Re: [c-nsp] BFD expectations
While on the subject, does anyone know if BFD for SVIs has been fixed yet? Oliver -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Evans Sent: Thursday, 23 September 2010 2:20 PM To: Pete Lumbis Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BFD expectations Yes. This is what I was referring to. This is centralized on the 6500 even tho it can be implemented with distributed forwarding cards. You also need to enable no ip redirects on the interfaces to reduce CPU load. As I mentioned we tested with Cisco ECATS and our htts team with sxi3. We tested 450ms intervals with up to 35 ebgp neighbors then pounded the CPU and had no issues. Centralized bfd platforms are not recommended to have low interval timers exactly for the false positive issue. The me3600 and 7300 are CPU based bfd I believe so there will be issues. Chris On Sep 22, 2010 10:11 PM, Pete Lumbis alum...@gmail.com wrote: The forwarding on the 6k can be decentralized but as of today I believe that BFD is still a centralized process. That is, it is punted to the CPU and control plane issues can give false positives as Phil mentioned. I think there are plans to make BFD distributed in the future but I have no idea what that time line is. -Pete On Wed, Sep 22, 2010 at 7:19 PM, Chris Evans chrisccnpsp...@gmail.com wrote: Phil you bring ... ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BFD expectations
Probably only CWAN cards will be able to offload the cpu. DFCs, as far as i remember, cannot generate packets. -- Tassos Pete Lumbis wrote on 23/09/2010 05:11: The forwarding on the 6k can be decentralized but as of today I believe that BFD is still a centralized process. That is, it is punted to the CPU and control plane issues can give false positives as Phil mentioned. I think there are plans to make BFD distributed in the future but I have no idea what that time line is. -Pete On Wed, Sep 22, 2010 at 7:19 PM, Chris Evanschrisccnpsp...@gmail.comwrote: Phil you bring up a great point. Until sxi bfd code was crap on the 6500.. We have done exstensive testing at the ECATS lab. We concluded that 450ms is a good number on this platform with its centralized architecture. We tested this with approx 35 peers and had no issues under heavy CPU load. As stated before bfd is a triggering mechanism it still doesn't fix overall protocol reconvergence issues. On 09/22/2010 03:22 PM, Jason Lixfeld wrote: It's my understanding that BFD can provide failure detection and recovery similar to that found in POS. To that end, I'd like to use BFD with ISIS to design an L3 network that has failure detection and recovery mechanisms which rival L2 mechanisms like REP/G.8023/STP's various incarnations, etc. Wouldn't we all? AFAICT, you will have to try very, very hard to get200msec failover using available layer3 mechanisms. It can be done, but it's difficult and the configurations are highly topology-specific. Certainly achieving 50msec / layer2 failover times seems to be all but impossible in the general case. If you search the archives, you'll get posts from the helpful Cisco guys on the list saying contact your account manager and we can help you tune X to get 100msec failover. Have you tuned your IGP? There is a lot of stuff to tweak on this, and without it, BFD will not help you overmuch. I've labbed BFD+ISIS between a 7301 and an ME3600, run MTR between test hosts connected to each of the two devices and yanked one of the two links connecting the 7301 and the ME. I lose about 2-3 seconds worth of packets. Those results seem a little inconsistent with the claims of BFD's timing, unless there's something I'm missing and even with the BFD hooks, ISIS isn't able to react at near POS speeds. Anyone have any perspective from the real world? For us, BFD was useless. It triggered false positives all the time, then Cisco removed SVI support under later 12.2SX IOS. It didn't seem to be distributed, so anything which loaded the sup RP/SP CPUs caused it to crap out. We gained far more from simply: router ospf 1 timers throttle spf 10 100 5000 timers throttle lsa all 10 100 5000 timers lsa arrival 80 ...on all our boxes. YMMV, but I would not believe the marketing hype around BFD. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BFD expectations
Hi, On Thu, Sep 23, 2010 at 04:38:16PM +1000, Oliver Eyre wrote: While on the subject, does anyone know if BFD for SVIs has been fixed yet? If I remember right, it's announced for SXnext, to be released in early 2011 or so. It's not in SXI4. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpibspeMPfC9.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] QoS on the 2960
This should work. This is the way I did bandwith management on a 3750, policing on ingress and srr-queue bandwith limit on egress. The problem with Internet users and TCP is policing. As soon as a packet exceeds the limit it drops it. And TCP has to resend, and then you have the TCP sliding window etc. So you will see the a sawtooth effect if you look at grahps. Our Internet users complained about this, when they ran TCP based bandwith testers. If you crank up the burst when you police, you will see smoother graphs and get better throuthput. If you test with UDP you should get the full 8 meg. Regards Roger On Thu, Sep 23, 2010 at 2:16 AM, Seth Mattinen se...@rollernet.us wrote: I'm trying to figure out QoS on a 2960 - something I've read about a lot but never had to do before. I'm very simply attempting to limit a customer to speed X, 8M for example. So far I have this: ! mls qos srr-queue input bandwidth 100 1 mls qos srr-queue input buffers 100 0 mls qos srr-queue input priority-queue 2 bandwidth 0 class-map match-all customerX match access-group name customerX policy-map customerX class customerX police 800 10 exceed-action drop interface FastEthernet0/1 srr-queue bandwidth limit 10 service-policy input customerX ! Other than the fact that the download only gets at granular as 10%, will this work? I previously tried applying 8 meg policers (with mls qos srr-queue defaults) on both the customer's port and the uplink port, but the net result seemed to be about a 3 to 5 meg max rather than closer to 8. This customer is alone on the switch. ~Seth ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IPSec = Speed problems ?
Speed, the customer said that slow and a lot of disconnect on application. Do you know if my MTU is correct ? (mss fix and other) ? 2010/9/22 Heath Jones hj1...@gmail.com: i request your help because we have a problems of speed between two site. What is the problem, exactly? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Performance Difference NM-16ESW-1GIG and NME-16ES-1GIG
Looking at getting a couple of 3945s. NM-16ESW-1GIG is being recommended by one of my colleagues. He prefers the easy of use, not having to session in to the module. It's been pointed out that the router IOS will have to devote some of it's time to the module and perform the switching functions. We would have to get the 3945 as the module is not supported in the 3945E. The NME-16ES-1GIG is of course a newer generation. The module runs it's own IOS image. PoE is not a requirement. Links to the data sheets: http://www.cisco.com/en/US/prod/collateral/routers/ps259/product_data_sheet09186a00801aca3e.html http://www.cisco.com/en/US/prod/collateral/routers/ps5855/product_data_sheet0900aecd8028d15f.html How much does the older module affect the performance of the router itself when compared to the newer module? Thank you ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IPSec = Speed problems ?
Speed, the customer said that slow and a lot of disconnect on application. Do you know if my MTU is correct ? (mss fix and other) ? The easiest way to check for MTU is to ping the other end, dont-fragment and mess about with the packet size. Because there are so many different things going on in each provider network, its about the only way to properly do it - every provider is different. Apart from that the config looks ok, and the mtu 1440 mss 1400 match up. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 10G DWDM UP/DOWN
I don't have the ability to see the DWDM stats but we have configured our end with hold-down up 5000 (ms), this means wavelengths is fluctuating with small amount of time. Yeah, sometimes other wavelengths went down parallel but it's not the case always. The interesting things is, most of the time circuit comes up after 5 second intervals, I understand this is due to hold-down up 5000 but this also means wavelength is dropping again and again and over again. Thanks BR// Andrew From: p...@paulstewart.org To: go...@live.com; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 10G DWDM UP/DOWN Date: Wed, 22 Sep 2010 18:14:30 -0400 Do you have the ability to see the DWDM stats? Is the 10G interface configured to drop when wavelength goes down? We need to figure out if the DWDM equipment, the actual fiber connection, or the router interfaces is the issue here. I'll bank initially on a problem with the DWDM based connection - any other wavelengths going down or can you tell us? Paul -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Good One Sent: September-22-10 5:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] 10G DWDM UP/DOWN I have a 10G circuit over DWDM which is flapping very frequently occasionally. DOWN to UP state takes 5 second most of the time, just wondering what could be causing this. Sep 22 21:47:46 T12 mib2d[2061]: SNMP_TRAP_LINK_DOWN: ifIndex 117, ifAdminStatus up(1), ifOperStatus down(2), ifName xe-5/0/0 Sep 22 21:47:51 T12 mib2d[2061]: SNMP_TRAP_LINK_UP: ifIndex 117, ifAdminStatus up(1), ifOperStatus up(1), ifName xe-5/0/0 Sep 22 21:49:28 T12 mib2d[2061]: SNMP_TRAP_LINK_DOWN: ifIndex 117, ifAdminStatus up(1), ifOperStatus down(2), ifName xe-5/0/0 Sep 22 21:49:33 T12 mib2d[2061]: SNMP_TRAP_LINK_UP: ifIndex 117, ifAdminStatus up(1), ifOperStatus up(1), ifName xe-5/0/0 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IPSec = Speed problems ?
Try using 1360, I *think* this is the Cisco standard, either way we use that without problem. Cheers Mike Company Registration number: 197807;Place of Registration: England; Registered office address: Weybridge Business Park, Addlestone Road, Addlestone, Surrey, KT15 2UP Confidentiality Notice: This message, together with its annexes, contains information to be deemed strictly confidential, that may be legally privileged and is destined only to the addressee(s) identified above who only may use, copy and, under his/their responsibility, further disseminate it. If anyone received this message by mistake or reads it without entitlement is forewarned that keeping, copying, disseminating or distributing this message to persons other than the addressee(s) is strictly forbidden and is asked to transmit it immediately to the sender and to erase the original message received. Thank you. Please consider the environment before you print this message. Thank you.-Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Stephane MAGAND Sent: 23 September 2010 09:50 To: Heath Jones Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] IPSec = Speed problems ? Speed, the customer said that slow and a lot of disconnect on application. Do you know if my MTU is correct ? (mss fix and other) ? 2010/9/22 Heath Jones hj1...@gmail.com: i request your help because we have a problems of speed between two site. What is the problem, exactly? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 10G DWDM UP/DOWN
Just a small question, maybe off topic: is a 10GE DWDM circuit always composed of 4 x 2.5 Gbps channels, because i was thinking that classical dwdm consisted of 32x 2.5 Gbps channels. regards, Geert 2010/9/23 Good One go...@live.com I don't have the ability to see the DWDM stats but we have configured our end with hold-down up 5000 (ms), this means wavelengths is fluctuating with small amount of time. Yeah, sometimes other wavelengths went down parallel but it's not the case always. The interesting things is, most of the time circuit comes up after 5 second intervals, I understand this is due to hold-down up 5000 but this also means wavelength is dropping again and again and over again. Thanks BR// Andrew From: p...@paulstewart.org To: go...@live.com; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 10G DWDM UP/DOWN Date: Wed, 22 Sep 2010 18:14:30 -0400 Do you have the ability to see the DWDM stats? Is the 10G interface configured to drop when wavelength goes down? We need to figure out if the DWDM equipment, the actual fiber connection, or the router interfaces is the issue here. I'll bank initially on a problem with the DWDM based connection - any other wavelengths going down or can you tell us? Paul -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Good One Sent: September-22-10 5:43 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] 10G DWDM UP/DOWN I have a 10G circuit over DWDM which is flapping very frequently occasionally. DOWN to UP state takes 5 second most of the time, just wondering what could be causing this. Sep 22 21:47:46 T12 mib2d[2061]: SNMP_TRAP_LINK_DOWN: ifIndex 117, ifAdminStatus up(1), ifOperStatus down(2), ifName xe-5/0/0 Sep 22 21:47:51 T12 mib2d[2061]: SNMP_TRAP_LINK_UP: ifIndex 117, ifAdminStatus up(1), ifOperStatus up(1), ifName xe-5/0/0 Sep 22 21:49:28 T12 mib2d[2061]: SNMP_TRAP_LINK_DOWN: ifIndex 117, ifAdminStatus up(1), ifOperStatus down(2), ifName xe-5/0/0 Sep 22 21:49:33 T12 mib2d[2061]: SNMP_TRAP_LINK_UP: ifIndex 117, ifAdminStatus up(1), ifOperStatus up(1), ifName xe-5/0/0 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] SIP not working behind NAT
Several problems with SIP and NAT check bug toolkit for that IOS at cisco.com El 22/09/10 10:41, Bikash Bhattarai escribió: Dear all, I have just configured a Cisco 1811 with c181x-advipservicesk9-mz.124-15.T10. If I put my ATA on public IP it works fine but if I put behind NAT it doesn't work. Proxy registration works fine and I can get Call from other end. But I can't make call to other end. Please help. Regards, Bikash Bhattarai ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 10G DWDM UP/DOWN
Hi, On Thu, Sep 23, 2010 at 01:42:15PM +0200, Geert Nijs wrote: Just a small question, maybe off topic: is a 10GE DWDM circuit always composed of 4 x 2.5 Gbps channels, because i was thinking that classical dwdm consisted of 32x 2.5 Gbps channels. You can do 10GE DWDM with 1x 10Gbps just fine :-) Whether or not a DWDM system is N x anything special really depends on the type of system - if it's just a passive MUX/DEMUX (half-transparent mirrors with colour filters) you can do anything over it, as long as the sender has proper coloured optics - like 1x GE, 1x 10GE, 1x 2G FC or such. On an active DWDM system that actually understands the signals it's transmitting (and possibly re-shaping to form), you depend on whatever the system gives you. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpd9vBhLCOQD.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
hi guys, can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both ,when I execute show bgp in crs-1 thanks Stephen.Chen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] advertising a route not in IGP
This is probably stupid, but I've pawed the books and I can't find a decent answer. I have two meshes - a vendor mesh and an internal mesh, both EIGRP, different ASes. I interchange BGP with vendors off the vendor switches. The internal IGP has a bunch of routes. The vendor mesh has a ip eigrp summary on its interfaces towards the internal mesh that aggregates the whole into a /16 (10.200.0.0/16). One vendor I need to connect to, I need to advertise a specific /24 (10.200.16.0/24) to the eBGP neighbor. OF course BGP won't advertise the route to the eBGP neighbor because the /24 isn't in IGP, only the /16 summary. I can't just set a static null route for the /24, because that would screw up all traffic going to that subnet through that switch. I can't just pull the EIGRP summary at the boundary without causing all sorts of other fun. I don't know of a decent way to leak the one /24 past the EIGRP summary statement on the interface. The vendor can't accept the /16. Is there any way I can a) convince BGP to advertise the /24 to its peer? Or b) somehow create a /24 that's slaved to the /16? (I don't care if the /24 is redistributed through the vendor mesh) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] advertising a route not in IGP
One vendor I need to connect to, I need to advertise a specific /24 (10.200.16.0/24) to the eBGP neighbor. OF course BGP won't advertise the route to the eBGP neighbor because the /24 isn't in IGP, only the /16 summary. I don't think your going to have much luck. What you are asking, it to put a route in adj-out that is not in the actual routing table. Perhaps you could fake it by hacking around with vrf's or something.. I can't just set a static null route for the /24, because that would screw up all traffic going to that subnet through that switch. Can you set a static that points to the correct next-hop? The problem is the router would be advertising a route to a destination that it doesn't actually know about. I can see what your trying to do, but is this really a good practise? I can't just pull the EIGRP summary at the boundary without causing all sorts of other fun. Is the problem that when you try to summarise to /24 and /16, the /16 blocks the /24 ? You should be able to do both - it would still be legal - I think this is what you need to investigate further. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BFD for monitoring? (was BFD expectations)
I think ethernet OAM would be a better bet for this specific use case. Esp if you are on SXI. http://www.cisco.com/en/US/prod/collateral/routers/ps368/prod_white_paper0900aecd804a0266.html http://www.cisco.com/en/US/prod/collateral/routers/ps368/prod_white_paper0900aecd804a0266.html On Thu, Sep 23, 2010 at 8:29 AM, Jeff Bacon ba...@walleyesoftware.comwrote: Message: 1 Date: Wed, 22 Sep 2010 19:19:57 -0400 From: Chris Evans chrisccnpsp...@gmail.com To: Phil Mayers p.may...@imperial.ac.uk Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] BFD expectations Message-ID: aanlktim5olaoyynscw1ersdtq9tg71zrrkuozu6vv...@mail.gmail.com Content-Type: text/plain; charset=ISO-8859-1 Phil you bring up a great point. Until sxi bfd code was crap on the 6500.. We have done exstensive testing at the ECATS lab. We concluded that 450ms is a good number on this platform with its centralized architecture. We tested this with approx 35 peers and had no issues under heavy CPU load. This might seem a little silly, but would it be reasonable to use BFD, say in conjunction with EEM, as a form of link-monitoring mechanism? I have 6500s which only have a handful of links, so presumably I could push the timer down down to say 200-300ms. I've been looking for a cheapish way to do link state monitoring (I need to know when there's a blip, even a very momentary one) - somewhere down the road I'd like to put in Accedian boxes and really get the big picture, in a smaller scale I'm considering nuttcp between boxes at each node to push streams around and look for retransmits, but BFD could work too. I don't want to actually act on anything - that requires human intervention, and too often it is just a subsecond blip for which a down-and-reconverge is inappropriate, but if I know it happened, that information can be passed up to the app team and they can say oh ok and not do a ton of digging. Is this an unreasonable approach? All the boxes are sup7203Bs with DFCs, SXH7, and we're talking about gig metro-E links, mostly dedicated-path but a few MPLS/VPLS-pseudowires. Thanks, -bacon ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] advertising a route not in IGP
Why not use the EIGRP leak map feature (IOS version dependent)? http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gt_esflr.html http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gt_esflr.html On Thu, Sep 23, 2010 at 8:37 AM, Jeff Bacon ba...@walleyesoftware.comwrote: This is probably stupid, but I've pawed the books and I can't find a decent answer. I have two meshes - a vendor mesh and an internal mesh, both EIGRP, different ASes. I interchange BGP with vendors off the vendor switches. The internal IGP has a bunch of routes. The vendor mesh has a ip eigrp summary on its interfaces towards the internal mesh that aggregates the whole into a /16 (10.200.0.0/16). One vendor I need to connect to, I need to advertise a specific /24 (10.200.16.0/24) to the eBGP neighbor. OF course BGP won't advertise the route to the eBGP neighbor because the /24 isn't in IGP, only the /16 summary. I can't just set a static null route for the /24, because that would screw up all traffic going to that subnet through that switch. I can't just pull the EIGRP summary at the boundary without causing all sorts of other fun. I don't know of a decent way to leak the one /24 past the EIGRP summary statement on the interface. The vendor can't accept the /16. Is there any way I can a) convince BGP to advertise the /24 to its peer? Or b) somehow create a /24 that's slaved to the /16? (I don't care if the /24 is redistributed through the vendor mesh) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] advertising a route not in IGP
I can't just pull the EIGRP summary at the boundary without causing all sorts of other fun. Is the problem that when you try to summarise to /24 and /16, the /16 blocks the /24 ? You should be able to do both - it would still be legal - I think this is what you need to investigate further. Sounds like you want a BGP suppress map function for EIGRP, this article sounds promising: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gt_esflr.html If the summary is being generated manually then it may be an option to allow both summary and smaller route through. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] advertising a route not in IGP
Might be possible to advertise the /16 via the network command and then use bgp aggregate to only send out the /24. Haven't tested this, not sure if you can aggregate into a smaller network. It's just a suggestion. -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Heath Jones Sent: Thursday, September 23, 2010 9:25 AM To: Jeff Bacon Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] advertising a route not in IGP One vendor I need to connect to, I need to advertise a specific /24 (10.200.16.0/24) to the eBGP neighbor. OF course BGP won't advertise the route to the eBGP neighbor because the /24 isn't in IGP, only the /16 summary. I don't think your going to have much luck. What you are asking, it to put a route in adj-out that is not in the actual routing table. Perhaps you could fake it by hacking around with vrf's or something.. I can't just set a static null route for the /24, because that would screw up all traffic going to that subnet through that switch. Can you set a static that points to the correct next-hop? The problem is the router would be advertising a route to a destination that it doesn't actually know about. I can see what your trying to do, but is this really a good practise? I can't just pull the EIGRP summary at the boundary without causing all sorts of other fun. Is the problem that when you try to summarise to /24 and /16, the /16 blocks the /24 ? You should be able to do both - it would still be legal - I think this is what you need to investigate further. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Strange tcam mask
Hi all, Introduction: 1) Catalyst 6500 (SUP-720, 12.2(33)SXI1) is ok: Cat6500#show run int vl ! interface Vlan ip address 192.168.77.1 255.255.255.252 ip access-group in end Cat6500#show access-lists Extended IP access list 10 permit udp any host 192.168.77.2 eq domain Cat6500#show tcam interface vlan acl in ip * Global Defaults not shared Entries from Bank 0 ##permit udp any host 192.168.77.2 fragments permit udp any host 192.168.77.2 eq domain deny ip any any Entries from Bank 1 2) Cisco 7600 (RSP-720, 12.2(33)SRE) is not ok: C7600#show run int vl ! interface Vlan ip address 192.168.77.1 255.255.255.252 ip access-group in end C7600#show access-lists Extended IP access list 10 permit udp any host 192.168.77.2 eq domain C7600#show tcam interface vlan acl in ip * Global Defaults not shared Entries from Bank 0 ##permit udp any any fragments permit udp any host 192.168.77.2 eq domain deny ip any any Entries from Bank 1 The C7600 make a wrong mask in tcam (line with ##). I couldn't find any bug related. Does anybody seen the same acl mask behavior on 7600? -- Thanks Sergey ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
On Thu, 2010-09-23 at 20:57 +0800, Hello.Cisco wrote: can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both ,when I execute show bgp in crs-1 I don't know about the CRS-1, but in regular IOS you can. You have to use the quote-regexp command though: show ip bgp quote-regexp _65412$ | include ^r Without the quote-regexp version, the CLI is unable to see when the regular expression stops, and considers the pipe a part of it. -- Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] DS3 Length over RG-6 or RG-59
On 9/22/10 10:31 PM, Jon Simola wrote: On Wed, Sep 22, 2010 at 1:31 PM, Peder pe...@networkoblivion.com wrote: Does anybody have a good rule of thumb as to what type of coax to use for DS3 over various distances? I know it has to be 75ohm, but have read it can be RG-59 or RG-6. I've only ever seen Coax 734 or 735 used in DS3 connections. 735 is good for 200 feet, 734 for up to 400 feet. RG-6 should work; I believe the Cisco DS3 cables are RG-6 with ferrites on each end and should be good up to 400 feet as well. I'll wander upstairs and pull the one I have in storage to double check. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] advertising a route not in IGP
Jeff, I interchange BGP with vendors off the vendor switches. The internal IGP has a bunch of routes. The vendor mesh has a ip eigrp summary on its interfaces towards the internal mesh that aggregates the whole into a /16 (10.200.0.0/16). One vendor I need to connect to, I need to advertise a specific /24 (10.200.16.0/24) to the eBGP neighbor. OF course BGP won't advertise the route to the eBGP neighbor because the /24 isn't in IGP, only the /16 summary. you should be able to use the bgp inject-map feature/command to achieve this, check out BGP Conditional Route Injection feature description at http://www.cisco.com/en/US/docs/ios/12_2t/12_2t4/feature/guide/ftbgpri.h tml oli ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Performance Difference NM-16ESW-1GIG and NME-16ES-1GIG
On 9/23/10 2:32 AM, Jeffrey Denton wrote: Looking at getting a couple of 3945s. NM-16ESW-1GIG is being recommended by one of my colleagues. He prefers the easy of use, not having to session in to the module. It's been pointed out that the router IOS will have to devote some of it's time to the module and perform the switching functions. We would have to get the 3945 as the module is not supported in the 3945E. The NME-16ES-1GIG is of course a newer generation. The module runs it's own IOS image. PoE is not a requirement. Links to the data sheets: http://www.cisco.com/en/US/prod/collateral/routers/ps259/product_data_sheet09186a00801aca3e.html http://www.cisco.com/en/US/prod/collateral/routers/ps5855/product_data_sheet0900aecd8028d15f.html How much does the older module affect the performance of the router itself when compared to the newer module? The two are completely different beasts that exist together, not necessarily a replacement or upgrade for the other, so you need to pick the one that meets your requirements the best. If you get a NM module the ISR sees/manages it. You do L3 routing with an SVI. L2 stays on the module, not through the router CPU. The HWIC-4ESW or HWIC-9ESW modules are the same as a NM-16ESW, the difference is port count. If you're primarily going to be doing a lot of L2 traffic and little L3, then this variant will suit you fine. Pretend it's like having a 2690 series switch in module form; you are saving space and combining management into a single device. If you get an NME module then you're effectively buying a 3750 that fits into the router slot. It runs the 3750 IOS image. Treat it like it's an external switch, not a module. The advantage is space saving, but they are indeed two distinct devices. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Performance Difference NM-16ESW-1GIG and NME-16ES-1GIG
On 9/23/10 9:05 AM, Seth Mattinen wrote: Pretend it's like having a 2690 series switch in module form; you are saving space and combining management into a single device. Whoops, I meant 2960. It's like an L2 only switch. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
hey,Peter u r right,but in IOX-XR,it`s not comfortable. I tried and output listed bellow: RP/0/RP0/CPU0:#sh bgp regexp ^$ BGP router identifier x.x.255.240, local AS number 65142 BGP generic scan interval 60 secs BGP table state: Active Table ID: 0xe000 BGP main routing table version 1465064 BGP scan interval 60 secs Status codes: s suppressed, d damped, h history, * valid, best i - internal, S stale Origin codes: i - IGP, e - EGP, ? - incomplete NetworkNext HopMetric LocPrf Weight Path *i10.149.240.212/30 x.168.246.x100 0 ? * i x.168.246.x100 0 ? RP/0/RP0/CPU0:#sh bgp regexp ^$ ? LINE cr RP/0/RP0/CPU0:#sh bgp regexp ^$ | Inc ? LINE cr RP/0/RP0/CPU0:#sh bgp regexp ^$ | Inc /30 RP/0/RP0/CPU0:# thank you 2010/9/23 Peter Rathlev pe...@rathlev.dk On Thu, 2010-09-23 at 20:57 +0800, Hello.Cisco wrote: can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both ,when I execute show bgp in crs-1 I don't know about the CRS-1, but in regular IOS you can. You have to use the quote-regexp command though: show ip bgp quote-regexp _65412$ | include ^r Without the quote-regexp version, the CLI is unable to see when the regular expression stops, and considers the pipe a part of it. -- Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] prefix list question
Hi all What is the ip prefix-list traffic-in seq 100 permit any I can't use it Thank you ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] STM querry
The PA-MC-STM-1 only supported SDH and did not support anything greater than E1 last time I checked. . jack daniels wrote: Hi guys, Please help me with understanding if I have channelised STM1 card - 1) I can configure 3xDS3 2) I can configure 63xE1 CAN I configure on same channelised STM1 2xDS3 and rest E1. Regards Jack ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- David Freedman Group Network Engineering Claranet Group ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] prefix list question
Try this: ip prefix-list traffic-in seq 100 permit 0.0.0.0/0 le 32 Chris On Thu, Sep 23, 2010 at 11:15 AM, Deric Kwok deric.kwok2...@gmail.comwrote: Hi all What is the ip prefix-list traffic-in seq 100 permit any I can't use it Thank you ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
On Fri, 2010-09-24 at 00:12 +0800, Hello.Cisco wrote: u r right,but in IOX-XR,it`s not comfortable. I tried and output listed bellow: [...] RP/0/RP0/CPU0:#sh bgp regexp ^$ ? LINE cr RP/0/RP0/CPU0:#sh bgp regexp ^$ | Inc ? LINE cr RP/0/RP0/CPU0:#sh bgp regexp ^$ | Inc /30 RP/0/RP0/CPU0:# But what about quote-regexp instead of regexp? That was my point. I don't have any CRS-1 available, but I can't see why it wouldn't have that command. -- Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
Hi RP/0/RP0/CPU0:#sh bgp regexp ^$ | Inc ? LINE cr I don't know what XR version you are running, but I get different results on 3.6.3 and 3.9.0. On 3.6.3 I get the same result as you: no matches. RP/0/7/CPU0:mormor#show bgp regexp ^$ | in /30 RP/0/7/CPU0:mormor# But on 3.9.0 it works as expected(?): RP/0/0/CPU0:melker#show bgp regexp ^$ | in /30 *i10.100.10.0/30 172.16.1.6 0100 0 ? * 10.100.10.132/30 0.0.0.0 0 32768 ? *i10.255.1.0/30 172.16.1.7 0100 0 ? *i160.198.7.0/30 172.16.1.10 0100 0 ? RP/0/0/CPU0:melker# And yes, there are other prefixes as well matching ^$: RP/0/0/CPU0:melker#show bgp regexp ^$ | utility wc -l 31 RP/0/0/CPU0:melker# Note: both routers are GSRs. -- Pelle RFC1925, truth 11: Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
Hi. I don't have any CRS-1 available, but I can't see why it wouldn't have that command. At least 3.6.3 and 3.9.0 doesn't have it (from 3.6.3 but same output on 3.9.0): RP/0/7/CPU0:mormor#show bgp ? snip/ paths Path information policy Preview advertisements under proposed policy processProcess information regexp Display routes matching the AS path regular expression route-policy Display only networks which match this route policy session-group Show config information on session groups snip/ RP/0/7/CPU0:mormor# -- Pelle RFC1925, truth 11: Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
On Thu, 2010-09-23 at 18:50 +0200, Per Carlson wrote: I don't have any CRS-1 available, but I can't see why it wouldn't have that command. At least 3.6.3 and 3.9.0 doesn't have it (from 3.6.3 but same output on 3.9.0): As far as I can tell from the docs[0] the show bgp regexp seems to accept quotes. Can you verify that by any chance? -- Peter [0]: http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.4/routing/command/reference/rr34bgp.html#wp1365992 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
As far as I can tell from the docs[0] the show bgp regexp seems to accept quotes. Can you verify that by any chance? It's in the man page as well: --8-- RP/0/7/CPU0:mormor#man command show bgp regexp Note If the regular expression contains spaces, it must be specified and surrounded by quotation marks. EXAMPLES The following is sample output from the show bgp regexp command: RP/0/RP0/CPU0:router# show bgp regexp ^3 BGP router identifier 10.0.0.5, local AS number 1 BGP main routing table version 64 BGP scan interval 60 secs Status codes: s suppressed, d damped, h history, * valid, best i - internal, S stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *i172.20.17.121 10.0.101.2 100 0 3 2000 3000 i *i10.0.0.0 10.0.101.2 100 0 3 100 1000 i *i172.5.23.0/24 10.0.101.2 100 0 3 4 60 4378 i --8-- But in practice, it doesn't work: RP/0/7/CPU0:mormor#show bgp regexp ^$ RP/0/7/CPU0:mormor# Trying to match a AS doesn't work either: RP/0/7/CPU0:mormor#show bgp regexp ^32 NetworkNext HopMetric LocPrf Weight Path *i10.100.0.0/16 10.100.10.1330100 0 32 i *i10.100.10.4/30 10.100.10.133 100 0 32 ? *i10.100.10.128/30 10.100.10.133 100 0 32 ? *i172.16.3.15/32 10.100.10.133 100 0 32 15 i *i172.16.3.32/32 10.100.10.1330100 0 32 i *i192.168.15.0/2410.100.10.133 100 0 32 15 i RP/0/7/CPU0:mormor# RP/0/7/CPU0:mormor#show bgp regexp ^32 RP/0/7/CPU0:mormor# RP/0/7/CPU0:mormor#show bgp regexp ^32 RP/0/7/CPU0:mormor# -- Pelle RFC1925, truth 11: Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
On Thu, 2010-09-23 at 19:07 +0200, Per Carlson wrote: As far as I can tell from the docs[0] the show bgp regexp seems to accept quotes. Can you verify that by any chance? It's in the man page as well: [...] But in practice, it doesn't work: RP/0/7/CPU0:mormor#show bgp regexp ^$ RP/0/7/CPU0:mormor# Way to go Cisco. Of course IOS XR isn't really a platform for serious networking and/or BGP. :-) -- Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] advertising a route not in IGP (summary)
And the winner is... ip eigrp summary-address leak-map. I spent all this time focusing on the BGP side (I've been crash-coursing BGP lately), not realizing that the summary-address command had gained new features in the 10 years since I last used it. :) *sigh* In the process, I also found a stupidity in my overall setup (I kept thinking it was a summary address but it was actually a static route), so now I have an opportunity to change the entire setup and make it nicely elegant. Win all around. Weee! Though I will want to understand bgp inject-map as well.. so much to learn. Thanks folks -bacon ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] prefix list question
Thank you Can I know what is different between 0.0.0.0/0 le 32 and 0.0.0.0/0 ? Thank you again On Thu, Sep 23, 2010 at 12:26 PM, Christopher Gatlin gatlin...@gmail.com wrote: Try this: ip prefix-list traffic-in seq 100 permit 0.0.0.0/0 le 32 Chris On Thu, Sep 23, 2010 at 11:15 AM, Deric Kwok deric.kwok2...@gmail.com wrote: Hi all What is the ip prefix-list traffic-in seq 100 permit any I can't use it Thank you ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] prefix list question
0.0.0.0/0 = matches the default route 0.0.0.0/0 le 32 = matches all prefixes http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfbgp1.html Chris On Thu, Sep 23, 2010 at 1:03 PM, Deric Kwok deric.kwok2...@gmail.comwrote: Thank you Can I know what is different between 0.0.0.0/0 le 32 and 0.0.0.0/0 ? Thank you again On Thu, Sep 23, 2010 at 12:26 PM, Christopher Gatlin gatlin...@gmail.com wrote: Try this: ip prefix-list traffic-in seq 100 permit 0.0.0.0/0 le 32 Chris On Thu, Sep 23, 2010 at 11:15 AM, Deric Kwok deric.kwok2...@gmail.com wrote: Hi all What is the ip prefix-list traffic-in seq 100 permit any I can't use it Thank you ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] prefix list question
Hi, On Thu, Sep 23, 2010 at 02:03:13PM -0400, Deric Kwok wrote: Can I know what is different between 0.0.0.0/0 le 32 This will permit anything (inside the /0, up to a /32). and 0.0.0.0/0 ? This will permit exactly the default route network 0.0.0.0, mask /0. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpZRFKAlJREw.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
Note If the regular expression contains spaces, it must be specified and surrounded by quotation marks. Tying up the some loose ends: quoting works fine in 3.9.0 RP/0/0/CPU0:melker#show bgp regexp ^32 NetworkNext HopMetric LocPrf Weight Path * 10.100.0.0/16 10.100.10.1330 0 32 i * 10.100.10.4/30 10.100.10.133 0 32 ? * 10.100.10.128/30 10.100.10.133 0 32 ? * 172.16.3.15/32 10.100.10.133 0 32 15 i * 172.16.3.30/32 10.100.10.133 0 32 15 30 i * 172.16.3.32/32 10.100.10.1330 0 32 i * 192.168.15.0/2410.100.10.133 0 32 15 i * 192.168.30.0/2410.100.10.133 0 32 15 30 i RP/0/0/CPU0:melker# RP/0/0/CPU0:melker#show bgp regexp ^32 NetworkNext HopMetric LocPrf Weight Path * 10.100.0.0/16 10.100.10.1330 0 32 i * 10.100.10.4/30 10.100.10.133 0 32 ? * 10.100.10.128/30 10.100.10.133 0 32 ? * 172.16.3.15/32 10.100.10.133 0 32 15 i * 172.16.3.30/32 10.100.10.133 0 32 15 30 i * 172.16.3.32/32 10.100.10.1330 0 32 i * 192.168.15.0/2410.100.10.133 0 32 15 i * 192.168.30.0/2410.100.10.133 0 32 15 30 i RP/0/0/CPU0:melker# RP/0/0/CPU0:melker#show bgp regexp ^32 NetworkNext HopMetric LocPrf Weight Path * 172.16.3.15/32 10.100.10.133 0 32 15 i * 172.16.3.30/32 10.100.10.133 0 32 15 30 i * 192.168.15.0/2410.100.10.133 0 32 15 i * 192.168.30.0/2410.100.10.133 0 32 15 30 i RP/0/0/CPU0:melker# -- Pelle RFC1925, truth 11: Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] STM querry
Thanks Aaron , if you have any supporting doc for same it will be very helpful for me. http://lmgtfy.com/?q=site%3Acisco.com+pa-mc-stm-1+config+guide -- Pelle RFC1925, truth 11: Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ASN geographical spread
I have used internet looking glasses and routeviews but I am actually looking for an equivalent of “sh ip ASN” (instead of “sh ip route”) where a certain ASN number’s presence on the internet can be deduced and then displayed on a geographical map (google maps). I think that GeoIP might have this feature but it runs only on Linux/Unix and I want something for my windows machine. The thing to keep in mind is that an AS's location on the internet is completely different to geographical location. You could dump whois information (possibly in XML already I think) for each AS and stick it on a map using the registered address. If you wanted to see which AS's were active, then filter out the ones that are not listed in a BGP path on routeviews for instance. (show ip bgp paths) Hope this helps.. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] advertising a route not in IGP (summary)
Congrats - glad you've found a solution!! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] DS3 Length over RG-6 or RG-59
I was mistaken; the Cisco cable I have is Belden 9555 RG-59/U. ~Seth - Reply message - From: Seth Mattinen se...@rollernet.us Date: Thu, Sep 23, 2010 08:34 Subject: [c-nsp] DS3 Length over RG-6 or RG-59 To: cisco-nsp@puck.nether.net On 9/22/10 10:31 PM, Jon Simola wrote: On Wed, Sep 22, 2010 at 1:31 PM, Peder pe...@networkoblivion.com wrote: Does anybody have a good rule of thumb as to what type of coax to use for DS3 over various distances? I know it has to be 75ohm, but have read it can be RG-59 or RG-6. I've only ever seen Coax 734 or 735 used in DS3 connections. 735 is good for 200 feet, 734 for up to 400 feet. RG-6 should work; I believe the Cisco DS3 cables are RG-6 with ferrites on each end and should be good up to 400 feet as well. I'll wander upstairs and pull the one I have in storage to double check. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] DS3 Length over RG-6 or RG-59
On 9/22/10 1:31 PM, Peder wrote: Does anybody have a good rule of thumb as to what type of coax to use for DS3 over various distances? I know it has to be 75ohm, but have read it can be RG-59 or RG-6. Also, on the RG-59 I have seen solid core and braided. We have to run a cable about 250' to the telco equipment thru a messy ceiling, so we only want to do it once with the correct cable. In the lab, we just use cheap RG-59 but I don't know if it will have issues over a distance of 250'. Thanks. I would recommend 734 type cable which is designed for DS3. It is similar in size to RG-59 but made to better tolerances than you're likely to find in RG-59. It's available in figure-8 twin configuration specifically for DS3 transmit/receive. The cable you'll typically find these days sold as RG-59 is designed for TV distribution and often has copper-clad steel center conductor instead of pure copper as well as aluminum foil shield with drain wires instead of copper braid. Terminating this stuff with BNC connectors is a pain. It's designed for the F-type connectors used in cable TV. Also ensure that you use 75-ohm BNC connectors. The insulator is shaped differently than the normal 50-ohm type commonly available. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
hi,Peter, quote-regexp is not accepted in IOX-XR but regexp. Stephen.Chen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] can I use | pipe line such as | inc xxx and regexp such as regexp ^$ both , when I execute show bgp
hi Pelle, It`s 3.6.3 here, thank you very much,now I know it`s coursed by different IOS-XR version release, Stephen.Chen 2010/9/24 Per Carlson pe...@hemmop.com Note If the regular expression contains spaces, it must be specified and surrounded by quotation marks. Tying up the some loose ends: quoting works fine in 3.9.0 RP/0/0/CPU0:melker#show bgp regexp ^32 NetworkNext HopMetric LocPrf Weight Path * 10.100.0.0/16 10.100.10.1330 0 32 i * 10.100.10.4/30 10.100.10.133 0 32 ? * 10.100.10.128/30 10.100.10.133 0 32 ? * 172.16.3.15/32 10.100.10.133 0 32 15 i * 172.16.3.30/32 10.100.10.133 0 32 15 30 i * 172.16.3.32/32 10.100.10.1330 0 32 i * 192.168.15.0/2410.100.10.133 0 32 15 i * 192.168.30.0/2410.100.10.133 0 32 15 30 i RP/0/0/CPU0:melker# RP/0/0/CPU0:melker#show bgp regexp ^32 NetworkNext HopMetric LocPrf Weight Path * 10.100.0.0/16 10.100.10.1330 0 32 i * 10.100.10.4/30 10.100.10.133 0 32 ? * 10.100.10.128/30 10.100.10.133 0 32 ? * 172.16.3.15/32 10.100.10.133 0 32 15 i * 172.16.3.30/32 10.100.10.133 0 32 15 30 i * 172.16.3.32/32 10.100.10.1330 0 32 i * 192.168.15.0/2410.100.10.133 0 32 15 i * 192.168.30.0/2410.100.10.133 0 32 15 30 i RP/0/0/CPU0:melker# RP/0/0/CPU0:melker#show bgp regexp ^32 NetworkNext HopMetric LocPrf Weight Path * 172.16.3.15/32 10.100.10.133 0 32 15 i * 172.16.3.30/32 10.100.10.133 0 32 15 30 i * 192.168.15.0/2410.100.10.133 0 32 15 i * 192.168.30.0/2410.100.10.133 0 32 15 30 i RP/0/0/CPU0:melker# -- Pelle RFC1925, truth 11: Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/