Hello,
with this new player design, did we lost the bookmark feature? It was very useful. I don't find it anymore :(
thanks
↧
Video, ATC bookmark
↧
Configuration: Spoiler Alert (ATC Labs)
Please hide the configuration under the tasks for the new v5 ATC labs. At minimum, add some white space. It sucks inadvertantly seeing the config before having a chance to think about the solution.
↧
↧
Full scale lab diagram
Hi All,
Where can I see the logical topology diagram for full scale lab (20 routers topology). I am not purchased the workbook till now.
Thanks,
Arun Mohan
↧
OSPFv3 topology
Hi; I have this topology and have redistributed between OSPF 1 and EIGRP 1 matually on R2 and R5.
I tested OSPFv3 topology on R6 to check Inter-area Router LSAs. the results was like this:
R6#sh ipv6 ospf data inter-area router
OSPFv3 Router with ID (6.6.6.3) (Process ID 1)
Inter Area Router Link States (Area 0)
Routing Bit Set on this LSA
LS age: 44
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Inter Area Router Links
Link State ID: 33686019
Advertising Router: 4.4.4.3
LS Seq Number: 80000006
Checksum: 0xC80E
Length: 32
Metric: 10
Destination Router ID: 2.2.2.3
LS age: 44
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Inter Area Router Links
Link State ID: 84215043
Advertising Router: 4.4.4.3
LS Seq Number: 80000007
Checksum: 0xE4A8
Length: 32
Metric: 64
Destination Router ID: 5.5.5.3
LS age: 1938
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Inter Area Router Links
Link State ID: 33686019
Advertising Router: 5.5.5.3
LS Seq Number: 80000006
Checksum: 0xCECE
Length: 32
Metric: 64
Destination Router ID: 2.2.2.3
why R6 did not get total of 4 inter-area router LSA from 2 ABRs? (2 from R2 and 2 from R5)? in this scenario the R5 is ABR and ASBR. as seen above, R5, as ABR, just sends information about another ASBR (R2) and don't advertise information about itself (that is another ASBR). why?
↧
Section - IPsec VPN, Task - DMVPN with IPsec
Hi all,
So I worked my way through the DMVPN configuration using the templates found in Cisco's documentation
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn.html#GUID-256CDAE0-7CDF-4D92-ACF7-F2C7F35BB59C
Problem:
No spoke to spoke connectivity once IPsec is applied
Spoke to spoke works without IPsec
Next hop always resolves to R5, but R5 knows about the nbma mappings to other peers (see in bold)
----------------------------------------
I finally wiped the configs on my router, and copied and pasted INE's config from the solution guide and the result is still the same. No spoke to spoke connectivty I don't know what I'm missing. Any help would be appreciated.
If I keep the crypto config and remove the protection profile using
"no tunnel protection ipsec profile DMVPN_PROFILE"
it works perfectly again.
Here's the output once the crypto configuration is applied.
R1#ping
R1#ping 155.1.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 155.1.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R1#ping
R1#ping 155.1.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 155.1.0.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#show ip nh
R1#show ip nhrp
155.1.0.2/32 via 155.1.0.2
Tunnel0 created 00:00:13, expire 00:02:51
Type: dynamic, Flags: used temporary
NBMA address: 169.254.100.5
155.1.0.5/32 via 155.1.0.5
Tunnel0 created 00:00:21, never expire
Type: static, Flags: used
NBMA address: 169.254.100.5
R1#
R1#show ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is 155.1.0.5 to network 0.0.0.0
R* 0.0.0.0/0 [120/1] via 155.1.0.5, 00:00:10, Tunnel0
150.1.0.0/32 is subnetted, 5 subnets
R 150.1.2.2 [120/2] via 155.1.0.2, 00:00:10, Tunnel0
R 150.1.3.3 [120/2] via 155.1.0.3, 00:00:10, Tunnel0
R 150.1.4.4 [120/2] via 155.1.0.4, 00:00:10, Tunnel0
R 150.1.5.5 [120/1] via 155.1.0.5, 00:00:10, Tunnel0
155.1.0.0/16 is variably subnetted, 11 subnets, 2 masks
R 155.1.5.0/24 [120/1] via 155.1.0.5, 00:00:10, Tunnel0
R 155.1.23.0/24 [120/2] via 155.1.0.2, 00:00:10, Tunnel0
R 155.1.37.0/24 [120/2] via 155.1.0.3, 00:00:10, Tunnel0
R 155.1.45.0/24 [120/1] via 155.1.0.5, 00:00:10, Tunnel0
R 155.1.58.0/24 [120/1] via 155.1.0.5, 00:00:10, Tunnel0
R1#ping
R5#show dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface: Tunnel0, IPv4 NHRP Details
Type:Hub, NHRP Peers:4,
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 169.254.100.1 155.1.0.1 UP 00:10:58 D
1 169.254.100.2 155.1.0.2 UP 00:11:17 D
1 169.254.100.3 155.1.0.3 UP 00:11:42 D
1 169.254.100.4 155.1.0.4 UP 00:12:12 D
R5#show version
Cisco IOS XE Software, Version 03.12.00.S - Standard Support Release
Cisco IOS Software, CSR1000V Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.4(2)S, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Wed 26-Mar-14 21:09 by mcpre
========================================================================================
Here's the configs i used for R1-R5
#Hub
interface Tunnel0
ip address 155.1.0.5 255.255.255.0
ip mtu 1400
ip nhrp authentication NHRPAUTH
ip nhrp map multicast dynamic
ip nhrp network-id 1
ip nhrp holdtime 300
no ip split-horizon
! no ip next-hop-self eigrp 1
ip tcp adjust-mss 1360
delay 1000
tunnel source gigabitEthernet 1.100
tunnel mode gre multipoint
tunnel key 2
router rip
version 2
no auto-summary
network 150.1.0.0
network 155.1.0.0
passive-interface default
no passive-interface tunnel 0
---------------------------
#Spoke
interface Tunnel0
ip address 155.1.0.4 255.255.255.0
ip mtu 1400
ip nhrp authentication NHRPAUTH
ip nhrp map 155.1.0.5 169.254.100.5
ip nhrp map multicast 169.254.100.5
ip nhrp network-id 1
ip nhrp holdtime 300
ip nhrp nhs 155.1.0.5
ip tcp adjust-mss 1360
delay 1000
tunnel source gigabitethernet 1.100
tunnel mode gre multipoint
tunnel key 2
!
router rip
version 2
no auto-summary
network 150.1.0.0
network 155.1.0.0
passive-interface default
no passive-interface tunnel 0
------------------------------------
# Hub/Spoke
crypto isakmp policy 1
encr aes
hash sha256
authentication pre-share
group 16
#crypto isakmp key DMVPN_PSK address 0.0.0.0
crypto isakmp key DMVPN_PSK address 169.254.100.5
crypto ipsec transform-set TRANSFORM_SET esp-aes 256 esp-sha512-hmac
mode transport
crypto ipsec profile DMVPN_PROFILE
set transform-set TRANSFORM_SET
interface Tunnel0
tunnel protection ipsec profile DMVPN_PROFILE
end
↧
↧
L2VPN no Layer 2 connectivity
Hi,
I have no problem connecting to INE both the crypto and xconnect are up. I am also able to see on my switch via cdp at the INE switch CO-EoR-L2TP-SW. However that is as far as I get!!! I do not see any mac addresses coming from the trunk port on my switch from INE and on the INE switch I do not see my switch via CDP or any mac addresses.
Here is the configuration for my switch which is currnently connected to corack1:
PLEASE I am dying to start doing labs!!
SWITCH
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CCIE-VOICE
!
boot-start-marker
boot-end-marker
!
!
!
username cisco privilege 15 password 0 cisco
no aaa new-model
system mtu routing 1504
vtp mode transparent
!
!
!
!
!
crypto pki trustpoint TP-self-signed-633617792
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-633617792
revocation-check none
rsakeypair TP-self-signed-633617792
!
!
crypto pki certificate chain TP-self-signed-633617792
certificate self-signed 01
30820240 308201A9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 36333336 31373739 32301E17 0D393330 33303130 30303134
315A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3633 33363137
37393230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
ABA4DE08 DD221466 DA03FB99 C48F7BDE 36C3C64E 23C2C16E C7F0228B F467DB54
7B7F48F7 17371752 AB4EB405 42C9A802 BCB0E5A4 32CA5332 B2AAE2CF F42F764F
4B27F9F2 FC3BBB6E 262DC416 58856DFC D9869EC1 17FDEAB8 214B2A38 7649B13D
E93C4637 F8C004A5 E2C127D7 DE3C0F94 7E69ED48 00F4B6FC 1AC806CC D428AD39
02030100 01A36A30 68300F06 03551D13 0101FF04 05300301 01FF3015 0603551D
11040E30 0C820A43 4349452D 564F4943 45301F06 03551D23 04183016 80145CD1
31B16FD5 8C9A9C54 C3D3F4ED 81954DE7 0104301D 0603551D 0E041604 145CD131
B16FD58C 9A9C54C3 D3F4ED81 954DE701 04300D06 092A8648 86F70D01 01040500
03818100 2405752B AA876BCF EFB6ABA7 CC3020C8 D122EC71 3549B194 4A5945BD
CF864580 570992BB 2CD599EE 21076D9A 713F3145 01CECDCE 2A367796 EEF2A673
836EB0C0 4C086FED FF628C4D 0002756F 1B4C80BB D1A30263 93D6E780 6FEA1864
D2E4992F 47DD1295 4B4D33AE D15FECB8 01CA2B3E F919429C 105FF8B8 0164565D 6E57077C
quit
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10,2011-2016,2021-2022
!
interface GigabitEthernet0/1
switchport access vlan 2011
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
!
interface GigabitEthernet0/2
switchport access vlan 2012
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
!
interface GigabitEthernet0/3
switchport access vlan 2013
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
!
interface GigabitEthernet0/4
switchport access vlan 2014
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
!
interface GigabitEthernet0/5
switchport access vlan 2015
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
!
interface GigabitEthernet0/6
switchport access vlan 2016
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
switchport trunk encapsulation dot1q
switchport trunk native vlan 2999
switchport trunk allowed vlan 2000-2999
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
switchport access vlan 10
!
interface GigabitEthernet0/24
switchport trunk encapsulation dot1q
switchport trunk native vlan 2999
switchport trunk allowed vlan 2000-2999
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 192.168.200.143 255.255.255.0
!
ip http server
ip http secure-server
!
logging esm config
!
line con 0
line vty 0 4
login local
line vty 5 15
login
!
end
Router
pseudowire-class L2VPN
encapsulation l2tpv3
ip local interface Loopback0
ip pmtu max 1400
crypto ipsec client ezvpn INEVORACK
connect auto
group corack1 key XXXXXX
mode network-extension
peer 75.140.41.126
xauth userid mode interactive
interface Loopback0
description L2VPN
ip address 11.11.11.253 255.255.255.255
crypto ipsec client ezvpn INEVORACK inside
interface Vlan1
description LAN
ip address 192.168.200.254 255.255.255.0
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1412
crypto ipsec client ezvpn INEVORACK inside
interface Dialer1
description To-ISP
ip ddns update no-ip
ip address negotiated
no ip redirects
no ip unreachables
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username greglynn@INetvision password 0 XXXXXXX
ppp ipcp dns request
no cdp enable
crypto ipsec client ezvpn INEVORACK
Home-Router#sh xconnect all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Fa2(Ethernet) UP l2tp 11.11.11.254:123 UP
Home-Router#sh l2tun session
L2TP Session Information Total tunnels 1 sessions 1
LocID RemID TunID Username, Intf/ State Last Chg Uniq ID
Vcid, Circuit
3003870272 25082 3446184502 123, Fa2 est 01:41:18 1
↧
OSPF filtering with route-maps - anyone get it working filtering on route-source?
I spent ages on this - tried to get it working using a route-map that matched routes advertised by R4 using the route-source in the route-map, but no joy whatsoever. Anyone else have any success using this method?
I know this doesn't fulfil the task correctly btw, but it should work no?
ip prefix-list r4 seq 5 permit 150.1.4.4/32
route-map 146 deny 10
match ip route-source prefix-list r4
!
route-map 146 permit 20
router ospf 1
distribute-list route-map 146 in
↧
OTV Duplicate IP (HSRP)
Hi, I have a pretty tough to troubleshoot issue with duplicate IP alerts on my OTV setup, if anyone has ideas I would be very grateful!
I have 2 sites, each site has 2 7K's. OTV is setup and working perfectly between sites for layer 2 vlans..........Until I create an SVI HSRP group for one of those vlans. As soon as i span an SVI i immediately start to get duplicate ip address warnings on the 7K main VDC.
%arp-2-DUP_SRC_IP: arp [6976] source address of packet received from d867.d970.7620 on Vlan 400(port-channel40) is duplicate of local 172.20.10.10
Port-channel40 is the VCP link to the other 7K on the same site. I get this on all the 7K's and its always seeing the duplicate IP over the VPC link.
I have the filters on each of the 4 OTV VDC's:
ip access-list ALL_IPs
10 permit ip any any
ip access-list HSRP_IP
10 permit udp any 224.0.0.2/32 eq 1985
20 permit udp any 224.0.0.102/32 eq 1985
vlan access-map HSRP_Localization 10
match ip address HSRP_IP
action drop
vlan access-map HSRP_Localization 20
match ip address ALL_IPs
action forward
vlan filter HSRP_Localization vlan-list 10
mac-list OTV_HSRP_VMAC_deny seq 10 deny 0000.0c07.ac00 ffff.ffff.ff00
mac-list OTV_HSRP_VMAC_deny seq 20 deny 0000.0c9f.f000 ffff.ffff.f000
mac-list OTV_HSRP_VMAC_deny seq 30 permit 0000.0000.0000 0000.0000.0000
route-map OTV_HSRP_filter permit 10
match mac-list OTV_HSRP_VMAC_deny
otv-isis default
vpn Overlay0
redistribute filter route-map OTV_HSRP_filter
Any help would be awesome!!!
↧
EIGRP Metric Weights
Hi guys,
I would really appreciate your help. I don't know why but I'm almost never able to calculate the composite metric correctly myself. Could someone shed some light on what I'm doing wrong?
R9#show ip proto | i eigrp|Metric.weight
Routing Protocol is "eigrp 100"
Metric weight K1=0, K2=0, K3=1, K4=0, K5=0 K6=0
!
R9#show eigrp address-family ipv4 topology 150.1.9.9/32
EIGRP-IPv4 VR(MULTI-AF) Topology Entry for AS(100)/ID(150.1.9.9) for 150.1.9.9/32
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 81920
Descriptor Blocks:
0.0.0.0 (Loopback0), from Connected, Send flag is 0x0
Composite metric is (81920/0), route is Internal
Vector metric:
Minimum bandwidth is 8000000 Kbit
Total delay is 1250000 picoseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1514
Hop count is 0
Originating router is 150.1.9.9
!
Metric = [(K1*Minimum Throughput + {K2*Minimum Throughput} / 256-Load) + (K3*Total Latency) + (K6*Extended Attributes)]* [K5/(K4 + Reliability)]
With only K3 = 1 and the other K values = 0
Metric = (K3*Total Latency)
Total Latency for bandwidths above 1 gigabit = (10^7* 65536/10)/ Bw
Metric = (10000000*65536/10) / 8000000 = 65536000000 / 8000000 = 8192 --> different than 81920 as shown in the command output
Thanks a lot!
Marc-Andre
↧
↧
"%The input file is not a valid config file."
I'm having issues loading the recently released configuration files (troubleshooting, full scale, etc) for the R&Sv5 onto my own set of CSR1000Vs.
The error I am getting when I do a "config replace flash:[name of config file].txt" is "%The input file is not a valid config file.".
For some reason, the "R1.txt" files work correctly, but the others do not. For example, when I do a "more flash:R2.txt", I get something similar to the following:
R2#more flash:R2.txt
00000000: FFFE6500 6E006100 62006C00 65000D00 .~e. n.a. b.l. e...
00000010: 0A006300 6F006E00 66006900 67007500 ..c. o.n. f.i. g.u.
00000020: 72006500 20007400 65007200 6D006900 r.e. .t. e.r. m.i.
00000030: 6E006100 6C000D00 0A006E00 6F002000 n.a. l... ..n. o. .
00000040: 73006500 72007600 69006300 65002000 s.e. r.v. i.c. e. .
00000050: 74006900 6D006500 73007400 61006D00 t.i. m.e. s.t. a.m.
00000060: 70007300 20006400 65006200 75006700 p.s. .d. e.b. u.g.
I assumed it was something to do with the way the files were originally saved, so I spent ~2 hours performing a massive copy / paste into new files and then trying to "replace" them onto the routers.
Now, when I do a "more flash:R2.txt" the output is the same as original ATC files (i.e. they are readable), but the same "%The input file is not a valid config file." error is seen.
I did it this way around 3 months ago when the R&Sv5 ATC was released and I have had no issues thus far with those files.
I've even gone so far as to compare them with a program called "Compare It!" and it reports that they are "identical" but they obviously are not (one works, and the others do not).
The only way I've been able to use the provided files are to copy them to "start" and then reload the routers, but that takes a long time so I'd prefer to find the solution as to why "config replace" doesn't work correctly.
Any help would be greatly appreciated.
Thanks,
Brady
↧
OTV : Overlay not fwd-capable
I tried OTV with basic topology like in INE workbook.
4900 --(VL900)--N7K ---(OTV-VL999)----N7K -(VL900)--4900
OTV peering is up:
N7010-01(config)# sh otv
OTV Overlay Information
Site Identifier 0000.0000.0101
Overlay interface Overlay12
VPN name : Overlay12
VPN state : UP
Extended vlans : 900 (Total:1)
Control group : 224.12.12.12
Data group range(s) : 232.12.12.0/24
Broadcast group : 224.12.12.12
Join interface(s) : Eth8/1 (12.12.12.1)
Site vlan : 999 (down)
AED-Capable : No (Site-VLAN is Down)
Capability : Multicast-Reachable
N7010-01(config)# sho otv isis adjacency
OTV-IS-IS process: default VPN: Overlay12
OTV-IS-IS adjacency database:
System ID SNPA Level State Hold Time Interface Site-ID
N7010-02 68bd.abd6.1ec1 1 UP 00:00:57 Overlay12 0000.0000.0102
but Site Vlan 900 is down :
N7010-01(config)# sh otv vlan detail
OTV Extended VLANs and Edge Device State Information (* - AED)
Legend: F - Forwarding B - Blocked
Legend:
(NA) - Non AED, (VD) - Vlan Disabled, (OD) - Overlay Down
(DH) - Delete Holddown, (HW) - HW: State Down
(NFC) - Not Forward Capable
VLAN Auth. Edge Device Vlan State Overlay
---- ----------------------------------- ---------------------- -------
900 inactive(NFC) Overlay12
MRD packets originated: 236
N7010-01(config)# sh otv internal vlan 900
OTV Extended VLANs and Edge Device State Information (* - AED)
VLAN : 900
Auth. Edge Device :
Vlan State : active
Overlay : Overlay12
Vlan Oper State : Down
Site-Vlan : Down
AED : No
Back-Up AED : No
AED version : 0
Aed-takeover : No
Fwd capable : No (Overlay not fwd-capable)
Mfwd EOR Complete : No
ISIS Ctrl Sync Done : No
Fwd Ready : No
Vlan Info Reason : None
Vlan State : NO_EVENT_PENDING
Vlan Recent Event : VLAN_EVENT_ADD_BEGIN
Vlan AED State : OTV_PLATFORM_VLAN_STATE_NON_AED
Vlan Phase : None
Root Bridge ID : ffff.ffff.ffff
Trans Vlan ID : 900
Vlan 900 is active, trunk between 7K and 4900 is up, vlan 900 allowed.
Question :
1. What this error means ?
2. What i should check next ?
↧
Documentation link to AD agent config
Hello,
I am currently working on Identity firewall topic. I need help on how to lookup the command through documentation without searching this has really been tough.
↧
Replace Called Party Number with Redirecting Number
I have looked high and low and havn't found an answer to this yet... it seems like a fairly common use case though...
When using two PRI carriers I have the first carrier configured with Direct Termination Overflow (DTO) and an unreachable destination that points to a phone number with another carrier . When the second carrier delivers the calls over the PRIs they are of course rewritten with a new "Called Party Number" ie a DID that carrier 2 controls and that the call was redirected to.
Is there a way to re write the Called Party Number with a portion of the Redirecting Number on inbound calls? Currently the gateways are configured with MGCP back to CUCM but changing the setup over to SIP would be fine.
Example:
Calling from 5555550001 to 5555550002 being redirected to 5555550003
The Call flow would look like this:
5555550001 Calls 5555550002 -> Carrier 1 (PRI is down / busy) -> Forward to 5555550003 -> Call comes into Carrier 2 -> Carrier 2 sends call down PRI toward our system -> Call comes into gateway with DID of 0003 and I would like to rewrite it to the the last 4 digits of the redirect number (5555550002 in this example)
debug isdn q931 output.
.....
before:
Progress Ind i = 0x8283 - Origination address is non-ISDN
Calling Party Number i = 0x2183, '5555550001'
Plan:ISDN, Type:National
Called Party Number i = 0x80, '0003'
Plan:Unknown, Type:Unknown
Redirecting Number i = '!', 0x0080, '5555550002'
Plan:ISDN, Type:National
After proposed rewrite or translation:
Progress Ind i = 0x8283 - Origination address is non-ISDN
Calling Party Number i = 0x2183, '5555550001'
Plan:ISDN, Type:National
Called Party Number i = 0x80, '0002'
Plan:Unknown, Type:Unknown
The new Called Party Number must be the last 4 digits of the Redirecting Number.
↧
↧
LAB1 Config + TS GNS3 topologies
Hi all,
I created both Config and TS GNS3 topologies with start config. You can download it here:
http://howdoesinternetwork.com/2014/gns3-lab1-ts
Regards,
V
↧
BFD Gone Crazy?
I'm using the INE rack and am noticing what looks to be instability issues for BFD (unreleated to the R5 trouble ticket). Does anyone else have R3 continuously boucning OSPF neighbors? After disabling BFD the environment seemed much more stable.
↧
OSPF Global Timers
For following task
- LSA throttling to generate subsequent LSAs after 10 ms, to wait at least 4 seconds to generate the next LSA, and no more than 6 seconds between generation of same LSA.
The anser shows
timers throttle lsa all 10 4000 6000However my ios version (15.2(4)S3) do not have option "all" (The persar takes the option but will now show with ? )
What does "all" option means?
↧
Remove: %LICENSE-1-EXPIRED: License for feature prem_eval 1.0 has expired
All,
I have just started getting the licence expired messages, they pop up ever 5 minutes on the console.
They get pretty anoying pretty quickly,
To remove them add:
!
conf t
logging discriminator EXCESS severity drops 0,1,2,3,4,5,6,7 msg-body drops EXPIRED
logging buffered 50000
logging console discriminator EXCESS
end
!
I just removed 0-7 for all severity levels, there probably level 4 notifactions if you wanted to be granular.
Hope this nugget helps someone.
\Sam
↧
↧
vPC Labs - Nexus Technology Lab workbook
Dear All,
I have a question on booking the INE rack rental for practicing vPC Labs - Nexus Technology Lab workbook.
I could see in all vPC Labs, Servers are directly connected to Nexus and not FEX, does this mean I do not need to book the FEX add on module to practice the vPC lab or am I missing something.
↧
L3 IPSec tunnel issue
I'm stuck trying to set up L3 IPSec tunnel to the rack. I've copy all the config on the lab guide and change group coracktest key coracktest however, i cant ping 11.254.254.254 I'm connecting the the Cisco2811--->Linksys EA3500 wireless router--->Comcast Modem I logged into my Linksys router to check the firewall but there isn't much setting for firewall. This is what it shows on the Firewall section ==================================================== FIREWALL IPV4 SPI Protection enable check VPN passthrough IPsec passthrough check PPTP pass through check L2TP passthough check INTERNET FILTER Filter Autonymous Internet request check Filter multicast uncheck Fitler internet NAT redirestion uncheck Filter Ident (port 113) check =================================================
Tunnel name : INECORACK
Inside interface list: Loopback0
Outside interface: FastEthernet0/0
Current State: IPSEC_ACTIVE
Last Event: MTU_CHANGED
Save Password: Allowed
Split Tunnel List: 1
Address : 11.0.0.0
Mask : 255.0.0.0
Protocol : 0x0
Source Port: 0
Dest Port : 0
Current EzVPN Peer: 75.140.41.126
router#
router#
router#
router#ping 75.140.41.126
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 75.140.41.126, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/75/80 ms
router#ping 11.254.254.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.254.254.254, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
I cant ping 11.254.254.254 or 10.100.64.11
↧
CCIE DC Rack Rental Availability
Dear All,
Is there a way to check the availability of the INE CCIE DC Racks in a single click (like entire calendar view for a month).
Iam tired (lzay) to change the time and date to find a free session in a single week.
I tried the calendar view but I am not getting any respons from the page except a message "Loading Data for Datacenter. Please wait".
Could you please throw some hint.
Thanks,
Viki
↧