Re: [c-nsp] Re LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink)
Dear sethm R u taking about the username and password which is configure for ISDN. If username or password is different on both end then i believe isdn will not be triggered. In my case ISDN is triggering and i can access the router via telnet through the ISDN. i can also ping the branch LAN from HO by keeping the source IP as dialer of HO. But LAN (branch) to LAN (HO) traffic is not flowing and ping is not happing. Date: Tue, 26 Jul 2011 08:54:51 -0700 From: se...@rollernet.us To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Re LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink) On 7/26/11 6:01 AM, Farooq Razzaque wrote: Dear CJ Tanks for your reply yes the ISDN is up. Please find attached Topology observation during testing, show run of branch. You might want to go ahead and change your passwords, too. ~Seth ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Re LAN (Branch) to LAN (HO) traffic is not flowing on ISDN (backuplink)
On Wed, 2011-07-27 at 12:19 +0600, Farooq Razzaque wrote: R u taking about the username and password which is configure for ISDN. I think Seth was referring to the fact that you seem to have publicly posted your configuration without sanitizing it. One of the passwords is using type 7 obfuscation and if it's typical for the others they're probably not that hard to brute force. -- Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] iSCSI, port buffers, and small switches
On 27/07/2011 05:00, John Gill wrote: This paper is indeed a great read, it goes over some really good points of the buffering and queuing that are commonly misunderstood. All good points in this thread, I will make one small comment about the N5k here if one wanted to compare buffer sizes on paper: The N5k uses ingress buffering with virtual output queues. So when you oversubscribe a single egress interface, buffers available for use are proportional to the number sending to that interface. It essentially acts like a shared buffer. thing is, you can't really do a paper comparison of the n5k and 3560/3750 buffers - one model is store-n-forward, while the other is a cut-thru. This means that even though the n5k has relatively modest buffers by comparison, they go much further during normal operation because they're not routinely used unless there is port congestion. Unless of course, you mix-n-match 1G and 10G on the same chassis, which causes the n5k to implement per port store-n-forward on the 1G - 10G paths. However, this is usually a very poor idea (unless you know what you're doing). Interestingly, the Miercom-supervised Nexus5k vs Arista 7124 lab test of April 2010 uses ingress buffering + VOQs on the N5K to concoct some of their more extraordinary (but fully repeatable) results. I love that paper: the comparison methodology between the two switches is completely hilarious. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] changing buffer size on 4900M - discards
We are seeing discards on a newly installed 4900M, probably coming from the fact that most input to the C4900M is coming from routers connected to it on 10G lines and is going out on a 2G etherchannel, although the total load on the 2G channel is just about 250-300 Mb/s. The 2G connection goes to an IPS that will be replaced before the end of the year but until then I have to find a way around the discards. Based on the fact that the 4900M is normally mentioned as a switch with a good buffer capacity (compared to 37xx switches, see also threads of begin this week), I wonder if there is a way to change buffer size on the gigabit interfaces so that there will be less discards ? Anyone has a reference to a good document on buffer tuning (on 4900M) ? I know the 'buffers' command exists but for the moment I'm still trying to find out what buffers I should change (and into which values) to get rid of these discards. Greetings, Wim Holemans Netwerkdienst Universiteit Antwerpen Network Services University of Antwerp ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ip helper-address, VRF, and Windows 2008 DHCP Server
John Gill wrote: The DHCP DISCOVER should be a broadcast It should be a broadcast when exiting the client, i.e. on the client's subnet. The DHCP relay (helper-address funcionality) transforms it in an unicast packet from the (primary) IP of the router's interface facing the client, to the DHCP server. The server should reply to the source it sees, i.e. the IP of the router interface. The router should transform this into an IP broadcast to the MAC address of the client, or to the broadcast MAC address if the broadcast bit was set in the request. perhaps this is why your server doesn't reply to it. There must be some other reason, which I bet is buried in the event log or in some other log, if the server has a correct scope. I see nothing obviously wrong in that request. Client MAC address: Avaya_86:13:ed (b4:b0:17:86:13:ed) Option: (t=60,l=13) Vendor class identifier = ccp.avaya.com Maybe it's configured to avoid answering to Avaya phones or IP phones in general? This is not an uncommon setup. Bye, Bergonz -- Ing. Michele Bergonzoni - Laboratori Guglielmo Marconi S.p.a. Phone:+39-051-4392826 e-mail: berg...@labs.it alt.advanced.networks.design.configure.operate ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] iSCSI, port buffers, and small switches
Hi Nick, I agree they cannot be compared easily, and the reason I thought of the aside was to point out this kind of discrepancy, in case one were tempted to just use simple comparison of buffer sizes. Ingress vs. egress buffering changes things significantly. I hadn't considered your angle, let me think out loud: If a 3750 were to have no congestion, then the buffers would be routinely populated with one frame, or less, per active source interface because it's store and forward. If the n5k were to have no congestion, we only store enough to forward the frame and pass QoS/ACL checks, so yes it's less usage during no congestion. As soon as either platform sees congestion, we behave in a store-and-forward manner. I think there is a difference in having that buffer potentially less utilized, but it's going to be the space of a single frame at best in the 3750 and always just enough to make fwding decisions in the N5k, so it is true you will have more available buffer before congestion starts. However, once congestion starts, that stops being true, so I guess there is an advantage to having that buffer available at the start of the congestion. Depending on your MTU, this can buy you potentially around like 9k per interface - add on that the 3750 has some buffers shared and some reserved compared to the N5k using dedicated buffers per source, things look quite different in the datacenter than in the whitepapers, indeed. Regards, John Gill cisco On 7/27/11 4:37 AM, Nick Hilliard wrote: On 27/07/2011 05:00, John Gill wrote: This paper is indeed a great read, it goes over some really good points of the buffering and queuing that are commonly misunderstood. All good points in this thread, I will make one small comment about the N5k here if one wanted to compare buffer sizes on paper: The N5k uses ingress buffering with virtual output queues. So when you oversubscribe a single egress interface, buffers available for use are proportional to the number sending to that interface. It essentially acts like a shared buffer. thing is, you can't really do a paper comparison of the n5k and 3560/3750 buffers - one model is store-n-forward, while the other is a cut-thru. This means that even though the n5k has relatively modest buffers by comparison, they go much further during normal operation because they're not routinely used unless there is port congestion. Unless of course, you mix-n-match 1G and 10G on the same chassis, which causes the n5k to implement per port store-n-forward on the 1G - 10G paths. However, this is usually a very poor idea (unless you know what you're doing). Interestingly, the Miercom-supervised Nexus5k vs Arista 7124 lab test of April 2010 uses ingress buffering + VOQs on the N5K to concoct some of their more extraordinary (but fully repeatable) results. I love that paper: the comparison methodology between the two switches is completely hilarious. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] RPS 675 SNMP monitoring
That is called an Instance in SNMP terms. The instance could be seen as an index which serves to link different variables/tables in different MIBs. In your case polling OIDs in ENTITY-MIB with index 1003 (that is OID.Instance) should return all kind of information about PS in question like name, serial number and electrical parameters of PS. You might want to look at the following pages: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080204461.shtml http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094aa0.shtml On Wed, Jul 27, 2011 at 3:13 AM, Mike mike-cisconspl...@tiedyenetworks.com wrote: Hi, I've googled and have not gotten a good answer so please excuse me if I missed something obvious. I want to poll my cisco switches with snmp and verify they are on AC power and, if possible, verify that they also have the RPS connected and that it's reporting good status as well. I have looked over also the cisco-envmon-mib and it's not clear to me what variable(s) I should look at or which values would indicate 'good' and so forth. I *think* I want to be looking at: ciscoEnvMonSupplyState 1.3.6.1.4.1.9.9.13.1.5.1.3 ciscoEnvMonSupplySource 1.3.6.1.4.1.9.9.13.1.5.1.4 But on my switches, these aren't complete oid's. I need to add '.1003' to the end to get the value. And on another model of switch, I don't. So it seems inconsistient at best. I just want my monitoring system to throw alerts if it's ever observed that any switch is on RPS. Can anyone give me the oid's to look for and the values I should see? Thanks. Mike- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] max-conn reject code
Hi, Is there way to redefine reject code when max connections reached on voip dial-peer? Currently its no circuit/channel available, but we would like to prefer 17 - user busy. I could re-map all isdb failure codes using isdn network-failure-cause 17, but this seems not so good idea when real problem arise. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] RPS 675 SNMP monitoring
On 07/27/2011 10:51 AM, Andriy Bilous wrote: That is called an Instance in SNMP terms. The instance could be seen as an index which serves to link different variables/tables in different MIBs. In your case polling OIDs in ENTITY-MIB with index 1003 (that is OID.Instance) should return all kind of information about PS in question like name, serial number and electrical parameters of PS. You might want to look at the following pages: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080204461.shtml http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094aa0.shtml Ahh! Thank you very much, this appears to be exactly what is needed! Mike- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] just installed a Huawei...
Huawei got into a bit of trouble a couple of years back. Cisco sued them for copying their CLI, claiming that it gave them an unfair cost advantage by requiring less investment in training, or some such. But they also found that the Huawei manuals contained large slabs of text copied seemingly word for word (bar s/Cisco/Huawei) from Cisco manuals/website. Can you post a full config (sans passwords/etc) so we can really see how different it is? Maybe some CLI outputs too? :-) On 26 July 2011 05:51, Rogelio scubac...@gmail.com wrote: Not sure if it's any interest of this group, but I just installed a Huawei CX600 router this last week. It's like Cisco quality (garbage!) for the price that Cisco should be (low!). The commands are very similar (e.g. switchport - portswitch, no shut - undo shut, etc), and you configure it almost identical to what you'd expect on a Cisco. The worst part about the Huawei is probably the documentation. It's scattered all over the place, so if you want something simple (like telnet access), it's in a completely different PDF than if you want, say, VLAN configuration commands. Finding it all is a huge scavenger hunt. But hey...for like a 1/4 of the price or whatever (so I've heard), I'd say it's worth it. :b -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] ME3600X Netflow and WCCP?
All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. Thanks, -- Colby Glass Network Engineer http://blog.alwaysthenetwork.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] just installed a Huawei...
How does this differ from what Foundry did? :) The CLI in the fast iron or server iron gear for example is pretty damn similar. The router bgp commands were absolutely the same and the only difference was the way that foundry named interfaces. (ethernet x/x instead of distinguishing between gig / fast E etc). Route-maps, basic routing, and I'd say 95% of the interface was a rip off of IOS. Even down to show ver.:) Something about Flattery or some such! Scott -Original Message- From: Tom Storey Sent: Wednesday, July 27, 2011 4:20 PM To: scubac...@gmail.com Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] just installed a Huawei... Huawei got into a bit of trouble a couple of years back. Cisco sued them for copying their CLI, claiming that it gave them an unfair cost advantage by requiring less investment in training, or some such. But they also found that the Huawei manuals contained large slabs of text copied seemingly word for word (bar s/Cisco/Huawei) from Cisco manuals/website. Can you post a full config (sans passwords/etc) so we can really see how different it is? Maybe some CLI outputs too? :-) On 26 July 2011 05:51, Rogelio scubac...@gmail.com wrote: Not sure if it's any interest of this group, but I just installed a Huawei CX600 router this last week. It's like Cisco quality (garbage!) for the price that Cisco should be (low!). The commands are very similar (e.g. switchport - portswitch, no shut - undo shut, etc), and you configure it almost identical to what you'd expect on a Cisco. The worst part about the Huawei is probably the documentation. It's scattered all over the place, so if you want something simple (like telnet access), it's in a completely different PDF than if you want, say, VLAN configuration commands. Finding it all is a huge scavenger hunt. But hey...for like a 1/4 of the price or whatever (so I've heard), I'd say it's worth it. :b -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Active Portchannel - Adding new member fails
Hi, Have an active portchan that currently has one 100Mb port - Trying to add second port, I am getting the following in the logs: Jul 27 22:17:44.744 GMT+10: %EC-5-CANNOT_BUNDLE2: Fa0/20 is not compatible with Fa0/21 and will be suspended (trunk mode of Fa0/20 is trunk, Fa0/21 is dynamic) Both Fa0/20 + Fa0/21 are configured the same(20 currently shutdown): interface FastEthernet0/20 description trunk to esw02-bne switchport trunk allowed vlan 1,11,12,14,30,35,68,99,100,103,104,106-108,112 switchport trunk allowed vlan add 113,115,120-123,129,132-136,138,156,158,160 switchport trunk allowed vlan add 206,289,311,312,340,345,377-396,398,399,402 switchport trunk allowed vlan add 422,444,472,473,475,478-488,492,493,497,498 switchport trunk allowed vlan add 500,546,590,591,700,801-806,808,809,811-815 switchport trunk allowed vlan add 865,866,868,869,957,970,973,974,978,987,1829 switchport trunk allowed vlan add 2501,2506,2516,2518-2525 switchport mode trunk switchport nonegotiate shutdown mls qos trust dscp no cdp enable channel-group 2 mode on spanning-tree bpdufilter enable spanning-tree guard root interface FastEthernet0/21 description FEC_TO_ESW02_P2 switchport trunk allowed vlan 1,11,12,14,30,35,68,99,100,103,104,106-108,112 switchport trunk allowed vlan add 113,115,120-123,129,132-136,138,156,158,160 switchport trunk allowed vlan add 206,289,311,312,340,345,377-396,398,399,402 switchport trunk allowed vlan add 422,444,472,473,475,478-488,492,493,497,498 switchport trunk allowed vlan add 500,546,590,591,700,801-806,808,809,811-815 switchport trunk allowed vlan add 865,866,868,869,957,970,973,974,978,987,1829 switchport trunk allowed vlan add 2501,2506,2516,2518-2525 switchport mode trunk switchport nonegotiate mls qos trust dscp no cdp enable channel-group 2 mode on spanning-tree bpdufilter enable spanning-tree guard root And switchports are not reporting as dynamic: #sh int fastEthernet 0/20 switchport Name: Fa0/20 Switchport: Enabled Administrative Mode: trunk Operational Mode: down (suspended member of bundle Po2) Administrative Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none #sh int fastEthernet 0/21 switchport Name: Fa0/21 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk (member of bundle Po2) Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none The switch causing the problems is C2950G-24-EI - Is this a known bug...any suggestions on work-around? Thanks in advance. - This e-mail was sent via GCOMM WebMail http://www.gcomm.com.au/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface cr systems02.151front71(config-if)#ip wccp ? 0-254Dynamically defined service identifier number redirect Set packet redirection options web-cache Standard web caching service systems02.151front71(config-if)# This is on 12.2(52)EY1 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] just installed a Huawei...
I don't think foundry was sued or stated that they stopped shipping stolen IOS source. John Gill cisco On 7/27/11 4:52 PM, Scott Granados wrote: How does this differ from what Foundry did? :) The CLI in the fast iron or server iron gear for example is pretty damn similar. The router bgp commands were absolutely the same and the only difference was the way that foundry named interfaces. (ethernet x/x instead of distinguishing between gig / fast E etc). Route-maps, basic routing, and I'd say 95% of the interface was a rip off of IOS. Even down to show ver.:) Something about Flattery or some such! Scott -Original Message- From: Tom Storey Sent: Wednesday, July 27, 2011 4:20 PM To: scubac...@gmail.com Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] just installed a Huawei... Huawei got into a bit of trouble a couple of years back. Cisco sued them for copying their CLI, claiming that it gave them an unfair cost advantage by requiring less investment in training, or some such. But they also found that the Huawei manuals contained large slabs of text copied seemingly word for word (bar s/Cisco/Huawei) from Cisco manuals/website. Can you post a full config (sans passwords/etc) so we can really see how different it is? Maybe some CLI outputs too? :-) On 26 July 2011 05:51, Rogelio scubac...@gmail.com wrote: Not sure if it's any interest of this group, but I just installed a Huawei CX600 router this last week. It's like Cisco quality (garbage!) for the price that Cisco should be (low!). The commands are very similar (e.g. switchport - portswitch, no shut - undo shut, etc), and you configure it almost identical to what you'd expect on a Cisco. The worst part about the Huawei is probably the documentation. It's scattered all over the place, so if you want something simple (like telnet access), it's in a completely different PDF than if you want, say, VLAN configuration commands. Finding it all is a huge scavenger hunt. But hey...for like a 1/4 of the price or whatever (so I've heard), I'd say it's worth it. :b -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Active Portchannel - Adding new member fails
On Thu, 2011-07-28 at 06:28 +1000, m...@adv.gcomm.com.au wrote: Jul 27 22:17:44.744 GMT+10: %EC-5-CANNOT_BUNDLE2: Fa0/20 is not compatible with Fa0/21 and will be suspended (trunk mode of Fa0/20 is trunk, Fa0/21 is dynamic) Both Fa0/20 + Fa0/21 are configured the same(20 currently shutdown): Could you post the Po2 configuration also? #sh int fastEthernet 0/20 switchport Name: Fa0/20 And show interface Po2 switchport too. Could it be that the port-channel interface is somehow regarded as dynamic? I know that Fa0/21 shouldn't be able to be a member then, so it's a long shot. I personally have no experience with port-channels on 2950. -- Peter ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Active Portchannel - Adding new member fails
Can you check the config on port-channel 2? perhaps there is difference between port trunk config of 0/20 and the channel trunk config. Regards, John Gill cisco On 7/27/11 4:28 PM, m...@adv.gcomm.com.au wrote: Hi, Have an active portchan that currently has one 100Mb port - Trying to add second port, I am getting the following in the logs: Jul 27 22:17:44.744 GMT+10: %EC-5-CANNOT_BUNDLE2: Fa0/20 is not compatible with Fa0/21 and will be suspended (trunk mode of Fa0/20 is trunk, Fa0/21 is dynamic) Both Fa0/20 + Fa0/21 are configured the same(20 currently shutdown): interface FastEthernet0/20 description trunk to esw02-bne switchport trunk allowed vlan 1,11,12,14,30,35,68,99,100,103,104,106-108,112 switchport trunk allowed vlan add 113,115,120-123,129,132-136,138,156,158,160 switchport trunk allowed vlan add 206,289,311,312,340,345,377-396,398,399,402 switchport trunk allowed vlan add 422,444,472,473,475,478-488,492,493,497,498 switchport trunk allowed vlan add 500,546,590,591,700,801-806,808,809,811-815 switchport trunk allowed vlan add 865,866,868,869,957,970,973,974,978,987,1829 switchport trunk allowed vlan add 2501,2506,2516,2518-2525 switchport mode trunk switchport nonegotiate shutdown mls qos trust dscp no cdp enable channel-group 2 mode on spanning-tree bpdufilter enable spanning-tree guard root interface FastEthernet0/21 description FEC_TO_ESW02_P2 switchport trunk allowed vlan 1,11,12,14,30,35,68,99,100,103,104,106-108,112 switchport trunk allowed vlan add 113,115,120-123,129,132-136,138,156,158,160 switchport trunk allowed vlan add 206,289,311,312,340,345,377-396,398,399,402 switchport trunk allowed vlan add 422,444,472,473,475,478-488,492,493,497,498 switchport trunk allowed vlan add 500,546,590,591,700,801-806,808,809,811-815 switchport trunk allowed vlan add 865,866,868,869,957,970,973,974,978,987,1829 switchport trunk allowed vlan add 2501,2506,2516,2518-2525 switchport mode trunk switchport nonegotiate mls qos trust dscp no cdp enable channel-group 2 mode on spanning-tree bpdufilter enable spanning-tree guard root And switchports are not reporting as dynamic: #sh int fastEthernet 0/20 switchport Name: Fa0/20 Switchport: Enabled Administrative Mode: trunk Operational Mode: down (suspended member of bundle Po2) Administrative Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none #sh int fastEthernet 0/21 switchport Name: Fa0/21 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk (member of bundle Po2) Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none The switch causing the problems is C2950G-24-EI - Is this a known bug...any suggestions on work-around? Thanks in advance. - This e-mail was sent via GCOMM WebMail http://www.gcomm.com.au/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Active Portchannel - Adding new member fails
Quoting Peter Rathlev pe...@rathlev.dk: On Thu, 2011-07-28 at 06:28 +1000, m...@adv.gcomm.com.au wrote: Jul 27 22:17:44.744 GMT+10: %EC-5-CANNOT_BUNDLE2: Fa0/20 is not compatible with Fa0/21 and will be suspended (trunk mode of Fa0/20 is trunk, Fa0/21 is dynamic) Both Fa0/20 + Fa0/21 are configured the same(20 currently shutdown): Could you post the Po2 configuration also? #sh int fastEthernet 0/20 switchport Name: Fa0/20 And show interface Po2 switchport too. Could it be that the port-channel interface is somehow regarded as dynamic? I know that Fa0/21 shouldn't be able to be a member then, so it's a long shot. I personally have no experience with port-channels on 2950. Thanks for the response: interface Port-channel2 description FEC_TO_ESW02_BNE switchport trunk allowed vlan 1,11,12,14,30,35,68,99,100,103,104,106-108,112 switchport trunk allowed vlan add 113,115,120-123,129,132-136,138,156,158,160 switchport trunk allowed vlan add 206,289,311,312,340,345,377-396,398,399,402 switchport trunk allowed vlan add 422,444,472,473,475,478-488,492,493,497,498 switchport trunk allowed vlan add 500,546,590,591,700,801-806,808,809,811-815 switchport trunk allowed vlan add 865,866,868,869,957,970,973,974,978,987,1829 switchport trunk allowed vlan add 2501,2506,2516,2518-2525 switchport mode trunk switchport nonegotiate #sh interface port-channel 2 switchport Name: Po2 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none - This e-mail was sent via GCOMM WebMail http://www.gcomm.com.au/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] just installed a Huawei...
I'm not sure about that. Not sure about the legal action side but the stolen source part I think there's some background to. -Original Message- From: John Gill Sent: Wednesday, July 27, 2011 5:36 PM To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] just installed a Huawei... I don't think foundry was sued or stated that they stopped shipping stolen IOS source. John Gill cisco On 7/27/11 4:52 PM, Scott Granados wrote: How does this differ from what Foundry did? :) The CLI in the fast iron or server iron gear for example is pretty damn similar. The router bgp commands were absolutely the same and the only difference was the way that foundry named interfaces. (ethernet x/x instead of distinguishing between gig / fast E etc). Route-maps, basic routing, and I'd say 95% of the interface was a rip off of IOS. Even down to show ver.:) Something about Flattery or some such! Scott -Original Message- From: Tom Storey Sent: Wednesday, July 27, 2011 4:20 PM To: scubac...@gmail.com Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] just installed a Huawei... Huawei got into a bit of trouble a couple of years back. Cisco sued them for copying their CLI, claiming that it gave them an unfair cost advantage by requiring less investment in training, or some such. But they also found that the Huawei manuals contained large slabs of text copied seemingly word for word (bar s/Cisco/Huawei) from Cisco manuals/website. Can you post a full config (sans passwords/etc) so we can really see how different it is? Maybe some CLI outputs too? :-) On 26 July 2011 05:51, Rogelio scubac...@gmail.com wrote: Not sure if it's any interest of this group, but I just installed a Huawei CX600 router this last week. It's like Cisco quality (garbage!) for the price that Cisco should be (low!). The commands are very similar (e.g. switchport - portswitch, no shut - undo shut, etc), and you configure it almost identical to what you'd expect on a Cisco. The worst part about the Huawei is probably the documentation. It's scattered all over the place, so if you want something simple (like telnet access), it's in a completely different PDF than if you want, say, VLAN configuration commands. Finding it all is a huge scavenger hunt. But hey...for like a 1/4 of the price or whatever (so I've heard), I'd say it's worth it. :b -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] just installed a Huawei...
On 7/27/2011 4:52 PM, Scott Granados wrote: How does this differ from what Foundry did? :) The CLI in the fast iron or server iron gear for example is pretty damn similar. The router bgp commands were absolutely the same and the only difference was the way that foundry named interfaces. (ethernet x/x instead of distinguishing between gig / fast E etc). Route-maps, basic routing, and I'd say 95% of the interface was a rip off of IOS. Even down to show ver.:) Well, I really really wish Foundry had copied the vlan management. Foundry's (and HP's) just seem totally backwards :) [I like my vlan assignments with my interfaces, thank you very much] Jeff ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cable modems that support ipsec
You might want to look at putting the relevant modems in a vrf, if that design model works for you. Walter Keen Network Engineer Rainier Connect (P) 360-832-4024 (C) 253-302-0194 On 07/27/2011 03:15 PM, Jason Ellison wrote: All, Does anyone know of any cable modems that support IPSEC (not passthru). I'm trying to build a secure network over a private HFC cable network. But we went really low end on the CMTS DOCSIS 1.1... While I could just use cheap modems with a IPSEC device behind it, I would like to reduce the complexity and number of devices at each location. Thanks for any suggestions. Jason Ellison info...@gmail.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cable modems that support ipsec
I believe you can still buy a cable HWIC for the 1800 series routers or the 815-VPN device would probably do what you want. Phil On 7/27/11 6:15 PM, Jason Ellison info...@gmail.com wrote: All, Does anyone know of any cable modems that support IPSEC (not passthru). I'm trying to build a secure network over a private HFC cable network. But we went really low end on the CMTS DOCSIS 1.1... While I could just use cheap modems with a IPSEC device behind it, I would like to reduce the complexity and number of devices at each location. Thanks for any suggestions. Jason Ellison info...@gmail.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
Thanks guys. Before posting, I noticed that it's listed in the unsupported commands of an older IOS, but not in the newer one. That gave me some hope. Though, none of the guides I saw listed anything for configuring WCCP or Netflow. The feature nav listed WCCP Version 2 though. It's not looking good. On Wed, Jul 27, 2011 at 5:59 PM, Sigurbjörn Birkir Lárusson sigurbjo...@vodafone.is wrote: I wouldn't trust that, you can configure stuff on the ME3600X that doesn't actually work (or in fact do anything at all) in practice, you can even configure stuff that is in the manual, and is supposed to work, but still doesn't work ;) I turned on flow on a couple of interfaces, turned on top-talkers and got nothing. I then setup netcat to listen to a UDP port, configured export to send it, and according to show ip flow export it's not exporting anything. It also doesn't bode well for the support that ip flow-export is in the list of unsupported commands in the configuration guide, nor does the fact that there is only one reference to wccp in the configuration guide and that's under the traffic-classifier for the CPU traffic... Kind regards, Sibbi Þann 27.7.2011 21:31, skrifaði Jason Lixfeld ja...@lixfeld.ca: On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface cr systems02.151front71(config-if)#ip wccp ? 0-254Dynamically defined service identifier number redirect Set packet redirection options web-cache Standard web caching service systems02.151front71(config-if)# This is on 12.2(52)EY1 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Colby Glass Network Engineer http://blog.alwaysthenetwork.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Are line protocol and LIT the same?
Lukasz, it looks like the default value for keepalive packet is 10s. However, if I disconnect the other end from my switch port, the line protocol will be down immediately. How to explain this? In addition, there are interfaces, which by default don't have keepaive set(for example WS-C3750G-24TS SFP interfaces). They have Keepalive not set under show interfaces output. However, they still have line protocol is up (connected).. How to explain this? regards, martin 2011/4/26 Lukasz Bromirski luk...@bromirski.net: On 2011-04-26 01:11, Martin T wrote: When Cisco switch or router port is connected, it has status line protocol is up. As far as I know, this applies to all interface types(10BASE-T, 100BASE-TX, 1000BASE-T, 1000BASE-LX10, 1000BASE-SX etc with different transceivers). What is this line protocol? I always thought line protocol is up once any electrical pulses are detected by Rx. Or is line protocol strictly link integrity test(LIT) pulses(100-200ns of electrical pulses with 16ms+/-8ms interval)? Any clarification would be much appreciated. Line protocol for Ethernet interfaces is Ethernet frame. Cisco boxes send Ethernet keepalive frame and when it doesn't loop back, they declare line protocol down: http://www.cisco.com/en/US/docs/ios/12_3/interface/command/reference/int_i1g.html#wp1154231 -- There's no sense in being precise when | Łukasz Bromirski you don't know what you're talking | jid:lbromir...@jabber.org about. John von Neumann | http://lukasz.bromirski.net ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
ME3600X does not support Netflow and WCCP in the current release. If the configuration guide does not cover the features then it is not be supported. Netflow and WCCP features are not covered in the configuration guide. -Waris -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Colby Glass Sent: Wednesday, July 27, 2011 4:27 PM To: Sigurbjörn Birkir Lárusson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks guys. Before posting, I noticed that it's listed in the unsupported commands of an older IOS, but not in the newer one. That gave me some hope. Though, none of the guides I saw listed anything for configuring WCCP or Netflow. The feature nav listed WCCP Version 2 though. It's not looking good. On Wed, Jul 27, 2011 at 5:59 PM, Sigurbjörn Birkir Lárusson sigurbjo...@vodafone.is wrote: I wouldn't trust that, you can configure stuff on the ME3600X that doesn't actually work (or in fact do anything at all) in practice, you can even configure stuff that is in the manual, and is supposed to work, but still doesn't work ;) I turned on flow on a couple of interfaces, turned on top-talkers and got nothing. I then setup netcat to listen to a UDP port, configured export to send it, and according to show ip flow export it's not exporting anything. It also doesn't bode well for the support that ip flow-export is in the list of unsupported commands in the configuration guide, nor does the fact that there is only one reference to wccp in the configuration guide and that's under the traffic-classifier for the CPU traffic... Kind regards, Sibbi Þann 27.7.2011 21:31, skrifaði Jason Lixfeld ja...@lixfeld.ca: On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface cr systems02.151front71(config-if)#ip wccp ? 0-254Dynamically defined service identifier number redirect Set packet redirection options web-cache Standard web caching service systems02.151front71(config-if)# This is on 12.2(52)EY1 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Colby Glass Network Engineer http://blog.alwaysthenetwork.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
What sort of timeframes are we now looking at for the next release of code for the ME3600/3800X's? There was some talk about new software supporting VPLS related features coming out in June, and a bunch of 15.0(SE) releases has just turned up on CCO for the lower end floor switches like the 3560/3750s.. Reuben On 28/07/2011 9:50 AM, Waris Sagheer (waris) wrote: ME3600X does not support Netflow and WCCP in the current release. If the configuration guide does not cover the features then it is not be supported. Netflow and WCCP features are not covered in the configuration guide. -Waris -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Colby Glass Sent: Wednesday, July 27, 2011 4:27 PM To: Sigurbjörn Birkir Lárusson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks guys. Before posting, I noticed that it's listed in the unsupported commands of an older IOS, but not in the newer one. That gave me some hope. Though, none of the guides I saw listed anything for configuring WCCP or Netflow. The feature nav listed WCCP Version 2 though. It's not looking good. On Wed, Jul 27, 2011 at 5:59 PM, Sigurbjörn Birkir Lárusson sigurbjo...@vodafone.is wrote: I wouldn't trust that, you can configure stuff on the ME3600X that doesn't actually work (or in fact do anything at all) in practice, you can even configure stuff that is in the manual, and is supposed to work, but still doesn't work ;) I turned on flow on a couple of interfaces, turned on top-talkers and got nothing. I then setup netcat to listen to a UDP port, configured export to send it, and according to show ip flow export it's not exporting anything. It also doesn't bode well for the support that ip flow-export is in the list of unsupported commands in the configuration guide, nor does the fact that there is only one reference to wccp in the configuration guide and that's under the traffic-classifier for the CPU traffic... Kind regards, Sibbi Þann 27.7.2011 21:31, skrifaði Jason Lixfeldja...@lixfeld.ca: On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface cr systems02.151front71(config-if)#ip wccp ? 0-254 Dynamically defined service identifier number redirect Set packet redirection options web-cache Standard web caching service systems02.151front71(config-if)# This is on 12.2(52)EY1 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
15.1(2)EY is scheduled to be posted on CCO on July 30th, 2011. It'll support VPLS on ME3800X and ME3600X. -Waris -Original Message- From: Reuben Farrelly [mailto:reuben-cisco-...@reub.net] Sent: Wednesday, July 27, 2011 5:12 PM To: Waris Sagheer (waris) Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? What sort of timeframes are we now looking at for the next release of code for the ME3600/3800X's? There was some talk about new software supporting VPLS related features coming out in June, and a bunch of 15.0(SE) releases has just turned up on CCO for the lower end floor switches like the 3560/3750s.. Reuben On 28/07/2011 9:50 AM, Waris Sagheer (waris) wrote: ME3600X does not support Netflow and WCCP in the current release. If the configuration guide does not cover the features then it is not be supported. Netflow and WCCP features are not covered in the configuration guide. -Waris -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Colby Glass Sent: Wednesday, July 27, 2011 4:27 PM To: Sigurbjörn Birkir Lárusson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks guys. Before posting, I noticed that it's listed in the unsupported commands of an older IOS, but not in the newer one. That gave me some hope. Though, none of the guides I saw listed anything for configuring WCCP or Netflow. The feature nav listed WCCP Version 2 though. It's not looking good. On Wed, Jul 27, 2011 at 5:59 PM, Sigurbjörn Birkir Lárusson sigurbjo...@vodafone.is wrote: I wouldn't trust that, you can configure stuff on the ME3600X that doesn't actually work (or in fact do anything at all) in practice, you can even configure stuff that is in the manual, and is supposed to work, but still doesn't work ;) I turned on flow on a couple of interfaces, turned on top-talkers and got nothing. I then setup netcat to listen to a UDP port, configured export to send it, and according to show ip flow export it's not exporting anything. It also doesn't bode well for the support that ip flow-export is in the list of unsupported commands in the configuration guide, nor does the fact that there is only one reference to wccp in the configuration guide and that's under the traffic-classifier for the CPU traffic... Kind regards, Sibbi Þann 27.7.2011 21:31, skrifaði Jason Lixfeldja...@lixfeld.ca: On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface cr systems02.151front71(config-if)#ip wccp ? 0-254 Dynamically defined service identifier number redirect Set packet redirection options web-cache Standard web caching service systems02.151front71(config-if)# This is on 12.2(52)EY1 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
Thanks. So the config guides are the definitive resource as far as features? I would expect the feature navigator (which listed WCCP v2 on the ME3600) to be the end-all, be-all. Either way though, thanks for clearing it up. On Wed, Jul 27, 2011 at 7:50 PM, Waris Sagheer (waris) wa...@cisco.comwrote: ME3600X does not support Netflow and WCCP in the current release. If the configuration guide does not cover the features then it is not be supported. Netflow and WCCP features are not covered in the configuration guide. -Waris -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto: cisco-nsp-boun...@puck.nether.net] On Behalf Of Colby Glass Sent: Wednesday, July 27, 2011 4:27 PM To: Sigurbjörn Birkir Lárusson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks guys. Before posting, I noticed that it's listed in the unsupported commands of an older IOS, but not in the newer one. That gave me some hope. Though, none of the guides I saw listed anything for configuring WCCP or Netflow. The feature nav listed WCCP Version 2 though. It's not looking good. On Wed, Jul 27, 2011 at 5:59 PM, Sigurbjörn Birkir Lárusson sigurbjo...@vodafone.is wrote: I wouldn't trust that, you can configure stuff on the ME3600X that doesn't actually work (or in fact do anything at all) in practice, you can even configure stuff that is in the manual, and is supposed to work, but still doesn't work ;) I turned on flow on a couple of interfaces, turned on top-talkers and got nothing. I then setup netcat to listen to a UDP port, configured export to send it, and according to show ip flow export it's not exporting anything. It also doesn't bode well for the support that ip flow-export is in the list of unsupported commands in the configuration guide, nor does the fact that there is only one reference to wccp in the configuration guide and that's under the traffic-classifier for the CPU traffic... Kind regards, Sibbi Þann 27.7.2011 21:31, skrifaði Jason Lixfeld ja...@lixfeld.ca: On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface cr systems02.151front71(config-if)#ip wccp ? 0-254Dynamically defined service identifier number redirect Set packet redirection options web-cache Standard web caching service systems02.151front71(config-if)# This is on 12.2(52)EY1 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Colby Glass Network Engineer http://blog.alwaysthenetwork.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Colby Glass Network Engineer http://blog.alwaysthenetwork.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Are line protocol and LIT the same?
There are more measured than simple keep alives. If you pull an interface you lose carrier, timing, frames, and other various components of the communication method in question. When you view an interface the first up indicates that the interface is enabled and the line protocol means that in a down state you're not receiving anything valid in terms of your communications protocol of choice. -Original Message- From: Martin T Sent: Wednesday, July 27, 2011 7:37 PM To: Lukasz Bromirski Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Are line protocol and LIT the same? Lukasz, it looks like the default value for keepalive packet is 10s. However, if I disconnect the other end from my switch port, the line protocol will be down immediately. How to explain this? In addition, there are interfaces, which by default don't have keepaive set(for example WS-C3750G-24TS SFP interfaces). They have Keepalive not set under show interfaces output. However, they still have line protocol is up (connected).. How to explain this? regards, martin 2011/4/26 Lukasz Bromirski luk...@bromirski.net: On 2011-04-26 01:11, Martin T wrote: When Cisco switch or router port is connected, it has status line protocol is up. As far as I know, this applies to all interface types(10BASE-T, 100BASE-TX, 1000BASE-T, 1000BASE-LX10, 1000BASE-SX etc with different transceivers). What is this line protocol? I always thought line protocol is up once any electrical pulses are detected by Rx. Or is line protocol strictly link integrity test(LIT) pulses(100-200ns of electrical pulses with 16ms+/-8ms interval)? Any clarification would be much appreciated. Line protocol for Ethernet interfaces is Ethernet frame. Cisco boxes send Ethernet keepalive frame and when it doesn't loop back, they declare line protocol down: http://www.cisco.com/en/US/docs/ios/12_3/interface/command/reference/int_i1g.html#wp1154231 -- There's no sense in being precise when | Łukasz Bromirski you don't know what you're talking | jid:lbromir...@jabber.org about. John von Neumann |http://lukasz.bromirski.net ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
We'll fix the feature navigator. Thanks for your feedback. -Waris From: Colby Glass [mailto:colbycciest...@gmail.com] Sent: Wednesday, July 27, 2011 6:32 PM To: Waris Sagheer (waris) Cc: Sigurbjörn Birkir Lárusson; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks. So the config guides are the definitive resource as far as features? I would expect the feature navigator (which listed WCCP v2 on the ME3600) to be the end-all, be-all. Either way though, thanks for clearing it up. On Wed, Jul 27, 2011 at 7:50 PM, Waris Sagheer (waris) wa...@cisco.com wrote: ME3600X does not support Netflow and WCCP in the current release. If the configuration guide does not cover the features then it is not be supported. Netflow and WCCP features are not covered in the configuration guide. -Waris -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Colby Glass Sent: Wednesday, July 27, 2011 4:27 PM To: Sigurbjörn Birkir Lárusson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks guys. Before posting, I noticed that it's listed in the unsupported commands of an older IOS, but not in the newer one. That gave me some hope. Though, none of the guides I saw listed anything for configuring WCCP or Netflow. The feature nav listed WCCP Version 2 though. It's not looking good. On Wed, Jul 27, 2011 at 5:59 PM, Sigurbjörn Birkir Lárusson sigurbjo...@vodafone.is wrote: I wouldn't trust that, you can configure stuff on the ME3600X that doesn't actually work (or in fact do anything at all) in practice, you can even configure stuff that is in the manual, and is supposed to work, but still doesn't work ;) I turned on flow on a couple of interfaces, turned on top-talkers and got nothing. I then setup netcat to listen to a UDP port, configured export to send it, and according to show ip flow export it's not exporting anything. It also doesn't bode well for the support that ip flow-export is in the list of unsupported commands in the configuration guide, nor does the fact that there is only one reference to wccp in the configuration guide and that's under the traffic-classifier for the CPU traffic... Kind regards, Sibbi Þann 27.7.2011 21:31, skrifaði Jason Lixfeld ja...@lixfeld.ca: On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface cr systems02.151front71(config-if)#ip wccp ? 0-254Dynamically defined service identifier number redirect Set packet redirection options web-cache Standard web caching service systems02.151front71(config-if)# This is on 12.2(52)EY1 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Colby Glass Network Engineer http://blog.alwaysthenetwork.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Colby Glass Network Engineer http://blog.alwaysthenetwork.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 15.0(SE) 3560 was ME3600X Netflow and WCCP?
Hi, Can anyone find any release note info in regards to 15.0(SE) on 3560's? Regards, Daniel -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Reuben Farrelly Sent: Thursday, 28 July 2011 8:12 AM To: Waris Sagheer (waris) Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? What sort of timeframes are we now looking at for the next release of code for the ME3600/3800X's? There was some talk about new software supporting VPLS related features coming out in June, and a bunch of 15.0(SE) releases has just turned up on CCO for the lower end floor switches like the 3560/3750s.. Reuben ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 15.0(SE) 3560 was ME3600X Netflow and WCCP?
Yes: http://www.cisco.com/en/US/products/ps11781/prod_release_notes_list.html Doesn't seem like much difference between 12.2(58)SE and 15.0(1)SE in terms of either features or bug fixes, so if you've taken the (brave) plunge and are already running 12.2(58)SE it looks like a fairly minor upgrade. Reuben On 28/07/2011 1:13 PM, Daniel Hooper wrote: Hi, Can anyone find any release note info in regards to 15.0(SE) on 3560's? Regards, Daniel ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ME3600X Netflow and WCCP?
Waris, Thanks for the input and taking the feedback into consideration to fix the FN. Colby, I've seen time and time again, people expecting to position this platform in an environment other than what it is intended for. I'm not calling out anyone in particular on this list but I've seen mentions in the past about these features as well as others, and why they aren't included/supported. Features like netflow and wccp, in my humble opinion are better suited for a routing platform. The 3600/3800 metro ethernet switches, as well as earlier 3400(E) series are meant for metro ethernet handoff circuit like functionality, tripple play scenarios, and more recently mobile backhaul, to name a few. I am curious to know more about in what specific position you client is looking to deploy this platform, as there may be a better alternative to suit your and your clients' needs. I would be happy to lend other suggestions for a deployment platform choice, as I'm sure will others. What type of hand-off is their SP giving them. What are they looking to accomplish? Is it simply an ethernet handoff where they are looking for flow data? Do they need to do MPLS-TE? Will VRF lite suffice? Any other advanced features? Hope I can be of assistance. - Ed -Original Message- From: Waris Sagheer (waris) wa...@cisco.com Sender: cisco-nsp-boun...@puck.nether.net Date: Wed, 27 Jul 2011 20:30:09 To: Colby Glasscolbycciest...@gmail.com Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? We'll fix the feature navigator. Thanks for your feedback. -Waris From: Colby Glass [mailto:colbycciest...@gmail.com] Sent: Wednesday, July 27, 2011 6:32 PM To: Waris Sagheer (waris) Cc: Sigurbjörn Birkir Lárusson; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks. So the config guides are the definitive resource as far as features? I would expect the feature navigator (which listed WCCP v2 on the ME3600) to be the end-all, be-all. Either way though, thanks for clearing it up. On Wed, Jul 27, 2011 at 7:50 PM, Waris Sagheer (waris) wa...@cisco.com wrote: ME3600X does not support Netflow and WCCP in the current release. If the configuration guide does not cover the features then it is not be supported. Netflow and WCCP features are not covered in the configuration guide. -Waris -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Colby Glass Sent: Wednesday, July 27, 2011 4:27 PM To: Sigurbjörn Birkir Lárusson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ME3600X Netflow and WCCP? Thanks guys. Before posting, I noticed that it's listed in the unsupported commands of an older IOS, but not in the newer one. That gave me some hope. Though, none of the guides I saw listed anything for configuring WCCP or Netflow. The feature nav listed WCCP Version 2 though. It's not looking good. On Wed, Jul 27, 2011 at 5:59 PM, Sigurbjörn Birkir Lárusson sigurbjo...@vodafone.is wrote: I wouldn't trust that, you can configure stuff on the ME3600X that doesn't actually work (or in fact do anything at all) in practice, you can even configure stuff that is in the manual, and is supposed to work, but still doesn't work ;) I turned on flow on a couple of interfaces, turned on top-talkers and got nothing. I then setup netcat to listen to a UDP port, configured export to send it, and according to show ip flow export it's not exporting anything. It also doesn't bode well for the support that ip flow-export is in the list of unsupported commands in the configuration guide, nor does the fact that there is only one reference to wccp in the configuration guide and that's under the traffic-classifier for the CPU traffic... Kind regards, Sibbi Þann 27.7.2011 21:31, skrifaði Jason Lixfeld ja...@lixfeld.ca: On 2011-07-27, at 4:45 PM, Colby Glass wrote: All, Does anyone happen to know if the ME3600 supports Netflow and WCCP? I have a customer considering them for the WAN edge and the docs/feature navigator are coming up somewhat ambiguous. I haven't tested it, but... systems02.151front71(config)#ip flow-? flow-aggregation flow-cacheflow-capture flow-egress flow-export flow-top-talkers systems02.151front71(config)#ip flow-export ? destination Specify the Destination IP address source Specify the interface for source address template Specify the template specific configurations version Specify the version number systems02.151front71(config)#ip flow-export version ? 1 5 9 systems02.151front71(config)#int g0/1 systems02.151front71(config-if)#no switchport systems02.151front71(config-if)#ip route-cache ? cef Enable Cisco Express Forwarding flowEnable Flow fast-switching cache policy Enable fast-switching policy cache for outgoing packets same-interface Enable
