Hi Mark,
> On 9 Feb 2023, at 05:42, Mark Tinka via cisco-nsp
> wrote:
>
> For those going to Manila for this year's APRICOT meeting, I will be part of
> a panel that is discussing this very issue - about the dwindling talent pool
> as it pertains to those with the hard skills, that were able
Hi,
> netconf?
What are the magic incantations for netconf for XR? I have lots of experience
with junos, but XR is still a mystery to me :)
Cheers,
Sander
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/c
Hi,
What is the best/most efficient/most convenient way to push large prefix lists
or sets to an XR router for BGP prefix filtering? Pushing thousands of lines
through the CLI seems foolish, I tried using the load command but it seems
horribly slow. What am I missing? :)
Cheers!
Sander
---
fo
Hi,
>> Oh, the joy of ASR9k… I'm so glad we have chosen another platform.
>
> I think this is a bit unfair, of course vendors drop support to older
> platforms.
Oh, I'm not commenting on something not being supported on older hardware.
That's totally understandable. What does annoy me is the la
Hi,
> After some more research, this is what came back today...
>
> "... Typhoon supports VXLAN EVPN features that were introduced up to
> 6.2.2. Features that were introduced after 6.3.1 are not supported.
> Ingress-replication bgp is not supported in Typhoon LCs"
>
> Which is slightly a
Hi,
> On XE and Classic:
> 1. you can only preform validation on eBGP-received routes;
> 2. any iBGP-received route will get marked "Valid" unless it has a 8097
> extcomm to the contrary; and
> 2. bestpath selection will prefer "Valid" to "Unknown", at the first-
> step in the selection process.
>
Hi,
> I also mentioned looking at Juniper on their list, and man did many come
> back telling me that JunOS could be a nightmare with commands changing from
> release to release, and that if I wasn't used to JunOS already (which I am
> not) that it would drive me batty.
For me it is very much
Hi,
> I somewhat recently discovered https://tools.ietf.org/html/rfc5837
>
> Exec summary: your traceroute will show the ingress ifindex where
> packet came in, allowing you to discriminate LAG/bundle/ae interfaces
> and determine actual path in network with ease.
>
> It seems like massively use
Hi Hefin,
> Not getting much luck via our support provider on this one.
> We are seeing ARP packets being dropped within the VSS for some ARP packets.
> (We still have single connected sites to the VSS, hence the need for Quad
> Sup6T's)
> Some ARP requests are arriving on one chassis within the
Hi,
> As I recall and I’m happy to be corrected but when you exceed the 253 VLAN
> limit with PVST the VLANs starting with the 254th added and on revert to RSTP.
I think you have to configure this, but that indeed seems to be what happens:
"RSTP configuration with VSTP was Introduced in Junos O
Hi,
Does anybody have a clue what this means:
%IOSXE-3-PLATFORM: SIP0: cylon_mgr: DYNAMIC EAID EXHAUSTED * Cylon(1)
Partition(9)
I'm seeing it a *lot* on an asr902 even during the time when it doesn't seem to
drop packets. We're still researching why it does start to drop packets
so
Hi,
> Op 16 aug. 2016, om 14:33 heeft Gert Doering het
> volgende geschreven:
>
> Hi,
>
> On Tue, Aug 16, 2016 at 02:07:12PM +0200, Chris Knipe wrote:
>> Quick question... I'm about to install my first ACE30 into a 6500
>> (SUP720)...
>
> "don't"
>
> It's a dead product, and Cisco has a long
Hi,
> Got you Sander :)
> But I think CSR1000V will do what I need because it looks like a PC right ? :)
Right :) If that is what your customer can manage then go for that.
Sander
signature.asc
Description: Message signed with OpenPGP using GPGMail
> Sorry Sander , I did but am just trying to evaluate what my customer already
> have in stock
They don't have a PC with a decent amount of CPU and memory? Look further than
router hardware :-) Router hardware is good at forwarding packets, which is
the opposite of what you need.
Cheers,
Sand
> Thanks all , so the best option to follow is either ASR1001-X or CSR1000v
> right?
> AS well , will Cisco VXR7206 NPE-2G will be of good choice?
Please read the "fast CPU and lots of memory" bit again...
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
> On Tue, May 24, 2016 at 10:53:50AM +0300, Mohammad Khalil wrote:
>> I am limited to the below choices:
>> ASR920 and ASR903 , what to choose?
>
> Neither one is a particular BGP-RR-oriented platform.
>
> What you want is something with a fast CPU and lots of memory, and you
> don't care about i
Hi,
> Oh gee, TAC claims that this is expected behaviour :-)
Time to escalate :-)
Sander
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listin
Hi Nick,
> They do process, but only when IP routing is not enabled on the switch.
Ah, right! It processes them when acting as a host. Makes sense :)
Thanks!
Sander
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
cisco-nsp m
Hi,
> Op 7 mrt. 2016, om 14:41 heeft Chuck Church het
> volgende geschreven:
>
> 'no ip redirects' doesn't stop the processing of redirects that are
> received, it stops the sending of them. There must be another host that was
> sending them that this 3560X was receiving.
I thought that Cisco
Hey!
New message, please read <http://drive-revenue.com/give.php?s>
Sander Steffann
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
> As for asking for a new engineer to take the case, that's a big problem for
> me. Usually when I open a case, it's something that I've spent hours, days,
> or weeks on, simply because I've exhausted all possible solutions on my end
> (Opening cases with TAC is a last resort). I have a diffic
> I also checked CF(compact flash) of good router into bad router but i am
> getting same below errors.
Sounds like your CF card slot is broken...
Sander
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisc
Hi,
> On 04/19/2015 06:08 AM, Mack McBride wrote:
>> Are all of the acls the same on both boxes?
>> It almost sounds like one box had a tcam explosion due to differing ACLs.
>
> Yes, ACLs are 100% identical, I've paid extra attention to that when I
> vimdiff'd the configs.
Are you using the LI
Hi,
> In the real world, I am not aware of any official standards,
> regulations or building codes that prohibit using Ethernet between
> buildings or outside buildings. If you know any, could you please
> provide a link.
I don't know of any official regulations, but I remember working with a
cu
Hi,
> The more I look at it, the value of the onboard management port seems to be
> zero. While I love the idea of out of band and so forth, there are things
> like aaa / netflow / snmp / ssh and so forth that I want to be able to do but
> apparently can't be done with the build-in port, and so
Hi Charles,
> I've been banging my head against this all day.
>
> We have an ASR-1002-X that's been living at home until it goes off to the
> colo on Friday. I've been trying to learn all the quirks of the platform and
> get some of the platform-specific stuff done before bringing in the bulk
Hi,
> More money than purchasing new? Smartnet on a secondhand vs new is the same
> price?
I once looked at getting a bunch second-hand c1841s, re-licensing IOS and
getting them inspected and covered by SmartNet, and the total price was higher
than just buying new c1841s with SmartNet.
- S
Hi,
> So, just to clarify - You can purchase refurb/secondhand Cisco kit and then
> purchase a smartnet contract for software access/updates(And also hardware
> replacement)?
Maybe, but Cisco is going to charge you a lot of money for that.
> But you cant purchase (legally) refurb/secondhand ki
Op 27 nov. 2013, om 11:26 heeft Gert Doering het volgende
geschreven:
> Hi,
>
> On Wed, Nov 27, 2013 at 05:20:12AM +0200, Mark Tinka wrote:
>> One of the best applications for me, for this, would be
>> visibility into the fibre, and proactive failover when a
>> certain fibre error-rate is rea
Hi,
> Hi Sander and thanks for the reply
> I actually converted the numbers into hexadecimal , and am running dual
> stacked network IPv4 and IPv6
> but how am going to block this IP address from appearing in the show ip bgp
> output ?
Same answer as before: Can you show your config? I don't r
Hi,
> Hi all I was working on a test LAB on GNS3 , the Lab contains both IPv4 and
> IPv6 with different routing protocolsThe starnge issue is that when I issue
> the show ip bgp on one of the routers
> I find the IP address 32.1.1.146 as a next-hopdid anyone face this before ?
>
Hi,
> The two outputs do have different warnings:
>
> reload reason:
> ===
> Router#reload
> Proceed with reload? [confirm]
> ===
If this warning would be changed to:
===
Router#reload int 5
Proceed with IMMEDIATE reload? [c
Hi Alan,
It makes sense. If you want to move ut from the global config to the switch
progile you can import it there. Importing it only moves it from one internal
database to the other, so it shouldn't impact the working of the switch.
Met vriendelijke groet,
Sander Steffann
Op 26 jun.
Hi,
> Is there any way to confirm that an interface is part of a switch profile
> in NX-OS (version 5) other than running a "show running-config
> switch-profile | include " or a "show running-config
> switch-profile"?
You can look at:
show system internal csm info switch-profile cfgd-db seq-tb
Hi,
> config-synch is your friend here. it provides a knob to duplicate certain
> configs (namely vpc related bits) across n5k chassis to reduce the number of
> touchpoints for the access-layer configuration.
> its pretty handy at times, though its worth playing with in the lab to
> understand
Hi,
> What has been the experience using TwinAX cables to uplink to servers?
Good :-)
> Cisco Twinax cables working only or have people been able to use HP/Sun/Dell
> provided cables with luck?
I have used Solid Optics cables with 100% success so far
> OS suggestions? Again this is going to
Hi,
> Thank you for correcting my misunderstanding.a few days ago, i started to
> learn FabricPath and TRILL.the question is i can not find some good materials
> to read.what i want is something very detailed to talk about these
> technologies.BTW,the following pdf file which you recommended i
Hi,
> Could anyone can explain what is the difference between those technology when
> using them to set up a L2 network in DC.
Wow, you are asking for an explanation about the differences between a set of
very unrelated technologies. A quick overview:
- LISP is layer-3, decoupling the Identity
Hi,
> But if you remove the ASN of the route server how would the clients peer with
> it?
The route server has an ASN, but it doesn't show up in the AS path. See
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/asr1000/irg-route-server.pdf
for information on how to d
seems a
> worthy cause ...
I already did. I asked him about several subjects (IPv6, putting the silly
legacy Cisco classful addressing stuff in perspective etc) and his responses
were great. And he seems to personally thank everybody who contributes :-)
Met vriendeli
w vlan 80
> I want transfert in layer 2 all packet to a other interface:
interface GigabitEthernet3/24
switchport
switchport mode access
switchport access vlan 80
Met vriendelijke groet,
Sander Steffann
___
cisco-nsp mailing list cisco-nsp@puck
Hi,
> We're trying to implement VPLS PE Redundancy with Supervisor Engine 2T (VSS)
> as described in
> http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-663645.html#wp9000139
> and constantly failing. It seems so simple: set up a VSS, use LACP or PAgP
> port-chan
Hi Arie,
> What pay of VPLS doesn't work?
> Do you see the PW's coming up? LDP? MAC learning?
MAC learning was broken on X6704 but seems to work with X6908. Forwarding seems
to break everywhere when the traffic has to go over the VSL.
> If you share some configs and show command outputs, mayb
Hi,
> Sorry - too early in the morning - ignore my last post - thought you were
> referring to VSS on Sup2T - didnt see the VPLS.
>
> :(
Yeah, the VSS is no problem. VSL links on the Sup2t and it was up and running
in minutes. The VPLS code is the buggy part it seems :-(
Cheers,
Sander
ally
been tested...
So: has anybody ever set up a network like this, or am I really beta testing
for Cisco now?
Cheers,
Sander Steffann
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archi
Hi,
> Can the n5k, n7k do pagp+ yet?
No, unfortunately not. We're using a c2960G for pagp+ because of that...
Sander
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.
> Who really cares if the recovery times are faster? If you are recovering,
> your link was down and will soon be up. You're not trying to change the fact
> that it was down, and you don't want the up to be half-butted.
>
> With LACP, you might see the link go down more often due to its abilit
> Restrict resolvers to your customer networks.
And if you have authoritative DNSSEC zones or other zones with large answers it
might be a good idea to look at rate limiting the authoritative servers:
http://www.redbarn.org/dns/ratelimits
- Sander
Hi Joe,
> Any thoughts on what I am seeing? I haven't seen anything like it before.
I don't know what you are seeing, but I am building a similar setup at the
moment (6500-Sup2t VSS + 5548 vPC) so I would be very interested if you find
anything. My current problem is doing VPLS on the VSS, but
Hi,
> Sounds like the following defect:
> CSCtq34985 - DCI: A-VPLS VCs not synced to standby Sup
>
> This is fixed in 15.0(1)SY1. You could consider upgrading to the latest
> 15.1(1)SY which contains this fix already.
I am running 15.1(1)SY, so this is not it... The bug I'm hitting also happens
Hi,
Short update for those interested:
> The problem is in the ARP traffic. The plain 6500 sends an ARP request to the
> VSS side, which receives it but doesn't send a reply back over VPLS.
And it turns out that this happens because the VSS doesn't learn the MAC
addresses from packets coming
Hi,
> Most large networks usually use UTC. It makes it easy to collaborate
> network events across the whole network. Of course, as long as the network
> is all set to the same TZ then you that shouldn't be a issue.
Using UTC makes it much easier to coordinate with other parties though.
Sander
_
Hi,
I am running into a weird problem in our lab. We have a 6500 VSS with Sup2T
supervisors. We have connected a VLAN on this VSS to another 6500 using VPLS.
When the traffic goes over the active chassis everything works fine, but when
we do a switchover to the other chassis no ARP replies are
Hi,
> I was wondering how Cisco routers could detect the directly connected
> interface at the other end is shutdown!
>
> there are two general possibility on my point of view:
> 1- the other device is sending special information before shutting down the
> interface.
> 2- there are some method of
Hi,
> Can anyone confirm if it is possible to retrieve IPv6 BGP Neighbor statistics
> from a Sup-720-3BXL running 12.2(33)SXJ ?
>
> My research suggests it should be at 1.3.6.1.4.1.9.9.187.1.2.5
> (cbgpPeer2Table)
>
> However, a walk of the whole ...187.1.2 tree reveals no sign of a 1.2.5 and
55 matches
Mail list logo