brm
Just for reference, here’s the config a QFX5100 comes with out of the box.
Notes:
Initially the switch tries to get an IP address on the vme0 and irb interfaces so that it can do an auto-image-upgrade, but that failed in the lab since no server (nor the appropriate DHCP options) were available. The result was an irritating repeated message on the console about this. To get rid of that, “deactivate chassis auto-image-upgrade”. This is probably for use if the QFX switch is part of a Q-Fabric – presumably it is trying to upgrade itself over the management network to the version the rest of the QFabric is running.
All interfaces are in the default VLAN, even though their membership is not reflected in the config.
All interfaces have RSTP enabled.
Unfortunately all interfaces are listed twice if they’re dual-mode (i.e. SFP or SFP+). This makes the initial config very long. Obviously this can be deleted.
version 13.2X51-D20.2;
system {
host-name QFX5100-4;
arp {
aging-timer 5;
}
root-authentication {
encrypted-password "REMOVED"; ## SECRET-DATA
}
login {
user imtech {
uid 2000;
Continue reading
This week we are sponsored by Solarwinds NPM and topics: its Net Neutrality, Facebook's Data Centre Design, Resellers and SDN, Amazon tilts at the Enterprise, Project Squared, and Too Many Salesman.
The post Network Break 23 appeared first on Packet Pushers Podcast and was written by Greg Ferro.
Someone recently sent me this question:
Is it possible to prepend one IP address from a public IPv4 segment?
I don’t want to know what crazy stunt this engineer was forced to pull off, but just in case you land in a similar quandary here’s how you shoelace yourself out of it.
Read more ...Today, We wish and hope all of our friends and students have a very Happy Thanksgiving!
If you haven’t heard of CoreOS it’s pretty much a minimal Linux distro designed and optimized to run docker. On top of that, it has some pretty cool services pre-installed that make clustering CoreOS pretty slick. Before we go that far, let’s start with a simple system installation and get one CoreOS host online. In future posts, we’ll bring up more hosts and talk about clustering.
The easiest way to install CoreOS is to use the ‘coreos-install’ script which essentially downloads the image and copies it bit for bit onto the disk of your choosing. The only real requirement here is that you can’t install to a disk you’re currently booted off of. To make this simple, I used a ArchLinux lightweight bootable Linux distro. So let’s download that ISO and get started…
Note: I use a mix of CoreOS VMs and physical servers in my lab. In this walkthrough I’ll be doing the install on a VM to make screenshots easier. The only real difference between the install on either side was how I booted the ArchLinux LiveCD. On the virtual side I just mounted the ISO and booted Continue reading
A third of my readers are celebrating Thanksgiving today, and I’d like to use the opportunity to say what I always wanted to say but somehow never got to it. Let’s make it short: Thank you! Without you, there would be no ipSpace.net.
Read more ...[player] Orhan Ergun and Jeff Doyle talks about IPv6 design and deployment considerations in the Enterprise networks. They strongly advice you to consider IPv6 deployment in your network. Why IPv6 in the Enterprise , what are the real business drivers for the IPv6 ? Growth of IPv6 in the Enterprise Networks Jeff Doyle’s advices to […]
The post IPv6 in the Enterprise by Jeff Doyle and Orhan Ergun appeared first on Packet Pushers.
Orhan Ergun and Jeff Doyle talks about IPv6 design and deployment considerations in the Enterprise networks. They strongly advice you to consider IPv6 deployment in your network. Why IPv6 in the Enterprise , what are the real business drivers for the IPv6 ? Growth of IPv6 in the Enterprise Networks Jeff Doyle’s advices to Service […]
The post IPv6 in the Enterprise by Jeff Doyle and Orhan Ergun appeared first on Packet Pushers Podcast and was written by Orhan Ergun.
A different kind of war story this time: Unix security blunders. Old-school Unix-types will mutter about how much more secure Unix systems are than Windows, but that glosses over a lot. In a former life I worked as an HP-UX sysadmin, and I saw some shocking default configurations. I liked HP-UX – so much better laid out than Solaris – but it was very insecure by default. Here’s a few things I’ve come across:
We’d lost the root password for a test HP-UX server. We had user access, but not root. The server was located in a different DC, and we didn’t really feel like going and plugging in a console cable to reset the root password. So we started looking around at how we might get access. After a while I found these two things:
And now for the kicker:
hpux lhill$ ls -ld / drwxrwxrwx 30 root wheel 1020 1 Nov 13:57 /
Put those together, and you can see it’s easy to gain root. All we needed to do was create /.rhosts, and add whatever Continue reading
When running services on nodes in a CORE Network Emulator scenario, we may wish to customize the services configurations.
Some reasons why a user may customize CORE services are:
To show how to customize CORE Services, we will work through a detailed tutorial that shows how to customize the IPForward service. We will work through the same steps required to customize any other CORE Service.
The IPForward CORE Service provides a script that runs when the node starts in a simulation scenario. The script sets the IP Forwarding kernel parameters so that the node will forward packets from one port to another, according to the routing table on the node. The IPForward script is a default service on the Router node type.
The default IPForward CORE service has limited functionality: it can start IP forwarding on a Continue reading
These are two standards for single mode fibre optic cabling from a total of five types of fibre that are generically used today known of “OF types” (OM1, OM2, OM3 for multimode and OS1,OS2 for single mode.) OS1 is for indoor use i.e. Campus, Data Centre. Cabling is is tight buffered (i.e. manufactured into solid […]
The post Tech Notes: Difference Between OS1 and OS2 Fibre Optic Cable appeared first on EtherealMind.
Who would you trust more to fix your car, a licensed mechanic or a guy who once saw someone do an oil change? The choice should be simple. But surprisingly, the debate over trusting an expert versus someone who claims to be an expert happens every day across all industries, so it shouldn’t be shocking that the debate rages in the cloud, too.
Cloud computing enables people and companies to access applications from any computer. But the cloud has created a new group of cloud posers -- inexperienced software developers who make bold (and often untrue) claims about the performance of the cloud-based applications they manage. While on the surface they may seem like a good choice to support your business, once you start asking smart questions, a cloud poser’s true colors (and lack of expertise) will quickly be revealed.
To read this article in full or to leave a comment, please click here
