alphahpg.com

F1, Networking, Coding, Photography & Minitatures

Network Musings March 13, 2019

I’ve been building a robust small network to do my CCNA ICND1 & 2 studies, using my ESXI server to run 4 IOS XRV’s connected to my servers PFsense firewall and virtual tacacs server.

I’ve come up against a bunch of things which have made this not necessarily as straight forward as it should be.

Getting the IOS XRV’s to run took a bit of manhandling, but we got there in the end (hint you need a console connection to them which you need to either have the full Licence for ESXI or configure them somewhere else and import them into ESXI (which I did).

Using IOS XRV for CCNA studies means you need to do things a little differently, as the default doesnt really exist, you need to either use IPV4 or IPV6 when using the appropriate commands.
Good example: assigning an IP address to an interface, in normal IOS you’d use the following:
conf t
int gi0/0
ip add 192.168.0.1 255.255.255.0
no shut

In IOS XRv you’d do the following:

conf t
int gi0/0/0/0
ipv4 add 192.168.0.1/24
no shut
commit

Also with IOS XRv is follows the trail of JUNOS in that you need to commit your config changes, to prevent issues occurring cause of a bad config change (which we all know is super easy in normal IOS).

In my current network, I have 4 IOS XRvs, each with an interface going to another IOS XRv, a loop back on 1, 2 , and 3, in the 192.168.255.0/28 netwroks, RIP provides connectivity, this is mostly because ICND1 only really looks at RIP v2. When I progress to ICND2 I’ll activate OSPF.

I installed Open NMS, and a Tacacs server to allow single point of authorisation and authentication, meaning I dont need to set up multiple users on each network element.

I also found because the internal 192.168.0.0/24 networks live in a different space (network) than the 172.16.0.0/24 net, we had some issues with TACACs workig correctly. in the end this was found to be the TACACs server not being able to send information back to the routers that sent the request initially even though you could ping and trace route the tacacs server. I added a static route to the 192.168.0.0 nets to the tacacs server and low and behold all the IOS XRv’s can now be authenticated via TACACs.

I’ll have more info coming soon!

No Comments on Network Musings
Categories: networking

Back on the CCNA bandwagon…with esxi March 6, 2019

Ok so its been a while since i talked about networking (the computer kind not the people kind), and im a little bit excited to say the least.

Im current going through the icnd1 book and have almost completed it, but rather than use gns3 via a virtualised linux guest on my esxi server i managed to get Cisco’s ios xrv 1000 working properly.

Basically my current topology is pretty limited (just 2 ios xrvs and 2 junos vmxs) but it works.

Theres a couple things i eventually found out particularly with the ios xrv.

First to make it work in esxi you need serial dupport which is only available in the top tier esxi licence.

Secondly ensure you have sufficient memory and resources.

I would suggest once the virtual boxes are configured id set up ssh and tunnel your way into the virtual boxes via that instead. Less headaches that way.

Also another thing to remember the network cards listed in the virtual machine stats wont reflect whats actually there.

For ios xrv the first network card is the management port (but we dont use that one) so the ports start from nic2 on in esxi.

Vmx needs to use the first two interfaces the rest are counted 0 to what ever.

Ill write up another blog detailing the configuration and some tips about both the ciscos and the juniper boxes.

No Comments on Back on the CCNA bandwagon…with esxi
Categories: Uncategorized

The Y-wing is coming for you March 4, 2019

The unassuming Y-wing, hardly the pinnacle of firepower or manoeuvrability, has started to become pretty prevalent.

There’s a few reasons why, and we shall discuss them in turn.

The first is due to the recent points drop, makes them a better value proposition compared to other ships. This means you can fit more of them in, thus having more redundancy and firepower.

The next is the fact for a min of 31 points you can have an 8 health ship. Points to health wise, its probably one of the best, points to resiliency probably a ship or two behind the dreaded Defender.

Also the ship can take a variety of upgrades to make it very efficient for the points cost. The most common is taking Ion Cannon Turret (4 points) and Veteran Turret Gunner (6 points), making for a double shotting base y-wing (gray squadron bomber or cryomorah goons) 41 points. Thats a pretty offensive punch for a small point cost (comparatively).

Another feature is also the fact they can take bombs (sorry devices), combined with the prior reason, you have a strong combination to do some damage and then roll the enemy ship into a proton bomb.

With the push towards more resilience based lists over ace type, means that ships like the y-wing are much more in demand.

The Y-wing is a very jousty ship. It wants to joust you. It can take damage, it can put it out. Combined with the Veteran Turret Gunner and Ion Cannon Turret, makes it a very formidable opponent indeed.

How to handle it?

Try to avoid the initial joust!. Sometimes this can be easier said than done, but careful planning of the asteroids, and placing of your ships will help you avoid the initial joust, and get around the sides of the Y-wings. You want to avoid the double tap, and sometimes it may not be possible, but with careful movement planning its possible to mitigate the joust.

Be thankful they dont have FCS.

No Comments on The Y-wing is coming for you
Categories: xwing