Cisco WAN :: 878 Default Counters Doesn't Increase To Indicate Any Traffic
Feb 11, 2011
we have a 878 router and we want to mark traffics when entering on its lan interface.its lan interface is a layer 2 interface and we have created vlan interface and assosiated lan interface to that vlan.on vlan interface itself there is no service-policy command so we have to put serive-policy command on interace fast 0 itself which is layer 2 port.when we assign service-policy to fast 0 it doesnt work and it does not mark any traffic also class default counters doesnt increase to indicate any traffic is passing even it is not getting marked. ios version is advipservices.124.9T. How to mark traffic on this port. ii dont know why service-policy command is supported on layer 2 interface when it doesnt work at all.
I have applied named access-list in output direction on 1GE interface on GSR12400 (IOS XR 3.4),but there is no matches. Counters doesn't increase although access-list blocks or permits certain packets (access-list works as it should).
In status->logs sometimes the url is too long and is therefore cut with a set max limit number of characters. Is there any way to increase this character limit. I've been finding it very troubling because I am looking to log the entire url rather than just a cut up version.
I'm trying to NAT to a device that doesn't have a default gateway; effectivley we want to talk to the device as if we're on the same LAN but using only port 80.Here's the setup:
Remote Device on LAN A <-> RA <-> Remote router WAN A <-> ISP <->-- --<->ISP <-> Remote router WAN B <-> RB <-> Remote Device LAN B (no default gateway)
We're using Cisco IOS on 877s and I'm sure this can be done
I upgraded the firmware for my WRVS4400N v2 to version 2.0.2.1 firmware, now old and default passwords don't work. I have tried resetting it as well, and the default password does not work.
We have a Cisco Catalyst 4506 running: "Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9K91S-M), Version 12.2(25)EWA14, RELEASE SOFTWARE (fc1)" I have configured the default gateway as: ip default-gateway X.Y.116.65, However, when I do, "show ip route", it only shows the 3 connected networks and states "Gateway of last resort is not set". The Command "ip classless" is not set. I read on some blogs that this might explain the issue. However, when I go into config mode (config t), I get the following output.
We have an AIR-LAP1142N-E-K9 deployed in a H-REAP setup.This AP already got the configuration from the WLC when it was deployed at a remote site.Now we moved it to another site, but it doesn't appear in the WCS and i don't see any CAPWAP debug messages on the WLC.The routing work fine between the AP and the WLC, the AP also gets an IP address from DHCP and also received Option 43 information.
Now my guess was that the AP doesn't associate with the WLC because it has the old config file and it runs in local mode(without trying to connect to the WLC).We want to reset to factory defaults because we want to delete the configuration and force the AP to get a new config from the WCS.I don't know the enable password so i had to use other methods for reseting to factory defaults.
I tried to use the information from here:[URL]I used the "MODE button":I get the following message from the console:
"button pressed for 5 seconds process_config_recovery: set IP address and config to default 10.0.0.1"
eth0 is connected to a switch and contains the 192.168.2.0/24 range, and A is connected to my WRT54GL "B" (with IP 192.168.1.1, containing 192.168.1.0/24 range, DHCP serves IPs above .100) wirelessly. B is connected directly to my DSL modem.
The problem is that when I specify the default route using the interface name, I can't connect to the internet from A or any hosts behind it - I'm always hit with a "no route to host" error. Name lookup and pinging any local host (even in a different range) or the DSL modem works fine - it's only when going beyond the modem that things stop working. However, when I use the IP of B as the gateway, it works fine. I noticed that route output on A when the default route was specified using the interface alone had only an asterisk in the gateway column. I was under the impression that these approaches should be identical in practice, so though I got it working, I'd like to know what I'm misunderstanding (and/or misconfiguring). Why didn't the default route work when specified using just the interface?
All routers and the modem too have RIP (version 2) enabled, and of course the password isn't really the word "password".
For ASA v8.3 and above we don't need to use nat-controll, traffic from high security interface can go to low security interface without matching NAT statements.So does the ASA automatically NAT s the outgoing traffic to the outside interface by default?
I am trying to configure dual ISP on my ASA5505.I have everything configured and working when eth0/0 is connected, but when I disconnect it, it doesn't route any traffic.The static route for the primary isp is removed and the static route to the backup isp shows up, but no traffic goes in or out. I should note that I'm doing this as a proof of concept so eth0/0 is connected to a router and eth0/1 is connected to another router. [code]
I am having touble with a NAT concept. What I have is a 3rd party software VPN product that basically tunnels encapsulated traffic to/from a server sitting inside the network. Right now this traffic utiluizes a physical interface on the ASA5510, but I need the interface for another project.
Just setup a site to site vpn between 2 ASA 5520 Firewalls in two locations but vpn doesn't work even though i see phase 2 completed on the logs. I can't ping across the LANs.
we have three separated network segments going to one Cisco 3750 switch all is L2 .. from this switch is 100 mbit uplink.we need to apply some Qos mechanism not to saturate line by traffic from one network.. Configuration from various reason CANNOT be done on switch where 100Mbit line is terminated.. so all must be done on SW1,2,3..Correct me if iam wrond but as switches doesnt see traffic from other network iam affraid only think we can do is limit bandwidth on links going into SW1,2,3 to 33 Mbit.I found commad srr-queue bandwidth limit.But links going to SWs are 1Gbit so if i force bandwidth to 10% (minimum what command allows) its 100 Mbit..If I force speed on those links to 100Mbit and than apply srr-queue bandwidth limit to 30% doest it work.??. Will srr-queue bandwidth limit speed to 30Mbit?? Or srr-queue bandwidth limit is calculated from maxim speed of interface?
We are using several Cisco ASA 5505 with the 8.05 OS on it. The problem is that the SMTP traffic of my ISP(Telenet) isn't passtrough the ASA, I'm using outlook 2010. Before there was also a problem with our local exchange server but I solved this by disabling ESMTP checking in the policies, but it didn't worked for my local ISP.
I just purchased a Cisco SF 102-24 unmanaged 100 series swith with a MGBSX1 mini-Gbic converter. My goal is to connect this to a building that is connected with a Black Box LH1706A-ST media converter that has 100mb ST fiber connections. In my testing the Black Box shows both a Fiber link and RJ45 port link at 100mb, but the MGBSX1 does not show any link lights or traffic. So a computer connected to the Cisco switch is not able to communicate over the fiber connection.
Can the MGBSX1 be connected to a media converter that only has 10/100 ST fiber connectors?
We have recently deployed several Ciso 887VAW (IOS 15.1(4)M4) to customer premises and I have come to realise counters show extremely high (not at all accurate) output rate and packets on all of them. [code]
My customer recently deployed WLCs and WCS in their environment. However, recently they experienced slow performance. To futher finding out the root cause, I generated the 802.11 counters report from the WCS and noticed the following parameters is shown. Tx/Rx Fragment Count/Sec and FCS Error Count/Sec
1. Can I make the assumptions that the overall transfer of packet rate in that interval is the Total of Tx/Rx Fragment Count/Sec and FCS Error Count/Sec?
2. If the output rate of Tx/Rx Fragment Count/Sec and FCS Error Count/Sec are the same, does it mean that 50% of the packet are corrupted and this high FCA Error Count/Sec will cause performance degradation to the wireless througphput?
3. What is the baseline of the FCS Error Count/Sec that is acceptable? As for the case with wired, 1% error rate is acceptable. Will wireless have the same baseline?
I notice strange input rates on the interfaces of a 881 router:
show int fa4 .. MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec .. 30 second input rate 85000 bits/sec, 11 packets/sec 30 second output rate 16000 bits/sec, 9 packets/sec 221434 packets input, 287889736 bytes .. .. 142286 packets output, 15683576 bytes, 0 underrun
How can 11 packets/sec be 85000 bits/sec -- average packet size of 8KB?. The total packets input (221434 packets versus 287+ MB) also shows this kind of a 10KB+ average packet size. There is ahardly any traffic through the router when the above snapshot was taken so 11 packets/sec sounds right, but not the 85Kbits/sec.
The router is running c880data-universalk9-mz.151-4.M4.bin and config is simple with a single Vlan (inside NAT) with a public IPs on fa4 and a couple of IPs for dynamic NAT. Everything works fine except for these interface counters that look worng.
I have ACS 5.1, I have created a user with privilege 15. I need to allow a single command by command set. I have configured command set. in command set setting i have unchecked "Permit any command that is not in the table below" and added command as below.
Grant Command Argument Permit clear counters
its allowing me to run clear counters, good is its not allowing to show run and configuration t commands. And problem is i can run reload command also even show interface commands.I just want to allow clear counters command only.
I have configured a vlan interface on a 3750 switch. there is aprox 4Mb active traffic flowing through the interface, but when I do a "show interface vlan (vlanid)" the output show zero bits in and zero bits out. Its a typical L3 config with one IP on the vllan interface acting as the gateway for the VLAN devices. Is this a normal behaviur ? and if so is there any way to get the traffic in/out stats. The end PC/devices are connected to this switch via an L2 TRUNK and I dont have access to the L2 switch on which the actual devices connect. so cant get the real time stats of those interfaces.
I am having ACS 5.2. I have to configure a user which would have privilege 7 access and addition to this, a user can run "clear counters" command.how to configure cammand set for "clear counters"?Can i run clear counters by privilege 7?
Using an ACE 4710 we have a user setup with the Network-Monitor role which allows the user to view config, interface status, etc. We would also like to allow this user to clear the interface error counters as well, but nothing else.
I have a WLC 2106 with 3 APs. Everything works and users can connect, but the throughput seem to be lower than it should (it is around 8Mbps and should be around 30-50Mbps). And all speed and duplex has been accounted for.
I am trying to understand the stats that I see for the 802.11 MAC counters I under the Wireless APs.on the controller.
That screenshot is attached. I see high numbers for the following areas:
i am new to MPLS on cisco routers. For our interoperability testing i need MPLS tunnel counters output ( data sent out and data received.). i am not able to find this information in cisco user guide. As per standard it is defined in MIB table mplsTunnelPerfTable of stdte.mib.
I am attempting to monitor bandwidth utilization of the WAN port for the RV180 via SNMP and I am getting strange results. If a 256MB file is transferred from a remote server (without compression), the ifInOctets counter doesn't increment by anything resembling 256MB:
I'm reasonably certain that the .5 interface is the WAN port based on the value of ipAdEntIfIndex.X.X.X.X, but even if that were not the case, none of the other interfaces increment by a value close to the amount of data transfered. SNMP monitoring of a WAP121 on the same subnet returns expected results. I can only assume that SNMP on the RV180 is completely broken.
The router has the latest firmware available (1.0.1.9). There is only one network connection and the RV180 is the default gateway for all internal hosts.
This is a continuation of my last post in which I need to apply ACLs to the physical ports within Etherchannels. The switch is a Catalyst 2970 running IOS 12.2. These Etherchannels are configured as trunks with 2 VLANS allowed on each trunk.I have applied an inbound ACL on the physical ports that filters based on layer 3 and layer 4 traffic. The issue that I am seeing is that the counters for the ACL are not increasing even though the ACL is clearly doing its job. At the end of the ACL I have an entry of "permit ip any any". Removing this from the list causes connectivity problems to the server on this port. Adding it back and everything is back to normal. However the counters don't increase. At first I thought maybe this wasn't supported on this switch but then I noticed the counter had increased to "2 matches" later in the day. What is the normal behavior is for this switch and does it support logging on an ACL entry as well.
I can't remember clearing the log with a clear counters. Router is a CISCO 3925-CHASSIS (revision 1.1) with C3900-SPE100/K9..System image file is "flash: c3900-universalk9-mz.SPA.150-1.M4.bin"..I did a : clear counters, enter. got this standard message >> Clear "show interface" counters on all interfaces [confirm], enter and it CLEARED the LOG BUFFER as well !!!! never seen that before. Its a newly turned up router, repurposed from another part of our network.
Ive got a 494810ge switch, and this parameters are important for me:
sh int gi 1/4 counters detail Port InBytes InUcastPkts InMcastPkts InBcastPkts Gi1/4 252819467437788 173264735013 10827 760 Port OutBytes OutUcastPkts OutMcastPkts OutBcastPkts Gi1/4 36657317030233 280590958051 5248439 5443194 Port InPkts 64 OutPkts 64 InPkts 65-127 OutPkts 65-127 Gi1/4 558420918 205564441592 2627477631 60865368994
[code]....
Some parameters i can get by snmp (InBytes,InUcastPkts,InMcastPkts, and so on from out), but how can i take other parameters? I would like to do it by snmp but i did not find proper oids. Now I making a sheme like this: eem every 90 seconds takes this info and writes it down to file into nvram and then send it by scp to server, where file is processed by monitoring system script. It is not very good, cause cisco system cpu sometimes spikes of this and i dont know a resourse of nvram, how much times can i write to it?
