Re: [c-nsp] Outdoor switch

[Harold 'Buz' Dale]

Might also look at 
https://www.balticnetworks.com/mikrotik-routerboard-rb-260gs-complete-with-enclosure-and-power-supply-fiber-enabled.html

I’ve had good luck with Mikrotik in the past but they are very different from 
IOS devices.

Buz

On 10/19/17, 12:03 PM, "cisco-nsp on behalf of Jared Mauch" 
 wrote:

If you just need one port, there is this box that works quite well:

https://www.balticnetworks.com/mikrotik-fiber-to-copper-converter.html

It does not have an integrated splice tray though.

- Jared

> On Oct 19, 2017, at 12:00 PM, Christina Klam  wrote:
> 
> All,
> 
> I am hoping for some ideas.   We are running fiber to an outdoor pole 
(for cameras and wireless access-points) and need a switch that can be 
configured remotely, does 802.1q, Qos, and has 3 - 5 ports.  We are in the 
MidAtlantic so the temperatures range from well below freezing to 100 deg F.  
> 
> What do people use in these situations?
> 
> Thank you,
> Christina
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] ASR9k with a bundle to Nexus3k

[Harold 'Buz' Dale]

Looks like Channel 1 on the Nexus is trunk. Have you tried it without the trunk?
Buz
--
buz.d...@usg.edu
Network Support Specialist University System of GA -IT Services.
706-583-2052 or (Toll Free in GA) 888-875-3697
 








On 3/2/16, 7:40 AM, "cisco-nsp on behalf of jo...@bjorklund.cn" 
 wrote:

>Hello,
>
>Im trying to do a simple bundle from a ASR9k to Nexus3k.
>However I cant get it to work. Bundle between Nexus and Nexus is no problem. 
>Or between ASR and ASR.
>
>The ports in the nexus get suspended. And the error message in the ASR is: 
>Partner System ID/Key do not match that of the Selected links
>
>Nexus:
>
>interface port-channel1
>   switchport mode trunk
>
>interface Ethernet1/1
>   channel-group 1 mode active
>
>interface Ethernet1/2
>   channel-group 1 mode active
>
>ASR:
>
>interface Bundle-Ether1
>  description ToNexus
>!
>interface TenGigE0/0/0/0
>  bundle id 1 mode active
>!
>interface TenGigE0/0/0/1
>  bundle id 1 mode active
>!
>
>
>Bundle-Ether1
>   Status:Down
>   Local links :   0 / 0 / 2
>   Local bandwidth : 0 (0) kbps
>   MAC address (source):  78ba.f924.e4ba (Chassis pool)
>   Inter-chassis link:No
>   Minimum active links / bandwidth:  1 / 1 kbps
>   Maximum active links:  64
>   Wait while timer:  2000 ms
>   Load balancing:Default
>   LACP:  Operational
> Flap suppression timer:  Off
> Cisco extensions:Disabled
>   mLACP: Not configured
>   IPv4 BFD:  Not configured
>
>   Port  Device   StatePort ID B/W, 
>kbps
>     ---  ---  --  
> --
>   Te0/0/0/0 LocalConfigured   0x8000, 0x0003
> 1000
>   Partner System ID/Key do not match that of the Selected links
>   Te0/0/0/1 LocalConfigured   0x8000, 0x0004
> 1000
>   Partner System ID/Key do not match that of the Selected links
>
>
>Any ideas what could be wrong?
>
>/Jonas
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] ABF not working

[Harold 'Buz' Dale]

I would think you could do something like this with the ACL.

ipv4 access-list internet
10 permit ipv4 10.0.0.0/16 10.0.0.0/16
20 permit ipv4 10.0.0.0/16 any nexthop1 ipv4 x.x.x.x



Where if it is from 10/16 to 10/16 it just gets routed normally and make
sure that normal routing works right.
Luck,
Buz

--
buz.d...@usg.edu
Network Support Specialist University System of GA -IT Services.
706-583-2052 or (Toll Free in GA) 888-875-3697
 






On 7/13/15, 6:51 AM, Alex William alex.willia...@outlook.com wrote:

ipv4 access-list internet
10 permit ipv4 10.0.0.0/16 10.0.0.0/16 default
  20 permit ipv4 10.0.0.0/16 any nexthop1 ipv4 x.x.x.x


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Ping getting IPv6 address, though IPv6 is not enabled.

[Harold 'Buz' Dale]

Looks like your ping and nslookup commands are ipv6 aware.  DNS gives both
records and ping takes the v6 one.  Specify ³ping ipv4 address²
Like here:

RP/0/RSP0/CPU0:TELX1.BB#ping www.google.com
Fri Apr 17 12:41:27.530 EDT
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2607:f8b0:4002:c06::63, timeout is 2
seconds:
.
Success rate is 0 percent (0/5)
RP/0/RSP0/CPU0:TELX1.BB#ping ipv4 www.google.com
Fri Apr 17 12:41:44.674 EDT
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 74.125.21.103, timeout is 2 seconds:
!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Luck,
Buz


--
buz.d...@usg.edu
Network Support Specialist University System of GA -IT Services.
706-583-2052 or (Toll Free in GA) 888-875-3697
 






On 4/16/15, 3:29 PM, Joseph Mays m...@win.net wrote:

Got something going on on a router that seems strange. To me, anyway.

I have a router that does not have IPv6 enabled, nor is IPv6 being used
in the network it¹s on. ³ipv6² does not even occur anywhere in the config.

On any addresses it looks up the IPv4 address fine, and can route to that
address. But when I ping something like www.yahoo.com it grabs the IPv6
address and tries to ping that. And fails, of course. How do I get it to
stop preferring IPv6 addresses?

core-gw1.noc#show ip route www.yahoo.com
Translating www.yahoo.com...domain server (216.24.27.4) [OK]

Routing entry for 98.139.128.0/17
  Known via bgp 7333, distance 20, metric 126041
  Tag 174, type external
  Last update from 38.122.142.5 1w0d ago
  Routing Descriptor Blocks:
  * 38.122.142.5, from 38.122.142.5, 1w0d ago
  Route metric is 126041, traffic share count is 1
  AS Hops 3

core-gw1.noc#show run | include ping
core-gw1.noc#show run | include icmp
permit icmp any host 216.24.27.41
core-gw1.noc#ping www.yahoo.com
Translating www.yahoo.com...domain server (216.24.27.4) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:4998:58:C02::A9, timeout is 2
seconds:
.
Success rate is 0 percent (0/5)
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cursed IP address

[Harold 'Buz' Dale]

If you sh arp do you see the right MAC address for the ip. Could that address 
be in use on some dumb device? 

Sent from my iPhone

 On Nov 26, 2014, at 2:43, Victor Sudakov v...@mpeks.tomsk.su wrote:
 
 Colleagues,
 
 We have found a very interesting problem. 
 
 There are a dozen routers connected to a common 10.65.127.224/27 L2
 backbone. All are running OSPF area 0. Any router which has the IP
 address 10.65.127.246 cannot establish OSPF adjacency with some other 
 routers, showing them forever in the INIT/DROTHER or EXSTART/DROTHER
 state.
 
 When a different IP address is configured on the same router, the
 problem is solved. More over, when 10.65.127.246 is configured on ANY
 router in the segment, it experiences adjacency problems.
 
 We are currently using a workaround of never assigning 10.65.127.246
 to any router. Is this Sauron's IP address, or is there some kind of curse
 thereon?
 
 Below is a typical output 
 
 sw-bptoik#sh ip ospf 12 neighbor
 
 Neighbor ID Pri   State   Dead Time   Address Interface
 10.65.127.7 130   2WAY/DROTHER984 msec10.65.127.249   Vlan22
 10.65.127.9 130   FULL/DR 707 msec10.65.127.250   Vlan22
 10.65.127.10  1   2WAY/DROTHER942 msec10.65.127.248   Vlan22
 10.65.127.12  1   2WAY/DROTHER841 msec10.65.127.252   Vlan22
 10.65.127.13  1   INIT/DROTHER942 msec10.65.127.235   Vlan22
 10.65.127.14  1   INIT/DROTHER782 msec10.65.127.245   Vlan22
 10.65.127.15130   INIT/DROTHER908 msec10.65.127.251   Vlan22
 10.65.127.17  1   2WAY/DROTHER866 msec10.65.127.241   Vlan22
 10.65.127.19  1   2WAY/DROTHER959 msec10.65.127.238   Vlan22
 10.65.127.21  1   2WAY/DROTHER740 msec10.65.127.244   Vlan22
 10.65.127.22  0   INIT/DROTHER766 msec10.65.127.243   Vlan22
 10.65.127.23  1   2WAY/DROTHER891 msec10.65.127.230   Vlan22
 10.65.127.24  1   2WAY/DROTHER682 msec10.65.127.231   Vlan22
 10.65.155.11  1   2WAY/DROTHER816 msec10.65.127.253   Vlan22
 172.16.146.11 1   2WAY/DROTHER858 msec10.65.127.247   Vlan22
 
 
 sw-bptoik#sh ip ospf int Vlan22
 Vlan22 is up, line protocol is up
  Internet Address 10.65.127.246/27, Area 0
  Process ID 12, Router ID 10.65.127.246, Network Type BROADCAST, Cost: 1
  Topology-MTIDCostDisabledShutdown  Topology Name
0   1 no  noBase
  Transmit Delay is 1 sec, State DROTHER, Priority 1
  Designated Router (ID) 10.65.127.9, Interface address 10.65.127.250
  Backup Designated router (ID) 10.65.127.9, Interface address 10.65.127.250
  Timer intervals configured, Hello 333 msec, Dead 1, Wait 1, Retransmit 5
oob-resync timeout 40
Hello due in 264 msec
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 15, Adjacent neighbor count is 1
Adjacent with neighbor 10.65.127.9  (Designated Router)
  Suppress hello for 0 neighbor(s)
 
 
 
 -- 
 Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
 sip:suda...@sibptus.tomsk.ru
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] more net flow, which interfaces to monitor and in which direction?

[Harold 'Buz' Dale]

That¹s the way we do it.  By getting ingress flows pretty much everywhere
you know where the egress is going and can match up conversations.
Luck,
Buz

--
buz.d...@usg.edu
Network Support Specialist University System of GA -IT Services.
706-583-2052 or (Toll Free in GA) 888-875-3697
 






On 5/22/14, 9:35 AM, Scott Granados sc...@granados-llc.net wrote:

So for a little more clarification on this, I would want to monitor say
ingress on my transit links and then ingress on say my input links from
my server farm ports and capture the data that way instead of monitoring
ingress and egress on the same transit only interfaces?  So in other
words measure inbound from the public internet and then inbound from the
internal sites and customer pools?

Do I more or less have it?

On May 21, 2014, at 9:58 PM, Roland Dobbins rdobb...@arbor.net wrote:

 
 On May 22, 2014, at 8:40 AM, CiscoNSP List cisconsp_l...@hotmail.com
wrote:
 
 Can anyone please explain why?
 
 Another problem with egress NetFlow is that you won't get stats on
traffic which is being dropped by ACLs, uRPF, et. al.
 
 You should always use ingress NetFlow unless you have a specific
topological issue which precludes its use.
 
 --
 Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com
 
   Equo ne credite, Teucri.
 
-- Laocoön
 
 
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] 6504-E IOS SSH/memory issues

[Harold 'Buz' Dale]

We had a similar problem with a 7609 with a supe720.  TAC diagnosed that
we were using too much memory for our BGP tables.
We would get a login prompt but it would fail even with the correct
password. The box seems to be passing packets although we get some BGP
peering issues occasionally. This box is scheduled for replacement soon so
we are just dealing with it for the next week or so.
Good Luck,
Buz

--
buz.d...@usg.edu
Network Support Specialist University System of GA -IT Services.
706-583-2052 or (Toll Free in GA) 888-875-3697
 






On 3/24/14, 9:16 AM, Patrick M. Hausen hau...@punkt.de wrote:

Hi, all,

in Saturday our Rancid started to complain that it could not log on to one
of our core/uplink routers, anymore. Yet the system is generally alive and
happily pushing packets - Nagios did not ring me about any link or service
failing, so this came as a bit of a surprise.

Turns out, SSH logins are not possible, anymore. Telnet and rsh work just
fine. For each faile SSH login there is a line like this in the log:

Mar 20 12:30:09.415: %AAA-3-ACCT_LOW_MEM_UID_FAIL: AAA unable to create
UID for incoming calls due to insufficient processor memory

Ah ... OK ... if it's failing in AAA, why does telnet still work? And the
free memory
doesn't look too bad, either:

HeadTotal(b) Used(b) Free(b)   Lowest(b)
Largest(b)
Processor   477267E0   881661984   8603850442127694018235288
20933772
  I/O80067108864216056044550326045451176
45501532

  Processor memory

Alloc PCSize Blocks  BytesWhat

0x4014A218 24 01 24XDR: mfib pltf group
0x4014A218 28 01 28XDR: mfib pltf group
0x4014A218 32 01 32XDR: mfib pltf group
0x401567F4 003808 01 003808Init
0x4016D4BC 24 01 24Init
...

In the thousands of lines that follow, there are precisely 256 memory
blocks
allocated to the SSH process. Is this a single process holding all that
memory
or are there 256 SSH processes, that are somewhat stuck/zombie because
they are not terminated when the connection is closed?

I admit that I rarely log off, but rather just close the window running
my SSH connection.
Bad admin. ;-) But any sane OS should timeout the TCP connection
eventually and
then terminate the process waiting on that socket.

IOS version is 15.1(2)SY1 advanced enterprise.

How can I proceed finding and eliminating the root cause? Rebooting the
box to clean
up is an option if planned ahead, but not a suitable permanent fix (i.e.
rebooting regularly
is out of the question).

Thanks for any hints,
Patrick
-- 
punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe
Tel. 0721 9109 0 * Fax 0721 9109 100
i...@punkt.de   http://www.punkt.de
Gf: Jürgen Egeling  AG Mannheim 108285




___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Static Default route missing

[Harold 'Buz' Dale]

My first thought was that it rebooted and wasn¹t in the saved config. IS
the route statement missing or just the route from the table?
Luck,
Buz

On 11/15/13, 6:42 AM, Nick Hilliard n...@foobar.org wrote:

On 15/11/2013 10:44, Methsri Wickramarathna wrote:
 Any Ideas ???

most likely to be someone's typo.  Best idea to enable logging and tacacs+
AAA on the device so that you can see what's going on and who did it.  AAA
logging is an invaluable tool for follow-up problem diagnosis.

Nick

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Static Default route missing

[Harold 'Buz' Dale]

This is the line that was missing then?

ip route 0.0.0.0 0.0.0.0 X.X.X.X


From: Methsri Wickramarathna mmethw2...@gmail.commailto:mmethw2...@gmail.com
Date: Friday, November 15, 2013 at 10:03 AM
To: Chuck Church chuckchu...@gmail.commailto:chuckchu...@gmail.com
Cc: Buz Dale buz.d...@usg.edumailto:buz.d...@usg.edu, 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Static Default route missing

Chuck  default route config

ip route 0.0.0.0 0.0.0.0 X.X.X.X   # directed to next hop IP  no DHCP 
configured


On Fri, Nov 15, 2013 at 8:31 PM, Chuck Church 
chuckchu...@gmail.commailto:chuckchu...@gmail.com wrote:
Is there an IP address on the interface the default is using, or is it using 
DHCP?  DHCP can add a default route to the table, but wouldn't show up in 
either config.

Chuck


-Original Message-
From: cisco-nsp 
[mailto:cisco-nsp-boun...@puck.nether.netmailto:cisco-nsp-boun...@puck.nether.net]
 On Behalf Of Methsri Wickramarathna
Sent: Friday, November 15, 2013 9:50 AM
To: Harold 'Buz' Dale
Cc: cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Static Default route missing

Nick  Router is enabled with tacas+ AAA ... I can see all the commands 
entered with the usernames...

Chuck  Router isn't rebooted .. uptime was 30 weeks :(

Harold  Router statement missing from both running and startup configs ... 
When I enter *show ip route 0.0.0.0* it says network not available :(

Any ideas ???/


On Fri, Nov 15, 2013 at 8:12 PM, Harold 'Buz' Dale 
buz.d...@usg.edumailto:buz.d...@usg.edu wrote:

 My first thought was that it rebooted and wasn¹t in the saved config.
 IS the route statement missing or just the route from the table?
 Luck,
 Buz

 On 11/15/13, 6:42 AM, Nick Hilliard 
 n...@foobar.orgmailto:n...@foobar.org wrote:

 On 15/11/2013 10:44, Methsri Wickramarathna wrote:
  Any Ideas ???
 
 most likely to be someone's typo.  Best idea to enable logging and
 tacacs+ AAA on the device so that you can see what's going on and who
 did it.  AAA logging is an invaluable tool for follow-up problem diagnosis.
 
 Nick
 
 ___
 cisco-nsp mailing list  
 cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/




--
--
´`_,,,_
___´$$$`_´$$$`
`$$$`__,,,,___´´
_`$$$`´$$`_´$$`´$´
__`$$$`_´$`_´$`__´$$$´
___`$$$_$$$_$$$_´$$$´_
`$$_$$$_$$$`´$$´_
___,,__`$$_$$$_$$$_$$´_
_´$``$$_$$$_$$$_$$´_
´$`´$$$_$$$_$$$_$´_
´$$_$$$_$$$_$´_
___`$$$_$$$_$$_$$´_
__`$_$__$$_$$_$$´_
___`,___,,_,$´_
_`$´_
__`$$$´_
`´_
___`´_

~~( ŊëŌ )~~
___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/




--
--
´`_,,,_
___´$$$`_´$$$`
`$$$`__,,,,___´´
_`$$$`´$$`_´$$`´$´
__`$$$`_´$`_´$`__´$$$´
___`$$$_$$$_$$$_´$$$´_
`$$_$$$_$$$`´$$´_
___,,__`$$_$$$_$$$_$$´_
_´$``$$_$$$_$$$_$$´_
´$`´$$$_$$$_$$$_$´_
´$$_$$$_$$$_$´_
___`$$$_$$$_$$_$$´_
__`$_$__$$_$$_$$´_
___`,___,,_,$´_
_`$´_
__`$$$´_
`´_
___`´_

~~( ŊëŌ )~~
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IPv6 Transition - IP/MPLS Backbone

[Harold 'Buz' Dale]

Are you planning on providing native v6 via dual stack at the edges and then 
using 6PE to traverse your core? Maybe I am a little slow but it isn't clear to 
me exactly what you are trying to do.
Thanks,
Buz

-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Ahmed 
Hilmy
Sent: Sunday, April 14, 2013 15:56
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IPv6 Transition - IP/MPLS Backbone

Hello Expert,

We are planning to deploy IPv6 at our IPv4 Backbone, our PE to as Dual Stack 
and carry IPv6 packet through MPLS label.
There are different scenarios, one of them is 6PE.
Would you please guide me from where can i start ?

Thanks,

Ahmed
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Monday morning brain teaser

[Harold 'Buz' Dale]

Is your traceroute sourced from a different IP?

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of John Neiberger
Sent: Monday, April 01, 2013 11:43
To: Rick Coloccia
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Monday morning brain teaser

I've verified that we have no policy maps or route maps in place. The 
interfaces in question are plain L3 interfaces with barely more than an IP 
address configured. I'm not nearly awake enough to deal with this sort of weird 
behavior.  :)


On Mon, Apr 1, 2013 at 9:39 AM, Rick Coloccia coloc...@geneseo.edu wrote:

 On 4/1/2013 11:36 AM, John Neiberger wrote:

 I honestly don't know what to think about this. I don't think I've 
 ever seen anything like it.

 I didn't have an ACL in the way, but I did have a policy route map in 
 place, which was a little too aggressive, one upon a time. Similar 
 symptoms.  May be something to look at...

 --
 Rick Coloccia, Jr.
 Network Manager
 State University of NY College at Geneseo
 1 College Circle, 119 South Hall
 Geneseo, NY 14454
 V: 585-245-5577
 F: 585-245-5579


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] STP active/listed on wrong port

[Harold 'Buz' Dale]

Sure - It's a trunk.  VLAN one is the native vlan the tagged frames flow over...

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Rolf Hanßen
Sent: Tuesday, March 12, 2013 13:34
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] STP active/listed on wrong port

Hello list,

do you have an explanation why STP thinks Gi7/16 belongs to vlan 1 ?

edge1-dus3#sh spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee
  Root IDPriority32769
 Address 5475.d0a6.75c0
 This bridge is the root
 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority32769  (priority 32768 sys-id-ext 1)
 Address 5475.d0a6.75c0
 Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
 Aging Time 300

Interface   Role Sts Cost  Prio.Nbr Type
---  --- - 

Gi7/16  Desg FWD 4 128.1552 P2p


Interface Config:
interface GigabitEthernet7/16
 description custsw2-dus1 A16
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1253,1606  switchport mode trunk  mtu 9216  
load-interval 30 end

STP is disabled on all other vlans:
no spanning-tree vlan 2-4000

Gi7/16 is not listed here:

edge1-dus3#sh vlan id 1

VLAN Name StatusPorts
  -
---
1default  activeGi1/5, Gi1/8, Gi1/13,
Gi1/25, Gi1/27, Gi1/48, Te4/1, Gi6/1, Gi7/1, Gi7/3, Gi7/4, Gi7/5, Gi7/6, Gi7/7, 
Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12, Gi7/13, Gi7/14, Gi7/15, Gi7/17, Gi7/18, 
Gi7/19
Gi7/20, Gi7/21, Gi7/22, Gi7/23, 
Gi7/24

VLAN Type  SAID   MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1
Trans2
 - -- - -- --    --
--
1enet  11 1500  -  -  ---0  0

Remote SPAN VLAN

Disabled

Primary Secondary Type  Ports
--- - -
--


Port is up and works fine:

edge1-dus3#sh int Gi7/16
GigabitEthernet7/16 is up, line protocol is up (connected)
  Hardware is C6k 1000Mb 802.3, address is 001d.a246.3743 (bia
001d.a246.3743)
  Description: custsw2-dus1 A16
  MTU 9216 bytes, BW 100 Kbit/sec, DLY 10 usec,
 reliability 255/255, txload 6/255, rxload 6/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, media type is LX
  input flow-control is off, output flow-control is off
  Clock mode is auto
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output never, output hang never
  Last clearing of show interface counters never
  Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  30 second input rate 27117000 bits/sec, 3517 packets/sec
  30 second output rate 24383000 bits/sec, 2860 packets/sec
 32078138057 packets input, 32998390284372 bytes, 0 no buffer
 Received 524965 broadcasts (173874 multicasts)
 0 runts, 0 giants, 0 throttles
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
 0 watchdog, 0 multicast, 0 pause input
 0 input packets with dribble condition detected
 13839785752 packets output, 9991981200426 bytes, 0 underruns
 0 output errors, 0 collisions, 3 interface resets
 0 unknown protocol drops
 0 babbles, 0 late collision, 0 deferred
 0 lost carrier, 0 no carrier, 0 pause output
 0 output buffer failures, 0 output buffers swapped out


edge1-dus3#sh version
Cisco IOS Software, c7600s72033_rp Software (c7600s72033_rp-ADVIPSERVICESK9-M), 
Version 15.1(2)S, RELEASE SOFTWARE
(fc1)

Hardware is Cisco 7609-S, Sub720-3BXL, Slot 7 is a WS-X6724-SFP

kind regards
Rolf Hanßen



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Show mac adresses connected to ports

[Harold 'Buz' Dale]

Try show cam or sh mac address-table
show arp can also be quite useful depending on the device. 
Luck,
Buz

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Harry Hambi
Sent: Friday, November 02, 2012 11:19
To: 'cisco-nsp@puck.nether.net'
Subject: [c-nsp] Show mac adresses connected to ports

Hi all,
Is there a command that will show me the list mac addresses connected to a 
port. I suspect more than one device connected to a port. Thanks

Rgds
Harry

Harry Hambi BEng(Hons)  MIET  Rsgb




http://www.bbc.co.uk
This e-mail (and any attachments) is confidential and may contain personal 
views which are not the views of the BBC unless specifically stated.
If you have received it in
error, please delete it from your system.
Do not use, copy or disclose the
information in any way nor act in reliance on it and notify the sender 
immediately.
Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] WARNING: Netflow Data Export Hardware assisted NAT not supported on 76xx/65xx on the same interface

[Harold 'Buz' Dale]

Another problem with a SPAN is that you can get two gigs of data heading to a 
gig port if the port you are mirroring is (full duplex - as it should be 
and)running wide open.

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Andrew Miehs
Sent: Monday, August 29, 2011 11:11 AM
To: Matthew Huff
Cc: 'cisco-nsp@puck.nether.net'
Subject: Re: [c-nsp] WARNING: Netflow Data Export  Hardware assisted NAT not 
supported on 76xx/65xx on the same interface


On 26/08/2011, at 6:25 PM, Matthew Huff wrote:
 I'm looking at using SPAN to replicate the data and send it to a linux box to 
 then create netflow data exports, however, given the nature of the data (high 
 bandwidth and microburst), I'm not sure that the Linux box will work 
 accurately. I assumed the PFC would be doing the exports in hardware giving 
 us the most accurate realtime look at the market data. Evidently I was wrong.

Why does everyone want to use SPAN ports to do this sort of thing? Buy a 
TAP(ethernet), thats what they are there for!
SPAN ports are great for a quick debugging session, but you are (iirc) limited 
to 2 of them. You will be stuck if you ever need this functionality in future 
and you are using the SPAN for production purposes.

Regards

Andrew
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Dumb question

[Harold 'Buz' Dale]

It seems to me that RTR 2 is the one advertising the routes to ISP1 and ISP2 
and the path from RTR2 to both of these nets is RTR1 via the same link. Would 
be much easier to do this from RTR2.

Buz

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Ziv Leyes
Sent: Wednesday, August 03, 2011 8:54 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Dumb question

Hi all,
I have the following scenario (excuse my lousy ascii art...)



   ISP1
 /
   /
 /
RTR1 -iBGP- RTR2
\
  \
\
 ISP2

For the simplicity of the case, I have two prefixes, 1.1.1.1/24 and 2.2.2.2/24,
I want to advertise prefix 1.1.1.1/24 to ISP1 as best, and 2.2.2.2/24 to ISP1 
with prepends, and the opposite too, prefix 2.2.2.2/24 to ISP2 as best and 
prefix 1.1.1.1/24 to ISP1 with prepends.

What I'm trying to do is to set up all in a way that the only place I set up my 
decision is on RTR1 only, and that will be reflected via the iBGP to RTR2 about 
how I want the prefixes to be advertised to my eBGP neighbors ISP1 and ISP2
I tried setting communities, but all I got is RTR2 to see and match the 
communities, but based on this, I couldn't get the prefixes advertised to the 
ISPs at all.

What kind of manipulation I need to do in order for the RTR2 after matching the 
communities coming from RTR1, to advertise it to the ISPs according to the 
priorities I've mentioned before?

This sounds very basic and not so complicated to do, but I guess I'm missing 
something here!

Please help, and if possible, don't send me links to cisco web site case 
studies or to some 300 pages PDF about how BGP and communities work. A simple 
straight forward example of how this can be set will be enough.
Thanks!
Ziv

The information contained in this e-mail message and its attachments is 
confidential information intended only for the use of the individual or entity 
named above. If the reader of this message is not the intended recipient, you 
are hereby notified that any dissemination, distribution or copying of this 
communication is strictly prohibited. If you have received this communication 
in error, please notify us immediately by replying to the sender, and then 
delete the message from your computer.  Thank you!

 This mail was sent via Mail-SeCure System.



 
 

This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals  computer 
viruses.




___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] half duplex question

[Harold 'Buz' Dale]

I would think that there is a big difference.  By moving you to half duplex you 
are opening yourself up to the possibility of collisions and higher overhead.

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of james edwards
Sent: Wednesday, August 03, 2011 12:56 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] half duplex question

I have a metro Ethernet connection with a 5 mbs commit. Normally they shape
the incoming and I shape the outgoing to the commit rate. This time they
want me to go
half duplex, 10 mbs. The end result is 5 mbs. Is this wise or are there any
drawbacks to using half duplex here ?

Thanks,

-- 
James H. Edwards
Network Systems Administrator
Judicial Information Division
jedwa...@nmcourts.gov
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] no bgp route from 0.0.0.0 for a interface ip address

[Harold 'Buz' Dale]

At first blush it looks like 192.168.2.50 can't talk to anyone.  Try changing 
his mask to /31 or something so that 192.168.2.49 is on the same network..

BGP routing table entry for 192.168.2.50/32


-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of tao liu
Sent: Tuesday, April 19, 2011 8:55 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] no bgp route from 0.0.0.0 for a interface ip address

Why bgp route from 0.0.0.0 doesn't exist, 192.168.2.50 is a interface ip
address on routerB!
Instead bgp route for 192.168.2.50 is from 192.168.96.1 and
192.168.2.49, it is strange.
we redistribute static and connected on all four routers.
the topology like below:


lo0:192.168.96.2lo0:192.168.96.1
routerA    ebgp  - routerB
--ibgp routerBB
  192.168.2.49
192.168.2.50 |
|
|
|ibgp--routerAAebgp---

routerB# show ip bgp 192.168.2.50
BGP routing table entry for 192.168.2.50/32, version 151
Paths: (2 available, best #2, table default, RIB-failure(17) - next-hop
mismatch
)
  Advertised to update-groups:
 1
  65450
192.168.96.1 from 192.168.96.1 (192.168.96.1)
  Origin incomplete, metric 0, localpref 100, valid, internal
  65450
192.168.2.49 from 192.168.2.49 (192.168.0.2)
  Origin incomplete, metric 0, localpref 100, valid, external, best
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] CRC Errors on Ethernet Router

[Harold 'Buz' Dale]

First thing I would do would be to check for a duplex mismatch and then check 
the wiring (either by replacing the cable if it's a simple patch or using a 
cable tester over the span.) You might also just physically trace it and see if 
someone decided to hang a fluorescent light off of it or something too.
Luck,
Buz

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of alex nyagah
Sent: Wednesday, February 23, 2011 6:19 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] CRC Errors on Ethernet Router

Hi All,

I am noting CRC errors on my Ethernet port on my cisco router, what could it
be causing it..

-- 
**
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Using L3 switches as CPE

[Harold 'Buz' Dale]

Why mess with VLAN 768 - just give the upstream port the correct ip address and 
don't use it as a switchport.
If you only have one uplink and one client/VLAN off of this box then there is 
really only one route off of that box as well.  I'm not sure I would mess with 
BGP there.
Good Luck,
Buz

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of David Prall
Sent: Thursday, March 25, 2010 10:14 AM
To: 'Steve Bertrand'; 'Cisco-NSP Mailing List'
Subject: Re: [c-nsp] Using L3 switches as CPE

 Hi all,
 
 I'm going to be deploying some old 3550's as CPE on a
 Fibre-over-Ethernet network. I've never used a layer-3 switch for this
 job before, I've always used a router with a separate switch. I'm
 looking for some advice, as the setup is a bit different from what I'm
 used to.
 
 What I think I have to do is this:
 
 - trunk vlan 768 through gi0/1 back to my PE router

Just set the port as an access port. No need to trunk.


 - configure an int vlan768 to contain the /30 ptp IP

Correct

 - configure a second vlan (eg: 5) and apply one of the client's IP
 addresses on it (which will act as their default gw)

Correct

 - configure the fa interfaces as access ports for vlan 5
 - enable ip-routing
 - set up BGP as usual, using int vlan768 as the update-source

Shouldn't have to explicitly configure this.

 
 Does this sound right? Can anyone offer any other advice regarding this
 setup, particularly any config techniques that I should know about for
 this type of deployment?
 

As long as the GigE port is line rate you shouldn't have any issues. If you
are providing a subrate service, then they really need something with HQoS
so that they can send what they want, and not let you randomly drop what
they send.

 Steve
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] BGP to OSPF redistribution

[Harold 'Buz' Dale]

Can you stop learning routes from 'provider b' and add it back as a default?  
Then everything should go to the more specific route and if 'provider a' goes 
down things will then go through 'provider b'?

Luck,
Buz

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Saxon Jones
Sent: Wednesday, January 13, 2010 3:39 PM
To: null zeroroute
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] BGP to OSPF redistribution

Actually I re-read your problem. Sham links may be a solution to look at, if
you control the right pieces of equipment. You can also mess with the AD of
OSPF external routes versus OSPF internal routes but this is probably a Bad
Idea(TM) (and my testing of this a few years ago showed it didn't have the
desired result).

__
Saxon Jones

Email: saxon.jo...@gmail.com
Telephone: (780) 669-0899
Toll-free: (866) 701-8022
United Kingdom: 0(1315)168664



2010/1/13 Saxon Jones saxon.jo...@gmail.com

 If I understand your question properly, why not just change the
 administrative distance of the eBGP routes to something less than 110.
 __
 Saxon Jones

 Email: saxon.jo...@gmail.com


 2010/1/13 null zeroroute nullzero.ro...@gmail.com

 I'm having a problem trying to figure out a way to get eBGP learned routes
 (from a layer-3 VPN MPLS WAN provider) into our internal OSPF, so that the
 routes learned via the provider are preffered over the internally learned
 OSPF routes.

 No matter where the BGP--OSPF redistribution point is, if it's the PE or
 CE, the routes will still show up (by default) as OSPF external, and will
 never be prefferred.

 The provider who's path we prefer will only run BGP.  We would like to use
 OSPF everywhere if possible, for several reasons.

 WAN provider A is a layer-3 VPN MPLS network, and is the prefferred path.
 WAN provider B is a layer-2 VPN MPLS network over which we run OSPF.
 Provider B's network is inferior at times and we use it as a backup.

 The equipment where the eBGP peering relationsips exist is a mix of 7600,
 3800, 2800, 1800, 6500, 3750, 3550.

 We considered GRE over the providers network however we then wind up with
 25+ tunnels at each location, and that just grows as each new site is
 added,
 not to mention some potential issues regarding throughput with a GRE
 tunnel
 in the path.

 Is there a way to redistribute BGP into OSPF so that the routes can be
 anything but OSPF external?

 I have not found a way to do this yet, and was wondering if it's even
 possible, or if I'm missing something obvious.  Any suggestions
 appreciated.
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Adding vlan to port-channel trunk causes port-channel to flap

[Harold 'Buz' Dale]

Check the other end to make the the LACP config is correct and maybe a sh 
etherchannel variation to look at what is going on. If the LACP is wrong maybe 
the trunk was carried over gi1/0/1.

Luck,
Buz

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jared Gillis
Sent: Thursday, January 07, 2010 3:23 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Adding vlan to port-channel trunk causes port-channel to flap

Hi all,

I just ran into a strange problem on a 3750ME. I've got two gig ports in an 
active LACP port-channel looking like this:

interface GigabitEthernet1/0/1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 101,102,400,664,1000-2999
 switchport mode trunk
 speed 1000
 duplex full
 channel-group 1 mode active
end

interface GigabitEthernet1/0/2
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 101,102,400,664,1000-2999
 switchport mode trunk
 speed 1000
 duplex full
 channel-group 1 mode active
end

interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 101,102,400,664,1000-2999
 switchport mode trunk
end

When I added vlan 400 to the trunk allowed vlan list, one of the underlying gig 
ports flapped, which caused the port-channel to flap as well. 
Jan  7 12:09:27.647 PST: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
GigabitEthernet1/0/1, changed state to down
Jan  7 12:09:27.656 PST: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
Port-channel1, changed state to down
Jan  7 12:09:28.654 PST: %LINK-3-UPDOWN: Interface Port-channel1, changed state 
to down
Jan  7 12:09:31.464 PST: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
GigabitEthernet1/0/1, changed state to up
Jan  7 12:09:32.454 PST: %LINK-3-UPDOWN: Interface Port-channel1, changed state 
to up
Jan  7 12:09:33.461 PST: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
Port-channel1, changed state to up
Jan  7 12:09:48.745 PST: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
Vlan400, changed state to up

This definitely seems like something that should not happen. I'm running Cisco 
IOS Software, C3750ME Software (C3750ME-I5K91-M), Version 12.2(46)SE, RELEASE 
SOFTWARE (fc2).
Any thoughts on what I should be checking?

--Jared
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/