Posts Tagged network
Network Issue: I Know Why!
Posted by Bloggylife in technology, troubleshooting on January 5, 2010
So I know why the IP phone in my room is not working on this port. That particular port is not configured as part of the voice network. Should I call up the IT department and give them the socket label and tell them to include the switch port to the voice network. I can simply suggest to switch cable connections on the switch side or just give me the keys to the building’s data room and I’ll do it 
It’ll be a bonus, I’ll see the data room, switches, configurations, cable management, cable types, cabinet layout, physical security, all in all, it’s a win win situation 
It so much simpler when you are in charge 
TCPView for Windows
Posted by Bloggylife in troubleshooting, windows on July 19, 2009
In any client server scenario, it’s hard to connect the process running on the server to the client on basic windows commands. Usually all processes will run under system account. This is an awesome tool that makes the task much easier.
TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows Server 2008, Vista, NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently presented subset of the Netstat program that ships with Windows. The TCPView download includes Tcpvcon, a command-line version with the same functionality.
Site: Link
Download software: Link
Fiber Specs
Posted by Bloggylife in technology on April 25, 2009
We’re about to buy a Cisco Firewall and we need fiber ports as interfaces, the technical Cisco product guy, asked what are the Fiber specifications you want?
I asked what do you mean? Don’t we just need a firewall with SPF SFP interface? – I sometimes make that mistake ;P -
He said, well type of fiber you are using and connectors.
Isn’t all the fiber used for long distance is single mode, and our fiber is terminated on LC connectors, so this is what you need right?
Well, no we need more information.
Really, like what kind?
I’m not sure, I’ll ask our other technical guy, he’s more into fiber specifications and I’ll get back to you.
Ok!
I’m still waiting for their feedback actually. What I know about fiber in general, is there are two type, single mode and multi mode. Single mode is for long distance and more expensive. Multi mode is for shorter distance and cheaper. Each has it hardware to support it. You can’t link a multi-mode to single-mode fiber without having some kind of transceiver to convert the signal. The type that they pull from the nearest exchange to buildings is single mode and if you want to pull fiber within your premises, across floors or between close buildings, you’ll use multi mode.
I’ve never seen a fiber mode convertor, but I hear they are very expensive, what they’ll do actually is have two transceivers, single mode to ethernet and multi mode to ethernet, so they’ll connect the single-mode to the first transceiver and connect the multi-mode fiber to the second transceiver and have an ethernet cable between them. From a network point of view, two points of failure! From a sales point of view, cost saving.
Check your WAN connection, are you utilizing fiber, leased lines, wireless, satellite. If you are using fiber, how is it connected to your router, is it direct or through a transceiver. If it is the first one, then your router is with a fiber interface module plugged which is more expensive then having a fast/giga-ethernet interface and having a transceiver in between.
Regarding the connectors, you know how long it took me to actually get them right, 1 year ;P ST round, SC square, MTRG big square, LC the small ones, I memorized them like that. Actually, I only used to mix up SC & ST.
Fiber cables, can come with the same connector terminated on both ends, LC-LC , or different type of connectors ST-SC. So maybe your fiber patch panel has ST connection and your switch interface has SC connection.
I’ve never dealt with Cisco firewall, so this would be interesting, firewalls all have the same concept, you just need to get familiar with how to manage it. The thing I know about Cisco, is every feature you need, you have to buy a separate product! Not all in within the same box. We’ll see what ours comes with.
Why Static IPs?
Posted by Bloggylife in technology on April 19, 2009
There are many issues with dynamic IPs for stations providing services such as web, email, FTP, etc.
- Can’t guarantee they’ll always keep the same IP.
- Changes need to be reflected on the DNS, which may have been set so that hosts can automatically register themselves or not. DNS changes take time to be propagated to other servers.
- Some applications need the IPs to be coded within them, if the IP is changed it has to be reflected as well.
- Most importantly, when you configure the firewall, it’s for that specific IP, I personally haven’t seen a firewall where the host is configured with name only and DNS is used to lookup the IP.
| Source | Destination | Service | Action |
| Any | Web Server Public IP | http | accept |
- For email, services, PTR records are created to verify that you are not a spammer and if you don’t own your IP block, you got it through an ISP which is the common case, PTR records for your IP block is pointed at their main DNS servers and not yours. So imagine the headache of everytime calling your ISP to change the public IP record. You may argue well only the private IPs are changed and mapped to the same public IP, you’d be amazed to know that some configure their public IPs direct on their servers.
- DNS servers are configured with IPs only. Example, if you are looking for x.google.com, a list of their DNS IP addresses is added (ex: 216.239.32.10) in other root DNS servers for you to go there and retrieve the correct IP.
That’s what I came up with, there may be other reasons 
Changing Networks Tips
Posted by Bloggylife in technology, troubleshooting on April 9, 2009
It can get a bit tedious when changing the design of your network, if you have an existing configured network, it’s harder to change it then implement a new one all together.
If you look at a company’s network, it’s focal point is its firewall. Behind each interface is a network or a group of networks.
On the 3-layer switch level, you’ll have the VLANs configured and on that switching level, there are routing capabilities, all is routed to the gateway. ex. users private network will be routed to a single firewall interface (172.17.1.1), where as your DMZ private network, has it’s own interface on the firewall.
When changing the network, do it one step at a time, have your design layout and let it make sense, if you have VLANs, name your VLANs correlated with the network IP settings, ex. VLAN 3 is configured for network 10.3.x.x, something to make your life easier for future troubleshooting.
Change one thing a day (VLAN/switch) and start with the least network usage department/users. Which locations, uses the network resources less, they don’t depend on the email system, Internet, etc. Most of their tasks are local to their PCs. Preferable, if it has the less users mixture, what we call direct users who are configure on another level, firewall, to use services other than the normal ones, like direct access to application servers.
Adding a new VLAN, doesn’t mean you delete the old one, keep it still, the same VLAN maybe configured somewhere else you aren’t aware of and needs to be routed.
Don’t forget to go beyond the switch level, your firewall needs to be aware of the new settings. Route the new network to the proper interface and don’t forget to add the network group on the firewall application, it has to know that this is a valid network residing behind that specific interface, ex. network 10.x.x.x is behind interface 172.17.1.1, or else the firewall will drop the packets presuming it some kind of spoofing attack. These settings are needed for users with public IPs natted to their private ones.
Check everything after each configuration, even if you think it won’t effect what you are checking, believe me with IT crazy things that don’t make sense happen all the time!
Write everything down, day and what tasks were done and build up your documentation through that.
Leave the servers network last, this is a huge headache, you can have both old and new server network, working side by side, routing between each other and gradually shift them and don’t forget to PRAY throughout the whole process
Recent Comments