Well the original script that I just posted also has the option to check
powersupply's,fans and temp using the cisco option instead of ciscoSW
further more I check:
Routing Engine CPU
Routing Engine Memory
Supervisor Engine CPU
Supervisor Engine Memory
some BGP sessions and some interfaces
BTW,
Always keep in mind there's the Linux option, one day it might be the right
choice for admins...
Users? They'll get used to it, they're like farm animals, they'll eat what you
give them and eventually learn to love it... :)
Ziv
-Original Message-
From: [EMAIL PROTECTED]
The following two could probably help you too:
remote command switch xxx
remote login switch
--
Tassos
David Prall wrote on 25/3/2008 11:05 μμ:
Switch console can only be done from catos. You want to find and entry that
has a mac address within the cisco range. What does sh cdp neighbor give
Hi,
I have a setup which consists of a IOS based router connecting to a
ASA5500 firewall device.
I've got it working in network extension mode but it requires user
interaction on the router, heres a cut from the log:
*Mar 3 02:50:28.823: EZVPN(EASYVPN): Pending XAuth Request, Please
enter the
Hello!
I there any way to set some dscp value to packets originating
from Cisco IOS itself? I mean syslog messages, netflow data export,
snmp messages, icmp and so on. I know about default cs6 marking
for routing protocols, but it is not all traffic :)
Could anybody point me to right
Hi,
You need isakmp ikev1-user-authentication none under tunnel-group
myGROUP ipsec-attributes. It is advisable to have another group for
Easy VPN peers and not mix them with users if you use XAUTH - the
latter is used for user authentication while IKE is used for device
authentication.
On Wed, Mar 26, 2008 at 02:36:56PM +0200, Dmitry Kiselev wrote:
Hello!
I there any way to set some dscp value to packets originating
from Cisco IOS itself? I mean syslog messages, netflow data export,
snmp messages, icmp and so on. I know about default cs6 marking
for routing protocols,
Thanks, Peter!
- Original Message -
From: Peter Rathlev [EMAIL PROTECTED]
To: Adam Greene [EMAIL PROTECTED]
Cc: cisco-nsp@puck.nether.net
Sent: Tuesday, March 25, 2008 6:42 PM
Subject: Re: [c-nsp] pvst+ r-pvst (WAS Re: mst pvst)
On Tue, 2008-03-25 at 17:53 -0400, Adam Greene wrote:
The FWSM isn't a half-assed ASA. It is a firewall-only module. It doesn't
have the VPN capabilities of the ASA, obviously does not have modules you
can add like an IPS or CSC, and is strictly a firewall. It also lags behind
in features; you'll notice that the FWSM is one or two features behind
I believe those commands are for Native IOS, to get to the switch processor,
where you can do nifty things like a packet capture if you know the
commands. For Hybrid CatOS/IOS you'd have to go from the SP to the RP.
Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
Senior Network Engineer
Coleman
Hi,
The FWSM works really at high bandwidth rates and integrates quite
well into a Catalyst (no cabling, your choice of being in front of
MSFC or behind, etc.) as long as you do not exceed limits on ACEs, see
Hi,
I would like to monitor the Optical Power in the Ten Gigabit interface.
I use this command : show int teX/y transceiver.
On some interfaces I've a answer :
1#sh int te2/1 transceiver
Transceiver monitoring is disabled for all interfaces.
ITU Channel not available
Hello!
On Wed, Mar 26, 2008 at 02:15:46PM +0100, Reinhold Fischer wrote:
I there any way to set some dscp value to packets originating
from Cisco IOS itself? I mean syslog messages, netflow data export,
snmp messages, icmp and so on. I know about default cs6 marking
for routing
Dmitry Kiselev wrote on Wednesday, March 26, 2008 3:06 PM:
Hello!
On Wed, Mar 26, 2008 at 02:15:46PM +0100, Reinhold Fischer wrote:
I there any way to set some dscp value to packets originating
from Cisco IOS itself? I mean syslog messages, netflow data export,
snmp messages, icmp
What I'll add to this is that just like any other Cisco product, if you
know of a feature that really should be available, dont hesitate to let
your account team know about them. I've been in regular contact with them
to try to get a handle on some things that could be improved in the SNMP
Optics have to be DOM Compliant.
http://www.cisco.com/en/US/docs/interfaces_modules/transceiver_modules/compa
tibility/matrix/OL_8031.html
http://tinyurl.com/2jedp2
David
--
http://dcp.dcptech.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Those are both commands available in Native IOS. I don't know if they are
available in Hybrid, although it would be nice to know if they were.
--
http://dcp.dcptech.com
-Original Message-
From: Tassos Chatzithomaoglou [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 26, 2008 6:40
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS
VPN, and Supervisor 32, Supervisor 720, or
Route Switch Processor 720
Advisory ID: cisco-sa-20080326-queue
http://www.cisco.com
Hi folks.
Looking for some input on a network design. Today, pair of 6509's with
Sup2/MSFC2 and a Cisco 12012 GSR make up the distribution and core routing.
What I'm considering is removing the 12012 because of the space it consumes
(does all BGP today) and replacing it with a pair of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network
Denial of Service Vulnerability
Advisory ID: cisco-sa-20080326-pptp
http://www.cisco.com/warp/public/707/cisco-sa-20080326-pptp.shtml
Revision 1.0
This one is a real head scratcher for me. I've got two 7206s, both running
c7200-p-mz.123-22.bin, both with identical PAs. One is in production, the
other is a hot spare. I got frustrated enough with trying to get QoS set up
that I pulled this config line for line from an example on CCO:
Hi,
On Wed, Mar 26, 2008 at 12:02:15PM -0400, Paul Stewart wrote:
What I'm considering is removing the 12012 because of the space it consumes
(does all BGP today) and replacing it with a pair of 7606's Sup720-3BXL etc
For BGP edge that's feeding 3 full BGP transit feeds and a couple hundred
Thanks Gert... appreciate your open approach to this ;) I'm hoping to
sell some ideas internally on a 5 year plan long time to justify
anything it seems anymore...
Is there a GSR/switch combo I could use intead? We've had GSR's and they
are rock solid, turn them on and forget them boxes ...
Or you may want to look into the new ASR routers. They are supposed to be
positioned between the 7200's and the 7600's, but it doesn't sound like you
are really pushing that much traffic through the system. If you need it
now it's probably not an option, but if you are looking to what would be
I have the following topology
Router 1(AS65501) - Router 2 (AS123) - Router 3 (AS456) - Router4
(AS65504)
Router 1 is my site (private AS)
R2 is network provider (public AS - I cant change config)
R3 is my other site (public AS)
R4 is end customer (private AS)
Router 1 advertises network
Check the TX Ring limit. The TX Ring is the number of particles/packets
that queue in the hardware queue before being transmitted out of the
interface. If this is set too big you can experience problems with packets
seeming to be placed and process through the Priority queue, when in fact
they
On Wed, March 26, 2008 4:34 pm, neal rauhauser wrote:
!production box - will have nothing to do with a policy being placed on
the
PVC
interface ATM2/0.98004 point-to-point
description Irritated Customer, LLC
ip address 192.168.209.253 255.255.255.252
pvc 5/54
protocol ip
Thanks for the information. Do the routers maintain a timestamp of when
they last updated their MIB. The time difference between the updates
will give me a good indication of the average traffic being observed by
the router.
Thanks,
-Proveen
-Original Message-
From: [EMAIL PROTECTED]
Hi,
Investigating scalability of this feature (and potential issues). Any
real field example?
http://www.cisco.com/en/US/docs/ios/12_2s/feature/guide/fs_subcv.html
Tks,
Alaerte
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
Hi folks.
I have a chance to pickup some WS-SVC-NAM-1 modules at a *very* good price -
have looked at them before and think they'll meet some of our needs..
Anyways, the WS-SVC-NAM-2 is later, greater etc. but according to Cisco's
website the WS-SVC-NAM-1 is still current product but just with
Be very mindful of features here. The feature list for all but certain
large carriers is pretty slim pickens.
From: Fred Reimer [EMAIL PROTECTED]
Date: Wed, 26 Mar 2008 13:22:37 -0400
To: Gert Doering [EMAIL PROTECTED], Paul Stewart [EMAIL PROTECTED]
Cc: cisco-nsp@puck.nether.net
Router 1(AS65501) - Router 2 (AS123) - Router 3 (AS456) - Router4
(AS65504)
I would use the *neighbor x.x.x.x remove-private-as ***command but
understand that this doesn't work if you have public and private AS numbers
in the path.
I think it would work ok, but this command shoudl be used
Hello All:
-Original Message-
From: [EMAIL PROTECTED] [mailto:cisco-nsp-
[EMAIL PROTECTED] On Behalf Of Bruce Pinsky
Sent: Tuesday, March 25, 2008 3:54 PM
To: Wayne Lee
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] bgp transit, selecting providers based on source
IP
* PGP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael K. Smith - Adhost wrote:
...snip...snip...
The answer to this may be no way. :-) If you have a peering session
with the customer, why not only announce your routes from your two other
providers so that the customer doesn't see the
We just upgraded our sup from 720-3B to 720-CXL on 6500 running
12.2-33SXH1
We were using User Based Rate Limiting UBRL and all was working.
QOS is enabled.
I have a class map to match just the source address of hosts on a
subnet that have a dst to any.
The policy-map matches the class
...snip...snip...
The answer to this may be no way. :-) If you have a peering
session
with the customer, why not only announce your routes from your two
other
providers so that the customer doesn't see the routes from the one
they
want to avoid? Wouldn't that accomplish the same
Absolutely, that's why I said if you need it now it is probably not an
option. However, that will change with time. I expect the feature list to
be mostly complete a year from now. If it is a question of long-term
planning then the platform should be considered.
Fred Reimer, CISSP, CCNP,
Dear All,
I am having to mix fabric and non-fabric enabled line cards on a single
chassis.
These are my line cards:
WS-X6704-10GE
WS-X6408A-GBIC
WS-X6148-GE-TX
What's the theoretical maximum expected throughput in running with mix
fabric line cards ?
Also, what will be the optimal and the
I've been bashing my head against the wall all day for a definitive
answer on this:
On a Cisco switch that supports QinQ (3550, 3750, ME3400, 3560 etc)
What is the _minimum_ value I need to set the system MTU to, to do
QinQ? 1504? 1522? 1526? 1546?
I can't seem to find one concise
Before applying the policy under your pvc specify the bandwidth in
your ATM subint and make sure it's within the reserved range,
otherwise use max-reserved-bandwidth x to accommodate it, I feel your
pain as i've experienced the whole apply the policy it takes it then
when you go to view it
I tend to run into this table often and has been a good reference for
me.
This table relates specifically to system MTU:
http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note
09186a00801350c8.shtml#topic2
This would suggest 'system mtu 1504' would be appropriate.
1504 is the system mtu you want, however i'd find a higher common
value between your switches incase you choose to run mpls down the
track, or anything else that is going to add to your frame size.
Ben
On 27/03/2008, at 9:31 AM, Dan Armstrong wrote:
I've been bashing my head against the
Since 1500 is the default and 1504 is by default supported on 802.1q trunk
links, i guess 1504
should be the correct value for 802.1q tunneling. I guess the ethernet header
is not counted by default.
My proposition? Use something that covers all of them (i.e. 1600 for GE, 1546
for FE) and (as
The reason I don't want to raise it too high - is if we're selling TLS
services to a customer, (ie a VLAN provisioned on 2 ports on different
switches, carried across our core/trunks) - I don't want them being able
to send any packet larger than 1500 byes.
A bit bigger wouldn't be a problem,
I've decided I do not like Router Wednesday
1 or 2 advisories in a day and you will probably read them thoroughly, like
you should.
5 or more of them more or less altogether and I think a lot of people will
only start binning them, as we don't have the time to dedicate to reading 5
fairly long
Your better off just running system mtu 1504(if you want to deliver
QinQ to customers) and then specifying the larger mtu frames on your
trunk interfaces, this still restricts your customer access ports to
1504 while allowing you to run what you need, jumbo frame mtu on an
interface will
On Thursday 27 March 2008, Tassos Chatzithomaoglou wrote:
I still haven't found any reason for keeping a low MTU on
L2 switches (although i don't know if any L2 protocols
can generate such large frames which could possibly get
dropped in a 1500 link).
We have gone with 9,000 bytes across the
On Thu, 27 Mar 2008, Whisper wrote:
I've decided I do not like Router Wednesday
1 or 2 advisories in a day and you will probably read them thoroughly, like
you should.
5 or more of them more or less altogether and I think a lot of people will
only start binning them, as we don't have the
Gary
Wasn't this router Wednesday only a month or so worth of updates, if that?
If so, imagine 6 months worth!
I guess we get to find out what it is really like at the end of September
2008.
On Thu, Mar 27, 2008 at 1:18 PM, Buhrmaster, Gary [EMAIL PROTECTED]
wrote:
For example one of the
I seem to recall there was a command that allowed a router to still
cef switch packets when the next hop was an interface rather than an
ip address, ie an ADSL client dialer interface with ip route 0.0.0.0
0.0.0.0 d0
Am I dreaming or was there a command which still allowed this to be
cef
50 matches
Mail list logo
