1 0398 @14:13 06Mar17 0
1 1390 @11:20 06Mar17 0
2 0419 @14:13 06Mar17 0
2 1396 @14:13 06Mar17 0
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Is it necessary to instead stagger 1/1, 1/3, 1/5, 1/7 to spread the load
across the card ASICs? I didn't think the WS-X6908 was an oversubscribed
card so didn't bother initially.
Peter Kranz
www.UnwiredLtd.com <http://www.unwiredltd.com/>
Desk: 510-868-1614 x100
Mobile: 510-207-00
was
either to define a new VLAN tag or to reload the router.
Last seen in Denali 16.3.1 unfortunately.
There is now a 16.3.1a, but nothing in the release notes about fixes.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
release yet that supports the 40G
operational mode, nor have I seen the required CVR-4SFP-QSFP adaptor
available.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net
Ah.. I've not been able to convince myself that the port density hit on the
9k was worth it yet.
Since the nexus 77k supports 2M IPv4 routes in its FIB and has pretty epic
density, we are trying to figure out what that would be a bad choice.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614
What are you replacing your converged core with Mack? Nexus 7700's?
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman
Regarding TCAM ... Data sheets are a little confusing in this regard, some
parts indicate "2M FIB TCAM Entries" some imply a 1M FIB limit. If it is a
2M FIB limit, It seems unlikely you would exhaust that limit in the next 10
years.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x
There is also the option of jumping to a used SUP2T or a SUP6T in your 6500
chassis. Depending on the line cards you have, you might have to replace
some of them.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From
For a non-cisco option, the new Arista 7280R is somewhat interesting.
Handles BGP full tables, has great port density, relatively affordable.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From: cisco-nsp [mailto:cisco
I cannot for the life of me figure out why this box seems to think it has
TCAM issues.. It's a SUP-2T XL platform.. Usage levels look well under TCAM
limits.
May 23 12:06:22: %CFIB-7-CFIB_EXCEPTION: FIB TCAM exception, Some entries
will be software switched
May 31 08:58:51:
T: %ILPOWER-3-CONTROLLER_PORT_ERR: Controller port
error, Interface Gi1/0/10: Power Controller reports power Imax error
detected
*Apr 25 08:43:32.742 PST: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet1/0/10, changed state to down
Peter Kranz
www.UnwiredLtd.com <http://www.unwiredltd.com/>
Anyone used the C6800-32P10G-XL cards yet? Seems like a no brainer
replacement for the WS-X6908-10G card at almost the identical price point,
but double the fabric bandwidth (160G vs 80G) if you upgrade to a 6807-XL
chassis.
Peter Kranz
www.UnwiredLtd.com <http://www.unwiredltd.com/>
Des
orted"
Anyone got the skinny on this?
Peter Kranz
www.UnwiredLtd.com <http://www.unwiredltd.com/>
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com <mailto:pkr...@unwiredltd.com>
___
cisco-nsp mailing list cis
G or 4 40G ports facing the downstream customer
Full routes
The application doesn't really support spending $200k on the solution, so
I'm looking around for something game changing. I think 100G might be too
young at this point to find it honestly.
Peter Kranz
www.UnwiredLtd.com
pkr...@unwi
Anyone have any thoughts the most cost effective chassis available currently
that supports 100G ports? Need to route upwards of 200 Gbps and handle full
tables, but cost is definitely a factor.
Peter Kranz
www.UnwiredLtd.com <http://www.unwiredltd.com/>
pkr...@unwiredltd.com <m
Lumbis [mailto:alum...@gmail.com]
Sent: Thursday, September 03, 2015 2:02 PM
To: Peter Kranz <pkr...@unwiredltd.com>
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] BGP multipath load balancing.. broken sessions upon hash
change
What you need is resilient hashing, which is sup
of this feature is under
the newer Supervisor 2T-10G-XL?
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
am using per-destination load balancing. My
suspicion is that upon a change in the number of connected peers, the CEF
hash buckets are reset and renumbered, breaking all connections.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
: Wednesday, September 02, 2015 2:56 PM
To: Peter Kranz <pkr...@unwiredltd.com>
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] BGP multipath load balancing.. broken sessions upon hash
change
Peter,
> On 02 Sep 2015, at 22:49, Peter Kranz <pkr...@unwiredltd.com> wrote:
>
Thanks Paul,
You were right.. Reducing the number of paths to 16 got me to the
full 16 buckets.
-Peter
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at
6 IP adj out of Vlan10, addr 162.244.60.56 2C4D6240
7 IP adj out of Vlan10, addr 162.244.60.57 2C4D63E0
8 IP adj out of Vlan10, addr 162.244.60.58 2C4D7420
9 IP adj out of Vlan10, addr 162.244.60.59 2C4D6580
Subblocks:
None
Peter Kranz
www.UnwiredLtd.com
: Invalid queuing class-map!!! Queuing actions
supported only with dscp/cos/qos-group/precedence based classification!!!
The only examples I have found either say apply to the SVI (Which doesn't
seem to work) or apply to routed sub interfaces instead of trunk ports.
Any hints?
Peter Kranz
Any ideas?
Peter Kranz
Unwired Ltd
www.UnwiredLtd.com
pkr...@unwiredltd.com
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
6a00801c9b4e.shtml
Peter Kranz
http://www.unwiredltd.com/ www.UnwiredLtd.com
mailto:pkr...@unwiredltd.com pkr...@unwiredltd.com
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http
Had a 6506-E running redundant Sup2T's perform a failover from ACTIVE to HOT
STANDBY yesterday with nothing showing in the logs right after the hourly
RANCID collection completed. Running
s2t54-advipservicesk9-mz.SPA.122-50.SY3.bin
Anyone seen this?
Peter Kranz
Founder/CEO - Unwired Ltd
Other than the form factor difference between these two chassis, is there
any particular reason to select one over the other?
Planning on running 2 VS-S2T-10G-XL sups, and 2 WS-6908-10G-2T 8 port 10G
cards.. Full BGP routes to two peers..
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Anyone else seeing these on 3750X's from time to time? Running 15.0(1)SE3
Oct 9 19:49:25.728 PDT: %IPC-2-INVALIDZONE: Invalid IPC Zone 0x6000.
-Traceback= 545BFCz CDDE70z 5AD80z 5AE68z 284DA88z 28478FCz
Peter Kranz
Founder/CEO - Unwired Ltd
http://www.unwiredltd.com
the real-time feedback would speed things up.
Using iperf right now, but requires kicking lots of scripts for each run..
Regards,
Peter Kranz
http://www.unwiredltd.com/ www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
mailto:pkr...@unwiredltd.com pkr...@unwiredltd.com
May 30 17:25:43: %LTL-SP-2-LTL_PARITY_CHECK: LTL parity check request for
0x4B86.
Saw one of these on a 6500 with a Sup720-3BXL today, first time it's shown
up in the logs.. Anything to be concerned about?
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr
Stager is a great netflow analysis option; http://software.uninett.no/stager
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf
...@thenap.com]
Sent: Friday, April 08, 2011 6:44 PM
To: 'Peter Kranz'
Subject: RE: [c-nsp] Safer DDOS drops
Peter,
What did you end up using to filter fragments?
We see a lot of these UDP 0 looking attacks and we've been reluctant to drop
all fragments because it breaks all kinds of legitimate protocols
. Is there a better way to
handle filtering a high volume traffic stream on a 6500 that won't kill the
rest of the device?
I've also got a WS-X6724-SFP in the device that's available
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Safer DDOS drops
On 04/08/2011 09:18 PM, Peter Kranz wrote:
Attempted to alleviate the customer port congestion by adding the
following to the port (an etherchannel made up of 2 1G ports on a
WS-X6516-GBIC)
access-list 101 remark DOS Attack
On 2011-04-08 22:18, Peter Kranz wrote:
So today one of our customers was being hit with a DDOS attack with
the following signature; basically a bunch of UDP junk of about 5 Gbps
in volume..
The device facing the customer is a 6500 with a Sup720-3BXL running
12.2(33)SXI3..
Attempted
Brandon, Peter, Phil thanks..
I removed 'ip accounting access-violations', used the fragments filter, and
changed to ' mls rate-limit unicast ip icmp unreachable acl-drop 0' .. another
5Gbps attack in progress currently, but router CPU is happy and customer still
in service.
-peter
configured, customers are configured
with RATE= (CIR) and CEIL= (MIR) rates, along with RULE = Subnet.. It's very
straightforward and works remarkably well.
Peter Kranz
http://www.unwiredltd.com/ www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
mailto:pkr...@unwiredltd.com pkr
Hi Arie,
Using the feature navigator,
Two-Rate Three Color Policer, and Two-Rate Three Color Policer - Ingress are
listed..
Supported platforms show:
ME3400E
CAT4500E-Sup6L
CAT4900M
Does this seem like the complete set of devices that have this 3 color
policer option?
Peter Kranz
=
disk1:s72033-advipservicesk9_wan-mz.122-33.SXI3.bin,12;
CONFIG_FILE =
BOOTLDR =
Configuration register = 0x2102
Peter Kranz
Founder/CEO - Unwired Ltd
http://www.unwiredltd.com/ www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207
Looking for a simple solution to do per-subnet rate limiting where we have a
bunch of subnet's on the same VLAN.. we a single output interface for this
traffic facing the customers, but lots of upstream links to the internet..
so ideally everything could live on the customer interface..
Peter
Also a chance of stalling the bus for too long if you insert the new
supervisor too slowly into the chassis.. so its possible you will reboot
even if you should not have to.
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message
If somebody comes up with a 'best-practices' COP example for the 6500
chassis, I'm sure it would be very useful for several people.
-Peter
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Saku Ytti
Sent: Tuesday, March 23,
No its not..
PFX-3CXL is only supported on the Sup720-10GE supervisor.. Sup720-3B can
take a PFC-3BXL, PFC-3B or PFC-3A
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From: cisco-nsp-boun
Ever since moving to 12.2(33)SXI3, I've seen a somewhat regular appearance
and then later disappearance of a selected list of sensors on
SUP-7203BXLs
Index: configs/gsr-365-backup.unwiredltd.com
===
retrieving revision 1.116
diff
:. Continue? [confirm]y
%Error formatting disk0 (No such device)
This is not cisco branded CF, but in the past I've had good luck with a
variety of other manuf. CF cards. Any hints on how to make sure the CF card
I purchase is going to be compatible?
Peter Kranz
Founder/CEO - Unwired Ltd
And the max capacity for a Sup720 is 1GB right, no 2GB and up modules
allowed?
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun
train, but could be wrong..
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Leslie Meade
Sent
So in terms of enabling MPLS on a fully meshed set of routers running BGP
and OSPF..
Here are the general steps I believe;
#conf t
Tag-switching advertise-tags
!
Int g0/0
Mtu 9216
Tag-switching ip
!
However, what can I expect to happen when this is done, i.e. will
The network is composed of 6509-e chassis with SUP 720 3BXL cards at all
sites..
So far respondents have recommended the following options; (so many ways to
skin this cat..!)
EoMPLS
Cisco Resilient Ethernet Protocol (REP)
802.17 (RPR)
Spatial Reuse Protocol (SRP)
STP
Peter Kranz
Founder/CEO
offer, I am
interested in advice on which would be most straightforward to implement on
top of our existing layer3 network.
Perhaps implementing Rapid-PVST is the simplest approach, but I'd be
interested in some best-practices knowledge here..
Thanks!
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868
Hi Renelson,
Without telling us the errors, not sure how we can diagnose your
issue.
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
Given all this.. is the SXI2a a 'no go' for a production platform at this
time? We are planning on doing a version refresh to address the TCP State
manipulation issue, and considering moving to SXI2a from the SXF chain.
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614
We needed the following to see all of the flow data (we use sampling as
well):
int x/x
ip flow ingress
ip route-cache flow
mls netflow sampling
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com
-Original Message
TCAM usage: TotalUsed
%Used
72 bits (IPv4, MPLS, EoM) 524288 285506
54%
144 bits (IP mcast, IPv6) 262144 5
1%
Peter Kranz
http://www.UnwiredLtd.com www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207
Iperf
http://dast.nlanr.net/Projects/Iperf/
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brandon Price
Sent: Wednesday, May 07
prefixes and
destination ASN#.
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shaun R.
Sent: Wednesday, December 12, 2007 12:43 PM
, and traffic from
the customers gear via VLAN #2..
I.e. everything sourced from a particular set of subnets to a particular
subnet will route VIA VLAN #1, otherwise route via VLAN #2..
Or do I have the crazy and is there an easier way to account for this..
Peter Kranz
Founder/CEO - Unwired Ltd
Yes, already being done.. but I like the concept of having real-time 95th
percentile graphs for both data flows.
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
[EMAIL PROTECTED]
From: Joe Loiacono [mailto:[EMAIL PROTECTED]
Sent: Wednesday
= 0x1820, Status Reg = 0x34008002
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
[EMAIL PROTECTED]
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo
IOS (tm) s72033_rp Software (s72033_rp-IPSERVICESK9-M), Version
12.2(18)SXF11, RELEASE SOFTWARE (fc1)
It's at a default burn-in config already.. I'm leaning toward a defective
SUP, although this is our first SXF11 build deployment.. we have SXF8 on the
rest of our 720's
Peter Kranz
Founder/CEO
Exterior Gateway Protocol (EGP), and EGP is lower
than INCOMPLETE.
Step 6: Prefer the path with the lowest multi-exit discriminator (MED).
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL
Has anyone tried using a CompactFlash PC Card adapter with a GSR 12k or
similar to use CF flash cards instead of PC Card flash? Its getting harder
to find PC Card flash memory around these days, not sure if this 'works'
however..
An example:
http://tinyurl.com/fh2hk
Peter Kranz
Founder/CEO
the bursting users BW.
Whats the best way to implement this model in a Cisco world? What switch
models support it? I was looking at UBRL but it doesn't appear to support
the PIR when using user subnet masks..
Thanks.
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile
.
Has anyone seen snazzy cable bundes designed to plug into 48 port line cards
and terminate into the back/front of a patch panel in a clean manner like
this..
open to suggestions, etc.. part#'s would be great too..
Thanks
Peter Kranz
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207
No reason to go with the non-A model.. especially since its actually more
expense in the market currently.
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
64 matches
Mail list logo