling it in a laser trap
hjohnson(think slowing down a bowling ball by shooting a stream of pingpong balls at it)
steve_mmy brain just fell out of my ear
steve_mand is sliding across the floor
hjohnsonlol
steve_mI guess I just have to leave the science to the scientists
gewtthat's what I do
steve_mI wish scientists would make me a money machine
gewthjohnson: i took a test thing today that assessed my skills
steve_mthat I can feed water, and out comes dollar bills
gewthjohnson: it said I was good at "engineering" and "problem-solving"
gewtwhich is pretty much a case of "NO SHIT."
steve_mmy test told me that I like insane Brazilian women, samba, and aviation
hjohnsonlol
steve_msame case for me, gewt
gewtit also recommended i pursue a career managing oil refineries, iirc
gewtlol
FungiFoxmine said "somebodys gotta do it" at the end, whats that mean?
steve_mplumbers make bank, FungiFox
FungiFoxhot on the left, cold on the right, shit don't flow uphill and paydays on friday... all you gotta know.
steve_mACTION thumbs up
fuhgeddabouditrv082 freq lost vpn connection however shows connected in the status view any suggests ?
hjohnsonfuhgeddaboudit: try buyign a router rather than som elinksys piece of shit/
dissolveanyone else ever have fun playing with atto ssd bench
fuhgeddaboudithjohnson, e.g. ?
dissolvei got my read up to 4gigs
dissolvelol
dissolvejust curious... is sata limited to 6gbs per channel or total?
hjohnsonfuhgeddaboudit: pretty much anything that's not a linksys piece of shit?
hjohnsondissolve: it often depends on the channel between the controller and the CPU
gewtdissolve: probably depends on the controller
dissolvek i got that
hjohnsondissolve: so if it's on 1-lane PCI-E, its realistically only going to be doing 2gbps or so
gewtdissolve: some shitty ones won't do 6gbps total. :P
Symmetriasup
hjohnsonhehe
dissolvei got 3 ssds in raid0 on a evga z87 mobo i7 x4771
hjohnsonACTION checks to see how much his NAS has
sartan3x 3tb here, 2 mor ebays...
Symmetriadon't suppose anyone has a full tarball of xr 4.3.4 lying around somewhere on a really fast link do they? cause snoreeeee downloading this from cisco is taking forever, god their downloads are slow as shit from cco
sartannext version fo synology supports ssd caching
dissolvegot it to write at around 1800 MBs
fuhgeddaboudithjohnson, could u pls name the models ?
dissolvei think thats good for a home computer that i just do homework on lol
fuhgeddaboudithow do i know if it linksys or not
SymmetriaI'll be curious to run that test on my new high speed NAS when it arrives, heh, I got 4 new disk array units on the way that I ordered recently
Symmetria1 equilogix unit full of 750gig SSD's
dissolveim curious right now
Symmetriaand 3 powervault units running 12 x 4TB disks in each of them
dissolvewell aren't you just made of money
dissolveyes that is incredible
Symmetriagonna be curious to see though if the iscsi slows down that equilogix unit
dissolvenow see how fast a u can load counter strike
dissolvelol
dissolvedidnt know 750gb ssds were out
dissolvejeez
FungiFoxSymmetria: how much you charge to physically touch?
Symmetriadissolve they have 1TB SSD's actually
Symmetriabut the 1TB's are stupid pricey
Symmetria750G SSD isn't THAT much more expensive than a 15k RPM 900gig SAS drive
dissolvei had a 32gig scsi 15k 10 years ago for gaming i thought i was the shiet
Symmetriaheh the equilogix unit is a pretty nifty thing though, because all its raid calculations etc are done on the unit and not on the server itself
Symmetriathe PV on the other hand is basically just a very large jbod on a high speed internal raid controller
SymmetriaACTION thinks today is going to be a long day fighting with vendors
drew__if you bought scsi for gaming your parents were too rich
Symmetriaheh other than the original computer my parents bought when I was 12, I've bought every piece of computer hardware my family has ever owned
dissolvei got it for my 17th birthday thats all i wanted lol
Symmetriamy parents were and still are perm. broke ;p
dissolvei loaded half life and team fortress classic very quickly
dissolvelol i tried to use that comp as a server with my 250/50KB/s RR connection lol
dissolvegot a total of 9 people
dissolvei mean for HL hosting
dissolvelol
Symmetriaheh recently on the work network we put down a massive gaming platform
Symmetriaas a proof of concept platform
dissolvei bet
Symmetriawe wanted to demonstrate that gaming in east africa was viable and if you put the content locally and had low enough latencies people would come
Symmetriaits working pretty well
dissolvei calc'd just what i could do with the verizon fios at my moms 300/65mbps .... at the speed of the same game... which is still around!! 8193 peoples! lol
dissolveif u could run 256 thirty two person game servers
dissolvethat would have been great for a 17 year old :D
Symmetrialol, I should host a server at my house ;p but that would be cheating
SymmetriaI decided working from home, if I was gonna work, I needed to be able to work in exactly the same way I do at the office
Symmetriaso I had redundant 10gig fibers pulled in ;p
dissolvewtf how
dissolvedid...
dissolvewhaa
dissolveACTION is on 65/5 =[
Symmetriadissolve helps that the company I work for owns 800 kilometers of fiber in the city I work in and the fiber ran right past my door
dissolvegive me some money
dissolvelol
dissolvewow
Symmetria(when I rented this place, the first thing I did was say to the rental agency who was helping me find a place to live, the only roads I wanna live on are these....)
Symmetriathe guy says "why"
SymmetriaI said "thats where the fiber is, those roads, or gtfo"
dissolvelol
dissolvewow
Symmetrialol so moved in, and then it only took 2 days to get completely sorted
dissolvewell in a few years i wish to join ..... underneath you or something at least
Symmetriathing is, all they had to do was drill under the road and pull the fiber there, and then drop it into the housing compounds internal ducting
Symmetriaand some splicing
dissolvejeez
SymmetriaALL the housing compounds in Kenya are pre-ducted for cabling
Symmetriaso it becomes REAL easy once you get the cable to the gate house
dissolvehire me! i'll work almost free!
jato_I have now been tasked with implementing some security related ISO standard...
dissolveACTION goes back to studying multi area ospf =[
jato_Satisfaction level...dropping