|
ate poo poo on live tv posted:New 15454's looking good. Looks about the same number of notes as the original XC/XC-VT equipped 15454 shelves.
|
# ¿ Feb 14, 2018 13:46 |
|
|
# ¿ May 15, 2024 05:31 |
|
FatCow posted:We're racking our first one in the lab early next week, so here is hoping. Not doing anything a 15454 can't do, but Cisco matched price and couldn't provide transmux cards except as a refirb. Everyone call your Level3/CL rep and tell them you want channelized circuits delivered as pseudowires. I feel like I'm the only one asking for this. No DS3 transmux cards on the NCS? And getting channelized circuits over pseudowire? Geez it was hard enough getting vt1.5 mapped OC3 and OC12s.
|
# ¿ Feb 15, 2018 13:14 |
|
FatCow posted:Me (and I think Rag too) work on the side of things that lets people do 'only voip.' Ask me about my Cerent original 15454 which experienced a dual clock failure. Oh and it was the primary box fronting our class 5.
|
# ¿ Feb 17, 2018 19:56 |
|
ate poo poo on live tv posted:Also am I mis-remembering or doesn't a T3 have an RJ45/48 media as opposed to coax you could get? Cause I swear I remember plugging in a cable into some kind of Cisco card, maybe on an ISR or a 7200 and it was a 45Mbs T3 frame, NOT Ethernet. There was HSSI back before port adapters with built in CSUs. But that was a 50 pin SCSI-2 connector not RJ45.
|
# ¿ Feb 18, 2018 00:40 |
|
FatCow posted:Other telecom guys. Where do you get your 734/735 coax assemblies? I need ~250 simplex HDBNC-BNC connections in the next few months and the place we used to use almost doubled their price. I’ve always used clink-inc (formerly ds3crossconnect.com), didn’t shop them extensively but I’ve been (mostly) happy with the material we’ve gotten from them.
|
# ¿ Feb 27, 2018 02:12 |
|
falz posted:Use a router if you want NAT, use a l3 switch if not. Anything Cisco/juniper should be fine as far as l3 switch goes. Use a router if you have a sub-rate Ethernet circuit from a carrier who strictly polices the circuit, because shaping on switches sucks.
|
# ¿ Mar 8, 2018 02:35 |
|
abigserve posted:because I'm always about to just say gently caress it and write my own collector. That’s what I did. Although it’s against 1.2 and I need to update for 1.5 since they’ve got int64 now, and I’ve only tested up to 20 devices or so so far (and if-mib only). I’ll try to clean the code up (remove anything internal) and toss it on github. Or there’s snmpcollector but I’m not a fan since it holds metrics in memory and saves the deltas to the database (I prefer saving the raw counter and running derivative on it later). But it’s certainly a lot more comprehensive in terms of MIB support. -edit- Behold my terrible code, github.com/ragzilla/ngm ragzilla fucked around with this message at 19:51 on Mar 21, 2018 |
# ¿ Mar 21, 2018 12:28 |
|
abigserve posted:Nice one. I started writing something similar in Go as well which I'll probably work on more now that I have motivation. I have about 1200 devices to poll and multiple tables on each so she's not super straightforward, I'll take a look at your code as well... I too have been tempted to rewrite and support more table types (I need to get environmentals, protocols, cpu/mem, and vpn sessions at a minimum). And apparently we're sitting at 2246 devices right now (although not all are SNMP, but then there's the issue of writing an ICMP poller in go). gently caress managing stuff like Solarwinds and Cacti at that volume when I just want to log every single point on every interface.
|
# ¿ Mar 22, 2018 03:45 |
|
abigserve posted:At the end of the day Statseeker (and now, AKIPS) seems to be the only suitable solution. We've had SS running for years and it never misses a beat, but good god it's a lovely interface which is why I was trying to be smart and replace it with a modern solution. I wrote a (new) thing, telepoller. Inspired by telegraf syntax (heck, lifted a bunch of their SNMP/config code and made it run parallel), uses Uint64 where it can (so you'll need InfluxDB with the build flag turned on, and my updated Telegraf for batched inserts). Not quite as battle tested as my old code (fun story, in the development I ran 'delete from ifMIB' on the production database, whoops), but it should be decently reliable. Got it pointed at one box for right now, probably add some metrics to track idle time like the old one did and then turn it loose on more of the network.
|
# ¿ Mar 26, 2018 05:53 |
|
FatCow posted:Is Cisco dumping EHWICs? Seems like every small router that uses them has an EOL date. NIMs are the future. ISR4k and ENCS both use NIM form factor.
|
# ¿ May 3, 2018 20:11 |
|
Anyone else going to Live next week?
|
# ¿ Jun 8, 2018 22:48 |
|
tortilla_chip posted:9300s are all Cisco silicon. The 3ks are where the commodity line lives 9200/9300 are hybrid Cisco/Broadcom (BRKARC-2222/BRKDCT-3640). Broadcom supply the forwarding ASIC (the NFE, Trident II/Tomahawk) and Cisco silicon does the ACI stuff/VXLAN routing/flow/enhanced buffering and queuing by supplying the switch fabric (ASE/ALE ASIC).
|
# ¿ Oct 4, 2018 02:52 |
|
The 15454.
|
# ¿ Oct 9, 2018 13:09 |
|
madsushi posted:I'd prefer #1 just to avoid any MLAG junk, just leave it as a regular port-channel. 2 10Gb circuits between the same devices will balance the same as a 2x10 PC unless there's some platform out there which uses different 5-tuple load balancing for PC versus ECMP (I can't think of any). BFD (if your provider will do it, not a bad idea if you know there are L2 switches in the path) may have issues over LACP depending on platforms involved.
|
# ¿ Oct 22, 2018 01:13 |
|
CrazyLittle posted:say hello to my new stack Are those the 93180s down at the bottom? Because drat if they don't look near identical to the NCS5501SE.
|
# ¿ Nov 8, 2018 15:07 |
|
Sepist posted:Just change your whole infrastructure to static routing like that one guy on reddit quote:When in doubt, static route. Actual thing said by a major airline network architect, at an SDN conference.
|
# ¿ Feb 14, 2019 22:18 |
|
Tetramin posted:e: id also like to take a moment to say that iOS would be cooler if you could set config changes and then just apply them rather than the 'instantly apply!!' behavior. Have you looked at options like Ansible/NAPALM for making the change, or for the old way, doing a ‘copy <src> running’ to merge configs.
|
# ¿ Mar 13, 2019 18:07 |
|
less than three posted:8.6.1 and 10.5 are still supported though, hah. Ask your SE to find out what the version lifecycle/release strategy is, for XR the first point releases under a minor are short term to squash the bugs, then when they hit .3/.4 or so it becomes an extended maintenance release with 1 year of of additional bug fixes distributed via SMU/SP, 3 years of security fixes, and 6 years of software support: https://community.cisco.com/t5/service-providers-documents/ios-xr-release-strategy-and-deployment-recommendation/ta-p/3165422 On the ASA side we've tried to stick to 9.8 for a while now, the even minor (9.6, 9.8, 9.10, 9.12) releases for ASA are extended maintenance (22 months of bugfix releases + 12 months of security from FCS) and 1 is released per year in the Spring: https://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/bulletin-c25-738209.html Wikipedia says 9.8 FCS'd in May 2017 so I guess I need to find a new release to migrate to this year. I think IOS-XE version numbering is starting to follow a pattern similar to the XR release strategy, except for them it's the first couple of minor releases in a release codename (just based on what releases tend to get gold stars for my platforms). -edit- Yeah, every third release (and recent codenames have been releasing in 3s) is EMR for IOS-XE: https://www.cisco.com/c/en/us/products/collateral/routers/asr-1000-series-aggregation-services-routers/product_bulletin_c25-726436.html coming with 48 months of rebuilds. ragzilla fucked around with this message at 04:17 on Apr 19, 2019 |
# ¿ Apr 19, 2019 04:14 |
|
BaseballPCHiker posted:Got a user who is trying to do a bunch of video encoding that all goes into an old 3560X, despite the uplink being a two gig fiber port channel I see a ton of output drops on the physical interfaces. No QoS on the line, its all multicast traffic from what I can tell, and its only about 30 Mbps when the video is getting uploaded to the 3560X. Bursty traffic + 3k/2k type platforms usually means buffer overruns. If you have mls qos enabled on the device check the show mls qos interface <blah> statistics counters and check for 'output queues dropped'. If you're seeing significant drops in one of those queues (usually queue 2 for untagged DSCP traffic) you can recarve the buffers system wide with mls qos queue-set output 1 buffers 10 70 10 10. Alternatively you could use queue-set output 2 (instead of 1) and change the queue-set for that interface. v6 multicast would only be an issue if it was getting routed by the device, l2 multicast should hardware switch as normal once the path is set up via IGMP (or flood if it's unknown multicast).
|
# ¿ Apr 30, 2019 16:02 |
|
Pile Of Garbage posted:Can anyone point me in the direction of where the XML schema or whatever that Cisco uses for Netconf is documented? I just want something that shows how each part of the config is represented. You mean the YANG models? https://github.com/YangModels/yang/tree/master/vendor/cisco
|
# ¿ May 2, 2019 14:59 |
|
FatCow posted:Just avoid the entire NCS line. Optical BU or routing BU. It is all poo poo. I’ve got some 5501s running stand-alone collapsed distribution/edge/peering and they work decently for that.
|
# ¿ May 19, 2019 13:26 |
|
CrazyLittle posted:The other half of the reason why is because they wrote their design document back when Fastethernet was the copper standard and simply never updated them to reflect that "Fastethernet" doesn't exist on gigabit Ciena/Juniper/Cisco hardware ports. Just ran into this (on the provisioning info documents) on a 10Gb MIS Service, they wanted to know if I wanted 1000BaseLX or 1000BaseSX handoff.
|
# ¿ May 22, 2019 19:51 |
|
BaseballPCHiker posted:Woohoo! TAC doesn’t know, rep wouldn’t know, things like this have your SE ask the product group for a roadmap. If you have an NDA they should be able to share it.
|
# ¿ Jun 11, 2019 00:23 |
|
tortilla_chip posted:elam is your friend here. I think I’ve had to pull out ELAM once in my entire time working with 6500/7600, and it was to prove dscp bits were passing a core device that I couldn’t tap.
|
# ¿ Jun 18, 2019 20:03 |
|
Contingency posted:I tried "copy start run" once to avoid a reboot, and it ends up merging configs. ASA doesn’t have “configure replace” sadly.
|
# ¿ Jun 21, 2019 22:49 |
|
BaseballPCHiker posted:Anyone ever work much with CWDM fiber? Muxes are passive, transceivers can drift but it really depends on how your mux is constructed what happens when they do (good muxes will have input filters, bad muxes don't). If you don't have an OSA I'd swap transceivers on 1390 and 1410 (and 1370 if using an extended channel system) on the affected span and see if that resolves your issue (and while you're at it, double check light levels/clean end faces/check that nobody miswired anything if OTDR testing was done).
|
# ¿ Jun 25, 2019 19:32 |
|
BaseballPCHiker posted:So this is from way back but thought I'd post an update. The water peak refers to an increase in attenuation peaking around 1383nm from 1360-1460nm. Transmissions in this range will suffer attenuation similar to 1310nm at the peak. https://www.fiberoptics4sale.com/blogs/archive-posts/95050054-what-is-zero-water-peak-fiber -edit- This is incredibly common as a lot of the fiber out there is standard g.652, and not the more modern and exotic like low water peak and dispersion shifted (unless it's new longhaul intercity builds that use DS fiber to avoid doing DCM, but even that's less useful now with 200G+ superchannel OEO regen GMPLS networks).
|
# ¿ Sep 5, 2019 22:03 |
|
ras’ fantastic optical presentation from nanog also covers water peak and a whole host of other optical details: https://archive.nanog.org/sites/default/files/2_Steenbergen_Tutorial_New_And_v2.pdf
|
# ¿ Sep 6, 2019 17:43 |
|
Moey posted:It's always capacity. Distance too. DWDM you pack inside C and L bands so it can be amplified with EDFA/Raman. You can’t do that with CWDM in the E band.
|
# ¿ Sep 7, 2019 13:44 |
|
Nuclearmonkee posted:I have one they gave me to mess with. It's still Firepower but at least there's no ASA in there. You can accomplish almost the same thing with an ASA running the FTD image, though you can't run anything after 6.2 on 5506-x and 08-x, which is still the recommended version anyways so lol. Is this some new code that's not FTD? Because FTD is Firepower as hypervisor and an ASA dataplane, so the ASA piece is still in there but all hidden behind the veneer of FMC/FDM.
|
# ¿ Sep 17, 2019 21:46 |
|
Tetramin posted:That’s been kind of my last resort option. Been holding off on upgrading it until TAC tells me to but it’s been tough connecting with the engineer cause shits been crazy busy for me lately. Maybe I will just go ahead and do that. ASA 9.6 stops getting software updates in September 2020, so you're switching trains in the next 12mo anyway. -edit- What's your management ACL? Could be CLOSE_WAIT stuck connections (CSCvr15503). That wouldn't clear up until rebooted. Similar would be CSCuw02009 which has recent activity but is _supposed_ to be fixed. But either way if it's sending RSTs it's probably a software defect. ragzilla fucked around with this message at 14:40 on Sep 19, 2019 |
# ¿ Sep 19, 2019 14:32 |
|
abigserve posted:Any edge design that includes asymmetric routing paths is broken. It is a road to ruin. Unless your edge is stateless by nature, in which case go hog wild.
|
# ¿ Oct 9, 2019 23:37 |
|
falz posted:I guess I could add a hundred lines to the config to ignore things. Seems weird to me that there's not just a flag like 'log IPS stuff' to turn off, and it's on by default. There is. code:
|
# ¿ Dec 3, 2019 03:06 |
|
Bob Morales posted:Two problems: What’s the platform MAC limit, and is it possible you’re reaching it? Most platforms will revert to flood mode when the MAC table fills.
|
# ¿ Feb 17, 2020 15:09 |
|
|
# ¿ May 15, 2024 05:31 |
|
I’m a big fan of how NTT set up their communities- using private ASN space prefixes to create a set of communities that can be used to control policy toward specific peers by ASN rather than remembering the specific provider’s community for suppress/prepend to their individual peers. https://onestep.net/communities/as2914/ Also, don’t forget to filter inbound communities at your border if you accept communities from transit/peers for use within your AS.
|
# ¿ Apr 30, 2020 14:38 |