All,
Does anyone know which knob controls the only send 1 ICMP redirect /
sec on an HSRP-enabled SVI on 6500/sup720 (SXJ IOS)? Is there a show
command for the defaults / current setting?
Note: I am not talking about the redirect MLS rate-limiter here; that's
disabled. I'm seeing constant
I'm responsible for maintaining a small network for a building association who
provides internet services to it's campus of tenants, and we're looking at
implementing dual-stack.
It's a straightforward setup: two 7204s (NPE-G2) connected to two gigabit
upstreams, with a collection of several
On Feb 11, 2013, at 9:17 AM, Phil Mayers p.may...@imperial.ac.uk wrote:
All,
Does anyone know which knob controls the only send 1 ICMP redirect / sec on
an HSRP-enabled SVI on 6500/sup720 (SXJ IOS)? Is there a show command for
the defaults / current setting?
Note: I am not talking
On 11/02/13 14:30, Jared Mauch wrote:
On Feb 11, 2013, at 9:17 AM, Phil Mayers p.may...@imperial.ac.uk
wrote:
All,
Does anyone know which knob controls the only send 1 ICMP redirect
/ sec on an HSRP-enabled SVI on 6500/sup720 (SXJ IOS)? Is there a
show command for the defaults / current
On Feb 11, 2013, at 9:40 AM, Phil Mayers wrote:
It's another one of those no ip proxy-arp commands - sup720 is slow enough
that yet more commands in the NVGEN is something I'd like to avoid. Oh for a
globals/templating.
Router(config)#ip arp proxy ?
disable Disable proxy ARP
On 11/02/13 14:54, Jared Mauch wrote:
On Feb 11, 2013, at 9:40 AM, Phil Mayers wrote:
It's another one of those no ip proxy-arp commands - sup720 is
slow enough that yet more commands in the NVGEN is something I'd
like to avoid. Oh for a globals/templating.
Router(config)#ip arp proxy
On Mon, 11 Feb 2013, Bill Jones wrote:
It's a straightforward setup: two 7204s (NPE-G2) connected to two
gigabit upstreams, with a collection of several 3550s doing a
combination of layer 2 and 3 with a lot of tenants and ethernet
customers having their upload speeds rate-limited depending on
show standby redirect should provide some info.
Since these redirects are controlled by HSRP (which changes the internal IPs),
maybe there is no way to change their
interval.
There is a command to disable them though.
--
Tassos
Phil Mayers wrote on 11/02/2013 16:17:
All,
Does anyone know
On 11/02/13 15:18, Tassos Chatzithomaoglou wrote:
show standby redirect should provide some info.
Not that I can see:
InterfaceRedirects Unknown Adv Holddown
VlXXXenabled enabled 30 180
Active Hits Interface Group Virtual IPVirtual MAC
local
Brain fart...it's early. Disregard.
On Mon, Feb 11, 2013 at 8:30 AM, Andy Ellsworth a...@dar.net wrote:
I believe it's simply ip icmp rate-limit unreachable. Default interval
appears to be 500ms.
On 11/02/13 15:45, Calin Chiorean wrote:
Hello,
Maybe this can help a little bit?
Not really I'm afraid. I know how HSRP redirects co-exist. What I
can't see is any explanation of the (maybe platform-specific)
forward-but-punt-once-a-second behaviour I'm seeing.
Hello,
Maybe this can help a little bit?
http://www.cisco.com/en/US/docs/ios/12_1t/12_1t3/feature/guide/dt_hsrpi.html#wp1027154
Cheers,
Calin
On 02/11/2013 05:22 PM, Phil Mayers wrote:
On 11/02/13 15:18, Tassos Chatzithomaoglou wrote:
show standby redirect should provide some info.
Not
I believe it's simply ip icmp rate-limit unreachable. Default interval
appears to be 500ms.
http://www.cisco.com/en/US/docs/ios-xml/ios/ipapp/command/iap-i1.html#GUID-8369086B-6343-4BE3-8330-6754D14BCB5D
On Mon, Feb 11, 2013 at 8:17 AM, Phil Mayers p.may...@imperial.ac.ukwrote:
All,
Does
Hi
Sure someone else has had todo this --
I've got groups in a VRF - want to monitor how many are there to start
with -
ie:
SomeBox#show ip mroute vrf SomeVRF count
IP Multicast Statistics
74 routes using 31344 bytes of memory
*36 *groups, 1.05 average sources per group
Forwarding
Here are the results
6509
#sh spanning-tree int port-channel 1---
Vlan Role Sts Cost Prio.Nbr Type
--- -
VLAN0002 Desg FWD 3 128.1665 P2p
Hi Phil,
As I understand you have disabled the MLS rate-limiter for redirects, so
that should not cause throttling, but you can check with sh ibc to see
the rate at which packets arrive to the CPU.
With mls rate-limit redirect disabled, packets will be still subject to
CoPP because they require
Hi Mike,
You can configure one unassigned IP address to each switch's interface
Vlan x, and check if they can ping each other when using a port-channel.
This should not cause any harm if you use an unassigned IP. The configured
IP then can be used for testing between the force10 and vmware, by
On 11/02/13 17:42, Tóth András wrote:
Hi Phil,
As I understand you have disabled the MLS rate-limiter for redirects, so
that should not cause throttling, but you can check with sh ibc to see
the rate at which packets arrive to the CPU.
For clarity, I haven't disabled it; it's disabled by
On 11/02/13 18:07, Phil Mayers wrote:
As you say, I *assume* the punts are subject to CoPP, but who knows?
In fact, a bit of fiddling with the CoPP config suggests not; I wrote a
specific acl/class-pol/polmap entry to match the packets generating the
redirects, and the matched HW counters
Hello Folks,
Quick one. I have just read from Cisco's support community that generally
ASA's dont do BGP. I want to verify if that is the case or there is tweak
to get it to do BGP :) . We have ASA 5550 software version 8.2(3) which we
possibly want to use as a border/edge router with our ISP.
I just put in this command on my upstream interfaces to help my mpls network
pass traffic - that is, my effort to eliminate fragmentation in my backbone.
Is anyone else using this method of mtu control? I need some support - my
CEO
is asking why I have to do this, and who else does it, and is
I don't see in RFC 1122 that the original packet should/must be dropped
when a redirect condition is triggered and an icmp redirect message is
sent. So I think it's normal that the supervisor forwards all packets, RFC
792 seems to confirm this. If you want to avoid packets to be punted, no
ip
On Mon, 2013-02-11 at 18:58 +, pamela pomary wrote:
Quick one. I have just read from Cisco's support community that
generally ASA's dont do BGP. I want to verify if that is the case or
there is tweak to get it to do BGP :) . We have ASA 5550 software
version 8.2(3) which we possibly want
On 2/11/2013 2:56 PM, Eric A Louie wrote:
I just put in this command on my upstream interfaces to help my mpls network
pass traffic - that is, my effort to eliminate fragmentation in my backbone.
Is anyone else using this method of mtu control? I need some support - my CEO
is asking why I have
On 02/11/2013 07:56 PM, Eric A Louie wrote:
I just put in this command on my upstream interfaces to help my mpls network
pass traffic - that is, my effort to eliminate fragmentation in my backbone.
Is anyone else using this method of mtu control? I need some support - my CEO
is asking why I
On (2013-02-11 11:56 -0800), Eric A Louie wrote:
Is anyone else using this method of mtu control? I need some support - my
CEO
is asking why I have to do this, and who else does it, and is it a common
practice, etc, so I'm looking for evidence, more than just The Cisco TAC
told
me to
On Mon, Feb 11, 2013 at 13:21:46, Peter Rathlev wrote:
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Can ASA 5550 do BGP
On Mon, 2013-02-11 at 18:58 +, pamela pomary wrote:
Quick one. I have just read from Cisco's support community that
generally ASA's dont do BGP. I want to
On 02/11/2013 08:07 PM, Tóth András wrote:
I don't see in RFC 1122 that the original packet should/must be dropped
Sure; never suggested it did/should. I'm trying to understand what IOS
feature/command/whatever distinguishes between the the packets that are
just forwarded, and those that
Ok , I had ip address on my vlans on the 6509, I put the corresponding
ip addresses on the force10 and can ping everything in those vlans fine,
and can ping the addresses from the 6509.
So wonder if it is a configuration on the vmware side or the force10
side, dell set it up to work as planned
On 11/02/2013 18:58, pamela pomary wrote:
Quick one. I have just read from Cisco's support community that generally
ASA's dont do BGP. I want to verify if that is the case or there is tweak
to get it to do BGP :) . We have ASA 5550 software version 8.2(3) which we
possibly want to use as a
On Mon, 2013-02-11 at 11:56 -0800, Eric A Louie wrote:
I just put in this command on my upstream interfaces to help my mpls
network pass traffic - that is, my effort to eliminate fragmentation
in my backbone.
Is anyone else using this method of mtu control? I need some
support - my CEO is
the good news is, I'm the provider network and it's my backbone.
the bad news is, I have a mixed environment, Foundry/Brocade and Cisco.
Much appreciated, Eric
From: Mack McBride mack.mcbr...@viawest.com
To: Eric A Louie elo...@yahoo.com; Cisco NSP
We used to use ip tcp adjust-mss a lot for applications where PPPOE was
required. ie Cisco 877 router at customer premise connecting via PPPOE
back to us.
Never seen it in MPLS core functions though if that's where it's being
used..
Paul
-Original Message-
From:
I wouldn't say it is good news.
Lots of people smoke and drink too, it doesn't make it healthy.
Long term you want to stop fragmenting.
LR Mack McBride
Network Architect
From: Eric A Louie [mailto:elo...@yahoo.com]
Sent: Monday, February 11, 2013 2:00 PM
To: Mack McBride; Cisco NSP
Subject: Re:
This is very common practice and practically everyone does it.
Usually if you have your own backbone you enlarge the backbone packet size
though.
Sometimes that isn't an option due to provider switches in the path.
LR Mack McBride
Network Architect
-Original Message-
From:
On Mon, Feb 11, 2013 at 09:21:46PM +0100, Peter Rathlev wrote:
On Mon, 2013-02-11 at 18:58 +, pamela pomary wrote:
Quick one. I have just read from Cisco's support community that
generally ASA's dont do BGP. I want to verify if that is the case or
there is tweak to get it to do BGP :) .
Ok, maybe I'm missing the obvious, but within my backbone, I can't just
increase
the MTU across the Ethernet links.
router (config-if)#ip mtu ?
68-1500 MTU (bytes)
Unless this is the mtu you refer to
router (config-if)#mtu ?
1500-9800 MTU size in bytes
Much appreciated, Eric
At the interface level.
On Mon, Feb 11, 2013 at 3:58 PM, Eric A Louie elo...@yahoo.com wrote:
Ok, maybe I'm missing the obvious, but within my backbone, I can't just
increase
the MTU across the Ethernet links.
router (config-if)#ip mtu ?
68-1500 MTU (bytes)
Unless this is the mtu you
On (2013-02-11 12:58 -0800), Eric A Louie wrote:
Ok, maybe I'm missing the obvious, but within my backbone, I can't just
increase
the MTU across the Ethernet links.
1500-9800 MTU size in bytes
Much appreciated, Eric
This. Standardize your core to somewhere well above 9k, so you can
It is common practice because people do not control all of the MTU sizes
on all of the links in their network. If you control all of the links
you raise the MTU. Sometimes that isn't an option due to providers or
legacy equipment (sometimes equals more often than not).
I never said it was good,
mtu = Ethernet MTU
ip mtu = MTU used for IP packets originating on the box.
mpls mtu = maximum MTU for MPLS encapsulated packets
Some boxes also have other MTU commands.
LR Mack McBride
Network Architect
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
Disagree, it is not a common practice.
You should make your MTU large enough.
On Mon, Feb 11, 2013 at 3:54 PM, Mack McBride mack.mcbr...@viawest.comwrote:
This is very common practice and practically everyone does it.
Usually if you have your own backbone you enlarge the backbone packet size
On 11/02/2013 21:44, Aaron wrote:
Disagree, it is not a common practice.
You should make your MTU large enough.
practically everyone who has the option and a modicum of common sense does
this. There's no reason to make your core MTU small and constrain yourself
packet overhead limitations when
There are a few options set.
Try system mtu ?
On Mon, Feb 11, 2013 at 1:58 PM, Eric A Louie elo...@yahoo.com wrote:
Ok, maybe I'm missing the obvious, but within my backbone, I can't just
increase
the MTU across the Ethernet links.
router (config-if)#ip mtu ?
68-1500 MTU (bytes)
This comes in handy when one jams a bunch of headers together but then
constraints payload size which would result in frag/defrag and may lead
to decreased throughput/performance.
ex: use case I think of would be user facing before encaps into maybe
something like gnarly like gre inside ipsec
For UDP, one would have to do something like touch the end-hosts and
adjust mtu size on the ip_stack itself. Not very scalable and may
require too much touch-points (also would be somewhat permanent).
Some client vpn shims do this to end-hosts after installations of said
software.
--
The key wording is 'everyone who has the option'.
A large number of people are dealing with legacy circuits and gear.
To be fair most of those legacy circuits are on legacy gear.
Most companies would rather do hacks than spend a lot of money.
And providers that have you locked to a long term
Most UDP should not hit the MTU limitation.
The common ones that come to mind are streaming audio/video and DNS.
LR Mack McBride
Network Architect
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Ge Moua
Sent: Monday,
48 matches
Mail list logo