Thx to everyone for clearing that out.
I guess i'll have to wait for some releases until it becomes available...
Just another quick question : can ethanalyser capture traffic *before
*being dropped by an acl?
--
Tassos
Lincoln Dale wrote on 11/08/2010 07:53:
N7K supports ACL logging, ACL
Hi all,
Could anyone point me in the right direction where I can get a commercial
but open source vpn gateway with the following features?
1. has USSD features
2. An open API system for modification as per customer needs.
3. Two way communication (interactive)
Kindly contact me off list and
On 11/08/2010, at 3:54 PM, Tassos Chatzithomaoglou wrote:
Just another quick question : can ethanalyser capture traffic *before *being
dropped by an acl?
N7K: yes.
and in fact, because the way we actually do it is implement the data plane
forwarding in the h/w (ASIC) path with a 'rate limited
On 08/10/2010 11:46 PM, Mack McBride wrote:
What about software switched traffic (mostly glean traffic)?
Doesn't that get handled by the RP?
Yes. But such traffic must come in via a gigE or vlan interface, and
ERSPAN can capture it there (in hardware)
You can *also* span the RP/SP itself,
On Aug 11, 2010, at 2:45 PM, Phil Mayers wrote:
We've used ERSPAN on some truly phenomenal bitrates; it *is* done in hardware.
One thing to keep in mind is to be sure and transport ERSPAN traffic over the
DCN or a dedicated telemetry export network so as to avoid the hall-of-mirrors
effect.
On Wed, 11 Aug 2010, Phil Mayers wrote:
We've used ERSPAN on some truly phenomenal bitrates; it *is* done in
hardware.
Sending ERSPAN is done in hw, I've done multigigabit ERSPAN.
ERSPAN reception is not done in HW (at least not when I tested) and it
killed the box when I tried :P
--
On 08/11/2010 09:02 AM, Mikael Abrahamsson wrote:
On Wed, 11 Aug 2010, Phil Mayers wrote:
We've used ERSPAN on some truly phenomenal bitrates; it *is* done in
hardware.
Sending ERSPAN is done in hw, I've done multigigabit ERSPAN.
ERSPAN reception is not done in HW (at least not when I
On Wed, 11 Aug 2010, Phil Mayers wrote:
FWIW we seldom (In fact I'm not sure ever!) use an actual 6500 as an
erspan receiver; we use gulp on a Unix box, or the wireshark ERSPAN
decoder, depending on the requirements.
Yes, I usually tcpdump it to a pcap file and analyse it with wireshark.
--
Works perfectly.
Dont import the .pcf file, use to have problems, much better if you
configured the account manually, not a big deal.
El 10/08/10 16:57, Jan Gregor escribió:
Hi,
there exists network-manager plugin for vpnc. Never used it though.
Best regards,
Jan
On 08/10/2010 02:54 PM,
Dear All,
Can you please me know all the possibilities of exporting just MPLS L3VPN
routes to EBGP neighbors. The reason for this to export only VPN4 routes for
inter-AS vpn.
Thanks
BR//
Andres
___
Hi,
On 11 August 2010 21:11, Good One go...@live.com wrote:
{cut}
Can you please me know all the possibilities of exporting just MPLS L3VPN
routes to EBGP neighbors. The reason for this to export only VPN4 routes for
inter-AS vpn.
Depending on your individual circumstances you can either:
Well, I guess this post as been beaten to death now.
I wanted to correct something i said earlier though .. a normal sup-32 can
support jumbo frame.
On Tue, Aug 10, 2010 at 10:20 AM, Heath Jones hj1...@gmail.com wrote:
Im not sure if it helps, but I remember having a lot of trouble back doing
Hi,
is there any recommended/best practices for module placement in
CAT6509 chassis? For example, FWSM in slot 3, ACE in slot 2 etc etc..
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive
On 11/08/2010 15:03, Pavel Dimow wrote:
is there any recommended/best practices for module placement in
CAT6509 chassis? For example, FWSM in slot 3, ACE in slot 2 etc etc..
No. Other than that the sup720 needs to be plugged into slot 5 or 6, there
are no other limitations.
On 11 August 2010 15:03, Pavel Dimow paveldi...@gmail.com wrote:
Hi,
is there any recommended/best practices for module placement in
CAT6509 chassis? For example, FWSM in slot 3, ACE in slot 2 etc etc..
I have my FWSM in slot 9 to keep fat fingers away from the shutdown
button when making
It most certainly is done in h/w - as I said, both encap decap (ie
source dest sessions) are hw based. At the dest box, the FE strips
off the GRE/ERSPAN header dumps the original packet on the SPAN dest port.
Note that certain misconfigurations can cause a punt, particularly on
the ERSPAN
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Advisory ID: cisco-sa-20100811-ace
Revision 1.0
For Public Release 2010 August 11 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: SQL Injection Vulnerability in Cisco
Wireless Control System
Advisory ID: cisco-sa-20100811-wcs
Revision 1.0
For Public Release 2010 August 11 1600 UTC (GMT
We ran into one issue when the 10G 6708 module in slot 1 of C6509-E
was shutting down due to high temperature. The Cisco suggestion was to
put it into a free slot somewhere in the middle between the Sup
(module 5) and module 1 as it supposedly has a better air flow. We
replugged it into slot3
On 11/08/2010, at 8:03 AM, Ge Moua wrote:
we just upgrade one of our core 6509 / 3bxl to this code a few days ago and
so far no problem; you're probably looking for feedback on the the 7600
platform though.
Thanks for the feedback. Actually I'm interested in Cat6K / Sup720. This
thread
I'm trying to implement PBR-filtering of MSDP messages from a Nexus 7000
running 5.0(2a), and I'm starting to think that the route-map is being
interpreted wrong.
The relevant parts of the configuration are:
feature msdp
feature pbr
ip msdp originator-id loopback0
ip msdp peer W.X.Y.Z
Huh. The copy of this note in my outbox is formatted nicely, but the one
forwarded back to me by the list is a mess.
I'm not sure what happened to the newlines. Thank you, Outlook. Trying again,
sorry for the noise.
I'm trying to implement PBR-filtering of MSDP messages from a Nexus 7000
g'day,
On 12/08/2010, at 8:26 AM, christopher.mar...@usc-bt.com wrote:
I'm trying to implement PBR-filtering of MSDP messages from a Nexus 7000
running 5.0(2a), and I'm starting to think that the route-map is being
interpreted wrong.
The relevant parts of the configuration are:
feature
while there are clueful folks on this list that know N7K and NX-OS, i
don't think cisco-nsp is an appropriate replacement for talking to the
TAC.
Perhaps not. I appreciate your reply, and hope my query isn't widely
considered as inappropriate.
but regardless, i _think_ what you're likely
We have identified two distinct memory leaks that cause the dead pool to
increase over time in our environment. One of them appears when prefix lists
are updated. Still trying to isolate the other.
Jared Mauch
On Aug 11, 2010, at 5:53 PM, David Hughes da...@hughes.com.au wrote:
On
I was working on a ISR 1941 with 15.0(1)M2. I am running DMVPN on it
and using one tunnel interface. (Tunnel 1). No other tunnel
interfaces are configured on the router. However when I do show int
summary I get this;
#sh int summary
*: interface is up
IHQ: pkts in input hold queue
26 matches
Mail list logo