do you have helper address set?
On Tue, Nov 3, 2009 at 9:12 AM, CJ cjinfant...@gmail.com wrote:
Hello all,
I have a vlan that has a primary and secondary ip address. My DHCP
server is in the secondary ip address. The DHCP server is a windows 2003
server with the scope enabled and
On Sun, Nov 1, 2009 at 9:54 PM, Omachonu Ogali oog...@gmail.com wrote:
How much is buzz worth? About the same as YouTube views. (In South Park
speak, theoretical dollars).
If you can't convert *positive* buzz into revenue, your marketing efforts
will serve as nothing more than brand
On Sat, Oct 31, 2009 at 10:35 AM, Chris Grundemann cgrundem...@gmail.comwrote:
On Fri, Oct 30, 2009 at 15:15, christian koch c...@sandcastl.es wrote:
looks as if its working based on the activity in this thread...
I think someone has to actually buy something, because of the chatter
looks as if its working based on the activity in this thread...
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
I am still able to DL code via FTP , their web UI stinks anyways.. why
bother?
On Mon, Jul 13, 2009 at 12:45 PM, Jared Mauch ja...@puck.nether.net wrote:
We apologize for any inconvenience. Software Download Area is unavailable
at this time.
New enhanced features for downloading software
https://neon1.net/as-stats/
On Mon, May 18, 2009 at 1:05 PM, Werner Detter wer...@trans.net wrote:
Hi,
we use http://nfsen.sourceforge.net/
Werner
_
cisco-nsp mailing list cisco-nsp@puck.nether.net
d-itg
http://www.grid.unina.it/software/ITG/link.php
pageant ios
On Thu, Mar 26, 2009 at 10:27 AM, Steve Bertrand st...@ibctech.ca wrote:
Inca wrote:
Does anyone know of a free (open source or otherwise) or low cost
traffic generator that we can use to stress test multiple gigabit
links
agreed, the keyspan works great with macs and under linux.. i've used
a targus one as well, which worked fine, but the hardware was flimsy
On Tue, Mar 17, 2009 at 5:20 AM, Wilkinson, Alex
alex.wilkin...@dsto.defence.gov.au wrote:
0n Tue, Mar 17, 2009 at 09:16:31AM -0400, Alex Moya wrote:
I'd agree with Stig's suggestions and his assumption about the local
pref is probably correct. I'd also suggest you check if your SP's have
defined communities to send in order to alter attributes of the
prefixes you are sending.
On Sat, Mar 14, 2009 at 5:07 PM, Stig Johansen
use a route server?
On Thu, Feb 5, 2009 at 11:50 AM, Gary Roberton gary.ciscom...@gmail.com wrote:
Hello all
Can someone look up which AS is advertising the 146.105.0.0 /16 network for
me, thanks.
Gary
___
cisco-nsp mailing list
.
e.g. cmd = set { permit ^blah blah .* }
--raymondh
On Nov 25, 2008, at 12:16 AM, Christian Koch wrote:
Rich- thanks and sorry i guess i was a little vague...
i meant to say i am looking for configuration for the tac_plus.conf side
On Mon, Nov 24, 2008 at 11:02 AM, Rich Davies [EMAIL
on a side note -
has anyone had any success getting older catos switches and enable
mode to work with the newer versions of tacplus?
christian
On Mon, Nov 24, 2008 at 10:41 AM, [EMAIL PROTECTED] wrote:
Hi,
The fork based on Cisco's code over at shrubbery has worked out well for me.
On Mon, Nov 24, 2008 at 10:48 AM, Christian Koch [EMAIL PROTECTED]
wrote:
on a side note -
has anyone had any success getting older catos switches and enable
mode to work with the newer versions of tacplus?
christian
On Mon, Nov 24, 2008 at 10:41 AM, [EMAIL PROTECTED] wrote:
Hi
http://nanog.org/meetings/nanog44/presentations/Tuesday/RAS_irrdata_N44.pdf
On Tue, Nov 11, 2008 at 4:29 PM, [EMAIL PROTECTED] wrote:
Hello
Just wanted to ask how must is Internet Routing Registry used with RPSL
currently on the Internet? Do a lot of providers still rely on that to
create
do you have the signature location configured properly?
ie: ip ips config location flash:(directory)
On Sat, Nov 8, 2008 at 7:48 PM, Dan Letkeman [EMAIL PROTECTED] wrote:
Hello,
I have configured IPS on a 2821 running the firewall ios. I have the
configuration and signature files on a
new edge router, os will run ios-xr
On Fri, Oct 31, 2008 at 5:03 PM, Mike Louis [EMAIL PROTECTED] wrote:
Hello All -
Seeing an issue on FWSM running 3.2(4) code..
Where a static nat gets stuck, and the host becomes unreachable via
both ingress/egress
If i issue a clear xlate local x.x.x.x, this clears things up and
connectivity is restored
there are currently 2 hosts on the same network, yet this
it stops working?
You might need to define a static arp with alias to fix it.
--- On Mon, 20/10/08, Christian Koch [EMAIL PROTECTED] wrote:
From: Christian Koch [EMAIL PROTECTED]
Subject: [c-nsp] FWSM Static NAT gets stuck..
To: Cisco-nsp cisco-nsp@puck.nether.net
Date: Monday, 20 October, 2008
it.
--- On Mon, 20/10/08, Christian Koch [EMAIL PROTECTED] wrote:
From: Christian Koch [EMAIL PROTECTED]
Subject: [c-nsp] FWSM Static NAT gets stuck..
To: Cisco-nsp cisco-nsp@puck.nether.net
Date: Monday, 20 October, 2008, 3:38 PM
Hello All -
Seeing an issue on FWSM running 3.2(4) code..
Where
I don't believe that is what he is asking..
The way I interperted his question was If there is a way to
consolidate his configuration...
Something like using peer-groups and peer-templates with BGP to group
identical-configuration-items...
If so, I don't know of anyway to do so..but if there is
concurrently on a one single box two routes with the same prefix and
different next-hops and select which of routes is to be used based on where
the traffic comes from (not src IP address but interface).
Tomas
Christian Koch wrote:
use meds
On Sun, Sep 14, 2008 at 5:48 PM, Tomas Hlavacek
use meds
On Sun, Sep 14, 2008 at 5:48 PM, Tomas Hlavacek
[EMAIL PROTECTED] wrote:
Greetings!
I am thinking about a scenario, which is maybe quite common, but I do not
know how to make that work.
Say that an AS1 is receiving full BGP table from multiple upstreams, for
example AS100 and
IOS.
Justin
Christian Koch wrote:
checked for any switches after the inputting the ip address on logging
host command but nothing was available
#logging host 1.1.1.1 transport ?
% Unrecognized command
On Wed, Sep 10, 2008 at 3:55 PM, Tassos Chatzithomaoglou
[EMAIL PROTECTED] wrote
I know i can set the remote syslog port on ASA/PIX's, but i don't seem
to see that it is possible in IOS.
I wanted to segregate logs by sending them from certain devices to
separate syslog ports
Can anyone confirm this behavior?
Has anyone had the need to do something similar?
Thanks
to receive syslogs from over
the network. Very, very configurable.
-Rick
Christian Koch wrote:
I know i can set the remote syslog port on ASA/PIX's, but i don't seem
to see that it is possible in IOS.
I wanted to segregate logs by sending them from certain devices to
separate syslog ports
Can
because that is not how splunk works, we want to create separate
splunk instances, each instance has its own syslog port...
On Wed, Sep 10, 2008 at 2:46 PM, Pelle [EMAIL PROTECTED] wrote:
On Wed, Sep 10, 2008 at 18:41, Christian Koch [EMAIL PROTECTED] wrote:
I wanted to segregate logs
udp port Y?
--
Tassos
Christian Koch wrote on 10/09/2008 19:41:
I know i can set the remote syslog port on ASA/PIX's, but i don't seem
to see that it is possible in IOS.
I wanted to segregate logs by sending them from certain devices to
separate syslog ports
Can anyone confirm
you can also try a weather map like below...
http://www.network-weathermap.com/
http://netmon.grnet.gr/weathermap/#docs
On Thu, Sep 4, 2008 at 9:00 PM, Aaron Riemer [EMAIL PROTECTED] wrote:
Hi Guys,
Is anyone out there using any open source or free dashboard network
monitoring software? I
i second using the nfsen/dump tools
On Wed, Aug 27, 2008 at 5:25 PM, Ge Moua [EMAIL PROTECTED] wrote:
Nfsen w/ nfdump engine.
Regards,
Ge Moua | Email: [EMAIL PROTECTED]
Network Design Engineer
University of Minnesota | Networking Telecommunications Services
-Original Message-
have you tried adding \ in front of the % character?
On Sun, Aug 24, 2008 at 10:32 PM, [EMAIL PROTECTED] wrote:
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
Hi,
Has anyone had any issues with filtering anything with a % sign in
the url when
what do you see when you do a 'sh svclc vlan-group' on the 6500 that
ace-b is installed in?
On Thu, Aug 21, 2008 at 7:32 PM, Teller, Robert
[EMAIL PROTECTED] wrote:
That is correct. But if I do show vlan on the ace module it doesn't show
up even though it is associated to vlan group 9706
you could use nipper, which is a config auditor, so it will audit your
security policy and configuration, and you have the options to export
to xml, html, etc ..
http://sourceforge.net/projects/nipper/?abmode=1
On Tue, Aug 19, 2008 at 4:56 PM, Artur Renato Araujo da Silva
[EMAIL PROTECTED]
a 64bit route distinguisher and the 32bit ip address are used to
create vpnv4 address, which specifically solves the overlap problem
On Tue, Aug 19, 2008 at 9:19 PM, Andy Saykao
[EMAIL PROTECTED] wrote:
Just wondering from those in the know, whether it's best practice to
implement public or
.* should do the trick
RTR#sh ip cache flow | i Te1/1.*1.1.1.1
Te1/11.1.1.12.2.2.2tcp 58436 443
1
Te1/11.1.1.12.2.2.2 tcp 57819 443
2
Te1/11.1.1.12.2.2.2tcp 58424 443
1
On Fri,
i was thinking the problem was 'outbound' maps, but then when double
checking i saw this
Restrictions for BGP Route-Map Continue
•Continue clauses are supported in outbound route maps only in Cisco
IOS Release 12.0(31)S and subsequent releases.
i don't believe so..
On Sun, Aug 3, 2008 at 2:14 AM, Vikas Sharma [EMAIL PROTECTED] wrote:
Hi,
Does FWSM support mac-address auto command? If yes which version?
Regards,
Vikas Sharma
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
Can anyone tell me exactly what the ethernet out of band channel is
used for and why I would be getting errors on it?
box is 7609-S with RSP720
Thanks
Christian
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
FWSM is supported with 12.2(33)SXI
On Thu, Jul 31, 2008 at 3:25 AM, Asbjorn Hojmark - Lists
[EMAIL PROTECTED]wrote:
I am working on implementing two 6509 chassis setup using vss
and ace/fwsm modules. Anyone know of any good books for the ACE
and FWSM modules?
Neither ACE nor FWSM is
wccp should work..google around for some example configs, there is plenty
around, it is pretty straightforward..it is the overall solution that you
will need to decide on what will be best fit for your problem/environment
wccp on router gre tunnel squid box auth to radius etc, whatever
or you
i found some of the docs on cisco.com to be pretty useful..
ACE
http://www.cisco.com/en/US/products/ps6906/tsd_products_support_model_home.html
FWSM
http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/tsd_products_support_model_home.html
the virtualization design guide should be able
yeah, go to CCO download software router software platform RSP Type
ROMMON
?
I remember a bug in 12.0S where TCP window size becomes 0 for BGP causing
it to flap. Or if it is an MTU problem you might see that the BGP Keepalives
are being throttled.
--- On *Tue, 22/7/08, Christian Koch [EMAIL PROTECTED]* wrote:
From: Christian Koch [EMAIL PROTECTED]
Subject: Re: [c
same issue, no differences...got me
On Sun, Jul 20, 2008 at 2:53 AM, Oliver Boehmer (oboehmer)
[EMAIL PROTECTED] wrote:
I don't know, but I would try it.. Looks weird..
oli
--
*From:* Christian Koch [mailto:[EMAIL PROTECTED]
*Sent:* Saturday, July 19
Hello -
I have the following topology in lab, testing different failure scenarios.
When i disconnect the link between aR1 and bR1, what would appear to be
normal happens - ospf and ldp neighbor go down.
When i re-connect the link between aR1 and bR1, the interface comes back up,
osfp/ldp
sorry forgot to specify
the bgp session from aR1 to bR2 is the session in question
ck
On Sat, Jul 19, 2008 at 2:21 AM, Christian Koch [EMAIL PROTECTED]
wrote:
Hello -
I have the following topology in lab, testing different failure scenarios.
When i disconnect the link between aR1 and bR1
? Does the
session come back up eventually, or will it stay down?
oli
Christian Koch wrote on Saturday, July 19, 2008 8:38 AM:
sorry forgot to specify
the bgp session from aR1 to bR2 is the session in question
ck
On Sat, Jul 19, 2008 at 2:21 AM, Christian Koch
[EMAIL
regarding loopback
addresses, bgp router-id and things? Possibly add some bgp debug (deb
bgp all events, deb bgp all, deb bgp all keep) and see if something
weird pops up?
What does the neighbor's (10.10.10.3) log say?
oli
From: Christian Koch [mailto
if you have high mtu such as 9180 on that interface, and packets exceed
1500, counters will increment
On Tue, Jul 15, 2008 at 1:56 AM, Michalis Palis [EMAIL PROTECTED]
wrote:
Hello all
I have some interfaces on my networks (gigabit / ethernet) which report a
huge amount of giant packets.
i am not sure i am correct, but i thought the 'other' side of the trunk had
to support PVLAN's as well...
can anyone clarify if thats wrong or right?
ck
On Tue, Jul 15, 2008 at 3:37 PM, Rafael Rodriguez [EMAIL PROTECTED]
wrote:
Hello all,
I am trying to figure out if the following will
on the 7200, map ipsec tunnel to the vrf instance? - iskamp profile?
On Mon, Jul 14, 2008 at 8:46 PM, Peter Rathlev [EMAIL PROTECTED] wrote:
Hi,
I have a strange-ish problem. I've configured an IPSec tunnel between a
7206 NPE-G1 12.4(12) with SA-VAM2+ and an ASA 5550 7.2(4). For some
my point is not every mpls vpn customer is going to be a firewal customer,
so why does it matter if there are say 500 mpls vpn customers on 1 box but
maybe only 30 managed fw's?
On Sun, Jul 13, 2008 at 9:03 PM, Matt Carter [EMAIL PROTECTED] wrote:
what is the constant vrf reference?
just
what is the constant vrf reference?
just because someone is an mpls vpn customer does not mean they are going to
be a managed firewall customer..i dont know why you keep referencing vrf?
and 2000 customers on a 65/7600 is alot, you dont think so?
On Fri, Jul 11, 2008 at 3:25 PM, Benny Amorsen
i dont understand your correlation..
layer 3 vpns and vrf's are not dependant on firewalls
On Thu, Jul 10, 2008 at 4:37 AM, Benny Amorsen
[EMAIL PROTECTED][EMAIL PROTECTED]
wrote:
Christian Koch [EMAIL PROTECTED] writes:
im a bit confused by your use of terms in the question...
are you
that i cant answer.it just sounded like you were implying a vrf needed
firewall service, which is what was confusing me...
but FWSM scales to 4 per chassis, which is 2000 contexts, 20gbps throughput
..'on paper'...
IOS FW is VRF aware as well, and 7200 makes for a great CE device..
On
what is your hardware/software ver platform?
On Tue, Jul 1, 2008 at 5:19 PM, almog ohayon [EMAIL PROTECTED]
wrote:
Hi,
I have the following scenario :
1 specific source to 1 specific destination that needs to be limit to
certain amount of bandwidth but
still have minimum BW guarantee and
MPF (multi-processor-forwarding)
http://www.cisco.com/en/US/prod/collateral/routers/ps341/prod_end-of-life_notice0900aecd8067dd9f_ps352_Products_End-of-Life_Notice.html
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/MPF123T7.html
On Tue, Jul 1, 2008 at 12:41 AM, Wilkinson, Alex
you'll want to look into CAR for rate limiting
im sure you can find something using snmp/mrtg and the QoS MIB's
On Wed, Jun 25, 2008 at 9:06 PM, root net [EMAIL PROTECTED] wrote:
Hello,
This may have been asked before if so I apologize but just want some
clearer
insight. What is the best
etherchannels are not supported with PVLN's, if im correct?
On Fri, Mar 14, 2008 at 8:19 AM, Jimmy Stewpot [EMAIL PROTECTED] wrote:
Hi,
Would it be possible to have a promisc 10GbE port connected to switch
then have that switch as flat layer 2 device with Etherchannel to the
servers there?
you can use qos/nbar to rate limit the traffic like this..
!
class-map match-any web-traffic
match protocol http
match protocol secure-http
match protocol ipsec
match protocol dns
match protocol (other non-offending traffic here)
!
class-map match-any youtube
match protocol http url
like Roland said you need to look a bit deeper at the functionality and
features you will need
i use XR 124xx as core and peering routers and 7609-s as aggregate routers
in some locations
in others we use 7609-s as core/peering routers
On Sun, Mar 9, 2008 at 8:03 PM, Roland Dobbins [EMAIL
hi all -
if by mistake a prefix list was added with the same sequence number, would
there be any negative result?
the prefix list would be referenced in a route map which sets metric for
hsrp-active/standby
so if i have
ip prefix-list HSRP-S seq 2 permit 10.10.10.0/27
and the following is
]
wrote:
Hi,
On Thu, Feb 21, 2008 at 3:34 PM, Christian Koch wrote:
if by mistake a prefix list was added with the same sequence
number, would there be any negative result?
On Fri, Feb 22, 2008 at 10:54 AM, Higham, Josh [EMAIL PROTECTED] wrote:
I believe that you get an error
Kim - You cant get any more on point then this
well said Justin
On Feb 19, 2008 11:04 AM, Justin Shore [EMAIL PROTECTED] wrote:
Kim Onnel wrote:
From your perspective, what is to be considered enough documentation to
troubleshoot problems in a corp.(switches + PIX + WAN routers)
what code was this in?
thanks for the info as well, from this and all the responses of my other
fwsm thread, i am finding out tons of useful information :)
On Fri, Feb 15, 2008 at 9:12 AM, Peter Rathlev [EMAIL PROTECTED] wrote:
Hi,
I can see there was a thread from May 2006 about the FWSM
Hi All,
IM looking for some opinions..
we are deploying FWSM for a customer firewalls, and someone has brought up
the thought of moving our coproate firewalls (now on asa's) over to these
same FWSM's..
my main thoughts are to stray away from this.. does anyone run an
architecture like this
thanks for your input, this is some of what i was looking for - real
experiences with the fwsm
On Feb 13, 2008 11:50 AM, Dale W. Carder [EMAIL PROTECTED] wrote:
On Feb 13, 2008, at 10:36 AM, Christian Koch wrote:
we are deploying FWSM for a customer firewalls, and someone has
brought up
Im looking for specifics on hw/sw/performance/throughput regarding different
encryption types on l2l tunnels (AES-256-SHA1, AES-128-SHA1, 3DES-SHA1,ETC)
a comparison or data sheet would be great, i dont know why i cant seem to
find something on cisco.com
thanks!
christian
Does anyone actually use this?
IS there any reasons NOT to use it?
Advantages/Disadvantages of using it?
I've never used it myself, but am wondering if it is a decent quick way to
mitigate attacking ip's
Thanks!
___
cisco-nsp mailing list
check out Richard Bejtlich's book - extrusion detection, very good read,
and tons of usefull tips/tools in there...
http://www.informit.com/store/product.aspx?isbn=0321349962
http://www.informit.com/authors/bio.aspx?a=d166f1f7-55c7-4987-80bc-230bcb6a1f94
On Feb 5, 2008 9:17 AM, Drew Weaver
everything fine for me from direct peering
and through comcastlevel3
On Jan 31, 2008 5:01 PM, Alex Balashov [EMAIL PROTECTED] wrote:
It is my consistent impression that this is the result of Google
rate-limiting ICMP traffic + lots of people pinging them due to their
canonical ubiquity (in
BT Diamond IP
http://btdiamondip.com/
rocks.
On Jan 29, 2008 2:05 PM, Ray Burkholder [EMAIL PROTECTED] wrote:
http://www.oneunified.net/blog/OpenSource/Debian/AddressManagement/index.blo
g (See the 2007 June 29 entry) (Constructive criticism on the 2007 Sept 14
article are welcome as
lets see.. i got a couple cat55k's up over 3000 days
i knnow i have another device up somewhere around 11/12 years, i just cant
remember which one right now..
i knnow i ahve some more
SJC1 sh sys
PS1-Status PS2-Status Fan-Status Temp-Alarm Sys-Status Uptime d,h:m:s Logout
-- --
72 matches
Mail list logo