Most of ours are terminating on BT 21CN connections and they allocate a Vlan
per circuit, which we then double tag to get vlan traffic into the
customer's VRF back at the gateway end,
On Fri, Dec 3, 2010 at 7:01 AM, Mikael Abrahamsson swm...@swm.pp.se wrote:
On Thu, 2 Dec 2010, Dan Armstrong
Hello!
Does somebody in the list have any info about plans to support policing on
etherchannel on ASR1000 platform? Both trains 12.2 and 15.0 does not support
it. :(
Restrictions for Traffic Policing
- Traffic policing is not supported on the EtherChannel interfaces.
I second this, very elegant solution.
Currently the only issue we have with PVLANs is that they cannot be
handed over as a dot1q trunk on our access layer - something like
switchport mode private-vlan trunk does not exist.
-pavel
On Fri, Dec 3, 2010 at 8:01 AM, Mikael Abrahamsson
Nick,
I have noticed different results with MLS qos enabled/disabled.
For example, I have two systems that are handling almost exactly the same load,
for the sake of testing awhile back I enabled mls qos on one of them.
With MLS qos enabled there are hardly any input queue drops, with mls qos
You don't find that 16x10 = 160Gb but the card is only connected at 40Gbps
bothers you?
thanks,
-Drew
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Phil Mayers
Sent: Thursday, December 02, 2010 11:05 AM
To:
No,
I was using Extreme back then, hahaa =)
-Drew
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jared Mauch
Sent: Thursday, December 02, 2010 12:51 PM
To: Nick Hilliard
Cc: cisco-nsp@puck.nether.net
Subject: Re:
On 03/12/2010 13:35, Drew Weaver wrote:
You don't find that 16x10 = 160Gb but the card is only connected at 40Gbps
bothers you?
The card also has an internal tree fabric, so you may be able to design
your networking requirements around that. If you're not doing much traffic
overall but
On 03/12/10 13:35, Drew Weaver wrote:
You don't find that 16x10 = 160Gb but the card is only connected at
40Gbps bothers you?
Not sure I follow. Since 40Gbit/sec per slot is a fundamental limit of
the platform, I don't see the point in letting it bother me.
6716 had the best cost/benefit
Answering my own questions.
The ACE has an 1 GB CF. This CF has two Linux partitions:
Disk /dev/sdb: 1024 MB, 1024966656 bytes
16 heads, 63 sectors/track, 1986 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Disk identifier: 0x
Device Boot Start End Blocks
Folks,
for HW based platforms it's needed to have a dedicated source IP address for
each tunnel in order to have the tunnels CEF switched in hardware, due to ASIC
limitations, and not process-switched.
Does anyone know if this applies to CPU based platforms as well, such as
87x/88x? I need to
This should be a one-stop shop for you for ASA documentation
http://www.cisco.com/en/US/products/ps6120/tsd_products_support_series_home.html
You can find the Configuration Guides and the Command References there.
-Pete
On Thu, Dec 2, 2010 at 10:04 PM, Jimmy Stewpot mail...@oranged.to wrote:
... now having said all that, without tunnelling (killing any kittens) say we
deliver 1G to the house, to support lots of IPTV. Could there be a way to
choke the customer's Internet Access to something sane, while allowing the
set top box (or perhaps TV software app or video game console)
I don't know why it never occurred to me, but on 802.1q trunk links, non-native
vlans are encapsulated within 802.1q headers, therefore max packets would have
to be fragmented. On trunks that support it, should standard practice to bump
up the mtu on both sides to account for the 802.1q header.
Hey,
If your into Podcasts (you know, the morning drive to work)
Check these out... most excellent.
http://www.cisco.com/en/US/solutions/ns170/tac/security_tac_podcasts.html
Stephen
Stephen Stack
Systems Administrator - Network
-Original Message-
From:
Hi
I got the drop packet info in ASA55 10
What does it mean? ls it normal?
ls it meaning about access-list or system can't handle the traffic?
Traffic Statistics for outside:
7199356512 packets input, 4524239246733 bytes
5858234927 packets output, 2319301929929 bytes
On 03/12/10 14:38, Dan Armstrong wrote:
... now having said all that, without tunnelling (killing any
kittens) say we deliver 1G to the house, to support lots of IPTV.
Could there be a way to choke the customer's Internet Access to
something sane, while allowing the set top box (or perhaps TV
On 2010-12-03, at 10:23 AM, Phil Mayers wrote:
On 03/12/10 14:38, Dan Armstrong wrote:
... now having said all that, without tunnelling (killing any
kittens) say we deliver 1G to the house, to support lots of IPTV.
Could there be a way to choke the customer's Internet Access to
something
Traffic Statistics for outside:
7199356512 packets input, 4524239246733 bytes
5858234927 packets output, 2319301929929 bytes
29888669 packets dropped
Traffic Statistics for inside:
4602399023 packets input, 953876408331 bytes
5933441268 packets
On Fri, 3 Dec 2010, Dan Armstrong wrote:
... now having said all that, without tunnelling (killing any kittens)
say we deliver 1G to the house, to support lots of IPTV. Could there be
a way to choke the customer's Internet Access to something sane, while
allowing the set top box (or perhaps
On Fri, 3 Dec 2010, Matthew Huff wrote:
I don't know why it never occurred to me, but on 802.1q trunk links,
non-native vlans are encapsulated within 802.1q headers, therefore max
packets would have to be fragmented. On trunks that support it, should
standard practice to bump up the mtu on
I had sort of envisioned the IPTV encoders being available in a walled garden
scenario, using multicast
Why is that so bad?
On 2010-12-03, at 10:40 AM, Jason Lixfeld wrote:
On 2010-12-03, at 10:23 AM, Phil Mayers wrote:
On 03/12/10 14:38, Dan Armstrong wrote:
... now having said
On 03/12/10 13:49, Matthew Huff wrote:
I don't know why it never occurred to me, but on 802.1q trunk links,
non-native vlans are encapsulated within 802.1q headers, therefore
max packets would have to be fragmented. On trunks that support it,
should standard practice to bump up the mtu on both
On 03/12/10 15:40, Jason Lixfeld wrote:
Deliver the TV over multicast?ducks ;o)
Forgive my ignorance, but why would that be considered a bad idea?
I was kidding. It's a very good idea and is used widely for just this
purpose in many network. But use multicast can sound very unhelpful if
Hello.
I would like to know what you guys are using as FTTH access switches?
I guess Juniper and Cisco are a bit pricey considering per port cost,
so many ISPs are using cheap switches with
lots of (cheap again) optical sfp.
Any recommendations for ftth access sw? I think that we can also use
Have you tried setting everything to auto negotiate? Most new switches seem to
do better if you don't hard set the duplex on a GigE link.
Mike
--
Michael K. Smith - CISSP, GSEC, GISP
Chief Technical Officer - Adhost Internet LLC mksm...@adhost.com
w: +1 (206) 404-9500 f: +1 (206) 404-9050
PGP:
On Fri, Dec 3, 2010 at 2:49 PM, Matthew Huff mh...@ox.com wrote:
I don't know why it never occurred to me, but on 802.1q trunk links,
non-native vlans are encapsulated within 802.1q headers, therefore max
packets would have to be fragmented. On trunks that support it, should
standard
From: Phil Mayers
On 03/12/10 13:49, Matthew Huff wrote:
I don't know why it never occurred to me, but on 802.1q trunk links,
non-native vlans are encapsulated within 802.1q headers, therefore
max packets would have to be fragmented. On trunks that support it,
should standard practice
We, a moderately sized ISP, attempted to upgrade our current 7206VXR
NPE-G2 to an ASR 1002-F as an LNS but we ran into some issues. The ASR
would start to ignore sessions and the only fix was to reload the
device. This seemed to start happening after about 2000 PPPoE and 4000
PPPoE over VPDN
Hello C-NSP members. I am looking for some good examples of router-protect
ACLs or FW filters. On my J gear, I have several firewall filters designed to
protect the control-plane that simply get applied to the loopback. Now only
certain hosts/networks can make SSH, FTP, TCP179, etc.,
Hi
I am search a information:
How many L2TP/LNS session (for Adsl pppoe) can support a NPE 400 ?
Thanks
Stephane
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at
Wondering if anyone has researched the same issue I'm
having or has a best practices list. I have a Cisco UCS
platform which is not production yet, so just me doing
testing. It has multiple ten gig links to redundant
fabrics in end host mode. Those each have ten gig links
to a pair of 4900M's.
I have. A cisco 3750, but an older release. Must be a bug. But wanted to know
if it was a general problem overall. Doesn't look like it.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim:
On 03/12/10 16:51, Matthew Huff wrote:
I have. A cisco 3750, but an older release. Must be a bug. But wanted
to know if it was a general problem overall. Doesn't look like it.
Ugh. That's some bug...
___
cisco-nsp mailing list
On 03/12/10 16:30, Bill Blackford wrote:
Hello C-NSP members. I am looking for some good examples of
router-protect ACLs or FW filters. On my J gear, I have several
firewall filters designed to protect the control-plane that simply
get applied to the loopback. Now only certain hosts/networks can
On Dec 3, 2010, at 11:30 PM, Bill Blackford wrote:
Are there some templates or examples I can find?
https://files.me.com/roland.dobbins/prguob
I haven't played much with CoPP and don't hear a lot of accolades for doing
this.
CoPP works quite well on platforms which support it in hardware,
A little hard to compare but I've seen an NPE-G1 hold 4000 sessions with
a 70% average CPU usage.
Andrew.
On 12/3/2010 11:32 AM, Stephane MAGAND wrote:
Hi
I am search a information:
How many L2TP/LNS session (for Adsl pppoe) can support a NPE 400 ?
Thanks
Stephane
There is no easy template for CoPP on Cisco.
Some things are processed in hardware, some are processed in software.
It is platform dependent.
Mack
Network Architect
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Bill
ASR1002 and a few fixed switches pretending they're routers. Mostly the ASRs.
-b
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Phil Mayers
Sent: Friday, December 03, 2010 9:18 AM
To: cisco-nsp@puck.nether.net
Subject:
We are in the planning stages for a conversion to an MPLS infrastructure, we
have about 3,000 connections on this statewide network which spans 3 major
carriers territory. We expect we will wind up with one vendor at the core.
Assuming vendor A wins the core we expect we will have to provide
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bill,
Hello C-NSP members. I am looking for some good examples of
router-protect ACLs or FW filters. On my J gear, I have several
firewall filters designed to protect the control-plane that simply
get applied to the loopback. Now only certain
From memory, G1 L2TP session limit was theoretically around 8k. I have
experience of stability up to that, whilst running the usual BGP/IGP/LDP
combo. G2 doubles to 16k.
However, back to the point, NPE-400 performance will be much lower than that!
What are your requirements/expectations
On Thu, Dec 02, 2010 at 09:24:04PM +, Nick Hilliard wrote:
On 02/12/2010 20:00, Charles Spurgeon wrote:
We used to think that the newer 6716 card had better buffers until we
found this Cisco whitepaper that states that the receive buffer in
transparent mode on the 6716 ports is 950KB vs
Will the T1s be aggregated onto bearers? STM-1 for example? If so, I imagine
ASR1k would probably be around the right area as a first guess.
--Daniel Holme
On 3 Dec 2010, at 18:16, Rick Martin rick.mar...@arkansas.gov wrote:
We are in the planning stages for a conversion to an MPLS
On 12/3/2010 12:16 PM, Rick Martin wrote:
We are in the planning stages for a conversion to an MPLS infrastructure, we
have about 3,000 connections on this statewide network which spans 3 major
carriers territory. We expect we will wind up with one vendor at the core.
Assuming vendor A
Hi,
On Fri, Dec 03, 2010 at 05:18:03PM +, Phil Mayers wrote:
Are there some templates or examples I can find? I haven't played
much with CoPP and don't hear a lot of accolades for doing this. The
other obvious question would be does this run in hardware or in
software?. Hmm, doubt if the
On 12/03/2010 09:55 PM, Gert Doering wrote:
Hi,
On Fri, Dec 03, 2010 at 05:18:03PM +, Phil Mayers wrote:
Are there some templates or examples I can find? I haven't played
much with CoPP and don't hear a lot of accolades for doing this. The
other obvious question would be does this run in
On 12/3/2010 12:16 PM, Rick Martin wrote:
We are in the planning stages for a conversion to an MPLS infrastructure, we
have about 3,000 connections on this statewide network which spans 3 major
carriers territory. We expect we will wind up with one vendor at the core.
Assuming vendor A wins
On 2010-12-03 22:55, Gert Doering wrote:
Provided QoS is globally enabled with mls qos, CoPP is done in
hardware[1] on 6500/sup720, by adding QoS policy-maps into the PFC/DFC
qos path.
You're sure you need mls qos for that? I was under the impression that
CoPP is always done in hardware (as
Hi,
On 4 December 2010 01:48, Dmitry Kiselev dmi...@dmitry.net wrote:
Hello!
Does somebody in the list have any info about plans to support policing on
etherchannel on ASR1000 platform? Both trains 12.2 and 15.0 does not support
it. :(
Restrictions for Traffic Policing
- Traffic
On 12/3/2010 10:57 AM, Phil Mayers wrote:
No. 802.1q trunks do this automatically i.e. bump MTU from 1518 to
1522 to account for the extra space. I've never seen a switch platform
that needed any special config for this to work.
But finding one that won't incorrectly count it as a Giant at
50 matches
Mail list logo
