|
Isn't the FWSM really running the PIX OS? From PIX 6.3:code:
|
# ? Jan 25, 2010 19:56 |
|
|
# ? May 17, 2024 06:10 |
|
Yet another Call Manager question from me... Ok, I have a Unified Communications Manager version 6.1.3 and we got a local PRI installed on it's voice gateway not very long ago. (Actually, its two different PRIs at two separate locations in town, but they both have the same problem). Bellsouth (ATT) is the provider and the PRI works fine for everything except changing the Calling Party's caller ID for outbound calls. That is, I want to provide our main corporate number no matter where it came from. Bellsouth made us go through a bunch of legal paper signing before they would remove the screening tables, but it finally got done. But I still can't seem to change the out going caller ID. Not even to numbers that are actually assigned to the PRI. I CAN change it on some long distance PRIs that we got a couple months ago, but not for local. So I don't think its something that I did wrong... but I wouldn't be a very good trouble shooter if I didn't admit that I could have something hosed up. Does anyone have any tips how to troubleshot this? Debug commands, or different settings to try? I have tried everything that I know to try (change the swith protocol in the router and the call manager, etc). My gut is telling me that the phone company is at fault, but I know that as soon as I commit to that I will find out I had something wrong.
|
# ? Jan 25, 2010 21:15 |
|
Richard Noggin posted:Isn't the FWSM really running the PIX OS? From PIX 6.3: I believe the FWSM code I'm running,3.2(12), is analogous to ASA version 7 code. I don't have an ASA running version 7 at hand, but this is what I get on version 8: code:
|
# ? Jan 25, 2010 21:22 |
|
inignot posted:I believe the FWSM code I'm running,3.2(12), is analogous to ASA version 7 code. I don't have an ASA running version 7 at hand, but this is what I get on version 8: My ASA on 7.2 shows the same as yours.
|
# ? Jan 25, 2010 21:24 |
|
.
Mensur fucked around with this message at 21:27 on Jun 14, 2013 |
# ? Jan 25, 2010 22:22 |
|
So I know this is the Cisco thread and all, but I'm looking for something (Cisco or otherwise) that can handle ~1500 dual homed servers with layer 2 adjacency with low latency multicast being the most important aspect. The guy I'm working with came up with a non-elegant monstrosity of daisy chained 4200 juniper switches, but surely there is something better than that? Any ideas? Vendor/Price isn't particularly important, as long as they can keep up.
|
# ? Jan 26, 2010 02:22 |
|
Powercrazy posted:So I know this is the Cisco thread and all, but I'm looking for something (Cisco or otherwise) that can handle ~1500 dual homed servers with layer 2 adjacency with low latency multicast being the most important aspect. Force 10 (http://www.force10networks.com/products/ethernetsr.asp) is supposed to be quite good in the low latency department. I've never used them though. Edit: or why not just 6500s loaded with WS-X6748-GE-TX? falz fucked around with this message at 03:11 on Jan 26, 2010 |
# ? Jan 26, 2010 03:07 |
|
falz posted:Edit: or why not just 6500s loaded with WS-X6748-GE-TX? Blocking
|
# ? Jan 26, 2010 03:22 |
|
Powercrazy posted:Blocking N7k?
|
# ? Jan 26, 2010 07:34 |
|
Tremblay posted:N7k? Yea, that is honestly looking like the answer, but I was hopeing there was something to compete with it. Oh well. (we are mad at our Cisco Rep)
|
# ? Jan 26, 2010 13:09 |
|
Powercrazy posted:Yea, that is honestly looking like the answer, but I was hopeing there was something to compete with it. Oh well. Trading app platform?
|
# ? Jan 26, 2010 15:12 |
|
Powercrazy posted:Yea, that is honestly looking like the answer, but I was hopeing there was something to compete with it. Oh well. Do you have a Cisco SE or do you work through a partner?
|
# ? Jan 26, 2010 17:49 |
|
jbusbysack posted:Trading app platform? Ding ding ding. Tremblay posted:Do you have a Cisco SE or do you work through a partner? Both. We have an actual Cisco rep right now, but I'm using some of my contacts to hopefully get him off our account, but we have also gone through 3 partners, in addition to CDW and Ebay. I looked at a few comprehensive tests of the Force10 stuff and frankly its pretty terrible. http://www.eantc.com/fileadmin/eantc/downloads/test_reports/2006-2008/Cisco-Force10/EANTC-Exec-Summary-F10_Cisco.pdf Foundry/Brocade also suffer from the common issue of just making poo poo up for their numbers/speeds/feeds. (3.2 Tbps throughput ) I can't find independent testing for Multicast/layer 2 switching that aren't just marketing BS. Its too bad that Cisco was the defacto standard for so long, because now they are growing complacent and no one is willing/able to compete fairly with them. Bleh. This means we may be forced to go with the "proven" solution of the Nexus, even though its not really what we want and it has lots of positioning limitations on it as well as unproven/unrealized potential. The Nexus 7Ks are also like 3 times the price of the 5Ks as well, for very minimal performance difference for us, as well as no support for FECs, at least right now. But we want a solution right now, not 9months or a year from now. Blah. ate shit on live tv fucked around with this message at 08:24 on Jan 27, 2010 |
# ? Jan 27, 2010 07:19 |
|
Powercrazy posted:Ding ding ding. Look at Juniper EX again, 2500/4200 (if you want MEC) at TOR, 8200 at distribution. Apparently that's what NYSE Euronext is deploying this year for their trading fabric. -edit- Also, ping your Cisco SE again on the Sup2T, it's a major fabric upgrade and it's going to EARL8 (same EARL that runs the N7K), so latencies may be getting better on the 6500 platform depending on what they did with the fabric. -/edit- ragzilla fucked around with this message at 16:08 on Jan 27, 2010 |
# ? Jan 27, 2010 16:01 |
|
Oh the Sup2T? Is that orderable now? I haven't seen anything external about it except rumors. I'll have to ask around, it might actually meet our needs.
|
# ? Jan 27, 2010 16:11 |
|
Powercrazy posted:Oh the Sup2T? Is that orderable now? I haven't seen anything external about it except rumors. I'll have to ask around, it might actually meet our needs. No it's still rumors/pre-release, but the SEs may have more info now, since it's supposed to be a 1H10 release.
|
# ? Jan 27, 2010 16:17 |
|
ragzilla posted:No it's still rumors/pre-release, but the SEs may have more info now, since it's supposed to be a 1H10 release. Ok that's what I thought, definitely a possibility though maybe combined with the 6509-VE.
|
# ? Jan 27, 2010 16:26 |
|
What's your taste/requirements for Infiniband? Several HFT firms we work with are fans of Voltaire.
|
# ? Jan 27, 2010 17:39 |
|
jbusbysack posted:What's your taste/requirements for Infiniband? Several HFT firms we work with are fans of Voltaire. Since I'm fairly new I don't have intimate knowledge of the datacenter tech we may or may not use, but as far as I know we don't touch infiniband, iSCSI, FCoE, etc. Only GigE. We do have a SAN setup somewhere, but I don't know where yet.
|
# ? Jan 27, 2010 23:38 |
|
Powercrazy posted:Since I'm fairly new I don't have intimate knowledge of the datacenter tech we may or may not use, but as far as I know we don't touch infiniband, iSCSI, FCoE, etc. Only GigE. We do have a SAN setup somewhere, but I don't know where yet. You're muddling up technologies, you can use InfiniBand as a faster Ethernet or simply a very fast fabric. One use is for storage. Voltaire is currently pushing their systems in finance for messaging, i.e. use TIBCO or LBM on top with Ethernet shims or native IB verbs.
|
# ? Jan 28, 2010 00:55 |
|
Powercrazy posted:http://www.eantc.com/fileadmin/eantc/downloads/test_reports/2006-2008/Cisco-Force10/EANTC-Exec-Summary-F10_Cisco.pdf I have no expertise with Force10 gear, I just know that we have a customer that ditched some other switches (3750s? I don't remember) for some Force 10 gear. Customer claims that the F10's helped tremendously with latency issues in their database infrastructure which consists of a few racks of servers and SSD disk arrays/trays. Having said that, those [hilarious] results were commissioned by Cisco and clearly it's worded as such. Hell there's a link to a video in it that allegedly shows the Force 10 gear overheating (I say allegedly because it doesn't play on my non-windows laptop). I'm not at all surprised that Cisco "won" that battle.
|
# ? Jan 28, 2010 01:19 |
|
MrMoo posted:You're muddling up technologies, you can use InfiniBand as a faster Ethernet or simply a very fast fabric. One use is for storage. Voltaire is currently pushing their systems in finance for messaging, i.e. use TIBCO or LBM on top with Ethernet shims or native IB verbs. Dead on. Throw in some native FIX/FAST and 29West and we have ourselves a little HFT messaging party. We've seen some DMA in action too, and it's pretty interesting stuff.
|
# ? Jan 28, 2010 01:36 |
|
ragzilla posted:Look at Juniper EX again, 2500/4200 (if you want MEC) at TOR, 8200 at distribution. Apparently that's what NYSE Euronext is deploying this year for their trading fabric. Sidenote, NYSE did make a huge stink about how they selected Juniper for their core platform in their new ridiculous datacenter in Mahwah, NJ. I have not seen many conversions away from the tried and true 6500-series implements for most firms though. Ultimately it's the great network-guy answer though: 'it depends what you want to do'.
|
# ? Jan 28, 2010 03:21 |
|
For reference, some overly conservative latency figures on different fabrics by Apache Qpid:
ZeroMQ reached 13.4μs on IB, STAC Research report 10G at 38μs (19μs one-way) for LBM on Cisco 4900Ms using OpenOnload, I can manage 300μs on 1G UDP multicast at 32kpps. MrMoo fucked around with this message at 03:37 on Jan 28, 2010 |
# ? Jan 28, 2010 03:33 |
|
Anyone have experience dealing with SNMP agent weirdness, specifically relating to the CISCO-POP-MGMT MIB? I work in a Very Large Organization, dealing with network management and monitoring stuff, and we have several 2821s and a 3845 dedicated to handling VoIP junk. The 3845 (IOS version 12.4(20)T) was recently upgraded to add 2 more T1s, bringing it to a total of 4. Much to my irritation, the router is refusing to index the new T1s in the aforementioned MIB, so I cannot poll them individually for how many DS0s are in use on each circuit at any given time. What I am able to see is that the router is aware of and is correctly routing calls through the new circuits, since the ifDescr table shows all 4 T1s as being present, and the cpmActiveDS0s variable is usually sitting at around 70-80 during the day, with a high water mark of 92, which is what I'd expect to see in a fully utilized voice gateway. However, the NOC is interested in monitoring the number of active DS0s on a per-T1 basis as well via the cpmDS1ActiveDS0s table, which is indexed for each T1. cpmDS1ActiveDS0s.0.0 and cpmDS1ActiveDS0s.0.1 represent the old T1s and are both correct, and I would expect to see cpmDS1ActiveDS0s.1.0 and cpmDS1ActiveDS0s.1.1 for the new T1s (being that they are 0/1/0 and 0/1/1), but these indexes don't actually exist. There are no entries for either new T1 anywhere in the tree; as far as this particular MIB is concerned, the new T1s don't exist. The router has been rebooted multiple times since the installation with no change. Unfortunately, since it is a Very Large Organization and there are lots of people and lots of heavily segregated access controls, I don't have access to look at the router's configuration myself to see if something unusual stands out. I know SNMP-specific questions are probably not the purview of this thread, and this thread mainly seems to be about rolling your own Cisco lab for CCNA-type stuff, but maybe somebody in here has happened to encounter this weirdness in the past?
|
# ? Jan 28, 2010 04:02 |
|
Powercrazy posted:Ding ding ding. Upgradable fabric and rather insane port density are what the 7k is all about. 5ks don't scale like a 7k can (obviously). Also not sure about the in-service upgrade/non stop switching/routing on the 7k/5k (not sure 5k does that).
|
# ? Jan 28, 2010 04:15 |
|
Is there any way to change the command prompt in IOS? RANCID doesn't like prompts that end with # instead of > e.g. switch# == bad switch> == good I've tried prompt, but it's not valid for 12.2(53)SE. Richard Noggin fucked around with this message at 20:39 on Jan 28, 2010 |
# ? Jan 28, 2010 20:31 |
|
Richard Noggin posted:Is there any way to change the command prompt in IOS? RANCID doesn't like prompts that end with # instead of > I hope you are aware that the # means you are in privileged mode and the > means you are not. Kinda doubt you can change it.
|
# ? Jan 28, 2010 20:53 |
|
ior posted:I hope you are aware that the # means you are in privileged mode and the > means you are not. Kinda doubt you can change it. Yup, I'm aware. Let me rephrase the question: does anyone experienced with RANCID know how to make the parser correctly interpret the 3560's priv mode prompt of # correctly? From the RANCID FAQ: Q. I have a Cisco Catalyst switch. clogin connects, but after receiving the prompt, it stalls until it times out. Why? A. This may be due to your prompt. CatOS does not include an implicit '>' in it's prompt, like IOS does. clogin looks for '>' during login, so specify your prompt with a trailing '>'. Also see cat5rancid(1). For example: cat5k> cat5k> enable Password: cat5k> (enable) Not very helpful, as obviously I have IOS that's spitting out #.
|
# ? Jan 28, 2010 20:56 |
|
Richard Noggin posted:Yup, I'm aware. Let me rephrase the question: does anyone experienced with RANCID know how to make the parser correctly interpret the 3560's priv mode prompt of # correctly? From the RANCID FAQ: Give your rancid user a privilege of 1 instead of 15 (in ios) and it will be placed in unprivileged mode at login hence giving you a > prompt.
|
# ? Jan 28, 2010 21:09 |
|
Richard Noggin posted:Is there any way to change the command prompt in IOS? RANCID doesn't like prompts that end with # instead of > Is this using RADIUS, or IOS users for auto-enable? If so, you'll need to tell RANCID that it's being autoenabled using something similar to: code:
|
# ? Jan 28, 2010 23:35 |
|
Anyone know a thing about multicasting? Our core 6509 has the following global config: code:
code:
|
# ? Jan 29, 2010 00:35 |
|
Do you guys have acls allowing it to pass?
|
# ? Jan 29, 2010 00:48 |
|
Do you have ip multicast routing setup on both distribution switches, check your ACLs everywhere as often times people will filter the common multicast addresses. Check your IGMP joins to see if the distribution switch is trying to join the core router, it might not know about the RP. Also read this. http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080094b55.shtml
|
# ? Jan 29, 2010 01:10 |
|
Weissbier posted:Anyone know a thing about multicasting? Well with what I have at the moment this is what I can add to what has been said: ip multicast-routing (this is the command to enable mrouting globally, sounds good) ip pim rp-address 10.100.250.2 (this is the hard coded rendezvous point of 10.100.250.2) This means that the local router thinks 10.100.250.2 is the root of the multicast tree. ip pim sparse-dense-mode This just states that the internal router will build both types of multicast trees, Sparse and Dense. Dense mode, assumes that a multicast group's recipients are located on every subnet. Sparse mode, the multicast tree is not extended to a router unless a host there already has joined the group. Here's the show commands, what are they giving? show ip mroute sh ip pim interface (should help see what routing interfaces are seeing what) sh ip pim neighbor show ip pim rp e: You should also make sure IGMP is enabled on all layer 3 interfaces in between point a and b. Should be version 2. Not sure if when you turn on pim this is taken care of. show ip igmp interface show ip igmp groups code:
show ip igmp snooping <vlan> show multicast router igmp show multicast group igmp Hope this helps, I have to get better with multicasting as well. Herv fucked around with this message at 01:52 on Jan 29, 2010 |
# ? Jan 29, 2010 01:31 |
|
sh ip mroute:code:
code:
code:
code:
|
# ? Jan 29, 2010 01:51 |
|
Ok cool, for the last one (show ip pim rp) it looks like it wants to dump traffic to the 10.100.250.2 for all those multicast groups listed. Is that another router that the pc's are behind or what? Strange it's not showing up as a neighbor. theres a sh ip pim rp mappings that will show you where it thinks groups should go as well. Herv fucked around with this message at 02:05 on Jan 29, 2010 |
# ? Jan 29, 2010 02:02 |
|
10.100.250.2 is the ip of the 6509 itself - should that be 224.1.1.1?code:
|
# ? Jan 29, 2010 02:15 |
|
Ok I would just yank out that line: ip pim rp-address 10.100.250.2 for now and set the rp to auto discovery with this: ip pim send-rp-discovery (says I am an RP mapping agent) ip pim send-rp-announce (says I can be an RP) only if just pulling the first doesn't fix things. Not sure if you have to have some type of RP configured or not, sorry. e: nevermind Herv fucked around with this message at 03:04 on Jan 29, 2010 |
# ? Jan 29, 2010 02:31 |
|
|
# ? May 17, 2024 06:10 |
|
Herv posted:Ok I would just yank out that line: No, THANK YOU for all the help last night. Going to review this information in detail today at work.
|
# ? Jan 29, 2010 14:01 |