On Sat, Nov 29, 2014 at 09:41:45PM +0600, Victor Sudakov wrote:
We have set up port monitor sessions in various parts of the network
and have found out the following. One of the C3560X-24P in the chain
of identical switches does not let through packets with
src=10.65.127.246dst=224.0.0.5.
On Sat, Nov 22, 2014 at 09:43:03PM +0200, Mark Tinka wrote:
What is more confusing is when vendors use half-duplex
bandwidth to make a line card seem faster, e.g., a 30Gbps
line card is sold as a 60Gbps if traffic flows in only one
direction.
Well, that depends. Lets assume the linecard in
On Sun, Nov 23, 2014 at 02:46:45PM +0200, Mark Tinka wrote:
I look at the overall architecture, and generally ignore the
Gbps/slot schpill. Real life places different demands on the
platform, and the numbers generated by the vendors are
usually not in line with real life.
To cut them some
On Sat, Jun 21, 2014 at 12:51:02AM -0400, Jeff Kell wrote:
Is this still the case with the 4500X? It can't be line rate (not at 32
ports x 10Ggps)... so what's the breakdown on bandwidth here?
https://supportforums.cisco.com/discussion/11954566/4500-x-port-asic
Best regards,
Daniel
--
Sender: cisco-nsp-boun...@puck.nether.net
On-Behalf-Of: d...@cluenet.de
Subject: Re: [c-nsp] 4500X trivia question...
Message-Id: 20140622094817.ga26...@srv03.cluenet.de
Recipient: adam.atkin...@damovo.com
Recipient: darren.coll...@damovo.com
---BeginMessage---
On Sat, Jun 21, 2014 at 12:51:02AM
On Fri, May 30, 2014 at 01:41:16AM +0200, Sander Steffann wrote:
For netflow you are indeed out of luck as that is (intentionally?) not
supported on Gi0.
It's been many years since I looked into that but I remember the reason
was that Netflow export happens from the PFE, which can export only
On Thu, Aug 29, 2013 at 06:58:17PM +1030, CiscoNSP List wrote:
Have the following requirements:
Fully redundant, dual power, dual supervisor, multiple line cards for
redundancy
How many ports of which types?
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: d...@cluenet.de -- dr@IRCnet -- PGP:
On Thu, Aug 29, 2013 at 09:04:15PM +1030, CiscoNSP List wrote:
Fully redundant, dual power, dual supervisor, multiple line cards for
redundancy
How many ports of which types?
Only a few gig-e ports.
Technically I'd go ASR9006 (IOS XR), but ASR1006 is less overkill and
probably
On Thu, Aug 29, 2013 at 09:49:06PM +1000, Andrew Miehs wrote:
On Thu, Aug 29, 2013 at 8:34 PM, CiscoNSP List
cisconsp_l...@hotmail.comwrote:
On Thu, Aug 29, 2013 at 06:58:17PM +1030, CiscoNSP List wrote:
Have the following requirements:
Fully redundant, dual power, dual
On Mon, Nov 26, 2012 at 01:02:58AM +0100, Peter Rathlev wrote:
And if we end up modifying the RFP to make the basic IPv6 support
optional we have hopefully at least sent a signal.
Yes. The signal is ignore mandatory IPv6 requirements - they will get
dropped to optional anyway - which is the
On Mon, Nov 19, 2012 at 10:18:46AM -0600, Dikkema, Michael (Business
Technology) wrote:
Is there any way to get ingress QoS working on LACP on ASR 1000 series?
What do you mean with ingress QoS exactly?
I'd be interested to learn about any QoS surprises on ASR1k.
Best regards,
Daniel
--
On Sun, Jul 08, 2012 at 03:08:14AM +0300, Martin T wrote:
thanks! calendar set worked fine.
Side note: ntp update-calendar takes care of updating the hardware
clock via NTP.
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: d...@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0
On Wed, Dec 28, 2011 at 10:31:31AM +0800, Mark Tinka wrote:
On Wednesday, December 28, 2011 03:13:35 AM John Neiberger
wrote:
I thought for sure there was a command that would show
the preconfigured interfaces. As soon as I insert the
new card, the preexisting configuration will
On Wed, Dec 28, 2011 at 01:37:34PM +0100, Vitkovsky, Adam wrote:
Pre-configuration is possible with XR as well
So you can preconfigure interfaces, but not see and edit the
remembered config of interfaces which got physically removed (or
linecard shut down)?
Best regards,
Daniel
--
CLUE-RIPE
On Thu, Dec 15, 2011 at 11:32:14AM +, Nick Hilliard wrote:
Slightly annoying, but IS-IS doesn't appear to support advertise
passive-only for ipv6 afi on SXI or 15.0M. Is this command supported on
any platform?
When I inquired in Feb 2005, it wasn't. :-)
On Fri, Dec 16, 2011 at 08:58:46AM +, Alan Buxey wrote:
Do you want me to be added to your feature request?
I haven't heard anything from that anymore after Oli Boehmer's mail, so
not sure wether it was formally submitted back then. Perhaps drop Oli an
email?
I'm getting a little
On Mon, Jul 18, 2011 at 03:20:47PM -0400, Jeff Kell wrote:
You can probably play Dike Nukem Forever on Modular IOS by the time
they finish adding bells and whistles to it.
There's prior art... Doom server (or was it Quake?) on Juniper routing
engine, alongside JUNOS, approx 10 years ago. :-)
On Mon, Jun 20, 2011 at 11:31:31PM +0200, Gert Doering wrote:
Standard Vendor answer #714: what is this IPv6 thing?
no customer other than you is asking for that
My all-time fav.
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: d...@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0
On Sat, Feb 05, 2011 at 05:32:10PM -0600, Michael Vinogradsky wrote:
The design would be comprised of two redundant NTP server in separate
geographic locations.
As Phil Mayer outlined, you should really consider using three to
protect from a falseticker
The budget in the ballpark of two 2800
On Sat, Nov 20, 2010 at 12:26:27PM +0100, Gert Doering wrote:
Now this might sound like a minor nit, but for us, it's major pains -
whenever we put a new device under contract, it seems to end up having
a new contract number, and then the whole team goes and spends non-trivial
amount of time
On Sat, Oct 23, 2010 at 10:37:33AM -0400, Jeff Fitzwater wrote:
Is there any problems with running LACP with CWDM equipment inline
with one port of a channel? Also if both ports go through CWDM?
LACP uses standard ethernet frames, to which CWDM as such is completely
transparent. But if you
On Mon, Oct 18, 2010 at 12:01:40AM +0200, Per Carlson wrote:
They are called ME-36/3800X :-)
Those cannot join a StackWise(+) stack.
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: d...@cluenet.de -- d...@ircnet -- PGP: 0xA85C8AA0
___
cisco-nsp mailing
On Wed, Aug 25, 2010 at 01:06:24PM -0700, Mark Tech wrote:
I am looking for a 2FA solution in order to connect to Cisco devices. I would
like to use either Radius or TACACS as the AAA part, however I'd like to know
whether/how I could interconnect this to a 2nd auth such as a token based RSA
On Mon, May 10, 2010 at 08:34:05AM +0200, Marian ??urkovi?? wrote:
LRM SFP+ is just part of the stuff you need. For LRM to work, the switch
linecard must have appropriate EDC functionality. If it's not there, it simply
won't work.
Interesting. Thanks.
On a similar topic, I'm still waiting
On Mon, May 10, 2010 at 09:51:39AM +0200, Daniel Roesen wrote:
Well, SR _are_ supported in SPA-1X10GE-L-V2 when used in CRS-1,
SCE8000 and ASR1000, just not uBR10k.
I have to partially correct myself here. I can personally testify that
they are supported in ASR1000 (see also Release Notes IOS
On Sat, May 08, 2010 at 07:01:48AM +1000, Lincoln Dale wrote:
i doubt anyone has successfully deployed it as LRM is not supported on N5K or
N2K.
there are technical reasons behind why its not supported.
Could you elaborate on that?
On a similar topic, I'm still waiting for an explanation,
On Sun, Nov 15, 2009 at 02:35:59AM +0800, Mark Tinka wrote:
What quality networking, we have these days...
I think it's called Carrier grade these days...
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: d...@cluenet.de -- d...@ircnet -- PGP: 0xA85C8AA0
On Mon, Oct 12, 2009 at 06:04:35AM -0400, Sridhar Ayengar wrote:
Why do GEIP+ cards go for so much money? There can't be *that* many people
left on the 7500 platform...
Because anyone still in the market for GEIP+ must be very very
desperate? :-)
Best regards,
Daniel
--
CLUE-RIPE --
On Tue, Sep 29, 2009 at 12:56:26AM -0500, Steven Saner wrote:
Is this really available? I was asking a SmartNet rep about this once and
was led to believe this isn't an option. Maybe it wasn't then and is now?
Maybe they were pulling my leg?
It does exist, CON-SW-..., but not listed in the
On Fri, Sep 25, 2009 at 07:50:23PM +0200, Reinhold Fischer wrote:
What would be the benefit of transporting the Ethernet preamble?
Transparently transporting OAM done within the preamble?
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: d...@cluenet.de -- d...@ircnet -- PGP: 0xA85C8AA0
On Wed, Sep 23, 2009 at 12:15:00PM -0400, Cisco Systems Product Security
Incident Response Team wrote:
Cisco IOS Software devices are vulnerable if they support NTPv4 and
are configured for NTP operations.
Are NTP ACLs ntp access-group ... any help?
Best regards,
Daniel
--
CLUE-RIPE --
On Mon, May 11, 2009 at 10:28:03AM -0400, Dan Armstrong wrote:
How did you get your ASR1002 to link at 100M?
This might be related to this thread:
http://puck.nether.net/pipermail/cisco-nsp/2008-December/056829.html
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: d...@cluenet.de -- d...@ircnet
On Mon, May 11, 2009 at 10:28:03AM -0400, Dan Armstrong wrote:
How did you get your ASR1002 to link at 100M?
[...]
This port has a GLC-T in it, and is plugged into a 100M Port on an
ME3400... I can't get it up. :-)
I just discovered:
On Wed, Apr 29, 2009 at 04:23:48PM -0400, Jeff Kell wrote:
Quick question... the new[ish] Catalyst 2975 switch looks like a
2960+stacking. Do these things stack with 3750s / 3750Es ? They show
up as another blade on the stack?
We've been told that it's the usual StackWise, but without the
On Mon, Jan 12, 2009 at 03:56:51PM +0100, Peter Rathlev wrote:
This is obviously bollocks. Security questions _DO_ replace my user ID
and password if they can be used to get access to an account.
Indeed. Those security questions definately LOWER the security on
accounts, as a) I won't provide
On Fri, Dec 05, 2008 at 08:03:27PM +0100, Marian ??urkovi?? wrote:
One type emulates fiber SFP and should work in all cases (at 1 Gbps) as the
port does not have to perform anything special.
The other type can do 10/100/1000, but the port must support SGMII mode
which is probably not
On Thu, Dec 04, 2008 at 11:43:13AM +, Marko Milivojevic wrote:
On Thu, Dec 4, 2008 at 11:03, E. Versaevel [EMAIL PROTECTED] wrote:
Hello,
I've got a 7206VXR with NPE-G1 configured for PPPoA termination, we recieve
the VC's over an STM-1 and terminate them into various vrf's (for VPN)
On Thu, Dec 04, 2008 at 12:41:48PM +0100, E. Versaevel wrote:
I've also been looking into the ASR 1000 series as a replacement/expansion.
However it doesn't seem to support PPPoA, that's one major show stopper for
us.
That's announced for RLS3, expected in january (or so...).
Best regards,
On Thu, Dec 04, 2008 at 04:17:58PM -0500, Mojtaba Kia wrote:
Attempting to install a SFP-GE-T transceiver on an ASR1002 router's built-in
GE port. The lead time to get Factory SFPs from Cisco is about 2-3 weeks,
got my hand on couple of third-party vendor SFP-GE-T transceivers and even
though
On Thu, Oct 02, 2008 at 07:15:19PM -0700, Irfan Siddiqui wrote:
I don't think this is possible on 720X you have to read it of of chassis
Indeed. We resorted to configure the chassis sticker ID as snmp-server
chassis-id manually. We found no electronic way, not up to NPE-G1.
Best regards,
On Mon, Sep 15, 2008 at 09:50:26AM +0300, Saku Ytti wrote:
Just out of curiosity what were main points that left you
wanting?
QinQ termination, EoMPLS, VPLS.
EoMPLS was show stopper for me, would have EFT'n it to see
more closely otherwise.
VPLS I don't care, EoMPLS + 7600 as
Hi,
there seem to be two generations of ATM OC3 SPAs around:
SPA-2XOC3-ATM / SPA-4XOC3-ATM:
http://www.cisco.com/en/US/prod/collateral/modules/ps6267/product_data_sheet0900aecd8027cba7.html
and
SPA-1XOC3-ATM-V2 / SPA-3XOC3-ATM-V2:
On Sat, Jul 26, 2008 at 10:22:38AM +0200, Gert Doering wrote:
You should really shop by feature set. Advanced Enterprise IOS
licenses are expensive.
Except on ASR1000, where the full-blown Advanced Enterprise image
(positioned for Enterprise users) is 10kUSD list, vs. the
On Tue, Jul 08, 2008 at 06:39:46AM -0700, Robert Beckett wrote:
You actually have two bugs here:
for the Output queue :0/40
CSCdx72484 show interface has an inconsistent format in Output queue
display
for the ouxtput
CSCdz44280 5 minute output/input rate does not display correctly on
On Mon, Jul 21, 2008 at 11:00:16AM -0500, Justin C. Darby wrote:
You should really shop by feature set. Advanced Enterprise IOS
licenses are expensive.
Except on ASR1000, where the full-blown Advanced Enterprise image
(positioned for Enterprise users) is 10kUSD list, vs. the stripped-down
Hi,
is there any way to restrict an HWIC-3G-GSM UMTS/GPRS interface to
GPRS-only operation? We want to avoid using flaky UMTS in a certain
spot.
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- PGP: 0xA85C8AA0
On Fri, May 09, 2008 at 10:51:20AM -0400, Chris Riling wrote:
I've done some research on SSH in IOS and I've only been able to find
the usual information on how to implement SSH; (generate keys, change
transport, etc.) but I'm more interested in seeing if I can use key files
for
On Sun, Apr 20, 2008 at 11:27:37AM +0300, Tassos Chatzithomaoglou wrote:
2) block 01-00-0C-CC-CC-CC (used by CDP too)
Can be done on ingress only on 3750G. Any chance of blocking egress VTP
too?
4) block vlan 1 (although actually that's not possible)
Hm, modern IOS switches seem to be able to
On Fri, Apr 18, 2008 at 02:42:16PM -0700, Buhrmaster, Gary wrote:
Cisco retired (is retiring) the GD/LD program
(ED and DF continue, MD is a new designation):
Still, I don't understand what the practical consequences are, except
that images aren't called GD/LD anymore, but MD (which never had
On Mon, Apr 07, 2008 at 10:06:26AM +0200, Arne Boettger wrote:
Can we instead just use *one* HWIC-2SHDSL? Has anyone done this before?
Yes, works. Firmware/IOS selection seems to be a bit more limited,
depending on the DSLAM vendor.
Best regards,
Daniel
--
CLUE-RIPE -- Jabber: [EMAIL
On Mon, Apr 07, 2008 at 10:06:26AM +0200, Arne Boettger wrote:
I have a question regarding the HWIC-2SHDSL and HWIC-4SHDSL.
Oh and attention: You will only get 2 ATM interfaces with HWIC-4SHDSL,
so you cannot use it to bundle more than 2 PVC (= 2-wire lines). If
I remember correctly, you should
On Thu, Jan 24, 2008 at 08:02:59AM +0100, Oliver Boehmer (oboehmer) wrote:
I recall there was a bug somewhere in 12.2S where this was required
for all keys (IIRC)..
12.2(18)S* had password level 7 obfuscation broken (incompatible with
all other IOS releases).
Best regards,
Daniel
--
On Fri, Dec 21, 2007 at 01:51:49AM -0500, Richard A Steenbergen wrote:
Or use copy ftp://user:[EMAIL PROTECTED]/pathtoios as it'll run faster
anyway and not have any issues with IOS file sizes.
Unless it corrupts the image when you use ftp instead of tftp (hi SRA!).
Or crashes your router
On Thu, Dec 13, 2007 at 01:10:35AM +0100, Daniel Roesen wrote:
On Sun, Nov 18, 2007 at 02:23:57AM +0100, Daniel Roesen wrote:
On Sun, Nov 18, 2007 at 12:33:55AM +0100, Daniel Roesen wrote:
Router#sh run | i prox
ip arp proxy disable
Router#sh run int g0/1 | i prox
Router#sh
On Sun, Nov 18, 2007 at 02:23:57AM +0100, Daniel Roesen wrote:
On Sun, Nov 18, 2007 at 12:33:55AM +0100, Daniel Roesen wrote:
Router#sh run | i prox
ip arp proxy disable
Router#sh run int g0/1 | i prox
Router#sh ip int g0/1 | i Prox
Proxy ARP is enabled
I've verified
On Fri, Nov 16, 2007 at 04:50:00PM +0100, Gert Doering wrote:
Hooray for Cisco default features. This is one of the more stupid
ones, especially as it's enabled by default.
Have them configure no ip gratuitous-arps.
At least it's configurable on global level, unlike no ip proxy-arp
and no
On Sat, Nov 17, 2007 at 10:33:43PM +0100, Daniel Roesen wrote:
At least it's configurable on global level, unlike no ip proxy-arp
and no ip redirects (and others). :-(
Slightly correcting myself here:
there is ip arp proxy disable in some newer IOS trains which disables
proxy-arp globally
On Sun, Nov 18, 2007 at 12:33:55AM +0100, Daniel Roesen wrote:
Router#sh run | i prox
ip arp proxy disable
Router#sh run int g0/1 | i prox
Router#sh ip int g0/1 | i Prox
Proxy ARP is enabled
I've verified that proxy ARP is actually disabled. Just opened a
TAC case
58 matches
Mail list logo
