Cisco WAN :: Object Tracking In Nexus 7018 Platform
Oct 30, 2011
I'm going to replace a Cat6513 with a Nexus 7018. In my Cat6513, there are object tracking config as follows:
ip sla monitor 1
type echo protocol ipIcmpEcho 112.78.254.249
timeout 3000
frequency 6
ip sla monitor schedule 1 life forever start-time now
ip route 172.17.7.0 255.255.255.0 165.202.51.46 name VPN-1 track 123
Is there similar feature in Nexus platform? Because from Nx-OS command ref, I only found:
ip route ip-prefix/mask {[interface] next-hop} [preference] [tag id]
Seems can't associate a track object to a static route in Nx-OS?
View 4 Replies
ADVERTISEMENT
Mar 18, 2013
We have a Nexus 7010 running version 6.1(2).
I'd like to use IP SLAs and object tracking to define static routes for specific source/destination traffic across some WAN links we have. I've done this in IOS and it's worked fantastically, but I've not found where/how to do this on the Nexus 7010 platform (or any Nexus platform) as of yet. I could have sworn that this was going to be introduced in the 6.x code? Below is an example of how we do this in the IOS world:
track 11 ip sla 1 reachability
delay down 15 up 15
ip sla 1
[Code]....
Esentially this gives us the option of using a "failover" default route. I've attached a basic diagram to explain what we are trying to do with IP SLAs and object checking. The tracking should be configured against an SLA that uses icmp and the static routes should be configured against the tracking.
View 3 Replies
View Related
Jan 29, 2012
I was configuring route tracking at a client with several sites to route across GRE tunnels and being able to detect a failure of the main site. To my surprise when configuring a 2800 series router (after sucessfully configuring a 1800 series on the same infrastructure), a 2821 with IOS 12.4(24)T2 IPbase, the commands for ip sla object tracking don't show up.The feature navigator says the router supports this, but it just won't take the commands (also tried older versions of the commands such as "ip sla monitor.." and "rtr .." to no avail).
View 5 Replies
View Related
Feb 20, 2013
I am using a bunch of Cisco 1721 routers for my T1 lines. We recently purchased Digi cell modems as a backup for the T1. On configuring vrrp to work on both devices I discovered that IOS 12.3(6c) does not support the "vrrp track" feature. After reviewing the Cisco Feature Navigator I could not see an IOS that will support the vrrp object tracking. Is that correct? The routers have T1 WIC's installed. If it does work what is the latest IOS that will work on this end of life product?
View 1 Replies
View Related
May 5, 2011
I am trying to upgrade IOS on my Nexus7018 from version 5.12 to 5.13. I have managed on all my three out of four Nexus succesfully but one of them is keep coming with this error,
""""N1K-7018-1# install all kickstart bootflash:n7000-s1-kickstart.5.1.3.bin system bootflash:n7000-s1-kickstart.5.1.3.bin
Another install procedure may be in progress. Please try later.
how to find out which other install is running or stop any install procedure.?
View 8 Replies
View Related
Mar 9, 2011
I am running ping between two Nexus 7018 over WAN link ,and I can see some set pattern of packet drop(7.40 % drop) with MTU size 1500.When I ping between my 6500 VSS pair and same Nexus 7018 over different SP WAN link on diffrent location , I am still getting same kind of packet drop (8% drop) with MTU 1500. Has any one else come across this issue with Nexus?
View 1 Replies
View Related
Mar 4, 2013
We have a Nexus 7018 with NX OS 5.2(1), and we were trying to understand somehow the steps to do a VACL, we know that in IOS it would be:
interface GigabitEthernet9/33
description Puerto. Captura
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 19,20
[Code]...
View 2 Replies
View Related
Dec 11, 2011
how to configure QoS on the portchannels from the nexus up to the WLC 5508's?
View 1 Replies
View Related
Nov 28, 2011
I have a serious problem with nexus 7018, there're unicast flooding on one n7k, named n7k-1, which is the member of vPC domain combined with 2 N7Ks. [code]I had clean the mac-address-table, and all mac-address-tables had been synced fine, and the unicast flooding went away.
How could I fix the mac-address sync function between the modules ?
View 6 Replies
View Related
Jan 15, 2013
I've got this syslog alarm from nexus 7018. I am wondering what the slot 19 is here.
2013 Jan 15 23:59:22 r1 %PLATFORM-3-EJECTOR_STAT_CHANGED: Ejectors' status in slot 19 has changed, Top Ejector is OPEN, Bottom Ejector is CLOSE
2013 Jan 15 23:59:24 r2 %PLATFORM-3-EJECTOR_STAT_CHANGED: Ejectors' status in slot 19 has changed, Top Ejector is CLOSE, Bottom Ejector is CLOSE
View 5 Replies
View Related
Oct 26, 2011
Can I configure a DHCP Servero on the Nexus 7018?
View 2 Replies
View Related
Sep 1, 2011
I am trying to determine why hosts off our Nexus 7010s are being picked up in UT. Since LMS 4.0.1, UT should be supported on these devices.When adding the Nexus devices to DCR, provide the netadmin SNMP RO credential.When other SNMP RO credential is provided, user tracking will not collect end host data.I think I have this setup correctly as the device center test passes when cehcking snmp ro credentials.Our 7010s are running NX-OS 5.0(3) - earlier than the recommended version - might that cause issues? We are not using VRFs other than the default and management.
Here is my snmp section:
sh run | sec snmp
ip access-list copp-system-acl-snmp
10 permit udp any any eq snmp
10 permit udp any any eq snmp
20 permit udp any any eq snmptrap
[code]....
View 12 Replies
View Related
Feb 5, 2013
We have the following design in mind
3750 Stack (Voice gateway for phones configured on the 3750 and has a VPC nexus)
+ +
+ +
+ +
(Nexus5596) ++++++++++ (Nexus5596) (Gateway for all other vlan like PC / servers / etc)
+ +
+ +
+ +
3750x access layer (VPC to Nexus)
[CODE].....
View 1 Replies
View Related
Feb 26, 2013
we observe that the process platform causes about 50% cpu load of our Nexus 7010.Could not find any information for what this process is responsible to find out the root cause of the high cpu load.
View 1 Replies
View Related
Apr 7, 2013
Does the ASA treat an object-group with a network-object containing a range of IP addresses as a netmask? For example, I can apply this configuration without the ASA throwing any errors though the configuration calls for a 'net mask':
object-group network test
network-object 192.168.0.0 192.168.63.255
?
network-object-group mode commands/options:
A.B.C.D Enter an IPv4 network mask
sh run ob id test
object-group network test
network-object 192.168.0.0 192.168.63.255
I found that in the documentation it requires a netmask as oppose to a range. Is this a bug in the code? I am running code version 8.0(5)23 on a 5520. If this is not a bug how does the ASA treat this type of configuration when applied to an access list? When I ran a quick packet trace and denied access from that range it looks like the ASA doesn't read that configuration properly.
View 5 Replies
View Related
Feb 21, 2011
We have pair of Cisco Nexus 7018 with four eight port 10gig modules.I have created two VDC's with mixing 10gig ports from diffrent modules.Now we requied some one gig SFP ports and we are planning to buy 48 port 1gig sfp+ card.My question is can
1- Can I still mix and match 1gig and 10 gig ports in two different VDC's? (1-24 for VDC1 and 25-48 for VDC2)
2- All 48 port module hve to allocate to one VDC which alreday have all 10gig ports.
View 3 Replies
View Related
May 18, 2011
I have a situation where my Internet edge routers learn 0.0 from ATT (AS 7018) my provider. I then wish to advertise these learned routes via WAN. However my WAN MPLS provider is also ATT and they use AS 7018 for that as well. When I try to push 0.0 to my other WAN sites 0.0 is suppressed to avoid loops.What's the best way to tell the WAN routers to advertise 0.0 back to the same AS originally learned from?
View 16 Replies
View Related
Apr 3, 2012
I need to enable vPC "peer-switch" command on a pair of Nexus 7018s which are currently vPC peers (primary and secondary). The STP root and Secondary root are currently configured across these switches.Can I enable the peer-switch command in this configuration without impacting services, and then modify both switches to have the same bridge priority without impacting services ? We have a few downstream 5ks which are not dual homed to both vPC peers (work in progress) so need to understand if the peer-switch command will in any way break this connectivity for now.
View 1 Replies
View Related
Jan 6, 2012
Just planning my move to 8.4(2) and I'm looking for some input. In the past, I have a text file with name commands for every host on my network that I know about. I would then deploy this list to all ASAs so that I could create ACLs on any firewall using a name, which would correlate to the same IP on any firewall.Now, the names from the name command no longer work as a host entry in ACLs, therefore I'm required to switch all of my active name command entries over to objects.My question is, have any of you found an easy way to change all name commands to objects? Since the name command doesn't specify the mask of the entry, I think this may not be possible without manually updating thousands of records. I know that once I migrate, there will be some objects auto-created, but those will only be host and or networks which have NATs associated with them.
View 7 Replies
View Related
Mar 7, 2013
We are looking to deploy ISE supporting 5000 devices and would like to use the Cisco UCS platform to host this. Looking at the spec required a C22 M3 would be sufficient; however we would also like to host some UC applications on the same server if resources allow.
Therefore we would like to deploy ISE on a C220 M3 server and connect the associated NIC to a DMZ. We would then like to deploy UC applications such as CUCM and CUPS on the same UCS server with a NIC attached to the internal network.
Also while the UC application would require a UC Foundation License (R-VMW-UC-FND5-K9) whould this also meet the requirements for ISE?
View 1 Replies
View Related
Jun 8, 2011
Is it possible somehow to define externally administred DNS namese in ASA 8.4 in within object groups?i know that we can use name XXX, but some idea popped up using this kind of configuration.
View 3 Replies
View Related
Oct 26, 2011
Environment: Solaris 10(Sparc)
LMS 3.2
RME 4.3.1
CS 3.3.0
CM 5.2
I need to delete a device from CiscoWorks but I cannot find it in the Common Services->Device Management search. I can find it by IP address using the Network->Object Finder . It has an IP address, hostname, display name, and "managed by" information in the search results. Supposedly its managed by:
RME
IPM
DFM(listed twice)
However, when I click on the device link , it has almost no tools available (limited to ping) and no device information. I'm hard pressed on how to delete the item withouth having it in Common Services so that I can select it and then click on "delete" . how I can purge this device?
View 2 Replies
View Related
Dec 18, 2011
We have an ASA5505 that we need to enable hairpinning on.... In the old firmware versions, we used to be able to configure a public to private static mapping along with hairpinning by using
static (inside,outside) outside_ip inside_ip netmask 255.255.255.255
static (inside,inside) outside_ip inside_ip netmask 255.255.255.255
In 8.4, if I use object nat, the hairpin functionality works perfectly,
object network obj-insideip
nat (inside,inside) static publicip
however, since object nat only allows a single nat statement, I was attempting to use a twice nat to enable the hairpin functionality, but have been unsuccessful in coming up with the right combination of parameters for the functionality.
nat (inside,inside) source static private_object public_object destination static public_object private_object
allows hairpinning to successully work from the same machine. Meaning on any given host, I can ping itself using the private or public ip, but I can't get the right combination for hairpinning from any private host to another private host via the public ip. Other combinations have yielded icmp responses, however, they specify the private IP as the source of the reply instead of the public ip.
View 1 Replies
View Related
Aug 19, 2012
There is something wrong with the ordering of our NAT-rules.We are running ASA Version 8.4(2)8 and the nat config is pasted below.
I want outgoing smtp-traffic to be translated to xxx.yyy.zzz.18, but instead it's translated to xxx.yyy.zzz.20 (the outside-interface address).The same goes for ftp-traffic, according to packettracer this is also translated to the xxx.yyy.zzz.20.
Ciscos manual states that static nat rules takes precedence over dynamic nat but that doesn't seem to work for us. [code]
View 7 Replies
View Related
Jul 17, 2011
I'm trying to determine who's throttling our 'Outside' interface because it's being hogged.Is there an easy way to see what data is assigned to what object on our ASA5510
View 2 Replies
View Related
May 26, 2011
I am doing a school research project in which I am setting up an OC-192 ring for a company (contract work through AT&T). I have chosen to use the Cisco ONS 15454 SONET MSPP as my platform. The company currently has locations in Chicago and Philadelphia and connects them through an OC-12C ATM connection and they are looking to add 2 gigabit ethernet connections.My question is what cards and parts will I need for the Cisco ONS 15454 SONET MSPP, and how much will everything cost? I have been searching the internet for components and prices and I have found it extremely difficult to find any information.
View 2 Replies
View Related
Oct 17, 2012
I currently have a 50Mbps Internet Connection provided by an ethernet handoff for hosting some webservers. We are looking at adding an additional 10Mbps Internetn connection and route BGP between the two. For the 50Mbps connection, i'm using a Cisco 2951 router. I also have another 2951 router to terminate the 10Mbps connection. Does these router have enough horsepower to fully route BGP?
View 1 Replies
View Related
Jun 13, 2007
Is there any way to auto migrate my 3030 VPN configuration to an ASA platform?
View 3 Replies
View Related
Nov 27, 2011
I want to select catalyst 3560G for my network. But IOS SLB need to be implemented in my network. I only know catalyst 6500 series can support this feature and i am not sure whether 3560G can support this feature. what platform and IOS version i need to implement IOS SLB?
View 1 Replies
View Related
Mar 22, 2011
A make one BOM and i just ask my self can we order on the one platform ( for example 5510-SEC-BUN-K9 ) SSL Essentials license ( this license is on the platform by default we buy 250 users ) and i need 50 Users license from them to be Premium.
Can i buy those two license on the same platform and is this will work ?
View 3 Replies
View Related
Jan 3, 2012
During WAN troubleshooting, I did a "clear interface ser0/0/0" on a branch router. It has two WAN links. I lost ssh/telnet connectivity but both WAN links were still replying to pings. We did a manual power off of the router to regain connectivity.Is there a known issue with this command on this IOS version? We're using Cisco 2911 platform with IOS 15.1-1.T2 version.
View 1 Replies
View Related
Jan 3, 2013
On one of my computer i'm having multiple issues. when I am on most websites it pops up " TypeError: object unexpected" or just "object unexpected" and I have to refresh the page for them to go away, but if I hit the back button or go to another section of the web page they pop back up. The same computer is now having connection issues and only has "unidentified network no internet access" as the only option, and after everything I have tried it will not budge on the wifi.
View 1 Replies
View Related
Mar 5, 2012
Any way of doing named objects or object groups for ACLs on the ASRs? (1000 series in this case.) I'm setting up an ASR with a zone-based firewall and writing out all the addresses, ports and protocols for the ACLs associated with the various zones is creating huge, unwieldy ACLs in the config.
View 11 Replies
View Related
