Hello,
I've been engaged with a customer who had a really messed up IT
environment, one of the task that was assign to me is to make all
internal clients access the internet and publish the mail server for
them, pretty easy...but i found the configuration in the router
something like this :
inter
As another poster suggested, this is a proverbial "hardware
limitation" - there "may" be a future forwarding engine that resolves
this issue by "synching" distributed policers. Assuming both hardware
& software delivery on these platforms & that it works as we hope it will.
As it stands right n
At 11:12 PM 3/3/2008 -0600, Frank Bulk - iNAME observed:
>Let me just add that these kinds of caveats are most annoying and confusing.
Let me just add that marketing doesn't ask for these. :P
>AFAIK, detail in relation to PFC or DFC-enforced rate-limiting doesn't
>become clear when looking at any
You can use the following as a start:
menu CONSOLES prompt %
Please make a selection : %
menu CONSOLES text 1 Console to R1
menu CONSOLES command 1 telnet x.x.x.x 2001
menu CONSOLES text 2 Console to R2
menu CONSOLES command 2 telnet x.x.x.x 2002
menu CONSOLES text 3 Console to R3
menu CONSOLES c
Hi Tim,
Thanks for your input.
Actually we have 2 backbones connected to this 7600.
One is in slot 1 and the other one is in slot 2.
This explain the n times of the configured rate that I am getting on that
egress interface rite now (2x155M)
Is there any better workaround? It is not good idea to
Unsubscribe [EMAIL PROTECTED]
Paul L. Terzulli, III
Chief NetOps Engineer
PM NetOps-CF (MITRE)
DSN 312-992-4914/Coml 732-532-4914
[EMAIL PROTECTED]
(SIPRNet) [EMAIL PROTECTED]
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/m
Let me just add that these kinds of caveats are most annoying and confusing.
AFAIK, detail in relation to PFC or DFC-enforced rate-limiting doesn't
become clear when looking at any of the "show" output.
There's probably a hardware limitation, but it would be most desirable if
policing and the li
At 08:15 PM 3/3/2008 -0800, Tim Stevenson observed:
>Jimmy,
>In 6500/7600, policing and other forwarding decisions are always
>performed on the INGRESS card - including egress policy enforcement.
Above I meant to say "the INGRESS FORWARDING ENGINE" - which may be
just one, ie the PFC on the sup
Jimmy,
In 6500/7600, policing and other forwarding decisions are always
performed on the INGRESS card - including egress policy enforcement.
Therefore, in a distributed (ie, w/DFCs) system, you potentially
could get n times the configured rate, where n is the number of
forwarding engines that t
Hi guys,
Thanks for the feedback. Actually I have tried using MQC on the egress side.
It is Layer 3 port.
The port is in slot 1. For some reason when I do "show policy-map
interface", it is showing an output from 2 slots instead of 1. I am using a
dirty trick to temporarily solve the issue. I did
My 2511 died some time back (PSU failed I think) but I was wondering if
one could point a static route (/32) at an Async line and redistribute
that into the IGP. Then you could write a simple bash wrapper around
telnet to connect you to that specific IP. The only thing I don't know
is if you'
And if you change EIGRP K values, don't break the network! ;)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ben Steele
Sent: Monday, March 03, 2008 2:54 PM
To: Higham, Josh
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] eigrp and ospf on same switch
On 04/03/2008, at 2:25 AM, Higham, Josh wrote:
>
> A small note, the default for EIGRP is to only consider bandwidth and
> delay, so the other values will have no impact.
Another small note :) is that despite the fact EIGRP doesn't use all
the metrics to calculate its path you do need to fill a
You can run multiple OSPF processes on the same router, and then
redistribute between those processes. Just use route-maps to control what
you let in/out during the redistribution.
!
router ospf 10
redistribute ospf 20 subnets route-map FROM_OSPF_20
!
router ospf 20
redistribute ospf 10 subnets
Hi,
On Mon, Mar 03, 2008 at 09:24:07PM +0100, Raul Lopez Nevot wrote:
> On Sun, Mar 2, 2008 at 10:32 PM, Gert Doering <[EMAIL PROTECTED]> wrote:
> > On Thu, Feb 28, 2008 at 10:29:02PM +0100, Raul Lopez Nevot wrote:
> > > I think the requisite is to have X67xx cards in both linecards to group
> > >
Or clogged air filter which will reduce the amt of air able to be pulled in.
You should change it at least once a year, more often if there is a lot of
construction going on.
Aaron
On Mon, Mar 3, 2008 at 2:33 PM, Pete Templin <[EMAIL PROTECTED]> wrote:
> eliran h wrote:
> > I've typed the comma
Also worth noting that graphing them with SNMP is also useful to
identify long-term trends. I realized we had people putting stuff in a
rack next to us backwards (ie hot output into the cold isle) once that
way.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Be
eliran h wrote:
> I've typed the command:
> show environment temperatures
> Slot # Hot Sensor Inlet Sensor
> (deg C) (deg C)
> 0 27.528.0
>
> Cisco specify a temperature range for each line card, Do I need to focus in
> the HOT sensor or the Inlet sensor?
As I understand it... the Inlet is more related to your "room temperature"
and the HOT Sensor is internal (where it will always be hotter)
I look at the Inlet mainly to see if there's any room related changes of
drastic nature - but keep an eye on the HOT sensor to indicate air-flow
problems i
Hi, I'm configuring some 2511RJs for a lab terminal server environment.
I'm interested in using the IOS menu system to ease user access to the
async lines. Does anyone have a good sample configuration to send my way?
Regards,
Eric
___
cisco-nsp mailing
I've typed the command:
show environment temperatures
Slot # Hot Sensor Inlet Sensor
(deg C) (deg C)
0 27.528.0
1 34.525.5
2 35.026.5
3 39.026.5
4 57.529.0
5 40.027.5
On Mon, 2008-03-03 at 10:18 -0600, Justin Shore wrote:
> Assuming you're going to do TACACS+ (RADIUS would be similar) here's a
> working AAA config:
Very nice example. I've been looking for exactly something like this for
a while. Thanks for sharing. :-)
> You should also come up with a method
kevin gannon wrote:
> I am looking at deploying RADIUS to manage user logins to thousands of
> Cisco boxes. Currently access is via telnet and a mix of usernames/passwords.
Are you partial to RADIUS? If not then I would highly recommend
TACACS+. RADIUS only encrypts the transmitted password whe
Jimmy wrote:
> I have encountered rate-limiting issue on CISCO7609 platform.
>
> Example is:
>
> interface GigabitEthernet1/9
> rate-limit input 31000 4843750 9687500 conform-action transmit
> exceed-action drop
> rate-limit output 31000 4843750 9687500 conform-action transmit
> exce
> [mailto:[EMAIL PROTECTED] On Behalf Of Ben Steele
> Sent: Saturday, March 01, 2008 11:32 PM
>
> On 02/03/2008, at 4:55 AM, Dan Letkeman wrote:
> > Is there a simple explanation as to how
> > the metric is calculated for eigrp?
>
> 5 things, Bandwidth, Delay, Reliability, Load and MTU.
>
> Mos
I believe the ACE supports an XML API running over HTTPS.
Vijay Ramcharan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Drew Weaver
Sent: March 03, 2008 08:36
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Any Cisco load balancing'security product
Hello,
On Mon, 3 Mar 2008, Geir Jensen wrote:
> I don't have a solution for the netflow problem
> However we are running a 7600/Sup720/ES20/12.2(33)SRB2 - based network,
> and Dmitry's vpls config got me curious.
>
> I notice that the vpls is terminated at layer 3 (ip address x.x.x.x under
>
Hello,
Reading the documentation for 12.2SXF and MLS rate-limiters, I see the
following sentence:
"Layer 2 rate limiters are not supported in truncated mode."
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/na
tive/configuration/guide/dos.html
http://tinyurl.com/yqlylf
Not
Hi there, this may sound like an odd request, as many of my
requests are odd. I am wondering if anyone knows of any Cisco load
balancing/firewall products with a programmable API (for configuration)
something like XML-SOAP?
Thanks,
-Drew
Hello,
I don't have a solution for the netflow problem
However we are running a 7600/Sup720/ES20/12.2(33)SRB2 - based network,
and Dmitry's vpls config got me curious.
I notice that the vpls is terminated at layer 3 (ip address x.x.x.x under
vlan30), and
I wonder if this configuration requ
Hi all,
We run OSPF on our work network and we need to "peer" with another
network also running OSPF. All the doco and examples around seem to
illustrate the ASBR role by redistributing RIP from the other AS, but
can this easily be done using OSPF all round? Can you run two OSPF
processes on th
Hi,
> Hello!
>
> I found this bug on Cisco TAC this error fixed in 12.2(18)SXF2.
>
> But i use s3223-ipservices_wan-mz.122-18.SXF9.bin, so this bug lives again?
not just SXF9 either. we've got SXF12 and had it too.
IOS (tm) s72033_sp Software (s72033_sp-ADVIPSERVICESK9_WAN-M), Version
12.2(18)
Hello!
I found this bug on Cisco TAC this error fixed in 12.2(18)SXF2.
But i use s3223-ipservices_wan-mz.122-18.SXF9.bin, so this bug lives again?
Thanks
Laci
e ninja írta:
> Nemeth,
>
> Your SUP crashed because it failed over 10 consecutive
> TestSPRPInbandPing. Get the fix/workaround for sc
On Thu, Feb 28, 2008 at 1:38 PM, <[EMAIL PROTECTED]> wrote:
> When i increase the mtu on the NPE-G1 side packets are dropped. Even with
> PMTU or DFbit not set.
Well, you have to increase on the Catalyst side too. The whole Layer 2
should be the same MTU everywhere, and your switches are probab
I am looking at deploying RADIUS to manage user logins to thousands of
Cisco boxes. Currently access is via telnet and a mix of usernames/passwords.
I am looking for peoples experience in deploying RADIUS in particular
using scripts.
The kit is varied and runs a lot of different IOS versions acros
Hi,
--On Montag, 3. März 2008 16:04 +0800 Jimmy <[EMAIL PROTECTED]> wrote:
> The output rate-limiting is not working. The traffic still can go above
> 310M and can hit 1G.
> I have created SR with cisco. They are saying there is no work around for
> this except that we use ES20 to use policy-map
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
On Monday 03 March 2008, Jimmy wrote:
> The output rate-limiting is not working. The traffic
> still can go above 310M and can hit 1G.
> I have created SR with cisco. They are saying there is no
> work around for this except that we use ES20 to use
> policy-map on the interface.
Hmmh, I'm sure MQ
Guys,
I have encountered rate-limiting issue on CISCO7609 platform.
Example is:
interface GigabitEthernet1/9
rate-limit input 31000 4843750 9687500 conform-action transmit
exceed-action drop
rate-limit output 31000 4843750 9687500 conform-action transmit
exceed-action drop --->
39 matches
Mail list logo
