Re: [c-nsp] NPE-G1 / G2 performance

We had a solution involving NAT on some 6500s - it didn't take long for them to run out of memory & reboot. Cisco eventually said there was a limitation of ~57K NAT translations on the PFC3B. We added a ip nat translation max-entries 5 to the configs and asked our security office to pretty p

Re: [c-nsp] NPE-G1 / G2 performance

- Original Message - From: "Matthew Huff" To: "'Jeff Bacon'" ; Sent: Friday, March 19, 2010 3:05 PM Subject: Re: [c-nsp] NPE-G1 / G2 performance What type of interfaces do you need? IF just Ethernet, why not look at a 3560-E with IP services or a 4900M The NAT requirement is goin

Re: [c-nsp] NPE-G1 / G2 performance

What type of interfaces do you need? IF just Ethernet, why not look at a 3560-E with IP services or a 4900M -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jeff Bacon Sent: Friday, March 19, 2010 3:42 PM To: cisco-nsp@puc

[c-nsp] NPE-G1 / G2 performance

I'm looking for something that can: (1) handle about 100mbit (microbursting to gig) of mcast, taking it in interface A and pushing it out interfaces B and C, and maybe D (2) sustain 500-800mbit of throughput (assume 100-byte packets, occasional gig burst) coming in interface B and going out C, ju

Re: [c-nsp] NPE-G1 vs NPE-G2; is it a scam?

On (2010-03-19 10:20 -0700), Stephen Cobb wrote: > Found what I was talking about...this may explain things: > https://puck.nether.net/pipermail/cisco-nsp/2007-April/03.html Just to throw in some speculation, as people probably know NPE-G1 is MIPS and NPE-G2 is PowerPC, so rather large change

Re: [c-nsp] NPE-G1 vs NPE-G2; is it a scam?

>Found what I was talking about...this may explain things: >https://puck.nether.net/pipermail/cisco-nsp/2007-April/03.html Hello, Thanks for the pointers. I had found this after the concensus call to check the archives. We will run some stress tests to compare. C. ___

Re: [c-nsp] strange ipv6 problems on 3550 SVI

Bingo! Yes, I agree, it's worse. I knew the 3550 only did ipv6 in software, but this was going to be a low packet count test. Something things "seem" to work, but not really. Oh well, that division budgets won't be available to upgrade that switch until after Sept 2011, so it will have to wait

Re: [c-nsp] OSPF Default Route Injection

This is related to the forwarding address of 0.0.0.0; check this out: https://www.cisco.com/application/pdf/paws/13682/10.pdf It should help you fix it. Leah -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of David Granzer

Re: [c-nsp] NPE-G1 vs NPE-G2; is it a scam?

Found what I was talking about...this may explain things: https://puck.nether.net/pipermail/cisco-nsp/2007-April/03.html -SC On Fri, Mar 19, 2010 at 10:11 AM, Stephen Cobb wrote: > Hey guys - I saw something in a previous forum (can't recall where) that > talked about this. You won't actual

Re: [c-nsp] 6500 nvram contents changing

Fri, Mar 19, 2010 at 10:40:20AM -0400, Jared Mauch: > This typically happens if someone is viewing the startup-config (eg: show > conf) as it is locked. afaict, reading nor writing locks the nvram fsys in such a way that dir /all nvram:, the command rancid uses, fails. it seems to wait as you'd

Re: [c-nsp] NPE-G1 vs NPE-G2; is it a scam?

Hey guys - I saw something in a previous forum (can't recall where) that talked about this. You won't actually see increased performance on the G2 till you're getting into high CPU utilization, where the G1 would kick the can and the G2 does its spec'd job...something about the different architectu

Re: [c-nsp] vs cisco 2851 and NME-XD-24ES-1S-P

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/miragenm.html#wp1820427 good luck! On Fri, Mar 19, 2010 at 4:00 AM, Arne Larsen / Region Nordjylland < a...@rn.dk> wrote: > Hi all. > > Can som

Re: [c-nsp] NPE-G1 vs NPE-G2; is it a scam?

Hi, On Fri, Mar 19, 2010 at 08:39:06AM -0700, Chris Flav wrote: > Any tips as to what we can look at would be appreciated. Any experiences > performing this so-called upgrade? This has come up a number of times on this list, and there's explanation in the archives. gert -- USENET is *not* th

Re: [c-nsp] strange ipv6 problems on 3550 SVI

> Feature Navigator is wrong - as usual. 3550 does not have hw support for > IPv6, therefore no support for it. No plan, according to BU (have this > info via our account manager), to support > IPv6 on these switches. Go for 3560 or 3750 > > > Best Regards, >Janos Mohacsi Wh

Re: [c-nsp] control-plane packet transmit priority on PFC + lan card platforms

On Mar 19, 2010, at 5:48 AM, Andriy Bilous wrote: > Control-plane traffic is governed by pak_priority inside the router > http://www.cisco.com/en/US/tech/tk543/tk544/technologies_tech_note09186a0080094612.shtml > > This document is pretty old and doesn't reflect newer platforms, though > basics

[c-nsp] NPE-G1 vs NPE-G2; is it a scam?

We have had two "upgrades" on a 7204VXR platform where we went from a G1 to a G2 controller. Case A is a pretty straightforward BGP with 2 full feeds, 400Mbps aggregate traffic @72,000pps. Case A upgraded to 12.4XD train from 12.3 mainline Case B is a L2TP LNS, aggregating around 3000 PPPoE

Re: [c-nsp] Current BGP BCP for anchoring and announcing local prefixes

On Tue, Mar 16, 2010 at 09:19:03AM -0400, Drew Weaver wrote: > No to thread Hijack, but how do you guys handle injecting /32s for > null/blackhole into your upstream providers? > > Using a tag on the static route? with a route-map that matches the tag? which > then adds a community? > > thanks,

Re: [c-nsp] Cisco asa5550 url filter

I suggest running the scenario through Dynamips and PEMU for test purposes so you don't affect production traffic. AFAIK, the configuration unfortunately doesn't really get simpler than what the URL provided. Out of the box URL filtering requires RegEx and an MPF configuration. Regarding a

Re: [c-nsp] 6500 nvram contents changing

This typically happens if someone is viewing the startup-config (eg: show conf) as it is locked. - Jared On Mar 19, 2010, at 7:58 AM, Ben Cooper wrote: > Hi, > > We use rancid to retrieve configs from our cisco kit, recently one of > our 6500s (s72033_rp-ADVENTERPRISEK9_WAN-M Version 12.2(33)S

Re: [c-nsp] Cisco asa5550 url filter

Also, have a look at: https://supportforums.cisco.com/docs/DOC-1268 Sincerely, David. Ramcharan, Vijay A wrote: > Try Google or Bing with search string "asa inspect http regex" > The example given below is for blocking certain websites but you should be > able to come up with a configuration

Re: [c-nsp] Cisco asa5550 url filter

Hi Vijay,   Thanks for the reply,   I have checked and try to do but facing issue as the example given is too complicated and its difficult to do the test on the production Environment,    Can you share a example to allowing the access for a single site.   I am very thankfull to you.     Regards

Re: [c-nsp] Cisco asa5550 url filter

Try Google or Bing with search string "asa inspect http regex" The example given below is for blocking certain websites but you should be able to come up with a configuration that only allows certain sites and block everything else. http://www.cisco.com/en/US/products/ps6120/products_configurat

[c-nsp] 6500 nvram contents changing

Hi, We use rancid to retrieve configs from our cisco kit, recently one of our 6500s (s72033_rp-ADVENTERPRISEK9_WAN-M Version 12.2(33)SXH3) has started reporting nvram content changes sporadically throughout the day, eg: > !Flash: nvram: Directory of nvram:/ > !Flash: nvram: 1918 -rw-

[c-nsp] 6500 nvram contents changing

Hi, We use rancid to retrieve configs from our cisco kit, recently one of our 6500s (s72033_rp-ADVENTERPRISEK9_WAN-M Version 12.2(33)SXH3) has started reporting nvram content changes sporadically throughout the day, eg: > !Flash: nvram: Directory of nvram:/ > !Flash: nvram: 1918 -rw-

[c-nsp] Cisco asa5550 url filter

Hi,   We are using Cisco asa5550, and i want to put a url based acl/filteration for the particular client.   We have one client on inside interface who needs the access of www.youtube.com only(outside interface) and to restrict the same we are not able to restrict through IP acl's as Youtube ip

[c-nsp] vs cisco 2851 and NME-XD-24ES-1S-P

Hi all. Can someone give me a hint how to access the NME-XD-24ES-1S-P switch module in an cisco 2851 router. I can't se any off the fastethernet ports but I can se the gigabit. I'm running c2800nm-advipservicesk9-mz.124-24.T2.bin, and as far as I can see this should be ok. /Arne __

Re: [c-nsp] strange ipv6 problems on 3550 SVI

Don't forget that the 3550's will reach end of support in May 2011: http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps646/prod_end-of-life_notice0900aecd8029f777.html Regards, Antonio Soares, CCIE #18473 (R&S/SP) amsoa...@netcabo.pt -Original Message- From: cisco-nsp-boun

Re: [c-nsp] control-plane packet transmit priority on PFC + lan card platforms

Control-plane traffic is governed by pak_priority inside the router http://www.cisco.com/en/US/tech/tk543/tk544/technologies_tech_note09186a0080094612.shtml This document is pretty old and doesn't reflect newer platforms, though basics remain the same I believe. Some little bit is also here: http

Re: [c-nsp] Cisco 6513 FWSM problem

On Fri, 2010-03-19 at 12:31 +0500, Muhammad Jawwad Paracha wrote: > We faced problem of two FWSM in different chassis Cisco 6513,went into > active/active state suddenly. Though they are configured as > active/passive and running normally for 1 year. > > Any clue what has happened. The logs shoul

Re: [c-nsp] strange ipv6 problems on 3550 SVI

On Thu, 18 Mar 2010, Anton Kapela wrote: On Mar 18, 2010, at 4:52 PM, Stephen Cobb wrote: Check out the "top of rack switch recommendations" thread that started a couple days back. IPv6 has parity with v4 in 12.2(50)-ish IOS, even on the 3550's, so people are claiming. This might help.

[c-nsp] Cisco 6513 FWSM problem

Hi, We faced problem of two FWSM in different chassis Cisco 6513,went into active/active state suddenly. Though they are configured as active/passive and running normally for 1 year. Any clue what has happened. Regards Jawwad Paracha IBM ___ cisco-nsp

Re: [c-nsp] OSPF Default Route Injection

Hi, I have test setup with three routers R2/R3/R4, they running OSPF, R2 and R3 injecting default with "default-information originate always metric 20", R4 already sees default route from both R4#sh ip route 0.0.0.0 Routing entry for 0.0.0.0/0, supernet Known via "ospf 2", distance 110, metric

[c-nsp] 3745 and NM-1A-E3

Hi all, Wondering if anyone has experience with the 3745 and NM-1A-E3, specifically how many can you jam into one of these. According to the datasheet, 2 is the "recommended maximum", but I am wondering if the router will accept/recognise 3 of these cards and allow you to use all of them? Cheers