On Mon, 2009-02-09 at 10:26 +1030, Ben Steele wrote:
I'm looking for some info on the insertion of a SFM into a live 6500(Sup2
obviously), can't seem to find any info on Cisco as to the consequences this
may have to traffic flowing through the Bus at the time(ie dropped packet
rates),
Just to
I believe that with a little bit of local PBR and NAT magic and it can be done.
I'm sure i've done it in the past for traceroute time-exceeded/port-unreachable local
generated massages.
But, i don't know if it's worth the hassle.
--
Tassos
Oliver Boehmer (oboehmer) wrote on 09/02/2009 09:27:
Thanks for all the replies, personally i'm thinking it will be a few second
hiccup like you often get with OIR then on its way again but the fact i'm
changing how the underlying switch fabric works with this makes it more
interesting... i've scheduled an outage for this Sunday evening so I will
Oliver Boehmer (oboehmer) wrote:
Mike wrote on Monday, February 09, 2009 00:28:
No.
I am trying to ensure that if the router ever emits icmp messages like
'destination host unreachable', 'icmp frag needed' and the like, that
I'm using a public routed ip and not some random flavor of the
Joe Maimon mailto:jmai...@ttec.com wrote on Monday, February 09, 2009
13:12:
Oliver Boehmer (oboehmer) wrote:
Mike wrote on Monday, February 09, 2009 00:28:
No.
I am trying to ensure that if the router ever emits icmp messages
like 'destination host unreachable', 'icmp frag needed' and
Hi,
has anyone a working QinQ tunnel on a Cisco 4900M? I tried it in the
lab with 12.2(50)SG Enterprise Services SSH and it didn't work.
Setup like this:
[Node 1]---trunk---[4900M]===dot1q-tunnel===[3550]---trunk---[Node 2]
l2protocol-tunnel enabled for cdp/stp/vtp
The symptoms were:
Node 1
Hiall
I want to build a lab setup for education proposes and,
I have 2 7206 VXR's and each of them has a PA-POS-2OC3 card.
Is it somehow possible to cross-connect these cards or I need some active
equipment for this?
signature.asc
Description: OpenPGP digital signature
Thanks for the reply Oli.
-Original Message-
From: Oliver Boehmer (oboehmer) [mailto:oboeh...@cisco.com]
Sent: Monday, February 09, 2009 2:32 AM
To: Paul A; Michael K. Smith - Adhost
Cc: cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] learned routes disappear
Paul,
looks like you're
+1 I really like Opsware.
Ramcharan, Vijay A wrote:
We use Opsware NAS. I haven't configured it or anything but it is quite
commercial and can do nice things like configuration checks against a
standard policy, notifications of config changes, config automation and
things like that.
Vijay
I'm a huge fan of Cirrus by Solarwinds. It works very well. They integrated
it into Solarwinds.. which can be either good or bad. Depends on how you
look at it :) I'm not sure if you can still get a standalone version, but
since it uses a sql database it's easy to backup.
On Thu, Feb 5, 2009 at
You can connect the cards back to back and they should work fine. Just
a couple of notes:
a) Set both POS interfaces to clock source internal because there is
no network clock in a back to back configuration.
b) Looks like the POM-OC3-MM and POM-OC3-SMIR optics are safe in a back
to back
On Mon Feb 09, 2009 at 10:27:25AM -0700, Clinton Work wrote:
a) Set both POS interfaces to clock source internal because there is
no network clock in a back to back configuration.
Surely if you're connecting back to back you want clock source internal on
one end, and clock source network on
Simon Lockhart wrote:
On Mon Feb 09, 2009 at 10:27:25AM -0700, Clinton Work wrote:
a) Set both POS interfaces to clock source internal because there is
no network clock in a back to back configuration.
Surely if you're connecting back to back you want clock source internal on
one end, and
Eric Van Tol wrote:
It may be worth mentioning that Solarwinds recently purchased Kiwi, and their
plan is to integrate some of the Kiwi-specific features into NCM.
That sucks. Now it will become overpriced and bundled with bloatware vs
the inexpensive sleek tool it once was. Might as well
Manaf Al Oqlah wrote:
Hi all,
I am configuring a Cisco 7600 router as DHCP server for my broadband clients. I am using DHCP snooping and ARP inspection for security reasons and the leased time expiration is set for 30 minutes and no excluded-address is configured. The problem is that I still
Aren't those BOOTP clients that don't understand the concept of an
expiration?
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Justin Shore
Sent: Monday, February 09, 2009 12:51 PM
To: Manaf Al Oqlah
Cc:
Hi,
BTW, I'd recommend not using the IOS DHCP server for anything that more
than convenience at a very small site. I would highly recommend
deploying a server-based DHCP server like ISC DHCPd. Lots more bells a
agreed - DHCP brough out 2600 series routers to their knees. a quick
ISC
Hi,
Eric Van Tol wrote:
It may be worth mentioning that Solarwinds recently purchased Kiwi, and
their plan is to integrate some of the Kiwi-specific features into NCM.
That sucks. Now it will become overpriced and bundled with bloatware vs
the inexpensive sleek tool it once was. Might
Thanks very much for the reply (and other replies I got to date as well)
So, you are doing passive monitoring today - would that mean that when your
IDP systems alarm that this generates an alert to your NOC for immediate
investigation (on a serious issue)? I'm just wanting to understand
Hello,
We are looking to deploy a SBC for SIP subscribers and are looking at
using a 7204VXR. We are not needing transcoding facilities but simply
forwarding SIP INVITES and signalling to and from a SIP server to
subscribers.
The documentation regarding the setup of such a system is terse,
You need to look for unified border element , it used to be multiservice ip to
ip gateway.
There should be some basic examble on the site as well.
Here is the configuration guide
http://www.ciscosystems.com/en/US/docs/ios/voice/cube/configuration/guide/12_4t/vb_12_4t_book.html
Brian
-Original Message-
From: Justin Shore [mailto:jus...@justinshore.com]
Sent: Monday, February 09, 2009 12:47 PM
To: Eric Van Tol
Cc: Cisco-NSP Mailing List
Subject: Re: [c-nsp] Rancid and commercial config management tools
Eric Van Tol wrote:
It may be worth mentioning that
Church, Charles wrote:
Aren't those BOOTP clients that don't understand the concept of an
expiration?
Once when I was curious (and very bored) I tracked a couple of them
down. One was a Windows XP machine and the other was a fairly new
D-Link router/firewall CPE (which we have hundreds on
Interesting. Might be fun (in a dorky networking kind of way) to look
at a packet capture of it. Maybe the client doesn't like the lease
time, or it's tied into DDNS somehow. I looked a bit, and found in the
RFC (http://www.faqs.org/rfcs/rfc2131.html) a blurb about lease times:
The client may
Church, Charles wrote:
Interesting. Might be fun (in a dorky networking kind of way) to look
at a packet capture of it. Maybe the client doesn't like the lease
time, or it's tied into DDNS somehow. I looked a bit, and found in the
RFC (http://www.faqs.org/rfcs/rfc2131.html) a blurb about
Hello every one
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Hi,
expires. This would prevent many of the less technical users from
trying to run a publicly-accessible server. Set the lease time to 2
default TCP inbound deny works wonders for this. Or, even crueller, NAT
I've seen systems do something similar before (or at least I thought
they
I am running 12.2.SXI on a 6500 with sup-720
I currently have 3 full BGP peers with two on I1 and one on I2.
I now need a fourth peer with ESNet (gov ISP) but only allow two /22
net from Princeton U. access to ESNet.
My dilemma is how to only let the two nets see the additional ESNet
For some reason, our new ASA 5510 series will ONLY let me connect via the
web interface. Every time I try it says it is unable to read the
configuration from the ASA. However, running the Java version works just
fine. I'd really like to know what the problem is and why it can't load the
config? Do
hi all,
thank you for your help.
It seems that all those hosts with infinite expiration time are devices that
do not have client identifier such as D-Link, Cisco Linksys routers or
Unix systems. does it make sense?
Manaf
--
From:
I'm guessing you've upgraded to the latest Java version. Seems like the
last one broke the ASDM partially. You can https to the ASA, and then
pick the 'run applet' option. On mine, that'll spawn the ASDM
executable and it works. But running the executable directly ends up
doing what you're
Why not a free(not open, but no cost) tool with commercial support ?
http://inventory.alterpoint.com/
BTW, what are people's opinions comparing RANCID to Network Authority
Inventory (formerly known as ZipTie) in the configuration management
discipline ?
Rubens
On Thu, Feb 5, 2009 at 7:57 PM,
You need to upgrade to the latest interim release of ASDM 6.1.5(57) to
fix the Java issue with JRE6update11.
Brian
On 2/9/09, Church, Charles cchur...@harris.com wrote:
I'm guessing you've upgraded to the latest Java version. Seems like the
last one broke the ASDM partially. You can https to
Hi,
BTW, what are people's opinions comparing RANCID to Network Authority
Inventory (formerly known as ZipTie) in the configuration management
discipline ?
ooh. well, i've only used RANCID to store the configs in nice
CVS control - whereas ZipTie's main claim is the pushing of
configs and
interface FastEthernet0/38
description to 1230 WAP
switchport access vlan 199
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
no snmp trap link-status
storm-control broadcast level 1.00
storm-control multicast level 2.00
storm-control unicast level 5.00
I'm still using 5.2.x ASDM, as the ASA is running 7.2.x still (both late
interim releases). Hoping for a newer ASDM soon. 5.2(4)50 still is
broken.
Chuck
-Original Message-
From: Brian [mailto:bms...@gmail.com]
Sent: Monday, February 09, 2009 5:23 PM
To: Church, Charles; John
I use VRF's quite a bit on 7600 and other platforms with internal OSPF
neighbors. So long as the interfaces you are connecting with (dot1q
vlan's in my case most of the time) are associated with that vrf, you
should be able to do so, although, I've never tried to leak routes from
the global
Manaf Al Oqlah wrote:
hi all,
thank you for your help.
It seems that all those hosts with infinite expiration time are devices
that do not have client identifier such as D-Link, Cisco Linksys
routers or Unix systems. does it make sense?
I don't think that's the cause of the problem. We
On 2009-02-09 13:45, Sebastian Wiesinger wrote:
Hi,
has anyone a working QinQ tunnel on a Cisco 4900M? I tried it in the
lab with 12.2(50)SG Enterprise Services SSH and it didn't work.
QinQ on 4900M and Sup-6E will be supported on 12.2(52)SG.
Currently it isn't:
Thanks Pete Pete for your insight. :-)
I was hoping to get more feedback from engineers, but this definitely
helps.
/bs
On Tue, Feb 3, 2009 at 7:20 AM, Pete Templin peteli...@templin.org wrote:
Brian Spade wrote:
What is the best way to configure OSPF to inject all 50+ SVIs into the
Free as in beer isn't as valuable as Free as in speech.
On Mon, Feb 9, 2009 at 2:06 PM, Rubens Kuhl rube...@gmail.com wrote:
Why not a free(not open, but no cost) tool with commercial support ?
http://inventory.alterpoint.com/
BTW, what are people's opinions comparing RANCID to Network
On Monday 09 February 2009 12:50:54 Justin Shore wrote:
Manaf Al Oqlah wrote:
The problem is that I still can see some
clients IP addresses lease expiration are Infinite in the DHCP binding!
what could be the reason for this behavior and could be this some sort of
attack!!
I get them
Hi,
On Tue, Feb 10, 2009 at 10:50 AM, Brian Spade bitkr...@gmail.com wrote:
Thanks Pete Pete for your insight. :-)
I was hoping to get more feedback from engineers, but this definitely
helps.
Strange comment.
Anyway, if it was me, I'd:
router ospf processID
passive-interface default
The ability to provide a new/different IP every time has been oft-discussed
on ISC' dhcp-user listserv. IIRC, it contradicts the spec. You would have
customize the code to have that functionality, or, as someone said, play
with the leases file.
-Original Message-
From:
Hey all,
I am seeing an issue with routes dropping in our configuration and
wanted to do a sanity check. We have two sup2/msfc2 w/ 512MB (router A
and B) each connected to a distinct BGP peer. We are running eigrp on
these routers as well to redistribute static and connected routes to two
Hi All,
We had a similar situation where we had to create an internet vrf and
leak/connect that to the global routing table.
So we had a couple of interfaces belonging to the internet vrf of which one
connected back to the same device on an interface in the global network. We
had ospf as IGP to
On Tue, Feb 10, 2009 at 6:49 AM, Renelson Panosky panocisc...@gmail.com wrote:
Hello every one
*insert terrible routing protocol adjacency dad joke here*
:-)
cheers,
Dale
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
47 matches
Mail list logo