my subscriptions
hhhax7 commented on a post in r/AskNetsec
hhhax7 1 point

You really don't need to setup labs for security+. I mean it never hurts, but the main reason people setup labs for CCENT/CCNA is to get hands on with the commands and configurations you need to know for the test. Those aren't needed at all for security plus.

chuckbales 1 point

Keep in mind, packets/frames don't decide anything - once they're put on the wire by the sending device, the packet itself doesn't decide anything, everything is left up to the routers/switches/etc.

When a broadcast frame is sent to a switch, if it has a VLAN ID tagged and the switch also that VLAN ID tagged on the interface, the switch will flood the frame out all the ports that either have that VLAN ID tagged (like trunk ports) or are untagged in that specific VLAN (access ports in the VLAN).

hhhax7 1 point

the switch will flood the frame out all the ports that either have that VLAN ID tagged (like trunk ports) or are untagged in that specific VLAN (access ports in the VLAN).

That's what I was getting at, just didn't really know how to word it.

So another question, and it might be a dumb one. Once the mac address is saved to the mac table and the switch knows exactly what interface to send frames destined to that mac and does not need to flood, is that vlan still considered a broadcast domain? Like if nothing is broadcasting, or flooding because the macs are known and saved, is it still considered a broadcast domain?

chuckbales 1 point

VLANs are always broadcast domains - the idea of a broadcast domain is that any broadcast will be flooded within that domain but won't leave it. E.g. a broadcast in VLAN 10 won't be seen by any device in VLAN 20 but will reach all devices in VLAN 10. A broadcast domain is just a concept, it's not something that goes away if a device isn't actively sending a broadcast.

You may be thinking of unknown unicast flooding, which is a special case of broadcast flooding. Normal broadcast traffic has a destination MAC address of all F's (ffff.ffff.ffff), and when the switch sees a frame with a destination of ffff.ffff.ffff it will forward it out all ports besides the port it came in on.

Unknown unicast is where a frame is destined to a specific MAC address (aaaa.bb12.3456) but the switch doesn't know where aaaa.bb12.3456 lives. In this case, the switch will flood the frame out all ports, and if the device is actually on the network when it responds the switch will update its table with the port the response was seen coming into. Then the next time a device tries to talk to aaaa.bb12.3456, the switch doesn't need to flood the frame because it knows which port the device is connected to.

hhhax7 1 point

So I didn't realize there was different kinds of flooding. I thought flooding was just a general term of what a switch does with a frame when the destination mac address is not on the mac-table. If you don't mind, could you give me an example of when regular broadcast flooding is used, and also when unicast flooding is used. I was always thinking they were the same thing.

Load more comments
Chckensammich 10 points

Dial #7465625*638*# Then follow the prompts and make sure you enter your code correctly. You only get a few attempts. Fail too many times and your phone will be locked permanently.

hhhax7 1 point

thanks man it worked!

washu_k 5 points

There is no "signal" from your ISP that determines what kind of WiFi you can use. You can use any router you want as long as it has Ethernet WAN. However there are a lot of super low end and thus shitty N routers out there. A low end router may be too slow to support your speed properly. Or it could be WiFi interference as low end N routers are 2.4 GHz only.

What is the exact router you are attempting to use?

hhhax7 1 point

It was a Linksys/Cisco N wirelss router, don't know the exact model off the top of my head, but I think it may be the E100 wireless N router. If its not that, it looks exactly like it.

washu_k 3 points


You mean the E1000? Yeah that thing is junk. The problem isn't N WiFi, but just a crappy router. A good dual band N router would work fine.

hhhax7 1 point

Gotcha. I ordered them a TPlink archer c50, I have one at home and it works great so I am going to set that up for them.

rrtorres1991 9 points

Each port on the switch is its own collision domain, not all the ports on the switch itself. When you refer to each switch being a collision domain, you are referring to a hub. Hubs place all the ports in a single collision domain which is why half duplex is used when hubs are in play.

The ports on the switch and the workstation all support full duplex. This means they can transmit and receive data at the same time, therefore no collisions occur. Additionally, VoIP phones have an internal switch that allows it to connect to the access layer switch and your workstation at the same time. Each of these connections is essentially a separate collision domain (i.e. network to phone and phone to workstation).

hhhax7 2 points

So usually VOIP is a separate VLAN. Would that switchport have to be set to trunk then for that setup?

hhhax7 commented on a post in r/StartingStrength
m_sporkboy 0 points

These look pretty good.

I'm nervous about your wrist position; that bend may indicate a lot of pressure transmitting to your elbows that may cause you problems later.

The reps kinda looked high to me, but it's impossible to tell for sure with the rack in the way, and it may just be the camera angle. If you've previously verified that they're deep enough, these are probably fine too.

hhhax7 2 points

Just a question but isn’t he leaning a little too far forward? I feel like squats should be more upright. Like the end of his rep seems like a 2 part motion, coming up and then straightening his back. Not knocking you OP, just asking.

shortstop20 3 points

Auto negotiation should always be used unless reasons dictate otherwise.

Even if a client won't negotiate, you should check for updated drivers first for that client before considering hard coding the speed and/or duplex.

hhhax7 1 point

So if you use auto negotiate on a switch but my NIC is not on auto negotiate, will they link up?

chuckbales 2 points

If one side is auto/auto, and the other side is hard-coded at 100Mb, the auto/auto side will try to link up at 100Mb/half-duplex. This is bad to do but the link will be up.

If you leave one side auto/auto and the other hard-coded to 1Gb, I believe the auto/auto port will not link up at all.

Bottom line - leave everything auto/auto unless you have a very good reason not to, in which case hard-code both sides to the same settings.

hhhax7 1 point

Got it. Thanks for the reply!

Load more comments
CB_Cubbie 2 points

Cisco has a great example:

Consider the IP address If you calculate the subnet address corresponding to this IP address, the answer you arrive at is subnet (subnet zero). Note that this subnet address is identical to network address, which was subnetted in the first place, so whenever you perform subnetting, you get a network and a subnet (subnet zero) with indistinguishable addresses.

hhhax7 3 points

you calculate the subnet address corresponding to this IP address, the answer you arrive at is subnet (subnet zero).

Why is it assumed then that it is a /16 subnet. How do we know that isn't a /24? Or are we not using CIDR and going back to classes of subnets?

a_cute_epic_axis 1 point

no, other than those locally defined on the switch as a backup

hhhax7 1 point

Gotcha. I am not familiar with this because all of our switches use local log ins. We have not yet utilized any management software for our switches/routers. Becomes a pain when we need to apply a config change to all 200 or so switches.

a_cute_epic_axis 1 point

Logins are not cached, so if you disconnect the AAA server, any accounts on that server will cease to function.

hhhax7 1 point

ok so if you are connected to an AAA server do a show run from the switch, will you see any usernames in the running config?

Load more comments
view more:
next ›


14,913 Karma
13,024 Post Karma
1,889 Comment Karma

Following this user will show all the posts they make to their profile on your front page.

About hhhax7

  • Reddit Birthday

    December 10, 2015

Other Interesting Profiles

    Want to make posts on your
    own profile?

    Sign up to test the Reddit post to profile beta.

    Sign up