config register 2142 means boot without config
in the rommon set config-register to 0x2102 and type restart
I'm not up on the 4948 management interface.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim
it may be that your flash is corrupt, is missing a ios image, etc...
My rommon memory is a bit fuzy atm, but you should be able to do a dir
flash: or dir /all and see what images are there. Then do a boot
imagename
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY
setup an access list with the hosts in it and port 25. use the capture
command to setup a capture on both interfaces. See which side is sending the
reset (the real host, or the firewall)
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com
of flash.
If you can't get one on ebay with that, buy a cheap one and get memory from a
third-party retailer such as memory
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
Will station-role root access-point fallback track fa 0 under the radio
interface work for you?
On 4/3/09 9:10 PM, Dan Letkeman danletke...@gmail.com wrote:
Hello,
Is there a command on an 1131ag aironet ap that allows you to disable
the ssid broadcast if there is no lan connection to the
Our cisco rep and var are pushing back on our plans to upgrade our 7600 from
sup32 to the RSP 720 with 10GE saying they are in limited production. Of
course, they are pushing us toward the ASR product line. Anyone know of any
issues with the RSP 720 w 10GE interfaces?
Matthew Huff
That's good news. That's what we heard as well. Since we are doing
box-to-box redudancy (eigrp load balancing) and not using SSO, RPR/RPR+ then
there shouldn't be an issue.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460
number of prefixes 1
Both outputs show a metric of 0. Any ideas?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
___
cisco-nsp
Ah. I didn't realize the show was before the route-map was applied. I was
trying to make sure everything was setup correctly on our side before
contacting the other ASN.
They may very well have something that zero's the metric.
Matthew Huff | One Manhattanville Rd
OTA Management
It's an SFP port rather than a copper 10/100/1000. Every Cisco SFP port fiber
or copper is 1g only.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message
Thanks. It appears that some of the fixed configuration switches that have SFP
ports can be 10/100/1000. I've never run into that, as all the SFP ports I've
seen on the 6500/7600 are fixed at 1G. I thought it was a SFP thing, but
apparently not.
Matthew Huff | One Manhattanville Rd
careful with this is the interface has high packet utilization.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun
on the 3560
int fa1/2
speed 100
duplex full
switchport
switchport mode access
spanning-tree portfast
If you are paranoid with portfast, add spanning-tree bpduguard enable
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914
It's hidden.
We ran into the same thing.
Look under the LAN Switches section, for switches, 6509, then the 6500
Virtual Switching Supervisor 720, IOS Rommmon.
It's only there, and it's the same for DFC with regular sup 720. We found
this out from a TAC case.
Matthew Huff | One
Try connecting to the serial port on both boxes and setting the name on
both, and then retrying the sync.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original
.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun...@puck.nether.net] On Behalf Of Jeff
I believe the deal with the 7201 is that you are paying for the compactness.
Also the 7204 is probably the most mass produced 72xx, so it's probably an
economy of scale, especially if you are looking at refurb.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY
x.x.x.x codec g729a
ip sla schedule 1 life forever start-time now
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun
to
proxy the ssl traffic at the source). I'd be happy to be proved wrong, but I
believe, at least for now, that Skype has won the war.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
I'm afraid you are out of look. In order to get skype 3.0 into IOS, Cisco had
to leave behind PDLM and hard code it. Even then it's pretty useless. Only
solution is to get to 12.4(22)T+
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com
. The difference is the
distribution switch is a PFC3A where the core switches are PFC3Bs. Anyone seen
this issue before? I've verified that the netflow configurations are identical,
and that the packets do have the attributes set as they pass throught he
distribution.
Matthew Huff | One
That's what I suspected, but I couldn't find a release note/tech note that
detailed that. And cisco support hasn't been helpful either, even though I
mentioned that I suspected it was a limitation of the PFC3A.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY
If you are running a newer IOS and newer ROMMON you can disable
password-recover (i.e. break during boot) using no service password-recovery.
Make sure to read
http://www.cisco.com/en/US/docs/ios/12_3/12_3y/12_3ya8/gtnsvpwd.html
completely, you can brick a router otherwise.
Matthew
access vlan 120
switchport trunk native vlan 120
switchport trunk allowed vlan 100,120,231,321
switchport mode trunk
switchport nonegotiate
end
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim
Yes, it's a problem.
do a show run | include boot system to see what the boot string says.
also do a 'show boot' and 'show redundancy'.
I bet you are missing the image on the redundant sup. Do a dir disk0: and
a dir slavedisk0: or disk1 depending on the boot string
Matthew Huff
Unless you do per-packet load-sharing (which you don't want to do since
it's cpu switched), the path is session based. If most of the traffic is
going from one source to one destination, it won't be load-shared. What do
the routing tables look like in both directions?
Matthew Huff
.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun...@puck.nether.net] On Behalf Of C and C
Not folklore.
I've had a 6509 with Sup 720-3B crash twice during OIR. Cisco claims the
first time I inserted too fast, the second time too slow. I've also had a
6509 linecard scorch the backplane due to a short. Not a fun day.
Matthew Huff | One Manhattanville Rd
OTA Management LLC
future upgrade paths to
the next-generation ACS 5.x platform.
Please see the Cisco Secure ACS 5.0 User Guide at
http://www.cisco.com/en/US/products/ps9911/tsd_products_support_series_home.
html for a more detailed comparison of ACS 4.0 and ACS 5.0.
Matthew Huff | One Manhattanville Rd
OTA
. Otherwise,
maybe your customer will learn about being pennywise and pound foolish :)
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp
being done to future proof the wiring. Most of the times the fiber never
ends up being used. Cat6a is backwards compatible with 5e, so if you are doing
a new wiring plant, that's enough future proof for the next reasonable term.
Matthew Huff | One Manhattanville Rd
OTA Management LLC
...so:
mac-address-table aging-time 14400
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp
I've been pretty happy with 12.4(24)T2. We are doing bgp, access-list,
etc...but not ospf..
12.4(24)T fixed a lot of bugs in bgp and T2 seems stable.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim
to the max
(same as a 10GB interface) fixed the problem. What happens when 100GB uplinks
appear?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
on aggregated
10gb trunks. I assume Cisco will have to come up with some new EIGRP version
that's backward compatible which will encapsulate the old metrics within a new
larger field. Anyone here anything about this yet from Cisco?
Matthew Huff | One Manhattanville Rd
OTA Management LLC
creation failed, status -1
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
not
indicate an error (it comes from an additional check on
SSO sync buffer size).
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Andrew
have any war
stories?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https
I also can't tell the difference. We've been using pairs of 3560E's as
replacement for stacked pairs of 3750G's (non-E) and are very happy
about that.
They have almost the exact same specs according to the data sheets[0]
apart from the stacking thing. And in my eyes it's wrong to pay for
(config)#crypto key generate rsa general-keys label
switch-core1.ox.co modulus 512
switch-core1(config)#crypto key zeroize rsa switch-core1.ox.co
and the phantom key will be gone.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914
The base bug is CSCtc41114. The workaround that I provided is derived from the
bugid and a cisco engineer.
-Original Message-
From: Adam Korab [mailto:adam.ko...@gmail.com]
Sent: Wednesday, January 27, 2010 5:43 PM
To: Matthew Huff
Cc: Alasdair McWilliam; Holemans Wim; cisco-nsp
or VRF, or
QinQ or any other tunneling, but we need the most flexible, best 10GB WAN
interface that can help us deal with bursting/QOS.
Any experiences, suggestions, warnings...?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914
that quarter.
-Original Message-
From: Rob Shakir [mailto:r...@eng.gxn.net]
Sent: Saturday, January 30, 2010 5:05 PM
To: Matthew Huff
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] 10GE WAN options for 7606 for market data / micro-bursting
On 30 Jan 2010, at 17:59, Pavel Skovajsa wrote
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net
http/https load
balancing? Something as simple and cheap as possible.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: David Prall
: IPv6-EIGRP(0) 14607:
Neighbor FE80::20A:F4FF:FE0E:7980 (FastEthernet0/0) is down: retry limit
exceeded
009795: Mar 18 11:05:56.597 PDT: %DUAL-5-NBRCHANGE: IPv6-EIGRP(0) 14607:
Neighbor FE80::20A:F4FF:FE0E:7980 (FastEthernet0/0) is up: new adjacency
Matthew Huff | One Manhattanville Rd
Bingo!
Yes, I agree, it's worse. I knew the 3550 only did ipv6 in software, but this
was going to be a low packet count test. Something things seem to work, but
not really.
Oh well, that division budgets won't be available to upgrade that switch until
after Sept 2011, so it will have to wait.
What type of interfaces do you need? IF just Ethernet, why not look at a 3560-E
with IP services or a 4900M
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Jeff Bacon
Sent: Friday, March 19, 2010 3:42 PM
To:
I'm having difficulty finding any details on the size of the port buffers
and/or queue type on the RSP720-3C-10GE sup card for a 7606-s. Anyone know the
queue type (receive 8q4t, transmit 1p7q4, etc...) or port buffer size (16mb,
200mb, etc..).
Matthew Huff | One Manhattanville
Thanks. That answers the QOS question, the ports have 8q8t/1p7q8t. Still
haven't found the port buffer size on them though. Is it 16mb per port like the
6704 or the 200mb like the 6708?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com
that will overwrite the
phantom, then delete it:
switch-core1(config)#crypto key generate rsa general-keys label
switch-core1.ox.co modulus 512
switch-core1(config)#crypto key zeroize rsa switch-core1.ox.co
and the phantom key will be gone.
Matthew Huff | One Manhattanville Rd
OTA Management
You need 3, preferably 4 NTP sources so that clients will work correctly. If
you have 2, how does it know which one is a better source of time? 3 gives you
a quorum, but if 1 fails, then you are back to 2. Four is the magic number.
Since you have 2 setup as strata 1, setup two boxes that use
erratic sometimes.
-Original Message-
From: Mack McBride [mailto:mack.mcbr...@viawest.com]
Sent: Tuesday, June 29, 2010 7:32 PM
To: Peter Rathlev; Matthew Huff
Cc: 'cisco-nsp@puck.nether.net'
Subject: RE: [c-nsp] NTP synchronization problems C2801
I would try using the same IOS version
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf
interface is chosen by the higher
IP.
With dynamic routing and HSRP, it's even easier to create asymetrical routing.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
interface gi3/2
To get an idea of what packets it's dropping.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun
The 6148 has 1.4MB buffers per 8 ports. Is there another port free that maybe
the group of 8 ports are less busy?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
That works with software routers/switches, but hold-queue has no positive
effect on hardware switches such as the 6500. The hold-queue will only effect
software switched packets.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone
Actually, I take some of that back. There are some circumstances where
increasing the hold queue will help, but not for buffer overruns in hardware
where microbursting is causing the overflow.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http
good at the
CEF/mfib level, and all counters show the packet count increasing, but the
packets never get forwarded out of the linecard.
Cisco engineering was able to verify this was happening, but had no solution
other than resetting the linecard. Once it was reset, everything worked.
Matthew
How about allowing igmp message in/out the interface?
permit igmp any any
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun
. Then if I need
to address individual interfaces I setup a forward A record for those, but
leave the PTR going back to the loopback name.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914
If the switch doesn't provide layer 3 services (routing) itself, but is really
a l2 switch, then you don't need multicast routing / pim, etc...However, you
should have igmp snooping on.
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
successors, FD is 512
via Connected, TenGigabitEthernet1/2
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
___
cisco-nsp mailing
Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
Matthew Huff
be fine, but accepting the command and then not working isn't okay.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun
I don't know why it never occurred to me, but on 802.1q trunk links, non-native
vlans are encapsulated within 802.1q headers, therefore max packets would have
to be fragmented. On trunks that support it, should standard practice to bump
up the mtu on both sides to account for the 802.1q header.
I have. A cisco 3750, but an older release. Must be a bug. But wanted to know
if it was a general problem overall. Doesn't look like it.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim
Cisco PIX/ASA are not routers. For example, you cannot ping from the inside
network to the outside interface, or any other simular type of test.
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Tom
Sutherland
Sent:
and will hose your network. Nothing other than control protocols should
use 224.0.0.0-224.0.0.255.
The 224.0.1.40 is for Cisco RP discovery and is normal
The 239.255.255.250 is SSDP and is a Microsoft Thing and is normal
The 239.255.255.253 is SLP and is normal
Matthew Huff | 1
If it cannot make the original connection it will show up/down
Can you route from the source to the tunnel destination and are there any
firewalls that would block the GRE protocol?
Can the destination route back to the source loopback1?
-Original Message-
From:
., what does
the interface config look like?
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun
routes and push some
traffic through it. Then add feature by feature back testing heavily each step.
If you run into a bug, you might want to look at the latest SRE train.
From: Persio Pucci [mailto:per...@gmail.com]
Sent: Thursday, July 28, 2011 3:53 PM
To: Matthew Huff
Cc: cisco-nsp
Check out the new Zone Based Firewall configuration for IOS Fw feature set.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message
exclude is disabled
From the config
-
mls aging long 64
mls aging normal 32
mls flow ip interface-destination-source
mls nde sender version 5
ip flow-export source Loopback0
ip flow-export version 9
ip flow-export destination xx.xx.xx.xx 2055
Matthew Huff | 1
cards in slots 9 through 13.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
us
the most accurate realtime look at the market data. Evidently I was wrong.
I'm sending this so that no one else will make the same mistake we did as well
as being in the nsp archives.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA
@puck.nether.net
Subject: Re: [c-nsp] WARNING: Netflow Data Export Hardware assisted NAT not
supported on 76xx/65xx on the same interface
On 08/26/2011 05:25 PM, Matthew Huff wrote:
I'm looking at using SPAN to replicate the data and send it to a
linux box to then create netflow data exports
) that won't
coexist should be pointed out very obviously in their literature.
-Original Message-
From: Dale W. Carder [mailto:dwcar...@wisc.edu]
Sent: Saturday, August 27, 2011 5:13 PM
To: Matthew Huff
Cc: 'cisco-nsp@puck.nether.net'
Subject: Re: [c-nsp] WARNING: Netflow Data Export
To: Matthew Huff; 'Dale W. Carder'
Cc: 'cisco-nsp@puck.nether.net'
Subject: RE: [c-nsp] WARNING: Netflow Data Export Hardware assisted NAT not
supported on 76xx/65xx on the same interface
Matthew said:
If it was made apparent, could you point to any public documentation that
states that? I've scoured
Netflow *collection* of flows traversing the NAT-ed interface. Sorry, I can see
why that would be confusing.
-Original Message-
From: Gert Doering [mailto:g...@greenie.muc.de]
Sent: Sunday, August 28, 2011 5:14 AM
To: Matthew Huff
Cc: 'Dale W. Carder'; 'cisco-nsp@puck.nether.net
Bottom line: you *should* be able to trust vendor marketing, but you
*can't*, and I strongly advise you don't, for Cisco or any other vendor
- they simply don't convey accurate information reliably enough :o(
I agree. Caveat Emptor.
I would understand the limitation if I was using some
in ios.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun
clients
use the new EPSV verb without failing back correctly to PASV even over ipv4
connections (RFC2428). I've run into this a few times especially with older
cisco load balancers.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC
I have also run into some hosts with optimized udp offloading and/or streams
offloading that will send a small percentage of packets outbound out of order,
especially on hosts that have IRQ balancing algos. So if the host is out of
order
-Original Message-
From:
One thing to be aware of is that currently the ASA doesn't support setting the
managed or other flag for the RA for ipv6 for DHCPv6 support. This is supposed
to be fixed in the next release for the ASA real soon now (tm).
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
to
mitigate this?
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff| Fax: 914-460-4139
___
cisco-nsp mailing list cisco-nsp
burst.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Chuck Church [mailto:chuckchu...@gmail.com]
Sent: Friday
To: Matthew Huff; 'cisco-nsp'
Subject: RE: [c-nsp] Weird Multicast microburst amplification issue
Can you move the source server over to switch B to see if the problem
still exists on switch B then, or moves to switch A? Anything showing
up in the logs?
Chuck
-Original Message
Yes, only the correct stream. I've opened a case with Cisco. I'm suspecting
that the multicast replication engine is doing something that causes it to
amplify the bursty nature of the traffic causing the microburst overruns.
Matthew Huff | 1 Manhattanville Rd
Director
120Mbps and/or 12,000 pps output on the port.
Other than moving to 10GB, I don't see any solutions. Given the 6748 buffer
size, I'm surprised it's overrunning it at this volume.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC
like the data rates
are killing the port buffers. I was hoping that the 6500/sup720 with 6748 would
handle 120Mbps, 12k pps multicast, but it doesn't look like it.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone
), drift is 0.00180 s/s
system poll interval is 512, last update was 1219 sec ago.
switch-core1#show clock detail
12:29:18.402 EST Sun Jan 8 2012
Time source is NTP
Summer time starts 02:00:00 EST Sun Mar 11 2012
Summer time ends 02:00:00 EDT Sun Nov 4 2012
Matthew Huff | 1
.
So, setting up an acl and defining ntp acess-group peer xxx solves the issue.
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On
Behalf Of Matthew Huff
Sent: Sunday, January 08, 2012 12:30 PM
To: 'cisco-nsp@puck.nether.net
What is the type of data? Is it bursty? Is the data coming from an bigger pipe
upstream?
You are likely hitting microbursts. The traffic levels you state are measured
over an interval (30 seconds minimum probably). During peak activity you can
easy overrun the buffers on the 6748 if your
, January 28, 2012 12:39 PM
To: cisco-nsp@puck.nether.net
Cc: Matthew Huff
Subject: Re: [c-nsp] Outbound drops on 6748
On Sat, Jan 28, 2012 at 4:45 PM, Matthew Huff mh...@ox.com wrote:
You are likely hitting microbursts. The traffic levels you state are
measured over an
interval (30
at Arista.
-Original Message-
From: Robert Hass [mailto:robh...@gmail.com]
Sent: Saturday, January 28, 2012 12:52 PM
To: Matthew Huff
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Outbound drops on 6748
On Sat, Jan 28, 2012 at 6:42 PM, Matthew Huff mh...@ox.com wrote:
Cisco
Smith [mailto:d...@eatworms.org.uk]
Sent: Saturday, January 28, 2012 2:27 PM
To: Matthew Huff; cisco-nsp@puck.nether.net
Subject: RE: [c-nsp] Outbound drops on 6748
Its user web browsing (no multicast) and the flow is :-
Clients - ACE (load Balance)- 6748 - Appliance - 6748 - 6708
Go into your recursive DNS server. Add a blank authoritative forward zone for
google.com. Boom, it's dead to you.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914
have to find out yourself.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
1 - 100 of 159 matches
Mail list logo
