[c-nsp] ios xe amsterdam

Hi Everyone, Posting this as it made for quite an interesting debug, and am hoping to save someone some future grief. When using ASR 1ks and ios XE Amsterdam 17.3.6 we encountered an issue related to pppoe users and radius attributes. We saw issues trying to send cisco AV pair ip:outacl or

Re: [c-nsp] Internet border router recommendations and experiences

Hi > > So if Cisco price themselves out of the market with their flagship Ethernet > box > - the ASR9000 - that just makes it easier for customers to consider Juniper, > Arista, Nokia, e.t.c. They also seem to want to follow the same route in metro with the NCS540s and this global bandwidth

Re: [c-nsp] Redistribute interface address as a /32 or /128 into BGP

--- Begin Message --- Hi, > > >> Now some of my monitoring and management traffic, which is addressed > >> to the customer facing interface addresses takes the shortest path > >> into > >> 10.0.0.0/24 and through this network and might then hit the interface > >> of the router. But there is a

Re: [c-nsp] asr1001-x : dynamic qos on virtual-template

--- Begin Message --- Hi We set a parent class with the shape average of the line ( assuming you know the speed) policy-map 4M32k-parent class class-default shape average 400 service-policy 4M32k And then use priority for a voice queue policy-map 4M32k class VoIP-RTP priority

Re: [c-nsp] ASR920 Break Into ROMMON

--- Begin Message --- Hi Scott, You may also try and sniff to see if a 920 looks for a boot server during the process. Another long shot ..but before making a new coffee table out of it it's worth a shot. Brian > -Original Message- > From: cisco-nsp On Behalf Of Scott > Miller >

Re: [c-nsp] PPPoE and HTTP Redirect

--- Begin Message --- Hi > > Hello all, I’m looking for some recommendations. I have a customer, an ISP, > who is doing PPPoE for residential and “some” smaller business accounts. > PPPoE terminated on an ASR9010, DaloRadius for authentication and IP > assignments. DaloRadius is configured for

Re: [c-nsp] asr920 - pppoe - Filter-Id is fail

--- Begin Message --- > > Hello Everyone, > > I thought the pppoe server was not supported on the asr 920 platform ? AFAIK it is not officially supported and is not handled in hardware, but does "work". So it would be all cpu , will not scale and throughput would be limited. It does support

Re: [c-nsp] ASR1001X PPPoE COS 2

--- Begin Message --- Hi > Hi > > I must add the 802.1P TAG on the pppoe connections coming from a > particular interface on Cisco ASR1001X > If you need to set cos on incoming packets (coming from a particular interface), on the interface you can apply a incoming classification policy map

Re: [c-nsp] cisco ACL filter outbound only

--- Begin Message --- > >     Again, the cli seems to indicate support for all the things necessary, > which > includes the idea of 'established', which is why I ask if THIS platform does > in > fact do what the cli suggests: > No it doesn't You need to understand what established does. It

Re: [c-nsp] cisco ACL filter outbound only

--- Begin Message --- > > It just seems to me that it is indeed possible using the above to put it > together. Is this all just non-working on this platform? > The difference is in connection state. An ACL does not track it so you can do Permit tcp any any established Inbound or outbound on a

Re: [c-nsp] Somewhat quirky question regarding C6513

--- Begin Message --- > On Thu, Jul 09, 2020 at 04:54:51PM +0200, Mark Tinka wrote: > > It had been a while since we run switches that big, but when it came > > time to replace our C6880-X in some PoP's, we went with Arista's 7508E. > > I was about to suggest that, but the 7500 series is WAY

Re: [c-nsp] ASR 9010 BNG setup

--- Begin Message --- Hi Scott Yes you need to check all your attributes being passed because they are different for the 9ks with respect to 1ks For example ip:ip-unnumbered=loopback 0 would need to be ipv4:ipv4-unnumbered=loopback 0 to send routes you need to use framed-route and not cisco

Re: [c-nsp] SD-WAN design for large scale

--- Begin Message --- Hi, > > Omar: Yes, by default you will have a full mesh of tunnels. It's easy > > to build Hub and Spoke topology if you want to. Often large > > organizations build regional Hub and Spoke where you traverse a Hub to > > go to another geographical region, such as EU to US

Re: [c-nsp] ASR 920 Strange SFP behavior

--- Begin Message --- Hi Shawn, Are you by chance switching from sfp to sfp+ on the ports by chance? Because the 12sz launches scripts when changing speeds that basically default the config and rewrites it, but doesn't always work as planned.. There was a discussion here about it a while back.

Re: [c-nsp] ASR1k mlppp speedlimit?

--- Begin Message --- Hi Harald, > sh int Vi2.304 > Virtual-Access2.304 is up, line protocol is up > Hardware is Virtual Access interface > Description: PPPoE-transport > Interface is unnumbered. Using address of Loopback0 > MTU 1492 bytes, BW 10 Kbit/sec, DLY 10 usec, > > -- >

Re: [c-nsp] ASR1k mlppp speedlimit?

--- Begin Message --- Hi Harald > >Weird things happen when you apply qos to link members and I would try > without qos in general as I remember it being kinda flakey with MLPPP. > > Actually AFAIR this happens when using portchannels as backhaul-transport we > do qos on mlppp for virtually all

Re: [c-nsp] ASR1k mlppp speedlimit?

--- Begin Message --- Hi Harald, Are you using qos? Weird things happen when you apply qos to link members and I would try without qos in general as I remember it being kinda flakey with MLPPP. After testing MLPPP we decided to not implement it on the network. Are you trying in LNS o direct

Re: [c-nsp] Cisco NCS VxLAN Experience

--- Begin Message --- Hi, > Broadcom levels the playing field amongst traditional and new vendors. > If Cisco and Juniper have the same access to Broadcom chips as do newer > market entrants such as Arista and Arrcus, what are we really paying the > traditional, expensive vendors for when

Re: [c-nsp] Cisco NCS VxLAN Experience

--- Begin Message --- Hi, > > I do have *null* understanding for "we have cisco proprietary protocols that > our customers are actively using (HSRP, EIGRP) but we do not support this on > because we can, buy something else!" (EIGRP on IOS XR > on NCS5k, HSRPv2 with IPv6 on ASR920). >

Re: [c-nsp] ASR920 and EEM:Mandatory.dualrate_eem.tcl

Hi, > > I'm not sure I wanted to know in the first place, and now I do not > > know if > I'm > > scared or morbidly fascinated. > > > Isn't it possible to disable/delete all these EEM scripts? > It is a registered policy even on ASR-920-24SZ-M with no dual rate ports ASR920_JN1#sh event

Re: [c-nsp] ASR920 and EEM:Mandatory.dualrate_eem.tcl

The dualrate script is for changing from 1G to 10G and vice versa. So asr920 needs a vty access to run the script in telnet and since there is not one available it removes ssh Nice workaround! More info here

Re: [c-nsp] ASR 920 Replacement

--- Begin Message --- > The table on software licensing looks like the usual Cisco nightmare, just more > of it. > > ESS-AC-10G-RTU-1 Essentials SW Right-to-Use per 10G > ADV-AC-10G-RTU-1 Advanced SW Right-to-Use per 10G > ESS-10G-SIA-3 Essentials SW Innovation Access per 10G 3 year subscription

Re: [c-nsp] ASR 920 Replacement

--- Begin Message --- Check carefully for EIGRP on the NCS family if you go that way. A lot of them do not support it and AFAIK the NCS540 does not. Brian > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > Muhammad Asif Rao > Sent:

Re: [c-nsp] Experience with Lenovo switching, anyone?

--- Begin Message --- Hi , Mellanox (or should we say Nvidia now?) is overkill for 1G ports, but is interesting and very competitive at high speeds. Here in Milan they are using them at MIX for 100G ports and seem to be happy. Their base software is lacking some features, for example in data

Re: [c-nsp] NAT64 Statistics over SNMP - ASR 1002

--- Begin Message --- HI Chris, not sure what statistics you are looking for but if you are wanting the sessions you should look into high speed logging/bulk logging using netflow https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration

Re: [c-nsp] QoS and groups of subscribers

--- Begin Message --- Hi Mike, > I have a group of subscribers using PPPoE, and I was wondering if > there > would be a way to implement a common QoS policy whereby every member > of this group shares a single virtual 100mbps pipe? The situation I want > to > deal with is oversubscription

Re: [c-nsp] Internet speed

Hi, Here in Italy the ministry of telecommunications has built a system for consumers to "certify" the speed of their connection. Most of the information is in Italian on the site https://www.misurainternet.it/ Basically they have placed servers is the major IXs and end users can download the

Re: [c-nsp] MPLS/DIA on same CPE

Hi Scott, The simple question is do the switches have the correct route ? If the two 3825 can ping each other but not the switch , you are probably missing a route there. If you can ping lan to lan between 3825 you are good there. Brian Turnbow CTO TWT S.p.A. > -Original Mess

Re: [c-nsp] 3750 and CVE-2018-0167

Hi Sebastian, We don't use lldp, but you can turn it off on an interface by interface bassis. Why run it on ports with devices outside of your control? Brian > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > Sebastian Beutel > Sent:

Re: [c-nsp] NBAR2

Outdated info but... We tried it a couple of years ago and ended up going with a different vendor. The protocol matching left a little to be desired. Not sure how much has changed Brian > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of >

Re: [c-nsp] PPPoE termination on ASR9K without SE linecards

Hi George I have always been told that TR cards do not support bng that you need for pppoe on asr. Same for the old trident cards. And even if they did you would be severely limited in qos scaling. (if you need really high qos scaling you should go tomahawk btw) There are some cisco live

Re: [c-nsp] ISIS Fast Convergence (ASR920?)

Hi Jason > On 28 February 2018 at 19:31, Jason Lixfeld wrote: > > > Hey, > > > > There seem to be some conflicting suggestions for ISIS fast > > convergence timers, and I can’t seem to understand why that would be. > > The former example is ISIS in a LFA FRR environment, the

Re: [c-nsp] Does NCS behave like Nexus w/regard to vPC+VRRP active/active?

Hi Dave, The ncs5501 does not support vpc nor any vss clustering like configuration afaik. Brian > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > David Hubbard > Sent: giovedì 14 dicembre 2017 18:07 > To: cisco-nsp > Subject: [c-nsp]

Re: [c-nsp] Inter-area Summarization problem on Nexus 9508

> > 10.203.165.80 is a valid network address for a /28, but doesn't "area range" > take an address and dotted-quad netmask rather than a CIDR prefix? So: > Yeah my bad.. should have read everything and not just the error messge. Should not reply before after lunch coffee... Brian

Re: [c-nsp] Inter-area Summarization problem on Nexus 9508

Hi, > Dears, > > Anyone know what is wrong with the below range ? > Yep, host bits are set You need to put in the network > router ospf 386 > vrf AAA > area 0.0.0.1 stub no-summary > > NX9KB9002(config-router-vrf)# area 1 range 10.203.165.80/28 > Invalid range, host bits are set

Re: [c-nsp] Nexus 7707 as Internet Edge Router?

Hi, > > NCS5500s do not support EIGRP > > Return to Step 1 - "why, if you have customers actually *liking* your vendor- > lock-in features, why would you stop shipping them?". > > Actually they seem to be really liking that... ASR920 doesn't do HSRPv2 > (though it *does* support HSRPv1). So,

Re: [c-nsp] Nexus 7707 as Internet Edge Router?

Hi Wanted to correct a post from a while back I made when discussing NCS5500s > > > And then, what features it gets - the first list on cisco.com was >> amazingly thin on details, but one of the interesting bits was >>"no support for EIGRP",which I find highly astonishing - you have a

Re: [c-nsp] ASR1002-X BRAS/BNG and shaping via RADIUS CoA

HI Divo, We use asr1ks with rp2s for this type of service without any issues . One thing you can't do is aggregate shaping on 2 service vlans so you can't have one shaper for 2 sub ints when using pppoe So interface GigabitEthernet1/0/0.1 encapsulation dot1q 100 second-dot1q any and

Re: [c-nsp] Nexus 7707 as Internet Edge Router?

Hi, > > "Anything detailed" you have on the NCS5* would be welcome - the material > on www.cisco.com is a bit sparse. > Check out the cisco live session for some good info. https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=94040 =popup > Since we're considering to either

Re: [c-nsp] ASR 9xx architecture slides

Hi Jeff Waris did great webinar for the list a year ago +/- on the asr900 series and posted a link , take a look in the archives. Brian > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jeff > Bacon > Sent: mercoledì 16 novembre 2016 17:24

Re: [c-nsp] asr1000 esp and sips in denali

want. Brian > -Original Message- > From: Nick Cutting [mailto:ncutt...@edgetg.com] > Sent: venerdì 26 agosto 2016 15:11 > To: Brian Turnbow; 'Mark Tinka'; cisco-nsp@puck.nether.net > Subject: RE: [c-nsp] asr1000 esp and sips in denali > > Apart from looking pretty, d

Re: [c-nsp] asr1000 esp and sips in denali

Hi, >On 25/Aug/16 16:30, Brian Turbow wrote: >>Today reading the release notes for denali I am once again getting >>confused on the asr1k. >I still don't understand what the point of Denali is, despite having discussed it with my SE several times. >I the end, I've realized I don't need it.

Re: [c-nsp] Cisco IOS/XE :: H-QoS for Multi-VRF / Sub-interface setup

GigabitEthernet0/0/3.12 encapsulation dot1Q 12 ip address 172.2.3.200 255.255.255.0 service-policy output parent HTH Brian From: neil.g.mor...@gmail.com [mailto:neil.g.mor...@gmail.com] On Behalf Of eyeballi77 Sent: venerdì 24 giugno 2016 14:25 To: Brian Turnbow Cc: cisco-nsp@puck.nether.net

Re: [c-nsp] Cisco IOS/XE :: H-QoS for Multi-VRF / Sub-interface setup

Hi, try taking a look at service-fragment. It will work on subinterfaces, but I'm not sure about using it with different vrfs. http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_mqc/configuration/xe- 3s/qos-mqc-xe-3s-book/qos-agg.html Brian > -Original Message- > From:

Re: [c-nsp] Private IP in point to point link on internet

utting [mailto:ncutt...@edgetg.com] > Sent: mercoledì 22 giugno 2016 22:33 > To: Satish Patel; Brian Turnbow; Cisco Network Service Providers > Subject: RE: [c-nsp] Private IP in point to point link on internet > > That space also "should" be non-routable over the internet - I

Re: [c-nsp] Cisco ASR 1002-X PPPoE Subscriber QoS policies

Hi, > > Hi folks, > > I have to setup a QoS policy to maximise the limited bandwidth on the cross > connects to our broadband backhaul provider. > > To date I have used per session policies but I am not sure that this will account > for the scenario where all subscriber sessions request more

Re: [c-nsp] ASR9k Bundle QoS in 6.0.1

> > On 12 May 2016 at 15:06, Robert Williams wrote: > > Although thinking about it, can't the central arbiter simply treat it as one > virtual queue and distribute the 'tokens' to multiple NPs in a round-robin style? > Would it be that significantly different from sending

Re: [c-nsp] VXLAN Unicast on Nexus 5600 or 9300

but try the ciscolive sessions they are available for free after registering and are really good about explaining what features are available in which platforms etc. Brian From: Robert Hass [mailto:robh...@gmail.com] Sent: giovedì 31 marzo 2016 19:11 To: Brian Turnbow Cc: cisco-nsp

Re: [c-nsp] VXLAN Unicast on Nexus 5600 or 9300

Hi Rob Here is a good read on vxlan control plane multicast/unicast. http://blogs.cisco.com/perspectives/a-summary-of-cisco-vxlan-control-plane s-multicast-unicast-mp-bgp-evpn-2 The 9ks will do mp bgp vpn , but not sure about the 5600 never used them. Brian Brian Turnbow Network Manager TWT

Re: [c-nsp] Really strange SIP (I think issue) on an ASR 1001X

Hi, > Hi, this is a really strange problem for me and I’m hoping some others > might > have a clue because I’m a bit confused. It’s also long and involved so > anyone > busy or not interested stop here. > > I have an IPVPN service from a carrier delivered presently over a pair of > 2921 >

Re: [c-nsp] CoPP on 7600s

HI James > > I'm not sure why traffic like BGP would match into both the hardware and > software policiers, when its such a simple match statement (I am assuming > that because the packet count under the software counters is much lower than > the ACL match, so the rest were policied by >

Re: [c-nsp] QOS on ASR9K

Hi Alex, on the 9k you can check out shared policy instance for this. " Using SPI, a single instance of qos policy can be shared across multiple subinterfaces, allowing for aggregate shaping of the subinterfaces to one rate. All of the subinterfaces that share the instance of a QoS policy must

Re: [c-nsp] QOS on ASR9K

] Sent: lunedì 5 ottobre 2015 13:38 To: Brian Turnbow; 'cisco-nsp@puck.nether.net' Subject: Re: [c-nsp] QOS on ASR9K Hello, tested but got the following error: SPI service policy name conflict: Different Service policy vlan10 is already configured in same direction for SPI shared-2gbps My config

Re: [c-nsp] QOS on ASR9K

Turnbow; 'cisco-nsp@puck.nether.net' Subject: Re: [c-nsp] QOS on ASR9K Hi, Tried it but seems like in my classes I can't go above 128Mbps :( !!% 'prm_ezhal' detected the 'warning' condition 'Cannot support child/flat shape rate > 128Mbps' Thanks. Regards, Alex De : Brian Turnbow <

Re: [c-nsp] ASR 1002X and SPA-10X1GE-V2

Hi Fabio, You need to use bridge domains and evc style configuration on the asr1000s for l2 forwarding. BDI interfaces can serve for l3 , like a bvi on ios So you need something like this for l2 forwarding interface GigabitEthernet0/0/0 service instance 1 ethernet encapsulation dot1q 1

Re: [c-nsp] Peering + Transit Circuits

Hi, On 25/Aug/15 13:58, Scott Granados wrote: If you’re not enabling URPF at the peering routers and edges how do you handle things like RTBH? D/RTBH still works fine. S/RTBH would be an issue, but one could enable uRPF temporarily for that. Or use uRPF with an acl. You can

Re: [c-nsp] Peering + Transit Circuits

Hi On 25/Aug/15 14:23, Brian Turnbow wrote: Or use uRPF with an acl. You can specify what to block and what not to block and use S/RTBH as well. Even though we're not receiving the full feed on dedicated peering routers, you're talking at least 35% of it. Sometimes more... You

Re: [c-nsp] High speed PPPoE BRAS recommedation?

HI Martin Hello, we're in the process of replacing some Juniper ERX BRAS with something more capable. It should handle some 400-500 dual-stacked PPPoE-over-VLAN sessions with speeds ranging from 30-200 Mbit/s (strong bias towards the lower speeds). Research on the Cisco website pointed me

Re: [c-nsp] ASR1K - Aggregate QoS Across subinterfaces?

and associate your parent class like this with your child class for policy-map parent class class-default fragment BestEffort-fragment shape average 500 service-policy child It's got some limitations but may be what you need. Brian Brian Turnbow Network Manager TWT S.p.A. -Original

Re: [c-nsp] CWDM SFP+ on N7K

Hi, Hi, I'm curious if any of you have used 10G CWDM on Nexus 7k, M1 or F1 line cards. Curious if any 3rd party CWDM SFP+ is supported with any of these line cards on 7K. Never tried on a 7k but you should be ok, everything else I've tried works fine. Talk to your vendor, most will code

Re: [c-nsp] Ping getting IPv6 address, though IPv6 is not enabled.

Hi Got something going on on a router that seems strange. To me, anyway. I have a router that does not have IPv6 enabled, nor is IPv6 being used in the network it’s on. “ipv6” does not even occur anywhere in the config. On any addresses it looks up the IPv4 address fine, and can route

Re: [c-nsp] sip trunk to asterisk

Hi thank you guys for your answers. i have no problem if i use just one codec as you mentioned Jared. my call hangs up when i have voice class codec with more than one codec. i trace all debug message and think that my cisco router can not transcode codecs to each other. so when the codec

Re: [c-nsp] Changing Peer IP of VPN headend

Hi, The ISP is not giving me a new circuit, just swapping IP space, so I am limited to one interface on one box. Is there a way to bind multiple crypt maps to an interface? Or a way to bind different entries in a crypto map to different source IPs? You can try and setup the new ip on

Re: [c-nsp] Block Ultra Surf v14 on ASA

Then they will just move from ultra surf to another vpn/proxy service... If the user is already doing this to bypass your security you will need to block them all not just one. Why not upgrade to a firewall that can block this type of service , not just some ips, we use Fortinet but lots of

Re: [c-nsp] Share a shaping policy (+ provide committed BW)

Hi Sure, you can create a class for each customer use the bandwidth percent to guarantee each 20% , they will be able to burst over it . Take a look at this http://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-packet-marking/10100-priorityvsbw.html Brian -Original

Re: [c-nsp] Basic inbound BGP path preferencing query

Hi Josh You can also check if your upstreams provide some communities to help in this case. Some allow setting communities on your announcements that create prepends, from global prepends to more specific prepends ( i.e set a prepend for all peers at linx) For example as174 has this document

[c-nsp] R: Shapping NTP traffic on 6500/7600

Hi snip I don't know if you've the ability to match on packet size or not in hardware for QoS - if so, UDP/123 packets which *aren't* 76 bytes in length is a good classifier, as it leaves timesync ntp traffic alone and squelches everything else. I admit I didn¹t check the 7600 platform,

[c-nsp] R: mpls forwarding and ip forwarding

Hi, Hi, As we know, if i enable mpls on the appropriate interface then the ip packets will be forwarded based on mpls forwarding table not the ip forwarding anymore.for some reason.my question is that is there any way to make the ip forwarding on the interfaces which mpls enabled?

[c-nsp] R: Search small replacement for Cisco 12k with ATM/OC3interface

HI Rolf, As other have mentioned a 7200 would be what I would use , but there are also the nm atm oc3 modules for the 37xx/36xx for dirt cheap if a couple hundred euros is too much.. On ebay there is a 3725 with an oc3 for 40 GBP sourced from London. You could even get an old 3640 and relive

[c-nsp] R: ARP problems with UCS FI 6140XP

Hi Don't' use the ucs stuff but this happens on regular switches as well, Microsoft clusters come to mind ... The box is probably not generating any outbound traffic and the mac times out before your arp entry does. You can shorten your arp timers or lengthen your mac timers Or have a script

[c-nsp] R: Cat6500 SUP32 DWDM

Hi, Hi guys, Does anybody know if the WS-SUP32-GE-3B for the Cisco Catalyst 6500 can do DWDM via SFPs plugged in the Supervisor itself (the SUP has 8 SFP ports)? Never tried DWDM , but CWDM works just fine. Regards Brian I am searching in Cisco's documentation and i am a bit

[c-nsp] 10Gig CWDM

Hello Everyone, We are looking into upgrading some links actually on a cwdm run to 10Gig. After looking into DWDM equipment I was told to check into 10Gig CWDM plugs offered in sfp+ xenpak x2 xfp etc Such as the ones offered by smartoptics

[c-nsp] R: Old mystery... receive vs transmit discards...

HI, Oggetto: [c-nsp] Old mystery... receive vs transmit discards... Over the years I've noticed the network monitors pointing out various of our lower-end Catalyst switches (29xx, 35xx, 37xx) reporting transmit discards or receive discards. Since we have some gig uplinks on some 10/100

[c-nsp] R: ES20 aggregate QOS

Hi , Hi, We've got a 7609 with ES20+ card in it (running SRD4 if it matters). We've got a service from a carrier that is sub-linerate so we would normally shape the sub-int to the speed of the service provided and then apply a child policy for the QoS. The question I have is whether

[c-nsp] R: RP PAS iEdge output drops

Hi, Hello! I have a Cisco 7206-NPE-G1 (Version 15.2(4)M3) used as PPPOE access server. With about 180Mbit/s (input traffic on G0/1) i have about 65% of CPU usage (1.8k users, 75% CPU). Right now there's about 1450 PPPoE sessions up on 26 VLANs (all on G0/2). CPU usage is very high

[c-nsp] R: Fwd: RP PAS iEdge output drops

that you can check against your config http://www.cisco.com/en/US/docs/ios/isg/configuration/guide/12_2sr/isg_12_2sr_book.html HTH Brian policy-map 50k class class-default police 5 conform-action transmit exceed-action drop 2013/7/11 Brian Turnbow b.turn...@twt.it Hi

[c-nsp] R: Cisco ASA and SDP length(VOIP/SIP)

Hi Feby, (VOIP/SIP) Does anyone knows if a Cisco ASA which has SIP inspect turned on can cause SDP length on a SIP message to be changed dramatically. We did an upgrade on our Cisco ASA from 7.3 to 8.4(6) and i have been told the upgrade is doing funny changes to SIP message. We do a

[c-nsp] ipv6 on esr 10k

Hello Everyone, We are rolling out IPV6 services to our xdsl users and I am looking for an answer regarding esr 10ks and ipv6( Pre2s running 12.2(33)SB13). It works :-) , but we have been unable to find a way to activate ipv6 without creating a full virtual access interface. I've been looking

Re: [c-nsp] Sup720 software forwarding

Hi, On 03/08/2013 07:46 AM, Peter Rathlev wrote: Theoretically, if one would happen to have a Sup720 that does software forwarding, how is it that one can check what the reason for punts is? An excellent question. In the past, TAC have found stuff like this with ELAM captures,

Re: [c-nsp] ASR-100x intro

Hi On 5 January 2013 12:32, Charles Sprickman sp...@bway.net wrote: The one area where I would like to be more high touch is in traffic shaping and QoS. Often times we'll have a metro-ethernet customer who wants 50Mb/s and our metro-e provider can only provide an unthrottled 100Mb/s

Re: [c-nsp] Cisco 867 SIP NAT

On Jan 10, 2013, at 8:40 AM, Richard Clayton sledge...@gmail.com wrote: I am currently running SIP ALG on 1000 devices without any problems, a mixture of 857 and 887VA-M. I originally had a problem with the 887VA-M but a bug fix was released after I raised a TAC case. Cheers

Re: [c-nsp] Cisco 867 SIP NAT

HI , -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Chuck Church Sent: mercoledì 9 gennaio 2013 03:52 To: 'Andrew Yager'; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Cisco 867 SIP NAT You can configure a

Re: [c-nsp] WS-X6708-10G-3CXL usable with SUP2T?

Hi, -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Drew Weaver Sent: martedì 8 gennaio 2013 18:33 To: cisco-nsp@puck.nether.net Subject: [c-nsp] WS-X6708-10G-3CXL usable with SUP2T? Hi, I was reading the

Re: [c-nsp] ISR G2 Licenses - Permanent vs Right To Use

Hi Group, We've had a complaint from a customer that their security license on a 1941K9 is showing as Right To Use when they are expecting it to show Permanent: Index 2 Feature: securityk9 Period left: Life time License Type: RightToUse License

Re: [c-nsp] loose uRPF on Sup720/3B

Hi Hi, consider me confused on the operation of Sup720/3b with loose uRPF configured. So far, I thought I understood what it can and can not do: - uRPF for IPv4 can be done in hardware - loose or strict mode uRPF is a global setting for the whole box so I decided to enable loose

Re: [c-nsp] IPv6 SLAAC on P2P or QinQ subints

-Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Tim Densmore Sent: mercoledì 7 novembre 2012 17:12 To: Cisco NSP Subject: Re: [c-nsp] IPv6 SLAAC on P2P or QinQ subints On 11/7/2012 12:51 AM, Mikael Abrahamsson

Re: [c-nsp] 6506-E vs 7606-S

Besides which way the slots go? :) Is the sup 2t officilly suported in the 7600 now? I know there have been rumors and promises, but has it been announced? I must have missd it Full circle from split to reconvergence, what a waste. Brian Inviato da iPad Il giorno 07/nov/2012, alle ore 22:12,

Re: [c-nsp] DCEF720 card together with CEF256/classic line cards in Cat6.5k with Sup720?

HI Lars, -Original Message- From: Lars Fenneberg [mailto:l...@elemental.net] Sent: sabato 22 settembre 2012 11:20 To: Brian Turnbow Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] DCEF720 card together with CEF256/classic line cards in Cat6.5k with Sup720? Hey Brian

Re: [c-nsp] DCEF720 card together with CEF256/classic line cards in Cat6.5k with Sup720?

HI -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Lars Fenneberg Sent: venerdì 21 settembre 2012 14:42 To: cisco-nsp@puck.nether.net Subject: [c-nsp] DCEF720 card together with CEF256/classic line cards in

Re: [c-nsp] Giants and input errors but no MTU mismatch 7600-to-4948

Hi, -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of John Neiberger Sent: mercoledì 19 settembre 2012 21:07 To: Aaron Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Giants and input errors but no MTU mismatch

Re: [c-nsp] cisco maximum rate-limit interfaces

Hi, -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Mike Sent: martedì 11 settembre 2012 06:06 To: 'Cisco-nsp' Subject: [c-nsp] cisco maximum rate-limit interfaces Hi, I have a 7201 running

Re: [c-nsp] NAT issue on ASR1K

Hi My inside local and inside global are unique addresses so the extendable keyword doesn't seem to be the solution. It is the port that the router is complaining about. Looks like it does not want to use the same port again even if it is associated with a separate IP address. Actually

Re: [c-nsp] bridging to second-dot1 vlan

Hi Tony, -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Tony Sent: martedì 4 settembre 2012 15:24 To: cisco-nsp@puck.nether.net Subject: [c-nsp] bridging to second-dot1 vlan Hi all, I have a situation where I

Re: [c-nsp] NAT issue on ASR1K

Hi -Original Message- From: Nasir Shaikh [mailto:na...@nasirshaikh.com] Sent: martedì 4 settembre 2012 16:19 To: Brian Turnbow; 'M.Ahsan Khan'; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] NAT issue on ASR1K Hi Brian, Thanks for your input. The router accepts the first two

Re: [c-nsp] Sup720 SVI ACL deny punted? (no logging)

A couple of ideas 1 to generate an ip unreachable ? try disabling them on the SVI 2 I remember something about acl and netflow (punts to create flows) but it was sup-2. I'm not sure if it still applies to sup-720 Brian -Original Message- From: cisco-nsp-boun...@puck.nether.net

Re: [c-nsp] Port Errors

-Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Harry Hambi Sent: martedì 28 agosto 2012 11:17 To: cisco-nsp@puck.nether.net Subject: [c-nsp] Port Errors Hi All, I have a module (16 SFM-capable 16 port

Re: [c-nsp] Port Errors

Hi All, I have a module (16 SFM-capable 16 port 10/100/1000mb RJ45) in a 6500 chasis running IOS Version 12.1(23), giving the following errors Aug 26 06:41:48.965: %PM_SCP-SP-6-LCP_FW_ERR_INFORM: Module 9 is experiencing t e following error: Pinnacle #0, Frames with Bad Packet CRC

[c-nsp] ASR1000 and QOS

Hello Everyone, I am trying to realize a qos configuration on an asr 1006 for pppoe services being sold by our national incumbent. On a single GE interface I will receive two classes of services, cos 0 and cos 1, each with a set bandwidth. i.e. cos 0 100mbps cos 1 20mbps. Each dslam gets

Re: [c-nsp] LNS Error %VPDN-3-NORESOURCE:

Hi, Hi. Thanks for the reply. What I noticed today was, I tried to authenticate one vrf-enabled l2tp session and one global (no- vrf). The one with VRF can't authenticate. Giving me the error of LNS no resources for user... But the one with no-vrf was able to authenticate

Re: [c-nsp] MQC and PA-A6

Hi -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Marco Marzetti Sent: lunedì 16 aprile 2012 16:13 To: cisco-nsp@puck.nether.net Subject: [c-nsp] MQC and PA-A6 Hello, Simple and plain question: does MQC work

  1   2   >