We have two 7609 routers at different city . Our both 7609 routers make MTU 1800 bytes and when I ping the other router with packet (1500 bytes) ,it can get thought .But when I ping with 15000 even 1506 bytes ,it didn.t work .As I didn't disable the DF field .
Internet address is 202.112.38.54/30
MTU 1800 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 96/255, rxload 81/255
[Code].....
There are many log messages on our three 7609 routers .
Aug 16 06:17:22.664 beijing: Invalid packet (too large) length=34176
Aug 16 06:29:13.102 beijing: Invalid packet (too large) length=34176
Aug 16 06:45:23.403 beijing: Invalid packet (too large) length=34176
Aug 16 16:46:17.245 beijing: Invalid packet (too large) length=34176
Aug 16 16:46:26.257 beijing: Invalid packet (too large) length=34176
Aug 16 17:15:30.621 beijing: Invalid packet (too large) length=34176
Aug 16 17:54:51.775 beijing: Invalid packet (too large) length=34176
[code]....
I am running ping between two Nexus 7018 over WAN link ,and I can see some set pattern of packet drop(7.40 % drop) with MTU size 1500.When I ping between my 6500 VSS pair and same Nexus 7018 over different SP WAN link on diffrent location , I am still getting same kind of packet drop (8% drop) with MTU 1500. Has any one else come across this issue with Nexus?
View 1 Replies View RelatedI'm trying to setup a GDOI based IPsec connection between a cisco AS901 (advanced Metro lic - asr901-universalk9-mz.152-2.SNI ) and a 7606-S.What I see is that the ASR901 is capable of decrypting the IPsec packet but I cannot encrypt the ICMP packet back, so the question is if the AS901 can support IPsec in software. What I could not find in the docs on CCO. [code]
View 1 Replies View RelatedI have made some test and i noticed that qos input policy does not classify the icmp packet based on their dscp.The "match dscp ef" or "match precedence 5" is not working only the "match protocol icmp" shows hits.
We need to classify the different icmp packets based on dscp ( TOS ) for measurement purpose.CISCO 7200, 12.4.25d and 12.4.20T have a same behavior.
How to trust the transit CoS value on ASR1013?
Tried so:
Router# configure terminal
Router(config)# interface gigabitethernet 0/0/0.1
Router(config-subif)# encapsulation dot1Q 1 native
Router(config-subif)# plim qos input map cos enable
But not worked.
Traffic path without ASR:
Server --> DLink 3526_1 --> Cisco 3750 --> Cisco 7606 vrf VoIP --> DLnk 3526_2 --> Client
DLink 3526_1 sets the CoS = 5
Client receives CoS = 5
If we add ASR1013:
Server --> DLink 3526_1 --> Cisco 3750 --> Cisco 7606 vrf VoIP --> Cisco ASR1013 --> Cisco 7600 global --> DLink 3526_2 - Client
DLink 3526_1 sets the CoS = 5
Client receives CoS = 0
We are small transit ISP for other downlinks. And currently have such setup 7201 and 7206NPE-G1, as core and edge routers also we have connected to IXP. Downlinks usually BGP connected to one of border router which is terminated via VLAN, thus sub interface. IXP are also connected via VLAN on router.
What I don't like about this is when one borderd goes down downlink will lose connectivty, also recently we start growing and getting more downlinks, so balancing between borders become problem. So my question is, how to make setup less fragile and more redudant.
In case customers buy IP transit(there is a BGP session between ISP and customer), they often ask for default route and for example prefixes from local internet-exchanges. What is the advantage to have default route + certain smaller(for example /17, /18 and /24) prefixes?
View 4 Replies View RelatedI understand that Cisco *wants* the APs to be directly connected to the new 3850.I have a few questions. Unfortunately, I think I know the answers. I just want to confirm.
a. When MA/MC is enabled on the 3850, does the 3850 start intercepting *all* CAPWAP packets it sees (much like CDP)? Even non-Cisco CAPWAP packets?
b. If I have a WLC 5500 upstream from the 3850, would APs hanging off a downstream 2960 be able to register to the 5500 through the 3850 when the 3850 is NOT in MA/MC mode?
c. If I have a WLC 5500 upstream from the 3850, would APs hanging off a downstream 2960 be able to register to the 5500 through the 3850 when the 3850 IS in MA/MC mode?
What I'm afraid of is:
a. yes, yes
b. yes
c. no
From the Q&A page:Q. Does the Cisco Catalyst 3850 support indirectly connected access points?A. No. The Cisco Catalyst 3850 switch will always terminate the CAPWAP tunnel locally. Pass-through mode or indirectly connected access point is not supported at this time.
We have a router 7609 with Supervisor Engine 720 (WS-SUP720-3B) (Policy Feature Card 3 and MSFC3 Daughterboard) and We have to configure QoS over a FastEthernet interface on a WS-X6148-RJ-45. When I try to apply the policy command I get the next log:
#service-policy output TEST_QOSbandwidth percent command is not supported in output direction for this interfaceConfiguration failed on: FastEthernet1/2 What kind of hardware and software requirements I need on my router to perfom QoS over ethernet interfaces?
Have high cpu utilization on Cisco 7609 router. when i check output "Sh proc cpu sort".
View 2 Replies View RelatedWe have Cisco 7609 routers in our network. We are using ppp multilinks between the sites. Because of the high traffic volume, we have to use multiple multilinks. 7609 router doesn't allow ppp multlink to span SIPs, so we use multiple mulitilinks between sites on different SIPs. OSPF for load balancing will be used. THE PROBLEM IS: when we define the second ppp multilink between two 7609 routers, the new multilink stays "inactive". Can we use multiple multilinks to the same router? We have enabled the command IP CEF DISTRIBUTED, but we still face the same problem". IOS used is: 122-18.SXF6
View 21 Replies View RelatedWe have a lab network set up with a 7609 router as the central core. Scenario: Laptop with a SIP client. In the lab is a session border controller that will route signaling and media to a SIP gateway with a call agent (172.23.112.201) and a media "handler" (172.23.113.6). The call processing device will forward packets to an RF network (108.x.x.x) where an NCS cable modem sits.Call signaling works perfectly fine. However, RTP traffic from the laptop to the NCS phone is getting routed incorrectly. RTP traffic from the phone to the laptop works fine. [code]
Packet captures show the laptop to phone RTP packets are being routed back towards the corporate router. These time out with ICMP TTL exceeded packets. There are static routes for 172.23.113.0/27 to the optical interfaces that go to the SIP gateway. Interestingly, I can ping an IP on the SIP gateway (not used for media, but is pingable) in that static range (172.23.113.1) just fine from the 7609 (i.e. it's not getting routed to the corporate router). Unfortunately, the IP for the media endpoint on the SIP gateway is not pingable. Config for the 7609 is attached.
vrf ping is not happening between two pe devices in 7609 router having VS-S-2T-10G modules with 15.1 SY1 IOS version? Is there any commands need to add? between pe devides ldp is running properly and ibgp too. I am doubtful about VS-S-2T module.
View 2 Replies View RelatedI have router which has two physical interfaces Gi0/0 and Gi0/1. G0/0 connects to metro over ethernet and Gi0/1 is configured a s router on a stick, which has many defined. All those interfaces have IP addresses assigned. EIGRP is configured between other metro sites. Here is a sample IP assigment for this site, let's say Site.
View 3 Replies View Related1. How to check the history alarms in Router 7609?
2. How to check whether an Interface was down?
I¨ve got an E3000 linksys (Sisco) router, but have some problem with the ICMP. I know this because I can not get access to the ports I'm opening from LAN pos. in the NAT setting. I'm running a windows 2008 server with my own homepage on and a FTP server.
View 4 Replies View RelatedHow do I disable ICMP echo on ea4500 - I don't see anywhere either in Connect or directly on the router web interface that allows this.
View 1 Replies View RelatedI need to remotely monitor a WRT45G from a remote host on the Internet. As such, I want to allow ICMP ping replies on the public Internet interface. However, I have found no feature to allow me to do this. Similar Netgear devices do allow this feature. I suspect the answer is, "you can't do that".
View 2 Replies View RelatedDevice: Linksys E1500 - firmware: 1.0.01? I've got a static IP setup for a small remote office and want to keep tabs on their internet connection by pinging it via a monitoring program we use. However, the router seems to not responding to ICMP.
- Filter Anonymous Internet Requests is unchecked.- I've verified that the Static IP is correct.
- I've tried pinging from several remote locations on different connections, with no avail.
I can't seem to figure out why i can't ping this device. I just want to make sure there isn't a setting in the wireless router that is preventing echo replies.The only other thing i can assume is that Comcast is filtering ICMP on their side of the WAN connection.EDIT: Here's a traceroute from my PC to the WAN side of the Linksys....
Tracing route to 50-194-XXX-XXX-static.hfc.comcastbusiness.net [50.194.XXX.XXX]over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 172.25.2.1 2 6 ms 16 ms 6 ms 10.0.0.5 3 9 ms 8 ms 8 ms 10.0.0.1 4 7 ms 7 ms 7 ms 10.0.0.2 5 8 ms 7 ms 7 ms ont-static-208.57.XXX.XXX.mpowercom.net [208.57.XXX.XXX] 6 7
[code].....
I have a problem when trying to connect my Xbox to the internet. When I run the Xbox Live conection test it connects to the network just fine, but when trying to connect to the internet it comes up with this message,Your console is not receiving ICMP responses properly.' The internet is working fine on other computers in the house.
View 3 Replies View RelatedWhen you use Group Policy to determine whether a link is fast or slow, fast links may be incorrectly flagged as slow links.
This problem may occur when a network that you are trying to detect a slow link to is configured to control the size and flow of Internet Control Message Protocol (ICMP) packets. For example, if a router allows for only ICMP ping packets that have a size of 1,024 bytes, the slow-link detection feature may flag the connection as a slow link. This is because the router discards ICMP packets that are larger than 1,024 bytes. If the router discards the packet because it exceeds the allowed size, fast links may be reported as slow links.
According to Microsoft, the default ICMP ping packet size of 2048 is used.Microsoft recommends changing every single Windows machine's ICMP size...but my customer would rather just change the router. It is a 2821 router, running 12.4(24)T4, using MLPPP to bundle two T1s.
Let's see if you can with this one:
DSL Internet Router (Dynamic IP) -> Linksys RV082 -> Firewall PC -> LAN
DSL Internet Router: 192.168.3.0/24
Linksys RV082 WAN2: 192.168.3.0/24
Linksys RV082 LAN: 192.168.5.0/24
Firewall (2 Nics): Nic1 is 192.168.5.0/24 and Nic2 is 192.168.1.0/24
LAN: 192.168.1.0/24
RV082 WAN 2: Configured with a DHCP IP Address from DSL Internet Router so it has 192.168.3.0/24 range IP.
Load Balancing enabled
Static Route added on RV082: 192.168.1.0 mask 255.255.255.0 gateway 192.168.5.x interface LAN
Firewall PC is completely Open as i was using it before.
I had a Fortgate 60B and everything worked fine, then a bought a RV082 and now i can get this up and running properly.The thing is this....whit the actual setup i have, computers only can navigate through HTTP web pages, other ports seem to be closed, but if the Firewall PC was blocking this i guess i'll know because it shows a message on screen when a policy is being applied. If i try to open HTTPS Pages it doesnt work, Even a simple pinng to google.com doesn't work from my LAN (192.168.1.0/24), but if i connect a computer on a local port on RV082 i can PING and i can browse anywere i want.
It seems to be that Firewall PC is causing problems but i execute a tracert to [url]...., the packet get stuck in the RV082.What im thinking is that maybe the RV082 doesn't allow to go trhu at all if the traffic comes from other networks that doesn't belong to the one configured on its LAN side.By the way the Firewall PC connected to the RV082 directly navigates perfectly.
PS. The reason im using Firewall PC is because that way is much easier and flexible to handle policies for Internal users than in the RV082 Router. I use this ume basically to set up VPN IPSEC and Dual WAN Load Balancing.
I have a scenario with 2 7609s connected through a MPLS service with 10 GE. In each7609 we have a 24 port channelized T1 Circuit Emulation Over Card.
The requirement is in 2 parts. First, we need to provide a T1 emulation service between the 2 7609s T1 cards.
The second requirement is that in one end there is an OC3 port, so the customer wants to send the traffic from this emulated T1 onto the OC3.
i'm doing B.E., final year.My project is IP TRACEBACK.so we hav to mark packets in router.Is it possibe to mark packet in cisco packet tracer?
View 1 Replies View RelatedI am currently setting up a new VRF on a Cisco 7609 which is advertising (as a RR-Client) an iBGP route to a Juniper MX960. This route is then getting sent back to the default route table on the 7609 but rejected due to the cluster-id loop prevention. Although not ideal I need this route to be visible in both tables.Is there a way of changing the bgp cluster-id per VRF rather than just globally?
View 2 Replies View RelatedWhat are the prerequisites before doing this? I have to upgrade a router this week if there is an opportunity to move it to a code that is more current that the one the client is currently running which is 12.2(33)SRD4. I see on the Cisco Support site that after this code, everything moves to 15.
View 2 Replies View RelatedThe router receives a packet with a destination of 172.16.1.130. which route will Router-C use to forward the packet? [code] The answer that the book give (Cisco's routing protocol and concepts) is: E however, and this is where i am confused, why isn't the answer A? This answer covers the left-most bit.172.16.1.0
View 9 Replies View RelatedConfiguring MPLS over GRE tunnels. I did not find any proper configuration example. I need to do this for encrypt the traffic between two PE routers. I have 7609 routers.
View 20 Replies View RelatedI have a hight CPU utilisation problem in my CISCO7609-S routers. the cpu utilisation can rise 99% et this is usually. In the moment of hight CPU the the process CPU give the following:
the show processe cpu history give: show version
i have a problem of high cpu on my CISCO 7609 cased by LMS 3.2. I have captured the trafic flowing between LMS and the router,
View 2 Replies View RelatedFirst and foremost, what I have are 2 x 7204VXR (Gateways), 1 x 4507R-E (Coreswitch), and our ISP have 7609.Got some issues with redundancy with our ISP.
7609
I I
I I
7204-A 7204-B
| |
| vrrp |
| |
-4507R-E-
|
|
internal network
Both outside interfaces of 7204 gateways are connecting to 7609 with different public ip block. I used VRRP for my internal nework and failover have been tested working.
Even tried to remove link of 7204-A and 7609, the failover works perfect. If I shutdown/ remove the link between my 4507R-E and 7204-A (primary gw_higher vrrp priority), vrrp redundancy/failover still works, but pings from internal network to internet is only 50% success....alternate 4 ping reply and 4 time out.
I have to do a migration of sup32 to RSP720 for which I need to know if you can operate the equipment connected with the 2 supervisors at the same time??? and it still working ?
View 1 Replies View Related
