Hi,
a) i have hostname/password/authentication on dthe L2tp-classm matching the
central site
In some IOS Versions, the password must not be too long
(initally works fine, afer wr and reboot, the cisco7 representation was too
long)
b) starting with some IOS, I had to add
ppp direction
Hi,
i have a pair of N9K-C93180YC-EX running nxos.9.3.1.bin connected with a LACP
port-channel (pair of 100G Links).
I got a pair of N9K-C9348GC-FXP running nxos.9.3.5.bin connect with a
(single-100G Link) LACP post-channel to only one of the above switches.
I finally got more transceivers
Hi,
when looking at amsix peering template, I found that generating of icmp
unreachables shall be disabled.
Is that a good idea? Some say it breaks PMTU
(so I am wondering why this was also present in a pppoe virtual-template
just seen on the list here).
Also, several secure-your-network
> > What is everyones opinion of the 64bit XR?
>
> No particular opinion other than the fact that every new A9K deployment
> here is eXR (64-bit) as new HW doesn't run on 32-bit anymore.
>
> A few things I noted:
> 1b. access to 'admin' CLI context is noticeably slower in eXR, as admin
Hi,
this is a little bit off-topic but perhaps someone solved this already:
Regarding Cisco WLAN-Controllers and CAPWAP Access-points,
I am seeking the snmp way to get the "NAT External IP Address"
shown in the CLI output (and also visiblae in the web-interface):
(Cisco Controller) >show ap
Aloha,
> Howdy,
>
> I had a quick question regarding NXOS, is there any way to run a command
> and have it output numerically only?
[...]
> It would show a normal easily parsed number? For instance the number of
> seconds since the last time the link flapped?
>
> If not are there any
> > I am cleaning up a cisco lac/tunnelswich/lns setup historically grown.
> >
> > Do I need the "vpdn multihop" statement on the final LNS
> > which should only terminate the ppp sessions inside the l2tp tunnels
> > and not forward them based on realm/domain-name/... in my setup?
> Lol,
Hi,
I am cleaning up a cisco lac/tunnelswich/lns setup historically grown.
Do I need the "vpdn multihop" statement on the final LNS
which should only terminate the ppp sessions inside the l2tp tunnels
and not forward them based on realm/domain-name/... in my setup?
One example in cisco's
I would avoid using gig 0/3 and would not bundle it with gig0/[012] .
Gig0/0 0/1 0/2 are marvel SOCs build-in Ports
while Gig0/3 together with the Mangement "Fas"0/0 are on a separate intel
ethernetcontrollerchip
(with gig+(only)fas they try tonot oversubscribe the internal pci bus )
>
Sorry, i think the behaviour is explainable.
You have (I think, on both sides equivalent config)
Two Gig Ports bundled with LACP to that prot-channel.
For that, the switch speak link-local pakets to the neighbor device.
Now , yo build that xconnect and ask to forward link-local pakets to the
> I've been told Merak is very nice... if all you're interested in is "sell
to
> Enterprise customers and make lots of cash".
We asked the sales-person weather that meraki devices can handle ipv6
(as customer traffic) and for the cloudy management access (in an ipv4 free
world)
But they
Thank you for sharing your experience and the concrete example .
Also good to know that I am not the only one trying to filter
up-streams/peerings and of course the customer's traffic.
Sorry for the late "thanks", I had to collect logs and dump
from the 9901 ☹ again,
Hi List,
I would like to filter the incoming IPv6 traffic from upstream and peering
relatively strong like I do it for IPv4
(no martian src allowed,
Traffic on the link to upstream/peerinc allowed,
my and customers prefixes allowed as dst ).
Having link-local addresses will complicate
> On Mon, 4 May 2020 at 12:15, wrote:
>
> > Just my 0.01$
>
> Can I get a refund?
just come and collect a ningi in my shed on Kakafroon Kappa,
but beware the vogon's.
Yes, you'll get a free Pan Galactic Gargle Blaster.
Juergen.
___
cisco-nsp
>[...]
> DC-folks# This STP sucks, let's MC-LAG/VSS everything, ok that sucks let's
do
> TRILL et, al., that sucked let's do VXLAN, wait, how do we do CP-based mac
> learning? Let's do EVPN VXLAN, Oh has anyone reserved VXLAN header field
> that can be used for micro-segmentation?
Hi,
is there an equivalent to IOS "ip local policy route-map ..." on IOS-XR ?
i tried hard to g00gle it but did not get usefull results ,
my search term formulator nose has a cold
Mit freundlichen Grüßen
Kind regards
Veuillez agréer mes salutations distinguées
Met vriendelijke groet
> So i did continue and no it is 99-100% full, "install add source ..."
> works but "install activate ..." aborts.
>
> I do not have "userfiles" on it, i did but the ios,tar,smu's onto "harddisk:"
> .
> I did not find any hint how to make space there, i tried
>
> "clear configuration commits
Thanks fort he flowers, Aaron!
Now i got stuck in those patches called SMU.
Not only the mentioned time-consuming (each reload takes 15..20 minutes) is
boring,
But after installing most of the SMUs and ony 5..7 remaining from the bunch of
80+-5 SMUs,
the X device tells me on its console
Hi, i got some help from TAC on this,
So i manged the upgrade (but the patches "SMU"s are still waiting)
Here is a (not really) short summary of the steps i did
(may be thats not the optimal/fastes procedure):
1. i have working serial console access (115200-8N1)
2. i have an
Hi,
the asr9k series is quite new for me, so sorry for asking silly beginners
questions.
i found a box with an asr9901 in my office.
It is loaded with IOS-XR x64 6.5.2 .
Cisco-download recommends 6.5.3 ,
so i downloaded that several Gbyte .
(or should I use 6.6.x ?)
I was seeking
> > Also - the only other place you might see it is on a 8xx series
> router.
>
> Yes, for example in Cisco 891, which has a 1GigE WAN port:
> https://i.ebayimg.com/images/i/112239287188-0-1/s-l1000.jpg
>
>
> In summary, if GigabitEthernet0 is not the only GigabitEthernet port,
> then it is
Hi,
i got two ethernet-links,
- one between me-3800'x and
- one between me-3800 and asr920.
They have been created doing mpls-xconnect's.
Connecting my own "CE2.0" CPE's,
- on the first link, my OAM's find their way, everything OK.
- On the Circuit with the asr920, the OAM's don't come out
How many physical interfaces/ports?
A c891f could be sufficient...
Jürgen.
-Original Message-
Dear experts,
a customer of mine as an old C7200 acting as DHCP server and wants to
replace it with an IOS device in order to port configuration 1:1.
He asked for a solution which is not so
802.3-2008 40.4.4 says:
Implementation of an automatic MDI/MDI-X configuration is optional
for 1000BASE-T devices.
Just downloaded 802.3-2012 from the IEEE,
In Section3 40.8.2 (p269) explains, or tries to.
There is also the pinout for the two Variants, (incompatible to 10/100baseT
Xover).
Hi all
Can I control the session timeout via CLI ? i.e. I want each
PPPoE session to be disconnected automatically after for example 24
hours?
Yes We Can:
!
int dialer 3
! ...
encapsulation ppp
dialer pool 2
dialer-group 1
dialer idle-timeout 0
dialer persistent
no cdp enable
Thanks for the reply
U mean the timeout absolute 1400 0 , for example for 24 hours it should be
1440 ?
Yes, you got it J !
It is timeout absolute minutes seconds ,
1day = 24 hours = 24*60 = 1440 minutes plus 0 seconds.
___
cisco-nsp
Many of those devices do think that the WAN Ethernet is
Bit-transparent, not paket-oriented, unlimited MTU...
In Reality, those EthernetLinks are MTU-Limited, often with an
EthernetMTU
of just 1500 or sometimes plus 1 or 2 VLAN Tags. Full-Stop.
No Space for Additional information,encryption
Hi,
On an l2tp multihop broadband dialin environment,
I would like to overwrite the NAS-IP-address (attribute 4)
tunneled somehow inside L2TP from the carriers first
Broadband-router showing up in my LNS'es radius-requests
to reflect _my_ border-gateway not _theirs_ .
I found a way to override
The generated hot air is good for
drying the laundry in my cellar.
I was first unsure wether the air-humidity would harm,
but my home-servers still survive.
The depth of my rack is ok (HP/Compaq)
but it was hard to find one less than 1,8 m .
Boing...Ouch my head...allways duck when going thru
Things will get worse if they start to solder
crytoprocs with mask-programmed vendor-signed certificates
into the gbic/sfp/.. instead of the serial eeprom.
Also the real-time clock helps to limit the lifetime of
devices to just a little longer than warrenty time.
show transceiver lifetime
As someone else had suggested, the NPE-G2 is good too, but if you
need
to support more PA's (especially non-Ethernet, which tax the fabric
less), it's not that scalable.
I meant the 7201, of course (which is, essentially, an NPE-
G2 with an extra Gig-E port).
Mark.
But that extra
That are good news,
since 720x seem to be EOL etc.
So with supported Hardware for the next years,
replacement for the 7206VXR/NPE400 G1 G2 or 7201 7301
may be either ASR or 3925E .
But what happens with traffic which needs to be fragmented?
How does the 29xx 39xx perform?
From the 870's I know
Hi,
I would tend to use the compact two power-supply 7201,
instead of putting an (equal expensive) NPE-G2 into and old
Chassis, but isn't all that hardware EOL ?
NPE-G1 _was_ fine until they started to die one-by-one
out of the blue.
Had seen 2821 with just 3 BGP sessions, everything very slow,
Hi, this looks like a CPE-device
With static IP-adresses and routing.
You may really want to set ip tcp adjust-mss 1280
on _both_ your WAN and your (probably natted) LAN (L3) Interfaces.
(_both_ sides, yes !)
This will help you in most cases with
MTU restrictions on
- your link
-
- ensure you HUB will be DR by setting ospf priority on the interface level
probably you which set this to zero on the spokes or a very low value.
- correct the network statements,
i think it should read network 192.168.123.0 0.0.0.255 area 0
for the FR-interface , using the
How do I change the dynamic time out ?
For example:
ip nat translation timeout 60
ip nat translation tcp-timeout 60
ip nat translation udp-timeout 30
ip nat translation finrst-timeout 10
ip nat translation syn-timeout 10
ip nat translation dns-timeout 30
ip nat translation icmp-timeout 10
What is the best approach here? Stick with this NAT solution described
above? Something completely different to separate two networks behind
the same router?
To avoide the hide nat of your vlan5 so you can see the true src-ip,
you may try to use reflexive access-lists to temporarily allow
the
Hi,
It depends on the mode your telnet is working:
If it's sending LINE-by-LINE, then you will see fewer pakets and bytes,
and longer contents (for example, your password sent in clear thru telnet
protocol)
will cause bigger packets, or even more of them if contents does not fit
into one.
But
Hi, I am not too familiar with IOS XR but with normal IOS,
(carefully) setting the ospf cost
helps to avoid load-balancing thru equal-cost
(but not equal bandwidth) paths to create an main/backup scenario:
!
interface Bundle-Ether2
ip ospf cost 4
!
Hello,
We are trying to change the
Get a special device for this kind of problem,
for example
www.knipex.com
Products Cable and Wire Rope Shears Cable Shears
95 26 165 Cable Shears with opening spring
EAN 4003773069980
Hi I was wondering if I can avoid switching loops without turning on
spanning tree ?I have two
So is there anything I am missing? Is there any good documentation on
what information forwarded DHCP requests have by default or what things
I can add (besides the quite useless port number where the request came
in)?
Look at
On Thu, Mar 07, 2013 at 02:11:16PM +0200, M K wrote:
Hi all
What smaller Cisco device that supports DHCP option 82
ip dhcp relay information option
To enable the system to insert a Dynamic Host Configuration Protocol (DHCP)
relay agent information option in forwarded BOOTREQUEST messages to a
Hello!
Thanks for you response.
As I know MSTP does not send MSTI's information in separate BPDUs, this
information is piggybacked into the IST's BPDUs using special M-Record
fields.
They are all send UNTAGGED.
They may be filtered (bpdufilter enable) or Carrier-Eqiupment may be
configured
Hi,
Maybe a
(no) ip dhcp vrf connected problem ?
see https://supportforums.cisco.com/message/631964#631964
vrf in debug output is VRF_Guest and does not find an address-pool
so you should define one...;
but your config-example's vrf is named Guests
-Ursprüngliche Nachricht-
-Ursprüngliche Nachricht-
Von: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun...@puck.nether.net] Im Auftrag von Darren O'Connor
Gesendet: mercredi 10 octobre 2012 17:53
An: cisco-nsp@puck.nether.net
Betreff: [c-nsp] 7200 npe-g2 lacp
I can see this platform supports
Hi,
Is there a general problem with Cisco and DHCP? Did get a lot of SA's
regarding DHCP and nearly any OS!
Just starting at IOS 12.5 aehm 15.0 ,
They claim that the 12.0 12.2 12.3 12.4 based releases are not affected.
Juergen.
___
cisco-nsp
Hi,
L2tpv3 does not work well with the embedded switch-ports on the 870/1800
Routers since they tend to collect the stp/dot-q/.. pakets.
With 1812 and the two real Fastethernet ports,
Stp and also full-ethernetframe including dot-q tags get transmitted.
So I used one of the switch-ports in
Hi,
L2tpv3 does not work well with the embedded switch-ports on the 870/1800
Routers since they tend to collect the stp/dot-q/.. pakets.
With 1812 and the two real Fastethernet ports, Stp and also
full-ethernetframe including dot-q tags get transmitted.
So I used one of the switch-ports in
Hi,
it isn't quite that easy. Never heard before about the diverse-path feature on
Cisco for RRs, but looking at your link it looks like to have this probably
limiting restriction in most setups:
'Path diversity is configured within an AS, within a single RR cluster. That
is, the RR will
Depending on the network and the hardware(buffer space) output drops start at
15-20% of linerate traffic. Hardware buffers on lower end switches are usually
very low, so output drop happen very often.
One of the main problems leading to micro bursts (leading to buffer related
output drops) is
50 matches
Mail list logo