Re: [c-nsp] Bandwidth shaping/limiting
On 10/28/2015 9:06 AM, daniel@reaper.nu wrote: 2015-10-28 13:37 skrev Mark Tinka: On 28/Oct/15 14:27, Dan Brisson wrote: I'm hoping to get some feedback on how to limit/shape bandwidth for customers in a co-lo environment. Currently customers are connected to Cisco 3750 switches at either 10, 100, or 1Gig depending on what they purchase for commodity Internet bandwidth. The 10 and 100 is fine but customers are allowed to purchase in increments between 100Meg and 1Gig. So because of that, if a customer purchased 300Mb/s, it would be nice to limit their physical gig port to capping out at 300Mb/s. I know the 3750 line has some shaping capability, but I'm not sure it can do what I want. And further I'm not sure if it has the buffer space to do what I want. Can someone confirm or deny the capabilities the Catalyst 3750 line with respect to this situation. And if the 3750 cannot do what I need, what should I look at in the Cisco line? Would the ME line of switches be more appropriate. The only Cisco switch I am aware of that can do egress policing is the ME3600X, ASR920, and whatever runs the SUP-2T (SUP-2T not tested, just based on what others have said). Egress shaping is, IIRC, supported on some of Cisco's desktop switches, but as you say, the limited buffers on these platforms may create some interesting situations in the field. I believe reasonably recent desktop switches from Cisco will support ingress policing, but suggest you check this out before you buy. Mark. Does each customer have its own VLAN or do they share VLANs? Do you care if the customer uses more capacity internally or only towards the Internet? Catalyst switches can do ingress policing which would mean outbound traffic if you do it on the customer port. It also has egress shaping but it uses an algorithm called SRR which is quite different to the policy-maps that are used on routers. You could do ingress policing on a trunk port but it's quite convoluted to be honest. Like Mark said you could either move up to some more advanced switch such as 4500 or 6880 etc or keep things as is but invest in more intelligence at the edge with a box like ASR920 or similar. Regards, Daniel Each customer does have its own VLAN. And the only concern is to/from the Internet. The customer's routing interface is actually a subinterface on an ASR1002 (the ASR1002 has dot1q tagged interface connected to the 3750 with a tag for each customer's vlan). Maybe a policy applied to that interface is a better spot? I guess that would come down to the policing/shaping capabilities of the ASR1002 platform. Thanks! -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Bandwidth shaping/limiting
I'm hoping to get some feedback on how to limit/shape bandwidth for customers in a co-lo environment. Currently customers are connected to Cisco 3750 switches at either 10, 100, or 1Gig depending on what they purchase for commodity Internet bandwidth. The 10 and 100 is fine but customers are allowed to purchase in increments between 100Meg and 1Gig. So because of that, if a customer purchased 300Mb/s, it would be nice to limit their physical gig port to capping out at 300Mb/s. I know the 3750 line has some shaping capability, but I'm not sure it can do what I want. And further I'm not sure if it has the buffer space to do what I want. Can someone confirm or deny the capabilities the Catalyst 3750 line with respect to this situation. And if the 3750 cannot do what I need, what should I look at in the Cisco line? Would the ME line of switches be more appropriate. Thanks! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Bandwidth shaping/limiting
On 10/28/2015 11:02 AM, daniel@reaper.nu wrote: 2015-10-28 14:28 skrev Dan Brisson: On 10/28/2015 9:06 AM, daniel@reaper.nu wrote: 2015-10-28 13:37 skrev Mark Tinka: On 28/Oct/15 14:27, Dan Brisson wrote: I'm hoping to get some feedback on how to limit/shape bandwidth for customers in a co-lo environment. Currently customers are connected to Cisco 3750 switches at either 10, 100, or 1Gig depending on what they purchase for commodity Internet bandwidth. The 10 and 100 is fine but customers are allowed to purchase in increments between 100Meg and 1Gig. So because of that, if a customer purchased 300Mb/s, it would be nice to limit their physical gig port to capping out at 300Mb/s. I know the 3750 line has some shaping capability, but I'm not sure it can do what I want. And further I'm not sure if it has the buffer space to do what I want. Can someone confirm or deny the capabilities the Catalyst 3750 line with respect to this situation. And if the 3750 cannot do what I need, what should I look at in the Cisco line? Would the ME line of switches be more appropriate. The only Cisco switch I am aware of that can do egress policing is the ME3600X, ASR920, and whatever runs the SUP-2T (SUP-2T not tested, just based on what others have said). Egress shaping is, IIRC, supported on some of Cisco's desktop switches, but as you say, the limited buffers on these platforms may create some interesting situations in the field. I believe reasonably recent desktop switches from Cisco will support ingress policing, but suggest you check this out before you buy. Mark. Does each customer have its own VLAN or do they share VLANs? Do you care if the customer uses more capacity internally or only towards the Internet? Catalyst switches can do ingress policing which would mean outbound traffic if you do it on the customer port. It also has egress shaping but it uses an algorithm called SRR which is quite different to the policy-maps that are used on routers. You could do ingress policing on a trunk port but it's quite convoluted to be honest. Like Mark said you could either move up to some more advanced switch such as 4500 or 6880 etc or keep things as is but invest in more intelligence at the edge with a box like ASR920 or similar. Regards, Daniel Each customer does have its own VLAN. And the only concern is to/from the Internet. The customer's routing interface is actually a subinterface on an ASR1002 (the ASR1002 has dot1q tagged interface connected to the 3750 with a tag for each customer's vlan). Maybe a policy applied to that interface is a better spot? I guess that would come down to the policing/shaping capabilities of the ASR1002 platform. Thanks! -dan Yes, the ASR1002 would be a better place to implement the policy. I think it should support both ingress and egress policing or you could do ingress policing and egress shaping. You could create a VLAN to test with before you implement it on the real customers. Regards, Daniel Ok, cool. Thanks for getting me thinking a bit upstream...looks like it will really make my life easier. I need to do a bit more research on "policing" vs. "shaping". My first inclination is that I don't ever want to drop traffic in any direction in a co-lo environment so policing seems like a bad idea, but perhaps my understanding of policing is not accurate. Thanks, -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cheap BGP router for ~20k prefixes
On 4/30/2015 10:53 AM, Gert Doering wrote: Hi, On Thu, Apr 30, 2015 at 10:35:49AM -0400, Dan Brisson wrote: Looking for suggestions for a device (switch/router) that can speak BGP and do around 20k prefixes. The other requirement is minimum 500Mb/s of throughput, which seems to throw a low-end Cisco router out of the mix. I know a 3560 switch can do BGP and wouldn't have the throughput limitations the router lines have. The cost is probably going to creep up again though when adding Enterprise code for BGP support. ASR920 or so... throughput will be fine, price of 2000$ should be achievable (depending on interface and license options). The caveat, of course, is that it will do exactly 20k prefixe, no more - so if you might go up to 30k, it's not the platform Or a used 7201 / 7200/NPE-G2... dirt cheap, 500k+ prefixes, but not much more than 500Mbit/s throughput. Your triangle of number of prefixes / price / throughput is hitting a somewhat weak spot in Cisco's portfolio... gert Thanks for the response, Gert. It looks like the 920 would work but I'm seeing that it is already End-of-Life. I'm having trouble finding what Cisco recommends as a replacement for it. Anybody have an idea? Thanks, -dan Dan Brisson Network Engineer University of Vermont ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cheap BGP router for ~20k prefixes
On 5/1/2015 2:43 PM, Gert Doering wrote: Hi, On Fri, May 01, 2015 at 02:35:03PM -0400, Dan Brisson wrote: ASR920 or so... throughput will be fine, price of 2000$ should be achievable (depending on interface and license options). [..] Thanks for the response, Gert. It looks like the 920 would work but I'm seeing that it is already End-of-Life. I'm having trouble finding what Cisco recommends as a replacement for it. Anybody have an idea? Uh, what? The ASR920 is brand new. gert Ah, is this for the specific software version only and not for hardware? http://www.cisco.com/c/en/us/products/collateral/routers/asr-920-series-aggregation-services-router/eos-eol-notice-c51-733935.html -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cheap BGP router for ~20k prefixes
On 5/1/2015 2:48 PM, Gert Doering wrote: Hi, On Fri, May 01, 2015 at 02:45:36PM -0400, Dan Brisson wrote: Ah, is this for the specific software version only and not for hardware? http://www.cisco.com/c/en/us/products/collateral/routers/asr-920-series-aggregation-services-router/eos-eol-notice-c51-733935.html Yep... Customers are encouraged to migrate to the Cisco ASR 920 Series Aggregation Services Router - Cisco IOS XE 3.15S gert My apologies. Sorry for the noise! -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cheap BGP router for ~20k prefixes
Looking for suggestions for a device (switch/router) that can speak BGP and do around 20k prefixes. The other requirement is minimum 500Mb/s of throughput, which seems to throw a low-end Cisco router out of the mix. I know a 3560 switch can do BGP and wouldn't have the throughput limitations the router lines have. The cost is probably going to creep up again though when adding Enterprise code for BGP support. I'm really hoping to stay in the sub $2000 range, if possible. Mikrotik has some very impressive gear and I know folks on this list are mixed on them. But something like their CCR1036-12G-4S has impressive specs and an even more impressive price tag - ~$850. Thanks for any suggestions. -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IP SLA?
On 3/29/15 12:46 AM, Mark Tinka wrote: On 29/Mar/15 05:12, Dan Brisson wrote: Labbing this up, OSPF makes the default route advertisement much easier: router ospf 160 network 192.168.10.1 0.0.0.3 area 0 default-information originate always Downsides of OSPF vs. EIGRP in this scenario? I just think it's a terrible idea running an IGP with a customer. I mean, I see the benefit from a link failure detection point of view, but an IGP is still an IGP - and that I stands for Interior. Do you know what hardware/software the customer is running? Mark. I'm waiting to hear what the customer has for hardware/software, although in that this is a Co-lo environment, it would be nice to have a standard method for dual-connecting customers at Layer 3 when the next one requests it. That's what scares me about static routes+BFD. So while I hear you re: running an IGP with a customer, I think/hope that using Gert's suggestions of separate process ID and good filtering in place, I can achieve what I need. And, it's better than doing Spanning Tree with the customer. -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IP SLA?
Hello, On 3/24/15 8:48 AM, Gert Doering wrote: Hi, On Tue, Mar 24, 2015 at 08:27:59AM -0400, Dan Brisson wrote: I'm curious what folks do in the situation where you have redundant links to your customers. I'm speaking primarily in co-lo environments where you offer redundant Internet connectivity to co-lo customers. So for example, you give a customer 2 ethernet handoffs from two separate Layer 2 switches. Now what do you do if the customer wants to go to a routed model using both links. I could allocate /30s for both links, but then I have the issue of how to reliably route their block to them w/out running a routing protocol that will detect if one of the links goes down. That's where I came to static routes with IP SLA but I wanted to make sure I wasn't missing something easier. Just run a routing protocol... *SO* much easier. We use EIGRP for that (different EIGRP process, distribute-lists in and out, so the customer can only announce his networks and will only receive default from us), but for customers that cannot do that, we've also used BGP in the past - more universally available, but way slower in falling over unless used with BFD. You could use static+BFD, but I bet that half of the available gear will not support that... gert Thanks for the reply. Sounds like other than statics with BFD, which I doubt will be an option due to customer's hardware, I should just run a routing protocol. Could I ask how you get eigrp to only advertise a default to the customer? I get filtering with distribute lists, but in my scenario my router is only currently running BGP and receives a full table from my upstream. For eigrp to advertise the default, looks like a need a static 0.0.0.0 route. Am I missing something? It seems like doing that when I have a full table is a bad idea, but maybe it's not a big deal? Thanks! -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IP SLA?
Hello, On 3/24/15 8:48 AM, Gert Doering wrote: Hi, On Tue, Mar 24, 2015 at 08:27:59AM -0400, Dan Brisson wrote: I'm curious what folks do in the situation where you have redundant links to your customers. I'm speaking primarily in co-lo environments where you offer redundant Internet connectivity to co-lo customers. So for example, you give a customer 2 ethernet handoffs from two separate Layer 2 switches. Now what do you do if the customer wants to go to a routed model using both links. I could allocate /30s for both links, but then I have the issue of how to reliably route their block to them w/out running a routing protocol that will detect if one of the links goes down. That's where I came to static routes with IP SLA but I wanted to make sure I wasn't missing something easier. Just run a routing protocol... *SO* much easier. We use EIGRP for that (different EIGRP process, distribute-lists in and out, so the customer can only announce his networks and will only receive default from us), but for customers that cannot do that, we've also used BGP in the past - more universally available, but way slower in falling over unless used with BFD. You could use static+BFD, but I bet that half of the available gear will not support that... gert Thanks for the reply. Sounds like other than statics with BFD, which I doubt will be an option due to customer's hardware, I should just run a routing protocol. Could I ask how you get eigrp to only advertise a default to the customer? I get filtering with distribute lists, but in my scenario my router is only currently running BGP and receives a full table from my upstream. For eigrp to advertise the default, looks like a need a static 0.0.0.0 route. Am I missing something? It seems like doing that when I have a full table is a bad idea, but maybe it's not a big deal? Thanks! -dan Labbing this up, OSPF makes the default route advertisement much easier: router ospf 160 network 192.168.10.1 0.0.0.3 area 0 default-information originate always Downsides of OSPF vs. EIGRP in this scenario? Thanks! ___ cisco-nsp mailing listcisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive athttp://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] IP SLA?
I'm curious what folks do in the situation where you have redundant links to your customers. I'm speaking primarily in co-lo environments where you offer redundant Internet connectivity to co-lo customers. So for example, you give a customer 2 ethernet handoffs from two separate Layer 2 switches. Now what do you do if the customer wants to go to a routed model using both links. I could allocate /30s for both links, but then I have the issue of how to reliably route their block to them w/out running a routing protocol that will detect if one of the links goes down. That's where I came to static routes with IP SLA but I wanted to make sure I wasn't missing something easier. Thanks! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] IP SLA?
On 3/24/15 8:30 AM, Jared Mauch wrote: On Mar 24, 2015, at 8:27 AM, Dan Brissondbris...@gmail.com wrote: I'm curious what folks do in the situation where you have redundant links to your customers. I'm speaking primarily in co-lo environments where you offer redundant Internet connectivity to co-lo customers. So for example, you give a customer 2 ethernet handoffs from two separate Layer 2 switches. Now what do you do if the customer wants to go to a routed model using both links. I could allocate /30s for both links, but then I have the issue of how to reliably route their block to them w/out running a routing protocol that will detect if one of the links goes down. That's where I came to static routes with IP SLA but I wanted to make sure I wasn't missing something easier. Do they have two routers as well, or a simpler subnet config? Perhaps something like VRRP and using a protocol to inject these ‘connected’ routes to the rest of your network? - jared At this point I'm not sure if they will have one or two, although your suggestion of VRRP had crossed my mind. In that case, we both really need to run VRRP on each side to protect against failure, right? I was trying to get around allocating a /29 for a VRRP subnet, but I suppose one /29 = two /30s. Just seems like overkill, but I guess that's why I asked the question. It also occurs to me that this really isn't any different than a customer buying 2 connections from their premises to the same ISP. Or is it? Thanks! -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Primer for IOS-XR
Have you tried ciscolive.com? I popped IOS-XR into the search and it came back with a bunch of sessions that might be helpful. -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 12/16/14, 10:49 AM, Scott Granados wrote: Good morning, I have recently been exposed to some of the ASR hardware for the first time and while I’m well versed in standard IOS I haven’t done much work with XR. Can anyone suggest a good pointer for getting up to speed. I’m most specifically interested in the new policy construction and building policies for BGP routing control. I googled for an IOS to IOS-XR translator as possibly a starting point and there seemed to be some internal resources but nothing public facing. Any such package exist to do conversions and give me a starting point? Any help would be most appreciated. I’ve found some documents on the new policy structure but nothing that doesn’t assume I already have a baseline in XR. Any pointers would be most appreciated. Thanks Scott ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] WS-4500X SVI counters
It does. You have to add this to the SVI: counter -dan Dan Brisson Network Engineer University of Vermont On 9/12/14, 11:53 AM, Adrian Minta wrote: Hello, Can anyone confirm if Catalyst 4500-X has counters for Layer 3 vlan interfaces or not. Than you. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Is the Nexus 3064PQ usable ?
We had this same question about 3 years back and I'm not sure that anything has changed, but take this for what it's worth. The Nexus 5k line uses cut-through switching where your traditional catalyst line switches are store and forward. Here's a good link on this topic: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5020-switch/white_paper_c11-465436.html Also, the Nexus line may not have features that you want in a campus, such as layer 2 protections like dhcp snooping, DAI, etc... That said, just make sure you know what features you need, including IPv6 features, which without verifying, I'm guessing are more plentiful in the Catalyst line. Hope that helps. -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 6/12/2014 7:59 AM, Antoine Monnier wrote: Thanks Michele for sharing the feedback you received on this. Our cisco sales rep is telling us that he has never heard of Nexus used as a campus distribution-layer and is trying to convince us that that Catalyst 6807 is the right choice (instead of Nexus 56128P), even though we would get less 10Gig port-density, 1:2 oversubscription, 5x more RU used, at least twice the power consumption, etc... and all of this for twice the price! Are there other people out there using Nexus (3x00 ? 5x00? 6x00 7x00?) at the distribution-layer of medium-sized campus? Medium-sized being about 60 access-layer closets with dual 10 Gig uplink each and a small server-farm. On the downside I hear that the orphan port scenario with vPC may be a pain in the back side? I still need to read the details of this. Is anyone running vPC at the distribution-layer of a campus environment? Thanks On Mon, Apr 28, 2014 at 12:43 PM, Michele Bergonzoni berg...@labs.it wrote: Does anybody have success/horror stories about the [Nexus] 3064 or 3048 to share? If you email me in private, I can post an anonimized summary. I received two very helpful replies. One person told me about some new 3172PQ: I am loving them to death. This person is using them as L2, with vPC. One person is using the 3064X with OSPF, BGP VRRP and is happy with it. This is very similar to what I am trying to do. I still feel a bit uneasy, but I think we will end up trusting the datasheet. Cheers to all, Bergonz -- Ing. Michele Bergonzoni - Laboratori Guglielmo Marconi S.p.a. Phone:+39-051-6781926 e-mail: berg...@labs.it alt.advanced.networks.design.configure.operate ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Basic BGP Cisco Router
I'm wondering what folks would recommend for a very basic BGP router of the Cisco variety. The scenario is that I want to introduce a second ISP to my Internet edge. I don't have very high bandwidth needs - current connection is 20Mb/s and the new one will probably be 50Mb/s. I plan to use BGP to advertise my address space to both ISPs with the main goal really being that I want to ensure that I never drop off the Internet. I don't really care about best path TO the Internet, but want to make sure people can get to me. That said, I plan to just take a default route from both providers which makes me think I shouldn't need much of a router. So I'm looking at basic default routing via BGP, about 75Mb/s of throughput needed, and would like (3) 100mb or 1Gig interfaces. Seems like a 2900 series router would work but would love to hear what folks think. Thanks! ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Strange Issue with 3560X and 4500X
We had a problem about 6 months ago when we installed our first pair of 4500Xs where they could reach certain hosts but not reach other hosts on the same subnet. TAC said it was a bug that has since been fixed. We are on this version now and the problem has been resolved: cat4500e-universalk9.SPA.03.05.01.E.152-1.E1.bin -dan Dan Brisson Network Engineer University of Vermont dbris...@uvm.edu On 4/12/14, 7:03 AM, Antonio Soares wrote: Group, We found that all the 3560-Xs connected to the secondary 4500-X stopped responding to SNMP queries at the same exact minute which leads to the common denominator being the 4500-X. Anyone has experienced strange things with 4500-Xs running 3.5.0E / 15.2(1)E ? Thanks. Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Antonio Soares Sent: sexta-feira, 11 de Abril de 2014 14:09 To: cisco-nsp@puck.nether.net Subject: [c-nsp] Strange Issue with 3560X and 4500X Group, This is one of the most weird things I saw these last years. Imagine a network where you have two 4500-X in the Core (no VSS) and a few 3560-X pairs forming squares between the 4500-Xs and the 3560-Xs. One of the 4500-X is the STP root for all Vlans, the other 4500-X is the backup STP root for all Vlans as well. Between the 4500-Xs and the 3560-Xs I have LACP, CDP and UDLD running. The issue: The network was up and running well the first 4 days after installation. More or less on the fifth day, all the 3560-Xs connected to the secondary 4500-X, stopped responding to ping requests from anywhere in the network, even from the directly attached neighbors, the two 4500-Xs and the other 3560-X. A reboot to the 3560-X didn’t solve the problem. UDLD, CDP and LACP didn’t fail at all. In order to get normal access to the 3560-X, I had to shutdown the uplink from the 3560-X to the 4500-X. I have a simple diagram here: http://ccie18473.net/issue-sw2.jpg What seems to happen is that broadcasts (ARP, DHCP) and multicast start to fail somewhere in time. It must be a very severe 4500X or 3560X bug but I wasn’t able to find anything. The most important information: WS-C4500X-32, cat4500e-universalk9.SPA.03.05.00.E.152-1.E.bin WS-C3560X-48P, c3560e-universalk9-mz.150-2.SE.bin, the uplink is fiber optic, the C3KX-NM-10G is used, between the 3560Xs I have copper Unfortunately I can’t reload/upgrade the 4500X-s or the 3560X-s… Any pointers are more than welcome. Thanks. Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net http://www.ccie18473.net/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Strange Issue with 3560X and 4500X
Ah, didn't think I had it or I would have included it in the first email, but turns out I do have it: Csuj73571 Hope that helps! -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 4/12/14, 8:22 AM, Antonio Soares wrote: Great, thanks for the feedback. Are you able to tell me the bug id ? Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Dan Brisson Sent: sábado, 12 de Abril de 2014 13:15 To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Strange Issue with 3560X and 4500X We had a problem about 6 months ago when we installed our first pair of 4500Xs where they could reach certain hosts but not reach other hosts on the same subnet. TAC said it was a bug that has since been fixed. We are on this version now and the problem has been resolved: cat4500e-universalk9.SPA.03.05.01.E.152-1.E1.bin -dan Dan Brisson Network Engineer University of Vermont dbris...@uvm.edu On 4/12/14, 7:03 AM, Antonio Soares wrote: Group, We found that all the 3560-Xs connected to the secondary 4500-X stopped responding to SNMP queries at the same exact minute which leads to the common denominator being the 4500-X. Anyone has experienced strange things with 4500-Xs running 3.5.0E / 15.2(1)E ? Thanks. Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Antonio Soares Sent: sexta-feira, 11 de Abril de 2014 14:09 To: cisco-nsp@puck.nether.net Subject: [c-nsp] Strange Issue with 3560X and 4500X Group, This is one of the most weird things I saw these last years. Imagine a network where you have two 4500-X in the Core (no VSS) and a few 3560-X pairs forming squares between the 4500-Xs and the 3560-Xs. One of the 4500-X is the STP root for all Vlans, the other 4500-X is the backup STP root for all Vlans as well. Between the 4500-Xs and the 3560-Xs I have LACP, CDP and UDLD running. The issue: The network was up and running well the first 4 days after installation. More or less on the fifth day, all the 3560-Xs connected to the secondary 4500-X, stopped responding to ping requests from anywhere in the network, even from the directly attached neighbors, the two 4500-Xs and the other 3560-X. A reboot to the 3560-X didn’t solve the problem. UDLD, CDP and LACP didn’t fail at all. In order to get normal access to the 3560-X, I had to shutdown the uplink from the 3560-X to the 4500-X. I have a simple diagram here: http://ccie18473.net/issue-sw2.jpg What seems to happen is that broadcasts (ARP, DHCP) and multicast start to fail somewhere in time. It must be a very severe 4500X or 3560X bug but I wasn’t able to find anything. The most important information: WS-C4500X-32, cat4500e-universalk9.SPA.03.05.00.E.152-1.E.bin WS-C3560X-48P, c3560e-universalk9-mz.150-2.SE.bin, the uplink is fiber optic, the C3KX-NM-10G is used, between the 3560Xs I have copper Unfortunately I can’t reload/upgrade the 4500X-s or the 3560X-s… Any pointers are more than welcome. Thanks. Regards, Antonio Soares, CCIE #18473 (RS/SP) amsoa...@netcabo.pt http://www.ccie18473.net http://www.ccie18473.net/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6500 HSRP unicast flooding
This helped me out when I had this issue: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html -dan On 2/18/14, 6:57 PM, Peter Rathlev wrote: On Tue, 2014-02-18 at 18:14 -0500, Randy wrote: The mac entry is only present on the active HSRP member... and the flood traffic is coming from standby member, heading out all the backup RSTP paths (blocked on the remote end). This probably means that the standby member is receiving traffic from elsewhere that it forwards upon receiving it because it has a connected route. You should be able to tell from where it comes by looking at the source IP addresses. Make sure traffic from elsewhere (other VLANs, other routers) arrives at the HSRP primary device. Alternatively, that the traffic when forwarded into the VLAN flows in a way that makes both your core devices see the traffic. Regarding TCNs, which might still be relevant since not only trunk interface flaps can trigger them, take a look at the output from: show spanning-tree detail | include last change|executing And see if any VLANs (or instances) have changed recently and often. (P.S.: I can imagine one could suggest VSS as a solution to this problem, which would technically be correct. OTOH VSS might introduce other problems and/or be precluded for other reasons and it would not really cast any light on the actual problem.) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Amount of buffers on ASR9001
Or, put on your helmet and watch this: https://www.ciscolive365.com/connect/sessionDetail.ww?SESSION_ID=7939backBtn=true -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 1/17/2014 8:52 AM, Adam Vitkovsky wrote: Hi Daniel, Try to contact Alexander Thuijs from Cisco he's the ASR9k guru. adam -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of daniel@reaper.nu Sent: Friday, January 03, 2014 1:51 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] Amount of buffers on ASR9001 Hi list, I want to find out how much buffers are available on Cisco ASR 9001, both for integrated ports and for MPA such as A9K-MPA-4X10GE. I would greatly appreciate if anyone has these available. I'll try to ping some Cisco people as well but often it's faster to ask here. Thanks. Best regards, Daniel Dib CCIE #37149 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ARP problems with UCS FI 6140XP
Or ping its default gateway every minute. -dan On 1/17/2014 10:58 AM, Chuck Church wrote: Not really sure what an 'FI' is, but can you set the mac address aging time on this FI to something longer than 5 minutes, and or have the netflow collector do 'something' to send traffic, like configure NTP on it? Chuck -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Joe Loiacono Sent: Friday, January 17, 2014 9:38 AM To: cisco-nsp@puck.nether.net Subject: [c-nsp] ARP problems with UCS FI 6140XP I have a host that is receiving netflow UDP exports. A couple times a day the export flow stops. The MAC address is getting dropped from the FI MAC address table. A simple HTTP access to the host restores the MAC address and the flow. It looks like CIMC logging is for system events only. Is there a way I can debug or log *network* messages (e.g., ARP, etc.) Thanks, Joe Loiacono ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Nexu 5020 HSRP issues
Do you have the mate 5020 SVI configured as 10.8.200.3/24? -dan Dan Brisson Network Engineer University of Vermont (Ph) 802.656.8111 dbris...@uvm.edu On 8/9/13 7:52 AM, Christian Kildau wrote: Hi Cisco-NSP, we're having some very strange issues while adding HSRP to our Nexus 5020 where both HSRP peers are up, but don't recognize each other, thus causing some issues. Our config is pretty simple, running 4 VLANs and VPC. VPC is up and the Trunks are running fine. We now added some SVIs for L3 routing which also seems to be working fine. But as soon as we add HSRP config as follows: interface Vlan200 no shutdown no ip redirects ip address 10.8.200.2/24 hsrp version 2 hsrp 1 preempt priority 110 ip 10.8.200.1 we're facing some very strange issues. According to 'debug hsrp engine packet hello' both sides do send HSRP Hello Packets, but the other end never receives them, so both peers are in Active state: sw1# sh hsrp group 1 brief Interface Grp Prio P StateActive addr Standby addr Group addr Vlan200 1 110 P Active localunknown 10.8.200.1 (conf) sw2# sh hsrp group 1 brief Interface Grp Prio P StateActive addr Standby addr Group addr Vlan200 1 100 P Active localunknown 10.8.200.1 (conf) What could cause this? Thanks for any hint! Kind Regards Christian P.S. features are enabled of course ;-) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] MPLS L3VPN - EIGRP routes not being advertised to CE router
Right, in IP Base an eigrp device can only function in stub mode which means it won't pass on any dynamically learned routes. Static routes would fix this problem but I doubt u want to go down that road. -dan Sent from a mobile phone with a tiny keyboard On Jun 11, 2013, at 8:32 PM, Blake Dunlap iki...@gmail.com wrote: That restriction is a licensing one, so you'll have to see if you have high enough software for EIGRP to be allowed to function, or if its a bug. -Blake On Tue, Jun 11, 2013 at 6:34 PM, Tim Huffman t...@bobbroadband.com wrote: Although we've done several MPLS VPNs in the past, we've always used BGP as the PE-CE routing protocol. Now, I have a new customer that wants to use EIGRP instead. The configuration doesn't seem too hard, but something isn't working correctly: - We are learning routes from the customer at each location (2 currently, with more to follow) - PE1 and PE2 both learn routes from their respective CE1 and CE2 - Those routes get passed onto our Route Reflector - PE2 knows routes in the VRF from PE1, and vice versa - Neither CE1 nor CE2 are learning any routes, other than connected ones The customer is getting antsy, and from the documentation I can find, we should be set up correctly. Any help you guys can provide would be GREATLY appreciated! Now the details: PE1=RR==PE2 | | | | CE1 CE2 Our Route Reflector is a Catalyst 6503 w/SUP720-3BXL running 12.2(33)SXH5. The two PEs are ME-C6524GT-8S running 12.2(18)ZU2. Below is the config from the PE routers (IPs and ASNs changed to protect the innocent): ip vrf CustomerA description L3VPN for CustomerA rd 65002:10 route-target export 65002:10 route-target import 65002:10 router eigrp 65002 auto-summary ! address-family ipv4 vrf CustomerA redistribute bgp 1234 network 10.3.63.0 0.0.0.3 default-metric 1 1 255 1 1500 no auto-summary autonomous-system 65002 eigrp stub connected summary exit-address-family eigrp stub connected summary You have it set up as EIGRP Stub with Summary. What routes are you expecting to see at each of the respective CE's? That command was put in by default, and when we try to remove it, we get this error EIGRP is restricted to stub configurations only. It looks like this may be related to bug CSCeh58135. Unfortunately, I have very little experience with EIGRP. Do you think that's the likely source of the problem? -- Tim Huffman ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] 3rd party SFP cables with Nexus 5500 series
Wondering if anyone out there has tried using 3rd party Twinax cables between Nexus 5500s and 10G servers with XFP ports. I'm specifically referring to this cable: *10GbE XFP to SFP+ Cable 6M, Active* Which can be found here: http://www.sfpcables.com/cab-xfp-sfp-a6m-24 Thanks, -dan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] ASR1002-X vs ASR9001
It only samples though, if I remember correctly. You can configure 1:1, but you run the risk of overrunning it. -dan On 4/24/13 4:32 PM, Nick Hilliard wrote: On 24/04/2013 20:41, Nikolay Shopik wrote: I suppose netflow not possible on ASR9001? netflow (v9) works fine on asr9001. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Sup2T - poor netflow performance
netdr capture could lend some clues. I don't think that's been suggested yet. I've only used it on SUP720s, but I would think it will still work for SUP-2Ts. -dan On 3/27/2013 10:03 AM, Pete Lumbis wrote: I'd second this. My guess is there is a large amount of punted traffic and the problem is just being made worse by netflow export. I'd suggest engaging TAC to help you identify what's going on. On Wed, Mar 27, 2013 at 2:15 PM, Dobbins, Roland rdobb...@arbor.net wrote: On Mar 27, 2013, at 7:50 PM, Mikael Abrahamsson wrote: For Internet peering router at 10GE with typical eyeball traffic my opinion is that 6500/7600 doesn't have working netflow. Sup2T/DFC4 fixes these issues, as well as the uRPF mode limitation and weird ACL threshold limitation. The problem the OP is experiencing is likely a result of configuration issues, lots of punted traffic generating flows, or a bug. The EARL8 ASIC solves all the previous issues associated with 6500/7600 NetFlow. --- Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Luck is the residue of opportunity and design. -- John Milton ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] VS-S2T-10G card with WS-X6748-SFP Card = DFC Problems
Is it correct that DFC4s are field upgradeable? -dan Sent from a mobile phone with a tiny keyboard On Mar 25, 2013, at 1:46 PM, Phil Mayers p.may...@imperial.ac.uk wrote: On 25/03/13 17:35, Olivier CALVANO wrote: Hi i have a Cisco 6504E with a VS-S2T-10G and a small problems with two card: *Mar 25 17:20:06.375: %C6KENV-2-DFCMISMATCH: Module 2 DFC incompatible with Supervisor DFC. Power denied *Mar 25 17:20:09.299: %C6KENV-2-DFCMISMATCH: Module 3 DFC incompatible with Supervisor DFC. Power denied Anyone know a solution to this problems ? Sup2T cannot run with DFC3 linecards. You *MUST* either downgrade to CFC, or upgrade to DFC4 on the linecard. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Question about SVI interface acl counters + way of working
On my SUP720s, I've used sh tcam int vlan xxx acl out ip with some success. -dan On 3/20/2013 11:12 AM, Gert Doering wrote: Hi, On Wed, Mar 20, 2013 at 03:42:09PM +0100, Rolf Hanßen wrote: Does that ACL not filter all traffic passing the interface or why does the delta of ACL hits not match the number of incoming pps ? The ACL only counts (and lots) packets punted to the RP, and not all of it. At least on Sup720... no idea about Sup2T. gert ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] STP active/listed on wrong port
I think you mean untagged frames. -dan Sent from a mobile phone with a tiny keyboard On Mar 12, 2013, at 2:21 PM, Harold 'Buz' Dale buz.d...@usg.edu wrote: Sure - It's a trunk. VLAN one is the native vlan the tagged frames flow over... -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Rolf Hanßen Sent: Tuesday, March 12, 2013 13:34 To: cisco-nsp@puck.nether.net Subject: [c-nsp] STP active/listed on wrong port Hello list, do you have an explanation why STP thinks Gi7/16 belongs to vlan 1 ? edge1-dus3#sh spanning-tree VLAN0001 Spanning tree enabled protocol ieee Root IDPriority32769 Address 5475.d0a6.75c0 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority32769 (priority 32768 sys-id-ext 1) Address 5475.d0a6.75c0 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type --- --- - Gi7/16 Desg FWD 4 128.1552 P2p Interface Config: interface GigabitEthernet7/16 description custsw2-dus1 A16 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 1253,1606 switchport mode trunk mtu 9216 load-interval 30 end STP is disabled on all other vlans: no spanning-tree vlan 2-4000 Gi7/16 is not listed here: edge1-dus3#sh vlan id 1 VLAN Name StatusPorts - --- 1default activeGi1/5, Gi1/8, Gi1/13, Gi1/25, Gi1/27, Gi1/48, Te4/1, Gi6/1, Gi7/1, Gi7/3, Gi7/4, Gi7/5, Gi7/6, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12, Gi7/13, Gi7/14, Gi7/15, Gi7/17, Gi7/18, Gi7/19 Gi7/20, Gi7/21, Gi7/22, Gi7/23, Gi7/24 VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 - -- - -- -- -- -- 1enet 11 1500 - - ---0 0 Remote SPAN VLAN Disabled Primary Secondary Type Ports --- - - -- Port is up and works fine: edge1-dus3#sh int Gi7/16 GigabitEthernet7/16 is up, line protocol is up (connected) Hardware is C6k 1000Mb 802.3, address is 001d.a246.3743 (bia 001d.a246.3743) Description: custsw2-dus1 A16 MTU 9216 bytes, BW 100 Kbit/sec, DLY 10 usec, reliability 255/255, txload 6/255, rxload 6/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 1000Mb/s, media type is LX input flow-control is off, output flow-control is off Clock mode is auto ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output never, output hang never Last clearing of show interface counters never Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 30 second input rate 27117000 bits/sec, 3517 packets/sec 30 second output rate 24383000 bits/sec, 2860 packets/sec 32078138057 packets input, 32998390284372 bytes, 0 no buffer Received 524965 broadcasts (173874 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast, 0 pause input 0 input packets with dribble condition detected 13839785752 packets output, 9991981200426 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out edge1-dus3#sh version Cisco IOS Software, c7600s72033_rp Software (c7600s72033_rp-ADVIPSERVICESK9-M), Version 15.1(2)S, RELEASE SOFTWARE (fc1) Hardware is Cisco 7609-S, Sub720-3BXL, Slot 7 is a WS-X6724-SFP kind regards Rolf Hanßen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/