|
Daddyo posted:I've got a pretty new 3570 that's just decided to reboot itself on a random basis. Whats the best logging option to capture exactly whats going on so I can either a) resolve it or b) return it? Console connection logging through Hyperterminal? Thats typically what we do in the Lab. It should also save a crash log to the bootflash.
|
#
¿
Apr 16, 2007 17:31
|
|
|
|
| # ¿ Apr 25, 2024 12:58 |
|
|
How do I configure QoS on my Cisco network? Basically I have a Cisco 817 Aeronet router for my gateway, and connected to that I have a 35xx Layer 3 Switch (there are 6 computers and 4 consoles connected to that). I want to prioritize all Bittorrent traffic to lowest priority and all other traffic higher. I'm reading up on Cisco QoS, and various queuing protocols and I think I want to use Priority Queuing, but I'm not sure how to set it up. Any help?
|
|
#
¿
Apr 24, 2007 20:51
|
|
|
jwh posted:That's a big question. Do you need qos on your 3550? Because if you can get away with only doing it on the 817, it's going to be easier. With the switches, you have to think about hardware queues and dscp to cos maps, and which queues are priority queues, and it's just generally not a very fun experience. Yea I was looking around on the Cisco website and finally stumpled upon NBAR. When I get off work I'm going to go home and try it out, and i'll probably post the configs for others edification. Also apparently as of IOS 12.4T the Bittorrent protocol is identified natively. So I'll find out soon.
|
|
#
¿
Apr 24, 2007 22:31
|
|
|
Well crap. I can't enable NBAR on a Cisco 851W and that is the easiest way to do what I want to do. Now I'm going to have to gently caress with access-lists and things. Sigh.
|
|
#
¿
Apr 25, 2007 00:07
|
|
|
Korensky posted:Use a BT client that supports TOS configuration on outgoing packets, set them to a classification you know nothing else in your network uses and setup a class-map to match the TOS into a class and a policy-map to queue it behind other priority traffic. Well there are 4 of us on the network, so I'd rather everything be self contained in the router rather than configuring each computer individually. Also the only thing that messes up online games (in my case, I think) are outgoing packets from BT. Since we are on a residential connection I don't think we are saturating our downlaod, but I'm sure that we are using a significant amount of upload. I'll try messing with the router and stuff tomorrow. Thanks for the help so far.
|
|
#
¿
Apr 25, 2007 07:07
|
|
|
Herv posted:Wierd, I have rarely had problems with auto negotiation with both sides being in auto. Having said that, 3Com 905x and the Cisco 6509/3xxx LAN switches certainly have made my day go poorly. I work in a Cisco SP Lab. It's been my experience that if both sides are set to Auto-neg, than there is no problem. However if one side is set to half-duplex, or it can only do half-duplex like on a FastHub 400 or something, then auto negotiate won't work. So normally for our default configs we set all interfaces to full-duplex, and there isn't a problem.
|
|
#
¿
May 10, 2007 21:53
|
|
|
Girdle Wax posted:1) Choosing 7600, hopefully getting some RSP720s- though probably not. Finding out that SRC release notes will say "The WS-X67XX switching modules will no longer be supported in SR". The 7600-S with the RSP already has a completely different code base, I can guarentee that the 67xx cards will work for the foreseeable future, I can also guarentee that 6500 is not going to get the same support as the new 7600 is. A safe (but expensive) bet is to go with the 7600. The RSP720 is a pretty awesome Sup, and combined with the new 7600-s as well as the new cards that will that will undoubtedly be coming out soon with the Fast Fabric Sync. I would be feeling pretty confident about my fail over options. Of course this may not be feasible for your situation. But if you do have the option, the 7600 is the safe way to go. Also I'm fairly confident that the new 68xx series cards will not work in the 6500... But that is certainly not the official Cisco position. E: Actually to clarify, certain features of the 68xx card's won't work. Like the fast fabric switching etc. But it is only a matter of time before some 7600 exclusive cards come out. ate shit on live tv fucked around with this message at 23:17 on May 18, 2007 |
|
#
¿
May 18, 2007 22:51
|
|
|
conntrack posted:Im going from a 3750 stack with all our fiber in a 12S model. I assume that he is referring to older supervisor cards that used CatOS for the switch processor and IOS for the Route Processor. You could, with a very convoluted process, upgrade from CatOS to Native IOS where you would have IOS running on both the switch processor and the route processor. Then even though as a user you would only see the switch processor any changes to the config in the switch processor would be mirrored onto the route processor, and thus you would be running "native IOS." But I am probably missing something. I guess it could also mean that the supervisor just came with IOS on it already and that way you wouldn't have to deal with the upgrade from CatOS to IOS.
|
|
#
¿
May 22, 2007 15:11
|
|
|
I have a semi obscure IOS error message. I'm not sure if it will affect anything large scale but I want to be sure before propagating the error throughout our labs management network. We use terminal servers to access all the devices in the lab. The servers are old school 2511 routers. We have 16 port async on each one, and we add a device using the ip host command. code:however when I do a show host command I get a strange error message: quote:rcdspterm-6#show host I'm not sure what the stuff in quotes means and CCO isn't much help. Anyone know? e: ah I just figured it out. 'ip domain-name' was the command I was looking for heh. Oh well. ate shit on live tv fucked around with this message at 21:37 on Jul 3, 2007 |
|
#
¿
Jul 3, 2007 21:35
|
|
|
M@ posted:Wanted to post in here and let you fellow Cisco goons know that if you've got any Cisco stuff you want to buy or sell, let me know. I'm the Cisco broker for a company that sells used networking equipment. I get a pretty good discount on new stuff. I can't really sell IOSs or SMARTnet, but if you're looking for hardware, let me know via PM or AIM and I'll see what I can do. I've installed lots of those, and the only thing I can say is are you sure you are installing it right? There isn't anything that tricky about installing the daughterboards, except that the screws suck.
|
|
#
¿
Jul 4, 2007 04:17
|
|
|
code:RMA Ahoy.
|
|
#
¿
Jul 11, 2007 16:56
|
|
|
Partycat posted:Not sure if I asked this before, but this is just a curiosity. Dealing with Cat 3750G-PoE's we occasionally find ports that just won't work at Gig, for no apparent reason. The agonizingly long startup tests show nothing, then we will find a port that will work great at 10/100 but will not negotiate at gig, or work at gig if we lock it down. We tried the obvious, shut/no shut, check log, etc. Nothing comes up, or helps, save for a reload. Obviously once we have a switch full of users operating in a production environment, we can't do this. We're not terribly concerned about it, because it is just one port every so often and we just move the user to an available port, generally. The only thing we could think of is there is some problem with using a 5 Pair punch on 110 blocks, may be causeing a problem. I know it does with PoE devices, you will sort the pairs and get a power error, so we don't do that. We did have this issue show up on one of the mini GBIC ports, however. The only think I can figure is that you have PoE configured for the ports stuck at 10/100. PoE can't work at GigE speeds. Also is the other device capable of running GigE? Finally if it's only one port sometimes, it sounds like you might have a bad patch between end device and the port. If you have a lovely cable that can't support GigE then it will go down to 100. In any case I think its a layer 1 problem, and not necessarilly a problem with the switch.
|
|
#
¿
Jul 12, 2007 17:21
|
|
|
Partycat posted:
It's very possible that it was a code problem. But I'm still suspicious of why setting the port to 100 would cause it to come up immediately unless PoE was enabled somehow. Strange. As far as the fiber problem, Cisco devices are pretty specific about what SFP's you use, so if it wasn't that, then it could be any number of things.
|
|
#
¿
Jul 12, 2007 20:40
|
|
|
nene posted:The 2500s were solid beasts, but they were slow as hell and only ever sold in a variety of fixed configurations, with serial ports and an AUI or Token Ring port. There's actually probably still a lot in use, especially the version with 16 Async ports. All of our Lab Console Servers are 2500's with the 16 Async ports. Some of they have uptimes of >1 year. But yea, they are loving slow.
|
|
#
¿
Jul 29, 2007 21:32
|
|
|
Girdle Wax posted:Already have an open TAC case but in case anyone here's seen it before: Do a show mod, and make sure that the RSP with the lowest firware revision is the active one. If they are both the same firmware and otherwise identical, then it sounds like you discovered a bug.  Also what code are you using? SRA, SRB, SRB1 or SRB2 (not sure if SRB2 is deployed yet). e: If you want, I can try to reproduce the error in the Lab tomorrow, since we aren't really doing anything anyway, besdies that I'd like to know if this is a common problem so that I can save the day whenver we have a Demo that runs into a similiar problem. ate shit on live tv fucked around with this message at 05:54 on Aug 2, 2007 |
|
#
¿
Aug 2, 2007 05:50
|
|
|
off topic but:quote:c:>ssh -l root https://www.cia.gov That is loving hilarious. Also why does the Debug All command even exist? It crashes all routers/switches immediately. I see no reason to use it ever.
|
|
#
¿
Aug 16, 2007 16:30
|
|
|
delslo posted:Now I ask you: I am currently on comcrap internets w/ DHCP. I would like to forward ports from outside to inside, for instance: I can't help you with the specific PIX questions, as I hate PIX and wish they would die... But I believe for your port forwarding needs you'd need to do something like this: code:
|
|
#
¿
Aug 24, 2007 23:28
|
|
|
M@ posted:That's what we're doing to fight Cisco's witch hunt. Who knows if it'll work. You really can't blame Cisco for that though. The margin that Cisco runs is so high that its actually more cost effective to give away used gear then to sell and support it. Internally Cisco has a list called Reverse Logistics that is a bunch of returned Cisco Gear from customers, oversells etc. They just pass the list around to various organizations inside of Cisco (like the lab I work with), and we pick whatever we want off of the list. This actually saves Cisco more money then if they tried to sell that same equipment as used themselves.
|
|
#
¿
Oct 1, 2007 17:21
|
|
|
luma posted:When I have a server that has multiple NICs tied into one switch I can bond those NICs and configure them to create one channel for both transmit and receive load balancing via LACP/802.3ad, effectively doubling my throughput in either direction. The requirement is that the NICs are all talking to one switch, or in the Cisco world, talking to multiple switches that are configured as a cluster. Here then is the question: If I have a single server with 2 NICs which are connected to 2 switches (in this case, bladed Catalyst 3020s), and these switches cannot be clustered, if these two switches are themselves connected to a single core switch (say a Cat 6000 series) might I still be able to enable link aggregation for both transmit and receive? I'd question why you were doing that (why pass through those switches at all.) But otherwise if you did some kind of transparent pass-through of those switches and went directly to the Core switch you could get link-aggregation. Of course the disadvantage is that you can't directly talk to any of the devices connected to either of those pass-through switches. It would require you to configure the ports you were connected to on the switches into a transparent link. I'm not sure of the actual term.
|
|
#
¿
Oct 1, 2007 20:01
|
|
|
Powercrazy posted:I'd question why you were doing that (why pass through those switches at all.) I just figured out that you can't do that with ethernet switches. So ignore that advice. You can with frame relay though 
|
|
#
¿
Oct 3, 2007 17:35
|
|
|
GPF posted:I'm going to come over and rub myself on your boxes. Just fair warning. Fairly different. Some commands are the same like sh ip int bri, but it will give you a deprecated warning. By poking around enough you can figure out how to do pretty much anything you can do in IOS. Though putting an IP on the box is... not very intuitive.
|
|
#
¿
Nov 3, 2007 06:22
|
|
|
jwh posted:If someone has a box running 12.4(15)T1, or can get a box running 12.4(15)T1, I'd like to see if they can reproduce a CEF problem with SSL VPN and VRF. What kind of box? If you still need help that is.
|
|
#
¿
Dec 4, 2007 01:29
|
|
|
^^^^^ Make sure you get the 3560G that supports jumbo frames, if you are expecting to need them. There are 4 versions of the 3560G IIRC the 24 and 48 port, that support and don't support Jumbo frames. I've got a 3560G around here that is a 48port version with Jumbo Frames, but I'm not sure exactly what the part number is. Check CCO though and it should tell you. (After you coax it some.) Girdle Wax posted:Yeah, the 4948 (internally based off a 4500 I believe) will do (supported) layer 3 on every single port, up to 2048 SVIs or something crazy. But it'll cost you. Yep. That's exactly what a 4948 is. It even has the same Rommon as the old 4507R does. When I discovered that I actually laughed a little. Hell I'd trust a 4948 to be more reliable then the old Cat4500s anyway. ate shit on live tv fucked around with this message at 10:40 on Jan 24, 2008 |
|
#
¿
Jan 24, 2008 10:35
|
|
|
CrazyLittle posted:Very interested. (You have PM's disabled.) So when you go direct to telco, are you going to get a PRI from them and then use a VWIC2 to act as a trunking card? I've always wondered why cisco does that. With 6500's or any of the Catalyst switches, it will do auto-crossover. However their 7600's or the Metro stuff, won't. There is no technical reason the switches can't do it, it's just not part of the non-catalyst derived IOS. Really strange. And stranger still, with fiber, on the newest cards like the ES40 or OC768 "Godzilla" cards and even some of the older fiber ports, it will autonegotiate. But only with fiber not Copper.... What's the dealio?
|
|
#
¿
Apr 17, 2008 19:09
|
|
|
I have a Cisco851W router. I just use it for home networking. I've got port forwarding working for Bittorrent, AIM, etc. But it's not done very elegantly.code:Are all those lines really neccessary or is there a way to define ranges of UDP/TCP ports to forward for specific IPs?
|
|
#
¿
Jul 8, 2008 07:59
|
|
|
Its my experience int he Service Provider lab that all the old 6500 line cards (6108-6948) work in the 7600s except for the SIP/SPAs, which are very finicky. Lots of them work, but not all. Of course the ES cards will work in both chassis (for now) but since the 6500 and the 7600 BUs split, that won't be the case for much longer.
|
|
#
¿
Jul 10, 2008 03:32
|
|
|
You need wireless (what the various channels are, differences in a,b,g,n implementaion) , and drop the ISDN stuff. Also there is more emphasis on security (easy stuff really). I'm sure there are other differences but those are the main ones that I can think of right now.
|
|
#
¿
Jul 11, 2008 00:02
|
|
|
Just as an FYI. The 3560G is a gigabit switch, not FastEthernet. You don't need to use fiber. Those 4 SFP ports are typically for MPLS/BGP or some other type of core routing.
|
|
#
¿
Jul 15, 2008 18:03
|
|
|
Girdle Wax posted:As a backup you can back up the node database from inside the software, and we also keep docs of where every circuit comes in (and the 'where it goes' can be gleaned from router docs)- though we've never lost a database and the low level software is pretty much rock solid since Cisco didn't initially write it (they bought up a company called Cerent and slapped a new label on the front). That "low level software" is called TL1 and it's been around since the 70's. Once you learn how to use there is no reason to use the CTC GUI stuff. With TL1 you can configure an almost limitless number of boxes with a few macros, all you need is the initial OSC circuits up. Fun bit of trivia. In CTC version 4 or less (they are up to 8.5 now I think) the default username was "petaluma" as in California, the headquarters of Cerent. So if you ever have the unfortunate task of updating a bunch of 15454s from CTC version 2, to 4 (change TCCs here) to 7 then finally to 8 you'll need to know that. Trust me I know.
|
|
#
¿
Jul 25, 2008 08:41
|
|
|
Ah, I was off by one then. I'm still amazed by how many telco's are using TCCs or TCC+'s. When I was working in the Richardson SP lab, we had an upgrade almost every month. Usually from version 3 or 4. Occasionally from 7 to 8 (that is a nightmare upgrade as well, because your old highspeed slot OC48 cards don't work in 8.) CISCO15 otbu+1
|
|
#
¿
Jul 25, 2008 19:31
|
|
|
Any "high speed slot" (the triangles) cards, MAY not work in 8. But otherwise you should be ok, unless that 4 port OC3 is really old (there's a particular revision of the multi-port cards that have been around forever and won't work in 8, unfortunetly I can't recall the exact part number). I take it this is a live system at a telco or something? If it is, then there aren't really any tricks except of course ensuring that your cards are compatible. Are you going to 8.0 or 8.5 or something like that? 8.5 fixes a lot of the "overlooked" problems of 8.0. There are also some incremental releases that fix some specific issues with certain SFPs and XFPs. But it looks like you are dealing with fixed optics, so you are probably just fine. I won't have my CCO access back until monday, so I can't look up the exact internal engineering documents, but I will certainly check them out when I can. When are you doing the upgrade? I'd like to keep in contact because it will be a nice refresher course for me on the 15454. I've been out of the loop for about 6 months.
|
|
#
¿
Jul 25, 2008 22:38
|
|
|
Anjow posted:In preparation for my CCNA exam I'm running through some exercises on PacketTracer. I have noticed some odd behaviour and wondered if it's normal. If you are running rip, are you sure you have the router setup properly? Are the switches acting as layer 3 devices or just switches? The symptom you describe look like you have some overlap with your rip networks so rather than routing its using layer 2 and learning a mac-address then forwarding the frame based on the mac, rather than using IP.
|
|
#
¿
Aug 12, 2008 01:52
|
|
|
Rip is a classful protocol. What this means is that depending on how you have your routing config setup you could be ommitting a route between networks. Basically if you have say 3 networks and they are 10.1.0.0, 10.2.0.0, 10.3.0.0 you will most likely run into routing problems. The easiest way to help you would be if you posted the router config so that we can point out where the error is. Post your rip configs, as well as tell us what the IP addressing is. Also do a "show ip route" on each router, and post that info.
|
|
#
¿
Aug 12, 2008 17:50
|
|
|
I'm using a Cisco 851w. It does Wireless, and I've had hundreds of ports forwarded with it (though that isn't pretty it is functional). It also runs IOS so if you want more familiarity with the capabilities of the operating system. They can be had for about 60 bucks 2nd hand. And even new they aren't that bad.
|
|
#
¿
Aug 12, 2008 20:55
|
|
|
Try ebay. Maybe This.
|
|
#
¿
Aug 12, 2008 22:10
|
|
|
Why doesn't any simulator incorporate switches? Are switches really that difficult to emulate, or do the just expect everyone to hack routers together and call them siwtches? I want my Vlans damnit.
|
|
#
¿
Aug 15, 2008 04:57
|
|
|
jwh posted:The dynamips guy says it's because it's hard to emulate the asics. Its jsut a general bitch. I've got access to the Cisco WebIOU simulators (they run actual IOS images on a solaris box). But they can't do switches either, and every single simulator program I've seen doesn't do switches. Its bizaar to me because it seems like routing would be more difficult to emulate then switching is. But apparently its easier to simulate routers then it is to simulate switches. Oh well. I should be taking my CCNA/CCDA in like 4 or 5 days at most, I'll be doing the combined test and I've gotten Frame Relay, OSPF, and ACLs down for the most part so I should be ok. Then CCNP in like 3 months. Woohoo getting paid to cert is awesome. ate shit on live tv fucked around with this message at 18:48 on Aug 15, 2008 |
|
#
¿
Aug 15, 2008 18:43
|
|
|
Yea that makes since about switches, which is why I said its just a general bitch. Thanks for the luck, I'll definetly need it.
|
|
#
¿
Aug 16, 2008 16:43
|
|
|
Tab8715 posted:EDIT : How physically intensive is being a Cisco tech? I've seen someone really large pieces of equipment and I've got a bad back. Of course I could lift somethings once in a while, but I'd perfer not to at all. Unless you are in a lab environment, it should be pretty rare that you move anything at all. The aggregation Switches and Routers (7609's and 6509's) are pretty light once you take all the line cards out. The Core routers and switches (GSR's and CRS-1's) you'll rarely see and NEVER move. Some of the smaller switches (4948's, 3560's, 3750's) are kind of heavy, but you should be able to move them easilly in groups of 2 or 3 (I think they are around 15lbs). So in short, don't worry about the physical aspect, you'll rarely encounter it and when you do you'll certainly have some help.
|
|
#
¿
Aug 16, 2008 23:52
|
|
|
|
| # ¿ Apr 25, 2024 12:58 |
|
|
Tab8715 posted:So, it's not a Cisco Tech's job too mount racks and all that? When I was working in a lab environment, the heavy poo poo (fully loaded CRS-1's and 7609's etc) was all put in place by either the shippers, or our hourly facilities guys. The configuring etc, was the part that we did. Sure occasionally we had to move things between racks etc, but for the most part everything is pretty static. I assume when you say cisco tech you mean a network tech, and other than moving edge switches around, the "hard" part (i.e. the part you were hired for) is configuring the devices. As far as your degree is concerned a BS in some kind of technical background is good. I guess you have a BA with a minor in CS? I'm sure for a network admin job your certs and general knowledge are going to be good enough to get you hired I'd wager. If I was hiring a cisco network guy, I'd be more concerned with famialrity of the products and IOS rather than what their major was, so don't worry about it too much.
|
|
#
¿
Aug 17, 2008 03:03
|
|