On (2008-04-20 16:07 -0400), Jeff Cartier wrote:
I have a issue involving a large amount of Cisco 3500XL switches located in a
bunch of different sites and I need to change the Vlan management interface
to a completely new subnet, new vlan, and of course a new default-gateway.
I'm
I don't know what's your main purpose, but in some cases, when you work on an
environment that doesn't use VTP at all and want to be sure that if by mistake
someone connects a device that works with VTP won't cause any problems, you can
always use the general config command vtp mode transparent
12.4 will never be GD = Gerd Doering ?
Ziv
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gert Doering
Sent: Saturday, April 19, 2008 12:16 AM
To: Rodney Dunn
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Cisco 7206VXR
Hi,
On Fri, Apr 18, 2008
Thanks Oliver for your interset , you'll find the topology attached
both HQ and Site A connect to the internet through managed internet CE and
the customer needs Site B to connect through Site A then managed internet CE
, about the PBR point , i plan to configure it under Site B PE interface
i
Thanks for the addtl. info. How does Site A connect to the Internet?
Can't you just replicate whatever you did there and apply it to Site B?
I don't know of PBR is a solution, it really depends on the routing
setup. Please bear in mind that the PE performs another routing lookup,
so PBR on the CE
Hi Oliver
Site A connects to the Internet through managed Internet CE which acts as
Internet GW for all VPN sites but the customer don't want
Site B to connect in that way , he need Site B Internet traffic to pass
through Site A first then back to Site B , so Site A will be Internet GW for
Site A
what is the configuration to do this?
On Mon, Apr 21, 2008 at 12:33 PM, Manaf Oqlah [EMAIL PROTECTED] wrote:
I want to segregate traffic between some VLANs at layer 2 using private
but still can reach the global vlan at layer 3.
___
cisco-nsp
Hi Ibrahim,
I would use VPN topology options to address this, not sure if you can
use regular hub spoke route-target import/export to address this, but
it's worth looking at.
An alternative would be a GRE tunnel between Site B and A, but watch for
MTU issues
I want to segregate traffic between some VLANs at layer 2 using private but
still can reach the global vlan at layer 3.
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at
Hi list
I'm playing around with dhcp on cisco and it seams that c7600 (SRB)
isn't relaying DHCP release messages from clients to the DHCP server.
(i'm using ip helper address)
Is this the expected behavior?
It is. If you expect *option 82*, you need also
ip dhcp relay information
Hi All,
Anybody experienced sudden big spikes with their eth interfaces in their
routers? WAN bandwidth is just 2MB but suddenly the MRTG graphs
registered a 100MB bandwidth on the eth0 going to the Proxy server. although
on the proxy server eth1 (going to customer network) everything is normal.
Hi,
On Mon, Apr 21, 2008 at 10:54:11AM +0300, Ziv Leyes wrote:
12.4 will never be GD = Gerd Doering ?
*g* - GD is general deployment, which sort of means this IOS train
has seen enough testing by customers and so we assume that there are not
too many nasty bugs left, or so.
gert
--
USENET is
I've actually had it asked on me on a number of times 'why would I want to
block VTP?'
Our company is one which manages the infrastructure of many ISP's for them -
mainly small to medium ISPs, often local, regional, or can't afford a f/t
engineer or don't know the ISP industry.
The specific
*g* - GD is general deployment, which sort of means this IOS train
has seen enough testing by customers and so we assume that there are not
too many nasty bugs left, or so.
Usually not that many useful new features, either ;-)
___
cisco-nsp mailing
Dracul wrote:
Hi All,
Anybody experienced sudden big spikes with their eth interfaces in their
routers? WAN bandwidth is just 2MB but suddenly the MRTG graphs
registered a 100MB bandwidth on the eth0 going to the Proxy server. although
on the proxy server eth1 (going to customer network)
Hi Manaf
what do u mean reach global vlan at L3 ? private VLAN provides L2 isolation
and L3 should be transparent i mean you can keep hosts ip planning and
routing policy should match with the L2 topolgy after configuring private
VLANs .
if you added more info about your problem or solution ,
thank u Abo Zaid for the reply.
what i want to do is to isolate vlans on L2 which they are sharing the same
primary VLAN, and at the same time, the hosts on these isolated vlans can
reach L3 ip address of the primary VLAN.
it is like this
interface VLAN100
Dear Manaf
i assume all VLANs on the same switch , i will prepare a configuration
template and send it shortly
best luck :)
Abo Zaid
On 4/21/08, Manaf Oqlah [EMAIL PROTECTED] wrote:
thank u Abo Zaid for the reply.
what i want to do is to isolate vlans on L2 which they are sharing the
yes they are on the same switch
thanks a lot
On Mon, Apr 21, 2008 at 3:54 PM, Ibrahim Abo Zaid [EMAIL PROTECTED]
wrote:
Dear Manaf
i assume all VLANs on the same switch , i will prepare a configuration
template and send it shortly
best luck :)
Abo Zaid
On 4/21/08, Manaf Oqlah
Thanks Oliver for your help and detailed reply :)
best luck to you
--Abo Zaid
On 4/21/08, Oliver Boehmer (oboehmer) [EMAIL PROTECTED] wrote:
Hi Ibrahim,
I would use VPN topology options to address this, not sure if you can
use regular hub spoke route-target import/export to address this,
Gary reminded me it was already on CCO:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6968/ps6350/product_bulletin_cisco_ios_software_gd_program_retirement.html
On Fri, Apr 18, 2008 at 03:12:53PM -0400, Jason Berenson wrote:
Rodney,
I'm just going to try 12.3.22 (which is
Hi,
The VPN Concentrators were originally produced by Altiga which Cisco
then acquired. And yes, the telnet interface was/is horrible. The best
part with the boxes was the reliability (once installed you rarely had
to mess with them except for sw upgrades) and the fact that it could
Hi Manaf
as you know primary VLAN can have one isolated VLAN only but have multiple
community VLANs , so we have 2 options here
1- make VLANs 200 and 300 isolated VLANs and create other primary VLAN say
110 so VLAN 200 has VLAN 100 as primary VLAN and VLAN 300 has VLAN 110 as
primary
2- make
Ahh, that would explain it. Thanks for the help!
Now to work on an expect/telnet script to get it via command-line
Ken Matlock
Network Analyst
(303) 467-4671
[EMAIL PROTECTED]
-Original Message-
From: Dale W. Carder [mailto:[EMAIL PROTECTED]
Sent: Sunday, April 20, 2008 8:52 PM
To:
Hi Abo Zaid,
I will choose option 2 because i want to separate hosts on layer 2 for
multiple VLANs but at the same time they should have the same network and
same gateway if it is possible.
it would be great if you can advice me with another scenario.
Regards,
Manaf
On Mon, Apr 21, 2008 at 4:37
if the number of hosts is great , assigning a pair of private primary and
isolated vlan to each host will be unscalable at all
so it would be better to configure single primary VLAN serves a group
of community VLANs (each for each host) and not more than 1 host is placed
in each community VLAN .
would you please send me the configuration in brief
thank you
On Mon, Apr 21, 2008 at 5:03 PM, Ibrahim Abo Zaid [EMAIL PROTECTED]
wrote:
if the number of hosts is great , assigning a pair of private primary and
isolated vlan to each host will be unscalable at all
so it would be better to
Hi Manaf and Pedro
currenly i am preparing the configuration and will feed you shortly
best regards
--Abo Zaid
On 4/21/08, Manaf Oqlah [EMAIL PROTECTED] wrote:
would you please send me the configuration in brief
thank you
On Mon, Apr 21, 2008 at 5:03 PM, Ibrahim Abo Zaid
[EMAIL
On Mon, 2008-04-21 at 10:37 +, MKS wrote:
Hi list
I'm playing around with dhcp on cisco and it seams that c7600 (SRB)
isn't relaying DHCP release messages from clients to the DHCP server.
(i'm using ip helper address)
Is this the expected behavior?
It is. If you expect *option
Hi There,
I'd like to be included on the replay on wish Abo Zaid will be sending the
configuration template for VLANs.
Kind regards
Pedro Matusse
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Manaf Oqlah
Sent: Monday, April 21, 2008 2:57 PM
To: Ibrahim
Thanks
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ibrahim Abo Zaid
Sent: Monday, April 21, 2008 4:13 PM
To: Manaf Oqlah
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Private VLAN
Hi Manaf and Pedro
currenly i am preparing the configuration and
Hi All
below is a template of the configuration can be used in this solution
Configuration guidances
vlan 100 - primary VLAN
secodary VLAN range say from 200 - 210 - 220 and so
1- set VTP mode to transparent mode
vtp mode transparent
2- create primary VLAN
vlan 100
private-vlan primary
3-
I'm not sure what happened. But I think I might have done the several things
you mentioned.
Thanks! will be observing more.
chris
On Mon, Apr 21, 2008 at 6:57 PM, Howard Jones [EMAIL PROTECTED] wrote:
Dracul wrote:
Hi All,
Anybody experienced sudden big spikes with their eth interfaces
The release is a unicast from client to server, so why do you need it to
be relayed?
You are right, it isn't relayed but for some strange reason i got this
in my logs (the cisco has a helper address)
*Apr 15 15:47:42.249: DHCPD: DHCPRELEASE message received from client
0100.1094.00ff.13
Patient: Doctor, It hurts when my competitors call a majority of my
software beta(LD/ED).
Doctor: Quit calling it that.
Patient: Great Thanks!
Michael Balasko
CCSP,MCSE,MCNE,SCP
Network Specialist II
City of Henderson
240 Water St.
Henderson, NV 89015
-Original Message-
From: [EMAIL
On Mon, 2008-04-21 at 15:15 +, MKS wrote:
The release is a unicast from client to server, so why do you need it to
be relayed?
You are right, it isn't relayed but for some strange reason i got this
in my logs (the cisco has a helper address)
*Apr 15 15:47:42.249: DHCPD:
Ah nevermind. Looks like its normal behaviour... *sigh*
-Original Message-
From: [EMAIL PROTECTED] on behalf of Jeff Cartier
Sent: Mon 4/21/2008 3:59 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] EIGRP - modify distribute-list and EIGRP neighbor drops
Greetings!
I've coming into
Sadly, it is.
--
Regards,
Jason Plank
CCIE #16560
e: [EMAIL PROTECTED]
-- Original message --
From: Jeff Cartier [EMAIL PROTECTED]
Ah nevermind. Looks like its normal behaviour... *sigh*
-Original Message-
From: [EMAIL PROTECTED] on behalf of
Did anyone reset the counters on the router interface or reboot it? If
so, MRTG/rrdtool will assume the counter wrapped back to zero and assume
bytes were transferred up to the 32-bit barrier or up to the maximum
speed of the interface (32-bits assuming SNMPv1 and MaxBytes is set in
the MRTG
On Mon, Apr 21, 2008 at 3:05 AM, Marko Milivojevic [EMAIL PROTECTED]
wrote:
*g* - GD is general deployment, which sort of means this IOS train
has seen enough testing by customers and so we assume that there are not
too many nasty bugs left, or so.
Usually not that many useful new
Hi All,
I'm building a design that involves having a 2nd BGP router to act as a
backup if something goes wrong with the main router (heaven forbid). I have
two peers to different ISP's. There are some questions I have in mind:
a. Should my configuration involve route reflectors?
b. Do I need
Dracul wrote:
Hi All,
I'm building a design that involves having a 2nd BGP router to act as a
backup if something goes wrong with the main router (heaven forbid). I have
two peers to different ISP's. There are some questions I have in mind:
a. Should my configuration involve route
Hi Chris
to complete this general discussion , i believe the other thing you need to
do to to determine and configure your BGP peering policy Main/Backup ISP ,
route advertised to each peer , recieved routes .
i believe the below link can be useful
Hi All
Yes , this is a normal behaviour to EIGRP to resync topology table between
neighbors after modifying the redistribute-list
best regards
--Abo Zaid
On 4/21/08, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Sadly, it is.
--
Regards,
Jason Plank
CCIE #16560
e: [EMAIL PROTECTED]
44 matches
Mail list logo