Cisco Application :: PAT Limits And Monitoring - ACE 20?
Dec 14, 2011
How to confirm the PAT limit on the ACE-20s. I initially read it as 1 million (the NAT limit), however I have since read that for PAT, its 4 million as it uses the connection record information and not xlate.
I've always wondered why the xlate line under 'show resource usage' is zero. If PAT does use the connection record then this would explain why, however its confusing as when running a 'show xlate' command you do see all the current PAT entries.
I have installed anm 4.3 and is trying to setup monitoring my css11506. I have added the device and on the monitoring-setting-polling status, said the polling configuration is enabled, but the polling status time out.
The css11506 snmp configure as: snmp trap-type enterprise snmp cmmunity xxxxx read-only snmp name "anm v4.3" [code]...
We are currently running a ACE20 with 11 contexts. Recently we have seen that one of the contexts is being 'starved' of resources, especially Concurrent Connections, Bandwidth and Throughput.
Whilst we know how to address this situation by reallocating resources from less busy contexts, I was wondering if there was a more scientific way of looking at the resources being used and calculating the best way to allocate them across the ACE other than just looking at the 'show resource usage' and 'show resource allocated' commands?
Has Cisco or any other 3rd party developed a handy tool to monitor the the ACE resources which will possibly assist with calculating the optimum resource allocations across all contexts?
I have been given a task to create 2 checks using snmp for nagios. I am googling left right and center to maybe try and find the appropriate OID's that i can pass to this nagios check for both ssl throughput as well as compression throughput.
I recently installed a Cisco ACE 4710 version A4(2.0) into our test network. Load balancing across a number of web servers appears to be working ok and serving pages to users. However, when i tried to check the real time stats via device manager (Monitor> virtual contexts> context > Real servers) a number of fields specifically "current connections", "total conns", "failed conns" etc were showing N/A. Do I need to enable this somehow i.e. polling, if so how?
Currently running an ACE 4710, which is handling all of our inbound SSL connections and then forwarding requests thru to backend web servers. This all works fine.
My question is this..Right now we are not load balancing any of the backen web servers. But I now have a requirement that should a web server crash or become unavailable I need to redirect that backend connection to another web server.
Scenario is more like I have 2 web servers both serving same content, but I want one server to take all the connections unless it fails, at that point have all the connections forwarded to 2nd server.Is there a way to setup the load balancing where the 1st server gets all the connections until a failure happens ?
I have a VIP, which is listening on port 8312 in ACE LB and NO probes attached to it. In this scenario how does the ACE module perform the health monitoring ?
I've been having a bit of a problem lately trying to play Battlefield 3 on my PS3 when other computers are running on my network.
I'm looking for a program or method to set bandwidth limits on some devices to try to guarantee the PS3 enough bandwidth to play without lagging.
With the research I have done what I can find is that there is something called Quality of Service (QoS), and traffic shaping -- which are good and fine but I don't believe my Westell router supports them and I don't want to have to do anything crazy with my router.
Also I am currently dual booting Ubuntu Linux alongside Windows XP, and I don't have XP set up because I want to install Windows 7 on that partition once I can read DVDs (in the hardware forum), therefor I would really like to find a Linux program that I can use to shape my network traffic.
I am running a Cisco ASA 5550 in active/standby mode. We are currently running ASA OS v8.2(3)5. I am wondering if there is a way I could limit source IP concurrent connections coming in my outside interface. Does the ASA have a feature/ACL syntax that supports this?
I'm an electrical engineer by trade, and fairly inept at networking. That being said, I am looking to extend the maximum range of my networking equipment. I have a job which requires around 500' between switches, and am trying to find a clever way to bridge the gap. The span is direct-burial cat5e, and has very low bandwidth requirements. I know you can buy off-the-shelf range extenders, but they are expensive, so I thought maybe I could avoid it.
1. It my understanding that the lower speed protocols (10 Mbps rather that 100, 1000) have a longer maximum operating length, because they utilize a lower frequency and consequently see a lower impedance. If so, are there network switches that I can force to use the lower baseband frequencies?
2. Should I bother trying to find a cable with the lowest characteristic impedance (or will they all be similar)? Cat 5e is pretty good, yes?
3. Should I do half or full-duplex; is this something I can control as well?
4. What network switches are cheap and allow this type of configurability?
5. If I attach other switches to the ends of this 500' ethernet bridge with auto-negotiating feature, will there be any conflicts or they will all get along?
My apartment complex limits each connection to 200KBps but each connection has the same IP so I thought there has to be an easy way to combine the connections. Is there a way to connect the wired network i'm connected to with the wireless one?
My router that i am currently using has 1gbp/s lan and i seem to be limited to 10mbp/s when i try to transfer files across the network. I have the HG556a firmware.
I'm doing a large-scale snmpwalk against an ASR9k (with IOS-XR v4.2.0) running as a provider edge router (full bgp table) and pulling the full contents of the BGP route table. On other routers, this completes within my timeout window, but not on the ASR9k.Figuring that this has to do with CoPP rate-limits, I've adjusted the rate-limits to ridiculously high values.
But still, the walk doesn't complete in an acceptable amount of time. Manual snmpwalks display a rate slower than even 7600s, with occassional stutters. CPU on the box doesn't even register that anything extraordinary is going on (@ 2 - 3%), and "show lpts pifib hardware police location" shows that there are 0 drops against SNMP.I haven't turned yet - either some traffic shaping mechanism or some combination of process scheduling/priority with SNMP.
We currently have ACS 5.4 and Cisco WLC 5508's deployed. We have wireless lobby admin accounts that can login and successfully create and modify guest wireless accounts. What we are trying to do, however, is give the lobby admins the ability to create wireless accounts with lifetimes longer than 30 days. Currently our setup will only allow the creation of permanent accounts (by entering all 0's in the lifetime fields) or accounts that last up to thirty days.
I am wondering what are the limits per routers for creating the vlans in vlan database? I have a 1801 router with the c180x-broadband-mz.151-3.T2 IOS and cant create more than 14 vlans.. How many does 2800 router support? Why I can't find this information anywhere on cisco.com?
how far apart an Aironet 1410 Bridge can be from the Power Injector (Dual Coax feeds). I just can't find the specification details. The device comes with a 20' and 50' F-type and I'm looking at 150' runs for both ends of the bridge pair.
Everytime I make a config change to one of the contexts on our ACE20, I get this message: Config Application in Progress. This command is queued to the system
Report run via Individual Web server URL’sThe report takes less than 20 minutes (average 15 minutes) to fetch and return the data. This is observed 9 out of 10 times.Report run via ACE Load Balanced URLThe report keeps on running for more than 20 minutes and never completes. The front end keeps showing report is running.The data in general when tested directly by running queries against the database (bypassing the platform) completes in 15-18 minutesThe network connectivity for each and every ports involved (Loadbalancer/Servers) have been throulgly checked.
Licenses are activated on a total of 31 devices (nexus 5000 and 3000 series), data is being monitored, graphics are drawn. However under the Web user interface of DCNM, under Health, Virtual Port Channels (vPC) no data is shown. Performance, vPC is also empty. No vPC errors/notifications are displayed. The installed advanced-eval licenses should support all the bells and whistles (including vPC), but still- no monitoring is done about vPC-s. vPC-s are up and active. network is discovered and monitored via snmp v2c only. could this be limiting vPC discovery- needing snmpv3/ssh access?
Does any know why the ASA will monitor physical interfaces by default, but monitoring of logical interfaces is disabled by default? Or better yet, is anybody doing a monitor-interface for a subint without issue? I'd imagine it isn't enabled by default for a reason.
I have a question regarding netflow and NAT. I have read some documentation (on ASR1000) regarding monitoring NAT process on Cisco ASR1000 that can be done using netflow version 9 (the term was called netflow event logging a.k.a NEL). The problem is, I have not found the netflow collector that can do that. I have queried several software such as manage engine "Netflow Analyzer" and Lancope, but they said their software can not do that.
I am trying to setup VPN monitoring for a srp527w Cisco.This is my first attempt at this so "easy to understand" instructions would be a great, i have done some searching and its difficult to decipher relevant and irrelevant information based on my limited exposure to this technology.
VPN Tunnels Monitoring on ASA5510 with IOS 7.0 (Monitoring through Nagios Server).I want to use Nagios to monitor each of the S2S Tunnels built on ASA 5510. I can use the icmp on Nagios by adding Nagios host in IPSEC network of each tunnel but in that case the change needs to be done at other end of Tunnel as well.
We have around 20 VPN tunnel via Cisco Router 2821 (Intranet) and around 30 VPN tunnel via Cisco ASA (Internet) with 3rd Parties/Vendors.I wanna know if there is any monitoring tools from Cisco or any others providers who can give me information/trend report about VPN tunnel Up/Down time, Volumns of Traffic, Protocols etc.
we are looking forward to monitoring the cpu, environment variables and the memory of a wireless lan controller via snmp. but we are not able to find in the mibs the right oid to manage this.can the exact oid be given in order to monitor these three elements on a cisco WLC 5500 series.
On the ASA5520 we would like to create a report that gives us trending over 6 monthes for the amount of people logged in via the SSL VPN and for how long. Is there a way to do this on the ASA5520? Does it have this ability? Could I do this in SolarWinds? My boss mentioned a software package that Cisco has that will show a history - is this correct?
