Re: [c-nsp] 3750 buffer value per port
0.75MB of ingress buffering is dynamically divided into port buffers/queues, 2 of which are user-configurable. There's 2MB of egress buffering that provides 4 egress queues per physical port. HTH -JJ On Sun, May 17, 2009 at 2:23 AM, Chintan Shah networking.st...@googlemail.com wrote: Hi Guys, Does any one knoq Tx/Rx buffer size per port on 3750 ? We normally allocate buffer by using mls qos with % of total size but i could not find what is size ? ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] network simulator
I'm looking for a (free) network simulator that allows me to simulate a small network (20 switches) with different vlans on it. I want to test different scenario's : what happens if this switch goes down or that link goes down, how do the packets flow in each scenario for the different vlans... Anyone has a good reference to such a product ? Free would be nice but is no absolute condition. Thanks, Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] network simulator
If I understand you correctly you prefer a s/w virtual environment (VM) that can simulate multiple switches; doing trunking (802.1 ?) and switch access ports. Maybe preferably if this was akin to a Cisco switch with its breadth of IOS command; which probably do exist as a proprietary tool for in-house Cisco developers. Well, I've done something similar if not exact to the summary above for a training lab for firewall simulation. Here is my setup: hw: * x86 Dual Xeon 2.6 Ghz / 4Gb RAM / 200 Gb HDD sw: + (Virtualization Sw) Xen 3.3.1 running on CentOS 5.3 + fed (1) 802.1q trunk (with 16 Vlans) from upstream Cisco3750 switch * (16) VMs running Ubuntu 9.04 that acts as end hosts per Vlans and broadcast domain + fed (2) switch access ports * (1) for mgmt of Host VM (CentOS 5.3) * (1) for another guest VM (Ubuntu 9.04) The net effect is that the Xen environment acts like a switch if fed with 802.1q trunk. I'm sure there are more elegant ways of doing what you ask, but this setup works pretty effectively for my needs. Good luck. Regards, Ge Moua | Email: moua0...@umn.edu Network Design Engineer University of Minnesota | Networking Telecommunications Services Holemans Wim wrote: I'm looking for a (free) network simulator that allows me to simulate a small network (20 switches) with different vlans on it. I want to test different scenario's : what happens if this switch goes down or that link goes down, how do the packets flow in each scenario for the different vlans... Anyone has a good reference to such a product ? Free would be nice but is no absolute condition. Thanks, Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Need Help troubleshooting a 6513
Thank you for all the responses and troubleshoot advice but the problem has been taking care of. Special thanks to Arie and the command to power up the module is config t power enable module 5 Just in case anybody else come accross that problem again thanks Arie Renelson On Mon, May 18, 2009 at 10:14 AM, harbor235 harbor...@gmail.com wrote: What type of module is it? Some modules are not supported on all versions of code. More info is needed, IOS version, module type. Is this a SPA module? and are youo running SRB code? If so this is fixed in SRC code. mike On Fri, May 15, 2009 at 2:05 PM, Renelson Panosky panocisc...@gmail.com wrote: Hello list I am configuring a 6513, I've created all my VLANs and assigned them to all my ports however when i do sho vlan i see all my ports except the one in slot 5 but when sho run i can see them with the correct vlan, when i do sho mod here is what i get Mod Online Diag Status --- 1 Pass 2 Pass 3 Pass 4 Pass 5 Not Applicable 7 Pass is that mean the module defective? or the slot is bad ? Any help will be appreciated Renelson ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Netflow tools
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi list, what kind of netflow tools are you folks using to monitor and graph your (especially inter-AS) traffic? Thanks and best regards, Mit freundlichen Gruessen, i. A. Sven Juergensen - -- Fachbereich Netze und Rechenzentren KielNET GmbH Gesellschaft fuer Kommunikation Preusserstr. 1-9, 24105 Kiel Telefon : 0431 2219-053 Mobil : 0170 403 5600 Telefax : 0431 2219-005 E-Mail : s.juergen...@kielnet.de Internet: http://www.kielnet.de Geschaeftsfuehrer Eberhard Schmidt HRB 4499 (Amtsgericht Kiel) PGP details at http://pgp.kielnet.de/sjuergensen/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.10 (Darwin) iEYEARECAAYFAkoRaEwACgkQnEU7erAt4TKTBwCgx5DLVC3VZN/hULA+IAPZWhA/ FR4AnRpCzkgKDL47Ajr/qCw3SygOt41A =rf8u -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] network simulator
Ive used NetSimK before - works pretty slick. Not sure if covers ALL the bits you are looking for but has some pretty decent debugging/tracing. -Jeff -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Holemans Wim Sent: Monday, May 18, 2009 8:20 AM To: cisco-nsp@puck.nether.net Subject: [c-nsp] network simulator I'm looking for a (free) network simulator that allows me to simulate a small network (20 switches) with different vlans on it. I want to test different scenario's : what happens if this switch goes down or that link goes down, how do the packets flow in each scenario for the different vlans... Anyone has a good reference to such a product ? Free would be nice but is no absolute condition. Thanks, Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ This electronic mail (including any attachments) may contain information that is privileged, confidential, or otherwise protected from disclosure to anyone other than its intended recipient(s). Any dissemination or use of this electronic mail or its contents (including any attachments) by persons other than the intended recipient(s) is strictly prohibited. If you have received this message in error, please delete the original message in its entirety (including any attachments) and notify us immediately by reply email so that we may correct our internal records. Midland Paper Company accepts no responsibility for any loss or damage from use of this electronic mail, including any damage resulting from a computer virus. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 3750 buffer value per port
Hi John, Thanks for this info. Do you have any link of Cisco refering same value ? I wasn't able to find the the table for 3750 like what i have for 6500 like this : http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper09186a0080131086.html Regards, CJ. On Mon, May 18, 2009 at 2:22 PM, John Jensen jense...@gmail.com wrote: 0.75MB of ingress buffering is dynamically divided into port buffers/queues, 2 of which are user-configurable. There's 2MB of egress buffering that provides 4 egress queues per physical port. HTH -JJ On Sun, May 17, 2009 at 2:23 AM, Chintan Shah networking.st...@googlemail.com wrote: Hi Guys, Does any one knoq Tx/Rx buffer size per port on 3750 ? We normally allocate buffer by using mls qos with % of total size but i could not find what is size ? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] network simulator
Just found out through google, will give it a try tomorrow. Thanks, Wim Holemans From: Michal Prazenka [mailto:michal.praze...@gtsce.com] Sent: maandag 18 mei 2009 19:35 To: Holemans Wim Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] network simulator Have you tried GNS3? Michal Holemans Wim wrote / napísal(a): I'm looking for a (free) network simulator that allows me to simulate a small network (20 switches) with different vlans on it. I want to test different scenario's : what happens if this switch goes down or that link goes down, how do the packets flow in each scenario for the different vlans... Anyone has a good reference to such a product ? Free would be nice but is no absolute condition. Thanks, Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] CRS-1 MSC 20G card?
Hi, does anyone know what is this CRS-1 MSC 20G card (prod number CRS-MSC-20G_? I understand that they have a MSC 40G with two SPP processors, one per direction (ingress/egress). But there is an option to buy a 20G version of this card. Is this done through licensing or is the 20G card a different HW card alltogether? Thanks, Marlon ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] network simulator
GNS is meant for router simulations, not switch simulations. Although, you can do some stuff with the 3600 series with 16ESW cards. Last time I checked there were some issues testing with spanning tree. Holemans Wim wrote: Just found out through google, will give it a try tomorrow. Thanks, Wim Holemans From: Michal Prazenka [mailto:michal.praze...@gtsce.com] Sent: maandag 18 mei 2009 19:35 To: Holemans Wim Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] network simulator Have you tried GNS3? Michal Holemans Wim wrote / napísal(a): I'm looking for a (free) network simulator that allows me to simulate a small network (20 switches) with different vlans on it. I want to test different scenario's : what happens if this switch goes down or that link goes down, how do the packets flow in each scenario for the different vlans... Anyone has a good reference to such a product ? Free would be nice but is no absolute condition. Thanks, Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Netflow tools
Sven, If you're considering open-source, one option is the flow-tools/FlowViewer combination. Allows you to keep MRTG-like graphs (last day, last week, last month, etc.) for all sorts of traffic flows, including inter-AS traffic. http://ensight.eos.nasa.gov/FlowViewer Joe Sven Juergensen s.juergen...@kielnet.de Sent by: cisco-nsp-boun...@puck.nether.net 05/18/2009 09:53 AM To cisco-nsp@puck.nether.net cc Subject [c-nsp] Netflow tools -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi list, what kind of netflow tools are you folks using to monitor and graph your (especially inter-AS) traffic? Thanks and best regards, Mit freundlichen Gruessen, i. A. Sven Juergensen - -- Fachbereich Netze und Rechenzentren KielNET GmbH Gesellschaft fuer Kommunikation Preusserstr. 1-9, 24105 Kiel Telefon : 0431 2219-053 Mobil : 0170 403 5600 Telefax : 0431 2219-005 E-Mail : s.juergen...@kielnet.de Internet: http://www.kielnet.de Geschaeftsfuehrer Eberhard Schmidt HRB 4499 (Amtsgericht Kiel) PGP details at http://pgp.kielnet.de/sjuergensen/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.10 (Darwin) iEYEARECAAYFAkoRaEwACgkQnEU7erAt4TKTBwCgx5DLVC3VZN/hULA+IAPZWhA/ FR4AnRpCzkgKDL47Ajr/qCw3SygOt41A =rf8u -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] What cisco line cards support DS3 over RJ45 interface
None. A DS3 would be handed off with a pair of coax for all native DS3 interfaces. You would likely need an external transceiver to handle the conversion, assuming there is similar gear on the remote end (I have seen ethernet over DS3 transceivers, requires one on each end, then normal ethernet into it). What protocol is being used on this 'DS3'? -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of nbernad...@gallantsys.com Sent: Monday, May 18, 2009 12:49 To: cisco-nsp@puck.nether.net Subject: [c-nsp] What cisco line cards support DS3 over RJ45 interface Please let me know if you know the cisco line card(s) that support DS3 over RJ45 interface. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] SVI always up !
On Sun, 2009-05-17 at 14:53 +0300, Ibrahim Abo Zaid wrote: That seems it will work but it is applied globally for all VLAN , is there any way to apply it per-VLAN ? Not that I know of no. It can only be per port. Regards, Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] OT: Cisco WAAS Setup Scenario
If the WAE at the head office accelerates traffic going to a spoke site without a WAE, would the traffic be dropped? No If the hub site receives non-accelerated traffic from spoke sites without WAE, would the head office WAE drop the traffic? No Cisco WAAS is also transparent in the sense that accelerator appliances can use auto-discovery to determine whether a peer accelerator is available at the other end of the link. After auto-discovery, a pair of accelerators can auto-negotiate an acceleration policy to be applied to the application flow. If a peer accelerator is not discovered, the application flow passes through unchanged. HTH, Andrew -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Felix Nkansah Sent: Monday, May 18, 2009 3:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] OT: Cisco WAAS Setup Scenario Hi Team, Pardon me for the OT. I want to deploy Cisco WAAS as a proof of concept to a client with several sites connected in a hub-n-spoke topology. I would deploy only one WAE (and a CM) at the hub/head office and one WAE at a selected spoke, in production. I intend on setting the WAEs Inline for simplicity. However, I have some doubts that I hope you could help clear. If the WAE at the head office accelerates traffic going to a spoke site without a WAE, would the traffic be dropped? If the hub site receives non-accelerated traffic from spoke sites without WAE, would the head office WAE drop the traffic? I am concerned because I know the acceleration process utilizes compression schemes which may require decompression at the other site by a WAE. Labbing this up would give me the answers, but I felt I could leverage your skills for quick answers to these :-) Your responses are appreciated. Felix ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] What cisco line cards support DS3 over RJ45 interface
nbernad...@gallantsys.com wrote: Please let me know if you know the cisco line card(s) that support DS3 over RJ45 interface. No such thing. Maybe you could tell us what you're trying to accomplish and we can suggest something. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Config
Alain Camille wrote: My ISP will be maintaining the BGP configuration for my organization.. I need a minimal BGP configuration on my core device that will allow connectivity to the ISP. Looking for some direction. Thanks. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ I'm guessing you didn't bother to look at cisco's website since they have several basic config examples on there. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Config
Alain Camille wrote: My ISP will be maintaining the BGP configuration for my organization.. I need a minimal BGP configuration on my core device that will allow connectivity to the ISP. Looking for some direction. Thanks. Are you connected to a single ISP at a single geographic location? If so it probably isn't worth the effort. If you are connected to multiple ISPs, the BGP configuration may not be so minimal and you'll likely want to engage the services of someone knowledgeable in the field to configure and maintain as needed. Do you have an AS (Autonomous System) number assigned by your regional registry? Do you have portable IP space? If both are no, and you're only connected to one ISP, you almost certainly don't need to run BGP. A simple default route to your ISP will suffice. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Config
http://www.netconfigs.com/tools/bgp.htm Makes it nice and easy. It'll get ya up atleast. No promises after that --chip On Mon, May 18, 2009 at 4:43 PM, Alain Camille alain_cami...@hotmail.comwrote: My ISP will be maintaining the BGP configuration for my organization.. I need a minimal BGP configuration on my core device that will allow connectivity to the ISP. Looking for some direction. Thanks. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Just my $.02, your mileage may vary, batteries not included, etc ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Netflow tools
On May 19, 2009, at 3:05 AM, Werner Detter wrote: we use http://nfsen.sourceforge.net/ nfsen/nfdump is a great open-source tool - I *think* it supports sampling, now (anyone?). Stager is cool, too, though last I checked it didn't support v9 (again, correction welcome; it's dependent upon the flow-tools for collection). The easiest/quickest one to get up and running is probably ntop (it supports NetFlow, in addition to deriving statistics via packet- capture). --- Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Unfortunately, inefficiency scales really well. -- Kevin Lawton ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] OT: Cisco WAAS Setup Scenario
Thanks Andrew. Your response is appreciated. On Mon, May 18, 2009 at 9:00 PM, Tolstykh, Andrew atolst...@integrysgroup.com wrote: If the WAE at the head office accelerates traffic going to a spoke site without a WAE, would the traffic be dropped? No If the hub site receives non-accelerated traffic from spoke sites without WAE, would the head office WAE drop the traffic? No Cisco WAAS is also transparent in the sense that accelerator appliances can use auto-discovery to determine whether a peer accelerator is available at the other end of the link. After auto-discovery, a pair of accelerators can auto-negotiate an acceleration policy to be applied to the application flow. If a peer accelerator is not discovered, the application flow passes through unchanged. HTH, Andrew -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Felix Nkansah Sent: Monday, May 18, 2009 3:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] OT: Cisco WAAS Setup Scenario Hi Team, Pardon me for the OT. I want to deploy Cisco WAAS as a proof of concept to a client with several sites connected in a hub-n-spoke topology. I would deploy only one WAE (and a CM) at the hub/head office and one WAE at a selected spoke, in production. I intend on setting the WAEs Inline for simplicity. However, I have some doubts that I hope you could help clear. If the WAE at the head office accelerates traffic going to a spoke site without a WAE, would the traffic be dropped? If the hub site receives non-accelerated traffic from spoke sites without WAE, would the head office WAE drop the traffic? I am concerned because I know the acceleration process utilizes compression schemes which may require decompression at the other site by a WAE. Labbing this up would give me the answers, but I felt I could leverage your skills for quick answers to these :-) Your responses are appreciated. Felix ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Netflow tools
https://neon1.net/as-stats/ On Mon, May 18, 2009 at 1:05 PM, Werner Detter wer...@trans.net wrote: Hi, we use http://nfsen.sourceforge.net/ Werner _ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- transnet Internet Services GmbH Werner Detter - Netmaster Lilienstr. 3-5 81669 München http://www.trans.net supp...@trans.net ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] OT: Cisco WAAS Setup Scenario
Further to this, Felix, if you decided against inline deployment, you can set up WCCP ACLs that would ensure that only traffic to/from the WAAS-enabled spoke site is redirected at the head-end. i.e. if the spoke site is 192.168.10.0/24, you could have a config like this on the WCCP router(s) at the hub site: ip access-list extended WCCP61-LAN permit ip any 192.168.10.0 0.0.0.255 ! ip access-list extended WCCP62-WAN permit ip 192.168.10.0 0.0.0.255 any ! ip wccp 61 redirect-list WCCP61-LAN ip wccp 62 redirect-list WCCP62-WAN ! interface WANx/x description WAN side ip wccp 62 redirect in ! interface LANx/x description LAN side ip wccp 61 redirect in You can do something similar on the spoke site to ensure that you only redirect and optimise traffic that's come from the specified subnets (or whatever you choose to put in the ACL). Otherwise, everything TCP is redirected, possibly unnecessarily. Yes, it's handled transparently and passed-through, but I prefer not to add extra processing if possible. cheers, Dale On Tue, May 19, 2009 at 7:45 AM, Felix Nkansah felixnkan...@gmail.com wrote: Thanks Andrew. Your response is appreciated. On Mon, May 18, 2009 at 9:00 PM, Tolstykh, Andrew atolst...@integrysgroup.com wrote: If the WAE at the head office accelerates traffic going to a spoke site without a WAE, would the traffic be dropped? No If the hub site receives non-accelerated traffic from spoke sites without WAE, would the head office WAE drop the traffic? No Cisco WAAS is also transparent in the sense that accelerator appliances can use auto-discovery to determine whether a peer accelerator is available at the other end of the link. After auto-discovery, a pair of accelerators can auto-negotiate an acceleration policy to be applied to the application flow. If a peer accelerator is not discovered, the application flow passes through unchanged. HTH, Andrew -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Felix Nkansah Sent: Monday, May 18, 2009 3:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] OT: Cisco WAAS Setup Scenario Hi Team, Pardon me for the OT. I want to deploy Cisco WAAS as a proof of concept to a client with several sites connected in a hub-n-spoke topology. I would deploy only one WAE (and a CM) at the hub/head office and one WAE at a selected spoke, in production. I intend on setting the WAEs Inline for simplicity. However, I have some doubts that I hope you could help clear. If the WAE at the head office accelerates traffic going to a spoke site without a WAE, would the traffic be dropped? If the hub site receives non-accelerated traffic from spoke sites without WAE, would the head office WAE drop the traffic? I am concerned because I know the acceleration process utilizes compression schemes which may require decompression at the other site by a WAE. Labbing this up would give me the answers, but I felt I could leverage your skills for quick answers to these :-) Your responses are appreciated. Felix ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] VLAN translation
Greetings, I have two quick questions. First one is when doing VLAN translation, does the incoming VLAN get used up from the available VLANs on the switch? And the second; is VLAN translation done in hardware on the Cisco 6500? Thanks, Jason ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] WCCPv2 on cat6500/SUP2-MSFC2 (WAAS)
Hi, Is anyone out there running WCCPv2 on cat6500/SUP2-MSFC2 hardware? Does it work properly? Is it supported in hardware? What code are you running? Native or hybrid? How much SP/RP memory and flash do you have? Any noteworthy caveats? :-) Sorry for all the questions. We have a bunch of older SUP2-MSFC2 chassis around and I'm trying to determine if they'll support WCCPv2 for a WAAS deployment (TCP promiscuous; services 61 and 62). cheers, Dale ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] SVI always up !
Hi Peter I tested it and it works -:) thanks for your advice best regards --Ibrahim On Mon, May 18, 2009 at 11:20 PM, Peter Rathlev pe...@rathlev.dk wrote: On Sun, 2009-05-17 at 14:53 +0300, Ibrahim Abo Zaid wrote: That seems it will work but it is applied globally for all VLAN , is there any way to apply it per-VLAN ? Not that I know of no. It can only be per port. Regards, Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ip tcp mss on sup720
hi ibrahim, the issue is that on a 6500 with sup720 AFAIK there is no adjust-mss under the interface...only global... best regards, javier On Mon, May 18, 2009 at 8:17 PM, Ibrahim Abo Zaid ibrahim.aboz...@gmail.com wrote: Hi Javier if you configure it under interface , it will affect transit traffic and i think global will affect locally orginated or terminated traffic and you won't need this best regards --Ibrahim On Tue, May 19, 2009 at 3:42 AM, Javier Liendo jav...@liendo.net wrote: hi, on a cisco router if i want to adjust the tcp MSS from traffic flowing *through* it, i can use the ip tcp adjust-mss under the *interface* in question... in case of a 6500 with a sup720 i have the ip tcp mss *global* configuration command...will this command modify the MSS from the traffic flowing *through* it or only from traffic originating/terminating on it? or both? any help/pointers/experiences will be greatly appreciated... regards, javier ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ip tcp mss on sup720
Hi Javier, The command reference indicates that the ip tcp mss global command is applicable only to TCP sessions terminating on or originating from the local device. The ip tcp adjust-mss interface command was integrated in 12.2(33)SXH. I've confirmed that I don't see it in 12.2(18)SXF5. Are you in a position to upgrade? If not, I assume you are out of luck and will need to look for an alternative option. cheers, Dale On Tue, May 19, 2009 at 11:43 AM, Javier Liendo jav...@liendo.net wrote: hi ibrahim, the issue is that on a 6500 with sup720 AFAIK there is no adjust-mss under the interface...only global... best regards, javier On Mon, May 18, 2009 at 8:17 PM, Ibrahim Abo Zaid ibrahim.aboz...@gmail.com wrote: Hi Javier if you configure it under interface , it will affect transit traffic and i think global will affect locally orginated or terminated traffic and you won't need this best regards --Ibrahim On Tue, May 19, 2009 at 3:42 AM, Javier Liendo jav...@liendo.net wrote: hi, on a cisco router if i want to adjust the tcp MSS from traffic flowing *through* it, i can use the ip tcp adjust-mss under the *interface* in question... in case of a 6500 with a sup720 i have the ip tcp mss *global* configuration command...will this command modify the MSS from the traffic flowing *through* it or only from traffic originating/terminating on it? or both? any help/pointers/experiences will be greatly appreciated... regards, javier ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ip tcp mss on sup720
And even if the command exists, there is no such feature on the PFC AFAIK, so the 6500 would be turned into a 7200... Rubens On Mon, May 18, 2009 at 10:43 PM, Javier Liendo jav...@liendo.net wrote: hi ibrahim, the issue is that on a 6500 with sup720 AFAIK there is no adjust-mss under the interface...only global... best regards, javier On Mon, May 18, 2009 at 8:17 PM, Ibrahim Abo Zaid ibrahim.aboz...@gmail.com wrote: Hi Javier if you configure it under interface , it will affect transit traffic and i think global will affect locally orginated or terminated traffic and you won't need this best regards --Ibrahim On Tue, May 19, 2009 at 3:42 AM, Javier Liendo jav...@liendo.net wrote: hi, on a cisco router if i want to adjust the tcp MSS from traffic flowing *through* it, i can use the ip tcp adjust-mss under the *interface* in question... in case of a 6500 with a sup720 i have the ip tcp mss *global* configuration command...will this command modify the MSS from the traffic flowing *through* it or only from traffic originating/terminating on it? or both? any help/pointers/experiences will be greatly appreciated... regards, javier ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] IPSG and DAI
What is different between IPSG and DAI? How I implemnet in same interface config ? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ip tcp mss on sup720
It is first available in 12.2(33)SRA and 12.2(33)SXH http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_tcp_ps64 41_TSD_Products_Configuration_Guide_Chapter.html#wp1054627 David -- http://dcp.dcptech.com -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Rubens Kuhl Sent: Monday, May 18, 2009 10:28 PM To: Javier Liendo Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ip tcp mss on sup720 And even if the command exists, there is no such feature on the PFC AFAIK, so the 6500 would be turned into a 7200... Rubens On Mon, May 18, 2009 at 10:43 PM, Javier Liendo jav...@liendo.net wrote: hi ibrahim, the issue is that on a 6500 with sup720 AFAIK there is no adjust-mss under the interface...only global... best regards, javier On Mon, May 18, 2009 at 8:17 PM, Ibrahim Abo Zaid ibrahim.aboz...@gmail.com wrote: Hi Javier if you configure it under interface , it will affect transit traffic and i think global will affect locally orginated or terminated traffic and you won't need this best regards --Ibrahim On Tue, May 19, 2009 at 3:42 AM, Javier Liendo jav...@liendo.net wrote: hi, on a cisco router if i want to adjust the tcp MSS from traffic flowing *through* it, i can use the ip tcp adjust-mss under the *interface* in question... in case of a 6500 with a sup720 i have the ip tcp mss *global* configuration command...will this command modify the MSS from the traffic flowing *through* it or only from traffic originating/terminating on it? or both? any help/pointers/experiences will be greatly appreciated... regards, javier ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] network simulator
Dynamips (which is under the hood of GNS3) could be used to emulate IOS switching behavior as long as what you're trying to do is supported on the routers. If you're testing standard spanning tree, Dynamips should be just fine (you'll just configure routers as bridges). OPNET is a great network simulation tool. I've used it years ago and I was deeply impressed. They might have academic or test licenses. You might also want to consider Cisco's PacketTracer: http://www.cisco.com/web/learning/netacad/course_catalog/PacketTracer.html Some other tools are listed here: http://www.idsia.ch/~andrea/sim/simnet.html Best regards Ivan http://www.ioshints.info/about http://blog.ioshints.info/ I'm looking for a (free) network simulator that allows me to simulate a small network (20 switches) with different vlans on it. I want to test different scenario's : what happens if this switch goes down or that link goes down, how do the packets flow in each scenario for the different vlans... Anyone has a good reference to such a product ? Free would be nice but is no absolute condition. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Config
I absolutely agree with Charles ... although not on the provider will give you the necessary details part. I've seen some service providers that were somewhat inadequate in that respect (trying to be diplomatic :). You might find some of the links/videos on my BGP resource center useful: http://wiki.nil.com/BGP The next starting point is Cisco's BGP page: http://www.cisco.com/en/US/tech/tk365/tk80/tsd_technology_support_sub-protoc ol_home.html Hope this helps! Ivan http://www.ioshints.info/about http://blog.ioshints.info/ -Original Message- From: Charles Wyble [mailto:char...@thewybles.com] Sent: Monday, May 18, 2009 11:22 PM To: Alain Camille Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BGP Config This should be provided by your ISP. Lots of BGP docs on the net. if your asking for help on the c-nsp list with an ultra generic topic please please please please get some training and do some reading. Again your provider will give you the necessary details. Alain Camille wrote: My ISP will be maintaining the BGP configuration for my organization.. I need a minimal BGP configuration on my core device that will allow connectivity to the ISP. Looking for some direction. Thanks. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] CEF issue with NAT pool with add-route keyword (NVI)
Hi, I've just encountered a strange problem: SW1__Vlan10 -- Fa0/0__R1__Se0/1/0 -- Se0/1/0__R4 SW1's config is: interface Loopback0 ip address 10.255.8.8 255.255.255.255 ! interface Vlan10 ip address 10.1.18.8 255.255.255.0 ! router rip version 2 network 10.0.0.0 no auto-summary 8--- R1's config is: interface FastEthernet0/0 ip address 10.1.18.1 255.255.255.0 ip nat enable ! interface Serial0/1/0 ip address 10.1.14.1 255.255.255.0 ip nat enable ! router rip version 2 redistribute static metric 1 network 10.0.0.0 no auto-summary ! ip access-list standard SW1_LOOPBACK permit host 10.255.8.8 ! ip nat pool NET188 10.1.188.1 10.1.188.254 prefix-length 24 add-route ip nat source list SW1_LOOPBACK pool NET188 8--- R4's config is: interface Serial0/1/0 ip address 10.1.14.4 255.255.255.0 clock rate 128000 ! router rip version 2 network 10.0.0.0 no auto-summary 8--- - RIPv2 is providing full reachability between all interfaces. - R1 is configured to translate the source IP of packets from SW1's Lo0 IP address (10.255.8.8) to 10.1.188.x - R4 sees the 10.1.188.0/24 route being redistributed by R1: R1#sh ip ro 10.1.188.0 Routing entry for 10.1.188.0/24 Known via static, distance 0, metric 0 Redistributing via rip Advertised by rip metric 1 Routing Descriptor Blocks: * directly connected, via NVI0 Route metric is 0, traffic share count is 1 R4#sh ip ro 10.1.188.0 Routing entry for 10.1.188.0/24 Known via rip, distance 120, metric 1 Redistributing via rip Last update from 10.1.14.1 on Serial0/1/0, 00:00:00 ago Routing Descriptor Blocks: * 10.1.14.1, from 10.1.14.1, 00:00:00 ago, via Serial0/1/0 Route metric is 1, traffic share count is 1 - When telnetting from SW1's Lo0 IP to R4's loopback (10.255.4.4), a connection is established, but it's extremely slow/patchy due to packet loss. - If I send a ping (same src/dst as above), I see output like this: SW1#ping 10.255.4.4 source lo0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.255.4.4, timeout is 2 seconds: Packet sent with a source address of 10.255.8.8 !.!.! Success rate is 60 percent (3/5), round-trip min/avg/max = 8/11/17 ms - If I enable 'debug ip cef drops' on R1, I see output like this: CEF-Drop: Stalled adjacency for 0.0.0.0 on NVI0 for destination 10.1.188.1 CEF-Drop: Packet for 10.1.188.1 -- encapsulation CEF-Drop: Stalled adjacency for 0.0.0.0 on NVI0 for destination 10.1.188.1 CEF-Drop: Packet for 10.1.188.1 -- encapsulation - I've found two workarounds: 1) disable CEF on R1's Se0/1/0 interface: R1#conf t R1(config)#int s0/1/0 R1(config-if)#no ip route-cache cef OR: 2) remove 'add-route' from the 'ip nat pool' statement, and add a static route manually: R1(config)#do clear ip nat nvi trans * R1(config)#no ip nat pool NET188 10.1.188.1 10.1.188.254 prefix-length 24 add-route R1(config)#ip nat pool NET188 10.1.188.1 10.1.188.254 prefix-length 24 R1(config)#ip route 10.1.188.0 255.255.255.0 10.1.18.8 Either workaround restores 'good' connectivity -- no packet loss, no CEF drops evident on R1. Has anyone else seen this behaviour? I'm running: Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(23), RELEASE SOFTWARE (fc1) cheers, Dale ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
