Thanks Mack,
so I have to change all the 7603 boxes and move to 7603-S to support
the ES+ cards and upgrade all the supervisors to SUP720-3B minimum.
Moving to ASR's series (like the ASR1002) could be a good alternative
choice because of the limited GE ports I need on the small POP's (5
GE) ?
Hello Mattias,
but in the ME3600X (or ME3800X) is it possible to apply a
configuration like this ?
interface gigabitethernet0/1.10100
no switchport
encapsulation dot1q 10 second-dotq 100
ip address 10.0.0.1 255.255.255.0
with the ES+ (and I think also with 7600-SIP-400 + SPA-5X1GE-V2) is
Yes and No
You can do better.
But you need to learn about EVC and EFP.
They can basically do whatever you can think of with tags and the attach
that too a SVI (evc in nextgeneration gear).
So, say you want too do a ip unnumbered setup. you just point individual
tags on individial interfaces
M interesting. It could be something like this:
interface gigabitethernet0/2 Trunk vs DLSAM/MSAN/FTTH
Aggregator
switchport mode trunk
switchport trunk allowed vlan none
service instance 1 EthernetCustomer 1
encapsulation dot1q 10
Davide Ambrosi davide.ambr...@trivenet.it writes:
I see that 7600 catalyst modules doesn't support QinQ VLAN termination
(the command encapsulation dot1q outer-vlan second-dot1q inner-vlan)
because they are LAN modules.
The only cheap way to do what you want is to use some other box to
either
vrf oneone
rd 10.0.0.55:11
address-family ipv4 unicast
aggregate-address 12.12.12.0/24 summary-only
it seems that if I have a loopback interface with ipv4 addr 12.12.12.1
255.255.255.0 that it will not kickoff that bgp aggregate advertisement,
BUT, if I delete the loopback interface
Did you get the prefix of the locally configured loopback into bgp table
please?
adam
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Aaron
Sent: Thursday, February 28, 2013 2:14 PM
To: cisco-nsp@puck.nether.net
Subject:
No. loopback connected network showed up in rib but not in bgp table.
-Original Message-
From: Adam Vitkovsky [mailto:adam.vitkov...@swan.sk]
Sent: Thursday, February 28, 2013 7:29 AM
To: 'Aaron'; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] bgp aggregate address
Did you get the
On 28/02/13 13:38, Aaron wrote:
No. loopback connected network showed up in rib but not in bgp table.
Well.. then this is expected behaviour. BGP won't aggregate things
unless they're in BGP.
Presumably you are doing redis ospf (shudder) which is why the 2nd
case worked.
Exactly what I did for my SAN network -- replaced a stack of two 3750s
with two 4500Xs using vss.
Works flawlessly.
-Rick
On 2/28/2013 12:16 AM, CiscoNSP_list CiscoNSP_list wrote:
Is anyone using this in production? any issues? (Realise it's a very new
feature release)
Got a new pair of
Opps, misspoke about the injected via igp (ospf) statement.
Remote router (R1)
Router trying to do aggregate route on (R2)
R1 --- mpls l3vpn --- R2
So this is how R1 sends the route to R2 R1 has redis connected within
the vrf context under bgp.
-Original Message-
From:
I would have thought this was a common request, however cannot seem to
find any particular examples.
Currently we have an older ASA 5520, with code level 8.0.3. What we
would like to have is Anyconnect VPN users to have access to certain
'external' networks, such as their local lan or
Don't forget ACLs have permits and denies, and work in an ordered list...
Permit (tunnel) the ones you want, deny (split) the ones you don't.
External or internal IPs doesn't matter, an ACE is an ACE.
-Garrett
Sent from my iPhone 5
On Feb 28, 2013, at 6:55, Ricardo Stella ste...@rider.edu
On 2/27/2013 7:45 PM, Jon Lewis wrote:
On Wed, 27 Feb 2013, Jay Hennigan wrote:
You could simplify that to:
ip as-path access-list 10 deny _11xx1_
ip as-path access-list 10 permit .* - Dangerous outbound to transit
connections.
Or simplify things more by using prefix filters / route-maps
On 2/27/2013 5:02 PM, Jay Hennigan wrote:
On R3, do you have next-hop-self to neighbor R1 and vice-versa?
Yes.
You could simplify that to:
ip as-path access-list 10 deny _11xx1_
ip as-path access-list 10 permit .* - Dangerous outbound to transit
connections.
Do you have any IP or
On Wed, 2013-02-27 at 21:52 +, Alexander Fossa | Xifos wrote:
Hopefully it is something simple that I'm missing!
Yes. A description of what you've tried so far, how it went and any
relevant configuration. :-)
Internal Server (a.b.c.60/24) Cisco 7600a (SVI a.b.c.1/24)
Cisco 7600a
Hi,
On Thu, Feb 28, 2013 at 09:10:09AM -0800, Jerry Bacon wrote:
I do have filters on the customer BGP sessions, but I have to disallow
his AS from my upstreams, or I become a transit for those routes.
This is what communities come in handy for.
Filtering by AS path list gets quite unwieldy
Hello,
Is there dual stack support in any redundancy protocol (HSRP/VRRP/GLBP) on the
Catalyst 6500 with a Sup720 3BXL? If so, which protocols are supported and
beginning in what IOS releases?
Thanks!
-Vinny
___
cisco-nsp mailing list
On Thu, 28 Feb 2013, Jerry Bacon wrote:
On 2/27/2013 7:45 PM, Jon Lewis wrote:
On Wed, 27 Feb 2013, Jay Hennigan wrote:
You could simplify that to:
ip as-path access-list 10 deny _11xx1_
ip as-path access-list 10 permit .* - Dangerous outbound to transit
connections.
Or simplify things
According to the IOS-XR documentation on OSPF:
ASBR routes can be advertised as a Type 1 or Type 2 ASE. The difference between
Type 1 and Type 2 is how the cost is calculated. For a Type 2 ASE, only the
external cost (metric) is considered when multiple paths to the same
destination are
On 28/02/13 18:10, vinny_abe...@dell.com wrote:
Hello,
Is there dual stack support in any redundancy protocol
(HSRP/VRRP/GLBP) on the Catalyst 6500 with a Sup720 3BXL? If so,
which protocols are supported and beginning in what IOS releases?
Yes. HSRPv2 is supported in SXI releases (possibly
On Thu, 28 Feb 2013 vinny_abe...@dell.com wrote:
Hello,
Is there dual stack support in any redundancy protocol (HSRP/VRRP/GLBP)
on the Catalyst 6500 with a Sup720 3BXL? If so, which protocols are
supported and beginning in what IOS releases?
I haven't utilized it in v6, but SXI appears to
On 2/28/2013 10:14 AM, Jon Lewis wrote:
On Thu, 28 Feb 2013, Jerry Bacon wrote:
On 2/27/2013 7:45 PM, Jon Lewis wrote:
Or simplify things more by using prefix filters / route-maps on the
customer BGP sessions to deny/accept+tag routes with communities
that tell the rest of your network
Well, in SXI4a, GLBP complains if I try and configure IPv6 in the same GLBP
group number:
IPv4 address already configured
I'm not clear if I'm supposed to use a different group number or if it's just
not supported. All the configuration examples I found show *just* IPv6, not a
dual stack
On 28/02/2013 18:18, Jon Lewis wrote:
I haven't utilized it in v6, but SXI appears to have v6 capable HSRP and
GLBP. VRRP doesn't appear to have any v6 support.
vrrpv3 finally seems to have made an appearance in:
15.3S (7600 only)
15.1(1)SY (6500 only)
15.2(4)M (ISR platforms)
Nick
On 2/27/2013 4:28 PM, Randy wrote:
a stab in the dark:
on R1 BGP-
a)is auto-summary enabled?
or perhaps
b)aggregate-addr with summary-only?
No, neither of those apply in this case. Auto-summary is disabled, and
I'm not doing any aggregation.
./Randy
--- On Wed, 2/27/13, Jerry Bacon
Thanks for the info Phil!
-Vinny
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Phil Mayers
Sent: Thursday, February 28, 2013 1:17 PM
To: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] HSRP/VRRP/GLBP Dual Stack on
Fixed.
we got 2 other sfp's from another ME3600 in our network and put them in the (2)
me3600's that were showing problems with those previous sfps, and they work
fine. apparently those other (3) SFP's we had were from a bad batch or
something.
Aaron
-Original Message-
From: Pshem
OK, it's working for me now with GLBP under SXI4a. Specified different group
number and used link-local fe80::1.
Thanks again everyone!
-Vinny
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Abello, Vinny
Sent:
Hi,
On Thu, Feb 28, 2013 at 06:17:29PM +, Phil Mayers wrote:
You need to toggle the standby version globally (which changes the HSRP
vMAC).
int VlanX
standby version 2
standby 1 ip x.x.x.x
standby 2 ipv6 autoconfig
the amazing thing is that 6500 is the only platform that has
Hi,
I'm testing an asr901. We're looking at using for l2vpn termination.
For some reason the xconnect refuses to stand up between asr901 and
me3600x. Similar setup between two 3600x works fine.
Relevant config on the asr901:
!
hostname asr901A
!
boot system
I'm trying to have my cisco router set the next-server address and the bootfile
name. I see the cisco dhcp server sending that info correctly to the computer
but the machine never takes the offer. If just fails trying to load from pxe.
If I take the pxe server and attach that to the machine
Also, the pxe is on the same subnet as the router. I don't use helper
address's.
From: Michael Sprouffske msprouff...@yahoo.com
To: cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net
Sent: Thursday, February 28, 2013 3:04 PM
Subject: [c-nsp] cisco pxe boot
--- On Thu, 2/28/13, Michael Sprouffske msprouff...@yahoo.com wrote:
From: Michael Sprouffske msprouff...@yahoo.com
Subject: Re: [c-nsp] cisco pxe boot support
To: Michael Sprouffske msprouff...@yahoo.com, cisco-nsp@puck.nether.net
cisco-nsp@puck.nether.net
Date: Thursday, February 28,
Hi,
I'm already setting the MTU on the xconnect itself. The device doesn't
seem to support changing the interface MTU:
asr901A(config-if)#int gi0/0
asr901A(config-if)#mtu 1500
% Interface GigabitEthernet0/0 does not support user settable mtu.
but this works fine:
service instance 1 ethernet
Default MTU off the xconnect on the 901 is 9216, could that be your
problem? XConnect won't come up with non-matching MTUs
Kind regards,
Sibbi
On 28.2.2013 21:34, Pshem Kowalczyk pshe...@gmail.com wrote:
Hi,
I'm testing an asr901. We're looking at using for l2vpn termination.
For some reason
Hi,
Very well spotted :-) the 10.123.1xx.0/24 range is for loopbacks
whilst the 10.123.xx.0/24 holds links.
Thank you.
kind regards
Pshem
On 1 March 2013 13:52, Sigurbjörn Birkir Lárusson
sigurbjo...@vodafone.is wrote:
If I had bothered to read your email I would seen that was not the case,
If I had bothered to read your email I would seen that was not the case,
sorry about that
It somewhat seems like the targeted ldp session is failing to come up
based on this output from the 901, Targeted Hello: 10.123.129.3(LDP Id) -
10.123.29.1, LDP is DOWN, no
binding. I also see both
I have a BGP multi-homed invironment that I am having problems balancing
inbound traffic, besides prepends which don't seem to be helping anymore, I
have heard that announcing my networks more specifically could also influence
inbound traffic. My question is, for example… If I have a /23 that
Thanks Rick - How long have you been running your setup for?
Exactly what I did for my SAN network -- replaced a stack of two 3750s
with two 4500Xs using vss.
Works flawlessly.
-Rick
On 2/28/2013 12:16 AM, CiscoNSP_list CiscoNSP_list wrote:
Is anyone using this in
You will need to have the two /24s in your IGP for BGP to announce them.
Advertising your 2x 24s on the one link, and the 1x 23 on the other link
would cause all the traffic to pass via your 2x /24 link - more specific.
Have you tried just announcing the same /23 to both providers? How bad is
the
On 2/28/2013 11:14 PM, CiscoNSP List wrote:
Thanks Rick - How long have you been running your setup for?
Exactly what I did for my SAN network -- replaced a stack of two 3750s
with two 4500Xs using vss.
Works flawlessly.
How was the configuration migration? It was my understanding the
So more specifics are sort of a sledge hammer approach. If you announce more
specifics over one link, assuming a prefix that long is widely readvertised,
you'll reroute all the traffic not just have a small effect. (more specifics
always win) (also it's bad form to not announce unified
Looks like the attachment circuit is down on the me3600 (int g0/11 not up up
?). That will cause the pw to not come up as I recall
Aaron
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Pshem Kowalczyk
Sent: Thursday,
please consider using *Communities* to influence inbound (harder and more so
farther up-stream..I understand!)but, the dfz is already bloated!
./Randy
--- On Thu, 2/28/13, James Urwiller jurwil...@americanbb.com wrote:
From: James Urwiller jurwil...@americanbb.com
Subject: [c-nsp] BGP
On Feb 28, 2013, at 9:11 PM, James Urwiller wrote:
I have a BGP multi-homed invironment that I am having problems balancing
inbound traffic, besides prepends which don't seem to be helping anymore, I
have heard that announcing my networks more specifically could also influence
inbound
I ran into an issue today that I hadn't seen before. I was helping someone
troubleshoot some multicast problems where everything seemed to be correct
but the joins weren't working. I was totally stumped until someone noticed
the following:
router rib
address-family ipv4 unicast
rump
Hello all,
As far as I know, the MPLS-TE functionality is not supported on ASR901 yet
We should expect it after mid 2013..
From
http://www.cisco.com/en/US/docs/wireless/asr_901/Configuration/Guide/mpls_te-frr.html
*The MPLS TE is supported on the Cisco ASR 901 router to enable only the
FRR. The
On Thu, 28 Feb 2013, John Neiberger wrote:
Entries for prefixes that are in the access list look like you would
expect and those PIM joins succeed. So what exactly does rump
always-replicate do? Am I right that it's basically only allowing the
prefixes in the ACL to be used for multicast RPF?
Hi All,
One other limitation that I've noticed is that QinQ and xconnect
don't currently work together (the AC is always down for dual-tagged
encapsulation).
From the document:
http://www.cisco.com/en/US/docs/wireless/asr_901/Configuration/Guide/swevc.html
Restrictions
•Pop 2 configuration
Just remember, that all features are still not available for the VSS on 4500X.
If I recall it correctly, L3-based features won't be available until the next
release.
Lars Christensen
CCIE #20292
Den 01/03/2013 kl. 05.14 skrev CiscoNSP List cisconsp_l...@hotmail.com:
Thanks Rick - How
51 matches
Mail list logo