Cisco WAN :: 7604 QoS On GRE Tunnel Interfaces
Aug 31, 2011
I want to implement QoS on our Core router but the core router makes use of GRE Tunnels to remote branch locations.so far all QoS techniques i want to use cannot be implemented using tunnel interfaces.
the core router is a cisco 7604 router with IOS version 12.2 (33)SRE while the remote locations have ISRs (2821).
Which QoS technique to use with respect to GRE Tunnels as there are times of congestion due to heavy network traffic to those remote locations.
View 16 Replies
ADVERTISEMENT
Apr 11, 2011
We have just installed our first 2951 router, and were suprised to see in our Netflow collector that Tunnel interfaces appeared even though we did not configure any, I have seen other posts talking about PIM tunnel when using Multicast, but we dont use multicast and the tunnel is GRE questions are, where do these interfaces come from? how do they pick up an IP address? can we shut them down? IOS is 150-1.M4 loopback interface ip address is 172.16.224.238 ( tunnel source) see output from sh int below
Tunnel0 is up, line protocol is up Hardware is Tunnel Interface is unnumbered. Using address of Tunnel1 (172.16.0.1) MTU 17912 bytes, BW 100 Kbit/sec, DLY 50000 usec, reliability 255/255, txload 99/255, rxload 1/255 Encapsulation TUNNEL, loopback not
[Code]......
View 6 Replies
View Related
Oct 1, 2012
I have two Cisco 2941's going over a IPSEC VPN. I need to push the same network over this connection. For example i need 192.168.255.0 / 25 on my side and i need to plug in a laptop on the far end 2941 with the same network. I have built GRE tunnels before and i found a configuration online to brdige interfaces over a GRE tunnel.
when i get to adding the bridging to the configuration which i will show below i get an error. Please see below. Also when i try to add the same briding command on the GRE tunnel which is needed it doesnt show the bridging command as being available. The Cisco 2941's are both using version: mwr 2941-iprank9-mz.124-20.MRb1.bin.As i stated the only end result i need is to be able to configure a path from point A and B and have the same network on each end.
View 1 Replies
View Related
Apr 23, 2012
So in our DMVPN network, we have this Cisco 3845 hub router that is connected via a DS3 to the Internet, and our spoke sites usually have a broadband connection that typically have a maximum of 1Mbps upload capacity. We are getting ready to add a few more sites to our network that are connected to the Internet with 10Mbps upload speeds (and 50Mbps download). Spoke site routers are usually 800 series ISRs. We have seen spikes of 8-10Mbps on the hub router so far. So the question is that a site with 10Mbps upload speed transmit to the full capacity over a DMVPN tunnel or is it limited by other factors? What are those factors?
View 4 Replies
View Related
Jul 16, 2012
what is a maximum number of configurable gre tunnel interfaces on CISCO2921-HSEC+/K9 router?
View 2 Replies
View Related
Jun 27, 2011
To establish s secure tunnel using GRE with IPSec do I need to add a SPA-IPSEC module to my 7604 chassis?
View 1 Replies
View Related
Jul 15, 2012
We have a 7604 chassis with the following equipments:
1. RSP720-3C-10GE
2. 7600-SIP-400
3. SPA-1X10GE-L-V2
We would like our SPA to support XFP transceiver having part number XFP-10GZR-OC192LR.
View 2 Replies
View Related
Jul 26, 2011
We have a CISCO 7604 Router (GGSN) in our customer site. Since two weeks are observing high CPU utilization (even touching 100 percent). We performed a SNMP configuration on this routers 2 weeks back as well. But SNMP process is not consuming much CPU resources. The following is the output of the "show proc cpu" and "show proc cpu history.
------------------ show process cpu ------------------
CPU utilization for five seconds: 50%/15%; one minute: 49%; five minutes: 51%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
[Code]......
View 1 Replies
View Related
Jul 30, 2012
I have tried to reset the password for 7604 but it is not working. At the rommon mode, i input 0x2142, and then reset.
It reloads and keeps asking for password.
View 7 Replies
View Related
Oct 18, 2011
I have a 7604 Edge router that connects to our Data centre via Fiber.
but i keep getting input errors on the interface Gi3/5. i also found out that i cannot change the duplex settings on the edge router to auto, i only have two options of full and half and changing it has not worked either.
I have tried to use a switch in between the fiber modem and the edge router to try to manipulate the duplex settings, but when i tried it the port simply shutdown and then i have to reverse the configuration.
The software version of the router is 12.2(33)SRE3, i really need to sort this out as connection to and from the Data centre is quite slow.
View 3 Replies
View Related
Jan 6, 2013
what is the meaning of the following log messages on Cisco 7604 Core routers. The Core router is configured with 2 STM card configurations with Vlan assignments: [code]
View 3 Replies
View Related
Jun 21, 2011
We currently run 7206 routers with VAM cards and are able to configure the devices to perform stateful failover of tunnels from router to router. When moving to the 7604 with 15.1 IOS there are not any examples of how to set up the stateful failover of the tunnels between devices. We have the devices in the SSO mode are not able to understand how to get the redundancy between the devices functioning.
View 1 Replies
View Related
Dec 20, 2012
I have 7604 router with FWSM module in module 3.First of all the FWSM CF has been damaged, not physically. I bought the new same compact flash (size, partnumber, etc.). Downloaded the software 3.2 for FWSM, and ASDM from Cisco website. I realized that the procedure of creating new CF for FWSM is quite diffucult: creating 1-5 partitions, where 1 - is MP, and 4th - application partition. According to cisco documentation - the default boot partition is the 4th, so I partitioned from 7604 the CF into 4 partitions (partition disk1: <1-4> maximum) and copied the software and ASDM to the 4th partition (disk1:3:). Removed the CF from the router and put it into the FWSM module.
View 1 Replies
View Related
Jul 9, 2012
i have 2 cisco 7604 distrubution routers .Both routers are running 310 hsrp groups.
Sundenly there is hsrp flapping which causes high CPU.
What is the limitation of HSRP group on cisco 7604 router .Below is the show ver from the router
----------------- show version ------------------
Cisco IOS Software, c7600rsp72043_rp Software (c7600rsp72043_rp-ADVIPSERVICES-M), Version 12.2(33)SRC2, RELEASE SOFTWARE (fc2)
[Code]......
View 2 Replies
View Related
Dec 13, 2009
following errors message:I have a 7604 with the following IOS
Cisco IOS Software, c7600s3223_rp Software (c7600s3223_rp-ADVIPSERVICESK9-M), Version 12.2(33)SRB5, RELEASE SOFTWARE (fc2)
but for some days now I am receiving the following error:
Dec 13 09:51:37.737 CET: %SYSTEM_CONTROLLER-3-MISTRAL_RESET: System Controller is reset:Normal Operation continuesDec 13 15:30:17.392 CET: %SYSTEM_CONTROLLER-3-ERROR: Error condition detected: TM_NPP_PARITY_ERRORDec 13 15:30:17.392 CET: %SYSTEM_CONTROLLER-3-MISTRAL_RESET: System Controller is reset:Normal Operation continuesDec 13 21:17:24.225 CET: %SYSTEM_CONTROLLER-3-ERROR: Error condition detected: TM_NPP_PARITY_ERRORDec 13 21:17:24.225 CET: %SYSTEM_CONTROLLER-3-MISTRAL_RESET: System Controller is reset:Normal Operation continuesDec 14 04:42:03.363 CET: %SYSTEM_CONTROLLER-3-ERROR: Error condition detected: TM_NPP_PARITY_ERRORDec 14 04:42:03.363 CET: %SYSTEM_CONTROLLER-3-MISTRAL_RESET: System Controller is reset:Normal Operation continuesDec 14 06:27:10.935 CET: %SYSTEM_CONTROLLER-3-ERROR: Error condition detected: TM_NPP_PARITY_ERROR
View 4 Replies
View Related
May 21, 2013
I have router Cisco 2691 and Cisco 7604 and want to play with AutoQoS Cisco feature. But on both there is no such command But why?
View 1 Replies
View Related
Sep 20, 2011
I have two 7604 routers running IOS 12.2(33)SRB5a as ASBRs in my network. They both connect to a common AS via DS3 lines.FR01 is considered my main circuit, FR02 is the backup. But I have some heavy disk sync traffic I want to route via the backup unless that circuit is down.How could a static redistribution possibly influence all my routes ?
Here is the remote AS config on both routers. We summarize the routes and only change the redistribute metric to distinguish main from backup circuit :
[code]...
View 12 Replies
View Related
Jul 14, 2012
i read alot about password recovery , but when i apply it to cisco 7604 it fails ?i went to rommon mode and typed# confreg 0x2142 then i typed reset when the router startup it request a password form me ,i can enter the user mode , and when i type sh ver command i note that the config resgitser is 0x2102 , not 0x2142 !!!!
i could enter the privilage mode !!!! and seems no thing changed ! does this router has a specific password recovery procedure ? which differes than the classic procedure?
View 4 Replies
View Related
Sep 2, 2012
I was called into a company today to look at their Cisco 7604 router as it had stopped working. The supervisor has all it LED in orange state, there was no blinking of the lights at power on they went straight to orange. Tried removing all cards, having only supervisor card in, etc but always the orange lights.
View 2 Replies
View Related
Nov 14, 2011
Assuming I have the following setup: Cisco 7604 Cisco Systems Cisco 7600 4-slot Chassis System OSR-7600 Clock FRU 1 & 2WS-F6K-MSFC2A Cat6k MSFC 2A daughterboard Rev. 4.0 WS-F6K-PFC3B Policy Feature Card 3 Rev. 2.4 WS-SUP32-GE-3B 9 ports Supervisor Engine 32 8GE Rev. 4.6 WS-X6148A-GE-TX 48-port 10/100/1000 RJ45 EtherModule Rev. 4.1WS-X6548-GE-TX SFM-capable 48 port 10/100/1000mb RJ45 Rev. 11.3 The SUP32-3c says it supports both L2VPN and L2TPv3, however the line cards are effectively 6500 line cards and I was under the impression the 6500 didn't support these.
If the supervisor supports a feature does that mean it is globally supported on a switch? Or do I need to check the compatibility of these line cards as to if they support these features?
View 1 Replies
View Related
Dec 7, 2012
i have the topology :=========want to mention that im using port address translation on the router & not sure if it is making a conflict .
here is the config below :
why the cache is not working ?i mean that i tried going to internet with source ips of the subnet 10.20.30 , but i seems went to internet without any precedence of cahce server
[code]...
View 1 Replies
View Related
Jul 9, 2012
Example config
int g2/24
service-policy output test
#and/OR
int g2/24.10
encap dot1q 10
ip address 10.1.1.1 255.255.255.0
service-policy output test
View 5 Replies
View Related
Jan 9, 2011
i have a 7201 router with NPE-G2. i have a design which i have the option to send all the traffic through a GRE tunnel or a L2TPV3 tunnel.which method is more CPU consumption ?
View 1 Replies
View Related
Mar 11, 2012
I am having a problem with PBR done on a 7604-S router - It seems like it is not done in harware. I have an Iperf client and an Iperf server, and would like to test the performance of 7600 router for PBR, supervisor is RSP720-3C-G and used interface card is 7600-ES20-GE3C ESM20G.
I have read numerous discussions about PBR that is supposed to happen in hardware when you use it with matching access-list and set ip next-hop.Although, when I start the iperf, the 7600 cpu is hitting the 80-90 % boundary, and transfer bandwidth can't go over 120-130 Mbit/s.The IP Policy is applied on an interface part of vrf ONE maybe this is casing the problem... ?
The diagram and configuration follows:
Configuration:
c7604#sh run
boot system flash disk0:c7600rsp72043-advipservicesk9-mz.122-33.SRE2.bin
!
ip vrf one
[Code]...
View 8 Replies
View Related
Sep 23, 2012
I'm in process of purchasing a new Cisco routers for our branches that will be used primary to enable IPSec virtual tunnel interfce with "tunnel mode ipsec ipv4". does the default IOS IP Base supports this feature? or i need to purchase DATA license or SECURITY license?
View 4 Replies
View Related
Oct 17, 2012
I am using a Cisco RV110W (Firmware 1.2.09) in a branch and I would like to create a VPN Tunnel to another site that has a Cisco RV042 (firmware v4.2.1.02)
What would be the correct Configuration? the current configuration I am using is
in the RV042 i am using
Check Enable
Local Group Setup
Local Security Gateway Type : IP Only
IP Address : RV042 Pulbic IP address
[Code].....
View 3 Replies
View Related
Jul 24, 2012
Environment :linksys wrt300n v1.1 which can have ddwrt-mega. Willing to tunnel all lan's outbound traffic through an ssh tunnel.
View 2 Replies
View Related
Jan 23, 2012
There are a few situations were I'd like to be able to use the locally configured account on a device but still have ACS in place.I want to complete this WITHOUT adding the locally configured account into ACS.I have tried setting the advanced option under Identity for if an account is not found to "Continue" however this causes the account to be allowed as long as a password is typed (any password, as long as its not blank).
View 2 Replies
View Related
Feb 12, 2013
I've got router as vpn-concentrator which receives vpn site-to-site connections from 10 branches with cisco 881 and cisco 1941.I started cacti monitoring and found out that there are too many errors on interfaces.URL.
View 5 Replies
View Related
Mar 7, 2013
I have an ASA connected to 2 ISPs.I am using object tracking for the default route so only 1 path is used at a time. I have a L2L VPN setup going out interface A. I would like to configure a 2nd VPN going out interface B with identical parameters.
(ASA software 8.2)
crypto map PATH_A 1 match address outside_1_cryptomap
crypto map PATH_A 1 set peer 10.1.1.1
crypto map PATH_A 1 set transform-set ESP-AES-128-SHA
crypto map PATH_A 1 set security-association lifetime seconds 28800
crypto map PATH_A 1 set security-association lifetime kilobytes 4608000
crypto map PATH_A 1 set reverse-route
[code]....
View 2 Replies
View Related
Oct 8, 2012
We are using non-advertised IPs on many devices, but LMS is attempting to ping these addresses and setting off all sorts of security alarms. How to stop LMS 4.1 from pinging the interfaces? We don't even want LMS to do any fault monitoring so if that could be turned off, it would be even better.
View 1 Replies
View Related
Sep 30, 2011
I am trying to secure sub interfaces on a 2600 Router
interface FA0/1.1
No Access-group
Interface FA0/1.2
IP Access-group 110 out
Access-list 110 deny ip 2.2.2.0 0.0.0.255 1.1.1.0 0.0.0.255
Access-list 110 permit ip any any
This works but it blocks traffic both ways I only want to block one, I dont want FA0/1.2 to be able to access FA0/1.1 but I want all traffic to be allowed to go the other way
View 2 Replies
View Related
May 12, 2011
Does any know why the ASA will monitor physical interfaces by default, but monitoring of logical interfaces is disabled by default? Or better yet, is anybody doing a monitor-interface for a subint without issue? I'd imagine it isn't enabled by default for a reason.
View 2 Replies
View Related