Search results

I am not asking about how to route external traffic to the internal webserver. I am asking if it makes sense to isolate that webserver into its own vlan ( and all other web facing servers ), and use acls to block traffic to other internal parts. I wanted advice on how to structure that acl. I...

Can you elaborate a bit? What do you mean by a front end gateway? Traefik? HAProxy? Jump server? It seem rather cleaner to just put them all in their own vlan and block them off from the rest of the home network, no? Happy to learn the merits of what you are proposing.

I'd like to start hosting a website from my homelab. I am planning to put all publicly available websites into a separate vlan, then block it off using acl rules. Is this the right approach ? I'd like help with the acl rules . What should it be? I am also looking at using tailscale but want...

I am having connectivity problems hooking up my ICX-7250 to a Dell Poweredge R740 server . The Dell has an Intel X520/I350 daughter card. My connection uses a DAC cable from one of the 10G ports on the Intel card to one 10G port on the ICX-7250. My connection is very instable , with frequent...

It is entirely possible it is - I suspect that is the issue. In this case, it has a default dns server of 0.0.0.0 ( if you query the device for dns server info). Not sure if its returning 0.0.0.0 because its not getting the dns info from the ICX switch or its hardcoded. Can you give some...

I have an IoT device on my network which is not using the dns server on the ICX7250 and always defaults to 0.0.0.0. ( so cant resolve dns names). All other devices on my network correctly use the dns server ip I have setup on my 7250. Other devices on the same vlan as this IoT device have no...

@ArmedAviator What is the state of your ipv6 experimentation now? I am headed down that path but seems like a lot of moving parts . I have a pfsense box doing just firewall duties with layer 3 routing on a brocade box and dhcp handled by separate KEA dhcp servers.

@RobstarUSA - Did you ever get around to trying to setup mDNS/Bonjour ? I am interested in the outcome of this as well. It's quite surprising there isn't a good guide here on how to set this up properly on brocade switches. (working reliably, I mean ). Just like @nickf1227 , I can't seem to...

Interesting. I got a 7250 a few months back and have been planning to get another one for redundancy - in a stack. Are you saying it's a bad idea? I don't really need the ports. btw - can I stack a 7250-24 and a 7250-24P ?

@jasonwc @nerdalertdk seems both your setups have pfsense doing the routing, correct? my vlans are all on the switch . There seems to be a lot of igmp snooping and multirouting functionality built in so surprised its quite difficult to set this up. On pfsense, I simply installed pimd, which...

That's exactly what it was. Thank you and @fohdeesha for helping out. Now I need to figure out how to properly setup my management vlan .

done. created a new user with priority 0 and able to log in via console. Still getting this:

here it is: ICX7250-24 Router(config)# show run Current configuration: ! ver 08.0.95dT213 ! stack unit 1 module 1 icx7250-24-port-management-module module 2 icx7250-sfp-plus-8port-80g-module stack-port 1/2/1 stack-port 1/2/3 ! ! global-stp ! lag toProxmox dynamic id 1 ports ethe 1/2/1...

I can't seem to get ssh to work at all. My 7250 seems to working great, except I can't ssh into it, with password only ( no keys ), using ip ssh key-authentication no ip ssh password-authentication yes ip ssh interactive-authentication yes I also tried using ssh keys, but cant upload my...

@jasonwc avahi on the 7250 ? or somewhere else? I have avahi setup on pfsense, but the layer 3 traffic will not hit pfsense for intervlan traffic, no? So pim or multicast routing setup on the 7250 has no impact on mdns traffic between vlans ?

@Vesalius Thx for those links. I have read through them a few times but still not exactly sure what do. Did you turn igmp snooping off or on? Isn't it off by default? I did the following but still don't have connectivity for my sonos: I am sure I have it completely wrong. # from main...

On my 7250, I see the following ip options for multicast: ip multicast ip multicast-routing ip multicast-nonstop-routing what the difference? Also, do I need to enable both multicast routing and snooping to get things like sonos and apple bonjour to work? ip multicast version 3 router pim

@CED6688 - I am trying to do this on a 7250 and have no idea how to set it up. I have pfsense running frr bgp and a kubernetes cluster that cant reach it via metallb. Any pointers how to set this up?

I am trying to setup my 7250 with pfsense as bgp router for kubernetes. Can't get bgp to work on pfsense. Connected to the pfsense via a layer 3 transit. Anyone has any pointers on how to set this up? Is this a route distribution issue? Do I need to do anything on the 7250 to allow bgp traffic?

@Blue)(Fusion thanks for this. Will get me started. 3 questions: Does this allow incoming traffic from another vlan? e.g. I will have a printer sitting in this dmz. Does this restrict access to that printer from other vlans on the network? The devices in the dmz wont need to talk to each...