Andy Fradelakis
CCIE #56533

If you are on a budget and need network monitoring, then my go-to choice would be Observium. I’ve used it at several companies and it handles the job well.

Check it out at: https://www.observium.org/

One of the best route servers I’ve ever used is: route-views.oregon-ix.net. So, to get started simply telnet to that hostname. You’ll see a prompt like this:

Next, simply type: show ip bgp x.x.x.x . Take a look at sample output below.

route-views>sh ip bgp 8.8.8.8
BGP routing table entry for 8.8.8.0/24, version 13172
Paths: (29 available, best #29, table default)
  Not advertised to any peer
  Refresh Epoch 1
  3267 15169
    194.85.40.15 from 194.85.40.15 (185.141.126.1)
      Origin IGP, metric 0, localpref 100, valid, external
      path 7F5753E5EB78 RPKI State not found
      rx pathid: 0, tx pathid: 0
  Refresh Epoch 1
  57866 15169
    37.139.139.17 from 37.139.139.17 (37.139.139.17)
      Origin IGP, metric 0, localpref 100, valid, external
      Community: 57866:11 57866:304 57866:501
      path 7F579ABA9908 RPKI State not found
      rx pathid: 0, tx pathid: 0
  Refresh Epoch 1
  3333 15169
    193.0.0.56 from 193.0.0.56 (193.0.0.56)
      Origin IGP, localpref 100, valid, external
      Community: 6777:65011 6777:65023
      path 7F56FAE6D748 RPKI State not found
      rx pathid: 0, tx pathid: 0
  Refresh Epoch 1
  20912 15169
    212.66.96.126 from 212.66.96.126 (212.66.96.126)
      Origin IGP, localpref 100, valid, external
      Community: 20912:65016
      path 7F5816058640 RPKI State not found

Using route servers is particularly useful to see if a carrier/company is announcing your prefix. Play around with it and have fun!

If you notice in Monitor > Logs > Traffic or Monitor > Logs > User-ID the User field showing a client as “domain.com\username” instead of username@domain.com, please login via CLI and run the following command:

debug user-id reset user-id-manager type all

All users will need to disconnect/reconnect for the tables to start populating correctly again.

I had to figure this one out on my own as Palo tech support could not figure it out. :-\

I was troubleshooting a network last week and came across a situation where I wanted to use /31 subnets on Mikrotik routers. I added the address like usual with the /31 mask and it took the configuration however the CPE was having issues getting out to the internet still.

I’ve used /31’s plenty of times on Cisco devices and the Mikrotik did take the /31 mask so I was a bit confused. Turns out Mikrotik does not actually support /31 subnets properly. The workaround for this issue was to set the ip address on the Mikrotik side as a /32 and set the ip address of the CPE as the “network” address.

Then things worked “properly”. Until Mikrotik comes out with support for /31’s, this is the easiest solution.