-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Product
Advisory ID: cisco-sa-20150310-ssl
Revision: 1.0
For Public Release 2015 March 10 16:00 UTC (GMT)
+
Greetings list,
I'm dealing with the following issue:
Using an ASR9K (XR 4.3.4) I am modifying a prefix-set that is called in a
route-policy for outbound filtering on a peer to an upstream provider.
These modifications will increase my announcements by about 60 prefixes (based
on testing to
Follow-up question. Is there use-case for regular expression backtracking in
AS_PATH?
It would be simpler to implement without backtracking and it would fix this
specific use-case, as simple '(64500_)+.+' would work. But perhaps it's still
stupid idea, perhaps it'll break lot of really
Dear Mack,
On Wed, Mar 11, 2015 at 05:28:06PM +, Mack McBride wrote:
I haven't tested this but it should work:
(65400_)+([1-57-9][0-9]*_|6[01-35-9][0-9]*_|64[01-46-9][0-9]*_|645[1-9][0-9]*_|6450[1-9][0-9]*_|64500[0-9]+_)+
This solution meets the requirements. Extra points for avoiding ?
Hello guys. We have a bunch of redundant router Cisco pair routers, that
are running HSRP, that needs to be migrated to VRRP.
The question is, could this be down with 0 downtime?
My guess is, if we replace backup HSRP router to run VRRP master, then
gratious-arp war could start, with both
This.
...isn't a sentence. And since when isn't a 3BXL large enough for a full
table assuming you can live with the CPU issues.
Chuck
-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Mark
Tinka
Sent: Wednesday, March 11, 2015 2:52 PM
To:
On 12/03/15 11:26, Gert Doering wrote:
Hi,
On Thu, Mar 12, 2015 at 11:18:05AM +, Phil Mayers wrote:
The main risk is the g-arp being dropped/missed.
That's why one of the previous posters suggested to move the *HSRP* master
to a different IP in between - that way, packets addressed to
Hey guys,
I hope someone could comment on the following behavior I recently
encountered:
I'm running the DFZ in an MPLS VPN on ASR1k as PEs, and recently
upgraded from 03.09.00S to 03.10.04.S and switched from per-vrf label
allocation mode (= egress LER has to do an IP lookup) to the new
per-ce
I have the below setup
R2 -- R3| /R1
Each router has a PC connected to itThe setup implement a flat OSPF setup (area
0)
Now , the trace from PC1 (Connected to R1) to PC3 (Connected to R3) will go
through the link between R1 and R3 which is normalNow , I have raised the cost
from the
On 12/Mar/15 15:59, M K wrote:
I have the below setup
R2 -- R3| /R1
Can you re-draw your ASCII diagram?
Mark.
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at
At NASA, we take full netflow from ASR1000s with 5Gbps active on 10Gbps
links.. No problem.
Up to 300 flows/sec (with much higher peaks) which may be lower than you
as we have long running FTP downloads of environmental science data.
We collect with the open-source SiLK software, and use
Yes agreed.
Mack McBride | Network Architect | ViaWest, Inc.
O: 720.891.2502 | mack.mcbr...@viawest.com | www.viawest.com | LinkedIn |
Twitter | YouTube
-Original Message-
From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Saku
Ytti
Sent: Thursday, March 12, 2015
Hi Everyone,
We have an (unfortunate) requirement to support legacy services that are billed
via Netflowthis will change to fixed rate/95th, but it will take
12-24months, so our Interpop, IPTransit and Customer Inet tails all have to be
on equipment that supports Netflow (Currently
On 11/03/15 23:51, Nick Hilliard wrote:
On 11/03/2015 23:41, Cydon Satyr wrote:
I understand a proper maintenance window should be ordered, but, could
this be done with no downtime (or at least near 0, just so hosts update arp
table)? Any ideas?
Have you labbed this up?
You haven't, because
Hi,
On Thu, Mar 12, 2015 at 11:18:05AM +, Phil Mayers wrote:
The main risk is the g-arp being dropped/missed.
That's why one of the previous posters suggested to move the *HSRP* master
to a different IP in between - that way, packets addressed to the
old default gateway MAC (HSRP) will
On (2015-03-12 01:12 +), Mack McBride wrote:
Hey,
The junos expression in question DOES NOT involve backtracking.
After a match there is no need to backtrack.
The expression in question goes character by character excluding the 64500.
Note the last part matches 6 digit ASNs that start
On 12/03/2015 22:59, CiscoNSP List wrote:
Do we stick with ASR1K's, but larger ones (1004, 1006), so we can
install single port 10Gb SPA's...or something else that supports
Netflow, but higher density 10Gb...or bandaid (Multiple 1Gb ports) until
we no longer require Netflow for billing...If
Hi all,
I'm looking for a bit of advice on a system/process that will allow an end user
to restore a switch config.
I have a customer with a 24/7 site running a number of Catalyst switches. Due
to the nature of the operation, we have a 'warm' spare switch ready to replace
any failures.
Top posting and answering OP's original-question:
NO. A change to FHRP; regarless of FHRP protocol-used(hrspv1/v2/vrrp)will
result in at_the_least packetloss(be cognizant of STP-interactions in your
env)while the change is being implemented.
Hint:
vitrual-mac for hsrpv1: 00:00:0c:07:ac:xx
19 matches
Mail list logo