The question was what strategy of NAT deployment can be accepted by
large ISP if one of the internal condition to use only cisco boxes for NAT ?
Hidden cost was always visible to engeneers )
Now It is time to pay )
Has cisco plan to announce in next two year sucsessor of ISM-100 with
better
Hey Guys,
I have 2 x 6509's running as a virtual switch (VSS). I can't for the likes
of me work out the command to display the serial number details of the
Supervisor that is in standby. The Show run displays the details of the
active supervisor.
OMESW001#sho switch virtual
Switch mode
Hi,
I have been looking at the ASR1001 but am concerned about the number of
routes it supports. The product docs I have found show the router
supports 1,000,000 IPv4 or 1,000,000 IPv6 routes (1). From what I have
read on here there are only 512k IPv4 or 128k IPv6 routes supported in
the FIB
You just want to see the series number of supervisor in standby?
Check the show inventory raw command to see whether you can find the answer
or not.
Xu Hu
2012/3/14 Brad Clausen overkil...@gmail.com
Hey Guys,
I have 2 x 6509's running as a virtual switch (VSS). I can't for the likes
of me
Actually in our 3G network, we use the 7609 (two ACE modules) for the NAT,
in the live situation, we had 4M users.
It is quite stable for now.
Also we bought the ASR9K to expand the 3G network, maybe will migrate the
NAT to ASR9K.
Xu Hu
2012/3/14 Ruslan Pustovoitov ru...@mostelekom.net
The
Hi,
On Wed, 14 Mar 2012, Xu Hu wrote:
Actually in our 3G network, we use the 7609 (two ACE modules) for the NAT,
in the live situation, we had 4M users.
It is quite stable for now.
Also we bought the ASR9K to expand the 3G network, maybe will migrate the
NAT to ASR9K.
I am curios if and if
Hi,
On Wed, Mar 14, 2012 at 01:12:02PM +1300, Pshem Kowalczyk wrote:
In my previous role we've done just that. One internet VRF for all
transit functions, separate vrfs for peering and customers and
import-export statements to tie them all together.
What is the benefit? The obvious drawback
Hi,
On Tue, Mar 13, 2012 at 09:29:11PM -0400, Dan Armstrong wrote:
Two reasons, the first reason is that the config is extremely
simple, clean and difficult for a less trained provisioning guy to
make a mistake. With route maps, it's error prone to harmonize
them across many boxes - and it's
On (2012-03-13 21:29 -0400), Dan Armstrong wrote:
The other reason is that we have some older folks around that long for the
day when the core of a carrier network was ATM based, and the plethora of
hops were basically hidden behind a switched network… They feel that
customers will freak
I guess you can ask: Why do we run mpls anyway or even plan on expanding it all
the way to the access layer right?
I thought the answer is obvious, TE capabilities, fast failover or common
carrier infrastructure that scales well
And by common I mean infrastructure that supports all the
Hi,
Putting internet in a vrf is not that bad. I agree with some people say that
separate the global routing table with vrf is easier, especially for networks
that are deploying MPLS routers from scratch. I don't see any advantages from
putting internet Prefixes in the global routing table.
Does memory usage not increase by putting all the internet routes in a VRF?
Nick
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
michalis.bersi...@hq.cyta.gr
Sent: 14 March 2012 09:47
To: cisco-nsp@puck.nether.net
On (2012-03-14 10:37 +), Nick Ryce wrote:
Does memory usage not increase by putting all the internet routes in a VRF?
Implementation detail.
In HW FIB it shouldn't make any difference. In SW side, as you'll have
slightly longer NLRI and you must have some RT communities it necessarily
Im in the same situation as below, trying to get a LACP working between Extreme
and an ASR 9k. Does anyone have a workaround for this rather than resetting
the system id of the Extreme kit?
Nick
From: Dmitry Kiselev dmitry at
All,
We've just taken delivery of our first pair of N7k (and so far I'm
impressed).
I'm playing with porting our standard 6500 config to an equivalent N7k
config, and I'm a bit puzzled by the interaction of CoPP and the
hardware rate-limiters.
On 6500/Sup720 these two features have well
If you run an MPLS network and are using MPLS to separate security zones within
your network (such as a very large enterprise) then this makes perfect sense in
the context of your design.
Sure, it can be solutioned otherwise. The bottom line is: POC it, buy enough
RAM and CPU, and deploy
One additional point as I think most comments assumed such equation:
Internet in a VRF = requirement for MPLS in the core.
It does not.
You can run mGRE encapsulation between ASBRs/PEs and the fact that
behind GRE header of the packet sits vpnv4/v6 mpls label would have no
bearing on the
Haven't touched VSS in 8 months, but I believe you can do a 'sh mod ?' and
after mod, you can do options for the individual chassis numbers.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Brad Clausen
Sent:
On Wed, Mar 14, 2012 at 10:26:35, Chuck Church wrote:
Subject: Re: [c-nsp] VSS display of show run on standby switch
Haven't touched VSS in 8 months, but I believe you can do a 'sh mod ?'
and after mod, you can do options for the individual chassis numbers.
Yup, 'show mod switch all' will
Hi Brad,
hkgi-ddcevssa#sho mod switch 2
Switch Number: 2 Role: Virtual Switch Standby
-- -
Mod Ports Card Type Model Serial
No.
--- - -- --
On Tue, 13 Mar 2012, Steve McCrory wrote:
I'm more than prepared to hunt for resources and have a play with IPv6
for myself, I just wanted a pointer in the direction of good,
informative, up-to-date material.
Your point is well taken :)
IPv6, like many other technologies, has launched
We in europe have some pressure to have the ability to map the
ip/port/timestamp
touple back to user. Of course nobody will be able to deliver the port
together
with the ip and an accurate enough timestamp for this to be meaningfull.
Bulk Port Allocation (also called Port Range Allocation)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security
Appliance Clientless VPN ActiveX Control Remote Code Execution
Vulnerability
Advisory ID: cisco-sa-20120314-asaclient
Revision 1.0
For Public Release 2012 March 14 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security
Appliances and Cisco Catalyst 6500 Series ASA Services Module
Advisory ID: cisco-sa-20120314-asa
Revision 1.0
For Public Release 2012 March 14 16:00 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Firewall Services Module Crafted Protocol Independent Multicast
Message Denial of Service Vulnerability
Advisory ID: cisco-sa-20120314-fwsm
Revision 1.0
For Public Release 2012 March 14 16:00 UTC (GMT
I have a Voice deployment with a remote site that has multicast Music on
hold. The 2821 that it goes through also has Zone based Firewalls so I can
do GRE over IPSec.(which is not the interface that the Multicast Moh is
using)
my problem is that my Music on hold is not working.
sh ip mroute
On 14/03/12 17:56, Scott Voll wrote:
I have a Voice deployment with a remote site that has multicast Music on
hold. The 2821 that it goes through also has Zone based Firewalls so I can
do GRE over IPSec.(which is not the interface that the Multicast Moh is
using)
my problem is that my Music on
Bear in mind that IOS and IOS-XR do per prefix label allocation by
default and that some vendors do not cope well with a high number of
labels from what I can remember.
Regards
Le 12-03-14 06:37, « Nick Ryce » nick.r...@lumison.net a écrit :
Does memory usage not increase by putting all the
Hello,
You guys (and gals) rock, thanks for being here.
So I am noticing now that as I am using pppoe intermediate agent tags,
I don't seem to be able to get my 7201 to show me any pppoe intermediate
agent info (circuit-id and remote-id for example) for active sessions.
The 7201 is
Hi,
On 14 March 2012 22:04, Gert Doering g...@greenie.muc.de wrote:
Hi,
On Wed, Mar 14, 2012 at 01:12:02PM +1300, Pshem Kowalczyk wrote:
In my previous role we've done just that. One internet VRF for all
transit functions, separate vrfs for peering and customers and
import-export statements
On 15/03/2012, at 8:23 AM, Pshem Kowalczyk wrote:
Ability to offer connectivity to resources only as required; so for
example someone needs only domestic/peering and not full transit -
they connection vrf only imports particular RT and it's all sorted.
Are people really doing this? - I would
On 15 March 2012 10:29, Andrew Miehs and...@2sheds.de wrote:
On 15/03/2012, at 8:23 AM, Pshem Kowalczyk wrote:
Ability to offer connectivity to resources only as required; so for
example someone needs only domestic/peering and not full transit -
they connection vrf only imports particular RT
Hi Guys,
Does anyone have experienced problems interconnecting Cisco Router with
DWDM Huawei equipments through 1000BaseLX? I am currently trying to
connect a ME-3800X using the SFP+ Multi-rate port (Ten0/1) with a
GLC-LH-SM versus Huawei OSN 6800 DWDM and I am experiencing problem
bringing
33 matches
Mail list logo