Re: [c-nsp] ASR9000/RSP440 Console Issue
On (2012-06-13 23:03 +0200), Asbjorn Hojmark - Lists wrote: > You still get true OoB management on the N7K Sup2, just not the CMP > interface. Ask your servers guys if RS232 fate-sharing main OS is OOB. They've gotten this right for over decade. > That being said, the CMP can't have added much cost to the sup, so since > there are (corner) use cases where it makes sense, it's still kind of > strange that they've dropped it. No. Considering Intel mobo with proper OOB costs like <80EUR. On CMP you can upload images, on on-band RS232 you cannot (most don't even support anymore and even those which do it's not practical, as it takes less time time go on-site, short of moon nazis Internet, and while they pay well, we thought it was unethical to provide connectivity). On CMP you can build cheap OOB network (eth switches cost nothing compared to proper RS232 server like Avocent) CMP has better latency, much nicer to work over than RS232 Who has not ever had problem with Cisco or Juniper where RS232 has been dead? Maybe it was pilot error (image deleted, box reloaded), maybe it was software defect hard crashing it or reloading in loop. Maybe it was simply newly istalled box delivered without image. I'd say kill the on-band RS232 and roll CMP only. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] netflow not recording correct origin-as
It's been a very long time since I touched netflow, but I recently installed FlowViewer since I wanted to grab some stats (we collect netflow data, but don't do much with it) since we are transit shopping. Thought it would be interesting to see, for example how much traffic ends up somewhere like cogent to see if it's worth throwing them in the mix. After digging up from FlowViewer to "sh ip cache verbose flow", I'm starting to think either I totally misunderstood how this works or there's something wonky with IOS. We have our own AS and we have transit to HE.net and Level3. If I run any report in flow-tools or flowviewer that shows source/destination AS counts, it shows about 99% of my traffic with a source or destination AS of 3356. This is obviously not true - traffic graphs show that we run about 2/3 inbound from HE. When I look at the src/dst AS in "sh ip cache verbose flow", I see the same thing. Here's a single line showing what I believe is incorrect AS info: SrcIf SrcIPaddressDstIf DstIPaddressPr TOS Flgs Pkts Port Msk ASPort Msk ASNextHop B/Pk Active Fa2/0 86.21.123.0 AT3/0.2535 216.220.114.xxx 06 00 02 2 E055 /0 3356 2D3D /32 0 216.220.114.xxx52 2.9 That's a flow from 86.21.123.0 which is AS 5089 to one of our customers. Fa2/0 is HE.net. So not only is this flow not sourced from AS3356, it's not even coming in via our transit link to 3356. This seems totally wrong. I'm on a 7206 w/an NPE-G2. IOS 12.4(24)T6. Both transit links have "ip flow ingress" and "ip flow egress". I also started with just ingress on those interfaces as well as an ATM OC-3 interface and another GigE port, but the ATM interface did not seem to be grabbing flows from the subinterfaces. My AS problem is the same with either configuration. My export config is this: ip flow-export source Loopback0 ip flow-export version 5 origin-as ip flow-export destination 216.220.107.41 9800 ip flow-top-talkers top 40 sort-by packets Am I doing something obviously wrong here? Thanks, Charles -- Charles Sprickman NetEng/SysAdmin Bway.net - New York's Best Internet www.bway.net sp...@bway.net - 212.655.9344 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G alternative
On 6/13/2012 8:01 AM, Reuben Farrelly wrote: I have a requirement for a 1G/10G access switch also for a meet-me room project I am working on, and the 4500-X ticks all the boxes - except for the MPLS capability. The lack of this feature means I will likely have to backhaul data back to an MPLS capable switch or an ASR1k in another location. I don't need a unit which can handle 24x10G (240G) of sustained throughput but I do need to plan for a handful of 10G handoffs which may do 2 or 3 Gbps in the near future. Two 10G uplink ports isn't enough, and the 7600 platform looks to be ridiculously expensive for this sort of thing (not to mention space and power requirements). A cross between a 4500-X and ME3600X/ME3800X would be an absolutely killer box. Then again, I guess that would involve Enterprise and Service Provider BU's within Cisco talking (Gert?) ;) Reuben On 13/06/2012 10:44 PM, Andrew Miehs wrote: Sent from a mobile device On 13/06/2012, at 22:00, scott owens wrote: for those of you looking at the sup720-10G or 7k ( I have sets of both of them as well ), take a look at Ciscos new 4500X 1U 10G/1G switch/router. With an SFP+ ZR optic this can do just about anything an X2 or XenPak 6704/6708/6716 could do. Except mpls :( ___ Nexus 7004? :) tv ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G (6509 VSS Engine) 10G Port Issue
Many thanks for your clarification. Thanks and regards, Xu Hu On 14 Jun, 2012, at 7:09, Łukasz Bromirski wrote: > On 2012-06-13 05:55, Pete Templin wrote: >> On 6/12/12 11:06 AM, Łukasz Bromirski wrote: >> >>> In reality, Sup720-10GE sold with the "VS" prefix is a >>> perfectly normal Supervisor. What is changed is that the >>> fabric matrix is actually 20x20Gbit/s not 18x20Gbit/s, so >>> you get additional 2 channels for 20Gbit/s. >> >> Oh, is that for the 6511 chassis? > > 6511? Never heard about it. > >> 18x20Gbit/s means 2x20Gbit/s per slot * 9 slots, so the Supervisor slots >> already have 2x20Gbit/s feeding them to drive the front-panel ports. > > Why would they need a 19th or 20th channel? > > To drive the uplink (2x10GE) at full speed without oversubscription, > as those are VSL links. > > In old Sup720 design, the Supervisor itself is connected to the > fabric using one channel. This channel is used by Hyperion ASIC > to provide for bus interface, and multicast/SPAN features. Because > there's no other way to connect the uplinks on the Sup itself, the > Hyperion has it's interface also terminating the uplinks (2xGE) > thus limiting effective throughput/etc. BTW, both PFC and MSFC > are also connected to the rest of the chassis linecards by Hyperion > (PFC) and Pinnacle (MSFC). > > On the Sup720-10GE, the separate, 19th channel is used to connect > the uplinks directly into fabric. Hyperion is still there, it still > takes the channel "belonging" to the slot which Supervisor itself > is in, but thanks to such design doesn't limit in any way > performance you can achieve on the 2x10GE uplinks (or 4xGE). In > the new design, Hyperion takes care of providing connectivity to MSFC3 > complex, while Metropolis (ASIC terminating the uplinks and connected > to fabric) takes care of providing transport to PFC3C/CXL. > > The 20th channel is used in the same fashion for the redundant > Sup if it's inserted into chassis. > > Hope that clears it a bit. > > -- > "There's no sense in being precise when | Łukasz Bromirski > you don't know what you're talking | jid:lbromir...@jabber.org > about." John von Neumann |http://lukasz.bromirski.net > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G (6509 VSS Engine) 10G Port Issue
On 2012-06-13 05:55, Pete Templin wrote: On 6/12/12 11:06 AM, Łukasz Bromirski wrote: In reality, Sup720-10GE sold with the "VS" prefix is a perfectly normal Supervisor. What is changed is that the fabric matrix is actually 20x20Gbit/s not 18x20Gbit/s, so you get additional 2 channels for 20Gbit/s. Oh, is that for the 6511 chassis? 6511? Never heard about it. 18x20Gbit/s means 2x20Gbit/s per slot * 9 slots, so the Supervisor slots already have 2x20Gbit/s feeding them to drive the front-panel ports. > Why would they need a 19th or 20th channel? To drive the uplink (2x10GE) at full speed without oversubscription, as those are VSL links. In old Sup720 design, the Supervisor itself is connected to the fabric using one channel. This channel is used by Hyperion ASIC to provide for bus interface, and multicast/SPAN features. Because there's no other way to connect the uplinks on the Sup itself, the Hyperion has it's interface also terminating the uplinks (2xGE) thus limiting effective throughput/etc. BTW, both PFC and MSFC are also connected to the rest of the chassis linecards by Hyperion (PFC) and Pinnacle (MSFC). On the Sup720-10GE, the separate, 19th channel is used to connect the uplinks directly into fabric. Hyperion is still there, it still takes the channel "belonging" to the slot which Supervisor itself is in, but thanks to such design doesn't limit in any way performance you can achieve on the 2x10GE uplinks (or 4xGE). In the new design, Hyperion takes care of providing connectivity to MSFC3 complex, while Metropolis (ASIC terminating the uplinks and connected to fabric) takes care of providing transport to PFC3C/CXL. The 20th channel is used in the same fashion for the redundant Sup if it's inserted into chassis. Hope that clears it a bit. -- "There's no sense in being precise when | Łukasz Bromirski you don't know what you're talking | jid:lbromir...@jabber.org about." John von Neumann |http://lukasz.bromirski.net ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6500 router hangs (IPV4 routing slows to a crawl) when IPV6 routing is enabled with VRFs.
On Jun 13, 2012, at 8:03 AM, Jim Trotz wrote: > > if you notice in the above CLI output " The slot 5 is busy, try later. > Status = 8" this is because the SP goes to 99% cpu utilization on the "CFIB > LC QUEUE BO" process for about 5 minutes. > > I am going to try (in our lab) to reconfigure the box to put the Internet > routes in the global table and the "inside" routes in a VRF (swap the > tables). I'd be curious to the results. Deep down inside, I'm thinking that this cpu busyness as the tcam gets reprogrammed with 500k entries all at once might just be expected behavior on the sup720. Dale ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues
I didn't have time to check. Going to bring it down again tonight and run more tests. Also thinking i might default the router config and build it back up piece by piece to see if i can find the issue. On 6/13/2012 4:22 PM, Chuck Church wrote: Probably not a single reference. Have you verified on the outside world that your prefixes are seen? If you haven't, what are they, most people on this list can verify. Obviously you'd have to do that while running 15.1... Chuck -Original Message- From: Chris Gotstein [mailto:ch...@uplogon.com] Sent: Wednesday, June 13, 2012 5:16 PM To: Chuck Church Cc: 'cisco-nsp' Subject: Re: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues Prefix-lists remained the same. Verified that. Is there a list somewhere of the default commands for 12.4 and 15.1M? On 6/13/2012 4:10 PM, Chuck Church wrote: Did you confirm that the prefixes you were sending via BGP under 12.4 didn't disappear when running 15.1? Are your peers still accepting them? It's possible a default changed that is affecting your advertisement. Chuck -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Gotstein Sent: Wednesday, June 13, 2012 4:35 PM To: cisco-nsp Subject: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues I have a 7204VXR with NPE-G1 that is running 12.4.25f Advanced Services. This router is acting as our main connection to the internet running full BGP routing connected to 2 providers via ethernet. I'm wanting to upgrade to 15.1M Advanced Services w/ LI. After loading the router with IOS 15.1M, the router comes up correctly, all BGP sessions come up correctly and the routing table looks correct. I can ping the outside world from the router. When i try to access the internet from another station, all traffic dies at this router. I can ping all interfaces on the router from any workstation. I have sanitized configs for those that would like to see them. This is a pretty basic setup, not doing anything fancy. Soon as I load 12.4 back on the router and reload, everything comes back up just fine. Any thoughts? -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ASR9000/RSP440 Console Issue
On 13/06/2012 20:57, Saku Ytti wrote: > Just heard that Nexus7k SUP2 does not have CMP. According to Ron Fuller and > Tim Stevenson customers didn't need it. > Here I was hoping we'd finally start getting OOB for routers and switches. This is a Real Switch for Real Operators. If you want proper OOB, go out and buy yourself some crappy €800 server with iDRAC, ILO or RSA, any of which will give you full remote console access, power cycle control and comprehensive management software. Real Operators don't need proper OOB. They drive to lights-out facilities at 02:00 in the morning and praise their vendors at loud volume for providing them with the opportunity for showing off their operational machismo by hitting a power switch in person. Man up, Saku. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues
Probably not a single reference. Have you verified on the outside world that your prefixes are seen? If you haven't, what are they, most people on this list can verify. Obviously you'd have to do that while running 15.1... Chuck -Original Message- From: Chris Gotstein [mailto:ch...@uplogon.com] Sent: Wednesday, June 13, 2012 5:16 PM To: Chuck Church Cc: 'cisco-nsp' Subject: Re: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues Prefix-lists remained the same. Verified that. Is there a list somewhere of the default commands for 12.4 and 15.1M? On 6/13/2012 4:10 PM, Chuck Church wrote: > Did you confirm that the prefixes you were sending via BGP under 12.4 > didn't disappear when running 15.1? Are your peers still accepting > them? It's possible a default changed that is affecting your advertisement. > > Chuck > > -Original Message- > From: cisco-nsp-boun...@puck.nether.net > [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Gotstein > Sent: Wednesday, June 13, 2012 4:35 PM > To: cisco-nsp > Subject: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues > > I have a 7204VXR with NPE-G1 that is running 12.4.25f Advanced Services. > This router is acting as our main connection to the internet running > full BGP routing connected to 2 providers via ethernet. I'm wanting > to upgrade to 15.1M Advanced Services w/ LI. After loading the router > with IOS 15.1M, the router comes up correctly, all BGP sessions come > up correctly and the routing table looks correct. I can ping the outside world from the router. > When i try to access the internet from another station, all traffic > dies at this router. I can ping all interfaces on the router from any workstation. > I have sanitized configs for those that would like to see them. This > is a pretty basic setup, not doing anything fancy. Soon as I load > 12.4 back on the router and reload, everything comes back up just fine. Any thoughts? > > -- > > Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. > http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com > > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues
Prefix-lists remained the same. Verified that. Is there a list somewhere of the default commands for 12.4 and 15.1M? On 6/13/2012 4:10 PM, Chuck Church wrote: Did you confirm that the prefixes you were sending via BGP under 12.4 didn't disappear when running 15.1? Are your peers still accepting them? It's possible a default changed that is affecting your advertisement. Chuck -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Gotstein Sent: Wednesday, June 13, 2012 4:35 PM To: cisco-nsp Subject: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues I have a 7204VXR with NPE-G1 that is running 12.4.25f Advanced Services. This router is acting as our main connection to the internet running full BGP routing connected to 2 providers via ethernet. I'm wanting to upgrade to 15.1M Advanced Services w/ LI. After loading the router with IOS 15.1M, the router comes up correctly, all BGP sessions come up correctly and the routing table looks correct. I can ping the outside world from the router. When i try to access the internet from another station, all traffic dies at this router. I can ping all interfaces on the router from any workstation. I have sanitized configs for those that would like to see them. This is a pretty basic setup, not doing anything fancy. Soon as I load 12.4 back on the router and reload, everything comes back up just fine. Any thoughts? -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues
Did you confirm that the prefixes you were sending via BGP under 12.4 didn't disappear when running 15.1? Are your peers still accepting them? It's possible a default changed that is affecting your advertisement. Chuck -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Gotstein Sent: Wednesday, June 13, 2012 4:35 PM To: cisco-nsp Subject: [c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues I have a 7204VXR with NPE-G1 that is running 12.4.25f Advanced Services. This router is acting as our main connection to the internet running full BGP routing connected to 2 providers via ethernet. I'm wanting to upgrade to 15.1M Advanced Services w/ LI. After loading the router with IOS 15.1M, the router comes up correctly, all BGP sessions come up correctly and the routing table looks correct. I can ping the outside world from the router. When i try to access the internet from another station, all traffic dies at this router. I can ping all interfaces on the router from any workstation. I have sanitized configs for those that would like to see them. This is a pretty basic setup, not doing anything fancy. Soon as I load 12.4 back on the router and reload, everything comes back up just fine. Any thoughts? -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ASR9000/RSP440 Console Issue
> Just heard that Nexus7k SUP2 does not have CMP. According to Ron Fuller > and Tim Stevenson customers didn't need it. Here I was hoping we'd finally > start getting OOB for routers and switches. You still get true OoB management on the N7K Sup2, just not the CMP interface. >From the top of my head, the only situation where the CMP is useful is when the CP is dead, but then you most likely will want to reload the sup anyway, and that can be done from the second sup. That being said, the CMP can't have added much cost to the sup, so since there are (corner) use cases where it makes sense, it's still kind of strange that they've dropped it. -A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] 7204VXR NPE G1 Upgrade from 12.4 to 15.1M Issues
I have a 7204VXR with NPE-G1 that is running 12.4.25f Advanced Services. This router is acting as our main connection to the internet running full BGP routing connected to 2 providers via ethernet. I'm wanting to upgrade to 15.1M Advanced Services w/ LI. After loading the router with IOS 15.1M, the router comes up correctly, all BGP sessions come up correctly and the routing table looks correct. I can ping the outside world from the router. When i try to access the internet from another station, all traffic dies at this router. I can ping all interfaces on the router from any workstation. I have sanitized configs for those that would like to see them. This is a pretty basic setup, not doing anything fancy. Soon as I load 12.4 back on the router and reload, everything comes back up just fine. Any thoughts? -- Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P. http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ASR9000/RSP440 Console Issue
> > Just installed some brand spanking new RSP440's into a couple of > > ASR9006's and having a helluva time with the console connection. > > Any Cisco ERBU/CRBU lurking, you should take page from ISBU playbook, can > copy CPM. Just heard that Nexus7k SUP2 does not have CMP. According to Ron Fuller and Tim Stevenson customers didn't need it. Here I was hoping we'd finally start getting OOB for routers and switches. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS and BPDU
On (2012-06-13 16:18 +0200), Daniel Verlouw wrote: > and note this document only applies to L2CP with destination macs in > the 01-80-C2-00-00-00 to -0F range. E.g. for Cisco and others > proprietary stuff using other macs you can do whatever you please. So would your interpretation of VLAN based options be, that tunneling means explicitly frames which have STP DMAC during transit? If I've changed the STP DMAC for EVP-LAN transit, I'm not sending STP DMAC and I'm not violating the requirement of peering STP? I'm fearing that I'm trying to be 'clever' working around with intent of the standard. But if this is within the spirit of the standard, and I can say I'm EVP-LAN compliant when I'm rewriting STP DMACs during transit , this is great news. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS and BPDU
On Wed, Jun 13, 2012 at 3:13 PM, Saku Ytti wrote: > On (2012-06-13 10:34 +0200), Daniel Verlouw wrote: > The URL I linked, which clarifies BPDU handling, section 8.1.3 'L2CP > Requirements for Ethernet Private LAN (EP-LAN) Service' says 'Must Peer on > all UNIs or Discard on all UNIs' > > I'm having great troubles understanding 8.1.3 as permission to tunnel. as explained in 8.1, it's a two step logic; First step is based on destination mac only. STP destination mac is 01-80-C2-00-00-00, so for EP-LAN, table B applies, which reads "must tunnel". Second step (table F in 8.1.3) only comes into play for destination macs 01-80-C2-00-00-01 through -0A and 01-80-C2-00-00-0E, but STP does not run on those macs at all normally so only step 1 applies. and note this document only applies to L2CP with destination macs in the 01-80-C2-00-00-00 to -0F range. E.g. for Cisco and others proprietary stuff using other macs you can do whatever you please. -- Daniel. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Gigabit link between 2960S and 4948 won't come up
On 13 Jun 2012, at 14:10 , Gert Doering wrote: > Hi, > > On Wed, Jun 13, 2012 at 01:06:51PM +0200, Maarten Carels wrote: >> Used the right crossover cable? I've seen them with only 12/36 crossed and >> 45/78 not connected. You may need the 12/36 crossed 45/78 straight connected >> variety. > > GigE-on-copper works perfectly fine with no crossing at all. Depending > on the transceivers in question, "crossing some pairs and not others" > might actually confuse their logic that determines cable layout. Long time ago I connected a small cisco switch (2940 or so) to a chassis based access switch (4500 with gig-E blades). It insisted on having the right crosscable (12/36 crossed, 45/78 straight) between them... Usually not crossing works fine, but sometimes... And beware of 100Mb crosscables that cross 12/36 and leave the rest unconnected. --maarten signature.asc Description: Message signed with OpenPGP using GPGMail ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS and BPDU
I haven't looks at all of the latest MEF specs myself but in reality we tunnel STP frames. There are a couple instances where misconfigurations have led to looping which peering may have solved but we do not want to be asking customers about there STP setups and it wouldn't scale. We do encourage customers to connect to the VPLS using L3 interfaces if they can. However there are some folks using VPLS who actually need L2, even if a minor amount. Phil On Jun 13, 2012, at 9:13 AM, Saku Ytti wrote: > On (2012-06-13 10:34 +0200), Daniel Verlouw wrote: > >> for "EP-LAN", the requirement is that BPDUs *must* be tunneled (see >> flowchart in 8.1). > > The URL I linked, which clarifies BPDU handling, section 8.1.3 'L2CP > Requirements for Ethernet Private LAN (EP-LAN) Service' says 'Must Peer on > all UNIs or Discard on all UNIs' > > I'm having great troubles understanding 8.1.3 as permission to tunnel. > -- > ++ytti > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G alternative
If Two 10G uplink ports isn't enough ME 3600X 24CX has 4x10GigE - though it has other stuff you won't need and it's a 2U unit and it's twice as expensive as ME 3600x adam -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Reuben Farrelly Sent: Wednesday, June 13, 2012 3:02 PM To: Andrew Miehs Cc: scott owens; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] VS-S720-10G alternative I have a requirement for a 1G/10G access switch also for a meet-me room project I am working on, and the 4500-X ticks all the boxes - except for the MPLS capability. The lack of this feature means I will likely have to backhaul data back to an MPLS capable switch or an ASR1k in another location. I don't need a unit which can handle 24x10G (240G) of sustained throughput but I do need to plan for a handful of 10G handoffs which may do 2 or 3 Gbps in the near future. Two 10G uplink ports isn't enough, and the 7600 platform looks to be ridiculously expensive for this sort of thing (not to mention space and power requirements). A cross between a 4500-X and ME3600X/ME3800X would be an absolutely killer box. Then again, I guess that would involve Enterprise and Service Provider BU's within Cisco talking (Gert?) ;) Reuben On 13/06/2012 10:44 PM, Andrew Miehs wrote: > Sent from a mobile device > > On 13/06/2012, at 22:00, scott owens wrote: > >> for those of you looking at the sup720-10G or 7k ( I have sets of >> both of them as well ), take a look at Ciscos new 4500X 1U 10G/1G switch/router. > > >> With an SFP+ ZR optic this can do just about anything an X2 or XenPak >> 6704/6708/6716 could do. > > > Except mpls :( > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G alternative
On 13/06/2012, at 11:01 PM, Reuben Farrelly wrote: > I don't need a unit which can handle 24x10G (240G) of sustained throughput > but I do need to plan for a handful of 10G handoffs which may do 2 or 3 Gbps > in the near future. Two 10G uplink ports isn't enough, and the 7600 platform > looks to be ridiculously expensive for this sort of thing (not to mention > space and power requirements). > > A cross between a 4500-X and ME3600X/ME3800X would be an absolutely killer > box. Then again, I guess that would involve Enterprise and Service Provider > BU's within Cisco talking (Gert?) ;) We have the same requirement - basically a 4500 with MPLS would have been great - but I don't think it will happen - so looks like we are stuck with 6500s or looking at alternate vendors... Andrew ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS and BPDU
On (2012-06-13 10:34 +0200), Daniel Verlouw wrote: > for "EP-LAN", the requirement is that BPDUs *must* be tunneled (see > flowchart in 8.1). The URL I linked, which clarifies BPDU handling, section 8.1.3 'L2CP Requirements for Ethernet Private LAN (EP-LAN) Service' says 'Must Peer on all UNIs or Discard on all UNIs' I'm having great troubles understanding 8.1.3 as permission to tunnel. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Gigabit link between 2960S and 4948 won't come up
Hi, On Wed, Jun 13, 2012 at 01:06:51PM +0200, Maarten Carels wrote: > Used the right crossover cable? I've seen them with only 12/36 crossed and > 45/78 not connected. You may need the 12/36 crossed 45/78 straight connected > variety. GigE-on-copper works perfectly fine with no crossing at all. Depending on the transceivers in question, "crossing some pairs and not others" might actually confuse their logic that determines cable layout. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpHE6Sr9wfow.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6500 router hangs (IPV4 routing slows to a crawl) when IPV6 routing is enabled with VRFs.
Thanks Nick, here is the CLI output during the hangup: MTWDAVTSTEE001#show mls cef summary Total routes:407605 IPv4 unicast routes: 407557 IPv4 non-vrf routes: 30 IPv4 vrf routes: 407527 IPv4 Multicast routes: 4 MPLS routes: 8 IPv6 unicast routes: 32 IPv6 non-vrf routes: 5 IPv6 vrf routes: 27 IPv6 multicast routes: 3 EoM routes: 1 MTWDAVTSTEE001#show platform hardware capacity forwarding L2 Forwarding Resources MAC Table usage: Module Collisions Total Used %Used The slot 5 is busy, try later. Status = 8 VPN CAM usage: Total Used %Used 512 9 2% L3 Forwarding Resources FIB TCAM usage: TotalUsed %Used 72 bits (IPv4, MPLS, EoM) 524288 407557 78% 144 bits (IP mcast, IPv6) 262144 294 1% detail: ProtocolUsed %Used IPv4 407548 78% MPLS 8 1% EoM1 1% IPv6 287 1% IPv4 mcast 4 1% IPv6 mcast 3 1% Adjacency usage: TotalUsed %Used 1048576 178 1% Forwarding engine load: Module pps peak-pps peak-time 5 22006 53376 21:48:00 est Sun Jun 10 2012 = Were not using ipv4 or ipv6 urpf. Were not passing any IPV6 traffic (i.e. no fragments) at this point since we never got to adding any of the IPV6 addresses or turn up any routing - just these 3 commands "mls ipv6 vrf", "vrf def with ipv6 address-family" and "ipv6 unicast-routing". if you notice in the above CLI output " The slot 5 is busy, try later. Status = 8" this is because the SP goes to 99% cpu utilization on the "CFIB LC QUEUE BO" process for about 5 minutes. I am going to try (in our lab) to reconfigure the box to put the Internet routes in the global table and the "inside" routes in a VRF (swap the tables). ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G alternative
I have a requirement for a 1G/10G access switch also for a meet-me room project I am working on, and the 4500-X ticks all the boxes - except for the MPLS capability. The lack of this feature means I will likely have to backhaul data back to an MPLS capable switch or an ASR1k in another location. I don't need a unit which can handle 24x10G (240G) of sustained throughput but I do need to plan for a handful of 10G handoffs which may do 2 or 3 Gbps in the near future. Two 10G uplink ports isn't enough, and the 7600 platform looks to be ridiculously expensive for this sort of thing (not to mention space and power requirements). A cross between a 4500-X and ME3600X/ME3800X would be an absolutely killer box. Then again, I guess that would involve Enterprise and Service Provider BU's within Cisco talking (Gert?) ;) Reuben On 13/06/2012 10:44 PM, Andrew Miehs wrote: Sent from a mobile device On 13/06/2012, at 22:00, scott owens wrote: for those of you looking at the sup720-10G or 7k ( I have sets of both of them as well ), take a look at Ciscos new 4500X 1U 10G/1G switch/router. With an SFP+ ZR optic this can do just about anything an X2 or XenPak 6704/6708/6716 could do. Except mpls :( ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G alternative
Hi, On Wed, Jun 13, 2012 at 10:44:44PM +1000, Andrew Miehs wrote: > > With an SFP+ ZR optic this can do just about anything an X2 or XenPak > > 6704/6708/6716 could do. > Except mpls :( And there is IOS XE inside... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgprMSYwzqcP0.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S720-10G alternative
Sent from a mobile device On 13/06/2012, at 22:00, scott owens wrote: > for those of you looking at the sup720-10G or 7k ( I have sets of both of > them as well ), take a look at Ciscos new 4500X 1U 10G/1G switch/router. > With an SFP+ ZR optic this can do just about anything an X2 or XenPak > 6704/6708/6716 could do. Except mpls :( ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] VS-S720-10G alternative
for those of you looking at the sup720-10G or 7k ( I have sets of both of them as well ), take a look at Ciscos new 4500X 1U 10G/1G switch/router. http://www.cisco.com/en/US/prod/collateral/switches/ps10902/ps12332/data_sheet_c78-696791.html I think it might not work as a multi-provider BGP solution but it is interesting enough that instead of a pair of 7009s we are going to look at this, we may even think about replacing one of our 7010 pairs ( VSS vs VPC when you only have 1 VDC can be a fair trade ). With an SFP+ ZR optic this can do just about anything an X2 or XenPak 6704/6708/6716 could do. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Gigabit link between 2960S and 4948 won't come up
On 13 Jun 2012, at 12:59 , Peter Subnovic wrote: > Hi James, > > thanks for the (quick) reply. > > Honestly, no i haven't checked auto MDIX settings, but will do, thanks for > the pointer. > > I tried it with an crossover cable, but no luck. Used the right crossover cable? I've seen them with only 12/36 crossed and 45/78 not connected. You may need the 12/36 crossed 45/78 straight connected variety. --maarten signature.asc Description: Message signed with OpenPGP using GPGMail ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Gigabit link between 2960S and 4948 won't come up
Hi, as a follow-up: On the 2960S Side auto MDIX seems to be off: 2960#show controllers ethernet-controller gigabitEthernet 1/0/47 phy detail | include MDIX Auto-MDIX : Off [AdminState=1 Flags=0] On the 4948 it should be on: According to: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/46sg/configuration/guide/sw_int.html#wp1071819 Auto-MDIX is enabled per default, but i couldn't find any information in the "show int" output, which is the suggested way in the document to verify the Auto-MDIX state. When i am not mistaken, it must be on on the 4948 otherwise the link shouldn't come up at all when i use a straight cable. What makes me a little curious is that, in order for auto-MDIX to work correctly, the speed and duplex must be set to auto, which is not the case in my configuration. But even if it doesn't work correctly the link shouldn't come up with the straight cable, or am i understand something wrong? Thanks in advance, Kind regards, Peter On Wed, Jun 13, 2012 at 12:59 PM, Peter Subnovic wrote: > Hi James, > > thanks for the (quick) reply. > > Honestly, no i haven't checked auto MDIX settings, but will do, thanks for > the pointer. > > I tried it with an crossover cable, but no luck. > > Kind regards, > Peter > > > On Wed, Jun 13, 2012 at 12:49 PM, James Bensley wrote: > >> Hi Peter, >> >> Have you checked auto MDIX settings and also a cross over? >> >> Just my two pence. >> James. >> >> On 13 June 2012 11:41, Peter Subnovic wrote: >> > Dear List, >> > >> > i am having a somewhat (in my opinion) odd issue. >> > >> > We have an Cisco 4948 acting as our core switch running Cisco IOS >> Software, >> > Catalyst 4500 L3 Switch Software (cat4500-ENTSERVICESK9-M), Version >> > 12.2(54)SG >> > >> > We recently purchased a WS-C2960S-48LPS-L running Cisco IOS Software, >> > C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(58)SE2 >> > >> > I am having a hard time to bring the Link up at 1 Gbit Speed between >> these >> > two devices. The Link will only come up if configure the speed to >> 100Mbit >> > and duplex to full on both sides. >> > My first guess was a bad (copper) cable, so i tried it with 5 different >> > cables but no luck. In the next step i tested it with different ports on >> > both side, but still no luck. >> > >> > Interestingly, if i use the same cables and connect the 2960S to an >> 3750G >> > running 12.2(55) SE4 the link comes up just fine with 1Gbit (using the >> same >> > ports). Also, if i connect the 4948 to the 3750G the link comes up fine >> at >> > 1Gbit. >> > >> > My Laptop also negotiates just fine to 1Gbit on the 4948 and 2960S (with >> > the same cables). >> > >> > I am kind of lost as i am running out of ideas what could cause this >> > behavior. >> > >> > Has someone run into this problem? Do you have any ideas what could >> cause >> > this issue, or what else i could be testing? >> > >> > I appreciate every input and thanks in advance. If you need any >> additional >> > info, please don't hesitate to ask. >> > >> > Below is the output of the interface configuration and what "show int" >> says. >> > >> > Kind regards, >> > Peter >> > >> > >> > The Port configuration looks like the following: >> > >> > C2960S: >> > >> > interface GigabitEthernet1/0/47 >> > description ===XXX=== >> > switchport trunk allowed vlan 500-502,532 >> > switchport mode trunk >> > switchport nonegotiate >> > load-interval 30 >> > speed 100 >> > duplex full >> > >> > 4948: >> > interface GigabitEthernet1/47 >> > description ===XXX=== >> > switchport trunk encapsulation dot1q >> > switchport trunk allowed vlan 500-502,532 >> > switchport mode trunk >> > switchport nonegotiate >> > media-type rj45 >> > speed 100 >> > duplex full >> > >> > >> > Show interface brings up the following: >> > >> > 4948: >> > >> > GigabitEthernet1/47 is up, line protocol is up (connected) >> > Hardware is Gigabit Ethernet Port, address is 0018.18b7.ee2e (bia >> > 0018.18b7.ee2e) >> > Description: ===XXX=== >> > MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, >> > reliability 255/255, txload 4/255, rxload 4/255 >> > Encapsulation ARPA, loopback not set >> > Keepalive set (10 sec) >> > Full-duplex, 100Mb/s, link type is auto, media type is 10/100/1000-TX >> > Media-type configured as RJ45 connector >> > input flow-control is off, output flow-control is off >> > ARP type: ARPA, ARP Timeout 04:00:00 >> > Last input 19:23:29, output never, output hang never >> > Last clearing of "show interface" counters never >> > Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0 >> > Queueing strategy: fifo >> > Output queue: 0/40 (size/max) >> > 5 minute input rate 1891000 bits/sec, 311 packets/sec >> > 5 minute output rate 1959000 bits/sec, 339 packets/sec >> > 204875190 packets input, 65988069530 bytes, 0 no buffer >> > Received 325083 broadcasts (147424 multicasts) >> > 0 runts, 0 giants, 0 throttles >> >
Re: [c-nsp] Gigabit link between 2960S and 4948 won't come up
Hi James, thanks for the (quick) reply. Honestly, no i haven't checked auto MDIX settings, but will do, thanks for the pointer. I tried it with an crossover cable, but no luck. Kind regards, Peter On Wed, Jun 13, 2012 at 12:49 PM, James Bensley wrote: > Hi Peter, > > Have you checked auto MDIX settings and also a cross over? > > Just my two pence. > James. > > On 13 June 2012 11:41, Peter Subnovic wrote: > > Dear List, > > > > i am having a somewhat (in my opinion) odd issue. > > > > We have an Cisco 4948 acting as our core switch running Cisco IOS > Software, > > Catalyst 4500 L3 Switch Software (cat4500-ENTSERVICESK9-M), Version > > 12.2(54)SG > > > > We recently purchased a WS-C2960S-48LPS-L running Cisco IOS Software, > > C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(58)SE2 > > > > I am having a hard time to bring the Link up at 1 Gbit Speed between > these > > two devices. The Link will only come up if configure the speed to 100Mbit > > and duplex to full on both sides. > > My first guess was a bad (copper) cable, so i tried it with 5 different > > cables but no luck. In the next step i tested it with different ports on > > both side, but still no luck. > > > > Interestingly, if i use the same cables and connect the 2960S to an > 3750G > > running 12.2(55) SE4 the link comes up just fine with 1Gbit (using the > same > > ports). Also, if i connect the 4948 to the 3750G the link comes up fine > at > > 1Gbit. > > > > My Laptop also negotiates just fine to 1Gbit on the 4948 and 2960S (with > > the same cables). > > > > I am kind of lost as i am running out of ideas what could cause this > > behavior. > > > > Has someone run into this problem? Do you have any ideas what could cause > > this issue, or what else i could be testing? > > > > I appreciate every input and thanks in advance. If you need any > additional > > info, please don't hesitate to ask. > > > > Below is the output of the interface configuration and what "show int" > says. > > > > Kind regards, > > Peter > > > > > > The Port configuration looks like the following: > > > > C2960S: > > > > interface GigabitEthernet1/0/47 > > description ===XXX=== > > switchport trunk allowed vlan 500-502,532 > > switchport mode trunk > > switchport nonegotiate > > load-interval 30 > > speed 100 > > duplex full > > > > 4948: > > interface GigabitEthernet1/47 > > description ===XXX=== > > switchport trunk encapsulation dot1q > > switchport trunk allowed vlan 500-502,532 > > switchport mode trunk > > switchport nonegotiate > > media-type rj45 > > speed 100 > > duplex full > > > > > > Show interface brings up the following: > > > > 4948: > > > > GigabitEthernet1/47 is up, line protocol is up (connected) > > Hardware is Gigabit Ethernet Port, address is 0018.18b7.ee2e (bia > > 0018.18b7.ee2e) > > Description: ===XXX=== > > MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, > > reliability 255/255, txload 4/255, rxload 4/255 > > Encapsulation ARPA, loopback not set > > Keepalive set (10 sec) > > Full-duplex, 100Mb/s, link type is auto, media type is 10/100/1000-TX > > Media-type configured as RJ45 connector > > input flow-control is off, output flow-control is off > > ARP type: ARPA, ARP Timeout 04:00:00 > > Last input 19:23:29, output never, output hang never > > Last clearing of "show interface" counters never > > Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0 > > Queueing strategy: fifo > > Output queue: 0/40 (size/max) > > 5 minute input rate 1891000 bits/sec, 311 packets/sec > > 5 minute output rate 1959000 bits/sec, 339 packets/sec > > 204875190 packets input, 65988069530 bytes, 0 no buffer > > Received 325083 broadcasts (147424 multicasts) > > 0 runts, 0 giants, 0 throttles > > 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored > > 0 input packets with dribble condition detected > > 292744855 packets output, 333704421693 bytes, 0 underruns > > 0 output errors, 0 collisions, 0 interface resets > > 0 babbles, 0 late collision, 0 deferred > > 0 lost carrier, 0 no carrier > > 0 output buffer failures, 0 output buffers swapped out > > > > Cisco 2960S: > > > > GigabitEthernet1/0/47 is up, line protocol is up (connected) > > Hardware is Gigabit Ethernet, address is a456.30e3.d0af (bia > > a456.30e3.d0af) > > Description: ===XXX=== > > MTU 1500 bytes, BW 10 Kbit/sec, DLY 100 usec, > > reliability 255/255, txload 1/255, rxload 2/255 > > Encapsulation ARPA, loopback not set > > Keepalive set (10 sec) > > Full-duplex, 100Mb/s, media type is 10/100/1000BaseTX > > input flow-control is off, output flow-control is unsupported > > ARP type: ARPA, ARP Timeout 04:00:00 > > Last input 00:00:00, output 19:23:51, output hang never > > Last clearing of "show interface" counters never > > Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 3709 > > Queueing strategy: fifo > > Output queue: 0/40 (size/max) > > 30 second input rate 7
[c-nsp] Gigabit link between 2960S and 4948 won't come up
Dear List, i am having a somewhat (in my opinion) odd issue. We have an Cisco 4948 acting as our core switch running Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500-ENTSERVICESK9-M), Version 12.2(54)SG We recently purchased a WS-C2960S-48LPS-L running Cisco IOS Software, C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(58)SE2 I am having a hard time to bring the Link up at 1 Gbit Speed between these two devices. The Link will only come up if configure the speed to 100Mbit and duplex to full on both sides. My first guess was a bad (copper) cable, so i tried it with 5 different cables but no luck. In the next step i tested it with different ports on both side, but still no luck. Interestingly, if i use the same cables and connect the 2960S to an 3750G running 12.2(55) SE4 the link comes up just fine with 1Gbit (using the same ports). Also, if i connect the 4948 to the 3750G the link comes up fine at 1Gbit. My Laptop also negotiates just fine to 1Gbit on the 4948 and 2960S (with the same cables). I am kind of lost as i am running out of ideas what could cause this behavior. Has someone run into this problem? Do you have any ideas what could cause this issue, or what else i could be testing? I appreciate every input and thanks in advance. If you need any additional info, please don't hesitate to ask. Below is the output of the interface configuration and what "show int" says. Kind regards, Peter The Port configuration looks like the following: C2960S: interface GigabitEthernet1/0/47 description ===XXX=== switchport trunk allowed vlan 500-502,532 switchport mode trunk switchport nonegotiate load-interval 30 speed 100 duplex full 4948: interface GigabitEthernet1/47 description ===XXX=== switchport trunk encapsulation dot1q switchport trunk allowed vlan 500-502,532 switchport mode trunk switchport nonegotiate media-type rj45 speed 100 duplex full Show interface brings up the following: 4948: GigabitEthernet1/47 is up, line protocol is up (connected) Hardware is Gigabit Ethernet Port, address is 0018.18b7.ee2e (bia 0018.18b7.ee2e) Description: ===XXX=== MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, reliability 255/255, txload 4/255, rxload 4/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, link type is auto, media type is 10/100/1000-TX Media-type configured as RJ45 connector input flow-control is off, output flow-control is off ARP type: ARPA, ARP Timeout 04:00:00 Last input 19:23:29, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 1891000 bits/sec, 311 packets/sec 5 minute output rate 1959000 bits/sec, 339 packets/sec 204875190 packets input, 65988069530 bytes, 0 no buffer Received 325083 broadcasts (147424 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 292744855 packets output, 333704421693 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Cisco 2960S: GigabitEthernet1/0/47 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is a456.30e3.d0af (bia a456.30e3.d0af) Description: ===XXX=== MTU 1500 bytes, BW 10 Kbit/sec, DLY 100 usec, reliability 255/255, txload 1/255, rxload 2/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, media type is 10/100/1000BaseTX input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 19:23:51, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 3709 Queueing strategy: fifo Output queue: 0/40 (size/max) 30 second input rate 796000 bits/sec, 108 packets/sec 30 second output rate 187000 bits/sec, 132 packets/sec 23172539 packets input, 20875225690 bytes, 0 no buffer Received 156759 broadcasts (156578 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 156578 multicast, 0 pause input 0 input packets with dribble condition detected 19788925 packets output, 7529119002 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-
Re: [c-nsp] VPLS and BPDU
On Wed, Jun 13, 2012 at 10:02 AM, Saku Ytti wrote: > I want to tunnel BPDU over the VPLS network, as if my VPLS is stupid hub. > But as MEF does not allow this, it must silly idea. And I'm pretty sure my > customers expect to see BPDU pass the network transparently. I could, even > if my access is metro L2, do MAC-rewrite/L2PT to facilitate tunneling. > > But surely MEF has given this lot more thought, so what am I missing? are you talking about "EP-LAN" or "EVP-LAN" services? If "stupid hub" means you're transparent for all customer frames including CE-vlans, I'm assuming EP-LAN (?) for "EP-LAN", the requirement is that BPDUs *must* be tunneled (see flowchart in 8.1). -- Daniel. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] NTP on a 3750 & 2970
I stand corrected then. I've only ever tried on a 3750G with IP Base, must have been doing something wrong! Sent from my iPhone On 12/06/2012, at 3:40, Peter Rathlev wrote: > On Tue, 2012-06-12 at 03:03 +1000, Joshua Morgan wrote: >> Last time I tried, 3750 does not. I don't think any Catalyst can do that. > > We have previously used C6k/Sup720 running SFX for this. I just tested a > 3560 running 12.2(58)SE1 IP Services and it works fine. > > I actually just tried a regular IP Base switch (also 12.2(58)SE1) and it > also answers to "ntpdate -q", even without "ntp master". > > On that note: Use "ntp access-group peer " to limit who can talk NTP > with the switch. I haven't been able to limit who can query and who can > serve via the "query-only" and "serve-only" keywords. I just don't > understand how it's supposed to work. > > -- > Peter > > > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] VPLS and BPDU
Not really c-nsp specific, but MEF doesn't appear to have public mailing list and as this contains operational matters, it probably won't interest nanog. How are people handling BPDUs in their VPLS products? Reading MEF[0] requirements, only product where you are allowed to tunnel BPDU, is point-to-point, all multipoint either must peer or discard. Now maybe it is just me, but I don't want my PE router to have hundred different MST, PVST, RST, REP etc processes running. I don't want to change my PE MST instance configs when ever customer does changes to their MST. Infact, I don't want any flavour of any STP anywhere near my PE. I want to tunnel BPDU over the VPLS network, as if my VPLS is stupid hub. But as MEF does not allow this, it must silly idea. And I'm pretty sure my customers expect to see BPDU pass the network transparently. I could, even if my access is metro L2, do MAC-rewrite/L2PT to facilitate tunneling. But surely MEF has given this lot more thought, so what am I missing? [0] http://www.metroethernetforum.org/PDF_Documents/technical-specifications/MEF_6.1.1.pdf -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
