[c-nsp] EzVPN config

Anyone, I've been scratching my head for an hour or so regarding Cisco EzVPN and multiple spokes. Googling sample configs seems to not turn up any that cover multiple spokes. My problem is I've got a hub (Cisco 871, running 12.4T) with a static address, and a couple spokes,

Re: [c-nsp] ASR9000 Import/Exporting between two VRFs

My issue with using VASI interaces is that I do not have a MSB card. On Jun 14, 2016 9:11 PM, "Steve Dodd" wrote: > This seems like a good use case for VASI interfaces. > > Thanks, > Steve > > On 6/14/16, 3:22 PM, "cisco-nsp on behalf of Curtis Piehler" >

Re: [c-nsp] ASR9000 Import/Exporting between two VRFs

This seems like a good use case for VASI interfaces. Thanks, Steve On 6/14/16, 3:22 PM, "cisco-nsp on behalf of Curtis Piehler" wrote: >Hello, > >Quite the curious case here. An ASR9000 router has two VRFs. > >For simplicity

Re: [c-nsp] ASA VPN/AnyConnect Licensing

Hello Ulrik, this has puzzled me for some time. When you purchase the license, you can activate it on 9 devices, as that is how many licenses you get. Do you know if/how does Cisco even enforce the limit across the board? Best regards, Jan On 06/14/2016 11:32 AM, Ulrik Ivers wrote: > If

[c-nsp] Troubleshooting basic ISIS

Hi, I am trying to find why on a simple setup, routes are not being advertised across between PE1 and PE2. CPE1--(L1)--PE1(L1L2)PE2(L1)---CPE2 CPE1--(broadcast)--PE1(L1L2)PE2(broadcast)---CPE2 I keep seeing this in the log, but the neighbors are up

[c-nsp] ASR9000 Import/Exporting between two VRFs

Hello, Quite the curious case here. An ASR9000 router has two VRFs. For simplicity sake let's call them VRF A and VRF B. VRF A and VRF B need to be able to see each other's routes via importing and exporting however here's the catch. I need VRF A to see VRF B's routes and vice versa but with

Re: [c-nsp] A9K Netflow export drops

We also do not see any significant issues with 6.0.1. CPU load on the RSP did drop by 50% tough. That is for ASR9001 terminating a couple hundred BGP sessions. Best regards, Chris On Tue, Jun 14, 2016 at 3:58 PM, Jared Mauch wrote: > We have had no more severe issues

Re: [c-nsp] A9K Netflow export drops

Hi Robert, at least we did not find any indication thats flows really got dropped somewhere. PPS count for our netflow collector did not increase after the update, nor did we see any change in statistics. Best regards, Chris On Tue, Jun 14, 2016 at 2:38 PM, Robert Williams

Re: [c-nsp] ASR9k Bundle QoS in 6.0.1

Hi all, Ok, continuation from the original query here... I've dropped 6.0.1 on a lab box and found a command which wasn't in 5.3.3 and 'sounds' like it relates to the issue originally discussed (aggregated bundle-ether qos shaping, per bundle, not per NP or member port). The command is here:

Re: [c-nsp] A9K Netflow export drops

We have had no more severe issues than prior releases. Make sure you load the IPv6 PSIRT SMU of course. Jared Mauch > On Jun 14, 2016, at 7:44 AM, Robert Williams wrote: > > have you had any significant issues on 6.0.1? ___

Re: [c-nsp] A9K Netflow export drops

Hi Jared, > We are running 6.0.1 in production. > There is a 5.3.4 release that is forthcoming, but unless you have some of the > older hardware > that is not supported in 6.x, you should be looking at 6.0.1 instead. That’s interesting thanks, we have a mix of 9001 and 90xx/RSP-440 so all

Re: [c-nsp] A9K Netflow export drops

Hi Chris, Thanks, that’s interesting actually – the wording seems to suggest that the drops didn’t actually occur? Further Problem Description: No packet drops are seen. However netflow exporter reports packets dropped. Did they conclude that you were actually losing real Netflow data or not?

Re: [c-nsp] A9K Netflow export drops

> On Jun 14, 2016, at 8:32 AM, Robert Williams wrote: > > Hi Chris, > > Thanks for this, we’ve not considered 6.0.1 yet, mainly due to it being > relatively new and I’m not aware currently of anyone running it in production > on a 90xx, so slightly apprehensive :) We

Re: [c-nsp] A9K Netflow export drops

Hi, bug id is CSCuz91132. Best regards, Chris On Tue, Jun 14, 2016 at 2:28 PM, Lukas Tribus wrote: > Hi Chris, > > > > Hi Robert, > > > > we've finally received clarification from TAC: > > In our case this was a bug within IOS-XR 5.3.X. > > For us, this is fixed in 6.0.1

Re: [c-nsp] A9K Netflow export drops

Hi Chris, Thanks for this, we’ve not considered 6.0.1 yet, mainly due to it being relatively new and I’m not aware currently of anyone running it in production on a 90xx, so slightly apprehensive :) I wonder if there will be a patch for 5.3.3 to stop the drops?... Cheers! From:

Re: [c-nsp] A9K Netflow export drops

Hi Chris, > Hi Robert, > > we've finally received clarification from TAC: > In our case this was a bug within IOS-XR 5.3.X. > For us, this is fixed in 6.0.1 which we wanted to upgrade to anyway due to > extended netconf support. Do you have a bug id for this one? Thanks, Lukas

Re: [c-nsp] A9K Netflow export drops

Hi Robert, we've finally received clarification from TAC: In our case this was a bug within IOS-XR 5.3.X. For us, this is fixed in 6.0.1 which we wanted to upgrade to anyway due to extended netconf support. hth, Chris On Wed, May 25, 2016 at 5:05 PM, Robert Williams

Re: [c-nsp] ASA VPN/AnyConnect Licensing

If you go with the new PER USER licenses you buy the number of licenses that equals the total number of users in the organization that will use VPN (not concurrent users). These are not bound to a specific HW, they are bound to the company/organization. This means that it doesn't matter how

Re: [c-nsp] ASR920 experiences

On 13/06/16 23:36, James Jun wrote: Hi, On Mon, Jun 13, 2016 at 09:37:04AM +0200, Chris Welti wrote: I think Adrian was referring to the new flexi licensing implementation in 03.18.00.S.156-2.S, which is a total screw-up and can't be disabled. Keep away from that release and you should be