>> Does RIPE really expect everyone to accept BGP routes as long as /29?
>
> Maybe they do. But it's not likely to happen on a universal scale. We
> filter at /24 and have no plans to change.
Imho, that is not fair to network community to have such filters if
RIRs are giving these IPs to ppl out t
On 30 June 2010 02:57, Harold Ritter wrote:
> Hi Christian,
>
> Most recent IOS versions should support 6PE. The command "mpls ipv6
> source-interface" has been removed from most recent IOS versions as well.
> This command only applied to locally originated traffic and the source
> address sele
On 29 June 2010 09:31, Mark Tinka wrote:
> On Tuesday 29 June 2010 03:10:07 am Christopher E. Brown
> wrote:
>
>> That only works until aq high $$$ customer starts
>> demanding 9000byte payloads for their IP in vrf or VPLS
>> service...
>
> We run two networks - one for IP Transit, another for
>
Anyone looked at Extreme X480s ?
I would wonder about their limitations in MPLS to the access environment.
Best Regards,
-mat
On 18 April 2010 21:48, Phil Bedard wrote:
> I've seen a presentation on them but that was over a year ago, and there were
> a lot of things "coming" which weren't ther
you could probably do something like this
R1 ==(trunk)== Q1 -- R2 --(MPLS cloud)-- R3 -- Q2 ==(trunk)== R4
Where Q1 and Q2 would on the trunk side:
switchport mode dot1q-tunnel
switchport access vlan QinQ
l2tunnel-protocol STP
and then the "tunneled" STP may get forwarded via xconnect.
Spec
switchport" interface. I don't remember if the
multicast was originated by the switch that leaked the traffic or it
was coming from local neighbour on that vlan (SVI).
Best Regards,
-mat
On 10 March 2010 19:47, Mateusz Blaszczyk wrote:
> Hey,
>
> I saw it specifically on 53SE on 3750
Hey,
I saw it specifically on 53SE on 3750 (12port)
53SE for 3560 was ok.
It didn't concern me much because it was testlab only and I wasn't
going to use it for production.
BTW 52SE doesn't have this problem.
I think you should open a tac case,
Best Regards,
-mat
On 10 March 2010 07:48, Ian He
Gert,
maybe you are hitting some old bug as I did long time ago on SXH1, it
was 3C bug...
http://www.gossamer-threads.com/lists/cisco/nsp/81589 ?
Best Regards,
-mat
On 9 March 2010 14:44, Gert Doering wrote:
> Hi,
>
> maybe a stupid question: are there any issues known with Rapid-PVSTP,
> EoMP
Wyatt,
> I have set BSR-BORDER on the interface, so that should not be it.
>
> I want too run PIM-DM but as long as I send PIM-packets I can not.
>
> Anyone have a theory about the filter not biting?
how about
ip multicast boundary
and blocking ALL-PIM-ROUTERS 224.0.0.13 and allowing all other
uting) access to CPU queue and
allocate all other cos values to separate queue?
-mat
--
Mateusz Blaszczyk
pgp-key 0x64643FCE
signature.asc
Description: Digital signature
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.neth
0 0
> !
What is the default here? All queues are used by default?
Best Regards,
--
Mateusz Blaszczyk
pgp-key 0x64643FCE
signature.asc
Description: Digital signature
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mai
On Sat, Aug 29, 2009 at 05:39:07PM +0100, Mateusz Blaszczyk wrote:
> List,
>
> We are going to replace a chassis of our core router (SUP720).
> At the moment it is a standard 6509, but the new one is going to be a
> smaller 7606S, using the same SUP720 (also the plan is to update
ou can try to stretch a vlan via
trunk--->access--->routed ports using external looped cable. Ugly.
Best Regards,
-mat
--
Mateusz Blaszczyk
pgp-key 0x64643FCE
signature.asc
Description: Digital signature
___
cisco-nsp mailing list cisco-nsp@p
On Sat, Aug 29, 2009 at 07:50:22PM +0100, Mateusz Blaszczyk wrote:
> > With SXF this has never been a
> > problem, only with SRB/SXH and newer.
>
> Yes, I forgot about the SXF can be run on both platforms. Then one thing
> less to worry about.
>
not so happy anymore.
I have to work e.g. "make it work as if nothing
happened". Unfortunately I cannot test drive it in the lab for a few
days, but I can take it out of production and prepare it during a day,
making sure that all features work as expected.
Best
(for a
lack of better
word) MAC being changed.
Thanks!
Best Regards,
-mat
--
Mateusz Blaszczyk
pgp-key 0x64643FCE
signature.asc
Description: Digital signature
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/m
switchover? Are there any gotchas to avoid, some
tips(howtos) to follow? We will run SRB or SRC, not sure yet.
Looking forward to hear from you.
Best Regards,
-mat
--
Mateusz Blaszczyk
pgp-key 0x64643FCE
signature.asc
Description: Digital signature
> Don't forget rebooting to go back to internal power. Except on 2088
> series routers with an AC-IP power supply; they can switch back fine.
>
On the newest IOS (50SE) and 3560-G, all I had to do to switch back to
internal PSU was to press the button. No reload, no reboot, no downt
2009/7/22 Ivan Pepelnjak :
> You're probably looking for the "ip ospf database-filter all out" command.
And how the summary LSA with 0/0 would get to the spoke router if that
is filtered out?
(assuming nssa scenario in OP's hub n'spoke topology)
Best Regards,
-mat
___
Ruben,
All routers in an OSPF area have to have the same OSPF topology database.
So unless you put each router in its own area there is no really a
good way around it.
Best Regards,
-mat
2009/7/21 Ruben Alvarez :
> Hello,
>
> I have a question. I have recently setup a second OSPF area. The AB
Alan,
But why only 1 MAC is flapping?
HSRP sends dest-mac as multicast address so there are clearly 2 paths
between these switches.
Unless the connection is unidrecional somehow, how on earth he doesn't
see same on second 6509-b?
It's confusing.
-mat
2009/7/13 :
> hi,
>
>
> i originally thoug
James,
did you try to clear the arp table to force some broadcast traffic?
or ping broadcast IP for the vlan?
and see if it triggers more mac flapping?
not that it would help at all...
it is buffling.
Another thing... try to reconfigure SVIs... or even use another VLAN
I think we run out of guns
James,
. (I have a pair doing redundant gateways for a DataCenter network)
>
> %MAC_MOVE-SP-4-NOTIF: Host 00d0.009e.2400 in vlan 42 is flapping
> between port Po1 and port Gi1/7
>
> I see about 20 of these for this one vlan each minute.
the mac is 6509-b and pps==20/minute is probably HSRP
One clue is in RFC2131 [1]
[...]
A client SHOULD use DHCP to reacquire or verify its IP address and
network parameters whenever the local network parameters may have
changed; e.g., at system boot time or after a disconnection from the
local network
[...]
Still it says SHOULD, not MUS
Ivan,
>
> BTW, even the more "traditional" fast convergence techniques (internal BGP
> fast fallover) might be too aggressive and do more harm than good.
>
Could you elaborate little more on that?
I thought it would be a good idea (e.g. neighbor X fall-over
route-map) to drop BGP session with a n
It seems it's a bug that appeared first in 12.2(50)SE and later releases.
To be fixed in SE3, scheduled for release on 23th July.
Best Regards,
-mat
2009/7/3 Tim :
Hi,
Mateusz Blaszczyk wrote:
This error message shows up every now end then when adding or modyfing
an ACL (with or wi
This error message shows up every now end then when adding or modyfing
an ACL (with or without access-group config on the SVI):
Jun 4 03:33:23.347: %ACLMGR-3-INTTABLE: Not in truth table: VLMAP 9
RACL 9 Rtprot 9 Mcb 13 Feat 3
Jun 4 03:33:23.347: %ACLMGR-3-INTTABLE: Not in truth table: VLMAP 9
RA
2009/6/2 ML :
> With the IOS available today it's apparent that uRPF is only available in
> VRFs on the ME3400.
>
> Like some people I've run across, I want uRPF not in a VRF. Has anyone
> found a workaround to this limitation?
if you are running vrf-lite i could create vrf global and put any
int
Pavel,
2009/5/26 Pavel Skovajsa :
> Hello all,
>
> Does somebody know of a good application performance assesment tool
> that would help me understand what is the current bandwidth per given
> application, something similar to simple Netflow collector but
> preferably end-user capture based that c
> What do you put into your interface descriptions? Do you document circuit
> ID, far-end equipment/port, near-end equipment/port, and/or anything else?
I like to have short description that fits 'show int status' so
something like and use cdp if I need more info.
Best Regards,
-mat
__
nd it's 10-port 10Ge card. If it only has 40gb on
> the backplane or fabric for that slot... well... lets hope all 10 ports
> aren't utilized to 100% at all times, It's a little over 2:1
> over-subscription for the example I gave.
>
> Mateusz Blaszczyk wrote:
>>
What's the difference between 40g/slot and 100g/slot ready ?
Is it like "vista ready"?
I would assume (wrongly?) that this is a hw limit?
Best Regards,
-mat
--
pgp-key 0x1C655CAB
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.neth
Andy,
Try using policy-list which don't get merged like community-lists...
ip policy-list PERMIT200 permit
match community 2
!
ip policy-list PERMIT100 permit
match community 1
!
ip community-list 1 permit 123:100
ip community-list 2 permit 123:200
!
!
!
route-map OUT permit 10
match pol
Skeeve,
> I am wondering if it is possible to use a 827, 828, 837, 877, 878, 888 as a
> bridge modem?
>
> What I want to do is have a router like an 1811, with say 5 xDSL devices
> which hold their connection up, but the 1811 does the Dialer part, so they
> can be multi-linked, or other load b
Jeff,
I would like to have a tool that allows me to historically view traffic
trends going to destination AS's so I can adjust some route-maps to better
balance traffic egressing my network. Any suggestions would be appreciated.
That one seems easy and straightforward.
https://neon1.net/as-
2009/3/23 Swati Sharma :
Hi All,
Thanks for prompt reply. My fault, I forgot to put mpls ldp sync under
address family. Now it is up.
and what does it have to do with isis adj?
am I missing something here?
--
pgp-key 0x1C655CAB
signature.asc
Description: OpenPGP digital signature
___
Burak,
*** As a result , it looks working with tracking of the subnet which is
between my router and ISP-1 router. But, i am sitll getting RIB-failure on
my router for this subnet. Does it look OK for you ?
that is correct behaviour.
the bgp route is not inserted into the rib (hence rib fail
Swati,
6500#debug isis adj-packets vlan 250
IS-IS Adjacency related packets debugging is on
*Mar 21 08:11:32.384 UTC: ISIS-Adj: Sending serial IIH on Vlan250, length
1508
you are sending serial iih from 6500 side
any idea where is the issue it was working fine when i established isis
adj
Manu,
2009/3/19 Manu Chao :
> I want to change OSPF administrative distance for ospf-external-type-2-only
> routes from a specific OSPF neighbor only.
you can't set it for E2/N2 specificaclly but you can for all external
LSA type 5/7
router(config-router)#distance ospf external ?
<1-255> Dist
Ivan,
2009/3/15 Ivan Pepelnjak :
> You can't use "permit any" because it would match any route in the IP
> routing table (including the connected interfaces).
is "permit any" matching 0.0.0.0/0 le 32 or just 0.0.0.0/0, I was
thinking that the latter?
> The access list used in
> NON-EXIST-MAP is
Burak,
ip as-path access-list 1 permit ^200 !!! (ISP-1 AS number) !!!
access-list 65 permit any !!! (permit any packet from ISP-2) !!!
route-map NON-EXIST permit 10 !!! (this matches any route from AS200) !!!
match ip address 65
match as-path 1
you can match only on ACL and prefix-list int t
I would suggest a reload after changing the spanning tree mode
2009/3/10 Nemeth Laszlo :
> Hi
>
> I make a mistake in the Routers name.
>
> This is the good version:
>
> I have a 7600/RSP720-3CXL with advipservicesk9-mz.122-33.SRC3.bin
> (this is Router A), 6500/SUP720-3BXL with ipservicesk9-mz.12
2009/3/6 Saku Ytti :
> On (2009-03-06 15:31 +), Mateusz Blaszczyk wrote:
>> 1 IP does not mean same machine these days
>
> Unlike HTTP/1.1 FTP does not tell which was the DNS name attempted, as
> that information is lost SLB can not use that information to steer
> t
> I noticed this same years ago, this is why I use ftp-sj. However somewhere
> between beginning of time and now it seems to have lost relevance:
>
> [y...@ytti.fi ~]% dig ftp.cisco.com +short
> 198.133.219.241
> [y...@ytti.fi ~]% dig ftp-sj.cisco.com +short
> download-sj.cisco.com.
> 198.133.219.2
2009/3/5 Justin Shore :
> I'm trying to get multiple OSPF instances to work in separate VRFs with all
> OSPF instances using the same router-id.
As you noticed it won't work
[...]
> I have OSPF configured inside the VRF in question. This is the first of the
> production GRE tunnels we've turned
2009/3/4 Asheesh Jadav :
> The Line card I have is a WS-X6408A-GBIC. I'm using different ports on the
> same line card for my attachment circuit as well as VC. Is VPLS supported on
> this hardware?
VPLS is supported only on ES, SPA and OSM line cards
[...]
>> interface Tunnel1
>> ip unnumbered
2009/3/3 Drew Weaver :
> Does anyone know if it is possible even roundaboutly to figure out what
> physical port a MAC address is connected to even if that port is in a VLAN? I
> can find the mac -> IP pair and I can find out what ports are assigned to the
> VLAN, but it would be super swell if
We are seeing similar problem not to be able to achieve good thorughput speeds
even with 12.2(46).
2009/3/2 :
We got around this by configuring
shaping (which is possible on the ME3400) and setting queue-limit 256 in
the policy-map. The problem seems to be resolved in 12.2(46), note the
follo
I'm multihomed to 2 upstreams, from time to time, 1 link is full while the
other has half of its capacity unused, as of now, I have to manual announce
of /24 to try to balance traffics, are there more intelligent way to do
that?
depending on which direction it gets full
you can use dmz-bandwid
Justin,
just be sure not to assign .255 address to the customer, windows is
buggy there: http://support.microsoft.com/kb/281579
We've been bitten there.
Best Regards,
-mat
--
pgp-key 0x1C655CAB
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
htt
as-name: AS702
descr: Verizon Business EMEA - Commercial IP service provider in
Europe
2009/2/5 Gary Roberton :
Hello all
Can someone look up which AS is advertising the 146.105.0.0 /16 network for
me, thanks.
Gary
___
cisco-nsp m
51 matches
Mail list logo