[c-nsp] PPPOE GIG SUB-INTEREFACE - 15.2S 7606-S
We have an environment where we terminate our DSL customers over PPPoE on a 7606-S MPLS PE router with RSP720. The PPPoE sessions are terminated on a GIG V2 interface of a SIP-400. Currently the IOS running on the device is c7600rsp72043_rp-ADVIPSERVICESK9-M, Version 12.2(33)SRD. The following is the current configuration used. bba-group pppoe 7 virtual-template 7 interface GigabitEthernet2/1/3.142647 access encapsulation dot1Q 14 second-dot1q 2647 pppoe enable group 7 interface Virtual-Template7 ip vrf forwarding TEST ip address 10.10.10.1 255.255.255.252 In the above scenario everything works well. However we had to upgrade the router IOS to15.2(4)S Advance IPServicesk9 to support 4-byte ASN. After the upgrading we observed certain commands used to terminate PPPoE on the sub-interfaces not available on 15.2(4)S , although PPPoE on Gig and Ethernet with QinQ support is listed under 15.2S feature set. Command not available on 15.2S pppoe enable group 7 Any suggestion on how to get this working on 15.2S IOS? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Linux BGP tool
Hi, ExaBGP is perfect for this. I'm using it for RTBHF. It can also support VPNv4 AF. http://code.google.com/p/exabgp/ Br, Gabor -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of CiscoNSP_list CiscoNSP_list Sent: Tuesday, November 06, 2012 8:12 AM To: cisco-nsp@puck.nether.net Subject: [c-nsp] Linux BGP tool Hi Guys, Looking for a linux bgp utility to inject full bgp tables into our Lab Cisco ASR1000 (To simulate real-world peering taking multiple full tables) Any suggestions? Cheers. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Linux BGP tool
+1 for Quagga on *BSD You mentioned Linux and there is port for that too. -- Regards, Ge Moua Univ of Minn Alumnus -- On 11/06/2012 01:11 AM, CiscoNSP_list CiscoNSP_list wrote: Hi Guys, Looking for a linux bgp utility to inject full bgp tables into our Lab Cisco ASR1000 (To simulate real-world peering taking multiple full tables) Any suggestions? Cheers. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Nexus 7K NX-OS Upgrade
Hello group, Anyone knows the difference between using the install all script or just update the boot system flash command when upgrading NX-OS on a Nexus 7K ? The question applies to a single supervisor setup. The official documentation mentions the two ways of doing it: - using the install all script: http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/upgrade/gui de/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide__Rel ease_5.x_chapter_00.html#con_314241 - using the traditional procedure: http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/upgrade/gui de/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide__Rel ease_5.x_chapter_00.html#task_39E26688E1204F8CAAE876450A575E73 I had a bad experience in the past with the install all script. I was doing an upgrade to a 7010 with only 1 supervisor that was installed in slot 6. The install all script has a problem, may a bug, it only correctly updates the boot variables for slot 5: boot kickstart bootflash:/n7000-s1-kickstart.5.2.3a.bin sup-1 boot system bootflash:/n7000-s1-dk9.5.2.3a.bin sup-1 boot kickstart bootflash:/n7000-s1-kickstart.5.1.3.bin sup-2 The install all script assumes that if there is only one supervisor, it should be on slot 5. Above we can see that the boot system is missing for sup-2. In summary, is there any problem if I simply update the boot variables and reload ? May I end up with the supervisor running the new NX-OS release and the modules the old NX-OS release ? Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net http://www.ccie18473.net/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco BFD
Hi allI was trying to configure BFD with OSPF I have the below configuration R1#sh run int f0/0.519Building configuration... Current configuration : 112 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.19 255.255.255.0 ip ospf bfdend R5#sh run int f0/0.519Building configuration... Current configuration : 111 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.5 255.255.255.0 ip ospf bfdend R5#sh ip ospf neighbor | inc 51919.19.19.19 1 FULL/DR 00:00:39 20.5.19.19 FastEthernet0/0.519 I have no bfd neighbors R5#sh bfd neighbors R5# As well , am using GNS3 , when i tried to modify the BFD timers , The routers stuck with no responseinterface FastEthernet0/0.519ip ospf bfdbfd interval 250 min_rx 250 multiplier 3 Any ideas?Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco BFD
I came to conclusion that bfd doesn't work in dynamips it will always crash adam -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of M K Sent: Tuesday, November 06, 2012 2:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] Cisco BFD Hi allI was trying to configure BFD with OSPF I have the below configuration R1#sh run int f0/0.519Building configuration... Current configuration : 112 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.19 255.255.255.0 ip ospf bfdend R5#sh run int f0/0.519Building configuration... Current configuration : 111 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.5 255.255.255.0 ip ospf bfdend R5#sh ip ospf neighbor | inc 51919.19.19.19 1 FULL/DR 00:00:3920.5.19.19 FastEthernet0/0.519 I have no bfd neighbors R5#sh bfd neighbors R5# As well , am using GNS3 , when i tried to modify the BFD timers , The routers stuck with no responseinterface FastEthernet0/0.519ip ospf bfdbfd interval 250 min_rx 250 multiplier 3 Any ideas?Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco BFD
BFD is not supported in dynamips last I looked. -Blake On Tue, Nov 6, 2012 at 9:50 AM, Adam Vitkovsky adam.vitkov...@swan.skwrote: I came to conclusion that bfd doesn't work in dynamips it will always crash adam -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of M K Sent: Tuesday, November 06, 2012 2:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] Cisco BFD Hi allI was trying to configure BFD with OSPF I have the below configuration R1#sh run int f0/0.519Building configuration... Current configuration : 112 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.19 255.255.255.0 ip ospf bfdend R5#sh run int f0/0.519Building configuration... Current configuration : 111 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.5 255.255.255.0 ip ospf bfdend R5#sh ip ospf neighbor | inc 51919.19.19.19 1 FULL/DR 00:00:3920.5.19.19 FastEthernet0/0.519 I have no bfd neighbors R5#sh bfd neighbors R5# As well , am using GNS3 , when i tried to modify the BFD timers , The routers stuck with no responseinterface FastEthernet0/0.519ip ospf bfdbfd interval 250 min_rx 250 multiplier 3 Any ideas?Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] leaking only a couple routes between 2 vrf's
thanks, per the config guidance below, I have that route replicated into the vrf that I wanted it into on the local pe where I did that replicate trick from one vrf to another but how would I get that replicated route sent to other neighboring pe's in that L3VPN ? Aaron -Original Message- From: Paul Wells [mailto:p...@lituya.com] Sent: Friday, November 02, 2012 11:51 AM To: Aaron; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] leaking only a couple routes between 2 vrf's Hi Aaron, If you have a recent IOS release you can use the route-replicate command to do this directly without requiring BGP. For example: vrf definition blue ! address-family ipv4 route-replicate from vrf red unicast all route-map red2blue exit-address-family ! vrf definition red ! address-family ipv4 exit-address-family ! ip prefix-list red2blue seq 5 permit 90.0.0.0/8 le 32 ip prefix-list red2blue seq 10 permit 91.0.0.0/8 le 32 ! route-map red2blue permit 10 match ip address prefix-list red2blue ! R1#sh ip ro vrf red Routing Table: red Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP ... + - replicated route, % - next hop override Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C10.1.0.0/24 is directly connected, Ethernet0/0 L10.1.0.180/32 is directly connected, Ethernet0/0 90.0.0.0/24 is subnetted, 2 subnets O90.1.0.0 [110/11] via 10.1.0.181, 00:30:26, Ethernet0/0 i L1 90.2.0.0 [115/20] via 10.1.0.181, 00:00:05, Ethernet0/0 91.0.0.0/24 is subnetted, 1 subnets O91.1.0.0 [110/11] via 10.1.0.181, 00:30:16, Ethernet0/0 92.0.0.0/24 is subnetted, 1 subnets O92.1.0.0 [110/11] via 10.1.0.181, 00:30:16, Ethernet0/0 R1#sh ip ro vrf blue Routing Table: blue Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP ... + - replicated route, % - next hop override Gateway of last resort is not set 90.0.0.0/24 is subnetted, 2 subnets O +90.1.0.0 [110/11] via 10.1.0.181 (red), 00:30:38, Ethernet0/0 i L1+90.2.0.0 [115/20] via 10.1.0.181 (red), 00:00:17, Ethernet0/0 91.0.0.0/24 is subnetted, 1 subnets O +91.1.0.0 [110/11] via 10.1.0.181 (red), 00:30:28, Ethernet0/0 This is documented as part of the Easy Virtual Network feature, but can be used by itself. See, for example: http://www.cisco.com/en/US/docs/ios-xml/ios/evn/configuration/xe-3s/Configur ing_Easy_Virtual_Network_Shared_Services.html Regards, Paul On 11/01/2012 04:28 PM, Aaron wrote: What is a clean/easy way to leak a couple routes between two vrf's ? if you have links to docs or sites that explain this or you know how , lemme know please. Aaron ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Preserving CoS with xconnect on ME3600X
Hi everyone. I was hoping I could get some help with an EoMPLS config I'm working on between an ME3600X and an ME6524 and being able to preserve the CoS field values. The xconnect pseudowire it actually up and able to pass traffic so that's not a problem. The issue is that any CoS values I assign to the data packets seem to get overwritten on the ME3600X in the service instance config. This is a rough topology of what I'm using: Traffic generator --- 3750 --- ME3600X ---pseudowire over mpls cloud--- ME6524 --- 3750G --- Traffic generator What I see happening (going from left to right) is that the 3 different CoS values (5,3,0) all get overwritten to zero as soon as the traffic goes over the xconnect. LDP labels are also sent as exp zero. In the opposite direction where the xconnect starts on the ME6524, the CoS values are copied over to the exp values all the way to the ME3600X until it passes through the service instance config. Once I inspect the traffic on the 3750 switch, I see all my traffic arriving with CoS 0. Note that DSCP is preserved in both directions. I'm curious if there is some global command for the ME3600X or some additional config that I need to do on the service instance in order to somehow copy the CoS value to EXP bit. Or do I have to do more inspection and writing of values via MQC? Here is the config I have for the xconnect on the two platforms. ME3600X interface GigabitEthernet0/8 switchport trunk allowed vlan none switchport mode trunk load-interval 30 speed 100 duplex full service instance 3801 ethernet encapsulation dot1q 3801 rewrite ingress tag pop 1 symmetric xconnect 172.28.110.2 666 encapsulation mpls ! ME6524: interface GigabitEthernet1/1.3801 encapsulation dot1Q 3801 xconnect 172.28.110.2 666 encapsulation mpls ! Thanks! Jose P.S. I've done xconnects with two 6524s as the PEs and they always preserve the correct CoS values and apply the appropriate exp bit values. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco BFD
Thanks for the replies guys From: iki...@gmail.com Date: Tue, 6 Nov 2012 09:58:29 -0600 Subject: Re: [c-nsp] Cisco BFD To: adam.vitkov...@swan.sk CC: gunner_...@live.com; cisco-nsp@puck.nether.net BFD is not supported in dynamips last I looked. -Blake On Tue, Nov 6, 2012 at 9:50 AM, Adam Vitkovsky adam.vitkov...@swan.sk wrote: I came to conclusion that bfd doesn't work in dynamips it will always crash adam -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of M K Sent: Tuesday, November 06, 2012 2:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] Cisco BFD Hi allI was trying to configure BFD with OSPF I have the below configuration R1#sh run int f0/0.519Building configuration... Current configuration : 112 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.19 255.255.255.0 ip ospf bfdend R5#sh run int f0/0.519Building configuration... Current configuration : 111 bytes!interface FastEthernet0/0.519 encapsulation dot1Q 519 ip address 20.5.19.5 255.255.255.0 ip ospf bfdend R5#sh ip ospf neighbor | inc 51919.19.19.19 1 FULL/DR 00:00:3920.5.19.19 FastEthernet0/0.519 I have no bfd neighbors R5#sh bfd neighbors R5# As well , am using GNS3 , when i tried to modify the BFD timers , The routers stuck with no responseinterface FastEthernet0/0.519ip ospf bfdbfd interval 250 min_rx 250 multiplier 3 Any ideas?Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Preserving CoS with xconnect on ME3600X
Hi, On 7 November 2012 08:04, Lobo loboti...@gmail.com wrote: Hi everyone. I was hoping I could get some help with an EoMPLS config I'm working on between an ME3600X and an ME6524 and being able to preserve the CoS field values. The xconnect pseudowire it actually up and able to pass traffic so that's not a problem. The issue is that any CoS values I assign to the data packets seem to get overwritten on the ME3600X in the service instance config. This is a rough topology of what I'm using: Traffic generator --- 3750 --- ME3600X ---pseudowire over mpls cloud--- ME6524 --- 3750G --- Traffic generator What I see happening (going from left to right) is that the 3 different CoS values (5,3,0) all get overwritten to zero as soon as the traffic goes over the xconnect. LDP labels are also sent as exp zero. In the opposite direction where the xconnect starts on the ME6524, the CoS values are copied over to the exp values all the way to the ME3600X until it passes through the service instance config. Once I inspect the traffic on the 3750 switch, I see all my traffic arriving with CoS 0. Note that DSCP is preserved in both directions. I'm curious if there is some global command for the ME3600X or some additional config that I need to do on the service instance in order to somehow copy the CoS value to EXP bit. Or do I have to do more inspection and writing of values via MQC? Here is the config I have for the xconnect on the two platforms. ME3600X interface GigabitEthernet0/8 switchport trunk allowed vlan none switchport mode trunk load-interval 30 speed 100 duplex full service instance 3801 ethernet encapsulation dot1q 3801 rewrite ingress tag pop 1 symmetric xconnect 172.28.110.2 666 encapsulation mpls ! ME6524: interface GigabitEthernet1/1.3801 encapsulation dot1Q 3801 xconnect 172.28.110.2 666 encapsulation mpls ! Your problem is caused by the following line in 3600x config: rewrite ingress tag pop 1 symmetric that line removes the vlan tag and the COS bits with it, so when the frame hits the PWE3 there is no information about what class the traffic belonged to originally, just plain ethernet frame. One way to make it work is to create a set of policies on both 3600x and 6524 that inspect the incoming packets and copy the COS bits into EXP/QoS bits of the MPLS label and then have a symmetric set of policies on egress to copy bits from EXP/QoS back to COS (AFAIK 65xx does it automatically, if not configured otherwise). I believe you have to use qos-groups on egress, as MPLS markings do not survive till the egress policy processing. Between two 3600x you can make it also work if you do not pop the VLAN tags (then PWE3 carries ethernet frame with VLAN tags). kind regards Pshem ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Preserving CoS with xconnect on ME3600X
I was under the impression that the rewrite ingress tag pop 1 symmetric was required in order for the xconnect to work? Removing it seems to break the xconnect as traffic no longer goes across it. So is MQC with qos-groups is the only way to preserve the markings with this platform? Jose On 11/6/2012 3:14 PM, Pshem Kowalczyk wrote: Hi, On 7 November 2012 08:04, Lobo loboti...@gmail.com mailto:loboti...@gmail.com wrote: Hi everyone. I was hoping I could get some help with an EoMPLS config I'm working on between an ME3600X and an ME6524 and being able to preserve the CoS field values. The xconnect pseudowire it actually up and able to pass traffic so that's not a problem. The issue is that any CoS values I assign to the data packets seem to get overwritten on the ME3600X in the service instance config. This is a rough topology of what I'm using: Traffic generator --- 3750 --- ME3600X ---pseudowire over mpls cloud--- ME6524 --- 3750G --- Traffic generator What I see happening (going from left to right) is that the 3 different CoS values (5,3,0) all get overwritten to zero as soon as the traffic goes over the xconnect. LDP labels are also sent as exp zero. In the opposite direction where the xconnect starts on the ME6524, the CoS values are copied over to the exp values all the way to the ME3600X until it passes through the service instance config. Once I inspect the traffic on the 3750 switch, I see all my traffic arriving with CoS 0. Note that DSCP is preserved in both directions. I'm curious if there is some global command for the ME3600X or some additional config that I need to do on the service instance in order to somehow copy the CoS value to EXP bit. Or do I have to do more inspection and writing of values via MQC? Here is the config I have for the xconnect on the two platforms. ME3600X interface GigabitEthernet0/8 switchport trunk allowed vlan none switchport mode trunk load-interval 30 speed 100 duplex full service instance 3801 ethernet encapsulation dot1q 3801 rewrite ingress tag pop 1 symmetric xconnect 172.28.110.2 666 encapsulation mpls ! ME6524: interface GigabitEthernet1/1.3801 encapsulation dot1Q 3801 xconnect 172.28.110.2 666 encapsulation mpls ! Your problem is caused by the following line in 3600x config: rewrite ingress tag pop 1 symmetric that line removes the vlan tag and the COS bits with it, so when the frame hits the PWE3 there is no information about what class the traffic belonged to originally, just plain ethernet frame. One way to make it work is to create a set of policies on both 3600x and 6524 that inspect the incoming packets and copy the COS bits into EXP/QoS bits of the MPLS label and then have a symmetric set of policies on egress to copy bits from EXP/QoS back to COS (AFAIK 65xx does it automatically, if not configured otherwise). I believe you have to use qos-groups on egress, as MPLS markings do not survive till the egress policy processing. Between two 3600x you can make it also work if you do not pop the VLAN tags (then PWE3 carries ethernet frame with VLAN tags). kind regards Pshem ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] IPv6 SLAAC on P2P or QinQ subints
Hi Folks, Just a quick sanity check. I'm in the early stages of planning customer IPv6 deployment and am trying to figure out how I'm going to deliver SLAAC over P2P (ATM specifically) and QinQ interfaces for DSL or similar, in non-PPP scenarios. When I started poking around, it became apparently quickly that ipv6 unnumbered loopbackN wouldn't work since loopbacks apparently can't/won't send RAs, and this would break DAD in any event, or at least make is useless. Digging around, the recommendations I've seen are to simply apply a static /64 to each subint. This seems absurdly cumbersome, even if using general-prefix. Am I missing something here or am I stuck in ipv4 mode? Can anyone point me to a better way to handle this? My primary concern isn't wasting /64s, it's keeping track of assigned /64s both in configs and in our customer records. Thanks for any input, TD ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Preserving CoS with xconnect on ME3600X
Hi, On 7 November 2012 09:47, Lobo loboti...@gmail.com wrote: I was under the impression that the rewrite ingress tag pop 1 symmetric was required in order for the xconnect to work? Removing it seems to break the xconnect as traffic no longer goes across it. It's required if the other end doesn't use service-instance-like setup (with flexible matching of tags). 65xx automatically strips the VLAN tag when it sees encapsulation command, 3600x does not. So is MQC with qos-groups is the only way to preserve the markings with this platform? That's my understanding. On the upside - the same setup should work on 65xx as well. kind regards Pshem ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Nexus 7K NX-OS Upgrade
Thanks, I appreciate your feedback. Since it is a lab environment, may I ask you to see what happens when you upgrade with the install all script and with the sup in slot 6 ? I had the problem when upgrading from 5.1.3 to 5.2.3a. Now I need to upgrade to 5.2.7 and I want to avoid the issue. Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net -Original Message- From: Charles Spurgeon [mailto:c.spurg...@austin.utexas.edu] Sent: terça-feira, 6 de Novembro de 2012 22:39 To: Antonio Soares Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Nexus 7K NX-OS Upgrade On Tue, Nov 06, 2012 at 10:38:46AM +, Antonio Soares wrote: Hello group, Anyone knows the difference between using the install all script or just update the boot system flash command when upgrading NX-OS on a Nexus 7K ? In summary, is there any problem if I simply update the boot variables and reload ? May I end up with the supervisor running the new NX-OS release and the modules the old NX-OS release ? I was just testing that this aft and it works fine in my lab tests, with the caveat that I have a dual-sup 7010. Manually configuring the boot strings and then typing reload resulted in sups and mods all coming up on the new code. -Charles Charles E. Spurgeon / UTnet UT Austin ITS / Networking c.spurg...@its.utexas.edu / 512.475.9265 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Linux BGP tool
Thanks very much for the suggestions - Just tested bgpsimple (full table), and it is VERY slow to send the full table (Peering session has been up for 18minutes, and the ASR has only received ~185,000 prefixes?) From: cisconsp_l...@hotmail.com To: cisco-nsp@puck.nether.net Date: Tue, 6 Nov 2012 18:11:32 +1100 Subject: [c-nsp] Linux BGP tool Hi Guys, Looking for a linux bgp utility to inject full bgp tables into our Lab Cisco ASR1000 (To simulate real-world peering taking multiple full tables) Any suggestions? Cheers. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Nexus 7K NX-OS Upgrade
Hi Antonio, The difference between the two procedures is that install all will perform an in-service software upgrade, ie, this should be non disruptive to the data plane while the sups and all the modules will upgrade to the new version. Versus just changing the boot strings and rebooting, which is clearly disruptive to the entire system. In the end, both should result in all sups modules running the new release. Not sure what issues you ran into with ISSU, would at a minimum suggest you check the release notes to make sure the starting and target releases are compatible etc. Hope that helps, Tim At 03:04 PM 11/6/2012, Antonio Soares mused: Thanks, I appreciate your feedback. Since it is a lab environment, may I ask you to see what happens when you upgrade with the install all script and with the sup in slot 6 ? I had the problem when upgrading from 5.1.3 to 5.2.3a. Now I need to upgrade to 5.2.7 and I want to avoid the issue. Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net -Original Message- From: Charles Spurgeon [mailto:c.spurg...@austin.utexas.edu] Sent: terça-feira, 6 de Novembro de 2012 22:39 To: Antonio Soares Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Nexus 7K NX-OS Upgrade On Tue, Nov 06, 2012 at 10:38:46AM +, Antonio Soares wrote: Hello group, Anyone knows the difference between using the install all script or just update the boot system flash command when upgrading NX-OS on a Nexus 7K ? In summary, is there any problem if I simply update the boot variables and reload ? May I end up with the supervisor running the new NX-OS release and the modules the old NX-OS release ? I was just testing that this aft and it works fine in my lab tests, with the caveat that I have a dual-sup 7010. Manually configuring the boot strings and then typing reload resulted in sups and mods all coming up on the new code. -Charles Charles E. Spurgeon / UTnet UT Austin ITS / Networking c.spurg...@its.utexas.edu / 512.475.9265 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Tim Stevenson, tstev...@cisco.com Routing Switching CCIE #5561 Distinguished Technical Marketing Engineer, Cisco Nexus 7000 Cisco - http://www.cisco.com IP Phone: 408-526-6759 The contents of this message may be *Cisco Confidential* and are intended for the specified recipients only. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Nexus 7K NX-OS Upgrade
Hi Antonio, In general, doing a traditional upgrade (changing boot variables) will not update the BIOS for example, while an ISSU does and it's non-disruptive with dual-supervisors. There's a defect which caused the behavior you were seeing, CSCtn61286 which affects 5.1(3). Since you were upgrading from that version, it was still impacting the upgrade process. It has been fixed in 5.1(4) and 5.2(1) already, so upgrading from 5.2(3a) to 5.2(7) will not have the same issue. http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetailsbugId=CSCtn61286 If the boot variables are incorrect, you can edit them as you'd do on an IOS device, make sure you update the kickstart and system as well. Upgrading from 5.2(3a) to 5.2(7) can be done using the install all (ISSU) method. Best regards On Tue, Nov 6, 2012 at 11:38 AM, Antonio Soares amsoa...@netcabo.pt wrote: Hello group, Anyone knows the difference between using the install all script or just update the boot system flash command when upgrading NX-OS on a Nexus 7K ? The question applies to a single supervisor setup. The official documentation mentions the two ways of doing it: - using the install all script: http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/upgrade/gui de/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide__Rel ease_5.x_chapter_00.html#con_314241 - using the traditional procedure: http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/upgrade/gui de/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide__Rel ease_5.x_chapter_00.html#task_39E26688E1204F8CAAE876450A575E73 I had a bad experience in the past with the install all script. I was doing an upgrade to a 7010 with only 1 supervisor that was installed in slot 6. The install all script has a problem, may a bug, it only correctly updates the boot variables for slot 5: boot kickstart bootflash:/n7000-s1-kickstart.5.2.3a.bin sup-1 boot system bootflash:/n7000-s1-dk9.5.2.3a.bin sup-1 boot kickstart bootflash:/n7000-s1-kickstart.5.1.3.bin sup-2 The install all script assumes that if there is only one supervisor, it should be on slot 5. Above we can see that the boot system is missing for sup-2. In summary, is there any problem if I simply update the boot variables and reload ? May I end up with the supervisor running the new NX-OS release and the modules the old NX-OS release ? Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net http://www.ccie18473.net/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3800X, Policy Routing and SDM
On 7/11/2012 3:56 PM, Mal wrote: Did you scope the purchase yourself ? Mal -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Reuben Farrelly Sent: Wednesday, November 07, 2012 3:10 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] ME3800X, Policy Routing and SDM Yes. The SCALED license was documented (and still is) on CCO as public information as increasing the limits of MAC/IP and other platform limits, and not being something required to enable any new features: The ME 3800X supports these licenses plus a scaled license that can be installed with any of these licenses to increase the supported values for that license, for example, more MAC addresses, VLANs, IPv4 routes, and so on. We hadn't budgetted on having to purchase a SCALED license in order to get more functionality, because CCO indicates that's not what the SCALED license provides, and the business case was approved some months ago based on that premise. So the question still is, is this license actually required (see my previous post in so far as it looks like it might work) or was this a mistake in the release notes? Reuben ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IPv6 SLAAC on P2P or QinQ subints
On Tue, 6 Nov 2012, Tim Densmore wrote: Just a quick sanity check. I'm in the early stages of planning customer IPv6 deployment and am trying to figure out how I'm going to deliver SLAAC over P2P (ATM specifically) and QinQ interfaces for DSL or similar, in non-PPP scenarios. When I started poking around, it became apparently quickly that ipv6 unnumbered loopbackN wouldn't work since loopbacks apparently can't/won't send RAs, and this would break DAD in any event, or at least make is useless. Digging around, the recommendations I've seen are to simply apply a static /64 to each subint. This seems absurdly cumbersome, even if using general-prefix. Am I missing something here or am I stuck in ipv4 mode? Can anyone point me to a better way to handle this? I think you need to elaborate what this is. People typically use /126 for link networks, but you don't actually need them as a lot of things can be done using only link local. That however won't work with RAs (you don't specify why you want to use RAs). So take one further step back and describe what you want to achieve. -- Mikael Abrahamssonemail: swm...@swm.pp.se ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/