This is probably an easy and simple task for someone that have a good knowledge in Cisco, BGP and Blackhole/Synchole communities.
We do have a Cisco 2948G that is our border and through this equipment we apply Blackhole (a sequence of commands to filter all the traffic from the world except our country, this is done by communities that is setup in cisco).
These are the sequence of the commands to apply it for IP 189.1.XXX.40 Enter configuration commands, one per line. End with CNTL/Z. asw-hl01(config)#router bgp 184XX asw-hl01(config-router)#network 189.1.XXX.40 mask 255.255.255.255 asw-hl01(config-router)#exit asw-hl01(config)#access-list 50 permit 189.1.XXX.40 asw-hl01(config)#ip route 189.1.XXX.40 255.255.255.255 Null0 250 asw-hl01(config)# I have another Cisco 2948G that is connected in a FastEthernet port of the border above, and this other cisco is holding another subnet. To make it clear, Border - I have 189.1.XXX.1 ~ 189.1.XXX.127 (subnet 255.255.255.128) Cisco2 - I have 189.1.XXX.128 ~ 189.1.XXX.255 (subnet 255.255.255.128) This is being done through a ip route from Border to Cisco2 to forward subnet 128 ~ 255 to the switch, ip route 189.1.XXX.128 255.255.255.128 172.16.1.2 Ps: 172.16.1.2 is the internal IP for switch2 Now we go to the problem. If I want to apply a Blackhole (those sequence of commands for an IP located at subnet 128 ~ 255 switch2) it block all the traffic for that given IP, and I cant get access from national backbones. To make it clear, Blackhole for IP 1 ~ 128 - It works fine Blackhole for IP 128 ~ 255 - It doesnt work correctly, instead of blocking only international traffic its blocking everything in the world
if I could use a Cisco Catalyst WS-C2924 in a datacenter environment without any issues? Anything I should know about this model? Just looking for a cost effective and used switch to start out with. Switch Configuration and Graphs?
We're evaluating options on new switch deployments and wish for advise or opinions. We have experience with 2950's but want to move up into all gigabit devices. They will be used for pure L2 purposes as front-end access switches for server racks.
For our needs (24 port, all ethernet, L2 only) it looks like these two competing models fit our requirements and budget:
Cisco Catalyst 2960G (about $2150):
Switching: 32Gbps Forwarding: 35.7Mpps
Foundry FLS624 (about $2400):
Switching: 108Gbps Forwarding: 161Mpps
It's a tough decision because we have no experience with Foundry products, but from the spec sheets the price vs. performance ratio seems amazing (almost too good to be true).
You have to wonder if they get their ratings only under one specific situation in which you never encounter in "real world" use.
For those of you using Foundry what models are you using for your access switches to your web severs? Is there a better model for our application? What's your overall opinion of the products and service? Would you invest your entire network to them?
We have a mix of various vendors right now for switching / routing (Juniper, Cisco and Riverstone), but looking to the future being more vendor centric to either Cisco or Foundry for switching will be the model (using Juniper for routing). We've also considered other vendors such as HP, Extreme, etc, but ruled these out for a variety of reasons.
i am thinking about upgrading things at the colo soon and am looking for some comments.
my current configuration is like so:
my bandwidth is delivered over fast ethernet and it is plugged straight into a cisco 3550 switch. i have the ip range they have assigned me cut up in to vlans the way i need.
i snmp poll the switch for traffic statistics with rtg.
this works fine, im only working about 10mbit avg so no biggie.
well, i am considering picking up another provider (super cheap cogent) to adding it to the pile. i want to get bgp setup and have my own address block assigned by arin (unless my carrier now lets me announce their address space out cogent). getting a ASN isnt a problem, and i have done some tinkering with bgp in the lab.
so anyway.. i am having a bit of a time figuring out what would work better for me, a 7200 series vxr router or a 4500 series catalyst. what would be the pros and cons of either one?
I am looking at picking up a switch to mess around with at home. I found the following within driving distance but have no idea of which one will give me more up to date, hands on experience. Any feedback is greatly appreciated.
Used Cisco WS-C5509 Chassis with power supply ( POWER SUPPLY 34-0870-01), and fan (WSC5509FAN) Cisco WS-X5530-E2 Supervisor Engine III Modules Cisco Systems WS-U5537-FETX CISCO 4 PORT 100BASETX UPLINK MODULE Cisco WS-X5234-RJ45 Switch Modules X 8
Cisco WS-C5500 Chassis POWER SUPPLY 34-0773-03 Cisco Ws-x5550 Supervisor Engine Iii G-series WS-X5234-RJ45 X 11
Cisco WS-C5505 Chassis Cisco WS-X5530-E2 Supervisor Engine III Modules Cisco WS-U5533-FEFX-MMF Supervisor Engine III Uplink Modules Cisco WS-X5225R Switch Modules X 2
I have 2 racks in a DC that cross connected together. Now, the datacenter gives me 1 port and I would like to put 1 switch at each rack. I have successfully set up 1 switch and connect to the internet. But, I am unable to set up the other.
Since now I utilize Cisco 2924 in my racks, now I am going to install a new rack and I want to know if to install again 2924 or you recommend me 2950? what important differences (pros and cons) offers the 2950 front to 2924?
I am in the process of gathering the peices to move from a dedicated box to my own hardware in a local colo and am undecided how best to choose the edge device.
The colo has a 30Mb pipe with about 10Mb of it being constantly used during biz hours. Another 10Mb is being allocated in the next couple of months. I want to be able to burst to the full 30Mb when needed.
I am getting 12 IP's allocated but will increase to 24 soon if all goes well (fingers crossed!).
I will have for starters just a single Proliant running dnp on 2008 with IIS, FTP, Mail, ns1 and a 2003 VM running my secondary ns.
What I am unsure of is the edge device and looking for others that have used either a 2800 series router or a ASA5500 series firewall in a similiar fashion. I know what the raw throughput of each device is, but raw benchmarks are not realworld numbers by any means.
I am looking at the 2801 with IOS Firewall turned on and hopefully even some inspects for FTP and HTTP traffic. The other option and one that I am less familiar with is to use the ASA5505 instead which will do my basic routing but supposedly provide more thourough inspects and advanced rules.
Does anyone have experiance with either of these in a hosting environment and have input on the realistic throughput one can expect from either device?
There is a signifigant cost difference with the ASA5505 being much cheaper but I am more familiar with IOS. Would anyone recommend a 1841 router instead?
We are currently looking making some switch changes in our rack as we are expanding.
We don't push a whole lot of traffic (currently 15MBPS) but would like to think ahead for growth.
We are looking at using either the Procurve 1800-24G which will provide web managed 24 10/100/1000 ports or the Cisco Catalyst Express 520-24TT which provide web managed 22 10/100 & 2 10/100/1000 Ports.
Connected to these switch would be our servers and then uplink to our firewalls.
HP is cheaper and provides faster ports, but would Cisco provide additional value over the HP because it's Cisco and their experienced technology?
As my clients' needs expand, they're asking for chroot ssh/sftp setup. I'm currently on a dedicated Linux setup but don't really have the time to set up a whole new box with full virtualization or investigate a full chroot solution (baby on the way), and to be honest it would be less hassle to move to a new provider than worry about down time with sites.
What I'm looking for:
- linux hosting - hosting for 30+ accounts, some with several domains - at least 6 IP addresses for SSL certs - each account in a full chroot environment (ssh/sftp/ftp) so they can't poke around each others' files, or each account set up in a virtual machine setup (ie: openvz) - maildir - spamassassin - php 5, mysql, perl 5.8.8 - suexec apache would be nice
I have learnt it is harder to setup than I initially expected (since I have just moved from a shared hosting service). I am in need of some help setting up my DNS servers, as I am very confused. Here is most of the info I know:
1) I am running HyperVM
2) I've installed LXAdmin
3) I own the domain (purchased from xeodomains.com) runemart.com
4) My VPS hostname is: vps.runemart.com
5) I know my IP
6) My host has said:
'For VPS customers that have a HyperVM login you can now host forward DNS on the DNS servers rdns1.vaserv.com (US)rdns2.vaserv.com (UK'
And I am unsure what this means/how to do it.
I am not sure if I need some more information to set up my DNS, however I am sure that I can get it if I do.
Now, my questions begin. Firstly, I need to point my domain - runemart.com - somewhere. I believe I need to set up my DNS via HyperVM or LXAdmin so that they are something like: ns1.runemart.com and ns2.runemart.com. Though, is this correct? Am I able to set up my own actual domain name servers, or will my domain have to point at something like rdns2.vaserv.com?
If anyone can assist me in this I would be very greatful, as I am waiting to get my website running. This is all I will ask for now, I will take it one step at a time =).
I see a lot of DDos related articles here at WHT. We've got hit multiple times by DDos and had to handle those attacks everytime with a different approach.
The largest one and the most well know one (we were in Times Mag, AP news, CNN, slashdot, you name it - just do a search about us on WHT) was Russian botnet cyberattack - we had to anaylyze netflow and then block everything on our edge routers, then on the firewall and then locally on the servers.
Since then we had number of other attacks, some of them we were not able to defend on the server level, while, as you can understand we can't do netwflow and manual intervention evey time somebody gets an attach.
We have very good scripts which allow to mitigate huge number of DDos attack, whet our scripts are finding attacking IPs and blocking them automatically - still some attacks could be blocked only on the router level.
I've read that Cisco Guard (I am interesed in 65xx version of it) suppose to mitigate DDos attacks in automatic mode.
1) I was recommended to chose the XL-EN model switches because it seems they have more Memory, but the second one in the list (Catalyst) is not a XL-EN, is that going to have any affect performance wise? or it doesn't really matter?
2) I was also recommended to choose managed switches because that way I can use the SNMP features to measure bandwidth, are any of the switches above unmanaged?
3) I also want to be able to manage the switch remotely, web managed, are any of the switches above web-manageable?
4) Most importantly, when my datacenter give me a 100mbit drop, I dont know which port to plug it in in the 29** series. In the 35** I see it clearly but I am not able to see it in the 29**, any ideas?
5) On some of these switches I see a special port called "Console", what is it? where does that connect to?
6) Do any of the switches above not have a console port?
I have a single /24 and my firewall is on x.2 and routes traffic for each of the servers.
Now i have a new Cisco ASA 5510 that i want to replace the aging firewall currently in place, however i dont want to put the firewall into transparent mode because i dont want to lose all the functionality.
Now with most firewalls your outside subnet cannot be the same as your inside subnet, which is fine if you are using NAT but i dont want to NAT. I need all of my servers to remain with their public ip addresses.
So what is the ideal way to setup something like this? Request my ISP give me a /30 for the ASA outside interface or something? And then ask them to route my /24 through the /30 new subnet?