Re: [c-nsp] bgp scalability C7600

2015-02-06 Thread james list
Hi gert Good info. From customer requirements and pricing point of view the idea is to replace with a nexus. Regards Il 06/feb/2015 19:45 Gert Doering g...@greenie.muc.de ha scritto: Hi, On Fri, Feb 06, 2015 at 03:16:26PM +0100, james list wrote: do anybody have numbers in terms of BGP

[c-nsp] bgp scalability C7600

2015-02-06 Thread james list
Gents, do anybody have numbers in terms of BGP sessions scalability oin C7600 SUP-720 ? greetings ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at

Re: [c-nsp] L2 over L3 scenario

2015-10-23 Thread james list
Thanks guys 2015-10-23 10:37 GMT+02:00 james list <jameslis...@gmail.com>: > Dear experts, > > a customer of mine is looking for a solution to stretch L2 point2point > links over its L3 flat infrastructure, basically it has some L3 6500 > switches making its WAN networks an

[c-nsp] L2 over L3 scenario

2015-10-23 Thread james list
Dear experts, a customer of mine is looking for a solution to stretch L2 point2point links over its L3 flat infrastructure, basically it has some L3 6500 switches making its WAN networks and as routing protocol is using eBGP over the wan links (no IGP at all... argh...). On top of the requested

[c-nsp] udld fail ?

2016-05-31 Thread james list
dear experts I've a Cisco 6500 (12.2(33)) connected to a juniper EX4200 with a 2 x 10Gb port channel. Apparently the Cisco gear has disabled one out of the two ten giga interface after some flapping of the other one and due to UDLD that is currently non configured as aggressive nor bidirectional

Re: [c-nsp] udld fail ?

2016-05-31 Thread james list
yes, in general I see your points, I was wondering if there could be a reasonable reason for the mentioned behaviour 2016-05-31 16:33 GMT+02:00 Nick Hilliard <n...@foobar.org>: > james list wrote: > > Apparently the Cisco gear has disabled one out of the two ten giga > >

[c-nsp] VTP doubt

2016-06-16 Thread james list
Hi I've two 6500 (6500-A and 6500-B) in production as VTP server, access switch are 3750 or 4500 as VTP clients. Today if I add manually a vlan on one of the two VTP server (ie on 6500-A) it's propagated to the other server (6500-B) and clients. The question is: do I've to add manually on both

Re: [c-nsp] LAN + Security solution hint

2016-02-03 Thread james list
g" <g...@greenie.muc.de> ha scritto: > Hi, > > On Wed, Feb 03, 2016 at 07:34:16PM +0100, james list wrote: > > I'd use cisco 3850/3750 in stack but i m not sure this is the right > choice. > > The problem is that what you're asking for is nearly impossibl

[c-nsp] LAN + Security solution hint

2016-02-03 Thread james list
Dear experts, I’d like to have an hint if possible… For a project I’ve to provide a LAN solution to my customer with a mix of 1 Gbs copper and 10 Gbs copper ports (let say 20 x 1 Gbs and 30 x 10 Gbs ports) plus a firewalling solution supporting feature like server load balancing and

Re: [c-nsp] LAN + Security solution hint

2016-02-03 Thread james list
> and come up with your best guess, and we'll confirm/deny whether you're on > the right track. > > On 2/3/2016 7:38 AM, james list wrote: > >> I’d like to have an hint if possible… >> >> For a project I’ve to provide a LAN solution to my customer with a mix of >>

Re: [c-nsp] LAN + Security solution hint

2016-02-03 Thread james list
a scritto: > Hi, > > On Wed, Feb 03, 2016 at 06:25:29PM +0100, james list wrote: > > well indeed I've asked for network expert suggestion, not for my father > > suggestion... > > Where can I send my invoice? > > You get paid for your customer to do this design, so if yo

[c-nsp] BGP query

2016-03-10 Thread james list
Dear experts I've a BGP question. I've a router peering with a customer of mine, plain EBGP no MPLS, see following chain as example: myroutera --ebgp-- myrouterB --ebgp-- myrouterC --ebgp-- mycustomerA --ebgp-- mycustomer_BGP_worldwide_network Between myrouterX I use EBGP with private AS, now

Re: [c-nsp] Issue with port-channel hashing

2016-07-23 Thread james list
sues. > > You may also want to set 'mls ip cef load-sharing full'. > > Mack McBride | Senior Network Architect | ViaWest, Inc. > O: 720.891.2502 | C: 303.720.2711 | mack.mcbr...@viawest.com | > www.viawest.com > > > -Original Message- > From: cisco-nsp [mailto

[c-nsp] Issue with port-channel hashing

2016-07-22 Thread james list
Dear experts, I need help. On my C6500 sup720 (12.2(33)SXI5) I’ve a port channel 4 x 1Gbs with 1 Gbs full and hashing fixed. On the port-channel I’m trunking with few L2 vlans and on top of one of those I’ve L3 (with OSPF). Since hashing is fixed all the traffic that 6500 Asic has decided to

Re: [c-nsp] Issue with port-channel hashing

2016-07-22 Thread james list
That is not unfortunately so adaptive to understand that a link is full and change for other sessions... :-( 2016-07-22 13:18 GMT+02:00 James Ventre <network...@ventrefamily.com>: > > On Fri, Jul 22, 2016 at 3:45 AM, james list <jameslis...@gmail.com> wrote: > >> 2)

[c-nsp] c6500 process memory

2016-06-30 Thread james list
Dear experts, just to ask if there are any guidance or best practice about process memory utilization, currently on my C6500 I'm at 70% usage and would like to know if I need to be alterted or not... I use this box for full routing table (BGP process is the higher memory user)... Kind regards

Re: [c-nsp] c6500 process memory

2016-07-01 Thread james list
o the SP but I doubt they have interest in reviving > the old platform. > > 70% is nothing really, I wouldn't worry about it until it's over 95% > > On 6/30/2016 12:18 PM, james list wrote: > >> Dear experts, >> just to ask if there are any guidance or best practice about

[c-nsp] C3850 and NAT

2017-02-08 Thread james list
Dear experts, I'm wondering if anybody can give detailed or experienced info about NAT support on c3850. I m not able to find any info on feature set but on the web is not so clear... I'm looking a cheapest, in respect to 6500 or 68xx, switch able to support NAT (not a router). Thank you in

Re: [c-nsp] C3850 and NAT

2017-02-08 Thread james list
00 line rate NAT switch. -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of james list Sent: Wednesday, February 8, 2017 4:17 PM To: cisco-nsp NSP <cisco-nsp@puck.nether.net> Subject: [c-nsp] C3850 and NAT Dear experts, I'm wondering if any

[c-nsp] How to protect the firewall

2017-02-09 Thread james list
Hi experts, I've a customer which experienced a big trouble since one of the server system engineer in the company has assigned to a test server the same ip address of the firewall cluster. They do not have networking resources and got time to understand the issue. My question: is there a way to

Re: [c-nsp] stange vlan 1 output

2016-10-07 Thread james list
utt...@edgetg.com>: > This is the perfect time to run > > sh int g8/45 switchport > sh int g9/27 switchport > > to get configured values VS negotiations > > -Original Message- > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > james list &

[c-nsp] stange vlan 1 output

2016-10-07 Thread james list
Hi experts, an issue on my c6500 sup720 12.2(33)SXI5. I have two equal trunk configuration ports: xxx#sh run int g8/45 interface GigabitEthernet8/45 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 269 switchport mode trunk logging event link-status

Re: [c-nsp] stange vlan 1 output

2016-10-07 Thread james list
device is a 4948? I've seen that platform do this > a lot where the 4948 participates in DTP enough for the other side to drop > to access but the 4948 forgets to match it. > > > On 10/7/2016 9:17 AM, james list wrote: > >> Hi experts, >> >> an issue on my c6500 sup72

Re: [c-nsp] stange vlan 1 output

2016-10-07 Thread james list
isco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > james list > Sent: Friday, October 7, 2016 1:44 PM > To: Pete Templin <peteli...@templin.org> > Cc: cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] stange vlan 1 output > > There is firewall on the other side... >

[c-nsp] PTP design

2016-09-20 Thread james list
Hi experts! More than a vendor related question I’m wondering to discuss or get hints regarding the upcoming mifid2 new PTP request (max divergence from UTC of 1 microsecond) implementation that will be requested since Jan 2018. I’d like to setup in my DC two fully redundant PTP source, for this

[c-nsp] C6500 dual supervisor redundancy to break

2016-10-01 Thread james list
Hi experts, on my running C6500 in one of the PoP I've configured redundancy with dual Sup-2T. Now I'm going to add a new C6500 and want to remove one Sup from running C6500 and to insert in the new one. The questions: 1) do you suggest to keep redundancy enabled also with one Sup in the

[c-nsp] looking to find the best cisco device

2016-10-24 Thread james list
Dear expert I’m having a look to a scenario in order to find the best matching (and cheapest) device. I need at least 3 x 10 Gbs interface (one in ingress and 2 in egress port-channel) and to support functionalities such as: - BGP - Mcast PIM - Mcast proxy register - NAT - 10 Gbs

[c-nsp] huge amount of mcast traffic

2016-10-13 Thread james list
Dear experts, I’ve a multicast financial market connected to my infrastructure, I’ve been informed that a new data multicast flow could reach up to 6 Gbs, so an huge amount of traffic needs to be replicated. Market is connected to an ASR 1001, than to a C6807-XL and customers are connected to

Re: [c-nsp] huge amount of mcast traffic

2016-10-13 Thread james list
10577 > OTA Management LLC | Phone: 914-460-4039 > aim: matthewbhuff| Fax: 914-694-5669 > > > -Original Message- > > From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of > > james list > > Sent: Thursday, October 13, 20

Re: [c-nsp] huge amount of mcast traffic

2016-10-13 Thread james list
ssue depends on the application that uses > the multicast data. > > > > > > Matthew Huff | 1 Manhattanville Rd > > Director of Operations | Purchase, NY 10577 > > OTA Management LLC | Phone: 914-460-4039 > > aim: matthewbhuff

Re: [c-nsp] huge amount of mcast traffic

2016-10-17 Thread james list
>> feed is going to be an issue. Will it work, yes. Will it work well, I doubt >> it. >> >> >> Matthew Huff | 1 Manhattanville Rd >> Director of Operations | Purchase, NY 10577 >> OTA Management LLC | Phone: 914-460-4039 >> aim: m

[c-nsp] traffic stuck firewall assymetry

2017-03-29 Thread james list
Hi experts I’ve a couple active-passive firewall clusters (both with two member-A and member-B) in two different localtions connected with two different WAN links (WAN-A and WAN-B). One cluster in site A has firewall member-A as active and the router/switch (C6500 not in VSS) with WAN link A as

Re: [c-nsp] traffic stuck firewall assymetry

2017-03-29 Thread james list
tween VRFs, that could cause issues as well if the traffic is flowing asymmetrically. Best Regards Ted -Original Message- From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of james list Sent: den 29 mars 2017 17:31 To: cisco-nsp NSP <cisco-nsp@puck.nether.net>; Juniper

[c-nsp] PVST+ with arista box

2017-03-06 Thread james list
Dear experts, I'm looking for hands on experience in interconnecting a huge cisco network (>400 vlan) running PVST+ with some arista boxes which in principle as default uses MST but in theory could interact with Cisco proprietary PVST+. Despite the arista document which confirm the interop, has

[c-nsp] mac filter on switch

2017-05-23 Thread james list
Dear experts, I’ve a customer switch C3750 (12.2(35)), is there a way to permit on a specific port only a group of mac address which could generate traffic towards the switch ? I’ve tried mac acl but I do not get the expected result. Any idea, example or www reference is appreciated. Thanks in

Re: [c-nsp] mac filter on switch

2017-05-23 Thread james list
er Rathlev <pe...@rathlev.dk>: > On Tue, 2017-05-23 at 15:22 +0200, james list wrote: > > I’ve a customer switch C3750 (12.2(35)), is there a way to permit on > > a specific port only a group of mac address which could generate > > traffic towards the switch ? > &

Re: [c-nsp] mac filter on switch

2017-05-23 Thread james list
Peter Rathlev <pe...@rathlev.dk>: > On Tue, 2017-05-23 at 15:22 +0200, james list wrote: > > I’ve a customer switch C3750 (12.2(35)), is there a way to permit on > > a specific port only a group of mac address which could generate > > traffic towards the switch ? > >

[c-nsp] PTP: what kind of monitoring is requested by MIFID 2 ?

2017-06-06 Thread james list
Dear experts, Has anybody already approached the PTP monitoring requested by MIDIF 2 ? --- Article 4 of RTS 25 states : Compliance with the maximum divergence requirements Operators of trading venues and their members or participants shall establish a system of traceability

[c-nsp] Traceroute not working as expected

2017-12-18 Thread james list
Dear expert I ve the following strange issue. In the same broadcast domain (10.1.0.0/24) I have four devices: 1) carrier router .1 2) firewallA .2 3) firewallB .3 4) firewallC .4 Carrier router has a default route to .2 (firewall A). 2-3-4) has gateway to .1 If I made traceroute to a wan

[c-nsp] multiple GRE on the same gear

2017-12-01 Thread james list
Dear experts, the bug CSCdy72539 states that on Cisco 6500 with SUP720 if are created multiple GRE interfaces using the same source address traffic is switched in CPU instead of hardware, it seems the issue is solved with SUP2T. The question: can ASR1001X suffer of the same issue ? I’m not able to

[c-nsp] multiple GRE on the same gear

2017-12-01 Thread james list
Dear experts, the bug CSCdy72539 states that on Cisco 6500 with SUP720 if are created multiple GRE interfaces using the same source address traffic is switched in CPU instead of hardware, it seems the issue is solved with SUP2T. The question: can ASR1001X suffer of the same issue ? I’m not able to

Re: [c-nsp] DHCP server

2018-06-15 Thread james list
th a much > cheaper software router like a ISR43xx > Do you mean the catylyst 9300 series? > > -Original Message- > From: cisco-nsp On Behalf Of james > list > Sent: Friday, June 15, 2018 1:19 PM > To: cisco-nsp NSP > Subject: [c-nsp] DHCP server > > This message or

Re: [c-nsp] DHCP server

2018-06-16 Thread james list
Just one but hundreds of dhcp scopes. Cheers Il Sab 16 Giu 2018, 10:55 ha scritto: > How many physical interfaces/ports? > > A c891f could be sufficient... > > Jürgen. > -Original Message- > Dear experts, > a customer of mine as an old C7200 acting as DHCP server and wants to > replace

[c-nsp] DHCP server

2018-06-15 Thread james list
Dear experts, a customer of mine as an old C7200 acting as DHCP server and wants to replace it with an IOS device in order to port configuration 1:1. He asked for a solution which is not so expensive, I'm thinking to ASR1k or CAT9k, do you have any other suggestion ? Thanks for any advice

[c-nsp] C4500x VSS convergence

2018-06-02 Thread james list
Dear experts I have a strange behaviour to share. I am testing ISSU and failover of a couple of 4500x configured in VSS. Basically what I see is that during the failover the active supervisor (or switc) takes more than 100 seconds to forward ip packets, making routing convergence is very slow.

[c-nsp] Meltdown and Spectre

2018-01-06 Thread james list
Dear all, For cve related to Meltdown and Spectre I'm wondering to know what are you doing or going to do on your networking gears? I'm struggling to understand something from vendors but I'd like to hear from people in the pitch. Cheers James ___

[c-nsp] Cisco Supply Chain issues in Amsterdam?

2018-01-03 Thread james list
Can only confirm to be in delay by two weeks now and still not got a delivery date by Cisco Big issues with end of year invoicing. Cheers James ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp

[c-nsp] Strange issue

2018-09-10 Thread james list
Dear experts I'm wondering if you can provide any hints/help on this problem. We experienced a strange issue in reaching the remote devices (servers) and perforiming bulk snmp walk, instead direct object query was working fine. After an entire nigth of issues (22pm to 6am), the problem

Re: [c-nsp] Huge SP CPU usage spikes 100%

2018-03-01 Thread james list
cfg = 0x20 mis_init_sts = 0xF dimm_parm_cfg_hi = 0x0576 dimm_parm_cfg_lo = 0x42040F5A tm_init_size_cfg = 0x8000 xxx# 2018-03-01 10:02 GMT+01:00 James Bensley <jwbens...@gmail.com>: > On 1 March 2018 at 08:29, james list <jameslis...@g

Re: [c-nsp] Huge SP CPU usage spikes 100%

2018-03-01 Thread james list
sample > > > Replace 'slot 5' with your port SUP port number. > > > On 1 March 2018 at 10:29, james list <jameslis...@gmail.com> wrote: > > Dear experts, > > has anybody experienced a 100% SP CPU usage on C6500-Sup720 > (12.2(33)SXI5) > > with

[c-nsp] Huge SP CPU usage spikes 100%

2018-03-01 Thread james list
Dear experts, has anybody experienced a 100% SP CPU usage on C6500-Sup720 (12.2(33)SXI5) with a lot of interrupts ? The main process is Heartbeat. Cisco TAC is struggling in having an idea to sorting out the issue, they are working since 3 days on it.. STP is stable, no mac moving, no real issue

[c-nsp] macsec

2018-03-14 Thread james list
Dear experts, I’m trying to get working macsec between Cisco 3850 and Juniper EX4300 without success. Here the config: Cisco 3850 key chain test macsec key 123ABC cryptographic-algorithm aes-128-cmac ! interface TenGigabitEthernet1/0/21 switchport access vlan 10 switchport mode

[c-nsp] IOS ip-base to advanced-ip-services upgrade

2018-04-23 Thread james list
Dear experts, I am wondering if anybody has clear the process to upgrade an ASR1001X from ip base to advanced ip. I need to enable BFD on BGP and seems that an upgrade is needed. I'd like to know if it's right to use or we need to buy a new license. Thanks for a feedback Cheers James

Re: [c-nsp] Huge SP CPU usage spikes 100%

2018-03-02 Thread james list
: 0 TTL failures : 8688776 MTU failures : 0 Total packets L3 Processed by all Modules: 1710516850594 @ 57716 pps 2018-03-02 11:22 GMT+01:00 James Bensley <jwbens...@gmail.com>: > On 1 March 2018 at 09:53, james list <jameslis.

Re: [c-nsp] [j-nsp] Strange issue

2018-09-12 Thread james list
Thanks Saku/Lukas Investigation still on going I will let you know if something is found. Cheers Il Mar 11 Set 2018, 00:20 Saku Ytti ha scritto: > Oh I think I misunderstood OP. Yes, sounds like larger packets were > impacted smaller were not. > > On Tue, 11 Sep 2018 at 01:16, Saku Ytti

[c-nsp] Traffic delayed

2018-10-02 Thread james list
Dear experts I’ve a strange issue. Our customer replaced two L2/3 switches (C6500) where a pure L2 and L3 (hsrp) environment was set-up with a couple of new MX9k running the same L2 and L3 services but those two MX are running MPLS/VPLS to transport L3/L2 frames. Access switches are QFX5k

Re: [c-nsp] [j-nsp] Traffic delayed

2018-10-02 Thread james list
Can you elaborate? Why just every 30 minutes the issue? Il Mar 2 Ott 2018, 20:34 Tom Beecher ha scritto: > You have switches with completely different buffer depths than you used > to. You prob want to look into that. > > On Tue, Oct 2, 2018 at 9:39 AM james list wrote: >

Re: [c-nsp] [j-nsp] Traffic delayed

2018-10-03 Thread james list
e expring and needed to be refreshed every 30 mins > interval. For multicast, check if any prune or joins are happening around > the time. Any IGMP joins or prunes around the same time. > > On Tue, Oct 2, 2018 at 9:38 AM james list wrote: > >> Dear experts >> >> I’ve a