(TIL) Today I Learned...

that1guy15 · March 09, 2015, 04:34:44 PM

Quote from: routerdork on March 09, 2015, 04:14:01 PM
TIL...that IOU doesn't support any L2 QoS, only L3...after I built out the whole lab

And that is why it was dropped from the CCIE. Its too platform/ASIC specific for IOU.

routerdork · March 09, 2015, 04:42:28 PM

Quote from: that1guy15 on March 09, 2015, 04:34:44 PM
Quote from: routerdork on March 09, 2015, 04:14:01 PM
TIL...that IOU doesn't support any L2 QoS, only L3...after I built out the whole lab
And that is why it was dropped from the CCIE. Its too platform/ASIC specific for IOU.

That's what my QoS instructor said about the inclusion of switches into the training as well. We just did a refresh so I've got some 3560G/E/X's I can get my hands dirty with.

Otanx · March 13, 2015, 06:39:42 PM

TIL... that if you enable MD5 authentication on a BGP peer that goes through an ASA it will break. Apparently not only does the ASA randomize sequence numbers, but it drops the MD5 option in the TCP packet. Quick modification to the firewall, and everything is working.

-Otanx

Reggle · March 14, 2015, 04:57:11 AM

TIL That a Watchguard is indeed as horrible as everyone always told me.

wintermute000 · March 14, 2015, 05:16:47 AM

What exact fix did you apply otanx? Remove or apply an application inspect rule?

Otanx · March 15, 2015, 12:18:42 PM

I can't find the exact blog post that I used at work, but the one below is similar. You match bgp with a class map, and then set the options you need.

http://bocloud.blogspot.com/2013/04/special-bgp-configuration-on-asa.html

-Otanx

wintermute000 · March 15, 2015, 08:36:46 PM

cheers mate, useful stuff

icecream-guy · March 20, 2015, 01:54:50 PM

TIL, when you are configuring redundant connectivity to ESX servers via a vPC, and when the port channels don't come up, but the ports are up, and the interfaces and port channels have the exact same configuration... make sure the ESX servers are in vCenter before you spend more than an hour troubleshooting why the port-channels will not com up no matter what.

deanwebb · March 20, 2015, 02:20:09 PM

TIL that our AD setup is... really... well... the nice way of putting it is, "interesting and full of exciting opportunities!" There's lots of security stuff that interfaces with user directories, so this is not a pleasant thing that IL T. Pleasant or not, though, I gotta make things work...

Otanx · March 20, 2015, 02:34:48 PM

Quote from: deanwebb on March 20, 2015, 02:20:09 PM
TIL that our AD setup is... really... well... the nice way of putting it is, "interesting and full of exciting opportunities!" There's lots of security stuff that interfaces with user directories, so this is not a pleasant thing that IL T. Pleasant or not, though, I gotta make things work...

I don't think that is specific to your setup. AD is always interesting and full of exciting opportunities.

-Otanx

hizzo3 · April 13, 2015, 12:08:37 AM

TIL that whitespace (space) is a valid password character that doesn't show up when doing a show run.
Spent the last week trying to understand why my PPP lab wasn't working when pasting in the given configuration.

Any tips on this one?

deanwebb · April 13, 2015, 08:37:40 AM

No tips on the password thing, other than to not use spaces in the future.

TIL that Java *still* sucks.

SimonV · April 20, 2015, 08:14:46 AM

TIL that using public IP addresses on the LAN automatically enables 6to4 tunneling on Windows clients, causing all sorts of funky DNS behaviour

Netwörkheäd · April 20, 2015, 10:02:25 AM

Wow, and you can't deactivate ipv6 on Windows unless you want disasters to happen. Wow...

SimonV · April 20, 2015, 11:54:03 AM

Well, you can disable the 6to4 via GPOs which is what we're trying now