, the EX3200 can't do 4K active VLANs, only 1K, even though data sheet says "4K VLANs" (suppose they mean the VLAN ID can go up to 4K) lame :| srsly up_the_irons: just about to check on the x350 for you bob^^: ah sweet, you have one? i know for a fact the older Extreme kit can do it (48si) as i've done it yeah got a few around our network nice we're fans of extreme here :) lol do you find them to be reliable? I've heard horror stories ;) that said we're just moving to cisco in the core as extreme just doesn't do what we need at the price oh yeah, very i've used most of the "edge" switches they offer (which are massively capable tbh) and a few blackdiamonds in the core the only one we've had issues with is the 48si's after 8 years in operation memory modules in them failed - trip to local computer shop, buy new RAM, replace RAM = working switch :) bob^^: ah nice bob^^: is there a 48-port all gigabit version of the 48si ? yeah, it's the x350-48 iirc they've got a module slot on the back for a 10g uplink too (not a xenpack though confusingly, something extreme-specific) there are newer models now too from Extreme that do the same x460 etc they're actually not bad at L3 stuff too in an emergency nice i wouldn't use them to route a huge amount of traffic, but they're alright if you're desperate they all come with a basic l3 license that can do static routing and RIP iirc i c a full l3 can be activated and they'll then even do BGP (though i don't believe they have the capacity for a full table) my recollection is that you put a carrier module in the back that then takes 2 xenpaks ahh that might be it d'oh, there's no x350 in our testbed anymore lol shucks just asking a colleague if there's an underused one anywhere i can play on creating a few vlans shouldn't upset it too much ;) have you ever used extremeware/xos before? nope it's nice :) bit of a change if you're coming from IOS but i prefer it in some ways excited to learn it if it can do 4K active vlans :) unconfigure switch all will be your friend while you learn ;) actually, looking at an x450a here that appears to be a carrier module that takes xfps - haven't got an x350 to hand, maybe they were xenpak or maybe there's more than one type of carrier module pretty sure the x350 isn't xenpack but it's been a hell of a long time since i actually saw the back of one :) data sheet seems to suggest it will take 2 port carrier modules that either take xenpak, xfp or sfp+ as well as a 10gbase-t one it's a neat bit of kit performance is excellent up_the_irons: found one to play on if it all goes wrong only one customer will get disconnected ;) ;D i quote: 09:21:25 <@Dunny> if you break it you can explain it to whoever gets mad here goes nothing ;/ Total number of VLAN(s) : 4 (before i start) oh your connection has broken? must be a... hardware fault? on cisco, i'd like copy & paste the output of: for i in `seq 1000 2500`; do echo "vlan $i" ; echo "exit"; done on extreme it's more like for i in `seq 1000 2500`; do echo "create vlan a$i" done ah basically :) sorry, had to dash off - working from home today waiting on a gas engineer to sort out my oven :) just creating the first 1024 now bob^^: no problem, take your time; i'll be here for the next couple hours bob^^: i appreciate you trying to figure this out for me :) i'm an extreme fan... i should get commission ;) lol i've heard very good things recently about brocade and force10 too though not used either personally well, used brocade when it was foundry, but not for about 10 years :) lol, show vlan now takes quite a while to run and i'm only half-way through adding vlans extreme is nice for layer 2 stuff, and reasonable for simple layer 3 stuff - but I wouldn't want to do a full bgp feed with it agreed most of it can't even take a full bgp feed well, i think an old blackdiamonds with msm64i's (x2) can but most of the new kit is massively overpriced if you want a full bgp feed on it we went for cisco in the end for core with sup720-3bxl's Total number of VLAN(s) : 2404 bob^^: wow, i'm very pleased. it beats the Juniper EX3200 and EX4200 (i think) really? that surprises me, the juniper stuff is normally quite well specified the only time i've had issues with 4k vlans has been on cisco - and even then it was because we were running an SMI IOS instead of EMI by accident bob^^: http://dev.inetpro.org/pastebin/517 (and only on little switches like the 3550's etc) wow not cool that's really surprised me bob^^: as for cisco, according to their spec sheets, only the 4500, 4900 and 6500 can do 4K active vlans bob^^: me too oh, wait, you're quite right i was really to plop down the cash smi = 256, emi = 1024 yep (on the small switches) not sure i've managed quite the full 4096 here yet, just waiting on show vlan to finish dumping the vlan list :) lol 6500's are pretty cheap if you can afford the rack space yeah, and i have the rackspace, but i hate to waste 6503 ? 6503/6504 stuff seems hard to find depends how many interfaces you want i guess 6506+, no problem yeah, second user they're impossible plus you'd want the 6503e so you can drop in the top supervisor in the future if you wanted to yeah and i think that starts to get pricey even second user a sup720 with 3bxl (for a full bgp feed) and the full pfc/dfc setup is like gbp15k cisco's list prices are just upsetting :) cisco's list prices are just upsetting :) d'oh Total number of VLAN(s) : 3671 want me to hit the limit and see what it does? bob^^: sure, although i think you've proven it can go to 4K already... i'm interested to see now too bob^^: haha most i've ever needed on one of this is about 50 :) bob^^: how is the switch behaving now? is it slow? normal? ... * ifl-x350-01.4268 # create vlan robtest4597 Error: Max number of regular VLAN supported 4094!! :) (there's two default vlans you can't remove) haha Default (tag 1) and Mgmt (tag 4095) bob^^: you should turn off spanning tree on those vlan's, it would probably drop the cpu usage a lot and maybe your show vlan output would be faster :) sec, once it's done a show vlan i'll see what span output is like extremes are much better behaved on stp than cisco i know turning off stp on my 4500 for customer vlans free'd up a lot of cpu yeah, disabling stp on cisco kit is a smart move if you don't need it we've never had to do that on extreme kit though ah ok will be interesting to see what the cpu load is given none of these vlans are actually applied to an interface, i guess it should be low i can get the 350-48T on Provantage for $1990.26, which is a pretty sweet price compared to what the competition charges and *can't* do ;) the x350's are amazingly good value even support on them is cheap nice and the support is pretty good too all the x350's we've had have worked 100% since installed (one arrived DoA) but then i've had plenty of cisco arrive DoA so that's probably not much to worry about :) total MAC address is kinda low (8K vs. 24K on Juniper), but i think 8K will suffice bob^^: yeah nice take a look at the x460 it's more for core use so may support a larger mac/fdb the x350 is technically classed as an edge switch (an edge switch that's clearly been on performance-enhancing drugs) Total number of VLAN(s) : 4094 :D also they're giving pretty big discounts on x460 last time I looked - though that still leaves it rather more expensive than x350 up_the_irons: anything else you want me to try before i start removing these vlans? not looking forward to this .22 -> vlan migration :| bob^^: how about assign the vlans to an unused port, just to see what cpu usage is like bob^^: looks like the x460 can do 32K MAC, nice apply them to an unused port as a trunk? can do oh wait, that would take an age for me to do Switch : X350-24t 672 Jun-24-2009 (first service date, 672 days service - never been restarted) bob^^: wow nice 30 second cpu usage right now = around 1% bob^^: yeah, apply to a trunk port 5 min avg = around 40% (while i was still running show vlan) maximum over the past hour = 100% (cli process though, vlan process max = 20%) bob^^: what is general diff between the x350 and x450? stp max over past 1h = 1% cpu (see, extreme is nice on cpu with stp!) not sure about the x450 http://www.layerstyles.org/builder.html wow cool last i looked it was just PoE oh and i think they might stack i wish i stacked i remember we decided the x350 was fine for what we wanted (i.e. x450 wasn't worth the extra) bob^^: ah ok we've got quite a few x450s - they come in two models - the x450e is edge and roughly similar to the x350 - the x450a is more core focused, bigger tables etc ahh LT: ah ok, thanks and yeah they stack up_the_irons: http://pastie.org/private/sq1ge0dzbex8bl3dggt8w (cpu usage) what do you gusy use to monitor your switches ? also... can you do second psu on an x350? you can on x450 you can do second psu, but it's a remote unit and is massively overpriced iirc same for x450 ahh it's the one thing that's annoying the old 48si's could take 2 psus on-board same for the ancient 48/48i :) the x460s and x650s have gone back that way that's good news i put it down to the fact the x350 is an edge switch oh nice and tbh, who'd put a second psu in an edge switch :) eyecue: we use opsview, PRTG and MRTG (and some custom stuff too) i try to have dual power to everything :) in the core we do too coolio up_the_irons; do you have at's upstream and dual pdu's per rack as well though ? up_the_irons: http://www.extremenetworks.com/doc.aspx?id=207 might be useful its often funny to see peeps dual psu everything without regard for the current draw and lack of power HA upstream of the rack eyecue: yep eyecue: so i have 4 circuits per cab, 2x A feeds and 2x B feeds and put 40% on each noice horiz or vert pdu's ? LT: lol, i was just looking at that you guys are lucky over tehre :( eyecue: APC AP7932 ahh my fav's our main central london DC can't even give us two feeds into our cabs 1 feed how the hell do you get 2 a nd b feeds into a singke rack ? unless im misunderstanding eyecue: dual psu in my experience doesn't really increase how much power you use LT: can the x450 take dual psu's on board? according to the comparison charge, that feature starts at the x460, not x450 *chart bob; no but it can be interesting to see the draws peak when both are running active across multiple circuits nope, x450 is external unit like the x350 (that said you can configure a 6500 to do fancy things with it's dual psus which can increase the load on one PSU more than the other) bob^^; of course servers != switches. eyecue: easy, you pay the electricians to install 4 circuits above you cabs :) we offered to pay here you just cannot do it the DCs here are all massively under supplied with electricity but they feed into the pdu's how, ive only seen 2 x 0U pdu's fit into a 42/45 ru cab unless you run multiple 4 x 16 ports or something spose it comes down to density the external power supply is a 1U thing that can provide backup power to 2 switches - I don't remember them being too bad price wise but a bit awkward perhaps eyecue: The APC AR3157 can do 4x 0U PDUs ! which is what i use they snap right it, i love APC :) yeh apc does rocks wtf @ 4 x 0u's LT: yeah, i'm familiar with those. in cisco land we call them RPS (remote power supply) mm, how do you find the 1070mm depth ? eyecue: i even have a cab that will do 8x 0U's :) youre just being rediculous now :D eyecue: i buy the AR3157's here: http://www.provantage.com/apc-ar3157~7AMPN051.htm thats USD ? shit we pay a premium over here. up_the_irons; wait wait, how many port 0's ? :D 0u's eyecue: that one will do 4x of the 7932's ? and yes, USD eyecue: yup holy. i gotta see a piccy of that i love apc :) best pdu's in the business hmm, trying to find mention of 0u space in that SX rack eyecue: http://www.flickr.com/photos/51184165@N00/4253157289/in/photostream/ wow, you guys get APC kit very cheaply oh oarsome, they have 1200 deep ones too it's not even dollars-to-pounds, we're being ripped off in the uk :( bob^^; yer, im talking 250% what theat online price is not including conversion are you in the UK too eyecue ? oh god thats hot irons. bob^^; .au ahh we're not quite 250% here eyecue: sounds like you need to get a moving company to do the shipping for you for a few dozen units & resell 'em ;) about 150-200% just looking around G: thats what im talkin about lol :) fill a container with them :] watch the duty/customs on those bad boys :D eyecue: LOL "gift" ;) up_the_irons; seriously, yummy. "ARP Networks Import/Export" haha bob^^: exactly! up_the_irons; how bout the 1070 vs 1200, any issues with clearance? "It's a gift, from me, to me" or do you get servers to suit hehe up_the_irons: btw last time we wanted to buy x450a extreme basically said don't bother and discounted the x460 to be slightly cheaper hell, i should buy the APC racks off irons, he can make 30% on them, and ill still get them cheaper eyecue: the 1200 is pretty deep, i didn't need the extra 4x on top of standard 4x. but at the time i got a deal on one, so i bought it 4x ? LT: what did they discount it to? eyecue: surely duty wouldn't be that much G: mmm, i dunno, probably not worth it tbh we have a shciner electric plant literally 100m up from where i work might go speak to em eyecue: also, if you did it fully registered, you'd be able to write off the Duty on the GST you charge end buyers, likely gah, schneider eyecue: the 1070mm deep will do 4x of 0U and 1200mm deep will do 8x of 0U. Mind you, you don't need to get just PDU's, they have 0U other accessories, like wire managers up_the_irons; ahh, gotcha up_the_irons; my rule of thumb is go with the deepest you can get. slash afford, slash that fit perfectly on 30x30 tiles ;) up_the_irons: worked out less than the x450a i wonder how the hell they came up with 1070 eyecue: i hear what you are saying, i thought that way too; but really, the 1020mm is so deep, you really don't need to take all that space in the cage LT: nice up_the_irons; mind you, in a tier1-3 DC, CRAC takescare of most heat buildup, but our server room is standard AC, not humidified either i c up_the_irons; right now our 3 racks are 25cm off the back wall (douche ex sysadmin), so anything is better than what we have but why not do it right. yeah ive planned room for up to 8 racks, (only 3 are full atm) so we're talking plenty of room to scale cool gah not looking forward to it hah but i shall now get quotes for that SX rack :D do APC sell their own troughs/trays too ? the SX cabs are really nice oh they do, win. eyecue: they sell everything although i don't like their shelves whats up with em ? thankfully, i don't need shelves at all anymore; everything is rackmount eyecue: they have a lip on them that wastes space front facing up ? http://www.apc.com/products/family/index.cfm?id=324 <-- sexy. eyecue: they anchor both front and rear ah yeh i think i just convinced myself to go apc stead of worrying about whats going to fit how many of X up_the_irons; know if the SX range has been updates recently, or over the years? if i buy a few now, with a view to buying more in future, see any issues > ? eyecue: not sure, i've had mine for about 3 years, and i just got a new one, no difference sweet i think mine will last me many years to come bob^^: how's that switch doing? :) okay so far :) not started applying the vlans to a port yet ah here goes ;) ahh, actually, this isn't so easy on a live switch i might have to skip on doing it ok, np oh gosh, they reckon they may have found a way for Petabit/Exabit connectivity.... up_the_irons: you better get one of those switches! ;) up_the_irons: i think it will be fine though :) i've never, ever had a cpu issue on an extreme but had plenty on cisco bob^^: roger that G: wait, which one? :) up_the_irons: ask UC Berkeley when they've got the method perfected ;) cool http://tech.slashdot.org/story/11/05/11/0227227/Exabit-Transmission-Speeds-May-Be-Possible up_the_irons: ask extreme to loan you a test unit - they're pretty good at doing that in the UK if there's a potential order behind it bob^^: oh, no shit? nice yeah, years ago i had a test blackdiamond with a pretty awesome spec on loan for a couple of weeks and a load of little switches too extreme uk are quite friendly guys nice, i will definitely try tomorrow ...this might take a while ;) haha any of you fellas schooled up on dc/rack floor plans and comparing various designs ? wouldnt mind some feedback on a couple of variations in my plans ahh, finally - all vlans deleted :) bob^^: did you deal with rob wright at extreme uk? no andy butcher? no, i think it was an italian-sounding name not even sure if he works there any more no... most of them seem to have moved to juniper lately juniper seem to be really pushing a lot recently ahh-hah Andy Zollo now works for Sonicwall http://www.linkedin.com/profile/view?id=3509843&authType=NAME_SEARCH&authToken=B3iK&locale=en_US&srchid=a45fbceb-1b0f-4018-bb96-e41f5f60e636-0&srchindex=1&srchtotal=3&pvs=ps&pohelp=&goback=%2Efps_andy+zollo_*1_*1_*1_*1_*1_*1_*51_*1_Y_*1_*1_*1_false_1_R_true_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2_*2 oh back we had a coupla sonicwalls in front of our web servers at one stage Hi all, today and yesterday aprox at 2am LA time I lost connection to my VPS any idea of what could it be ? maybe a maintenance ? nbari: first things to check are ability to hit vnc console and/or serial console via VNC i rebooted the VPS that worked today and yesterday nbari: if you reset the guest software and things work again, sounds like a guest issue to me. what do you have loaded in your VPS ? freebsd with ipsec but resently I am making test with ejabberd no current clients just testing nothing in the system logs? in dmesg? etc nothing I also have powerdns but also the trafic is vey low since is just more a VPS for maintaing 2 VPS's sorry VPN's I was thinking on reinstalling the os to FreeBSD 386 with no ZFS for making the VPS more 'light' maybe ping support@ to see if they have any logs of any kind for your VPS that might indicate something other than freebsd not doing something right, which would seem exceedingly odd considering the # of freebsd dudes here that are happy and not reporting the same how much memory? in the vps 1GB I guess thats supposedly sufficient for zfs after 1 year the VPS has been working perfect with out issues ah and suddenly it starts destabalizing? interesting. just at 2am not sure I can help, ping support@ and keep your eyes peeled for any hints from your freebsd system always the same time? just today and yesterday I start to notice that I wake up and tryied to access the vPS ( to continue playing with ejabberd) and notice that i can not enter to the VPS checked a rrd graph and notice that at 2am LA if I am right (i am in gmt+0) the network was lost I think I'm done here, keep your eyes peeled for any useful info, sofar is you have symptoms, no hints at the actual problem, take good notes, hopefully something will stand out I will recheck everything and consider the reinstall since if I am right an amd64 is to much for a VPS eyecue: did you like the sonicwalls? :/ does anyone ever really like sonicwalls? any chance I can get someone to change out my install media on my vps? Or do I need to email send email to support@ thanks and wait 24-48 hours someday soon, user-defined mounting not complaining, just saying also, after completed, you have to do a full power down to see it not just a reboot apparently the emulator doesn't re-read the config file until a full power down kvm, if its anything like qemu, takes cmdline parameters including the cdrom filename, thus a power down is necessary to re-start the kvm instance with new command line parameters is there a way of mounting my own ISO for reinstalling the VPS ? I mean with out depending or the support team nbari: no I would like to reinstal freebsd 8.2 i386 could you helme to put the iso so i can later do the reinstall is just that I would like to optimze the VPS for not consumming few resources by the way today and yesterday aprox at 2am(LA)I lost connecion to the vPS a network maintainance or something ? nbari: for iso changes, please submit a ticket to support@arpnetworks.com, include a wget'able link to the ISO you want, as well as your vps UUID done aprox 8 hours ago with the UUID and iso link ok, cool is there a way o check on the console of the server if something happende today/yeterday with the VPS ? maybe a log or a warning/error etc ? depending on the OS, most of the time the console messages won't tell you anything the syslog doesn't, unless it's a hardware failure issu the current OS is FreeBDS , and the VPS running fine is just that today and yerterday notice tha issue but wondiering what could it be since the VPS has been very stable the console logs won't tell you any more than the syslog (thats what actually generates the console messages) jpalmer: so you're saying kernel messages show up first in syslogd then syslogd prints it to the serial/vga console in freebsd? toddf: /dev/console, not serial/vga so from the side of arpnetworks everything is ok no network maintainence or somethig like that ? but yes, if you look at syslog.conf or whatever (not logged into a fbsd box atm) you'll see an entry there for logging to the console nbari: nobody has said anything about the network being ok. most of us wouldn't know. I didn't experience an issue at 2am (you didn't mention the timezone) I think was 2am LA i think it gmt+8 FWIW, I don't see any ping outs on IRC indicating an issue (and several people here, including myself, IRC from their VPS) jpalmer: I know some messages are relayed to console, but kernel messages should display on console first, and syslog will log them and relay them to logged in user terms, .. aka sending critical kernel messages through userland back to a terminal is not how unix works. toddf: you make a valid point. now that I think about it, when I had a failing disk, I saw the messages on the console. not in syslog. so I'll rephrase the "unless it's failing hardware" to "unless it's a kernel message sent to console" the whole point of me pointing nbari to the console (serial and/or vga via vnc) is because sometimes stuff shows up there and nowhere else. one more place to look for breadcrumbs... is just that i though that the main server (kvm) maybe has logs reportint any issue this is also why I instructed you to email support@ incase they had any breadcrumbs sounds like I may have missed some of the conversation. more than tired is just that I have already emailed but I think that is IRC for maybe here some one has more recent news etc bob^^: just got off the phone with extreme; the x350 and x460 can indeed do all 4K vlans active bob^^: so even though you didn't assign any to a port, i'm now confident it won't blow up if you did ;) up_the_irons - awake? :) RandalSchwartz: almost heading out for dinner $client considers "please ensure you encrypt your laptopdisk" more important than the fact that it's trivial to coat-tail on the back entrance (20 second door closure, no video monitoring) I consider that a bizarre focus of resources on wrong idea I even tried to *pull* the door closed behind me... can't be done and no, we don't have enforced nametags i c I guess people don't compute properly the relative threats and just "look where the light is good" happens a lot Maybe I think like a bad guy too often. :) But I could coat-tail in the back door I'd get to walk around the entire plant without being stoppped. Nobody wears badges, and nobody knows everyone. And there's a *lot* of critical info on whiteboards plainly visible Seems much more likely than someone grabbing my laptop, rebooting to single user mode, and then dumping it. :) RandalSchwartz: is this at media temple? bbl, dinner can't say : bbl = barrel? :) be back later