Hi all,
I have 2 css11503's in active/passive redundancy config. When using the
commit_redundConfig command the ssl does not copy across. I have cleared
the standby box and started again, but with no luck. The config guides I
have found offer little info on the ssl redundancy, just the normal IP
Hi Mikael,
I am not going to do in my Core but i'm just curious how this is done?
So i guess if we want to differentiate between VPNs in my core then we need
alot of different classes which is not really available and thats what makes
it difficult?
Thanks,
Sam
On Mon, Aug 18, 2008 at 8:41 AM,
If anyone still has PIX's out there running 6.3(5) we had a pair of
525's nailed by this nasty bug:
http://tinyurl.com/5wovce
We've been running 6.3 for years and only after all the recent DNS
exploits did we see this one start hitting us.
The only way to fix it is to upgrade to 7.x or
On Mon, 18 Aug 2008, Sami Joseph wrote:
Hi Mikael,
I am not going to do in my Core but i'm just curious how this is done?
So i guess if we want to differentiate between VPNs in my core then we need
alot of different classes which is not really available and thats what makes
it difficult?
On Aug 16, 2008, at 11:09 AM, Hash Aminu wrote:
I am trying to find a Feature that will be able to replace Route
bridge
Encapsulation..because we are migrating to the 12.2S and does not
support
that feature..any thoughts or Ideas will be useful. Thanks
Just what are you trying to
Hi,
There are ways to do it.. typically 3 mode..
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hmp_c/part15/hdtmode.htm
Basically we cash in the feature of MPLS EXP bits used to mark/classify packet
and treat them acc..
Regards,
Gaurav Prakash
Save our Earth
-
Hello!
I am thinking about aaa local database. Is there any mechanism to
distinguish local users (defined by username ...) or put them into some
groups and give them access to only some services?
For instance I have two users
username alice password xxx
username bob password yyy
aaa
Tomas Hlavacek wrote on Monday, August 18, 2008 1:20 PM:
Hello!
I am thinking about aaa local database. Is there any mechanism to
distinguish local users (defined by username ...) or put them into
some groups and give them access to only some services?
For instance I have two users
I should have told that I want this on 2811 with 12.4(20)T
ADVIPSERVICESK9 IOS image.
Alasdair Gow wrote:
What device are you trying to do this on?
I know ASA's have dynamic policies, which you could customise to do this
Cheers,
Ally
Tomas Hlavacek wrote:
Hello!
I am thinking
Hi
I've only got the most superficial of ideas what's going on with this
network, but i've been asked if there's any particular reason
some Foundry switches would be being brought to their knees every time
mcast is switched on in a network. 65s, 3750s and Netscreens
all handle it fine.
Given
My only options for the IP CEF command are as follows:
original Original algorithm
tunnel Algorithm for use in tunnel only environments
universal Algorithm for use in most environments
I tried original, and it seems as if it load balances, but it doesn't
switch from modem to modem
I suggest posting on foundry-nsp instead of cisco-nsp.
- jared
On Mon, Aug 18, 2008 at 09:03:05AM -0700, Christian MacNevin wrote:
Hi
I've only got the most superficial of ideas what's going on with this
network, but i've been asked if there's any particular reason
some
Hi Christian,
You will need to explain more about the topology, your multicast setup
and the traffic flows, for instance:
- Are the foundary switches acting as your RPs?
- Have you any other commands applied which will cause multicasts to be
process switched?
- Do you have high rates of multicast
On Sunday 17 August 2008 05:05:30 Gert Doering wrote:
From the comments seen on this list, I don't think that any sort of L2VPN
on 7500s is a good idea.
7500 is pretty much a dead and unsupported platform these days.
Good afternoon, list and Gert.
I have read this list for some time now, and
Hi,
Does anyone have experience of configuring Netflow Top Talkers on
Modular 12.2SX images?
We are running modular 12.2(18)SXF4 on Sup720, MSFC3, PFC3 on 6509-E, as
below:
sh ver
Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-VM),
On Mon, Aug 18, 2008 at 4:30 AM, Robert Blayzor [EMAIL PROTECTED] wrote:
We've been running 6.3 for years and only after all the recent DNS exploits
did we see this one start hitting us.
The only way to fix it is to upgrade to 7.x or get the maint/patch train
from TAC. If you have any DNS
Lamar Owen wrote:
However, I must rant just a bit, so please indulge me for a moment. And I
fully realize many of you won't care about what I'm going to talk about
below, and that's ok.
It's not that I won't care, it's that I care about your stance here.
I (and other enterprise usera and
Thanks all
That's literally all the info I have just now, it's a client network I
may have to go look at. Just figured I'd toss it out and see if
anybody had a screamer of a disclaimer on that hardware.
I'll see how much more Ivan find out before I being this world of pain
down on myself
On Aug 18, 2008, at 1:05 PM, Adam Korab wrote:
The page says it's patched in 6.3(5.105) -- is that available only
from the TAC? CCO lists just 6.3(5) GD.
Yes, 6.3(5)GD is released.
The actual patched version TAC provided to us was 6.3(5.145)
Which fixed the problem. And yes, you can only
anyone see anything like this. i assume only a reload will fix this:
rtr1#sh proc cpu | e 0.0
CPU utilization for five seconds: 33%/8%; one minute: 37%; five minutes:
35%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
3528125122320274973 22 23.35% 20.79%
Hi,
On Mon, Aug 18, 2008 at 12:40:23PM -0400, Lamar Owen wrote:
Not all folk using older Cisco gear for core routing are financially able to
do forklift upgrades.
I fully understand your point. I'm not one of those that recommend to
put a 7206/NPE-150 into the junk bin, just because it's
Hi,
On Mon, Aug 18, 2008 at 03:00:22PM -0400, Lamar Owen wrote:
good firewall set and, like I said, NAT. Just wish a 12.0S had been released
for the RSM; it is, after all, a 7500-series RSP2 on that card. And why the
RSFC isn't able to run something past 12.1 is a crying shame, given the
Turns out the fiber length is about 60km, but it is testing at 13dB for
1550 nm. This winds up fitting in the 24dB optical budget for the
XENPAK-10GB-ZR (80 km). I have removed dB for connectors and potential
splices as well.
Next challenge: On the other end of the connection is a
Does anyone know what the formal name for the 'HD' end of an CAB-HD8-ASYNC (for
the HWIC-8A/16A)? Ideally I'd like to do an extended runbefore fanning out into
RJ45's.
Also, given the async line definition of:
line 0/0/0 0/1/15
...is it proper to infer that 0/0 has 16 ports? Namely, if 0/0
Wow. Thanks Steinar, I've been looking all over their website for this!
Looks like about the same power budget as the Cisco XENPAK-10GB-ZR.
Joe
[EMAIL PROTECTED]
08/18/2008 04:46 PM
To
Joe Loiacono/CIV/[EMAIL PROTECTED]
cc
cisco-nsp@puck.nether.net
Subject
Re: [c-nsp] Good 10GE Metro
On Mon, Aug 18, 2008 at 05:12:46PM +0100, Mark Tohill wrote:
Hi,
Does anyone have experience of configuring Netflow Top Talkers on
Modular 12.2SX images?
I thought netflow top-talkers was an SXH feature?
We are running modular 12.2(18)SXF4 on Sup720, MSFC3, PFC3 on 6509-E, as
below:
sh
anyone see anything like this. i assume only a reload will fix this:
Nothing exactly like this, but I have a number of
crash files from SB11/12 on a 7200 with memory
corruption (Block overrun/redzone corruption).
Unfortunately the 7200 (a non-VXR) cannot be on
maintenance (EOS/EOL), so I cannot
I have a customer who went directly to cisco to ask about how to load
balance two WAN connections to their Cisco PIX 515E. Cisco sold them an
ASA 5510 and two 1841s and suggested VRRP or GLBP for the LAN with the
ASA and 1841s. Apparantly, the customer didn't even mention that the
two
Dan,
Another option is to use the PfR NAT integration. The idea is that PfR will
actively monitor the traffic and move subnet reachabilty around to try to even
out the traffic. For existing NATed flows, PfR will preserve the stickiness on
the established path.
On Aug 18, 2008, at 5:01 PM, Kevin Graham wrote:
Does anyone know what the formal name for the 'HD' end of an CAB-HD8-
ASYNC (for
the HWIC-8A/16A)? Ideally I'd like to do an extended runbefore
fanning out into
RJ45's.
The connector on the cards are (Micro)D68F (also used by SCSI-3
Hi Scott,
Hopefully I am understanding your challenge correctly. It appears to me like
you're having trouble chatting dynamic routing protocols directly with the
wireless network, among some other various nitty-gritty that is not just as
simple as the SE tries to make it sound.
Looking at your
Hey all,
I am trying to plan some CPE deployments for next year and wanted more
information about the 880 series.
I love the Wireless N and the 3G backup on the 881.
But this is a ADSL2 deployment which I was going to use 877W's for, but
given the move to N and the 3G option, I would prefer an
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
Hi Scott,
Try this:
Seeing as you are working statics over your wireless cloud to
simplify things a little setup a GRE tunnel from your 7200 over the
wireless to the 1841 (don’t forget to subtract 24
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
Hi Scott,
Try this:
Seeing as you are working statics over your wireless cloud to
simplify things a little setup a GRE tunnel from your 7200 over the
wireless to the 1841 (don’t forget to subtract 24
Scott Lambert wrote:
I have a customer who went directly to cisco to ask about how to load
balance two WAN connections to their Cisco PIX 515E. Cisco sold them an
ASA 5510 and two 1841s and suggested VRRP or GLBP for the LAN with the
ASA and 1841s. Apparantly, the customer didn't even
The connector on the cards are (Micro)D68F (also used by SCSI-3
devices). You would be looking for a D68M-D68F cable to extend the
connection.
[...oops. sorry Brian, you were right...]
Thanks, I didn't have one on hand to check. Do you happen to know if the
pinout is consistent w/ the
36 matches
Mail list logo