subject:"Re\: \[c\-nsp\] Cisco 10k\?"

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-28 Thread Oliver Boehmer (oboehmer)

FAHAD ALI KHAN mailto:[EMAIL PROTECTED] wrote on Friday, March
28, 2008 6:45 AM:

 Now im introducing Cisco products as PE only, to offer MPLS VPN
 services to Broadband clients...everything with cisco is going
 goodbut this seems to be little bit scalability issue in our
 caseif we have to put static routes for each VPN route per tunnel
 (it will be a mess for me)

Right, and I never mentioned any static VRF routes to remote CEs over
the tunnel (I never saw this being done, not sure it would work).
 
 than...autoroute announce is also not
 suitable...as it can distrub my IGP traffic flows.

Right. However: If the 10ks will terminate predominantly VPN customers
(and most of the traffic it sends is vpn traffic), you could deploy
autoroute-announce on the 10ks acting as TE headend. Or is this not the
case? Please bear in mind that autoroute is only acting locally, other
IGP nodes don't see the PE using the tunnel (this is different from
forwarding-adjaceny, which would actually advertise the tunnel as link
in the IGP).

 Now u have given two optionsand seems goodbut can u share
 some sample configuration with scanrio for the deployment of 1)  use
 a different BGP next-hop for your VPNv4 route (either via bgp
 next-hop Loopback1 in the ip vrf definition in newer releases) 2)
 using a route-map, and point a static route to this next-hop over the
 tunnel.   
 
 Kindly suggest the best option  that doesnt giv us hard time in
 large scale deployment. Suggestion from other MPLS VPN service
 providers are also welcome. What are the BCP to fwd only VPN traffic
 to TE tunnels with the scalability is mind.   

Well, I haven't come across such a scenario, most of the time only
selected VPNs had to be send over a tunnel, while the default was to
follow IGP.

I don't have a config example stored, so let me make something up
(untested, but you should get the idea):

Assuming you have 4 remote PEs (PE2 through PE5). You allocate a
distinct Loopback1 on all of these nodes (10.0.0.2 through 10.0.0.5/32)
and configure 4 tunnels (Tunnel2 through Tunnel5) going to PE2-PE5. Then
add statics on PE1 pointing the individual Loopback over the respective
tunnel:

int tunnel2
 description vpn to PE2
 ip unnumbered Loopback0 (-- this is your TE ID)
 tunnel destination Loopback0-of-PE2
 tunnel mode mpls traffic-eng  
 tunnel mpls traffic-eng path-option 10 whatever-path
 mpls ip ! you need LDP on the tunnel
!
int tunnel3
 description vpn to PE3
 ip unnumbered Loopback0 (-- this is your TE ID)
 tunnel destination Loopback0-of-PE3
 tunnel mode mpls traffic-eng  
 tunnel mpls traffic-eng path-option 10 whatever-path
 mpls ip ! you need LDP on the tunnel
!
! .. and so on ..
! and then static routes
ip route 10.0.0.2 255.255.255.255 Tunnel2
ip route 10.0.0.3 255.255.255.255 Tunnel3
ip route 10.0.0.4 255.255.255.255 Tunnel4
ip route 10.0.0.5 255.255.255.255 Tunnel5

Repeat this on the other PEs accordingly. With this, you set up a full
mesh of tunnels between the PEs.


on each remote PE (PE2 through PE5), you now have the option of 

a) selectively setting the next-hop for certain VRFs only using:

  ip vrf foo
   rd x:y
   ...
   bgp next-hop Loopback1

or

b) modifying the next-hop of all vpnv4 routes advertised over the tunnel
using a route-map on your iBGP vpnv4 connection to the route reflectors:

  router bgp ...
   address-family vpnv4
neighbor rr-address activate
neighbor rr-address send-community both
neighbor rr-address route-map foo out
  
  route-map foo permit 10
   set ip next-hop loopback1-address


I guess this is as scalable as it gets, when you introduce a new PE, you
need to build new tunnels on all existing PEs, and add a static route.
But it is a TE design after-all, which is always more complex than
regular IGP.

hope this helps..

oli


 On Thu, Mar 20, 2008 at 12:46 PM, Oliver Boehmer (oboehmer)
 [EMAIL PROTECTED] wrote: 
 
 
 
   Fahad,
 
   the only option you have is to use a different BGP next-hop for
your
   VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf
   definition in newer releases), or using a route-map, and point a
   static route to this next-hop over the tunnel. This way, all
VRFs
   configured this way will be sent over the tunnel, all other
traffic
   will be sent via regular IGP shortest path. You need to run LDP
over
   the tunnel for this to work so the headend will see the imp-null
LDP
 for this next-hop. 
 
  oli
Oli
   
autoroute announce will send all the traffic (IGP + VPN)
towards
tunnel, where as i dont want to send IGP traffic but only VPN
traffic.
   
Is there any way.well u say static...managment of static
will
   b a  great hurdle in routing of 1000s of VPNs routes...
   
Is there any solution, to this issue. As Juniper by default
select
RSVP tunnel as the next-hop if BGP next-hop is also the same
for

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-27 Thread FAHAD ALI KHAN

Dear Oli

Let me clear my scenarioSince my Core Bw is not symetrical...i need to
do TE and force some Traffic to go against IGP rules. Current Juniper based
RSVP tunnels doing things good...and i can forced VPN traffic to TE tunnel
by creating policy filter (route map) by just matching VPN RT  make the
decision for fwding   apply this routemap to the Forwarding table.

Now im introducing Cisco products as PE only, to offer MPLS VPN services to
Broadband clients...everything with cisco is going goodbut this seems to
be little bit scalability issue in our caseif we have to put static
routes for each VPN route per tunnel (it will be a mess for
me)than...autoroute announce is also not suitable...as it can distrub my
IGP traffic flows.

Now u have given two optionsand seems goodbut can u share some
sample configuration with scanrio for the deployment of
1)  use a different BGP next-hop for your VPNv4 route (either via bgp
next-hop Loopback1 in the ip vrf definition in newer releases)
2) using a route-map, and point a static route to this next-hop over the
tunnel.
Kindly suggest the best option  that doesnt giv us hard time in large scale
deployment. Suggestion from other MPLS VPN service providers are also
welcome. What are the BCP to fwd only VPN traffic to TE tunnels with the
scalability is mind.

regards

Fahad

On Thu, Mar 20, 2008 at 12:46 PM, Oliver Boehmer (oboehmer) 
[EMAIL PROTECTED] wrote:


 Fahad,

 the only option you have is to use a different BGP next-hop for your
 VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf
 definition in newer releases), or using a route-map, and point a static
 route to this next-hop over the tunnel. This way, all VRFs configured
 this way will be sent over the tunnel, all other traffic will be sent
 via regular IGP shortest path. You need to run LDP over the tunnel for
 this to work so the headend will see the imp-null LDP for this next-hop.

oli
  Oli
 
  autoroute announce will send all the traffic (IGP + VPN) towards
  tunnel, where as i dont want to send IGP traffic but only VPN
  traffic.
 
  Is there any way.well u say static...managment of static will b a
  great hurdle in routing of 1000s of VPNs routes...
 
  Is there any solution, to this issue. As Juniper by default select
  RSVP tunnel as the next-hop if BGP next-hop is also the same for the
  VPN route and it seems to be pretty simple  straight forward.
 
  All the suggestions will be welcome.



___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-25 Thread Gert Doering

Hi,

On Mon, Mar 24, 2008 at 05:00:57PM -0700, bill fumerola wrote:
 On Thu, Mar 13, 2008 at 04:39:24PM -0400, Matthew Crocker wrote:
  Isn't Cisco doing away with all the routers based off the FPGA code?   
  NSE-100, 7301, NSE-1   *very* fast when the packets can be handled in  
  PXF, not so good when they can't.
 
 i'd be interested in any documentation or discussion that would point
 to cisco distancing themselves from the 7301.

There seems to be some confusion between 7301 and 7304.

(The person at Cisco that named the 7301 definitely needs to smoke different
weed... but I already ranted about 7301 misdesigns)

gert

-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany [EMAIL PROTECTED]
fax: +49-89-35655025[EMAIL PROTECTED]


pgpfv4YosTcag.pgp
Description: PGP signature
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-25 Thread Kevin Graham

 There seems to be some confusion between 7301 and 7304.

Cisco has never known what to call the 1RU 7200 -- 7401, 7301, 7201;
given their own confusion, its only to be expected elsewhere. I guess
the only reprieve is there won't ever be another one.

7304 (either NSE or NPE) has been on its unfortunate deathbed for
quite some time (I was surprised the NSE-150 even made it), but with
the ASR, at least there's a reasonable replacement for it.


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-24 Thread bill fumerola

On Thu, Mar 13, 2008 at 04:39:24PM -0400, Matthew Crocker wrote:
 Isn't Cisco doing away with all the routers based off the FPGA code?   
 NSE-100, 7301, NSE-1   *very* fast when the packets can be handled in  
 PXF, not so good when they can't.

i'd be interested in any documentation or discussion that would point
to cisco distancing themselves from the 7301.

-- bill
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-20 Thread Oliver Boehmer (oboehmer)

FAHAD ALI KHAN mailto:[EMAIL PROTECTED] wrote on Thursday, March
20, 2008 6:04 AM:

 Oli
 
 autoroute announce will send all the traffic (IGP + VPN) towards
 tunnel, where as i dont want to send IGP traffic but only VPN
 traffic.  
 
 Is there any way.well u say static...managment of static will b a
 great hurdle in routing of 1000s of VPNs routes... 
 
 Is there any solution, to this issue. As Juniper by default select
 RSVP tunnel as the next-hop if BGP next-hop is also the same for the
 VPN route and it seems to be pretty simple  straight forward.  
 
 All the suggestions will be welcome.

Fahad,

the only option you have is to use a different BGP next-hop for your
VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf
definition in newer releases), or using a route-map, and point a static
route to this next-hop over the tunnel. This way, all VRFs configured
this way will be sent over the tunnel, all other traffic will be sent
via regular IGP shortest path. You need to run LDP over the tunnel for
this to work so the headend will see the imp-null LDP for this next-hop.

oli
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-19 Thread FAHAD ALI KHAN

Here is the working configuration  when i disable LDP from Juniper core
interfaces (fe-0/0/0  fe-0/0/1)...MPLS VPNs sites get disconnected

C10K#sh run
ip vrf vpn1
 description Test VPN 1
 rd 1241:100
 route-target export 1241:100
 route-target import 1241:100
!
mpls traffic-eng tunnels
mpls ldp neighbor 192.168.88.254 password test
mpls ldp neighbor 192.168.88.254 targeted ldp
mpls ldp loop-detection
no mpls ip propagate-ttl
mpls label protocol ldp
interface Tunnel2
 description *** C10008-PE to C7206VXR-PE ***
 no ip address
 mpls ip
 tunnel source Loopback0
 tunnel destination 192.168.88.254
 tunnel mode mpls traffic-eng
 tunnel mpls traffic-eng path-option 1 explicit name 10k-J4300-7206vxr
 ip rsvp bandwidth
interface Loopback0
 description *** Loopback ***
 ip address 192.168.97.254 255.255.255.255
 ip rsvp bandwidth
interface ATM1/0/0
 no ip address
interface ATM1/0/0.5 point-to-point
 description *** ATM-2-ATM L2 ATOM 10K-7206 ***
 ip vrf forwarding vpn1
 ip address 192.168.10.11 255.255.255.248
 pvc 3/32
  protocol ip 192.168.10.9
  ubr 256
 !
interface GigabitEthernet3/0/0
 mtu 1550
!
interface GigabitEthernet3/0/0.7
 description *** Connected to J4300A ***
 encapsulation dot1Q 296
 ip address 192.168.0.21 255.255.255.252
 ip mtu 1532
 mpls mtu 1520
 mpls traffic-eng tunnels
 mpls ip
 ip rsvp bandwidth
!
OSPF  BGP configuration ommited
!
ip explicit-path name 10k-3845-7206vxr enable
 next-address 192.168.0.22
 next-address 192.168.0.18
 next-address 192.168.88.254

mpls ldp router-id Loopback0 force
==
7206VXR-DSL#sh run
ip vrf vpn1
 rd 1241:100
 route-target export 1241:100
 route-target import 1241:100
!
mpls traffic-eng tunnels
mpls ldp neighbor 192.168.97.254 password test
mpls ldp neighbor 192.168.97.254 targeted ldp
mpls ldp loop-detection
no mpls ip propagate-ttl
mpls label protocol ldp
interface Tunnel1
 description C7206VXR-PE to C10008-PE
 ip unnumbered Loopback0
 mpls traffic-eng tunnels
 mpls ip
 tunnel source Loopback0
 tunnel destination 192.168.97.254
 tunnel mode mpls traffic-eng
 tunnel mpls traffic-eng path-option 1 explicit name 7206-3845-10k
 ip rsvp bandwidth
!
interface Loopback0
 description *** Loopback ***
 ip address 192.168.88.254 255.255.255.255
!
interface GigabitEthernet0/3
 description *** Connected to J4300 ***
 mtu 1546
 ip address 192.168.0.18 255.255.255.252
 ip mtu 1532
 mpls mtu 1520
 mpls traffic-eng tunnels
 mpls ip
 ip rsvp bandwidth
!
interface ATM1/0
 no ip address
interface ATM1/0.4 point-to-point
 description *** Layer 2 connection 7206-10k ***
 mtu 1500
 ip vrf forwarding vpn1
 ip address 192.168.10.2 255.255.255.248
 pvc 3/100
  protocol ip 192.168.10.1
  ubr 256
 !
OSPF  BGP configuration ommited
!
ip explicit-path name 7206-3845-10k enable
 next-address 192.168.0.17
 next-address 192.168.0.21
 next-address 192.168.97.254
mpls ldp router-id Loopback0 force
===
interfaces {
fe-0/0/0 {
description *** COnnected to 10K ***;
mtu 1546;
unit 0 {
family inet {
address 192.168.0.22/30;
}
family mpls;
}
}
fe-0/0/1 {
description *** Connected to 7206 ***;
mtu 1546;
unit 0 {
family inet {
address 192.168.0.17/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.120.254/32;
}
}
}
}
routing-options {
router-id 192.168.120.254;
autonomous-system 1241;
}
protocols {
rsvp {
interface fe-0/0/0.0 {
hello-interval 0;
}
interface fe-0/0/1.0 {
hello-interval 0;
}
}
mpls {
no-propagate-ttl;
explicit-null;
interface fe-0/0/0.0;
interface fe-0/0/1.0;
}
bgp {
group Internal {
type internal;
local-address 192.168.120.254;
authentication-key $9$YkoaUfTTRSlMN-k.mPF/; ## SECRET-DATA
local-as 1241;
neighbor 192.168.97.254;
neighbor 192.168.88.254;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface fe-0/0/0.0;
interface fe-0/0/1.0;
interface lo0.0 {
passive;
}
}
}
ldp {
strict-targeted-hellos;
explicit-null;
transport-address router-id;
interface all;
}
}
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-19 Thread Oliver Boehmer (oboehmer)

Well, you are not telling the headend (10K or 7200) what to forward down
the tunnel. Without any tunnel mpls traffic-eng autoroute announce or
static routes or forwarding-adjacency, no traffic will be sent over the
tunnel, so the IGP path towards the BGP next-hop will still point to
your outgoing interface, and unless you run LDP over this interface, the
PEs will not know about a label towards the other side.

In order to make this work, use autoroute and just let the 10k/7200 send
all traffic to the other side over the tunnel. 

In addition, you are missing an ip unnumbered loopback0 on the 10k's
Tunnel interface. Without this, the tunnel will not be elegible for any
form of IP routing/forwarding.

Assuming your BGP next-hop on the vpnv4 routes is also Loopback0 (i.e.
equal to your MPLS-TE router-id), you don't even need LDP on the tunnel,
but it doesn't hurt. You don't need the mpls ldp neighbor
192.168.88.254 targeted as we would build a targeted session once mpls
ip is enabled on the tunnel.

you can take a look at
http://www.cisco.com/warp/public/105/mplsvpnte.html. This doc is
somewhat outdated as it still talks about TDP, but gives some config
examples for various tunnel scenarios. 

oli

FAHAD ALI KHAN  wrote on Wednesday, March 19, 2008 9:26 AM:

 Here is the working configuration  when i disable LDP from Juniper
 core interfaces (fe-0/0/0  fe-0/0/1)...MPLS VPNs sites get
 disconnected 
 
 C10K#sh run
 ip vrf vpn1
  description Test VPN 1
  rd 1241:100
  route-target export 1241:100
  route-target import 1241:100
 !
 mpls traffic-eng tunnels
 mpls ldp neighbor 192.168.88.254 password test
 mpls ldp neighbor 192.168.88.254 targeted ldp
 mpls ldp loop-detection
 no mpls ip propagate-ttl
 mpls label protocol ldp
 interface Tunnel2
  description *** C10008-PE to C7206VXR-PE ***
  no ip address
  mpls ip
  tunnel source Loopback0
  tunnel destination 192.168.88.254
  tunnel mode mpls traffic-eng
  tunnel mpls traffic-eng path-option 1 explicit name 10k-J4300-7206vxr
  ip rsvp bandwidth
 interface Loopback0
  description *** Loopback ***
  ip address 192.168.97.254 255.255.255.255
  ip rsvp bandwidth
 interface ATM1/0/0
  no ip address
 interface ATM1/0/0.5 point-to-point
  description *** ATM-2-ATM L2 ATOM 10K-7206 ***
  ip vrf forwarding vpn1
  ip address 192.168.10.11 255.255.255.248
  pvc 3/32
   protocol ip 192.168.10.9
   ubr 256
  !
 interface GigabitEthernet3/0/0
  mtu 1550
 !
 interface GigabitEthernet3/0/0.7
  description *** Connected to J4300A ***
  encapsulation dot1Q 296
  ip address 192.168.0.21 255.255.255.252
  ip mtu 1532
  mpls mtu 1520
  mpls traffic-eng tunnels
  mpls ip
  ip rsvp bandwidth
 !
 OSPF  BGP configuration ommited
 !
 ip explicit-path name 10k-3845-7206vxr enable
  next-address 192.168.0.22
  next-address 192.168.0.18
  next-address 192.168.88.254
 
 mpls ldp router-id Loopback0 force
 ==
 7206VXR-DSL#sh run
 ip vrf vpn1
  rd 1241:100
  route-target export 1241:100
  route-target import 1241:100
 !
 mpls traffic-eng tunnels
 mpls ldp neighbor 192.168.97.254 password test
 mpls ldp neighbor 192.168.97.254 targeted ldp
 mpls ldp loop-detection
 no mpls ip propagate-ttl
 mpls label protocol ldp
 interface Tunnel1
  description C7206VXR-PE to C10008-PE
  ip unnumbered Loopback0
  mpls traffic-eng tunnels
  mpls ip
  tunnel source Loopback0
  tunnel destination 192.168.97.254
  tunnel mode mpls traffic-eng
  tunnel mpls traffic-eng path-option 1 explicit name 7206-3845-10k
  ip rsvp bandwidth
 !
 interface Loopback0
  description *** Loopback ***
  ip address 192.168.88.254 255.255.255.255
 !
 interface GigabitEthernet0/3
  description *** Connected to J4300 ***
  mtu 1546
  ip address 192.168.0.18 255.255.255.252
  ip mtu 1532
  mpls mtu 1520
  mpls traffic-eng tunnels
  mpls ip
  ip rsvp bandwidth
 !
 interface ATM1/0
  no ip address
 interface ATM1/0.4 point-to-point
  description *** Layer 2 connection 7206-10k ***
  mtu 1500
  ip vrf forwarding vpn1
  ip address 192.168.10.2 255.255.255.248
  pvc 3/100
   protocol ip 192.168.10.1
   ubr 256
  !
 OSPF  BGP configuration ommited
 !
 ip explicit-path name 7206-3845-10k enable
  next-address 192.168.0.17
  next-address 192.168.0.21
  next-address 192.168.97.254
 mpls ldp router-id Loopback0 force
 ===
 interfaces {
 fe-0/0/0 {
 description *** COnnected to 10K ***;
 mtu 1546;
 unit 0 {
 family inet {
 address 192.168.0.22/30;
 }
 family mpls;
 }
 }
 fe-0/0/1 {
 description *** Connected to 7206 ***;
 mtu 1546;
 unit 0 {
 family inet {
 address 192.168.0.17/30;
 }
 family mpls;
 }
 }
 lo0 {
 unit 0 {
 family inet {
 address 192.168.120.254/32;
 }
 }
 }
 }
 routing-options

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-19 Thread FAHAD ALI KHAN

Oli

*autoroute announce* will send all the traffic (IGP + VPN) towards tunnel,
where as i dont want to send IGP traffic but only VPN traffic.

Is there any way.well u say static...managment of static will b a great
hurdle in routing of 1000s of VPNs routes...

Is there any solution, to this issue. As Juniper by default select RSVP
tunnel as the next-hop if BGP next-hop is also the same for the VPN route
and it seems to be pretty simple  straight forward.

All the suggestions will be welcome.

Regards

Fahad

On Wed, Mar 19, 2008 at 10:49 PM, Oliver Boehmer (oboehmer) 
[EMAIL PROTECTED] wrote:

 Well, you are not telling the headend (10K or 7200) what to forward down
 the tunnel. Without any tunnel mpls traffic-eng autoroute announce or
 static routes or forwarding-adjacency, no traffic will be sent over the
 tunnel, so the IGP path towards the BGP next-hop will still point to
 your outgoing interface, and unless you run LDP over this interface, the
 PEs will not know about a label towards the other side.

 In order to make this work, use autoroute and just let the 10k/7200 send
 all traffic to the other side over the tunnel.

 In addition, you are missing an ip unnumbered loopback0 on the 10k's
 Tunnel interface. Without this, the tunnel will not be elegible for any
 form of IP routing/forwarding.

 Assuming your BGP next-hop on the vpnv4 routes is also Loopback0 (i.e.
 equal to your MPLS-TE router-id), you don't even need LDP on the tunnel,
 but it doesn't hurt. You don't need the mpls ldp neighbor
 192.168.88.254 targeted as we would build a targeted session once mpls
 ip is enabled on the tunnel.

 you can take a look at
 http://www.cisco.com/warp/public/105/mplsvpnte.html. This doc is
 somewhat outdated as it still talks about TDP, but gives some config
 examples for various tunnel scenarios.

oli

 FAHAD ALI KHAN  wrote on Wednesday, March 19, 2008 9:26 AM:

  Here is the working configuration  when i disable LDP from Juniper
  core interfaces (fe-0/0/0  fe-0/0/1)...MPLS VPNs sites get
  disconnected
 
  C10K#sh run
  ip vrf vpn1
   description Test VPN 1
   rd 1241:100
   route-target export 1241:100
   route-target import 1241:100
  !
  mpls traffic-eng tunnels
  mpls ldp neighbor 192.168.88.254 password test
  mpls ldp neighbor 192.168.88.254 targeted ldp
  mpls ldp loop-detection
  no mpls ip propagate-ttl
  mpls label protocol ldp
  interface Tunnel2
   description *** C10008-PE to C7206VXR-PE ***
   no ip address
   mpls ip
   tunnel source Loopback0
   tunnel destination 192.168.88.254
   tunnel mode mpls traffic-eng
   tunnel mpls traffic-eng path-option 1 explicit name 10k-J4300-7206vxr
   ip rsvp bandwidth
  interface Loopback0
   description *** Loopback ***
   ip address 192.168.97.254 255.255.255.255
   ip rsvp bandwidth
  interface ATM1/0/0
   no ip address
  interface ATM1/0/0.5 point-to-point
   description *** ATM-2-ATM L2 ATOM 10K-7206 ***
   ip vrf forwarding vpn1
   ip address 192.168.10.11 255.255.255.248
   pvc 3/32
protocol ip 192.168.10.9
ubr 256
   !
  interface GigabitEthernet3/0/0
   mtu 1550
  !
  interface GigabitEthernet3/0/0.7
   description *** Connected to J4300A ***
   encapsulation dot1Q 296
   ip address 192.168.0.21 255.255.255.252
   ip mtu 1532
   mpls mtu 1520
   mpls traffic-eng tunnels
   mpls ip
   ip rsvp bandwidth
  !
  OSPF  BGP configuration ommited
  !
  ip explicit-path name 10k-3845-7206vxr enable
   next-address 192.168.0.22
   next-address 192.168.0.18
   next-address 192.168.88.254
 
  mpls ldp router-id Loopback0 force
  ==
  7206VXR-DSL#sh run
  ip vrf vpn1
   rd 1241:100
   route-target export 1241:100
   route-target import 1241:100
  !
  mpls traffic-eng tunnels
  mpls ldp neighbor 192.168.97.254 password test
  mpls ldp neighbor 192.168.97.254 targeted ldp
  mpls ldp loop-detection
  no mpls ip propagate-ttl
  mpls label protocol ldp
  interface Tunnel1
   description C7206VXR-PE to C10008-PE
   ip unnumbered Loopback0
   mpls traffic-eng tunnels
   mpls ip
   tunnel source Loopback0
   tunnel destination 192.168.97.254
   tunnel mode mpls traffic-eng
   tunnel mpls traffic-eng path-option 1 explicit name 7206-3845-10k
   ip rsvp bandwidth
  !
  interface Loopback0
   description *** Loopback ***
   ip address 192.168.88.254 255.255.255.255
  !
  interface GigabitEthernet0/3
   description *** Connected to J4300 ***
   mtu 1546
   ip address 192.168.0.18 255.255.255.252
   ip mtu 1532
   mpls mtu 1520
   mpls traffic-eng tunnels
   mpls ip
   ip rsvp bandwidth
  !
  interface ATM1/0
   no ip address
  interface ATM1/0.4 point-to-point
   description *** Layer 2 connection 7206-10k ***
   mtu 1500
   ip vrf forwarding vpn1
   ip address 192.168.10.2 255.255.255.248
   pvc 3/100
protocol ip 192.168.10.1
ubr 256
   !
  OSPF  BGP configuration ommited
  !
  ip explicit-path name 7206-3845-10k enable
   next-address 192.168.0.17
   next-address 192.168.0.21

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-17 Thread Oliver Boehmer (oboehmer)

Hi,

I've never ran any form of MPLS without LDP on the interface, but if
you're using RSVP-TE, LDP on the physical interfaces should not be
needed. Can you show your working and your not-working config?

The decision which path (LDP or RSVP-TE signalled path) is taken by the
headend depends on the routing and tunnel setup. So if you just use
autoroute on the tunnel, we'll send all traffic towards the BGP
next-hops over the tunnel. If the BGP next-hop (for MPLS-VPN) is equal
to the MPLS-TE router-ID of the tail (i.e. if this is a PE-PE tunnel),
there is no need to enable LDP on the tunnel itself. Otherwise LDP needs
to run over the tunnel (i.e. enable mpls ip on the TE tunnel
interface).

Not sure if this answers your question, though :-)

oli

FAHAD ALI KHAN  wrote on Monday, March 17, 2008 8:55 AM:

 Guys
 Im stuck in configuring MPLS L3VPN in Cisco + juniper in my test lab
 environment.
 
 I have Cisco 10K as PE connected to DSL IPoA client, Cisco 7206VXR as
 another PE connected with other IPoA client. MPLS P routers are of
 Juniper (J4300).
 for MPLS L3VPN there is no need to run LDP on core facing interfaces
 if we r using RSVP as TE LSP. i have configured every thing right
 (a/c to me)and check that vpn-v4 routes are shared b/w both PEs.
 Tunnels are also UP. but traffic is carrying though MPLS...core.
 
 As i enable LDP on juniper core facing interfaces, as it is enabled by
 default on Cisco routers.traffic flow start.
 
 This is amazed me. Kindly suggest me about this scenario. any sample
 configuration is welcome.
 
 Also, one more thing i check while enabling LDP  RSVP both, i have
 received routes from LDP paths not RSVP...and VPN routes are avaiable
 though LDP path...means...there is no traffic engineering. is there
 any way to check the route-prefernce of LDP and RSVP on Ciscoas
 it is 7 for RSVP  9 for LDP on Juniper.
 
 Is there any way that LDP is got tunneled over RSVP?
 
 
 Regards
 
 Fahad
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-17 Thread jp

Another option would be to get something that does OC3 ports (or bigger) 
and lets you map out DS1s to subinterfaces. Not sure what Cisco cards 
would be appropriate. Something like an Adtran opti system, and 
appropriate cisco card, you could run an OC3/12/48 into your Cisco. I'm 
sure Adtran would be helpful suggesting the right gear, perhaps other 
people on the list would be helpful on the Cisco side.

On Wed, Mar 12, 2008 at 11:40:07PM -0400, Jason Berenson wrote:
 Greetings,
 
 We currently have 3 7206VXRs with NPE-300's in them.  Adding PA-MC-T3 
 cards for DS1 edge connectivity at $3800/port is starting to get really 
 unbearable.  So I started to look at the Cisco 10k and noticed that an 8 
 port channelized DS3 card turns out to be around $1800/port.  I've done 
 a lot of research on the 10k and am interested in migrating away from 
 the 7206's.
 
 I'd like to use the 10k as our core edge router, it would need to run 
 QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS 
 customers and eventually DS1 channelized OCx ports to connect to our 
 Turin DAX so we can move away from copper and towards the light so to 
 speak.  :)
 
 If anyone could give me input on their experience with the 10k as a 7206 
 replacement as well as any input on models of the PREs that I should be 
 looking at and models on different cards like channelized DS3 and OCx 
 cards I would greatly appreciate it.  I'd most likely go with 48V power 
 since we already have a distribution system in place.
 
 The more information the better, I'd like to start looking at ebay for 
 parts and get a pitch setup for the higher-ups.  Any input/experience on 
 the feasibility of selling off the VXRs and expensive DS3 cards would be 
 good too.  I'd also like to hear what people would expect me to be 
 paying for each of the components needed to put together a fully 
 functional 10k.
 
 Thanks,
 Jason
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
/*
Jason Philbrook   |   Midcoast Internet Solutions - Wireless and DSL
KB1IOJ|   Broadband Internet Access, Dialup, and Hosting 
 http://f64.nu/   |   for Midcoast Mainehttp://www.midcoast.com/
*/
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10K MPLS VPN

2008-03-17 Thread Mark Tinka

On Monday 17 March 2008, FAHAD ALI KHAN wrote:

 Guys

Hello.

 Im stuck in configuring MPLS L3VPN in Cisco + juniper in
 my test lab environment.

As Oli has suggested, a copy of your configurations on both 
IOS and JunOS would help.

Mark.


signature.asc
Description: This is a digitally signed message part.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-14 Thread Rooney, Randy

10008 for us has been a typical cisco platform. Get on the right code
and it's stable. I'm assuming by 8 port channelized card you mean two HH
4 port cards? Just note that AToM isn't supported on that card, only the
6 port, choc12, and 24 port T1 card per the website. Haven't actually
tested in the lab though. Yes, with the 3 pack deal it's by far the
cheapest channelized card. Software is slow to develop especially
feature requests. We have several chassis with over 50 CT3s running just
fine. POS and Giges are spendy until they come out with a SIP like card.

Randy

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of Jason Berenson
 Sent: Wednesday, March 12, 2008 8:40 PM
 To: cisco-nsp@puck.nether.net
 Subject: [c-nsp] Cisco 10k?
 
 Greetings,
 
 We currently have 3 7206VXRs with NPE-300's in them.  Adding 
 PA-MC-T3 cards for DS1 edge connectivity at $3800/port is 
 starting to get really unbearable.  So I started to look at 
 the Cisco 10k and noticed that an 8 port channelized DS3 card 
 turns out to be around $1800/port.  I've done a lot of 
 research on the 10k and am interested in migrating away from 
 the 7206's.
 
 I'd like to use the 10k as our core edge router, it would 
 need to run QoS, VRFs, OSPF, BGP, vlans (would expect that), 
 connectivity for TLS customers and eventually DS1 channelized 
 OCx ports to connect to our Turin DAX so we can move away 
 from copper and towards the light so to speak.  :)
 
 If anyone could give me input on their experience with the 
 10k as a 7206 replacement as well as any input on models of 
 the PREs that I should be looking at and models on different 
 cards like channelized DS3 and OCx cards I would greatly 
 appreciate it.  I'd most likely go with 48V power since we 
 already have a distribution system in place.
 
 The more information the better, I'd like to start looking at 
 ebay for parts and get a pitch setup for the higher-ups.  Any 
 input/experience on the feasibility of selling off the VXRs 
 and expensive DS3 cards would be good too.  I'd also like to 
 hear what people would expect me to be paying for each of the 
 components needed to put together a fully functional 10k.
 
 Thanks,
 Jason
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net 
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/
 
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-14 Thread Adrian Chadd

On Fri, Mar 14, 2008, Joseph Jackson wrote:

 Do you get wire speed out of those GigE ports?  I remember reading some where 
 that the G1 could only push around 750mbs.  I can't find the info now so I 
 might just be crazy.

I don't have any G1/G2's in production. I'm just going off the
documentation and others' experiences.

There'll be plenty of others here who can share stories of maxed
out G1s. :)



Adrian

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-14 Thread Jason Berenson

Adrian,

We push much more voice over our links so I would worry more about PPS 
then wire speed on the GigE. 

I'm leaning towards upgrading our NPE-300's to G1's and keep things 
split up a bit.  One reason is I wouldn't have to learn a new platform 
and I would know that everything I'm doing now will just work (by 
staying with the 7206's).

-Jason

Adrian Chadd wrote:
 On Fri, Mar 14, 2008, Joseph Jackson wrote:

   
 Do you get wire speed out of those GigE ports?  I remember reading some 
 where that the G1 could only push around 750mbs.  I can't find the info now 
 so I might just be crazy.
 

 I don't have any G1/G2's in production. I'm just going off the
 documentation and others' experiences.

 There'll be plenty of others here who can share stories of maxed
 out G1s. :)



 Adrian

 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/
   
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-14 Thread Paul Stewart

For what it's worth... we had a 1G that was 80% CPU load with only 120Mb/s
on it - BUT this box was doing lt2p tunnels and PPPOE termination ... again
for what it's worth.  We actually don't have any 7206VXR's in production
that are doing pure routing...

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Adrian Chadd
Sent: Friday, March 14, 2008 9:32 PM
To: Joseph Jackson
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Cisco 10k?

On Fri, Mar 14, 2008, Joseph Jackson wrote:

 Do you get wire speed out of those GigE ports?  I remember reading some
where that the G1 could only push around 750mbs.  I can't find the info now
so I might just be crazy.

I don't have any G1/G2's in production. I'm just going off the
documentation and others' experiences.

There'll be plenty of others here who can share stories of maxed
out G1s. :)

Adrian

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
No virus found in this incoming message.
Checked by AVG. 
Version: 7.5.519 / Virus Database: 269.21.7/1328 - Release Date: 3/13/2008
11:31 AM

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Justin Shore

I've never used a 10k so someone else will have to speak to that.  You 
might want to consider looking at the new ASR 1000 series though.

http://www.cisco.com/go/asr

They are supposed to be positioned between the 7200s and the 7600s so 
they might be able to do what you want.  I imagine they can anyway.  You 
may also want to pick up used 7500s if all you want to do is terminate DS3s.

Justin

Jason Berenson wrote:
 Greetings,
 
 We currently have 3 7206VXRs with NPE-300's in them.  Adding PA-MC-T3 
 cards for DS1 edge connectivity at $3800/port is starting to get really 
 unbearable.  So I started to look at the Cisco 10k and noticed that an 8 
 port channelized DS3 card turns out to be around $1800/port.  I've done 
 a lot of research on the 10k and am interested in migrating away from 
 the 7206's.
 
 I'd like to use the 10k as our core edge router, it would need to run 
 QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS 
 customers and eventually DS1 channelized OCx ports to connect to our 
 Turin DAX so we can move away from copper and towards the light so to 
 speak.  :)
 
 If anyone could give me input on their experience with the 10k as a 7206 
 replacement as well as any input on models of the PREs that I should be 
 looking at and models on different cards like channelized DS3 and OCx 
 cards I would greatly appreciate it.  I'd most likely go with 48V power 
 since we already have a distribution system in place.
 
 The more information the better, I'd like to start looking at ebay for 
 parts and get a pitch setup for the higher-ups.  Any input/experience on 
 the feasibility of selling off the VXRs and expensive DS3 cards would be 
 good too.  I'd also like to hear what people would expect me to be 
 paying for each of the components needed to put together a fully 
 functional 10k.
 
 Thanks,
 Jason
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/
 
 
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Jason Berenson

Mathew,

Thanks for your input.  We've looked at the Turin solution already, it 
looks really good except they're a year off on getting the blade out to 
customers.  If we went that route we would want to use a blade instead 
of separate boxes.

-Jason

Matthew Crocker wrote:

 Jason,

  If you like Turin take a look at the Turin TraverseEdge 1200 
 series.   I have its predecessor (Seranoa WANPort) and it works 
 great.  12 Channelized DS-3s.  It handles MLPPP,Cisco HDLC  FR on the 
 DS-1 ports.  Strips off the MLPPP,HDLC  FR headers and tacks on a 
 802.1q header out a GigE port.

 Connect 2 of them to a NPE-G1 and you have a great solution to 
 terminate lots of DS-1 customers, 1 VLAN per DS1

 Take a look at the Redback SE-400 router, they have a 12 x channelized 
 DS-3 card and a TON of features.

 -Matt

 On Mar 12, 2008, at 11:40 PM, Jason Berenson wrote:

 Greetings,

 We currently have 3 7206VXRs with NPE-300's in them.  Adding PA-MC-T3
 cards for DS1 edge connectivity at $3800/port is starting to get really
 unbearable.  So I started to look at the Cisco 10k and noticed that an 8
 port channelized DS3 card turns out to be around $1800/port.  I've done
 a lot of research on the 10k and am interested in migrating away from
 the 7206's.

 I'd like to use the 10k as our core edge router, it would need to run
 QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS
 customers and eventually DS1 channelized OCx ports to connect to our
 Turin DAX so we can move away from copper and towards the light so to
 speak.  :)

 If anyone could give me input on their experience with the 10k as a 7206
 replacement as well as any input on models of the PREs that I should be
 looking at and models on different cards like channelized DS3 and OCx
 cards I would greatly appreciate it.  I'd most likely go with 48V power
 since we already have a distribution system in place.

 The more information the better, I'd like to start looking at ebay for
 parts and get a pitch setup for the higher-ups.  Any input/experience on
 the feasibility of selling off the VXRs and expensive DS3 cards would be
 good too.  I'd also like to hear what people would expect me to be
 paying for each of the components needed to put together a fully
 functional 10k.

 Thanks,
 Jason
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Jason Berenson

Can you elaborate on that a bit? 

Thanks,
Jason

e ninja wrote:
 c10k is a beast. You're better of with the VXRs.

 /eninja



 On Wed, Mar 12, 2008 at 8:40 PM, Jason Berenson [EMAIL PROTECTED] 
 mailto:[EMAIL PROTECTED] wrote:

 Greetings,

 We currently have 3 7206VXRs with NPE-300's in them.  Adding PA-MC-T3
 cards for DS1 edge connectivity at $3800/port is starting to get
 really
 unbearable.  So I started to look at the Cisco 10k and noticed
 that an 8
 port channelized DS3 card turns out to be around $1800/port.  I've
 done
 a lot of research on the 10k and am interested in migrating away from
 the 7206's.

 I'd like to use the 10k as our core edge router, it would need to run
 QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS
 customers and eventually DS1 channelized OCx ports to connect to our
 Turin DAX so we can move away from copper and towards the light so to
 speak.  :)

 If anyone could give me input on their experience with the 10k as
 a 7206
 replacement as well as any input on models of the PREs that I
 should be
 looking at and models on different cards like channelized DS3 and OCx
 cards I would greatly appreciate it.  I'd most likely go with 48V
 power
 since we already have a distribution system in place.

 The more information the better, I'd like to start looking at ebay for
 parts and get a pitch setup for the higher-ups.  Any
 input/experience on
 the feasibility of selling off the VXRs and expensive DS3 cards
 would be
 good too.  I'd also like to hear what people would expect me to be
 paying for each of the components needed to put together a fully
 functional 10k.

 Thanks,
 Jason
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 mailto:cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Sridhar Ayengar

Jason Berenson wrote:
 Can you elaborate on that a bit? 

I believe he might be referring to the power consumption.

Peace...  Sridhar

 e ninja wrote:
 c10k is a beast. You're better of with the VXRs.

 /eninja



 On Wed, Mar 12, 2008 at 8:40 PM, Jason Berenson [EMAIL PROTECTED] 
 mailto:[EMAIL PROTECTED] wrote:

 Greetings,

 We currently have 3 7206VXRs with NPE-300's in them.  Adding PA-MC-T3
 cards for DS1 edge connectivity at $3800/port is starting to get
 really
 unbearable.  So I started to look at the Cisco 10k and noticed
 that an 8
 port channelized DS3 card turns out to be around $1800/port.  I've
 done
 a lot of research on the 10k and am interested in migrating away from
 the 7206's.

 I'd like to use the 10k as our core edge router, it would need to run
 QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS
 customers and eventually DS1 channelized OCx ports to connect to our
 Turin DAX so we can move away from copper and towards the light so to
 speak.  :)

 If anyone could give me input on their experience with the 10k as
 a 7206
 replacement as well as any input on models of the PREs that I
 should be
 looking at and models on different cards like channelized DS3 and OCx
 cards I would greatly appreciate it.  I'd most likely go with 48V
 power
 since we already have a distribution system in place.

 The more information the better, I'd like to start looking at ebay for
 parts and get a pitch setup for the higher-ups.  Any
 input/experience on
 the feasibility of selling off the VXRs and expensive DS3 cards
 would be
 good too.  I'd also like to hear what people would expect me to be
 paying for each of the components needed to put together a fully
 functional 10k.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Jason Berenson

Justin,

I'm not worried too much about the size, I have room and on top of that 
it will replace 3+ 7206's.  I do however have the option of just 
upgrading the 7206's to NPE-G1's, adding more chassis as needed and 
calling it a day.

I'm trying to make a decision now before things get too out of hand 
whether or not I want to move to a single router platform or just keep 
adding routers as needed.  It would eventually have multiple Gige ports 
which would handle TLS circuits as well as DS1 termination and ATM 
termination for DSLs.  Another thing to remember is we may eventually 
get a blade for our Turin DAX which will allow us to terminate the DS1's 
on the Turin and transport them to the router via ethernet and 
VLANs/DS1.  This long-term option would let us get rid of the DS3 cards 
and go mostly ethernet except for the limited ATM needed for DSLs.

The big advantages I can see is moving to a single chassis (one router 
to manage), it's a much more powerful router then the 7206's and on a 
per channelized DS3 port basis, it's half the price per port.  With all 
that in mind, would you suggest going for a 10k and selling the 7206's 
or just upgrading/adding more 7206's as needed?

-Jason

Justin M. Streiner wrote:
 On Thu, 13 Mar 2008, Jason Berenson wrote:

   
 Considering it would be replacing 3 7206's right off the bat, is it
 still going to take much more power then the 7206's?
 

 IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 7513 
 in size.  In terms of power consumption, it looks like it will run on 
 two 120V/20A circuits.  I never had a 10k on my network, but I did have a 
 UAC6400 many moons ago, that had similar dimensions and power needs, along 
 with some design features that drove me nuts :)

 jms
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/
   
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Justin M. Streiner

On Thu, 13 Mar 2008, Jason Berenson wrote:

 The big advantages I can see is moving to a single chassis (one router to 
 manage), it's a much more powerful router then the 7206's and on a per 
 channelized DS3 port basis, it's half the price per port.  With all that in 
 mind, would you suggest going for a 10k and selling the 7206's or just 
 upgrading/adding more 7206's as needed?

That's up to you :)  Keep in mind that some 10k models are now end-of-sale.
I also don't know how well the 10k code supports all of the features you
need.

jms

 Justin M. Streiner wrote:
  On Thu, 13 Mar 2008, Jason Berenson wrote:

 
   Considering it would be replacing 3 7206's right off the bat, is it
   still going to take much more power then the 7206's?
  

  IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 7513
  in size.  In terms of power consumption, it looks like it will run on two
  120V/20A circuits.  I never had a 10k on my network, but I did have a
  UAC6400 many moons ago, that had similar dimensions and power needs, along
  with some design features that drove me nuts :)

  jms
  ___
  cisco-nsp mailing list  cisco-nsp@puck.nether.net
  https://puck.nether.net/mailman/listinfo/cisco-nsp
  archive at http://puck.nether.net/pipermail/cisco-nsp/
 

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Jason Berenson

Justin,

Thanks for your input.  That's a good point and something I will have to 
research before going any further with this.

Thanks,
Jason

Justin M. Streiner wrote:
 On Thu, 13 Mar 2008, Jason Berenson wrote:

 The big advantages I can see is moving to a single chassis (one 
 router to manage), it's a much more powerful router then the 7206's 
 and on a per channelized DS3 port basis, it's half the price per 
 port.  With all that in mind, would you suggest going for a 10k and 
 selling the 7206's or just upgrading/adding more 7206's as needed?

 That's up to you :)  Keep in mind that some 10k models are now 
 end-of-sale.
 I also don't know how well the 10k code supports all of the features you
 need.

 jms

 Justin M. Streiner wrote:
  On Thu, 13 Mar 2008, Jason Berenson wrote:


   Considering it would be replacing 3 7206's right off the bat, is it
   still going to take much more power then the 7206's?
 
  IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 
 7513
  in size.  In terms of power consumption, it looks like it will run 
 on two
  120V/20A circuits.  I never had a 10k on my network, but I did have a
  UAC6400 many moons ago, that had similar dimensions and power 
 needs, along
  with some design features that drove me nuts :)

  jms
  ___
  cisco-nsp mailing list  cisco-nsp@puck.nether.net
  https://puck.nether.net/mailman/listinfo/cisco-nsp
  archive at http://puck.nether.net/pipermail/cisco-nsp/


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Pshem Kowalczyk

Hi

We migrated from 7206 VXRs to 10k for broadband termination. I must
say that that caused us a lot of trouble. The 10k proved to be very
unstable, leaking memory etc. Of course that might be just our
experience. We tried different IOSes, opened a few TAC cases, but
ultimately decided to go with a different vendor all together.
My understanding is that 10k was originally designed as a broadband
aggregation platform, I'm not sure how suitable it is for a border
router.

kind regards
Pshem
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Matthew Crocker


Doesn't the 10k use Ciscos FPGA chips (aka PXF)?  So if a feature  
isn't in the FPGA code it gets punted to the main CPU and performance  
goes to hell?

Isn't Cisco doing away with all the routers based off the FPGA code?   
NSE-100, 7301, NSE-1   *very* fast when the packets can be handled in  
PXF, not so good when they can't.

I see there is the new NSE-150 that replaces the NSE-100

On Mar 13, 2008, at 2:53 PM, Jason Berenson wrote:

 Justin,

 I'm not worried too much about the size, I have room and on top of  
 that
 it will replace 3+ 7206's.  I do however have the option of just
 upgrading the 7206's to NPE-G1's, adding more chassis as needed and
 calling it a day.

 I'm trying to make a decision now before things get too out of hand
 whether or not I want to move to a single router platform or just keep
 adding routers as needed.  It would eventually have multiple Gige  
 ports
 which would handle TLS circuits as well as DS1 termination and ATM
 termination for DSLs.  Another thing to remember is we may eventually
 get a blade for our Turin DAX which will allow us to terminate the  
 DS1's
 on the Turin and transport them to the router via ethernet and
 VLANs/DS1.  This long-term option would let us get rid of the DS3  
 cards
 and go mostly ethernet except for the limited ATM needed for DSLs.

 The big advantages I can see is moving to a single chassis (one router
 to manage), it's a much more powerful router then the 7206's and on a
 per channelized DS3 port basis, it's half the price per port.  With  
 all
 that in mind, would you suggest going for a 10k and selling the 7206's
 or just upgrading/adding more 7206's as needed?

 -Jason

 Justin M. Streiner wrote:
 On Thu, 13 Mar 2008, Jason Berenson wrote:


 Considering it would be replacing 3 7206's right off the bat, is it
 still going to take much more power then the 7206's?


 IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and  
 7513
 in size.  In terms of power consumption, it looks like it will run on
 two 120V/20A circuits.  I never had a 10k on my network, but I did  
 have a
 UAC6400 many moons ago, that had similar dimensions and power  
 needs, along
 with some design features that drove me nuts :)

 jms
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Paul Stewart

Hey Jason...

I'm curious as to what you decide in the final aspect and why... we have
several NPE-1G and NPE-2G boxes right now and I need to order a couple of
more to meet capacity needs (DSL termination via PPPOE)... we were also
looking at the 10k series and also took a step back to investigate ERX from
Juniper... I really like the Juniper boxes having talked to several people
who use them (and who are also Cisco literate)... long story short we're
probably sticking with Cisco just because of it being Cisco (and staff are
used to Cisco boxes and also the way that Cisco thinks)...

In my opinion, our reasons for staying Cisco are not necessarily the right
ones but I believe the management group will head that way regardless...;)
So then we're back to the same issue you are - keep stacking 7206's or buy a
big box such as the 10k our datacenter is starting to run shy on space
and power is always a challenge to keep up with ... so the 10k has pros
there for sure...

Anyways, just wanted to chime in letting you know you're definitely not the
only person facing these issues ; )  I would definitely upgrade to NPE-1G or
2G if it's in budget though as that will be a significant upgrade from a
performance spec

Take care,

Paul


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matthew Crocker
Sent: Thursday, March 13, 2008 4:39 PM
To: Jason Berenson
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Cisco 10k?


Doesn't the 10k use Ciscos FPGA chips (aka PXF)?  So if a feature  
isn't in the FPGA code it gets punted to the main CPU and performance  
goes to hell?

Isn't Cisco doing away with all the routers based off the FPGA code?   
NSE-100, 7301, NSE-1   *very* fast when the packets can be handled in  
PXF, not so good when they can't.

I see there is the new NSE-150 that replaces the NSE-100

On Mar 13, 2008, at 2:53 PM, Jason Berenson wrote:

 Justin,

 I'm not worried too much about the size, I have room and on top of  
 that
 it will replace 3+ 7206's.  I do however have the option of just
 upgrading the 7206's to NPE-G1's, adding more chassis as needed and
 calling it a day.

 I'm trying to make a decision now before things get too out of hand
 whether or not I want to move to a single router platform or just keep
 adding routers as needed.  It would eventually have multiple Gige  
 ports
 which would handle TLS circuits as well as DS1 termination and ATM
 termination for DSLs.  Another thing to remember is we may eventually
 get a blade for our Turin DAX which will allow us to terminate the  
 DS1's
 on the Turin and transport them to the router via ethernet and
 VLANs/DS1.  This long-term option would let us get rid of the DS3  
 cards
 and go mostly ethernet except for the limited ATM needed for DSLs.

 The big advantages I can see is moving to a single chassis (one router
 to manage), it's a much more powerful router then the 7206's and on a
 per channelized DS3 port basis, it's half the price per port.  With  
 all
 that in mind, would you suggest going for a 10k and selling the 7206's
 or just upgrading/adding more 7206's as needed?

 -Jason

 Justin M. Streiner wrote:
 On Thu, 13 Mar 2008, Jason Berenson wrote:


 Considering it would be replacing 3 7206's right off the bat, is it
 still going to take much more power then the 7206's?


 IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and  
 7513
 in size.  In terms of power consumption, it looks like it will run on
 two 120V/20A circuits.  I never had a 10k on my network, but I did  
 have a
 UAC6400 many moons ago, that had similar dimensions and power  
 needs, along
 with some design features that drove me nuts :)

 jms
 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

 ___
 cisco-nsp mailing list  cisco-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/cisco-nsp
 archive at http://puck.nether.net/pipermail/cisco-nsp/

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


-- 
No virus found in this incoming message.
Checked by AVG. 
Version: 7.5.519 / Virus Database: 269.21.7/1327 - Release Date: 3/12/2008
1:27 PM


___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Sridhar Ayengar

Jason Berenson wrote:
 Justin,
 
 I'm not worried too much about the size, I have room and on top of that 
 it will replace 3+ 7206's.  I do however have the option of just 
 upgrading the 7206's to NPE-G1's, adding more chassis as needed and 
 calling it a day.
 
 I'm trying to make a decision now before things get too out of hand 
 whether or not I want to move to a single router platform or just keep 
 adding routers as needed.  It would eventually have multiple Gige ports 
 which would handle TLS circuits as well as DS1 termination and ATM 
 termination for DSLs.  Another thing to remember is we may eventually 
 get a blade for our Turin DAX which will allow us to terminate the DS1's 
 on the Turin and transport them to the router via ethernet and 
 VLANs/DS1.  This long-term option would let us get rid of the DS3 cards 
 and go mostly ethernet except for the limited ATM needed for DSLs.
 
 The big advantages I can see is moving to a single chassis (one router 
 to manage), it's a much more powerful router then the 7206's and on a 
 per channelized DS3 port basis, it's half the price per port.  With all 
 that in mind, would you suggest going for a 10k and selling the 7206's 
 or just upgrading/adding more 7206's as needed?

Well, you did mention that the per-port cost was lower (significantly?) 
with the 1 than with the 7200VXR.  And that's definitely something.

And the 1 is ASIC-accelerated, right?  That should give you a nice 
performance kick, right?

Peace...  Sridhar
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Sridhar Ayengar

Paul Stewart wrote:
 Hey Jason...
 
 I'm curious as to what you decide in the final aspect and why... we have
 several NPE-1G and NPE-2G boxes right now and I need to order a couple of
 more to meet capacity needs (DSL termination via PPPOE)... we were also
 looking at the 10k series and also took a step back to investigate ERX from
 Juniper... I really like the Juniper boxes having talked to several people
 who use them (and who are also Cisco literate)... long story short we're
 probably sticking with Cisco just because of it being Cisco (and staff are
 used to Cisco boxes and also the way that Cisco thinks)...
 
 In my opinion, our reasons for staying Cisco are not necessarily the right
 ones but I believe the management group will head that way regardless...;)
 So then we're back to the same issue you are - keep stacking 7206's or buy a
 big box such as the 10k our datacenter is starting to run shy on space
 and power is always a challenge to keep up with ... so the 10k has pros
 there for sure...
 
 Anyways, just wanted to chime in letting you know you're definitely not the
 only person facing these issues ; )  I would definitely upgrade to NPE-1G or
 2G if it's in budget though as that will be a significant upgrade from a
 performance spec

But doesn't the 7200 (and 7500 and others) still have the issue of bus 
bandwidth not being big enough for aggregating multiple gigabit links?

I'm not familiar enough with the 1 to know how wide its bus is, but 
I know that the 6500/7600 has more than enough bus.

Peace...  Sridhar
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Adrian Chadd

On Fri, Mar 14, 2008, Sridhar Ayengar wrote:

  Anyways, just wanted to chime in letting you know you're definitely not the
  only person facing these issues ; )  I would definitely upgrade to NPE-1G or
  2G if it's in budget though as that will be a significant upgrade from a
  performance spec
 
 But doesn't the 7200 (and 7500 and others) still have the issue of bus 
 bandwidth not being big enough for aggregating multiple gigabit links?

To the PA slots, perhaps. I thought a big bonus of the NPE-Gx and such
is the onboard gige ports aren't limited by the PA backplane architecture.



Adrian

___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10k?

2008-03-13 Thread Sridhar Ayengar

Adrian Chadd wrote:
 Anyways, just wanted to chime in letting you know you're definitely not the
 only person facing these issues ; )  I would definitely upgrade to NPE-1G or
 2G if it's in budget though as that will be a significant upgrade from a
 performance spec
 But doesn't the 7200 (and 7500 and others) still have the issue of bus 
 bandwidth not being big enough for aggregating multiple gigabit links?
 
 To the PA slots, perhaps. I thought a big bonus of the NPE-Gx and such
 is the onboard gige ports aren't limited by the PA backplane architecture.

But then you're *very* limited as to port count.

Peace...  Sridhar
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10K MPLS VPN

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

Re: [c-nsp] Cisco 10k?

30 matches

Site Navigation

Mail list logo

Footer information