MPLS versus Switched network

Similar Messages

• Stop switching networks

  How do I get my Linksys WRT54G2 router from automatically switching networks? When it does this I get limited or no connectivity to the internet on my pc.

  Adjust the Wireless Settings on your Linksys Router...
  Open an Internet Explorer browser page on your wired computer(desktop).In the address bar type - 192.168.1.1 and press Enter...
  Leave username blank & in password use admin in lower case...
  For Wireless Settings, please do the following : -
  Click on the Wireless tab
  -Here select manual configuration...Wireless Network mode should be mixed...
  -Provide a unique name in the Wireless Network Name (SSID) box in order to differentiate your network from your neighbours network...
  - Set the Wireless channel to 11-2.462GHz...Wireless SSID broadcast should be Enabled and then click on Save Settings...
  Please make a note of Wireless Network Name (SSID) as this is the Network Identifier...
  For Wireless Security : -
  Click on the Sub tab under Wireless > Wireless Security...
  Change the Wireless security mode to WEP, Encryption should be 64 bits.Leave the passphrase blank, don't type in anything...
  Under WEP Key 1 type in any 10 numbers please(numbers only and no letters eg: your 10 digit phone number) and click on save settings...
  Please make a note of WEP Key 1 as this is the Security Key for the Wireless Network...
  Click on Advanced Wireless Settings
  Change the Beacon Interval to 75 >>Change the Fragmentation Threshold to 2304, Change the RTS Threshold to 2304 >>Click on "Save Settings"...
  Now see if you can locate your Wireless Network and attempt to connect...
  If it still keeps on switching networks disable the wireless network connection and restart the computer...Click on Start and goto the Control Panel and double click on Network Connections, right click on Wireless Network Connection and click on Enable and then goto Properties.
  Now on this window, click on the second tab Wireless Network and give a check mark on "Use windows to configure my wireless" and then remove all the network names present in the Preferred Networks Window. Then click on OK...
  Right click on the Wireless Network Connection again and click on View Available Wireless Networks and try to re-connect to your network...
  Now it will give you the opportunity to put the network/wep key, make sure you enter the correct network key and confirm it...
  It will connect...
  If all the above fails then download and install the updated drivers for your Wireless Card...

• Query: Best practice SAN switch (network) access control rules?

  Dear SAN experts,
  Are there generic SAN (MDS) switch access control rules that should always be applied within the SAN environment?
  I have a specific interest in network-based access control rules/CLI-commands with respect to traffic flowing through the switch rather than switch management traffic (controls for traffic flowing to the switch).
  Presumably one would want to provide SAN switch demarcation between initiators and targets using VSAN, Zoning (and LUN Zoning for fine grained access control and defense in depth with storage device LUN masking), IP ACL, Read-Only Zone (or LUN).
  In a LAN environment controlled by a (gateway) firewall, there are (best practice) generic firewall access control rules that should be instantiated regardless of enterprise network IP range, TCP services, topology etc.
  For example, the blocking of malformed TCP flags or the blocking of inbound and outbound IP ranges outlined in RFC 3330 (and RFC 1918).
  These firewall access control rules can be deployed regardless of the IP range or TCP service traffic used within the enterprise. Of course there are firewall access control rules that should also be implemented as best practice that require specific IP addresses and ports that suit the network in which they are deployed. For example, rate limiting as a DoS preventative, may require knowledge of server IP and port number of the hosted service that is being DoS protected.
  So my question is, are there generic best practice SAN switch (network) access control rules that should also be instantiated?
  regards,
  Will.

  Hi William,
  That's a pretty wide net you're casting there, but i'll do my best to give you some insight in the matter.
  Speaking pure fibre channel, your only real way of controlling which nodes can access which other nodes is Zones.
  for zones there are a few best practices:
  * Default Zone: Don't use it. unless you're running Ficon.
  * Single Initiator zones: One host, many storage targets. Don't put 2 initiators in one zone or they'll try logging into each other which at best will give you a performance hit, at worst will bring down your systems.
  * Don't mix zoning types:  You can zone on wwn, on port, and Cisco NX-OS will give you a plethora of other options, like on device alias or LUN Zoning. Don't use different types of these in one zone.
  * Device alias zoning is definately recommended with Enhanced Zoning and Enhanced DA enabled, since it will make replacing hba's a heck of a lot less painful in your fabric.
  * LUN zoning is being deprecated, so avoid. You can achieve the same effect on any modern array by doing lun masking.
  * Read-Only exists, but again any modern array should be able to make a lun read-only.
  * QoS on Zoning: Isn't really an ACL method, more of a congestion control.
  VSANs are a way to separate your physical fabric into several logical fabrics.  There's one huge distinction here with VLANs, that is that as a rule of thumb, you should put things that you want to talk to each other in the same VSANs. There's no such concept as a broadcast domain the way it exists in Ethernet in FC, so VSANs don't serve as isolation for that. Routing on Fibre Channel (IVR or Inter-VSAN Routing) is possible, but quickly becomes a pain if you use it a lot/structurally. Keep IVR for exceptions, use VSANs for logical units of hosts and storage that belong to each other.  A good example would be to put each of 2 remote datacenters in their own VSAN, create a third VSAN for the ports on the array that provide replication between DC and use IVR to make management hosts have inband access to all arrays.
  When using IVR, maintain a manual and minimal topology. IVR tends to become very complex very fast and auto topology isn't helping this.
  Traditional IP acls (permit this proto to that dest on such a port and deny other combinations) are very rare on management interfaces, since they're usually connected to already separated segments. Same goes for Fibre Channel over IP links (that connect to ethernet interfaces in your storage switch).
  They are quite logical to use  and work just the same on an MDS as on a traditional Ethernetswitch when you want to use IP over FC (not to be confused with FC over IP). But then you'll logically use your switch as an L2/L3 device.
  I'm personally not an IP guy, but here's a quite good guide to setting up IP services in a FC fabric:
  http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/4_1/configuration/guides/cli_4_1/ipsvc.html
  To protect your san from devices that are 'slow-draining' and can cause congestion, I highly recommend enabling slow-drain policy monitors, as described in this document:
  http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/int/nxos/intf.html#wp1743661
  That's a very brief summary of the most important access-control-related Best Practices that come to mind.  If any of this isn't clear to you or you require more detail, let me know. HTH!

• "vlan dot1q tag native" end-to-end QoS switched network

  Guys,
  Can I use this in my switched network design, (without using 802.1q tunneling as documentation always seems to mention this vlan in a vlan scenario???)
  I have native vlans and I want to act upon the 802.1p CoS field from end-to-end in my switched network. If the packet happens to be in a native vlan, I cannot do this.
  ie
  pc------accessswitch--------distswitch/rtr
  between access and distribution, there is a dot1q trunk, and the native vlan is the vlan what the pc is in
  Choices.
  run this comand vlan dot1q tag native
  dont have a native vlan, ie have vlan 1 (default as native) on the dot1q up to the dist
  or act only upon L3 dscp
  Can anyone help?
  Many thx,
  Ken

  Hi there,
  Many thx for that. This I understand and the question was really, if I wanted to use a dot1p tag in the dot1q header, but the vlan that the PC was on was the same vlan as the native vlan on the dot1q trunk, what is the best option to ensure I can action qos.
  Just trust dscp on the trunks always
  tag the native,
  or just dont run a native vlan
  I hope this makes sense. Sorry if I was a little confusing b4.
  Thx
  Ken

• LAN switched network

  anyone know what the average bandwidth for a company based on LAN games and Online games are?
  (it could be any game)
  what factors must take into account to design a LAN switched network based on hierarchical model?
  cheers

  Disclaimer
  The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.
  Posting
  Joseph, How can I minimun latency in LAN as well no packet loss? with protocols, switches,...How packet transmission latency is reduced when all of hosts are connected to access switches on 100Mbps? why not 10 or 1000Mbps?
  "... or gig." = 1000 Mbps
  Why not 10 Mbps?  Because transmission latency, for any size packets is reduced as bandwidth is increased.
  How no packet loss?  With sufficient bandwidth so there's little need to queue, and if you do need to queue (which again we want to avoid), sufferient buffering so packets aren't dropped.
  on the other hand, imagine for a LAN game you need 1Mbps bandwidth. There are 4 VLANs(12,24,36,48 users in each VLAN) and you must use hierarchical model( access,distribution and core layers) and just are allowed to use VLAN,Trunk,VTP,DTP and Rapids PVST+.How can I reache to this amount of bandwidth in LAN?
  Why must you use hierarchical model?  Modern data center designs, which are aimed at minimum latency, often no longer use the 3 layer design.
  If you have multiple VLANs, and we cannot route, hosts won't be able to contact hosts on other VLANs.
  Don't understand your last question.

• T400: Internet does not work when switching networks unless reboot?

  Hi everyone,
  I can't seem to establish an internet connection when I switch networks (e.g., internet at work, then at home). It gives me an error saying "limited connectivity" or failed to renew IP. This happens for both wired and wireless connections. 
  I tried turning off the firewall (comodo internet security) along with the windows firewall. I tried letting windows handle all my internet connections. Yet the error still happens. So I just have to simply reboot my laptop, and everything works 100%. 
  I never had an issue like this with other laptops. Could this possibly have something to do with some of the bundled Lenovo software? I disabled most (if not all) of them since I barely use them. 
  Thanks for your help.  This is my 1st thinkpad, and I'm enjoying it so far. 

  Hi gatorman1122,
  I had a similar problem with my T400.  What wifi card do you have installed?
  I had an Intel 5300.  Networking was OK with XP Pro installed, but messed up with either Vista Ultimate 32-bit or Vista Business 64-bit installed.  All were Lenovo OS images.  I tried 2 different 5300s.
  I only saw the problem with wifi, but basically if I changed access points or changed from wired to wireless, the first attempt to use the (new) access point would fail to get an address.  An immediate reboot would cause it to succeed.
  I finally got the issue escalated to a 2nd-tier tech.  He sent me a 5100 to try. That fixed it.  I doubt it is a hardware issue.  It is most likely a Vista/Intel/Lenovo software issue/conflict.  IMNSHO, ThinkPad wifi w/Vista is a mess.  One of the most fundamental laptop features should work much better than this.  Many folks have T-series wifi problems and Lenovo seems to be ignoring it.
  Just to add to the excitement, I told a friend buying two new T400s to order 5100s to avoid the problem.  He did, and got the machines with XP installed.  They both exhibited the same bad behavior    Once he updated XP and all the Lenovo stuff, they started to work OK and have stayed OK.  Grrrr.....
  Z.
  The large print: please read the Community Participation Rules before posting. Include as much information as possible: model, machine type, operating system, and a descriptive subject line. Do not include personal information: serial number, telephone number, email address, etc.  The fine print: I do not work for, nor do I speak for Lenovo. Unsolicited private messages will be ignored. ... GeezBlog
  English Community   Deutsche Community   Comunidad en Español   Русскоязычное Сообщество

• How to know the topology of my switched network?

  Hi,
  Our switched network has approximatley 90 switches and i've been assingned the task to draw the topology.
  I've been told the below information:
  1. All are cisco switches itslef.
  2. I've been provided with ROOT credentials
  3. They told that each switch is connected to two other switches other than the ROOT switch.
  4. The main problem is i shouldn't enter into the datacentre ...rather sitting at my desk i need to prepare it and i've been provided with one day time.
  I know that CDP helps but logging into 90 switches is a bit tedius process. So i there any command to get the topolgoy?
  Can some please help me with this ?
  Regards,
  Chandu

  Just dig in and start doing it. 1-2 days of solid work and you'll be done.
  Start at the core and proceed to each connected switch. Repeat until you've covered them all.
  The key commands I'd use are:
  show cdp nei
  show cdp nei det | i address
  show ip int br | ex una
  Also separately save copies of the configs for later review.
  term len 0
  show run
  All of the above while logging your sessions to file.

• Ms exchange activesync problem when switching networks

  i've noticed that when i switch networks (i.e. go from ny to sf), i land and set my phone from airplane mode to active, my iphone does not sync with my company's exchange server. it gives me a connection error. i then have to do a reset of the phone and it works fine.
  this also occurs when i switch from 3G to edge and vice versa. i have to do a hard reset of the phone in order to get mail to work again. this doesn't occur with my gmail account, just my MS Exchange activesync.
  anyone else notice this?

  by the way, i'm running 2.0.1 firmware and this was not a problem with 2.0 firmware.

• ADF Mobile : Switching Networks

  JDeveloper 11.1.2.4.0
  ADF Mobile extension: 11.1.2.4.39.64.44
  Hello,
  I've noticed in my ADF Mobile app that if the phone switches networks, (say from WiFi to 3G), my web service calls work and return data ok, but a message pops up with:
  "Cannot connect to <host> on port <port>:java.net.ConnectionException:Connection refused."
  I'm guessing this has something to do with the IP address of my phone changing when it switches networks? Anyone seen this before? Any help would be much appreciated.
  Cheers, Rich.

  What is the <host> in the message? Is it 127.0.0.1?
  Use 10.0.2.2 instead.
  Using the Emulator | Android Developers

• MPLS for small network

  In the past we have always had point to point links between our 3 remote offices and our corporate office. We're now switching to a MPLS network for all four sites.
  We currently use Cisco 1721 routers for our WAN. What protocol should we use for routing across this new MPLS network? I'm also looking for a document what else I may need to configure for this MPLS design on the router itself.
  We will have 1721 routers at all sites.

  Hi,
  for you as a customer the most appropriate picture is: The MPLS VPN behaves like one single IP router interconnecting your sites.
  In your case just consider your 4 1721 being connected to one ISP router. There is no MPLS specific config needed on your 1721, MPLS is only within your ISP network.
  This means: you send IP routing updates from one site to the "MPLS IP router simulator" and the updates will be sent further on to the other 3 1721. You forward an IP packet to the "MPLS IP router simulator" and it forwards it as IP packet to one of your other 3 1721.
  If you are not dual homed or using backups then RIP would address all your needs. Also static routing might be suitable and the most simple aproach in your scenario.
  Hope this helps! Please rate all posts.
  Regards, Martin

• Metro Ethernet Switches Network Implementations

  I wish that Cisco would collect as many as network scenarios and pratical configurations for 3750ME, Metro Ethernet, and MPLS, starting with few basic one.
  Cut down the marketing materials. It will benefits all customers and cut down supports.

  There are lot of such materials.
  http://www.cisco.com/en/US/products/hw/switches/ps5532/tsd_products_support_series_home.html
  http://www.cisco.com/en/US/netsol/ns341/ns396/ns223/ns227/networking_solutions_sub_solution.html
  http://www.cisco.com/en/US/tech/tk436/tsd_technology_support_category_home.html
  Hope this helps

• IVR Setup (MPLS to Data network & PSTN netowrk)

  Dear Friends,
  Please provide me great full support any body....
  I have a requirement of IVR call center config....
  My resources ...
  1. I have a 2 Mbps MPLS bandwidth at my office,
  2. I have Cisco 867VAE-K9 Router,
  3. I have a server & client setup for IVR
  4. I have Linephone syntal (VOIP Phones)
  5. I have a L2 switches.....
  My requirement.......
  Please find the attached screen shot & I wanted to config data network & parallel do the PSTN config for IVR Setup on the same router (Cisco 867) from MPLS Line... as shown on image.
  Kindly advice me for data & pstn line how can I config....
  Is do required any voice channel creating on C867, if required please help me with config.....
  Could you explain me what is cpe router & media gateway on attached pic,
  what type of physical connectivity is required from CPE Router to PSTN via media gateway.....
  Thanks & Regards,
  Srinivas. N. 

  Hi,
  Let me explain terms CPE and Media gateway based on your topology
  CPE (Customer Premises  Equipment) : This is a router which will be placed in customer site by ISP to terminate MPLS connection or lease lines.
  Media gateway: It is device which is used to convert digital voice signal from ISDN PRI line to IP packet . see Wikipedia for correct explanation.
  Solution for Voice,
  In your pic, PRI line is terminating on media gateway. So you should register this media gateway with call manager using either MGCP or H.323 protocol. I would prefer MGCP because of less overhead to configure.
  Configuration required in Media gateway.( Assuming media gateway is a cisco router and you have cisco call manager)
  You can connect CPE with media gateway using Ethernet cable.
  Basic IP configuration which should be reachable from your call manager.
  ISDN PRI configuration in E1 port.
  MGCP Backhaul configuration.
  Register this router in Call Manager as a MGCP gateway.
  Follow the link for the configuration example
  https://supportforums.cisco.com/document/90521/mgcp-gateway-integration-cucm-and-pstn-service-provider
  Configuration Required in CPE router.
  You only need to do WAN ip, LAN ip and static routing configuration in CPE router which will normally doing by service provider. No need to do any voice related  configuration.
  Rest all the configuration in IVR server and Call manager. Also you need  to register IP Phone with Call manager and as well as agent configuration required in IVR server for this phones.
  HTH,
  Regards,
  Naisam

• Switched networks, then back and now bonjour no longer works

  I was testing my neighbors network then i switched back and now my 2 PCs can no longer connect to the printer through bonjour. I ran the bonjour printer utility and it sees the printer on both, but then as it is connecting it says "you do not have sufficient access to your computer to connect to the selected printer" ive tried everything i can think of, i cant get it to wok on either network, and it used to work on mine. Each time it sees it there but gives the same error. I even tried changing the network name and doing it all over agian like the first day i connected them. I can see my shared folders and access files both form the PCs and the Mac. Its only the printers. HELP!!!

  Hi abstractls,
  You may be having the same problem as me. If the Airport Express is NOT connected to the internet, the Macs will still work, but the PC print routines say "you do not have sufficient access to your computer to connect to the selected printer" or just "An unknown error occurred during printing". If you reconnect the internet, the problem goes away.
  I suspect that the PC is not getting an IP address assigned to it by the Airport Express, and cannot cope without it, but the Mac is OK.
  My problem is that I do not want to connect the Airport Express to the net, I just want it to share a printer between Macs and PC. Does anyone know of a fix for that problem? I have told the Airport Express to ignore the lack of an internet connection, but that just switches off the amber light...

• How can I avoid Thunderbird timeouts when switching network connections?

  I'm using Thunderbird 24.4.0 but this problem goes back many releases.
  This problem happens when I switch from an external WiFi network to my company's internal LAN (ethernet).
  I'm connected to the company's email server via WiFi from home and can get and receive email no problem. I then turn off the WiFi, put the laptop to sleep, take it to work, wake it up, and plug in the Ethernet cable. I click on Get Mail and in the status bar at the bottom it says "Connecting to [servername] ..." and stays that way until I get a notification that Thunderbird timed out. I click on Get Mail again and this time it says "Connected to [servername] ..." and it gets my email. (It may have briefly said "Connecting to" prior to "Connected to" but I think I've only seen that once.)
  Why does it never work the first time but has to timeout before it will successfully connect, and what can I do to get it to connect without having to go through a timeout cycle?
  Thanks,
  --Steve

  Networking is an area of some frustration. Recently, some bug reports are seeing progress. The place to be to test these fixes is in development builds
  Note yet fixed:
  https://bugzilla.mozilla.org/show_bug.cgi?id=939318
  NetworkLinkService should be enabled so Necko can respond to network changes (not offline auto-detection)
  https://bugzilla.mozilla.org/show_bug.cgi?id=972262
  DNS cache is not flushed/re-initialized when toggling offline/online
  fixed in tb30:
  https://bugzilla.mozilla.org/show_bug.cgi?id=981513
  dns cache grace period error busting too aggressive
  https://bugzilla.mozilla.org/show_bug.cgi?id=981447
  dns cache too sticky!
  fixed in tb30

• EAP-PEAP and EAP-TLS on same switched network

  Hello,
  I'd like to enable both EAP-PEAP and EAP-TLS on the same network to support 802.1x authentication. The reasons are because of historical things i.e. 'older' devices use PEAP and newer devices  use TLS. Over time all will be using TLS, but for now both will the there.
  The AAA server is a Cisco ASC (4.2 or 5.1 - don't know yet)
  I've not tested this or so, but I don't think this will be an issue....because from a switch point of view, it is just passing EAP traffic to teh Radius and so the required services need to be made available on the Radius server...is that a correct assumption?
  Thanks,
  Guy

  You are right Guy, the switch just as act as an termediary device. It just passes EAPOL packet between the ACS server and client, and waits till the ACS server authenticate the client(internal DB, or external DB= AD, LDAP). You just need to enable EAP/TLS, MS-CHAP and MS-CHAPv2 for PEAP in the ACS server. Last make sure that your certificates at both side are valid and sign by the CA.
  Good Luck,
  --Jean Paul