On 21.12.2011, at 07:36, Ambedkar wrote:
> I am having two leased lines of 2Mbps and 4Mbps. I want to configure both
> as a backup route in case if one fails within 3 seconds.
>
> Please give suggestions.
use eigrp and set bandwidth on the interfaces.
_
On 19/12/2011, at 4:23 PM, Roger Wiklund wrote:
> Hi,
>
> First time configuring an ASR. WAN link is GigE with 3 tagget VLANs.
>
> Port is UP/UP 1000-full with LX SFP. I know the link works because we
> moved it from a 6500 to this new router.
> I cannot ping myself, I cannot ping the other end
On 18/12/2011, at 2:28 PM, Mark Tinka wrote:
>> I still remember a friend of mine buying 4x 7500s filled
>> with VIPs and ?Supervisors?… Every card, and even the
>> chassis all had problems! But it was not that the cards
>> didn't work - they booted, came on line, and then
>> crashed after 2 days
Hi Gert,
On 16/12/2011, at 6:40 PM, Gert Doering wrote:
> We've used EIGRP on PE-CE links in the past and used prefix-list filters
> incoming and outoing to enforce policy - which worked as well as for BGP,
> and it's about the same amount of config work, so I think that approach
> is fine.
Below
This provides a type of overview
http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf
although your milage will change based on which software features you enable.
On 17/12/2011, at 6:34 PM, Mark Tinka wrote:
> As I've mentioned before a couple of times on
HI Aled,
On Fri, Dec 16, 2011 at 12:29 PM, Aled Morris wrote:
> ASR1001 MSRP $17k + $5k for IP BASE licence
>
I think the IP BASE license is included with the ASR1001 for US$17K list.
Street price should be about EUR10K . (OP seems to be in euro zone).
He will however require a few sfps.
I pe
Hi Rolf,
On 16/12/2011, at 2:09 AM, Rolf Hanßen wrote:
> Hi Andrew,
>
> just pure forwarding of a few public networks towards each other and
> internet with default route.
> No tunnels, no NAT, no DHCP, no VPN or something similar.
> Concerning "relatively cheap": Im searching for "below 3000 Eu
Hi Rolf,
On 16/12/2011, at 12:25 AM, Rolf Hanßen wrote:
> I am looking for a stable, reliable router / Layer3 switch that can do the
> following:
> -forward at least 1GBit / 1Mpps
> -full support of IPv6
> -provide NetFlow data or similar for several hundred connected hosts in a
> way that can be
Hi all,
I am currently fighting with the "correct" way to attach an third party managed
dual homed internal customer to our mpls backbone. (See below for diagram)
Due to license costs we have decided (and I am starting to regret it) using
EIGRP between the "customer" CEs (6500s) and our two PEs
Hi Michael
On Fri, Dec 9, 2011 at 5:48 PM, Michael Balasko <
michael.bala...@cityofhenderson.com> wrote:
>
> I kinda like the flipping indexes to names so I might go down that route.
> I appreciate the help!
Didn't I say that yesterday? :)
>From a 2960 running IOS -
1.3.6.1.2.1.2.2.1.2.10101
Why extended? A small perl/ ruby script which collects the values
beforehand and then after reboot a second script that compares the
values and updates your software. Or do you set these things via a
clickablf gui?
You should be back up and monitoring within 5 min.
On 09.12.2011, at 02:09, Michae
On 09/12/2011, at 1:47 AM, Michael Balasko wrote:
> I normally would take a same chassis and build the switch identical(Line card
> wise) to what is being converted and then when I swap the SUP's they all line
> up but in this case I am up the brown fecal river, paddle-less.
>
> I've called TAC
Hi Peter,
> AFAIK all Cisco switches always send "Ethernet Loopback" (ethertype
> 0x9000) packets on switchport interfaces and disable the port is things
> loop. Loops would result in a message like this:
>
> %ETHCNTR-3-LOOP_BACK_DETECTED: Keepalive packet loop-back detected on
> FastEthernet0/
On 08/12/2011, at 12:09 AM, Sigurbjörn Birkir Lárusson wrote:
> The 67XX/69XX cards are incompatible with the Sup2/Sup32 since they are
> non-fabric enabled supervisors.
>
> For the 67XX cards you'll need a SUP/RSP720
>
> Kind regards,
> Sibbi
>
> Þann 7.12.2011 22:10, skrifaði "Jeff Meyers" :
Hi all,
Does anyone know if there is a Cisco catalyst equivalent of the HP Procurve
loop-protect command?
I am trying to find a way of protecting our Catalysts from someone replacing an
STP enabled switch connected via an access port with a "dumb hub".
The "spanning-tree guard loop" is one alt
On 01/12/2011, at 7:52 PM, Rolf Hanßen wrote:
> Hi,
>
> I know that WS-X6548-GE-TX has only 8GBit fdx towards the chassis/bus and
> I was told recently that this bandwidth is maybe divided into some kind of
> port groups.
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_wh
Hi Gert,
And what about
show counters interface gig 1/9
Does that shed any more light?
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-
Hi all,
I have been looking at IP SLA and was wondering whether there are any
appliances around which emulate Ciscos IP SLA so that you can use it as a
responder, or even better, the transmitter end?
If not, does anyone have any alternative device/ software recommendations?
Thanks
Andrew
_
On 10/10/2011, at 6:00 PM, Mack McBride wrote:
> That older fiber is probably not rated at 500 Mhz Modal BW suggested by Cisco.
> Older fiber is usually 200 Mhz.
> The LX4 would be a better choice (more dispersion resistant) and max distance
> of 300M.
I thought that the OP required an SFP+ on
On Fri, Sep 30, 2011 at 3:02 PM, Peter Rathlev wrote:
> AFAIK you cannot have "show cdp neighbors" put everything in one line.
>
It works if the hostname isn't very long.
>
> What are you trying to achieve? If you're looking for a specific
> neighbor and are used to using
>
> show cdp neighb
On Fri, Sep 30, 2011 at 1:25 PM, Joshua Morgan wrote:
> terminal width?
>
>
Believe it or not I tried that
hostname#terminal width 300
hostname#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Hi all,
I tried google, I tried asking around - but unfortunately no luck.
How do I tell the
"show cdp neighbors" that my terminal is wider than 80 chars?
The output is always split across two lines making this extremely annoying
to read.
longswitchname.domain.com
Gig 2/1/11
Dear all,
I am a little confused as to how VRFs, vpnv4 and EIGRP work together.
I have the situation that two PE routers (6500s) are connected via MPLS (via
the core). These two PEs also have a second direct connection (ethernet)
between themselves.
I has hoping to use this backdoor link for o
On Saturday, September 3, 2011, ar wrote:
> yup I know this private AS numbers...I tested in the GNS3 applying
overlapping AS at PE router but on different VRFs...our service is MPLS VPN
service to clients...one vrf per client. and PE-to-CE routing protocol will
be BGp. that's why I am making sure
On Sat, Sep 3, 2011 at 6:51 PM, ar wrote:
> VRF_A is for client A using AS number 100
>
> VRF_B is for client B using AS number 100 also.
>
> VRF_NMS is for Management system (Network Operations)
>
>
> VRF_A will not be imported to VRF_B.
>
> Only VRF_NMS will be imported to evert client VRF.
>
On 29/08/2011, at 10:13 PM, William Cooper wrote:
> Your not redistributing into BGP, your redistributing from BGP; the
> default-metric command
> assigns a metric (k values) for EIGRP.
>
> On Mon, Aug 29, 2011 at 4:02 PM, Andrew Miehs wrote:
>>redistribute bgp
Hi all,
I am confused by the "metric" option in EIGRP redistribution, especially when
used in conjunction with BGP.
redistribute bgp 65000 default-metric 1 100 250 100 1500
What does this actually do to the routes being redistributed into BGP? Does it
make a difference if it is th
On 26/08/2011, at 6:25 PM, Matthew Huff wrote:
> I'm looking at using SPAN to replicate the data and send it to a linux box to
> then create netflow data exports, however, given the nature of the data (high
> bandwidth and microburst), I'm not sure that the Linux box will work
> accurately. I a
On 15/08/2011, at 2:39 AM, Martin T wrote:
> I have a following network topology:
>
> C3750G-12S[Gi1/0/12] <-> [ge-0/0/0]Juniper M10i[ge-1/0/0] <->
> [Po1]Cisco 4506[Gi2/6] <-> [Gi1/0/1]C3750G-12S
>
> Is it a best practise to use the largest possible value
> on all interfaces or find out the lar
Thanks for the replies!
On 14/08/2011, at 12:56 PM, Alexander Clouter wrote:
> Two gotchas:
> * 'ip dhcp snooping database flash:dhcp-snoop.db', so that if the
> switch reboots all the clients do not get locked out
I don't understand why you would require storing this data?
The dhcp serve
Hi all,
Does anyone know whether/ and how much of a performance issue DHCP Snooping can
cause to layer 2 switches such as the 3560s, 2960Ss and 3750s?
I have about 400 access switches that I want to reconfigure, but am a little
worried about nasty side effects which take 2 weeks to get noticed.
On 24/07/2011, at 3:42 PM, James Bensley wrote:
> Yes, the default gateway for the clients where Linux boxes running iptables
> with squid and squidGuard, acting as transparent proxies, you had no choice
> but to go through the proxy.
I am not referring to transparent proxying. You don't even nee
On 24/07/2011, at 11:37 AM, James Bensley wrote:
> Its a tough one. At my last employer we rolled out squidGaurd along
> side our squid deployments, then used two different black list
> providers which updated daily (and you can use DNS BL now also if you
> patch your v1.4 source).
>
> Couple the
On 24.07.2011, at 08:02, "madu...@gmail.com" wrote:
> I am currently using a squid web filter to manage access to the
> Internet from office network beside ASA. I know anonymous proxies are
> hard to block because they are a constant moving target with new ones
> opening daily. My question is the
On Fri, Jul 15, 2011 at 9:07 AM, Alexandre Durand <
alexandre.dur...@tasfrance.com> wrote:
> I have been trying to force a giga port to come up without any physical
> device connected on this port wuith a c6500. I thought the trick was to set
> no keepalive on the interface but the port is not co
On 08.07.2011, at 18:11, Jeff Cartier wrote:
> The question, more or less, is do I have any options to keep moving forward
> in finding out what this user was actually doing?
You may want to look at snort or in this case force users over a proxy.
If this an enterprise environment I am sure tha
On Saturday, June 18, 2011, Andrew Miehs wrote:
>
>
> We orginally made the mistake as per cisco rcommendation of having on
> in the sup and the other on a 6708 - software sxi4.
> As previously stated, we used the second interface on the sup720 as
> one of the uplinks (etherch
On Saturday, June 18, 2011, Graham Wooden wrote:
> I wouldn't assume that if a SUP-based VSL link fails that it's the SUPs
> fault. It depends on your environment; our campus (a dirty manufacturing
> complex), we are constantly fighting SM fiber strand issues all the time.
I think the issue bei
On Saturday, June 18, 2011, Alexander Clouter wrote:
> Murphy, William wrote:
>>
>> We are running VSS for distribution layer switching in a campus
>> environment and have been quite pleased with it... Benefits for us
>> are simplification, faster convergence and better performance
>> (distribut
On Friday, June 17, 2011, Mike G wrote:
> Thanks for the great feedback Andrew! Did you ever discover the cause of the
> crash? Also, was the 20 second outage due to the delay in the active-hot sup
> taking over or was it something else?
Iirc - the crash logs reported a cache corruption, and
On Friday, June 17, 2011, Mike G wrote:
> Has anyone had personal experience with a VSS deployment? If so, do you
> have any horror stories, caveats, and/or recommendations? I'm also
> interested in people's experience with IPv6 implementation in a VSS
> environment.
We have 5 VSS systems in p
2011/6/9 Mohammad Khalil
> no i tried it , now i can reach one of the devices but the other one no
>
>
What can you reach from where?
What can you not reach from where?
What is the "other device?"
I assume you did the same change on the second switch?
Andrew
___
On Thu, Jun 9, 2011 at 4:05 PM, Mohammad Khalil wrote:
>
> interface Vlan10
> ...
> no ip unreachables
>
Could this be your problem?
Andrew
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archiv
I am not quite sure I understand exactly which problem it is you are trying
to solve.
Let us assume you (AS10) have been assigned 10/8 from RIPE.
You assign your customer (AS5) a 10.0.0.0/22.
As stated, you peer with AS11.
Many providers will not route provider assigned (PA) addresses from anothe
On Fri, Apr 29, 2011 at 12:02 PM, Phil Mayers wrote:
> On 04/28/2011 06:48 PM, Peter Rathlev wrote:
>
> I'm not deeply familiar with audits like these, but if they're seriously
>> asking for port-security on infrastructure ports they have IMHO
>> misunderstood something. User facing ports: yes ma
On Mon, Apr 18, 2011 at 11:27 AM, Artyom Viklenko wrote:
> I NEED to annouce these networks to Customer. But Customer should not
> annouce them to another upstream.
>
Ah, missunderstood who was leaking.
The other service provider your customer was peering with obviously didn't
filter the customer
On 18.04.2011, at 09:25, Artyom Viklenko wrote:
One solution I thinking of is to mark all announces to such
non-transit Customers with no-export community.
You should already be filtering what you announce. Just ensure you do no
export those networks.
Andrew
___
Interface config details from a Nexus 5010.
Unfortunately there isn't a 1000GB LWL SFP plugged into any of the interfaces
so that I could see if that made a difference...
Regards
Andrew
# show module
...
Mod Ports Module-Type Model Status
--- -
There is a carrier in Germany who uses the following product below to
provide Gigabit Ethernet access, and we have had to disable negotiation with
these products...
http://www.relinknetworks.com/productFiles/marconi/oms_800.pdf
I assume Gert is dealing with the same carrier/ equipment... :)
On Sa
Are you really sure you want to bill based on Netflow?
I used to look after a network with 7206 as edge routers and implemented
"Netflow" billing for them.
The concept was great, and you could provide all sorts of interesting data
HOWEVER
After having implemented this, I do not believe that such
On 06.04.2011, at 18:23, randal k
Situation is that I have
> a 6509, and I need to make a single blade on the chassis have a completely
> separate VLAN database from the rest of the chassis, effectively letting me
> use a VLAN twice on the chassis without allowing them to talk to each other.
Why
I hadn't seen this linked anywhere in the thread - but this is probably what
you were look for.
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper0900aecd80673385.html
Cheers
Andrew
___
cisco-nsp mailing list cisco-nsp@p
On 08/02/2011, at 3:13 PM, Erik Fritzler wrote:
>Smart Bits->Access port--->Cisco Switch-->Trunk-->Cisco
> Switch-->Access Port--->Smart Bits
>If we leave the connection between the 2 switches as an access port link
> then we can test across at full 1.0Gbps.
>However, it the lin
Hi David,
On 27/01/2011, at 5:29 PM, Dovid Bender wrote:
> 1) I do not know much about Cisco. I assumed that if one router failed then
> the second one would do the BGP.
> 2) We have an AS and I was told that we would need to BGP to advertise our
> IP's. We also need to do it so we are ISP inde
Hi Muhammad,
On Wed, Jan 19, 2011 at 5:15 AM, Muhammad Atif Jauhar wrote:
>
> Thats mean, there is any HOP in the chain not supporting the max size of
> the
> packet I am sending, need to check with SP for this...
>
>
MTU = Maxiumum transmision unit - ie: The maxium size you can transmit via
th
On Sat, Jan 15, 2011 at 1:42 AM, Peter Rathlev wrote:
> We always use LACP, since an unconditional port-channel connected to
> something that's not a port-channel might lead to problems. I view it a
> little like GE auto-negotiation -- I can't see a reason for not using
> it.
>
> Actually, one re
Not sure but you may want to look
for 'proxy arp' or use a second machine to proxy the requests
Andrew
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/ci
Sent from my iPhone
On 18.11.2010, at 00:27, Mark Kent wrote:
> Are we _still_ looking for a way to show a persistently static face
> to BGP peers?
Hi Mark,
Why not add something like
ip route 192.0.2.0 255.255.255.0 null0 255
on two of your routers somewhere?
That way internal flaps will n
Sent from my iPhone
On 15.09.2010, at 18:42, Tim Huffman wrote:
>
> Something I've been considering is to have the customer build a GRE tunnel
> (its Internet traffic anyway) back to our router over their other ISP's
> connection. We could then route their public IP space over either connectio
Hi Jeff
On 12.09.2010, at 19:32, Jeff Kell wrote:
> We have held on to 2950/3550s for that very purpose, where their newer
> counterparts present excessive drops. Rather than being pushed toward
> surplus,
>
> It is particularly annoying on an EMI (L3) switch actually doing routing.
>
> 2960s
On 04.09.2010, at 08:25, Marc Haber
>>
>
>> or clamp mss to something like 1420 to be safe.
>
> Now we're back to my original question, which is quoted above.
>
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t4/feature/guide/ft_admss.html#wp1060739
The above link should help you furthe
On 03.09.2010, at 18:03, Larry Smith wrote:
> On Fri September 3 2010 09:44, Marc Haber wrote:
>>
>>
>> Do I have a possibility to reduce the MTU used by the client and/or to
>> clamp the MSS to MTU on the IOS device (or by configuration passed
>> from the IOS device to the client when the conn
Thanks for both the answers so far.
My biggest issue however is with the management/ loopback interface.
Does everyone just use a cname for the switch/ router name - and the reverse
lookup for this address is then the 'real' interface name?
Thanks
Andrew
Hi all,
have spent the last couple of hours looking and haven't been able to find a
satisfactory solution to naming cisco siwtch interfaces.
I am currently looking after a lot of Cisco 6500s and would like to clean up
DNS so that reverse lookups = forward etc.
I would like to suggest that we do
On Tue, Aug 31, 2010 at 9:01 AM, Ziv Leyes wrote:
> The 7200 VXR may be a good choice, lower price than ASR and still deliver
> what you need.
> In case you don't really need all the expansions options perhaps a 7206 is
> too "big" for you in matters of rack space and you can go for a 7204 or eve
On 20/08/2010, at 5:57 PM, wrote:
>
> Two mentions of problems with manually configured gigabit operation.
>
> Is there really a problem in that scenario? Shouldn't be.
>
> Regardless of what the UI appears to be doing, you can't do gigabit without
> autonegotiating. It shouldn't be possib
On Fri, Aug 20, 2010 at 4:28 PM, Keegan Holley wrote:
> I disagree completely. I have run into the behavior you mentioned and gone
> back to auto, however I've had more problems with auto than with statically
> setting duplex. Devices rebooting and somehow coming to the wrong
> conclusion about
+1 for Autonegotiation.
I have had so many problems because someone forced 100/Full, 1000/Full on a
switch and the servers
could
A) Not set duplex AND speed (some could only set one option)
B) Remember what they had been set to after power off
C) Admin remembers to set on the server at all!
The o
On 14/08/2010, at 11:09 AM, Grzegorz Janoszka wrote:
>
>> What I don't understand is why the OSPF route is not more specific? Or is
>> this another case of announcing /24s (or even smaller blocks) via eBGP?
>
> It is just the same /24 route belonging to one internet exchange. Most IX
> prefix
On 14/08/2010, at 1:25 AM, Martin Barry wrote:
> I think his issue was that the subnet was connected, not learnt via BGP. So
> the two resolutions I see are:
>
> - inject it into iBGP
>
> - use the backdoor config already suggested
>
Actually, I think he said that it was learned via OSPF and e
Hi Mohammed,
2010/7/28 Mohammad Khalil eng_m...@hotmail.com
>
> what software we can use as proxy , do u have any free tools as the money
> plays a great role ?
>
sorry list - I didn't reply all on the last email.
As I said previously, the easiest solution would probably be with a proxy
server
201 - 271 of 271 matches
Mail list logo