[c-nsp] IOS XR BFD

Hola, amigos! In the documentation about "Configuring Bidirectional Forwarding Detection on Cisco IOS XR" cisco writes: "BFD is supported on IPv4 directly connected external BGP peers." The question arises, why IOS XR can't run BFD with internal BGP peers (as old school IOS)? -- tarantul Dios es

[c-nsp] about duplex

Hello, I was reading about duplex need to find which one is give me good bandwidth and what is this. I have question about it. How to configure duplex on router and switch port ? These 2 ports are connected each other. How do I troubleshooting duplex ? I saw router and switches log but noth

Re: [c-nsp] Long Uptime

Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-J-L), Version 11.1(8), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Thu 05-Dec-96 11:41 by tamb Image text-base: 0x03038820, data-base: 0x1000 ROM: System Bootstrap, Version 5.2(8a), RELE

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

IIRC the 7000 series PA buses are derived from classic PCI tech, or something similar. Is a simplex bus limited to around 600Mbit. This imposes a 600Mbit minus overhead simplex burst limit on the bus. Microbursts are an issue, the bus and the CPU limit how fast the buffers on the PA can be dr

Re: [c-nsp] [BGP] Multiple peering sessions with same ASN/prefixes possible ?

If I understand your question correctly, the /30's would be the infrastructure links? If this is the case, then they would be connected routes. If they are not then a static route between you and your client would suffice as no one is adding a /30 to the global announcements. -b From: cc loo

Re: [c-nsp] WS-X6716-10G local switching and etherchanneling

Sam, please see inline below: At 04:38 AM 7/2/2009, Sam Stickland contended: Hi, I've read: http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper0900aecd80673385.

Re: [c-nsp] [BGP] Multiple peering sessions with same ASN/prefixes possible ?

Hi Bill, Thanks for your kind explanation. So far we discussed about having 2 peering links advertising the same prefix, however the routing table would only choose _1_ out of 2 links to send packets. We have a requirement that a client must advertise prefix > /24 only. Does this impose a limit

Re: [c-nsp] matched ACL - counters not updating

On Jul 3, 2009, at 9:38 AM, Aaron Riemer wrote: It is a 6500 with a SUP2 however other extended ACL's are showing matches with each ACE. This may indicate that the traffic in question is being punted; you may wish to verify via sh proc c sort | e 0.00 and sh fm sum. The traffic must be t

Re: [c-nsp] matched ACL - counters not updating

It is a 6500 with a SUP2 however other extended ACL's are showing matches with each ACE. The traffic must be traversing this interface as it is the only way to route out the subnet. Cheers, Aaron. -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puc

Re: [c-nsp] [BGP] Multiple peering sessions with same ASN/prefixes possible ?

Wouldnt my router be confused with 2 peers advertising the same prefixes ? How would it decide which peer to send to ? No. BGP will see both routes in the RIB and select the best path and insert into the forwarding table. If all else is equal, chances are the forwarding decision will be based o

Re: [c-nsp] matched ACL - counters not updating

If you have "mls rate-limit unicast ip icmp unreachable acl-drop 0" configured the counters on deny's don't get incremented. The default for this rate-limiter is 100 pps with a burst of 10, you could have other acl's being hammered and your reaching the 100pps limit via others so this one isn't be

Re: [c-nsp] matched ACL - counters not updating

On Jul 3, 2009, at 8:48 AM, Aaron Riemer wrote: The permit ip any any shows matches as normal. What am I missing here? If this is a 6500 with an older Sup2, note that ACL counters aren't supported. How do you *know* that traffic matching the ACL stanza in question is actually traversing

[c-nsp] [BGP] Multiple peering sessions with same ASN/prefixes possible ?

Hi all, my company's network has a peering connection with a client. Recently, they requested us to set up another concurrent peering link (for testing purposes). The 2 BGP routers will be advertising the same ASN and prefixes. As i have limited knowledge in BGP, i wondered if such a set up would

[c-nsp] matched ACL - counters not updating

Hey guys, Just a quick one I am interested to know why an ACL I have applied to a VLAN is not showing counters for a particular line in the access-list that I know is denying packets. See below for example Extended IP access list virus-traffic 10 deny ip host 10.x.x.x 10.y.y.y.y 0.0.255.255

[c-nsp] Experiences with a3845 and NM-1A-OC3-POM ?

I'm interested in hearing from anyone on list who is using the NM-1A-OC3-POM module to feed an OC-3 into a 3800 series router. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http:

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

Rodney, Thanks for the reply. Please let me clarify it a little. So you're saying that switching packets through PA-GE involves 3.5 times more processing overhead compared to switching them through native port (btw, by native port you mean G1/G2 builtin one, right?), hence pps goes down from 47

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

Can you give me some sample code for this? I'm willing to try it, but need some help! We moved to routed mode with plain static routing, and the customer is still seeing issues. CPU dropped about 15-20%, but we're still being overrun everywhere... One side is using the GE on the IO card, and th

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

One note, I'd be really interested to see how it worked if you configured it as a L2TPV3 tunnel to connect the L2 segments vs. bridging it. The bridge code was never designed for high speed switching. Can you try that? Rodney On Thu, Jul 02, 2009 at 11:48:26AM -0400, Rodney Dunn wrote: > I foun

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

I found what I was looking. The test was on older code but in concept it still applies. Bi-directional going native gige port to another native gige port on the G1 you are looking at around 470 kpps (double 940 kpps bi-directional) at 64 byte packets with NO features. At 1500 byte packets it can

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

Michael, I can't find the performance document I saw once before now. I'm still trying to find it. If you want real Gige you should go with the ASR1000. Even the G1 GE ports will have problems at high rates with any features enabled. Rodney On Thu, Jul 02, 2009 at 11:00:29AM -0400, Michael Ulit

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

Could you please elaborate on the PA-GE issues? Or may be you could provide some pointers to where they're described? We're using quite a few of those with traffic rate anywhere from 50M to 100M and I didn't notice any issues so far, but traffic rate is increasing and I'd really like to know wha

Re: [c-nsp] OT: Best Online Antispam Service

I've been using Forefront Online Security for Exchange (formerly Exchange Hosted Filtering, formerly FrontBridge) for a number of years. We find it works extremely well. It is store and forward (they will store for 5 days if your MX goes down). Last year we had a few issues with handoffs to the s

Re: [c-nsp] OT: Best Online Antispam Service

We just cut over to Postini a few months ago and there have definitely been some quirks. Awhile back we had a mail loop where one message that keep spooling back and forth between Postini and us that kept getting a few k bigger each trip back and forth and eventually swamped out our entire inte

Re: [c-nsp] Default Route Handler

jimmi <> wrote on Wednesday, July 01, 2009 22:01: > Folks. > > Regarding CEF & FIB, despite the fact this term sounds self > understandable, Does someone knows the exactly definition of "Default > Route Handler"? it's a special FIB entry dealing with the default route. The default route is trea

[c-nsp] WS-X6716-10G local switching and etherchanneling

Hi, I've read: http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper0900aecd80673385.html If I'm understanding this correctly, communication between each bank of 8 ports on a 6716-10G will be line-rate, but communication between the first and second groups of 8 po

Re: [c-nsp] CPU comparison - bridge vs. route on 7206?

Chris Hale wrote: We have a set of 7206VXR's, NPE400 CPUs on each end of a point to point OC3 using PA-POS-OC3 cards. We bridge these circuits through a PA-GE interface (essentially turning the 7206's into a OC-3 to GigE converter) with a single bridge group. We are trying to push nearly 130-14