Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

And FYI - only the SVI gets used in "internal vlan usage" -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Nick Cutting Sent: Friday, September 16, 2016 11:33 AM To: Marco van den Bovenkamp ; Cisco Network Service

[c-nsp] Cisco Security Advisory: IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products Advisory ID: cisco-sa-20160916-ikev1 Revision 1.0 For Public Release 2016 September 16 16:00 GMT Summary === A vulnerability in IKEv1 packet

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

Depends on supervisor - With sup 2t - you could reuse vlans on subinterfaces, here is 2 subinterfaces on different ports, and an SVI all on vlan 281 ! interface Vlan281 no ip address shutdown end ! interface TenGigabitEthernet2/5/9.281 encapsulation dot1Q 281 end ! interface

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

On 16/09/16 12:06, Gert Doering wrote: use a different tag :-) - and yes, this is one of the big drawbacks of the 6500 architecture (or, depending how you use it, one of the strong sides) - it's a switch, with routing. So vlan space is "switchy". It's not clear to me if they fixed this in

Re: [c-nsp] ASR9K IPv6 Scaling limit

On 15/09/16 20:57, Chris Evans wrote: Does anyone know the maximum amount of IPv6 neighbors an ASR9K platform (don't care which modules) can support? Disclaimer: I'm not familiar with the ASR9k, but from a general Cisco perspective: On Cisco kit, a layer3+2 neigbour typically consumes a

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

On 16/09/2016 13:36, Curtis Piehler wrote: Exactly! On the 6500/7600 platforms you can't have your cake and eat it :) Indeed :-). And 'routed ports' are actally SVIs on a VLAN you don't see, but does get taken from the global pool (try 'show vlan internal usage' sometime). A 6500 is a

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

Exactly! On the 6500/7600 platforms you can't have your cake and eat it :) On Sep 16, 2016 7:32 AM, "Gert Doering" wrote: > Hi, > > On Fri, Sep 16, 2016 at 01:13:54PM +0200, Patrick M. Hausen wrote: > > I expected the SP and the RP to be orthogonal to each other ... > >

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

Hi, On Fri, Sep 16, 2016 at 01:13:54PM +0200, Patrick M. Hausen wrote: > I expected the SP and the RP to be orthogonal to each other ... Well, they are - but the RP needs the SP to get the packet out :-) (On the WAN interface cards, you actually have "real routed" interfaces, but these have

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

Hi! > Am 16.09.2016 um 13:08 schrieb Curtis Piehler : > > If the card is switching type card then yes it does care and draws from the > internal VLAN database. The true routed cards (SPA) are not part of the > internal VLAN database. I ran into this on 7600 routers

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

If the card is switching type card then yes it does care and draws from the internal VLAN database. The true routed cards (SPA) are not part of the internal VLAN database. I ran into this on 7600 routers with WS line cards. However the SPA cards in the chassis did not draw from the internal

Re: [c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

Hi, On Fri, Sep 16, 2016 at 12:56:46PM +0200, Patrick M. Hausen wrote: > Core1(config-subif)#int gi4/9.100 > Core1(config-subif)#encapsulation dot1Q 100 > Command rejected: VLAN 100 cannot be allocated. VLANs 1-1005 are VTP VLANs > VTP mode is client or server and must be changed to

[c-nsp] Cat6500 VLAN cannot be assigned to a routed port sub-if?

Hi, all, I just stumbled into a minor POLA violation here: (at least I'm astonished ;-) Core1(config-subif)#int gi4/9.100 Core1(config-subif)#encapsulation dot1Q 100 Command rejected: VLAN 100 cannot be allocated. VLANs 1-1005 are VTP VLANs VTP mode is client or server and must be changed to

Re: [c-nsp] Forcing BGP to propagate only after route is in the FIB

Do you folks experience this only in scenarios without backup please? My understanding is that this should not be happening if the prefixes are maintained in the FIB by means of switching from backup NH back to primary NH But I recognize it is a problem even with a single NH I'm thinking if the