Cisco WAN :: 6509 Filtering Out Default Route From Full Internet Routing Table
Sep 12, 2011
I have a question about filtering incoming bgp route updates from an internet provider. This provider sends the full internet routing table and default route and on an incoming prefix-filter on the customer switch (C6509-sup720) the default route is only accepted.What happens on the 6509 switch when the BGP peer flaps?Does it need to process all the internet routing updates, and if yes probably it cannot handle all these updates?What happens with the CEF table, will the switch install the routes first?
View 4 Replies
ADVERTISEMENT
Jan 16, 2013
In datasheet of WS-SUP720-3B - link- was said that are only supported around 256K routes (fib?rib?).With this value I can't get 2 full bgp - that is around 850K ..
The supervisor is that control this or just memory ? I said this because I have a 7204-npe-g1 whith 2 fullrouting and 1G of and he are ok..
View 3 Replies
View Related
Nov 29, 2012
Right now I have 2 default routes load balancing 100MB internet links. This is on my 2 6509's.
ip route 0.0.0.0 0.0.0.0 10.47.2.1 (FWSM)
ip route 0.0.0.0 0.0.0.0 10.47.2.250 (5510)
Is there anyway to make the first default route take more of the traffic, like 60/40 or 70/30?Any program that I could use to see top users going through the FWSM?
View 1 Replies
View Related
Apr 5, 2012
I have an MPLS router that connects to the core network.This router distributes (per route maps) routes from OSPF into BGP and from BGP into OSPF.The OSPF Process conencts a 6509 to the 7206 MPLS router. There are some routes in the OSPF process that I have filtered out of the 6509. They do not show up inthe 6509 at all and this is the only way they can be getting into the 7206.Checking the 6509 database, this route is gone, but it stays in the 7206 until I clear the route manually. The result is the route still gets distributed into MPLS. [code]
One thing to note, there are two possible OSPF paths the route gets into OSPF, one of them, the route is filtered with distribute-list on the 6509, which means it is still in the database, so it is still in the 7206 database, and still get distributed into BGP on the 7206, correct?
View 3 Replies
View Related
Apr 3, 2012
I have a router with two interfaces what i need to filter the HTTP traffic from one interface and the rest of the traffic through the other on my cisco router 2800.
View 3 Replies
View Related
Feb 6, 2013
On the 6509, with normal 67xx cards installed, where is all the mac table held, is it held on the card itself or on the supervisor? And if I use dcef cards, I gather the MSFC copies the mac table to the DFC ?
View 1 Replies
View Related
Jan 23, 2011
I need to remove (or change) the default entry in the routing table for Windows XP, which routes packets with a destination equal to the adapter's address to localhost. The reason for this is I want the PC to be able to send packets to a device (with IP address A) connected to one adapter on the PC with IP address B, even though a second adapter on the PC has IP address A.
View 1 Replies
View Related
May 2, 2011
I know that WRTP54G is a voip device, but it is router as well and my problem is related to routing part.I cannot access public internet servers with IP in subnet 2.0.0.0 / 8 and 1.0.0.0 / 8. In the 2.0.0.0 / 8 subnet are some akamai cdn servers (yes, the fbcdn .After some time I've found, that routing table in wrtp54g contains also entries:
1.0.0.0 0.0.0.0 255.0.0.0 LAN&Wireless2.0.0.0 0.0.0.0 255.0.0.0 LAN&Wireless
which cannot be deleted. It looks like someone wanted to filter dark space when the router was developed.Is there any way, to get rid of it? I've restored to factory defaults, no change. Firmware version is 3.1.27.ETSI
View 9 Replies
View Related
Sep 21, 2011
I have a problem connecting SRP541W to my ISP (L2TP). Connection is established, but default routing table is wrong: instead of gateway I see Server IP: [code]
In similar situations other users of my ISP with Cisco routers (IOS) solved this problem by adding command no peer neighbor-route but i can't do it through the WEBgui...
View 3 Replies
View Related
Nov 9, 2011
i have issues logging into one of our core switches.its a 6509 switch but i cannot log in remotely.when i try to console in on the console port, i cannot log in instead i get the above error message.I haven't rebooted yet but would it solve the problem as this switch is a production switch.
View 6 Replies
View Related
Feb 19, 2013
My comany is planning get full bgp table from our providers we have mutliple egress providers in order to load balance we are looking for a full table from all of them what would be minumu requiremts we have all edges as 6500 with sup 720 ,is there any memory requrements that need to be upgraded ??
View 4 Replies
View Related
Jun 19, 2011
I've inherited a project building an internet connectivity solution for a large corporate. It has its own AS and its own PI space. They are putting in 100Mbit connections from 5 different Tier1's , taking full internet routing from each. Cisco ASR1002's have already been specified and purchased for the job. I'm not familiar with the ASR platform at all - is it up to the job with full routing tables? multiple instances of full tables ? (not likely to put all 5 into one box!)
View 2 Replies
View Related
Feb 7, 2012
I'm looking for a Cisco device to run a full BGP table with a 60Mb link. And one of the main restrictions is that my traffic is almost 100% real-time (voip). So the average packet size is small. Today we own a Cisco 7204 NPE400 with 512Mb RAM. I think even though I upgrade it to a G2, due to the small average packet size, the router will be near to its limit. Maybe a Cisco 7300 NSE-150? Or should I think about a switch?
View 3 Replies
View Related
Nov 15, 2012
Region : Thailand
Model : TD-W8961ND
Hardware Version : V1
Firmware Version : 2.0.0 Build 111111 Rel.1111
ISP : 3bb
I have a problem when I am trying to add another static ip address to the list
the message above in title pop up, how can I fix it?
DHCP Table is Full!
View 1 Replies
View Related
Jan 26, 2013
I have recently installed a Cisco 2911 ISR G2 with the default 512 Mb DRAM intending to eBGP peer. I ordered the 2GB upgrade RAM however due to time constraints on backordered parts, I fired up this router and eBGP peered without it. The Peer advertised the whole route table with 400,000+ routes. The BGP session came up then the router crashed due to not enough memory. The router disabled IP CEF due to insufficient memory. I disabled IP CEF permanently and have been running the router in this condition for 3-weeks with a stable eBGP session. This resulted in no CEF, 25% CPU during light traffic, 89% memory, and 50% CPU when traffic is around 30 Mbps through the router.
I am experiencing a hit to the throughput resulting in a lost packet and practically a brief traffic stall roughly every minute. This hit is so quick that it does not always result in packet loss and IP traffic sessions are not reset. I do see this on my live bandwidth graphs that the traffic takes a dive every so often, roughly 1-minute.
I initially thought this problem could be L2 to the upstream eBGP peer but all interfaces are clear of errors. I also thought this could be the BGP session going down, however, It is always up. I thought this could be duplex mismatch on L2, however its solid and no logs on either end. Funny thing is pinging thr router from both the LAN side and the WAN side results in the same packet lost every minute or so.
Even though the CPU and memory always stays the same at under 20-50% CPU and less than 89% memory, do you think this could be the BGP Scanner walking the routing table every minute?
View 6 Replies
View Related
Feb 25, 2013
We have two catalyst 3560 switches running c3560-ipbasek9-mz.122-58.SE2.bin They are connected using etherchannel using gi 0/21 - 24 interfaces.
on 3560-1 switch, there isn't any ip-default gateway or ip route configured. It only have 1 interface vlan configured.
on 3560-2 switch, there is ip default gateway configured along with 1 interface vlan.
What i dont understand here is that, i can reach out to other subnets from 3560-1 switch in which the routing is not enabled?
View 4 Replies
View Related
Jun 24, 2011
I've enabled antispoof on all interfaces on asa 5510.If you start a traceroute to a network on the default route, everything works, since replies comes to an interface with route 0.0.0.0/0 defined.If you start a tracer route to a network that is NOT on the default route (let's assume coporate MPLS), you only get response from first carrier router, the other are discarded because of anti spoof violation.
I have ICMP inspection and icmp-error inspection enabled.
View 1 Replies
View Related
Mar 6, 2012
I have two ISPs. Each is on it's own subnet connected to the 6509 MSFC/Switch. FW1 is on 100.1.100.0/30 and FW2 is on 200.1.200.0/30 subnet. My goal is route all traffice going to the Internet from subnet 10.133.3.0/24 to FW1 and all other subnets across the organization to FW2. I am not sure if I need to use ACL / Static route combo, or just a static routes or ACLS?
View 5 Replies
View Related
Dec 11, 2011
My network has two connections to a third party via links on two seperate ASA , one in location A and one in location B. The link in location A is the primary connection and the other in location B should be used by only two terminals (term1, term2) in location B. ASA are running OSPF and are redistributing static routes as metric-type 1 in OSPF. In order to achive the aforementioned goal, I have configured a route-map on ASA location B, that sets the metric for the route towards the third party to a high value (100). This way, all routers, even those in site B prefer the exit through location A (metric about 24).
I have checked that my routers correctly have the route to the 3rd party through location A, and the OSPF database has records for the network from both locations.In location B, I have configured the following route-map (on 6509)
route-map PREFER-LOCAL-ROUTER permit 10
match ip address XXX
set ip next hop locationB-ASA
int vlanYYYY
ip policy route-map PREFER-LOCAL-ROUTER
[code]....
From the terminals (term1 and term2) I have tried a traceroute towards the 3rd party's subnet, but I don't get any match neither on the access-list nor on the route-map. Unfortunately I have no other way to test that my configuration is correct, since the application on the terminals, that should access the 3rd party network, is not currently running.
I also addedd the statements below to the access-list, because of the test with tracert:
permit icmp host term1 route_to_3rd_party 0.0.255.255
permit icmp host term2 route_to_3rd_party 0.0.255.255
Nothing changed...Is there something wrong with the above config? Is there a chance that there is a problem with the IOS, that simply doesn't show any hits?
View 9 Replies
View Related
Sep 5, 2012
I have a MPLS cloud in our data center. I want one network coming into our core router to have a different default route than the other networks coming in. I'm getting hits on the acl but the route isn't applied and goes to the default route that is configured in the router. I have other PBR for setting local-preferences and as-paths and they are working fine.
The router is a 7206 Version 12.4(11)T3
!
ip route 0.0.0.0 0.0.0.0 1.2.3.4
!
ip access-list extended 2nd_Default_Route
[Code].....
View 1 Replies
View Related
Jan 24, 2013
I have a Cisco 2960 ( WS-C2960-8TC-S) running 12.2(46)SE C2960-LANLITEK9-M image.I would like to set an ip route 0.0.0.0 0.0.0.0 87.101.156.97 but the current image does not allow.Will ip default-gateway 87.101.156.97 work or do I need ip routing ?The ISP has provided a /30 address and we are using an additional /29 for our network devices. I dont think this image can be upgraded. I need to forward routes directly out to ISP. [code]
View 5 Replies
View Related
Jul 27, 2010
IP SLA configuration fails over but cannot ping the 4.2.2.2 via Site B. Here is the output on Cisco 3750...
SW2#show runBuilding configuration...
Current configuration : 2901 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname SW2!boot-start-markerboot-end-marker!!!!no aaa
[Code].....
View 5 Replies
View Related
Aug 19, 2012
I'm working on a little OSPF setup in my lab and having a problem pinging out to the internet.I have a setup with (3) 3550's running ip routing. I'm configuring OSPF but I can't ping the internet from any L3 switch except the switch with the actual uplink to the internet.[code] From SW2 and SW3, I can ping SW1 on all IPs (192.168.1.90, 10.10.10.1, 10.10.10.5) but I can't ping 192.168.1.1 which is my gateway to the internet.
View 3 Replies
View Related
Jun 20, 2012
I have a 3750 at a branch running EIGRP connected to two routers that both have configured:
access-list 1 deny 0.0.0.0
access-list 1 permit any
access-list 2 permit 0.0.0.0
access-list 2 deny any
router eigrp 1distribute-list 1 out FastEthernet0/0distribute-list 2 in FastEthernet0/0
Due to this recently applied config the switch become unreachable from the outside and cannot ping anything. Everything connected to it works fine. I was able to remote into it from a switch behind it and noticed that the 3750 has no default route in the routing table. I do see a default route in the eigrp topology table. How to make the switch learn a default route maintaining the existing configuration on the routers.
View 3 Replies
View Related
Dec 2, 2012
my LAN is set up with default VTP settings
-core switch cisco 6509 vtp server
-access switches 2960 vtp server
-no vtp domain set on any switches
-no vtp password set
untill now i manually set the vlans on switches (didnt see anything automatic created on switches)is there any danger with the above settings , that a switch with domain name set and higher revision numberwill delete my vlan settings? if yes how can i protect/disable vtp in my LAN
View 11 Replies
View Related
Sep 23, 2012
I just got my Cisco SG300 28, but I have some problems getting the routing to work. I get the vlans to get to the router, with the default route. But not getting them to talk with each other. I can ping the IPs from the cisco, but I am not getting traffic to go from vlan 1 to vlan 2. When I try to google, it say that it should do it automatically, and I found no setting for it. It looks like it not creating any route for the interfaces.
View 2 Replies
View Related
Dec 12, 2012
Cannot set route map on interface vlan. which in non default vrf on Cisco 3750.IOS c3750-ipservicesk9-mz.122-55.SE.bin sdm prefer route in enable ip vrf users rd 200:0 route-target export 200:0 route-target import 200:0 interface Vlan201 description Users 1 ip vrf forwarding users ip address 10.31.76.1 255.255.252.0 ip helper-address 10.31.4.57 route-map fromuser permit 10 match ip address fromuser set ip next-hop 10.31.128.155 When I enter "ip policy route-map fromuser" to interface Vlan 201 I heve the message:
% Remove VRF configuration from interface Vlan201 first
View 5 Replies
View Related
Sep 19, 2012
Recently we observed that newly installed WS-C3560CG-8PC access switches are able to communicate without a default route or default gateway.The 3650 switches are used as a layer2 access switch behind a layer3 distribution/core. They have only the management VLAN configured for IP with a single address.
The ARP table looks like there is an implicit proxy-ARP request sent for any IP address.
We definitely have no configuration whatsoever which would explain this.
Is this a new feature? We don't observe that with the older 2960-series...
Here is a brief trace of what's happening (debug arp):
host41#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Sep 20 14:44:06.706: IP ARP: sent req src 10.1.8.41 1833.9dc9.wxyz,
dst 1.1.1.1 0000.0000.0000 Vlan1
Sep 20 14:44:06.711: IP ARP: rcvd rep src 1.1.1.1 2c54.2dd3.wxyz, dst 10.1.8.41 Vlan1..
[code]....
The mac address if of course the mac address of the layer 3 interfaces of the distribution switch, no surprise here (proxy ARP is turned on by default).
Why is the 3560 sending out proxy arp requests without being told to? As far as I understood proxy ARP on Cisco IOS it only means it will reply to a proxy ARP request but will not send out proxy ARP requests by default.
View 3 Replies
View Related
Apr 5, 2012
I was looking at a problem where a traffic from certain sites have a restricted bandwidth, an ongoing problem for a year or so, apparently this throughput never exceeds around 25Mbps. My customer describes a situation where the end to end utilisation rises, eventually flat-lining at around 25Mbps. how many extra systems come on line, this traffic never exceeds this rate, and end users complain of poor responses.
During my investigation I found that one of the switches (Cat 6509) in the traffic path has a policer configured on a vlan interface, the policer has 3 sections for different traffic based on DSCP markers, and a default (unconfigured) class-default. Various people have had a poke about with this config over the years, with the result that all the traffic has the CoS and DSCP tags set to 0. All this traffic is hitting the class-default in the policer.The link that this traffic hits the Cat 6509 on is a 100Mbps link.
If I was designing this from scratch I'd probably configure a rate for the class-default.my question is, in the case where no specific configuration has been entered for the class-default, how much bandwidth is allocated to this class?
View 1 Replies
View Related
Feb 3, 2013
Last week we had some forwarding issues with our cat 6509e VSS pair, wherby clients could ping the gateway but couldnt route through it! we identified this as being core 2 in the vss pair, yesterday we rebooted the 2nd switch and now the issue has been resolved.
View 4 Replies
View Related
Apr 11, 2012
I have a 3560G and an ASA FW, for which I am trying to use PBR to append the next hop. The gateway is the switch VLAN address and the amended net hop is the same VLAN interface on the ASA. Trouble is, I can ping the FW from a client, but not the switch. If I remove the route map, I can ping both. Even more strange is this is the case for some VLANs, but not all!
Config:
HOST ON VLAN 96
IP 10.11.120.99
S/M 255.255.255.240
[Code].....
View 2 Replies
View Related
Jul 4, 2012
A check out a network segment and want to know why SwA has a static route to SwB if SwA already has a Default GW to Core?
(SwA, SwB - Catalyst3560, Core - Catalyst4948)Note, there are distribute list on SwA - it does not has any OSPF route (exclude O*IA).
Does this mean when SwA send out packet with DA 10.5.64.0/26, Core will use only L2 switching (instead of L3)? Is this more effectively for Core Switch?
Pleace check my reasoning:
1. When use a static route: SwA receive packet from Vlan 20 with DA 10.5.64.0/26 it will strip out Dest. MAC and replace it with MAC of SwB. Core will switch this packet to SwB based on mac add. table (l2 switching)
2. When SwA has only Default gateway and receive packet from Vlan20 with DA 10.5.64.0/26 it replace Dest. MAC with Core MAC. Core receive this packet, lookup route table for 10.5.64.0 entry and forward packet base on this.
View 6 Replies
View Related
Mar 5, 2013
We have a 6509 series of core switches and 3750 series of L2 switches, There is no default gateway or any static routes to any IP.VLAN 1 is made admin down and another vlan is used for all communication here in this environment
Attached is configuration for reference But still I am able to take telnet or SSH. I want to know how telnet or SSH or tacacs authentication happens without any static or default route.
View 4 Replies
View Related
