|
The Doco site is also pretty handy to keep bookmarked (and is about the only thing you have access to for reference in your CCIE lab exam) -- http://www.cisco.com/univercd/ It's a pain to navigate, but all the content is there (provided you know where to look) and it doesn't require a login.
|
#
¿
Apr 15, 2007 03:36
|
|
|
|
| # ¿ Apr 26, 2024 02:37 |
|
|
Powercrazy posted:Well crap. I can't enable NBAR on a Cisco 851W and that is the easiest way to do what I want to do. Now I'm going to have to gently caress with access-lists and things. Sigh. Use a BT client that supports TOS configuration on outgoing packets, set them to a classification you know nothing else in your network uses and setup a class-map to match the TOS into a class and a policy-map to queue it behind other priority traffic. You shouldn't need to do anything on the 35XX as I doubt you're congesting it's switch fabric with your BT traffic. If you really want to be lazy with the switch though, look into autoqos (and make sure you change the default TOS to queue map so that the value you use for your BT traffic isn't landing in a priority queue). Keep in mind this is only good for outbound traffic. You queue/shape/police/drop outbound. You really only mark inbound. There's no point dropping a packet once it's already on the wire.
|
|
#
¿
Apr 25, 2007 02:25
|
|
|
Anyone running an IPV6 backbone yet? I'm building a new service provider core at the moment and thinking of getting an allocation and turning it on just for the hell of it. There's no requirement for it yet - but at least I guess our products boys can have some fun with it.
|
|
#
¿
Apr 26, 2007 09:45
|
|
|
Agreed. L2VPNs are incredibly flexible but their abuse by people who could achieve much more elegant solutions to problems is pretty common. Just because you can do something - doesn't mean you should.
|
|
#
¿
Apr 28, 2007 05:36
|
|
|
Or add:code:
|
|
#
¿
May 3, 2007 01:28
|
|
|
3560G's have full support for baby giant and jumbo frames. Access it using the "system mtu" command in global configuration mode.
|
|
#
¿
May 6, 2007 09:29
|
|
|
Girdle Wax posted:I still can't believe how horribly unreliable autonegotiation Cisco-to-Cisco is. It's crazy that in this day and age we still have to go through and manually force speed/duplex on ports to stop Cisco gear from doing something stupid. All the modern gear is fine when it comes to auto-negotiating but I generally lock everything down with hard settings everyway since it's just best practice.
|
|
#
¿
May 11, 2007 01:33
|
|
|
Hot tip for those who manage multiple devices and didn't know about this one (you'd be surprised how obscure it is): How to schedule commands (ala cron) on your IOS device: http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_feature_guide09186a00801b0695.html They also use a CNS IOS sync as an example. CNS is another awesome feature for managing large amounts of devices running the same IOS version.
|
|
#
¿
May 18, 2007 05:46
|
|
|
conntrack posted:Whats your take on the 4500 series? The 4503 chassies with the sup-II-plus-TS supervisor looks like a nice price/performance combo to me. Really poor layer 3 forwarding performance and very limited QOS and routing capabilities. It's ok if it's just one switch in the middle of your network but if you're managing a somewhat large network, I'd almost certainly go for a SupV and run native IOS.
|
|
#
¿
May 22, 2007 00:38
|
|
|
conntrack posted:Im going from a 3750 stack with all our fiber in a 12S model. 3750Gs are the pinnacle of awesome. What are your port density and packet forwarding requirements? I actually hadn't checked out the Plus-TS (I instantly summoned memories of a 4500 with Sup2 with an L3SM or vanilla Sup2). The 3750G-12S only has lower packet forwarding rates due to the total number of packets that can be forwarded on the number of interfaces it has. I doubt you are running this thing at line-rate  The only situation where you'd compromise on performance in the 3750G series switches is if you're stacking them and joining the shared 32gig fabric together (in which case you have 2 x 16gig rings between the entire stack).
|
|
#
¿
May 23, 2007 04:17
|
|
|
Biggz posted:So in theory should this prioritize web traffic (or whatever matches in the 102 ACL) above everything else Hell no. Read up on how the priority queues work with CBWFQ. You wont be able to allocate this much into a PQ for starters (or shouldn't be able to). You want to use the priority queue for the "must be sent first" traffic then split the bandwidth that's remaining amongst the other queues using "police" or "shape". You'll also have to put a "max bandwidth allocated 100 percent" on the interface so you can allocate all of it (i forget the default maximum and the exact command - cisco.com).
|
|
#
¿
Jun 24, 2007 23:54
|
|
|
jbusbysack posted:What is the typical order in which to tackle the CCNP? I've read that BSCI is a good starting point, but looking for other input. I think BSCI is the best place to start because the switching exam (BCMSN?) has a lot of content that deals with layer 3 switching/mls and now with the added MPLS content in what was the BCRAN exam you'd be best off having a solid routing foundation to build on. I haven't read the MPLS stuff in the CCNP since I did mine a fair while ago, but you can bet it'll have questions on MPiBGP and PE-CE routing protocols.
|
|
#
¿
Jul 9, 2007 04:43
|
|
|
MrZodiac posted:I'm troubleshooting a very weird website performance issue. The tie in to Cisco is that both ends of the equation sit behind ASA 5510's [7.0(4)]. My Wireshark dumps have lead me to possible TCP checksum problems across the board. But in researching that I found that 1) it's very rare, and 2) Wireshark has trouble dealing with NICs that do Checksum Offloading. So, how would I verify if I am having checksum problems? Both ASA units show zero checksum errors with the tcpstat output. TCP offloading seems very common on modern NICs, especially gigabit. If you are capturing from the local machine using wireshark and using TCP checksum offloading the calculation is performed on the NIC so the checksum at the driver/wireshark level will be 0 (it's not until the packet is hitting the wire itself that the NIC will calculate this). Try using the capture command on the ASA (if you can still do this) or capture through a mirrored port on the switch if you want to see what it looks like on the wire. What is the particular website performance issue you're looking at? MTU/MSS problems the the most common ones I can think of if you're looking at the network level.
|
|
#
¿
Jul 19, 2007 02:15
|
|
|
If it's a storm then wireshark will quickly be overwhelmed. I suggest you turn spanning-tree portfast off everywhere to start with, enable CDP if you haven't already and use "sh cdp nei detail" to locate any switches that may be patched in a topology loop (which is REAL easy to do if your cabling isn't organised). I prefer the CDP command because I can quickly use it to see things like "why is there another switch plugged into gi0/12 when all my GEC trunks are gi 0/44-48" etc. Edit: and if those switches are 3560s, turn on autoQOS or some form of QOS I mention it because I had a topology loop eventually running over a million pps for about 6 hours one day until it finally caused any noticeable impact on the phones (mess up where one switch wasn't running MST properly). Korensky fucked around with this message at 22:44 on Jul 23, 2007 |
|
#
¿
Jul 23, 2007 22:41
|
|
|
Jeff73 posted:Upon testing, Wireshark was able to handle a SPAN feed from a saturated gig link long enough to capture a slice of the data decent enough to spot the nature of the excessive traffic I put on it to test. Sorry - this was more to do with most PC NICs being unable to handle the interrupt-fest that is capturing line-rate GigE rather than a jab at wireshark itself. And I guess it's true - he doesn't really need an accurate capture - just a snapshot of the crap (which should be easily visible). quote:I can't tell though: are you suggesting he leave portfast off and CDP on for all ports indefinitely, or only during testing? Personally I leave CDP on everywhere internally (no cdp enable on outside facing interfaces of course) and put portfast back on once you've determined the source of the fault and fixed it. Then lock the racks your patch panels are in so the users can't tamper with your cabling
|
|
#
¿
Jul 24, 2007 14:05
|
|
|
Jeff73 posted:Korensky, how did MST fail and what was the fix? 5 switches. 4 of them in a loop-type topology with GEC trunks. Switches 1-3 running MST, switch 4 running PVST (whoops). Switch 5 was hanging off switch 1 on a fibre spur to another floor but still ran MST. What threw me off the problem initially was the huge amount of traffic between switch 1 and 5 which made me think the problem was there (switch 5 was just bigger and badder than the rest - sup 5 4506). But yea... switch 4 running PVST and having both it's GEC links unblocked ended up being the root cause (configuration oversight when the gear was deployed).
|
|
#
¿
Jul 25, 2007 00:02
|
|
|
try:code:
|
|
#
¿
Jul 27, 2007 07:26
|
|
|
Arkady posted:Also, how many of you are CCIE? I figured they would be pretty rare.. But they aren't, it seems. v Failed the R&S written test about 18 months ago by a few marks (Thx EIGRP) and didn't bother re-taking it since I moved into much more VOIP focused roles that had me using other kit. CCNP is going to expire in a month so I'll probably give the written another shot (and study useless poo poo like EIGRP this time). Paul Boz_ posted:I meant a 2500 with two FA ports via WIC. Pretty sure 2500s are fixed config only (at least all the ones I can remember seeing). I think you're thinking of the 2600 - and even then, relying on this failing memory, FA was only on NMs not WICs --- and 2600 only supported 1 NM?
|
|
#
¿
Jul 29, 2007 09:24
|
|
v
|
|
| # ¿ Apr 26, 2024 02:37 |
|
|
Powercrazy posted:And stranger still, with fiber, on the newest cards like the ES40 or OC768 "Godzilla" cards and even some of the older fiber ports, it will autonegotiate. But only with fiber not Copper.... Swapping the optics on an SFP is somewhat different since they are an actual transceiver. One side is a receiver and the other a laser to transmit with, and what are you trying to autonegotiate over a POS interface?....
|
|
#
¿
Apr 18, 2008 09:53
|
|