Cord MacLeod wrote:
Does this give enough information? From my understanding of spanning tree,
g0/46 should not be used for any traffic. g0/45 is the root port for all
vlans.
Spanning tree doesn't determine where traffic flows, it determines which ports
are active or blocking in their
Albert Goerend wrote:
On Wed, Mar 10, 2010 at 11:01 PM, James Slepicka cisco-...@slepicka.net
wrote:
I've seen similar behavior when spanning a vlan that runs across a 10gb
port/port-channel to a 1Gb interface (e.g., monitor session 1 source vlan
10, monitor session 1 destination int gi1/1).
Mohie wrote:
Any had used the cotext frewall on the FWSM?
Yes.
Is there any drawbackes of using it?
Yes, there are technical drawbacks, but they are manageable if you really want
to use multiple contexts.
Check out this link for a comparison of the feature limits between single and
multiple
Ryan West wrote:
You asked, now it's here. You can leverage the download cart
to queue up your downloads and get a page with all the URLs.
The main difference is now you have to accept the EULA,
whereas with the bookmark or Stig's greasemonkey script,
you did not.
I guess they took the
Jared Mauch wrote:
fileName:s72033-advipservicesk9-mz.122-33.SXI2a.bin
filePath:/swc/esd/03/crypto/3DES/281569550/contract
ftpServerName:download-sj.cisco.com
I was working on a greasemonkey-script for emulating the Java-applet, but hit a
couple of snags concerning binary output, so I did some
Ryan West wrote:
I ran into a little trouble with your script at first,
I was going to download now, rather than the cart and
it wasn't matching the page. I changed the included page to
http://tools.cisco.com/support/downloads/go/DownloadCart.x*
and now it matches for both download now and
Rodney Dunn wrote:
Please check the email thread a week or so back where I gave the direct
contacts for feedback.
They are open and want to hear helpful constructive feedback.
Rodney
I'm really not in the mood for banging my head against the wall, so I'm asking
for help from all on this list.
ying-xiang wrote:
hi,everyone
is there possible to terminate a ipsec tunnel on a VRF enabled interface on PE
routers?
Check out FVRF (Front VRF) and IVRF (Inside VRF) to see which if these you want
to use. Here's a link to a paper about terminating a DMVPN on these:
Aaron wrote:
In trying to do some IP policy routing on a 3750, I ran into some odd
behavior. I'd appreciate any pointers/help to get this working.
First of all, the 3750's does most things in hardware, and this is as a rule
not counted anywhere. You'll only see hits and counters moved when the
Burak Dikici wrote:
I would like consult some subject about BGP to the experienced BGP users. We
are making a BGP connection to a two different ISPs via central site router.
We are announcing our subnet via ISP-1 normally , but for ISP2 we are
announcing the subnet with AS path prepending
We have a 3550 which connects to two 6500s.
The 3550 has some L3 vlans on it, but we also need to trunk a few of the ports
up to the 6500s.
I've been banging my head because I cannot figure out how to make the two
uplink ports on the 3550 both trunk and route.
What I mean is, currently the
(The ftp.cisco.com brokenness has plagued me as well, but I've completely
given up complaining about issues with www or ftp.cisco.com)
Because of the borked ftp.cisco.com, I have generally used ftp-sj.cisco.com
instead, and it works just fine all the time.
/Stig
Hi there,
However on R19 I receive the label via eBGP. However I do not install into
The MPLS forwarding table but I do not know why ??
You send the labels via BGP, but have you enabled LDP/TDP between R18 and R19?
If not, it won't use any labels and consequently not install anything into the
Thanks for the quick reply. I am running 12.2(18)SXF10a , test mcast ltl
index doesn't seem to work.However in this case I could find the interface
number since I know where the was CSS connected. Can you guide me find the
index number someotherway.?
Take care to note that the test mcast ltl
Jeremy Parr wrote:
Does Cisco even make a DSLAM anymore? I can't find anything on their site. Any
good/bad/ugly suggestions welcomed
I guess not:
https://www.cisco.com/en/US/prod/collateral/switches/ps5704/ps298/prod_end-of-life_notice0900aecd80272b2e.html
We have used ZyXEL IES-1000 and
Check out NAV (Network Administration Visualized) at http://metanav.uninett.no/
as well. It gives full inventory of all devices as well as a load of other
useful features..
Best regards,
Stig Meireles Johansen
-Opprinnelig melding-
Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På
Try sh ip cache flow | inc AT3/0.1405.*163.65.47.29
The .* part matches anything in between like this:
. matches any single character
* extends the previous expression to zero or more times
So, you are saying match any single character, zero or more times
Take a look at
Google is your friend: http://www.google.com/search?q=gsm+modem+rs232
Best regards,
Stig Meireles Johansen
-Opprinnelig melding-
Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne av Rens
Sendt: 11. august 2008 13:28
Til: cisco-nsp@puck.nether.net
Emne: [c-nsp] Console access via
You should look into running several DMVPN's (using a FVRF and IVRF, as it's
called), one for each VRF you want to provide at the remote sites. If you have
a total of 5 VRF's, you'll have a headend with 5 different DMVPN's in 5
different VRF's and all is done with dynamic routing and setup.
Setup a sniffer and use netflow export on it. See f.ex.
http://www.ntop.com/nProbe.html
Best regards,
Stig Meireles Johansen
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Letkeman
Sent: 3. august 2008 18:19
To: cisco-nsp@puck.nether.net
Subject:
Sure is.. it's called a cable, and runs from a port in your vlan 1 to a port in
another vlan which you configure on your ACE-module. :)
Best regards,
Stig Meireles Johansen
-Opprinnelig melding-
Fra: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] På vegne av Teller, Robert
Sendt: 4. august
Hi there,
Here are two different solutions to this (there may be more):
1) Request four different VPN's from the SP and terminate in four different
VRF's on the central CE-router. Forward in four different VLANS/interfaces
towards the firewall, which have to have four different interfaces to
Hi there,
Just remember that the 3750 non-metro platform has several limitations,
especially for egress QoS, which I would think you would be interested
in using.
The short story is: The 3750-platform does only queueing and scheduling
on egress-interfaces. Any policing or prioritization you want
Hi there,
You should separate the customers in the LAC at your service provider.
Either in different VRF's or at least in different IP-subnets. The best
would be if you could get the provider to use *your* RADIUS-server for
authenticating. They could do a proxy and stripping unwanted
Not sure if there is any command to enforce a client-side split-vpn
which breaks the server-side configuration. This would kind of
invalidate the whole securitymodel.
What you could do, is separate the two VPN's in two different VRF's. I
haven't tried putting an EzVPN-config in a VRF before, but
Hi again,
It may be a bit unclear, but on the 3560/3750-platform, you'll have to
do egress policing by manipulating the DSCP-values on input-interfaces
and tweaking the srr-queues on the output-interfaces.
The old 3550-platform supported egress policing via aggregate-policers,
a bit more
Make sure the traffic enters the VRF correctly via a ISAKMP-profile.
Check the following quickly hacked example:
Given that the peers are directly connected at outside interfaces with a
192.0.2.0/24-network. If not, adjust peer-ip's and add default route in
global routingtable. No routing *into*
Hi there,
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/relea
se/12.2_25_se/configuration/guide/swqos.html
Best regards,
Stig Meireles Johansen
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kurt Bales
Sent: 15. juli 2008 13:57
To:
Hi there,
Short answer: you aren't missing anything. :)
Traditionally the 6500/7600-platform has been rather poor in the
QoS-department, presumably because of the extended use of
hardware-switching. I would think this is just one more of the wouldn't
it be great if.. features we want to see, but
Hi.
I can't see any big problems with a flat vpn-cloud considering the
following:
- The sites should ideally use a default route into the cloud.
- The sites should have no requirement for segregation inside the cloud.
- The sites should have absolutely common policies regarding all routing
Jason wrote:
I just pulled the SFP and it turns out it's an HP. The vendor is
shipping me two new ones. Can anyone give me a snippit of config with
SVI being used?
Try this:
!
ip routing
!
vlan 100
name whatever
!
interface GigabitEthernet0/2
description TLS 1G primary
switchport
Sorry, but this sounds like a won't work.
Your server is depending on sending spoofed packets. If this was on a
local VLAN, you could simply put if2 in the same VLAN as the sniffer-if
and let it work from there. I see you mentioned the traffic is fed by
RSPAN, so I guess the traffic isn't local,
Does anyone know how to make CEF load balancing work over etherchannels
and actually load balance on the etherchannel?
I have two GEC interfaces with 2 ports in each, and then I have two
routes multipath, one to each GEC interface
The problem is that the CEF algorithm is the same as the
We just discovered a very weird problem, we're not sure what to
attribute it to. We run a port-channel between a cisco (6509E,
WS-X6548-GE-TX) and a Huawei NE40E. Port channel consists of 2 copper
links and runs at about 1.2G. We've noticed huge number of input
queue
drops and overruns:
34 matches
Mail list logo