Cisco WAN :: 7600 - How Many Sessions BGP Route Reflector Can Support
Jan 20, 2011
how many sessions a BGP Route Reflector can support? is it 10, 100 or 1000 BGP sessions? What degradation of performance may arise in the case of a BGP RR sessions overload? Consider that the RR I'm deal with has both the control plane and teh forwarding plane. Which command I may use for get the output about BGP sessions resurces used level?
The following are the data about the RR:
Cisco 7600
WS-SUP720-3BXL
Version 12.2(33)SRD5
cisco CISCO7609 (R7000) processor (revision 1.2) with 983008K/65536K
View 1 Replies
ADVERTISEMENT
Sep 12, 2011
If I have five iBGP routers in AS 64512 and one of the iBGP router has an eBGP peer to a different AS, which iBGP router (r1, r2, r4, r5, or r8) should I chose to be my route reflector and why? Also, what happens if the route reflector router fails? Do I designate a backup route reflector? I'm new to BGP.
View 4 Replies
View Related
Nov 13, 2012
We are a service provider and we have presence across different data centres located across the country. Our core boxes are the mixture of Cisco VXR’s and 6513 switches which have MP-iBGP peering with the route reflectors. If a new client comes on board, a new VRF will be created to carry the client’s traffic and as a standard practice the VRF will be added to all the core devices across the network even if they don’t have a presence in a data centre.Now, I am designing a network for a client who has presence only at two fixed locations as shown in the attached diagram. We will be acting as a transit network between the client and another service provider. So, I have planned to use MP-eBGP between us and the other provider and default/static routes to the client’s network I don’t think will be an issue. Since the client has presence only at two locations, my design thoughts are to create a VRF and a Vlan and form an iBGP session only between the two routers and bypassing Route Reflectors. Created the VRF at BNE_R1 and formed MP-eBGP relation with the other provider and I can see some routes appearing via the peering which is normal and expected.
My problem is (not problem I don’t understand how this is happening), I created the VRF on Mel_R1 router and did not add any extra lines of configurations to BGP under that VRF instance and when I was checking some thing I accidentally found the same routes which appears on Bne_R1 is appearing in the VRF’s routing table via MP-iBGP session through route reflector. I can’t understand how this is happening, since I haven’t added any thing on the route reflector and some how its leaking traffic.
Is this normal??Is it’s a must / standard / Good Practise to add the newly created VRF across all the device which peers with the route reflector ??Is there a way to override the Route Reflector just for this client (VRF) and form a direct MP-iBGP peering directly with the devices involved.A network can be designed in much number of ways.
View 1 Replies
View Related
May 27, 2013
I have question regarding route reflector. In my MPLS core network ,we have two route reflectors. Two route reflectors and each PE routers are belonged to a peer group. Route reflectors are Cisco 7301. IOS 12.3. I have Hardware maintenace on one Routereflector. How can I do that without interupting the end customer trafic.
View 2 Replies
View Related
Nov 23, 2011
I'm trying to figure out if the multi-layer Route-Reflector topology would work for me. Let say we have 2 Route-reflectors RC-RR1 and RC-R2 and all other router are their reflect-clients. Now I'm getting a new router RC-.E001 and would like to set new level of Route-reflectors. I'd like that now the router RC-E001 is a route-reflector client of RC-E002 (new level of RR) and RC-RR1, e.g. it will be a client of route-reflectors from different levels.
View 3 Replies
View Related
Oct 14, 2011
I posted also under Service Providers for my problem with MPLS/VPN. I just noticed I have the same issue with plain IPV4 BGP. [URL] I have two 7600 running on SRC3 and SRD6. Both acting as RRs.
I noticed that RR1 is reflecting the route to this other 7600 iBGP peer but not installing/importing the route. Other iBGP speakers are able to install and import the route. Is there any issue with 7600 SRC/SRD IOS for Route-reflection?
iBGP policy is similar to all but only the 7600 is unable to install the route. Other 7200 ibgp peers are successful.
View 1 Replies
View Related
Feb 19, 2012
I am very new to high end Cisco devices.(like 7600/6500 or ASR9K).
Why do we log in on RP. What actions we can perform after logging-on RP (route processor) or Why they are required ? Cant we make those by normal router mode (router#) .
View 2 Replies
View Related
Apr 29, 2012
I have run into a problem testing static route failovers using ECMP. I have an edge device (SUT) that has 2 NIC interfaces to an internal Loopback. Each NIC is a unique Gi port on an 7609 VLAN tagged with unique IP subnets. The 7600 is configured to route the loopback via the 2 NIC. I am using CEF in the network for other traffic performance testing. Using an external sniffer we can verify that when a ping is initiated externall to the SUT loopback a specific path is selected by the router.
Ping host ------Network-----7609 Gi1/21 (172.16.110.9)-----------SUT Nic1 (172.16.110.10)
| |
| -------Loopback 137.168.68.114/32
| |
7609 Gi2/21 (172.16.110.73)------------SUT Nic2 (172.16.110.74)
[code]....
Now, when the selected path is taken out of server (pulling cable for example), the 7609 is not clearing the routing table to indicate that particular path is down and failing over to the secondary path. Other things I have noticed is the show ip cef still shows both peers as well as the arp table but the interface shows down (show interface gi1/21 for example). I am running 15.1. My understanding is that since the ports are directly connected to the router, the ports should be detected as down and any association of the IP for the down port should removed. This should trigger the static route to update the static route for the end destination to use the second path and traffic should continue.
ROM: System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)BOOTLDR: Cisco IOS Software, c7600s72033_rp Software (c7600s72033_rp-ADVENTERPRISEK9-M), Version 15.1(1)S1, RELEASE SOFTWARE (fc1)
View 4 Replies
View Related
Apr 23, 2012
What are the limitations of Net flow v9 support on the 7600 platform for the SR code releases?
I know that Flexible Net flow is only available on newer releases with some newer hardware. Flexible Net flow gives you the ability to provide full support for Netflow v9 as well as IPFIX.
However, the documentation indicates that Net flow v9 is still supported in the SR code. So I am just trying to find out what are the limitations in how Net flow v9 is implemented without "Flexible Net flow". The Cisco TAC was unable to provide me any documentation about this.
View 1 Replies
View Related
Apr 3, 2013
Below is my Topo
DUT------router(7600)------Sami module (slot 9)
I have both ipv4 and Ipv6 config on all the three hops. Between Cisco and Sami module, I have the Ip config on vlan interface 1400(say). Its not on a physical interface obviously, I can ping ipv5 from DUT to Sami IPv4 address. But Ipv6 doesnt work. If I add a sttic route to DUT network on SAMI, show ipv6 route does not show it.
View 1 Replies
View Related
Dec 22, 2011
I´m looking for an IOS on a 7609 SUP720/MSF3 that supports the NAT-PT feature (IPv4 to IPv6 translation). I searched on the Cisco Feature Navigator but the tool didn´t show up any IOS for the 760x platforms. I only got the feature "NAT-PT: Support for Overload (PAT)" with IOS 15.xS train.
View 2 Replies
View Related
Dec 8, 2011
I would like to know the IOS which supports :ACL Support for Filtering on TTL Value feature on my Cisco 7600 device. I check on cisco and found the Cisco 12.4T release but this software doesn't fit onto my chasis. which software should I upgrade to on my cisco 7600 to have this feature.
View 5 Replies
View Related
Sep 24, 2011
how many route entries can ASA5520 (8.2.1-k8) support?
View 2 Replies
View Related
Sep 30, 2012
I have cisco switch 3550 IOS Version 12.1(19)EA1c.
I can configure route-map commands on that. but i can not apply that into any vlan interface. while i try to apply the following command ( ip policy route-map PBR) on VLAN int i get an error msg saying that the command is not recognized.
View 3 Replies
View Related
Dec 1, 2011
I have a question concerning about how many ospf and bgp route entries does 3945E isr g2 router support?
View 6 Replies
View Related
May 21, 2012
One of our client wants to know "How many route entries a 2821 router or 881 router can support" Such as the 3750 can support 11k routes in ‘desktop routing’ mode. But I want to know the limitations on routers.
View 1 Replies
View Related
Jun 24, 2011
I've enabled antispoof on all interfaces on asa 5510.If you start a traceroute to a network on the default route, everything works, since replies comes to an interface with route 0.0.0.0/0 defined.If you start a tracer route to a network that is NOT on the default route (let's assume coporate MPLS), you only get response from first carrier router, the other are discarded because of anti spoof violation.
I have ICMP inspection and icmp-error inspection enabled.
View 1 Replies
View Related
Apr 11, 2013
I have an issue with LMS not terminating SSH sessions on the Cisco ACE?
Cisco LMS 3.2
Cisco ACE A2(3.3)
View 1 Replies
View Related
Nov 19, 2012
What is the maximum allowed number of BGP sessions on Cisco platforms sup720 BXL and 7200 G2? Particulaty what are these numbers if BGP sessions are under MPLS vrf (i.e. maximum number of BGP session per vrf?).
View 2 Replies
View Related
Aug 28, 2011
the customer has a problem with LMS 3.2. This software doesn't terminate ssh sessions created by LMS on ACE. All ssh sessions still exist on ACE, so no new ssh session can be created until the administrator manually clear these session on ACE.
View 7 Replies
View Related
Apr 24, 2013
I've got a problem with an ASR1004 running "asr1000rp2-adventerprisek9.03.02.00.S.151-1.S.bin".
When I'm performing extended ping tests using a tclsh script i'm geting this error message:
ASR_X1A2#ping 172.27.1.250
% Authorization failed.
When i'm pinging 12 diffrent destinations this happens to about 3 of them.
Checking the logs I found this:
Apr 24 19:42:56.071: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection
In my entire backbone this is happening only in this equipment, I've checked the connection between my ASR and the TACACS and it's OK, no packet loss. CPU and MEM are OK too.
View 2 Replies
View Related
Apr 9, 2013
Cisco Works (LMS 3,2) is not closing SSH sessions to a Cisco ACE module, I see the following thread and tried the workaround to no avail.
[URL]
I have also seen the following caveat (CSCtz42393) but this seems to be LMS 4.x, would this be 4.x and below or do I need to find the equivalent LMS 3.2
View 7 Replies
View Related
Dec 15, 2010
Router is running with IOS 12.4(24T) and we are having problems like file download stalls, some emails not being send or received. CBAC is enabled on this router with default values. MTU is also the default value. This problem has started all of a sudden. seeing lot of errors in the logs as below:
Oct 27 16:47:52: %FW-6-DROP_PKT: Dropping smtp session X.X.X.X:4443 Y.Y.Y.Y:25 due to Stray Segment with ip ident 25800 tcpflags 0x5014 seq.no 288975356 ack 3363647737*Oct 27 16:48:31: %FW-6-DROP_PKT: Dropping http session X.X.X.X:2020 Y.Y.Y.Y:80 due to Stray Segment with ip ident 1472 tcpflags 0x5011 seq.no 2686554796 ack 4275837539
View 1 Replies
View Related
Aug 30, 2012
Earlier we had same problem with LMS 3.2
(RME-Admin-Config Management- Fetch Interval) from 180s 420s.
Now after LMS upgrade ( 4.2.2 ) the SSH sessions are stucked on ACE. We had not experienced it with 4.2.1
[code]....
View 4 Replies
View Related
Dec 19, 2012
Someone told me the commands, but I can't remember them. Have a router (2801) at the end of a highly utilized T1 link/router. How do I protect it so my SSH and/or Telnet sessions will get serviced if the router is real busy.
View 9 Replies
View Related
Apr 5, 2011
while traversing through Cicso ASA Firewall 5520,VPN sessions are disconnecting.In Accelissts for VPN-Outbound traffic from LAN to Client VPN ,we have allowed all Ports.Is there any inspection Rules are cause for this issue. In ASA Firewall,presently the inspection rules are [code]
View 1 Replies
View Related
Jul 26, 2011
We are using ACS 5.1 in our network. We have created users and grouped them as per the requirements. We want to restrict the user sessions in the network. A user should authenticate and able to access a network resource. But when he is active with that session, we need to block him from another successful authentication. We want to avoid multiple users using same user credentials for logging into the devices. whether this can be achieved by making configuration changes in ACS.
View 2 Replies
View Related
Sep 11, 2011
I have the default license for a ASA 5505 and this last Friday I received the attached log for SSH sessions through this firewall; we want to be clear about this issue. This limitation has to be with the 10 Inside Host or the Total VPN Peers limitations in this license? This firewall exists only to agree with a PCI requirement between our router and a communication with a Payment Card Industry Brand, all of this in the same site.
ASA5505 <164>Sep 09 2011 10:42:08: %ASA-4-450001: Deny traffic for protocol 6 src DMZ:X.X.X.X/2479 dst DMZ1:X.X.X.X/22, licensed host limit of 10 exceeded.
I hope that the communications through 22 TCP port, are not countable for license propose.
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 3, DMZ Restricted
Inside Hosts : 10
Failover : Disabled
VPN-DES : Enabled
[code]....
View 1 Replies
View Related
May 9, 2013
I am curious of the max supported SIP sessionf of the SRP500 series.
View 1 Replies
View Related
Jan 1, 2013
I've looked at the forum posts and the document post, and I understand the explanations. My question is, under system administration>max user session global settings, would setting a timeout (say 1 hour) purge these sessions?
Under access policies, I am not enforcing max concurrent sessions per user, due to some of our devices using a generic log in. But if I understand the explanation, and my understanding might be wrong, then setting an expiry timeout should purge the accounting sessions, right?
View 4 Replies
View Related
Aug 8, 2012
I have DSL line that gives 7mb down and 768k up. I have 2 users running win7 RDP session and after a few hours the session is unusable its so slow and then eventually it hangs . don't know where to start.
View 1 Replies
View Related
May 30, 2012
I am having a recurring problem with tcp sessions timing out / getting reset. I'm using the DIR-655 with PPPoE on a Qwest DSL line. Everything appears to be working fine (including my ipv6 tunnel) except for this issue where my long running ssh & database connections are being reset after a period of time.Currently have 2.03NA loaded, tried using 2.07NA but couldn't get ipv6 working correctly with the newer version.
View 7 Replies
View Related
Apr 6, 2011
In our organization ,recently we are facing a issue with VPN connections are disconnecting abruptly in reandom time periods ( 5Min,15Min,1Hr also).We have verified in our SysLog .[code] The same was worked well in Cisco Pix 515E Firewall ,After changed to Cisco ASA 5520,it is giving the issue.- All Ports are allowed for outbound traffic with a Source Network 172.16.40.0/24 to their Client VPN.- This issue is giving for other Subnet Users i.e 172.16.33.0/24 to their Cleint VPN sessions & I allowed all Ports for them for Outbound traffic. Any feature in ASA is casuing for terminating the sessions which was not in Cisco PIX 515E.- ASA version is 8.0.
View 2 Replies
View Related
