Hello everyone,
I have a quite weird problem I cannot wrap my head around. I think it's
an annoying bug, but I'm not sure.
We are currently experimenting with MPLS in our network. The first use
will be L3VPN to get rid of some multi-step PBR when our clients with
RFC1918 addresses want to go to t
Hey everyone,
just a quick question, can anyone confirm or deny that NX-OS 6.1(2) (or
(3)) MPLS P-Routers do not answer to normal traces with propagate-ttl
set (which is the default)?
csr1-kra# traceroute 129.187.0.9
traceroute to 129.187.0.9 (129.187.0.9), 30 hops max, 40 byte packets
1 * * *
Bernhard Schmidt wrote:
> vss1-2wr#sh mls cef mpls labels 875
>
> Codes: + - Push label, - - Pop Label * - Swap Label, E - exp1
> Index LocalLabel Out i/f
>Label Op
> 8009 875 (EOS)(-)recirc
/guide/mp_mpls_ping.html#wp1078363
Interesting read, thanks. But unfortunately that does not change the
behaviour.
Best Regards,
Bernhard
On Tue, Mar 12, 2013 at 6:57 PM, Bernhard Schmidt mailto:be...@birkenwald.de>> wrote:
Hey everyone,
just a quick question, can anyone conf
On 13.03.2013 12:18, Tóth András wrote:
Hey,
> It could be CoPP related as well if that's dropping packets arriving to
> the control-plane. If you have upgraded the N7k from an older release
> (4.x or 5.1) you might not have all the latest and necessary CoPP rules
> in the policy-map and class-ma
Phil Mayers wrote:
Hello Phil,
>> Also a good guess, but it's a fresh installation of 6.1(2) and I've
>> verified that there is indeed a CoPP entry for "match protocol mpls".
>> The class is not dropping a lot of traffic.
> I'm assuming you're aware of the way traceroute works for P-routers,
>
John Elliot wrote:
> Just wondering if anyone has used this product? (http://netflowauditor.com/)
> Any comments/experiences are greatly appreciated.
I would not touch them with a stick. They have been spamming one of my
addresses for the last couple of years and keep doing so despite several
co
Tim Durack wrote:
> Can anyone explain: ipv6 nd prefix no-onlink
>
> Does this mean nodes using this prefix should send all traffic to the
> router, even if the traffic might really be "onlink"? (This is an Ethernet
> segment.)
Correct. Watch out that 6500 (SXJ) also drops the connected route f
Hi,
has anyone already tested NX-OS 6.2(2) on N7k with VRRPv3 and IPv6? I
have it running in the lab on a VPC pair and I always get exactly 15s
loss when the master changes to another host. Both logs look absolutely
okay, VRRP state is okay, the neighbors see each other
2013 Aug 28 08:39:28 cvr1-
Hoi,
I have started testing VPLS on N7k 6.2(2) with VLAN-based VFI membership
and I have some problem with IPv6 in the VLAN due to some/most multicast
frames getting dropped, which breaks neighbor discovery quite badly.
Unicast and Broadcast seem to be unaffected.
The topology/configuration is qu
I had the same issue when
manually linking a VFI on a non-vPC N7k with a 6500 xconnect.
Regards,
Bernhard
Configs and CE facing and core facing line cards?
On Fri, Sep 6, 2013 at 9:43 AM, Bernhard Schmidt mailto:be...@birkenwald.de>> wrote:
Hoi,
I have started testing VPLS o
Hi,
we have a ME6524-GT series in a remote location that keeps dying on us
every couple of weeks. Symptoms are:
* All routing protocols and LLDP time out on our side
* Physically the box looks fine, Status LED and even the link LEDs are
still green
- I cannot really say something about the ph
Bernhard Schmidt wrote:
> we have a ME6524-GT series in a remote location that keeps dying on us
> every couple of weeks. Symptoms are:
>
> * All routing protocols and LLDP time out on our side
> * Physically the box looks fine, Status LED and even the link LEDs are
> s
Hi,
I have a few 6500 Sup720/3BXL boxes running various releases of
12.2(33)SXI and SXJ that seem to drop all IPv6 fragments in transit as
soon as CoPP is enabled. There are no CoPP drops logged. Even when I
remove all police lines from the policy-map the packets still get
dropped. As soon as I di
Phil Mayers wrote:
>> I have a few 6500 Sup720/3BXL boxes running various releases of
>> 12.2(33)SXI and SXJ that seem to drop all IPv6 fragments in transit as
>> soon as CoPP is enabled. There are no CoPP drops logged. Even when I
>> remove all police lines from the policy-map the packets still
Grzegorz Janoszka wrote:
> On 29-06-11 17:04, Bernhard Schmidt wrote:
>> I have a few 6500 Sup720/3BXL boxes running various releases of
>> 12.2(33)SXI and SXJ that seem to drop all IPv6 fragments in transit as
>> soon as CoPP is enabled. There are no CoPP drops logged. Even
Richard Gallagher wrote:
> Sup720 appears to be unable to handle the ipv6 fragments in HW,
> therefore they will be sent to the CPU to be processed, if CoPP is on
> and there are matching entries they will be matched and potentially
> policed/dropped.
>
> CSCsa78144 covers some of the details of
Grzegorz Janoszka wrote:
> Richard Gallagher's suggestion about CSCsa78144 was really helpful in
> our case and helped. Thanks!
FWIW, "platform ipv6 acl fragment hardware forward" fixed the drop for
me as well. But I still cannot see why it dropped before, since CoPP was
not dropping a single pa
Grzegorz Janoszka wrote:
Hi,
> On 29-06-11 23:08, Bernhard Schmidt wrote:
>> FWIW, "platform ipv6 acl fragment hardware forward" fixed the drop for
>> me as well. But I still cannot see why it dropped before, since CoPP was
>> not dropping a single packe
Hey,
we're currently labbing Nexus 7k as replacement for Sup720 in our campus
enviroment and have hit a weird issue. In the lab the SVI counters
looked good enough, but now we have moved it into limited production.
Three 10GE interfaces, all of them .1q trunks, two have dedicated OSPF
vlans to ne
Hey,
just a quick heads up, maybe someone is hitting that, too. Since
upgrading our test Nexus 7000 from 5.2(1) to 5.2(3) this morning we have
a failover due to a crashing vlan_mgr process every hour. It turns out
"sh vlan" (which is executed by RANCID every hour) reliably kills the
box.
2011 Dec
Bernhard Schmidt wrote:
> just a quick heads up, maybe someone is hitting that, too. Since
> upgrading our test Nexus 7000 from 5.2(1) to 5.2(3) this morning we have
> a failover due to a crashing vlan_mgr process every hour. It turns out
> "sh vlan" (which is execute
Bernhard Schmidt wrote:
>> just a quick heads up, maybe someone is hitting that, too. Since
>> upgrading our test Nexus 7000 from 5.2(1) to 5.2(3) this morning we have
>> a failover due to a crashing vlan_mgr process every hour. It turns out
>> "sh vlan" (whic
Bernhard Schmidt wrote:
> Now "show vlan" works fine, so if someone wants to reproduce I guess you
> should ISSU from 5.2(1) to 5.2(3), then execute "show vlan".
Update, according to TAC it could be related to having the default
reserved VLAN range moved with the com
Hi,
is anyone using the cbQosClassMapStats table from
CISCO-CLASS-BASED-QOS-MIB to get graphs for QoS service policies?
I have two pairs of 6500-class systems that have almost the exact same
configuration (minor differences in firmware versions and IP addresses).
These pairs are
Sup720-3BXL 12.2
Hello,
we have several ASA 5540 running 8.4(3) (among) others for SSLVPN
termination of our students. We have a long standing issue where the ASA
does _not_ originate proper ICMP-too-big messages back to the sender
when a packet with DF-bit set addressed towards a VPN client is
received. The packe
Paul Stewart <[EMAIL PROTECTED]> wrote:
Hello Paul,
> We have our first IPv6 block advertising to the world (for quite a while
> now) and have started to actually route some small blocks of it internally
> via OSPF. Our /32 is advertised via eBGP no problem and the world can see
> it..
>
> Inter
Hello everyone,
we want to use a Cisco 2821 as SIP-PSTN media gateway and PRI switch for
a slow migration from an old PBX to a VoIP PBX (Asterisk)
| E1 carrier
+--+---+
| Cisco 2821 + IP/SIP to Asterisk
+--+---+
| E1 old PBX
Required key feature is forwar
Brett Looney <[EMAIL PROTECTED]> wrote:
>> we want to use a Cisco 2821 as SIP-PSTN media gateway and PRI switch
>> for a slow migration from an old PBX to a VoIP PBX (Asterisk)
>
>> CISCO2821-V/K9 2821 Voice Bundle,PVDM2-32,SP Serv,64F/256D
>> VWIC-2MFT-E1 2-Port RJ-48 Multifl
Tolstykh, Andrew <[EMAIL PROTECTED]> wrote:
> Link to the release notes / new features etc.
>
> http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/rel
> ease/notes/ol_14271.html#wp4208036
Cisco promised us a lot of new IPv6-related features for SXI, including
IPv6 policy-based r
Tim Durack wrote:
Hi,
I was hoping that
> http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/vss.html
>
> "Software Features
>
> With some exceptions, the virtual switching system has feature parity
> with the standalone Catalyst 6500 series switch. Major
Saku Ytti wrote:
> It turns out, I haven't been able to really connect to ftp.cisco.com
> lately. This problem has persisted at least from 14th day, but may
> have been there earlier.
> With some persistence you can get some directory listings out from
> there, but for all purpose and intent it s
On 06.03.2009 23:45, Gert Doering wrote:
On Fri, Mar 06, 2009 at 08:01:02AM +0100, Stig Johansen wrote:
Because of the borked ftp.cisco.com, I have generally used
ftp-sj.cisco.com instead, and it works just fine "all the time".
Unfortunately, it doesn't. ftp-sj is also balanced to 4 different
Hi,
I'm currently trying to configure NAT-PT to allow our IPv6-only clients
to access IPv4 hosts. We've bought an 2811 for this task (among others)
and I tried following
http://www.cisco.com/en/US/docs/ios/12_2t/ipv6/SA_natpt_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1073195
http://
Bernhard Schmidt <[EMAIL PROTECTED]> wrote:
> I'm currently trying to configure NAT-PT to allow our IPv6-only clients
> to access IPv4 hosts. We've bought an 2811 for this task (among others)
> and I tried following
Okay, I have to test these thoroughly tomorrow, but my
Hello everyone,
we are having a pretty serious problem with one of our boxes.
6509
2* WS-SUP720-BASE + WS-F6K-PFC3B running 12.2(33)SXH1 modular
1* WS-X6704-10GE
2* WS-X6724-SFP
2* WS-X6408A-GBIC
1* WS-SVC-NAM-2
1* WS-SVC-FWM-1 running 3.1(4)
The FWSM has 10 contexts in routing mode and 4 conte
Justin M. Streiner <[EMAIL PROTECTED]> wrote:
>> The only thing that seems to help in this mess is to reboot the FWSM.
>> Reload on the FWSM console does not work by the way (it seems to hang),
>> I had to use "hw-module module 9 reset" every time this happened so far.
>>
>> Anyone having any idea
Grzegorz Janoszka wrote:
> We recently upgraded one of our routers to 12.2(33)SXI3 (from SXF). Soon
> after the upgrade one of our customers complained that he started to see
> RA messages. From the beginning on his interface we have "ipv6 nd ra
> suppress", I added "ipv6 nd ra mtu suppress",
Hi,
first of all, I'm well aware of the limitations of 2960 series with
external RPS, they are only used here to have the very small advantage
to choose when the outage will be.
2* 2960G with RPS-2300 and dual powersupply. 2960 is on external power
feed. Is there any way to get back on the intern
39 matches
Mail list logo
