Re: [c-nsp] MPLS - collapsed P PE
harbor235 wrote: Is anyone out there utilizing a collapsed P/PE in thier MPLS networks? Yes. Every router in our network is a PE, though we an run enterprise rather than SP-size network (it is more like SP than enterprise in architecture though). Do you regret deploying the architecture and what are the problem areas if any? No regrets, no problems. We've a relatively small routing table and almost all of the CE adjacencies are connected subnets rather than dynamic routing neighbours. In that situation, separate P buys you nothing, and the rest of our network architecture doesn't need it. I assume it's a dollar issue and as long as you have minimal PE to CE aggregation this is the way to go. However, if you need to scale this solution then the price per CE port can get costly on the single platform. Adding PE is cheaper than adding a P !! Can you migrate to a seperate P and PE easily ? thanx Mike ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] MPLS - collapsed P PE
On Wednesday 02 December 2009 03:25:50 am harbor235 wrote: Is anyone out there utilizing a collapsed P/PE in thier MPLS networks? We have a number of these, particularly in smaller PoP's. We have designated specific key locations in the business district or country as major core PoP's. These have P routers as well as some others to support customers and production services. In smaller PoP's, we deploy collapsed P/PE boxes that haul back to our P routers. It's a design that works well, doesn't break the bank, and can easily be upgraded if a P function needs to be separated from the PE function, in the future. Do you regret deploying the architecture Nope! and what are the problem areas if any? None, it just works. Again, the architecture is such that the functions can be separated at any time, if needed. I assume it's a dollar issue... Yes. No use having a CRS-1 next to an ASR1002 in a small PoP just to serve customers there, when you can get an ASR1006 and use it for both functions, if you don't need to push more than 20Gbps of aggregated capacity :-). and as long as you have minimal PE to CE aggregation this is the way to go. Like Pshem, all our P/PE-based PoP's aggregate customers on regular Ethernet switches purely forwarding on Layer 2 Ethernet alone. 802.1Q trunks + LACP give you uplink capacity and redundancy. You can take this one step further and include aggregation in your P/PE setup, but this means a slightly bigger box, which may or may not make sense, e.g., Juniper's new MX80 vs. Cisco's 7604 vs. Brocade's NetIron CES/CER 2000, depending on the depth of your pockets and how important the PoP is. Cheers, Mark. signature.asc Description: This is a digitally signed message part. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Level3 Routes - sizing up an edge device
Hi Graha, We are currently seeing 297902 routes from L3. Cheers, Jeff -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Graham Wooden Sent: Tuesday, December 01, 2009 9:09 PM To: cisco-nsp Subject: [c-nsp] Level3 Routes - sizing up an edge device Can anyone tell me what the current 'local routes' count is from Level3? As I am patiently awaiting my turn up of my Level3 connection, I want to make sure I size up a good edge router handling their routes plus a less-preferred default. Thanks, -graham ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VPN Tunneling question
Seems like my other email on Sunday (hairpinning VPN client) probably answered this as well. In this case, already have the 525 with the v7.x code on it. -graham On 11/29/09 10:52 AM, Graham Wooden gra...@g-rock.net wrote: Hi all, I am bringing up a new remote location that is currently being served by a DSL line. This site will ultimately be served with my own PtP solution, but in the time being and to help with the migration, I want to deploy a routable subnet at the location using a VPN solution between two PIX firewalls. I drew up a diagram depicting this, and can be found at: http://www.iamforeverme.com/VPN_Issue_diagram.pdf Other than the some routing statements that need to be put in at my edge and core routers, anything I need to do on the main site's firewall to facilitate traffic coming in/out on the outside interface? The 525 is currently running v7.0.2. I was thinking about doing a GRE tunnel but since I have an extra 506e (v6.3.5) that I would just use that and do a IPSEC tunnel to my 525 at my main site. I want all the traffic at the remote site to transverse the VPN tunnel, since it's source addressing will be a public subnet originating at the main site. Seems like a common setup, no? Any thing else I need to consider? Thanks all, -graham ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] menu at cisco with arguments
Hi there, is possible to create menus in the Cisco IOS and ask for an argument? I would like to see is there any option to see something like this in the IOS: - 1 - Ping Select option: 1 Enter IPv4 address to do ping: - Regards. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] menu at cisco with arguments
Hi, There are a couple of ways of doing this with IOS, including Embedded Menu Manager and writing a tcl script. The Embedded Menu Manager has an XML based language to setup the menu and it is very flexible, only problem I could see being that it wasn't available in all IOS feature sets I tried. Regards, Eddie On 2 Dec 2009, at 14:26, luismi wrote: Hi there, is possible to create menus in the Cisco IOS and ask for an argument? I would like to see is there any option to see something like this in the IOS: - 1 - Ping Select option: 1 Enter IPv4 address to do ping: - Regards. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Synetrix Holdings Limited Tel: +44 (0)1252 405 600 www.synetrix.co.uk Synetrix (Holdings) Limited is a limited company registered in England and Wales. Registered number: 0349 1956. VAT number: GB776 1259 07. Registered office: Synetrix House, 49-51 Victoria Road, Farnborough, Hampshire, GU14 7PA. IMPORTANT NOTICE: This message is intended solely for the use of the Individual or organisation to whom it is addressed. It may contain privileged or confidential information. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you should not use, copy, alter, or disclose the contents of this message. All information or opinions expressed in this message and/or any attachments are those of the author and are not necessarily those of Synetrix Holdings Limited. Synetrix Holdings Limited accepts no responsibility for loss or damage arising from its use, including damage from virus. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] menu at cisco with arguments
This is the config guide for EMM: https://ciscosales.webex.com/ciscosales/k2/j.php?ED=128360782UID=120573 6437RT=MiMyMw%3D%3D Arie -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of eddie.lind...@synetrix.co.uk Sent: Wednesday, December 02, 2009 16:39 To: asturlui...@gmail.com Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] menu at cisco with arguments Hi, There are a couple of ways of doing this with IOS, including Embedded Menu Manager and writing a tcl script. The Embedded Menu Manager has an XML based language to setup the menu and it is very flexible, only problem I could see being that it wasn't available in all IOS feature sets I tried. Regards, Eddie On 2 Dec 2009, at 14:26, luismi wrote: Hi there, is possible to create menus in the Cisco IOS and ask for an argument? I would like to see is there any option to see something like this in the IOS: - 1 - Ping Select option: 1 Enter IPv4 address to do ping: - Regards. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Synetrix Holdings Limited Tel: +44 (0)1252 405 600 www.synetrix.co.uk Synetrix (Holdings) Limited is a limited company registered in England and Wales. Registered number: 0349 1956. VAT number: GB776 1259 07. Registered office: Synetrix House, 49-51 Victoria Road, Farnborough, Hampshire, GU14 7PA. IMPORTANT NOTICE: This message is intended solely for the use of the Individual or organisation to whom it is addressed. It may contain privileged or confidential information. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you should not use, copy, alter, or disclose the contents of this message. All information or opinions expressed in this message and/or any attachments are those of the author and are not necessarily those of Synetrix Holdings Limited. Synetrix Holdings Limited accepts no responsibility for loss or damage arising from its use, including damage from virus. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] VWIC-2MFT-E1 issue on 2621
Hello Gents, I have a 2621 with VWIC-2MFT-E1 module. In sh ip int br under the serial interface I have protocol status reset. Under show controllers E1 I have Receiver is getting AIS but on the transmission equipment I see an error loss of signal which indicates problem with the patch. The field engineer checked the patch, looped it and the port went up but as soon as we connect it back to the ADM it goes to reset. Regards, Kamen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 2821 spurious reload
From the 'sh stack' you posted offline it *appears* that this may be a result of: CSCsv85009 fixed in 12.4(22)T2. I didn't spend a lot of time analyzing it but the code tracebacks you sent me offline match up pretty closely. Rodney Rodney Dunn wrote: Post a 'sh stack'. Rodney Pete Barnwell wrote: I've had a 2821 reload unexpectedly -sh ver shows a bus error as below Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(22)T1, RELEASE SOFTWARE (fc5) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Thu 26-Feb-09 19:47 by prod_rel_team ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1) uptime is 1 hour, 7 minutes System returned to ROM by bus error at PC 0x4224F26C, address 0x1E at 18:56:16 GMT Mon Nov 30 2009 System restarted at 18:43:38 GMT Mon Nov 30 2009 #sh region address 0x4224F26C Address 0x4224F26C is located physically in : Name : text Class : IText Media : R/O Start : 0x4000F000 End : 0x43F7 Size : 0x03F71000 This suggests to me hardware rather than software from Googling? The routers got its original 256Mb and an additional 512Mb stick in it - is it possible to tell if this is a memory error from this, and if so which stick might be the problem? I have no Smartnet on this, so can't ask TAC :( Thanks Pete ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 2821 spurious reload
Rodney Dunn wrote: From the 'sh stack' you posted offline it *appears* that this may be a result of: CSCsv85009 fixed in 12.4(22)T2. I didn't spend a lot of time analyzing it but the code tracebacks you sent me offline match up pretty closely. Rodney Thanks - I'm going to try upgrading it to 12.4(22)T2 and see if that fixes the problem. Regards Pete ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Downgrade from 12.2(33)SXI2a to 122-18.SXF17
Hi, I'm going to downgrade a Cisco 6500 with Sup-720 from 12.2(33)SXI2a to 1.22(18)SXF17 for hardware issue. I think I have checked everything, Configuration issues (all commands available) Hardware support (all modules supported) Bootloader (not needed on sup-720 for 1.22(18)SXF17 according to Cisco documentation) Anyone got any more pointers I might have missed? Hard to find good documentation about downgrading. If anyone knows good dokumentation about this, feel free to share it. My experience after missed some configuration differences (Switch went berserk back then, several years ago) makes me a bit at unease with downgrading IOS versions. best regards, pelle ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Downgrade from 12.2(33)SXI2a to 122-18.SXF17
Pär Åslund wrote: Hi, I'm going to downgrade a Cisco 6500 with Sup-720 from 12.2(33)SXI2a to 1.22(18)SXF17 for hardware issue. I think I have checked everything, Configuration issues (all commands available) Hardware support (all modules supported) Bootloader (not needed on sup-720 for 1.22(18)SXF17 according to Cisco documentation) Anyone got any more pointers I might have missed? I tested this for SXI (not 2a) when we upgraded, and from my notes: * If you're using VRFs and have converted the config to new-style vrf definition, you need to backport config * If you've re-formatted the flash disk under SXI you should probably (to be safe) format it under SXF before downgrade ...but other than that, if you're sure the IOS config hardware is compatible it should be fine - we frequently put our test/lab box back into SXF. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] CompactFlash card compatibility
Wondering if anyone has any insight on CF card compatibility on sup720-3b's. Getting parts from Cisco can sometimes have a significant lead time, but I need to install a larger image very soon. -- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] CompactFlash card compatibility
We've been using Sandisk Ultra 2 CF 2gb cards from Staples. No issues so far. We have these running on 6 different 720-3BXL's. HTH, Clue On Wed, Dec 2, 2009 at 10:48 AM, Walter Keen walter.k...@rainierconnect.net wrote: Wondering if anyone has any insight on CF card compatibility on sup720-3b's. Getting parts from Cisco can sometimes have a significant lead time, but I need to install a larger image very soon. -- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] CompactFlash card compatibility
We've been using Sandisk Ultra 2 CF 2gb cards from Staples. No issues so far. We have these running on 6 different 720-3BXL's. Same here. Just be sure to format them with the sup or they won't boot. -- Randy ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] CompactFlash card compatibility
We have been using the Kingston CF/4GB Type I - they work fine, with same caveat as Randy posted - format them in the Sup first. One other note - no matter what brand, stick to the slower cards (type I or II) as the faster access-time cards do NOT work - they do not format or read correctly. Good news is the slower ones are a lot cheaper... Brian On 09-12-02 10:02 AM, Randy McAnally r...@fast-serv.com wrote: We've been using Sandisk Ultra 2 CF 2gb cards from Staples. No issues so far. We have these running on 6 different 720-3BXL's. Same here. Just be sure to format them with the sup or they won't boot. -- Randy ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 2821 spurious reload
Pete, Get off the T train to 15.0. T train is too unstable to be run in _any_ production network and should _only_ be used when there is absolutely no alternative. Eninja PS. Rodney, feel free to post the release notes of sv85009 so others can be enlightened about its cause and effect. Tx On Dec 2, 2009, at 5:36 PM, Pete Barnwell pe...@whole-uk.com wrote: Rodney Dunn wrote: From the 'sh stack' you posted offline it *appears* that this may be a result of: CSCsv85009 fixed in 12.4(22)T2. I didn't spend a lot of time analyzing it but the code tracebacks you sent me offline match up pretty closely. Rodney Thanks - I'm going to try upgrading it to 12.4(22)T2 and see if that fixes the problem. Regards Pete ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Problem disabling proxy-arp
Hello, I'm running some 3750s that are providing IP aggregation for customers of mine. One of the customers reported that his gateway (the 3750) was responding to ARP for his local LAN addresses. Taking a look, I realized that I forgot to disable proxy-arp on that 3750. I disabled it via the global ip proxy arp disable command, but it doesn't seem to have worked; the customer still says he is seeing ARP responses from the gateway, but only on PCs that have just booted. Also, show ip int xxx reports that proxy-arp is still live on the interface: #show ip int vlan101 Vlan101 is up, line protocol is up Internet address is 70.36.146.1/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is 100 Proxy ARP is enabled Local Proxy ARP is disabled I've confirmed that if I go into the interface and issue no ip proxy-arp, then the show ip int xxx output also shows that it is disabled. What am I missing here to make sure that proxy-arp is globally disabled for every L3 interface on my 3750s? Do I really have to put the no ip proxy-arp command on each and every interface? -Jared ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Problem disabling proxy-arp
On Wed, 02 Dec 2009 12:12:13 -0800, you wrote: Do I really have to put the no ip proxy-arp command on each and every interface? Yes. -A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Downgrade from 12.2(33)SXI2a to 122-18.SXF17
On Wed, Dec 2, 2009 at 6:18 PM, Phil Mayers p.may...@imperial.ac.uk wrote: Pär Åslund wrote: Hi, I'm going to downgrade a Cisco 6500 with Sup-720 from 12.2(33)SXI2a to 1.22(18)SXF17 for hardware issue. I think I have checked everything, Configuration issues (all commands available) Hardware support (all modules supported) Bootloader (not needed on sup-720 for 1.22(18)SXF17 according to Cisco documentation) Anyone got any more pointers I might have missed? I tested this for SXI (not 2a) when we upgraded, and from my notes: * If you're using VRFs and have converted the config to new-style vrf definition, you need to backport config * If you've re-formatted the flash disk under SXI you should probably (to be safe) format it under SXF before downgrade ...but other than that, if you're sure the IOS config hardware is compatible it should be fine - we frequently put our test/lab box back into SXF. Hi Phil, Thanks for the pointers. No VRF configuration is used at all. Didn't know about the format flash disk, will check that. .pelle ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 2821 spurious reload
On 2009-12-02 20:24, Eninja wrote: Pete, Get off the T train to 15.0. T train is too unstable to be run in _any_ production network and should _only_ be used when there is absolutely no alternative. Actually, the 15.0M *is* the 12.4T train after branching off the 12.4(24)T. Along with many fixes and enhancements, but technically speaking that's the continuation. -- Everything will be okay in the end. | Łukasz Bromirski If it's not okay, it's not the end. | http://lukasz.bromirski.net ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Bandwidth Statement - Tunnel Interface
Hi, Just curious, since the default bandwidth for tunnel interface is 9k (cisco platform), does that mean the maximum bandwidth I can have is 9k? What's the purpose of setting bandwidth statement on a tunnel interface? Does that mean I get bandwidth that is set or what the router will report via snmp? Insight will be appreciated. regards, sky ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Bandwidth Statement - Tunnel Interface
sky vader wrote: Hi, Just curious, since the default bandwidth for tunnel interface is 9k (cisco platform), does that mean the maximum bandwidth I can have is 9k? No. What's the purpose of setting bandwidth statement on a tunnel interface? Does that mean I get bandwidth that is set or what the router will report via snmp? Three things come to mind, there are likely other subtle ones... 1. Dynamic routing protocols use the interface bandwidth for path selection. Manually specifying the bandwidth to something sane for the physical path over which the tunnel rides may be needed for proper route selection. 2. MRTG and similar tools will use the configured bandwidth as the default maximum for graphing and analysis purposes. Leaving it at 9K is likely to result in graphs topped at that value. SNMP of the actual traffic counts will be accurate, but configuration tools of graphing software will get the configured bandwidth on setup and may behave as if this is the physical limit. 3. QoS and traffic shaping applied to the interface will use the configured bandwidth for percentage calculations and the like. This will almost certainly cause results that aren't what you expect unless the tunnel is running over a dialup link. If you are doing none of these, then the configured bandwidth statement really doesn't affect anything in terms of operation that I've noticed. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Problem disabling proxy-arp
On Wed, 2 Dec 2009, Jared Gillis wrote: Hello, I'm running some 3750s that are providing IP aggregation for customers of mine. One of the customers reported that his gateway (the 3750) was responding to ARP for his local LAN addresses. Taking a look, I realized that I forgot to disable proxy-arp on that 3750. I disabled it via the global ip proxy arp disable command, but it doesn't seem to have worked; the customer still says he is seeing ARP responses from the gateway, but only on PCs that have just booted. Also, show ip int xxx reports that proxy-arp is still live on the interface: #show ip int vlan101 Vlan101 is up, line protocol is up Internet address is 70.36.146.1/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is 100 Proxy ARP is enabled Local Proxy ARP is disabled This might be the result of CSCsl75648, which does not reflect the global state of the proxy arp in the per-interface output. I'd suggest to double-check with the sniffer trace how exactly the ARP traffic between the newly booted PCs and the gateway looks like, and see if you can correlate with anything with the config. Maybe there is more than one contributor to the overall issue - and disabling proxy-arp globally on the gateway solved only a part of it. (Of course, checking if explicitly disabling proxy-arp on the interface would not hurt either - but even if it helps, the sniffer traces will very useful to find the root cause). thanks, andrew ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Error message on 6500s
Hi all, I received this error message: Dec 2 19:54:10.874: %SCP-SP-3-SCP_HA_FAIL: SCP HA Seq Set - Module: 3 failed 0 times I read about the error and it said it's not good for the module not to receive the HA sequence but it does say about failed 0 times. Does this mean module 3 received the Sequence set? or does it mean it failed once only? Thank you regards, rudy ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 2821 spurious reload
On Dec 2, 2009, at 10:14 PM, Łukasz Bromirski luk...@bromirski.net wrote: On 2009-12-02 20:24, Eninja wrote: Pete, Get off the T train to 15.0. T train is too unstable to be run in _any_ production network and should _only_ be used when there is absolutely no alternative. Actually, the 15.0M *is* the 12.4T train after branching off the 12.4(24)T. Along with many fixes and enhancements, but technically speaking that's the continuation. Yes, 12.4T became 15.0 mainline thus it contains all the features in 12.4T but now only enjoys bug fixes with no new features added. This is why maniline releases are more 'reliable'. New feature implemention is the primary cause of T-train instability. eninja ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 2821 spurious reload
Eninja wrote: On Dec 2, 2009, at 10:14 PM, Łukasz Bromirski luk...@bromirski.net wrote: On 2009-12-02 20:24, Eninja wrote: Pete, Get off the T train to 15.0. T train is too unstable to be run in _any_ production network and should _only_ be used when there is absolutely no alternative. Actually, the 15.0M *is* the 12.4T train after branching off the 12.4(24)T. Along with many fixes and enhancements, but technically speaking that's the continuation. Yes, 12.4T became 15.0 mainline thus it contains all the features in 12.4T but now only enjoys bug fixes with no new features added. This is why maniline releases are more 'reliable'. New feature implemention is the primary cause of T-train instability. Especially in the case of using 12.4T because you need a feature in it, that feature is certainly in 15 and there's no reason to stick with (the potentially more buggy) 12.4T. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 2821 spurious reload
Seth Mattinen wrote: Especially in the case of using 12.4T because you need a feature in it, that feature is certainly in 15 and there's no reason to stick with (the potentially more buggy) 12.4T. Flashcard size - I can't get access to this router at all easily, so anything that won't fit on a 64Mb flash isn't a good option - T train was the only option that supported the cards in this router (ignoring XJ which I tried and had a horrible L2TP bug...) Regards Pete ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
