Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello-We are in the process of upgrading from 10.4.2 all the way to 11.5.1One thing we have ran into in our lab is the config compliance piece does not allow us to honor any changes that may have been made via CLI. For example - let's say someone pa...
Hello- Just curious if anyone has used "hardware ip glean throttle" command on the Nexus 9K platform. In our situation, we have VXLAN leaf switches with the anycast gateway configured and on some of them we are getting many, many L3 glean drops beca...
Hello, I'm working on a IPS design in a fully redundant DC that is almost impossible to force symmetrical flows. My question is when using assymetric mode for TCP reassembly - what exactly is lost? Below is the list I've come up with so far:1. TCP...
After an upgrade of the 1000v from SV1.2 to SV1.3 - the version does not update when viewing the 1000v VSM VM Summary tab. It still shows the "product" as SV1.2. I know this is purely cosmetic, since doing a show ver and show mod on the CLI of the ...
Hi, I'm currently working on Tuning a pair of IPS modules in ASA's. We are currently in Promiscous and tuning/filtering to ensure we don't block any valid traffic when making the switch to inline.We are using the new 7.0.1 code and getting the globa...
Take a look at your FEX's - it looks like you have them cabled incorrectly. If you swap the cables for FEX 101 and 102 on SR-N5K2 and you should be golden. I'm actually surprised the FEX's are operating. First 5k;SR-N5K1# sh fexFEX FEX FEX FEX FexN...
Ok - there is a way to do this for interface configuration - which covers at least the vast majority of our situation - where engineers/support folks will configure interfaces going to end-systems or update allowed vlans on trunks, etc.Cisco even has...
Have you considered using ingress replication for BUM traffic to see if it resolves your issue? This can be done on a per VNI basis - so you could test with just a single VNI at first.
If your asking is it a concern to muddy your Spine with other tasks such as terminating firewalls and route peering with WAN edge devices, because you manage them with DCNM...Yes - It's a major concern. Keep the spines as simple as possible - that's...
