Anyone? Otherwise gonna ask TAC, just want to verify my thoughts.
Thanks,
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Church, Charles
Sent: Monday, May 16, 2011 6:07 PM
To: nsp-cisco
Subject: [c-nsp] 6500 VSS
: [c-nsp] 6500 VSS question
On 17/05/11 16:31, Church, Charles wrote:
Anyone? Otherwise gonna ask TAC, just want to verify my thoughts.
I know nothing much about VSS, but I see a couple of confusing aspects
in your email; you refer to instant failover (which is SSO), RPR+ and eFSU.
Can you
:44 PM
To: Murphy, William; Church, Charles; nsp-cisco
Subject: RE: [c-nsp] 6500 VSS question
I haven't looked TOO in-depth on this yet, but with VSS and 4
supervisors, do all 4 come up in SSO mode, or do the first 2 come up in
SSO, and the other two come up in RPR+ mode?
4 Supervisor VSS is still
All,
Noticed an unexpected result today when testing VSS failover. Our
setup has dual sups in each chassis, with a supervisor port of each chassis
connecting to the matching supervisor port on the other chassis, i.e. 1/5/4
connects to 2/5/4, and 1/6/4 connects to 2/6/4. Today when
Hey all,
Simple question (hopefully). Is there any way to get the info you'd
see using 'show tacacs' where you see the tacacs server statistics while
using VRF-aware TACACS with a private group? Been looking for a while,
haven't found anything yet.
Thanks,
Chuck
smime.p7s
is
reloading? I'm not too worried about any downstream FEX modules, but
keeping the VPCs up on 10 gig ports is what's important.
Thanks,
Chuck
-Original Message-
From: Brad Hedlund (brhedlun) [mailto:brhed...@cisco.com]
Sent: Sunday, March 13, 2011 10:53 PM
To: Church, Charles
Cc: nsp
All,
I'm having a hard time getting a non-disruptive upgrade to happen on
my Nexus 5010s and 5020s. I'd really like to have non-disruptive, as we've
got SAN attached Windows servers which tend to blue screen if they're unable
to reach their iSCSI disks across the Nexus devices for more
-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Phil Mayers
Sent: Wednesday, January 26, 2011 6:53 PM
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Move from SXI4 to SXI5
On 01/26/2011 11:41 PM, Church, Charles wrote:
All,
I've been contemplating
Anyone seen this before, 3925 running 15.0(1)M4, with a 4 port ESW card. VLAN
int is down/down, while 'show vlan-switch' shows vlan active. Show spanning
tree for this VLAN shows a switchport on the 4 port card forwarding on this
VLAN. It's happened a couple times to us on this device.
All,
I've been contemplating moving from SXI4 to SXI5 lately for our VSS
core router pair. They're currently doing 4 lite VRFs (no MPLS), all LAN
modules, all 6700 series blades (10/100/1000), gig SFP, and 16 port 10 gig.
Some OSPF, no other protocols. VTPv3 server, using SNMPv3
All,
I'm running into some issues with SPAN session limitations
on 6500 (SXI on a VSS pair). After reading this doc:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configu
ration/guide/span.html
I'm lead to believe that if I make the destination
Anyone,
I've got a 6500 VSS pair running 12.2(33)SXI4, with an attached 4500
running 12.2(54)SG. From what I can tell, they should both support enhanced
PAgP. However, they don't seem to realize it, this is what they both tell
me:
SCUCER02-05CRT01#sh pag 114 du (this is the 6500
:57 AM
To: Lee; Church, Charles
Cc: nsp-cisco
Subject: RE: [c-nsp] %ERROR: Standby doesn't support this command
This seems to be CSCsx87562.
Can you please see if you got some tracebacks in the log before this
happened?
Something like:
%SYS-3-TIMERNEG: Cannot start timer (0x) with negative
Anyone,
I'm having issues with some 4510s with dual Sup6-E running
12.2(53)SG2 doing this on interface range command. Making our deployment
kind of tough:
SCUAS01(config-if)#interface range GigabitEthernet1/1 - 48
SCUAS01(config-if-range)# switchport mode access
%ERROR: Standby doesn't
I got bit by this just a couple weeks ago. Building a new core router for a
location, couldn't ping up through the Sidewinder gateways I'm only a little
familiar with. Blaming it on my lack of Sidewinder experience, turns out my
default had changed to strict mode after changing the inward facing
the same
10.1.1.1 VRF 0/0 route as well.
Chuck
-Original Message-
From: Charles Spurgeon [mailto:c.spurg...@mail.utexas.edu]
Sent: Saturday, July 24, 2010 6:57 PM
To: Church, Charles
Cc: Manu Chao; Peter Rathlev; Lincoln Dale; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] NX-OS - Fabric Path
Just be careful about connecting the mgmt0 interfaces to anything prior to
configuring them. The default IP address of 10.1.1.50 on them (at least on
the 4.2 5000s) will cause a spectacular ARP storm when they conflict with
each other, like when you attach several unconfigured ones to the same
-Original Message-
From: Reinhold Fischer [mailto:reinhold.fisc...@gmx.net]
Sent: Sunday, July 11, 2010 11:12 AM
To: Church, Charles
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] 10 gig ethernet interface up, line protocol down on VSL
connection
Are you negotiating the channel
the logs and some other int
troubleshooting tomorrow.
Chuck
-Original Message-
From: Brad Hedlund (brhedlun) [mailto:brhed...@cisco.com]
Sent: Sunday, July 11, 2010 12:19 PM
To: Church, Charles
Cc: Reinhold Fischer; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] 10 gig ethernet interface up
running SXI4.
Thanks,
Chuck
-Original Message-
From: Brad Hedlund (brhedlun) [mailto:brhed...@cisco.com]
Sent: Sunday, July 11, 2010 1:48 PM
To: Church, Charles
Cc: Reinhold Fischer; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] 10 gig ethernet interface up, line protocol down on VSL
Anyone,
Ran into a weird issue today with a re-build of a VSS pair. A botched
IOS upgrade forced me to rebuild the pair. Was going ok, but I'm having
trouble getting the VSL link up between the two. Switch 2 had the port channel
for the VSL link up/up, but on switch 1, it stays
I remember 'chip creep' being a question on my Novell service and support exam
way back when. I laughed, but a few years later, had a video card that was
acting erratic with an odd pattern. Thought it was a long shot, but all the
video RAM chips had crept out halfway. Pushed them back in,
Looks like maybe it's computing time wrong. That date is surprisingly close to
the start of UNIX time, which was Jan 1, 1970.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Sony Scaria
Sent: Thursday, May 27,
If you download this file, you should find the md5 hash for all images in
there. Not sure how up to date the file is, it was produced when the
rootkit exploit came out:
http://www.cisco.com/warp/public/707/cisco-sr-20080516-rootkits.shtml
File link is near the bottom:
Anyone,
Our IA scanning people (using eEye's Retina) are telling me come recent
IOSs we're running (12.2(33)SXI3 and 15.0(1)M2) are vulnerable to the BGP
regular expression issue from almost 3 years ago. This one:
For the 3rd time in the last 5 days I've had some reseller of hardware call
me directly, can't see any way they got my number other than finding my
signature on this list. This is the last time. I don't handle purchasing
for my company, nor am I going to have you bother the people in my company
Anyone,
Coming up on a design issue with our upcoming first deployment of Nexus
5010s and 5020s in a new datacenter. It's recommended in the following doc to
use the mgmt0 interface for peer keepalive messages:
: mailto:charles.chu...@harris.com charles.chu...@harris.com
Southcom E-mail: mailto:charles.church@hq.southcom.mil
charles.church@hq.southcom.mil
From: Ibrahim Abo Zaid [mailto:ibrahim.aboz...@gmail.com]
Sent: Tuesday, April 27, 2010 7:15 AM
To: Peter Rathlev
Cc: Church, Charles; cisco-nsp
[mailto:andriy.bil...@gmail.com]
Sent: Monday, April 12, 2010 3:42 AM
To: Church, Charles
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Device management in VRFs
cisco seems to know about -vrf option in outgoing ssh connections on 4500.
http://www.cisco.com/en/US/customer/docs/switches/lan/catalyst4500
really use, for security reasons.
Chuck
From: Andriy Bilous [mailto:andriy.bil...@gmail.com]
Sent: Monday, April 12, 2010 3:42 AM
To: Church, Charles
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Device management in VRFs
cisco seems to know about -vrf option in outgoing ssh connections on 4500
Anyone,
I'm wondering if there are any open feature requests or bugs
for cleaning up the remaining things that don't seem to work in VRFs. I've
resorted to the idea of using the global table for management on 6500s and
other devices for various things that don't like VRFs.
Anyone,
According to several docs I've read, such as this one:
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/product_solution_overview0900aecd806fa5d0.html
It appears that dual sups/chassis is planned for a future release. Can anyone
give me an approximate date or
Anyone,
Been looking around on Cisco's web site, trying to find out if PBR
(policy based routing) is supported on a VSS pair of 6500s and also on the
new 4500 Sup6L-E. What I'm trying to accomplish is based on source address,
send traffic either via a normal path or use an alternate next
There isn't a .12 appended to the end. It's actually the '01' at the front
that was prepended. I think it has something to do with bootp clients vs.
DHCP clients that causes the '01' to show up. I believe '01' indicates
ethernet, if memory serves me correctly.
Chuck Church
Network Planning
Hey all,
Got kind of a design problem I'm working on, trying to see what my
options are. Gonna have a site with dual 7206, both with full tables, doing
iBGP between. Each 7206 will have (2) links going to upstream, all (4)
links in same remote AS. Both routers have a 50 meg circuit for
Message-
From: Andy B. [mailto:globic...@gmail.com]
Sent: Tuesday, February 09, 2010 8:50 AM
To: Church, Charles
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Best practice - Core vs Access Router
I can almost certainly rule that out. Last time this happened I turned
off NDE, but it did
Message-
From: Andy B. [mailto:globic...@gmail.com]
Sent: Tuesday, February 09, 2010 10:15 AM
To: Church, Charles
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Best practice - Core vs Access Router
On Tue, Feb 9, 2010 at 4:03 PM, Church, Charles
charles.chu...@harris.com wrote:
The weird
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Best practice - Core vs Access Router
On 09/02/10 15:03, Church, Charles wrote:
The weird part is the NDE process is still using CPU. Which netflow
setting
are you using for 'mls flow ip xxx'? Since both the RP and SP CPU are
What evidence
Sorry, meant to send this yesterday, had some email issues
Why not enable netflow on the router, and see who's using what ports? If
you can capture enough source and destination port info, you can compare
that to the 'fingerprint' type stuff that NMAP does and make some educated
guesses.
Anyone know if 802.1x is supported on this line card? Not finding the answer
on Cisco's web site or anywhere else. My Sup's gig port looks like this:
PSRB-U01-AS-01#sh int g1/1 cap
GigabitEthernet1/1
Model: WS-X4515-Gbic
Type: 1000BaseSX
This is a software based router, and 'wri mem' is very CPU intensive. What
does the CPU look like before the wri mem is done? I don't think this is
abnormal.
Chuck
- Original Message -
From: Jonathan Charles jonv...@gmail.com
To: cisco-v...@puck.nether.net;
Thank you all for your responses. Doesn't seem like a real consensus, but at
least I've got a few issues to bounce off the two vendors.
Chuck
-Original Message-
From: Frank Bulk [mailto:frnk...@iname.com]
Sent: Saturday, January 16, 2010 12:52 AM
To: Church, Charles; nsp-cisco
I apologize for this being fairly OT for a Cisco list, but I figured someone on
here has touched some DNS gear before. Anyone work with Infoblox and Bluecat,
and run across a significant reason to choose one over another? I've googled,
but most articles are 5 years or more old. Off-line
No. My 2821 running 12.4 mainline has 2 peers, has about 350 MB in use for
everything. 512 really should be the minimum.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Benjamín Gálvez
Sent: Wednesday, January
I seem to remember CatOS 7.x and above needing a ROMMON version of 6.x or
above. I don't think your 5.4(1) will do it. It's a downloadable upgrade.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Sony Scaria
Hey all,
Ran across this by accident on a 871 running 12.4(24)T2:
DE-Atlanta(config)#ntp server ?
A.B.C.D IP address of peer
WORDHostname of peer
X:X:X:X::X IPv6 address of peer
ip Use IP for DNS resolution
ipv6Use IPv6 for DNS resolution
vrf
interrupt traffic.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Church, Charles
Sent: Wednesday, November 18, 2009 5:05 PM
To: nsp-cisco
Subject: [c-nsp] One-way traffic using L2TPv3
Anyone
I think you'll get that kind of behavior if the flash card was formatted under
CatOS. Get it booted into native IOS 12.2, then format the card under IOS, and
re-copy the image to it. If it's formatted correctly, you should see some
monlib info listed mentioning version it was formatted under,
Forgot to mention, 'sh flash all' will show you the monlib stuff.
Chuck
-Original Message-
From: Church, Charles
Sent: Monday, November 16, 2009 1:44 PM
To: 'Jonas'; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] SUP2 boot problem
I think you'll get that kind of behavior if the flash
The T2 router has vastly different queue sizes. It would appear that it has
some type of QOS applied to it, where the other one doesn't. That would
explain the additional CPU usage.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
Cool. Seems like the data and control planes would be a logical split. Can't
imagine that IP input cares what BGP scanner is doing, or vice versa. Hope it
works out.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On
the 6509-V-E...it's ready for 80gbps/slot. You can
order that today. Note that it's a NEBS chassis.
tv
- Original Message -
From: Church, Charles cchur...@harris.com
To: Kevin Graham kgra...@industrial-marshmallow.com
Cc: cisco-nsp@puck.nether.net
Sent: Monday, October 19, 2009 1:12 PM
Are you saying a 6513-E chassis exists? I can't find any reference to it.
That would solve a few of the problems we currently have (density issue)
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Kevin Graham
Definitely avoid aggressive mode with converters, unless you've got errdisable
recovery timers enabled. Otherwise if you reload one side, the other side will
stop receiving UDLD but it's link is still up (from the converter), so it'll
errdisable the port.
Chuck
-Original Message-
So as long as your router is correctly mapping the IP PREC to the COS (802.1P
field), it sounds like it might help. These are 802.1Q tagged packets on the
wireless, right?
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On
It looks like it needs unrestricted access so that it can access your file
system, since it presents its own file manager looking thing so you can pick
where to save the files. No way to know for sure though.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
Can you HTTPS to the device using a normal browser and get the initial
screen?
Chuck
- Original Message -
From: Leslie Meade lme...@signal.ca
To: cisco-nsp@puck.nether.net
Sent: Tuesday, August 11, 2009 2:30 PM
Subject: [c-nsp] ASDM not working after upgrades
I am getting the error
Those are still pretty long timeouts. Can you reduce those, a minute
for ICMP should be plenty. 2 minutes should be good for the other two.
Machines infected with stuff could certainly be opening sessions that
could be killed off quickly.
Chuck
-Original Message-
From:
Did you try ip dhcp bootp ignore?
Chuck
-Original Message-
From: Andy Saykao [mailto:andy.say...@staff.netspace.net.au]
Sent: Tuesday, July 21, 2009 12:45 AM
To: Church, Charles; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] Strange NAT and DHCP Problem
Hi Charles,
Tried what
Sorry, replied too quickly. Can't think of any other workaround then.
Chuck
-Original Message-
From: Andy Saykao [mailto:andy.say...@staff.netspace.net.au]
Sent: Tuesday, July 21, 2009 1:47 AM
To: Church, Charles; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] Strange NAT and DHCP
The infinite DHCP entry is probably a BOOTP client, which doesn't have
the concept of a lease. There are knobs (ip dhcp bootp ignore) that can
turn off bootp, and only allow DHCP. I think by default, it'll service
both.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
Can anyone confirm for me if some shaping and/or NBAR bugs were fixed
between 24T and older 15T7 or T8? Platform is 870, interface is
Ethernet doing PPPoE to upstream DSL modem. Under 15T, a policy applied
to the physical Ethernet int that looked like this:
class-map match-any Hi-Priority
My biggest comments surround insuring that they're supported in recent
software. Cisco pulled some hardware support in the SXI - SXI1
rebuild.
Didn't know about that. Thought SXH and SXI had the same HW support.
Are there release notes for SXI1 up yet?
Chuck
What's the purpose of having those additional addresses bound as
secondaries? It's not needed for NAT.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Ryan Goldberg
Sent: Thursday, June 04, 2009 8:17 AM
To:
Steve,
You have an example of this? I've found on the platforms I work
on most that you can't use any LLQ (priority keyword) on a subint. So
I've put a policy handling the priority stuff on the main int, and then
the other shaping/policing stuff on the subint, but have always
questioned
Unless there are DFCs involved, I would expect a tiny delay when the
linecards switch over to the other PFC. I thought Cisco promised
failover times or a second or two with SSO on a 6500. I think you're
seeing what you should.
Chuck
-Original Message-
From:
Just curious. What kind of PPS was this multicast traffic? Was the fact that
it was multicast the big issue, or just the TTL itself?
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Chris Lane
Sent: Friday, April
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Seth Mattinen
Sent: Wednesday, April 08, 2009 3:15 AM
To: cisco-nsp
Subject: [c-nsp] T3 or Ethernet delivery?
How do you detect a down condition on Ethernet? My experience
Definitely need to check feature navigator. We found this same thing out. IP
Base on 2600-2800 does not equal IP Base on small switches or 7200s. IP
SLA...' is the feature to look for.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
That 12.4(3) IOS is pretty old. Trying a newer one might help, as
you're vulnerable to many things. It's possible there are bugs you're
hitting that are affecting performance. If you could consolidate some
things, that may help. You're matching RTP, but also matching packet
length, that might
...@puck.nether.net] On Behalf Of Church, Charles
Sent: Monday, March 23, 2009 5:41 AM
To: Justin Shore; Charles Wyble
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Changing SSH Port on IOS
Another useful feature in newer IOSs is 'Cisco IOS login enhancements'.
We find it pretty useful. Upon so many
Another useful feature in newer IOSs is 'Cisco IOS login enhancements'.
We find it pretty useful. Upon so many failed logins in a certain
timeframe, it can fall back to a more restrictive ACL, then go back to
the original after so many minutes.
Hey all,
Sorry about the really basic question. Can't find a
definitive answer anywhere else. Does 100FX do auto-negotiation of
duplex? If not, do they default to half or full? We're seeing odd
things on our stuff, some are Cisco to Cisco links, some are Cisco to
various
Does the Sup have Rommon 7.1(1) on it? Otherwise, it won't understand the 64MB
ATA card. I believe that's the only one that shows up as disk0:. The smaller
ones aren't ATA, so they're linear and show up as slot0:. Did you try verify
slavedisk0:filename?
Chuck
-Original Message-
). That might not support the card either. Either way, I'd
definitely get the ROMMON 7.1(1) on there if it's a 64MB ATA, and see if
the issue goes away.
Chuck
From: Alex Wa [mailto:awain...@yahoo.com]
Sent: Wednesday, February 25, 2009 2:31 PM
To: lista de correo de cisco; Church, Charles
Subject
Is ip tcp path-mtu-discovery in the global config?
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Antonio M.
Soares
Sent: Wednesday, February 11, 2009 10:36 AM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp]
Aren't those BOOTP clients that don't understand the concept of an
expiration?
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Justin Shore
Sent: Monday, February 09, 2009 12:51 PM
To: Manaf Al Oqlah
Cc:
enough to look into
it. Might be interesting to find out why though...
Chuck
-Original Message-
From: Justin Shore [mailto:jus...@justinshore.com]
Sent: Monday, February 09, 2009 2:11 PM
To: Church, Charles
Cc: Manaf Al Oqlah; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] DHCP Binding
I'm guessing you've upgraded to the latest Java version. Seems like the
last one broke the ASDM partially. You can https to the ASA, and then
pick the 'run applet' option. On mine, that'll spawn the ASDM
executable and it works. But running the executable directly ends up
doing what you're
I'm still using 5.2.x ASDM, as the ASA is running 7.2.x still (both late
interim releases). Hoping for a newer ASDM soon. 5.2(4)50 still is
broken.
Chuck
-Original Message-
From: Brian [mailto:bms...@gmail.com]
Sent: Monday, February 09, 2009 5:23 PM
To: Church, Charles; John
advanced IPv6
features.
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps5528/eol_c5
1_519208.html
Chuck
-Original Message-
From: Justin Shore [mailto:jus...@justinshore.com]
Sent: Saturday, January 31, 2009 11:08 AM
To: Church, Charles
Cc: Cisco-nsp
Subject: Re: [c-nsp] 3560
The way I read it was that they were rolling the Adv IP features (mainly
IPv6, I think) into IP Services, making Adv IP Services unnecessary.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Justin Shore
Sent:
Did you actually type out '/md5' in the command, rather than just trying
'/'? I've seen some abbreviated commands not work, even if they are
unique. On the other hand, I've seen some work that aren't unique.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
that supports verify with MD5 correctly. It's a
pain, but can't think of any better way.
Chuck
From: chloe K [mailto:chloekcy2...@yahoo.ca]
Sent: Friday, January 16, 2009 11:44 AM
To: Church, Charles; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] 2900 verify flash
Policy route with a time-based ACL maybe? Just a thought...
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Ramcharan, Vijay
A
Sent: Tuesday, January 06, 2009 12:46 PM
To: Cord MacLeod
Cc:
Agree. We've used this inbound as well on our links to our peers for
P2P traffic. Works pretty well, as long as it's TCP and you're shaping
it.
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Brett Looney
Sent:
Isn't it about time for a 13.0? Or is Cisco superstitious? :)
Chuck
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Skeeve Stevens
Sent: Wednesday, December 17, 2008 10:57 AM
To: 'Luan Nguyen'; 'Antonio Soares';
I think you can format the card (if it's the 64MB ATA card) in a PC running
Windows, use FAT16 filesystem. Copy the image to the card, and try to boot it
from ROMMON. Once running, you'll need to format the card in IOS (so the
MONLIB (kind of like a boot sector) is put on there). Then you
-Original Message-
From: David Lima [mailto:david.l...@alphasys.com.bo]
Sent: Friday, December 12, 2008 1:47 PM
To: Church, Charles
Cc: cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] Cat6500 sup2 boot from PCMCIA
Thanks a lot Charles for your response. I tried your suggestion but when I boot
Which VTP version? V3 has more 'checks' in it, might explain it. I've
never seen that with V1/V2.
Chuck
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of David Granzer
Sent: Wednesday, December 10, 2008 4:37 AM
To: cisco-nsp@puck.nether.net
Subject:
When did a gig of RAM be the new requirement for a full table, with a
couple views only? It seems 512 on an ISR will still have 150MB free
with a full table. Our 2821 with 12.4(21) with 768MB has 400MB free
almost all the time.
Chuck
-Original Message-
From: [EMAIL PROTECTED]
As you probably know, a DHCP server without some getting some help from
the routers is only going to serve addresses on the network it's located
on. Assuming this is on the customer prem, you're probably not going to
see them at the 7500 end. Do you have a topology diagram? Any reason
you can't
, November 02, 2008 8:11 AM
To: Church, Charles
Cc: cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] Client DHCP Server
I've tried turning of the DHCP server on the wifi routers, but there's
a problem in some of them that the option of turning this service off is
already missed. What about using some
Looks like they've built a transporter. Most likely using the IETF
protocol MoIP. Matter over IP.
Chuck
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mike Louis
Sent: Friday, October 31, 2008 6:04 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp]
Hey all,
I support a small network, with own ASN. They use address space
given by provider A, and are dual homed to providers A and B. We take
full routes from each, and announce that address space (a /23) to both.
In looking at a variety of looking glass sites out there, I see most
only
I believe the priority queuing can only be applied to a main interface,
not a subint. Create a second policy, and do the priority queuing on
that one, and apply that to the main int. The VOIP class/policy can
remain on the subint. I'm not totally sure about ATM, but that's how
I've seen it work
Sounds like an attempt at a man in the middle attack, where an infected
host attempts to act as the gateway to see all the network traffic,
analyze it, then forward it to the real gateway. Definitely not a good
thing.
Chuck
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
I believe the IOS is to blame. I saw a similar thing with 12.2(44)SE2
on 3550, I believe. The verify never worked, but MD5 verify did. I
don't remember the reload and signature issue though. I'm willing to
bet it'll work ok from here on out.
Chuck
-Original Message-
From: [EMAIL
Paul,
Do you have no ip nat service sip udp port 5060 in the config?
We had all sorts of registration issues involving NAT until we were told
to try that. The documentation for it isn't that good, but what it does
is turn off the NAT translation of addresses in the SIP payload. That
Anyone,
Seeing lots of output drops on ppp multilink interfaces across our
network, all multiple T1s, on 2600s through 3800 routers. The
underlying T1 serial ints don't have many drops (maybe 0.1% of those
found on the multilink int worst case). Any idea what would cause drops
on the
1 - 100 of 206 matches
Mail list logo
