Re: [c-nsp] LACP messages in log

2013-04-26 Thread Dirk Woellhaf 
Hi,

some kind of debugging still running?

"sh debugging" will tell you



Am 26.04.2013 um 23:07 schrieb "Mike Glass" :

> Hey People,
> 
> This is on a cat6509, this is what I see when doing a sh log, fills the 
> entire log, seems it looks at all the interfaces too.
> 
> 
> Apr 26 17:39:40: k_dot3adAggPortEntry_get: status from ifIndex 36 is 7.
> Apr 26 17:39:40: FEC: lacp_switch_get_phy_port_info: Fa3/35 not part of any 
> LACP channels
> Apr 26 17:39:40: FEC:
> Apr 26 17:39:40: k_dot3adAggPortEntry_get: status from ifIndex 37 is 7.
> Apr 26 18:47:25: FEC: pagp_switch_is_in_port_channel: Gi6/23 is not part of 
> any agport
> Apr 26 19:05:45: FEC: pagp_switch_is_in_port_channel: Gi6/23 is not part of 
> any agport
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] SPAN on Nexus 5k

2013-04-04 Thread Dirk Woellhaf 
Hi,

Where on 'B' do you capture? What is your source and what's your
destination? Did you try it in 'A'?

Sent from my iPhone

On 04.04.2013, at 22:45, Scott Voll  wrote:

> I'm trying to setup a SPAN on a 5k and it's not working as I would have
> thought.
>
> Topology:
>
> Servers on vlan 9 connected to 4506E <-10g-> 5k(A) <-Peer Link-> 5k(B).
>
> I'm trying to setup a monitor session on 5k(B) that monitors vlan 9 but I'm
> not getting any traffic.
>
> Vlan 9 is allowed on all the trunks.
>
> Am I missing something here?
>
> Thanks
>
> Scott
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] tcpdump-style debugging on 6500/7600

2013-03-14 Thread Dirk Woellhaf 
Maybe you could give the MPA "mini protocol analyzer" a try. It should
be available on SXI and SXI

Sent from my iPhone

On 14.03.2013, at 17:54, "\"Rolf Hanßen\""  wrote:

> Hi,
>
> I saw there was already a discussion concerning that topic, but 5 years old:
> http://www.gossamer-threads.com/lists/cisco/nsp/78543
> Is there maybe some new tcpdump-style debugging feature available to
> provide such functions beside the suggested "debug ip packet"?
>
> I am looking for such situations:
>
> 1) I like to view traffic on a certain physical interface or switched
> vlan. I would like to see all packets and not a specific protocol or IP
> range.
> As far as I see I cannot specify an interface in an ACL but the "debug ip
> packet" only allows ACLs for filtering as far as I see.
>
> 2) I like to debug an IP connection and limit to a certain amount of
> packets (like "show me the next 20 packets from/to host x.x.x.x").
> Can you tell me what bandwidth or pps I have to take into consideration to
> avoid overload ?
>
> To understand better what I do before typing it in on a 10G+ box:
> "debug ip packet ..." redirects the packets to the Management CPU and
> everything filtered with an ACL leads into only packets matching ALC are
> forwarded to the CPU, everything else is handled by the DFC/CFC+PFC only
> like usual.
> Correct ?
>
> Im looking for a way that works without exporting stuff to another box and
> low risk to overload CPU (live environment).
> Hardware in my case are several Sup720-3B, Sup720-3BXL or Sup2T with 67xx
> linecards.
> If there are special software revisions needed, please let me know.
>
> kind regards
> Rolf Hanßen
>
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] nexus 7k force FTP source interface ?

2013-01-30 Thread Dirk Woellhaf 
Hi,

maybe you can use the management VRF. There you should have only one IP.

copy run ftp://x.x.x.x vrf management



Am 30.01.2013 um 15:44 schrieb "Jeffrey G. Fitzwater" :

> I am trying to FTP xfer config file to server, which we have configured to 
> only allow the nexus loopback0 as SRC IP, but xfer fails because SRC is one 
> of the L3 VLAN IPs NOT loopback0.
> How can I force FTP to use a certain IP interface, specifically from 
> management loopback?
> 
> 
> 
> So far I see no way to force FTP source.
> 
> 
> If I use TFTP I can set the source but I do not want to use TFTP.
> 
> Thanks for any help.
> 
> 
> Jeff Fitzwater
> OIT Network Systems
> Princeton University
> 
> 
> 
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 3850 switches

2013-01-17 Thread Dirk Woellhaf 
Wait until Cisco Live! in London. It's a very cool box!

Sent from my iPhone

On 17.01.2013, at 20:27, Blake Pfankuch  wrote:

> So I'm surfing cisco.com for an environment refresh within our infrastructure 
> and looking at access switches.  I see the Stack Power Cable in Cisco 
> Commerce workspace now says "Catalyst 3750X and 3850 Stack Power Cable 30 CM 
> Spare".  So I do some google and I happen to see the 3850 switches in the 
> software downloads on Cisco.com but nothing anywhere else about them... 
> Anyone know anything about these?
>
> http://software.cisco.com/download/navigator.html?mdfid=284439900&flowid=37763
>
> Thanks,
> Blake
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] cisco switch request

2012-11-30 Thread Dirk Woellhaf 
Hi,

if you wanna do Nexus, then you can use a Nexus 5548UP for that.
If you wanna stay with any catalyst switch then you can try 4900M, Cat4500 or 
Cat6500 with the matching modules. 

I would recommend the Nexus 5548UP

regards,

Dirk

Am 30.11.2012 um 17:42 schrieb hasan alperen selçuk :

> last mail sorry,i dont understand how mail became this.
> layer2 
> 
> 
> *4x10gb fiber port
> 
> 
> **12x1gb fiber port
> 
> 
> 
> H.Alperen SELÇUK
> 
> Network Uzmanı
> 
> 
> 
> 
> GSM : +90 (544) 880
> 98 80
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>> From: h.a.sel...@hotmail.com
>> To: henry.hua...@yahoo.es; cisco-nsp-boun...@puck.nether.net; 
>> cisco-nsp@puck.nether.net
>> Date: Fri, 30 Nov 2012 18:36:15 +0200
>> Subject: Re: [c-nsp] cisco switch request
>> 
>> Hi again,
>> sorry about that i want to say 
>> Layer 24x10gb fiber ports12x1 gb fiber ports
>> i guess outlook seperated my mail 
>> thanks 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>>> Subject: Re: [c-nsp] cisco switch request
>>> To: h.a.sel...@hotmail.com; cisco-nsp-boun...@puck.nether.net; 
>>> cisco-nsp@puck.nether.net
>>> From: henry.hua...@yahoo.es
>>> Date: Fri, 30 Nov 2012 16:30:52 +
>>> 
>>> Hi Hasan,
>>> You can use the Nexus7K.
>>> 
>>> BR.
>>> 
>>> 
>>> 
>>> Enviado desde mi BlackBerry de Movistar
>>> 
>>> -Original Message-
>>> From: hasan alperen selçuk 
>>> Sender: cisco-nsp-boun...@puck.nether.net
>>> Date: Fri, 30 Nov 2012 18:20:33 
>>> To: cisco-nsp@puck.nether.net
>>> Subject: [c-nsp] cisco switch request
>>> 
>>> Hi all,
>>> i need a backbone switch for my DC. especially cisco switch.
>>> important features;
>>> Layer 24 x 10gb fiber ports12 x 1gb fiber ports
>>> can you give me an advice which switch i should buy?
>>> what series you are using now your area?
>>> thanks
>>> H.Alperen SELÇUK
>>> 
>>> Network Uzmaný
>>> 
>>> 
>>> 
>>> 
>>> GSM : +90 (544) 880
>>> 98 80
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>>   
>>> ___
>>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>> ___
>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7K NX-OS Upgrade

2012-11-17 Thread Dirk Woellhaf 
Hi,

had about 6-7 faulty M1-32XP Linecards in the last 1.5 years.

I already asked Cisco about some known build-errors for that card but they 
never came back with a answer. 
As far as I know, they expect about 6% of the cards to be faulty. It is what 
is,... :(


regards

 
Am 17.11.2012 um 18:28 schrieb "Antonio Soares" :

> Another long night... The upgrade of one Nexus was completely clean, the
> second one was a nightmare. One M1-32XP card remained in the state
> "powered-up" forever... The reload didn't make it work, neither the re-seat
> or even the NX-OS downgrade... Had to open a P1 TAC case and then the
> engineer said it was a faulty card. Got the replacement but had to delay the
> installation 48 hours.
> 
> Anyone has have bad experiences with this M1 type of cards card lately ?
> It's the second one that gets faulty in less than a year. It seems the MTBF
> is inversely proportional to the price :(
> 
> 
> Thanks.
> 
> Regards,
> 
> Antonio Soares, CCIE #18473 (R&S/SP)
> amsoa...@netcabo.pt
> http://www.ccie18473.net
> 
> 
> -Original Message-
> From: Tim Stevenson [mailto:tstev...@cisco.com] 
> Sent: quinta-feira, 8 de Novembro de 2012 18:21
> To: Antonio Soares; 'Dirk Woellhaf'
> Cc: 'cisco-nsp'; 'Charles Spurgeon'
> Subject: RE: [c-nsp] Nexus 7K NX-OS Upgrade
> 
> At 09:36 AM 11/8/2012, Antonio Soares mused:
>> Thanks Tim, I will follow that procedure, it's the one that makes 
>> perfect sense.
>> 
>> The documentation should be more clear about this kind of situations, 
>> don't you think ?
>> 
>> There are important things that are omitted between steps 10 and 11:
> 
> 
> You mean specific to also upgrading the DRAM? 
> This particular procedure is not intended to cover also upgrading DRAM at
> the same time, that's not really something we assume you're doing every time
> you upgrade.
> 
> BTW, Sukumar does make a good point about the install script - it will
> potentially make some changes to the config based on updated features, CoPP
> being a prominent example.
> 
> An alternative in your case would be to just power off, upgrade DRAM,
> reboot, and then install all. Clearly that involves 2 reboots with a single
> sup.
> 
> Tim
> 
> 
>> http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/upgrad
>> e/gui 
>> de/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide
>> __Rel
>> ease_5.x_chapter_00.html#task_304731
>> 
>> 
>> 
>> Regards,
>> 
>> Antonio Soares, CCIE #18473 (R&S/SP)
>> amsoa...@netcabo.pt
>> http://www.ccie18473.net
>> 
>> 
>> 
>> -Original Message-
>> From: Tim Stevenson [mailto:tstev...@cisco.com]
>> Sent: quinta-feira, 8 de Novembro de 2012 15:51
>> To: Antonio Soares; 'Dirk Woellhaf'
>> Cc: 'cisco-nsp'; 'Charles Spurgeon'
>> Subject: Re: [c-nsp] Nexus 7K NX-OS Upgrade
>> 
>> At 07:18 AM 11/8/2012, Antonio Soares mused:
>>> I just have one SUP... You are talking about dual supervisors setup, 
>>> right
>> ?
>> 
>> 
>> Ah. In that case, clearly, the box is going to go offline when you upgrade.
>> You might want to consider buying another sup.
>> 
>> IMO, there is no huge benefit in using the install all script in a 
>> single sup system - in the end, all it will do for you is a little 
>> sanity checking and maybe save you from fat fingering a bootstring.
>> 
>> In your situation, I would copy over the new images you want; manually 
>> change the bootstrings & save to startup; power off the box, yank the 
>> sup & add the DRAM; and then power it all back on.
>> 
>> Tim
>> 
>> 
>> 
>>> Regards,
>>> 
>>> Antonio Soares, CCIE #18473 (R&S/SP)
>>> amsoa...@netcabo.pt
>>> http://www.ccie18473.net
>>> 
>>> 
>>> 
>>> -Original Message-
>>> From: Dirk Woellhaf [mailto:dirk.woell...@gmail.com]
>>> Sent: quinta-feira, 8 de Novembro de 2012 14:10
>>> To: Antonio Soares
>>> Cc: Charles Spurgeon; cisco-nsp
>>> Subject: Re: [c-nsp] Nexus 7K NX-OS Upgrade
>>> 
>>> Hi Antonio,
>>> 
>>> You should be able to do the memory-upgrade without rebooting the box.
>>> I've never done it on my I own but I know a few which did without any 
>>> problem. I believe they first upgraded the memory and then did the
> update!
>>> 
>>> Dirk
>>> 
>>> Sent from my i

Re: [c-nsp] Nexus 7K NX-OS Upgrade

2012-11-08 Thread Dirk Woellhaf 
Hi Antonio,

You should be able to do the memory-upgrade without rebooting the box.
I've never done it on my I own but I know a few which did without any
problem. I believe they first upgraded the memory and then did the
update!

Dirk

Sent from my iPhone

On 08.11.2012, at 13:42, Antonio Soares  wrote:

> Thanks, I don't know if you noticed but somewhere in the thread the bug was
> mentioned and it is resolved in 5.1.5 and later.
>
> Bug CSCtn61286 - Boot variables are not set up correctly on Sup-2 after ISSU
>
> So in my case, it should not give me problems (5.2.3a to 5.2.7).
>
> But since I also need to upgrade the SUP1 RAM from 4G to 8G, I have no other
> option than doing the traditional upgrade. It's the only way to just send
> the box down 1 time:
>
> - update the boot variables
> - power off and upgrade the RAM
> - power on
>
> The install all script has another limitation: it won't let us to reboot
> when we chose to do it. This is what happened to me last time:
>
> +
> Switch will be reloaded for disruptive upgrade.
> Do you want to continue with the installation (y/n)?  y
>
> Install is in progress, please wait.
>
> (….)
>
> A few minutes later:
>
> Finishing the upgrade, switch will reboot in 10 seconds.
> +
>
> I don't see how to upgrade the RAM and upgrade the NX-OS with the install
> script in just one shot...
>
>
> Regards,
>
> Antonio Soares, CCIE #18473 (R&S/SP)
> amsoa...@netcabo.pt
> http://www.ccie18473.net
>
>
> -Original Message-
> From: Charles Spurgeon [mailto:c.spurg...@austin.utexas.edu]
> Sent: quinta-feira, 8 de Novembro de 2012 00:50
> To: Antonio Soares
> Cc: 'Tóth András'; 'cisco-nsp'
> Subject: Re: [c-nsp] Nexus 7K NX-OS Upgrade
>
> While doing some more testing this aft I also removed the sup from slot 5
> and did a "disruptive" single sup ISSU upgrade from 5.1(5) to
> 5.2(7) on the slot 6 sup without issues.
>
> -Charles
>
> On Tue, Nov 06, 2012 at 11:48:35PM +, Antonio Soares wrote:
>> Great, I must confess that I searched a lot and I didn't find this
>> bug. So I suppose the install all script will work well this time. I
>> will come back to the list next week with the good news. I hope :)
>>
>>
>> Thanks.
>>
>> Regards,
>>
>> Antonio Soares, CCIE #18473 (R&S/SP)
>> amsoa...@netcabo.pt
>> http://www.ccie18473.net
>>
>>
>>
>> -Original Message-
>> From: Tóth András [mailto:diosbej...@gmail.com]
>> Sent: terça-feira, 6 de Novembro de 2012 23:35
>> To: Antonio Soares
>> Cc: cisco-nsp
>> Subject: Re: [c-nsp] Nexus 7K NX-OS Upgrade
>>
>> Hi Antonio,
>>
>> In general, doing a traditional upgrade (changing boot variables) will
>> not update the BIOS for example, while an ISSU does and it's
>> non-disruptive with dual-supervisors.
>>
>> There's a defect which caused the behavior you were seeing, CSCtn61286
>> which affects 5.1(3). Since you were upgrading from that version, it
>> was still impacting the upgrade process. It has been fixed in 5.1(4)
>> and 5.2(1) already, so upgrading from 5.2(3a) to 5.2(7) will not have the
> same issue.
>>
>> http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?meth
>> od=fet
>> chBugDetails&bugId=CSCtn61286
>>
>>
>> If the boot variables are incorrect, you can edit them as you'd do on
>> an IOS device, make sure you update the kickstart and system as well.
>>
>> Upgrading from 5.2(3a) to 5.2(7) can be done using the install all
>> (ISSU) method.
>>
>> Best regards
>>
>> On Tue, Nov 6, 2012 at 11:38 AM, Antonio Soares 
> wrote:
>>> Hello group,
>>>
>>>
>>>
>>> Anyone knows the difference between using the install all script or
>>> just update the boot system flash command when upgrading NX-OS on a
>>> Nexus
>> 7K ?
>>>
>>>
>>>
>>> The question applies to a single supervisor setup.
>>>
>>>
>>>
>>> The official documentation mentions the two ways of doing it:
>>>
>>>
>>>
>>> - using the install all script:
>>>
>>>
>>>
>>> http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/upg
>>> ra
>>> de/gui
>>> de/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Gu
>>> id
>>> e__Rel
>>> ease_5.x_chapter_00.html#con_314241
>>>
>>>
>>>
>>> - using the traditional procedure:
>>>
>>>
>>>
>>> http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/upg
>>> ra
>>> de/gui
>>> de/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Gu
>>> id
>>> e__Rel
>>> ease_5.x_chapter_00.html#task_39E26688E1204F8CAAE876450A575E73
>>>
>>>
>>>
>>> I had a bad experience in the past with the install all script. I
>>> was doing an upgrade to a 7010 with only 1 supervisor that was
>>> installed in
>> slot 6.
>>> The install all script has a problem, may a bug, it only correctly
>>> updates the boot variables for slot 5:
>>>
>>>
>>>
>>> boot kickstart bootflash:/n7000-s1-kickstart.5.2.3a.bin sup-1
>>>
>>> boot system bootflash:/n7000-s1-dk9.5.2.3a.bin sup-1
>>>
>>> boot kickstart bootflash:/n7000-s1-kickstart.5.1.3.bin sup-2
>>>
>>>
>>>
>>> The install all script assumes that

Re: [c-nsp] Nexus 7K NX-OS Upgrade

2012-11-07 Thread Dirk Woellhaf 
Hi,

I've seen ISSU disrupting data-forwarding during a CPoC in 2011 but
this was all related to a bug. I have recently updated 4 N7k's from
5.2(3) to 5.2(5) without any problem!

Regards dirk

On Wed, Nov 7, 2012 at 4:20 PM, Tim Stevenson  wrote:

> At 06:05 AM 11/7/2012, Pete Templin mused:
>
>  On 11/7/12 6:02 AM, Alexander Lim wrote:
>>
>>  Do you know what caused the 3 secs blip? How can Cisco claims that it is
>>> non-disruptive then?
>>> Thanks for sharing.
>>>
>>
>> From what I've learned from others, the 'install all' unpacks the new
>> files which run the processes, and then the processes are stopped/started.
>>  The blip aligns with the card that's actively being upgraded, as shown by
>> the 'install all' or 'show install all status' if run on another login
>> session/console.
>>
>
>
> There are no software processes that affect hardware/data plane
> forwarding, any process can be statefully restarted without impacting data
> flow (in theory, ignoring bugs). We do claim it is non-disruptive and we
> can easily demonstrate that and have many times.
>
> It is unexpected and not per design to lose data traffic during an ISSU,
> provided you are ISSU'ing to/from supported releases (as per the ISSU
> matrix in the user documentation), all your data traffic is being hardware
> switched, and assuming no software defects (such as the specific one cited
> earlier in the thread).
>
> 2 cents,
> Tim
>
>
>
>
>
>  pt
>>
>>
>> __**_
>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
>> https://puck.nether.net/**mailman/listinfo/cisco-nsp
>> archive at 
>> http://puck.nether.net/**pipermail/cisco-nsp/
>>
>
>
>
>
> Tim Stevenson, tstev...@cisco.com
> Routing & Switching CCIE #5561
> Distinguished Technical Marketing Engineer, Cisco Nexus 7000
> Cisco - http://www.cisco.com
> IP Phone: 408-526-6759
> **
> The contents of this message may be *Cisco Confidential*
> and are intended for the specified recipients only.
>
> __**_
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/**mailman/listinfo/cisco-nsp
> archive at 
> http://puck.nether.net/**pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Security Advisories for DHCP

2012-09-26 Thread Dirk Woellhaf 
Hi,

Is there a general problem with Cisco and DHCP? Did get a lot of SA's
regarding DHCP and nearly any OS!
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/