On Sun, Oct 05, 2008 at 04:03:55AM -0700, Steven Mark wrote:
Does anyone know if modifying ACLs (RACL/VACL) that are applied
to an interface will cause any traffic disruption?
Depends on how you do it and what you call traffic disruption.
If you append to the ACL while it is still applied to
On Sun, Oct 05, 2008 at 06:24:12PM +0200, Gert Doering wrote:
On Sun, Oct 05, 2008 at 08:21:40AM -0400, Ed Ravin wrote:
If the router doesn't complain about syntax
problems, the script then removes the original ACL from any interfaces
it is applied to and applies the test ACL
On Sun, Oct 05, 2008 at 12:37:34PM -0600, Matlock, Kenneth L wrote:
If you have an access-list on an interface, and that access-list
didn't exist then it got interpreted as a 'permit ip any any'. As
soon as you add the first line of the ACL, it then becomes a default
of 'deny ip any any' after
On Thu, Apr 10, 2008 at 01:36:33PM +0200, Andre Beck wrote:
Ok, so what's common in *all* these cases is the NPE225. Exactly what
I fear is the culprit.
I guess I should pull the NPE-225 out of my 1750 that was also experiencing
the problem?
I thought the common factor was the
On Tue, Apr 08, 2008 at 08:36:57PM +0200, Andre Beck wrote:
Hi Jon,
On Tue, Apr 08, 2008 at 10:35:36AM -0500, [EMAIL PROTECTED] wrote:
Is it possible that your interface is getting wedged?
http://www.cisco.com/en/US/products/hw/iad/ps397/products_tech_note09186a0
0800a7b85.shtml
The story so far:
On Sat, Jul 15, 2006 at 05:23:20PM -0400, Ed Ravin wrote:
A few times on this list, people have discussed how a Cisco 1700 series
router can suddenly freeze up on its main Ethernet interface. The
problem as I've observed it hits routers that have a single Ethernet
interface
On Mon, Apr 07, 2008 at 10:10:38AM -0400, Ed Ravin wrote:
The story so far:
On Sat, Jul 15, 2006 at 05:23:20PM -0400, Ed Ravin wrote:
A few times on this list, people have discussed how a Cisco 1700 series
router can suddenly freeze up on its main Ethernet interface. The
problem as I've
On Wed, Mar 12, 2008 at 11:31:22PM -0400, Jason Berenson wrote:
We have 3 7206's used as edge routers. PA-MC-T3 in from our DAX and
ethernet out to our transport. So there are a few adjacencies along
with iBGP and eBGP. It seems like the router that goes down (flaps
OSPF/BGP instance 1)
On Tue, Jan 29, 2008 at 09:03:42AM +0100, Gabor Ivanszky wrote:
I did some research in different OSPF literature, and couldn't find any
solution for the following simple-looking issue:
Let's assume you have a broadcast multi-access network(e.g. ethernet)
with a subnet living on it, and
On Mon, Jan 28, 2008 at 12:22:51PM -0800, Joseph Jackson wrote:
Myself and a coworker are trying to get together a list of the top ten tools
any network engineer shouldn't be without. We're looking for vendor neutral
tools. So what do you all think are the most haves?
I recently discovered
On Tue, Jan 08, 2008 at 01:38:44PM +0300, Rivo Tahina RAZAFINDRATSIFA wrote:
Hi all,
I do traffic shaping on a 7206 box, eg:
a: 10Mbps for one class
b: 15Mbps for another class
c: 20Mbps for another class
If c: only use 10Mbps, how can I share it to a: and b:?
How can I monitor (graph)
On Tue, Dec 18, 2007 at 09:01:50PM -0500, Tuc at T-B-O-H.NET wrote:
I'm basically looking for something I can run on Unix and
give me a curses view of IPs I give it to ping at the same time.
You could use Mon:
http://mon.wiki.kernel.org/index.php/Main_Page
The server component will do the
On Wed, Oct 31, 2007 at 06:17:04PM +0200, Tassos Chatzithomaoglou wrote:
So, I'm looking for something that snoops the arp/ip packets,
creates an ip-mac table and if an ip stored in this table appears
with a new mac, then report an error. Is there such a feature on
a switch (or router)?
I
On Wed, Sep 26, 2007 at 12:58:42PM -0500, neal rauhauser wrote:
Yesterday we cooked a POS card in a 7507 and the customer has just had
it with stuff breaking at 0200 and learning about it at 0900 via fifty angry
customer messages.
The failure modes we see are not simple link up/down
On Wed, Sep 26, 2007 at 09:39:38AM +0200, Daniel Suchy wrote:
There's addon for Cacti doing this.
See http://forums.cacti.net/about12485.html
Also for Cricket (genDevConfig and its predecessor genRtrConfig):
http://acktomic.com/?p=4
___
cisco-nsp
On Wed, Aug 29, 2007 at 12:30:41AM -0500, neal rauhauser wrote:
Is it a WIC-1DSU-T1? And you need a WIC-1DSU-T1-V2 for the
18xx/28xx/38xx series ... if it came out of an older router this is
likely the case.
Thanks, that's exactly what happened. Luckily, we have a 1700 router
We just stuck a WIC-1DSU-T1 removed from service on a different
router into a 2801. The router says this upon bootup:
%CFG-3-CARD_NOT_SUPPORTED: Slot 3: Unrecognized cookie format for card!sslinit
fn
The version info is:
Cisco IOS Software, 2801 Software (C2801-ADVSECURITYK9-M), Version
On a 7513 router running 12.0(S), we're running rather low on memory.
Yes, I know of the futility of fitting two full Internet feeds into 256M,
and I'm working on that, but in the meantime, this looks weird:
Router# show proc mem | inc Hold|BGP
PID TTY Allocated FreedHoldingGetbufs
On Tue, Aug 21, 2007 at 07:10:08AM +0200, Oliver Boehmer (oboehmer) wrote:
Ed Ravin wrote on Tuesday, August 21, 2007 3:29 AM:
On a 7513 router running 12.0(S), we're running rather low on memory.
Yes, I know of the futility of fitting two full Internet feeds into
256M, and I'm working
On Tue, Jun 26, 2007 at 02:01:37PM +0100, Steve Wright wrote:
Hi all,
We have a number of dial in platforms (PSTN, ISDN, xDSL) and we recently
changed our radius servers.
Since then, every now and again we are seeing a stuck per-user static route;
ie they login on one device, get their
On Wed, Jun 20, 2007 at 08:49:49AM -0400, Jason Plank wrote:
Totally agree. Rancid gives you what you need based on your requirements
below. At my last place of employment we went away from Cisco works and
towards rancid. Good stuff.
I agree, but with one reservation - RANCID's default
On Fri, Jun 01, 2007 at 10:11:16AM +0300, John Kougoulos wrote:
my preferred method is to upload the acl with tftp, ofcourse with the
first line permit tcp any any established
...
Gert Doering wrote:
But usually you're dead in the water as soon as you copy-and-paste a
new version of the ACL
On Thu, May 24, 2007 at 05:26:01PM +0300, Tassos Chatzithomaoglou wrote:
I was wondering
Is there a way to display the x last lines of the log of a router (through
the cli) ?
Like the CatOS sh logging buffer -x is doing.
Or like the Unix tail command? Apparently not. But here's
On Fri, May 18, 2007 at 11:57:49AM -0500, Dan wrote:
Anybody have any recommendations on what kind of syslog server to use?
I'm happy with syslog-ng (version 1.6.11, haven't migrated to the 2.0
series yet). It can automatically rotate the file name of the log file
by the current date or lots of
I have an elderly 7200 NPE-225 box on my network that has no problem handling
normal traffic, but every now and then someone sends a DoS attack
in its general direction and the poor thing is unable to do anything
useful until we throttle the attack further upstream.
We don't have the spare cash
On Fri, May 11, 2007 at 05:04:25PM +1000, Brad Henshaw wrote:
Ed Ravin:
I have an elderly 7200 NPE-225 box on my network that has no
problem handling normal traffic, but every now and then
someone sends a DoS attack in its general direction and the
poor thing is unable to do anything
On Thu, May 10, 2007 at 12:04:42PM +0200, Dennis Breithaupt wrote:
Hello people,
It seems, that I've either misunderstood the concepts of getting
qos-stats out of a c7200 :) or that there're some other problems with
that. Anyway, I kindly request any hints, that may help here :)
On Mon, Apr 30, 2007 at 01:24:02PM +1000, Skeeve Stevens wrote:
Is this not a valid way to do HSRP to an upstream? Is there
something wrong with this methodology? Is there some configuration in the
HSRP or BGP that I have missed?
Yes, Yes, and Maybe. I'm guessing that the HSRP IP
On Thu, Apr 26, 2007 at 03:24:53PM -0400, Paul Stewart wrote:
Hi folks...
I'm trying to bring up a pair of new OSPF connections and can't figure this
out.. we do these connections all the time so scratching my head
Cisco has a very nice troubleshooting document on OSPF neighbor problems:
On Tue, Apr 10, 2007 at 06:31:48PM -0400, David Coulson wrote:
We've had good success with the Netgear GSM7328S switches. 1U (but
pretty deep) with 24 10/100/1000 ports (4 SFP ports) and lots of L3
features (OSPF, VRRP, Dot1q, etc). Probably sub-$2k if you buy it from
the right place. We
30 matches
Mail list logo