Re: [c-nsp] Cisco 10K MPLS VPN
FAHAD ALI KHAN mailto:[EMAIL PROTECTED] wrote on Friday, March 28, 2008 6:45 AM: Now im introducing Cisco products as PE only, to offer MPLS VPN services to Broadband clients...everything with cisco is going goodbut this seems to be little bit scalability issue in our caseif we have to put static routes for each VPN route per tunnel (it will be a mess for me) Right, and I never mentioned any static VRF routes to remote CEs over the tunnel (I never saw this being done, not sure it would work). than...autoroute announce is also not suitable...as it can distrub my IGP traffic flows. Right. However: If the 10ks will terminate predominantly VPN customers (and most of the traffic it sends is vpn traffic), you could deploy autoroute-announce on the 10ks acting as TE headend. Or is this not the case? Please bear in mind that autoroute is only acting locally, other IGP nodes don't see the PE using the tunnel (this is different from forwarding-adjaceny, which would actually advertise the tunnel as link in the IGP). Now u have given two optionsand seems goodbut can u share some sample configuration with scanrio for the deployment of 1) use a different BGP next-hop for your VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf definition in newer releases) 2) using a route-map, and point a static route to this next-hop over the tunnel. Kindly suggest the best option that doesnt giv us hard time in large scale deployment. Suggestion from other MPLS VPN service providers are also welcome. What are the BCP to fwd only VPN traffic to TE tunnels with the scalability is mind. Well, I haven't come across such a scenario, most of the time only selected VPNs had to be send over a tunnel, while the default was to follow IGP. I don't have a config example stored, so let me make something up (untested, but you should get the idea): Assuming you have 4 remote PEs (PE2 through PE5). You allocate a distinct Loopback1 on all of these nodes (10.0.0.2 through 10.0.0.5/32) and configure 4 tunnels (Tunnel2 through Tunnel5) going to PE2-PE5. Then add statics on PE1 pointing the individual Loopback over the respective tunnel: int tunnel2 description vpn to PE2 ip unnumbered Loopback0 (-- this is your TE ID) tunnel destination Loopback0-of-PE2 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 10 whatever-path mpls ip ! you need LDP on the tunnel ! int tunnel3 description vpn to PE3 ip unnumbered Loopback0 (-- this is your TE ID) tunnel destination Loopback0-of-PE3 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 10 whatever-path mpls ip ! you need LDP on the tunnel ! ! .. and so on .. ! and then static routes ip route 10.0.0.2 255.255.255.255 Tunnel2 ip route 10.0.0.3 255.255.255.255 Tunnel3 ip route 10.0.0.4 255.255.255.255 Tunnel4 ip route 10.0.0.5 255.255.255.255 Tunnel5 Repeat this on the other PEs accordingly. With this, you set up a full mesh of tunnels between the PEs. on each remote PE (PE2 through PE5), you now have the option of a) selectively setting the next-hop for certain VRFs only using: ip vrf foo rd x:y ... bgp next-hop Loopback1 or b) modifying the next-hop of all vpnv4 routes advertised over the tunnel using a route-map on your iBGP vpnv4 connection to the route reflectors: router bgp ... address-family vpnv4 neighbor rr-address activate neighbor rr-address send-community both neighbor rr-address route-map foo out route-map foo permit 10 set ip next-hop loopback1-address I guess this is as scalable as it gets, when you introduce a new PE, you need to build new tunnels on all existing PEs, and add a static route. But it is a TE design after-all, which is always more complex than regular IGP. hope this helps.. oli On Thu, Mar 20, 2008 at 12:46 PM, Oliver Boehmer (oboehmer) [EMAIL PROTECTED] wrote: Fahad, the only option you have is to use a different BGP next-hop for your VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf definition in newer releases), or using a route-map, and point a static route to this next-hop over the tunnel. This way, all VRFs configured this way will be sent over the tunnel, all other traffic will be sent via regular IGP shortest path. You need to run LDP over the tunnel for this to work so the headend will see the imp-null LDP for this next-hop. oli Oli autoroute announce will send all the traffic (IGP + VPN) towards tunnel, where as i dont want to send IGP traffic but only VPN traffic. Is there any way.well u say static...managment of static will b a great hurdle in routing of 1000s of VPNs routes... Is there any solution, to this issue. As Juniper by default select RSVP tunnel as the next-hop if BGP next-hop is also the same for
Re: [c-nsp] Cisco 10K MPLS VPN
Dear Oli Let me clear my scenarioSince my Core Bw is not symetrical...i need to do TE and force some Traffic to go against IGP rules. Current Juniper based RSVP tunnels doing things good...and i can forced VPN traffic to TE tunnel by creating policy filter (route map) by just matching VPN RT make the decision for fwding apply this routemap to the Forwarding table. Now im introducing Cisco products as PE only, to offer MPLS VPN services to Broadband clients...everything with cisco is going goodbut this seems to be little bit scalability issue in our caseif we have to put static routes for each VPN route per tunnel (it will be a mess for me)than...autoroute announce is also not suitable...as it can distrub my IGP traffic flows. Now u have given two optionsand seems goodbut can u share some sample configuration with scanrio for the deployment of 1) use a different BGP next-hop for your VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf definition in newer releases) 2) using a route-map, and point a static route to this next-hop over the tunnel. Kindly suggest the best option that doesnt giv us hard time in large scale deployment. Suggestion from other MPLS VPN service providers are also welcome. What are the BCP to fwd only VPN traffic to TE tunnels with the scalability is mind. regards Fahad On Thu, Mar 20, 2008 at 12:46 PM, Oliver Boehmer (oboehmer) [EMAIL PROTECTED] wrote: Fahad, the only option you have is to use a different BGP next-hop for your VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf definition in newer releases), or using a route-map, and point a static route to this next-hop over the tunnel. This way, all VRFs configured this way will be sent over the tunnel, all other traffic will be sent via regular IGP shortest path. You need to run LDP over the tunnel for this to work so the headend will see the imp-null LDP for this next-hop. oli Oli autoroute announce will send all the traffic (IGP + VPN) towards tunnel, where as i dont want to send IGP traffic but only VPN traffic. Is there any way.well u say static...managment of static will b a great hurdle in routing of 1000s of VPNs routes... Is there any solution, to this issue. As Juniper by default select RSVP tunnel as the next-hop if BGP next-hop is also the same for the VPN route and it seems to be pretty simple straight forward. All the suggestions will be welcome. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Hi, On Mon, Mar 24, 2008 at 05:00:57PM -0700, bill fumerola wrote: On Thu, Mar 13, 2008 at 04:39:24PM -0400, Matthew Crocker wrote: Isn't Cisco doing away with all the routers based off the FPGA code? NSE-100, 7301, NSE-1 *very* fast when the packets can be handled in PXF, not so good when they can't. i'd be interested in any documentation or discussion that would point to cisco distancing themselves from the 7301. There seems to be some confusion between 7301 and 7304. (The person at Cisco that named the 7301 definitely needs to smoke different weed... but I already ranted about 7301 misdesigns) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025[EMAIL PROTECTED] pgpfv4YosTcag.pgp Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
There seems to be some confusion between 7301 and 7304. Cisco has never known what to call the 1RU 7200 -- 7401, 7301, 7201; given their own confusion, its only to be expected elsewhere. I guess the only reprieve is there won't ever be another one. 7304 (either NSE or NPE) has been on its unfortunate deathbed for quite some time (I was surprised the NSE-150 even made it), but with the ASR, at least there's a reasonable replacement for it. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
On Thu, Mar 13, 2008 at 04:39:24PM -0400, Matthew Crocker wrote: Isn't Cisco doing away with all the routers based off the FPGA code? NSE-100, 7301, NSE-1 *very* fast when the packets can be handled in PXF, not so good when they can't. i'd be interested in any documentation or discussion that would point to cisco distancing themselves from the 7301. -- bill ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10K MPLS VPN
FAHAD ALI KHAN mailto:[EMAIL PROTECTED] wrote on Thursday, March 20, 2008 6:04 AM: Oli autoroute announce will send all the traffic (IGP + VPN) towards tunnel, where as i dont want to send IGP traffic but only VPN traffic. Is there any way.well u say static...managment of static will b a great hurdle in routing of 1000s of VPNs routes... Is there any solution, to this issue. As Juniper by default select RSVP tunnel as the next-hop if BGP next-hop is also the same for the VPN route and it seems to be pretty simple straight forward. All the suggestions will be welcome. Fahad, the only option you have is to use a different BGP next-hop for your VPNv4 route (either via bgp next-hop Loopback1 in the ip vrf definition in newer releases), or using a route-map, and point a static route to this next-hop over the tunnel. This way, all VRFs configured this way will be sent over the tunnel, all other traffic will be sent via regular IGP shortest path. You need to run LDP over the tunnel for this to work so the headend will see the imp-null LDP for this next-hop. oli ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10K MPLS VPN
Here is the working configuration when i disable LDP from Juniper core interfaces (fe-0/0/0 fe-0/0/1)...MPLS VPNs sites get disconnected C10K#sh run ip vrf vpn1 description Test VPN 1 rd 1241:100 route-target export 1241:100 route-target import 1241:100 ! mpls traffic-eng tunnels mpls ldp neighbor 192.168.88.254 password test mpls ldp neighbor 192.168.88.254 targeted ldp mpls ldp loop-detection no mpls ip propagate-ttl mpls label protocol ldp interface Tunnel2 description *** C10008-PE to C7206VXR-PE *** no ip address mpls ip tunnel source Loopback0 tunnel destination 192.168.88.254 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 1 explicit name 10k-J4300-7206vxr ip rsvp bandwidth interface Loopback0 description *** Loopback *** ip address 192.168.97.254 255.255.255.255 ip rsvp bandwidth interface ATM1/0/0 no ip address interface ATM1/0/0.5 point-to-point description *** ATM-2-ATM L2 ATOM 10K-7206 *** ip vrf forwarding vpn1 ip address 192.168.10.11 255.255.255.248 pvc 3/32 protocol ip 192.168.10.9 ubr 256 ! interface GigabitEthernet3/0/0 mtu 1550 ! interface GigabitEthernet3/0/0.7 description *** Connected to J4300A *** encapsulation dot1Q 296 ip address 192.168.0.21 255.255.255.252 ip mtu 1532 mpls mtu 1520 mpls traffic-eng tunnels mpls ip ip rsvp bandwidth ! OSPF BGP configuration ommited ! ip explicit-path name 10k-3845-7206vxr enable next-address 192.168.0.22 next-address 192.168.0.18 next-address 192.168.88.254 mpls ldp router-id Loopback0 force == 7206VXR-DSL#sh run ip vrf vpn1 rd 1241:100 route-target export 1241:100 route-target import 1241:100 ! mpls traffic-eng tunnels mpls ldp neighbor 192.168.97.254 password test mpls ldp neighbor 192.168.97.254 targeted ldp mpls ldp loop-detection no mpls ip propagate-ttl mpls label protocol ldp interface Tunnel1 description C7206VXR-PE to C10008-PE ip unnumbered Loopback0 mpls traffic-eng tunnels mpls ip tunnel source Loopback0 tunnel destination 192.168.97.254 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 1 explicit name 7206-3845-10k ip rsvp bandwidth ! interface Loopback0 description *** Loopback *** ip address 192.168.88.254 255.255.255.255 ! interface GigabitEthernet0/3 description *** Connected to J4300 *** mtu 1546 ip address 192.168.0.18 255.255.255.252 ip mtu 1532 mpls mtu 1520 mpls traffic-eng tunnels mpls ip ip rsvp bandwidth ! interface ATM1/0 no ip address interface ATM1/0.4 point-to-point description *** Layer 2 connection 7206-10k *** mtu 1500 ip vrf forwarding vpn1 ip address 192.168.10.2 255.255.255.248 pvc 3/100 protocol ip 192.168.10.1 ubr 256 ! OSPF BGP configuration ommited ! ip explicit-path name 7206-3845-10k enable next-address 192.168.0.17 next-address 192.168.0.21 next-address 192.168.97.254 mpls ldp router-id Loopback0 force === interfaces { fe-0/0/0 { description *** COnnected to 10K ***; mtu 1546; unit 0 { family inet { address 192.168.0.22/30; } family mpls; } } fe-0/0/1 { description *** Connected to 7206 ***; mtu 1546; unit 0 { family inet { address 192.168.0.17/30; } family mpls; } } lo0 { unit 0 { family inet { address 192.168.120.254/32; } } } } routing-options { router-id 192.168.120.254; autonomous-system 1241; } protocols { rsvp { interface fe-0/0/0.0 { hello-interval 0; } interface fe-0/0/1.0 { hello-interval 0; } } mpls { no-propagate-ttl; explicit-null; interface fe-0/0/0.0; interface fe-0/0/1.0; } bgp { group Internal { type internal; local-address 192.168.120.254; authentication-key $9$YkoaUfTTRSlMN-k.mPF/; ## SECRET-DATA local-as 1241; neighbor 192.168.97.254; neighbor 192.168.88.254; } } ospf { traffic-engineering; area 0.0.0.0 { interface fe-0/0/0.0; interface fe-0/0/1.0; interface lo0.0 { passive; } } } ldp { strict-targeted-hellos; explicit-null; transport-address router-id; interface all; } } ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10K MPLS VPN
Well, you are not telling the headend (10K or 7200) what to forward down the tunnel. Without any tunnel mpls traffic-eng autoroute announce or static routes or forwarding-adjacency, no traffic will be sent over the tunnel, so the IGP path towards the BGP next-hop will still point to your outgoing interface, and unless you run LDP over this interface, the PEs will not know about a label towards the other side. In order to make this work, use autoroute and just let the 10k/7200 send all traffic to the other side over the tunnel. In addition, you are missing an ip unnumbered loopback0 on the 10k's Tunnel interface. Without this, the tunnel will not be elegible for any form of IP routing/forwarding. Assuming your BGP next-hop on the vpnv4 routes is also Loopback0 (i.e. equal to your MPLS-TE router-id), you don't even need LDP on the tunnel, but it doesn't hurt. You don't need the mpls ldp neighbor 192.168.88.254 targeted as we would build a targeted session once mpls ip is enabled on the tunnel. you can take a look at http://www.cisco.com/warp/public/105/mplsvpnte.html. This doc is somewhat outdated as it still talks about TDP, but gives some config examples for various tunnel scenarios. oli FAHAD ALI KHAN wrote on Wednesday, March 19, 2008 9:26 AM: Here is the working configuration when i disable LDP from Juniper core interfaces (fe-0/0/0 fe-0/0/1)...MPLS VPNs sites get disconnected C10K#sh run ip vrf vpn1 description Test VPN 1 rd 1241:100 route-target export 1241:100 route-target import 1241:100 ! mpls traffic-eng tunnels mpls ldp neighbor 192.168.88.254 password test mpls ldp neighbor 192.168.88.254 targeted ldp mpls ldp loop-detection no mpls ip propagate-ttl mpls label protocol ldp interface Tunnel2 description *** C10008-PE to C7206VXR-PE *** no ip address mpls ip tunnel source Loopback0 tunnel destination 192.168.88.254 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 1 explicit name 10k-J4300-7206vxr ip rsvp bandwidth interface Loopback0 description *** Loopback *** ip address 192.168.97.254 255.255.255.255 ip rsvp bandwidth interface ATM1/0/0 no ip address interface ATM1/0/0.5 point-to-point description *** ATM-2-ATM L2 ATOM 10K-7206 *** ip vrf forwarding vpn1 ip address 192.168.10.11 255.255.255.248 pvc 3/32 protocol ip 192.168.10.9 ubr 256 ! interface GigabitEthernet3/0/0 mtu 1550 ! interface GigabitEthernet3/0/0.7 description *** Connected to J4300A *** encapsulation dot1Q 296 ip address 192.168.0.21 255.255.255.252 ip mtu 1532 mpls mtu 1520 mpls traffic-eng tunnels mpls ip ip rsvp bandwidth ! OSPF BGP configuration ommited ! ip explicit-path name 10k-3845-7206vxr enable next-address 192.168.0.22 next-address 192.168.0.18 next-address 192.168.88.254 mpls ldp router-id Loopback0 force == 7206VXR-DSL#sh run ip vrf vpn1 rd 1241:100 route-target export 1241:100 route-target import 1241:100 ! mpls traffic-eng tunnels mpls ldp neighbor 192.168.97.254 password test mpls ldp neighbor 192.168.97.254 targeted ldp mpls ldp loop-detection no mpls ip propagate-ttl mpls label protocol ldp interface Tunnel1 description C7206VXR-PE to C10008-PE ip unnumbered Loopback0 mpls traffic-eng tunnels mpls ip tunnel source Loopback0 tunnel destination 192.168.97.254 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 1 explicit name 7206-3845-10k ip rsvp bandwidth ! interface Loopback0 description *** Loopback *** ip address 192.168.88.254 255.255.255.255 ! interface GigabitEthernet0/3 description *** Connected to J4300 *** mtu 1546 ip address 192.168.0.18 255.255.255.252 ip mtu 1532 mpls mtu 1520 mpls traffic-eng tunnels mpls ip ip rsvp bandwidth ! interface ATM1/0 no ip address interface ATM1/0.4 point-to-point description *** Layer 2 connection 7206-10k *** mtu 1500 ip vrf forwarding vpn1 ip address 192.168.10.2 255.255.255.248 pvc 3/100 protocol ip 192.168.10.1 ubr 256 ! OSPF BGP configuration ommited ! ip explicit-path name 7206-3845-10k enable next-address 192.168.0.17 next-address 192.168.0.21 next-address 192.168.97.254 mpls ldp router-id Loopback0 force === interfaces { fe-0/0/0 { description *** COnnected to 10K ***; mtu 1546; unit 0 { family inet { address 192.168.0.22/30; } family mpls; } } fe-0/0/1 { description *** Connected to 7206 ***; mtu 1546; unit 0 { family inet { address 192.168.0.17/30; } family mpls; } } lo0 { unit 0 { family inet { address 192.168.120.254/32; } } } } routing-options
Re: [c-nsp] Cisco 10K MPLS VPN
Oli *autoroute announce* will send all the traffic (IGP + VPN) towards tunnel, where as i dont want to send IGP traffic but only VPN traffic. Is there any way.well u say static...managment of static will b a great hurdle in routing of 1000s of VPNs routes... Is there any solution, to this issue. As Juniper by default select RSVP tunnel as the next-hop if BGP next-hop is also the same for the VPN route and it seems to be pretty simple straight forward. All the suggestions will be welcome. Regards Fahad On Wed, Mar 19, 2008 at 10:49 PM, Oliver Boehmer (oboehmer) [EMAIL PROTECTED] wrote: Well, you are not telling the headend (10K or 7200) what to forward down the tunnel. Without any tunnel mpls traffic-eng autoroute announce or static routes or forwarding-adjacency, no traffic will be sent over the tunnel, so the IGP path towards the BGP next-hop will still point to your outgoing interface, and unless you run LDP over this interface, the PEs will not know about a label towards the other side. In order to make this work, use autoroute and just let the 10k/7200 send all traffic to the other side over the tunnel. In addition, you are missing an ip unnumbered loopback0 on the 10k's Tunnel interface. Without this, the tunnel will not be elegible for any form of IP routing/forwarding. Assuming your BGP next-hop on the vpnv4 routes is also Loopback0 (i.e. equal to your MPLS-TE router-id), you don't even need LDP on the tunnel, but it doesn't hurt. You don't need the mpls ldp neighbor 192.168.88.254 targeted as we would build a targeted session once mpls ip is enabled on the tunnel. you can take a look at http://www.cisco.com/warp/public/105/mplsvpnte.html. This doc is somewhat outdated as it still talks about TDP, but gives some config examples for various tunnel scenarios. oli FAHAD ALI KHAN wrote on Wednesday, March 19, 2008 9:26 AM: Here is the working configuration when i disable LDP from Juniper core interfaces (fe-0/0/0 fe-0/0/1)...MPLS VPNs sites get disconnected C10K#sh run ip vrf vpn1 description Test VPN 1 rd 1241:100 route-target export 1241:100 route-target import 1241:100 ! mpls traffic-eng tunnels mpls ldp neighbor 192.168.88.254 password test mpls ldp neighbor 192.168.88.254 targeted ldp mpls ldp loop-detection no mpls ip propagate-ttl mpls label protocol ldp interface Tunnel2 description *** C10008-PE to C7206VXR-PE *** no ip address mpls ip tunnel source Loopback0 tunnel destination 192.168.88.254 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 1 explicit name 10k-J4300-7206vxr ip rsvp bandwidth interface Loopback0 description *** Loopback *** ip address 192.168.97.254 255.255.255.255 ip rsvp bandwidth interface ATM1/0/0 no ip address interface ATM1/0/0.5 point-to-point description *** ATM-2-ATM L2 ATOM 10K-7206 *** ip vrf forwarding vpn1 ip address 192.168.10.11 255.255.255.248 pvc 3/32 protocol ip 192.168.10.9 ubr 256 ! interface GigabitEthernet3/0/0 mtu 1550 ! interface GigabitEthernet3/0/0.7 description *** Connected to J4300A *** encapsulation dot1Q 296 ip address 192.168.0.21 255.255.255.252 ip mtu 1532 mpls mtu 1520 mpls traffic-eng tunnels mpls ip ip rsvp bandwidth ! OSPF BGP configuration ommited ! ip explicit-path name 10k-3845-7206vxr enable next-address 192.168.0.22 next-address 192.168.0.18 next-address 192.168.88.254 mpls ldp router-id Loopback0 force == 7206VXR-DSL#sh run ip vrf vpn1 rd 1241:100 route-target export 1241:100 route-target import 1241:100 ! mpls traffic-eng tunnels mpls ldp neighbor 192.168.97.254 password test mpls ldp neighbor 192.168.97.254 targeted ldp mpls ldp loop-detection no mpls ip propagate-ttl mpls label protocol ldp interface Tunnel1 description C7206VXR-PE to C10008-PE ip unnumbered Loopback0 mpls traffic-eng tunnels mpls ip tunnel source Loopback0 tunnel destination 192.168.97.254 tunnel mode mpls traffic-eng tunnel mpls traffic-eng path-option 1 explicit name 7206-3845-10k ip rsvp bandwidth ! interface Loopback0 description *** Loopback *** ip address 192.168.88.254 255.255.255.255 ! interface GigabitEthernet0/3 description *** Connected to J4300 *** mtu 1546 ip address 192.168.0.18 255.255.255.252 ip mtu 1532 mpls mtu 1520 mpls traffic-eng tunnels mpls ip ip rsvp bandwidth ! interface ATM1/0 no ip address interface ATM1/0.4 point-to-point description *** Layer 2 connection 7206-10k *** mtu 1500 ip vrf forwarding vpn1 ip address 192.168.10.2 255.255.255.248 pvc 3/100 protocol ip 192.168.10.1 ubr 256 ! OSPF BGP configuration ommited ! ip explicit-path name 7206-3845-10k enable next-address 192.168.0.17 next-address 192.168.0.21
Re: [c-nsp] Cisco 10K MPLS VPN
Hi, I've never ran any form of MPLS without LDP on the interface, but if you're using RSVP-TE, LDP on the physical interfaces should not be needed. Can you show your working and your not-working config? The decision which path (LDP or RSVP-TE signalled path) is taken by the headend depends on the routing and tunnel setup. So if you just use autoroute on the tunnel, we'll send all traffic towards the BGP next-hops over the tunnel. If the BGP next-hop (for MPLS-VPN) is equal to the MPLS-TE router-ID of the tail (i.e. if this is a PE-PE tunnel), there is no need to enable LDP on the tunnel itself. Otherwise LDP needs to run over the tunnel (i.e. enable mpls ip on the TE tunnel interface). Not sure if this answers your question, though :-) oli FAHAD ALI KHAN wrote on Monday, March 17, 2008 8:55 AM: Guys Im stuck in configuring MPLS L3VPN in Cisco + juniper in my test lab environment. I have Cisco 10K as PE connected to DSL IPoA client, Cisco 7206VXR as another PE connected with other IPoA client. MPLS P routers are of Juniper (J4300). for MPLS L3VPN there is no need to run LDP on core facing interfaces if we r using RSVP as TE LSP. i have configured every thing right (a/c to me)and check that vpn-v4 routes are shared b/w both PEs. Tunnels are also UP. but traffic is carrying though MPLS...core. As i enable LDP on juniper core facing interfaces, as it is enabled by default on Cisco routers.traffic flow start. This is amazed me. Kindly suggest me about this scenario. any sample configuration is welcome. Also, one more thing i check while enabling LDP RSVP both, i have received routes from LDP paths not RSVP...and VPN routes are avaiable though LDP path...means...there is no traffic engineering. is there any way to check the route-prefernce of LDP and RSVP on Ciscoas it is 7 for RSVP 9 for LDP on Juniper. Is there any way that LDP is got tunneled over RSVP? Regards Fahad ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Another option would be to get something that does OC3 ports (or bigger) and lets you map out DS1s to subinterfaces. Not sure what Cisco cards would be appropriate. Something like an Adtran opti system, and appropriate cisco card, you could run an OC3/12/48 into your Cisco. I'm sure Adtran would be helpful suggesting the right gear, perhaps other people on the list would be helpful on the Cisco side. On Wed, Mar 12, 2008 at 11:40:07PM -0400, Jason Berenson wrote: Greetings, We currently have 3 7206VXRs with NPE-300's in them. Adding PA-MC-T3 cards for DS1 edge connectivity at $3800/port is starting to get really unbearable. So I started to look at the Cisco 10k and noticed that an 8 port channelized DS3 card turns out to be around $1800/port. I've done a lot of research on the 10k and am interested in migrating away from the 7206's. I'd like to use the 10k as our core edge router, it would need to run QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS customers and eventually DS1 channelized OCx ports to connect to our Turin DAX so we can move away from copper and towards the light so to speak. :) If anyone could give me input on their experience with the 10k as a 7206 replacement as well as any input on models of the PREs that I should be looking at and models on different cards like channelized DS3 and OCx cards I would greatly appreciate it. I'd most likely go with 48V power since we already have a distribution system in place. The more information the better, I'd like to start looking at ebay for parts and get a pitch setup for the higher-ups. Any input/experience on the feasibility of selling off the VXRs and expensive DS3 cards would be good too. I'd also like to hear what people would expect me to be paying for each of the components needed to put together a fully functional 10k. Thanks, Jason ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- /* Jason Philbrook | Midcoast Internet Solutions - Wireless and DSL KB1IOJ| Broadband Internet Access, Dialup, and Hosting http://f64.nu/ | for Midcoast Mainehttp://www.midcoast.com/ */ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10K MPLS VPN
On Monday 17 March 2008, FAHAD ALI KHAN wrote: Guys Hello. Im stuck in configuring MPLS L3VPN in Cisco + juniper in my test lab environment. As Oli has suggested, a copy of your configurations on both IOS and JunOS would help. Mark. signature.asc Description: This is a digitally signed message part. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
10008 for us has been a typical cisco platform. Get on the right code and it's stable. I'm assuming by 8 port channelized card you mean two HH 4 port cards? Just note that AToM isn't supported on that card, only the 6 port, choc12, and 24 port T1 card per the website. Haven't actually tested in the lab though. Yes, with the 3 pack deal it's by far the cheapest channelized card. Software is slow to develop especially feature requests. We have several chassis with over 50 CT3s running just fine. POS and Giges are spendy until they come out with a SIP like card. Randy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Berenson Sent: Wednesday, March 12, 2008 8:40 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] Cisco 10k? Greetings, We currently have 3 7206VXRs with NPE-300's in them. Adding PA-MC-T3 cards for DS1 edge connectivity at $3800/port is starting to get really unbearable. So I started to look at the Cisco 10k and noticed that an 8 port channelized DS3 card turns out to be around $1800/port. I've done a lot of research on the 10k and am interested in migrating away from the 7206's. I'd like to use the 10k as our core edge router, it would need to run QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS customers and eventually DS1 channelized OCx ports to connect to our Turin DAX so we can move away from copper and towards the light so to speak. :) If anyone could give me input on their experience with the 10k as a 7206 replacement as well as any input on models of the PREs that I should be looking at and models on different cards like channelized DS3 and OCx cards I would greatly appreciate it. I'd most likely go with 48V power since we already have a distribution system in place. The more information the better, I'd like to start looking at ebay for parts and get a pitch setup for the higher-ups. Any input/experience on the feasibility of selling off the VXRs and expensive DS3 cards would be good too. I'd also like to hear what people would expect me to be paying for each of the components needed to put together a fully functional 10k. Thanks, Jason ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
On Fri, Mar 14, 2008, Joseph Jackson wrote: Do you get wire speed out of those GigE ports? I remember reading some where that the G1 could only push around 750mbs. I can't find the info now so I might just be crazy. I don't have any G1/G2's in production. I'm just going off the documentation and others' experiences. There'll be plenty of others here who can share stories of maxed out G1s. :) Adrian ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Adrian, We push much more voice over our links so I would worry more about PPS then wire speed on the GigE. I'm leaning towards upgrading our NPE-300's to G1's and keep things split up a bit. One reason is I wouldn't have to learn a new platform and I would know that everything I'm doing now will just work (by staying with the 7206's). -Jason Adrian Chadd wrote: On Fri, Mar 14, 2008, Joseph Jackson wrote: Do you get wire speed out of those GigE ports? I remember reading some where that the G1 could only push around 750mbs. I can't find the info now so I might just be crazy. I don't have any G1/G2's in production. I'm just going off the documentation and others' experiences. There'll be plenty of others here who can share stories of maxed out G1s. :) Adrian ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
For what it's worth... we had a 1G that was 80% CPU load with only 120Mb/s on it - BUT this box was doing lt2p tunnels and PPPOE termination ... again for what it's worth. We actually don't have any 7206VXR's in production that are doing pure routing... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adrian Chadd Sent: Friday, March 14, 2008 9:32 PM To: Joseph Jackson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Cisco 10k? On Fri, Mar 14, 2008, Joseph Jackson wrote: Do you get wire speed out of those GigE ports? I remember reading some where that the G1 could only push around 750mbs. I can't find the info now so I might just be crazy. I don't have any G1/G2's in production. I'm just going off the documentation and others' experiences. There'll be plenty of others here who can share stories of maxed out G1s. :) Adrian ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- No virus found in this incoming message. Checked by AVG. Version: 7.5.519 / Virus Database: 269.21.7/1328 - Release Date: 3/13/2008 11:31 AM ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
I've never used a 10k so someone else will have to speak to that. You might want to consider looking at the new ASR 1000 series though. http://www.cisco.com/go/asr They are supposed to be positioned between the 7200s and the 7600s so they might be able to do what you want. I imagine they can anyway. You may also want to pick up used 7500s if all you want to do is terminate DS3s. Justin Jason Berenson wrote: Greetings, We currently have 3 7206VXRs with NPE-300's in them. Adding PA-MC-T3 cards for DS1 edge connectivity at $3800/port is starting to get really unbearable. So I started to look at the Cisco 10k and noticed that an 8 port channelized DS3 card turns out to be around $1800/port. I've done a lot of research on the 10k and am interested in migrating away from the 7206's. I'd like to use the 10k as our core edge router, it would need to run QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS customers and eventually DS1 channelized OCx ports to connect to our Turin DAX so we can move away from copper and towards the light so to speak. :) If anyone could give me input on their experience with the 10k as a 7206 replacement as well as any input on models of the PREs that I should be looking at and models on different cards like channelized DS3 and OCx cards I would greatly appreciate it. I'd most likely go with 48V power since we already have a distribution system in place. The more information the better, I'd like to start looking at ebay for parts and get a pitch setup for the higher-ups. Any input/experience on the feasibility of selling off the VXRs and expensive DS3 cards would be good too. I'd also like to hear what people would expect me to be paying for each of the components needed to put together a fully functional 10k. Thanks, Jason ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Mathew, Thanks for your input. We've looked at the Turin solution already, it looks really good except they're a year off on getting the blade out to customers. If we went that route we would want to use a blade instead of separate boxes. -Jason Matthew Crocker wrote: Jason, If you like Turin take a look at the Turin TraverseEdge 1200 series. I have its predecessor (Seranoa WANPort) and it works great. 12 Channelized DS-3s. It handles MLPPP,Cisco HDLC FR on the DS-1 ports. Strips off the MLPPP,HDLC FR headers and tacks on a 802.1q header out a GigE port. Connect 2 of them to a NPE-G1 and you have a great solution to terminate lots of DS-1 customers, 1 VLAN per DS1 Take a look at the Redback SE-400 router, they have a 12 x channelized DS-3 card and a TON of features. -Matt On Mar 12, 2008, at 11:40 PM, Jason Berenson wrote: Greetings, We currently have 3 7206VXRs with NPE-300's in them. Adding PA-MC-T3 cards for DS1 edge connectivity at $3800/port is starting to get really unbearable. So I started to look at the Cisco 10k and noticed that an 8 port channelized DS3 card turns out to be around $1800/port. I've done a lot of research on the 10k and am interested in migrating away from the 7206's. I'd like to use the 10k as our core edge router, it would need to run QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS customers and eventually DS1 channelized OCx ports to connect to our Turin DAX so we can move away from copper and towards the light so to speak. :) If anyone could give me input on their experience with the 10k as a 7206 replacement as well as any input on models of the PREs that I should be looking at and models on different cards like channelized DS3 and OCx cards I would greatly appreciate it. I'd most likely go with 48V power since we already have a distribution system in place. The more information the better, I'd like to start looking at ebay for parts and get a pitch setup for the higher-ups. Any input/experience on the feasibility of selling off the VXRs and expensive DS3 cards would be good too. I'd also like to hear what people would expect me to be paying for each of the components needed to put together a fully functional 10k. Thanks, Jason ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Can you elaborate on that a bit? Thanks, Jason e ninja wrote: c10k is a beast. You're better of with the VXRs. /eninja On Wed, Mar 12, 2008 at 8:40 PM, Jason Berenson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Greetings, We currently have 3 7206VXRs with NPE-300's in them. Adding PA-MC-T3 cards for DS1 edge connectivity at $3800/port is starting to get really unbearable. So I started to look at the Cisco 10k and noticed that an 8 port channelized DS3 card turns out to be around $1800/port. I've done a lot of research on the 10k and am interested in migrating away from the 7206's. I'd like to use the 10k as our core edge router, it would need to run QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS customers and eventually DS1 channelized OCx ports to connect to our Turin DAX so we can move away from copper and towards the light so to speak. :) If anyone could give me input on their experience with the 10k as a 7206 replacement as well as any input on models of the PREs that I should be looking at and models on different cards like channelized DS3 and OCx cards I would greatly appreciate it. I'd most likely go with 48V power since we already have a distribution system in place. The more information the better, I'd like to start looking at ebay for parts and get a pitch setup for the higher-ups. Any input/experience on the feasibility of selling off the VXRs and expensive DS3 cards would be good too. I'd also like to hear what people would expect me to be paying for each of the components needed to put together a fully functional 10k. Thanks, Jason ___ cisco-nsp mailing list cisco-nsp@puck.nether.net mailto:cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Jason Berenson wrote: Can you elaborate on that a bit? I believe he might be referring to the power consumption. Peace... Sridhar e ninja wrote: c10k is a beast. You're better of with the VXRs. /eninja On Wed, Mar 12, 2008 at 8:40 PM, Jason Berenson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Greetings, We currently have 3 7206VXRs with NPE-300's in them. Adding PA-MC-T3 cards for DS1 edge connectivity at $3800/port is starting to get really unbearable. So I started to look at the Cisco 10k and noticed that an 8 port channelized DS3 card turns out to be around $1800/port. I've done a lot of research on the 10k and am interested in migrating away from the 7206's. I'd like to use the 10k as our core edge router, it would need to run QoS, VRFs, OSPF, BGP, vlans (would expect that), connectivity for TLS customers and eventually DS1 channelized OCx ports to connect to our Turin DAX so we can move away from copper and towards the light so to speak. :) If anyone could give me input on their experience with the 10k as a 7206 replacement as well as any input on models of the PREs that I should be looking at and models on different cards like channelized DS3 and OCx cards I would greatly appreciate it. I'd most likely go with 48V power since we already have a distribution system in place. The more information the better, I'd like to start looking at ebay for parts and get a pitch setup for the higher-ups. Any input/experience on the feasibility of selling off the VXRs and expensive DS3 cards would be good too. I'd also like to hear what people would expect me to be paying for each of the components needed to put together a fully functional 10k. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Justin, I'm not worried too much about the size, I have room and on top of that it will replace 3+ 7206's. I do however have the option of just upgrading the 7206's to NPE-G1's, adding more chassis as needed and calling it a day. I'm trying to make a decision now before things get too out of hand whether or not I want to move to a single router platform or just keep adding routers as needed. It would eventually have multiple Gige ports which would handle TLS circuits as well as DS1 termination and ATM termination for DSLs. Another thing to remember is we may eventually get a blade for our Turin DAX which will allow us to terminate the DS1's on the Turin and transport them to the router via ethernet and VLANs/DS1. This long-term option would let us get rid of the DS3 cards and go mostly ethernet except for the limited ATM needed for DSLs. The big advantages I can see is moving to a single chassis (one router to manage), it's a much more powerful router then the 7206's and on a per channelized DS3 port basis, it's half the price per port. With all that in mind, would you suggest going for a 10k and selling the 7206's or just upgrading/adding more 7206's as needed? -Jason Justin M. Streiner wrote: On Thu, 13 Mar 2008, Jason Berenson wrote: Considering it would be replacing 3 7206's right off the bat, is it still going to take much more power then the 7206's? IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 7513 in size. In terms of power consumption, it looks like it will run on two 120V/20A circuits. I never had a 10k on my network, but I did have a UAC6400 many moons ago, that had similar dimensions and power needs, along with some design features that drove me nuts :) jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
On Thu, 13 Mar 2008, Jason Berenson wrote: The big advantages I can see is moving to a single chassis (one router to manage), it's a much more powerful router then the 7206's and on a per channelized DS3 port basis, it's half the price per port. With all that in mind, would you suggest going for a 10k and selling the 7206's or just upgrading/adding more 7206's as needed? That's up to you :) Keep in mind that some 10k models are now end-of-sale. I also don't know how well the 10k code supports all of the features you need. jms Justin M. Streiner wrote: On Thu, 13 Mar 2008, Jason Berenson wrote: Considering it would be replacing 3 7206's right off the bat, is it still going to take much more power then the 7206's? IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 7513 in size. In terms of power consumption, it looks like it will run on two 120V/20A circuits. I never had a 10k on my network, but I did have a UAC6400 many moons ago, that had similar dimensions and power needs, along with some design features that drove me nuts :) jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Justin, Thanks for your input. That's a good point and something I will have to research before going any further with this. Thanks, Jason Justin M. Streiner wrote: On Thu, 13 Mar 2008, Jason Berenson wrote: The big advantages I can see is moving to a single chassis (one router to manage), it's a much more powerful router then the 7206's and on a per channelized DS3 port basis, it's half the price per port. With all that in mind, would you suggest going for a 10k and selling the 7206's or just upgrading/adding more 7206's as needed? That's up to you :) Keep in mind that some 10k models are now end-of-sale. I also don't know how well the 10k code supports all of the features you need. jms Justin M. Streiner wrote: On Thu, 13 Mar 2008, Jason Berenson wrote: Considering it would be replacing 3 7206's right off the bat, is it still going to take much more power then the 7206's? IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 7513 in size. In terms of power consumption, it looks like it will run on two 120V/20A circuits. I never had a 10k on my network, but I did have a UAC6400 many moons ago, that had similar dimensions and power needs, along with some design features that drove me nuts :) jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Hi We migrated from 7206 VXRs to 10k for broadband termination. I must say that that caused us a lot of trouble. The 10k proved to be very unstable, leaking memory etc. Of course that might be just our experience. We tried different IOSes, opened a few TAC cases, but ultimately decided to go with a different vendor all together. My understanding is that 10k was originally designed as a broadband aggregation platform, I'm not sure how suitable it is for a border router. kind regards Pshem ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Doesn't the 10k use Ciscos FPGA chips (aka PXF)? So if a feature isn't in the FPGA code it gets punted to the main CPU and performance goes to hell? Isn't Cisco doing away with all the routers based off the FPGA code? NSE-100, 7301, NSE-1 *very* fast when the packets can be handled in PXF, not so good when they can't. I see there is the new NSE-150 that replaces the NSE-100 On Mar 13, 2008, at 2:53 PM, Jason Berenson wrote: Justin, I'm not worried too much about the size, I have room and on top of that it will replace 3+ 7206's. I do however have the option of just upgrading the 7206's to NPE-G1's, adding more chassis as needed and calling it a day. I'm trying to make a decision now before things get too out of hand whether or not I want to move to a single router platform or just keep adding routers as needed. It would eventually have multiple Gige ports which would handle TLS circuits as well as DS1 termination and ATM termination for DSLs. Another thing to remember is we may eventually get a blade for our Turin DAX which will allow us to terminate the DS1's on the Turin and transport them to the router via ethernet and VLANs/DS1. This long-term option would let us get rid of the DS3 cards and go mostly ethernet except for the limited ATM needed for DSLs. The big advantages I can see is moving to a single chassis (one router to manage), it's a much more powerful router then the 7206's and on a per channelized DS3 port basis, it's half the price per port. With all that in mind, would you suggest going for a 10k and selling the 7206's or just upgrading/adding more 7206's as needed? -Jason Justin M. Streiner wrote: On Thu, 13 Mar 2008, Jason Berenson wrote: Considering it would be replacing 3 7206's right off the bat, is it still going to take much more power then the 7206's? IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 7513 in size. In terms of power consumption, it looks like it will run on two 120V/20A circuits. I never had a 10k on my network, but I did have a UAC6400 many moons ago, that had similar dimensions and power needs, along with some design features that drove me nuts :) jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Hey Jason... I'm curious as to what you decide in the final aspect and why... we have several NPE-1G and NPE-2G boxes right now and I need to order a couple of more to meet capacity needs (DSL termination via PPPOE)... we were also looking at the 10k series and also took a step back to investigate ERX from Juniper... I really like the Juniper boxes having talked to several people who use them (and who are also Cisco literate)... long story short we're probably sticking with Cisco just because of it being Cisco (and staff are used to Cisco boxes and also the way that Cisco thinks)... In my opinion, our reasons for staying Cisco are not necessarily the right ones but I believe the management group will head that way regardless...;) So then we're back to the same issue you are - keep stacking 7206's or buy a big box such as the 10k our datacenter is starting to run shy on space and power is always a challenge to keep up with ... so the 10k has pros there for sure... Anyways, just wanted to chime in letting you know you're definitely not the only person facing these issues ; ) I would definitely upgrade to NPE-1G or 2G if it's in budget though as that will be a significant upgrade from a performance spec Take care, Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matthew Crocker Sent: Thursday, March 13, 2008 4:39 PM To: Jason Berenson Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Cisco 10k? Doesn't the 10k use Ciscos FPGA chips (aka PXF)? So if a feature isn't in the FPGA code it gets punted to the main CPU and performance goes to hell? Isn't Cisco doing away with all the routers based off the FPGA code? NSE-100, 7301, NSE-1 *very* fast when the packets can be handled in PXF, not so good when they can't. I see there is the new NSE-150 that replaces the NSE-100 On Mar 13, 2008, at 2:53 PM, Jason Berenson wrote: Justin, I'm not worried too much about the size, I have room and on top of that it will replace 3+ 7206's. I do however have the option of just upgrading the 7206's to NPE-G1's, adding more chassis as needed and calling it a day. I'm trying to make a decision now before things get too out of hand whether or not I want to move to a single router platform or just keep adding routers as needed. It would eventually have multiple Gige ports which would handle TLS circuits as well as DS1 termination and ATM termination for DSLs. Another thing to remember is we may eventually get a blade for our Turin DAX which will allow us to terminate the DS1's on the Turin and transport them to the router via ethernet and VLANs/DS1. This long-term option would let us get rid of the DS3 cards and go mostly ethernet except for the limited ATM needed for DSLs. The big advantages I can see is moving to a single chassis (one router to manage), it's a much more powerful router then the 7206's and on a per channelized DS3 port basis, it's half the price per port. With all that in mind, would you suggest going for a 10k and selling the 7206's or just upgrading/adding more 7206's as needed? -Jason Justin M. Streiner wrote: On Thu, 13 Mar 2008, Jason Berenson wrote: Considering it would be replacing 3 7206's right off the bat, is it still going to take much more power then the 7206's? IIRC, the 10k is a pretty big chassis, somewhere between a 7507 and 7513 in size. In terms of power consumption, it looks like it will run on two 120V/20A circuits. I never had a 10k on my network, but I did have a UAC6400 many moons ago, that had similar dimensions and power needs, along with some design features that drove me nuts :) jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ -- No virus found in this incoming message. Checked by AVG. Version: 7.5.519 / Virus Database: 269.21.7/1327 - Release Date: 3/12/2008 1:27 PM ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Jason Berenson wrote: Justin, I'm not worried too much about the size, I have room and on top of that it will replace 3+ 7206's. I do however have the option of just upgrading the 7206's to NPE-G1's, adding more chassis as needed and calling it a day. I'm trying to make a decision now before things get too out of hand whether or not I want to move to a single router platform or just keep adding routers as needed. It would eventually have multiple Gige ports which would handle TLS circuits as well as DS1 termination and ATM termination for DSLs. Another thing to remember is we may eventually get a blade for our Turin DAX which will allow us to terminate the DS1's on the Turin and transport them to the router via ethernet and VLANs/DS1. This long-term option would let us get rid of the DS3 cards and go mostly ethernet except for the limited ATM needed for DSLs. The big advantages I can see is moving to a single chassis (one router to manage), it's a much more powerful router then the 7206's and on a per channelized DS3 port basis, it's half the price per port. With all that in mind, would you suggest going for a 10k and selling the 7206's or just upgrading/adding more 7206's as needed? Well, you did mention that the per-port cost was lower (significantly?) with the 1 than with the 7200VXR. And that's definitely something. And the 1 is ASIC-accelerated, right? That should give you a nice performance kick, right? Peace... Sridhar ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Paul Stewart wrote: Hey Jason... I'm curious as to what you decide in the final aspect and why... we have several NPE-1G and NPE-2G boxes right now and I need to order a couple of more to meet capacity needs (DSL termination via PPPOE)... we were also looking at the 10k series and also took a step back to investigate ERX from Juniper... I really like the Juniper boxes having talked to several people who use them (and who are also Cisco literate)... long story short we're probably sticking with Cisco just because of it being Cisco (and staff are used to Cisco boxes and also the way that Cisco thinks)... In my opinion, our reasons for staying Cisco are not necessarily the right ones but I believe the management group will head that way regardless...;) So then we're back to the same issue you are - keep stacking 7206's or buy a big box such as the 10k our datacenter is starting to run shy on space and power is always a challenge to keep up with ... so the 10k has pros there for sure... Anyways, just wanted to chime in letting you know you're definitely not the only person facing these issues ; ) I would definitely upgrade to NPE-1G or 2G if it's in budget though as that will be a significant upgrade from a performance spec But doesn't the 7200 (and 7500 and others) still have the issue of bus bandwidth not being big enough for aggregating multiple gigabit links? I'm not familiar enough with the 1 to know how wide its bus is, but I know that the 6500/7600 has more than enough bus. Peace... Sridhar ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
On Fri, Mar 14, 2008, Sridhar Ayengar wrote: Anyways, just wanted to chime in letting you know you're definitely not the only person facing these issues ; ) I would definitely upgrade to NPE-1G or 2G if it's in budget though as that will be a significant upgrade from a performance spec But doesn't the 7200 (and 7500 and others) still have the issue of bus bandwidth not being big enough for aggregating multiple gigabit links? To the PA slots, perhaps. I thought a big bonus of the NPE-Gx and such is the onboard gige ports aren't limited by the PA backplane architecture. Adrian ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cisco 10k?
Adrian Chadd wrote: Anyways, just wanted to chime in letting you know you're definitely not the only person facing these issues ; ) I would definitely upgrade to NPE-1G or 2G if it's in budget though as that will be a significant upgrade from a performance spec But doesn't the 7200 (and 7500 and others) still have the issue of bus bandwidth not being big enough for aggregating multiple gigabit links? To the PA slots, perhaps. I thought a big bonus of the NPE-Gx and such is the onboard gige ports aren't limited by the PA backplane architecture. But then you're *very* limited as to port count. Peace... Sridhar ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/