Re: [c-nsp] ASR series

On (2008-07-28 16:43 -0700), Andrew Gristina wrote: > Operationally I haven't found them that different from other Cisco > routers (other than the hardware). There is a really nice summary of > the ASR differences from Networkers (there were some really good ones > from the ASR introduction a fe

Re: [c-nsp] ASR series

On Tuesday 29 July 2008 07:43:53 Andrew Gristina wrote: > Operationally I haven't found them that different from > other Cisco routers (other than the hardware). Same here, not that different. Just that with current IOS XE 2.1.1, some line cards are not supported, but that will come with later

Re: [c-nsp] Policing individual vlans per port on 3750 (non metro)

Thanks for the tips Stig/Arie. So it appears that I've managed to get it to work but not before upgrading the IOS to 12.2(44)SE2 as it wasn't working properly before that. Here's the config that I ended up going with in case anyone else is looking to get this working. This example policies o

Re: [c-nsp] ASR series

I suspect the feedback is self selecting in this forum. Is this paid or unpaid market research for you at networktest.com? At least you were honest enough to use your work email. Operationally I haven't found them that different from other Cisco routers (other than the hardware). There is a rea

[c-nsp] ASR series

I would be grateful for any experience with ASR series routers -- how are you using them, how do they compare with other aggregation boxes you've used before. Please email me privately and I'll post a summary if there's interest. thanks dn ___ cisc

Re: [c-nsp] Interface Queues

Hi Rodeny Thanks for your reply , i think this isn't specific for a given platform but it is common on low-end CE routers especially with serial interfaces best regards --Ibrahim On Sun, Jul 27, 2008 at 9:49 PM, Rodney Dunn <[EMAIL PROTECTED]> wrote: > On what platform? > > On Sat, Jul 26, 2008

[c-nsp] 32 bit ASN

Hi, Does anyone know if the 32 bit ASN support is going to get implemented in the 12008 or 7500 RSP8 series? If not, what is recommended as replacements? Thanks, -Troy ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/

Re: [c-nsp] Blocking Forged Source Addresses

Hello Skeeve: > From: Skeeve Stevens <[EMAIL PROTECTED]> > Organization: eintellego > Reply-To: <[EMAIL PROTECTED]> > Date: Sat, 26 Jul 2008 17:07:02 +1000 > To: > Subject: [c-nsp] Blocking Forged Source Addresses > > > What is the best strategy to Block Forged Source Addresses on a Cisco bord

Re: [c-nsp] Blocking Forged Source Addresses

Skeeve Stevens wrote: What is the best strategy to Block Forged Source Addresses on a Cisco border router? Skeeve, What specifically are you looking for? How do you determine that the source traffic is forged? Are you wanting to ensure that no traffic enters your network for the outside th

Re: [c-nsp] OER/DRIP specs protocol format

mack <> wrote on Saturday, July 26, 2008 8:18 PM: > Does anyone have a link to the protocol the Optimized Edge Routing > uses to communicate? I am curious what the protocol is and what it > does. > From the documentation it uses port 3949 which corresponds to > something called "Dynamic Routing I

Re: [c-nsp] Polling module status in the absence of STACK-MIB

Ha, I've been looking for this for a week, and then just after I send the email I finally find it. http://www.oidview.com/mibs/9/CISCO-ENTITY-FRU-CONTROL-MIB.html cefcModuleOperStatus 1.3.6.1.4.1.9.9.117.1.2.1.1.2 Sam Sam Stickland wrote: Hi, Does anyone know of a way to SNMP poll for

[c-nsp] Polling module status in the absence of STACK-MIB

Hi, Does anyone know of a way to SNMP poll for module status on devices that don't support STACK-MIB (e.g. 4500s). (With STACK-MIB this is as simple as walking .1.3.6.1.4.1.9.5.1.3.1.1.10) I've been looking at the ENTITY-MIB but that doesn't seem to have the neccessary data? Annoying the E

[c-nsp] FW: PagpP vs LACP on Etherchannels between Cisco 7609 and Cisco ME3400's

See below. router#show inter port-channel 102 Port-channel102 is up, line protocol is up (connected) Hardware is EtherChannel, address is 0014.a922.2b46 (bia 0014.a922.2b45) Description: MTU 9216 bytes, BW 40 Kbit, DLY 10 usec, reliability 255/255, txload 46/255, rxload 11/255 En

Re: [c-nsp] mpls option A with LAC and LNS

Hi Oli / Stig, Thanks for the reply. Oli - Let me see if I can use ISG.. Stig - Here "user-authentication in a firewall" the issue is I do not have control plane information, I just have IP subnet and VRF. On that basis my authentication will not work. Even I thought of creating vrf's on the op

Re: [c-nsp] mpls option A with LAC and LNS

If you are really desperate there is "VRF source selection" http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/vrfselec.html But this is rather insecure as it uses the IP address to decide which VRF to use, users can spoof IPs and inject traffic into another VRF unless the access provider is

Re: [c-nsp] mpls option A with LAC and LNS

Hi there, You should separate the customers in the LAC at your service provider. Either in different VRF's or at least in different IP-subnets. The best would be if you could get the provider to use *your* RADIUS-server for authenticating. They could do a proxy and stripping unwanted parameters/ad

[c-nsp] Output drops on same ASIC on ME3400 and Cat2970

Hi all, I have a couple of switches that show the same amount of output drops on four consequtive ports. On an ME3400 I am seeing the same amount of output drops (45,949 discards so far today) on ports gig0/9 through gig0/12. On a Cat2970 I am seeing the same amount of output drops (167,699 disc

Re: [c-nsp] mpls option A with LAC and LNS

Well. I guess the easiest method is to have the operator forward you the sessions via L2TP to your LNS so you can terminate and authenticate them, using the method I indicated in my initial reply. I don't know ISG well enough to advice, but http://www.cisco.com/en/US/docs/ios/12_2sb/isg/configurat

Re: [c-nsp] NAC for Thin-Clients?

The customer wants posture assessment of the user virtual systems (though located on a central thin-client server) and not the thin client hardware themselves. It is possible for one user to have viruses on his virtual PC because of not updating his antivirus signatures or patches or etc. My cli

Re: [c-nsp] mpls option A with LAC and LNS

Hi Oli, Authentication is required to keep users in their respective VRFs. These all attributes will come from Radius. We are getting services from other operator. User are using their infracture and coming in to my network. We provide mpls vpn / internet services to the customer. Regards, Vikas

Re: [c-nsp] Policing individual vlans per port on 3750 (non metro)

Hi there, Just remember that the 3750 non-metro platform has several limitations, especially for egress QoS, which I would think you would be interested in using. The short story is: The 3750-platform does only queueing and scheduling on egress-interfaces. Any policing or prioritization you want

Re: [c-nsp] mpls option A with LAC and LNS

Ah, ok.. may I ask why you would want to authenticate the "users"? And against which user database? Which service(s) do you provide for the other operator? More than just traffic? oli Vikas Sharma wrote on Monday, July 28, 2008 8:24 AM: > Hi Oli, > > Thanks f