We have a setup where a pair of A99K boxes (IOS XR 7.1.3) are working as PE
routers, and on MLACP (active/standby) Bundle towards Metro Switch are
mixed L2/L3 subinterfaces.
When we try to configure static routes on standby node in customer VRF,
routes are advertised through both active and
Sorry - I was unclear. I was referring to the OID(s) for the alarms in the
original post (no issues regarding the systemowner bit). :-)
On Fri, 20 Dec 2019 at 00:21, Gert Doering wrote:
> Hi,
>
> On Thu, Dec 19, 2019 at 10:25:45PM +1300, Ivan Walker wrote:
> > If you do work
If you do work this out please share. I did search and was unsuccessful on
older software sometime ago.
Ivan
On Thu, 19 Dec 2019 at 08:03, Gert Doering wrote:
> Hi,
>
> On Wed, Dec 18, 2019 at 09:27:46AM -0800, Lee Starnes wrote:
> > I did check out both the alarm and e
maller
sites where the ASR9901 is just too big .
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
known work around for this or has anyone raised a feature request for this?
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Also beware of
http://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63979.html
"On October 17, 2015, the previously implemented CSS certificates used in
classic Cisco IOS-XR will expire.
*After the October 17, 2015 expiration date*, attempts to install a new
Cisco IOS-XR image, SMU, or
Thanks for the response.
LACP PDUs are layer-2 and can be transported across Ethernet circuits.
Providing your Ethernet provider will accept L2PT those frame types,
it is possible to run LACP across the sort of circuit you're describing.
Talk to your providers! If you coupled that with some
a shared NNI, or perhaps where pseudowire attachment
circuits are used (into the I-Component).
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail
I understand the ASR920 has a 12MB shared buffer (compared with 44MB for
for the ME3600X and 352MB for the ME3800X)
Can anyone using the ASR920 provide feedback on how they have found the
buffer size?
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp
A very interesting discussion. In regards to NG-mVPN when there are
ME3600Xs in the network what are the options?
*Replace
*Don't use the ME3600X to terminate L3VPN/NG-mVPN. What is the implication
when ME3600X may still be in traffic some paths but there is no mLDP - RPF
issues?
*Ingress
Thanks Mark for clearing that up. Not the answer that I wanted in regards
to the ME3600X as I have some already. Great to see the ASR920 is going
well as I will be getting some.
Cheers
Ivan
On 9 July 2015 at 22:44, Mark Tinka mark.ti...@seacom.mu wrote:
On 9/Jul/15 03:36, Ivan wrote:
I
I am hoping someone can confirm if the Cisco ME3600X and ME3800X support
mLDP. Some older emails to this list suggest this feature was expected in
2013. Looking at the Software Research tool some IOS versions show up as
having MLDP-Based MVPN Multicast. I have tried few versions but can't
get
capabilities P2MP, MP2MP.
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Hi Tom,
Try with 'general-ikeid' on SRX side under the definition of ike gateway.
You might need to upgrade Junos to have that option.
host@srx# set security ike gateway name general-ikeid
HTH,
Ivan,
On Fri, Mar 13, 2015 at 3:35 PM, Tom Storey t...@snnap.net wrote:
Hi everyone,
Trying
leaning towards 3.10.5S.
No special requirements for new features.
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Hi,
Most probably you have to enable explicitly 'family inet6 unicast' under
Juniper bgp configuration. But to be sure could you share the configuration
on both ends?
HTH
Ivan,
On Fri, Dec 19, 2014 at 7:51 PM, Harold Ritter (hritter) hrit...@cisco.com
wrote:
Hi Thiyagarajan,
You
Hi Tim,
Could you elaborate on rommon version comment please. I will be
upgrading myself shortly.
Thanks
Ivan
On 16/Dec/2014 2:39 a.m., Tim Warnock wrote:
Watch your rommon version too.
-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf
Thanks. Did see those but they look quite a bit bigger.
On 6/Sep/2014 9:46 p.m., Howard Jones wrote:
On 06/09/2014 03:13, Ivan wrote:
I am looking for some fiber cable guides like the Cisco ones here
http://www.cisco.com/c/dam/en/us/td/i/31-40/360001-37/363001-364000/363563.eps
/guide/hig15454/hig_15454.html#pgfId-655145)
I have had no luck finding anything similar myself and would appreciate
if anyone can point me to some.
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo
on the limits. I would like to have some
buffer.
Thanks
Ivan
On 5/Sep/2014 1:32 a.m., Jared Mauch wrote:
You should be able to do 120km with a ZR XFP @ 10G without anything.
If you later want to add equipment to the sites, you can look at doubling your
optics and something like this:
http
or perhaps
point to some doco, hopefully with examples. (Note all doco I have found
is for client vpns and ASAs).
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http
I have been unable to find CBAC/ZBF or similar on IOS XR. I suspect
these featires are not available but would be happy if someone could
prove me wrong.
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net
- - -
IP ERRORS On 100 10 Group:0 S
As mentioned before we are only seeing this on devices where we are
running 15.2(4)S4a
Thanks
Ivan
On 21/Jul/2014 7:56 p.m., Vitkovský Adam wrote:
And how about the regular mpls ping does that perform right
the above I suspect some rate-limiting may be taking place. I am
hoping someone will be able to confirm and ideally share some commands
that show come counters for the drops as so far I have had no success.
c7600s72033-advipservicesk9-mz.152-4.S4a.bin
WS-X6704-10GE
WS-SUP720-3BXL
Thanks
Ivan
No CoPP. Direct ping is fine. Just the PW ping having issues.
On 20/Jul/2014 2:13 a.m., Peter Persson wrote:
Do you have any Control-plane policing?
As i understand your email, you are pinging between two 7600's directly
and not anything behind it?
2014-07-19 13:47 GMT+02:00 Ivan cisco
=contentid=KB15141
http://juniper-frac.blogspot.co.nz/2009/09/deploy-srx-cluster-across-layer-2.html
Thanks to TAC. I have had some long cases but this one was sorted nice
and quick!
Cheers
Ivan
On 1/Jul/2014 1:03 p.m., Chris Marget wrote:
Your case reminds me of something Tim Stevenson said
retires?)
Does ipv6 nd dad attempts 5 help? How often are attempts made by
default. I am thinking this could help prevent the stalled state in the
future.
This for IOS 15.2(4)S1 on an ASR1k.
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp
Have logged a support case so hopefully can report back more soon.
Thanks
Ivan
On 1/Jul/2014 1:20 a.m., Chris Marget wrote:
Hi Ivan,
Your L2 broadcast / L3 unicast traffic has piqued my curiosity.
Can you share some details about the use case for this unusual traffic?
I have a project in mind
for this but would be
interested to hear if anyone else has seen this.
Thanks
Ivan
PS. Not really looking to get into the details of the connected devices
etc - just some HA type traffic using layer 2 over a vlan.
___
cisco-nsp mailing list cisco-nsp
. Not really expecting the 4900M to look higher than layer 2 of
these packets though as vlan does not have SVI.
Ivan
On 28/Jun/2014 10:17 p.m., Ivan wrote:
I am hoping someone may have come across an issue I am seeing on a Cisco
4900M running 15.1(2)SG3.
I have a device connected to an interface
So far I haven't been able to find any additional details about this. I
am guessing it is some kind of inbuilt L2 ACL.
Cheers
Ivan
On 29/Jun/2014 2:33 p.m., Justin Krejci wrote:
Is the layer 3 traffic multicast? Your indication of HA makes me suspect
it is and perhaps you have a multicast
I ran into this same issue. In my case the carrier only took CS0 and
CS6. No issues with ARP (CS6) but it turned out IPv6 neighbour
discovery is marked CS7. I am still without a solution...
On 29/May/2014 11:37 p.m., Ryan West wrote:
First thing, that's a bad carrier. Second, they are
License Level: IPBase
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Thanks Pete. Do you know if any of the other tunnelling modes are supported?
ipipIP over IP encapsulation
ipsec IPSec tunnel encapsulation
ipv6Generic packet tunneling in IPv6
ipv6ip IPv6 over IP encapsulation
Thanks
Ivan
GRE is not supported on the ASR901.
On Mon, May
Thanks to all have responded so far. Adam, what features were not
available for you when using LAG and what platform are you using?
Cheers
Ivan
As mentioned just make sure LAG on your platforms will allow you to use
all the features you require on your backbone.
That's why we had to go
So we are crossing the bridge to 10Gbps for some MPLS core links. I am
trying to work out if it is better to use aggregated links or ECMP. If
anyone has any experience or recommendation it would be much appreciated.
Thanks
Ivan
___
cisco-nsp mailing
power supply was
listed as ME34X-PWR-DC and the second as ME34X-PWR-DC-R, but the second
one costs 3 x as much - is there something special about the second PS
in this model?
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https
Just what I was after - EVC Local Connect. Looks like i needed a
newer IOS - 15.3(2)S. Thanks to those who replied.
http://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15-3_2_S/configuration/guide/3800x3600xscg/swevc.html#wp1079580
Ivan
On 20/Feb/2014 7:59
ME1(config)#
IOS is me360x-universalk9-mz.153-1.S1.bin. Have I done something wrong or
is this not supported?
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http
) and a common child policy for everything else... am
I on the right track?
Cheers
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Hi,
Can anyone confirm if SFP-10G-ZR works in C3KX-NM-10G for 3560X or 3750X.
Doesn't seem to be on the list
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http
could be...
Switch(config)#license boot level ?
AdvancedMetroIPAccess AdvancedMetroIPAccess level
MetroIPAccess MetroIPAccess level
Ivan
On 28/Sep/2012 11:30 a.m., Eric A Louie wrote:
Thanks for the help. That didn't work. I opened a case with TAC to get the
secret formula
Hi
Not sure what ESI stands for, but the main reason I don't want to do
bridge mode is to avoid the MAC learning. Also better not to use up the
bridges which are a global resource.
Ivan
On 27/Sep/2012 10:38 p.m., Nick Hilliard wrote:
On 27/09/2012 03:38, Ivan wrote:
Just connecting 2
for this connection
On 9/27/2012 6:38 AM, Nick Hilliard wrote:
On 27/09/2012 03:38, Ivan wrote:
Just connecting 2 service instances is all I would like to do.
There is a difference between an ESI and an xconnect. In the case of an
ESI, the switch will learn all the mac addresses passing over the link
prefer to only modify the 802.1p bits while leaving the IP
precedence.
At this stage I am thinking the only way to achieve what I am looking for
is to set only the 802.1p bits using an additional device...
Ivan
Hi,
We use ip local policy route-map xyz to apply a route-map to traffic
GigabitEthernet3/3 55
GigabitEthernet3/3 66 would be nice.
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Hi,
My experience is that any ME3600Xs ordered with licences have come with
the license pre installed.
Ivan
Hey folks, I'm trying to get the straight scoop on the licensing issue
I received an ME 3600x from my reseller, without the Advanced Metro
license. I
did order the license from them
)#connect NAMEHERE GigabitEthernet0/2 1 GigabitEthernet0/3 1
On 9/26/2012 8:38 PM, Ivan wrote:
Hi,
Does anyone know if it is possible to configure local connect on the
ME3600X? The closest I have found is hairpinning
http://www.cisco.com/en/US/docs/switches/metro/me3600x_3800x/software/release
provided below, so you may have a different issue.
Ivan
On 21/Sep/2012 8:32 p.m., Muthukumar Rajagopalan wrote:
Thanks Ivan for sharing the Thread, I just glanced the thread quickly, in
our setup, there is no QOS applied as of now.
The interface is a 1 Gig interface only and here is the show
is there anyway to set the CoS value for ARP traffic from the router,
ideally only on some interfaces?
2) Is this configuration going to kill my router - maybe I am forcing
some process switching?
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp
Hi Warris,
Running me360x-universalk9-mz.152-2.S1.bin
Thanks
Ivan
On 16/Sep/2012 12:20 a.m., Waris Sagheer (waris) wrote:
Hi Ivan,
The policy should work on EFP regardless of bridge or xconnect.
Which image are you using?
Regards,
Waris
-Original Message-
From: Ivan [mailto:cisco
5 minute offered rate bps, drop rate bps
Match: any
Hi Ivan,
There is no difference in terms of queue depth in case of policy at the
port level vs policy at the EVC from hardware programming perspective.
Port level policy would consume less queues as compare to queues per
to match at the vlan level when the EVC is
matching untagged or default traffic? I have tried but haven't been
able to get a successful config for this.
Thanks
Ivan
On 27/Aug/2012 4:34 p.m., Waris Sagheer (waris) wrote:
Problem Statement:
When there is a speed mismatch that is 10 Gig ingress
Thanks George. I am raising a SR to get some more information too. Are
you able to explain how the queue-limit of 2457 was selected? Also were
you given a version for the increase in the default queue size? I am
running me360x-universalk9-mz.152-2.S1.bin
Cheers
Ivan
On 23/Aug/2012 5:48
this list I have found very little information around this
whole issue. Any pointers to other documentation would be appreciated.
Thanks
Ivan
Ivan
Hi,
I am seeing output drops on a ME3600X interface as shown below
GigabitEthernet0/2 is up, line protocol is up (connected)
MTU 9216 bytes, BW
does not have information for the queue-limit as I have seen
when applying polices to the physical interface. Does this mean that EVCs
will still suffer from output drops?
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https
to
be the only option for checking mac address.
Cheers
Ivan
On 13/Aug/2012 7:47 p.m., Waris Sagheer (waris) wrote:
Hi Ivan,
You can use the following EVPL configuration which would allow you to see the
mac addresses e.g. in the following example you can see the mac addresses under
bridge-domain
Hi,
Yes, as far as I understand there is no mac learning which is great for
resource utilisation and scalability. No requirement other than it is
helpful for troubleshooting to see any macs.
Cheers
Ivan
Hi,
On 11 August 2012 10:32, Ivan cisco-...@itpro.co.nz wrote:
{cut}
xconnect
be captured - hardware v cpu etc. Any
documentation pointers would be appreciated.
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco
really want to xconnect on vlans and bridge to EVCs (not
sure that is possible on the ME3600X platform)
Thanks
Ivan
On 10/Aug/2012 8:09 p.m., Waris Sagheer (waris) wrote:
Ivan,
Which packet capture you are referring to on ME3600X?
There is no support of embedded packet capture on ME3600X.
Regards
address tables etc - much more scalable, but it would
be handy if there was an easy way to peek to help with
troubleshooting, as it generally indicates if the problem lies with the
customer or provider.
Thanks
Ivan
On 11/Aug/2012 3:53 a.m., Waris Sagheer (waris) wrote:
Hi Ivan,
How do you want
Hi
It is probably also worth looking at RFC5735 for other IP addresses that
could be filtered.
Ivan
On 24/Jun/2012 10:37 a.m., Randy wrote:
--- On Sat, 6/23/12, Mike mike-cisconspl...@tiedyenetworks.com wrote:
From: Mike mike-cisconspl...@tiedyenetworks.com
Subject: [c-nsp] ip access list
be interested what versions others are successfully
using, especially 15.2S or 15.2S1. 151-2.EY has been good so far but I
am aware of the rapid development on software for this platform and also
that there are quite a few issues around.
Thanks
Ivan
did suspect option 2 would be better
but didn't really have any idea of the numbers. Saving time and
processing cycles on BGP routes is always good.
Interesting to see just how may routes with private AS number in their
paths are out there in the DFZ too.
Thanks
Ivan
to optimise 2 above.
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
-if)# switchport vlan mapping drop default
Switch(config-if)# exit
You can also do similar on the ES+ lincards and maybe even the 3750ME
(probably limited to the ES ports..)
Ivan
On 8/Jan/2012 12:16 a.m., Olivier CALVANO wrote:
Hi
I am search a solution for this project:
Cisco 7301 connected
have seen I am suspecting that MPLS-Aware
Netflow may only be available in egress using standard no flexible
version???
Also an anyone confirm Flexible Netflow is the only way to get IPv6 flows?
Thanks
Ivan
___
cisco-nsp mailing list cisco-nsp
limitaion.
http://blog.ioshints.info/2011/05/scalability-of-common-services-mplsvpn.html
Cheers
Ivan
On 24/Nov/2011 9:35 a.m., Peter Rathlev wrote:
Before I make a complete fool of myself I thought I'd ask you nerds. :-)
I'm testing setting up a central services VRF that's supposed to
service 30
‐advipservicesk9.03.04.01.S.151‐3.S1.bin fixed the issue for
me. (I had trouble with
asr1000rp1-advipservicesk9.03.03.01.S.151‐2.S1.bin and
asr1001‐universalk9.03.02.00.S.151‐1.S.bin
Ivan
On 28/Oct/2011 5:28 a.m., Gökhan Gümüş wrote:
Dear folks,
I have an issue with one of our customer service
findings as it seams that this
product is pretty new.
HTH,
On Tue, Sep 6, 2011 at 10:34, Florian Bauhaus
f.bauh...@portrix-systems.dewrote:
On 09/05/11 21:11, Ivan Ivanov wrote:
Hi,
Did you check that? The target customers for that module are the mobile
operators but could fit your
/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
--
Best Regards!
Ivan Ivanov
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net
Ivan
On 30/Apr/2011 10:07 p.m., Antonio Soares wrote:
My end customer was running the same release (122-33.SRD4) but they didn't
perform the upgrade since the issue was not affecting transit traffic. But
TAC said that the upgrade to 122-33.SRD5 would solve the problem.
Regards,
Antonio Soares
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Hi Antonio,
Thanks for the bug id. I forgot to mention in my first post the 7600 in
question is running 12.2(33)SRD4. The bud info indicates it should be
fixed in 12.2(33)SRD5. Did you manage to upgrade your 7600 and fix the
issue successfully?
Cheers
Ivan
On 30/Apr/2011 12:54 p.m
) would be good.
I am not sure if the filter can be set to packets with IP header checksum
errors either
Cheers
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http
It is not always as well known, but client mode will not prevent usurping
the vtp domains This article covers things in a bit more detail -
http://www.networkworld.com/community/node/19931
Ivan
I'd agree that vtp can cause major problems if not deployed with caution
mechanisms to mitigate
some of the
mystery tunnels and then quite a few more after enabling multicast..
Would be great to see an explaination though.
Cheers
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive
for the Hop-by-Hop
EH.
(http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-sec_trfltr_fw.html#wp1072428)
Cheers
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
statistics
show mls qos interface int statistics
but the output doesn't confirming marking occurring rather just details
the (DSCP) markings on traffic entering and leaving interfaces.
Ivan
Hi,
We had to deploy some L3 service policies on a WS-C3750E-24TD. After
the config was put in place we
Hi all
I'd like to know if is possible to achieve equal load balancing on 3560-E-TS
switch.
Basically I got 2 switches interconneted with 2 FE ports. 200Mbps is
desirable throughput between themselves. IP routing enabled. CEF not
enabled.
port channel is L2 trunk dot1q.
I have 2 VRFs
VLAN 100 -
Hi all
I've got two switches 3560
group with 2xFE on both switches and inteconnected together.
port channel is L2
2 VRFs - ivan, mark
4 VLANs:
- vlan 100 VRF ivan for interconnection between swtiches
- vlan 11 VRF ivan for customer's connection
- vlan 200 VRFmark for interconnection between
Hi Billy
thanks a lot. Can you send me that doc? Link isn't working :-(
Regards
Ivan
On 24 June 2010 14:16, Billy Guthrie b...@billyguthrie.com wrote:
When you configure an etherchannel bundle, the frames are distributed
across the individual bundled links deterministically; however
is set up based on src-dst-ip - how to confirm??
I want prove that portchannel is using both ports in one direction only.
Counters should to help me but nothing is incremented.
Used devices: 3640
Thanks for comments
Ivan
___
cisco-nsp mailing list
Hi all
I'd like to ask You if is possible simulate network in GNS for etherchannel
with mst and QoS. If not please can You recommned any simulator for?
Thanks a lot
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net
hmmm :-(
thanks a lot
On 16 June 2010 14:35, Pavel Skovajsa pavel.skova...@gmail.com wrote:
Hello Ivan,
no currently it is not possible to simulate (proper term is actually
emulate) anything else above PVST+, as the only switch oriented card
in dynamips is NM-16ESW - which only supports
://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
--
Best Regards!
Ivan Ivanov
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http
with the known 8.2 or the new 8.3 (new features and new
bugs) to save the pain of an update later.
Ivan
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail
against second rule and those packets are
logged as being dropped (odd!). BGP is up (according to 'show ip bgp').
I have another example with a different set of ports.
Any help is appreciated!
Thank you!
--
Ivan Poddubnyy
Sr. Systems Administrator
Symantec Corporation / EHG
and control, and
still accommodates the same breadth of services that was shown in the
first example by defining the last-chance class-map matching only the
ACL as the last chance in the policy-map:
Anyways, the problem seems to be resolved. Thank you!
--
Ivan Poddubnyy
Sr. Systems Administrator
was different -- it was about no
protocols specified, all protocols will be inspected.
Has something changed in the way ZBF behaves in 15.x? And is it
documented anywhere? I was not able to find the information.
Any help is appreciated! Thank you!
--
Ivan Poddubnyy
Sr. Systems Administrator
This might help:
http://www.nil.com/ipcorner/LoadBalancingBGP/
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
-Original Message-
From: Matthew Melbourne [mailto:m...@melbourne.org.uk]
Sent: Friday, February 05, 2010 12:33 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp
Just guessing: Local policy routing that sets DF bit on ICMP ECHO traffic
between two known IP addresses with the set ip df 1 command within the
route-map.
Let me know if it works ;)
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
-Original Message-
From: Christopher Hunt
the
details ;)
Your situation might be easier as you're using default routing from the central
site, but do try to go for BGP everywhere.
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
-Original Message-
From: Jason LeBlanc [mailto:jasonlebl...@gmail.com]
Sent: Wednesday
IPSec
due to failure at one of the remote sites.
Note: You might want to use something else to detect MPLS VPN failure, for
example IP SLA between remote router and central router. This will detect a
failure anywhere in the end-to-end path.
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
. Microsoft
Network Load Balancing with unknown unicast MAC addresses immediately comes to
mind ;)
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo
guess) the best you can do is to catch changes in tracked object's state
with an EEM applet that clears all NAT translations.
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
So what is the bottom line? Is this the best that can be done with
simple end site redundancy with object tracking
ip nat translation outside address to kill
only the NAT translations tied to the failed IP address.
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
-Original Message-
From: Joe Maimon [mailto:jmai...@ttec.com]
Sent: Sunday, January 24, 2010 5:06 PM
To: cisco-nsp
Subject: [c
anyway.
And I would be quite happy clearing just the translations for the
wrong global for all local inside translations, but syntax does not
seem to allow that.
Write a Tcl script that does show ip nat translations and kills only the
relevant ones ;)
Ivan Pepelnjak
blog.ioshints.info
You need EEM 3.1 to catch outbound SNMP traps. EEM 3.1 is (at the moment) only
available in IOS release 15.0M.
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
-Original Message-
From: Arie Vayner (avayner) [mailto:avay...@cisco.com]
Sent: Wednesday, January 20, 2010 10:11 PM
1 - 100 of 215 matches
Mail list logo