Hi,
I have issues with applying ACL on 7606s. Most of the time I cannot see
matching packets to the ACL entries and the ACLs are not working as
expected.
For testing
I have two access-lists
Extended IP access list 156
10 permit icmp any any log
20 permit ip any any log
Extended IP
On (2010-09-29 10:08 +0300), sinan akyıldız wrote:
Hey Sinan,
I have issues with applying ACL on 7606s. Most of the time I cannot see
matching packets to the ACL entries and the ACLs are not working as
expected.
Those are software counters, you should see hardware counters in 'show tcam
On Wed, 2010-09-29 at 10:35 +0800, Mark Tinka wrote:
On Friday, September 24, 2010 01:28:24 am Peter Rathlev wrote:
Way to go Cisco. Of course IOS XR isn't really a platform
for serious networking and/or BGP. :-)
What leads you to conclude this?
Just the lack of clarity in documentation
On Wed, 2010-09-29 at 09:30 +0530, jack daniels wrote:
If you don't have overlapping TE tunnels ? what is meaning of this
If none of your MPLS TE LSPs use the same underlying links you will
never have any need for prioritisation, and thus never have any need for
AutoBandwidth.
An example: We
Interestingly, I've tried applying a similar config to a physical
built-in GE port on a lab ASR1k, and I don't see the same issue after
creating 25 sub-ifs, each using two HSRP groups. Therefore, I wonder
whether this is something specific to port-channels on this platform?
Cheers,
Matt
On 28
Hi all,
Is there an easy way to see which iBGP routes are not being selected
due to next-hop not being in IGP?
Before and after IGP route added shown below, note both are marked as valid..
-- BEFORE IGP--
AS5000_LA#show ip bgp
BGP table version is 5, local router ID is 10.0.0.5
Status codes: s
Oliver,
Yes I will open a TAC case then. And yes, I know it would be removed but
not in my case due to mpls traffic-eng auto-tunnel backup timers
removal unused 3600 0.
Ok, thank you for supporting me!!!
-Original Message-
From: ext Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com]
why would we have overlapping TE tunnels ?
On Wed, Sep 29, 2010 at 3:03 PM, Peter Rathlev pe...@rathlev.dk wrote:
On Wed, 2010-09-29 at 09:30 +0530, jack daniels wrote:
If you don't have overlapping TE tunnels ? what is meaning of this
If none of your MPLS TE LSPs use the same underlying
Hi,
just wondering, as we haven't had any of these yet and I don't want to
get surprised if I order one ...
I was looking at the 892 mainly due to the rather high throughput rating
if 50+ MBit/s (compared to ~16MBit on the 870 series). Looks to be nice,
just want to ensure it does handle its
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 28/09/2010 12:38, Alan Buxey wrote:
its trunk failover of link-state tracking. dont seem to have solidified the
name - appeared in IOS 12.2(25) - but has been around in the blade switches
for a little longer...and is in Nexus platform too for
When assigning administratively scoped multicast groups for SSM/Source
Specific multicast usage, what is the appropriate range to use? I know
232.0.0.0/8 is a general SSM range, but is there a subsection that is best
used for administratively-scoped or internal-use only addresses? In the
ASM
Hi,
So if an upstream link on a top of rack switch goes down NLB will
keep the local servers in the hash-pool causing dropped packets for
connections hashing to those servers.
This kind of link state tracking might improve on that by taking
down the links to the servers, too. I didn't test
Hi List,
Apologies if this is hidden in the list somewhere, but I've done a bit of
Googling and can't find too much.. so here goes!
I'm looking at implementing an MPLS VPN over mGRE solution to facilitate
routing instance segregation across multiple, geographically separate sites,
across a
If you are looking to do this for setting the MPLS MTU dynamically then I don't
think this will help as starting with our forwarding infrastructure rewrite in
12.4(20)T (I would need to check to be sure when/if in other code trains) we
lost the ability to set the MPLS MTU on tunnel interfaces.
which IOS?
El 29/09/10 09:08, sinan akyıldız escribió:
Hi,
I have issues with applying ACL on 7606s. Most of the time I cannot see
matching packets to the ACL entries and the ACLs are not working as
expected.
For testing
I have two access-lists
Extended IP access list 156
10 permit icmp
On 2010-09-29 16:14, Garry wrote:
I was looking at the 892 mainly due to the rather high throughput rating
if 50+ MBit/s (compared to ~16MBit on the 870 series). Looks to be nice,
just want to ensure it does handle its switch ports (it has 8 FE-TX
ports) as the 870/880 series does ... I need to
Thanks for the heads up on that.
My 'PE' routers will be 7200-NPE400 FE in/out or ASR1k GbE in/out (and possibly
ISR 3945s if/when the feature is available..) all with standard 1500MTU. Inside
LAN interfaces will be subinterfaces (one per VRF) and outside WAN interfaces
will be access ports
Hi All,
I have a scenario where I would like to perform BGP with my current ISP and
am in need of a Internet Edge router; as currently my ASA connects directly
to them. The IP subnet assignment that I'm using from my provider in my DMZ
will be my provider independent addresses.
My question
If I'm understanding you correctly, the ISP in question should give you a
separate /30 for the interconnect to them. Then you announce your /24 to the
world and do what you want with the space behind your router.
-b
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
You can use private addressing if you like, but your provider can also assign
you a /29 for the segment between your ASA and edge. Try asking them for the
extra allocation.
Sent from handheld
On Sep 29, 2010, at 8:08 PM, Donald Darko donald.dar...@gmail.com wrote:
Hi All,
I have a
Correct...The Edge Internet Router will connect to the ISP with a /30...
But what subnet will I utilize between the Edge Internet router and the ASA
outside interface?
Would't it need to be in my provider independent block?..
On Wed, Sep 29, 2010 at 8:09 PM, Bill Blackford
I guess what I'm looking at is thisIf I bring another ISP into the
mix.
ISP 1 connects to Router1 via a /30 assigned by ISP1
ISP 2 connects to Router2 via a /30 assigned by ISP2
Router1 would then need to connect to the ASA outside interface via a public
IP subnet?
The ASA outside
The outside interface ip of the asa has no requirement to be on net with
anything having to do with your pi addresses whether you are nat'ing on the asa
or not. You could use rfc1918 addresses as suggested by others.
Sent via BlackBerry from T-Mobile
-Original Message-
From: Donald
Sorry, just confused here...
So on the outside interface of the ASA...connecting into the Internet Router
I could use private addresses?
I'd think that I would want my outbound Internet web traffic to be sourced
from my Provider Independant IP subnet. How would that work?
On Wed, Sep 29, 2010
Hi,
I want order Cisco device (Layer 3) with 8 SFP ports, i want RUN BGP
(4-5 fullview) in it.. so i think 512 - 1024 Mb RAM needed.
Device Should be 1U.
Please recommend which device will be optimal for this request?
Regards,
___
cisco-nsp
The address on the asa does not control your source addresses of your protected
hosts. Couple of options, you use your pi space behind the asa exclusively and
not nat with static (inside,outside) pi pi netmask 255.255.255.0 or use pi on
the outside of asa and nat to inside private addresses.
The problem with ICMP frag needed is some apps(read Microsoft) just
flat out fail when frag happens and set the DF bit to be sure it does
not. ICMP frag needed or not they will just fail over and over. They
may have gotten better with this since the last time I cared(somewhere
in between
On 9/29/2010 17:52, Sheremet Roman wrote:
Hi,
I want order Cisco device (Layer 3) with 8 SFP ports, i want RUN BGP
(4-5 fullview) in it.. so i think 512 - 1024 Mb RAM needed.
Device Should be 1U.
Please recommend which device will be optimal for this request?
The obvious choice would
For 8SFPs of the top of my head you are looking at something like an
ASR 1K or 7600.
For 4-5 full route tables 1G wil be cutting it close or just be not
enough. BGP mem usage is hard to gauge as we take a lot of effort to
use pointers to reduce mem usage when prefixes / attributes overlap.
I missed the 1 RU part. I can't think of a platform that will do 8SFPs
in 1RU.
-Ben
On Sep 29, 2010, at 9:44 PM, Seth Mattinen wrote:
On 9/29/2010 17:52, Sheremet Roman wrote:
Hi,
I want order Cisco device (Layer 3) with 8 SFP ports, i want RUN BGP
(4-5 fullview) in it.. so i think 512
On 9/29/10 6:47 PM, Benjamin Lovell wrote:
I missed the 1 RU part. I can't think of a platform that will do 8SFPs
in 1RU.
The most powerful 1U router I can think of is the 7201.
~Seth
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
Mostly I lurk on the list and read and learn. There are so many smart
people on here that even if I don't read the emails every day, I know I'm
getting smarter just having them in my inbox :)
I am looking at a new setup and wondering what is the minimum setup that a
Cat6500 can do IOS/BGP things
If you can compromise the full-views requirement, ME6524-GT-8S has 8
SFP ports and 24 BASE-T ports, ME6524-GS-8S has 32 SFP ports (8
unsubscribed, 24 1:3 oversubscribed).
You could receive full-views and filter them out to fit the reduced
FIB. Device is 1.5U and fits nicely into small spaces. DC
Hi CJ,
On Sep 29, 2010, at 9:23 PM, CJ wrote:
I am looking at a new setup and wondering what is the minimum setup that a
Cat6500 can do IOS/BGP things on IPv6 and IPv4? As long as I am setting up
a new setup I may as well learn how to handle the IPv4 and IPv6 dual battle
of the bits. Can a
34 matches
Mail list logo