Folks,
Long time no see! I'm back on c-nsp after a long hiatus with a question.
I'm having trouble getting NAT to work in IOS on some CEs (2821 and 3925
running 15). The site has a VRF for guest traffic and uses the default
VRF for corporate traffic. Previously they had a 3rd-party
On 2/10/2011 4:06 AM, Gert Doering wrote:
Well, the point is that there are not enough saveguards in VTP v1 and v2
to require some more active wrongdoing to make it explode - and if it
explodes, it usually requires walking to the some of the affected
devices to get it fixed.
Things like
On 8/22/2010 6:31 AM, Peter Hicks wrote:
Just out of interest - is this for marketing reasons, or technical?
At my ISP it was for security reasons. Our infrastructure was privately
addressed to limit exposure to the outside world. In theory, a true
MPLS P core is analogous to a pure L2
Does anyone happen to know if the 'service unsupported-transceiver'
command still works in the new 3560X/3750X series switches? I have a
need for super long-range single strand SFPs and would rather use
switches over media converters if I can help it.
Thanks
Justin
Jason Gurtz wrote:
After each drop this counter returns to 0 which tells me the Pix is
rebooting for some reason.
[...]
experienced this. The software rev is 6.3.
We experienced this on a 515E running 6.3 code. A move to the 7.0 series
solved this issue.
Same thing here. It would crash
joshua sahala wrote:
drew,
it may or may not be related, but...check the output of 'sh counter
int int [delta]' and look at the qos[1-21][In|Out]lost counters.
i was experiencing various drops due to the default interface (qos)
buffer allocation: basically, all of my traffic was hitting the
scott owens wrote:
Hello,
Has anyone looked at using outside air to provide data center cooling
during the winter season ? I am aware of Google and Intel research into
this area but how about on a smaller scale ? How about raising ambient
temperatures as well - do you keep your data
Hey guys. I hope you all had a good holiday break.
Does anyone know for sure what the Ethertype is for the CLNS packets?
I've found a couple IEFT drafts that talk about it it to a degree:
http://tools.ietf.org/html/draft-ietf-isis-ext-eth-01
Henry-Nicolas Tourneur wrote:
I'm not willing to use Tacacs+ because I'm setting-up a new server
environment and I don't want
to need to manually compile tac-plus and get broken dependencies after
an upgrade.
I've been using OSS tacacs+ daemons for nearly a decade and have yet to
run into a
Jason Plank wrote:
Really. The product seems to be selling quite well. You are over
stating. Keep it real.
Hardly. It means that people are using the Nexus as a L2 switching
workhorse and relying on additional L3 hardware to bring in the basic
MPLS/VPN capabilities.
Justin
Lincoln Dale wrote:
so some extent it depends on exactly how far 'down' into your DC you extend
MPLS VPNs.
for example, do you extend it down to the access layer?
or at what point do you map a MPLS VPN into a VRF or VLAN?
Our MPLS/VPNs stop above our top-of-rack L2 switches with VRFs mapped
Scott McGrath wrote:
Or Cisco could do something RADICAL and actually support the industry
standard optics model like they USED to
for GBIC's
I can understand their position on 3rd-party optics not meeting spec and
not inter-opting well. I've seen that many times myself on 3rd-party
Bill Blackford wrote:
I do not believe that Juniper keys their optics. My experience with this is
limited though. I am able to get third-party optics to work just fine in EX
switches.
bblackf...@wsc-asw-02-1 show chassis hardware
Hardware inventory:
Item Version Part number
Drew Weaver wrote:
Hi,
No HSRP, VRRP or GLBP on this box.
#sh mac-address-table aging-time
VlanAging Time
--
Global 300
no vlan age other than global age configured
Routed MAC aging time: 300 seconds
This is on our core, though so there are no hosts connected here.
Jeff Bacon wrote:
Will the SFPs from the ONS systems work in a cat6500? There's a plethora
of ONS-SC-2G SFPs out there, but not so many DWDM-SFP- modules. I'm
guessing that the disparity in supply means they don't work, but would
like some confirm.
(Have a temporary need to run a gig over
Oliver Boehmer (oboehmer) wrote:
I think the config doesn't honor TTL, so the implementation is rather
basic..
Would that be basic as in it only resolves the FQDN once when the config
is entered, once per boot, or possibly on a schedule later on in the
lifecycle of the router?
I noticed
Jared Mauch wrote:
On Nov 23, 2009, at 3:19 PM, Justin Shore wrote:
I noticed other changes between 24T1 and 24T2 that bit me this weekend when I upgraded 2
routers that are my NTP servers. First off all the NTP config that was moved way up in the
config in an earlier release suddenly got
Mark Tinka wrote:
Like when we moved from SRC3 to SRC5 earlier this month, RANCID
reported minor but strange changes to the configuration order,
e.g., the 'police' command under a policy-map has been given one
extra TAB indent. This looks very weird if you also have a 'set
mpls experimental'
Jeremy Reid wrote:
Hey Group,
Has anyone recently been seeing unusual/extended delivery dates being provided
on Cisco ASR1000 series or Catalyst 4500 gear? We've had some sizable orders in
place since July and we keep getting the ship date extended out each time it
approaches. Currently,
Mike wrote:
Yes it's enabled per the above. The drops only occur when I use:
ip verify unicast source reachable-via rx
However, I discovered that if I instead use:
ip verify unicast source reachable-via any allow-default
That seems to at least not drop packets, but I haven't tested to see
William McCall wrote:
Sorry to re-open. Good job to HP for generating noise. Anyone want to
buy some procurve switches?
I don't own a boat, hence no need for a boat anchor.
Justin
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
luismi wrote:
I wrote it in a previous email but here is again :D
7200 npe-g2 and 7600 rsp720-pfc3
I am using 12.2SRC but it is not supported there an I would like to know
if it is supported in another train.
12.2SR is all you can run on the RSP720. SX and SR will both run on the
Sup720
Ge Moua wrote:
C-NSP Wizards:
Our Cisco account team seems to be touting the ASA appliance (in a
cluster configuration) as the preferred solution for remote access
client vpn (IPSec SSL); as such my question then is:
Is it possible to make an ASA be vrf-aware?
My suggestion may not be
Jeff Fitzwater wrote:
We had a module fail on a 6500, which reseating it cured it for now.
Looking at the System Logs using the show logging system I see the
following messages at the time of the failure.I have not found the
explanation anywhere on the CISCO site for the values in these
Dale Shaw wrote:
Hi,
Long story short: we've got a bunch of VPN AIMs but no mounts
(stand-offs/spacers). It happened 'cause a colleague removed them for
government security compliance reasons, but left the mounts behind
(still attached to the system board). It's not feasible to recover the
I've got a 7206VXR w/ 4 PA-A3-OC3SMI PAs serving a couple thousand PVCs
of RBE DSL. I have another 2x OC3s on a 3660 doing the same thing only
with less PVCs. The 3660 crashed twice earlier this week in one day.
Once was on its own. The second was in the middle of a sh tech. I sent
the
Just a reminder to all those who were waiting on the release of
12.4(24)T2 that addressed most of the bugs reported by PSIRT on 9/23,
24T2 was posted this morning.
http://www.cisco.com/en/US/docs/ios/12_4t/release/notes/124TCAVS.html
It's supposed to also address the bug that prevents NTP
Phil Bedard wrote:
If you are already using a VRF to carry the default table you should be
able to import a default route from that vrf into your customer vrf.
You can use an import-map to select only the default. The only time
I've implemented something similar to this I've used external
Brett Frankenberger wrote:
Cisco has no support for:
ip route vrf vrfX x.x.x.x/x next-hop next-hop vrfY
where the traffic in vrfX matching that route would be sent over into vrfY
(and then forwarded according to vryY's forwarding table). (Some other
vendors can do that.) (In your case, you
I'm having to rush a MPLS/VPN into service this week. Certain customers
will connect into this MPLS/VPN on PEs facing L2 switches with sub-ints
in the correct VRF, MLPPP bundles, direct connect to PEs, etc (lots of
variety down the road). Simple so far. The majority of the traffic
will exit
Gert Doering wrote:
I am currently running (C7200P-SPSERVICESK9-M), Version 12.4(4)XD10
... it might be that this software just doesn't know about this specific
PA (which is very new, and anything based on 12.4(4) is a few years old
now regarding hardware support).
C7200P smells like NPE-G2,
Drew Weaver wrote:
I was wondering if anyone has any experience working with the Cisco ADM AGM
modules for the 6500s and how they compare with external appliance based
solutions for DDoS mitigation.
Anyone have any opinions on these?
It seems like it would be nice to just drop these into a
Kevin Graham wrote:
CSCsw79186. Its broken more than the bug suggests; both v3 and v4 clients are
get applied only to the 'peer' access-group. I had meant to bring this to
PSIRT's attention when the advisory went out, but got distracted by something
shiny.
Excellent catch. I tried to search
Given the recent NTP PSIRT from Cisco (cisco-sa-20090923-ntp) I decided
to spend the morning revisiting my NTP practices to lessen the chance of
getting kicked in the teeth by this router-crashing bug later on. In my
networks I usually have a pair (or more sometimes) of border routers as
Mark Tinka wrote:
We've seen strange issues with converters were providers
were unable to guarantee Jumbo frame MTU sizes because the
media converters don't support them - what the hell...
This happened to me with Versitron MCs. I had a set in production that
worked perfectly fine. Then
Jeff Fitzwater wrote:
Is there any issues with running UDLD with TX to Fiber converters at
each end of a gig cisco to cisco link? We are just over the distance
budget with the 10KM optics.
6500 TX port--- to fiber converter--- 18KM fiber--- to converter--- back
to TX port on 3750.
Should
a
completely unique set of GigE optics just for the ONSs. I can
understand to a degree Cisco only supporting Cisco optics but not even
all of Cisco supports all of Cisco's optics. That's the worst part
about it.
On 02/10/2009 15:27, Justin Shore wrote:
Back to your question though, yes UDLD
nick hatch wrote:
I get that too, but I strongly disagree with the strategy. In this part
of the world (Whatcom/Skagit county, Washington state), dark fiber is
cheap and readily available for about the cost of a T1 in many
locations. (If buildout is required, it's often subsidized into the
David Hughes wrote:
Interesting. I thought NSM was much better than Cisco's CSM (and a hell
of a lot cheaper).
You should really take a look at the new ADSM releases for the FWSMs.
It's actually pretty good. You have full control of all contexts if you
aim ADSM at the admin context. Of
Steven Saner wrote:
Is this really available? I was asking a SmartNet rep about this once
and was led to believe this isn't an option. Maybe it wasn't then and is
now? Maybe they were pulling my leg?
Sure. For a 7206VXR the part number is SP-SW-7206VXRN. However I don't
generally recommend
Gert Doering wrote:
How do people get these part numbers? For our smartnet contracts, getting
the right numbers for various 6500+sup720 combinations seems to be nearly
impossible.
Gert,
Two ways that I can think of. The first is from the Global Price List
on cisco.com:
Dave Weis wrote:
We want to provide a hosted/managed firewall service for our MPLS
customers. Is a pair of ASA's with multiple contexts the best way to do
this or would something else work better? I'm not concerned with the
customers being able to make changes themselves.
We do this with a
David Freedman wrote:
wonder if anybody has come across this before,
in 12.4(15)T, configuring a virtual-access per-user such:
I hate to suggest the obvious but since there are so many bugs in
12.4(15)T have you considered bumping that to the latest minor rev? I
think they're up to T7 or
Mohammad Khalil wrote:
We have Cisco device
cisco ME-C6524GT-8S (R7000) processor (revision 1.3) with 458752K/65536K bytes
of memory.
now the issue is that we have in each site a device like the mentioned and a
WiMAX RAS , all is functoning on DC power
now the issue is that we are
Antonio Soares wrote:
Stay away from 8.2. We are experiencing crashes since July (TAC case involved).
Tomorrow we will install 8.2.1-10 to see if finally
we get rid of this.
I've had good luck with 8.2.1-3 for our purposes. Any 8.2 prior to that
has that nasty coredump feature that writes
nm...@guesswho.com wrote:
Justin,
I believe I saw your posts on the RANCID list and although the 8.2 coredump problem can be a pain you can modify your rancid script to ignore the coredump file when rancid does a show flash. I do this for dhcp snooping since the db is small enough that I can
Justin M. Streiner wrote:
My main argument against the download manager applet is that I hate
dealing with several layers of dependency hell with Java. Does the
download manager work with the Java plugin in my web browser when that
plugin is based on different JRE versions? Also, there seems
Gert Doering wrote:
I really can't understand what is so hard about FTP access.
Fill in a web form once, claim yes, I'm no terrorist!, and then the
FTP servers put you into a he's no terrorist, may download crypto
software group...
This is really Internet 0.9 knowledge.
Or if they are
Brian Landers wrote:
Same reason that e.g. Vandyke requires an eligibility declaration before
downloading SecureCRT.
Yes, but even Vandyke now lets you answer the question once and no
longer have to answer it again. (Saying this as I'm downloading the
SCRT 6.2.3 upgrade right now with my
harbor235 wrote:
Is anyone out there using 6500 modular code? Is it stable? I have a 6509
with 720-3B, I would like
to use the modualr code but also do not want instability, any
thoughts/experiences would be appreciated.
If you go the modular route make sure you use the Feature Navigator to
jack daniels wrote:
Hi all ,
I have got a project for an ISP ( also LDP configured ) runnning OSPF to
migrate to IS-IS.
I was planning to runnn dual IGP , as ospf with AD 110 and ISIS with AD 115
, OSPF will always be preffered.
I was planning the challenges for migration, below are the ones
Daniska, Tomas wrote:
(btw - asking for requeue to bru is what everybody reasonable at Cisco
recommends to do - of course for europe...)
Does anyone know what the equivalent would be in the states? I try my
best to open cases first thing in the morning (CST) when I'm likely to
get someone
Does anyone know of a good article, table or chart that compares the
various T3 and T1 PA options? I've found a variety of docs but nothing
of them giving a clear and concise list of differences between the PAs
(features, chassis support, NPE support, etc).
PA-T3
PA-T3+
PA-MC-T3
PA-MC-T3+
chris.f...@yahoo.ca wrote:
Hello,
We have a customer with load-balanced path to us. TCP throughput is
affected by some out-of-order packets, and we were looking for a way to
queue the interface in order to try and mitigate this. Is it possible
to use any queueing mechanism to re-order packets
Jay Hennigan wrote:
What the #$^$...@# is going on with Cisco's download site? It completely
hangs Firefox with some shopping cart java thing. And this is downright
scary: http://www.west.net/~jay/images/cisco-wants-root.png
Enhanced downloads, brought to you by the same people who brought
Dale W. Carder wrote:
Is there a workaround?
I found a workaround. I couldn't download a file due to
some stupid java error, so I opened a tac case for them
to give me the file.
Maybe after this happens enough times and costs them real
money it will get fixed.
That's even better than my
Does anyone have any suggestions for providing Ethernet links over
bonded T1s?
We originally looked at Overture. They claimed that their product used
standard MLPPP and interoped well with 7200s. They sent out a tech to
help configure it in a lab. As it turns out they also require the use
Dan Benson wrote:
I have a 4948 that I was hoping to upgrade a few systems with but I am
dead in the water as it seems it does not support NAT.
I don't have any idea how to make it work but I do question doing NAT on
a CAT to begin with. Even if it did support NAT it would be done in
Vikas Sharma wrote:
Hi,
Is there any command on 3750 (e and non-E) switches which can tell
whether the power is AC or DC in the box? Like in 7206 we have sh
environemnt..
Something along this line?
me3750-1.dc#sh ver | i IOS
Cisco IOS Software, C3750ME Software (C3750ME-I5K91-M), Version
Antonio Soares wrote:
Hello group,
What actions are you taking ? What is the real risk ?
http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml
If I'm reading the notes correctly, to exploit the problem the attacker
must be able to complete a TCP 3-way handshake. That would
Scott Granados wrote:
Why does anyone comply with CALEA? Especially after the abuses of the
last 8 years and probably a lot farther back than that? I've been
reading about the requirements and the idea that ISPs cooperate with law
enforcement really makes me uneasy on a civil liberties
I'm soliciting suggestions on the pros and cons on the assortment of
ways to inject customer routes into iBGP at the edge.
One could simply reference prefix-lists in the BGP config on a
per-neighbor basis (or peer-group). The downside to this is that
prefix-lists can't haven't inline
You eluded to one of my strongest selling points on DFCs though I don't
think you made that particular connection yet. DFCs offload QoS to the
LC as you said. That also means that CoPP is also handled in hardware
if you have DFCs in place since it requires MLS QoS on that platform.
Ie, if
Michael Ulitskiy wrote:
As for grounding lug I would gladly add it to 6500 chassis if that was the only
problem.
Running it to every piece of equipment which count about 50 pieces at the
moment wouldn't be fun at all...
Doh...
I hate to say it, but the devices shouldn't have gone into
Michael Ulitskiy wrote:
I forgot to mention that after the 1st wave of failures we have installed tripp lite
surge protectors on all circuits. These last failures happened with tripp lites installed,
so it shouldn't be transients.
The events are random. Happened during daytime, night-time,
Unless you scrapped the paint off of every joint between the chassis
through the mounting brackets to the rack then you aren't guaranteed a
good connection. That's why most telco screw kits come with the star
washer to help scrap the paint of the rack and why most telco equipment
frames and
Randy McAnally wrote:
We got minor packet loss and noticeably slower speeds off the bat with 'mls
qos' enabled with all defaults, even with only 40-50% interface utilization.
In fact it took a while to figure it out. Be very careful when you enable it
if even minor packet loss will be an
MKS wrote:
Can you share your experience with BFD on the 7600 platform and sw release?
I use it and like it. However beginning with SRB2 Cisco removed support
for running BFD on SVIs. To date there is no workaround and the feature
hasn't been added back to SR. Otherwise it works fine in
Does anyone have any good links to an order of operations for what
happens in what order on the assorted types of Cisco interfaces in both
the ingress and egress directions?
I found one that touchs on the QoS order of operations:
Security Team wrote:
I have a telco that wants to hand me an OC3 on which there will be 3 DS3's,
all doing different things. One will be a clear channel (pt-pt) DS3, one
will contain 28 T1's in the DS1 time slots of the DS3, and one will be
unused for the time being.
CJ,
I'm going to agree
Rodney,
Do you think you might be able to gain the ear of someone responsible
for the CSCC? I've had ongoing issues with it ever since it was
introduced. I raised those concerns several times and they were never
resolved. Now that SCC has been completely deleted and replaced with
CSCC I
I'm having trouble figuring out how to use the conditional capabilities
of EEM applets to do something fairly simple. I'd like to check for
DHCP conflicts on a schedule and if any exist I'd like to generate a
syslog message and send an email. What I can't figure out how to do is
parse the
I'm getting pushback from TAC on this. They're telling me that using
class-default is unsupported and they pointed me to the config guide for
the platform as proof:
I'm having a little trouble doing something that should be simple. I'm
using a 3560 as a CPE to break up multiple services and bind them to
unique switchports. I don't normally use 3560s for this. The port in
question is for a 10Mbp PtP with no SLA across our backbone.
What I currently
the same apply to SVI + OSPF ?
Any known reason for this limitiation ?
(Waiting for my test 7606s to arrive!)
Dean
- Original Message - From: Justin Shore jus...@justinshore.com
To: Walter Keen walter.k...@rainierconnect.net
Cc: cisco-nsp@puck.nether.net
Sent: Thursday, July 30, 2009 4
Walter Keen wrote:
Hi, I'm looking at using BFD with BGP on 7600's (rsp720's and sup720-3b)
and was wondering if there were any known issues with certain IOS's in
the SRC or SRD train.
BFD support for SVIs was removed with SRB2 if that's something that you
think you'll need.
Justin
Jon Lewis wrote:
If by shut down, you mean all the lights go out, fans stop, etc., then
it sounds like you may have a power supply gone bad. If you mean it
stops working, but lights are on, fans are spinning, just the software's
locked up, then it be all sorts of things. If it's doing either
Hank Nussbacher wrote:
I just got this product alert from Cisco:
From: cisconotificationserv...@cisco.com
To: h...@efes.iucc.ac.il
Subject: Cisco Notification Alert -Alerts_Daily-07/28/2009 07:38 GMT
Cisco Notification Service Alert:
Cisco Notification Alert -Alerts_Daily-07/28/2009 07:38
According to a Pannaway SE who visited us a few years ago, he'd seen SPs
many times our size who used static routes for everything. He said we
weren't big enough to need a routing protocol. Of course he also said
that our pipes weren't saturated so we didn't need QoS and that IPv6 was
just a
Dracul wrote:
Hi All,
I can't seem to find more information of this model in the datasheets. Can
anyone confirm if this switch (Cisco Catalyst 2960PD-8TT-L)
has CLI and SNMP?
The only Cisco-branded switches in the product line that won't have have
a CLI are the Express switches. This of
Nick Hilliard wrote:
On 27/07/2009 17:39, Justin Shore wrote:
The only Cisco-branded switches in the product line that won't have
have a CLI are the Express switches. This of course means that the
LinkSys switches won't have a Cisco CLI (if they have one at all which
I doubt).
http
Has anyone out there experienced any 7206 crashes when they have a
bouncing DS1 on a PA-MC-2T3-EC? We've had 2 crashes in about 3 weeks
time. They've both generated crashinfo files. The first auto-rebooted
itself. Yesterday's did not.
System returned to ROM by error - a SegV exception, PC
The MLPPP interface was part of a VRF, had an IP and had uRPF
configured. Other than that no L3 IGPs. I do use BGP dampening but I'm
distributing this route into iBGP. MP-BGP to carry the MPLS/VPN vpnv4
routes but not using BGP for ip4 address-family routes. I should also
mention that
Brandon Applegate wrote:
I think I figured (part of) this out. Packets to the router != packets
through the router. Trying to ping something on the far side with
packet size of 9188/9216 gets me the expected icmp frag @ 9212. I still
think I'm going to proclaim that jumbo == 9000 to make it
Gert Doering wrote:
Hi,
On Thu, Jul 16, 2009 at 04:20:50PM -0500, Justin Shore wrote:
It has 5x the backplane to boot plus it's hardware forwarding. The only
real downside IMHO is that the unit uses SPAs which require SmartNets
per SPA (per license and per a lot of other things
Mark Tinka wrote:
I was thinking more, ASR1000 series. Will do wire rate, has
a large enough control plane to handle multiple full tables
to customers, is the natural progression from the 7200-VXR
platform, e.t.c.
I second (third?) the ASR 1002 suggestion. @ list price the 5Gbps ASR
1002
Does anyone happen to know if there's an SNMP OID that one can query to
see if a standalone T1, T1 channelized inside of a T3 or OC3, or a
high-capacity TDM interfaces like a T3 is looped up at the CSU? I've
had an occasion where a T1 was left looped up by the local-loop provider
that I
Ryan West wrote:
Justin,
Give this a shot:
http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=enstep=2mibName=CISCO-ICSUDSU-MIB
That MIB contains values for different loop codes.
Ryan,
That looks like a very useful MIB. I'll give that a try.
I looked at the source of the
I received this message from Cisco yesterday. I found the timing to be
rather ironic. I've munged the survey URL; I'm going to fill that out.
I would encourage EVERYONE to participate in this process by sending a
letter to tacwebsur...@cisco.com to let them know how they really feel
about
You might Google for a list of negative adjectives to keep on hand for
the call. If you can't find a list online I'm sure you know some people
who can help contribute to one just for this occasion.
Justin
Jared Mauch wrote:
I'm having a call with some people in a few minutes, I will share
Gert Doering wrote:
Now: what happens if the TACACS server is unavailable? The way we
currently run the shop is there is a local username configured as
fallback if TACACS doesn't respond - and people know that they get
slapped if they use this user without good reason.
How would command
One thing that the documentation always lacks is sufficient info on
handling IS-IS with CoPP. The inability of IOS to match IS-IS traffic
without using class-default is a major problem. Of all the people that
would need CoPP (people with publicly exposed routers like SPs) one
would think
Like Ryan said, clogin takes care of it. The only problem I've run into
is with v8.2 of the ASA code. Some nimrod programmer thought it would
be a good idea to store config related to the new core dump option in
v8.2 in a text file on the flash volume. The programmer also decided to
update
Tom Lanyon wrote:
Does anyone know how the newer architecture of the ASR1k ESP compares to
a 7200 NPE-G2 in regards to 'all services enabled' performance? If I
recall previous discussions on this list, it's fairly easy to overload
the CPU on the NPE when you start enabling QoS, NetFlow, WCCP,
Peter Rathlev wrote:
Core #2 doesn't have route-reflector-client configured towards the new
router, so it only sends it's own prefixes and prefixes from any RR
clients of it's own. That seems to make sense to me too.
It does now that I've thought about it. With iBGP not forwarding on
updates
I'm scratching my head on a BGP problem. I have a pair of core routers
and a pair of distribution routers in our data center. The DC routers
each have a single connection to the core routers (1 connection per
pair). Previously the DC routers were configured as route-reflector
clients with a
Justin Shore wrote:
Core:
!
address-family vpnv4
neighbor ibgp-peer send-community extended
neighbor 10.64.0.34 activate
exit-address-family
I added the last activate for grins but it didn't help. peer-groups are
auto-activated which is why it's not explicitly spelled out
Thanks for all who replied on and off-list. I see a few things in the
configs that were sent to me that I overlooked, like the 'bridge # route
ip' commands. That could very well be the problem. All of the configs
sent were using only a single default VLAN whereas I've disabled VLAN 1
and am
I've got an off-topic plea. I'm trying to configure a simple little
871W as a CE that I need to deploy next week. The wifi on this thing is
kicking my ass. 881Ws are completely different than their 871W
ancestors. 881Ws have a logically separate internal AP that you
basically session into.
Phil Mayers wrote:
Justin Shore wrote:
Phil Mayers wrote:
Common advice seems to be to make actual link-loss detection fast, in
preference to using BFD. That said, I know some people use BFD.
Assuming you're using LAN cards, you may want to see if you can make
router links as routed rather
1 - 100 of 433 matches
Mail list logo