Bandwidth delay product (BDP).
You'll find a bunch of articles out there searching for those terms. Adjusting
the TCP windows size to compensate for the delay should help you achieve close
to CIR.
You mention a Linux server (most distributions have TCP window scaling
enabled), but I'll
FQDNs are not dynamic. The ASA will use whatever the name resolves to when the
ACL is compiled.
Based on that behavior I'd say that, a wildcard entry wouldn't do what you want
it to even if the ASA accepted that input.
—
Laurent
On Thu, Mar 28, 2013 at 6:14 PM, Scott Voll svoll.v...@gmail.com
You didn't adjust the TCP window size of the stack.
Wish I could remember the exact syntax, but if you do a google search you
should find the systl commands to make the necessary changes for the protocol
stack.
—
Laurent
On Mon, Apr 1, 2013 at 7:08 PM, CiscoNSP List cisconsp_l...@hotmail.com
Curious, how does uRPF help under this scenario? Although the source address is
spoofed, the target is stil valid destination address.
—
Laurent
On Sat, Mar 16, 2013 at 6:38 PM, David Rothera david.roth...@gmail.com
wrote:
Depends on whether you want to defeat being the person being attacked
On Thu, Oct 27, 2011 at 12:41 PM, Keegan Holley
keegan.hol...@sungard.comwrote:
Your diagram got mangled. I think your PE facing interface has to be a
tunnel as well depending on the type of router you are connected to.
Assuming that the user port was an access port for vlan 1006 before,
On Tue, Jul 21, 2009 at 1:54 PM, Ruben Alvarezr...@opusnet.com wrote:
Now the ABR has all the N2 routes for the three routers. But so
do all three routers, which isn't needed. They only have one interface and
a default route. Is there a way I can ignore all routes in the area except
the
On Wed, Jul 22, 2009 at 4:13 PM, Ruben Alvarezr...@opusnet.com wrote:
A stub area is an area which does not receive external route
advertisements. It may be configured to reduce many route advertisements
into an area when the routing table consists of mostly external routes.
Instead of the
On Mon, Jun 15, 2009 at 7:08 PM, Justin Krejcijkre...@usinternet.com wrote:
Everywhere online that I could find seems to indicate LX and LH are 100%
compatible with each other and that Cisco even uses these two
interchangeably (to the dismay of some).
LX and LH interoperability shouldn't be an
Hey there.
Does anybody here happen to have any experience working with pseudo
wires that are port-tunneled on one side and vlan-tunneled on the
other? Having a bear of a time trying to figure out why I cannot pass
any traffic over a vc that's configured in this fashion.
Switch A
On Fri, Feb 13, 2009 at 12:10 PM, Justin Shore jus...@justinshore.com wrote:
Laurent Geyer wrote:
interface TenGigabitEthernet3/1.100
encapsulation dot1Q 100
xconnect Switch A IP 100 encapsulation mpls
end
Are you sure that you're not getting any traffic out of Te3/1.100? My
thought
On Fri, Feb 13, 2009 at 1:25 PM, Saku Ytti saku+cisco-...@ytti.fi wrote:
On (2009-02-13 12:02 -0500), Laurent Geyer wrote:
Does anybody here happen to have any experience working with pseudo
wires that are port-tunneled on one side and vlan-tunneled on the
other? Having a bear of a time
On Fri, Feb 13, 2009 at 2:05 PM, Ross McConner rmccon...@gmail.com wrote:
Maybe I'm just hitting my head against a wall and therefore can't see the
answer..
I'm looking for a way to take a non-trunked ethernet port and encapsulate
any of the L2 packets into a double-tagged dot1q vlan.
On Fri, Feb 13, 2009 at 2:05 PM, Ross McConner rmccon...@gmail.com wrote:
Maybe I'm just hitting my head against a wall and therefore can't see the
answer..
I'm looking for a way to take a non-trunked ethernet port and encapsulate
any of the L2 packets into a double-tagged dot1q vlan.
O
On Fri, Feb 13, 2009 at 4:36 PM, Saku Ytti saku+cisco-...@ytti.fi wrote:
On (2009-02-13 13:50 -0500), Laurent Geyer wrote:
Any reason why you believe I need to use pseudo wire classes here?
Because you need to dig out ethernet frame out from mismatching headers
in each end-point.
For all
This has to do with NAT behavior on Pix 6.x and supposedly changed on
the ASA, but I have personally observed the behavior there as well.
Pixes will inherently attempt to translate any traffic they receive on
an interface unless told not to.
In your case following should address the problem.
On Wed, Jan 7, 2009 at 9:52 AM, Ross Vandegrift r...@kallisti.us wrote:
On Wed, Jan 07, 2009 at 11:18:06AM +, a.l.m.bu...@lboro.ac.uk wrote:
Most of the crashes have been related to SNMP. For many MIBs, if you
poll an object at the same time it is changed/removed, there's a race
On Tue, Nov 25, 2008 at 10:32 AM, Teller, Robert
[EMAIL PROTECTED]wrote:
I am using radius and Microsoft's IAS server and that works just fine.
Radius works fine for authentication, but how are you handling accounting?
- Laurent
___
cisco-nsp
On Sat, Nov 22, 2008 at 9:55 PM, Tim Durack [EMAIL PROTECTED] wrote:
On Sat, Nov 22, 2008 at 9:46 PM, ghostonthewire
[EMAIL PROTECTED] wrote:
Tim Durack wrote:
Amazing:
usziplab001:~/config/Core# !scp
scp acl.txt [EMAIL PROTECTED]:running-config
Password:
acl.txt
On Thu, Nov 20, 2008 at 12:30 PM, Tom Simes [EMAIL PROTECTED] wrote:
What are folks using these days for a TACACS+ server that they're happy
with?
TIA!
Tom
The fork based on Cisco's code over at shrubbery has worked out well for me.
http://www.shrubbery.net/tac_plus/
Cheers,
Laurent
On Tue, Aug 19, 2008 at 9:56 AM, chip [EMAIL PROTECTED] wrote:
So far all of the software that's been presented will autodiscover devices
and backup configs and such. Is there anything around that will actually
take inventory of a router. By inventory I mean, list of cards, model
numbers,
On Tue, Apr 29, 2008 at 4:38 AM, Holemans Wim [EMAIL PROTECTED] wrote:
I know I have seen this before, but I can't find the article.
On most cisco IOS switches, you get syslog messages if a port goes down
or up. On a 6500 this is not the case.
But I remember seeing an article in which a way
On Wed, Apr 23, 2008 at 9:09 AM, Grant Moerschel [EMAIL PROTECTED] wrote:
Is it a viable and recommended option to instead portchannel those two gig
ports
on both sides to both double the bandwidth and eliminate spanning tree
issues? If so, on the core switch side should one gig link be on,
22 matches
Mail list logo