Cisco WAN :: Use IP SLA To Monitor Remote Routes On CAT6500?
May 6, 2012
I need to use IP SLA to monitor remote routes on CAT6500
CAT6500 is running "sup-bootflash:s72033-jk9o3sv-mz.122-18.SXD7b.bin" on SUP720
Feature Navigator said it is
ENT FW W/MPLS/IPV6/SSH/3DES After drill down into feature set I found that this version support for IP SLA such IP SLAs - ICMP Path Echo Operation
BUT, back to console I can not do such (config) ip sla command (not found cmd CAT6500(config)# ip sla 1) What I did wrong or others cmd imply this ip sla process?
View 1 Replies
ADVERTISEMENT
Feb 13, 2013
I am planning to implement RMON remote monitoring in my switch will it any huge effect on CPU utlization .Whether it is resource specific .
I am planning to monitor bandwidth utilization of all the ports in my lan using RMON . Is there any alternative o monitor bandwidth utilization ?I am using LMS 4.2
View 3 Replies
View Related
Apr 8, 2011
Is there a way in EIGRP to prefer external routes versus internal routes. EIGRP always picks up internal routes as long as they are available, no matter if external routes have better metric. Our Scenario is that we have DMVPN hub and spoke topology running EIGRP 101. The Core routers also on EIGRP 101 prefer EIGRP 101 routes. We have the new MPLS network running BGP and redistributing these BGP routes into EIGRP 101. The core routers prefer EIGRP 101 routes (internal) to redistributed BGP (external) routes.
View 9 Replies
View Related
Nov 28, 2012
I ran into interesting issue on Sup-2T. As you probably know, QoS CLI is changed on this new supervisor. I'm looking to translate incoming dscp-marked packets, into exp-marked on egress.Now, according to documentation - Catalyst 6500 Release 15.0SY Software Configuration Guide - this functionality is still called mutation-map and is configured under 'platform qos map exp-mutation'. The problem is quite simple – there is no 'platform qos map exp-mutation' on 2 different machines I checked upon. Here:
Some-6513(config)#platform qos ? 10g-only qos pure 10G mode aggregate-policer Named aggregate policer marking marking keyword
police police keyword protocol protocol keyword queueing-only queueing-only (no QoS rewrite, no policing) rewrite packet qos rewrite enable/disable statistics-export qos statistics data export
View 2 Replies
View Related
Jan 9, 2012
I am running a smaller hosting company and i am currently looking at a Cat6506 switch with a SUP720 Supervisor Engine. I have also been looking at a Cat6509 with a SUP2-GE Supervisor Engine. At the moment i am getting my connection from a ISP but i am going to get my own BGP AS now.. My question is just, how much will the SUP720 be able to route, and how many routes will i need to get it to route my packets in and out of my AS? I have seen that the full BGP table is over 400,000 and the SUP720 is only capable of 256,000, but do i really need the full table? I
major differences between the SUP720 and SUP2-GE Supervisor Engines?
View 7 Replies
View Related
Jul 31, 2011
I have to do a policy route on my cat6500. basically, I want to redirect all traffic from 10.1.1.100 to internet address xxx.xxx.xxx.xxx to another machine 10.1.1.101. however, the 10.1.1.100 and 10.1.1.101 are in save subnet. not directed to cat6500, but both connecte to same switch which is linked to cat6500. However the 10.1.1.101 is not a cisco router. but some sort of equipment which change traffic and pass them to another subnet.
that means can I do below:
access-list 101 permit ip host 10.1.1.100 host xxx.xxx.xxx.xxx
route-map reroute permit 10
march ip address 101
[Code].....
View 1 Replies
View Related
Apr 9, 2012
we have two wisms in a cat6500, I wonder how can you log into the wism from the switch. to be more specifically, how can I know the processor number?
View 4 Replies
View Related
Mar 17, 2012
I want to use the ACE blade in CAT6500 to loadbalancing SYSLOG events towards (SIEM) collectors. Servers and network devices will sent there syslog messages to different collectors after being loadbalanced by ACE. I was just wondering, since a lot of clients are going to sent there complete syslog events to the VIP and thus introducing a high connection rate. (+/- 200.000 CPS) According to the specs, the ACE blade has a limitation of 325.000 connection per second. I suppose this is a limitation at device level. (not on a per context basis, and does that include both TCP and UDP packets?) Could the UDP BOOST feature might come in handy allowing very high rate UDP syslog packet loadbalancing?
View 2 Replies
View Related
Jun 19, 2012
how to clear vty line? Please see below. A sh tcp <line number> shows that the TCB is waiting for TCP Process. The TCP processs TCB is waiting for is SSH. I believe because of this ssh process still running, the vty line cannot be cleared.
sh users
Line User Host(s) Idle Location
1 vty 0 pf 10.10.20.8 9w1d 10.10.1.54
2 vty 1 pf 10.10.1.16 35w0d 10.10.1.54
3 vty 2 pf 10.10.1.16 1y14w 10.10.1.54
[code].....
View 7 Replies
View Related
Jan 1, 2012
What this crash means? This is a 6509 with a single Sup720 Cisco IOS Software, s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXI, RELEASE SOFTWARE (fc2)System returned to ROM by s/w reset at 04:42:07 PST8PDT Mon Jan 2 2012 (SP by bus error at PC 0x40C6681C, address 0x424B).
View 1 Replies
View Related
May 22, 2012
i have fwsm in cat6500, i have one firewall vlan group which is in firewall module 1 vlan group 10. I need tocreate another vlan group and add to firewall module 1 vlan group 10, 20. i need to have zero downtime.
View 2 Replies
View Related
Jun 4, 2012
I am planning to upgrade my cat6500 using ISSU but can not find my doc to follow yet.
View 1 Replies
View Related
Jan 3, 2013
I am trying to figure out if the new code for ASA SM 9.0(x) or 9.1 is compatible with CAT6500 but I could not find any document that explicity confirms the the INCOMPATIBILITY. This table from the Release notes is not quite clear.
[URL]
It says that code 8.5 is compatible with Cat6500 and version 9.X is compatible with R7600.So are the two different trains now, one for Cat6500 and one for R7600?
My real goal is to find the correct software versions (not interim) that provides compatilibity with Catalyst 6500 with Supervisor 2T and ASASM.
View 3 Replies
View Related
Apr 12, 2012
Using the new SUP-2T, need to clarify one query. If we are using the new SUP-2T in VSS mode, will the new ASA service module and NAM-3 are supported? From Cisco site, ASA module FAQ:
Q. Will the ASA Services Module support the Cisco Catalyst Virtual Switching System (VSS) at FCS?
A. Yes, depending on which supervisor you use. The ASA Services Module supports VSS either as a single firewall or as a failover pair of firewalls, when used with the Supervisor 720-10G (VS-S720-10G-3C and VS-S720-10G-3CXL). Transparent and multi- context modes also work with the VSS in this configuration. However, though the SUP 720-3B (WS-SUP720-3B and WS-SUP720-3BXL) is supported by the ASA Services Module, it is not capable of supporting the VSS. No reference to Supervisor-2T.
View 2 Replies
View Related
Oct 30, 2012
We have IP device on the farm switch(cat6500, which is an access layer siwtch), with the gateway on the core switches (Nexus7000), on the core when I do show ip arp, I found the mac.But when I do sh mac add add of that mac there is no port attached to that mac.
Since that particular vlan only resides on the cat 6500 and two cores, so I logged in to the 6500, and when I show mac- in that vlan, I didn’t find that mac addresss. Instead, I found another mac address with last 8bit are the same of that mac.
Is it some kind VIP of the mac? How so, if no port, how can the switch forward the frame? [code]
View 1 Replies
View Related
Jan 11, 2012
I wonder whethere it is possible to check the the IOS version on the standby sup720 of a 6500? if yes, what command would you use?
View 5 Replies
View Related
Jul 24, 2011
I have 2 FWSM running on 2 Cat6500 chassis, they work as a Active/Stanby group. Firewall mode is transparent. [code] HA is running well, but I can not ping the standby IP (10.98.1.248). So what could be the problem?
View 3 Replies
View Related
Mar 16, 2011
i will be creating combination of SPAN and RSPAN on catalyst 6506 according to the link
[URL]
im planning to implement this on two 6506 switches will this work? or do i violate the number of monitor session? sorce span?
sw1
monitor session 1 source interface Fa5/18monitor session 1 destination interface Fa5/48
monitor session 2 source interface Fa6/34monitor session 2 destination interface
[Code].....
View 1 Replies
View Related
Nov 15, 2012
I get a unclear log entry in a VSS system.
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
Me_Kr #1 ME_KR_ERROR_CNT_LTL_PARITY_ERR_ITRP_0_0[01C8] : INTR= 0001 MASK= 0001
[code]....
View 1 Replies
View Related
Mar 27, 2013
I am having problems with IGMP and QoS on CAT6500 platform with SUP720 engine.The problem is, it seems that all IGMP packets are getting marked with DSCP 48 when sent out of the switch regardless of any input service policy. I found several articles saying that PFC QoS does not apply to IGMP packets. However in IOS 15 that should be possible, but I didn't get it to work there either. [code]
View 0 Replies
View Related
Nov 14, 2011
Assuming I have the following setup: Cisco 7604 Cisco Systems Cisco 7600 4-slot Chassis System OSR-7600 Clock FRU 1 & 2WS-F6K-MSFC2A Cat6k MSFC 2A daughterboard Rev. 4.0 WS-F6K-PFC3B Policy Feature Card 3 Rev. 2.4 WS-SUP32-GE-3B 9 ports Supervisor Engine 32 8GE Rev. 4.6 WS-X6148A-GE-TX 48-port 10/100/1000 RJ45 EtherModule Rev. 4.1WS-X6548-GE-TX SFM-capable 48 port 10/100/1000mb RJ45 Rev. 11.3 The SUP32-3c says it supports both L2VPN and L2TPv3, however the line cards are effectively 6500 line cards and I was under the impression the 6500 didn't support these.
If the supervisor supports a feature does that mean it is globally supported on a switch? Or do I need to check the compatibility of these line cards as to if they support these features?
View 1 Replies
View Related
Feb 10, 2013
I recently rebuilt the configuration of our Cat6500 multilayer device for use as a user stack. The device is funtioning as it should be, but I am unable to set SSH using the 'crypto key generate rsa' command. The crytop command isn't avaiable at all, which suggests a firmware issue.
I have configured a hostname and Ip domain-name and the image is the only one available.
The show version output is listed below.
show verCisco Internetwork Operating System SoftwareIOS (tm) s72033_rp Software (s72033_rp-IPSERVICES_WAN-VM), Version 12.2(18)SXF12, RELEASE SOFTWARE (fc2)Technical Support: [URL] Copyright (c) 1986-2007
[Code].....
View 2 Replies
View Related
Jan 30, 2013
i have a campus network with 2 core Cat6500 and multiple 4500 series distribution switches plus 2960 series access switches,we have deployed IPTV system in the network but currently 50 TVs are working through sattelite stream from streaming server Cisco's DCM 9900.we are planning to add more 300 TVs in the network and i am wondering that when all of them will be deployed then what will happen for switches cpu utilizations when all the Tvs will be running on the same time with different different channels.
View 1 Replies
View Related
Apr 17, 2013
If I monitor a trunkport on the rootbridge in both directions I get Duplicate Multicast Packets on the perticular VLAN. The first guess is, that this is worked as designed and not a IOS Bug (Platform CAT6500 SUP720 IOS 12.2(33)SXI9 ) Until know I only found an old Cisco press link from 2002 with this subject.
View 2 Replies
View Related
Feb 4, 2013
We have a BGP / OSPF configuration as shown in the topology picture. When the connection towards Internet is taken down, we expect the traffic to be forwarded toward WAN 2 (preferred) or WAN 1. The problem is that the BGP learned routes disappears when the Internet connection is taken down. The IP routing table on R2 only shows internal networks and the networks between R2 and WAN 1 and 2. No routes to internet is shown. We run "show ip bgp neighbors <ip-to-wan-1-router> received-routes" it contain internet routes. And when we run "show ip bgp neighbors <ip-to-wan-1-router> routes" it contains no routes at all.
View 2 Replies
View Related
Jul 24, 2011
How many routes support 7206VXR with NPE-G2?
View 2 Replies
View Related
Jan 23, 2011
I want to know the number of routes supported by CISCO3825-HSEC/K9(512MB DRAM).
View 2 Replies
View Related
Feb 15, 2011
I have an ASA 5510 that is configured for a remote access VPN
When users login, they are given an address from a locally defined pool (172.16.101.1-254 /24). Users can log in fine.
I have enabled EIGRP on the ASA and I have configured the following to be advertised:
1. 0.0.0.0 (default)
2. 172.16.100.0 /24 (dmz network)
3. 172.16.101.0 /24 (vpn pool)
I have also enabled reverse-route injection.
The problem I am having is that the VPN pool network is not being advertised via EIGRP, but the other networks are.
The other issue I am having is that even though I have created access-lists that allow the inside network (10.0.0.0) to ping the DMZ interface (172.16.101.1) on the ASA, the ASA is not allowing it. I have also created an ACL that allows the DMZ interface to ping inside, but this fails as well.
View 1 Replies
View Related
May 20, 2012
I am running an ASA with 8.4(3) and am trying to setup a dynamic VPN tunnel. We are having a business reason to establish a VPN tunnel to customers who do not have nailed down IP addresses. Now I found a number of documents that outline the steps involved. It seems the basic steps were to Establish a regular tunnelAdd dynamic crypto mapAssign the dynamic crypto map to the tunnel created under step 1. While this sounds pretty straight forward and simple, while prepping for doing just this I hot a road block while thinking it through. In order for my ASA to put anything into the tunnel it has to have a route to the remote network pointing at my VPN peer at the end of the tunnel. How do I do this in a dynamic tunnel? How do I add a dynamic route so the ASA knows which tunnel to stuff the traffic into? How do I stop the traffic from just being send to the Internet?
View 1 Replies
View Related
Dec 12, 2012
I'm trying to set up a Cisco ASA 5505. I'm mainly setting things up through ASDM but I also have console access. Right now while I'm setting it up I have the outside/Vlan2 port attached to my existing network and a laptop connected to the inside/Vlan1 port. More info about that:
interface Vlan1
nameif inside
security-level 100
[Code]....
Before I added that last "0.0.0.0" entry, the ASA would not see anything on the internet. Now I can ping any external IP address from the router's console. However, the laptop I have connected to the 'inside' port still cannot reach any IP address outside the 10.10.153.0 network. Every time I try to add a similar route for the 'inside' interface, I get the following error: "You have another route configured for this network any which has same gateway 10.10.152.1 and same metric 1. You cannot add a duplicate route." I know I'm misunderstanding something here. In order to make devices connected to the 'inside' port connect to the internet, I need to set up a new route that will direct these devices to 10.10.152.1, right?
View 9 Replies
View Related
Jul 5, 2011
For ASR1000 to support 4M routes, RP2 must be used.
1) RP2 need to have 16GB memory in order to support 4M routes?
2) Need to use ESP20/40 together with RP2?
3) If RP2 + ESP10, supporting route table size down to 1M?
4) 4M routes is shared for both IPv4 an IPv6?
5) SIP card will affect route table size?
View 1 Replies
View Related
Mar 10, 2013
I'm using a Catalyst 4500 switch (C4507R+E) with Sup 7E. Cisco Datasheet of this switch says that it can learn maximum 256K IPV4 routes. Currently it just learns 10330 ipv4 routes. However when I show platform hardware ip route summary, it seems that the FIB is just free 100K routes as below output:
Entity total used free util%
Entries 260096 10332 249764 3
UC Ipv4 110592 10331 100261 9
unused 147456 147456 0 100
My question is: Can I make use of all 147456 unused routes? Or these ones have to use for any special purpose?
View 1 Replies
View Related
Nov 15, 2011
In my live VPN concentrator at work, my 5520 is showing a static route for each VPN client that is connected to my SSL vpn right now. This kind of confused me because wouldn't only one route to the address pools subnet be needed for my vpn users?
View 12 Replies
View Related
