On Monday 14 July 2008 13:44:02 Vikas Sharma wrote:
My questio is - does BFD implementation in Cisco support
Juniper / Huawei CPE? Does Cisco's implementation is as
pe standard? has anyone tested it?
We run BFD between our Cisco and Juniper kit - works fine,
nothing fancy in the
Aha. GPON requires ONT installed at the downside of the PON ray. ONT itself can
host different interfaces (and provide corresponding services). NOTE: having
GPON be able to transport 802.1q and sometimes even Q-in-Q transport someone
could select end up ONT's Ethernet interface with switch
Hi Oli,
Does this mean that for example, you have 2 LANs, one in a VRF and one in
the global, then they can't communicate?
I have a situation where your WAN is in a VRF, the LAN in the global. For
Internet access, I use NAT. Saw the packet come back to the router but
doesn't know how to get out
Hi,
We're provisioning a new customer location in a VRF on two PEs working
together using HSRP.
The one PE reports:
Jul 14 13:37:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface
vrf_238_vlan0, changed state to down
Jul 14 13:37:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Oliver,
I tried that but it doesn't seem to work. The IP that exists in the
global routing table (just an interface on the router) is not pingable
from within the VRF. It also does not work as a next hop.
-Jason
Oliver Boehmer (oboehmer) wrote:
Jason Berenson wrote on Monday, July 14,
I am writing a simple bgp client and want use this client to send blacklist
prefix to router. My goal it to add and remove blackhole routes automatically.
First, I add static route 192.0.2.1/32 to null 0 in a router. Then
start my simple program
opening a bgp session and sending update to this
I seem to have backed myself into a corner and am looking for suggestions...
Our campus is largely RFC1918 internally. The original hub-and-spoke
design was along the lines of assigning a 10.x.x.x/16 or larger block to
significant buildings, so each building was it's own routed domain
Hello All,
We are running a 6500/sup720-3BXL wit 12.2.18SXF13
A DoS attack 300,000pps was sent to an IP address which directly
connected, but not in use by a machine.
The arp entry for the target IP address is incomplete.
This caused interrupt based CPU to 90+ %, which in turn caused
OSPF/BGP
Hi Jeff,
I'm not sure I understand the problem with identity NAT (no
nat-control). It does default to all interfaces, but the ACL checks will
happen before the NAT translation is built so you can control your
access there?
Sam
Jeff Kell wrote:
I seem to have backed myself into a corner and
Zhang Huanjie wrote on Monday, July 14, 2008 4:35 PM:
I am writing a simple bgp client and want use this client to send
blacklist prefix to router. My goal it to add and remove blackhole
routes automatically.
[...]
While sending updates to a GSR 12404 running IOS XR 3.6.0, it seems
On Mon, 2008-07-14 at 18:07 +0200, Iddo wrote:
We are running a 6500/sup720-3BXL wit 12.2.18SXF13
A DoS attack 300,000pps was sent to an IP address which directly
connected, but not in use by a machine.
The arp entry for the target IP address is incomplete.
This caused interrupt based CPU
Hi everyone,
I'm currently working on some testing for a potential project that would
involve a number of remote sites that require encrypted traffic to flow between
them, as well as them performing BGP with a number of upstreams, and IX's.
The current router of choice (before the IPSec VPN's
What about the return path? What did you do to get traffic back into the VRF?
Also, what do you mean it does not work as the next hop? Did the static route
not appear in the routing table after you added it? Can you give us some
config output/show ip route vrf output?
Jason Berenson
R1#show ip route vrf priv
Routing Table: priv
Gateway of last resort is 209.212.66.1 to network 0.0.0.0
209.212.64.0/29 is subnetted, 1 subnets
C 209.212.64.176 is directly connected, GigabitEthernet0/1.1000
S* 0.0.0.0/0 [1/0] via 209.212.66.1, GigabitEthernet0/1.1000
ip route
For 512 packet size, we also see ~60M. If you could force the packet to be
~1200-1300 in size, then performance will be better...not that much though.
You should give the VSA a try, throughput could be up to ~160M :)
-luan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Hi Ajay
if auto-summary is enabled with classful network command, all spesfic routes
will be summarized to class boundary so for the below example , only
10.0.0.0/8 will be advertised
best regards
--Ibrahim
On Mon, Jul 14, 2008 at 8:39 PM, Ajay Chenampara [EMAIL PROTECTED]
wrote:
Hi,
I was
deny tcp any eq 443 any
deny tcp any any eq 443
Luan M Nguyen wrote:
For 512 packet size, we also see ~60M. If you could force the packet to be
~1200-1300 in size, then performance will be better...not that much though.
You should give the VSA a try, throughput could be up to ~160M :)
-luan
Hi,
I have a strange-ish problem. I've configured an IPSec tunnel between a
7206 NPE-G1 12.4(12) with SA-VAM2+ and an ASA 5550 7.2(4). For some
reason traffic only gets encrypted ASA-7200, not the other way.
The traffic that doesn't get encrypted comes from a VRF Lite
subinterface on the back of
Peter Rathlev wrote:
Hi,
The traffic that doesn't get encrypted comes from a VRF Lite
subinterface on the back of the 7200. This VRF has a static 0/0 route
with a global next hop, and the global table has a static route pointing
the other way.
Sure would make things simpler if inter-vrf
on the 7200, map ipsec tunnel to the vrf instance? - iskamp profile?
On Mon, Jul 14, 2008 at 8:46 PM, Peter Rathlev [EMAIL PROTECTED] wrote:
Hi,
I have a strange-ish problem. I've configured an IPSec tunnel between a
7206 NPE-G1 12.4(12) with SA-VAM2+ and an ASA 5550 7.2(4). For some
Only work if it's a front VRF right? Might have to move the vrf to the WAN
to be able to utilize the VRF aware IPSEC.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christian Koch
Sent: Monday, July 14, 2008 9:59 PM
To: Peter Rathlev
Cc: cisco-nsp
Hello all
I have some interfaces on my networks (gigabit / ethernet) which report a huge
amount of giant packets. What is the cause of giant packets? Is their any
methodology or any good document which details the way to troubleshoot giant
packets?
All responses will be appreciated.
22 matches
Mail list logo