[c-nsp] Recieving Dying Gasp notifications
I have a few remote sites which can be prone to power failures. For various reasons, implementing UPSs with management cards is not suitable and/or desirable. The remote equipment all supports Dying Gasp, however, but I cannot seem to find a way to make my 7200s, 3800s, or 2600s to receive the DG notifications. Google seems to indicate that only the CRS-1 will do it. This seems a pretty simple low-cost feature... is there truly no Cisco support for receiving DG on sub-million-dollar routers? -porkchop ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Ethernet Interfaces Speed and Duplex - Force or Auto
FWIW, the following is an old email I sent to our internal IT list last year reinforcing our current practice of auto/auto on all ports except where autoneg is proven to fail. It's a bit of historical review of reasons to hard-set. ~ Begin ~ Why did we continue to use 100/full? Social inertia. Back in the day (1995) when FastEthernet was new, not all the manufacturers had their... stuff... together. 802.3u (autoneg) had been written, and everyone started working to build hardware on it. Most manufacturers interpreted the standard one way... predictably cisco (and a few others) interpreted it another. Cue surprised face. Disparate hardware would not autonegotiate, or if the hardware was smart enough to handle the different autonegotiation methods, it would be stupid enough to do so unreliably. Network admins, burned, disabled autonegotiation. The vendor disagreements were settled in 1998. 802.3 was released. In 1999, the current 802.3ab was released, to support gigabit and some extra code pages. Its 2009, a decade later. Well, for some of the network equipment we run, its 4 years later. Anyway. The reasons to disable autoneg have been dead for a very long time. In my entire career, I have only seen it fail spectacularly once, oddly enough on a packeteer when it failed and closed the relay to connect its in and out ports. So the advantage is never having this problem. The disadvantage is the theoretical possibility of having a suboptimum link speed if the ethernet firmware on the server side doesn't strobe correctly to signal capabilities and noone notices. No vendors currently recommend disabling autoneg. -porkchop ~ End ~ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ntp scaling
As a datapoint, I was running NTP on ~315-340 devices against a 6500/sup2a for years before upgrading to a 720. Never had a problem. I don't even think either sup noticed. :) -porkchop -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Geert Nijs Sent: Monday, March 08, 2010 8:14 AM To: cisco-nsp@puck.nether.net Subject: [c-nsp] ntp scaling Hi all, Does anyone have an idea how many devices/clients can synchronise time to a SUP720 C6500 module ? How does it scale ? If i point 10, 100 , 1000, ... clients to a loopback address on the supervisor ? regards, Geert ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Chassis Failure Rate
6500: One backplane failure in 120 chassis-years (number of chassis running times the number of years they've been running). 4500: Zero in 20 chassis-years. -porkchop -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of nm...@guesswho.com Sent: Thursday, February 25, 2010 8:34 AM To: cisco-nsp@puck.nether.net Subject: [c-nsp] Chassis Failure Rate Just a quick consensus. Have many people experienced chassis/backplane failure in the 45xx/65xx/76xx lines? I have not yet (knock on wood) and I would just like to know if people have experienced this and how often. I have read a few posts where this has happened. Thanks in advance. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] PAT usage stats...
Right now at one ~400 person site, I have 187 active local IPs sharing 1487 still-alive connections. Its your regular everyday sales cubefarm. That's just shy of an average of 8 translations per active user. By those numbers, you could have 8,000 salespeople on one PAT. Personally, I'd cut it far before that. 800-1000 active, tops. Its not expensive to start a second pool, and you never know when a sites deadline for online sexual harassment training will be until 4:40pm when the phone starts ringing... -porkchop On 9/10/09 2:41 PM, Rodney Dunn rod...@cisco.com wrote: Curious...those of you running PAT for NAT, what is the average translations per user number you see active to determine the address pool given to PAT to overload on? 100 active per user at any give time, 50, ? Rodney ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] TCP throughput /WAN delay simulation with back to back routers
If you have a linux machine laying around (a default ubuntu install will do...), drop it on the same subnet as either one of the two PCs. (only one ethernet card needed) Do: iptables -A OUTPUT -p icmp --icmp-type redirect -j DROP tc qdisc add dev eth0 root netem delay 45msec echo -n 1 /proc/sys/net/ipv4/ip_forward On the PC on the same subnet, set the default gateway to be the IP of the linux machine. Done. You can change the delay with `tc qdisc change dev eth0 root netem delay whatever` This technically only induces delay in one direction (you could do it bidirectionally by sending it from the router to the linux box) but the net net won't affect your LFN testing. -porkchop On 8/19/09 3:17 PM, Thilak T thila...@gmail.com wrote: Hello Folks , I am trying to test TCP throughput with different variables. I want to simulate a delay of aprox 45msec between two test PCs connected two bat to back routers . How do we introduce an artificial delay where in the actual delay is on 2-3 msec.Using cisco routers.? Thilak ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Open Source Substitute for Cisco's Secure ACS?
Assuming you're using TACACS+ to handle this, since radius servers are everywhere... I've been using tac_plus from http://www.pro-bono-publico.de/projects/tac_plus.html (there appear to be several projects named tac_plus, this was the first one to work well for me.) As an added bonus, the author was happy and eager to help squash a bug I ran into. It'll backend to ldap, radius, or keep a local database. Supports all three A's. -porkchop On 8/13/09 9:46 AM, M Callahan li...@motorcitynet.com wrote: We're currently using a very dated version of Cisco's Secure ACS to authenticate a relatively small group of PPPoE ADSL users. We have a planned hardware upgrade for this system, but no funding for updated ACS software. That said, I was wondering what open source alternatives folks on the list have found to be an adequate substitute for ACS. Thanks, Mike ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 6509-E WiSM - OIR
On 8/12/09 9:31 AM, Jeff Cartier jcart...@acs.on.ca wrote: Does anyone know if a Cisco 6509-E w/ Sup720 WiSM will support OIR? I've dug around Google and Cisco, but haven't found a concrete 'YES'. My gut feeling is telling me it's okay; but I figure I'd ask the group J Thanks!!! I've done it several times with a WiSM without problem. I'd avoid OIR of anything on the 6500 platform during production hours. During an OIR, the backplane stalls (by design). Several things can cause the bus not to un-stall for longer than the magic reload timer. If this is your first WiSM in the chasis, you'll need to do some special configuration on the sup before you can do much with it. -mKaegler -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] WLC discovery
Boot the AP with the Mode button down to reset its parameter memory. If that doesn't help, hook into console and watch the messages. If that doesn't help, execute some 'debug [...]' statements on the same console. -porkchop On 6/10/09 4:42 PM, Shine Joseph shinejos...@dodo.com.au wrote: Hi, A Cisco WLC4402 is configured and working alright. All of the APs currently are in the same subnet and hence the discovery do not require DHCP Option 43 or DNS. I want to add another AP that is in a different. When the AP tries to register with the WLC, it registers momentarily and un registers. This has happened for eithe DHCP option and DNS discovery. I am sure, there is something I have not done to get this working. Can anyone suggest somthing that I should try? Thanks in advance, Shine ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] WLC discovery
Good call anyway, Ryan. Master mode will have no affect in this scenario, AFAIK. Master will only cause this controller to take priority over any other controllers if several share the same group, forcing new APs to land on the Master (knowing where they'd land makes for easier configuration during initial deployment). In the era of WCS, this is less of an issue. The only other things you can do are check firewalls between subnets (make sure both IPs are allowed, etc). You can try a few 'debug [...]' commands on the controller, but what you may really need is a ladder. -porkchop On 6/10/09 5:49 PM, Shine Joseph shinejos...@dodo.com.au wrote: Yes it is in layer 3 mode - Original Message - From: Ryan West rw...@zyedge.com To: Shine Joseph shinejos...@dodo.com.au Cc: Kaegler, Mike kaegl...@tessco.com; cisco-nsp@puck.nether.net Sent: Thursday, June 11, 2009 5:30 AM Subject: Re: [c-nsp] WLC discovery Are you in Layer 2 or Layer 3 AP mode. I forget if this is the actual name, but you may need to switch to layer 3. Sent from handheld. On Jun 10, 2009, at 5:26 PM, Shine Joseph shinejos...@dodo.com.au wrote: Thanks Mike for the the quick response. That means I have to have physical access to the APs which are already mounted on the ceiling. I am in the process of moving this AP to another subnet and I have some 18 of them to be moved from a single subnet to different subnets. I can see this AP regsiters momentarily and de-registers. We are running code 5.1. When the AP regsiters I can go to its configuration page and I see Hardware reset and Reset to Factory defaults. Any help is appreciated. Thanks, Shine - Original Message - From: Kaegler, Mike kaegl...@tessco.com To: Shine Joseph shinejos...@dodo.com.au; cisco-nsp@puck.nether.net Sent: Thursday, June 11, 2009 4:50 AM Subject: Re: [c-nsp] WLC discovery Boot the AP with the Mode button down to reset its parameter memory. If that doesn't help, hook into console and watch the messages. If that doesn't help, execute some 'debug [...]' statements on the same console. -porkchop On 6/10/09 4:42 PM, Shine Joseph shinejos...@dodo.com.au wrote: Hi, A Cisco WLC4402 is configured and working alright. All of the APs currently are in the same subnet and hence the discovery do not require DHCP Option 43 or DNS. I want to add another AP that is in a different. When the AP tries to register with the WLC, it registers momentarily and un registers. This has happened for eithe DHCP option and DNS discovery. I am sure, there is something I have not done to get this working. Can anyone suggest somthing that I should try? Thanks in advance, Shine ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Wifi network and too many wifi users
On 5/14/09 1:44 PM, reflect ocean reflect.oc...@gmail.com wrote: Hi there.I run a medium-sized wifi network.We are cisco shop (autonommous access points).Recently wifi users number have reached limits we didn't expect.Because of that,we had to adjust our subnet network in order to support more users associated to the only SSID our wireless network use.We try to keep configuration simple so creating another ssid wouldn't be the best choice at the moment. I've been looking for alternative to create another ssid and associate it to another different subnet but I can't find any related to. You can grow the subnet or add another. If you want, you can create a second wlan with the same ssid and security settings as the first, assign it to a different vlan (and therefore subnet) and deploy that ssid profile to half the Aps. Of course you break mobility. Or just make it a larger subnet. Depending on how your addressing is configured today, you might even be able to avoid booting everybody. -porkchop -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Network Drawing tool
There was a huge NANOG thread about this a few weeks ago... http://www.merit.edu/mail.archives/nanog/msg15295.html Because of the recommendations in that thread, I got out the credit card for OmniGraffle, which despite being a generally unheard of mac-only product got specific praise in perhaps more than half of the posts to the thread. I certainly have not regretted the purchase. Other recommendations included Dia, Powerpoint, and a dozen or more one-offs. -porkchop On 3/17/09 2:53 PM, Mohammad Khalil eng_m...@hotmail.com wrote: hey all , im using visio to draw my network diagrams is there any useful tool that accomplish the same goal ? Thanks Best Regards, Mohammad Khalil Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! Try it! What can you do with the new Windows Live? Find out _ More than messages?check out the rest of the Windows Live?. http://www.microsoft.com/windows/windowslive/ _ __ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp a rchive at http://puck.nether.net/pipermail/cisco-nsp/ -- Michael Kaegler, TESSCO Technologies: Engineering, 410 229 1295 Your wireless success, nothing less. http://www.tessco.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
