On Wed, Aug 25, 2010 at 09:08:42AM +1200, Pshem Kowalczyk wrote:
that surprising). We have encountered one limitation - currently BFD
over ethtrunks is not supported (at least on 9k). We tested it with
20ms intervals (even though 15ms is the minimal value Cisco advised us
to use 20ms).
BFD
Hello @all,
I hope I've just a problem I'm not getting rid of by simply not having
found the according doc or command/option yet.
IOS 12.2.(33)SRE1 running on 7200 and 7600 is creating a log entry each
time a config session is closed:
Aug 24 10:03:46.988 CEST: %SYS-6-EXIT_CONFIG: User has
Hi,
Interesting, Cisco told us it is generally a bad idea going much above
five switch stacks. Something to do with the fact that at the rear of
the switch you have a token ring-esque system and 40Gbps of backplane
(off the top of my head). In the early code they only had a single
Hello,
yesterday, a stack of three WS-C3750G-24TS-S IPBASE 12.2(50)SE3 reloaded
after having erased its configuration... i tried to find the issue but i
haven't found anything. I just have syslog messages as following:
Notice 2010-08-2414:36:584606: 004527: Aug 24 14:36:57.301:
Hi,
* Alan Buxey a.l.m.bu...@lboro.ac.uk [2010-08-25 08:55:00+0100]:
Interesting, Cisco told us it is generally a bad idea going much above
five switch stacks. Something to do with the fact that at the rear of
the switch you have a token ring-esque system and 40Gbps of backplane
(off
On Wed, 2010-08-25 at 01:02 -0500, Richard A Steenbergen wrote:
BFD is an IP based protocol, it's completely ignorant of L2 multipath
and will almost always get hashed over a single link arbitrarily.
Cisco may view it as only L3 relevant, but from RFC 5882 section 2:
Its sole purpose is to
You can use the logging discriminator command..
Initially you create a discriminator and then you enable it on the
syslog,buffer or console logging
*logging discriminator YOURNAME msg-body drops YOURTEXT
logging host x.x.x.x discriminator YOURNAME
logging buffered discriminator YOURNAME*
You
Hi
I just found out I can't set different levels for broadcast and multicast
storm control
I tried this on a C6503-E/Sup32/WS-X6516A running 12.2(33)SXI4a
and a C6506-E/VS-S720-10G/WS-X6724-SFP running 12.2(33)SXI3
Looks like a bug.
-Jens
Thank you everyone. I will set the broadcast and
Priority 15 is the important part.
Cannot remember details, but first switch numbered 9 became a standard when
merging two stacks long time ago.
With all switches at default priority highest numbered switch will be master.
To avoid having to do this with scheduled downtime this configuring
On Wed, 2010-08-25 at 08:22 +0200, Jens S Andersen wrote:
I just found out I can't set different levels for broadcast and multicast
storm control
Cisco hints at this in the documentation, e.g. for the storm-control
broadcast level command:
Enables broadcast traffic storm control on the
On Wed, 25 Aug 2010, Peter Rathlev wrote:
I would actually very much like to have something like BFD for L2. When
constructing EoMPLS paths through the network failover (seen from
between two CE devices) can be oh-so-slow, with RSTP (~6 sec) and UDLD
(~5 sec) being the quickest to discover loss
Hi All,
This maybe a simple solution but I have a quick question about the compact
flash adapter. I was reading the guide and getting ready to install it when I
noticed that there was a small yellow label on the adapter that says Min. SP
RMON: 8.4(2) Min. RP RMON: 12.2(17r)S4. When I
On Wed, 25 Aug 2010, Peter Rathlev wrote:
On Wed, 2010-08-25 at 08:22 +0200, Jens S Andersen wrote:
I just found out I can't set different levels for broadcast and multicast
storm control
Cisco hints at this in the documentation, e.g. for the storm-control
broadcast level command:
Enables
On Wed, Aug 25, 2010 at 10:37 AM, Jon Lewis jle...@lewis.org wrote:
Even clearer than that:
Each port has a single traffic storm control level that is used for all
types of traffic (broadcast, multicast, and unicast).
Traffic storm control monitors the level of each traffic type for which
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20100825-cucm
Revision 1.0
For Public Release 2010 August 25 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco Unified Presence Denial of Service
Vulnerabilities
Advisory ID: cisco-sa-20100825-cup
Revision 1.0
For Public Release 2010 August 25 1600 UTC (GMT
On Wed, 2010-08-25 at 11:30 -0400, Tim Durack wrote:
Interestingly NX-OS allows a decimal point:
storm-control {broadcast | multicast | unicast} level percentage[.fraction]
So does the 6500 actually. The fraction can be specified with two
decimal digits. :-)
(It'll be many years before I'll
On Wed, Aug 25, 2010 at 12:55 AM, Alan Buxey a.l.m.bu...@lboro.ac.ukwrote:
Hi,
StackWisePlus is a 32G full duplex bidirectional ring (when cables all
installed properly this means you should still be better ff using
it rather than having 2 stacks and trying to link the 2 together using
Hi,
I've been asked to design a storage solution where I work (which is a ISP),
I have been considering using one of the 2 equipments
- Cisco MDS 9148 Multilayer Fabric Switch
- Cisco MDS 9222i Multiservice Modular Switch
Could anyone with experience/knowledge point out the difference between
Keegan Holley wrote:
Well the cisco is getting LMI from the juniper. Do you see the lmi counters
incrementing on the Juniper side?
Nope.
output_removed
LMI type ANSI
T391 LIV polling timer 10
T392 polling verification timer 15
N391
Hi,
I have never seen anything about 'HRPC' before, but some googling suggests
that its some Remote Procedure Call component they are using.
RPC basically provides access for calling software functions a device, from
another device. It might be what is being used in the stack for interswitch
Hi
I am looking for a 2FA solution in order to connect to Cisco devices. I would
like to use either Radius or TACACS as the AAA part, however I'd like to know
whether/how I could interconnect this to a 2nd auth such as a token based RSA
securID platform
I'd appreciate any input if this is
How about users appending the token digits to the password? Of course this
would mean your storing plain text passwords on the tacacs server
somewhere..
On 25 August 2010 21:06, Mark Tech techcon...@yahoo.com wrote:
Hi
I am looking for a 2FA solution in order to connect to Cisco devices. I
Hello,
we have an asr1000 acts as an LNS. Two weeks ago we upgraded it to XNF2,
but the packet forwarding was not working at half of the pppoe sessions.
We tested it with ping, the cpe received the icmp packet, and it sent the
icmp replay, but the asr1000 was unable to handle it, so the
Hi,
One of potential problem to have only one single stack is the downtime
during OS upgrade (and other maintenance).
Two stack and backup each other via VRRP/HSRP could provide higher
availability to clients (machines/customers) under them, provided those
clients equips two up links to
I am looking for a 2FA solution in order to connect to Cisco devices. I
would
like to use either Radius or TACACS as the AAA part, however I'd like to
know
whether/how I could interconnect this to a 2nd auth such as a token based
RSA
securID platform
I'd appreciate any input if this is
On Wed, Aug 25, 2010 at 01:06:24PM -0700, Mark Tech wrote:
I am looking for a 2FA solution in order to connect to Cisco devices. I would
like to use either Radius or TACACS as the AAA part, however I'd like to know
whether/how I could interconnect this to a 2nd auth such as a token based RSA
Hello Mark:
-Original Message-
From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun...@puck.nether.net] On Behalf Of Mark Tech
Sent: Wednesday, August 25, 2010 1:06 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Router 2 factor authentication
Hi
I am looking for a
I'm fiddling with my lab, attempting to edumacate myself on L3VPNs. I'm trying
to figure out the best way to get a default route into my test vrf. Since I'm
doing BGP between all my PEs, it seems sensible that I try to originate the
default route in BGP instead of redistributing it from
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750e_3560e/software/release/12.2_50_se/command/reference/cli2.html#wp7675790
The joys of express setup... somebody held down the mode button for 10+
seconds. There should be files on the flash containing the old boot config and
vlan.dat.
Out of curiosity can you tell me what led you to wanting 2FA for these
devices, and how the traditional acl/tacacs method failed your requirements?
Of course anyone who has implemented it is free to chime in, just generally
interested in peoples security concerns around this and how you feel it
On 24/08/2010, at 8:59 PM, Saku Ytti wrote:
First CSCO box to support policing unknown unicast is EARL7.5 but it is
per chassis instead of per port. I'm not sure if any Cisco can support
per port unknown unicast policing, but if Nexus7k/EARL8 doesn't do it,
I'm betting there isn't any box
Hello Ben:
-Original Message-
From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun...@puck.nether.net] On Behalf Of Ben Steele
Sent: Wednesday, August 25, 2010 5:42 PM
To: Mark Tech
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Router 2 factor authentication
Out
On Thu, 26 Aug 2010 10:42:28 +1000
Ben Steele b...@bensteele.org wrote:
Out of curiosity can you tell me what led you to wanting 2FA for these
devices, and how the traditional acl/tacacs method failed your
requirements?
We are using RSA SecurID on P and PE Routers to secure the core network
I have really enjoyed learning about QoS, it's challenging. But I ran
across something so simple today that doesn't work that I'm questioning
whether I have learned anything at all
All I wanted to do on a 6500 with Sup2's is mark all incoming traffic into
my gig1/1 from a certain source
35 matches
Mail list logo