Hello,
we've just migrated 100s of users from a c7201 to an ASR1006 running Cisco IOS
XE Software, Version 03.16.03.S.
While everything works well so far, I've noticed that 64bit counters are NOT
present for virtual access subinterfaces (while 32bit counters are ok):
#show snmp mib ifmib
On 2/11/2013 2:56 PM, Eric A Louie wrote:
I just put in this command on my upstream interfaces to help my mpls network
pass traffic - that is, my effort to eliminate fragmentation in my backbone.
Is anyone else using this method of mtu control? I need some support - my CEO
is asking why I have
You should use 15.1(3)S as it has extended support. We run it on a number
of devices with no issues so far.
--
sam
15.1s should be fine.
Sent from my HTC One X
- Reply message -
From: Xu Hu jstuxuhu0...@gmail.com
To: N. Max Pierson nmaxpier...@gmail.com
Cc: Cisco Mailing list
On 5/4/2012 7:07 PM, Lee Starnes wrote:
Hello all,
I have been banging my head against the wall for some time now trying to
figure out why the DSCP bits are being stripped and replaced with 0 on
all packets when coming from a customer connected to one of our ME3400
switches. The switch is not
as it comes in.
Any thoughts on how to alleviate this?
-ML
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Maybe a Cisco employee on list or someone in the know can shed some
light on my inquiry... As my AM/SE won't even bother forwarding my
question to the right person.
Does anyone know if/when a new feature release for the ME3400 will be
out? The last new feature release was in July 2011 and I'm
Has anyone else been looking at this device?
Does anyone know details on the RSP and RAM inside?
Seems like an impressive little box good for an edge device if you
aren't in need of huge quantities of BW. Does anyone know what the
price point is going to be?
On 2/23/2012 4:20 PM, Asbjorn Hojmark - Lists wrote:
I am using GRE on ME3400 with my Core 7600.
...
Any known issue with ME3400 metroipaccess IOS?
GRE (or any other tunnel type) is unsupported on the ME 3400,
regardless of the IOS feature set.
Unsupported Global Configuration Commands
On 2/21/2012 6:13 AM, ar wrote:
It's actually working on ME-3400G-2CS-A.
But this time, I got ME-3400G-12CS-A. And is behaving differently.
But same IOS.
SDM Template maybe? Even though it *should* work without the default
template. It sure complains about routing without it.
On 10/18/2011 4:44 PM, Walter Keen wrote:
If memory serves correctly, an Adran OPTI may be a good choice, if
you're looking to split a OC-3 out into DS-3's or some smaller tdm
denomination. You'd then have to plug those DS3's into a relevant
module for your router. I'm not sure if these have
Dear All,
I am starting a project to implement VRF-lite for some customers,
does anybody know (or have a link to some Cisco documentation) the
maximum number of VRF-lite instances in the different ISR G2 routers
models of Cisco?
Thanks,
Matteo
___
Is there a way to trust DSCP markings on inbound DS1 interfaces that are
part of a SPA-2XCT3/DS0 in a 7600-SIP-200?
There command I was expecting mls qos trust dscp isn't available.
Thanks
ML
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
SXJ appears to have been in the wild for about month. Has anyone been
playing with it? Seen any nasty bugs yet?
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at
Can traffic be rate limited per client on these APs? I'm using a WiSM
on a 6509 running the latest 4.2 code. The policy doesn't need to be
complex. A simple 5/1Mbps policy is all I'm aiming for.
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
On 3/26/2011 7:16 PM, Jeroen van Ingen wrote:
With regard to proxy-arp and CAM table overflow: sorry, but I don't see
that happening, not if we're still talking about CAM in the sense of
layer 2 forwarding tables.
With proxy-arp enabled, a router will reply to any ARP request for
addresses in
Very true. I was thinking from the POV of a L2 switch without a gateway
relying on proxy ARP. Unfortunately I've seen that too many times.
..Which is essentially no different than what you said. I'm thinking of
huge ARP caches.
___
cisco-nsp
On 3/26/2011 9:08 AM, Jeroen van Ingen wrote:
Assuming the DoS attack is routed traffic (since it's in netflow) it
won't cause overflows in L2 forwarding table CAM.
Unless there's a layer2 device downstream from the router.
Not even then. Layer 2 source/dest addresses are rewritten on
On 1/12/2011 8:32 PM, Felix Nkansah wrote:
Hi,
Most cities around the world (like Chicago in the USA) have deployed
wireless mesh networks (operating in the Public Safety 4.9 Ghz band) for
connecting their city-wide surveillance cameras.
Since wireless networks are vulnerable to spectrum
On 1/4/2011 4:56 AM, ma...@linuxgoeroe.dhs.org wrote:
On Tue, 4 Jan 2011 08:57:21 +, Righa Shakerigha.sh...@gmail.com
wrote:
Am looking for a tool that i can use to backup Cisco configurations
with
ease.
The tool could be opensource or commercial.
RANCID has been mentioned a few
On 12/8/2010 6:32 PM, Edward Salonia wrote:
Correct. In older versions of the IOS you were limited to the number of nni
ports but that has changed.
The limit is 4 NNIs in the METROBASE image and unlimited in the IPACCESS
image. There is an ACCESS image in between BASE and IPACCESS it may
Some of them are perfectly fine. You can get something from quality
brands, which are at least as good as 'Cisco' (but still cheaper)...
probably because they are who OEMs the 'Cisco' SFPs.
But other pluggables (the Chinese copies?) really are crap, and in my
experience if you get something
On 11/14/2010 5:13 AM, Grzegorz Janoszka wrote:
On 14-11-10 05:26, Randy McAnally wrote:
For the record, the upgrade from SXF to SXI5 was smooth and painless.
Upgraded standby, failed over, reboot primary, back to SSO.
Please note, according to release notes, you are supposed to upgrade
Looking at the output drops of the interfaces on a WS-X6148-GE-TX module
I noticed the output drops were the same in groups of 8 ports (excluding
non-connected ports). i.e. 1-8,9-16,17-24, etc
http://pastebin.com/kT7XGsVg for those interested.
Is this some sort of architecture artifact?
Hi,
we need to maintain an infrastructure with a central hub and 2000
remote locations that do not require connectivity between each other
but only connectivity to/from the central hub.
Due to the nature of the remote device endpoint we can only use
standard IPSEC tunnels for connecting to the
On 9/18/2010 6:28 AM, Heath Jones wrote:
Hi
Firstly, when you say packet loss, what are you referring to? Is it
just the icmp traffic, or are customers reporting faults with non icmp
traffic or...?
Is the 'internet gateway' the 7609 pictured on the diagram?
Its pretty unlikely, but worth
On 9/18/2010 7:57 AM, Adrian Minta wrote:
http://www.gossamer-threads.com/lists/cisco/nsp/80758
The MDF router has GigE to each 2960. I already checked output queue
drops though. There weren't any with 12.2(50)SE.
___
cisco-nsp mailing list
I'm experiencing some packetloss on a new metro circuit which neither me
or the provider can explain. I've linked a quick diagram of the rough
topology here: http://imgur.com/lXCSC
Our MDF router is a ME3412, IDF Cisco 2960s.
For whatever reason the CLEC couldn't drop off the circuit in the
On 9/6/2010 7:27 AM, Danijel wrote:
Hi,
Also, does anyone have pricing on ME3800X switches? My August price list
doesn't have them (same as with 3600X).
Best Regards,
Danijel
Contact your Cisco AM/SE. It's provided under NDA.
___
cisco-nsp
On 8/31/2010 8:55 PM, Michael Damkot wrote:
sounds like you're missing your boot pointers in the config...
boot-start-marker
boot system disk0:c7600s72033-advipservicesk9-mz.bla-bla-bla.bin
boot-end-marker
True, there wasn't a boot statement (Doh). I also noticed the SP
confreg was 0x0.
I was awoken to find out that a critical node (Aren't they all) had both
PSes with Output Fail red lights. Upon close investigation it looks
as if the Primary Sup stopped working as well, the second SUP720 didn't
take over. When I consoled in I was in ROMMON mode on the second, now
Active,
On 8/21/2010 8:19 PM, Jason Lixfeld wrote:
Suppose a CE is connected to an MPLS network that has 6 hops between the PE
this said CE connects to and the edge of the MPLS network. If a user traces
from behind the CE through the MPLS network, is it possible to hide all the
hops in between?
On 8/16/2010 6:45 PM, Raymond Lucas wrote:
Available now on ME switches... surely only a matter of time before it
(re-)appears on other platforms...
Unfortunately no documentation to go with it yet though.
On 5/11/2010 6:01 PM, Tony Varriale wrote:
I assume you have clients on the router having the issues. Have you
verified you are seeing the IGMP membership report? Another
troubleshooting step is to do a manual join on an interface
(downstream/loopback/whatever) and see what you get.
How
I'm having trouble joining some multicast streams. The upstream router
joins it fine. The upstream has (*,G) and (S,G) in the mroute table.
Downstream doesn't have (S,G). This is a sparse mode environment with a
static RP.
From the router with trouble I can ping the mcast group and get
I setup a GRE tunnel between two locations served by a Comcast business
class cable modem.
Config example. The remote end is the same.
Tunnel73
ip address yy.yy.yy.yy 255.255.255.252
ip mtu 1476
ip tcp adjust-mss 1460
tunnel source x
tunnel destination z
tunnel
On 4/6/2010 3:32 AM, David Hughes wrote:
On 31/03/2010, at 11:25 PM, Brian Turnbow wrote:
Actually there are periodic packets in lcap, depending on what you are
using they can be configured.
IIRC 30 seconds is the default.
Or the OP could enable UDLD in aggressive mode on the ports so
On a typical day my network can have ~500Mbps of multicast traffic
flowing across a GigE cross country long haul circuit. I wanted some
redundancy and I am only able to afford another 100M circuit for backup.
When our primary circuit goes down I can afford to live without some of
the multicast
On 3/16/2010 9:19 AM, Drew Weaver wrote:
No to thread Hijack, but how do you guys handle injecting /32s for
null/blackhole into your upstream providers?
Using a tag on the static route? with a route-map that matches the tag? which
then adds a community?
thanks,
-Drew
*If* your
On 2/18/2010 5:29 AM, Marco Regini wrote:
Hi,
i did some progress on this topic, with the help of ip igmp helper
address.
At L3 my network lab is like this, the vlan/network between 3560 and
3750 is the vlan 100.
Customers_cpe--Cisco3560-|
Customers_cpe--Cisco3560-|
Joe Maimon wrote:
So this happily running router executes a write mem, which archives a
copy to the CF card.
Then it hangs and doesnt come back.
Hard reset of the router doesnt read the CF card and boots the boot
helper instead or just hangs.
ROMMON cant read the CF card, a 256MB. Cant
I'm trying to block a customer from using tcp/25 by filtering inbound on
their circuit. When I check the counters for the ACL they don't
increase and I can see that the customer is still able to use tcp/25
outbound.
ACL:
access-list 143 permit tcp 23.45.67.0 0.0.0.255 host 12.23.45.25 eq
Metalíza wrote:
Peter Rathlev wrote:
On Mon, 2009-11-02 at 17:21 -0500, Ryan West wrote:
We're using a couple of 3560s for PBR with no problems forwarding
100 Mbps+. There's no CPU load from the forwarding itself. We
haven't tried actually pushing it yet but are planning to try
sometime soon.
I've got a customer that *needs* a 1-2 RU router that handles IPv6 in
hardware. I know the 3650/3750 can handle but I only need at most 4 SFP
ports. The ME-3400G-2CS-A is perfect. However I know IPv6 was just
added to this platform. Can anyone confirm the quality of IPv6
functionality on
Dale W. Carder wrote:
On Oct 14, 2009, at 10:03 PM, ML wrote:
I've got a customer that *needs* a 1-2 RU router that handles IPv6 in
hardware. I know the 3650/3750 can handle but I only need at most 4
SFP ports. The ME-3400G-2CS-A is perfect. However I know IPv6 was
just added
Andy Saykao wrote:
We went to 12.2(18)SXF16 and got burnt by a nat bug (BUG id CSCed60335)
that caused our router to continually reboot. Had to down grade back to
12.2(18)SXF11. Not sure if the nat bug has been fixed in 12.2(18)SXF17
yet.
Cheers.
Andy
This email and any files transmitted
else and the attack is ineffective.
-ML
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Lobo wrote:
We're trying to do a custom bgp setup for one of our customers but I'm
not sure if it's even possible with IOS. Our network has its primary
upstream connection in a different city from where this customer will
connect. However each city has its own local internet connection as
Use BugTraq
/sarcasm
I'd settle for a more accurate BugTraq search. BugTraq seems to always
return results for bugs that don't effect my hardware/IOS combination.
Assuming that platforms listed as effected are even accurate.
-ML
Garry wrote:
I was wondering ... has Cisco ever had
people at
Cisco maintain their own separate Makefiles with their own set of
compiler flags. The Compiled by.. line is more useful than you might
think.
-ML
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo
Bracey, John wrote:
I'm wondering if any of you have run across a tool that will audit a cisco
configuration file (or files as the case may be) against a standard template?
We have a configuration file repository and just need to be able to report on
those configs as to compliance with our
I'm about to turn on mls qos for the first time on a 6509E.
I would like some background information from the QoS experts on this list.
Last time I turned on mls qos it was a 3560 which has certain
undesirable defaults when mls qos is turned on. I want avoid the same
result with the 6509
Has anyone on the list tried to perform PBR on the ME3400 while setting
next hop to an IP at the far end of a GRE tunnel?
I was attempting this today and the ME3400 seemed to ignore my PBR
wishes. If the next hop was an IP off a routed port everything was ok.
I had sdm prefer default IOS
Adrian Minta wrote:
Tim Stevenson wrote:
That's not really the critical thing, so much as - you need an IGMP
querier active in the VLAN in order for snooping to work
correctly/reliably. Some applications may behave fine without; others
won't. The key is periodic joins from the hosts are
Mateusz Blaszczyk wrote:
2009/6/2 ML m...@kenweb.org:
With the IOS available today it's apparent that uRPF is only available in
VRFs on the ME3400.
Like some people I've run across, I want uRPF not in a VRF. Has anyone
found a workaround to this limitation?
if you are running vrf
Peter Rathlev wrote:
On Fri, 2009-06-19 at 15:08 +0200, Peter Haag wrote:
I've seen this result from multiple other Netflow tools: ntop, Orion
NetFlow and now nfdump. The only common element is my hardware.
I've exported flows from a 7606-SUP32 and a 6509SUP720-3B both
running 12.2(18)SXF4.
I'm trying to export flows from a 6509 to nfcapd/nfdump.
When I sort by protocol and bytes I see a protocol 0 as the majority
of the traffic.
Top 20Protocol ordered by bytes:
Proto Protocol Flows PacketsBytes
0 0 7.8 M 296.8 M 229.1 G
TCP 6 2.8 M
This is a multi part question please bear with me.
Background synopsis: A large (on the order of millions) of output queue
drops were causing noticeable breakup of multicast video streams.
I learned that the default egress queue size is 160 starting in
12.2.46SE. I upgraded some lab switches,
With the IOS available today it's apparent that uRPF is only available
in VRFs on the ME3400.
Like some people I've run across, I want uRPF not in a VRF. Has anyone
found a workaround to this limitation?
Or should I hold my horses and hope it's in 12.2(52)SE?
Thanks
Using an IneoQuest cricket we've been trying to find out why multicast
video streams are breaking up.
Using an ME3400 as an access device these are our symptoms:
3 x MPEG4 HD streams (8-10MBps each) come through fine.
Add one more stream and the Cricket says we've got problems.
On aggregate
Antonio Soares wrote:
Since you don't have a boot system flash statement in your config, you need a
config-register = 0x2101. This way it will load the
first available image in the bootflash.
Regards,
Antonio Soares, CCIE #18473 (RS)
amsoa...@netcabo.pt
Just recently we had an issue
60 matches
Mail list logo
