Hello,
with CoPP enabled and flood ping to the RSP720 I don't have higher CPU
utilization than is normal on my box. Without CoPP and ICMP flood
(ping -f -s 1400) the CPU util goes to 90% - 99%.
CPU utilization for five seconds: 96%/21%; one minute: 44%; five minutes: 20%
PID Runtime(ms)
Hi list
According to
http://www.cisco.com/en/US/docs/interfaces_modules/transceiver_modules/installation/note/78_16705.html
the X2 family is missing DWDM transceivers and WAN PHY transceivers.
Does someone know if/when WAN PHY will be available in X2 formfactor?
Or is there a third party that
Hi Folks.
Does anyone know if there is a whitepaper available that describes exactly what
wism module does and work regarding packet flows tunnel setups and so on.
What impact has it on a cat6500's performance.
/Arne
___
cisco-nsp mailing list
The only X2 DWDM optics I have seen are:
http://www.ghipsystems.com/en/Products/X2-en/X2-en.html
Website says: *X2 Modules for 10G-Ethernet, 10G-Fibre Channel, and
OC192/STM-64* so I assume they will work for WAN PHY.
(I have no experience with these, just found them when googling.)
Tim:
On
Hi all,
From the _client_ perspective can anyone recommend any tools/techniques to
debug
Cisco VPN client problems ? (they drive me mad). These are mostly Windows based
clients connecting to a cisco vpn concentrator. I tend to trawl through event
logs
and client vpn logs and really have no real
Hi folks..
We have a couple of customers that are looking to purchase an Internet
connection from us - this will be a BGP feed to each customer as they are
multihomed today etc.
Normally, we would just supply a full table and let them decide what to do
with it. In this scenario, they both
On Tuesday 23 September 2008 08:37:56 Paul Stewart wrote:
Hi folks..
We have a couple of customers that are looking to purchase an Internet
connection from us - this will be a BGP feed to each customer as they are
multihomed today etc.
Normally, we would just supply a full table and let
Have you tried using
debug ip packet or
debug packet with
debug condition interface?
--- On Mon, 22/9/08, Jason Lixfeld [EMAIL PROTECTED] wrote:
From: Jason Lixfeld [EMAIL PROTECTED]
Subject: [c-nsp] debugging all incoming traffic on an interface
To: cisco-nsp@puck.nether.net
Date: Monday,
On Tuesday 23 September 2008 08:37:56 Paul Stewart wrote:
Hi folks..
We have a couple of customers that are looking to purchase an Internet
connection from us - this will be a BGP feed to each customer as they are
multihomed today etc.
Normally, we would just supply a full table and let
0n Mon, Sep 22, 2008 at 06:52:21PM -0400, Jason Lixfeld wrote:
Attaching a access-list 100 permit ip any any log-input to the
interface and/or subinterface via ip access-group didn't show
anything - the interface counters
Curious ... since I dont have the luxury to play with
Thank you ... so really the best solution for us to offer is what we already
do - full table.
Also, since we support a full list of communities the customer has complete
control over when/where they get advertised. Or a simple approach for the
customers would be heavy prepending and low
Paul,
They would need to do two things.
1) AS prepend on the routes they advertise to you, so the AS path is
longer than their path through Cogent. This will force most of their
inbound traffic via Cogent.
2) Local pref setting for routes received from you to make them less
desirable than
On Tue, Sep 23, 2008, Wilkinson, Alex wrote:
0n Mon, Sep 22, 2008 at 06:52:21PM -0400, Jason Lixfeld wrote:
Attaching a access-list 100 permit ip any any log-input to the
interface and/or subinterface via ip access-group didn't show
anything - the interface counters
If I have a SIP-600 in a 7600 and SPA 1 port 10GbE. Lets say I have 5
gig of traffic on the 10 gig card, can I also have a 5 port GeE and
thus oversubscribe the SIP-600?
or will the 5 port card be disabled?
Thanks
//MKS
___
cisco-nsp mailing list
On Tue, September 23, 2008 2:07 pm, Wilkinson, Alex wrote:
Curious ... since I dont have the luxury to play with cisco kit all day
(jack of
trades ...) can someone please give me a quick explanation as to how
creating an
ACL on an interface helps with debugging that interface ?
access-list
On Tue, 23 Sep 2008, Paul Stewart wrote:
We have a couple of customers that are looking to purchase an Internet
connection from us - this will be a BGP feed to each customer as they are
multihomed today etc.
Normally, we would just supply a full table and let them decide what to do
with it.
Hi,
My choice : Inject them a default route ask them to prepend their
prefixes to you
rgs
a. rahman isnaini rangkayo sutan
Paul Stewart wrote:
Hi folks..
We have a couple of customers that are looking to purchase an Internet
connection from us - this will be a BGP feed to each
If you want to only give them a default, they could use static object
tracking to override your default with their own provider. If that
provider drops, the static that's tracked (with an AD lower than BGP)
will go away, and your default would now be used.
Chuck
-Original Message-
IMHO, it's best to offer three options to the customer, full routes, partial
routes, or a default route only. That is, say Here are three possible
configurations, which one do you want?
On Tuesday 23 September 2008 09:13:25 Paul Stewart wrote:
Thank you ... so really the best solution for us
On Monday 22 September 2008 18:59:02 adrian kok wrote:
Hi all
ls any different to setup vlan between catalyst 4000
and 2960?
I need to setup the cisco2800 to have vlan this 4000
switch
ls it easy?
how setup the trunk port in 4000 switch?
I still have CatOS switches in my LAN; they
they both wish to use us as a backup provider and wish to ONLY use
our network if their primary provider (Cogent) is down.
I'm currently doing this with Cogent and another provider. I get
default routes from both and simply prepend my AS a few times on the
backup connection. In your
I have. There are no interface conditions on either of those debug
[ip] packet commands. Also, debug interface doesn't allow me the
option of my ATM interface(s).
On 23-Sep-08, at 9:03 AM, Ozgur Guler wrote:
Have you tried using
debug ip packet or
debug packet with
debug condition
Usually I find that client VPN log along with Concentrator log are enough.
You could try to use Wireshark on the client machine for more detail
information.
Luan
My choice would be full routing tables from both ISP's, the customer to
change his local pref on the backup link. if done correctly his own
address space will not be advertised to the backup ISP as it would be
advertised from the the backup ISP to the client.
When the primary link fails the
Thanks to everyone for all the replies both offlist and onlist... quite a
few of them! ;)
Anyways, we're going to offer all three options to these customers - I want
to put the control in their court which as Stephen and others have
suggested. Then the responsibility is on the customer which
I will be out of the office starting 23/09/2008 and will not return until
02/10/2008.
Please contact Marcus Burbidge x2510 or Peter Smith x6501 for any urgent
issues
**
This transmission is confidential and must not be used or
On Tue, Sep 23, 2008 at 09:23:16AM -0500, James Slepicka wrote:
they both wish to use us as a backup provider and wish to ONLY use
our network if their primary provider (Cogent) is down.
I'm currently doing this with Cogent and another provider. I get
default routes from both and simply
Thanks Bill...
finally, 'down' can mean a lot of things and your customer needs to
figure out if that means 'interface loss', 'loss across cogent' (frequent
occurrence), 'latency spike', etc. in IOS, using IP SLA and a track
object is probably the best way to implement those checks
This is a
what kinda issues are you having ?i've rarely found a problem that
required debugging and all...
regards,
On Tue, 2008-09-23 at 20:27 +0800, Wilkinson, Alex wrote:
Hi all,
From the _client_ perspective can anyone recommend any tools/techniques to
debug
Cisco VPN client problems ?
Paul Stewart wrote:
What is common practice for this scenario? We would still prefer to just
send a full table and put the control into their hands but I'm also
concerned if they will have the technical expertise to accomplish this.. On
their side, what would be common practice? I've been
Thanks Pete yeah, thought that through as well - been there done that ;)
We'll offer them a full feed (well, all three options but I know they'll
want a full feed I believe - that's what they get via Cogent as well) and
then they can control everything - with communities as well on our side.
Hello Alex:
-Original Message-
From: [EMAIL PROTECTED] [mailto:cisco-nsp-
[EMAIL PROTECTED] On Behalf Of Wilkinson, Alex
Sent: Tuesday, September 23, 2008 6:07 AM
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] debugging all incoming traffic on an interface
0n Mon, Sep 22,
Might this help if you get on 12.4(20)T:
http://supportwiki.cisco.com/ViewWiki/index.php/Tech_Insights:Utilizing_the_New_Packet_Capture_Feature
On Tue, Sep 23, 2008 at 10:42:00AM -0400, Jason Lixfeld wrote:
I have. There are no interface conditions on either of those debug
[ip] packet
C'mon Alex. You turn logging on on the client. Worst case you can look up
the error messages on cisco.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Wilkinson, Alex
Sent: Tuesday, September 23, 2008 7:27 AM
To: cisco-nsp@puck.nether.net
Subject:
Hi
Got a client running 33SXH1 in their network. Is SXF still the best
bet for stable mcast? Or are there necessary widgets in SXH nowadays?
It's a pair of 3BXLs with DFC'ed 6708s and 6748.
Merci beaucoup
Christian
___
cisco-nsp mailing list
On Fri, Sep 19, 2008 at 02:45:48AM -0300, Rubens Kuhl Jr. wrote:
Every once in a while one of ME6524 routers starts getting hammered by
one customer or the other... the symptom is that all adjacencies go
down and stay stuck at EXCHANGE phase.
hammered by what?
CPU doesn't go up, and CoPP is
Wilkinson, Alex wrote:
Any hot tips with how to debug VPN clients not being able to connect into a vpn
concentrator (from the _client_ perspective) ?
Yes. Don't mix Vista with Cisco's VPN client.
Justin
___
cisco-nsp mailing list
Hi,
On Tue, Sep 23, 2008 at 04:12:13AM +0100, Mario Spinthiras wrote:
Wouldn't it be a lot wiser to migrate to IOS ? I know this is possible and
I'm sure it's a step forward than anything else. Can anyone shed some light
on the worthiness of migrating to IOS other than the obvious (consistency
Hello All,
Before planning a small deployment I wanted to know if any of you had made
use of GVRP (via GARP) on production Cisco machines. Do they provide the
same result as does VTP?
Regards,
Mario.
http://www.blupenguin.com/
___
cisco-nsp mailing
On Tue, Sep 23, 2008 at 4:40 PM, Rodney Dunn [EMAIL PROTECTED] wrote:
On Fri, Sep 19, 2008 at 02:45:48AM -0300, Rubens Kuhl Jr. wrote:
Every once in a while one of ME6524 routers starts getting hammered by
one customer or the other... the symptom is that all adjacencies go
down and stay stuck
Gert,
Seems they are not planning a special rebuild for this unfortunately.
We are trying to get them to build a engineering special
generally available for TAC if you have a SR open they should
be able to get it.
Sorry...
Rodney
On Mon, Sep 22, 2008 at 09:04:45AM -0400, Rodney Dunn wrote:
Hank,
Every time I've ever worked on this it's microburst.
The only real way to fix it is a hardware forwarding box that
can do packets at line rate gige.
Rodney
On Sun, Sep 14, 2008 at 09:38:26AM +0300, Hank Nussbacher wrote:
At 02:43 PM 12-09-08 -0400, Rodney Dunn wrote:
Rodney,
On a
I am currently investigating using vrf-lite within our company to
support some research requests. I have some hesitation about
maintaining it, though, especially in a smaller enterprise environment
(4 network techs, ~10 branches).
I am comfortable with the technology, but don't want to increase
I am currently investigating using vrf-lite within our company to
support some research requests. I have some hesitation about
maintaining it, though, especially in a smaller enterprise environment
(4 network techs, ~10 branches).
I am comfortable with the technology, but don't want to increase
That's only applicable if you have a lot of process switched traffic
and you see input drops in 'sh int'.
If you do see input queue drops and the throttle count in 'sh int'
is going up you might be impacted by that bug.
Rodney
On Sun, Sep 14, 2008 at 10:21:41AM +0300, Hank Nussbacher wrote:
At
The problem with rate limiters is they will drop critical traffic
(multicast OSPF) alongside multicast garbage from the customers. There
is no hardware CoPP on the path of multicast traffic, so it's up to
the CPU to survive such a flooding.
Rubens
On Tue, Sep 23, 2008 at 6:49 PM, Rodney Dunn
From: Gert Doering [EMAIL PROTECTED]
On the cat4000 (as far as I know), you have no choice - it depends on the
Supervisor version in use. Older ones are catos-only, newer ones are
IOS-only.
Only on the cat6500, you can choose.
Another pointer:
Given the scenario in which the packet has reached the egress PE, how
does the router then determine which VRF the packet is destined for
based on the remaining VPN label? I understand the concept of there
being two labels, an IGP label and a VPN label. I'm just not sure how
the egress PE is able
I know it was possible to configure Cisco CSS devices by posting an xml
file to them. After migrating from the CSS to the ACE module I will need
to do the same thing but I am having problems finding example xml files.
Anyone have anything that I could use to get started?
Robert Teller
Could you guys recommend some good books or other documentation on some
of these BGP best practice methodologies? I am a BGP novice but would
like to get myself more up to speed on BGP kung fu.
I found this current thread somewhat fascinating.
Thanks
Brandon
-Original Message-
From:
Brandon Price wrote:
Could you guys recommend some good books or other documentation on some
of these BGP best practice methodologies? I am a BGP novice but would
like to get myself more up to speed on BGP kung fu.
I found this current thread somewhat fascinating.
That's a tough question to
The classics on BGP are Routing TCP/IP vol 1 and 2 by Doyle and
Internet Routing Architectures by Sam Halabi.
If you understand those, you understand enough to have some BGP kung fu.
On Tue, Sep 23, 2008 at 4:34 PM, Brandon Price [EMAIL PROTECTED] wrote:
Could you guys recommend some good books
On Wed, Sep 24, 2008 at 09:57:12AM +1000, Andy Saykao wrote:
Given the scenario in which the packet has reached the egress PE, how
does the router then determine which VRF the packet is destined for
based on the remaining VPN label? I understand the concept of there
being two labels, an IGP
Try BGP Design and Implementation. It's the new BGP bible.
ISBN: 1-58705-109-5
tv
- Original Message -
From: Brandon Price [EMAIL PROTECTED]
To: Paul Stewart [EMAIL PROTECTED]; Pete Templin
[EMAIL PROTECTED]
Cc: cisco-nsp cisco-nsp@puck.nether.net
Sent: Tuesday, September 23, 2008
2) View the NANOG presentation archives. Several come to mind; I'll try to
compile a list of suggestions, or just browse away.
Search the presentation archive for Smith and BGP. Philip Smith's
BGP tutorials are outstanding.
___
cisco-nsp mailing
Argh worked it out. The VRF is seen if you include the detail in the
command.
PE2#sh mpls forwarding-table detail | begin _44169_
44169 Aggregate 172.16.66.2/32[V] 5752
MAC/Encaps=0/0, MRU=0, Tag Stack{}
VPN route: TEST
No output feature configured
This email and any
It may, however it doesn't appear 12.4 is supported on the 2651.
On 23-Sep-08, at 1:27 PM, Rodney Dunn wrote:
Might this help if you get on 12.4(20)T:
http://supportwiki.cisco.com/ViewWiki/index.php/Tech_Insights:Utilizing_the_New_Packet_Capture_Feature
On Tue, Sep 23, 2008 at 10:42:00AM
Dear All
Is there any tester which can make multiple PPPOE sessions, need to test
radius max limit concurrent sessions, I was searching for a software base
solution for it since last night but I guess there is no software initiate
for this purpose if any one knows either software which can
Earlier switches run CATOS
There is a difference between set base CLIs [CAT 4K] and normal CLIs
commands [2960]
For 2960
Vlan 10
Name engineering
Interface x/x
Switchportt access vlan 10
Or for trunk / Access
Switchport mode access / trunk
For CAT 4K
59 matches
Mail list logo