Hi, I want to implement the HOT-STANDBY in my network . For this i dont want
lose even a single packet, so i have implemented NATing, in which i am
translating the particular address to broadcast as below:
ip nat inside source static udp 172.xx.xx.255 172.xx.xx.1
extendable no-alias
On Fri, 2011-03-25 at 12:34 +0530, Ambedkar Podeti wrote:
Hi, I want to implement the HOT-STANDBY in my network . For this i dont want
lose even a single packet, so i have implemented NATing, in which i am
translating the particular address to broadcast as below:
Broadcast is still a single
Yeah broadcast is still a single packet but i dont want to send the same
packet to whole VLAN or all hosts in that LAN. Can i define the particular
IP addresses to which the data has to go ??
I can do Application based but i dont want to depend on the application. If
possible i would prefer in
If I understand you correctly, you want to replicate each packet coming from
172.xx.xx.1 to 2 or 3.
If you are using Ethernet L2 switch on the uplink, the easiest way would be
to use 2-3 uplink ports and turn off mac-learning in this particular VLAN.
Thus the switch acts as hub and replicates
Yeah broadcast is still a single packet but i dont want to send the
same
packet to whole VLAN or all hosts in that LAN. Can i define the
particular
IP addresses to which the data has to go ??
hmm, multicast comes to mind?
oli
___
Multicast takes time when it goes out of GROUP and joining GROUP. i dont
want to lose even a single packet.
On Fri, Mar 25, 2011 at 3:04 PM, Oliver Boehmer (oboehmer)
oboeh...@cisco.com wrote:
Yeah broadcast is still a single packet but i dont want to send the
same
packet to whole VLAN
Can you elaborate on the application requirement at hand here? Not losing a
single packet is virtually impossible in IP networks, you will always have
failures/re-routing events, or also things like dropping packets while ARP
adjacencies are resolved along the way, so I would argue that a
On Wed, 2011-03-23 at 20:55 +0100, Peter Rathlev wrote:
Thanks. We'll try just adding ip igmp snooping querier to the specific
SVI to see if this in itself would be enough. Next up we try ip pim
sparse-mode on the SVI and ip multicast-routing in global.
I'll keep the list updated on how it
Yeah, i am receiving the UDP data on one IP address and i want to replicate
this UDP data on 2 to 4 ip addresses. In this case the data will be received
by 4 ip addresses simultaneously.
Ambi
On Fri, Mar 25, 2011 at 3:25 PM, Oliver Boehmer (oboehmer)
oboeh...@cisco.com wrote:
Can you
the packets
Yeah, i am receiving the UDP data on one IP address and i want to replicate
this UDP data on 2 to 4 ip addresses. In this case the data will be received
by 4 ip addresses simultaneously.
I still don't understand the application requirements. What is this? TV/Video?
If you
Hi,
On Fri, Mar 25, 2011 at 11:00:01AM +0100, Peter Rathlev wrote:
2) Could 224.0.0.0/24, which they use for this purpose though that's
wrong, somehow be treated specially by a Sup720? Any chance it would
help using 239.255.255.0/24 instead?
224.0.0.0/24 is special, all the routing
On 25/03/11 10:00, Peter Rathlev wrote:
2) Could 224.0.0.0/24, which they use for this purpose though that's
wrong, somehow be treated specially by a Sup720? Any chance it would
help using 239.255.255.0/24 instead?
Ah. Yes. Don't use that range.
Also check the ttl if your packets. If its 1 it will always hit the CPU
regardless of group address.
On Mar 25, 2011 6:01 AM, Peter Rathlev pe...@rathlev.dk wrote:
On Wed, 2011-03-23 at 20:55 +0100, Peter Rathlev wrote:
Thanks. We'll try just adding ip igmp snooping querier to the specific
SVI
On 24-03-11 4:30 PM, Victor Lyapunov wrote:
Hello
I have been testing some scenarios for IPv6 over broadband
connections. The setup is a the most common one, the CPE gets
-One ::/128 WAN ipv6 address using autonegotiaton.
-A signle ::/56 LAN subnet for the user networks, through DHCP-PD
Thanks Scott,
But it don't solve the issue
Best Regards,
Ranokarno
On Mar 25, 2011, at 8:21 PM, Hughes, Scott GRE-MG shug...@grenergy.com
wrote:
Try using tcp port 400x instead of port 200x.
On Mar 24, 2011, at 9:17 PM, Chubby chubby_cri...@yahoo.com wrote:
Hi Andrew,
This is a
In our setup, we have no address for the WAN link, we just delegate a
/48 via DHCP-PD to the CPE.
Do you provide CPE management? if so, how do you propose
managing/monitoring the CPE?, via the LAN address? What if the LAN
interface is down?
Dave
--
David Freedman
Group Network
Anything in the 224.0.0.0/24 subnet is equivalent to a broadcast address in the
local subnet and will be punted to the CPU.
http://www.iana.org/assignments/multicast-addresses/multicast-addresses.xml
I've seen some software that has used 224.0.0.1 for the multicast destination
address and
-Original Message-
From: John Neiberger [mailto:jneiber...@gmail.com]
Sent: Thursday, March 24, 2011 2:54 PM
To: Drew Weaver
Cc: cisco-nsp
Subject: Re: [c-nsp] Unknown unicast only occuring when a host is under
attack...
On Thu, Mar 24, 2011 at 12:11 PM, Drew Weaver
Hi All,
We have a couple of Cisco IronPort devices - it's been a really long
time since we had to renew licenses. We need to renew now and are
looking for a reseller / channel partner that can sell us new licenses
for our IronPort located in San Francisco, US.
Anyone know of a company close by
Try using tcp port 400x instead of port 200x.
On Mar 24, 2011, at 9:17 PM, Chubby chubby_cri...@yahoo.com wrote:
Hi Andrew,
This is a reverse telnet session that communicate using Serial TCP
0xFF is part of data payload, and I can not find a way to double the content
of payload ie:
On 25-03-11 2:31 PM, David Freedman wrote:
In our setup, we have no address for the WAN link, we just delegate a
/48 via DHCP-PD to the CPE.
Do you provide CPE management? if so, how do you propose
managing/monitoring the CPE?, via the LAN address? What if the LAN
interface is down?
Not
sounds like windows NLB or something to me...? so a combination of
static arp addressing perhaps to a multicast mac address, and disable
any igmp snooping? it isn't really multicast, per se.
you are being a bit vague... perhaps intentionally. (fair enough).
On Fri, Mar 25, 2011 at 4:02 AM,
I received a couple of cable management brackets with my ASR9ks and they are so
handy that I'd love to get some for the rest of my linecards, but I can't find
them anywhere. Anyone know I can get them? I'm sure trying to ask Cisco for
them will be like pulling teeth.
Here's what I'm
Hmm, I noticed when I looked in the netflow for the attack traffic that there
were more than 400,000 source IPs participating in the attack, they were
obviously spoofed/what-have-you, but would that make a difference? I don't
think I've ever seen one with that many sources before, bravo to
Right now, I can't find anything on CCO or google so that tells me yes so
the answer must be NO. Unless I do something wacky like VPN to my syslog
server or some other stupid juryrig Anyone?
-Hammer-
I was a normal American nerd.
-Jack Herer
___
On Fri, Mar 25, 2011 at 3:53 PM, Hammer bhmc...@gmail.com wrote:
Right now, I can't find anything on CCO or google so that tells me yes so
the answer must be NO. Unless I do something wacky like VPN to my syslog
server or some other stupid juryrig Anyone?
IPSec is the way to go on IOS.
On
Thanks Christopher. My research has yielded the same result. I went and told
the unix team about an hour ago that I was flipping our syslog from UDP to
TCP w/ SSL or VPN and he just about fell over. I'm trying to decide how much
of an effort I want to make on this. Right now, I'm just enjoying
Why would the IPv6 address on the WAN interface ever be seen? Clients
attached to the CE router would be using the delegated prefix...
Frank
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Miquel van
Smoorenburg
Sent:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hammer wrote:
Thanks Christopher. My research has yielded the same result. I went and told
the unix team about an hour ago that I was flipping our syslog from UDP to
TCP w/ SSL or VPN and he just about fell over. I'm trying to decide how much
of
Hey that's pretty cool. As long as my syslog host is fine with it. Thanks
and I'll start researching.
-Hammer-
I was a normal American nerd.
-Jack Herer
On Fri, Mar 25, 2011 at 3:22 PM, Bruce Pinsky b...@whack.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hammer wrote:
The tls option only applies using BEEP, not TCP syslog, at least on
15.0 mainline.
On Fri, Mar 25, 2011 at 4:22 PM, Bruce Pinsky b...@whack.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hammer wrote:
Thanks Christopher. My research has yielded the same result. I went and told
the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hammer wrote:
Hey that's pretty cool. As long as my syslog host is fine with it.
Thanks and I'll start researching.
I haven't tried it to see if it works however. Good writeup here on doing
Encrypted Syslog with rsyslogd.
Cool. Doesn't apply to IOS but will work for my CheckPoints. If I make some
headway I'll post back to this thread. Don't hold your breath.
-Hammer-
I was a normal American nerd.
-Jack Herer
On Fri, Mar 25, 2011 at 3:30 PM, Bruce Pinsky b...@whack.org wrote:
-BEGIN PGP SIGNED
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hammer wrote:
Cool. Doesn't apply to IOS but will work for my CheckPoints. If I make
some headway I'll post back to this thread. Don't hold your breath.
Well, I was thinking of rsyslogd on the server side, not the client. Then
if the IOS TLS
This approach was discouraged ipv6-ops listserv and one person pointed out
that this violates an RFC:
http://lists.cluenet.de/pipermail/ipv6-ops/2011-January/004677.html
Frank
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf
There's always a customer that bridges the PPP connection to a PC on
which the connection is terminated.
And though we don't want it, modems will turn up that do IPv6 NAT.
And what address do you think will be used as source address for
connections originating from the CPE ? Like SIP ?
In
http://potaroo.net/ietf/all-ids/draft-ietf-v6ops-ipv6-cpe-router-08.txt
WAA-8: If the IPv6 CE router does not acquire global IPv6
address(es) from either SLAAC or DHCPv6, then it MUST create
global IPv6 address(es) from its delegated prefix(es) and
configure
i have 4 STM-1s , minimum budget
we use Giga Interfaces (SFPs)
Date: Thu, 24 Mar 2011 13:46:35 +
From: n...@inex.ie
To: eng_m...@hotmail.com
CC: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Border Router Recommendations
On 24/03/2011 13:18, Mohammad Khalil wrote:
what is the
Based on what I've seen of residential IPv6 CE routers, that would be a very
unusual configuration, in fact, perhaps impossible.
Frank
-Original Message-
From: Miquel van Smoorenburg [mailto:miqu...@cistron.nl]
Sent: Friday, March 25, 2011 4:43 PM
To: frnk...@iname.com
Cc:
I've seen 2 of those in normal use.
For example, the Draytek Vigor 120 is a device that bridges PPPoA to
PPPoE, so that you can terminate the PPP connection on a PC or router
(or linux-PC-router, whatever). Apparently they sell quite well. We have
customers using them. And PPPoE - PPPoE
No, it's not saying put a /64 on the WAN interface.
It says put a /64 from the delegated prefix on a virtual interface.
And it says if the WAN interface has no address and the router
originates a packet, use the address of one of the other interfaces.
Which will most likely be the
I'm sorry, I don't follow how these excerpts from ipv6-cpe-router are
recommending using a /64 out of the delegated prefix on the WAN interface.
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Miquel van
Smoorenburg
Sent:
Dear Guys,
Right now I have brand new C3945 Router with SM-ES2-16-P module insert to the
chassis.
when I need to configure the switch I need to execute service-module command.
Need your opinion :
1 .how do I configure Dynamic routing from switch module such as OSPF and
adjacency it's own
Hi harold,
Is not me or the router that make a session. But the server behind.
The scenario is like this :
Terminal host connect to asyn serial router == router 2911 == connect to
switch== solaris server
Because of old system terminal host can only talk using serial.
Server will initiate
44 matches
Mail list logo