Re: [c-nsp] "MPLS in the SDN Era" New book

[Nick Ryce]

I wouldn’t disagree
Nick Ryce
Fluency Communications
(Commsworld Ltd T/A)

T: +44 (0) 330 121 1000
www.fluency.net.uk <http://www.fluency.net.uk/>
n...@fluency.net.uk <mailto:char...@fluency.net.uk>



















On 27/01/2016, 19:12, "cisco-nsp on behalf of Aaron" 
<cisco-nsp-boun...@puck.nether.net on behalf of aar...@gvtc.com> wrote:

>Thanks
>
>...i guess Ivan's "MPLS Bible 1.0" would be his MPLS and VPN Architectures Vol 
>1 and 2... true ?
>
>Aaron
>
>-Original Message-
>From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of david 
>roy
>Sent: Monday, January 25, 2016 5:30 AM
>To: cisco-nsp@puck.nether.net
>Subject: [c-nsp] "MPLS in the SDN Era" New book
>
>Hello
>
>
>
>I just wanted to share with all of you that the new "MPLS in the SDN Era"
>book is already shipping. I know well the two authors and the book, and I can 
>certainly recommend it.
>
>
>
>This book's focus is interoperability. Its 900+ pages cover a wide range of 
>MPLS technologies, illustrated with real interoperable scenarios that combine 
>Junos and IOS XR devices.
>
>
>
>"In case you’re wondering how one could integrate the traditional 
>protocol-focused world of MPLS with the new software-defined world, you came 
>to the right place. This book has the potential to become the MPLS Bible 2.0."
>
>
>
>Ivan Pepelnjak, iNetwork Architect, www.ipSpace.net
>
>
>
>Here is the list of chapters, which you can find in more detail (together with 
>the full table of contents) in O'Reilly sampler:
>
>
>
>Chapter 1, Introduction to MPLS and SDN
>
>Chapter 2, The Four MPLS Builders : LDP, RSVP-TE, IGP (IS-IS, OSPF) SPRING, 
>and BGP
>
>Chapter 3, Layer 3 Unicast MPLS Services (6PE, L3VPN)
>
>Chapter 4, Internet Multicast Over MPLS
>
>Chapter 5, Multicast VPN
>
>Chapter 6, Point-to-Point Layer 2 VPNs
>
>Chapter 7, Virtual Private LAN Service (VPLS)
>
>Chapter 8, Ethernet VPN (EVPN), featuring EVPN MPLS, EVPN VXLAN, PBB-EVPN
>
>Chapter 9, Inter-Domain MPLS Services
>
>Chapter 10, Underlay and Overlay Architectures
>
>Chapter 11, Network Virtualization Overlays, featuring OpenContrail
>
>Chapter 12, Network Function Virtualization (NFV)
>
>Chapter 13, Introduction to Traffic Engineering
>
>Chapter 14, TE Bandwidth Reservations
>
>Chapter 15, Centralized Traffic Engineering, featuring Northstar
>
>Chapter 16, Scaling MPLS Transport and Seamless MPLS
>
>Chapter 17, Scaling MPLS Services
>
>Chapter 18, Transit Fast Restoration Based, featuring LFA, RLFA, TI-LFA, 
>TI-FRR, and MRT
>
>Chapter 19, Transit Fast Restoration Based on the RSVP-TE
>
>Chapter 20, FIB Optimization for Fast Restoration
>
>Chapter 21, Egress Service Fast Restoration
>
>
>
>Regards
>
>David
>
>
>
>
>
>*David Roy *
>
>*IP/MPLS NOC engineer - Orange France*
>
>SkypeID : davidroy.35
>
>*JNCIE x3 (SP #703 ; ENT #305 ; SEC #144)* 
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net 
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>___
>cisco-nsp mailing list  cisco-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] NTP DDoS

[Nick Ryce]

You can check for open ntp servers within your AS with the following:-

http://openntpproject.org/searchby-asn.cgi?search_asn=56595

Swap 56595 for your ASN  :)

Nick
On 13 Feb 2014, at 02:12, SilverTip257 silvertip...@gmail.com wrote:

 On Wed, Feb 12, 2014 at 2:36 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
 
 Something I can point customers to for testing their own set ups. ;)
 
 
 What I was trying to say is that openntp project URL is something I can
 point customers at and they should understand.  Some of my customers are
 dense.
 
 Sadly, a few of them try to tell me that information I give them doesn't
 work.  But when they say hey, here's my credentials, why don't you fix it
 for me? ... I come to find (yes, I'm a nice guy) that everything I sent
 them was spot on (as I expected).
 
 Copy+paste is over-rated.  o_O
 
 
 
 On a Linux or mac
 
 ntpdc -c monlist xxx.xxx.xxx.xxx
 
 
 Yep.  And loopinfo and iostats commands.
 
 nmap has a ntp-monlist script that is helpful (combined with the grep-able
 output option).
 
 I'm about due for running another ntp-monlist scan ... [when DNS
 amplification attacks were real bad a few months ago, we told a customer to
 disable DNS recursion ... he instead shut off bind/named for that day and
 turned it back on some time later].
 
 
 
 If you get a reply (which will consist of a list of IP addresses that have
 sync'd with the daemon) then the server has a non optimal config. ... and
 if it's already been found by others they will all be listed. .. You might
 even see openntp project and team cymru servers listed ;)
 
 Alan
 
 
 
 
 -- 
 ---~~.~~---
 Mike
 //  SilverTip257  //
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Possible split horizon issue with bgp signalled vpls

[Nick Ryce]

Just a note to say that after the upgrade we are back in business :)


Nick

On 20 Nov 2013, at 04:44, Pete Lumbis 
alum...@gmail.commailto:alum...@gmail.com wrote:

Any idea why Switch 3 has remote label 28 instead of 48?

Do you know if the issue is unidirectional or bidirectional? That is, can Sw2 
send to Sw3 but Sw3 can't send back?


On Mon, Nov 18, 2013 at 3:05 PM, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:
Hi,

I’m tearing my hair out with this one and can’t figure out how to resolve it.

I have 3 switches that have a BGP signalled VPLS with customer routers hanging 
off the end of all 3 ( one switch has 2 cpe )

All have the RD 56595:4 and RT 56595:4

All pseudo wires are up between the switches with config snippets below:-

Switch 1

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
  VPN ID: 4, VE-ID: 3, VE-SIZE: 10
  RD: 56595:4, RT: 56595:4, 56595:4
  Bridge-Domain 903 attachment circuits:
Vlan903
  Neighbors connected via pseudowires:
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100033   46.226.0.9  2  402  39  Y
  pseudowire100037   46.226.0.14 1  401  49  Y

This switch has 1 cpe with any vlan tags stripped and can ping all devices on 
the other switches


Switch 2

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
  VPN ID: 4, VE-ID: 1, VE-SIZE: 10
  RD: 56595:4, RT: 56595:4, 56595:4
  Bridge-Domain 11 attachment circuits:
Vlan11
  Neighbors connected via pseudowires:
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100015   46.226.0.12 3  49   401 Y
  pseudowire100018   46.226.0.9  2  48   37  Y

This switch has 2 cpe’s with any vlan tags stripped.  They can ping each other 
and the device connected to switch 1 but cannot ping device on switch 3

Switch 3

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
  VPN ID: 4, VE-ID: 2, VE-SIZE: 10
  RD: 56595:4, RT: 56595:4, 56595:4
  Bridge-Domain 4 attachment circuits:
Vlan4
  Neighbors connected via pseudowires:
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100028   46.226.0.12 3  39   402 Y
  pseudowire100027   46.226.0.14 1  37   28  Y

This switch has 1 cpe device connected with any vlan tags stripped and can only 
ping the device on switch 1


Each switch can see all the correct mac addresses.

It sounds like split horizon but I assumed this was only to do with the local 
switch?

All devices are running 15.3(3)S

Any help much appreciated.

Nick




___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Possible split horizon issue with bgp signalled vpls

[Nick Ryce]

Hi Jason,

CSCuh05321 says it is fixed in the S1 release so would that not mean that it is 
also in S1a?

Nick


On 19 Nov 2013, at 03:50, Jason Lixfeld 
ja...@lixfeld.camailto:ja...@lixfeld.ca wrote:

Just be mindful of CSCuh05321 if you are going to try S1a.  If you think you 
might hit that, I'd suggest moving to static vpls and skip that release until 
it's fixed.

Also, with S1a, look at CSCtl54835 and verify or else your isis adjacencies 
will break.

Sent from my iPhone

On Nov 18, 2013, at 10:08 PM, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:

Just found 1 switch on 15.3(2)S so may be worth a punt and upgrade

Nick
On 19 Nov 2013, at 02:02, Jason Lixfeld 
ja...@lixfeld.camailto:ja...@lixfeld.ca wrote:

Issues I was having with BGP signalled VPLS a couple of months ago in 15.3(2)S1 
resulted in filing CSCui46390.  I'd otherwise suggest trying 15.3(3)S1a to see 
fix works, but that version seems to have introduced CSCuh05321, so I think 
that might end badly for you; it did for me :(

On Nov 18, 2013, at 3:05 PM, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:

Hi,

I’m tearing my hair out with this one and can’t figure out how to resolve it.

I have 3 switches that have a BGP signalled VPLS with customer routers hanging 
off the end of all 3 ( one switch has 2 cpe )

All have the RD 56595:4 and RT 56595:4

All pseudo wires are up between the switches with config snippets below:-

Switch 1

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 3, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 903 attachment circuits:
  Vlan903
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100033   46.226.0.9  2  402  39  Y
pseudowire100037   46.226.0.14 1  401  49  Y

This switch has 1 cpe with any vlan tags stripped and can ping all devices on 
the other switches


Switch 2

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 1, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 11 attachment circuits:
  Vlan11
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100015   46.226.0.12 3  49   401 Y
pseudowire100018   46.226.0.9  2  48   37  Y

This switch has 2 cpe’s with any vlan tags stripped.  They can ping each other 
and the device connected to switch 1 but cannot ping device on switch 3

Switch 3

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 2, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 4 attachment circuits:
  Vlan4
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100028   46.226.0.12 3  39   402 Y
pseudowire100027   46.226.0.14 1  37   28  Y

This switch has 1 cpe device connected with any vlan tags stripped and can only 
ping the device on switch 1


Each switch can see all the correct mac addresses.

It sounds like split horizon but I assumed this was only to do with the local 
switch?

All devices are running 15.3(3)S

Any help much appreciated.

Nick




___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Possible split horizon issue with bgp signalled vpls

[Nick Ryce]

Hi,

I’m tearing my hair out with this one and can’t figure out how to resolve it.

I have 3 switches that have a BGP signalled VPLS with customer routers hanging 
off the end of all 3 ( one switch has 2 cpe )

All have the RD 56595:4 and RT 56595:4

All pseudo wires are up between the switches with config snippets below:-

Switch 1

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
  VPN ID: 4, VE-ID: 3, VE-SIZE: 10 
  RD: 56595:4, RT: 56595:4, 56595:4
  Bridge-Domain 903 attachment circuits:
Vlan903  
  Neighbors connected via pseudowires:
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100033   46.226.0.9  2  402  39  Y
  pseudowire100037   46.226.0.14 1  401  49  Y

This switch has 1 cpe with any vlan tags stripped and can ping all devices on 
the other switches


Switch 2

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
  VPN ID: 4, VE-ID: 1, VE-SIZE: 10 
  RD: 56595:4, RT: 56595:4, 56595:4
  Bridge-Domain 11 attachment circuits:
Vlan11  
  Neighbors connected via pseudowires:
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100015   46.226.0.12 3  49   401 Y
  pseudowire100018   46.226.0.9  2  48   37  Y

This switch has 2 cpe’s with any vlan tags stripped.  They can ping each other 
and the device connected to switch 1 but cannot ping device on switch 3

Switch 3

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
  VPN ID: 4, VE-ID: 2, VE-SIZE: 10 
  RD: 56595:4, RT: 56595:4, 56595:4
  Bridge-Domain 4 attachment circuits:
Vlan4  
  Neighbors connected via pseudowires:
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100028   46.226.0.12 3  39   402 Y
  pseudowire100027   46.226.0.14 1  37   28  Y

This switch has 1 cpe device connected with any vlan tags stripped and can only 
ping the device on switch 1


Each switch can see all the correct mac addresses.

It sounds like split horizon but I assumed this was only to do with the local 
switch?

All devices are running 15.3(3)S

Any help much appreciated.

Nick




___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Possible split horizon issue with bgp signalled vpls

[Nick Ryce]

Hi Pshem,

output below

switch 1

Local intf Local circuit  Dest addressVC ID  Status
-  -- --- -- --
VFI FLVPLS004  vfi46.226.0.9  4  UP
VFI FLVPLS004  vfi46.226.0.14 4  UP

switch 2

Local intf Local circuit  Dest addressVC ID  Status
-  -- --- -- --
VFI FLVPLS004  vfi46.226.0.9  4  UP
VFI FLVPLS004  vfi46.226.0.12 4  UP

switch 3

Local intf Local circuit  Dest addressVC ID  Status
-  -- --- -- --
VFI FLVPLS004  vfi46.226.0.12 4  UP
VFI FLVPLS004  vfi46.226.0.14 4  UP

We are not using targeted ldp at this time.  All switches are using rsvp
--
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.ukmailto:n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000

On 19 Nov 2013, at 00:31, Pshem Kowalczyk 
pshe...@gmail.commailto:pshe...@gmail.com wrote:

Hi,

I assume here you're running ME3600x. Split horizon works by stopping
any packets that arrived on one pseudowire from leaving on another
pseudowire. Attachment circuit to another attachment circuit is not
affected (unless you make add them to another split-horizon group
manually).

Can you show the output of 'sh mpls l2 vc'

Do you also run targeted LDP between those devices?

kind regards
Pshem

On 19 November 2013 09:05, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:
Hi,

I’m tearing my hair out with this one and can’t figure out how to resolve it.

I have 3 switches that have a BGP signalled VPLS with customer routers hanging 
off the end of all 3 ( one switch has 2 cpe )

All have the RD 56595:4 and RT 56595:4

All pseudo wires are up between the switches with config snippets below:-

Switch 1

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
 VPN ID: 4, VE-ID: 3, VE-SIZE: 10
 RD: 56595:4, RT: 56595:4, 56595:4
 Bridge-Domain 903 attachment circuits:
   Vlan903
 Neighbors connected via pseudowires:
 Interface  Peer AddressVE-ID  Local Label  Remote LabelS
 pseudowire100033   46.226.0.9  2  402  39  Y
 pseudowire100037   46.226.0.14 1  401  49  Y

This switch has 1 cpe with any vlan tags stripped and can ping all devices on 
the other switches


Switch 2

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
 VPN ID: 4, VE-ID: 1, VE-SIZE: 10
 RD: 56595:4, RT: 56595:4, 56595:4
 Bridge-Domain 11 attachment circuits:
   Vlan11
 Neighbors connected via pseudowires:
 Interface  Peer AddressVE-ID  Local Label  Remote LabelS
 pseudowire100015   46.226.0.12 3  49   401 Y
 pseudowire100018   46.226.0.9  2  48   37  Y

This switch has 2 cpe’s with any vlan tags stripped.  They can ping each other 
and the device connected to switch 1 but cannot ping device on switch 3

Switch 3

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
 VPN ID: 4, VE-ID: 2, VE-SIZE: 10
 RD: 56595:4, RT: 56595:4, 56595:4
 Bridge-Domain 4 attachment circuits:
   Vlan4
 Neighbors connected via pseudowires:
 Interface  Peer AddressVE-ID  Local Label  Remote LabelS
 pseudowire100028   46.226.0.12 3  39   402 Y
 pseudowire100027   46.226.0.14 1  37   28  Y

This switch has 1 cpe device connected with any vlan tags stripped and can only 
ping the device on switch 1


Each switch can see all the correct mac addresses.

It sounds like split horizon but I assumed this was only to do with the local 
switch?

All devices are running 15.3(3)S

Any help much appreciated.

Nick




___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Possible split horizon issue with bgp signalled vpls

[Nick Ryce]

Hi Jason,

It sounds very similar.  If a bgp session was established direct rather than 
via an RR would this fix it I wonder?

Nick
--
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.ukmailto:n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000

On 19 Nov 2013, at 02:02, Jason Lixfeld 
ja...@lixfeld.camailto:ja...@lixfeld.ca wrote:

Issues I was having with BGP signalled VPLS a couple of months ago in 15.3(2)S1 
resulted in filing CSCui46390.  I'd otherwise suggest trying 15.3(3)S1a to see 
fix works, but that version seems to have introduced CSCuh05321, so I think 
that might end badly for you; it did for me :(

On Nov 18, 2013, at 3:05 PM, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:

Hi,

I’m tearing my hair out with this one and can’t figure out how to resolve it.

I have 3 switches that have a BGP signalled VPLS with customer routers hanging 
off the end of all 3 ( one switch has 2 cpe )

All have the RD 56595:4 and RT 56595:4

All pseudo wires are up between the switches with config snippets below:-

Switch 1

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 3, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 903 attachment circuits:
  Vlan903
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100033   46.226.0.9  2  402  39  Y
pseudowire100037   46.226.0.14 1  401  49  Y

This switch has 1 cpe with any vlan tags stripped and can ping all devices on 
the other switches


Switch 2

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 1, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 11 attachment circuits:
  Vlan11
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100015   46.226.0.12 3  49   401 Y
pseudowire100018   46.226.0.9  2  48   37  Y

This switch has 2 cpe’s with any vlan tags stripped.  They can ping each other 
and the device connected to switch 1 but cannot ping device on switch 3

Switch 3

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 2, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 4 attachment circuits:
  Vlan4
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100028   46.226.0.12 3  39   402 Y
pseudowire100027   46.226.0.14 1  37   28  Y

This switch has 1 cpe device connected with any vlan tags stripped and can only 
ping the device on switch 1


Each switch can see all the correct mac addresses.

It sounds like split horizon but I assumed this was only to do with the local 
switch?

All devices are running 15.3(3)S

Any help much appreciated.

Nick




___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Possible split horizon issue with bgp signalled vpls

[Nick Ryce]

Doesn’t make a diff if established direct :(


On 19 Nov 2013, at 02:46, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:

Hi Jason,

It sounds very similar.  If a bgp session was established direct rather than 
via an RR would this fix it I wonder?

Nick
--
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.ukmailto:n...@fluency.net.ukmailto:n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000

On 19 Nov 2013, at 02:02, Jason Lixfeld 
ja...@lixfeld.camailto:ja...@lixfeld.camailto:ja...@lixfeld.ca wrote:

Issues I was having with BGP signalled VPLS a couple of months ago in 15.3(2)S1 
resulted in filing CSCui46390.  I'd otherwise suggest trying 15.3(3)S1a to see 
fix works, but that version seems to have introduced CSCuh05321, so I think 
that might end badly for you; it did for me :(

On Nov 18, 2013, at 3:05 PM, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.ukmailto:n...@fluency.net.uk 
wrote:

Hi,

I’m tearing my hair out with this one and can’t figure out how to resolve it.

I have 3 switches that have a BGP signalled VPLS with customer routers hanging 
off the end of all 3 ( one switch has 2 cpe )

All have the RD 56595:4 and RT 56595:4

All pseudo wires are up between the switches with config snippets below:-

Switch 1

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 3, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 903 attachment circuits:
 Vlan903
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100033   46.226.0.9  2  402  39  Y
pseudowire100037   46.226.0.14 1  401  49  Y

This switch has 1 cpe with any vlan tags stripped and can ping all devices on 
the other switches


Switch 2

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 1, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 11 attachment circuits:
 Vlan11
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100015   46.226.0.12 3  49   401 Y
pseudowire100018   46.226.0.9  2  48   37  Y

This switch has 2 cpe’s with any vlan tags stripped.  They can ping each other 
and the device connected to switch 1 but cannot ping device on switch 3

Switch 3

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 2, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 4 attachment circuits:
 Vlan4
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100028   46.226.0.12 3  39   402 Y
pseudowire100027   46.226.0.14 1  37   28  Y

This switch has 1 cpe device connected with any vlan tags stripped and can only 
ping the device on switch 1


Each switch can see all the correct mac addresses.

It sounds like split horizon but I assumed this was only to do with the local 
switch?

All devices are running 15.3(3)S

Any help much appreciated.

Nick




___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Possible split horizon issue with bgp signalled vpls

[Nick Ryce]

Just found 1 switch on 15.3(2)S so may be worth a punt and upgrade

Nick
On 19 Nov 2013, at 02:02, Jason Lixfeld 
ja...@lixfeld.camailto:ja...@lixfeld.ca wrote:

Issues I was having with BGP signalled VPLS a couple of months ago in 15.3(2)S1 
resulted in filing CSCui46390.  I'd otherwise suggest trying 15.3(3)S1a to see 
fix works, but that version seems to have introduced CSCuh05321, so I think 
that might end badly for you; it did for me :(

On Nov 18, 2013, at 3:05 PM, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:

Hi,

I’m tearing my hair out with this one and can’t figure out how to resolve it.

I have 3 switches that have a BGP signalled VPLS with customer routers hanging 
off the end of all 3 ( one switch has 2 cpe )

All have the RD 56595:4 and RT 56595:4

All pseudo wires are up between the switches with config snippets below:-

Switch 1

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 3, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 903 attachment circuits:
  Vlan903
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100033   46.226.0.9  2  402  39  Y
pseudowire100037   46.226.0.14 1  401  49  Y

This switch has 1 cpe with any vlan tags stripped and can ping all devices on 
the other switches


Switch 2

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 1, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 11 attachment circuits:
  Vlan11
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100015   46.226.0.12 3  49   401 Y
pseudowire100018   46.226.0.9  2  48   37  Y

This switch has 2 cpe’s with any vlan tags stripped.  They can ping each other 
and the device connected to switch 1 but cannot ping device on switch 3

Switch 3

VFI name: FLVPLS004, state: up, type: multipoint, signaling: BGP
VPN ID: 4, VE-ID: 2, VE-SIZE: 10
RD: 56595:4, RT: 56595:4, 56595:4
Bridge-Domain 4 attachment circuits:
  Vlan4
Neighbors connected via pseudowires:
Interface  Peer AddressVE-ID  Local Label  Remote LabelS
pseudowire100028   46.226.0.12 3  39   402 Y
pseudowire100027   46.226.0.14 1  37   28  Y

This switch has 1 cpe device connected with any vlan tags stripped and can only 
ping the device on switch 1


Each switch can see all the correct mac addresses.

It sounds like split horizon but I assumed this was only to do with the local 
switch?

All devices are running 15.3(3)S

Any help much appreciated.

Nick




___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] ME3600 QoS

[Nick Ryce]

Hi Guys,

I am trying to to do some basic QoS to prioritise packets marked with DSCP EF 
on EFP's but keep getting errors as below:

SW1.WAV-EDI(config-if-srv)#service-policy output Voip
QoS: Invalid target for service-policy
QoS: Configuration errors for policy map Voip

Class-map and policy map as below ( I have just used priority 1 as a basic test 
and know it can in some circumstances starve other queues )

class-map match-any Voice
 match ip dscp ef
!
policy-map Voip
 class Voice
  priority level 1
 class class-default
  bandwidth remaining percent 70

Any help much appreciated.

Nick
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] ME3600 QoS

[Nick Ryce]

Hi Adam,

Just reached the same conclusion.

Can be applied to the member ports of the channel.  Also you can't apply
service policies to EFP's on a port channel either.

Nick

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 07/08/2013 12:13, Adam Vitkovsky adam.vitkov...@swan.sk wrote:

Hi Nick,
 QoS: Invalid target for service-policy
I got the same error when I tried to apply a service-policy to
port-channel
interface and learned that policy has to be applied to a physical ports
associated with the channel instead.

So I'm wondering whether your SW version supports applying of
service-policies under EFPs (service-instance).

Adam



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] ME3600 VPLS configuration with L2VPN CLI

[Nick Ryce]

Hi Jason,

Just tested this myself.

Only appears to work if the SVI is created and the member statement added
there.

Nick

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 26/06/2013 02:07, Jason Lixfeld ja...@lixfeld.ca wrote:

So I'm just trying to understand how VPLS is 'supposed' to work on
ME3600s...

This seems to work:

!
interface GigabitEthernet0/3
 description Facing CE
 switchport trunk allowed vlan none
 switchport mode trunk
 logging event link-status
 no cdp enable
 service instance 1 ethernet
  encapsulation dot1q 4013
  rewrite ingress tag pop 1 symmetric
 !
!
bridge-domain 4013
 member GigabitEthernet0/3 service-instance 1
!
interface Vlan4013
 vrf forwarding management
 no ip address
 member vfi management
!

#show l2vpn vfi name management
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No

VFI name: management, state: up, type: multipoint, signaling: BGP
  VPN ID: 4013, VE-ID: 10129, VE-SIZE: 10
  RD: 21949:2194904013, RT: 21949:4013, 21949:2194904013
  Bridge-Domain 4013 attachment circuits:
Vlan4013
  Pseudo-port interface: pseudowire100036
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100037   72.15.50.33 10033  299  354 Y

However this does not:

!
interface GigabitEthernet0/3
 description Facing CE
 switchport trunk allowed vlan none
 switchport mode trunk
 logging event link-status
 no cdp enable
 service instance 1 ethernet
  encapsulation dot1q 4013
  rewrite ingress tag pop 1 symmetric
 !
!
bridge-domain 4013
 member GigabitEthernet0/3 service-instance 1
 member vfi management
!

#show l2vpn vfi name management
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No

VFI name: management, state: down, type: multipoint, signaling: BGP
  VPN ID: 4013, VE-ID: 10129, VE-SIZE: 10
  RD: 21949:2194904013, RT: 21949:4013, 21949:2194904013
  Bridge-Domain 4013 attachment circuits:
  Pseudo-port interface: pseudowire100036
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS
  pseudowire100037   72.15.50.33 10033  299  354 Y

So even though in the latter example, vfi management is a member of
bridge-domain 4013, it can't seem to find the attachment circuit.  I get
that the AC wouldn't be Vlan4013, but I'd sorta expect it to know that
it's Gi0/3 si 1.  I'm assuming that since we can now map a vfi to a
bridge-domain, an SVI is no longer required, unless the VPLS instance is
routed VPLS; we'd need somewhere to apply the IP and mask.  Is this an
incorrect assumption or is something not working that really should be
working?

Thanks in advance.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Changing ve id doesn't withdraw old prefixes

[Nick Ryce]

Hi Jason,

It was myself on the packet exchange forum with the issue.  After removing
the config and reading the issue resolved itself.

Have you tried removing the full config for the vfi and associated member
ports and re-adding?

Nick







On 21/06/2013 00:37, Pshem Kowalczyk pshe...@gmail.com wrote:

Hi,

It does look like a bug. How often would you change ve id though? I'd
expect that to be fairly static once set up. We had a number of issues
of that sort (Cisco expected the number/id to be static during the
lifetime of a service, but we changed it). Most of those bugs
ultimately got fixed, but in some cases we were told that the
conditions are too unusual, or there is some other workaround.

kind regards
Pshem
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Layer 2 Traffic Monitoring

[Nick Ryce]

Hi Samar,

Is the IX traffic and internet traffic on the same vlan?

If its split between 2 you could use service instances on the ports which
can be graphed via snmp.

Nick

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 11/06/2013 21:33, Samar Chokutaev s.chokut...@gmail.com wrote:

Hello, everyone

Could you please help me in trouble with traffic monitoring.
We have IX-network with a pair ME3400 with only Layer 2 enabled. All
providers connected to this switches communicate directly with each other
(we use route servers).
Now we need traffic monitoring for IX network. But the problem is that
some
of these providers buy Internet connection from the same link. That's why
we need to separate internet traffic from the local.

Is there any solution for this problem, except the usage of Netflow?

Thank you in advance.

Kind regards,
Samar
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Fwd: BGP Signalled VPLS on ME3600

[Nick Ryce]

Hi Gustav,

Yep, as below:-

sw1.sco-edi-NEW#show mpls for 46.226.0.12 detail
Local  Outgoing   Prefix   Bytes Label   Outgoing   Next Hop
Label  Label  or Tunnel Id Switched  interface
None   306496 46.226.0.12/32   0 Tu1point2point
MAC/Encaps=14/18, MRU=9000, Label Stack{306496}, via Te0/2
A8D0E55DD93788F07792BCDB8847 4AD4
No output feature configured


SW1.THN-LON#show mpls for 46.226.0.10 detail
Local  Outgoing   Prefix   Bytes Label   Outgoing   Next Hop
Label  Label  or Tunnel Id Switched  interface
None   304720 46.226.0.10/32   0 Tu0point2point
MAC/Encaps=14/18, MRU=9000, Label Stack{304720}, via Te0/2
A8D0E55DEB3D88F077938CDB8847 4A65


--
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000

From: gustav.ulan...@steria.semailto:gustav.ulan...@steria.se 
gustav.ulan...@steria.semailto:gustav.ulan...@steria.se
Date: Friday, 7 June 2013 09:37
To: Nick Ryce n...@fluency.net.ukmailto:n...@fluency.net.uk
Cc: cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net, cisco-nsp 
cisco-nsp-boun...@puck.nether.netmailto:cisco-nsp-boun...@puck.nether.net
Subject: Re: [c-nsp] Fwd: BGP Signalled VPLS on ME3600

Hello.

Do you have a corresponding entry in the mpls forwarding database for the next 
hop address?

Bästa hälsningar / Best regards,

Gustav Uhlander
Communication  Infrastructure Engineer

Steria AB
Kungsbron 13
Box 169
SE-101 23  Stockholm
Sweden

Tel: +46 8 622 42 15
Fax: +46 8 622 42 23
Mobile: +46 70 962 71 03
gustav.ulan...@steria.semailto:gustav.ulan...@steria.se
www.steria.se




From:Nick Ryce n...@fluency.net.ukmailto:n...@fluency.net.uk
To:cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
Date:2013-06-06 20:11
Subject:[c-nsp] Fwd: BGP Signalled VPLS on ME3600
Sent by:cisco-nsp 
cisco-nsp-boun...@puck.nether.netmailto:cisco-nsp-boun...@puck.nether.net





Hi,

Im having a strange issue with a BGP signalled VPLS on my ME3600.  I'm running 
15.3.2(s).

The VFI comes up but the virtual circuit stays down with the following error:-

SW1.THN-LON#show mpls L2transport vc 501 detail
Local interface: VFI FLVPLS001 vfi up
 Interworking type is Ethernet
 Destination address: 46.226.0.10, VC ID: 501, VC status: down
   Last error: MPLS dataplane reported a fault to the nexthop
   Output interface: none, imposed label stack {}
   Preferred path: not configured
   Default path: no route
   No adjacency
 Create time: 00:19:42, last status change time: 00:19:42
   Last label FSM state change time: 00:19:42
 Signaling protocol: BGP
   Status TLV support (local/remote)   : Not Applicable
 LDP route watch   : Not Applicable
 Label/status state machine: activating, LruRruD
 Last local dataplane   status rcvd: DOWN(pw-tx-fault)
 Last BFD dataplane status rcvd: Not Applicable
 Last BFD peer monitor  status rcvd: Not Applicable
 Last local AC  circuit status rcvd: No fault
 Last local AC  circuit status sent: DOWN(pw-rx-fault)
 Last local PW i/f circ status rcvd: No fault
 Last local LDP TLV status sent: Not Applicable
 Last remote LDP TLVstatus rcvd: Not Applicable
 Last remote LDP ADJstatus rcvd: Not Applicable
   MPLS VC labels: local 27, remote 16
   Group ID: local 0, remote 0
   MTU: local 1500, remote 1500
 Control Word: Off
 Dataplane:
   SSM segment/switch IDs: 0/10075 (used), PWID: 12
 VC statistics:
   transit packet totals: receive 0, send 0
   transit byte totals:   receive 0, send 0
   transit packet drops:  receive 0, seq error 0, send 0



The next hop is available and routable so not quite sure what the issue is.  
Any help greatly appreciated.

Nick


___
cisco-nsp mailing list  
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Fwd: BGP Signalled VPLS on ME3600

[Nick Ryce]

Hi,

Im having a strange issue with a BGP signalled VPLS on my ME3600.  I'm running 
15.3.2(s).

The VFI comes up but the virtual circuit stays down with the following error:-

SW1.THN-LON#show mpls L2transport vc 501 detail
Local interface: VFI FLVPLS001 vfi up
  Interworking type is Ethernet
  Destination address: 46.226.0.10, VC ID: 501, VC status: down
Last error: MPLS dataplane reported a fault to the nexthop
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
  Create time: 00:19:42, last status change time: 00:19:42
Last label FSM state change time: 00:19:42
  Signaling protocol: BGP
Status TLV support (local/remote)   : Not Applicable
  LDP route watch   : Not Applicable
  Label/status state machine: activating, LruRruD
  Last local dataplane   status rcvd: DOWN(pw-tx-fault)
  Last BFD dataplane status rcvd: Not Applicable
  Last BFD peer monitor  status rcvd: Not Applicable
  Last local AC  circuit status rcvd: No fault
  Last local AC  circuit status sent: DOWN(pw-rx-fault)
  Last local PW i/f circ status rcvd: No fault
  Last local LDP TLV status sent: Not Applicable
  Last remote LDP TLVstatus rcvd: Not Applicable
  Last remote LDP ADJstatus rcvd: Not Applicable
MPLS VC labels: local 27, remote 16
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
  Control Word: Off
  Dataplane:
SSM segment/switch IDs: 0/10075 (used), PWID: 12
  VC statistics:
transit packet totals: receive 0, send 0
transit byte totals:   receive 0, send 0
transit packet drops:  receive 0, seq error 0, send 0



The next hop is available and routable so not quite sure what the issue is.  
Any help greatly appreciated.

Nick


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] BGP Signalled VPLS

[Nick Ryce]

Had a call with cisco tac and they managed to get it working by removing
the RD.

No idea why this resolved it.  Now to try and get it to working with a
juniper PE.

Nick

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 16/04/2013 13:37, Nick Ryce n...@fluency.net.uk wrote:

Hi,

I have 2 x ME3600x running me360x-universalk9-mz.153-2.S and am looking
to use the new VPLS BGP signalling functionality.

I am using RSVP with the topology attached but I cannot get traffic to
pass.  Any ideas?


Configs as below.

Any help with debug commands would also be greatly appreciated.

hostname PE1
!
!
!
no aaa new-model
ip routing
!
!
!
!
ip name-server 8.8.8.8
!
!
mpls traffic-eng tunnels
l2vpn vfi context lab
 vpn id 512
 autodiscovery bgp signaling bgp
  ve id 1
  ve range 11
  rd 172.16.1.1:512
  route-target export 56595:512
  route-target import 56595:512
!
vlan 512
 name lab
!
l2 router-id 172.16.1.1
!
!
!
interface Loopback0
 ip address 172.16.1.1 255.255.255.255
 ip ospf 1 area 0.0.0.0
!
interface Tunnel0
 description PE1-to-PE2
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.2.2
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface Tunnel1
 description PE1-toPE3
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.3.3
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface GigabitEthernet0/1
 no switchport
 ip address 10.0.0.1 255.255.255.252
 mpls traffic-eng tunnels
 ip rsvp bandwidth percent 100
!
interface GigabitEthernet0/2
 switchport access vlan 512
!
router ospf 1
 router-id 172.16.1.1
 network 10.0.0.0 0.0.0.3 area 0.0.0.0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0.0.0.0
!
router bgp 56595
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120
 bgp graceful-restart stalepath-time 360
 bgp graceful-restart
 no bgp default ipv4-unicast
 neighbor 172.16.2.2 remote-as 56595
 neighbor 172.16.2.2 update-source Loopback0
 neighbor 172.16.3.3 remote-as 56595
 neighbor 172.16.3.3 update-source Loopback0
 !
 address-family ipv4
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended
 exit-address-family
 !
 address-family vpnv4
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended
 exit-address-family
 !
 address-family l2vpn vpls
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.2.2 prefix-length-size 2
  neighbor 172.16.2.2 suppress-signaling-protocol ldp
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended
  neighbor 172.16.3.3 suppress-signaling-protocol ldp
 exit-address-family


hostname PE3
!
!
!
no aaa new-model
ip routing
!
!
!
!
ip name-server 8.8.8.8
ipv6 multicast rpf use-bgp
!
!
mpls traffic-eng tunnels
l2vpn vfi context lab
 vpn id 512
 autodiscovery bgp signaling bgp
  ve id 3
  ve range 11
  rd 172.16.3.3:512
  route-target export 56595:512
  route-target import 56595:512
vlan 512
 name test
!
!
!
!
interface Loopback0
 ip address 172.16.3.3 255.255.255.255
 ip ospf 1 area 0.0.0.0
!
interface Tunnel0
 description PE3-to-PE2
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.2.2
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface Tunnel1
 description PE3-to-PE1
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.1.1
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface GigabitEthernet0
 ip address 46.226.1.178 255.255.255.248
 speed auto
 duplex auto
 negotiation auto
!
interface GigabitEthernet0/1
 no switchport
 ip address 10.0.0.6 255.255.255.252
 mpls traffic-eng tunnels
 ip rsvp bandwidth percent 100
!
interface GigabitEthernet0/2
 switchport access vlan 512
!
interface Vlan512
 no ip address
 member vfi lab
!
router ospf 1
 router-id 172.16.3.3
 network 10.0.0.4 0.0.0.3 area 0.0.0.0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0.0.0.0
!
router bgp 56595
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120
 bgp graceful-restart stalepath-time 360
 bgp graceful-restart
 no bgp default ipv4-unicast
 neighbor 172.16.1.1 remote-as 56595
 neighbor 172.16.1.1 update-source Loopback0
 neighbor 172.16.2.2 remote-as 56595
 neighbor 172.16.2.2 update-source Loopback0
 !
 address-family ipv4
  neighbor 172.16.1.1 activate
  neighbor 172.16.1.1 send-community extended
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
 exit-address-family
 !
 address-family vpnv4
  neighbor 172.16.1.1 activate
  neighbor 172.16.1.1 send-community extended
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send

Re: [c-nsp] BGP Signalled VPLS

[Nick Ryce]

VPLS using BGP signalling is now available so assume multihoming can be
done also.

Nick

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 23/04/2013 13:44, William Jackson william.jack...@gibtele.com wrote:

So is BGP VPLS multi homing now available in cisco.

Like it is in Junos?
Last time I checked I could not see anything plans for it?

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] BGP Signalled VPLS

[Nick Ryce]

Hi Aaron,

The VE ID etc is for BGP signalling.

Nick


--
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000

From: Aaron aar...@gvtc.commailto:aar...@gvtc.com
Date: Monday, 22 April 2013 14:28
To: 'Waris Sagheer (waris)' wa...@cisco.commailto:wa...@cisco.com, Nick 
Ryce n...@fluency.net.ukmailto:n...@fluency.net.uk, 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] BGP Signalled VPLS

I ran vpls w/bgp ad w/ldg sig between (2) asr9k’s and (4) me3600’s and I didn’t 
have to use ve id nor ve range…. Is there something I would miss out on without 
using ve id or ve range?  Also, is there a default value associated with ve id 
or ve range that was enacted in the absence of my not explicitly configuring it 
?

Waris, if the VE ID is for unique PE VPLS Edge ID assignment, would that mean 
that my configuration without the ve id configured would have duplicate VE ID’s 
per PE?  Or maybe there is a autoassignment thing that occurs.  Perhaps I’ll 
set it up again and see what happens, as I mentioned previously I had removed 
my vpls architecture for l3vpn preference.
Aaron

From: Waris Sagheer (waris) [mailto:wa...@cisco.com]
Sent: Sunday, April 21, 2013 10:10 PM
To: Nick Ryce; Aaron; 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] BGP Signalled VPLS

All PEs within a given VPLS are assigned a unique VPLS Edge device ID (VE ID).
Nick is right about BGP NLRI,

VPLS BGP NLRI (RFC 4761)
AFI = 25 (L2VPN)
SAFI = 65 (VPLS)
VE ID
VE Block Offset (VBO)
VE Block Size (VBS)
Label Base (LB)


Best Regards,

[http://www.cisco.com/web/europe/images/email/signature/horizontal06.jpg]


Waris Sagheer
Technical Marketing Manager
Service Provider Access Group
wa...@cisco.commailto:wa...@cisco.com
Phone: +1 408 853 6682
Mobile: +1 408 835 1389

CCIE - 19901



[Think before you print.] Think before you print.

This email may contain confidential and privileged material for the sole use of 
the intended recipient. Any review, use, distribution or disclosure by others 
is strictly prohibited. If you are not the intended recipient (or authorized to 
receive for the recipient), please contact the sender by reply email and delete 
all copies of this message.

For corporate legal information go to:
http://www.cisco.com/web/about/doing_business/legal/cri/index.html

.



From: Nick Ryce n...@fluency.net.ukmailto:n...@fluency.net.uk
Date: Tuesday, April 16, 2013 7:52 AM
To: aar...@gvtc.commailto:aar...@gvtc.com 
aar...@gvtc.commailto:aar...@gvtc.com, 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net 
cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] BGP Signalled VPLS

Its part for the BGP L2VPN NLRI as far as I'm aware.

--
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.ukmailto:n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 16/04/2013 15:50, Aaron aar...@gvtc.commailto:aar...@gvtc.com wrote:

Anyone know what and why to use this ve stuff?  I didn't use it during
my
vpls (ios-ioxr) trial run in my network and never understood what it was
for...

  ve id 1
  ve range 11

Aaron

-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
Nick
Ryce
Sent: Tuesday, April 16, 2013 7:41 AM
To: Nick Ryce; cisco-nsp@puck.nether.netmailto:cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] BGP Signalled VPLS

Apologies the attachment has went through.

ASCII art as below

PE1---PE2PE3

PE1 and PE3 are ME3600's and PE2 is a Juniper SRX.

From PE2 labels are being pushed/popped correctly.

Nick







On 16/04/2013 13:37, Nick Ryce 
n...@fluency.net.ukmailto:n...@fluency.net.uk wrote:

Hi,

I have 2 x ME3600x running me360x-universalk9-mz.153-2.S and am looking
to use the new VPLS BGP signalling functionality.

I am using RSVP with the topology attached but I cannot get traffic to
pass.  Any ideas?


Configs as below.

Any help with debug commands would also be greatly appreciated.

hostname PE1
!
!
!
no aaa new-model
ip routing
!
!
!
!
ip name-server 8.8.8.8
!
!
mpls traffic-eng tunnels
l2vpn vfi context lab
vpn id 512
autodiscovery bgp signaling bgp
  ve id 1
  ve range 11
  rd 172.16.1.1:512
  route-target export 56595:512
  route-target import 56595:512
!
vlan 512
name lab
!
l2 router-id 172.16.1.1
!
!
!
interface Loopback0
ip address 172.16.1.1 255.255.255.255
ip ospf 1 area 0.0.0.0
!
interface Tunnel0
description PE1-to-PE2
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 172.16.2.2
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng path-option 1 dynamic !
interface Tunnel1
description PE1-toPE3
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 172.16.3.3
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng path-option 1 dynamic !
interface GigabitEthernet0/1
no switchport
ip address 10.0.0.1

Re: [c-nsp] Network Test Plan

[Nick Ryce]

See the next post when he said it was posted to the wrong thread :)

Nick

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 19/04/2013 16:02, Ahmed Hilmy hilmy...@gmail.com wrote:

Hello Ryan,

actually i didnt get your point , would you clarify it for me ?


On Fri, Apr 19, 2013 at 3:56 PM, Booth, Ryan rbo...@pantex.com wrote:

 This is true about the misses. From my own experience and what others
have
 told me when a small or medium buffer is missed the frame/packet is
usually
 dropped and requires a retransmission. For me this is evident in my
 IP-video traffic which suffers frame loss. Normal TCP traffic can just
 retransmit.


 Ryan Booth
 Blog.movingonesandzeros.net


 -Original Message-
 From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
 Ahmed Hilmy
 Sent: Friday, April 19, 2013 1:17 AM
 To: cisco-nsp@puck.nether.net
 Subject: [c-nsp] Network Test Plan

 Hello Friends,

 Alcatel-Lucent has completed our project deployment IP/MPLS Backbone,
7750
 SR7 - 7750 SR12, they suggest test plan but i am thinking if i can ad
some
 tests.

 Test Strategy:

 IGP, OSPF
 MPLS, LDP+RSVP+ LSP Fast Reroute
 VLL
 VPLS
 VPRN

 Any idea to share, and test to add
 your comment is warmly welcome

 Regards,
 Ahmed
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] BGP Signalled VPLS

[Nick Ryce]

 suppress-signaling-protocol ldp
 exit-address-family


Tunnels are up in both directions.

Output of some commands as below

PE3#show l2vpn vfi name lab
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No

VFI name: lab, state: up, type: multipoint, signaling: BGP
  VPN ID: 512, VE-ID: 3, VE-SIZE: 11
  RD: 172.16.3.3:512, RT: 56595:512, 56595:512
  Bridge-Domain 512 attachment circuits:
Vlan512
  Pseudo-port interface: pseudowire11
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS

PE1#show l2vpn vfi name lab
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No

VFI name: lab, state: down, type: multipoint, signaling: BGP
  VPN ID: 512, VE-ID: 1, VE-SIZE: 11
  RD: 172.16.1.1:512, RT: 56595:512, 56595:512
  Bridge-Domain 512 attachment circuits:
Vlan512
  Pseudo-port interface: pseudowire13
  Interface  Peer AddressVE-ID  Local Label  Remote LabelS

PE3#show bgp l2vpn vpls all
BGP table version is 28, local router ID is 172.16.3.3
Status codes: s suppressed, d damped, h history, * valid,  best, i - internal,
  r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
  x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

 Network  Next HopMetric LocPrf Weight Path
Route Distinguisher: 172.16.1.1:512
 *i 172.16.1.1:512:VEID-1:Blk-1/136
   172.16.1.1   0100  0 ?
Route Distinguisher: 172.16.2.2:512
 *i 172.16.2.2:512:VEID-2:Blk-1/136
   172.16.2.2100  0 i
 *i 172.16.2.2:512:VEID-2:Blk-1/136
   172.16.2.2100  0 i
Route Distinguisher: 172.16.3.3:512
 *  172.16.3.3:512:VEID-3:Blk-1/136
   0.0.0.032768 ?


PE1# show bgp l2vpn vpls all
BGP table version is 39, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid,  best, i - internal,
  r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
  x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

 Network  Next HopMetric LocPrf Weight Path
Route Distinguisher: 172.16.1.1:512
 *  172.16.1.1:512:VEID-1:Blk-1/136
   0.0.0.032768 ?
Route Distinguisher: 172.16.2.2:512
 *i 172.16.2.2:512:VEID-2:Blk-1/136
   172.16.2.2100  0 i
 *i 172.16.2.2:512:VEID-2:Blk-1/136
   172.16.2.2100  0 i
Route Distinguisher: 172.16.3.3:512
 *i 172.16.3.3:512:VEID-3:Blk-1/136
   172.16.3.3   0100  0 ?


Nick

--
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.ukmailto:n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] BGP Signalled VPLS

[Nick Ryce]

Apologies the attachment has went through.

ASCII art as below

PE1---PE2PE3

PE1 and PE3 are ME3600's and PE2 is a Juniper SRX.

From PE2 labels are being pushed/popped correctly.

Nick







On 16/04/2013 13:37, Nick Ryce n...@fluency.net.uk wrote:

Hi,

I have 2 x ME3600x running me360x-universalk9-mz.153-2.S and am looking
to use the new VPLS BGP signalling functionality.

I am using RSVP with the topology attached but I cannot get traffic to
pass.  Any ideas?


Configs as below.

Any help with debug commands would also be greatly appreciated.

hostname PE1
!
!
!
no aaa new-model
ip routing
!
!
!
!
ip name-server 8.8.8.8
!
!
mpls traffic-eng tunnels
l2vpn vfi context lab
 vpn id 512
 autodiscovery bgp signaling bgp
  ve id 1
  ve range 11
  rd 172.16.1.1:512
  route-target export 56595:512
  route-target import 56595:512
!
vlan 512
 name lab
!
l2 router-id 172.16.1.1
!
!
!
interface Loopback0
 ip address 172.16.1.1 255.255.255.255
 ip ospf 1 area 0.0.0.0
!
interface Tunnel0
 description PE1-to-PE2
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.2.2
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface Tunnel1
 description PE1-toPE3
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.3.3
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface GigabitEthernet0/1
 no switchport
 ip address 10.0.0.1 255.255.255.252
 mpls traffic-eng tunnels
 ip rsvp bandwidth percent 100
!
interface GigabitEthernet0/2
 switchport access vlan 512
!
router ospf 1
 router-id 172.16.1.1
 network 10.0.0.0 0.0.0.3 area 0.0.0.0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0.0.0.0
!
router bgp 56595
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120
 bgp graceful-restart stalepath-time 360
 bgp graceful-restart
 no bgp default ipv4-unicast
 neighbor 172.16.2.2 remote-as 56595
 neighbor 172.16.2.2 update-source Loopback0
 neighbor 172.16.3.3 remote-as 56595
 neighbor 172.16.3.3 update-source Loopback0
 !
 address-family ipv4
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended
 exit-address-family
 !
 address-family vpnv4
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended
 exit-address-family
 !
 address-family l2vpn vpls
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.2.2 prefix-length-size 2
  neighbor 172.16.2.2 suppress-signaling-protocol ldp
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended
  neighbor 172.16.3.3 suppress-signaling-protocol ldp
 exit-address-family


hostname PE3
!
!
!
no aaa new-model
ip routing
!
!
!
!
ip name-server 8.8.8.8
ipv6 multicast rpf use-bgp
!
!
mpls traffic-eng tunnels
l2vpn vfi context lab
 vpn id 512
 autodiscovery bgp signaling bgp
  ve id 3
  ve range 11
  rd 172.16.3.3:512
  route-target export 56595:512
  route-target import 56595:512
vlan 512
 name test
!
!
!
!
interface Loopback0
 ip address 172.16.3.3 255.255.255.255
 ip ospf 1 area 0.0.0.0
!
interface Tunnel0
 description PE3-to-PE2
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.2.2
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface Tunnel1
 description PE3-to-PE1
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.1.1
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic
!
interface GigabitEthernet0
 ip address 46.226.1.178 255.255.255.248
 speed auto
 duplex auto
 negotiation auto
!
interface GigabitEthernet0/1
 no switchport
 ip address 10.0.0.6 255.255.255.252
 mpls traffic-eng tunnels
 ip rsvp bandwidth percent 100
!
interface GigabitEthernet0/2
 switchport access vlan 512
!
interface Vlan512
 no ip address
 member vfi lab
!
router ospf 1
 router-id 172.16.3.3
 network 10.0.0.4 0.0.0.3 area 0.0.0.0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0.0.0.0
!
router bgp 56595
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120
 bgp graceful-restart stalepath-time 360
 bgp graceful-restart
 no bgp default ipv4-unicast
 neighbor 172.16.1.1 remote-as 56595
 neighbor 172.16.1.1 update-source Loopback0
 neighbor 172.16.2.2 remote-as 56595
 neighbor 172.16.2.2 update-source Loopback0
 !
 address-family ipv4
  neighbor 172.16.1.1 activate
  neighbor 172.16.1.1 send-community extended
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
 exit-address-family
 !
 address-family vpnv4
  neighbor 172.16.1.1 activate
  neighbor 172.16.1.1 send-community extended
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
 exit-address-family
 !
 address-family l2vpn vpls
  neighbor

Re: [c-nsp] BGP Signalled VPLS

[Nick Ryce]

Its part for the BGP L2VPN NLRI as far as I'm aware.

-- 
Nick Ryce

Fluency Communications Ltd.
e. n...@fluency.net.uk
w. http://fluency.net.uk/
t. 0845 874 7000





On 16/04/2013 15:50, Aaron aar...@gvtc.com wrote:

Anyone know what and why to use this ve stuff?  I didn't use it during
my
vpls (ios-ioxr) trial run in my network and never understood what it was
for...

  ve id 1
  ve range 11

Aaron

-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
Nick
Ryce
Sent: Tuesday, April 16, 2013 7:41 AM
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] BGP Signalled VPLS

Apologies the attachment has went through.

ASCII art as below

PE1---PE2PE3

PE1 and PE3 are ME3600's and PE2 is a Juniper SRX.

From PE2 labels are being pushed/popped correctly.

Nick







On 16/04/2013 13:37, Nick Ryce n...@fluency.net.uk wrote:

Hi,

I have 2 x ME3600x running me360x-universalk9-mz.153-2.S and am looking
to use the new VPLS BGP signalling functionality.

I am using RSVP with the topology attached but I cannot get traffic to
pass.  Any ideas?


Configs as below.

Any help with debug commands would also be greatly appreciated.

hostname PE1
!
!
!
no aaa new-model
ip routing
!
!
!
!
ip name-server 8.8.8.8
!
!
mpls traffic-eng tunnels
l2vpn vfi context lab
 vpn id 512
 autodiscovery bgp signaling bgp
  ve id 1
  ve range 11
  rd 172.16.1.1:512
  route-target export 56595:512
  route-target import 56595:512
!
vlan 512
 name lab
!
l2 router-id 172.16.1.1
!
!
!
interface Loopback0
 ip address 172.16.1.1 255.255.255.255
 ip ospf 1 area 0.0.0.0
!
interface Tunnel0
 description PE1-to-PE2
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.2.2
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic !
interface Tunnel1
 description PE1-toPE3
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.3.3
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic !
interface GigabitEthernet0/1
 no switchport
 ip address 10.0.0.1 255.255.255.252
 mpls traffic-eng tunnels
 ip rsvp bandwidth percent 100
!
interface GigabitEthernet0/2
 switchport access vlan 512
!
router ospf 1
 router-id 172.16.1.1
 network 10.0.0.0 0.0.0.3 area 0.0.0.0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0.0.0.0
!
router bgp 56595
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120
 bgp graceful-restart stalepath-time 360  bgp graceful-restart  no bgp
default ipv4-unicast  neighbor 172.16.2.2 remote-as 56595  neighbor
172.16.2.2 update-source Loopback0  neighbor 172.16.3.3 remote-as 56595
neighbor 172.16.3.3 update-source Loopback0  !
 address-family ipv4
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended  exit-address-family  !
 address-family vpnv4
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended  exit-address-family  !
 address-family l2vpn vpls
  neighbor 172.16.2.2 activate
  neighbor 172.16.2.2 send-community extended
  neighbor 172.16.2.2 prefix-length-size 2
  neighbor 172.16.2.2 suppress-signaling-protocol ldp
  neighbor 172.16.3.3 activate
  neighbor 172.16.3.3 send-community extended
  neighbor 172.16.3.3 suppress-signaling-protocol ldp
exit-address-family


hostname PE3
!
!
!
no aaa new-model
ip routing
!
!
!
!
ip name-server 8.8.8.8
ipv6 multicast rpf use-bgp
!
!
mpls traffic-eng tunnels
l2vpn vfi context lab
 vpn id 512
 autodiscovery bgp signaling bgp
  ve id 3
  ve range 11
  rd 172.16.3.3:512
  route-target export 56595:512
  route-target import 56595:512
vlan 512
 name test
!
!
!
!
interface Loopback0
 ip address 172.16.3.3 255.255.255.255
 ip ospf 1 area 0.0.0.0
!
interface Tunnel0
 description PE3-to-PE2
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.2.2
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic !
interface Tunnel1
 description PE3-to-PE1
 ip unnumbered Loopback0
 tunnel mode mpls traffic-eng
 tunnel destination 172.16.1.1
 tunnel mpls traffic-eng priority 1 1
 tunnel mpls traffic-eng path-option 1 dynamic !
interface GigabitEthernet0
 ip address 46.226.1.178 255.255.255.248  speed auto  duplex auto
negotiation auto !
interface GigabitEthernet0/1
 no switchport
 ip address 10.0.0.6 255.255.255.252
 mpls traffic-eng tunnels
 ip rsvp bandwidth percent 100
!
interface GigabitEthernet0/2
 switchport access vlan 512
!
interface Vlan512
 no ip address
 member vfi lab
!
router ospf 1
 router-id 172.16.3.3
 network 10.0.0.4 0.0.0.3 area 0.0.0.0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0.0.0.0
!
router bgp 56595
 bgp log-neighbor-changes
 bgp graceful-restart restart-time 120
 bgp graceful-restart stalepath-time 360  bgp graceful-restart

Re: [c-nsp] Internet inside a VRF?

[Nick Ryce]

Does memory usage not increase by putting all the internet routes in a VRF?

Nick

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of 
michalis.bersi...@hq.cyta.gr
Sent: 14 March 2012 09:47
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Internet inside a VRF?

Hi,
Putting internet in a vrf is not that bad. I agree with some people say that 
separate the global routing table with vrf is easier, especially for networks 
that are deploying MPLS routers from scratch. I don't see any advantages from 
putting internet Prefixes in the global routing table.

Best Regards,

Michalis Bersimis




--

Message: 1
Date: Tue, 13 Mar 2012 21:58:58 -0500
From: Ge Moua moua0...@umn.edu
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Internet inside a VRF?
Message-ID: 4f600972.6040...@umn.edu
Content-Type: text/plain; charset=windows-1252; format=flowed

In RE networks, separation of commodity Internet-1 and Internet-2 traffic.

--
Regards,
Ge Moua

University of Minnesota Alumnus
Email: moua0...@umn.edu
--


On 3/13/12 8:17 PM, Jose Madrid wrote:
 I would like to understand why you guys would do this? What is the
 reasoning behind this? Super granular control? Cant this level of
 granularity be achieved with route-maps?

 Sent from my iPhone

 On Mar 13, 2012, at 8:27 PM, Dan Armstrongd...@beanfield.com  wrote:

 We have all our Internet peers and customers inside a VRF currently, and our 
 Cisco SE thinks we're stark raving mad, and should redesign and put 
 everything back in the global table.


 This is all on ASR 9Ks and 7600s.





 On 2012-03-13, at 8:12 PM, Pshem Kowalczyk wrote:

 Hi,

 On 14 March 2012 11:59, Dan Armstrongd...@beanfield.com  wrote:
 I know this topic has been discussed a million times, but just wanted to 
 get an updated opinion on how people are feeling about this:


 In a service provider network, how do people feel about putting the big 
 Internet routing table, all their peers and customers inside a VRF?  Keep 
 the global table for just infrastructure links?
 In my previous role we've done just that. One internet VRF for all
 transit functions, separate vrfs for peering and customers and
 import-export statements to tie them all together. All done on ASR1k
 (mainly 1006, but a few of 1002 as well).

 kind regards
 Pshem

 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Pulsant.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Pulsant accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Question for LACP/LAG gurus

[Nick Ryce]

Im in the same situation as below, trying to get a LACP working between Extreme 
and an ASR 9k.  Does anyone have a workaround for this rather than resetting 
the system id of the Extreme kit?



Nick





 From: Dmitry Kiselev dmitry at 
 dmitry.nethttps://puck.nether.net/mailman/listinfo/cisco-nsp

 To: cisco-nsp at 
 puck.nether.nethttps://puck.nether.net/mailman/listinfo/cisco-nsp

 Date: Tue, 12 Apr 2011 14:49:24 +0300

 Subject: [c-nsp] Question for LACP/LAG gurus

 Hello!



 While building several new LAGs on IOS XR I found strange behaviour of

 Cisco IOSes for system priority LACP parameter. Most of classic IOSes

 allow to set value from 0 to 65535, but IOS XR does not:



 12.2(55)SE2 Switch(config)#lacp system-priority ?

  0-65535  Priority value



 12.2(54)SG Switch(config)#lacp system-priority ?

  0-65535  Priority value



 12.2(33)SRE Router(config)#lacp system-priority ?

  0-65535  Priority value



 IOS XE 12.2(33)XNF2 Router(config)#lacp system-priority ?

  0-65535  Priority value



 IOS XR 4.0.1 Router(config)#lacp system priority ?

  1-65535  Priority for this system. Lower value is higher priority.



 Moreover, IOS XR does not form the LAG if received partner system priority

 is zero.

 In this case each bundle port shows the error message Partner System

 ID/Key

 do not match that of the Selected links and remain configured state.



 It would remain a theoretical nuance, but Extreme Networks switches

 advertise

 priority=0 by default on all LAGs cousing some troubles in setup.

 Interesting

 fact thats in the same time zero is invalid value in Extreme switch

 configuration  :) :)



 Extreme# configure sharing 7 lacp system-priority ?

  system_priority  System Priority (1..65535)



 I take a short look inside IEEE 802.1AX-2008 standart and IEEE 802.3-2005

 clause 43

 and does not see any special case for priority=0.  Does anybody in the list

 familar

 enough with LACP to explain me why Cisco IOS XR does not like zero here?



 Thanks



 --

 Dmitry Kiselev


Nick Ryce
Senior Network Engineer
Pulsant Limited
T: 0845 119 9900
DDI: +44 131 5144049
W: 
www.pulsant.co.ukhttps://nbg01-exch-01.lumison.net/owa/redir.aspx?C=3d7cd71066064370b0210c73169f0074URL=http%3a%2f%2fwww.pulsant.co.uk



--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Pulsant.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Pulsant accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] VASI interfaces on IOS XR

[Nick Ryce]

Completely agree.  Thanks for the insight.

Nick

On 22 Feb 2012, at 08:22, Bruce Pinsky b...@whack.org wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Nick Ryce wrote:
 Hi Bruce,

 I was hoping to have an easy way out from import / export :-)



 In the VASI scenarios I've seen, BGP is used to send routes learned from
 the MP-BGP sessions to the the PE-CE BGP sessions and vice versa.  So, in
 essence, you have three different BGP domains, the PE-CE, the MP-BGP, and
 the inter-VASI.  In effect, you have two different redistributions going
 on.  This is the result of having the VASI interfaces shimmed between the
 real interfaces facing the CE and the P/PE MPLS core.

 Since you don't need the VASI construct as you are not trying to apply
 services to a label switched interface, I don't think you need the
 complexity of what VASI introduces.  If you simply need to get routes from
 one VRF to another, I think that you should be able to do something like this:

 router ospf 1
 redistribute ospf 2 vrf bar

 router ospf 2
 redistribute ospf 1 vrf foo

 I know that VRF aware redistribution is available in IOS, but not sure
 about XR (didn't spend a lot of time hunting through the docs).  To me the
 downside of redistribution is that you end up with external routes but
 perhaps that's not an issue in your environment.

 Import/Export may seem like a pain, but I don't think anymore so than
 mutual redistribution and the access-lists and/or tags to prevent loops.

 I suppose you could get fancy and use BGP between VASI interfaces and
 redistribute your OSPF into BGP to get it across.  But I think it violates
 the KISS and 2am principles unnecessarily.

 - --
 =
 bep

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v2.0.17 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAk9EpZcACgkQE1XcgMgrtya2pgCfc5fHnvtYSj2HPhORDoAu9poi
 6hgAoNg+9LTpLsVo0Kv6pkoZ7JTr6WBx
 =xQXV
 -END PGP SIGNATURE-

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] VASI interfaces on IOS XR

[Nick Ryce]

Hi Guys,

Does anyone know if these type of interfaces can be used without a services 
blade?  Also is there a specific version of XR required?

I have been scouring documentation and can't really find anything.  Would 
InterFlex interfaces do the same thing?  I am looking to have 1 link in a VRF 
and the other in a separate VRF.  Then create ospf adjacencies do redistribute 
routes between the 2 VRF tables.  Any thoughts?

Nick

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] VASI interfaces on IOS XR

[Nick Ryce]

Hi Bruce,

I was hoping to have an easy way out from import / export :-)


Nick

On 22 Feb 2012, at 00:21, Bruce Pinsky b...@whack.org wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Nick Ryce wrote:
 Hi Guys,

 Does anyone know if these type of interfaces can be used without a
 services blade?  Also is there a specific version of XR required?

 I have been scouring documentation and can't really find anything.
 Would InterFlex interfaces do the same thing?  I am looking to have 1
 link in a VRF and the other in a separate VRF.  Then create ospf
 adjacencies do redistribute routes between the 2 VRF tables.  Any
 thoughts?


 Are the routes from those different interfaces learned from other OSPF
 adjacencies?

 Seems like you should just be able to import the routes from the other VRF
 via an import statement?  Am I missing what you are trying to do?

 VASI interfaces are really designed to allow for services to be applied
 prior to label imposition on packets that would be label forwarded toward
 the core.  The VASI-left interface serves as a pseudo-CE and the VASI-right
 serves as a pseudo-PE.  If the routes you are learning and needing to be
 readvertised are coming and going from untagged interfaces, I don't think
 VASI is what you need.

 - --
 =
 bep

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v2.0.17 (MingW32)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAk9EM0MACgkQE1XcgMgrtybl5gCeMHq2qYSblgbNX+9xR79pJ22t
 t+0AoKau5fgjS//erKDT5ScwLT9B3TWp
 =hgr4
 -END PGP SIGNATURE-

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Flow tools

[Nick Ryce]

Can nfdump/nfsen show useage per AS number as I cannot see anything on their 
site?

Nick

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Dobbins, Roland
Sent: 18 January 2012 06:14
To: Cisco NSP
Subject: Re: [c-nsp] Flow tools


On Jan 17, 2012, at 11:23 PM, John Brown wrote:

 6506-E Sup720-3BXL.

The NetFlow you get from this box won't be operationally useful - many caveats. 
 Strongly suggest a move to Sup2T and DFC4 (where applicable), if you want good 
NetFlow from 6500s.

nfdump/nfsen is a good open-source set of tools to use in getting started with 
flow telemetry, IMHO.

---
Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com

The basis of optimism is sheer terror.

  -- Oscar Wilde


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] 6148 L2 local switching?

[Nick Ryce]

Hi MKS,

I believe that card only has a 1G fabric shared between 8 ports each.  Therefor 
I don't believe you could do 2 simultaneous gig streams as you have suggested.

I may be wrong though ;)

Nick

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of MKS
Sent: 12 January 2012 11:40
To: cisco-nsp
Subject: [c-nsp] 6148 L2 local switching?

A popular topic, I know, but I have a question that I can't find an answer to 
in previous discussions.

In a given port-group, let's say 1-8, and all the ports are switchports in the 
same vlan.
can port 1- port2 reach a gig throughput at the same time as port 3-port4.

In other words, this this card capable of L2 local switching? or does every 
packet go to the sup and back?

Regards
MKS
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IOS XR BGP

[Nick Ryce]

Hi Oli,

That's sounds fantastic.

I will give that a go and report back.

Nick

-Original Message-
From: Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com]
Sent: 24 November 2011 16:04
To: Nick Ryce; Eric Morin; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] IOS XR BGP


 I require the specific to be from IGP.

 I have a funny feeling all I need to do is redistribute OSPF into BGP
then
 use the aggregate-address as-set summary-only

yes, and it looks you can limit the OSPF redistribution to a few (a
single?) more specific as you are only interested in the core reachability?

 Just need confirmation if there is any other way.

not to simulate your current solution in XR.

But have you thought about orignating the aggregates you advertise to the 
Internet (and customers) via some central routers in your core, for example 
some RRs, instead of on the edge(s)? This way you will never advertise them in 
case your edge devices become isolated (which, if I read you correctly, is the 
purpose of this exercise?).

If you chose this approach, you might also want to advertise these aggregates 
with a special next-hop (like a private 10.1.1.1), and add a static null0 to 
10.1.1.1/32 on all your BGP routers. Then every router seeing the aggregate 
will automatically create a Null0 and will drop all packets to unallocated 
address space within these aggregates as soon as it enters your network?

oli


--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IOS XR BGP

[Nick Ryce]

Hi Vinny,

aggregate-address only aggregates routes already in BGP and not from IGP.  I 
was looking for a way to do this ala Junos that doesn't require me to 
redistribute OSPF routes to BGP.

Nick

-Original Message-
From: Vinny Abello [mailto:vi...@abellohome.net]
Sent: 24 November 2011 19:17
To: Oliver Boehmer (oboehmer)
Cc: Nick Ryce; Eric Morin; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] IOS XR BGP

On 11/24/2011 11:04 AM, Oliver Boehmer (oboehmer) wrote:

 I require the specific to be from IGP.

 I have a funny feeling all I need to do is redistribute OSPF into BGP
 then
 use the aggregate-address as-set summary-only
 yes, and it looks you can limit the OSPF redistribution to a few (a
 single?) more specific as you are only interested in the core
 reachability?

 Just need confirmation if there is any other way.
 not to simulate your current solution in XR.

 But have you thought about orignating the aggregates you advertise to
 the Internet (and customers) via some central routers in your core,
 for example some RRs, instead of on the edge(s)? This way you will
 never advertise them in case your edge devices become isolated (which,
 if I read you correctly, is the purpose of this exercise?).

 If you chose this approach, you might also want to advertise these
 aggregates with a special next-hop (like a private 10.1.1.1), and add
 a static null0 to 10.1.1.1/32 on all your BGP routers. Then every
 router seeing the aggregate will automatically create a Null0 and will
 drop all packets to unallocated address space within these aggregates
 as soon as it enters your network?
I have to agree with Oli here. I've followed this practice originating 
aggregate routes from extremely well connected core routers at multiple points 
in my networks. To the best of my memory, I never used network statements at 
the border or edge. Once or twice when building out to a new geographical area 
before having all of the redundancy in place, this practice has saved us when a 
single failed backbone link isolates the new routers in question. They stop 
announcing anything to their peers and we stop seeing any announcements from 
them obviously when their iBGP sessions drop with the rest of the network.

To me this always seemed like the most simple and effective approach. Is there 
a reason this would not work in this situation or is there a reason using the 
aggregate-address commands provides some other benefit I'm missing?

-Vinny


--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] IOS XR BGP

[Nick Ryce]

Hi,

I am moving from Juniper to Cisco ( IOS XR ) and am looking to emulate a 
certain feature ( aggregate addressing for BGP )

In Junos I can set routing-options aggregate route x.x.x.x/19 . If there is a 
less specific contributing route from IGP then the aggregate is announced 
through BGP.

In BGP on IOS XR you use the network statement network x.x.x.x/19 now you need 
to have an exact route for this ( normally setting a static route ).  This will 
not suit my requirements as if we lose IGP on that router I would like to stop 
announcing the ranges via BGP but the static route will still be there and I 
will theoretically blackhole traffic.

Any ideas how to allow BGP to announce an aggregate route when there is less 
specific in IGP would be a great help.


Thanks

Nick




--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IOS XR BGP

[Nick Ryce]

Hi Adam,

That's great thanks.

I had just focused on the summary only part which only summarise less specific 
BGP routes.

Nick

-Original Message-
From: Vitkovsky, Adam [mailto:avitkov...@emea.att.com]
Sent: 24 November 2011 12:20
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: IOS XR BGP

Same as in Jonos use the aggregate cmd:

2.router bgp as-number
3.address-family  { ipv4  | ipv6 } unicast
4.aggregate-address address/mask-length  [ as-set ] [ as-confed-set ] [ 
summary-only ] [ route-policy route-policy-name ]

The as-set  keyword generates autonomous system set path information and 
community information from contributing paths.

The as-confed-set keyword generates autonomous system confederation set path 
information from contributing paths.

The summary-only  keyword filters all more specific routes from updates.

The route-policy route-policy-name  keyword and argument specify the route 
policy used to set the attributes of the aggregate route.


adam

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: Thursday, November 24, 2011 11:49 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IOS XR BGP

Hi,

I am moving from Juniper to Cisco ( IOS XR ) and am looking to emulate a 
certain feature ( aggregate addressing for BGP )

In Junos I can set routing-options aggregate route x.x.x.x/19 . If there is a 
less specific contributing route from IGP then the aggregate is announced 
through BGP.

In BGP on IOS XR you use the network statement network x.x.x.x/19 now you need 
to have an exact route for this ( normally setting a static route ).  This will 
not suit my requirements as if we lose IGP on that router I would like to stop 
announcing the ranges via BGP but the static route will still be there and I 
will theoretically blackhole traffic.

Any ideas how to allow BGP to announce an aggregate route when there is less 
specific in IGP would be a great help.


Thanks

Nick




--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions presented 
in this email are solely those of the author and do not necessarily represent 
those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses. Lumison accept no liability for any damage caused by any 
virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IOS XR BGP

[Nick Ryce]

Still can't get this to work.

I have the network statement and a corresponding aggregate address statement 
with as-set appended.

Any other thoughts?

Nick

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: 24 November 2011 12:54
To: Vitkovsky, Adam; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] IOS XR BGP

Hi Adam,

That's great thanks.

I had just focused on the summary only part which only summarise less specific 
BGP routes.

Nick

-Original Message-
From: Vitkovsky, Adam [mailto:avitkov...@emea.att.com]
Sent: 24 November 2011 12:20
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: IOS XR BGP

Same as in Jonos use the aggregate cmd:

2.router bgp as-number
3.address-family  { ipv4  | ipv6 } unicast
4.aggregate-address address/mask-length  [ as-set ] [ as-confed-set ] [ 
summary-only ] [ route-policy route-policy-name ]

The as-set  keyword generates autonomous system set path information and 
community information from contributing paths.

The as-confed-set keyword generates autonomous system confederation set path 
information from contributing paths.

The summary-only  keyword filters all more specific routes from updates.

The route-policy route-policy-name  keyword and argument specify the route 
policy used to set the attributes of the aggregate route.


adam

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: Thursday, November 24, 2011 11:49 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IOS XR BGP

Hi,

I am moving from Juniper to Cisco ( IOS XR ) and am looking to emulate a 
certain feature ( aggregate addressing for BGP )

In Junos I can set routing-options aggregate route x.x.x.x/19 . If there is a 
less specific contributing route from IGP then the aggregate is announced 
through BGP.

In BGP on IOS XR you use the network statement network x.x.x.x/19 now you need 
to have an exact route for this ( normally setting a static route ).  This will 
not suit my requirements as if we lose IGP on that router I would like to stop 
announcing the ranges via BGP but the static route will still be there and I 
will theoretically blackhole traffic.

Any ideas how to allow BGP to announce an aggregate route when there is less 
specific in IGP would be a great help.


Thanks

Nick




--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions presented 
in this email are solely those of the author and do not necessarily represent 
those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses. Lumison accept no liability for any damage caused by any 
virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions 
presented in this email are solely those of the author and do not necessarily 
represent those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses.  Lumison accept no liability for any damage caused by any 
virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman

Re: [c-nsp] IOS XR BGP

[Nick Ryce]

No, I am not introducing IGP into BGP.

All I want to do is that if IGP is lost then the subsequent aggregate routes in 
BGP are withdrawn, if that makes sense.

Nick

-Original Message-
From: Vitkovsky, Adam [mailto:avitkov...@emea.att.com]
Sent: 24 November 2011 14:35
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: IOS XR BGP

I see so you are introducing the more specifics from igp into bgp with the 
network commands on the same router where you'd like to aggregate right?
Do you see the more specifics within the aggregate range in the particular BGP 
AF table?

adam

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: Thursday, November 24, 2011 2:56 PM
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] IOS XR BGP

Still can't get this to work.

I have the network statement and a corresponding aggregate address statement 
with as-set appended.

Any other thoughts?

Nick

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: 24 November 2011 12:54
To: Vitkovsky, Adam; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] IOS XR BGP

Hi Adam,

That's great thanks.

I had just focused on the summary only part which only summarise less specific 
BGP routes.

Nick

-Original Message-
From: Vitkovsky, Adam [mailto:avitkov...@emea.att.com]
Sent: 24 November 2011 12:20
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: IOS XR BGP

Same as in Jonos use the aggregate cmd:

2.router bgp as-number
3.address-family  { ipv4  | ipv6 } unicast
4.aggregate-address address/mask-length  [ as-set ] [ as-confed-set ] [ 
summary-only ] [ route-policy route-policy-name ]

The as-set  keyword generates autonomous system set path information and 
community information from contributing paths.

The as-confed-set keyword generates autonomous system confederation set path 
information from contributing paths.

The summary-only  keyword filters all more specific routes from updates.

The route-policy route-policy-name  keyword and argument specify the route 
policy used to set the attributes of the aggregate route.


adam

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: Thursday, November 24, 2011 11:49 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IOS XR BGP

Hi,

I am moving from Juniper to Cisco ( IOS XR ) and am looking to emulate a 
certain feature ( aggregate addressing for BGP )

In Junos I can set routing-options aggregate route x.x.x.x/19 . If there is a 
less specific contributing route from IGP then the aggregate is announced 
through BGP.

In BGP on IOS XR you use the network statement network x.x.x.x/19 now you need 
to have an exact route for this ( normally setting a static route ).  This will 
not suit my requirements as if we lose IGP on that router I would like to stop 
announcing the ranges via BGP but the static route will still be there and I 
will theoretically blackhole traffic.

Any ideas how to allow BGP to announce an aggregate route when there is less 
specific in IGP would be a great help.


Thanks

Nick




--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions presented 
in this email are solely those of the author and do not necessarily represent 
those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses. Lumison accept no liability for any damage caused by any 
virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions 
presented in this email are solely those of the author and do not necessarily 
represent those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses.  Lumison accept no liability for any damage caused by any 
virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive

Re: [c-nsp] IOS XR BGP

[Nick Ryce]

Hi Eric,

I require the specific to be from IGP.

I have a funny feeling all I need to do is redistribute OSPF into BGP then use 
the aggregate-address as-set summary-only

Just need confirmation if there is any other way.

Nick

-Original Message-
From: Eric Morin [mailto:eric.mo...@corp.xplornet.com]
Sent: 24 November 2011 14:24
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] IOS XR BGP

I don't know how the as-set piece works, but you need a 'specific' in your BGP 
table in order to trigger the aggregate that encompasses that specific. You 
don't need a network statement (unless it is for a more specific prefix that is 
being added into BGP in this device as well, which would also require an exact 
match route).

The one thing to note is with eBGP on XR you need an out policy applied to the 
neighbor (prefix list, route map ect), by default all prefixes are dropped to 
ebgp neighbours (ibgp works the same as non-XR where it sends everything by 
default).

Hope this helps
Eric

-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: Thursday, November 24, 2011 9:56 AM
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] IOS XR BGP

Still can't get this to work.

I have the network statement and a corresponding aggregate address statement 
with as-set appended.

Any other thoughts?

Nick

-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: 24 November 2011 12:54
To: Vitkovsky, Adam; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] IOS XR BGP

Hi Adam,

That's great thanks.

I had just focused on the summary only part which only summarise less specific 
BGP routes.

Nick

-Original Message-
From: Vitkovsky, Adam [mailto:avitkov...@emea.att.com]
Sent: 24 November 2011 12:20
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: IOS XR BGP

Same as in Jonos use the aggregate cmd:

2.router bgp as-number
3.address-family  { ipv4  | ipv6 } unicast
4.aggregate-address address/mask-length  [ as-set ] [ as-confed-set
] [ summary-only ] [ route-policy route-policy-name ]

The as-set  keyword generates autonomous system set path information and 
community information from contributing paths.

The as-confed-set keyword generates autonomous system confederation set path 
information from contributing paths.

The summary-only  keyword filters all more specific routes from updates.

The route-policy route-policy-name  keyword and argument specify the route 
policy used to set the attributes of the aggregate route.


adam

-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: Thursday, November 24, 2011 11:49 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IOS XR BGP

Hi,

I am moving from Juniper to Cisco ( IOS XR ) and am looking to emulate a 
certain feature ( aggregate addressing for BGP )

In Junos I can set routing-options aggregate route x.x.x.x/19 . If there is a 
less specific contributing route from IGP then the aggregate is announced 
through BGP.

In BGP on IOS XR you use the network statement network x.x.x.x/19 now you need 
to have an exact route for this ( normally setting a static route ).  This will 
not suit my requirements as if we lose IGP on that router I would like to stop 
announcing the ranges via BGP but the static route will still be there and I 
will theoretically blackhole traffic.

Any ideas how to allow BGP to announce an aggregate route when there is less 
specific in IGP would be a great help.


Thanks

Nick




--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions presented 
in this email are solely those of the author and do not necessarily represent 
those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses. Lumison accept no liability for any damage caused by any 
virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions 
presented in this email are solely

Re: [c-nsp] IOS XR BGP

[Nick Ryce]

Hi Nick,

I understand this but there is sometimes hundreds of more specifics in IGP so 
there would not really be any flapping as such unless some core links 
horrifically died.

So would redist ospf into BGP then use aggregate address work then?

Nick

-Original Message-
From: Nick Hilliard [mailto:n...@foobar.org]
Sent: 24 November 2011 15:22
To: Nick Ryce
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] IOS XR BGP

On 24/11/2011 14:38, Nick Ryce wrote:
 All I want to do is that if IGP is lost then the subsequent aggregate
 routes in BGP are withdrawn, if that makes sense.

You mean, you want the whole world to know every time you have an igp flap?
 :-D

This is not really considered to be good engineering practice.  Lots of reasons 
why, but for a good starting point, google for:

bgp synchronization +site:nanog.org

Nick

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] IOS XR RPL

[Nick Ryce]

Hi,

I'm trying to write a route-policy that will prepend a customers' announcement 
when they send a certain community.  The prepend should be their own AS number 
rather than our AS.

I know how to do this is Junos but could anyone point me in the right direction 
for IOS XR?

Thanks

Nick


--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IOS XR RPL

[Nick Ryce]

Thanks guys

-Original Message-
From: Arie Vayner (avayner) [mailto:avay...@cisco.com]
Sent: 22 September 2011 12:18
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] IOS XR RPL

Nick,

I think you can find the following example very similar to what you want to 
achieve:
http://www.cisco.com/en/US/docs/routers/asr9000/software/asr9k_r4.1/rout
ing/configuration/guide/routing_cg41asr9k_chapter7.html#ref_1093449

Arie

-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: Thursday, September 22, 2011 13:48
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IOS XR RPL

Hi,

I'm trying to write a route-policy that will prepend a customers'
announcement when they send a certain community.  The prepend should be their 
own AS number rather than our AS.

I know how to do this is Junos but could anyone point me in the right direction 
for IOS XR?

Thanks

Nick


--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions presented 
in this email are solely those of the author and do not necessarily represent 
those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses. Lumison accept no liability for any damage caused by any 
virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IOS XR RPL

[Nick Ryce]

Just found prepend as-path most-recent.  I assume this is the one I need?


Nick

-Original Message-
From: cisco-nsp-boun...@puck.nether.net 
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Ryce
Sent: 22 September 2011 11:48
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] IOS XR RPL

Hi,

I'm trying to write a route-policy that will prepend a customers' announcement 
when they send a certain community.  The prepend should be their own AS number 
rather than our AS.

I know how to do this is Junos but could anyone point me in the right direction 
for IOS XR?

Thanks

Nick


--

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any offers 
or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions presented 
in this email are solely those of the author and do not necessarily represent 
those of Lumison.
Finally, the recipient should check this email and any attachments for the 
presence of viruses. Lumison accept no liability for any damage caused by any 
virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Another unsupported-transceiver issue

[Nick Ryce]

Hi Tim,

Thanks for this.  I'm getting in touch with our optic supplier to see if
they have had any other reports of this.  Its a chan35 optic to plug into
some DWDM kit.  Pity Cisco seem to have omitted this channel from their
optic range or we would have used them.

Nick
--
Nick Ryce
Network Engineer
Lumison
t: 0845 1199 900
d: +44 131 514 4049

P.S. Fancy some light reading? Clouds to networks, download a Lumison
whitepaper now athttp://www.lumison.net/why-lumison/whitepapers





On 04/09/2011 12:24, tim t...@haitabu.net wrote:

Nick,

On 02.09.2011 4:47 PM, Nick Ryce wrote:
 State:
 Administrative state: enabled
 Operational state: Down (Reason: Security failure (not a valid
part))
 LED state: Yellow On

 Is there another hidden command I need to set to get the XFP to work?

I am not an optical or XFP expert, but we had the same issue with some
second source optics and the ASR 9000 series.  The ASR 9000 line-cards
seem to be more aggressive in the time-slot between giving power to the
XFP and wanting to fetch the data from the XFP eeeprom (i.e., the XFP
has not so much time to boot/get warm and deliver the eeeprom data to
the line-card).
One can test this by resetting the line-card with the XFP inserted.  If
the XFP comes up properly it is (it could be) this issue.

We have no (realistic) work-around for this second source optics, but
discussed this with the XFP vendors and they modified/upgraded the XFPs
and now they work with the ASR 9000 series routers.

BTW:  Until now we had no example were we needed the global service
unsupported-transceiver statement.  We do use the transceiver permit
pid all statement in interface configuration mode for some SFPs.

Hth,
   tim


--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Another unsupported-transceiver issue

[Nick Ryce]

Hi All,

We have an ASR9006 with some opnext 10Gig optics.

I have set the service unsupported-transceiver option and also set transceiver 
permit pid all on the interface.

The interface does not come up and when issuing a show controllers ten0/0/0/1 I 
see the following:-

State:
Administrative state: enabled
Operational state: Down (Reason: Security failure (not a valid part))
LED state: Yellow On

Is there another hidden command I need to set to get the XFP to work?

Nick




--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] IOS XR SSH

[Nick Ryce]

Hi,

Do you need the k9 version of IOS XR in order to set up the ssh server for 
secure connections into it?  I cant see any command references to enable the 
ssh server in the basic 4.1.0 version.

Any help much appreciated.

Nick




--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] IOS XR SSH

[Nick Ryce]

It makes me die inside that a router of the asr calibre cant have management 
access encrypted with ssh without a different software version :(

Nick

-Original Message-
From: Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com]
Sent: 26 August 2011 12:51
To: Nick Ryce; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] IOS XR SSH


 Do you need the k9 version of IOS XR in order to set up the ssh server
for
 secure connections into it?  I cant see any command references to
enable the
 ssh server in the basic 4.1.0 version.

yes, you need the crypto image (k9), the command you're looking for is ssh 
server [v2] to enable a ssh server (default is off/no server listening to 
tcp/22)..

oli

--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted.  Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses.  Lumison accept no liability for any
damage caused by any virus transmitted by this email.

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Graph cisco 4948 SVI

[Nick Ryce]

Hi,

Does anyone know if the 4948 has the ability to be able to graph traffic 
transiting the SVI of a vlan?  I know the 3550/3560's are unable to do this?

Nick


--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Multi Area OSPF

[Nick Ryce]

Hi Guys,

Im having some issues with setting up multi area ospf between a j 2320 and a 
cisco 1812.  I have a funny feeling the issues will be user related.


The j2320 is acting as an abr with backbone area 0.0.0.0 and stub area 0.0.0.1 
and advertises a default route into the stub area.

The 1812 is set as a stub with no other routing protocols being used.  When I 
use the redistribute static or redistribute connected commands it advises these 
cant be used as the router is an asbr.  The router is only running 1 ospf 
process for the stub area so I am not sure why this is occurring.

I add the network x.x.x.x y.y.y.y area 0.0.0.1 command and can start seeing a 
default route being sent by the juniper which is great but the juniper cannot 
see anything being sent from the router.  I can get around this by setting the 
network in the ospf process to 0.0.0.0 255.255.255.255 but is this the correct 
way to do this as it would mean that any interface on the router will be 
sending out ospf requests which I do not want to occur as I want to be specific.

Any ideas?

Nick


--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] DHCP Option 66 String

[Nick Ryce]

Hi Guys,

I have been hunting around trying to find if when using cisco dhcp and option 
66 I can use a http url rather than tftp?  Within most linux dhcp daemons this 
can be done.

Any help greatly appreciated.


Nick


--

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender. Any
offers or quotation of service are subject to formal specification.
Errors and omissions excepted. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Lumison and nPlusOne.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Lumison and nPlusOne accept no liability for any
damage caused by any virus transmitted by this email.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/