Cisco's IOS-XE and PCEP implementation

[Mohamed Kamal]

I'm wondering, why there is no MPLS-TE PCE support for IOS-XE till now?!

Should I be getting a 9k/CRS on the edge to implement an automatic tool
to build MPLS-TE tunnels!

-- 
Mohamed Kamal
Core Network Sr. Engineer

Re: Cisco's IOS-XE and PCEP implementation

[Mark Tinka]

On 30/Mar/15 16:39, Mohamed Kamal wrote:
 I'm wondering, why there is no MPLS-TE PCE support for IOS-XE till now?!

 Should I be getting a 9k/CRS on the edge to implement an automatic tool
 to build MPLS-TE tunnels!

My guess is if there is some code, you want to get it through your SE.

Mark.

Re: FIXED - Re: Broken SSL cert caused by router?

[Tom Taylor]

On 29/03/2015 11:56 PM, John Levine wrote:

SSLCertificateChainFile /etc/ssl/certs/gd_bundle-g2-g1.crt

I have actually fixed it.


Yeah, that's always it.

Back in the good aulde days all of the SSL certs one might buy were
signed directly by the CA, but now more often than not there are
intermediate certs, and a valid cert needs to be accompanied by all of
the intermediate certs between it and the CA.

What makes debugging hard is that browsers try to be helpful.  If a
server doesn't provide the intermediate certs, but the browser happens
to have them in its cache from some other site, well, close enough and
the SSL works.  But if some other browser doesn't happen to have them,
you lose.

So if your SSL is flaky, check those intermediate certs first.

R's,
John



With all this resolved, I'll note that I just reviewed
draft-ietf-tls-sslv3-diediedie, which is in IETF Last Call prior to 
publication as an RFC. It deprecates the use of any version of SSL in 
favour of TLS 1.2 in the clientHello negotiations.


Tom Taylor