Re: [c-nsp] 6509 with SUP720-3BXL and WS-X6704-10GE with DFC3BXL

On Sat, Jan 5, 2013 at 12:39 AM, Lee Starnes wrote: > s72033-advipservicesk9_wan-mz.122-33.SXH. Aside from the fact that the IOS > is older, does anyone see any issues with this IOS and SUP working with the > WS-X6704-10GE? It will work without problems. I used same configuration some time ago (

Re: [c-nsp] ASR-100x intro

On Sat, Jan 5, 2013 at 12:09 PM, Charles Sprickman wrote: > We're tentatively shopping around, and I'm looking for that sort of > information on the ASR lineup. The 1002 and 1002-X look very interesting on > paper, but I'm not finding much about what folks in a small service provider > role ha

Re: [c-nsp] cisco interface shutdown detection, how is possible?

On Sat, Jan 5, 2013 at 12:44 PM, h bagade wrote: > Hi all, > > I was wondering how Cisco routers could detect the directly connected > interface at the other end is shutdown! You can use IP SLA/tracking based on ping remote side - same as in UNIX box. Rob

Re: [c-nsp] ASR-100x intro

On Sat, Jan 5, 2013 at 1:32 PM, Charles Sprickman wrote: > We're doing lots of ethernet aggregation - both metro-e services and DSL/EoC > (delivered over GigE, one vlan per customer, no PPPoe - straight bridging). > The people on the other end of these circuits are all customers, we're not an

Re: [c-nsp] ASR-100x intro

On Sat, Jan 5, 2013 at 2:17 PM, Jon Lewis wrote: > For an ethernet-only operation, the 6500/sup720-3bxl delivers considerable > packet forwarding/$ (lots of parts in the used channel). Its biggest > weaknesses would likely be netflow (having to do sampled if you're doing You can add weaknesses i

Re: [c-nsp] ASR-100x intro

> 6500 is LAN/DC services switch, there's no need for HQoS in that > scenario usually. MX80 is a router and doesn't offer HQoS, which is > a worse problem. With Sup2T in 6500 you can pack a pretty good QoS > capabilities, it lifts the uRPF restrictions of previous generations, Lukasz, MX80 has HQo

Re: [c-nsp] ASR-100x intro

> * You can buy them in bundles which are considerably cheaper than buying a > base ASR1001 and adding all the licensing, so we purchased the broadband > bundle which included a 4000 subscriber license (for ISG/BRAS features). > We upgraded it from the base 4GB to 8GB of RAM as we needed to be able

[c-nsp] Memory upgrade for ASR1001 - 3rd party

I want extend ASR1001 memory to 8GB or best 16GB but at low possible cost - so 3rd party modules ;) I'm looking for tested part-numbers/vendors for memory chips in ASR 1001. Thanks Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.n

Re: [c-nsp] ASR-100x intro

On Sun, Jan 6, 2013 at 1:16 AM, Scott Pettit wrote: > Hmm, perhaps I was incorrect - the old ESP2.5 appears to have been made > End of Sale since July 2012. I just checked our ASR and it's showing 5G > throughput. > > #show platform hardware throughput level > The current throughput level is 5000

[c-nsp] MSTP and Instance 0

Hi I just want to be sure - should I have all my VLANs in different instances than 0 and leave instance 0 to connectivity to non-MSTP segments (eg. to STP, PVST or Rapid STP/PVST). Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.ne

Re: [c-nsp] ASR-100x intro

> It's either 1M for IPv4, 1M for IPv6 or some mix of it, depending on your > requirements. Is it also apply for ASR 1001 FIB capacity (2.5G Base System) ? Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listin

Re: [c-nsp] ASR-100x intro

> It applies to all ASR 1000 systems. The numbers are given as a > "maximum, up to". So last question just for confirmation: If this applies to all ASR 1k family then also for old ASR 1002-F ? Before I noticed that this model has 512K FIB for IPv4. Rob ___

Re: [c-nsp] 2960 -> 4948 - no more drops :)

> We recently upgraded a 2960G(Only doing L2) that was hitting ~500Mb/sec on > one port, and we were seeing 40,000+ output drops (5Min) - Since the swap to > the 4948, we see zero output drops. Is the difference in performance purely > buffer size? I *think* the 2960 has 1.9Mb (Per ASIC) and th

Re: [c-nsp] Next step-up from 7206VXR

On Tue, Feb 19, 2013 at 9:43 PM, Eric A Louie wrote: > I've run out of port capacity on my 7206VXR and need to go to "the next > router" > or put in another 7206VXR side-by-side. ASR1001 or ASR1002-X Rob ___ cisco-nsp mailing list cisco-nsp@puck.neth

[c-nsp] Cisco CSR 1000V availability

Hi Do anyone know when Cisco CSR 1000V will be available to download from CCO? Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Cat6500 VSS

How Virtual-Chassis on Juniper EX8200 is different than Catalyst 6500 (Sup2T) VSS ? Are both have shared control-plane ? How about stability of Virtual-Chassis and VSS on latest software releases ? I would like to implement core layer using EX8200 or Cat6500 (two core switches). Each core dev

Re: [c-nsp] Meraki? is anyone there testing it?

Hi I used Meraki for the moment. Management interface is easy and very nice. But wireless capabilities or Meraki didn't impress me. We had better results with old Cisco 1130 APs + 4400 WLC or cheap Ubiquity Unifi. Good way to go is AP2600 + WLC or some third party e.g. Ruckus. Rob On Tue, Sep 1

[c-nsp] FIB capacity on GSR LC 4GE-SFP-LC

Hi What is maximum FIB capacity on old GSR linecard SKU: 4GE-SFP-LC= ? Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] VSS and just one 10GE link

Hi Can I configure VSS on two 6500 using just one 10GE port ? Is it possible ? I have to configure VSS now using just one 10GE for chassis interconnect, and later will add 4 ports after additional linecards and X2 will arrive. BTW. I'm using 2T. Rob __

[c-nsp] ASA5512/K9 licensing for GigabitPorts

Hi Do I need any special license (like SECPLUS) for ASA5512/K9 for Gigabit Ethernet ports ? Ports went down when we set manual speed 1000 Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive

Re: [c-nsp] micro bursts

> The best way to track for this is to just watch the output drops on an > interface. (This can be done via SNMP polls). Could you give me idea which OID should I poll for counting output drops ? Thanks, Robert ___ cisco-nsp mailing list cisco-nsp@puc

Re: [c-nsp] Small network Route Reflectors?

On Tue, Mar 15, 2011 at 4:51 PM, Phil Mayers wrote: > I looked into this a while back; the 29xx with DATA license seemed ideal, > but it's a shame they're single PSU. For RR (BGP, IS-IS) IP Base is just fine. You don't need DATA license. Robert ___ cis

Re: [c-nsp] Small network Route Reflectors?

2011/3/15 Peter Rathlev : > Other than that I'm not sure what the problem is, simply because I have > very little experience with IPv6[0]. Can anyone elaborate on that part? > Is it related to multi-topology or some other (for me) strange things? > Pardon me for changing the subject here. Why woul

Re: [c-nsp] Small network Route Reflectors?

On Tue, Mar 15, 2011 at 11:08 PM, Peter Rathlev wrote: > As far as I know they wouldn't need to support anything not in IP Base. > It does seem to support MP-BGP, which is a requirement for an MPLS VPN > RR, and IS-IS. AFAIK As long as you don't need LDP or MPLS TE then IP Base is just fine. Ro

Re: [c-nsp] Small network Route Reflectors?

On Wed, Mar 16, 2011 at 9:34 AM, Phil Mayers wrote: > Hmm. I definitely came away with the idea you needed DATA, but I can't > remember why; which of course makes the conclusion suspect! If someone have working config. I can apply it to our of our 2900s in the LAB. We will see if DATA is require

Re: [c-nsp] Supported Modules / Linecards for 7600 Series

On Mon, Jun 6, 2011 at 11:16 AM, Florian Kuehn wrote: > Do the Ethernet line cards of the 6500 series also fit into 7600 series? > Other links appreciated. Yes. You can use 6500 linecards in 7600 (eg. WS-X67xx CFC/DFC series cards). Exception are new linecards designed for Sup-2T (PFC4/DFC4 base

Re: [c-nsp] sup2T software & release notes have hit

> The 6708 card isn't mentioned elsewhere on the page. Specifically not in > "Table 6. DFC4 Field Upgradable Linecard". Anybody know what that means? > Do we have to buy new 6908 cards instead? Or will there be a field > upgrade? As 6708 is DFC-only (same as 6716) and cannot work in CFC due to lac

[c-nsp] SUP-2T and ingress netflow + microflows policing

Hi I'm currently using 6500 with SUP720 and 67xx CFC linecards (mainly almost all are 6704-10GE). Is SUP-2T (PFC4) changes anything about possible simultaneous features configured on one interface comparing to SUP720 (PFC3) ? My goal is to have ingress netflow and microflow policing configured on

Re: [c-nsp] SUP-2T and ingress netflow + microflows policing

> I take it you're unable or unwilling to change your netflow flowmask to > match that required by the microflow policer? My mls netflow configuration below: mls ipv6 acl compress address unicast mls aging fast time 5 threshold 16 mls aging long 64 mls aging normal 32 mls netflow interface mls ne

Re: [c-nsp] SUP-2T and ingress netflow + microflows policing

On Wed, Jul 13, 2011 at 11:37 AM, Phil Mayers wrote: > sh platform hardware capacity netflow > > ...say? #sh platform hardware capacity netflow Netflow Resources TCAM utilization: Module Created Failed %Used 5 53474

[c-nsp] VPLS on software routers

Hi I just want to build VPLS lab (carry couple of VLANs between 4 routers) for test some solutions. Is VPLS supported on some software routers (7200, ISR G2, ASR1k) ? Performance is not important here - as it's for LAB few mbps is enough. If software IOS routers not supports VPLS then maybe J-Seri

[c-nsp] ASR903, ASR9k, SUP2T questions

I have question regarding ASR9k and ASR903 platforms: 1) How big FIB and RIB they have ? 2) How big NetFlow table they have ? Is it separate netflow table per each linecard ? 3) What is performance of ASR903 (Gbps and PPS) - can I have it wirerate with 5 x 10GE cards ? And two questions regarding

Re: [c-nsp] Recommendation for small GBit router

On Fri, Dec 16, 2011 at 12:25 AM, "Rolf Hanßen" wrote: > I am looking for a stable, reliable router / Layer3 switch that can do the > following: > -forward at least 1GBit / 1Mpps > -full support of IPv6 > -provide NetFlow data or similar for several hundred connected hosts in a > way that can be u

Re: [c-nsp] Recommendation for small GBit router

> Cisco-wise you'll find nothing that can push bandwidth. The cheapest > option you have would probably be a WS-3560, but you'll need an > "advanced ip services" image which does not come for free. But 3560 doesn't provide netflow at all (even sampled). And no SVI statistics. So it's out of requir

Re: [c-nsp] Recommendation for small GBit router

On Sat, Dec 17, 2011 at 4:53 PM, Gert Doering wrote: >> What throughput can bigger/newer plattform like Sup32/ASR provide with >> netflow ? Sup32 is PFC3B so same as Sup720/PFC3B. PFC3B supports 128K NetFlow entries. For us it was OK for ~2Gbps traffic with smalls customers traffic from BRAS (a

[c-nsp] ASR 901 fib size

Hi What size of FIB for IPv4/IPv6 has ASR 901 ? I cannot find this information in documentation and datasheets. Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net

[c-nsp] mLACP at 6500

Hi In 12.2 SXJ release Cisco implemented very interesting feature called - multichassis LACP (mLACP). Documentation says it's designed for server deployment. I'm using topology where distribution is made at two 6500/Sup720 and from each 6500 is 1G link to access switch (2960). Redundancy and loop-f

[c-nsp] Cisco 819 performance

Hi Do any one know what is performance (in pps) of Cisco 819 ? We would like to replace few old 870 routers (which has according to routerperformance 25k) with new 819. Unfortunately http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf is outdated at doesn't c

[c-nsp] Interpreting DOM outputs

Hi I have few LX SFPs with DOM but I'm unsure if I reading outputs correctly. Optical Optical Temperature Voltage Current Tx Power Rx Power Port (Celsius)(Volts) (mA) (dBm) (dBm) - --- ---

Re: [c-nsp] Interpreting DOM outputs

On Sat, Dec 31, 2011 at 6:02 PM, Anton Kapela wrote: > That is, these measurements are best-used as a referential figure, not > absolute -- meaning you ought to start polling & storing them now for > the most utility to be found in troubleshooting later. ;) Thanks for explanation. But I'm still u

[c-nsp] FIB table saving technique

Hi On march 2011 I was on Cisco presentation "FIB table saving technique (with simple virtual aggregation)". Robert (author or presentation) said that this feature should be integrated in IOS version "RLS 11" (which means around 15.2). But on release notes for 15.2 I cannot find this feature. Do a

[c-nsp] erspan for just one IP

Hi Is any way to have ERSPAN (on Cat6500) where traffic is copied only for one IP within VLAN. Eg. VLAN400, IP 2.2.2.2 (where VLAN consist /16 subnet and 2k active hosts) Robert ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.n

Re: [c-nsp] erspan for just one IP

On Thu, Jan 12, 2012 at 4:34 PM, Mack McBride wrote: > It is ugly but you can use a vlan acl to capture on a remote span session > then forward out a port that is connected back to the device for ERSPAN.  Not > pretty but this can be used for ERSPAN or MPLS forwarding. You mean vlan acl on 6500

Re: [c-nsp] Outbound drops on 6748

On Sat, Jan 28, 2012 at 4:45 PM, Matthew Huff wrote: > You are likely hitting microbursts. The traffic levels you state are measured > over an interval (30 seconds minimum probably). During peak activity you can > easy overrun the buffers on the 6748 if your upstream data is coming from > > 1gb

Re: [c-nsp] Outbound drops on 6748

On Sat, Jan 28, 2012 at 6:42 PM, Matthew Huff wrote: > Cisco Nexus 3000 Series switches. They came out to compete with Arista in the > HFT world, but are useful anywhere latency and/or bursting is an issue: > > http://www.cisco.com/en/US/products/ps11541/index.html Nexus 3000 have 9MB buffers co

Re: [c-nsp] Cisco's new 4500-X 10G Aggregation Switches

On Fri, Feb 10, 2012 at 3:24 AM, Reuben Farrelly wrote: > So finally - a 10G 1RU SFP+ access device.  It seem to be targeted at > enterprise aggregation but I imagine would have some appeal in service > provide space too given the form factor and the fact that the only 10G > alternates are 3560E-1

Re: [c-nsp] Cisco's new 4500-X 10G Aggregation Switches

On Fri, Feb 10, 2012 at 6:03 PM, Sachin Gupta (sagupta) wrote: > 16p SFP+ is $24k (capable of 64k routes) > 24p SFP+ is $32k (capable of 64k routes) [...] Thanks. Pricing and first technical aspects look promising :) Can you also write how big amount of buffers it has ? (4900M has 16MB) Is it's

[c-nsp] ASR9000v and distance

Hi I have three questions regarding ASR9000v deployments: 1) Can I connect one ASR9000v to two ASR9010 (to have redundancy). If yes are these ASR9010 have to be direct interconnected ? 2) Can ASR9000v be eg. 200-300KM away from ASR9010 (10GE over DWDM). 3) Are ASR9000v providing local switching be

[c-nsp] StackWise Plus performance

Hi I found in documentation that StackWise Plus is providing up to 64 Gbps of throughput. But is it full-duplex (then 128 Gbps half-duplex) or half-duplex (then 32Gbps full-duplex) ? Is it per one port ? Or both stack ports ? Rob ___ cisco-nsp mailing li

[c-nsp] Nexus 5500 and FC/FCoE support

Hi Can I connect FC SAN directly to Nexus 5548UP (with storage license) and provide connectivity to this FC SAN for Servers using FCoE ? All servers will have 10GE CNA cards connected to two Nexus. FC SAN will be also connected to two Nexus 5548UP for redundancy. BTW Can this nexus also act as s

Re: [c-nsp] ASR9000/RSP440 Console Issue

> Or to install remote power bars and console servers *once* per rack, and have > *one* scriptable interface regardless of how many different types of > equipment you connect to it.  Not for every case, but sometimes rolling my > own OOB makes more sense than paying the vendor extra to provide m

[c-nsp] Cisco CSR 1000V - costs , performance

Hi I'm very happy that Cisco announced CSR 1000V. But what about cost ? I see that license will not be perpetual but only time-based. Can any one comment this and write more about this product. Will it have any limitations regarding RIB / FIB supported ? I mean can it be universal router running on

Re: [c-nsp] ISIS routing

On Mon, Nov 26, 2012 at 1:39 PM, Saku Ytti wrote: > No. They are punted always in PFC3 and Trio, even in pure L3 interface. And > in neither platform you can create L2 ACL on L3 interface. So still if your network is using OSPF and your let's say 6500 receive 10Mbps of IS-IS then It will die as

[c-nsp] Nexus 3000 series

Hi We're using Nexus fabric based on 5500 and FEX (Nexus 2000). Now I'm interested in new Nexus 3000 series and have few questions about that. Can we connect our FEX to Nexus 3000 ? Can few Nexus 3000 works like single virtual fabric and provide functions like vPC (same as our current Nexus 5500/2

[c-nsp] Debug Radius auth and passwords

Hi I'm just troubleshooting Radius authentications for VPN and PPPoE access. I enabled Radius auth debug by : debug radius authentication But I see "*" as password in debug log. Is any way to change this behavior ? I would like what user enters as need to check is correct. I know that I can chec

[c-nsp] PIM and network redundancy

Hi I have project where network looks like this: IPTV source | 7600_1 | | | | 7600_2| | | | | 7600_3- | IPTV distribution switches (~20 VLANs) I'm currently using PIM static joi

[c-nsp] VPLS on GSR12k

Hi I have question regarding linecards which supports VPLS. Here is only one linecard (ISE 4x1G) supported as edge side for VPLS: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/vpls_qos.html Can I have edge side on SIP+SPA ? My GSR is only equipped with SIP-600 and SPA cards Rob __

[c-nsp] SVI bandwidth for counters higher than 10Gbps

Hi Is any IOS release supporting higher 'bandwidth' setting than 10G for Cat6500 ? I'm using Cat6500/Sup720-3BXL + IOS 12.2(33)SXI5 and see that 10Gbps is maximum what I can set: pe1(config)#int vlan 451 pe1(config-if)#bandwidth ? <1-1000> Bandwidth in kilobits Rob ___

[c-nsp] More than 16 MSTP instances

Hi I'm looking for Cisco switch which supports more than 16 MSTP instances. I need around 24 instances. Switch should have maximum 3U and provide 20-30 x 10G SFP+ ports. Cat4500-X looks very good for this purpose, but it will support more than 16 MSTP instances ? Rob

[c-nsp] Strange IOS as DHCP Client behevior

Hi I have setup where DHCP Server is running on Cisco IOS platform (ISR router). I this network I also have bunch of Cisco routers which are DHCP Clients. My problem is that these routers are visible in DHCP binding database with very strange MAC: 10.2.2.140 0063.6973.636f.2d30.Dec

Re: [c-nsp] Cheap BGP router for ~20k prefixes

Hi Can you give some URL to recommended ESXi tweaking ? Or just write some recommendations here. I'm happy to test CSR on my configuration but I also would like apply tweaking tips first. Rob On Wed, May 6, 2015 at 11:17 PM, Pshem Kowalczyk wrote: > We've just started to evaluate the CSR1000V

Re: [c-nsp] "New" IOS release time frame, when bug is identified

On Fri, 15 May 2015, Phil Mayers wrote: >No, it's not good. No, I don't have any suggestions other than to >threaten to move to another vendor. Hi Which vendor you're thinking ? Unfortunately from my experience it's common from my experience also with other network vendors. Rob

[c-nsp] Sup720 -> Sup2T migration and CoPP

Hi I'll have of migration older Cat6500 boxes to new 6807 chassis plus Sup2T Supervisors. I'm only not sure about migration of CoPP configuration ? Anything changed between PFC3 (Sup720) and PFC4/DFC4 (Sup2T) regarding this or I can just re-apply my current CoPP configuration ? Any other hint reg

[c-nsp] ASR9K and bandwidth

Hi I just have project with ASR9K and I'm unsure regarding what datasheet means. Eg. I have RSP440, and datasheet says: "◦ 220 Gbps/slot with single RSP" Is it 220Gbps in one direction (then 220 * 2 = 440Gbps becouse in and out traffic) or summary for both directions (in+out). Same question r

[c-nsp] CSR1000V and CPU usage

Hi I deployed Cisco CSR 1000V as edge router in DataCenter. My current configuration: - 2 x Xeon X5650 - just one CSR VM on ESXi host - ESXi 5.1 with all latest patches - standard vSwitch with 1 Intel Server NIC - HT enabled - 2xSSD in RAID1 - 8GB vRAM - 4 vCPU - 1 vNIC with 802.1q VLANs - few VLA

Re: [c-nsp] CSR1000V and CPU usage

My goal is max 1G-2G. I can move CSR to 36-cores Xeon server without problem... I'm looking for real users not discussion than HW/NP is better than SW. Everyone know that it's faster but not everybody needs so huge performance. If I need performance I can order MX5/MX80/MX104 or some ASR. Rob O

Re: [c-nsp] CSR1000V and CPU usage

8:35 Roland Dobbins wrote: > >> >> On 13 Aug 2015, at 1:24, Robert Hass wrote: >> >> > I deployed Cisco CSR 1000V as edge router in DataCenter. >> >> Deploying any variety of software-based router at one's edges is a >> mistake, and has been for

[c-nsp] Catalyst 6880-X and GLC-T

Hi I have question are speeds 10M and 100M supported on GLC-T SFP (RJ45 10/100/1000) on Catalyst 6880 ? Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/piperma

[c-nsp] NAC/802.1x and multiple users on one port

Hi I have scenario where for each port on my Catalyst (Cat3650) are connected unmanageable small switch (8 ports cheap HP). Can I still use 802.1x and NAC (ISE) for this particular port ? If yes, how filtering is done ? ACLs ? I assume that guest-VLAN/quarantine-VLAN cannot be used in this configur

[c-nsp] FEX (6800IA) on Cat6880-X

Hi I'm just wondering about deployment of 6800IA FEX'es with two 6880-X as core layer. Not sure regarding few topics: 1) Do 6800IA have local switching or everything is passing back to 6880-X ? I mean how communications between two ports is working on same 6800IA unit if a) two hosts are in same V

Re: [c-nsp] IOS CSRv1000 Power script error

Which CSR version ? I'm running couple of CSR s1000V in production and LAB (all in few different versions). Never had problems like you mentioned. But I'm always deploying on ESXi, although it shouldn't be important as VM Workstation should be also supported. Did you deployed CSR from OVA ? Rob

Re: [c-nsp] A switch with huge number of Mac address

On Fri, Jan 8, 2016 at 5:05 PM, Alireza Soltanian wrote: > We want to purchase a switch with 1G/10G ports (at least 96 ports) which > can support up to 192k of Mac addresses. > Is there any product in market which can provide this flexibilty? Rack unit > is alao a factor > >From Cisco boxes you

Re: [c-nsp] How many maximum routes does Cisco 2900 router support?

On Fri, Jan 8, 2016 at 3:23 PM, Adam Greene wrote: > Our 2921 with a full routing table, 2GB RAM, and around 60M aggregate > throughput hovers around 40-50% CPU utilization, with occasional higher > spikes. When we were pushing >100M aggregate through it, the CPU was > regularly spiking to near 1

Re: [c-nsp] IOS CSRv1000 Power script error

On Fri, Jan 8, 2016 at 5:32 PM, Alireza Soltanian wrote: > To be exact the version is 3.13 this version works fine with 2.5GB of RAM. > I Also have same issue with 3.15 > I dont have issue with 3.16 but it takes 4GB of RAM which I have problem > Strange, it's CSR on my VMware Workstation running

Re: [c-nsp] switch for SAN

On Fri, Jan 8, 2016 at 3:44 PM, Adam Greene wrote: > I know running Catalyst switches for SAN backbone fabric is not the best > idea, due to limited buffers. > > > > However, we have been doing just that with a 3750X and Dell Equallogic > 6100/4100s for quite some time, with no issues. >

Re: [c-nsp] How many maximum routes does Cisco 2900 router support?

e CPU% > > > > > > > > ROUTER#sh ip bgp sum > > > > 607161 network entries using 87431184 bytes of memory > > > > 607163 path entries using 48573040 bytes of memory > > > > 89290/89249 BGP path/bestpath attribute entries using 14286400 bytes &

[c-nsp] Shutdown an interface based on CRC errors

Hi I'm looking for function which can shutdown an interface if CRC error threshold will be overdraft. Is any existing command for this in JunOS for MX and EX platforms ? If not maybe some OP script ? Thanks a lot Rob ___ cisco-nsp mailing list cisco-ns

Re: [c-nsp] Shutdown an interface based on CRC errors

> > >You sort of hit the wrong list, but if someone has good ideas how to solve > >this for IOS, I'm all ears :-) > Indeed I mailed bad -nsp :) Too early Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/

[c-nsp] Cisco IOS-XE 3S platforms Series Root Shell License Bypass Vulnerability

Hi I'm looking for exploitation of issue 'Cisco IOS-XE 3S platforms Series Root Shell License Bypass Vulnerability' (CSCuv93130). I would like to check if it's really working on my Ciscos running IOS XE. Anyone have recipe how to do it ? Rob ___ cisco-n

[c-nsp] VPLS capable devices for two sites interconnect

Hi I'm looking for Cisco devices suitable for do interconnect of two sites. I also need redundancy at each site - so two clusters of two devices are required - mLACP capable for CE side. I cannot use regular L2 PortChannels as we're looking for pure => L3 solution. I know that ASR9001 will do the

Re: [c-nsp] VPLS capable devices for two sites interconnect

>If it's pure L3 solution you don't really need VPLS nor mLACP. >You just need two separate links extended via PWs to other site and L3 load-sharing. I forgot to mention that I need to carry 20-40 VLANs over my Layer-3 core between both sites. It's the reason for this VPLS, OTV or VXLAN... If mLA

[c-nsp] Catalyst 3850 10G version experiences

Hi I'm building mid-large campus network with 3000 access ports. Is it good idea to use stack of two 3850-XS units as core/aggregation layer ? I'm planning to use 2 or 4 Catalyst 3850-24SX in stack. They're quite fresh products - released Mid 2015. So their maturity is questionable... Maybe I sho

[c-nsp] IOS XE Denali release date

Hi I'm looking for some dates regarding IOS XE release called 'Denali' for ASR 1K and CSR 1000V platforms. Cisco show on presentations March 2016, but tomorrow we will have 1st of April. Is it delayed ? Rob ___ cisco-nsp mailing list cisco-nsp@puck.neth

[c-nsp] VXLAN Unicast on Nexus 5600 or 9300

Hi I see that both - Nexus 5600 and Nexus 9300 platforms supports VXLAN which relies on multicast in the network core. But are they support VXLAN relies on unicast network ? Maybe newer Nexus 9200 or approaching Nexus 9300-EX ? Rob ___ cisco-nsp mailing

Re: [c-nsp] VXLAN Unicast on Nexus 5600 or 9300

> > http://blogs.cisco.com/perspectives/a-summary-of-cisco-vxlan-control-plane > s-multicast-unicast-mp-bgp-evpn-2 This document doesn't provide any information what is supported on different Nexus models. > The 9ks will do mp bgp vpn , but not sure about the 5600 never used them. > I asked ab

[c-nsp] Annoying syslog messages after enabling CoPP

Hi I enabled CoPP on my Cisco routers. And now there are a lot of messages like below in syslog: 7638: Aug 9 03:31:16.603: %IOSXE-5-PLATFORM: F0: cpp_cp: QFP:0.0 Thread:000 TS:0270382487457923 %QOS-5-COPP_POLICE_DROP: packets drop on Punt/Inject interface due to CoPP police 7639: Aug 9 03:

[c-nsp] MPLS/VPLS gear with ext.temperatures

Hi I'm looking for Cisco products which supports MPLS features: - L3 VPN - L2 VPN Point-to-Point - L2 VPN Multipoint (VPLS or similar) - it's not mandatory but will be usefull As equipment will work in unfriendly environment it have to support extended operating temperatures (from -20*C up to 60*

Re: [c-nsp] MPLS/VPLS gear with ext.temperatures

On Mon, Jan 2, 2017 at 7:59 PM, Lukas Tribus wrote: > >There is basic IPsec support afaik, I'm not sure about MPLS over > >GREoIPSEC though. > Do you know if this box supports MACsec ? IPsec is useless as it's very limited - according to documentation: Packet size greater than 1460 is not su

[c-nsp] Interface helper-address and Load-Balancing

Hi I have configuration as below: interface Vlan2002 ip address 10.0.16.1 255.255.255.0 ip helper-address 10.0.18.31 ip helper-address 10.0.18.32 ! Will Cisco forwards DHCP requests to both servers defined as helper-addreses or load-balance (round-robin) between them ? Rob ___

[c-nsp] N9K + Telemetry

Hi I currently using some N9300 switches and I would like to start using Telemetry - it's looks very cool. Is any ready tool from Cisco side able to work with N9K+Telemetry ? Maybe Cisco DCNM ? I'm looking for something "ready" from vendor instead of using OpenSource (Kabana+Elactic Search) as I d

[c-nsp] BGP DFZ convergence time - FIB programming

Hi I'm looking for share experiences regarding time needed to program full DFZ table (710K IPv4 prefixes) on NCS 5500 boxes. Right now we testing competitors (Jericho based boxes) and results are not impressive - time needed to program is aroud 2min 30sec up to 3min. How fast NCS 5500 is handing

[c-nsp] ASR1001 maximum FIB size

Hi I'm looking for information what is maximum FIB size for ASR1001 (with 16GB RAM) platform ? Is it 1M or 2M ? (IPv4) Rob ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.ne

[c-nsp] CSR 1000v perpetual licenses EoS

Hi Just readed: https://www.cisco.com/c/en/us/products/collateral/routers/cloud-services-router-1000v-series/eos-eol-notice-c51-741690.html No no more permanent/perpetual licenses for CSR 1000V, just subscription. The worst of it is that support is provided by 2020. So we will have to pay for all

[c-nsp] IKEv2 unknown connections

Hi I see a lot syslog messages related to IKEv2: Jan 3 10:47:55.537: %IKEV2-5-RECV_CONNECTION_REQUEST: Received a IKE_INIT_SA request Jan 3 10:47:55.795: %IKEV2-3-NEG_ABORT: Negotiation aborted due to ERROR: Failed to locate an item in the database Jan 3 10:48:25.536: %IKEV2-5-RECV_CONNECTION_R

[c-nsp] eem-script problem

Hi I have below EEM script running at CSR1K: event manager applet blah2 authorization bypass event syslog pattern "%CLEAR-5-COUNTERS: .*" action 0.01 syslog msg "blah2 script" action 0.02 cli command "enable" action 0.03 cli command "term exec prompt timestamp" action 0.04 cli command "term

[c-nsp] Cisco Nexus 9300 for CORE

Hi I need to build new core network. We have 6 site's in different cities. All cities are connected over 100G (provided by ISP). I just thinking about N9K-C93180YC-FX and N9K-C93240YC-FX2 switches. - both supports 6 and 12 x 100G ports which I will use to inter-site connectivity (core links) - the

[c-nsp] MACsec and GCM-AES-XPN-128 support

Hi I'm looking which Cisco devices supports GCM-*AES*-*XPN*-*128* cipher for MACsec. It's looks it's supported on Catalyst 9300/9500 series. But it's looks just only on 40G and 100G ports. Is that true ? Can anyone test ? Unfortunately I don't have Catalyst 9300/9500 in LAB Rob __

[c-nsp] Cisco Nexus Data Broker

Hi I cannot find information which current models of Nexus switches are supporting Cisco Nexus Data Broker. Documents on cisco.com are quite outdated - from 2014 or 2017. I'm wondering if Data Broker is supported on Nexus 9300 EX/FX and Nexus 3600-R series. Rob __

[c-nsp] IOS XE - Checking amount of IPv4 routes in FIB

Hi I'm looking for proper command to find out how much routes I have in FIB. Is "sh ip cef summary" what I'm looking for ? Example router running IOS XE 03.13.08.S Received 1.17M routes via BGP #sh ip cef summary IPv4 CEF is enabled for distributed and running VRF Default 1168031 prefixes (11680

[c-nsp] Access Switches Aggregation

Hi I'm looking for aggregation devices (access switches aggregation). I need to aggregate around 170 access switches. Each switch need to be connected to two core/aggregation devices using mLAG. There are few sites, and every site have around 150-170 access switches. Requirements: - 4 * 48 linecar

  1   2   >