Saturday, December 31, 2016
Grand Central Encounter
There are certain people you meet along the way in this life, that when you do meet them, you think to yourself: "that was pretty cool". My wife and I met a train conductor from Queens tonight. We talked to him for about ten minutes or so. It was just a neat encounter to me. But I think, somehow, it may have been good for him also. Below is inside Grand Central Station. It's called the whispering hall. It's where the encounter happened.
Friday, December 30, 2016
Thursday, December 29, 2016
Tuesday, December 27, 2016
Monday, December 26, 2016
Sunday, December 25, 2016
Merry Christmas!
Let us not forget, that a Savior was born of a virgin, lived sinless on the Earth, took our place and took the punishment for our sins, died on that cross, and rose from the dead three days later. And He lives today. Merry Christmas!
Saturday, December 24, 2016
The Silence Of Christmas Eve...
In the midst of Christmas parties and family gatherings, I experienced a moment tonight that I won't soon forget. As my wife and I were at home, I walked outside to the back yard and down my back steps, only to notice the sound of literally nothing. No neighborhood dogs barking. No constant sound of traffic on the larger streets. No one coming or going into the neighborhood. Literally nothing. It actually seemed quite eerie. I don't recall ever hearing that before here in Birmingham this year. It was actually nice when I think about it.
Friday, December 23, 2016
Wednesday, December 21, 2016
Good-bye Brocade
In case you don't know, I've recently just left working for Brocade (Broadcom, or whoever is going to be on the IP side). Even though it was a short time, I have to say it was mostly a good experience.
Saturday, December 17, 2016
Friday, December 16, 2016
Coming in 2017... White Rhino Security
I'm going to refer you to my new page on this blog. White Rhino Security
Thursday, December 15, 2016
Neighborhood Watch
Wednesday night at 10 pm, my wife and I went on a self scheduled neighborhood watch in our area. I've been so fed up with all the crime where I live, we decided to do this tonight. Within two hours of driving around our Birmingham neighborhood, we actually caught someone. They ran and I'm hoping they won't be back, now that they know we in this neighborhood, are watching.
If you are fed up with crime in your area, take part in something like this. Its worth it.
If you are fed up with crime in your area, take part in something like this. Its worth it.
Tuesday, December 13, 2016
Time Out For Desert...
A BRC (Brocade resident consultant) and I came across a Venezuean restaurant yesterday at lunch. I'm really not one for trying new foods, but this below was really good. Plums and cream cheese together.
Monday, December 12, 2016
Home Projects: Kreg Jig
My sales guy was taking me about this tool called a kreg jig. I have to admit, I had never heard of such a thing. Basically, this tool helps you put screws in wood so that 1. they can be hidden and 2. it can help your projects come out stronger built. What's not to like about that?
So I'm no pro when it comes to making stuff. I do the best I can and it's a long shot from looking like something that comes out of a catalog. However, I'm doing better now that I bought this kreg jig tool. This was my first project:
So this is going to hold my TV, among a free other decorative things. We wanted our TV up higher, so I built this. It's study and after staining or painting it, should do the job.
Here is what the kreg jig looks like and a few pictures of the "during" the build, to give you an idea on how it works.
So I'm no pro when it comes to making stuff. I do the best I can and it's a long shot from looking like something that comes out of a catalog. However, I'm doing better now that I bought this kreg jig tool. This was my first project:
So this is going to hold my TV, among a free other decorative things. We wanted our TV up higher, so I built this. It's study and after staining or painting it, should do the job.
Here is what the kreg jig looks like and a few pictures of the "during" the build, to give you an idea on how it works.
Sunday, December 11, 2016
Friday, December 9, 2016
IoT
I went to discuss Brocade gear with a customer today (the new 7150s). We ended up talking about IoT. This technology stuff is getting way out of hand. When thinking about security in the home, I'll probably be a "last adopter" of IoT. Hacking is already an issue. Now security to the home environment is going to be a thought to contend with.
Wednesday, December 7, 2016
Brocade Switch: ICX6610 POE Upgrade
I know I have posted on this at some point, but I wanted to cover it again. Here is how you upgrade the POE firmware on an ICX switch. 10.10.10.1 is my tftp server where my firmware is located.
ICX6610-24P Switch#inlin power install-firmware stack 1 tftp 10.10.10.1 fcx_poeplus_02.1.0.b004.fw
ICX6610-24P Switch#Flash Memory Write (8192 bytes per dot)
....................
tftp download successful stackId = 1 file name = poe-fw
Sending PoE Firmware to Stack Unit 1.
PoE Warning: Upgrading firmware in slot 1....DO NOT SWITCH OVER OR POWER DOWN THE UNIT.
PoE Info: FW Download on slot 1...sending download command...
PoE Info: FW Download on slot 1...TPE response received.
PoE Info: FW Download on slot 1...sending erase command...
PoE Info: FW Download on slot 1...erase command...accepted.
PoE Info: FW Download on slot 1...erasing firmware memory...
PoE Info: FW Download on slot 1...erasing firmware memory...completed
PoE Info: FW Download on slot 1...sending program command...
PoE Info: FW Download on slot 1...sending program command...accepted.
PoE Info: FW Download on slot 1...programming firmware...takes around 6 minutes....
U1-MSG: PoE Info: Firmware Download on slot 1.....10 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....20 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....30 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....40 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....50 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....60 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....70 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....80 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....90 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....100 percent completed.
PoE Info: FW Download on slot 1...programming firmware...completed.
PoE Info: FW Download on slot 1...upgrading firmware...completed. Module will be reset.
PoE Info: Resetting in slot 1....
PoE Info: Resetting module in slot 1....completed.
PoE Info: Programming Brocade defaults.....
PoE Info: Programming Brocade defaults. Step 1: Writing port defaults on module in slot 1....
PoE Info: Programming Brocade Defaults: Step 2: Writing PM defaults on module in slot 1.
PoE Info: Programming Brocade defaults. Step 3: Writing user byte 0xf0 on module in slot 1.
PoE Info: Programming Brocade defaults. Step 4: Saving settings on module in slot 1.
PoE Info: Programming Brocade defaults....completed.
ICX6610-24P Switch#inlin power install-firmware stack 1 tftp 10.10.10.1 fcx_poeplus_02.1.0.b004.fw
ICX6610-24P Switch#Flash Memory Write (8192 bytes per dot)
....................
tftp download successful stackId = 1 file name = poe-fw
Sending PoE Firmware to Stack Unit 1.
PoE Warning: Upgrading firmware in slot 1....DO NOT SWITCH OVER OR POWER DOWN THE UNIT.
PoE Info: FW Download on slot 1...sending download command...
PoE Info: FW Download on slot 1...TPE response received.
PoE Info: FW Download on slot 1...sending erase command...
PoE Info: FW Download on slot 1...erase command...accepted.
PoE Info: FW Download on slot 1...erasing firmware memory...
PoE Info: FW Download on slot 1...erasing firmware memory...completed
PoE Info: FW Download on slot 1...sending program command...
PoE Info: FW Download on slot 1...sending program command...accepted.
PoE Info: FW Download on slot 1...programming firmware...takes around 6 minutes....
U1-MSG: PoE Info: Firmware Download on slot 1.....10 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....20 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....30 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....40 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....50 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....60 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....70 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....80 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....90 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....100 percent completed.
PoE Info: FW Download on slot 1...programming firmware...completed.
PoE Info: FW Download on slot 1...upgrading firmware...completed. Module will be reset.
PoE Info: Resetting in slot 1....
PoE Info: Resetting module in slot 1....completed.
PoE Info: Programming Brocade defaults.....
PoE Info: Programming Brocade defaults. Step 1: Writing port defaults on module in slot 1....
PoE Info: Programming Brocade Defaults: Step 2: Writing PM defaults on module in slot 1.
PoE Info: Programming Brocade defaults. Step 3: Writing user byte 0xf0 on module in slot 1.
PoE Info: Programming Brocade defaults. Step 4: Saving settings on module in slot 1.
PoE Info: Programming Brocade defaults....completed.
Tuesday, December 6, 2016
Monday, December 5, 2016
How To Reboot A Juniper Firewall Remotely With SSH Access
Real quick. I had to reboot a Juniper firewall not long ago (because of some VPN issues). Here is how to reboot the Juniper Firwall when you are remote, and you have SSH access into it.
Remote Management Console
juniperfirewall-> reset
System reset, are you sure? y/[n] y
In reset ...
Remote Management Console
juniperfirewall-> reset
System reset, are you sure? y/[n] y
In reset ...
Sunday, December 4, 2016
Saturday, December 3, 2016
Home Projects: Pantry Shelves
In the old '35 house, I needed to add some pantry shelves. I wanted to add something with a wood look, since the countertops are butcher block. This was simple and serves the purpose.
Friday, December 2, 2016
Cisco Config: Router Being Used For Remote-Access VPN
I've done this config already in the past, but I think its worth mentioning again for those who will grab whatever they have on a shelf to make a VPN work. I did grab a Cisco 2801 off of a shelf, simply because I needed something to change out a Juniper VPN router that was giving me problems. Here is the config for adding a remote-access config in for VPN in back into a site.
access-list 111 deny ip 10.250.251.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 111 permit ip any any
access-list 101 permit ip 10.250.251.0 0.0.0.255 10.0.0.0 0.255.255.255
ip local pool ippool 10.250.251.50 10.215.251.250
ip nat inside source list 111 interface FastEthernet0/1 overload
username cisco password anyoldpassword
aaa new-model
aaa authentication login userauthen local
aaa authorization network groupauthor local
crypto isakmp policy 3
encr aes 256
hash sha
authentication pre-share
group 2
crypto ipsec transform-set myset esp-aes 256 esp-sha-hmac
crypto isakmp client configuration group vpncl1ent
key myvpnkey
domain cisco.com
pool ippool
acl 101
crypto dynamic-map dynmap 10
set transform-set myset
reverse-route
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
interface FastEthernet0/0
ip add 10.250.250.2 255.255.255.224
no shut
interface FastEthernet1/0
ip add 12.12.12.222 255.255.255.224
no shut
crypto map clientmap
access-list 111 deny ip 10.250.251.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 111 permit ip any any
access-list 101 permit ip 10.250.251.0 0.0.0.255 10.0.0.0 0.255.255.255
ip local pool ippool 10.250.251.50 10.215.251.250
ip nat inside source list 111 interface FastEthernet0/1 overload
username cisco password anyoldpassword
aaa new-model
aaa authentication login userauthen local
aaa authorization network groupauthor local
crypto isakmp policy 3
encr aes 256
hash sha
authentication pre-share
group 2
crypto ipsec transform-set myset esp-aes 256 esp-sha-hmac
crypto isakmp client configuration group vpncl1ent
key myvpnkey
domain cisco.com
pool ippool
acl 101
crypto dynamic-map dynmap 10
set transform-set myset
reverse-route
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
interface FastEthernet0/0
ip add 10.250.250.2 255.255.255.224
no shut
interface FastEthernet1/0
ip add 12.12.12.222 255.255.255.224
no shut
crypto map clientmap
Thursday, December 1, 2016
Qoute For The Day: 36 Again
As Mehul so kindly pointed out (thank you Mehul), 31 and 36 are the same. So, here is a "redo" of 36:
"Forgive others, not because they deserve forgiveness, but because you deserve peace." ~~ Unknown
"Forgive others, not because they deserve forgiveness, but because you deserve peace." ~~ Unknown
Quote For The Day: 36
"If we ever forget that we are One Nation Under God, then we will be a nation gone under." ~~ Ronald Reagan
Wednesday, November 30, 2016
The Network Guy: Facts And Feels
I've been a network guy for a long time now. So as I say what I'm about to say, I think it will make some sense to you older guys (like me). Some of you seasoned veterans out there, it would be nice to get your input on this post.
I had this conversation today with my sales guy about sizing a core environment for a particular potential customer. He was asking me if a certain model of Brocade switch would work (ICX7450) for a core switch, instead of a pair of ICX6610s. At this point in the conversation, I'm already a little uncomfortable (technically speaking). My first question to my sales guy is "How many devices are on the network?" His response was "Not sure, Ill have to verify. But no more than 200." At this point, I automatically will say "No, the 7450s wont work in the core. Go with the 6610s."
As the conversation continued, we did get back into the verification conversation. I told him to verify how many devices they had on the network. If its 70 or less, go with the 7450s. If its more than 70, go with the 6610s. We also did have the 10gig uplink conversation, as in "How many 10gig uplinks do they need?" No more than eight would be appropriate for the 7450s (two of them), but if more was needed, go with the 6610s.
Back to the first part of this conversation. How did I concluded that the magic number of 70 devices was the breaking point for the 7450s being a core (if they didn't need more than 8 10gig uplinks)? I told my sales guy this: "Look man, I don't have a 'fact' to go on here. Its a 'feel'. I cant say that 70 devices is the magic device number for a core switch for the 7450s. Its just what I'm comfortable with, technically speaking." But, that comfort level comes with technical experiences. Both in Brocade and Cisco environments. What particular models will do and what they perform like. Again, its a 'feel' from experiences. Not because I 'know for a fact' in these cases. I realize there are other things to consider (like traffic patterns, etc), but generically speaking, as time goes by and your experiences increase, you just kindof know these things. Even without having the hard proof.
If you truly have a 'feel' for something, go with that feel. Sometimes that IS the best proof you have.
I had this conversation today with my sales guy about sizing a core environment for a particular potential customer. He was asking me if a certain model of Brocade switch would work (ICX7450) for a core switch, instead of a pair of ICX6610s. At this point in the conversation, I'm already a little uncomfortable (technically speaking). My first question to my sales guy is "How many devices are on the network?" His response was "Not sure, Ill have to verify. But no more than 200." At this point, I automatically will say "No, the 7450s wont work in the core. Go with the 6610s."
As the conversation continued, we did get back into the verification conversation. I told him to verify how many devices they had on the network. If its 70 or less, go with the 7450s. If its more than 70, go with the 6610s. We also did have the 10gig uplink conversation, as in "How many 10gig uplinks do they need?" No more than eight would be appropriate for the 7450s (two of them), but if more was needed, go with the 6610s.
Back to the first part of this conversation. How did I concluded that the magic number of 70 devices was the breaking point for the 7450s being a core (if they didn't need more than 8 10gig uplinks)? I told my sales guy this: "Look man, I don't have a 'fact' to go on here. Its a 'feel'. I cant say that 70 devices is the magic device number for a core switch for the 7450s. Its just what I'm comfortable with, technically speaking." But, that comfort level comes with technical experiences. Both in Brocade and Cisco environments. What particular models will do and what they perform like. Again, its a 'feel' from experiences. Not because I 'know for a fact' in these cases. I realize there are other things to consider (like traffic patterns, etc), but generically speaking, as time goes by and your experiences increase, you just kindof know these things. Even without having the hard proof.
If you truly have a 'feel' for something, go with that feel. Sometimes that IS the best proof you have.
Tuesday, November 29, 2016
Brocade ICX L2 Config Tools
There is an SE here at Brocade that has really made things easy for configuring closet switches. He created this tool (located here) that asks you a series of questions in a dos prompt, and does the config for you based on your answers. He also created a GUI version of this tool (located here) that does the same thing. This is for L2 installs, not for the L3 core. Although, you can use them to get you started on the L3 config. Below is a copy of what you would expect. I put the config portion on the left, and the actual final config on the right. Its good stuff, and you should get this to help you along.
The CLI version:
The GUI version:
Monday, November 28, 2016
Cisco Router Break In
Had to break into another Cisco router that I didnt know the password for. Its real simple if you have physical access, which is why you keep your gear behind secured doors. Change the config register and you are in.
Readonly ROMMON initialized
rommon 1 >
rommon 1 > confreg 0x2142
You must reset or power cycle for new config to take effect
rommon 2 > reset
System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2006 by cisco Systems, Inc.
PLD version 0x10
...
Change it back to 0x2102 when you are in.
Readonly ROMMON initialized
rommon 1 >
rommon 1 > confreg 0x2142
You must reset or power cycle for new config to take effect
rommon 2 > reset
System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2006 by cisco Systems, Inc.
PLD version 0x10
...
Change it back to 0x2102 when you are in.
Sunday, November 27, 2016
Friday, November 25, 2016
Quote For The Day: 35
"I know in my heart that man is good. That what is right will always eventually triumph. And there's purpose and worth to each and every life." ~~ Ronald Reagan
Thursday, November 24, 2016
Wednesday, November 23, 2016
Websites That Monitor Your Movement
I'm not one to like someone monitoring my movements or really monitoring anything. I went to a website today, and as I was moving my mouse pointer up to the tab of the web browser to open another tab, and I noticed the screen blacked out and a message came up in the middle of the screen:
I've modified the whole message, but you get the point here. They were monitoring my mouse movements. Its been discussed a lot recently, and this site in particular actually was doing it. You have to keep in mind these things when you are on the Internet. Threats are everywhere out there. Ill be dedicating more to security on this blog in the future.
Tuesday, November 22, 2016
Brocade ICX Switch: Up,Down (LACP-BLOCKED) Message On Interface
Ever see this message on an interface before?
GigabitEthernet1/2/2 is up, line protocol is down (LACP-BLOCKED)
I saw this last night when trying to connect a Cisco switch configured for a port-channel to a Brocade ICX7450 LAG. Keep in mind, a LAG and Port-channel are the same thing, which is bonded ports for more throughput and redundancy. In this case, we were using LACP.
Config for a Brocade LACP LAG in version 8.X:
lag LAG01 dynamic id 1
ports ethernet 1/2/2 ethernet 1/2/4
primary-port 1/2/2
port-name ***ToCisco*** ethernet 1/2/2
deploy
Because I was getting the error message above, I asked the other engineer if they had their side configured for LACP. She said yes, but then she double checked and verified that she actually didn't have either "mode active" or "mode passive" with the "channel-group 1" command. She actually had "mode auto", which uses port aggregation protocol (PagP) instead. Simple mistake that we all make at some point. She corrected and then the LAG came up and we started passing traffic.
Below is what I saw when I did a "show lag" on the Brocade side"
DIR_Irondale_(config)#sh lag
Total number of LAGs: 1
Total number of deployed LAGs: 1
Total number of trunks created:1 (255 available)
LACP System Priority / ID: 1 / 609c.9f3a.a488
LACP Long timeout: 120, default: 120
LACP Short timeout: 3, default: 3
=== LAG "LAG01" ID 1 (dynamic Deployed) ===
LAG Configuration:
Ports: e 1/2/2 e 1/2/4
Port Count: 2
Primary Port: 1/2/2
Trunk Type: hash-based
LACP Key: 20001
Deployment: HW Trunk ID 1
Port Link State Dupl Speed Trunk Tag Pvid Pri MAC Name
1/2/2 Up Blocked Full 1G 1 Yes 18 0 609c.9f3a.a488 ***ToCisco***
1/2/4 Up Blocked Full 1G 1 Yes 18 0 609c.9f3a.a488
Port [Sys P] [Port P] [ Key ] [Act][Tio][Agg][Syn][Col][Dis][Def][Exp][Ope]
1/2/2 1 1 20001 Yes S Agg Syn Col Dis Def No Ina
1/2/4 1 1 20001 Yes S Agg Syn No No Def No Ina
GigabitEthernet1/2/2 is up, line protocol is down (LACP-BLOCKED)
I saw this last night when trying to connect a Cisco switch configured for a port-channel to a Brocade ICX7450 LAG. Keep in mind, a LAG and Port-channel are the same thing, which is bonded ports for more throughput and redundancy. In this case, we were using LACP.
Config for a Brocade LACP LAG in version 8.X:
lag LAG01 dynamic id 1
ports ethernet 1/2/2 ethernet 1/2/4
primary-port 1/2/2
port-name ***ToCisco*** ethernet 1/2/2
deploy
Because I was getting the error message above, I asked the other engineer if they had their side configured for LACP. She said yes, but then she double checked and verified that she actually didn't have either "mode active" or "mode passive" with the "channel-group 1" command. She actually had "mode auto", which uses port aggregation protocol (PagP) instead. Simple mistake that we all make at some point. She corrected and then the LAG came up and we started passing traffic.
Below is what I saw when I did a "show lag" on the Brocade side"
DIR_Irondale_(config)#sh lag
Total number of LAGs: 1
Total number of deployed LAGs: 1
Total number of trunks created:1 (255 available)
LACP System Priority / ID: 1 / 609c.9f3a.a488
LACP Long timeout: 120, default: 120
LACP Short timeout: 3, default: 3
=== LAG "LAG01" ID 1 (dynamic Deployed) ===
LAG Configuration:
Ports: e 1/2/2 e 1/2/4
Port Count: 2
Primary Port: 1/2/2
Trunk Type: hash-based
LACP Key: 20001
Deployment: HW Trunk ID 1
Port Link State Dupl Speed Trunk Tag Pvid Pri MAC Name
1/2/2 Up Blocked Full 1G 1 Yes 18 0 609c.9f3a.a488 ***ToCisco***
1/2/4 Up Blocked Full 1G 1 Yes 18 0 609c.9f3a.a488
Port [Sys P] [Port P] [ Key ] [Act][Tio][Agg][Syn][Col][Dis][Def][Exp][Ope]
1/2/2 1 1 20001 Yes S Agg Syn Col Dis Def No Ina
1/2/4 1 1 20001 Yes S Agg Syn No No Def No Ina
...
Just know that if you get the above message (GigabitEthernet x/x/x is up, line protocol is down (LACP-BLOCKED), you have a LAG protocol mismatch.
Monday, November 21, 2016
Home Projects: Pantry Shelves
One thing I really don't like in a home is the shelves made of wire. I just prefer wood. So I made these below in the old '35 house.
Sunday, November 20, 2016
Sunday Thought: "Relax, God's Got This"
I saw this on a church sign, and it's a good message. Hang in there.
Friday, November 18, 2016
Edible Plants: Rosemary
Rosemary smells really good to me. I really like running my hand down a branch of Rosemary and smelling the nice aroma it bears. Did you know you can eat it also? In my neighborhood, its almost in every yard and easily accessible. So if you have to have something to eat, and you can find it, you can eat it raw. Just like its smell, it leaves a strong taste on your breath. It doesn't seem to actually taste like you might think it would, but still not bad raw. I read that it has many health benefits to it as well. Just know if you are out of food, its one thing you can eat safely either cooked or raw.
Thursday, November 17, 2016
Brocade ICX7150: Stats To Know
Brocade has come out with a low end switch (even lower than the 7250). Its called the ICX7150, and its essentially a very cheap (in price) enterprise switch and performs about the same as the Cisco 3850s and 3650s. The 48 port 7150 has a forwarding rate of 134 Mpps and a switching backplane of 180 Gbps. Considering the Cisco 3850s forwarding rate for the 48P is 130.95 Mpps and the backplane comes in at 176 Gbps, even this very low end Brocade model still outperforms the Cisco 3850.
These 7150s go in the access closet. Considering the 7250s are already cheap in price, and the 7150s are even cheaper, this is going to be interesting...
You can find the datasheet here.
These 7150s go in the access closet. Considering the 7250s are already cheap in price, and the 7150s are even cheaper, this is going to be interesting...
You can find the datasheet here.
Wednesday, November 16, 2016
A Milestone: One Million Views On Network Fun!!!
The Network Fun!!! blog hit an official milestone today. One million views. Thank you all for participating.
Monday, November 14, 2016
Brocade VDX: Four Technical Benefits To Be Aware Of
I really like the VDX products for the data center. They have some really good benefits that I thought I would explain in a post. You should know why one product is better than another, apart from cost. What is the technology actually doing that makes a difference? Here are the ones I'm aware of for the VDX line.
1. There is not ARP age out waiting times when a VM server moves from one host to another. Meaning that when a VM moves from one VDX to another, the ARP entry is changed appropriately at the same time. This causes NO blip or downtime in waiting on the ARP entry to age out, like you would normally see. It happens immediately, and no traffic is lost. Its able to keep up with where the VM servers are.
2. When you create a VLAN on the VDX, it is automatically created in the VSwitch as well. This saves you from having you and the server guy doing the work. Now its just you doing it.
3. The packet buffers are truly "deep". 24 Meg deep. This means no dropped packets on heavily utilized gear. Competitors are nowhere near this much.
4. When it comes to the ISL links from one VDX to another, the data throughput is truly load balanced across each link. If you have three links, and 40% utilization, then all three links have 40% across them. Other vendors are not doing this. Streams get divided up instead of the packets, meaning in the three links I just mentioned, you may have 80%, 20%, and 35% on the bonded link. This method is not as effective for performance, whereas the Brocade way is.
5. Cheaper in price that competitors for what you are getting in the data center. Plain and simple.
Look into the VDX line. Its a great data center solution.
1. There is not ARP age out waiting times when a VM server moves from one host to another. Meaning that when a VM moves from one VDX to another, the ARP entry is changed appropriately at the same time. This causes NO blip or downtime in waiting on the ARP entry to age out, like you would normally see. It happens immediately, and no traffic is lost. Its able to keep up with where the VM servers are.
2. When you create a VLAN on the VDX, it is automatically created in the VSwitch as well. This saves you from having you and the server guy doing the work. Now its just you doing it.
3. The packet buffers are truly "deep". 24 Meg deep. This means no dropped packets on heavily utilized gear. Competitors are nowhere near this much.
4. When it comes to the ISL links from one VDX to another, the data throughput is truly load balanced across each link. If you have three links, and 40% utilization, then all three links have 40% across them. Other vendors are not doing this. Streams get divided up instead of the packets, meaning in the three links I just mentioned, you may have 80%, 20%, and 35% on the bonded link. This method is not as effective for performance, whereas the Brocade way is.
5. Cheaper in price that competitors for what you are getting in the data center. Plain and simple.
Look into the VDX line. Its a great data center solution.
Saturday, November 12, 2016
The American Citizen's Bill Of Rights
Just FYI. If you are a United States citizen (not illegal), then you have these rights by the Constitution of the United States of America. I have two of each, one in original language, and the other in simplified language (which I got from here). Its important for us American citizens to know our rights.
Amendment I
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.
Amendment I
The United States Congress can't make any law about your religion, or stop you from practicing your religion, or keep you from saying whatever you want, or publishing whatever you want (like in a newspaper or a book). And Congress can't stop you from meeting peacefully for a demonstration to ask the government to change something.
Amendment II
A well-regulated militia being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
Amendment II
Congress can't stop people from having and carrying weapons, because we need to be able to defend ourselves.
Amendment III
No soldier shall, in time of peace, be quartered in any house without the consent of the owner, nor in time of war, but in a manner to be prescribed by law.
Amendment III
You don't have to let soldiers live in your house, except if there is a war, and even then only if the United States Congress has passed a law about it.
Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Amendment IV
Nobody can search your body, or your house, or your papers and things, unless they can prove to a judge that they have a good reason to think you have committed a crime.
Amendment V
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury, except in cases arising in the land or naval forces, or in the militia, when in actual service in time of war or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use without just compensation.
Amendment V
You can't be tried for any serious crime without a Grand Jury meeting first to decide whether there's enough evidence for a trial. And if the jury decides you are innocent, the government can't try again with another jury. You don't have to say anything at your trial. You can't be killed, or put in jail, or fined, unless you were convicted of a crime by a jury. And the government can't take your house or your farm or anything that is yours, unless the government pays for it.
Amendment VI
In all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the State and district wherein the crime shall have been committed, which district shall have been previously ascertained by law, and to be informed of the nature and cause of the accusation; to be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the assistance of counsel for his defense.
Amendment VI
If you're arrested, you have a right to have your trial pretty soon, and the government can't keep you in jail without trying you. The trial has to be public, so everyone knows what is happening. The case has to be decided by a jury of ordinary people from your area. You have the right to know what you are accused of, to see and hear the people who are witnesses against you, to have the government help you get witnesses on your side, and you have the right to a lawyer to help you.
Amendment VII
In suits at common law, where the value in controversy shall exceed twenty dollars, the right of trial by jury shall be preserved, and no fact tried by a jury shall be otherwise reexamined in any court of the United States, than according to the rules of the common law.
Amendment VII
You also have the right to a jury when it is a civil case (a law case between two people rather than between you and the government).
Amendment VIII
Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.
Amendment VIII
The government can't make you pay more than is reasonable in bail or in fines, and the government can't order you to have cruel or unusual punishments (like torture) even if you are convicted of a crime.
Amendment IX
The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.
Amendment IX
Just because these rights are listed in the Constitution doesn't mean that you don't have other rights too.
Amendment X
The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.
Amendment X
Anything that the Constitution doesn't say that Congress can do should be left up to the states, or to the people.
Amendment I
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.
Amendment I
The United States Congress can't make any law about your religion, or stop you from practicing your religion, or keep you from saying whatever you want, or publishing whatever you want (like in a newspaper or a book). And Congress can't stop you from meeting peacefully for a demonstration to ask the government to change something.
A well-regulated militia being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
Amendment II
Congress can't stop people from having and carrying weapons, because we need to be able to defend ourselves.
No soldier shall, in time of peace, be quartered in any house without the consent of the owner, nor in time of war, but in a manner to be prescribed by law.
Amendment III
You don't have to let soldiers live in your house, except if there is a war, and even then only if the United States Congress has passed a law about it.
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Amendment IV
Nobody can search your body, or your house, or your papers and things, unless they can prove to a judge that they have a good reason to think you have committed a crime.
Amendment V
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury, except in cases arising in the land or naval forces, or in the militia, when in actual service in time of war or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use without just compensation.
Amendment V
You can't be tried for any serious crime without a Grand Jury meeting first to decide whether there's enough evidence for a trial. And if the jury decides you are innocent, the government can't try again with another jury. You don't have to say anything at your trial. You can't be killed, or put in jail, or fined, unless you were convicted of a crime by a jury. And the government can't take your house or your farm or anything that is yours, unless the government pays for it.
Amendment VI
In all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the State and district wherein the crime shall have been committed, which district shall have been previously ascertained by law, and to be informed of the nature and cause of the accusation; to be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the assistance of counsel for his defense.
Amendment VI
If you're arrested, you have a right to have your trial pretty soon, and the government can't keep you in jail without trying you. The trial has to be public, so everyone knows what is happening. The case has to be decided by a jury of ordinary people from your area. You have the right to know what you are accused of, to see and hear the people who are witnesses against you, to have the government help you get witnesses on your side, and you have the right to a lawyer to help you.
Amendment VII
In suits at common law, where the value in controversy shall exceed twenty dollars, the right of trial by jury shall be preserved, and no fact tried by a jury shall be otherwise reexamined in any court of the United States, than according to the rules of the common law.
Amendment VII
You also have the right to a jury when it is a civil case (a law case between two people rather than between you and the government).
Amendment VIII
Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.
Amendment VIII
The government can't make you pay more than is reasonable in bail or in fines, and the government can't order you to have cruel or unusual punishments (like torture) even if you are convicted of a crime.
The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.
Amendment IX
Just because these rights are listed in the Constitution doesn't mean that you don't have other rights too.
Amendment X
The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.
Amendment X
Anything that the Constitution doesn't say that Congress can do should be left up to the states, or to the people.
Friday, November 11, 2016
Edible Plants: Clover
I guess I wont get into the whole background of a thought process I have on this topic, but I have decided that I'm going to learn what plants and trees are edible. I think it could be valuable information, and you can find all kinds of info out there in "Internetland" discussing this sort of thing. But I thought I would add a section on this blog about this topic. The point is that if there is an emergency of any kind, you can still find food, should you need to. You just have to know what to look for. I'm learning myself on this topic, and I'm no expert. But, I think as I walk through this learning process, I would post about it. Also, if you try this, this is at your own risk. I suppose different people will have different side affects to this sort of thing.
My first plant that I thought I would learn about eating was clover. Just like what is in your yard. I went out and tried this, and it tasted very much like a green, sour apples. Its safe to eat and it actually tastes pretty good raw. I would recommend washing it off first.
As I'm still learning about this, you may certainly want to research for yourself the nutritional value and side affects of eating these things, like I'm doing. I do think its worth "knowing" this kind of information. Comments are certainly welcome as well.
Thursday, November 10, 2016
Ultimately...
Ultimately, doesn't this below reflect what really matters? You can make a change one interaction at a time. Wasn't Mother Teresa such a beautiful soul?
Wednesday, November 9, 2016
Don't Ever Give Up
Just goes to show, when you are down, it doesn't mean you are out. Don't give up when the odds are against you.
Tuesday, November 8, 2016
Monday, November 7, 2016
Some Thoughts About The Broadcom/Brocade Buyout...
Ok. Now that we are after the initial shock of this event of the "acquisition", here are some thoughts:
The product:
1. The ICX product line has not changed.
2. The dependability has not changed.
3. The performance/features have not changed.
The business look:
4. The IP product line is profitable. This is a good thing. Someone will want that profitability.
5. There are a ton of Brocade customers in the world. Someone will want those customers.
6. I'm sure there are contracts that are in place that have to be honored, such as warranty, support, etc.
7. Someone will want this side of the business. I can think of several "good fits" that could break into that business and integrate into their product line. I have zero insight into this, just like you. I only speculate.
If you are a Brocade customer, don't panic. Just wait and let's see what happens. It's not panic time at this point.
The product:
1. The ICX product line has not changed.
2. The dependability has not changed.
3. The performance/features have not changed.
The business look:
4. The IP product line is profitable. This is a good thing. Someone will want that profitability.
5. There are a ton of Brocade customers in the world. Someone will want those customers.
6. I'm sure there are contracts that are in place that have to be honored, such as warranty, support, etc.
7. Someone will want this side of the business. I can think of several "good fits" that could break into that business and integrate into their product line. I have zero insight into this, just like you. I only speculate.
If you are a Brocade customer, don't panic. Just wait and let's see what happens. It's not panic time at this point.
Sunday, November 6, 2016
Saturday, November 5, 2016
Friday, November 4, 2016
Brocade ICX: 6610/7450 PSU Interchangability
Just a quick note, but the power supplies of a 6610 are interchangeable with the 7450. Just FYI.
Thursday, November 3, 2016
The News... Broadcom Set To Aquire Brocade
Well, I just officially found out yesterday that Broadcom is acquiring Brocade. I'm literally stunned by this. You can read about it at the link below:
https://www.google.com/amp/mobile.reuters.com/article/amp/idUSKBN12X1A8?client=ms-android-hms-tmobile-us
https://www.google.com/amp/mobile.reuters.com/article/amp/idUSKBN12X1A8?client=ms-android-hms-tmobile-us
Wednesday, November 2, 2016
Brocade ICX: Multi VRF
Dont forget when you are working in a new environment, that you might come upon a multi-VRF environment. If that is the case, some of your normal commands might not work as you expected. For instance, you might have to specify the specific vrf you want to see things in. Below is an example of trying to see the ARP table. Notice the first time I run the "show arp", I get one entry. But, when I specify the VRF I'm actually looking for, I get more.
Switch#sh arp
Total number of ARP entries: 1
Entries in default routing instance:
No. IP Address MAC Address Type Age Port Status
1 10.15.84.1 cc4e.2496.9f00 Dynamic 0 1/1/24 Valid
Switch#
Switch#
Switch#
Switch#
Switch#sh arp vrf vrf2
Total number of ARP entries: 24
Entries in VRF vrf2:
No. IP Address MAC Address Type Age Port Status
1 10.15.68.1 cc4e.2496.9f00 Dynamic 1 1/1/24 Valid
2 10.60.6.12 a89d.2147.efc3 Dynamic 0 1/1/4 Valid
3 10.60.6.14 6400.6a58.4abb Dynamic 0 1/1/4 Valid
4 10.48.22.21 0023.ae84.efb1 Dynamic 0 1/1/4 Valid
5 10.48.22.22 0023.ae84.d1b0 Dynamic 1 1/1/4 Valid
...
Switch#
Switch#sh arp
Total number of ARP entries: 1
Entries in default routing instance:
No. IP Address MAC Address Type Age Port Status
1 10.15.84.1 cc4e.2496.9f00 Dynamic 0 1/1/24 Valid
Switch#
Switch#
Switch#
Switch#
Switch#sh arp vrf vrf2
Total number of ARP entries: 24
Entries in VRF vrf2:
No. IP Address MAC Address Type Age Port Status
1 10.15.68.1 cc4e.2496.9f00 Dynamic 1 1/1/24 Valid
2 10.60.6.12 a89d.2147.efc3 Dynamic 0 1/1/4 Valid
3 10.60.6.14 6400.6a58.4abb Dynamic 0 1/1/4 Valid
4 10.48.22.21 0023.ae84.efb1 Dynamic 0 1/1/4 Valid
5 10.48.22.22 0023.ae84.d1b0 Dynamic 1 1/1/4 Valid
...
Switch#
Tuesday, November 1, 2016
Brocade ICX7750: Stacking And Breakout Cables
I was reading this the other night, and wanted to pass this on to you engineers. This is an important thing to know for the 7750 when you want to stack them together, IF you need a breakout cable (40gig to 4 10gig) for another purpose. This below is from the FAQ for the 7750.
Q. Can splitter cables be used to split the Brocade ICX 7750
40 GbE ports into four 10 GbE ports?
A. Yes. The Brocade ICX 7750 supports the use of QSFP+ to 4x
SFP+ splitter cables, but only when switches are running in a standalone
switch configuration. Splitter cables cannot be used when Brocade ICX
7750 Switches are part of a stack (that is, running in a “stack member”
configuration). Also, there are some restrictions concerning which QSFP
ports can be split using these cables. Refer to the Brocade ICX 7750 product
documentation for further details.
Monday, October 31, 2016
Brocade ICX: Stacking Capabilities By Model
Here are some quick ICX stacking questions I get often. Just FYI below, the interface types:
ICX7250 supports only 10Gig stacking, up to 12 units. (Access closet switch)
ICX7450 supports both 10Gig and 40Gig stacking, up to 12 units. (Access closet switch and small core)
ICX6610 supports only 40Gig stacking, up to 8 units. (Small/Medium core switch)
ICX7750 supports only 40Gig stacking, up to 12 units. (Medium/Large core switch)
ICX7250 supports only 10Gig stacking, up to 12 units. (Access closet switch)
ICX7450 supports both 10Gig and 40Gig stacking, up to 12 units. (Access closet switch and small core)
ICX6610 supports only 40Gig stacking, up to 8 units. (Small/Medium core switch)
ICX7750 supports only 40Gig stacking, up to 12 units. (Medium/Large core switch)
Sunday, October 30, 2016
Saturday, October 29, 2016
Reason To Hope...
If you need hope, and we all do, then consider Jesus Christ. He gives us the hope we all so desperately need. Don't give up, you have a reason for being here. Reason To Hope by Ron Pope.
Friday, October 28, 2016
Thursday, October 27, 2016
Brocade ICX7250: Licensing The 8 Ports Of 10Gig
Just a note about the licensing for the 8 ports of 10Gig on the ICX7250. I had a partner ask me if we took off the BOM (Bill Of Materials) the 2x10G of the part number ICX7250-48-2X10G, and added the 8 port 10Gig license (ICX7250-8X10G-LIC-POD), then that would save the customer money. However, that is not the case. IF you want to license all 8 ports for 10Gig, then you must have the 2x10G added onto the part number of the switch. Lets look at the description more closely:
For part number ICX7250-48-2X10G:
Description: 48-port 1 GbE switch bundle with 2x1GbE/10GbE + 6x1GbE SFP+ (upgradeable to 10GbE) uplink/stacking ports upgrade
For part number ICX7250-48-2X10G:
Description: 48-port 1 GbE switch bundle with 2x1GbE/10GbE + 6x1GbE SFP+ (upgradeable to 10GbE) uplink/stacking ports upgrade
Now, you add this for the other 6 ports for 10Gig:
Part number: ICX7250-8X10G-LIC-POD
Description: ICX7250 upgrade from 2X1/10GE + 6X1GE uplink/stacking ports to 8X1/10GE uplink/stacking ports. This can only be applied to an ICX7250 that already has a 2X10G license applied.
Notice that keyword "to" (highlighted). You must have the 2x10G before you can apply the 8x10G license. That really should say 6x10G, and can be a little confusing. I hope this clears up any confusion. |
Wednesday, October 26, 2016
A Rare Thing From The Provider
Yesterday, I had to go install an ICX7450 switch that acted as a gateway across an MPLS network. Oddly, my WAN interface did not come up. It was down/down. I thought maybe the provider didn't provision the cienna box correctly, so I called them up. It turns out that they did provision it correctly, but that the biscuit jack handoff was the issue. My curiosity got the best of me. Not sure if you can notice in the second picture, but the orange cable isn't punched down all the way, which caused the issue. However, I didn't bother with it. I just plugged straight into the cienna.
Tuesday, October 25, 2016
Home Projects: A Proud Feeling...
As I write this blog, I'm usually a few days ahead of the actual day a post goes up. Not always, just usually. However, this one is just a couple hours past real time (at 12:59 AM). At the end of the story of that 1935 house that my wife and I are redoing, there is a young couple that resides as "first time home owners". My daughter and son-in-law, to be exact. They now live there and we are almost complete with the renovation. There are a few small things, but nothing keeping anyone from living in it.
I walked into one of the bedrooms and sit down to do some math calculations for hanging a curtain rod (yeah, I like exactness). As I sat there with pen in hand (no calculator), I looked around the room that looked so different than the many times I had worked in it. It actually had things in it and looked like someone lived there. What you see below was the view I had while sitting there thinking these things, but I felt really proud of my wife and I for getting though this reno. I thought, as some men do, that we did this with our own two hands, and this was a tough one. And it is a home that my daughter really likes being in. For a dad that did a good bit of the work, that's a proud moment.
I walked into one of the bedrooms and sit down to do some math calculations for hanging a curtain rod (yeah, I like exactness). As I sat there with pen in hand (no calculator), I looked around the room that looked so different than the many times I had worked in it. It actually had things in it and looked like someone lived there. What you see below was the view I had while sitting there thinking these things, but I felt really proud of my wife and I for getting though this reno. I thought, as some men do, that we did this with our own two hands, and this was a tough one. And it is a home that my daughter really likes being in. For a dad that did a good bit of the work, that's a proud moment.
Monday, October 24, 2016
American Dream: Is This You?
From one friend to another, think real hard on this one. Is this you?
American Dream
If it is you, don't think you won't miss out.
American Dream
If it is you, don't think you won't miss out.
Sunday, October 23, 2016
Saw Them Again In Chattanooga....
They were so good, we went to Chattanooga to see them again. Truett:
And Ron Pope:
Saturday, October 22, 2016
Ron Pope Concert, With Guests Rob Baird And Truett
So we paid $17 a ticket to go see this concert. I had heard one song from this guy named Ron Pope, who I had never heard of before apart from this one song off of YouTube. My wife played it for me, and it is called Perfect For Me. Its a really sweet song.
So we got there a few minutes late, and didn't really figure we missed much. A group called Truett was playing. We walked in to about 70 to 80 people in the audience. My first thought was that this was going to be terrible. No one was here.
The opener, Truett, was actually pretty good. I did like all of their music and I would go see them again. After they played, I met the drummer and bass player in the band. Very nice guys. The drummer has a good handshake, of which I can appreciate.
Rob Baird and his band was good. Very country, which I can appreciate. This guy was personable in concert and I thought they played very well as well. I was not disappointed.
Then Rob Pope and his band played. This was "a whole nother level". I expected to like the one song I listed above, but I really liked everything this guy played. As my wife said, "Its not every day you come up on a real musician like this." I agree with her. They were great. Two hours just wasn't enough of this guy's music.
It reminded me of the early days of Needtobreathe. When we first started seeing them, the crowds were small and they were very much the musicians that they are, without the "entertainment thing" that so many groups that "make it" do. I personally like the small crowd vibe, and although I really like Needtobreathe, for me, the concerts have gone to the level of entertainment. I guess that's the goal for most, and I'm glad they "made it" in the music business. I just prefer the small crowd thing.
Back to Ron Pope now. My thought during this concert was that I was really glad I came to see this guy and hear his music. It was exactly what I like to see. REAL musicians in small setting.
One more comparison. My wife and I went to see Gun and Roses not long ago in Atlanta. For me, Slash was the show, and was really good. However, I'd rather go see Ron Pope again than Guns and Roses. That should tell you how good Ron Pope was.
So we got there a few minutes late, and didn't really figure we missed much. A group called Truett was playing. We walked in to about 70 to 80 people in the audience. My first thought was that this was going to be terrible. No one was here.
The opener, Truett, was actually pretty good. I did like all of their music and I would go see them again. After they played, I met the drummer and bass player in the band. Very nice guys. The drummer has a good handshake, of which I can appreciate.
Rob Baird and his band was good. Very country, which I can appreciate. This guy was personable in concert and I thought they played very well as well. I was not disappointed.
Then Rob Pope and his band played. This was "a whole nother level". I expected to like the one song I listed above, but I really liked everything this guy played. As my wife said, "Its not every day you come up on a real musician like this." I agree with her. They were great. Two hours just wasn't enough of this guy's music.
It reminded me of the early days of Needtobreathe. When we first started seeing them, the crowds were small and they were very much the musicians that they are, without the "entertainment thing" that so many groups that "make it" do. I personally like the small crowd vibe, and although I really like Needtobreathe, for me, the concerts have gone to the level of entertainment. I guess that's the goal for most, and I'm glad they "made it" in the music business. I just prefer the small crowd thing.
Back to Ron Pope now. My thought during this concert was that I was really glad I came to see this guy and hear his music. It was exactly what I like to see. REAL musicians in small setting.
One more comparison. My wife and I went to see Gun and Roses not long ago in Atlanta. For me, Slash was the show, and was really good. However, I'd rather go see Ron Pope again than Guns and Roses. That should tell you how good Ron Pope was.
Thursday, October 20, 2016
Brocade MLX/CER: MPLS Config From The ISP Perspective
I had a workmate tell me that most people who know "MPLS" know it from the client perspective. At first, I didnt know what he meant, because I knew MPLS from the client perspective. He told me configuring MPLS to a lot of people was from the client side. Now that I have done it from the ISP perspective, I know what he is talking about. I remember doing MPLS as far as putting an IP address on an ethernet interface of a L3 device, adding a route in and letting it roll. However, from the ISP perspective, there is a big difference.
Below, I setup MPLS up from the ISP perspective. It was a learning experience for me, and Im glad I was able to learn from this guy. Also, I put BGP in this config. Also, this is just one side of the core of the ISP network. I did not add in the other side in the below config. This was an additional backbone core to a lab setup.
vlan 32 name to-MAIN-MLXe
tagged ethe 1/1 to 1/2
router-interface ve 32
interface ve 32
ip ospf area 0
ip address 192.168.253.9/30
interface loopback 1
ip ospf area 0
ip address 192.168.252.3/32
router bgp
local-as 65024
next-hop-mpls
neighbor 192.168.252.1 remote-as 65024
neighbor 192.168.252.1 next-hop-self
neighbor 192.168.252.1 update-source loopback 1
neighbor 192.168.252.1 soft-reconfiguration inbound
address-family vpnv4 unicast
neighbor 192.168.252.1 activate
neighbor 192.168.252.1 send-community both
router mpls
mpls-interface ve32
lsp to-MAIN-MLX
to 192.168.252.1
enable
Below, I setup MPLS up from the ISP perspective. It was a learning experience for me, and Im glad I was able to learn from this guy. Also, I put BGP in this config. Also, this is just one side of the core of the ISP network. I did not add in the other side in the below config. This was an additional backbone core to a lab setup.
vlan 32 name to-MAIN-MLXe
tagged ethe 1/1 to 1/2
router-interface ve 32
interface ve 32
ip ospf area 0
ip address 192.168.253.9/30
interface loopback 1
ip ospf area 0
ip address 192.168.252.3/32
router bgp
local-as 65024
next-hop-mpls
neighbor 192.168.252.1 remote-as 65024
neighbor 192.168.252.1 next-hop-self
neighbor 192.168.252.1 update-source loopback 1
neighbor 192.168.252.1 soft-reconfiguration inbound
address-family vpnv4 unicast
neighbor 192.168.252.1 activate
neighbor 192.168.252.1 send-community both
router mpls
mpls-interface ve32
lsp to-MAIN-MLX
to 192.168.252.1
enable
Wednesday, October 19, 2016
Enjoy The View...
It's been a busy week so far, but I'll try to get something good up here soon. In the meantime, enjoy the view from the Florida panhandle...
Tuesday, October 18, 2016
Quote For The Day: 33
"Make it your goal to create a marriage that feels like the safest place on earth." ~~Gary Smalley
Monday, October 17, 2016
Brocade: Ruckus Wireless Initial Thoughts
As most of you know, I'm pretty impartial when it comes to wireless. Since Brocade has purchased Ruckus recently, I have had to go through some Ruckus training, and I have to say, its pretty cool stuff. Its easy to manage, and has some really cool features about it. More to come in the future, but I'm not unhappy at all about Ruckus.
Sunday, October 16, 2016
Saturday, October 15, 2016
Friday, October 14, 2016
Early Sunday Thought: For The Sake Of The Call
Been down not feeling well most of today, so Im putting up an early Sunday Thought.
For The Sake Of The Call
For The Sake Of The Call
Thursday, October 13, 2016
Preventing Water Leaks
You see that white, thin tape in the cold water valve? That prevents water leaks when you put your hose on. You need more than just your rubber gasket to prevent leaks.
Tuesday, October 11, 2016
Quote For The Day: 32
In the single best comeback line I've heard in quite a while, after Hillary asked if you can imagine what it would be like if Trump was in charge of the law:
"Because you would be in jail." ~~Donald Trump
"Because you would be in jail." ~~Donald Trump
Monday, October 10, 2016
Brocade ICX: Loop-Detection Notes, Configuration, And Status Commands
I know of a Brocade customer that really needs loop-detection implemented in the network. This particular customer still has a lot of unmanaged switches in the network, and loop-protection would be a perfect solution for them. I have seen on more than one occasion where someone creates a loop on one of these unmanaged switches, and literally brings down the whole network. This creates CPU havoc on the core and company downtime (for equipment, phones, server access, etc). Loop-detection is a good solution for just this scenario.
First, lets note that this command is for detecting loops in a downstream UNmanaged switches. I did test this with two ICXs, all ports in Vlan 1. I created a loop in the downstream ICX and did not see the same results as what I have gotten below. You will have to depend on RSTP for the managed switch loops (RSTP being faster than STP).
Now, lets look at a simple config. Ill be utilizing port 1/1/22 in this lab.
vlan 1 by port
untagged ethe 1/1/1 to 1/1/48
interface ethernet 1/1/22
loop-detection
Notice the command under the interface 1/1/22.
In my lab, I have a cable modem with a switch on the LAN side (thats the only unmanaged switch I have), connected to port 1/1/22 on my ICX6450. This is what I see when there is no loop on the unmanaged switch:
ICX6450-48 Switch#sh loop-detection status
loop detection packets interval: 10 (unit 0.1 sec)
index port/vlan status # errdis sent-pkts recv-pkts
1 1/1/21 untag, DISABLED 0 0 0
2 1/1/22 untag, FORWARDING 0 111 0
3 1/1/23 untag, DISABLED 0 0 0
4 1/1/24 untag, DISABLED 0 0 0
Notice port 1/1/22 is in forwarding mode. Now, lets create a loop on the unmanaged switch (the cable modem LAN side). Here is what we see when I do this (notice the console message that comes up in orange):
ICX6450-48 Switch#Loop-detection: port 1/1/22 (vlan=1), put into errdisable state
sh loop stat
loop detection packets interval: 10 (unit 0.1 sec)
Number of err-disabled ports: 1
You can re-enable err-disable ports one by one by "disable" then "enable"
under interface config, re-enable all by "clear loop-detect", or
configure "errdisable recovery cause loop-detection" for automatic recovery
index port/vlan status # errdis sent-pkts recv-pkts
1 1/1/21 untag, DISABLED 0 0 0
2 1/1/22 ERR-DISABLE due to itself 1 220 1
3 1/1/23 untag, DISABLED 0 0 0
4 1/1/24 untag, DISABLED 0 0 0
ICX6450-48 Switch#
ICX6450-48 Switch#sh errdisable summ
Port 1/1/22 ERR_DISABLED for loopDetection (vlan 1)
First, lets note that this command is for detecting loops in a downstream UNmanaged switches. I did test this with two ICXs, all ports in Vlan 1. I created a loop in the downstream ICX and did not see the same results as what I have gotten below. You will have to depend on RSTP for the managed switch loops (RSTP being faster than STP).
Now, lets look at a simple config. Ill be utilizing port 1/1/22 in this lab.
vlan 1 by port
untagged ethe 1/1/1 to 1/1/48
interface ethernet 1/1/22
loop-detection
Notice the command under the interface 1/1/22.
In my lab, I have a cable modem with a switch on the LAN side (thats the only unmanaged switch I have), connected to port 1/1/22 on my ICX6450. This is what I see when there is no loop on the unmanaged switch:
ICX6450-48 Switch#sh loop-detection status
loop detection packets interval: 10 (unit 0.1 sec)
index port/vlan status # errdis sent-pkts recv-pkts
1 1/1/21 untag, DISABLED 0 0 0
2 1/1/22 untag, FORWARDING 0 111 0
3 1/1/23 untag, DISABLED 0 0 0
4 1/1/24 untag, DISABLED 0 0 0
Notice port 1/1/22 is in forwarding mode. Now, lets create a loop on the unmanaged switch (the cable modem LAN side). Here is what we see when I do this (notice the console message that comes up in orange):
ICX6450-48 Switch#Loop-detection: port 1/1/22 (vlan=1), put into errdisable state
sh loop stat
loop detection packets interval: 10 (unit 0.1 sec)
Number of err-disabled ports: 1
You can re-enable err-disable ports one by one by "disable" then "enable"
under interface config, re-enable all by "clear loop-detect", or
configure "errdisable recovery cause loop-detection" for automatic recovery
index port/vlan status # errdis sent-pkts recv-pkts
1 1/1/21 untag, DISABLED 0 0 0
2 1/1/22 ERR-DISABLE due to itself 1 220 1
3 1/1/23 untag, DISABLED 0 0 0
4 1/1/24 untag, DISABLED 0 0 0
ICX6450-48 Switch#
ICX6450-48 Switch#sh errdisable summ
Port 1/1/22 ERR_DISABLED for loopDetection (vlan 1)
Sunday, October 9, 2016
Saturday, October 8, 2016
Pic Of The Week: Elvis And His First Guitar
Two pics today. First at an old hardware store, this was outside:
Second, where Elvis stood when he bought is first guitar:
Second, where Elvis stood when he bought is first guitar:
Friday, October 7, 2016
Brocade ICX7250 vs Extreme 440 Switch
Some notes on the differences between the two switches. On the bottom, under forwarding rate, that should be 190 mpps instead of 256 mpps for the brocade 7250. We were discussing 7450s and I wrote down the wrong stat for the 7250.
Thursday, October 6, 2016
Brocade ICX: Translation From "Trunk" Commands To "Lag" Commands When Upgrading From 7.x To 8.x
When upgrading from 7.x "trunk" command to the 8.x "lag" command on the Brocade ICX series, you wonder if the commands will translate OK. Well, I put that to the test a few days ago for a customer to verify his upgrade will go well. He was going from 7.2 to 8.30. Below is what I did from 7.4 to 8.30. Notice first, on the 7.4 code, the commands "trunk" and "show trunk":
7.4 code:
trunk ethe 2/1/1 ethe 2/1/2
trunk ethe 2/1/3 ethe 2/1/4
ICX6610-24P Switch#sh trunk
Configured trunks:
Trunk ID: 257
Hw Trunk ID: 1
Ports_Configured: 2
Primary Port Monitored: Jointly
Ports PortName
Port_Status Monitor Rx_Mirr Tx_Mirr Monitor_Dir
2/1/1 none enable
off N/A N/A
N/A
2/1/2 none enable
off N/A N/A
N/A
Trunk ID: 259
Hw Trunk ID: 2
Ports_Configured: 2
Primary Port Monitored: Jointly
Ports PortName
Port_Status Monitor Rx_Mirr Tx_Mirr Monitor_Dir
2/1/3 none enable
off N/A N/A
N/A
2/1/4 none enable
off N/A N/A
N/A
Operational trunks:
--More--, next page: Space, next line: Return key, quit:
Control-c^C ICX6610-24P Switch#boot sys flash pri Are you sure? (enter 'y' or
'n'): y
Running Config data has been changed. Do you want to continue
the reload without saving the running config? (enter 'y'
or 'n'): y Halt and reboot
========================================================================
Now notice on the 8.30 code the "lag" and "show lag" commands. I did nothing for the translation, as it did it all on its own during the upgrade:
8.30 code:
lag LAG_1 static id 1
ports ethernet
2/1/1 to 2/1/2
primary-port 2/1/1
deploy
lag LAG_2 static id 2
ports ethernet
2/1/3 to 2/1/4
primary-port 2/1/3
deploy
ICX6610-24P Switch#sh lag
Total number of LAGs: 2
Total number of deployed LAGs: 0
Total number of trunks created:0 (120 available)
LACP System Priority / ID: 1 / 748e.f8e8.750a
LACP Long timeout: 90, default: 90
LACP Short timeout: 3, default: 3
=== LAG "LAG_1" ID 1 (static Deployed) === LAG
Configuration:
Ports: e 2/1/1 to 2/1/2
Port Count: 2
Primary
Port: 2/1/1
Trunk Type: hash-based
Deployment: HW Trunk ID 1
Port
Link State Dupl Speed Trunk Tag Pvid Pri MAC Name
2/1/1
Down None None None
1 Yes N/A 0
0000.0000.0000
2/1/2
Down None None None
1 Yes N/A 0
0000.0000.0000
=== LAG "LAG_2" ID 2 (static Deployed) === LAG
Configuration:
Ports: e 2/1/3 to 2/1/4
Port Count: 2
Primary
Port: 2/1/3
Trunk Type: hash-based
Deployment: HW Trunk ID 2
Port
Link State Dupl Speed Trunk Tag Pvid Pri MAC Name
2/1/3
Down None None None
2 Yes N/A 0
0000.0000.0000
2/1/4
Down None None None
2 Yes N/A 0
0000.0000.0000
ICX6610-24P Switch#
========================================================================
Tuesday, October 4, 2016
Brocade ICX: How To Do A Password Reset And Erase Startup-Config
Real quick, when booting the 6610 (in my case), press "b" when booting up. You will see the chance to do that, as it does tell you. Then, follow the below to reset the password. I also erased the startup-config so that I could start from scratch, so if you dont want to loose the config, dont do that step below.
ICX Boot Code Version 10.1.00 (grz10100)
Enter 'a' to stop at memory test
Enter 'b' to stop at boot monitor
***** Interrupted by entering 'b' *****
BOOT INFO: load monitor from boot flash, cksum = 71f1
BOOT INFO: verify flash files.............
Monitor>no password
OK! Skip password check when the system is up.
Monitor>erase startup-config
Monitor>reset
ICX Boot Code Version 10.1.00 (grz10100)
Enter 'a' to stop at memory test
Enter 'b' to stop at boot monitor
***** Interrupted by entering 'b' *****
BOOT INFO: load monitor from boot flash, cksum = 71f1
BOOT INFO: verify flash files.............
Monitor>no password
OK! Skip password check when the system is up.
Monitor>erase startup-config
Monitor>reset
Monday, October 3, 2016
Quote For The Day: 31
"If we ever forget that we are One Nation Under God, then we will be a nation gone under." ~~ Ronald Reagan
Sunday, October 2, 2016
Friday, September 30, 2016
Brocade ICX7750s
Very powerful 7750s went in to replace two core SuperXs. I went in to the customer with a local partner. He did almost all the work and did very well. This project was a success.
Thursday, September 29, 2016
Quote For The Day: 30
"Within the covers of the Bible are the answers for all the problems men face." ~~ Ronald Reagan
Wednesday, September 28, 2016
Brocade VDX: Three Important Commands For Verifying The Fabric
You got three good commands for verifying the fabric. Here they are in action:
Notice the link interfaces in the command below.
VDX1# show fabric trunk
Rbridge-id: 1
Trunk Src Source Nbr Nbr
Group Index Interface Index Interface Nbr-WWN
-------------------------------------------------------------------------------
1 64 Te 1/0/1 64 Te 2/0/1 10:00:C4:F5:7C:58:F2:3C
1 65 Te 1/0/2 65 Te 2/0/2 10:00:C4:F5:7C:58:F2:3C
1 66 Te 1/0/3 66 Te 2/0/3 10:00:C4:F5:7C:58:F2:3C
1 67 Te 1/0/4 67 Te 2/0/4 10:00:C4:F5:7C:58:F2:3C
Notice the bandwidth and the primary interface of the ISL link.
VDX1# show fabric isl
Rbridge-id: 1 #ISLs: 1
Src Src Nbr Nbr
Index Interface Index Interface Nbr-WWN BW Trunk Nbr-Name
----------------------------------------------------------------------------------------------
64 Te 1/0/1 64 Te 2/0/1 10:00:C4:F5:7C:58:F2:3C 40G Yes "VDX2"
Notice the mode we are operating in, along with the VDX MACs, IPs, and status.
VDX1# sh vcs
Config Mode : Distributed
VCS Mode : Logical Chassis
VCS ID : 10
VCS GUID : 4e569830-733a-4025-b1a4-08f325ed51a6
Total Number of Nodes : 2
Rbridge-Id WWN Management IP VCS Status Fabric Status HostName
--------------------------------------------------------------------------------------------------------------
1 >10:00:C4:F5:7C:48:60:58* 192.168.0.104 Online Online VDX1
2 10:00:C4:F5:7C:58:F2:3C 192.168.0.105 Online Online VDX2
VDX1#
Notice the link interfaces in the command below.
VDX1# show fabric trunk
Rbridge-id: 1
Trunk Src Source Nbr Nbr
Group Index Interface Index Interface Nbr-WWN
-------------------------------------------------------------------------------
1 64 Te 1/0/1 64 Te 2/0/1 10:00:C4:F5:7C:58:F2:3C
1 65 Te 1/0/2 65 Te 2/0/2 10:00:C4:F5:7C:58:F2:3C
1 66 Te 1/0/3 66 Te 2/0/3 10:00:C4:F5:7C:58:F2:3C
1 67 Te 1/0/4 67 Te 2/0/4 10:00:C4:F5:7C:58:F2:3C
Notice the bandwidth and the primary interface of the ISL link.
VDX1# show fabric isl
Rbridge-id: 1 #ISLs: 1
Src Src Nbr Nbr
Index Interface Index Interface Nbr-WWN BW Trunk Nbr-Name
----------------------------------------------------------------------------------------------
64 Te 1/0/1 64 Te 2/0/1 10:00:C4:F5:7C:58:F2:3C 40G Yes "VDX2"
Notice the mode we are operating in, along with the VDX MACs, IPs, and status.
VDX1# sh vcs
Config Mode : Distributed
VCS Mode : Logical Chassis
VCS ID : 10
VCS GUID : 4e569830-733a-4025-b1a4-08f325ed51a6
Total Number of Nodes : 2
Rbridge-Id WWN Management IP VCS Status Fabric Status HostName
--------------------------------------------------------------------------------------------------------------
1 >10:00:C4:F5:7C:48:60:58* 192.168.0.104 Online Online VDX1
2 10:00:C4:F5:7C:58:F2:3C 192.168.0.105 Online Online VDX2
VDX1#
Tuesday, September 27, 2016
Monday, September 26, 2016
What Is A Mellanox Adaptor?
In some cases, you might need a "Mellanox" adaptor. It's a 40gig QSFP to 10gig SFP+ adaptor. In some cases, it's very useful.
Sunday, September 25, 2016
Saturday, September 24, 2016
Friday, September 23, 2016
An Early Sunday Thought For Both Sides Of The Racial Ilse
No matter who we are or what color God made you to be, let us remember what God said through the apostle Paul. If you dispute this, then you need to have a talk with God.
Thursday, September 22, 2016
Brocade Datacenter VDX 6740 Install
I did a Brocade VDX install last week of two 6740s in a small data center. This was to get the initial install in place and get them up and running on the new gear. Phase II will be to hook into VMWare and connect a few other physical servers in. Currently the SANs and VM environment is in place and the customer said they notice a difference in performance already. I'm very happy to hear that. Notice below, I have 20 gig to form the VCS fabric (although I added two more for 40 gig after this picture).
Wednesday, September 21, 2016
Quote For The Day: 29
"Nobody does what they are supposed to do." ~~ my wife
Man, I'm telling you, I have to agree with her. If people just had a work ethic and good communications skills, the world would be a different place.
Man, I'm telling you, I have to agree with her. If people just had a work ethic and good communications skills, the world would be a different place.
Tuesday, September 20, 2016
Brocade VDX: What Is A Breakout Cable And How To Configure For It?
It's not as hard to grasp once you see it. It's a 1 QSFP to 4 SFP+ (40gig to 10gig). Notice the larger 40 gig side on the left, and the four 10 gig on the right.
VDX1(config)# interface FortyGigabitEthernet 1/0/50
VDX1(conf-if-fo-1/0/50)# shut
VDX1(conf-if-fo-1/0/50)# exit
VDX1(config)# interface FortyGigabitEthernet 2/0/50
VDX1(conf-if-fo-2/0/50)# shut
VDX1(conf-if-fo-2/0/50)# exit
VDX1(config)# hardware
VDX1(config-hardware)# connector 1/0/50
VDX1(config-connector-1/0/50)# sfp breakout
VDX1(config-connector-1/0/50)# exit
VDX1(config-hardware)# connector 2/0/50
VDX1(config-connector-2/0/50)# sfp breakout
VDX1(config-connector-2/0/50)# exit
VDX1(config-hardware)# exit
VDX1(config)# interface FortyGigabitEthernet 1/0/50
VDX1(conf-if-fo-1/0/50)# shut
VDX1(conf-if-fo-1/0/50)# exit
VDX1(config)# interface FortyGigabitEthernet 2/0/50
VDX1(conf-if-fo-2/0/50)# shut
VDX1(conf-if-fo-2/0/50)# exit
VDX1(config)# hardware
VDX1(config-hardware)# connector 1/0/50
VDX1(config-connector-1/0/50)# sfp breakout
VDX1(config-connector-1/0/50)# exit
VDX1(config-hardware)# connector 2/0/50
VDX1(config-connector-2/0/50)# sfp breakout
VDX1(config-connector-2/0/50)# exit
VDX1(config-hardware)# exit
Subscribe to:
Posts (Atom)