Some people who stayed at my dad's Airbnb left behind a couple boxes of 1000 feet lanmark 6 cables. Its been a while since so I assume they aren't gonna ask for them back.
I have no experience in this, but would want to use it. What would I need?
Anyone have any suggestions for locating the cause of interference on both the 2.4 and 5ghz band on an AP? We have Cisco MR-55 access points and one in particular is reporting 100% non-802.11 Interference. Ive asked everyone in the area if they've brought in any always-on devices but haven't gotten anywhere. Could it be coming from the floor above/below? Just trying to narrow it down as best i can.
ETA bands experiencing the interference
Which one would you use for a small business?
Hi everyone,
I'm looking for some architectural advice on redesigning the edge of my datacenter ASN.
Currently, I have two main edge routers running plain Ubuntu 22.04 + BIRD. This handles BGP perfectly, but my requirements have grown. I now need to introduce stateful firewalling, HA default gateway routing for the internal network, and IPsec tunnels. Managing BIRD, nftables, keepalived, and strongSwan as loosely coupled packages is becoming an administrative nightmare, so I want to move to a unified router OS.
The Hardware:
Strict Requirements:
The Dilemma: I am currently weighing three main options: VyOS, OPNsense, and pfSense. My main concern is hitting 10Gbps of stateful throughput (Firewall + NAT + IPsec) on AMD EPYC hardware, alongside the automation requirements.
netfilter across many cores. It also has great Terraform API support.pf firewall bottlenecking on single EPYC cores at 10Gbps without heavy sysctl tuning.My Questions for the Community:
conntrack-sync) and VRRP under heavy load?Thanks in advance for any insights!
We just finished rolling out Cato SASE and things are in a much better place on the edge/VPN side.
Now I’m looking at what to do next on-prem to tighten things up.
Environment is ~250 users / ~400 devices across 3 sites. Small IT team (2 people), already have VLANs in place, and we’re using Microsoft Intune / Microsoft Entra ID / Microsoft Defender XDR.
I have a counterpart in Europe deploying the full Cisco SASE, ISE, EDR stack—
From the ISE aspect, what how can I level up?
Note, were a 2-man team....
If this is off-topic for the sub, please remove.
I want to understand what do you use in your on-prem environment for infrastructure automation: provisioning, configuring, and managing infrastructure including Networking, Network Security and Compute/Virtualization components? I am kinda looking for a solution/tool to rule-them-all to cover infrastructure day0/1/2...Trying to get a as-centralized-as-possible model instead of distributed among several tools to accomplish the tasks.
I am semi-good on Terraform with Git to build/provision the infrastructure but I keep hearing I am wrong to use Terraform for Day 2 or configuration management...I need Ansible...But I never get the sense of why...In my mind, with the state built-in with Terraform, would it be more suitable solution for configuration management?
Anyway, what do you guys use or apply in reallife or production on-prem? no public IaaS.
So this office I am currently working at has 2 NVR, one with 32 capacity and the other with 16 capacity. Now we are already working on a very tight budget, please help suggest how i can pull footage from both nvr into the same monitor.
Also if the credentials for an IP camera such as Dahua has been lost (username and password) due to switching IT guys in the office and forgetting and now it won't show anything when connected. Is there any way to fix this?
Hello everyone!
First of all I'd like to say I am not a network engineer and everything stated here is something I spent time learning about in the past month (which may also include incorrect interpretations), so my understanding and knowledge is extremely limited. Please do correct me if I am wrong or making incorrect assumptions.
ISP doesn't clamp MSS on PPPoE → PMTUD fails → TCP fragmentation → fragmented flows hit 600s stateful firewall timeout → silent drops. Trying to understand if this is neglect, resource-saving, or a valid security policy.
I'm a streamer on a residential 500 Mbps upload plan. My RTMP/RTMPS streams to Twitch, Kick, Trovo, or Restream would drop exactly at ~600 seconds with OBS "WriteN, RTMP send error 10060." YouTube and VPN streams were perfectly stable.
After gathering all the evidence, logs and Wireshark captures, I sent a support ticket to my ISP with a request to check if there are any interreferences in traffic management that times out my connection due to CGNAT/NAT/DPI/stateful firewall.
After 30+ days of waiting for their response (with occasional check-ins from my side so the ticket doesn't get closed), they said they performed a basic remote checks, concluded their network uses only stateless equipment with no timers, incorrectly claimed Twitch streams use QUIC for video and RTMP only for signaling, mischaracterized my Wireshark evidence, claimed VPN only works because it's changing the ingest server, ignored the reproducible issue on the vast majority of platforms and ultimately suggested I update OBS, lower my bitrate, or try a different ingest server—all while failing to address my specific questions about the 600-second timeout. After realizing they are refusing to engage and provide support, I dove deeper.
ping -f -l). Typical PPPoE overhead.The technical mechanism is clear. What I'm trying to wrap my head around is why an ISP would operate like this. I've read that 600s is a common default timeout for fragmented or "unclassified" flows. I also understand that non-initial IP fragments lack TCP headers, so a firewall may not be able to reliably refresh state – essentially treating a still-active stream as idle.
But this situation appears to originate from how the ISP handles MTU constraints:
Extra context for those who are curios:
I'm asking these questions because I'm currently in a formal complaints process. The ISP is refusing to engage with the evidence and deflecting blame to my OBS settings, which I've already proven are not the cause. I've filed a first‑level complaint and expect it to be rejected, especially since I explicitly asked how their traffic management practices might affect the use of applications under EU net neutrality transparency rules (Article 4), and they have simply ignored those questions. I plan to continue escalating it to the ISP commission and possibly the regulatory authority if they keep being dismissive and uncooperative. The answers to these questions will directly strengthen my complaint. Whether the cause is resource conservation, security policy, or neglect. all could represent a failure to comply with EU net neutrality rules depending on how it's framed—and understanding the ISP's internal reasoning will help me challenge their refusal to engage with the evidence.
I'm a newbie to this, but I've set up a RHEL img to boot from a PXE server on an Ubuntu machine. The PXE menu successfully comes up, but every time it boots I get a "kernel panic - not syncing: vfs unable to mount root fs on unknown block (0,0)". Countless hrs online and with AI has not helped. Could it be my image? If so, does anyone know of a good resource to build a proper rhel 9 img to boot from? I've rebuilt this thing using the rhel image builder, virt-build, converted a vmdk to a qcow2, and nothing has worked.
Hello everyone, I'm a 20 years old guy with an help desk and network technician experience. I have the CCNA and the CCNP Encor certification but companies still ignoring me.
Can anyone give me an explanation, this job market just sucks...
Hi everyone, I’m currently hitting a bit of a wall with my current setup and could use some professional insight. For the last few months, I’ve been running a project where I lease an IPv6 /32 prefix and announce it via BGP through Vu͏ltr. It worked fine for a while, but as my traffic grows, I’m running into performance issues and some routing oddities that their support hasn’t been able to clear up. I need more horsepower and better network stability. I’ve looked into a few options, but most have deal-breake͏rs: Het͏zner: great for price, but they are notoriously restrictive about announcing your own space unless you have a massive footprint. A͏WS: their BYOIP requirements are pretty rigid - as far as I can tell, they really want you to own the whole prefix range, and the integration process for leased assets is a headache. Equ͏inix: amaz͏ing, but overkill for my current budget. I’m looking for a provider that offers BGP sessions as a service or native BYOIP support without requiring a full rack or an enterprise-grade contract. Has anyone had experience with Serve͏rspace? I noticed they offer BGP sessions and seem more flexible with BYOIP setups than the big hyperscalers. If you’ve used them for custom routing, how is their edge stability? Alternatively, if there are other providers that don't make you jump through hoops to announce a /32 IPv6, I’m all ears. Appreciate the help!
I have been researching regarding setting up IP Cameras for my business and have been looking at using PoE for the cameras, I am confused regarding some details regarding this.
I am currently looking at the TP-Link SL1226P PoE switch (max PoE: 250w) and the VIGI C230 IP Cameras. The VIGI cameras have a max wattage of 5.5W but has a PoE class of 0. From my research, if computing only the 5.5W max wattage, even if I populate all 24 ports of the SL1226P with C230 cameras, I will still be under the power limit. However, researching PoE classes, since it is a class 0 device, an unmanaged switch will usually reserve the max of 15.4W, which means I will not be able to populate all 24 ports as power allocation will not be enough.
Does anybody know if the unmanaged switch will automatically adjust the reserved wattage of each port to around 7W for the cameras or will it just reserve the max wattage of the PoE class?
Some google results have shown that going managed is better at this as you can set PoE to power limits, e.g. setting all ports to 7W, instead of using the base PoE class 0 of 15.4W. Any advice about this?
Thank you.
For anyone struggling with slow VPNs while working from home, check if your router supports “split tunnelling”. It lets your Zoom/Teams traffic go direct to the web while keeping your secure work data on the VPN. Saves a lot of lag..
I was looking at Ekahau solution for my offices wifi and came across Hamina when looking up alternatives.
Most of the post I found on Hamina were from 2 years ago and was wondering if anyone here has trialed both and has opinions on them within the past year.
Software wise Hamina feels better
Hardware wise the Sidekick2 is better, spectrum analyzer requires a third party tool, another $1000, for Hamina.
Ekahau Augmented reality phone integration is slick if I can’t get a floor plan
Pricing wise even with a spectrum analyzer tacked on to Hamina significantly undercuts Ekahau pricing.
Got budget approval on the Ekahau but Hamina demo and software has me debating the pricing saving here. wish I could fully trial hands on both solutions for a week to make up my mind.
I'm the sole network engineer at my job, and the original wifi deployment was done before my time by low voltages guys and needless to say its a terrible deployment I desperately want to fix.
I Deal with Warehouses and manufacturing environment along with 4 floor HQ office
Hey all
32M in IT considering a contract/travel “portfolio” lifestyle instead of returning to traditional office work — anyone living this long-term?
Looking for perspective from people who’ve actually done this.
Background:
I’ve been in networking / infrastructure for almost 10 years. I have smart hands / field deployment / network engineer experience from earlier in my career and honestly… I loved it. Travel, autonomy, project-based work, points, being left alone to execute — it fit me much better than office life.
I’m about to start a 2-month smart hands travel contract (deployments, up to 3 sites/week, home weekends), and it has me seriously questioning whether I even want to go back to a traditional office career.
I’m very introverted, low expenses, very frugal, large savings cushion, and I’m honestly not very drawn to the standard “go back in office 3–5 days a week forever” model. No kids or major family obligations, so travel flexibility is unusually easy for me
I also have enough financial cushion that gaps between contracts wouldn’t be a crisis.
So I’m wondering…
Has anyone built a lifestyle around chaining contracts / field engineering / deployments / smart hands work on and off throughout the year?
Maybe:
Questions:
I’m especially interested in hearing from people who are more autonomy-oriented / don’t love office politics.
I know there are retirement/benefits considerations, and I’m thinking about those too — I’m more asking about the lifestyle itself.
Would love honest takes, especially from people who’ve actually done field-heavy contract work.
My company is in the process of hiring a Cisco network engineer with a minimum of 7 years experience. In the past, we have had interviewees who were obviously Googling answers during an interview. You could see them on cam stealthily typing or even reciting the question out loud so they could speech-to-text their answers. Unfortunately, it's getting harder to detect with AI integrations such as "Interview Co-pilot" which listens to the video call, searches for an answer on Claude, Gemini, and ChatGPT, and displays an answer.
I generally do the first round of interviews along with an HR rep to explain the specifics of the job and ensure they understand some of the unique responsibilities that the job entails. We had one particularly good candidate that answered some of my softball tech questions thoroughly and accurately. I sent her on to my lead engineers for a more detailed interview with troublehsooting scenarios and asking her to walkthrough a design approach for a specific network.
Initially we were very happy with the answers but since I had a backseat role in this interview, I noticed that the applicant was definitely reading answers from the screen. Even though the call quality was excellent, she would sometimes ask for a repeat of the question from the beginning. We asked a specific question about how a Cisco AP goes about finding the controller and registering and I already had the ChatGPT answer pulled up and it was 99% verbatim.
I was trying to find a question that would generate a hallucination from AI, but in the short period of time left, I came up empty-handed. When asked if she preferred CLI or GUI when configuring equipment, she said she mostly uses CLI, but will sometimes use SecureCRT to configure them. That's like asking if you fix your own car or take it to the shop and saying you mostly fix it yourself, but sometimes use a wrench to fix it.
The last question involved my engineer sharing his terminal window while logged into a switch. He displayed an access port and a trunk port with very specific commands on each port. The applicant was asked to review the ports and explain what each command does. This was the one time that they could not use AI to obtain their answers. It would have been too suspicious to read out all 8-10 lines and wait for a prompt, so they simply said "one is an access port, the other is a trunk port, what else do you need to know about them?" I am sure these AI apps will eventually be trained to read screens in the future, if not already existing in some way.
Has anyone had to deal with anything like this? I could screenshare all of our questions but I feel that could make for an awkward interview. One suggestion was to ask about a non-existent product or technical term or one that has nothing to do with Cisco networking (or networking in general) to see if they try to take the AI output and formulate a networking answer.
​
I’m 23 and I’ve basically loved networking since I was a kid.
I got into studying the ccna at 14 not for the cert but to learn how networks work, and ive been studying more since then
For the past few years, I’ve been working in real ISP environments:
ISP owned by my dad. Started with field work (CPE installs, troubleshooting client connectivity) then progressed into managing parts of the network OSPF design and troubleshooting aswell MPLS (L2/L3 VPNs).
Used Python scripts to automate repetitive tasks (config generation, checks, etc.)
Heavy homelab use (Proxmox, virtualized labs, testing routing scenarios).
Then in 2023 i worked at another WISP and the role wasn’t well-defined, but I ended up wearing multiple hats .Acting lead for technical support (while still taking calls myself) .Configuring and deploying wireless infrastructure (PtP / PtMP across multiple vendors), troubleshooting rf issues. Automated many things aswell , selfhosted some stuff like a ticketing system, an IPAM and something for inventory tracking to introduce them which none got adopted by the team
(They dont wanna learn),Essentially tried to bring structure and scalability into a pretty unstructured environment
Currently I'm studying for CCNP SPCOR so ive done extensive labs on such networks and how they operate.When i get it itll still feel as though it's not enough to get a strong cv
I know i still lack alot of knowledge but confused where to head.
Even when applying to jobs, what level should i be aiming for?
Would you prioritize getting certs ASAP, or doubling down on documenting/projectizing what I’ve already done?
I’d really appreciate honest advice especially from people working in ISPs or service providers
We have a lot of sites connected with C921-4P ISRs. Since they reach EoS soon we have to check for a successor. Our Cisco rep is suggesting 8120 G2 routers. They also told us that we need the Cisco Routing Advantage License in order to use IPsec properly. It has a 84 month licensing time.
Since i am not really familiar with Cisco licensing. What happens after the 84 months? Will the functions suddenly stop working because the license is not valid anymore?
Has anyone experience with the 8100 G2 Secure Router series? Are they reliable? Are there better alternatives?
I don't like the external power supply, but the bigger models with internal power supply are not within our price range.
Hey everyone i hope u are doing great !
Setup: ISE + AD integration works, 802.1X authentication succeeds, switch receives authorization profile, dynamic VLAN assignment works correctly (client moves to VLAN 200). In session details, URL redirect attributes appear on the switch.
Problem: client is not redirected to portal. Browser just opens normally / no redirect page.
Using virtual switch image in EVE-NG (IOU/IOL style IOS 15.2 image).
DHCP, VLANs, gateway, and connectivity are working. Authentication works. Only redirect enforcement fails.
Question: is this a known limitation of IOU/IOL images in EVE-NG, or is there a specific config required for posture redirect in lab environments?
For the office, we have an imagerunner 2520 printer, for some reason today it has issues with printing, I have everything and changed from the wire, to the switch it is connected to. When I connect a computer to the same switch and ping to an address such as the server, i get perfect continuous pings without timeouts, but when i ping from the printer, it sometimes gets a response from host, sometimes doesn't.
So it sometimes prints when a print job is in queue and sometimes doesn't, I most certainly think it's the printer with an issue, because how could the computer ping perfectly but the printer has issue? Any suggestions are welcomed, thanks