I hope this post does not count as "early career advice" considering I have not started my career yet, but if so I will redirect my question to r/itcareerquestions.

I have just received all of the colleges I applied to, and, based on the title, I have been accepted to UPitt and UMD. Both colleges I will be going into Information Science.

When I looked at the Information Science major for UPitt, I was pleasantly surprised that networking was a core subject AND it could be a concentration later in my college experience. On the other hand, UMD, based on what I saw in the curriculum, has classes more relating to databases and, eventually, cybersecurity.

I entirely understand the importance of certifications in the process of becoming a qualified network engineer (my dad has been a network engineer for 20+ years) but I also believe a connected college experience would also improve my learning, something he did not have.

I am currently take a dual enrollment class that prepares me for the Network+, and I fully intend on using the preparation to take the test. I know the comparison is probably a too specific question to ask, as it is highly unlikely someone has been involved in both UPitt and UMD's curriculum, but individual experiences and insight can help me decide where is best.

Thank you.

Hello everyone newbie here, so apologies if this is super obvious but, I need to provide a room on the ground floor of a 7th story building with internet by just using patch panels, since not all of our networking equipment has not arrived/installed yet.

The setup is as follows

the ISPs modem connected to the IT room's keystone lan port, that port is connected to a labeled patch panel in the server room, I then jumped a lan cable from the IT room patch panel port to the ground floor's supply port on the same patch panel, now on the ground floor's patch paneI I attached a lan cable from the supply port to the office port I need connection in.

The problem I'm having is that it's not working. To my understanding patch panels are just extension cords for networkin, so there's no need configure the modem or anything. I've verified that we do have internet from the modem, from the IT room port via patch panel as well, however the supply going to the ground floor port is not working properly, when connected to a sw on the same floor I can access from the ground floor, but when I connect the cable for the internet it does not provide connectivity.

I've did basic troubleshooting with replacing cables, changed ports and restarted the modem, idk what else to do

I currently have four camera poles that need to be connected via Teltonika routers, each using an AT&T SIM From my research, obtaining a public AT&T IP requires creating an APN. Is there a way to bypass this requirement. Port forwarding is not an option.

Hello everyone. I’m a senior student in a Computational Systems Engineering and currently doing an internship in a small ISP (new in the networking field). I’ve noticed they have almost none redundancy in their network and last night this CISCO protocol came into my mind: HSRP. Doing a little research, realized VRRP is the name of the protocol outside CISCO environment, and I want to make a proposal to implement it in production. So, I’d like to know some advantages and disadvantages for this protocol, because I only happen to know HSRP (we only review CISCO technologies at uni), or where can I do some research. Thank you everyone!

Hi, network gurus

I am looking to deploy Access Points within huge freezer with aisles of frozen goods on pallets, 30ft in height.

Do you guys have any recommendation on vendor specific AP? Cisco, Meraki, Aruba, Ruckus, Ubiquity and use case for walking freezers? Thanks all!

Hi all,

We are a single site with around 110 staff. Most staff work hybrid, with generally two days in the office. We want to replace our Juniper SRX 345

We have 1GB throughput from our ISP and I don't envisage our site bandwidth to change.

The logical step to me is the 380...but in some ways it's almost overkill and not. The Firewall performance is 20 Gbps and IPS performance is 2 Gbps. It lacks SSL Inspection but has Encrypted Traffic Insights.

On the other hand, looking at the PA-460, the approx throughput is 4.6 Gbps and threat prevention is 3 Gbps.

The 380 seems designed to be more a "networking/routing" device and not a NGFW, as it lacks some features, whereas the PA-460 seems to be comparable in threat prevention and can do full SSL inspection if we need to. We wouldn't be inspecting everything we have but would be useful in some case. Also having Globalprotect with SAML could be a good backup VPN solution.

Just curious if anyone has any comments on them or preference. Apologies, I know firewall vs firewall isn't new at all here, but appreciate any insights.

Hi All,

I'm currently a desktop engineer with 3 years or experience going into 4. I recently got a CCNA and was looking into the CCNP sometime this year.

However, I was wondering what a realistic tech stack looks like for networking moving forward. In terms of someone wanting to be a network engineer.

For instance, how important is learning cloud or programming, etc. I'm interested in what's recommended if anything outside of traditional networking.

Seems like everyone has a different opinion on this and it's becoming impossible to navigate what is realistic and what isn't.

I appreciate everyone's replies :)

Hello everyone,

I’ve seen news about layoffs and cutoffs in big companies, but, at the same time, there are reports that businesses are struggling to find enough workers. Based on my perception there is an increased demand for workers in small/medium-sized companies that operate primarily in German. On the other hand, large FMCG and multinational corporations, where English is the standard language, are either not hiring or even reducing IT staff to cut costs, often outsourcing to lower-cost locations. (as any business does). Nevertheless the job market is tough literally everywhere, I’m trying to figure out my chances of actually landing a job there with a valid work permit (chancenkarte).

I have 7 years of experience in multinational company- 4 years in internal IT helpdesk (various levels) and for the last 3 years as a network manager. I also have a fresh CCNA and a Goethe A2 certificate which I passed for the last month.

Given the current 'setup', what are my chances to find out a job as Network Engineer/Manager in Deutschland?

Any insights or advices would be greatly appreciated!

Hey r/networking,

I’m reviewing a quote for a 6,000 sq ft office setup in Delaware and wanted to get some expert opinions on whether the pricing seems reasonable. The scope includes structured cabling, access control, security cameras, and networking hardware. Some of the numbers seem high to me, and I’d appreciate any insights on whether these are in line with industry standards.

Here are some key items from the quote:

Networking & Cabling

• Cat6 Cable: 5,000 feet total
• 3,000 ft @ $1,407.69 2,000 ft @ $800 These are plenum-rated runs, but does this pricing seem normal? Also, does 5,000 feet seem excessive for a standard office buildout? We are only running cable for 9 cameras, door access, and 8 physical drops for printer LAN access. All other devices will be WiFi.
• WiFi Access Points: 4x UniFi U7 Pro Max @ $1,272.88 total (~$318 each)
• The office is ~6,000 sq ft, and I’ve seen similar spaces covered with fewer APs. Overkill?

Security & Access Control

• UniFi Dream Machine Pro Max: 1x @ $711.28
• Storage: 2x 24TB HDDs @ $1,197.60 total
• This is for security camera footage. Does 48TB seem excessive for a 9-camera setup?
• UniFi G3 Readers (Access Control): 2x @ $325.60 total
• UniFi Protect Doorbell Pro: 2x @ $779.86 total
• If we’re using the G3 Reader Pro, does it make sense to also have a separate doorbell?

Cameras

• 9x UniFi AI 4K Turret Cameras (Weatherproof): $4,065.84 total (~$451 each)
• This is fine for exterior, but does this price check out?

Other Costs

• Scissor Lift Rental: 1 week @ $1,255.50
• Shipping Costs: $17,784.25 (!!!)
• This one really stood out. I have no idea how shipping for this project could be that high. Maybe mislabeled Labor - if that is the case does that seem accurate?

Total quote comes in at $35,715.74, with the shipping alone being nearly half of that.

Does anything here seem out of line? I’d really appreciate any feedback from folks who work with this kind of setup regularly. Thanks in advance!

I'm looking for a tool that allows me to monitor multiple IP addresses/domains for open ports. I want the tool to send alerts via email or other integrations when the status of open ports changes.

The idea is that I have clients who have firewalls, and I want to detect if the firewall is working and if someone has changed the firewall settings, potentially opening a port to the outside world. Ideally, the tool should be open-source and self-hosted.

Hello Great community,

Due to Sophos XG being discontinued, we are moving to Palo Alto. There's no official migration tool available from Sophos to Palo Alto. I’d love to discuss & hear what steps or strategies you've used for such

Did you rebuild all configs manually from scratch?

Zone strategy? Have you created separate zones for segments ( LAN User, Servers, WAN, DMZ, Guest, IOT/OT)

Do you deny intra-zone default?

What was your actual go-live or cutover plan?

Thanks in advance.

Hello Team!

I have two switches connect via Layer 3 Link. Switch 1 is running MSTP in instance 0 and its the Root with IP address 10.10.10.1 and I will create p2p link with Switch 2 and it will 10.10.10.2.

We have access/distribution switches connect to Switch 1 and VLANS are tagged on the LACP ports. We have different VLAN's for this.

Switch2 is part of another Lab environment and it contains vlan interfaces and then it switches are connected to it. This have their own VLANS which are not used of Switch 1 and its down switches.

Should I create separate MSTP instance for the Switch 2 or I can use the same region and set the STP to high so that Switch 1 will always be the Root.

static routes are configured on these Switches to reach out to subnets connected to them.

Simple topology in the attached link.

https://imgur.com/a/CXr7QQN

Hello everyone,

I'm looking for an LLDP mapping tool, not a tool which draw me a complete map but one that can return me a recapitulatif from every switch on my sub-network which can tell me which ports are used and all the information about the neighbors.
Because sometimes i encounter big network on my client's site and we have to open every switches configurations to see the discovery table.

Thanks by advance

Hey everyone,

We're planning a complete network overhaul, and since I'm relatively new to IT, I’d love to get your opinions on our setup and future plans.

Current Infrastructure:

• 15x HPE Aruba 2540 48G PoE+ (Access)
• 2x HPE FF 5700-40XG-2QSFP+ (Core)
• 2x Sophos UTM 450 (Firewall)
• 2x HPE Aruba 2930M-24G (WAN)
• Aruba AP-555 (not using Aruba Central)

Right now, our core switch stack handles L3 routing for about 15 VLANs, and our WAN switches also do L3 routing for our ISP transfer network. All access switches, some Azure Stack HCI servers, and our backup infrastructure are connected to the core. The setup is fully redundant except for the cabling to the access switches. Clients are connected at 1G ports and Switch Uplinks and Core devices are all at 10G SPF+.

We have about 250 wired clients and 150 Wi-Fi clients, but our L3 routing traffic averages only around 150 Mbps, since it’s mostly standard office applications and general web browsing. Peaking at night at 2 Gbps for Backup.
With the EOL of the Sophos UTM 450 and lack of support for some switches, I’m now considering upgrading our hardware.

I’m leaning toward a FortiGate 201G as our new firewall and thinking about moving all L3 routing to the firewall. This would provide centralized management and make inter-VLAN rules easier to configure.

For switches, I’m debating between two options:

FortiSwitch 148F-POE (Access)
FortiSwitch 1024E (Core)

or

HPE Aruba 6100 PoE (Access)
HPE Aruba CX 8100 (Core)

I really like the idea of centralized management of both switches and firewall through FortiGate, but right now, Aruba switches seem to be more budget friendly.

What would you do in my situation? FortiSwitch or Aruba?

Your help would be greatly appreciated!

Hi Community,

iam looking for DIN Rail Switches.

1. DIN Rail
2. L2 manage able (L3 nice to have)
3. Out-of-Band IP-Management-Interface (No USB or other serial If)
4. CLI

PoE is nice to have.

What do you know? Seems to be an nice product.

For cabling up a LAN in a chemical laboratory that would consist of a mix of Admin, light industrial and industrial environments, we already know of and are comfortable with copper based STP ethernet cabling terminating with RJ45's.

With fiber optic cables and MICE categorisation, it seems that [MICE] element for element, STP copper cables fair better when compared to fiber optic.

Also, the site requirements for ONU or ONT location within harsher environments are not equally clear.

Would anybody here be able to shed more insight into the details of an FTTD deployment in environments harsher than Admin/Domestic settings.

Thanks in advance.

I'm wondering what folks' experience has been with any attempts to use service chaining within cloud networking constructs beyond the traditional single third party appliance. More than once I have run into a customer who is determined to forklift their entire on-prem service chain into the cloud with fairly terrible results. Worse even, I have had to help customers out of this situation after they've already moved in.

It's a conversation that keeps coming up: "We want to move to the cloud but keep our F5 and our Palo firewall"

There is a wealth of documentation out there on how to insert a third party firewall into an inspection hub, but almost nothing that I can find around a "best" way to have multiple appliances for different services within that same hub.

My experience so far as been that until a PBR-type construct comes to cloud routing, this type of setup always devolves into UDR hell.

My general advice has been don't do it, but the question keeps coming up so there is clearly demand.

Is anyone else running into this problem? How are you solving it?

What do you all use that not Ekahau to deploy a wireless network?

What Switch AP combination are you using thats enterprise level for high density envs.

Lets say a 30,000 sqf office/lab space.

It's Read-only Friday! It is time to put your feet up, pour a nice dram and look through some of our member's new and shiny blog posts.

Feel free to submit your blog post and as well a nice description to this thread.

Note: This post is created at 00:00 UTC. It may not be Friday where you are in the world, no need to comment on it.

Bonjour à tous,

Je cherche à me renseigner sur les salaires pour un ingénieur réseau dans la région Grand Est. Auriez-vous une idée des fourchettes salariales, que ce soit pour un profil junior, confirmé et senior ?

Je cherche à savoir si je peux rester dans cette région, et progresser raisonnablement. Sachant que sur ce poste, le plus haut taux de chômage se trouve ici…

Merci d’avance pour vos retours et vos conseils !

Using a packet sniffer, I noticed that Glasswire only scans the first 4 addresses of the first node octet of a network. That's a strangely worded sentence, so I'll elaborate.

I'm using a /16 network.
Let's say I'm using 10.3.0.0/16

All nodes on this network are addressed by replacing the zeros with some number.
Glasswire scans the network by iterating through the third octet, so it starts with 0...
10.3.0.1
10.3.0.2
10.3.0.3

etc...

The problem is it stops at 3.
Meaning, the last searches are...

10.3.3.250

10.3.3.251

10.3.3.252

10.3.3.253

10.3.3.254

10.3.3.255

[I have not idea why the line spacing changed]
Anyway, it's not searching the whole network.
It's searching 1.1% of available addresses and simply quits.
So no 10.3.4.0, 10.3.4.1 etc...
The percentages would be far worse with a /8 network.

Does anyone have a way to get this to behave properly?

Hello,

I work as a sales representative of a global-scope dedicated server provider company and I'm looking to expand my understanding of networking and the technical side of the product in general. However, I found that textbook-level literature is a bit TOO technical for my needs, and as a result, doesn't keep me interested.

What books can you recommend that talk about networking in a broader context?

An example of what I'm looking for is The Undersea Network by Nicole Starosielski but I'm open to trying pretty much anything.

Thank you!

Intel has open sourced Tofino backend and their P4 Studio application recently. https://p4.org/intels-tofino-p4-software-is-now-open-source/

P4/Tofino is not a highly active project these days. With the ongoing AI hype, high performance networking is more important than ever before. Would these changes spark the interest for P4 again?

It is my understand that old 10 Base-T (10mb/s) is a singaling protcol that is negiotated between devices and offers 10mb/s.

If the network was using old hubs with cat7 cabling would it still be 10 base-T based on if the hubs only supported 10 Base-T?

Does the 10 base-t always signify the underline physical cable or not?

https://www.justice.gov/opa/pr/justice-department-sues-block-hewlett-packard-enterprises-proposed-14-billion-acquisition

Here I was getting excited at the idea of getting my very own HPE edge routers and HPE SRX firewalls.

I've problem finding pecific mac addresses from fs switches. I We use these switch as access layer in our compus network, our clients can reach internet without any problems but server's mac not appear in fs CAM ( not listed by show mac address table).

So I'm not able to find port where server is connected.

Form distribution layer mac addresses are listed in downlink port channel.

Help :)

We are replacing a pair of Palo Alto firewalls mostly because Palo Alto is charging way too much for support and maintenance after the initial three years. We are also going to be sending all of our data to the cloud for threat processing, URL filtering, and so on instead of having the firewall do that.

We have three 1GB Internet connections so we need at minimum three gigabit of throughput. More would be better as Internet connections are only getting faster. Any recommendations on a basic firewall to just send data to the Internet? Fortinet is definitely one to look at. We considered OPNSense because they seem to have decent appliances, but we are in the USA and 8x5 support on European time is not good enough.

Hey, I leased a subnet for my business but I’m a bit new to networking. Got Verizon business FIOS internet but apparently they do not support BGP peering. Are there any providers known to support it so that I can connect to my subnet and use my IPs? We have some servers we’d like to connect and create VPS with the IPs but they’re rendered useless at the moment. No one in Verizon seems to know what BGP is

I have problems with the poe of a switch cisco Catalyst 9200L-48P-4X, when I connect an ap unifi model u7 pro max us, does not turn on, but immediately I connect another of the same model if I can turn on but restarts every 2 minutes.

Cisco Catalyst 9200L-48P-4X
Power per port: Up to 60W per port
Total PoE power: 740W

U7-Pro-Max-US
imput 48v

Hello all,

Does anyone have experience of a situation where a DHCP service will only work with packets which are broadcast from the client, i.e. relayed, but not with the typical <T2 renewal attempts which are unicast to the DHCP server directly?

Reading the RFC and various other articles my understanding of the DHCP process is as follows; once a client has a lease and it reaches 50% of the lease time, it will transition to "RENEWING" state and sends unicast requests directly to the DHCP server to renew its lease.

If this fails, at T2, 87.25% (7/8) of the lease time, it transitions into "REBINDING" state and sends broadcast requests to any DHCP server to renew its lease.

What we're observing with some client devices, it appears that once they reach T2, they stop any attempt to renew the lease, let it run out, drop connections, and then start from scratch with a discover. Is this something that is common / people see a lot, or should we lean on the client device vendor?

(Currently the network team is stuck between the client device vendor saying "honor unicast requests" and the DHCP provider saying "send out your broadcast requests". I know that the situation where the unicast is dropped is suboptimal, but it's out of our control, so please don't pile on that, we know.)