Re: [c-nsp] Scaling L2
You need something bigger/better to aggregate on. Peter On Sun, Jan 9, 2011 at 4:12 PM, T Johnson tjohnso...@gmail.com wrote: I have a virtualization environment that is quickly growing and I tend to use smaller catalyst 2xxx and 3xxx series switches. One problem I see coming up is running out of MAC address table space on these switches as well as tons of L2 broadcast traffic. My question is this: does cisco have a way to deal with this when you'd want to keep things in one L2 domain (rather than forcing L3 boundaries)? I see the TRILL/fabricpath stuff, but of course it only runs on switches I don't have the budget for. Dreaming up things... it would seem fairly easy if I could just route sets of MAC addresses out to different connected switches. It's fairly easy to assign MAC addresses on the server side to help support this. Anything like this possible? Or another solution? Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Peter Serwe http://truthlightway.blogspot.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] policy and static nat mix?
Sorry, ASA 5520, 7.x SW version. Peter On Fri, Jan 7, 2011 at 5:15 AM, Ryan West rw...@zyedge.com wrote: On what type of device? Sent from handheld On Jan 7, 2011, at 2:10 AM, Peter Serwe peter.se...@gmail.com wrote: I've got static NAT's setup for a network IP, and I want to NAT to a different IP for a particular outside subnet specified in an ACL. That IP is already statically nat'd to another device. I've got the ACL crafted, but I'm unclear how to tie it to the outside I want to tie it to. Just to add to the complexity, that IP is already statically nat'd to another inside address, but on a different inside interface Inbound traffic (initiated from the outside) isn't a huge concern, although I'd like to do it for that subnet if possible, inbound return traffic should map back through the NAT (I think). I can't seem to figure out how I can keep both static NAT's but for one /29, specifically NAT to a different IP on the outside interface. Peter -- Peter Serwe http://truthlightway.blogspot.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Peter Serwe http://truthlightway.blogspot.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] policy and static nat mix?
Right, it's inside to outside. I don't care about outside to inside so much. I have global, but it's not being used because there's a static. I guess, I need to figure out how to exclude this particular subnet from the existing static that's catching everything. Peter On Fri, Jan 7, 2011 at 10:58 AM, Ryan West rw...@zyedge.com wrote: On Jan 7, 2011, at 2:10 AM, Peter Serwe peter.se...@gmail.com wrote: I've got static NAT's setup for a network IP, and I want to NAT to a different IP for a particular outside subnet specified in an ACL. That IP is already statically nat'd to another device. I've got the ACL crafted, but I'm unclear how to tie it to the outside I want to tie it to. Just to add to the complexity, that IP is already statically nat'd to another inside address, but on a different inside interface Inbound traffic (initiated from the outside) isn't a huge concern, although I'd like to do it for that subnet if possible, inbound return traffic should map back through the NAT (I think). I can't seem to figure out how I can keep both static NAT's but for one /29, specifically NAT to a different IP on the outside interface. If I understand correctly, you’ll need a policy NAT ACL that references your internal host to that outside subnet. Then configure a static NAT with the public address you want it to translate followed by the access-list keyword and NAT ACL. http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807d2874.shtml If you need inside to outside translations to be different, dynamic NAT will work for that. -ryan -- Peter Serwe http://truthlightway.blogspot.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] policy and static nat mix?
I've got static NAT's setup for a network IP, and I want to NAT to a different IP for a particular outside subnet specified in an ACL. That IP is already statically nat'd to another device. I've got the ACL crafted, but I'm unclear how to tie it to the outside I want to tie it to. Just to add to the complexity, that IP is already statically nat'd to another inside address, but on a different inside interface Inbound traffic (initiated from the outside) isn't a huge concern, although I'd like to do it for that subnet if possible, inbound return traffic should map back through the NAT (I think). I can't seem to figure out how I can keep both static NAT's but for one /29, specifically NAT to a different IP on the outside interface. Peter -- Peter Serwe http://truthlightway.blogspot.com/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/