Re: [c-nsp] Nexus 7000 and OTV

2014-05-20 Thread Martin Clifton 
Similar model used here.
We have two datacentres (10Km apart) with a common L2.   Has been solid
for over 3 years.

Regards, Martin


-Original Message-
From: Antonio Soares 
Date: Wednesday, 21 May 2014 5:59 am
To: 'Blake Pfankuch - Mailing List' ,
"cisco-nsp@puck.nether.net" 
Subject: Re: [c-nsp] Nexus 7000 and OTV

>No issues with OTV on a stick:
>
>http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DCI/
>wh
>itepaper/DCI3_OTV_Intro/DCI_1.html#wp1215970
>
>
>Regards,
>
>Antonio Soares, CCIE #18473 (RS/SP)
>amsoa...@netcabo.pt
>http://www.ccie18473.net
>
>
>-Original Message-
>From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
>Blake Pfankuch - Mailing List
>Sent: terça-feira, 20 de Maio de 2014 20:32
>To: cisco-nsp@puck.nether.net
>Subject: [c-nsp] Nexus 7000 and OTV
>
>Looking to deploy OTV between 2 datacenters on some Nexus 7000 equipment.
>Anyone have any experience with this?  Any feedback would be appreciated,
>good or bad.
>
>Thanks,
>Blake
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/

This email, including any attachment, is intended solely for the use of the 
intended recipient. It is confidential and may contain personal information or 
be subject to legal professional privilege. If you are not the intended 
recipient any use, disclosure, reproduction or storage of it is unauthorised. 
If you have received this email in error, please advise the sender via return 
email and delete it from your system immediately. Victoria University does not 
warrant that this email is free from viruses or defects and accepts no 
liability for any damage caused by such viruses or defects.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 and OTV

2014-05-20 Thread Antonio Soares 
No issues with OTV on a stick:

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DCI/wh
itepaper/DCI3_OTV_Intro/DCI_1.html#wp1215970


Regards,

Antonio Soares, CCIE #18473 (RS/SP)
amsoa...@netcabo.pt
http://www.ccie18473.net


-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
Blake Pfankuch - Mailing List
Sent: terça-feira, 20 de Maio de 2014 20:32
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Nexus 7000 and OTV

Looking to deploy OTV between 2 datacenters on some Nexus 7000 equipment.
Anyone have any experience with this?  Any feedback would be appreciated,
good or bad.

Thanks,
Blake
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 and OTV

2014-05-20 Thread Blake Pfankuch - Mailing List 
Looking to deploy OTV between 2 datacenters on some Nexus 7000 equipment.  
Anyone have any experience with this?  Any feedback would be appreciated, good 
or bad.

Thanks,
Blake
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 VDC Design

2012-11-30 Thread Antonio Soares 
Hello group,

I have a design requirement. Decouple the default VDC that has everything
there (L2 and L3) into two separate VDCs: Core and Aggregation.

I have to move from the top diagram to the bottom diagram:

http://www.ccie18473.net/dc-evolution.jpg

The blue lines are L2 links and the red lines are L3 links. And two 7Ks in
each DC.

I have OTV on-a-stick and I want to keep it that way. But I want to move the
L3 routing protocols to the Core and only keep the SVIs/HSRP in the
Aggregation. Basically doing the L2/L3 boundary on the Aggregation Layer.

I see many challenges when doing something like this.

I wonder if there is some documentation that can help me doing this.

There is the BRKDCT-2121 presentation about VDC design but is not deep
enough.


Thanks.

Regards,

Antonio Soares, CCIE #18473 (R&S/SP)
amsoa...@netcabo.pt
http://www.ccie18473.net




___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 and 6.x

2012-06-10 Thread N. Max Pierson 
Thanks for the feedback Ryan. That's pretty much what i've been hearing
from everyone else as well. I'm in San Diego this week and have already
talked to a few Cisco folks and i'm told 5.2 is frozen as far as new
features. Just maintenance releases from here on out. So it looks like i'll
have to position something in place of what we were going to use a second
vDC as a route aggregation block. I think I have some boxes that will work
just fine, however I really didn't want to use any more rack space than has
already been allocated. I believe I have enough ports on a pair of 1006's
to get the job done until we actually get F modules and have a need to go
to 6.x

Thanks for all of the responses!
--
max


On Sun, Jun 10, 2012 at 9:46 PM, Ryan Hughes  wrote:

> I've had mix luck with 6.0 - some really stable (fabricpath / ipv6 / ospf
> ) on F2 and some really bad. 5.2.4 or better is whats safest if possible as
> its a long running train. 6.1 will be out shortly to support the new SUPs
> and M2 line cards.
>
> Sent from my iPad
>
> On Jun 7, 2012, at 9:06 AM, "N. Max Pierson" 
> wrote:
>
> > Here's the link were I discovered the needed feature isn't in 5.2
> >
> >
> http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/unicast/configuration/guide/l3_NewChange.html
> >
> >
> > Regards,
> > Max
> >
> > On Thu, Jun 7, 2012 at 8:05 AM, N. Max Pierson  >wrote:
> >
> >> Sorry,
> >>
> >> Forgot to mention we are currently using 5.2 on 4 of the 7k's we already
> >> have deployed, and we're standing up a new datacenter which is set to go
> >> online in a few weeks. I specifically need "bgp bestpath as-path
> >> multipath-relax" as one of our vdc's will be provisioned as a RR on the
> new
> >> 7k's, but that now may change since I all I've heard are mostly bad
> things
> >> about 6.x. I may try to get a "Demo Depot" 7k and load 6.x to see what
> all
> >> is broken as this changes some device roles.
> >>
> >> Thanks for the feedback.
> >>
> >> Regards,
> >> Max
> >>
> >> On Thu, Jun 7, 2012 at 3:14 AM, Phil Mayers  >wrote:
> >>
> >>> On 06/06/2012 07:33 PM, N. Max Pierson wrote:
> >>>
>  Hi List,
> 
>  Anyone out there running the 6.x train on the 7k?? We need some
> features
>  that are available in 6.x, but realize how many additional "features"
>  that
>  come along with new releases. Our list...
> 
> >>>
> >>> Which features? AIUI, 6.x is basically F2-linecard support.
> >>>
> >>>
> >>>
>  BGP
>  EIGRP
>  OTV
>  HSRP
>  VTP
>  VPC
>  Netflow
>  LACP
>  PIM
> 
> >>>
> >>> I believe these are all present in 5.2, which is the release TAC
> >>> recommended we use. I know for a fact there are bugs in 6.x which are
> not
> >>> present in 5.2.
> >>> __**_
> >>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> >>> https://puck.nether.net/**mailman/listinfo/cisco-nsp<
> https://puck.nether.net/mailman/listinfo/cisco-nsp>
> >>> archive at http://puck.nether.net/**pipermail/cisco-nsp/<
> http://puck.nether.net/pipermail/cisco-nsp/>
> >>>
> >>
> >>
> > ___
> > cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 and 6.x

2012-06-10 Thread Ryan Hughes 
I've had mix luck with 6.0 - some really stable (fabricpath / ipv6 / ospf ) on 
F2 and some really bad. 5.2.4 or better is whats safest if possible as its a 
long running train. 6.1 will be out shortly to support the new SUPs and M2 line 
cards. 

Sent from my iPad

On Jun 7, 2012, at 9:06 AM, "N. Max Pierson"  wrote:

> Here's the link were I discovered the needed feature isn't in 5.2
> 
> http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/unicast/configuration/guide/l3_NewChange.html
> 
> 
> Regards,
> Max
> 
> On Thu, Jun 7, 2012 at 8:05 AM, N. Max Pierson wrote:
> 
>> Sorry,
>> 
>> Forgot to mention we are currently using 5.2 on 4 of the 7k's we already
>> have deployed, and we're standing up a new datacenter which is set to go
>> online in a few weeks. I specifically need "bgp bestpath as-path
>> multipath-relax" as one of our vdc's will be provisioned as a RR on the new
>> 7k's, but that now may change since I all I've heard are mostly bad things
>> about 6.x. I may try to get a "Demo Depot" 7k and load 6.x to see what all
>> is broken as this changes some device roles.
>> 
>> Thanks for the feedback.
>> 
>> Regards,
>> Max
>> 
>> On Thu, Jun 7, 2012 at 3:14 AM, Phil Mayers wrote:
>> 
>>> On 06/06/2012 07:33 PM, N. Max Pierson wrote:
>>> 
 Hi List,
 
 Anyone out there running the 6.x train on the 7k?? We need some features
 that are available in 6.x, but realize how many additional "features"
 that
 come along with new releases. Our list...
 
>>> 
>>> Which features? AIUI, 6.x is basically F2-linecard support.
>>> 
>>> 
>>> 
 BGP
 EIGRP
 OTV
 HSRP
 VTP
 VPC
 Netflow
 LACP
 PIM
 
>>> 
>>> I believe these are all present in 5.2, which is the release TAC
>>> recommended we use. I know for a fact there are bugs in 6.x which are not
>>> present in 5.2.
>>> __**_
>>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
>>> https://puck.nether.net/**mailman/listinfo/cisco-nsp
>>> archive at 
>>> http://puck.nether.net/**pipermail/cisco-nsp/
>>> 
>> 
>> 
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 and 6.x

2012-06-07 Thread N. Max Pierson 
Here's the link were I discovered the needed feature isn't in 5.2

http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/unicast/configuration/guide/l3_NewChange.html


Regards,
Max

On Thu, Jun 7, 2012 at 8:05 AM, N. Max Pierson wrote:

> Sorry,
>
> Forgot to mention we are currently using 5.2 on 4 of the 7k's we already
> have deployed, and we're standing up a new datacenter which is set to go
> online in a few weeks. I specifically need "bgp bestpath as-path
> multipath-relax" as one of our vdc's will be provisioned as a RR on the new
> 7k's, but that now may change since I all I've heard are mostly bad things
> about 6.x. I may try to get a "Demo Depot" 7k and load 6.x to see what all
> is broken as this changes some device roles.
>
> Thanks for the feedback.
>
> Regards,
> Max
>
> On Thu, Jun 7, 2012 at 3:14 AM, Phil Mayers wrote:
>
>> On 06/06/2012 07:33 PM, N. Max Pierson wrote:
>>
>>> Hi List,
>>>
>>> Anyone out there running the 6.x train on the 7k?? We need some features
>>> that are available in 6.x, but realize how many additional "features"
>>> that
>>> come along with new releases. Our list...
>>>
>>
>> Which features? AIUI, 6.x is basically F2-linecard support.
>>
>>
>>
>>> BGP
>>> EIGRP
>>> OTV
>>> HSRP
>>> VTP
>>> VPC
>>> Netflow
>>> LACP
>>> PIM
>>>
>>
>> I believe these are all present in 5.2, which is the release TAC
>> recommended we use. I know for a fact there are bugs in 6.x which are not
>> present in 5.2.
>> __**_
>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
>> https://puck.nether.net/**mailman/listinfo/cisco-nsp
>> archive at 
>> http://puck.nether.net/**pipermail/cisco-nsp/
>>
>
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 and 6.x

2012-06-07 Thread N. Max Pierson 
Sorry,

Forgot to mention we are currently using 5.2 on 4 of the 7k's we already
have deployed, and we're standing up a new datacenter which is set to go
online in a few weeks. I specifically need "bgp bestpath as-path
multipath-relax" as one of our vdc's will be provisioned as a RR on the new
7k's, but that now may change since I all I've heard are mostly bad things
about 6.x. I may try to get a "Demo Depot" 7k and load 6.x to see what all
is broken as this changes some device roles.

Thanks for the feedback.

Regards,
Max
On Thu, Jun 7, 2012 at 3:14 AM, Phil Mayers  wrote:

> On 06/06/2012 07:33 PM, N. Max Pierson wrote:
>
>> Hi List,
>>
>> Anyone out there running the 6.x train on the 7k?? We need some features
>> that are available in 6.x, but realize how many additional "features" that
>> come along with new releases. Our list...
>>
>
> Which features? AIUI, 6.x is basically F2-linecard support.
>
>
>
>> BGP
>> EIGRP
>> OTV
>> HSRP
>> VTP
>> VPC
>> Netflow
>> LACP
>> PIM
>>
>
> I believe these are all present in 5.2, which is the release TAC
> recommended we use. I know for a fact there are bugs in 6.x which are not
> present in 5.2.
> __**_
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/**mailman/listinfo/cisco-nsp
> archive at 
> http://puck.nether.net/**pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 and 6.x

2012-06-07 Thread Phil Mayers 

On 06/06/2012 07:33 PM, N. Max Pierson wrote:

Hi List,

Anyone out there running the 6.x train on the 7k?? We need some features
that are available in 6.x, but realize how many additional "features" that
come along with new releases. Our list...


Which features? AIUI, 6.x is basically F2-linecard support.



BGP
EIGRP
OTV
HSRP
VTP
VPC
Netflow
LACP
PIM


I believe these are all present in 5.2, which is the release TAC 
recommended we use. I know for a fact there are bugs in 6.x which are 
not present in 5.2.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 and 6.x

2012-06-06 Thread Asbjorn Hojmark - Lists 
On Wed, 6 Jun 2012 13:33:32 -0500, you wrote:

> Anyone out there running the 6.x train on the 7k?? We need some features
> that are available in 6.x, but realize how many additional "features" that
> come along with new releases. Our list...
> 
> BGP
> EIGRP
> OTV
> HSRP
> VTP
> VPC
> Netflow
> LACP
> PIM

The devil is in the detail. From your list, I'd say 5.2(latest), but
you say you need 6.x because of features. What feature haven't you
listed?

-A

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 and 6.x

2012-06-06 Thread N. Max Pierson 
Hi List,

Anyone out there running the 6.x train on the 7k?? We need some features
that are available in 6.x, but realize how many additional "features" that
come along with new releases. Our list...

BGP
EIGRP
OTV
HSRP
VTP
VPC
Netflow
LACP
PIM

Regards,
Max
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-06 Thread Tim Stevenson 

At 01:37 AM 1/6/2012, Phil Mayers noted:


On 01/06/2012 07:26 AM, Tim Stevenson wrote:

> Correct. No EoMPLS, no VPLS as yet, it's roadmapped.

Tim, do you happen to know / can you tell us if the L2 MPLS features
will be covered by the same feature license, or will people have to
shell out for an MPLS2 feature license?



Current plan of record is the L2VPN feature set will fall under the 
existing license. Of course, I am neither a PM nor the person with 
whom the buck stops, so this is perfectly subject to change prior to 
shipping those features.


Thanks,
Tim



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at 
http://puck.nether.net/pipermail/cisco-nsp/





Tim Stevenson, tstev...@cisco.com
Routing & Switching CCIE #5561
Distinguished Technical Marketing Engineer, Cisco Nexus 7000
Cisco - http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-06 Thread corleo...@gmail.com 
!,!!!?!!?!!!?!!!?!!!?!!!?!!

Sent from my HTC

- Reply message -
From: "Asbjorn Hojmark - Lists" 
To: "Kris Price" 
Cc: 
Subject: [c-nsp] Nexus 7000 MPLS
Date: Fri, Jan 6, 2012 16:31


On Thu, 05 Jan 2012 19:25:46 -0800, you wrote:

> I see the Nexus 7000 does MPLS now (perhaps for some time?). Is there 
> anyone out there using MPLS on these and cares to comment about their 
> experience?
> 
> I'm particularly interested in RSVP, L3VPN support using OSPF as the 
> PE/CE protocol, any scalability issues, possibly some interop w/ Juniper 
> MX, and of course stability.

I have done a setup where we do MPLS on N7K in a traditional data
center setup (no CEs). IGP is OSPF. Signalling is LDP. Only L3 VPNs.
Everything we use Just Works(tm). Performance is excellent.

-A

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-06 Thread Phil Mayers 

On 06/01/12 10:31, Asbjorn Hojmark - Lists wrote:

On Thu, 05 Jan 2012 19:25:46 -0800, you wrote:


I see the Nexus 7000 does MPLS now (perhaps for some time?). Is there
anyone out there using MPLS on these and cares to comment about their
experience?

I'm particularly interested in RSVP, L3VPN support using OSPF as the
PE/CE protocol, any scalability issues, possibly some interop w/ Juniper
MX, and of course stability.


I have done a setup where we do MPLS on N7K in a traditional data
center setup (no CEs). IGP is OSPF. Signalling is LDP. Only L3 VPNs.
Everything we use Just Works(tm). Performance is excellent.


That's good to hear.

Did you try any MVPN or 6vPE?
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-06 Thread Asbjorn Hojmark - Lists 
On Thu, 05 Jan 2012 19:25:46 -0800, you wrote:

> I see the Nexus 7000 does MPLS now (perhaps for some time?). Is there 
> anyone out there using MPLS on these and cares to comment about their 
> experience?
> 
> I'm particularly interested in RSVP, L3VPN support using OSPF as the 
> PE/CE protocol, any scalability issues, possibly some interop w/ Juniper 
> MX, and of course stability.

I have done a setup where we do MPLS on N7K in a traditional data
center setup (no CEs). IGP is OSPF. Signalling is LDP. Only L3 VPNs.
Everything we use Just Works(tm). Performance is excellent.

-A

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-06 Thread Phil Mayers 

On 01/06/2012 07:26 AM, Tim Stevenson wrote:


Correct. No EoMPLS, no VPLS as yet, it's roadmapped.


Tim, do you happen to know / can you tell us if the L2 MPLS features 
will be covered by the same feature license, or will people have to 
shell out for an MPLS2 feature license?

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-05 Thread Tim Stevenson 

At 09:46 PM 1/5/2012, Justin M. Streiner stated:


On Thu, 5 Jan 2012, Kris Price wrote:

> I see the Nexus 7000 does MPLS now (perhaps for some time?).



Since Oct. 2011 (5.2.1 release).



 Is there anyone
> out there using MPLS on these and cares to comment about their experience?
>
> I'm particularly interested in RSVP, L3VPN support using OSPF as the PE/CE
> protocol, any scalability issues, possibly some interop w/ 
Juniper MX, and of

> course stability.
>
> All on and off list replies very much appreciated. :)

Actually, I'd be interested in hearing about peoples' experience with this
as well.  The last time I looked, the L3 stuff was there, but EoMPLS was
still off in the future.



Correct. No EoMPLS, no VPLS as yet, it's roadmapped.

Tim



jms
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at 
http://puck.nether.net/pipermail/cisco-nsp/





Tim Stevenson, tstev...@cisco.com
Routing & Switching CCIE #5561
Distinguished Technical Marketing Engineer, Cisco Nexus 7000
Cisco - http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-05 Thread Nitzan Tzelniker 
We are using 5.2 with LDP not RSVP and done some testing of L3VPN PE/CE
with OSPF (there is a limit to up to 4 OSPF process but you can open a lot
of "address-family vrf" under each process ).
It is interop with Juniper MX without a problem.
So far the only MPLS problem we found is that the developers forgot
to decrease the tcp mss when the packet include MPLS label (at least for
LDP ) so if  you have LDP session not on directly connected interface
(because of IGP metrics )  it will flap.
in NX-OS there is no command to decrease tcp mss for the control plane and
the only work around is to disable pmtu discovery which decrease the tcp
mss to 576 bytes.

Nitzan

On Fri, Jan 6, 2012 at 07:46, Justin M. Streiner wrote:

> On Thu, 5 Jan 2012, Kris Price wrote:
>
>  I see the Nexus 7000 does MPLS now (perhaps for some time?). Is there
>> anyone out there using MPLS on these and cares to comment about their
>> experience?
>>
>> I'm particularly interested in RSVP, L3VPN support using OSPF as the
>> PE/CE protocol, any scalability issues, possibly some interop w/ Juniper
>> MX, and of course stability.
>>
>> All on and off list replies very much appreciated. :)
>>
>
> Actually, I'd be interested in hearing about peoples' experience with this
> as well.  The last time I looked, the L3 stuff was there, but EoMPLS was
> still off in the future.
>
> jms
>
> __**_
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/**mailman/listinfo/cisco-nsp
> archive at 
> http://puck.nether.net/**pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MPLS

2012-01-05 Thread Justin M. Streiner 

On Thu, 5 Jan 2012, Kris Price wrote:

I see the Nexus 7000 does MPLS now (perhaps for some time?). Is there anyone 
out there using MPLS on these and cares to comment about their experience?


I'm particularly interested in RSVP, L3VPN support using OSPF as the PE/CE 
protocol, any scalability issues, possibly some interop w/ Juniper MX, and of 
course stability.


All on and off list replies very much appreciated. :)


Actually, I'd be interested in hearing about peoples' experience with this 
as well.  The last time I looked, the L3 stuff was there, but EoMPLS was 
still off in the future.


jms
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 MPLS

2012-01-05 Thread Kris Price 

Hi,

I see the Nexus 7000 does MPLS now (perhaps for some time?). Is there 
anyone out there using MPLS on these and cares to comment about their 
experience?


I'm particularly interested in RSVP, L3VPN support using OSPF as the 
PE/CE protocol, any scalability issues, possibly some interop w/ Juniper 
MX, and of course stability.


All on and off list replies very much appreciated. :)

Thanks
Kris
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Lincoln Dale 
On 28/01/2011, at 10:12 AM, Manu Chao wrote:
> Because FPGA/EPLD upgrade operation is a disruptive operation, it is not 
> always possible to upgrade both software and firmware.
> --> Do you think or may be do you know if it is an issue having an up-to-date 
> NX-OS 5.x with old EPLD release 4.x?

generally speaking, EPLD upgrades are not necessary.

key here is understanding what EPLDs are.  they are basically microcode changes 
- either in management plane on a module (e.g. power-management on a module) or 
a programmable data-plane component (e.g. crypto engine that implements 
802.1AE, or vnTag support on specific modules).

you may need to upgrade EPLD on a given module if you are using some specific 
functionality that we have fixed a bug on.  an example of this may be some 
key-change enhancements to 802.1AE crypto.
you may need to upgrade EPLD on a given module if you wish to use a feature 
that a new(er) EPLD provides - e.g. PVLAN trunk, vnTag/FEX on N7K-M132 I/O 
module.

but otherwise, there is generally no requirement to proactively upgrade EPLD 
with every release.
they are forwards/backwards compatible.  you don't need to be running latest 
EPLD nor do all modules in a system need to be running the same EPLD.


cheers,

lincoln.


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Manu Chao 
Thanks for your answer Lincoln,

Just curious:

Because FPGA/EPLD **upgrade operation is a disruptive **operation, it is not
always possible to upgrade both software and firmware.
--> Do you think or may be do you know if it is an issue having an
up-to-date NX-OS 5.x with old EPLD release 4.x?


On Thu, Jan 27, 2011 at 11:21 PM, Lincoln Dale  wrote:

> On 27/01/2011, at 10:19 PM, Manu Chao wrote:
>
> > I need to upgrade (ISSU) multiples N7K Dual Supervisor running vPC
> domains
> > from NX-OS 4.2(6) to 5.1(1a).
>
> ISSU from 4.2(6) to 5.1(1a) is non-disruptive.  you should be able to
> upgrade with no disruption to service.
>
> having said that, always carefully read the release notes posted on
> cisco.com for a given release.
> it may be that an upgrade between two releases requires you to do
> something.
> e.g. see <
> http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/release/notes/51_nx-os_release_note.html#wp293013
> >
>
> you can certainly run vPC with one vPC peer switch being a different NX-OS
> release to the other vPC peer switch.
>
> On 27/01/2011, at 11:52 PM, Chris Evans wrote:
> > Cisco has advised us to not use issu when possible.. we have had a few
> weird
> > bugs from it after the fact..  we are running 4.2(4)..
>
> please send me details (off list) of who at "Cisco" that advised you of
> this.  its not accurate.
>
>
> On 28/01/2011, at 12:09 AM, Ryan West wrote:
> > I'm sure the release notes say it, but the 4.x to 5.x major requires a
> full reload.  I spent a lot of time tracking down a BPDU rate limiting issue
> only to find the customer had ISSU'd from 4 to 5 and did not reload.
>
> an upgrade from 4.2.x to 5.x does not require a reload.  my guess is that
> the release-notes were not followed as it does talk about some very specific
> things in upgrade/downgrade considerations.
>
>
> cheers,
>
> lincoln.
>
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Chris Evans 
Lincoln,

We've had two major bugs and potentially a 3rd pop up this last week up that
have been root caused due to ISSU.. They could have been because we ISSU'ed
from the software that the platforms have shipped with pre 4.2, which were
ultimately ISSU'ed to 4.2(4).. Based on the bugs we've found so far, our
HTTS team has recommended that during the install of the devices, we should
reboot them fully after the code upgrade and to not use ISSU if possible.

-One bug that was identified during our ECATS testing was a netflow related
issue.. If I remember correctly stats do not get exported correctly after
ISSU until you do a device reboot. This testing was done back in Q2 of 2010,
so my memory is a bit fuzzy.

-Last week we have found one of our 7K's netflow daemon to randomly crash.
We do not have a RCA for this one yet, the DE's are working on it and cannot
reproduce it yet however. This is currently being blamed on ISSU as well,
but not fully guaranteed.

-The biggest bug we've found in relation to ISSU is a nasty one that has hit
us twice now on different 7Ks. Essentially the device black holes traffic
ingress on certain ports. The fix is to shut/no shut the port/port-channel,
reboot the module(s) or ultimately reboot the whole box. It was RCA'ed to a
register that was incorrectly set on the ASIC which disables forwarding for
the port, the only way to identify it was through some internal commands.
The normal commands that average users utilize doesn't show anything
incorrect.  In the first instance traffic didn't work from the get go, then
the 2nd one hit when a policy based routing policy was updated during a
change which was weeks after the first occurrence.. Both times causing a big
outage. So that has driven fear into us as it can just hit out of the blue
and we have no way to really validate the device post-change.

With those bugs mentioned, you can understand why our HTTS team has
recommended we NOT use ISSU for now.

I'll have to get the bug IDs and get back to the list. Lincoln, I will reply
tomorrow from my work email account with names of our HTTS team so you can
speak with them.

Thanks

Chris

On Thu, Jan 27, 2011 at 5:21 PM, Lincoln Dale  wrote:

> On 27/01/2011, at 10:19 PM, Manu Chao wrote:
>
> > I need to upgrade (ISSU) multiples N7K Dual Supervisor running vPC
> domains
> > from NX-OS 4.2(6) to 5.1(1a).
>
> ISSU from 4.2(6) to 5.1(1a) is non-disruptive.  you should be able to
> upgrade with no disruption to service.
>
> having said that, always carefully read the release notes posted on
> cisco.com for a given release.
> it may be that an upgrade between two releases requires you to do
> something.
> e.g. see <
> http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/release/notes/51_nx-os_release_note.html#wp293013
> >
>
> you can certainly run vPC with one vPC peer switch being a different NX-OS
> release to the other vPC peer switch.
>
> On 27/01/2011, at 11:52 PM, Chris Evans wrote:
> > Cisco has advised us to not use issu when possible.. we have had a few
> weird
> > bugs from it after the fact..  we are running 4.2(4)..
>
> please send me details (off list) of who at "Cisco" that advised you of
> this.  its not accurate.
>
>
> On 28/01/2011, at 12:09 AM, Ryan West wrote:
> > I'm sure the release notes say it, but the 4.x to 5.x major requires a
> full reload.  I spent a lot of time tracking down a BPDU rate limiting issue
> only to find the customer had ISSU'd from 4 to 5 and did not reload.
>
> an upgrade from 4.2.x to 5.x does not require a reload.  my guess is that
> the release-notes were not followed as it does talk about some very specific
> things in upgrade/downgrade considerations.
>
>
> cheers,
>
> lincoln.
>
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Lincoln Dale 
On 27/01/2011, at 10:19 PM, Manu Chao wrote:

> I need to upgrade (ISSU) multiples N7K Dual Supervisor running vPC domains
> from NX-OS 4.2(6) to 5.1(1a).

ISSU from 4.2(6) to 5.1(1a) is non-disruptive.  you should be able to upgrade 
with no disruption to service.

having said that, always carefully read the release notes posted on cisco.com 
for a given release.
it may be that an upgrade between two releases requires you to do something.
e.g. see 


you can certainly run vPC with one vPC peer switch being a different NX-OS 
release to the other vPC peer switch.

On 27/01/2011, at 11:52 PM, Chris Evans wrote:
> Cisco has advised us to not use issu when possible.. we have had a few weird
> bugs from it after the fact..  we are running 4.2(4)..

please send me details (off list) of who at "Cisco" that advised you of this.  
its not accurate.


On 28/01/2011, at 12:09 AM, Ryan West wrote:
> I'm sure the release notes say it, but the 4.x to 5.x major requires a full 
> reload.  I spent a lot of time tracking down a BPDU rate limiting issue only 
> to find the customer had ISSU'd from 4 to 5 and did not reload.

an upgrade from 4.2.x to 5.x does not require a reload.  my guess is that the 
release-notes were not followed as it does talk about some very specific things 
in upgrade/downgrade considerations.


cheers,

lincoln.


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Charles Spurgeon 
On Thu, Jan 27, 2011 at 12:18:54PM +0100, Manu Chao wrote:
> I need to upgrade (ISSU) multiples N7K Dual Supervisor running vPC domains
> from NX-OS 4.2(6) to 5.1(1a).
> 
> Planned to upgrade first vPC operationnal Secondary chassis then Primary.
> 
> I have 2 questions:
> - Do you know if vPC is compatible with ISSU?
> - Does vPC work between NX-OS 4.2 and 5.1?

Not what you were asking for, but something you might want to know
about your target code image:

After we upgraded to 5.1(1a) from 5.0(2) we hit a bug that crashes the
sup when you type "show vpc consistency global" on a router whose vlan
and SVI config generates a sufficiently long string of info to trigger
the bug.

bugID on this issue: CSCtk16254 "Manual vpc consistency check crashes
the sup"

-Charles

Charles E. Spurgeon / UTnet
UT Austin ITS / Networking
c.spurg...@its.utexas.edu / 512.475.9265
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Ryan West 



On Jan 27, 2011, at 7:32 AM, mailto:danvo...@gmail.com>> 
wrote:

Yes, vPC is compatible with ISSU and both os will work together while upgrading 
both boxes.

But upgrading from 4.2 to 5.x is disruptive


+1

I'm sure the release notes say it, but the 4.x to 5.x major requires a full 
reload.  I spent a lot of time tracking down a BPDU rate limiting issue only to 
find the customer had ISSU'd from 4 to 5 and did not reload.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Chris Evans 
Cisco has advised us to not use issu when possible.. we have had a few weird
bugs from it after the fact..  we are running 4.2(4)..
On Jan 27, 2011 7:32 AM,  wrote:
> Yes, vPC is compatible with ISSU and both os will work together while
upgrading both boxes.
>
> But upgrading from 4.2 to 5.x is disruptive
>
> Sent from my mobile
>
> On Jan 27, 2011, at 6:19 AM, Manu Chao  wrote:
>
>> I need to upgrade (ISSU) multiples N7K Dual Supervisor running vPC
domains
>> from NX-OS 4.2(6) to 5.1(1a).
>>
>> Planned to upgrade first vPC operationnal Secondary chassis then Primary.
>>
>> I have 2 questions:
>> - Do you know if vPC is compatible with ISSU?
>> - Does vPC work between NX-OS 4.2 and 5.1?
>>
>> Thanks for your input
>> Manu
>> ___
>> cisco-nsp mailing list cisco-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> ___
> cisco-nsp mailing list cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread danvoyer 
Yes, vPC is compatible with ISSU and both os will work together while upgrading 
both boxes.

But upgrading from 4.2 to 5.x is disruptive 

Sent from my mobile

On Jan 27, 2011, at 6:19 AM, Manu Chao  wrote:

> I need to upgrade (ISSU) multiples N7K Dual Supervisor running vPC domains
> from NX-OS 4.2(6) to 5.1(1a).
> 
> Planned to upgrade first vPC operationnal Secondary chassis then Primary.
> 
> I have 2 questions:
> - Do you know if vPC is compatible with ISSU?
> - Does vPC work between NX-OS 4.2 and 5.1?
> 
> Thanks for your input
> Manu
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 - vPC during NX-OS upgrade (ISSU)

2011-01-27 Thread Manu Chao 
I need to upgrade (ISSU) multiples N7K Dual Supervisor running vPC domains
from NX-OS 4.2(6) to 5.1(1a).

Planned to upgrade first vPC operationnal Secondary chassis then Primary.

I have 2 questions:
- Do you know if vPC is compatible with ISSU?
- Does vPC work between NX-OS 4.2 and 5.1?

Thanks for your input
Manu
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MSDP peering policy woes

2010-08-11 Thread Christopher.Marget 
> while there are clueful folks on this list that know N7K and NX-OS, i
> don't think cisco-nsp is an appropriate replacement for talking to the
> TAC.

Perhaps not.  I appreciate your reply, and hope my query isn't widely 
considered as inappropriate.

> but regardless, i _think_ what you're likely happening is that the
> route-map policy is in fact NOT being applied, because of the presence
> of 'deny' statements in the ACL.

No deny statements are allowed in the ACL in this context?  I'll need some time 
to absorb this :-)

My intended configuration does not include a deny, still filters the traffic.  
Maybe I have my policy logic (or perhaps my head) upside-down?

> for example, what do you expect the outcome to be of a "route-map
> (whatever) deny" that uses an IP access-list that also has 'deny ip' on
> it?
> a deny of a deny is a what? :)

I expected the route-map to move beyond sequence 5 (deny nothing), and then 
evaluate sequence 10.

Of course, I concede that the "deny nothing" business is not useful, I got 
there by trying to build a simple illustration of what I was seeing.  The real 
ACL does not include a deny, other than the implicit one (I assume it is still 
there), and I'm still not seeing the route map get evaluated past sequence 10:

2010 Aug 12 02:07:30.387585 msdp: [7070] (default-base) Originating SA message 
with data for (10.27.147.5, 239.192.1.1), IP length: 1344
2010 Aug 12 02:07:30.387804 msdp: librpm [7070] == RPM Evaluation 
starting for policy MSDP-INTRA-BUILDING-POLICY ==
2010 Aug 12 02:07:30.387824 msdp: librpm [7070]  Evaluating (rmap 
MSDP-INTRA-BUILDING-POLICY - seq 10 - cmd RPM_MATCH_IP_ADDR_ACL) 
2010 Aug 12 02:07:30.387841 msdp: librpm [7070]  Evaluation result (seq 10 
- cmd RPM_MATCH_IP_ADDR_ACL):RPM_MATCH_IGNORE 
2010 Aug 12 02:07:30.387857 msdp: librpm [7070] EVAL context->flag 0x005b
2010 Aug 12 02:07:30.387875 msdp: librpm [7070] Policy eval. returning action 
handle 0x
2010 Aug 12 02:07:30.387890 msdp: librpm [7070] == RPM Evaluation 
result RPM_MATCH_REJECT ==
2010 Aug 12 02:07:30.387919 msdp: [7070] (default-base) Entire outgoing SA to 
peer 10.255.255.228 filtered

N7K-A# undebug all
N7K-A# sho route-map MSDP-INTRA-BUILDING-POLICY
route-map MSDP-INTRA-BUILDING-POLICY, deny, sequence 10
  Match clauses:
ip address (access-lists): MSDP-FORBIDDEN-MC-GROUPS
  Set clauses:
route-map MSDP-INTRA-BUILDING-POLICY, permit, sequence 20
  Match clauses:
ip address (access-lists): RFC-2365-GLOBAL-GROUPS
  Set clauses:
N7K-A# sho ip access-lists MSDP-FORBIDDEN-MC-GROUPS

IP access list MSDP-FORBIDDEN-MC-GROUPS
10 permit ip any 224.0.0.0/24
20 permit ip any 239.255.0.0/16
N7K-A#

The ACL matched by sequence 20 doesn't have any deny either.


> historically a route-map with a 'deny' ACL invoked a "logical OR"
> operation which is often not actually what people desired or wanted.
> for that reason we don't currently support "IP access-list deny" when
> being matched by a route-map.
> 
> if this was PBR or VACL then when you tried to apply the VACL/PBR to an
> interface, you should get an error message.  maybe you aren't seeing
> the same thing for MSDP.

It MSDP did not complain (nor did the debugs) when I applied the policy with 
ACL deny.

Thanks Lincoln.  I will be talking to TAC in the morning :-)

/chris

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 MSDP peering policy woes

2010-08-11 Thread Lincoln Dale 
g'day,

On 12/08/2010, at 8:26 AM,  wrote:
> I'm trying to implement PBR-filtering of MSDP messages from a Nexus 7000 
> running 5.0(2a), and I'm starting to think that the route-map is being 
> interpreted wrong.
> 
> The relevant parts of the configuration are:
> 
> feature msdp
> feature pbr
> ip msdp originator-id loopback0
> ip msdp peer W.X.Y.Z connect-source loopback0
> ip msdp sa-policy W.X.Y.Z MSDP-INTRA-BUILDING-POLICY in
> ip msdp sa-policy W.X.Y.Z MSDP-INTRA-BUILDING-POLICY out
[..]

while there are clueful folks on this list that know N7K and NX-OS, i don't 
think cisco-nsp is an appropriate replacement for talking to the TAC.

but regardless, i _think_ what you're likely happening is that the route-map 
policy is in fact NOT being applied, because of the presence of 'deny' 
statements in the ACL.

for example, what do you expect the outcome to be of a "route-map (whatever) 
deny" that uses an IP access-list that also has 'deny ip' on it?
a deny of a deny is a what? :)

historically a route-map with a 'deny' ACL invoked a "logical OR" operation 
which is often not actually what people desired or wanted.
for that reason we don't currently support "IP access-list deny" when being 
matched by a route-map.

if this was PBR or VACL then when you tried to apply the VACL/PBR to an 
interface, you should get an error message.  maybe you aren't seeing the same 
thing for MSDP.


cheers,

lincoln.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 MSDP peering policy woes

2010-08-11 Thread Christopher.Marget 
Huh.  The copy of this note in my outbox is formatted nicely, but the one 
forwarded back to me by the list is a mess.
I'm not sure what happened to the newlines.  Thank you, Outlook.  Trying again, 
sorry for the noise.


I'm trying to implement PBR-filtering of MSDP messages from a Nexus 7000 
running 5.0(2a), and I'm starting to think that the route-map is being 
interpreted wrong.

The relevant parts of the configuration are:

feature msdp
feature pbr
ip msdp originator-id loopback0
ip msdp peer W.X.Y.Z connect-source loopback0
ip msdp sa-policy W.X.Y.Z MSDP-INTRA-BUILDING-POLICY in
ip msdp sa-policy W.X.Y.Z MSDP-INTRA-BUILDING-POLICY out

ip access-list PERMIT-IP-ANY-ANY
 permit ip any any

route-map MSDP-INTRA-BUILDING-POLICY deny 10
  match ip address PERMIT-IP-ANY-ANY
route-map MSDP-INTRA-BUILDING-POLICY deny 20
  match ip address MSDP-FORBIDDEN-MC-GROUPS
route-map MSDP-INTRA-BUILDING-POLICY permit 30
  match ip address RFC-2365-GLOBAL-GROUPS
route-map MSDP-INTER-ENTERPRISE-POLICY deny 40

Next, I enable 'debug ip msdp' and 'debug ip msdp policy', and switch on a 
multicast source.  The debug output indicates that only the first line (deny 
10) of the route-map is being evaluated:

2010 Aug 12 00:02:40.689445 msdp: librpm [7070] == RPM Evaluation 
starting for policy MSDP-INTRA-BUILDING-POLICY ==
2010 Aug 12 00:02:40.689482 msdp: librpm [7070]  Evaluating (rmap 
MSDP-INTRA-BUILDING-POLICY - seq 10 - cmd RPM_MATCH_IP_ADDR_ACL) 
2010 Aug 12 00:02:40.689512 msdp: librpm [7070]  Evaluation result (seq 10 
- cmd RPM_MATCH_IP_ADDR_ACL):RPM_MATCH_IGNORE 
2010 Aug 12 00:02:40.689562 msdp: librpm [7070] EVAL context->flag 0x001b
2010 Aug 12 00:02:40.689668 msdp: librpm [7070] Policy eval. returning action 
handle 0x
2010 Aug 12 00:02:40.689698 msdp: librpm [7070] == RPM Evaluation 
result RPM_MATCH_REJECT ==
2010 Aug 12 00:02:40.689743 msdp: [7070] (default-base) Entire outgoing SA to 
peer W.X.Y.Z filtered

So far, so good.  'deny 10' matches everything, so the next line of the 
route-map didn't get evaluated, and the announcement for this new multicast 
source is filtered.

Now I'll insert an earlier 'deny' line into the route-map, this time with an 
ACL that matches nothing:

ip access-list DENY-IP-ANY-ANY
 deny ip any any

route-map MSDP-INTRA-BUILDING-POLICY deny 5
  match ip address DENY-IP-ANY-ANY

Clear all of the mroutes, and fire the source back up.  Debug says:

2010 Aug 12 00:40:53.064084 msdp: librpm [7070] == RPM Evaluation 
starting for policy MSDP-INTRA-BUILDING-POLICY ==
2010 Aug 12 00:40:53.064121 msdp: librpm [7070]  Evaluating (rmap 
MSDP-INTRA-BUILDING-POLICY - seq 5 - cmd RPM_MATCH_IP_ADDR_ACL) 
2010 Aug 12 00:40:53.064152 msdp: librpm [7070]  Evaluation result (seq 5 - 
cmd RPM_MATCH_IP_ADDR_ACL):RPM_MATCH_IGNORE 
2010 Aug 12 00:40:53.064181 msdp: librpm [7070] EVAL context->flag 0x005b
2010 Aug 12 00:40:53.064211 msdp: librpm [7070] Policy eval. returning action 
handle 0x
2010 Aug 12 00:40:53.064238 msdp: librpm [7070] == RPM Evaluation 
result RPM_MATCH_REJECT ==
2010 Aug 12 00:40:53.064282 msdp: [7070] (default-base) Entire outgoing SA to 
peer 10.255.255.228 filtered

Now, the earlier line (deny 5) in the route-map is being matched even though 
its ACL matches nothing (DENY-IP-ANY-ANY).

The route-map isn't getting evaluated beyond the first deny line in either case.

Could this possibly be correct behavior?

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 MSDP peering policy woes

2010-08-11 Thread Christopher.Marget 
I'm trying to implement PBR-filtering of MSDP messages from a Nexus 7000 
running 5.0(2a), and I'm starting to think that the route-map is being 
interpreted wrong.

The relevant parts of the configuration are:

feature msdp
feature pbr
ip msdp originator-id loopback0
ip msdp peer W.X.Y.Z connect-source loopback0
ip msdp sa-policy W.X.Y.Z MSDP-INTRA-BUILDING-POLICY in
ip msdp sa-policy W.X.Y.Z MSDP-INTRA-BUILDING-POLICY out

ip access-list PERMIT-IP-ANY-ANY
 permit ip any any

route-map MSDP-INTRA-BUILDING-POLICY deny 10
  match ip address PERMIT-IP-ANY-ANY
route-map MSDP-INTRA-BUILDING-POLICY deny 20
  match ip address MSDP-FORBIDDEN-MC-GROUPS
route-map MSDP-INTRA-BUILDING-POLICY permit 30
  match ip address RFC-2365-GLOBAL-GROUPS
route-map MSDP-INTER-ENTERPRISE-POLICY deny 40

Next, I enable 'debug ip msdp' and 'debug ip msdp policy', and switch on a 
multicast source.  The debug output indicates that only the first line (deny 
10) of the route-map is being evaluated:

2010 Aug 12 00:02:40.689445 msdp: librpm [7070] == RPM Evaluation 
starting for policy MSDP-INTRA-BUILDING-POLICY ==
2010 Aug 12 00:02:40.689482 msdp: librpm [7070]  Evaluating (rmap 
MSDP-INTRA-BUILDING-POLICY - seq 10 - cmd RPM_MATCH_IP_ADDR_ACL) 
2010 Aug 12 00:02:40.689512 msdp: librpm [7070]  Evaluation result (seq 10 
- cmd RPM_MATCH_IP_ADDR_ACL):RPM_MATCH_IGNORE 
2010 Aug 12 00:02:40.689562 msdp: librpm [7070] EVAL context->flag 0x001b
2010 Aug 12 00:02:40.689668 msdp: librpm [7070] Policy eval. returning action 
handle 0x
2010 Aug 12 00:02:40.689698 msdp: librpm [7070] == RPM Evaluation 
result RPM_MATCH_REJECT ==
2010 Aug 12 00:02:40.689743 msdp: [7070] (default-base) Entire outgoing SA to 
peer W.X.Y.Z filtered

So far, so good.  'deny 10' matches everything, so the next line of the 
route-map didn't get evaluated, and the announcement for this new multicast 
source is filtered.

Now I'll insert an earlier 'deny' line into the route-map, this time with an 
ACL that matches nothing:

ip access-list DENY-IP-ANY-ANY
 deny ip any any

route-map MSDP-INTRA-BUILDING-POLICY deny 5
  match ip address DENY-IP-ANY-ANY

Clear all of the mroutes, and fire the source back up.  Debug says:

2010 Aug 12 00:40:53.064084 msdp: librpm [7070] == RPM Evaluation 
starting for policy MSDP-INTRA-BUILDING-POLICY ==
2010 Aug 12 00:40:53.064121 msdp: librpm [7070]  Evaluating (rmap 
MSDP-INTRA-BUILDING-POLICY - seq 5 - cmd RPM_MATCH_IP_ADDR_ACL) 
2010 Aug 12 00:40:53.064152 msdp: librpm [7070]  Evaluation result (seq 5 - 
cmd RPM_MATCH_IP_ADDR_ACL):RPM_MATCH_IGNORE 
2010 Aug 12 00:40:53.064181 msdp: librpm [7070] EVAL context->flag 0x005b
2010 Aug 12 00:40:53.064211 msdp: librpm [7070] Policy eval. returning action 
handle 0x
2010 Aug 12 00:40:53.064238 msdp: librpm [7070] == RPM Evaluation 
result RPM_MATCH_REJECT ==
2010 Aug 12 00:40:53.064282 msdp: [7070] (default-base) Entire outgoing SA to 
peer 10.255.255.228 filtered

Now, the earlier line (deny 5) in the route-map is being matched even though 
the ACL matches nothing (DENY-IP-ANY-ANY).

The route-map isn't getting evaluated beyond the first deny line in either case.

Could this possibly be correct behavior?
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 feedback

2009-05-05 Thread Ash Net 
Hello all,

we're considering deploying Nexus 7000 as the next Core/Aggregation switch
Platform in our Data Centers and looking for some feedback from individuals
who have had experiences with it. Specs and Featureset wise, the product
looks amazing and truly appears to have solved the 10Gig Aggregation
requirements of a Data Center upto an extent.

Any feedback in relation to the stability of the product and the NX-OS,
issues encountered during deployment and Post implementation/Daily
operations support, Integration of the Nexus with current Management systems
and any challenges encountered, interoperability with other Cisco switch
Platforms such at Cat6k, 4900 at Routing and Switching Layers (OSPF/EIGRP
Adjacencies/ STP/RPVST Interop), Dual Sup vs Single Sup configiurations,
ISSU, Netflow, Graceful Restart and VDC's

All feedback is welcome and would be greatly appreciated.
Thanks in advance

Ash
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 fiber 1GBit linecard.

2008-12-03 Thread Tim Stevenson 
DOM is supported with appropriate SFP models (ie, 
those that are DOM capable, such as SFP-GE-S, -L, -Z).


Tim

At 08:21 AM 12/2/2008, Marian Ďurkovič murmered:

On Mon, Dec 01, 2008 at 02:53:41PM -0300, Juan Angel Menendez wrote:
>
>
> It's already here:  N7K-M148GS-11 Nexus
> 7000 Series 48-Port Gigabit Ethernet Module (SFP) with 40 Gbps Fabric
>
> 
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/Data_Sheet_C78-437763.html


Hmm, this datasheet shows Time Domain Reflectometry support on 48-port
copper module, but no Digital Optical Monitoring support on fiber module.
So again, fiber connections have less layer-1 monitoring capabilities than
the copper ones...

Is this just a temporary limitation of the initial NX-OS release,
or do these SFP cards suffer from the same problems as the 6748-SFP
cards for Cat6500 where DOM still doesn't work?


Thanks & kind regards,

  M.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/




Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Cisco Nexus 7000
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 fiber 1GBit linecard.

2008-12-02 Thread Lincoln Dale 

Marian Ďurkovič wrote:

On Mon, Dec 01, 2008 at 02:53:41PM -0300, Juan Angel Menendez wrote:
  
It's already here:  N7K-M148GS-11 Nexus 
7000 Series 48-Port Gigabit Ethernet Module (SFP) with 40 Gbps Fabric



http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/Data_Sheet_C78-437763.html



Hmm, this datasheet shows Time Domain Reflectometry support on 48-port
copper module, but no Digital Optical Monitoring support on fiber module.
So again, fiber connections have less layer-1 monitoring capabilities than
the copper ones...
  
DOM on the 48-port Fiber is there.  (provided the SFP modules support 
it, which all of the listed ones there do).


its output is identical to that of the 32x10G module in terms of DOM 
capabilities:


ltd-n7010-1# show module 2 | grep -i module
Mod  Ports  Module-Type  Model  Status
232 10 Gbps Ethernet Module  N7K-M132XP-12  ok

ltd-n7010-1# show int eth2/1 transceiver details
Ethernet2/1
   sfp is present
   name is CISCO-EXCELIGHT
   part number is SPP5101SR-C1   
   revision is A  
   serial number is ECL121302KT
   nominal bitrate is 10300 MBits/sec

   Link length supported for 50/125um fiber is 82 m(s)
   Link length supported for 62.5/125um fiber is 26 m(s)
   cisco id is --
   cisco extended id number is 4

   SFP Detail Diagnostics Information
 


Alarms  Warnings
   HighLow High  Low
 


 Temperature   28.65 C75.00 C -5.00 C 70.00 C0.00 C
 Voltage3.28 V 3.63 V  2.97 V  3.46 V3.13 V
 Current4.90 mA   10.50 mA 2.00 mA10.50 mA   
2.00 mA
 Tx Power   -3.18 dBm   1.49 dBm  -11.30 dBm   -1.50 dBm 
-7.30 dBm
 Rx Power   -9.28 dBm   1.99 dBm  -13.97 dBm   -1.00 dBm 
-9.91 dBm

 Transmit Fault Count = 0
 


 Note: ++  high-alarm; +  high-warning; --  low-alarm; -  low-warning

Is this just a temporary limitation of the initial NX-OS release, 
or do these SFP cards suffer from the same problems as the 6748-SFP

cards for Cat6500 where DOM still doesn't work?
  


the hardware was designed with DOM in mind from day one.



cheers,

lincoln.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 fiber 1GBit linecard.

2008-12-02 Thread Marian Ďurkovič 
On Mon, Dec 01, 2008 at 02:53:41PM -0300, Juan Angel Menendez wrote:
> 
> 
> It's already here:  N7K-M148GS-11 Nexus 
> 7000 Series 48-Port Gigabit Ethernet Module (SFP) with 40 Gbps Fabric
> 
> 
> http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/Data_Sheet_C78-437763.html

Hmm, this datasheet shows Time Domain Reflectometry support on 48-port
copper module, but no Digital Optical Monitoring support on fiber module.
So again, fiber connections have less layer-1 monitoring capabilities than
the copper ones...

Is this just a temporary limitation of the initial NX-OS release, 
or do these SFP cards suffer from the same problems as the 6748-SFP
cards for Cat6500 where DOM still doesn't work?


Thanks & kind regards,

  M. 
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 fiber 1GBit linecard.

2008-12-01 Thread Juan Angel Menendez 



It's already here:  N7K-M148GS-11 Nexus 
7000 Series 48-Port Gigabit Ethernet Module (SFP) with 40 Gbps Fabric



http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/Data_Sheet_C78-437763.html


Regards
Juan


At 11:02 13/11/2008, Fernando de Aquilino Corrêa wrote:

Hello,

According to a Sales Engineer at Cisco, this is 
going to be available some time in H1 2009. 
It'll be a 48 port SFP line card if I remember correctly.


I'd love to have their roadmap for this switch.

Att,
Fernando

-Original Message-
From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Juan Angel Menendez

Sent: terça-feira, 11 de novembro de 2008 12:50
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Nexus 7000 fiber 1GBit linecard.



Hello list,

We're interested in the Nexus 7000 platform but we're wondering if
fiber 1GBit linecard is going to be available anytime soon ?

Thanks in advance.

Regards
Juan

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000 fiber 1GBit linecard.

2008-11-13 Thread Fernando de Aquilino Corrêa 
Hello,

According to a Sales Engineer at Cisco, this is going to be available some time 
in H1 2009. It'll be a 48 port SFP line card if I remember correctly.

I'd love to have their roadmap for this switch.

Att,
Fernando

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Juan Angel 
Menendez
Sent: terça-feira, 11 de novembro de 2008 12:50
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Nexus 7000 fiber 1GBit linecard.



Hello list,

We're interested in the Nexus 7000 platform but we're wondering if 
fiber 1GBit linecard is going to be available anytime soon ?

Thanks in advance.

Regards
Juan

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000 fiber 1GBit linecard.

2008-11-11 Thread Juan Angel Menendez 



Hello list,

	We're interested in the Nexus 7000 platform but we're wondering if 
fiber 1GBit linecard is going to be available anytime soon ?


Thanks in advance.

Regards
Juan

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000

2008-05-05 Thread Justin C. Darby 
Anyone on this list using the N7K platform in production anywhere? We've 
got a pretty good size 10GbE SAN solution in place and we're looking to 
consolidate our overall switching environment. I'm just checking up to 
see if anyone has gotten a hold of one, and if they've had any problems 
so far, though I realize it might not be considered generally available yet.

Thanks,
Justin C. Darby

Note: The contents of this message are mine and do not reflect the views 
of the United States Federal Government.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000

2008-04-01 Thread Nick Griffin 
I am curious to hear from those that have began to implement or are
currently reviewing the Nexus 7000 platform. I have been doing some research
and I like what I hear. Now I'm curious in receiving some feedback from the
guys on the ground, good, bad or indifferent. Thanks in advance.

Nick Griffin
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-02-02 Thread Peter Salanki 
It will be really interesting to see how the Procket routing stacks  
work in Cisco clothing.

Sincerely,

Peter Salanki
Solutions Architect
Procera Networks

On Jan 28, 2008, at 8:20 PM, Geyer, Nick wrote:

> The documentation out for NX-OS shows support for most IP routing
> solutions around today. It will be interesting to see more doco from
> Cisco on what this box can actually do and find out where Cisco  
> plans to
> slot it into the family tree (perhaps the illegitimate child of Mr.
> CRS-1 and Mrs. 7609?)
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Tom Storey
> Sent: Tuesday, 29 January 2008 3:03 PM
> To: Pete Templin
> Cc: mack; cisco-nsp@puck.nether.net
> Subject: Re: [c-nsp] Nexus 7000
>
>
>> Call me crazy, but I got no sense that this new thingy can route,  
>> from
>> the little video or any of the data sheets.  They'd be spouting the
> pps
>> of IPv6 hardware routing, if it could.
>
> I saw mention of VRFs, OSPFv2 and 3, and mentions of IPv4 and IPv6  
> among
> the existing documents, but no mention of PPS or anything else routing
> related.
>
> Hopefully more docos are on the way which will detail all of this.
>
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-02-01 Thread Netfortius 
I am interested in this feature, also, so asking around I've heard something 
about VSS in NX-OS 4.1, maybe in the summer (?!?) -

On Thursday 31 January 2008 15:53:54 Tim Durack wrote:
> No mention of "VSS" after they've been talking
> it up recently. Nice if they can make it all work reliably.
>
> Tim:>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Colin McNamara 
well, if you can get to your edge routers, then you can get really
far ;)

IP man, its the wave of the future

-- 
Colin McNamara
(858)208-8105
CCIE #18233,RHCE,GCIH 
http://www.colinmcnamara.com
http://www.linkedin.com/in/colinmcnamara

"The difficult we do immediately, the impossible just takes a little longer"

On Tue, 2008-01-29 at 12:55 -0800, Michael Balasko wrote:
> Loved the article. 
> "But Brocade's switch can't connect data centers over vast distances
> like the Nexus, making it less attractive in an increasingly virtualized
> IT world. "Cisco has created the switch for the new virtualized data
> center"
> 
> How far are you going to get with that 1 SR spf+ optic(vast > 26meters)
> that is available from Cisco?
> 
> http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512
> /AAG_SFP+.pdf
> 
> I really hope Cisco stuffs useful and realistic roadmaps into the hands
> of the Sales squad to make this thingy a bit more palatable. 
> 
> 
> 
> Michael Balasko
> CCSP,MCSE,MCNE,SCP
> Network Specialist II
> City of Henderson 
> 240 Water St. 
> Henderson, NV 89015
> P: (702) 267-4337
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Casey Mills
> Sent: Tuesday, January 29, 2008 12:22 PM
> To: cisco-nsp@puck.nether.net
> Subject: [c-nsp] Nexus 7000
> 
> http://www.forbes.com/technology/cionetwork/2008/01/27/cisco-nexus-switc
> h-tech-inter-cx_ag_0128techcisco.html
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Tom Sands 
Being developed from SAN-OS or an MDS still doesn't make it either. 
Similar reliability "might" be there, but I wouldn't be convinced until 
there is some proof it provides a that level of stability and ability.


With a 4:1 over subscription on the card I saw, I don't know that it 
would be my immediate answer to 10G aggregation.

--
Tom Sands   
Chief Network Engineer  
Rackspace   
--

Colin McNamara wrote:
> Yes, you have extreme reliability that is comes from San-os, but even
> with the MDS you always go with an A and B fabric. 
> 
> This chassis is basically a core replacement, and an answer to the 10Gig
> aggregation problems that are starting to pop up with blade centers and
> high end vmware installations.  I do not think that the increased
> reliability will drive a general design change from dual to single core
> on a network of any decent size.
> 


Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is 
prohibited.
If you receive this transmission in error, please notify us immediately by 
e-mail
at [EMAIL PROTECTED], and delete the original message.
Your cooperation is appreciated.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Colin McNamara 
Yes, you have extreme reliability that is comes from San-os, but even
with the MDS you always go with an A and B fabric. 

This chassis is basically a core replacement, and an answer to the 10Gig
aggregation problems that are starting to pop up with blade centers and
high end vmware installations.  I do not think that the increased
reliability will drive a general design change from dual to single core
on a network of any decent size.

-- 
Colin McNamara
(858)208-8105
CCIE #18233,RHCE,GCIH 
http://www.colinmcnamara.com
http://www.linkedin.com/in/colinmcnamara

"The difficult we do immediately, the impossible just takes a little longer"

On Thu, 2008-01-31 at 13:10 -0800, Andrew Gristina wrote:
> Yes, if it is based on the MDS.
> 
> On Jan 31, 2008 12:08 PM, Tom Sands <[EMAIL PROTECTED]> wrote:
> > Would you really trust dual sups in the Nexus any more than you can
> > trust dual sups in a 6500?  You're not required to buy 2 chassis with
> > the 6500, that would be a personal or design choice.
> >
> > --
> > Tom Sands
> > Chief Network Engineer
> > Rackspace
> > (210)312-4391
> > --
> >
> > Tim Durack wrote:
> > > I'm sure you could subtract 30-40% for the usual discount. Plus you
> > > may only need one chassis instead of the usual two 6500s for a
> > > redundant setup. That brings it back within reach perhaps.
> > >
> > > Tim:>
> > >
> > > On Jan 31, 2008 11:45 AM, Alex Howells <[EMAIL PROTECTED]> wrote:
> > >> Tom Sands wrote:
> > >>> N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included  $20,000
> > >> ... plus all the other bits you want  [snipped]
> > >>
> > >> So basically a "entry level" one of these is around $200,000 then?
> > >> Subtract a wedge if you only want a single supervisor, add on another
> > >> chunk for extra line cards and multiple SFP+'s to do 10Gig?
> > >>
> > >> Seems rather bloody expensive. Maybe that's just me. *shrug*
> > >>
> > >> ___
> > >> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > >> https://puck.nether.net/mailman/listinfo/cisco-nsp
> > >> archive at http://puck.nether.net/pipermail/cisco-nsp/
> > >>
> > >
> >
> >
> > Confidentiality Notice: This e-mail message (including any attached or
> > embedded documents) is intended for the exclusive and confidential use of 
> > the
> > individual or entity to which this message is addressed, and unless 
> > otherwise
> > expressly indicated, is confidential and privileged information of 
> > Rackspace.
> > Any dissemination, distribution or copying of the enclosed material is 
> > prohibited.
> > If you receive this transmission in error, please notify us immediately by 
> > e-mail
> > at [EMAIL PROTECTED], and delete the original message.
> > Your cooperation is appreciated.
> >
> > ___
> >
> > cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Tom Sands 
Point was that the 6500 supports dual sups, probably just as reliably, 
so there isn't an added cost of needing 2 6500 chassis.

--
Tom Sands   
Chief Network Engineer  
Rackspace   
(210)312-4391   
--

Andrew Gristina wrote:
> Yes, if it is based on the MDS.
> 
> On Jan 31, 2008 12:08 PM, Tom Sands <[EMAIL PROTECTED]> wrote:
>> Would you really trust dual sups in the Nexus any more than you can
>> trust dual sups in a 6500?  You're not required to buy 2 chassis with
>> the 6500, that would be a personal or design choice.
>>
>> --
>> Tom Sands
>> Chief Network Engineer
>> Rackspace
>> (210)312-4391
>> --
>>
>> Tim Durack wrote:
>>> I'm sure you could subtract 30-40% for the usual discount. Plus you
>>> may only need one chassis instead of the usual two 6500s for a
>>> redundant setup. That brings it back within reach perhaps.
>>>
>>> Tim:>
>>>
>>> On Jan 31, 2008 11:45 AM, Alex Howells <[EMAIL PROTECTED]> wrote:
 Tom Sands wrote:
> N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included  $20,000
 ... plus all the other bits you want  [snipped]

 So basically a "entry level" one of these is around $200,000 then?
 Subtract a wedge if you only want a single supervisor, add on another
 chunk for extra line cards and multiple SFP+'s to do 10Gig?

 Seems rather bloody expensive. Maybe that's just me. *shrug*

 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

>>
>> Confidentiality Notice: This e-mail message (including any attached or
>> embedded documents) is intended for the exclusive and confidential use of the
>> individual or entity to which this message is addressed, and unless otherwise
>> expressly indicated, is confidential and privileged information of Rackspace.
>> Any dissemination, distribution or copying of the enclosed material is 
>> prohibited.
>> If you receive this transmission in error, please notify us immediately by 
>> e-mail
>> at [EMAIL PROTECTED], and delete the original message.
>> Your cooperation is appreciated.
>>
>> ___
>>
>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
> 


Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is 
prohibited.
If you receive this transmission in error, please notify us immediately by 
e-mail
at [EMAIL PROTECTED], and delete the original message.
Your cooperation is appreciated.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Tim Durack 
I'll wait and see (we already placed our order for 6509s and VS-S720s.)

Interesting to see Cisco going back to separate fabrics and dual
supervisors with ISSU. No mention of "VSS" after they've been talking
it up recently. Nice if they can make it all work reliably.

Tim:>

On Jan 31, 2008 3:08 PM, Tom Sands <[EMAIL PROTECTED]> wrote:
> Would you really trust dual sups in the Nexus any more than you can
> trust dual sups in a 6500?  You're not required to buy 2 chassis with
> the 6500, that would be a personal or design choice.
>
> --
> Tom Sands
> Chief Network Engineer
> Rackspace
> (210)312-4391
> --
>
>
> Tim Durack wrote:
> > I'm sure you could subtract 30-40% for the usual discount. Plus you
> > may only need one chassis instead of the usual two 6500s for a
> > redundant setup. That brings it back within reach perhaps.
> >
> > Tim:>
> >
> > On Jan 31, 2008 11:45 AM, Alex Howells <[EMAIL PROTECTED]> wrote:
> >> Tom Sands wrote:
> >>> N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included  $20,000
> >> ... plus all the other bits you want  [snipped]
> >>
> >> So basically a "entry level" one of these is around $200,000 then?
> >> Subtract a wedge if you only want a single supervisor, add on another
> >> chunk for extra line cards and multiple SFP+'s to do 10Gig?
> >>
> >> Seems rather bloody expensive. Maybe that's just me. *shrug*
> >>
> >> ___
> >> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/cisco-nsp
> >> archive at http://puck.nether.net/pipermail/cisco-nsp/
> >>
> >
>
>
>
> Confidentiality Notice: This e-mail message (including any attached or
> embedded documents) is intended for the exclusive and confidential use of the
> individual or entity to which this message is addressed, and unless otherwise
> expressly indicated, is confidential and privileged information of Rackspace.
> Any dissemination, distribution or copying of the enclosed material is 
> prohibited.
> If you receive this transmission in error, please notify us immediately by 
> e-mail
> at [EMAIL PROTECTED], and delete the original message.
> Your cooperation is appreciated.
>
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Andrew Gristina 
Yes, if it is based on the MDS.

On Jan 31, 2008 12:08 PM, Tom Sands <[EMAIL PROTECTED]> wrote:
> Would you really trust dual sups in the Nexus any more than you can
> trust dual sups in a 6500?  You're not required to buy 2 chassis with
> the 6500, that would be a personal or design choice.
>
> --
> Tom Sands
> Chief Network Engineer
> Rackspace
> (210)312-4391
> --
>
> Tim Durack wrote:
> > I'm sure you could subtract 30-40% for the usual discount. Plus you
> > may only need one chassis instead of the usual two 6500s for a
> > redundant setup. That brings it back within reach perhaps.
> >
> > Tim:>
> >
> > On Jan 31, 2008 11:45 AM, Alex Howells <[EMAIL PROTECTED]> wrote:
> >> Tom Sands wrote:
> >>> N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included  $20,000
> >> ... plus all the other bits you want  [snipped]
> >>
> >> So basically a "entry level" one of these is around $200,000 then?
> >> Subtract a wedge if you only want a single supervisor, add on another
> >> chunk for extra line cards and multiple SFP+'s to do 10Gig?
> >>
> >> Seems rather bloody expensive. Maybe that's just me. *shrug*
> >>
> >> ___
> >> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/cisco-nsp
> >> archive at http://puck.nether.net/pipermail/cisco-nsp/
> >>
> >
>
>
> Confidentiality Notice: This e-mail message (including any attached or
> embedded documents) is intended for the exclusive and confidential use of the
> individual or entity to which this message is addressed, and unless otherwise
> expressly indicated, is confidential and privileged information of Rackspace.
> Any dissemination, distribution or copying of the enclosed material is 
> prohibited.
> If you receive this transmission in error, please notify us immediately by 
> e-mail
> at [EMAIL PROTECTED], and delete the original message.
> Your cooperation is appreciated.
>
> ___
>
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Tom Sands 
Would you really trust dual sups in the Nexus any more than you can 
trust dual sups in a 6500?  You're not required to buy 2 chassis with 
the 6500, that would be a personal or design choice.

--
Tom Sands   
Chief Network Engineer  
Rackspace   
(210)312-4391   
--

Tim Durack wrote:
> I'm sure you could subtract 30-40% for the usual discount. Plus you
> may only need one chassis instead of the usual two 6500s for a
> redundant setup. That brings it back within reach perhaps.
> 
> Tim:>
> 
> On Jan 31, 2008 11:45 AM, Alex Howells <[EMAIL PROTECTED]> wrote:
>> Tom Sands wrote:
>>> N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included  $20,000
>> ... plus all the other bits you want  [snipped]
>>
>> So basically a "entry level" one of these is around $200,000 then?
>> Subtract a wedge if you only want a single supervisor, add on another
>> chunk for extra line cards and multiple SFP+'s to do 10Gig?
>>
>> Seems rather bloody expensive. Maybe that's just me. *shrug*
>>
>> ___
>> cisco-nsp mailing list  cisco-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
> 


Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is 
prohibited.
If you receive this transmission in error, please notify us immediately by 
e-mail
at [EMAIL PROTECTED], and delete the original message.
Your cooperation is appreciated.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Tim Durack 
I'm sure you could subtract 30-40% for the usual discount. Plus you
may only need one chassis instead of the usual two 6500s for a
redundant setup. That brings it back within reach perhaps.

Tim:>

On Jan 31, 2008 11:45 AM, Alex Howells <[EMAIL PROTECTED]> wrote:
> Tom Sands wrote:
> > N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included  $20,000
> ... plus all the other bits you want  [snipped]
>
> So basically a "entry level" one of these is around $200,000 then?
> Subtract a wedge if you only want a single supervisor, add on another
> chunk for extra line cards and multiple SFP+'s to do 10Gig?
>
> Seems rather bloody expensive. Maybe that's just me. *shrug*
>
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Alex Howells 
Tom Sands wrote:
> N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included  $20,000
... plus all the other bits you want  [snipped]

So basically a "entry level" one of these is around $200,000 then?
Subtract a wedge if you only want a single supervisor, add on another
chunk for extra line cards and multiple SFP+'s to do 10Gig?

Seems rather bloody expensive. Maybe that's just me. *shrug*
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-31 Thread Tom Sands 
N7K-C7010  10 Slot Chassis, No Power Supplies, Fans Included$20,000


Operating System
N7KS1K9-401A1.1 Nexus 7000 Software Release 4.0 $0


Layer 3 features
N7K-LAN1K9  Nexus 7000 LAN Enterprise License   $15,000


32 port 10GE
N7K-M132XP-12  Nexus 7000-32 Port 10GbE, 80G Fabric (req. SFP+) $70,000
SFP-10G-SR   10GBASE-SR SFP Module  $1,795


48 port 10/100/1000 
N7K-M148GT-11  Nexus 7000-48 Port 10/100/1000, RJ-45, 40G Fabric$27,000


Supervisor  
N7K-SUP1 Nexus 7000-Supervisor, Includes External 8GB Log Flash $25,000

N7K-CPF-2GB  Nexus CF Memory 2GB (Expansion Flash-Slot0)$1,200


Redundant Supervisor
N7K-SUP1  Nexus 7000-Supervisor, Includes External 8GB Log Flash$25,000
N7K-CPF-2GB  Nexus CF Memory 2GB (Expansion Flash - Slot 0) $1,200


Switch Fabric (min 3 max 5) 
N7K-C7010-FAB-1 Nexus 7000 - 10 Slot Chassis - 46Gbps/Slot Fabric 
Module  $6,000


Power Supplies  
N7K-AC-6.0KWNexus 7000 - 6.0KW AC Power Supply Module   $6,000
CAB-AC-2500W-US1 Power Cord, 250Vac 16A, straight blade NEMA 6-20 
plug, US$0


Optional Components 
N7K-C7010-AFLT  Nexus 7010 Air Filter   $500
N7K-C7010-FD-MB Nexus 7010 Front Door  Kit  $1,500



--
Tom Sands   
Chief Network Engineer  
Rackspace   
(210)312-4391   
--

mack wrote:
> Has anyone looked at this monster?
> 
> http://www.cisco.com/en/US/products/ps9402/index.html
> 
> It looks like it only comes with two blades:
> 
> 10GE and copper 10/100/1000
> 
> Lack of an fiber 1gbit blade is a major drawback.
> 
> Has anyone checked out an approximate price?
> 
> If it has higher throughput than the CRS-1,
> Where does that leave the CRS-1?
> 
> --
> LR Mack McBride
> Network Administrator
> Alpha Red, Inc.
> 
> 
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 


Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is 
prohibited.
If you receive this transmission in error, please notify us immediately by 
e-mail
at [EMAIL PROTECTED], and delete the original message.
Your cooperation is appreciated.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-30 Thread Tim Stevenson 
At 10:30 PM 1/29/2008 -0500, Richard A Steenbergen observed:
>On Wed, Jan 30, 2008 at 07:52:44AM +0800, Lincoln Dale (ltd) wrote:
> > Rubens,
> >
> > > > No. It is a linux kernel. The core system management & HA
> > > > infrastructure is taken from SAN-OS (ie MDS) with Ethernet L2 & L3
> > > > functionality laid on top.
> > >
> > > As the Linux kernel and some code commonly used on embedded Linux
> > > devices are GPL'ed, what is the URL for the part of the code that
> > > Cisco is now publishing to comply with the GPL license ?
> >
> > there are no modifications to the standard linux kernel so it complies
> > with the GPL.
> >
> > the system runs on top of Linux, but it doesn't have to, nothing is
> > specific to Linux.
>
>Feel like confirming or denying the rumor that DC3 runs Procket OS? :)

Denied, see my other post. Basic system/HA infrastructure is taken 
from SAN-OS. But the L3 routing in NX-OS is from Procket.

Tim


>--
>Richard A Steenbergen <[EMAIL PROTECTED]>   http://www.e-gerbil.net/ras
>GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Hank Nussbacher 
At 03:22 PM 29-01-08 -0500, Casey Mills wrote:
>http://www.forbes.com/technology/cionetwork/2008/01/27/cisco-nexus-switch-tech-inter-cx_ag_0128techcisco.html

Anyone else find it interesting that Juniper yesterday launced their EX 
switch series (specifically the EX8200):
http://www.juniper.net/switch/products.html

I can't wait for the comparison between the two.

-Hank

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread max reid 

On Jan 29, 2008, at 3:52 PM, Lincoln Dale (ltd) wrote:

> Rubens,
>
>>> No. It is a linux kernel. The core system management & HA
>>> infrastructure is taken from SAN-OS (ie MDS) with Ethernet L2 & L3
>>> functionality laid on top.
>>
>> As the Linux kernel and some code commonly used on embedded Linux
>> devices are GPL'ed, what is the URL for the part of the code that
>> Cisco is now publishing to comply with the GPL license ?
>
> there are no modifications to the standard linux kernel so it complies
> with the GPL.
>
> the system runs on top of Linux, but it doesn't have to, nothing is
> specific to Linux.

Agreed.  Probably doing something very similar to what F5 is doing.  
The "magic" code is just a giant driver with priority of RT ;-)

~Max





>
>
> cheers,
>
> lincoln.
>
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Richard A Steenbergen 
On Wed, Jan 30, 2008 at 07:52:44AM +0800, Lincoln Dale (ltd) wrote:
> Rubens,
> 
> > > No. It is a linux kernel. The core system management & HA
> > > infrastructure is taken from SAN-OS (ie MDS) with Ethernet L2 & L3
> > > functionality laid on top.
> > 
> > As the Linux kernel and some code commonly used on embedded Linux
> > devices are GPL'ed, what is the URL for the part of the code that
> > Cisco is now publishing to comply with the GPL license ?
> 
> there are no modifications to the standard linux kernel so it complies
> with the GPL.
> 
> the system runs on top of Linux, but it doesn't have to, nothing is
> specific to Linux.

Feel like confirming or denying the rumor that DC3 runs Procket OS? :)

-- 
Richard A Steenbergen <[EMAIL PROTECTED]>   http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Chris Adams 
Once upon a time, Andrew Gristina <[EMAIL PROTECTED]> said:
> They don't have to provide it to you, until you purchase it from them.
>  But if you knew the GPL 1 or 2, you'd know that.  Otherwise you can
> get it at kernel.org.

If they don't include the source with the router, they have to include
an offer to _anybody_ to get the source.  However, there's no
requirement to distribute it over the Internet; they can distribute it
on CD and charge to cover the cost.

They either have to include the source or an offer; simply pointing at
the original place they got the source from (e.g. kernel.org) is only
allowed for noncommercial distribution.

-- 
Chris Adams <[EMAIL PROTECTED]>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Lincoln Dale (ltd) 
Rubens,

> > No. It is a linux kernel. The core system management & HA
> > infrastructure is taken from SAN-OS (ie MDS) with Ethernet L2 & L3
> > functionality laid on top.
> 
> As the Linux kernel and some code commonly used on embedded Linux
> devices are GPL'ed, what is the URL for the part of the code that
> Cisco is now publishing to comply with the GPL license ?

there are no modifications to the standard linux kernel so it complies
with the GPL.

the system runs on top of Linux, but it doesn't have to, nothing is
specific to Linux.


cheers,

lincoln.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Andrew Gristina 
They don't have to provide it to you, until you purchase it from them.
 But if you knew the GPL 1 or 2, you'd know that.  Otherwise you can
get it at kernel.org.

On Jan 29, 2008 3:36 PM, Rubens Kuhl Jr. <[EMAIL PROTECTED]> wrote:
> > >What about NX-OS ?
> > >Is it built upon qnx ?
> >
> > No. It is a linux kernel. The core system management & HA
> > infrastructure is taken from SAN-OS (ie MDS) with Ethernet L2 & L3
> > functionality laid on top.
>
> As the Linux kernel and some code commonly used on embedded Linux
> devices are GPL'ed, what is the URL for the part of the code that
> Cisco is now publishing to comply with the GPL license ?
>
>
>
> Rubens
>
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Rubens Kuhl Jr. 
> >What about NX-OS ?
> >Is it built upon qnx ?
>
> No. It is a linux kernel. The core system management & HA
> infrastructure is taken from SAN-OS (ie MDS) with Ethernet L2 & L3
> functionality laid on top.

As the Linux kernel and some code commonly used on embedded Linux
devices are GPL'ed, what is the URL for the part of the code that
Cisco is now publishing to comply with the GPL license ?



Rubens
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Brian Desmond 
That is correct however Windows 2008 removes that limitation.

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Justin Shore
Sent: Tuesday, January 29, 2008 3:43 PM
To: Peter Lothberg
Cc: mack; cisco-nsp@puck.nether.net; Ian Cox
Subject: Re: [c-nsp] Nexus 7000

Peter Lothberg wrote:
>> Ian Cox wrote:
>>> At 08:48 AM 1/29/2008 -0600, Justin Shore wrote:
>>>> Tim Stevenson wrote:
>>>>> At 10:18 PM 1/28/2008 -0600, mack observed:
>>>>>> No mention of MPLS though which gives the CRS-1 a leg up on the
>>>>>> backbone routing market.
>>>>> NO MPLS (though the h/w is capable). No immediate plans for it either.
>>>> This would be a show-stopper for us in our Data Center.  We have to have
>>>> MPLS support for MPLS VPN.
>>> Nexus 7000 supports VRFs for IPv4 and IPv6, so you can still use VRFs to
>>> separate traffic between customers. You just do not have MPLS. You can
>>> have VRFs supported without having MPLS.
>> Yes, if we're talking about VRF-Lite.  What about multichassis VRF
>> support or VRFs in diverse geographic locations (ie data centers in
>> different locations for DR purposes)?  Doesn't that require MPLS VPN
>> support?  VRF-Lite is great but it's very limiting.  I can think of a
>> whole host of situations where VRF-Lite just can't cut it.  Our DC is
>> small but even in that environment I don't have a use for VRF-Lite.  I
>> hate to think of what new scenarios the big DC players bring to the
>> table that require MPLS VPN features.  Of course if you're that big you
>> can afford to home-run your 7000s to 6509s to get the missing L3
>> features.  That's not an option for us I'm afraid.
>
> How about using IP?

Not an option for Microsoft clusters from what I've been told.  The
cluster members have to be in the same broadcast domain requiring a L2
connection between points.

Justin

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Michael Balasko 
Loved the article. 
"But Brocade's switch can't connect data centers over vast distances
like the Nexus, making it less attractive in an increasingly virtualized
IT world. "Cisco has created the switch for the new virtualized data
center"

How far are you going to get with that 1 SR spf+ optic(vast > 26meters)
that is available from Cisco?

http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512
/AAG_SFP+.pdf

I really hope Cisco stuffs useful and realistic roadmaps into the hands
of the Sales squad to make this thingy a bit more palatable. 



Michael Balasko
CCSP,MCSE,MCNE,SCP
Network Specialist II
City of Henderson 
240 Water St. 
Henderson, NV 89015
P: (702) 267-4337


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Casey Mills
Sent: Tuesday, January 29, 2008 12:22 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Nexus 7000

http://www.forbes.com/technology/cionetwork/2008/01/27/cisco-nexus-switc
h-tech-inter-cx_ag_0128techcisco.html
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Donahue 
Quoting Justin Shore <[EMAIL PROTECTED]>:

> Tim Stevenson wrote:
>> At 10:18 PM 1/28/2008 -0600, mack observed:
>>> No mention of MPLS though which gives the CRS-1 a leg up on the
>>> backbone routing market.
>>
>> NO MPLS (though the h/w is capable). No immediate plans for it either.
>
> This would be a show-stopper for us in our Data Center.  We have to have
> MPLS support for MPLS VPN.  How else are they planning on maintaining
> VRF separation between customers across multiple chassis in a hosted
> environment?

[snip]

> Say it with me everyone, MPLS MPLS MPLS.  It's silly to build any device
> without MPLS support.
>

I think that you and Cisco are using different definitions of the term  
'Data Center'.  From my understanding, this product is targeted at the  
Enterprise Data Center, not for a Service Provider Data Center.

I agree that it would be silly to build a device that targets the SP  
market without MPLS, however, your average 'Enterprise' data center  
environment does not use MPLS throughout.  For a device that targets  
this market, I think it would be silly for them to waste resources  
putting a MPLS feature set into a device that would typically never  
need it.  In the Enterprise, MPLS typically exists on the network edge  
for WAN connections, not throughout the network like a Service  
Provider would require.

-- 
Tim Donahue


This message was sent using IMP, the Internet Messaging Program.


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Justin Shore 
Peter Lothberg wrote:
> You don't need MPLS to do this, any encpsulation works. For example
> there are large world_wide deployments providing this using L2TPv3 as
> transport.  

L2TPv3 could be interesting.  I don't know if it would be the optimal 
way to accomplish what one could do with MPLS VPNs but I'm always game 
to trying.

> MPLS is old school, it limits you to be in your own MPLS-fishball
> network. 

I was sitting in a meeting a year and a half ago when an engineer from 
Pannaway said that MPLS was a dying technology.  Of course he also said 
that he saw no problem for use to use static routing in our SP network 
and that QoS wasn't needed to support our VoIP deployment across our 
network if our links weren't saturated...  I think he could have 
confused Confucius.

Justin

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Justin Shore 
Peter Lothberg wrote:
>> Ian Cox wrote:
>>> At 08:48 AM 1/29/2008 -0600, Justin Shore wrote:
 Tim Stevenson wrote:
> At 10:18 PM 1/28/2008 -0600, mack observed:
>> No mention of MPLS though which gives the CRS-1 a leg up on the
>> backbone routing market.
> NO MPLS (though the h/w is capable). No immediate plans for it either.
 This would be a show-stopper for us in our Data Center.  We have to have
 MPLS support for MPLS VPN.
>>> Nexus 7000 supports VRFs for IPv4 and IPv6, so you can still use VRFs to 
>>> separate traffic between customers. You just do not have MPLS. You can 
>>> have VRFs supported without having MPLS.
>> Yes, if we're talking about VRF-Lite.  What about multichassis VRF 
>> support or VRFs in diverse geographic locations (ie data centers in 
>> different locations for DR purposes)?  Doesn't that require MPLS VPN 
>> support?  VRF-Lite is great but it's very limiting.  I can think of a 
>> whole host of situations where VRF-Lite just can't cut it.  Our DC is 
>> small but even in that environment I don't have a use for VRF-Lite.  I 
>> hate to think of what new scenarios the big DC players bring to the 
>> table that require MPLS VPN features.  Of course if you're that big you 
>> can afford to home-run your 7000s to 6509s to get the missing L3 
>> features.  That's not an option for us I'm afraid.
> 
> How about using IP?

Not an option for Microsoft clusters from what I've been told.  The 
cluster members have to be in the same broadcast domain requiring a L2 
connection between points.

Justin

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Nexus 7000

2008-01-29 Thread Casey Mills 
http://www.forbes.com/technology/cionetwork/2008/01/27/cisco-nexus-switch-tech-inter-cx_ag_0128techcisco.html
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread David Sinn 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On Jan 29, 2008, at 11:51 AM, Peter Lothberg wrote:

>> Tim Stevenson wrote:
>>> At 10:18 PM 1/28/2008 -0600, mack observed:
 No mention of MPLS though which gives the CRS-1 a leg up on the
 backbone routing market.
>>>
>>> NO MPLS (though the h/w is capable). No immediate plans for it  
>>> either.
>>
>> This would be a show-stopper for us in our Data Center.  We have to  
>> have
>> MPLS support for MPLS VPN.  How else are they planning on maintaining
>> VRF separation between customers across multiple chassis in a hosted
>> environment?  The only other option would be to use the Nexus as a  
>> dumb
>> L2 switch with a 6500 upstream for all L3VPN functionality.  I would
>> imagine the Nexus would be a rather expensive dumb L2 switch.  What
>> about extending the customer's VRF to a sister DC in a
>> geographically-diverse location?  MPLS again.
>
> You don't need MPLS to do this, any encpsulation works. For example
> there are large world_wide deployments providing this using L2TPv3 as
> transport.

While you don't _need_ MPLS to do this, it is one of the most common  
technology's to support L2 and L3 VPN services.  It happens to be one  
of the more supported then say L2TPv3 is.  So from a "how do I fit  
this into what I've already been doing for the last few year", this  
misses the boat.  It won't fit into my gigapop and it won't work on my  
campus without MPLS.

I'd love to be doing the prefect technology, but I've implemented what  
works and I can get on multiple platforms and vendors.

David

>
>
>> We're also talking with our upstream peers about them providing  
>> L2VPNs
>> for customers to our DC.  We'd meet the providers are our fiber meet
>> points with MPLS-enabled circuits.  Again, requiring some router  
>> other
>> than the Nexus.
>>
>> Say it with me everyone, MPLS MPLS MPLS.  It's silly to build any  
>> device
>> without MPLS support.
>
> MPLS is old school, it limits you to be in your own MPLS-fishball
> network.
>
> -P
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFHn4joLa9jIE3ZamMRAjcGAJwNLbb0zNTC/7LwFzcL87kZQzNJWgCgzvcJ
6Ku1TUd4HJTRILsxWiPa/HM=
=5csY
-END PGP SIGNATURE-
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Peter Rathlev 
On Tue, 2008-01-29 at 20:51 +, Peter Lothberg wrote:
> > Say it with me everyone, MPLS MPLS MPLS.  It's silly to build any device 
> > without MPLS support.
> 
> MPLS is old school, it limits you to be in your own MPLS-fishball
> network. 

A little OT, but I'd say CsC and inter-AS MPLS (+VPN) is reasonably
mature. MPLS has very good scalabilty and provisioning is easy compared
to the manually based L2TPv3. (I may have misunderstood L2TPv3, and I
assume there's no equivalent to MP-BGP and the VPNV4 address family. If
there is I'll eat my arguments again. :-))

Regards,
Peter


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Peter Lothberg 
> Ian Cox wrote:
> > At 08:48 AM 1/29/2008 -0600, Justin Shore wrote:
> >> Tim Stevenson wrote:
> >> > At 10:18 PM 1/28/2008 -0600, mack observed:
> >> >> No mention of MPLS though which gives the CRS-1 a leg up on the
> >> >> backbone routing market.
> >> >
> >> > NO MPLS (though the h/w is capable). No immediate plans for it either.
> >>
> >> This would be a show-stopper for us in our Data Center.  We have to have
> >> MPLS support for MPLS VPN.
> > 
> > Nexus 7000 supports VRFs for IPv4 and IPv6, so you can still use VRFs to 
> > separate traffic between customers. You just do not have MPLS. You can 
> > have VRFs supported without having MPLS.
> 
> Yes, if we're talking about VRF-Lite.  What about multichassis VRF 
> support or VRFs in diverse geographic locations (ie data centers in 
> different locations for DR purposes)?  Doesn't that require MPLS VPN 
> support?  VRF-Lite is great but it's very limiting.  I can think of a 
> whole host of situations where VRF-Lite just can't cut it.  Our DC is 
> small but even in that environment I don't have a use for VRF-Lite.  I 
> hate to think of what new scenarios the big DC players bring to the 
> table that require MPLS VPN features.  Of course if you're that big you 
> can afford to home-run your 7000s to 6509s to get the missing L3 
> features.  That's not an option for us I'm afraid.

How about using IP?



-P
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Peter Lothberg 
> Tim Stevenson wrote:
> > At 10:18 PM 1/28/2008 -0600, mack observed:
> >> No mention of MPLS though which gives the CRS-1 a leg up on the 
> >> backbone routing market.
> > 
> > NO MPLS (though the h/w is capable). No immediate plans for it either.
> 
> This would be a show-stopper for us in our Data Center.  We have to have 
> MPLS support for MPLS VPN.  How else are they planning on maintaining 
> VRF separation between customers across multiple chassis in a hosted 
> environment?  The only other option would be to use the Nexus as a dumb 
> L2 switch with a 6500 upstream for all L3VPN functionality.  I would 
> imagine the Nexus would be a rather expensive dumb L2 switch.  What 
> about extending the customer's VRF to a sister DC in a 
> geographically-diverse location?  MPLS again.

You don't need MPLS to do this, any encpsulation works. For example
there are large world_wide deployments providing this using L2TPv3 as
transport.  

> We're also talking with our upstream peers about them providing L2VPNs 
> for customers to our DC.  We'd meet the providers are our fiber meet 
> points with MPLS-enabled circuits.  Again, requiring some router other 
> than the Nexus.
> 
> Say it with me everyone, MPLS MPLS MPLS.  It's silly to build any device 
> without MPLS support.

MPLS is old school, it limits you to be in your own MPLS-fishball
network. 

-P
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread mack 
This is disappointing :(
The sales hype indicated this was revolutionary.
Instead it is a slight improvement over the existing switch gear with crippled 
MPLS and routing capability.
The 4:1 over subscription at the port level even limits it for intense SAN 
usage.

--
LR Mack McBride
Network Administrator
Alpha Red, Inc.


> -Original Message-
> From: Tim Stevenson [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, January 29, 2008 7:12 AM
> To: mack; Tom Storey; Pete Templin
> Cc: cisco-nsp@puck.nether.net
> Subject: RE: [c-nsp] Nexus 7000
>
> At 03:04 AM 1/29/2008 -0600, mack observed:
> >Ok that math doesn't make sense.
> >60/48=1 1/3 not 2.
>
> So at small packets, this system can do 4 ports non blocking & 6704 can
> do ~3.
>
> >Even at that 32 ports with 80gbps forwarding is still an
> >oversubscription of 4:1
>
> Yes, this card is 4:1 oversubscribed at the port level - ie 4 ports
> share 10G b/w toward the rest of the system, you will never get more
> than 10G from each 4-port group.
>
>
> >Of course real world will probably allow forwarding of more than
> >80gbps at 60mpps.
>
> You will not get more than 80G out of this card.
>
>
> >The performance listed jives pretty well with the 230gbps / slot
> >(figure 500 byte packets).
>
> The 230G is a characteristic of the intially shipping FABRIC - the
> initially shipping IO modules don't leverage the full fabric b/w.
>
> >Meaning a 1.4:1 oversubscription on the 32 x 10GE card (assuming
> >single direction traffic).
>
> No, you will not get a 1.4:1 ratio on this card.
>
> Tim
>
>
> >--
> >LR Mack McBride
> >Network Administrator
> >Alpha Red, Inc.
> >
> >
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Justin Shore 
Ian Cox wrote:
> At 08:48 AM 1/29/2008 -0600, Justin Shore wrote:
>> Tim Stevenson wrote:
>> > At 10:18 PM 1/28/2008 -0600, mack observed:
>> >> No mention of MPLS though which gives the CRS-1 a leg up on the
>> >> backbone routing market.
>> >
>> > NO MPLS (though the h/w is capable). No immediate plans for it either.
>>
>> This would be a show-stopper for us in our Data Center.  We have to have
>> MPLS support for MPLS VPN.
> 
> Nexus 7000 supports VRFs for IPv4 and IPv6, so you can still use VRFs to 
> separate traffic between customers. You just do not have MPLS. You can 
> have VRFs supported without having MPLS.

Yes, if we're talking about VRF-Lite.  What about multichassis VRF 
support or VRFs in diverse geographic locations (ie data centers in 
different locations for DR purposes)?  Doesn't that require MPLS VPN 
support?  VRF-Lite is great but it's very limiting.  I can think of a 
whole host of situations where VRF-Lite just can't cut it.  Our DC is 
small but even in that environment I don't have a use for VRF-Lite.  I 
hate to think of what new scenarios the big DC players bring to the 
table that require MPLS VPN features.  Of course if you're that big you 
can afford to home-run your 7000s to 6509s to get the missing L3 
features.  That's not an option for us I'm afraid.

Justin
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Ian Cox 
At 08:48 AM 1/29/2008 -0600, Justin Shore wrote:
>Tim Stevenson wrote:
> > At 10:18 PM 1/28/2008 -0600, mack observed:
> >> No mention of MPLS though which gives the CRS-1 a leg up on the
> >> backbone routing market.
> >
> > NO MPLS (though the h/w is capable). No immediate plans for it either.
>
>This would be a show-stopper for us in our Data Center.  We have to have
>MPLS support for MPLS VPN.

Nexus 7000 supports VRFs for IPv4 and IPv6, so you can still use VRFs 
to separate traffic between customers. You just do not have MPLS. You 
can have VRFs supported without having MPLS.


Ian

>  How else are they planning on maintaining
>VRF separation between customers across multiple chassis in a hosted
>environment?  The only other option would be to use the Nexus as a dumb
>L2 switch with a 6500 upstream for all L3VPN functionality.  I would
>imagine the Nexus would be a rather expensive dumb L2 switch.  What
>about extending the customer's VRF to a sister DC in a
>geographically-diverse location?  MPLS again.
>
>We're also talking with our upstream peers about them providing L2VPNs
>for customers to our DC.  We'd meet the providers are our fiber meet
>points with MPLS-enabled circuits.  Again, requiring some router other
>than the Nexus.
>
>Say it with me everyone, MPLS MPLS MPLS.  It's silly to build any device
>without MPLS support.
>
>Justin
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Roland Dobbins 

On Jan 29, 2008, at 7:59 PM, James Humphris wrote:

> What type of hardware platform would I need to use as a collector if I
> enabled netflow (or even sampled netflow) on a number of these devices
> in my data centre!?!

In addition to Aamer's comments in re Cisco NFC, commercial folks such  
as Arbor, Lancope, Mazu, Narus, Q1, et. al. have various scalable  
options for collection/analysis.  One can also scale the various open- 
source solutions based upon choice of hardware/OS.

With regards to telemetry volume, folks really need to start thinking  
about scaling their DCNs (vital telemetry such as NetFlow should be  
sent over the DCN, not in-band on the production network, for obvious  
reasons) to accommodate higher volumes with higher speeds, as well as  
increased amounts of information from features like FNF, the NetFlow- 
based layer-7-type reportage via NetFlow v9 transport of the new ASA  
and the SCE, et. al.  The growing sentiment seems to be that  
classification capabilities *must* keep up with the higher link speeds  
which are becoming more commonplace.

---
Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice

Culture eats strategy for breakfast.

   -- Ford Motor Company



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Justin Shore 
Tim Stevenson wrote:
> At 10:18 PM 1/28/2008 -0600, mack observed:
>> No mention of MPLS though which gives the CRS-1 a leg up on the 
>> backbone routing market.
> 
> NO MPLS (though the h/w is capable). No immediate plans for it either.

This would be a show-stopper for us in our Data Center.  We have to have 
MPLS support for MPLS VPN.  How else are they planning on maintaining 
VRF separation between customers across multiple chassis in a hosted 
environment?  The only other option would be to use the Nexus as a dumb 
L2 switch with a 6500 upstream for all L3VPN functionality.  I would 
imagine the Nexus would be a rather expensive dumb L2 switch.  What 
about extending the customer's VRF to a sister DC in a 
geographically-diverse location?  MPLS again.

We're also talking with our upstream peers about them providing L2VPNs 
for customers to our DC.  We'd meet the providers are our fiber meet 
points with MPLS-enabled circuits.  Again, requiring some router other 
than the Nexus.

Say it with me everyone, MPLS MPLS MPLS.  It's silly to build any device 
without MPLS support.

Justin

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
At 03:04 AM 1/29/2008 -0600, mack observed:
>Ok that math doesn't make sense.
>60/48=1 1/3 not 2.

So at small packets, this system can do 4 ports non blocking & 6704 can do ~3.

>Even at that 32 ports with 80gbps forwarding is still an 
>oversubscription of 4:1

Yes, this card is 4:1 oversubscribed at the port level - ie 4 ports 
share 10G b/w toward the rest of the system, you will never get more 
than 10G from each 4-port group.


>Of course real world will probably allow forwarding of more than 
>80gbps at 60mpps.

You will not get more than 80G out of this card.


>The performance listed jives pretty well with the 230gbps / slot 
>(figure 500 byte packets).

The 230G is a characteristic of the intially shipping FABRIC - the 
initially shipping IO modules don't leverage the full fabric b/w.

>Meaning a 1.4:1 oversubscription on the 32 x 10GE card (assuming 
>single direction traffic).

No, you will not get a 1.4:1 ratio on this card.

Tim


>--
>LR Mack McBride
>Network Administrator
>Alpha Red, Inc.
>
>
> > -Original Message-
> > From: Tim Stevenson [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, January 29, 2008 2:52 AM
> > To: mack; Tom Storey; Pete Templin
> > Cc: cisco-nsp@puck.nether.net
> > Subject: RE: [c-nsp] Nexus 7000
> >
> > At 02:38 AM 1/29/2008 -0600, mack observed:
> > >The 60mpps (30mpps) forwarding rate per slot is pretty anemic
> > >considering a 6704-10GE w/ DFC will do 48mpps per slot.
> >
> > True. But, after the pps is removed as the bottleneck, this system
> > will do 8 10G ports at line rate per slot vs ~4.
> >
> > Tim
> >
> > >This is obviously for heavy duty back end applications and not
> > >satisfactory for front end delivery to the internet.
> > >The 6500/7600 is still the obvious sweet spot for data centers
> > >specializing in content delivery to the internet.
> > >
> > >The CRS-1 is really cool but cost way too much.
> > >The 8 slot system even has a lower total bandwidth capability than the
> > 7609.
> > >It doesn't shine until you go to the 16 slot system.
> > >
> > >--
> > >LR Mack McBride
> > >Network Administrator
> > >Alpha Red, Inc.
> > >
> > > > -Original Message-
> > > > From: Tim Stevenson [mailto:[EMAIL PROTECTED]
> > > > Sent: Tuesday, January 29, 2008 1:51 AM
> > > > To: Tom Storey; Pete Templin
> > > > Cc: mack; cisco-nsp@puck.nether.net
> > > > Subject: Re: [c-nsp] Nexus 7000
> > > >
> > >[snip]
> > > >
> > > > 60Mpps IPv4 unicast per slot, 30Mpps IPv6 unicast per slot. Routing
> > > > protocol highlights: OSPFv2/3, ISIS, BGP, EIGRP (v4).
> > > >
> > > > Also doing v4 & v6 multicast, SM, SSM, bidir, with abundant
> > multicast
> > > > replication bandwidth.
> > > >
> > > > Tim
> > > >
> > > >
> > > > >Hopefully more docos are on the way which will detail all of this.
> > > > >
> > > > >___
> > > > >cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > > > >https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > > >archive at http://puck.nether.net/pipermail/cisco-nsp/
> > > >
> > > >
> > > >
> > > > Tim Stevenson, [EMAIL PROTECTED]
> > > > Routing & Switching CCIE #5561
> > > > Technical Marketing Engineer, Data Center BU
> > > > Cisco Systems, http://www.cisco.com
> > > > IP Phone: 408-526-6759
> > > > 
> > > > The contents of this message may be *Cisco Confidential*
> > > > and are intended for the specified recipients only.
> >
> >
> >
> > Tim Stevenson, [EMAIL PROTECTED]
> > Routing & Switching CCIE #5561
> > Technical Marketing Engineer, Data Center BU
> > Cisco Systems, http://www.cisco.com
> > IP Phone: 408-526-6759
> > 
> > The contents of this message may be *Cisco Confidential*
> > and are intended for the specified recipients only.



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Aamer Akhter (aakhter) 
There are some techniques that one can use to scale something like this. One 
could use a UDP loadbalancer to a complex for collectors to distribute the 
load. 

The cisco NFC does support this model with hiearchrial collectors, as other 
collector implementations do as well. The one thing you have to look out for is 
wheter the individual collector is doing some kind of aggregation before 
sending the data to a higher hierarchy. In such a case you could wind up with 
misweighted data. Also keep in mind the licensing models for some of the 
collector software (cisco nfc is per collector install, others are per router 
port, or per routing device).

Cisco NFC can run on a variety of machines (an actual appliance is not sold, 
just the software), so a single box's scale could be quite high. I don't have 
the numbers on a reference system though.

Regards,

-- 
Aamer Akhter / [EMAIL PROTECTED]
Ent & Commercial Systems, cisco Systems

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:cisco-nsp-
> [EMAIL PROTECTED] On Behalf Of James Humphris
> Sent: Tuesday, January 29, 2008 8:00 AM
> To: Lincoln Dale (ltd); cisco-nsp@puck.nether.net
> Subject: Re: [c-nsp] Nexus 7000
> 
> Lincon,
> 
> Just on the netflow point, whilst it's all very well being able to
> generate a ton of netflow data export records, but has the Cisco
> Netflow
> Collector been sufficiently scaled to deal with the sort of volumes of
> traffic generated by these "next generation" platforms?
> 
> What type of hardware platform would I need to use as a collector if I
> enabled netflow (or even sampled netflow) on a number of these devices
> in my data centre!?!
> 
> James.
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Lincoln Dale
> (ltd)
> Sent: 29 January 2008 12:30
> To: Ray Burkholder; cisco-nsp@puck.nether.net
> Subject: Re: [c-nsp] Nexus 7000
> 
> > Does it do netflow output?
> 
> yes, NetFlow export v5 and v9 (flexible netflow) export are supported.
> 
> h/w table of 512K netflow entries shared between ingress & egress on
> each forwarding engine (per I/O module).
> 
> > Or sampled netflow?
> 
> yes, (true) sampled netflow is supported in h/w too.
> 
> > I suppose one would need a
> > small network just to handle the netflow output of a fully traffic'd
> > switch.
> 
> quite possibly!
> 
> in the initial software release the export is handled by the Supervisor
> control-plane. in a maintenance release soon after, we're adding
> distributed netflow export such that its exported from the control-
> plane
> local on the I/O module.
> even with the centralized model, its forseeable that there could be
> substancial export rate!
> 
> 
> cheers,
> 
> lincoln.
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread James Humphris 
Lincon,

Just on the netflow point, whilst it's all very well being able to
generate a ton of netflow data export records, but has the Cisco Netflow
Collector been sufficiently scaled to deal with the sort of volumes of
traffic generated by these "next generation" platforms?

What type of hardware platform would I need to use as a collector if I
enabled netflow (or even sampled netflow) on a number of these devices
in my data centre!?!

James.


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Lincoln Dale
(ltd)
Sent: 29 January 2008 12:30
To: Ray Burkholder; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Nexus 7000

> Does it do netflow output?

yes, NetFlow export v5 and v9 (flexible netflow) export are supported.

h/w table of 512K netflow entries shared between ingress & egress on
each forwarding engine (per I/O module).

> Or sampled netflow?

yes, (true) sampled netflow is supported in h/w too.

> I suppose one would need a
> small network just to handle the netflow output of a fully traffic'd
> switch.

quite possibly!

in the initial software release the export is handled by the Supervisor
control-plane. in a maintenance release soon after, we're adding
distributed netflow export such that its exported from the control-plane
local on the I/O module.
even with the centralized model, its forseeable that there could be
substancial export rate!


cheers,

lincoln.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Pete Templin 
Tim Stevenson wrote:
> At 09:57 PM 1/28/2008 -0600, Pete Templin observed:
>>
>> Call me crazy, but I got no sense that this new thingy can route,
> 
> Yes, it can route.

Alright, so I couldn't find that (definitively) in the first two pages I 
read.  It's called a 'switch'.  I know the line is blurry on L3 
switching/routing, but can't we call a router a router (or at least a 
rooter...)?  Especially if there was a 7000 series router in the past, 
and now this is a 7000 series switch...

pt
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Lincoln Dale (ltd) 
> Does it do netflow output?

yes, NetFlow export v5 and v9 (flexible netflow) export are supported.

h/w table of 512K netflow entries shared between ingress & egress on
each forwarding engine (per I/O module).

> Or sampled netflow?

yes, (true) sampled netflow is supported in h/w too.

> I suppose one would need a
> small network just to handle the netflow output of a fully traffic'd
> switch.

quite possibly!

in the initial software release the export is handled by the Supervisor
control-plane. in a maintenance release soon after, we're adding
distributed netflow export such that its exported from the control-plane
local on the I/O module.
even with the centralized model, its forseeable that there could be
substancial export rate!


cheers,

lincoln.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Ray Burkholder 
 
> 
> Pete Templin wrote:
> > Call me crazy, but I got no sense that this new thingy can 
> route, from 
> > the little video or any of the data sheets.  They'd be spouting the
> pps
> > of IPv6 hardware routing, if it could.
> 
> with initial I/O modules & chassis, up to 240M PPS IPv6 h/w 
> switched goodness.

Does it do netflow output?  Or sampled netflow?  I suppose one would need a
small network just to handle the netflow output of a fully traffic'd switch.


-- 
Scanned for viruses and dangerous content at 
http://www.oneunified.net and is believed to be clean.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Lincoln Dale (ltd) 
Mack,

> Ok that math doesn't make sense.

on Nexus 7000 the "fabric bandwidth" is different from the "forwarding
performance" of a given I/O (linecard) module.

you'll have to trust that Tim S does have his math correct ...



cheers,

lincoln.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread mack 
Ok that math doesn't make sense.
60/48=1 1/3 not 2.
Even at that 32 ports with 80gbps forwarding is still an oversubscription of 4:1
Of course real world will probably allow forwarding of more than 80gbps at 
60mpps.

The performance listed jives pretty well with the 230gbps / slot (figure 500 
byte packets).
Meaning a 1.4:1 oversubscription on the 32 x 10GE card (assuming single 
direction traffic).

--
LR Mack McBride
Network Administrator
Alpha Red, Inc.


> -Original Message-
> From: Tim Stevenson [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, January 29, 2008 2:52 AM
> To: mack; Tom Storey; Pete Templin
> Cc: cisco-nsp@puck.nether.net
> Subject: RE: [c-nsp] Nexus 7000
>
> At 02:38 AM 1/29/2008 -0600, mack observed:
> >The 60mpps (30mpps) forwarding rate per slot is pretty anemic
> >considering a 6704-10GE w/ DFC will do 48mpps per slot.
>
> True. But, after the pps is removed as the bottleneck, this system
> will do 8 10G ports at line rate per slot vs ~4.
>
> Tim
>
> >This is obviously for heavy duty back end applications and not
> >satisfactory for front end delivery to the internet.
> >The 6500/7600 is still the obvious sweet spot for data centers
> >specializing in content delivery to the internet.
> >
> >The CRS-1 is really cool but cost way too much.
> >The 8 slot system even has a lower total bandwidth capability than the
> 7609.
> >It doesn't shine until you go to the 16 slot system.
> >
> >--
> >LR Mack McBride
> >Network Administrator
> >Alpha Red, Inc.
> >
> > > -Original Message-
> > > From: Tim Stevenson [mailto:[EMAIL PROTECTED]
> > > Sent: Tuesday, January 29, 2008 1:51 AM
> > > To: Tom Storey; Pete Templin
> > > Cc: mack; cisco-nsp@puck.nether.net
> > > Subject: Re: [c-nsp] Nexus 7000
> > >
> >[snip]
> > >
> > > 60Mpps IPv4 unicast per slot, 30Mpps IPv6 unicast per slot. Routing
> > > protocol highlights: OSPFv2/3, ISIS, BGP, EIGRP (v4).
> > >
> > > Also doing v4 & v6 multicast, SM, SSM, bidir, with abundant
> multicast
> > > replication bandwidth.
> > >
> > > Tim
> > >
> > >
> > > >Hopefully more docos are on the way which will detail all of this.
> > > >
> > > >___
> > > >cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > > >https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > >archive at http://puck.nether.net/pipermail/cisco-nsp/
> > >
> > >
> > >
> > > Tim Stevenson, [EMAIL PROTECTED]
> > > Routing & Switching CCIE #5561
> > > Technical Marketing Engineer, Data Center BU
> > > Cisco Systems, http://www.cisco.com
> > > IP Phone: 408-526-6759
> > > 
> > > The contents of this message may be *Cisco Confidential*
> > > and are intended for the specified recipients only.
>
>
>
> Tim Stevenson, [EMAIL PROTECTED]
> Routing & Switching CCIE #5561
> Technical Marketing Engineer, Data Center BU
> Cisco Systems, http://www.cisco.com
> IP Phone: 408-526-6759
> 
> The contents of this message may be *Cisco Confidential*
> and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
At 02:38 AM 1/29/2008 -0600, mack observed:
>The 60mpps (30mpps) forwarding rate per slot is pretty anemic 
>considering a 6704-10GE w/ DFC will do 48mpps per slot.

True. But, after the pps is removed as the bottleneck, this system 
will do 8 10G ports at line rate per slot vs ~4.

Tim

>This is obviously for heavy duty back end applications and not 
>satisfactory for front end delivery to the internet.
>The 6500/7600 is still the obvious sweet spot for data centers 
>specializing in content delivery to the internet.
>
>The CRS-1 is really cool but cost way too much.
>The 8 slot system even has a lower total bandwidth capability than the 7609.
>It doesn't shine until you go to the 16 slot system.
>
>--
>LR Mack McBride
>Network Administrator
>Alpha Red, Inc.
>
> > -Original Message-
> > From: Tim Stevenson [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, January 29, 2008 1:51 AM
> > To: Tom Storey; Pete Templin
> > Cc: mack; cisco-nsp@puck.nether.net
> > Subject: Re: [c-nsp] Nexus 7000
> >
>[snip]
> >
> > 60Mpps IPv4 unicast per slot, 30Mpps IPv6 unicast per slot. Routing
> > protocol highlights: OSPFv2/3, ISIS, BGP, EIGRP (v4).
> >
> > Also doing v4 & v6 multicast, SM, SSM, bidir, with abundant multicast
> > replication bandwidth.
> >
> > Tim
> >
> >
> > >Hopefully more docos are on the way which will detail all of this.
> > >
> > >___
> > >cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > >https://puck.nether.net/mailman/listinfo/cisco-nsp
> > >archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> >
> >
> > Tim Stevenson, [EMAIL PROTECTED]
> > Routing & Switching CCIE #5561
> > Technical Marketing Engineer, Data Center BU
> > Cisco Systems, http://www.cisco.com
> > IP Phone: 408-526-6759
> > 
> > The contents of this message may be *Cisco Confidential*
> > and are intended for the specified recipients only.



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread mack 
The 60mpps (30mpps) forwarding rate per slot is pretty anemic considering a 
6704-10GE w/ DFC will do 48mpps per slot.
This is obviously for heavy duty back end applications and not satisfactory for 
front end delivery to the internet.
The 6500/7600 is still the obvious sweet spot for data centers specializing in 
content delivery to the internet.

The CRS-1 is really cool but cost way too much.
The 8 slot system even has a lower total bandwidth capability than the 7609.
It doesn't shine until you go to the 16 slot system.

--
LR Mack McBride
Network Administrator
Alpha Red, Inc.

> -Original Message-
> From: Tim Stevenson [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, January 29, 2008 1:51 AM
> To: Tom Storey; Pete Templin
> Cc: mack; cisco-nsp@puck.nether.net
> Subject: Re: [c-nsp] Nexus 7000
>
[snip]
>
> 60Mpps IPv4 unicast per slot, 30Mpps IPv6 unicast per slot. Routing
> protocol highlights: OSPFv2/3, ISIS, BGP, EIGRP (v4).
>
> Also doing v4 & v6 multicast, SM, SSM, bidir, with abundant multicast
> replication bandwidth.
>
> Tim
>
>
> >Hopefully more docos are on the way which will detail all of this.
> >
> >___
> >cisco-nsp mailing list  cisco-nsp@puck.nether.net
> >https://puck.nether.net/mailman/listinfo/cisco-nsp
> >archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>
> Tim Stevenson, [EMAIL PROTECTED]
> Routing & Switching CCIE #5561
> Technical Marketing Engineer, Data Center BU
> Cisco Systems, http://www.cisco.com
> IP Phone: 408-526-6759
> 
> The contents of this message may be *Cisco Confidential*
> and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Elmar K. Bins 
[EMAIL PROTECTED] (Daniel Hooper) wrote:

> "Microsoft is currently performing rigorous testing of the Nexus 7000
> Series for security, manageability and performance in a lab environment"
> 
> I doubt Microsoft would be doing any type of WAN/mpls/backbone testing
> on it,

I bet, Doug would love to get his hands on something like this, so, yes,
I do believe M$ is testing it ;-)

Hey, they have geeks too...

Elmi.

-- 

"Hinken ist kein Mangel eines Vergleichs, sondern sollte als wesentliche
 Eigenschaft von Vergleichen angesehen werden."   (Marius Fränzel in desd)

--[ ELMI-RIPE ]---

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
At 06:51 AM 1/29/2008 +0100, hjan observed:


>Lincoln Dale (ltd) ha scritto:
> > mack wrote:
> > with initial I/O modules & chassis, up to 240M PPS IPv6 h/w switched
> > goodness.
>
>
>What about NX-OS ?
>Is it built upon qnx ?

No. It is a linux kernel. The core system management & HA 
infrastructure is taken from SAN-OS (ie MDS) with Ethernet L2 & L3 
functionality laid on top.

Tim



>Regards,
>Gianluca
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
At 10:18 PM 1/28/2008 -0600, mack observed:
>The only mentions of routing:
>
>IP routing and multicast: Supports state-of-the-art implementations
>of IPv4 and IPv6 services, routing protocols, and IP Multicast 
>features to optimize and enhance data center scalability and 
>performance, reducing capital expenditures (CapEx) and operating 
>expenses (OpEx)
>
>The OS documents list the various RFC supported including all of the 
>usual BGP and IPv6 RFCs.
>
>No mention of MPLS though which gives the CRS-1 a leg up on the 
>backbone routing market.

NO MPLS (though the h/w is capable). No immediate plans for it either.

Tim

>This looks like it kills for everything but SONET and MPLS.
>
>--
>LR Mack McBride
>Network Administrator
>Alpha Red, Inc.
>
>
> > -Original Message-
> > From: Tom Storey [mailto:[EMAIL PROTECTED]
> > Sent: Monday, January 28, 2008 10:03 PM
> > To: Pete Templin
> > Cc: mack; cisco-nsp@puck.nether.net
> > Subject: Re: [c-nsp] Nexus 7000
> >
> >
> > > Call me crazy, but I got no sense that this new thingy can route,
> > from
> > > the little video or any of the data sheets.  They'd be spouting the
> > pps
> > > of IPv6 hardware routing, if it could.
> >
> > I saw mention of VRFs, OSPFv2 and 3, and mentions of IPv4 and IPv6
> > among
> > the existing documents, but no mention of PPS or anything else routing
> > related.
> >
> > Hopefully more docos are on the way which will detail all of this.
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
Unfortunately, in this 10G blade, the SFP+ will be 10G only.

Tim

At 11:07 PM 1/28/2008 -0500, David Prall observed:
>It uses SFP+'s, they supposedly will be available in both 1GE and 10GE.
>
>--
>http://dcp.dcptech.com
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of mack
> > Sent: Monday, January 28, 2008 10:25 PM
> > To: cisco-nsp@puck.nether.net
> > Subject: [c-nsp] Nexus 7000
> >
> > Has anyone looked at this monster?
> >
> > http://www.cisco.com/en/US/products/ps9402/index.html
> >
> > It looks like it only comes with two blades:
> >
> > 10GE and copper 10/100/1000
> >
> > Lack of an fiber 1gbit blade is a major drawback.
> >
> > Has anyone checked out an approximate price?
> >
> > If it has higher throughput than the CRS-1,
> > Where does that leave the CRS-1?
> >
> > --
> > LR Mack McBride
> > Network Administrator
> > Alpha Red, Inc.
> >
> >
> > ___
> > cisco-nsp mailing list  cisco-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
At 02:33 PM 1/29/2008 +1030, Tom Storey observed:

> > Call me crazy, but I got no sense that this new thingy can route, from
> > the little video or any of the data sheets.  They'd be spouting the pps
> > of IPv6 hardware routing, if it could.
>
>I saw mention of VRFs, OSPFv2 and 3, and mentions of IPv4 and IPv6 among
>the existing documents, but no mention of PPS or anything else routing
>related.

60Mpps IPv4 unicast per slot, 30Mpps IPv6 unicast per slot. Routing 
protocol highlights: OSPFv2/3, ISIS, BGP, EIGRP (v4).

Also doing v4 & v6 multicast, SM, SSM, bidir, with abundant multicast 
replication bandwidth.

Tim


>Hopefully more docos are on the way which will detail all of this.
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
At 02:41 PM 1/29/2008 +0900, Daniel Hooper observed:
>"Microsoft is currently performing rigorous testing of the Nexus 7000
>Series for security, manageability and performance in a lab environment"
>
>I doubt Microsoft would be doing any type of WAN/mpls/backbone testing
>on it, just from the small amount of information available it looks to
>be good for combining your SAN switch fabrics with your lan/data switch
>fabric

The platform is positioned to do just that, in time - ie once FCoE 
standards are complete. Make no mistake please, at initial ship, the 
linecards are standard Ethernet for data center L2/L3 switching.

>  ... does this just seem like a bad idea to anyone else?

Kind of like voip?

Tim


>Cheerio
>
>-Dan
>
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] On Behalf Of Geyer, Nick
>Sent: Tuesday, 29 January 2008 1:20 PM
>To: cisco-nsp@puck.nether.net
>Subject: Re: [c-nsp] Nexus 7000
>
>The documentation out for NX-OS shows support for most IP routing
>solutions around today. It will be interesting to see more doco from
>Cisco on what this box can actually do and find out where Cisco plans to
>slot it into the family tree (perhaps the illegitimate child of Mr.
>CRS-1 and Mrs. 7609?)
>
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] On Behalf Of Tom Storey
>Sent: Tuesday, 29 January 2008 3:03 PM
>To: Pete Templin
>Cc: mack; cisco-nsp@puck.nether.net
>Subject: Re: [c-nsp] Nexus 7000
>
>
> > Call me crazy, but I got no sense that this new thingy can route, from
> > the little video or any of the data sheets.  They'd be spouting the
>pps
> > of IPv6 hardware routing, if it could.
>
>I saw mention of VRFs, OSPFv2 and 3, and mentions of IPv4 and IPv6 among
>the existing documents, but no mention of PPS or anything else routing
>related.
>
>Hopefully more docos are on the way which will detail all of this.
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-29 Thread Tim Stevenson 
No. No plans.
Tim

At 03:38 AM 1/29/2008 +, Stephen Stuart observed:
> > If it has higher throughput than the CRS-1,
> > Where does that leave the CRS-1?
>
>Able to terminate SONET connections?
>
>Stephen
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-28 Thread Tim Stevenson 
At 09:57 PM 1/28/2008 -0600, Pete Templin observed:
>mack wrote:
> > Has anyone looked at this monster?
> >
> > http://www.cisco.com/en/US/products/ps9402/index.html
> >
> > If it has higher throughput than the CRS-1,
> > Where does that leave the CRS-1?
>
>In a routed world, where people think DC power is better, and/or for
>SONET (as others have mentioned)?
>
>Call me crazy, but I got no sense that this new thingy can route,

Yes, it can route.

>from
>the little video or any of the data sheets.  They'd be spouting the pps
>of IPv6 hardware routing, if it could.

30Mpps per slot IPv6 unicast routing.


>Perhaps the 6500 will shift to closets, the 7600 to routing, and the
>7010 to datacenter switching for enterprises?

The product targets data center routing & switching - data center 
core/agg & 10G server access are the sweet spots.

>At least the Double Clear Front Door Kit is optional...

Wasn't there a thread on cool lookin' data centers? Alright, take the 
doors off if you like, but it'd look sweet w/blue neon behind it or sumthin' ;)

Tim


>pt
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, [EMAIL PROTECTED]
Routing & Switching CCIE #5561
Technical Marketing Engineer, Data Center BU
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759

The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-28 Thread Saku Ytti 
On (2008-01-28 21:24 -0600), mack wrote:
 
> Where does that leave the CRS-1?

In the rack, MPLS switching packets and doing IP lookup on >128k FIB.

It seems as if cisco made sure, that this time SP's won't be buying
it's 'switch' as a cheap alternative to higher margin routers. Saying
that, it looks like a nice product with quite a bit of innovation for the
market it's targeting.

-- 
  ++ytti
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-28 Thread hjan 


Lincoln Dale (ltd) ha scritto:
> mack wrote:
> with initial I/O modules & chassis, up to 240M PPS IPv6 h/w switched
> goodness.


What about NX-OS ?
Is it built upon qnx ?

Regards,
Gianluca

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-28 Thread Daniel Hooper 
"Microsoft is currently performing rigorous testing of the Nexus 7000
Series for security, manageability and performance in a lab environment"

I doubt Microsoft would be doing any type of WAN/mpls/backbone testing
on it, just from the small amount of information available it looks to
be good for combining your SAN switch fabrics with your lan/data switch
fabric ... does this just seem like a bad idea to anyone else?

Cheerio

-Dan

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Geyer, Nick
Sent: Tuesday, 29 January 2008 1:20 PM
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Nexus 7000

The documentation out for NX-OS shows support for most IP routing
solutions around today. It will be interesting to see more doco from
Cisco on what this box can actually do and find out where Cisco plans to
slot it into the family tree (perhaps the illegitimate child of Mr.
CRS-1 and Mrs. 7609?)

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom Storey
Sent: Tuesday, 29 January 2008 3:03 PM
To: Pete Templin
Cc: mack; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Nexus 7000


> Call me crazy, but I got no sense that this new thingy can route, from
> the little video or any of the data sheets.  They'd be spouting the
pps
> of IPv6 hardware routing, if it could.

I saw mention of VRFs, OSPFv2 and 3, and mentions of IPv4 and IPv6 among
the existing documents, but no mention of PPS or anything else routing
related.

Hopefully more docos are on the way which will detail all of this.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-28 Thread Lincoln Dale (ltd) 
mack wrote:
> Has anyone looked at this monster?
> http://www.cisco.com/en/US/products/ps9402/index.html

note that the Nexus 7000 is announced, it isn't yet shipping.

> It looks like it only comes with two blades:
> 10GE and copper 10/100/1000

those are the initial I/O modules, more on the way.

> If it has higher throughput than the CRS-1,
> Where does that leave the CRS-1?

Cisco CRS-1 is targeted at Service Provider deployments.
Cisco Nexus 7000 is primarily targeted at Enterprise Data Centers.

to the extent that feature-sets between these two areas overlap, they
have similar features, but from a SP standpoint, there are some things
that we (deliberately) haven't done on Nexus 7000 at this point because
we want to be clear on where its targeted - Enterprise Data Centers -
and less so service provider requirements.

in short: it generally doesn't overlap with either the existing CRS-1,
c7600 or c6500.


Pete Templin wrote:
> Call me crazy, but I got no sense that this new thingy can route, from
> the little video or any of the data sheets.  They'd be spouting the
pps
> of IPv6 hardware routing, if it could.

with initial I/O modules & chassis, up to 240M PPS IPv6 h/w switched
goodness.


cheers,

lincoln.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Nexus 7000

2008-01-28 Thread Geyer, Nick 
The documentation out for NX-OS shows support for most IP routing
solutions around today. It will be interesting to see more doco from
Cisco on what this box can actually do and find out where Cisco plans to
slot it into the family tree (perhaps the illegitimate child of Mr.
CRS-1 and Mrs. 7609?)

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom Storey
Sent: Tuesday, 29 January 2008 3:03 PM
To: Pete Templin
Cc: mack; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Nexus 7000


> Call me crazy, but I got no sense that this new thingy can route, from
> the little video or any of the data sheets.  They'd be spouting the
pps
> of IPv6 hardware routing, if it could.

I saw mention of VRFs, OSPFv2 and 3, and mentions of IPv4 and IPv6 among
the existing documents, but no mention of PPS or anything else routing
related.

Hopefully more docos are on the way which will detail all of this.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

  1   2   >