|
Powercrazy posted:So in one of our large branches we had a few misbehaving hosts. There was a bug where when the PCs were asleep they would spam out IPv6 multicast packets. This in-turn cause the switch to CPU spike as I assume the frames were punted to the CPU and turned into broadcasts. As long as its not 6in4 traffic it'll get dropped at the L3 interface. Presuming you don't have v6 enabled.
|
#
?
Nov 14, 2014 23:36
|
|
|
|
| # ? Apr 27, 2024 01:59 |
|
|
Powercrazy posted:So in one of our large branches we had a few misbehaving hosts. There was a bug where when the PCs were asleep they would spam out IPv6 multicast packets. This in-turn cause the switch to CPU spike as I assume the frames were punted to the CPU and turned into broadcasts. It should get dropped at the routed interface, regardless you shouldn't see a bump in CPU utilization unless they are all MLD packets (or they are sent to the all-hosts ipv6 multicast group). Assuming you have MLD snooping turned on of course! We had a similar problem at work recently and it turned out to be a PC spewing out MLD packets.
|
|
#
?
Nov 15, 2014 23:31
|
|
|
Red Robin Hood posted:I opened a TAC case regarding this issue but they're borderline useless. Show commands? Debugs?
|
|
#
?
Nov 15, 2014 23:58
|
|
|
The bug is on some NICs with Intel chipsets, that causes flooding of IPv6 MLD packets, when the machine hosting the NIC is put to sleep, but also has wake on LAN. There is a bug on 2960s, prior to the X model, which may not be published yet, but, if the router alert flag is set in those bogus MLD packets, it will kick each one to the processor path (in addition to flooding it everywhere throughout the ingress VLAN, if you don't have MLD snooping enabled), even if you have no IPv6 routing going on.
|
|
#
?
Nov 16, 2014 06:04
|
|
|
single-mode fiber posted:The bug is on some NICs with Intel chipsets, that causes flooding of IPv6 MLD packets, when the machine hosting the NIC is put to sleep, but also has wake on LAN. There is a bug on 2960s, prior to the X model, which may not be published yet, but, if the router alert flag is set in those bogus MLD packets, it will kick each one to the processor path (in addition to flooding it everywhere throughout the ingress VLAN, if you don't have MLD snooping enabled), even if you have no IPv6 routing going on. Yep. That is exactly what happened. So is the mitigation (besides patching the hosts) to turn on MLD Snooping? It's a 6500 running a Sup720-3B. Hopefully it's not MLDv1  pre:PFC3C and PFC3CXL modes support MLD version 1 (MLDv1) and MLD version 2 (MLDv2). •These modes support only MLD version 2 (MLDv2): –PFC3A –PFC3B –PFC3BXL
|
|
#
?
Nov 17, 2014 16:34
|
|
|
Yeah, updating the NIC drivers is the best way to go, but, depending on the requirements of your environment, MLD snooping should work, IPv6 ACL that drops inbound v6 traffic (may require changing the SDM template depending on which switches you have), storm control, control plane policing, all of those will work and keep your switch CPUs from melting down. When I encountered this in the wild, it was for an org where they insisted on having thousands of users concentrated on just a couple VLANs, so, whenever the NIC bug would occur, it would be slam job dot com.
|
|
#
?
Nov 18, 2014 05:06
|
|
|
can someone ballpark a realistic price for a nexus 7004 with two supervisors and two 48x 10g line cards? I don't need any fancy poo poo to start with, just layer 2.
|
|
#
?
Nov 18, 2014 05:21
|
|
|
adorai posted:can someone ballpark a realistic price for a nexus 7004 with two supervisors and two 48x 10g line cards? I don't need any fancy poo poo to start with, just layer 2. List comes out to be around $150k for that. You could probably get it for around $120 depending how big you are. I had the wrong line cards before taking the screenshot, but  N7K-F248XP-25E= is the same price as the one in my shot so the pricing doesn't change. 
less than three fucked around with this message at 06:25 on Nov 18, 2014 |
|
#
?
Nov 18, 2014 05:57
|
|
|
adorai posted:can someone ballpark a realistic price for a nexus 7004 with two supervisors and two 48x 10g line cards? I don't need any fancy poo poo to start with, just layer 2. What do you need nexus 7004s for? I ask because you may be fine getting 2 fixed switches and a pair of ASRs for example (assuming you needed OTV.) If you just need 96ish ports and eventual layer 3 support then maybe a Nexus 56128 is more your speed?
|
|
#
?
Nov 18, 2014 09:42
|
|
|
Red Robin Hood posted:I opened a TAC case regarding this issue but they're borderline useless. Little late to this, I had a 3750 that would do this after like 60 something days of uptime. If I left it running, I would lose console access as well. Still would pass traffic though. Ended up being whatever version of IOS was on there had a memory leak.
|
|
#
?
Nov 18, 2014 15:45
|
|
|
Is that a typical discount? I assume that enterprise? doomisland fucked around with this message at 14:02 on Nov 19, 2014 |
|
#
?
Nov 18, 2014 22:34
|
|
|
//
less than three fucked around with this message at 08:25 on Nov 19, 2014 |
|
#
?
Nov 18, 2014 23:04
|
|
|
How about that football, with the pigskin?
Partycat fucked around with this message at 21:22 on Nov 19, 2014 |
|
#
?
Nov 19, 2014 00:29
|
|
|
1000101 posted:What do you need nexus 7004s for? I ask because you may be fine getting 2 fixed switches and a pair of ASRs for example (assuming you needed OTV.) And in general, we get a 45% discount on hardware. Today I could probably get 48%, I know my local sales rep is looking to get some more sales booked right now.
|
|
#
?
Nov 19, 2014 01:15
|
|
|
//
less than three fucked around with this message at 08:25 on Nov 19, 2014 |
|
#
?
Nov 19, 2014 02:44
|
|
|
Woof. Sorry for your loses. doomisland fucked around with this message at 14:02 on Nov 19, 2014 |
|
#
?
Nov 19, 2014 04:19
|
|
|
Our standard, first-quote, pre-negotiation discount from Cisco is 48% off list on network gear, 18% on support, and 65% on UCS. Just FYI. I always like sanity checking with others' numbers -- takes some power away from the vendors.
|
|
#
?
Nov 19, 2014 07:28
|
|
|
//
|
|
#
?
Nov 19, 2014 08:24
|
|
|
KS posted:Our standard, first-quote, pre-negotiation discount from Cisco is 48% off list on network gear, 18% on support, and 65% on UCS. Just FYI. I always like sanity checking with others' numbers -- takes some power away from the vendors. If I were to go to a new job and get quoted for gear I think anything under 50% for the hardware I would laugh at and be insulted. I think standard starting is around 60%? Definitely seems to be per industry though for what they start you at. Never had to really quote anything big on Cisco since we're mostly a J shop but even Arista was following in line for around what we were getting.
|
|
#
?
Nov 19, 2014 13:56
|
|
|
adorai posted:I probably don't need the 7k. It's possible that there are a few features that would beat our current 5548 pairs, but not at that price. Mainly the feature that lets you bridge layer 2 over layer 3, but I have other solutions for that. Cisco ASR routers can do OTV which is the feature you're looking for. Will probably be cheaper and can provide decent enough throughput.
|
|
#
?
Nov 21, 2014 06:05
|
|
|
doomisland posted:If I were to go to a new job and get quoted for gear I think anything under 50% for the hardware I would laugh at and be insulted. I think standard starting is around 60%? Definitely seems to be per industry though for what they start you at. Never had to really quote anything big on Cisco since we're mostly a J shop but even Arista was following in line for around what we were getting. In general it seems to depend what you're doing and who you are. There are run-of-the-mill everybody discounts, better discounts due to industry, account size, etc. If you get the Cisco roadshow to come in with some bullshit and your AM knows you're quoting other vendors then you can get better. Gotta be careful with that one, since they'll show up and talk about products that don't exist, won't exist, don't do what they appear to, and then wrap it up in a nice package for management, to try and give them justification for their costs.
|
|
#
?
Nov 23, 2014 15:13
|
|
|
KS posted:Our standard, first-quote, pre-negotiation discount from Cisco is 48% off list on network gear, 18% on support, and 65% on UCS. Just FYI. I always like sanity checking with others' numbers -- takes some power away from the vendors. get a quote from Juniper and drop a hint to your Cisco rep that you are looking at Juniper. They should come down much more then 
|
|
#
?
Nov 23, 2014 19:07
|
|
|
1000101 posted:Cisco ASR routers can do OTV which is the feature you're looking for. Will probably be cheaper and can provide decent enough throughput. OTV is the only cool thing cisco has anymore
|
|
#
?
Nov 23, 2014 19:08
|
|
|
If I plug my laptop ethernet into the ethernet console port on an ASA 5515-X and it still thinks the cable is disconnected, what am I doing wrong? Nothing requires a crossover cable these days right? Management port isn't responding either. I'm trying Putty Telnet/SSH/Console so maybe that's my problem. I have the ASDM software but Cisco gave me the package that only installs from the device itself, so that's no help.
|
|
#
?
Nov 24, 2014 16:44
|
|
|
Zero VGS posted:If I plug my laptop ethernet into the ethernet console port on an ASA 5515-X and it still thinks the cable is disconnected, what am I doing wrong? Nothing requires a crossover cable these days right? Management port isn't responding either. I'm trying Putty Telnet/SSH/Console so maybe that's my problem. I have the ASDM software but Cisco gave me the package that only installs from the device itself, so that's no help. You need one of these AFAIK 
|
|
#
?
Nov 24, 2014 16:53
|
|
|
Zero VGS posted:If I plug my laptop ethernet into the ethernet console port on an ASA 5515-X and it still thinks the cable is disconnected, what am I doing wrong? Nothing requires a crossover cable these days right? Management port isn't responding either. I'm trying Putty Telnet/SSH/Console so maybe that's my problem. I have the ASDM software but Cisco gave me the package that only installs from the device itself, so that's no help. The console port is a serial connection that uses an RJ-45 connector. It's not actually ethernet. You'll need a USB-->Serial adapter to plug into the console cable that they give you, or find a system with an RS-232 serial port.
|
|
#
?
Nov 24, 2014 16:55
|
|
|
Richard Noggin posted:You'll need a USB-->Serial adapter to plug into the console cable that they give you On the topic of these, has anyone else run into an issue with these where they'll work for a bit, then just completely stop? My old laptop, it would work for 5-10 minutes, then console would stop working, if you reseated the USB portion, it would remove it from devices and not even acknowledge it was connected until a reboot. On my new one, I'm lucky if I get 30 seconds of console before it happens.
|
|
#
?
Nov 24, 2014 17:50
|
|
|
Richard Noggin posted:The console port is a serial connection that uses an RJ-45 connector. It's not actually ethernet. You'll need a USB-->Serial adapter to plug into the console cable that they give you, or find a system with an RS-232 serial port. Right, right, I actually used one fine a month ago at my last job... had a brain fart and thought the serial side was on the Cisco device and not on the laptop end, so when i saw that I assumed they changed them to use RJ-45 on both ends. Well poo poo, we don't have that cable at this job, I'll have to eBay one. Do the RS-232 to USB adapters work solidly with Win7/Putty?
|
|
#
?
Nov 24, 2014 19:09
|
|
|
I have a Tripp Lite usb to serial, and it works fine with osx, for whatever that's worth.
|
|
#
?
Nov 24, 2014 19:26
|
|
|
This is the one I have been using for like two years now. It has been rock solid. Whatever chipset in there is "newer" so it should be plug and play for most. http://www.amazon.com/Plugable-Adapter-Prolific-PL2303HX-Chipset/dp/B00425S1H8
|
|
#
?
Nov 24, 2014 20:33
|
|
|
Moey posted:This is the one I have been using for like two years now. It has been rock solid. Whatever chipset in there is "newer" so it should be plug and play for most. The other good option is something based on the FTDI FT232RL. Just be wary of fakes of each chipset - remember this?
|
|
#
?
Nov 24, 2014 22:24
|
|
|
Newer (gen2+) ISR series routers come with a built in USB serial adapter, in the form of a microusb port. May not help you here but have a quick look if you're working on a 19xx/29xx/39xx series router. Drivers can be found on Ciscos website if you do strike it lucky. Otherwise also recommending a legit FTDI based USB serial adapter, it's been bullet proof for more than 5 years for me and works fine out of the box in Windows and OSX.
|
|
#
?
Nov 25, 2014 00:41
|
|
|
I'm surprised that it took so long for straight USB console connections to become a thing. Do the manufacturers really make that much money off of the cables?
|
|
#
?
Nov 25, 2014 16:17
|
|
|
Inspector_666 posted:I'm surprised that it took so long for straight USB console connections to become a thing. Do the manufacturers really make that much money off of the cables? No, but adding in a USB->Console adapter plus writing Plug and Play software for your device is a huge amount of money, for not much benefit. Also the USB ports on ISRs are janky and I've only been able to get it to work after screwing with it for a while. Console Output is much simpler.
|
|
#
?
Nov 25, 2014 19:27
|
|
|
Inspector_666 posted:I'm surprised that it took so long for straight USB console connections to become a thing. Do the manufacturers really make that much money off of the cables? Powercrazy posted:No, but adding in a USB->Console adapter plus writing Plug and Play software for your device is a huge amount of money, for not much benefit. Also the USB ports on ISRs are janky and I've only been able to get it to work after screwing with it for a while. Console Output is much simpler. Pretty much this. It's the same reason why OOB ethernet ports started showing up before usb-serial built-ins did. They already had the excess hardware in place for a non-routing network port. Serial output requires an additional discreet chipset plus driver software development.
|
|
#
?
Nov 25, 2014 21:47
|
|
|
Eh. The usb management ports are just an on-board usb to serial adapter. I doubt it costs them much. What is everyone's go to for cheap dwdm? I have a satellite site that I currently serve with 1g ports and I'm debating augmenting the routers in that site so I can offer 10g vs hauling the 10g ports back to the main pop where I can already handle 10g ports. So yeah. I need something to add color to my customer connections and a passive mux.
|
|
#
?
Nov 25, 2014 22:42
|
|
|
I've used this one for years and years. It just works. No screwing around at all. Mine doesn't look exactly like that since it's so old. I'm sure there has been a physical revision or two in between. But it's the same drivers, I'm sure, and they just work.
|
|
#
?
Nov 25, 2014 23:17
|
|
|
FatCow posted:What is everyone's go to for cheap dwdm? I have a satellite site that I currently serve with 1g ports and I'm debating augmenting the routers in that site so I can offer 10g vs hauling the 10g ports back to the main pop where I can already handle 10g ports. I used to use http://www.3c-link.com/ at my old job. Turnaround times weren't the best, but that's the case with a lot of DWDM stuff. Never had anything DoA, everything worked to spec.
|
|
#
?
Nov 26, 2014 07:54
|
|
|
I was given this type of cable recently a d really like it. http://www.get-console.com/shop/en/usb-to-serial-cables/57-usb-serial-cable-rj45-180cm.html Re:Cheap WDM, fiberstore.com.
|
|
#
?
Nov 28, 2014 21:35
|
|
|
|
| # ? Apr 27, 2024 01:59 |
|
|
Hey would appreciate a bit of help from any Cisco unity people have a Cisco Unity Box that is refusing to relay voice mail to to email, i.e the .WAV attachment to a email. Have one confirmed user working that gets this email with .WAV attachment, have noticed on his account the message actions status window has "voicemail will be relayed to user@user.org" in the status window, none of the other accounts on the system have this line displayed? unsure if its a account problem because I've done a export of all the user accounts details under the bulk admin tool to csv and opened in excel and filtered to compare with the working one to the affected ones, can't see any problem. any ideas cause this has puzzled me for at lest a week.
|
|
#
?
Dec 1, 2014 08:36
|
|