On 5/Aug/16 23:50, Aaron wrote:
>
>
> Right, that’s not what I’m asking…
>
>
>
> I’m wondering if an asr9k can receive lacp over 2 mpls pw’s and land
> (terminate) them into a bundle-ethernet or some sort of interface that
> aggregates those 2 pw’s into one lacp bundle.
>
>
>
> I don’t wan
Right, that's not what I'm asking.
I'm wondering if an asr9k can receive lacp over 2 mpls pw's and land
(terminate) them into a bundle-ethernet or some sort of interface that
aggregates those 2 pw's into one lacp bundle.
I don't want the asr9k to pass the lacp packets out another Etherne
On 5/Aug/16 22:13, Aaron wrote:
> Anybody know if you can take a couple mpls pseudowires from 2 remote pe's
> and land them into one asr9k and at that asr9k perform lacp bundeling over
> those 2 pw's ? in other words. can you take 2 mpls pw's and bundle them
> together into an lacp bundle group
Anybody know if you can take a couple mpls pseudowires from 2 remote pe's
and land them into one asr9k and at that asr9k perform lacp bundeling over
those 2 pw's ? in other words. can you take 2 mpls pw's and bundle them
together into an lacp bundle group ?
- Aaron
___
Thanks everyone, It was an AS5400 and it is now generating proper modem tones
when calls are presented. Now I just need to find a modem and a POTS line to
test from the office :/
Oh, funny side note. Come to find out the NFAS group has 7 PRIs in it, That
should be plenty to handle our p
On 5 August 2016 at 18:49, Phil Mayers wrote:
>> Unless the IP address of your NTP servers are known to an attacker,
>> in that case the packet can simply be spoofed.
>
>
> If you're not doing uRPF and ingress filtering of your own netblocks, you've
> got bigger problems IMO
Fully agreed, it's im
On 05/08/16 16:35, Lukas Tribus wrote:
Not all packets cause the wedge. If your CoPP allows NTP from your
configured NTP servers, but not from others, you're fine.
Unless the IP address of your NTP servers are known to an attacker,
in that case the packet can simply be spoofed.
If you're not
> Not all packets cause the wedge. If your CoPP allows NTP from your
> configured NTP servers, but not from others, you're fine.
Unless the IP address of your NTP servers are known to an attacker, in that
case the packet can simply be spoofed.
Lukas
_
On 5 August 2016 at 16:01, Gert Doering wrote:
> I'm not sure about *this* interface wedge bug, but if it's similar to the
> original one, if your CoPP policer lets even 1% of the packets through,
> you're still toast - just slower. With NTP, of course you have permit
> rules in your CoPP config
--- Begin Message ---
Dear experts,
Any one has any previous experience with the SAMI module on the catalyst
6500.
I have an old winax gateway and i need to replcae it with Cisco SAMI
enabled 6509 with Huawei BTS.
Appreciate any input.
--- End Message ---
You are right! We blocked everything using ACL on router but yep attacker can
spoof packet.
I will proceed for upgrade soon.
--
Sent from my iPhone
> On Aug 5, 2016, at 2:48 AM, Antoine Monnier
> wrote:
>
> Upgraded just a few days ago, but now apparently there is this this NTP bug
> that
Hi,
On Fri, Aug 05, 2016 at 11:02:01AM +0300, Saku Ytti wrote:
> I disappointed Cisco does not mention CoPP at all.
>
> Anyone running reasonable CoPP would have been completely unaffected
> by this issue. CoPP is not just about protecting from DoS, it's also
> protecting from 0days.
Sure about
Matt,
From an AS5396 decommissioned a while ago:
!
version 12.0
no service pad
service timestamps debug datetime
service timestamps log datetime
no service password-encryption
!
hostname AS5396
!
boot system flash c5300-is-mz.120-26.bin
aaa new-model
aaa authentication ppp default local radius
aa
Yes, we saw hangs in 03.16.03a and seems to be related to ARP learning.
On Thu, Jul 28, 2016 at 10:30 AM, Lukas Tribus wrote:
> Hi Eric, Mark,
>
>
> any new informations about the 03.16.03a hangs? Could you share SR number
> or bugid, if filed?
>
>
> Anyone else saw those hangs in 03.16.03a?
>
>
On 5 August 2016 at 10:41, James Bensley wrote:
> We had
Should be "have", the disgust and shame is still current.
James.
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.ne
We had some AS5300s as ISDN LACs that in turn forward the queries to
our ADSL LNS's...
So this is the config from one of our ISDN AS5300 LACs, should be able
to modify this as you need to termiante locally rather than forward
the L2TP tunnel.
Cheers,
James.
version 12.3
service tcp-keepalives-
I disappointed Cisco does not mention CoPP at all.
Anyone running reasonable CoPP would have been completely unaffected
by this issue. CoPP is not just about protecting from DoS, it's also
protecting from 0days.
On 5 August 2016 at 10:31, Lukas Tribus wrote:
> Hi,
>
> the hang you see could be r
Hi,
the hang you see could be related to the NTP bug (affecting only 03.16.03):
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva35619
Lukas
___
cisco-nsp m
18 matches
Mail list logo