Re: [c-nsp] 4500-X VSS %EC-5-CANNOT_BUNDLE2
Hi, Just thought Id provide an update to this - Have been dealing with TAC, and the "%EC-5-CANNOT_BUNDLE2" error appears to be a cosmetic bug, and the portchan + member Ints being "down" is expected until you issue "switch convert mode virtual" on both switches, then once the switches reboot, the portchan will be up(As will the member Ints) and VSS will be operational. Cheers. Date: Thu, 14 Mar 2013 09:01:02 -0400 From: coloc...@geneseo.edu To: cisconsp_l...@hotmail.com CC: diosbej...@gmail.com; cisco-nsp-boun...@puck.nether.net; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 4500-X VSS %EC-5-CANNOT_BUNDLE2 On 3/13/2013 6:14 PM, CiscoNSP List wrote: Thanks Rick - Can you please confirm what version of IOS-XE you are running? Mine are running 03.04.00.SG Cheers. Same: [coloccia@status ~]$ ssh 10.238.115.24 Password: South4500Xs>show ver Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3) -- Rick Coloccia, Jr. Network Manager State University of NY College at Geneseo 1 College Circle, 119 South Hall Geneseo, NY 14454 V: 585-245-5577 F: 585-245-5579 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS PE Redundancy with Supervisor Engine 2T
Hi Sander, It definitely works. A colleague of mine installed one two weeks ago. I would recommend that you use both ports on the supervisor rather than on a line card for the VSL (Link). The 6908 should work for VSL, the 6704 won't - but it can be used for other traffic. Regards Andrew On Fri, Mar 22, 2013 at 7:43 AM, Sander Steffann wrote: > Hi, > > We're trying to implement VPLS PE Redundancy with Supervisor Engine 2T > (VSS) as described in > http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-663645.html#wp9000139and > constantly failing. It seems so simple: set up a VSS, use LACP or PAgP > port-channels to the distribution switches and do VPLS on the VSS. It just > doesn't seem to work. Using WS-X6908-10G-2TXL line cards already gives less > problems than with WS-X6704-10GE line cards, but still it fails to work > very often. I sometimes wonder if I am going mad or if this setup has never > actually been tested... > > So: has anybody ever set up a network like this, or am I really beta > testing for Cisco now? > > Cheers, > Sander Steffann > > > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Swap hsrp with vrrp in mixed physical/vmware environment?
On 21/03/2013 20:13, Alex Pressé wrote: > Nothing broke, Server 2008 and 2003 environment with some Novell. And > a few hundred XP/Win7 users. it won't break; there will just be a changeover period where some of the client boxes will not know about the new VRRP mac address of the default gateway, so they will temporarily lose connectivity during the migration. Once the migration is over, everything will work fine again (i.e. do this in a maintenance window). Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Swap hsrp with vrrp in mixed physical/vmware environment?
I perhaps didn't do as much reading regarding swapping HSRP for VRRP. Nothing broke, Server 2008 and 2003 environment with some Novell. And a few hundred XP/Win7 users. That was on an all IPv4 network though. On Thu, Mar 21, 2013 at 12:14 PM, David Hubbard wrote: > So this should be fun; I need to swich from HSRP to > VRRP to facilitate bringing in a second vendor's > hardware to interoperate. We run ipv4 and > ipv6 (static assignments) and the VLANs are a mix > of physical servers along with vmware guests on > Cisco UCS with the fabric interconnects in end-host > mode. Physical and vmware guest OS's are mostly > linux with a very small number of Windows. > > I've read that at least on the ipv4 side, many > Windows servers will not accept the gratuitous arp > when vrrp is brought up so they'll just sit there > happily talking to the dead hsrp MAC. I can't find > much of any info on how they'd deal with the change on > the ipv6 side. Not a huge deal either way since > the Windows stuff is minimal but would like to go > in knowing what to expect and what needs to be done. > > On the linux side, I'm pretty sure it will accept the > arp and update the ipv4 default gateway mac; at least > it does when testing MITM attacks. Would love to > hear real world experience with this though. For > ipv6, I can't find much on what it does if its > previously learned router's link local address goes > unreachable, if it will replace the neighbor table > entry with the new vrrp advertised entry, do a > solicitation on its own, etc. > > I'd greatly appreciate any input, thanks, > > David > > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Alex Presse "How much net work could a network work if a network could net work?" ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS PE Redundancy with Supervisor Engine 2T
Hi Arie, > What pay of VPLS doesn't work? > Do you see the PW's coming up? LDP? MAC learning? MAC learning was broken on X6704 but seems to work with X6908. Forwarding seems to break everywhere when the traffic has to go over the VSL. > If you share some configs and show command outputs, maybe we can figure it > out... Can you access the running TAC case? I have a whole bunch of configs, diagrams and tests documented under case 625216197. If you can't then please let me know and I'll send them to you. Thanks, Sander ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Symmetrical Routing
On 21/03/2013 09:41, M K wrote: > Hi I have many international links active and each link is exported with > certain prefixMy question is should the outbound traffic go through the > same link as well , symmetrical ? or it's not an issue to have the > export from a link and the import for the same prefix from another one > ? it depends on your upstream configuration. If they have strict urpf enabled, then asymmetric routing will be a problem. If they don't, then it should be fine. Your router is not a firewall, so it doesn't care about receiving packets on the "wrong" interface unless you tell it to via urpf / acls. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS PE Redundancy with Supervisor Engine 2T
Sorry - too early in the morning - ignore my last post - thought you were referring to VSS on Sup2T - didnt see the VPLS. :( On Fri, Mar 22, 2013 at 8:20 AM, Andrew Miehs wrote: > Hi Sander, > > It definitely works. A colleague of mine installed one two weeks ago. > > I would recommend that you use both ports on the supervisor rather than on > a line card for the VSL (Link). > The 6908 should work for VSL, the 6704 won't - but it can be used for > other traffic. > > Regards > > Andrew > > > On Fri, Mar 22, 2013 at 7:43 AM, Sander Steffann wrote: > >> Hi, >> >> We're trying to implement VPLS PE Redundancy with Supervisor Engine 2T >> (VSS) as described in >> http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-663645.html#wp9000139and >> constantly failing. It seems so simple: set up a VSS, use LACP or PAgP >> port-channels to the distribution switches and do VPLS on the VSS. It just >> doesn't seem to work. Using WS-X6908-10G-2TXL line cards already gives less >> problems than with WS-X6704-10GE line cards, but still it fails to work >> very often. I sometimes wonder if I am going mad or if this setup has never >> actually been tested... >> >> So: has anybody ever set up a network like this, or am I really beta >> testing for Cisco now? >> >> Cheers, >> Sander Steffann >> >> >> ___ >> cisco-nsp mailing list cisco-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> > > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS PE Redundancy with Supervisor Engine 2T
Steffann, What pay of VPLS doesn't work? Do you see the PW's coming up? LDP? MAC learning? If you share some configs and show command outputs, maybe we can figure it out... Arie Original message From: Sander Steffann Date: To: Andrew Miehs Cc: cisco-nsp Subject: Re: [c-nsp] VPLS PE Redundancy with Supervisor Engine 2T Hi, > Sorry - too early in the morning - ignore my last post - thought you were > referring to VSS on Sup2T - didnt see the VPLS. > > :( Yeah, the VSS is no problem. VSL links on the Sup2t and it was up and running in minutes. The VPLS code is the buggy part it seems :-( Cheers, Sander ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Swap hsrp with vrrp in mixed physical/vmware environment?
On 21/03/2013 18:14, David Hubbard wrote: > So this should be fun; I need to swich from HSRP to > VRRP to facilitate bringing in a second vendor's > hardware to interoperate. We run ipv4 and > ipv6 (static assignments) and the VLANs are a mix > of physical servers along with vmware guests on > Cisco UCS with the fabric interconnects in end-host > mode. Physical and vmware guest OS's are mostly > linux with a very small number of Windows. It would be really nice if cisco supported "ping a.b.c.d source a.b.c.X" where a.b.c.X was the virtual IP - it would solve a couple of problems including this one. Unfortunately, they don't support it: > % Invalid source address- IP address not on any of our up interfaces sigh. You could hack around this by spoofing ping echo requests using the VIP as source address from another machine on the same vlan, although if you did this, I'd recommend disabling mac learning on that port because otherwise you will confuse the switch. Otherwise, it's timeout territory. Do this during a maintenance window and plan for a little downtime. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPLS PE Redundancy with Supervisor Engine 2T
Hi, > Sorry - too early in the morning - ignore my last post - thought you were > referring to VSS on Sup2T - didnt see the VPLS. > > :( Yeah, the VSS is no problem. VSL links on the Sup2t and it was up and running in minutes. The VPLS code is the buggy part it seems :-( Cheers, Sander ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Fabricpath and L3 on the same line card
I have 7K with fabricpath, SVI's, and routed interfaces... The box is purely F2 linecards... I'm not aware of limitations and I have not had any problems with it thus far... -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Evans Sent: Thursday, March 21, 2013 11:57 AM To: cisco-nsp Subject: [c-nsp] Fabricpath and L3 on the same line card Can anyone tell me if Cisco F2/F2e line modules can run Fabricpath and L3 (SVI's) on the same line module. Is it line rate as well or does it proxy through an ASIC burning ports, etc. Is an M1 module required? Someone has told me it cannot, but I believe it can. Are there any limitations with it? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] VPLS PE Redundancy with Supervisor Engine 2T
Hi, We're trying to implement VPLS PE Redundancy with Supervisor Engine 2T (VSS) as described in http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-663645.html#wp9000139 and constantly failing. It seems so simple: set up a VSS, use LACP or PAgP port-channels to the distribution switches and do VPLS on the VSS. It just doesn't seem to work. Using WS-X6908-10G-2TXL line cards already gives less problems than with WS-X6704-10GE line cards, but still it fails to work very often. I sometimes wonder if I am going mad or if this setup has never actually been tested... So: has anybody ever set up a network like this, or am I really beta testing for Cisco now? Cheers, Sander Steffann ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco to support flow spec?
On Thu, 21 Mar 2013, Scott Granados wrote: Just a general question for the group. Has there been announcements of Cisco supporting BGP Flowspec in IPV4 and IPV6 on any of their platforms? My understanding is that it is not yet supported but wondered if there was any update to this. The last I heard (in the past month) was that this was a 2014 roadmap item. I don't if it's EC'd for a specific version yet, nor do I know what platforms will be supported. My guess would be ASR9K/1K, Nexus 7K, maybe the CRS, 6500/Sup2T and 7600. That's better than the "We don't support BGP Flowspec" answer I got a year or so ago. When I explained that Cisco co-authored RFC 5575, they seemed to soften their stance a bit ;) It would also be great if Flowspec support on the ASAs was planned as well, since they'd make for handy Flowpsec triggers if you're in a Cisco shop. Also desirable would be compatibility with Juniper's implementaiton. jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco to support flow spec?
Just a general question for the group. Has there been announcements of Cisco supporting BGP Flowspec in IPV4 and IPV6 on any of their platforms? My understanding is that it is not yet supported but wondered if there was any update to this. Thanks Scott ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Per Vlan Bandwidth Policing
Hi Everyone, I have been asked to look into setting up per vlan bandwidth limiting with burst. I was sent this link and was wondering about what everyone else does. http://ccietobe.blogspot.com/2009/02/3560-qos-per-port-per-vlan-policing.html Basically we want to limit a vlan network for normal traffic to say 100M but also allow for bursting to double that from our edge routers to the access ports. I have been told that rate-limiting works great on ports but might have issues or not work correctly when set on vlan interfaces. Suggestions are welcome on the best and easiest way to do this. Thanks in advance. Joe ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] ipv6 on esr 10k
Hello Everyone, We are rolling out IPV6 services to our xdsl users and I am looking for an answer regarding esr 10ks and ipv6( Pre2s running 12.2(33)SB13). It works :-) , but we have been unable to find a way to activate ipv6 without creating a full virtual access interface. I've been looking at archives of various lists , checking docs and talking to various SEs but there seems to be some conflicting information... I've found posts saying ipv6 and ppp with pxf is a no go on esrs, but others of people doing it.. With a Virtual template configured for IPv6, a test virtual interface shows that sub interfaces can be created . However as soon as we pass down any ipv6 atttributes via radius , a full virtual interface gets created. Does anyone have experience doing ipv6 on esr and not creating full virtual access interfaces? Thanks Brian --- This e-mail is intended only for the addressee named above. As this e-mail may contain confidential or privileged information, if you are not the named addressee, you are not authorized to retain, read, copy or disseminate this message or any part of it. Please consider your environmental responsibility before printing this e-mail. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Swap hsrp with vrrp in mixed physical/vmware environment?
So this should be fun; I need to swich from HSRP to VRRP to facilitate bringing in a second vendor's hardware to interoperate. We run ipv4 and ipv6 (static assignments) and the VLANs are a mix of physical servers along with vmware guests on Cisco UCS with the fabric interconnects in end-host mode. Physical and vmware guest OS's are mostly linux with a very small number of Windows. I've read that at least on the ipv4 side, many Windows servers will not accept the gratuitous arp when vrrp is brought up so they'll just sit there happily talking to the dead hsrp MAC. I can't find much of any info on how they'd deal with the change on the ipv6 side. Not a huge deal either way since the Windows stuff is minimal but would like to go in knowing what to expect and what needs to be done. On the linux side, I'm pretty sure it will accept the arp and update the ipv4 default gateway mac; at least it does when testing MITM attacks. Would love to hear real world experience with this though. For ipv6, I can't find much on what it does if its previously learned router's link local address goes unreachable, if it will replace the neighbor table entry with the new vrrp advertised entry, do a solicitation on its own, etc. I'd greatly appreciate any input, thanks, David ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] when is an acl entry created? router ios
My guess is it is default ACL logging rate limiting. I'd suggest taking off the "log" keyword and looking at the counts in "show access-list" On Thu, Mar 21, 2013 at 6:57 PM, false wrote: > Hello, > > > I need to know what exactly constitutes a hit on an access-list. I was > doing some troubleshooting and I did not get the expected results. I > thought the first packet to match would be equal but it looks like it may > require a 3-way handshake. > > I have an extended access-list in place on a 2811 router for > troubleshooting/logging. I was troubleshooting inbound traffic so I > stripped away the cbac and existing ACLs from the interface. I then began > doing a telnet test such as "telnet 192.168.2.80 80" from windows machine > and then I would review the log to verify it got hit by the ACL. This test > worked. > > I then set up a dummy NAT entry with port 27. I do not have a service > running on port 27 (of course) but i wanted to see if the initial SYN > packet would cause it log a hit. It never did. So does the ACL entry create > require a 3-way handshake.? > > My original goal was to determine why smtp (port 25) traffic isn't hitting > my mail server. I never see any hits. Thank you. > > interface FastEthernet0/1 > ip address dhcp client-id FastEthernet0/1 > ip access-group 124 in > no ip redirects > no ip unreachabes > no ip proxy-arp > ip flow ingress > ip nat outside > ip virtual-reassembly in > duplex auto > speed auto > no mop enabled > > > ip nat inside source static tcp 192.168.2.41 25 interface FastEthernet0/1 > 25 > ip nat inside source static tcp 192.168.2.34 1723 interface > FastEthernet0/1 1723 > ip nat inside source static tcp 192.168.2.34 3389 interface > FastEthernet0/1 3389 > ip nat inside source static tcp 192.168.2.34 80 interface FastEthernet0/1 > 80 > ip nat inside source static tcp 192.168.2.34 25 interface FastEthernet0/1 > 25 > ip nat inside source static tcp 192.168.2.34 27 interface FastEthernet0/1 > 27 > ip nat inside source route-map test_pmap interface FastEthernet0/1 overload > > > ROUTER01#sh log | inc 24.201.81.44 > 037251: Mar 18 20:05:08.467 PCTime: %SEC-6-IPACCESSLOGP: list 124 > permitted tcp 24.201.81.44(17743) -> 134.134.134.134(1723), 1 packet > 037358: Mar 18 20:08:32.052 PCTime: %SEC-6-IPACCESSLOGP: list 124 > permitted tcp 24.201.81.44(17850) -> 134.134.134.134(80), 1 packet > > ROUTER01# > access-list 124 permit udp any gt 0 any gt 0 log > access-list 124 permit tcp any gt 0 any gt 0 log > > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] when is an acl entry created? router ios
Hello, I need to know what exactly constitutes a hit on an access-list. I was doing some troubleshooting and I did not get the expected results. I thought the first packet to match would be equal but it looks like it may require a 3-way handshake. I have an extended access-list in place on a 2811 router for troubleshooting/logging. I was troubleshooting inbound traffic so I stripped away the cbac and existing ACLs from the interface. I then began doing a telnet test such as "telnet 192.168.2.80 80" from windows machine and then I would review the log to verify it got hit by the ACL. This test worked. I then set up a dummy NAT entry with port 27. I do not have a service running on port 27 (of course) but i wanted to see if the initial SYN packet would cause it log a hit. It never did. So does the ACL entry create require a 3-way handshake.? My original goal was to determine why smtp (port 25) traffic isn't hitting my mail server. I never see any hits. Thank you. interface FastEthernet0/1 ip address dhcp client-id FastEthernet0/1 ip access-group 124 in no ip redirects no ip unreachabes no ip proxy-arp ip flow ingress ip nat outside ip virtual-reassembly in duplex auto speed auto no mop enabled ip nat inside source static tcp 192.168.2.41 25 interface FastEthernet0/1 25 ip nat inside source static tcp 192.168.2.34 1723 interface FastEthernet0/1 1723 ip nat inside source static tcp 192.168.2.34 3389 interface FastEthernet0/1 3389 ip nat inside source static tcp 192.168.2.34 80 interface FastEthernet0/1 80 ip nat inside source static tcp 192.168.2.34 25 interface FastEthernet0/1 25 ip nat inside source static tcp 192.168.2.34 27 interface FastEthernet0/1 27 ip nat inside source route-map test_pmap interface FastEthernet0/1 overload ROUTER01#sh log | inc 24.201.81.44 037251: Mar 18 20:05:08.467 PCTime: %SEC-6-IPACCESSLOGP: list 124 permitted tcp 24.201.81.44(17743) -> 134.134.134.134(1723), 1 packet 037358: Mar 18 20:08:32.052 PCTime: %SEC-6-IPACCESSLOGP: list 124 permitted tcp 24.201.81.44(17850) -> 134.134.134.134(80), 1 packet ROUTER01# access-list 124 permit udp any gt 0 any gt 0 log access-list 124 permit tcp any gt 0 any gt 0 log ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Fabricpath and L3 on the same line card
At 10:12 AM 3/21/2013 Thursday, Chris Evans announced: Okay great, that is what I thought.. Seems like a simple feature to miss. Do you know if there are any performance limitations with it? F2/E can generally do L2 & L3 at equal rate. Like could internal ports be burned for routing efforts? Absolutely not. Tim It seems that many companies have problems with the TRILL header and can't do SVI natively like we can today. How these chips can handle MPLS, GRE, and other headers with no issues and not TRILL is interesting to me. On Thu, Mar 21, 2013 at 1:02 PM, Lustgraaf, Paul J [ITNET] < gr...@iastate.edu> wrote: > Well, I'm doing it, so I guess it can. > > And F2 modules must be in a VDC by themselves, so no M1 could possibly be > involved. > > Paul Lustgraafgr...@iastate.edu > "Change is inevitable. Progress is not." > Network Engineer, Iowa State University IT Services >515-294-0324 > > > -Original Message- > From: cisco-nsp-boun...@puck.nether.net [mailto: > cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Evans > Sent: Thursday, March 21, 2013 11:57 AM > To: cisco-nsp > Subject: [c-nsp] Fabricpath and L3 on the same line card > > Can anyone tell me if Cisco F2/F2e line modules can run Fabricpath and L3 > (SVI's) on the same line module. Is it line rate as well or does it proxy > through an ASIC burning ports, etc. Is an M1 module required? > > Someone has told me it cannot, but I believe it can. Are there any > limitations with it? > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Tim Stevenson, tstev...@cisco.com Routing & Switching CCIE #5561 Distinguished Technical Marketing Engineer, Cisco Nexus 7000 Cisco - http://www.cisco.com IP Phone: 408-526-6759 The contents of this message may be *Cisco Confidential* and are intended for the specified recipients only. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Fabricpath and L3 on the same line card
Okay great, that is what I thought.. Seems like a simple feature to miss. Do you know if there are any performance limitations with it? Like could internal ports be burned for routing efforts? It seems that many companies have problems with the TRILL header and can't do SVI natively like we can today. How these chips can handle MPLS, GRE, and other headers with no issues and not TRILL is interesting to me. On Thu, Mar 21, 2013 at 1:02 PM, Lustgraaf, Paul J [ITNET] < gr...@iastate.edu> wrote: > Well, I'm doing it, so I guess it can. > > And F2 modules must be in a VDC by themselves, so no M1 could possibly be > involved. > > Paul Lustgraafgr...@iastate.edu > "Change is inevitable. Progress is not." > Network Engineer, Iowa State University IT Services >515-294-0324 > > > -Original Message- > From: cisco-nsp-boun...@puck.nether.net [mailto: > cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Evans > Sent: Thursday, March 21, 2013 11:57 AM > To: cisco-nsp > Subject: [c-nsp] Fabricpath and L3 on the same line card > > Can anyone tell me if Cisco F2/F2e line modules can run Fabricpath and L3 > (SVI's) on the same line module. Is it line rate as well or does it proxy > through an ASIC burning ports, etc. Is an M1 module required? > > Someone has told me it cannot, but I believe it can. Are there any > limitations with it? > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Fabricpath and L3 on the same line card
Well, I'm doing it, so I guess it can. And F2 modules must be in a VDC by themselves, so no M1 could possibly be involved. Paul Lustgraafgr...@iastate.edu "Change is inevitable. Progress is not." Network Engineer, Iowa State University IT Services 515-294-0324 -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Evans Sent: Thursday, March 21, 2013 11:57 AM To: cisco-nsp Subject: [c-nsp] Fabricpath and L3 on the same line card Can anyone tell me if Cisco F2/F2e line modules can run Fabricpath and L3 (SVI's) on the same line module. Is it line rate as well or does it proxy through an ASIC burning ports, etc. Is an M1 module required? Someone has told me it cannot, but I believe it can. Are there any limitations with it? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Fabricpath and L3 on the same line card
Can anyone tell me if Cisco F2/F2e line modules can run Fabricpath and L3 (SVI's) on the same line module. Is it line rate as well or does it proxy through an ASIC burning ports, etc. Is an M1 module required? Someone has told me it cannot, but I believe it can. Are there any limitations with it? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Symmetrical Routing
Hi I have many international links active and each link is exported with certain prefixMy question is should the outbound traffic go through the same link as well , symmetrical ? or it's not an issue to have the export from a link and the import for the same prefix from another one ? Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/