Re: [c-nsp] ASR1001 vs 1001-X PPP

>> We have a number of older 7206 routers used in a LNS role (PPP/L2TP). >> >> As part of a network refresh we are looking to move towards the ASR1001 or >> 1001-X. The datasheet shows both support up to 5Gbps throughput and 8k >> subs. >> >> Is anyone able to confirm if 8k subs on a ASR1001

Re: [c-nsp] ASR920 "console" port....ugh

Yepp have had many onsite techies informing me of impending doom since the machine is broken... //Gustav -Ursprungligt meddelande- Från: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] För Adrian Minta Skickat: den 2 februari 2016 19:30 Till: cisco-nsp@puck.nether.net Ämne: Re:

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

Before I go any further trying to get this to work, Im hoping someone can answer this, so Im not trying to make something work that simply wont, given the hardware currently in place. Given the "AGG" switch is a 4500X, ie not a "Metro E" switch, and double tagged frames is "Metro E", will our

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

On 3 February 2016 at 06:05, CiscoNSP List wrote: Thanks Eric, > > We have no visibility into the remote end, but I have setup the following > on one of our ME's (Test service, that has supposedly been configured by > carrier, and remote end) > > Vlans are: > > 940

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

A Catalyst Switch will only look at the first VLAN Tag(Outter), it doesn't care about the inner vlan tag and will forward the frame on. Just watch your MTU Size, because you lose 4btyes to the inner vlan tag. A Good Example. http://blog.jhe.co/2009/11/dot1q-tunneling.html Share the config for

Re: [c-nsp] Trunked VLANs over FTTC VDSL2

This is a live working 897 using QinQ over VDSL: interface Ethernet0 no ip address ! interface Ethernet0.400 encapsulation dot1Q 101 second-dot1q 400 ip vrf forwarding test ip address 1.1.1.2 255.255.255.252 ! interface Ethernet0.401 encapsulation dot1Q 101 second-dot1q 401 ip vrf

Re: [c-nsp] NCS-5001 - MPLS L3VPN Issue

Hi James, > James Bensley > Sent: Tuesday, February 02, 2016 3:33 PM > > On 2 February 2016 at 15:09, Adam Vitkovsky > wrote: > > Are you running 5+ by any chance? > > > >> It’s been years since IOS-XR was released on ASR9000's, no excuse now > >> for basic features

[c-nsp] Some Questions about Nexus 5000/3000 Switches

Hi everybody I am looking for some answers regarding Nexus 5596UP,56128P and3064P Nexus 5596UP: Can I have both 1/10GE speed on all ports or Just 10GE? This contains both Fixed and Modular ports. Nexus 56128P: Can I have both 1/10GE speed on all ports or Just 10GE? This

Re: [c-nsp] NCS-5001 - MPLS L3VPN Issue

> So... again, big proponent of properly tested SRs instead of SMU-hell. But then again, when you do need that particular SMU, that isn't covered by any SP yet, you can't apply it and you have to wait for the next SP containing this fix - which kind of defeats the purpose. Lukas

Re: [c-nsp] Trunked VLANs over FTTC VDSL2

On 3 February 2016 at 11:48, James Bensley wrote: > This is a live working 897 using QinQ over VDSL: > > > #show ver | i IOS > Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version > 15.5(3)M, RELEASE SOFTWARE (fc1) Beware this does not appear to work yet on the

Re: [c-nsp] NCS-5001 - MPLS L3VPN Issue

On Wed, 3 Feb 2016, Adam Vitkovsky wrote: Yeah I don't like Service Packs, I think it's better to cherry pick only SMUs that are relevant to bugs that you might run into. And there's always a danger of reintroduction of bugs e.g. a SMU fixes recent bug but reintroduces bug that was fixed by

Re: [c-nsp] LAN + Security solution hint

Hi Gert Despite all the technical details I really appreciated I have to thank you for the feedback. Unfortuantely it s a tender and i can not so much deal with questions or re-think to requirements... Regarding the firewall I need stateful feature, nat, Policy, ipsec.. quite standard despite

Re: [c-nsp] NCS-5001 - MPLS L3VPN Issue

On Wed, 3 Feb 2016, Lukas Tribus wrote: But then again, when you do need that particular SMU, that isn't covered by any SP yet, you can't apply it and you have to wait for the next SP containing this fix - which kind of defeats the purpose. I still expect Cisco to do some kind of "hotfix",

Re: [c-nsp] RSPAN over WAN/MAN

Unless I missed something, no one mentioned ERSPAN. If you platform supports it, then ERSPAN is much simpler. It encapsulates the packets so you can forward them over any L3. Matthew Huff | 1 Manhattanville Rd Director of Operations   | Purchase, NY 10577 OTA Management LLC 

[c-nsp] LAN + Security solution hint

Dear experts, I’d like to have an hint if possible… For a project I’ve to provide a LAN solution to my customer with a mix of 1 Gbs copper and 10 Gbs copper ports (let say 20 x 1 Gbs and 30 x 10 Gbs ports) plus a firewalling solution supporting feature like server load balancing and

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

...and quick question (I hope) on the VFI config you tested in the lab..you stated outer vlan 800, inner vlan 20, but in your conf you are using vlan 820? Is this a typo, or on purpose? i.e. shouldnt the bridge domain be 20, vpn id be 20 and vlan int be 20?Im not familiar at all with

Re: [c-nsp] SFP compatibility

> On Feb 3, 2016, at 9:06 PM, Wilmer wrote: > > Hey Guys, > > Probably a stupid question, but I can't find an obvious answer on Cisco. > > Are the following SFP's able to be used to together: > > One device is using at GLC-FE-100EX & the other end is using > a

[c-nsp] SFP compatibility

Hey Guys, Probably a stupid question, but I can't find an obvious answer on Cisco. Are the following SFP's able to be used to together: One device is using at GLC-FE-100EX & the other end is using a 1000BASE-LX/LH (Single Mode fibre). I "think" these SFP's are compatible with each other.. But

[c-nsp] Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability Advisory ID: cisco-sa-20160203-apic Revision: 1.0 For Public Release 2016 February 03 16:00 UTC (GMT

[c-nsp] Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability Advisory ID: cisco-sa-20160203-prsm Revision: 1.0 For Public Release 2016 February 03 16:00 UTC (GMT

[c-nsp] Cisco Security Advisory: Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability Advisory ID: cisco-sa-20160203-n9knci Revision 1.0 For Public Release 2016 February 3 16:00 UTC (GMT

Re: [c-nsp] LAN + Security solution hint

Years ago, my uncle was sailing to the Bahamas, and was navigating using "dead reckoning" (triangulation using reference points on land, etc.). He radioed a cargo ship to request his position. They politely declined, for liability reasons, but offered to confirm or deny his guess. Let's play

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

Ok - Just an update to this, had another "test" service setup, same outer, new inner (940 and 942)as it was going to take a very long time to confirm the existing service was setup "correctly" on MS end... And all is working (lol thankfully!).no vfi needed, original config works(Just

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

Rememer you removed\popped off both vlan tags of 800 and 20 on the interface, then put the untagged frame in bridge group 820. The bridge group could have been 300, the bridge group number has no assoication to the VLAN configuration on the interface. Here is a step by step, Step By Step

Re: [c-nsp] Cisco 7200 NPE-G2 Strange Problem

This doesn't sound right to me, but does feel very similar to something that reminds me an IDB exhaustion... This is very outdated , but your IOS is also quite old... I would check

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

It does - Thanks very much Erik - I will try your solution later today. Just as a side note, my "current" config (i.e. not using vfi), the carrier is seeing traffic originating from us, but no return traffic from azure/MSso we are currently trying to confirm that the Azure/MS side is

[c-nsp] Cisco 7200 NPE-G2 Strange Problem

Hey Guys, We have 3 Cisco 7200 NPE-G2 Routers with 3 built-in GigabitEthernet Ports. One Interface (Gi0/3) is in Trunk Mode with 300 Sub-interfaces. And Other 2 Ports are used as WAN ports. Whenever we create New Subinterface or change the primary IP of a sub-interface or Gi0/2 port became down

Re: [c-nsp] LAN + Security solution hint

Hi, On Wed, Feb 03, 2016 at 06:25:29PM +0100, james list wrote: > well indeed I've asked for network expert suggestion, not for my father > suggestion... Where can I send my invoice? You get paid for your customer to do this design, so if you want us to do the work, we'd like to get paid as

Re: [c-nsp] ASR920 "console" port....ugh

This will happen if you have a port admin up but oper down or if you don't have both power supplies connected. We shutdown unused ports and lights go green. Our biggest frustration is that they fixed PBR in v3.16, but local PBR still doesn't work properly. We've been waiting over a year thus

Re: [c-nsp] Some Questions about Nexus 5000/3000 Switches

Alireza Soltanian wrote: > Nexus 5596UP: > > Can I have both 1/10GE speed on all ports or Just 10GE? This contains both > Fixed and Modular ports. I believe it does 1G/10G on all ports. Previous N5k models had limitations in this area. Mixing 1G and 10G on the same chassis is not generally a

Re: [c-nsp] LAN + Security solution hint

well indeed I've asked for network expert suggestion, not for my father suggestion... Thank you for helping so much Pete :-) 2016-02-03 17:48 GMT+01:00 Pete Templin : > Years ago, my uncle was sailing to the Bahamas, and was navigating using > "dead reckoning"

Re: [c-nsp] LAN + Security solution hint

Hi, On Wed, Feb 03, 2016 at 07:34:16PM +0100, james list wrote: > I'd use cisco 3850/3750 in stack but i m not sure this is the right choice. The problem is that what you're asking for is nearly impossible, so coming up with a "this will work with gear x, that will need y" is quite a bit of

Re: [c-nsp] LAN + Security solution hint

Share your bank account and as soon as deal is got, i will send money... :-) Despite joking I'm not so familiar with cisco gears and this is why I was asking for hints and not proposing anything.. I'd use cisco 3850/3750 in stack but i m not sure this is the right choice. I'd choose something

Re: [c-nsp] QinQ 4500X -> ME3600 and access(pop) multiple inner vlans

Thanks for confirming Eric (Re the 4500X) - I have another question...4500X will receive frame from carrier with outer tag (vlan 940), and not care about inner tagvlan 940 must be configured on this switch, which it is, and tagged on both trunk ports (To carrier, and to ME3600)but what