Re: [c-nsp] Physical Network TAP devices

For the 1G thing, we use this one http://www.pandacomdirekt.com/en/products/wdm/transponder-cards/267-gbps/2-c hannel-up-to-267gbps-3r.html With that, we can put loops in (missing at for example alcatel SAS) Do the medias-conversion (wdm/singlemode to cooper or whatever the next device is. You

Re: [c-nsp] PVST+ with arista box

Either configure MST everywhere, once, same configuration; Keep trunk vlan-assignement in sync with that and never try to change to avoid problems. So design your MST instances well; or stay on Cisco pvst+ with only Cisco switches. (caveat: some switches really want to have vlans mentioned in

Re: [c-nsp] Cisco One Licensing

> Some day, when I'm finally giving up on networking, I'll change to the dark side and apply for a job in >the license-model creation business unit for one of the big network vendors. > > gert I am thinking about creating special electric connectors, say, the upcoming IPv8-Connector; forcing it

Re: [c-nsp] OSPF LSA Type 3 / 5 question ...

On Fri, Feb 3, 2017 at 1:05 PM, Bryan Holloway wrote: > > Imagine an ABR bordering areas 0 and 1 which is summarizing 10.0.0.0/8 > > to the backbone.> > > >> Downstream is a router running OSPF with the ABR. On that router is a > > static route to yet another device that does

Re: [c-nsp] strange crypto map on C891f

Geyer [n...@neko.id.au]: > > It's used for internal crypto self tests during boot up, there was a bug about it about 18 months ago making it visible like you are seeing but I don't recall it affecting 15.4. > > Log a case with TAC. > > On 28 Dec 2016, at 6:53 AM, Juergen Marenda

[c-nsp] strange crypto map on C891f

Hi, i just migrated a pair of 1812's to C891f with ipsec-tunnels and found a (even in show run all) not configured crypto-map called NiStTeSt1 : That are Cisco C891F-K9 (revision 1.0) devices running c800-universalk9-mz.SPA.154-3.M6a.bin ursamajor#sh crypto map Interfaces using crypto

Re: [c-nsp] c7301 and hot-swapping of PAs?

Hi Gert, > I know I used to know this, but my memory is aging faster than the hardware... can PAs in a 7301 (= 1RU / 7200 / NPE-G1) be hot-plugged or not? According to the install guide, they can be hot-plugged: "Online insertion and removal (OIR) Allows you to add, replace, or remove port

Re: [c-nsp] Weird throughput issue

Check MTU on the links provided, probably some (vlan-/mpls-/...)tags does not fit. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] ASR 9000 Upgrade Expectations

Because of https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco- sa-20160525-ipv6 asr9k: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuz66542 it should be 5.3.4.1 or for the brave 6.1.1.16 but I cannt see it for download (but 5.3.3 two times ! ) ... waiting for a fix

Re: [c-nsp] ASR920 drops despite policy-map

Start at Layer 0+1... Sure that the links are all full-duplex , esp. to the test-loop ? If half-duplex, then youll see collisions. (and autoneg'ed an both sides shows same result, on all links ?) (just as a starting point, before checking higher levels And doing days off dbugging: eliminate bad

Re: [c-nsp] ISR4431 memory usage

> Thanks Juergen > - Did you notice any significant increase in ram utilisation once you enabled the 2 full tables?   > (i.e. ours is currently sitting at ~83%, base conf)or did memory usage not change that much > (i.e. it was "reallocated" from other processes) One Pair of them: 46.9% (1.62

Re: [c-nsp] ip virtual-reassembly drop-fragments

Ok, i found a document stating that "ip virtual..." is good for DDOS prevention http://blog.ine.com/2008/11/05/dealing-with-fragmented-traffic/ and does not help in reassembling in memory-efficient way what I learned from reading Cisco-doc when I first saw that command appearing on my router's

Re: [c-nsp] ip virtual-reassembly drop-fragments

gment DDoS so I was planning to use on outside interface to drop all IP fragmented packet. -- Sent from my iPhone > On Jun 2, 2016, at 10:44 AM, Juergen Marenda <c...@marenda.net> wrote: > > > Satish Patel wrote: >> is it safe to put on internap facing interface?

Re: [c-nsp] ISR4431 memory usage

Have several ISR4431 with minimum two full tables (but no default), without problems, migrated from 7201 and [23]8xx'er (but memory-eater "soft-reconfiguration" is no longer in use) Juergen. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net

Re: [c-nsp] ip virtual-reassembly drop-fragments

Satish Patel wrote: > is it safe to put on internap facing interface? > > ip virtual-reassembly drop-fragments what's an "internap"? s/ap/et/ Yes it is safe, but "no ip virtual-reassembly" is the best thing you can do, on every interface, and look form time to time and after reloads weather

Re: [c-nsp] ASR920 vs ASR1001-x

Even a 3COM 4200G is called a "layer 3 switch" (but it's very limited : " 32 static routes 8 IP interfaces Hardware based routing" (from an ancient datasheet) That's just marketing clouds ... tons of features, often mutex; so they will not fly as a cloud should. (The mentioned device

Re: [c-nsp] SFP compatibility

Most SFP's (esp. Older one for "low" speed) are fixed frequency, So they will not get in sync. An "GIG" SFP syncs at approx. 1.25 GHz and will not operate at FastEthernet Speed. OK, there _are_ multi-frequency SFP's, 1G SAN+2GSAN +1GE for example, but yoru device will not set the Clock to

Re: [c-nsp] TFTP/SCP

The crypto-work gets done on the CPU in software, and the CPUs on those switches are not very strong. (data traffic is forwarded by the hardware, only some special pakets (STP, CDP, ...) disturb the CPU; while management traffic must be handled by the CPU) Juergen.

Re: [c-nsp] Does Cisco 3845 support EHWIC-1GE-SFP-CU ?

3845 does not support EHWIC . ISR(-1) maximum H-WIC, never E-H-WIC. The build-in ethernet Ports are sufficient to overload that box. Use a NM-FE[12] to get an dedicated FastEthernet-management port. Also keep in mind that most ethernet-WICs or low-density-etherswitch-wic's may have deficits in

Re: [c-nsp] BVI Configuration on 1600 Access Points

the default int bvi1 as mgmt interface for the ap, My good old AP1131's did insist on that) . ...No reason to slap you instead of the vendor. Just my 0.01 $ Juergen Marenda. -- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net

Re: [c-nsp] %NTP: Multicast peer 224.0.1.1 does not exist

It's c7200p-advipservicesk9-mz.124-24.T8.bin Have you checked that the clock of your NPE-G2/7201 is in sync, # sh ntp status # sh ntp asso without having an accurate time, it will not send any ntp time-info -- Juergen Marenda ___ cisco-nsp mailing

Re: [c-nsp] Can ASA 5550 do BGP

On Mon, Feb 11, 2013 at 09:21:46PM +0100, Peter Rathlev wrote: On Mon, 2013-02-11 at 18:58 +, pamela pomary wrote: Quick one. I have just read from Cisco's support community that generally ASA's dont do BGP. I want to verify if that is the case or there is tweak to get it to do BGP :) .

Re: [c-nsp] can not configure modem by router

On Sat, Nov 17, 2012 at 02:22:58PM +0330, s m wrote: hello guys i wanna connect a modem to a 2800 router by AUX port. this is my configuration: modem InOut modem autoconfigure discovery transport input all stopbits 1 speed 38400 flowcontrol hardware the speed value changes because

Re: [c-nsp] SFP high power alarm

On Tue, Aug 21, 2012 at 06:05:32PM +0200, Gert Doering wrote: Hi, On Tue, Aug 21, 2012 at 12:26:50PM +, John Brown wrote: Put a real optical power meter on the fibers and adjust with pads as needed to get your levels within specs. That's *RX* power. Not TX power. TX power is

Re: [c-nsp] Loop/Unreachable problem with C6500/SUP720

(proxy-) ARP on wrong Interface / vlan ? You have random /32 more specific host-routes, compare mac-address table and arp-cache for the current wrong routed ip. Or are the ip's those found as ospf router-id ? Hope this help's, Juergen -Original Message- From:

Re: [c-nsp] me3600 svi's not showing in and out bit counts that isee on corresponding phy int

on 4900M ! int vlan NNN counter ! did help (yes i know the 4900M ist not a metro switch) Mit freundlichen Gru?en Kind regards Veuillez agreer mes salutations distinguees Met vriendelijke groet Juergen. Try to set the load-interval to 30s, then check again. Xu Hu On 8 Aug, 2012,

Re: [c-nsp] pppoe server

On the lower-price end, the 3845 has 1200 as maximum recommended number of l2tp tunnels or sessions; (cisco application note l2tp support for the cisco 800, 1800, 2800, 3800 integrated service routers ) or a 7206VXR with NPEg1 or the 1HE NPEg2 called 7201 will terminate 8000 sessions (mircom

Re: [c-nsp] Boot from TFTP

. ? Please consider the environment before printing e-mail -Original Message- From: Juergen Marenda [mailto:j...@ilk.net] Sent: Friday

Re: [c-nsp] Boot from TFTP

You need some RAM... The (first) image in FLASH will be loaded started and uncompresses itself. It reads the config file and, after configuring some of the interfaces, loads the indicated IOS thru tftp into RAM to uncompress and start it. So you need RAM for two IOS's unziped... or a smaller,

Re: [c-nsp] Boot from TFTP

No, boot system does not copy to flash, it loads file to RAM amd starts it. -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Peter Rathlev Sent: Friday, June 24, 2011 10:41 PM To: Scott Voll Cc:

Re: [c-nsp] Boot from TFTP

.. I knew there was was something. I'll see if I can find a Boot helper image to replace the full blown one that is currently on the flash. Thanks Scott On Fri, Jun 24, 2011 at 1:47 PM, Juergen Marenda j...@ilk.net wrote: You need some RAM... The (first) image in FLASH

Re: [c-nsp] Dot11Radio0 ipv6 command

Sorry, but I do not see the difference beetween IPv4 and IPv6 Behaviour here. As far as i remember you put the LAN-Interface vlan1 and the radio-(sub-)interface into the same bridge-group and configure the IPv4 (or Ipv6) on the bvi interface to emulate the normal behaviour of