RE: stupid lab tricks you've used in production

From: Jim McBurnett (jim@tgasolutions.com)
Date: Fri Feb 29 2008 - 01:45:13 ARST

• Next message: Carlos Alberto Trujillo Jimenez: "Re: Help on frame-relay bridging (IE Lab 20 Q2.2)"
• Previous message: Todd, Douglas M.: "/32 advertisement with Rip and PPP interface:"
• Maybe in reply to: Swan, Jay: "stupid lab tricks you've used in production"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Ok I have one---
PBR routing at the edge with 2 different ISP address spaces on the NAT config of the ASA/PIX just to migrate 1 ISP to another, and using a second router to do it because the original router is the managed care router for the losing ISP. Not telling the losing ISP, and stringing along the provider about a contract to prevent problems.....

Easy configuration...
Was neat to do, and the end user was impressed..
Where else but a lab would you do this normally?

Later,
J

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Huizinga, Rene
Sent: Saturday, February 16, 2008 10:37 PM
To: Patrick Galligan; groupstudy
Subject: RE: stupid lab tricks you've used in production

Wow...now this is one of the best topics I've seen in a while here !
:)))

A quick brainstorm of some tricks: (not that wild)

- PBR to work-around a FW (now is that really a 'hack' ? :| )
- Strong ACL-summarisations via 'creative' wildcard-masks (quickly
stopped doing that, got complaints and not so well manageable :P )
- Multiple OSPF proc's + controlled re-distribution (now is that really
a 'hack' ? :| )
- Static ARP-entries to deny connectivity to certain segments w/out
using filtering (BOFH)
- Share HSRP-groups to workaround IOS-limitation (hate that though and
not really lab-trick :S)
- 'Creative' BGP next-hop rewriting

But the best...(on a Juniper though)
- Prepended another pub-AS to transit to steer that third parties
traffic, retaining normal connectivity with the peer-AS... :)) (special
case :P And hey, it worked...[VEG])

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Patrick Galligan
Sent: Friday, February 15, 2008 12:44
To: groupstudy
Subject: Re: stupid lab tricks you've used in production

On Thu, Feb 14, 2008 at 2:00 AM, Swan, Jay <jswan@sugf.com> wrote:
> So what's the weirdest thing you thought you'd only use in the lab,
> that you ended up using in production?
>

PBR on a pair of 6500 core switches to send traffic over some new links
to a business partner, 10 branches at a time. Wasn't my preferred option
but the decision makers weren't convinced that the successful pilot was
actually successful. Idiots. Found an IOS bug with that one too.

Multiple OSPF processes on some FWSMs to selectively send redistributed
statics in either direction. Wouldn't have needed OSPF at all if the
FWSMs supported HSRP or VRRP.

• Next message: Carlos Alberto Trujillo Jimenez: "Re: Help on frame-relay bridging (IE Lab 20 Q2.2)"
• Previous message: Todd, Douglas M.: "/32 advertisement with Rip and PPP interface:"
• Maybe in reply to: Swan, Jay: "stupid lab tricks you've used in production"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:50 ARST