Does ABF without VRF work? ... View more

Konstantin, since B4 uses GRE to encapsulate the packets, a simple GRE tunnel might work. Would you be able to try that ? --a ... View more

Konstantin, indeed this is an interesting solution and some folks are experimenting with it - see Ivan's blog entry at http://blog.ioshints.info/2012/05/ipv6-only-data-center-built-by-tore.html One can achieve fully stateless approach using SIIT - which has the drawback that one must inject /128s into the IPv6 routing table - or using the statically defined translation based on stateful NAT64. I've used the latter variant on some lightly loaded servers, and it worked rather nicely (though only ASR1k at the moment). ASA9.0 should also be able to do this using its NAT64 capabilities. Is this something you are considering for your deployments ? --a ... View more

Hi Ivan, thank you for the update and links, I'll study them. Do you mean the problem in my configuration could be the route-reflector topology? I'll try to test without RR but anyway it will be not useable in production network. I've founf this simple topology example http://rekrowten.wordpress.com/2011/12/12/route-leaking-between-vrfs-by-using-export-maps/ and it looks like the export is working fine in this example and exports the routes on the remote router, but that remote router does a redistribution from OSPF into BGP, may be this is the trick. ... View more

Here is an old config from when I did a lot of ISDN work. It is on a 2600 series router. Never had any issues. I used 800 series routers to connect back to the 2600. ! ! Last configuration change at 09:24:49 cst Tue Dec 4 2001 ! NVRAM config last updated at 09:24:51 cst Tue Dec 4 2001 ! version 11.2 service timestamps debug uptime service timestamps log datetime msec localtime show-timezone no service password-encryption no service udp-small-servers no service tcp-small-servers ! hostname sci-aus ! ! ip subnet-zero ip name-server 172.16.20.20 isdn switch-type basic-ni1 clock timezone cst -6 clock summer-time cdt recurring ! interface Ethernet0 ip address 207.200.40.193 255.255.255.224 ! interface Ethernet1 ip address 172.16.20.2 255.255.255.128 ! interface Virtual-Template1 no ip address no ip mroute-cache ! interface Serial0 description To ONR ip address 207.200.54.6 255.255.255.252 ! interface Serial1 no ip address shutdown ! interface BRI0 description To Manchaca Village Vet no ip address encapsulation ppp no ip mroute-cache bandwidth 64 isdn spid1 51291611180101 9161118 isdn spid2 51291611190101 6161119 dialer rotary-group 0 no fair-queue compress stac no cdp enable ! interface BRI1 no ip address shutdown ! interface BRI2 no ip address shutdown ! interface BRI3 no ip address shutdown ! interface Dialer0 ip address 172.16.20.237 255.255.255.252 encapsulation ppp no ip mroute-cache dialer in-band dialer idle-timeout 900 dialer hold-queue 10 dialer load-threshold 2 either dialer-group 1 no fair-queue compress stac no cdp enable ppp negotiation-timeout 300 ppp authentication chap ppp chap hostname sci-vet ppp chap password 7 010213054802565E ppp multilink ! router rip version 2 redistribute connected network 172.16.0.0 network 207.200.40.0 ! ip classless ip route 0.0.0.0 0.0.0.0 207.200.54.5 dialer-list 1 protocol ip permit ! line con 0 line aux 0 line vty 0 4 login ! end ... View more

Hello, Am trying to simulate ipv6 to ipv4 network .The simulated isp will be on ipv4 network which 100.1.1.1. the LAN-ROUTER will be on ipv6 network but the link that connects ipv6 to ipv4 will be on 100.1.1.10/29 network. I created ipv6 nat pool as follows ipv6 nat  v6v4 pool IPV4-ISP 100.1.1.2 100.1.1.6 prefix length 29 i also enabled ipv6 nat on the lan-router interfaces  i try to ping 100.1.1.2 from ipv6 host but unsuccessful can someone help ? ... View more

Hi Kishore , thank you for the reply. Idon't think the GRE tunnel is a good option - the problems with MTU and fragmentations will be arised  for sure, and the GRE could lead to much more sub-optimal routing, because a router can see only a cost of the "logical" GRE path. increasing the cost between P-69 and PE-69 to 10, will solve the sub-optimal routing to 10.22.8.0/24, but the routing to 10.62.1.0/24  will be still sub-optinal. If I correctly understand the problem - the suboptimal routing appears because of the fact that the routers P-228 and P-69 (the ABR's for the Area 22) see different OSPF information, because P-228 doesn't have an interface in Area11. And such kind of problem is quite difficult to solve just by changing the costs of interfaces. I remember I've met somewhere in Cisco books the explanation of simular case, but I don't remember exactly where it was and what kind of recomendation was suggested. ... View more

I would think that about 40 % would be reasonable given the features that you indicate that you are using. I do not see a reason to worry given what you have described. HTH Rick ... View more

My setup here is: LNS has individual QOS for authenticated subscribers. Then one GE interface on that LNS is connected to the LAC. Then I am applying a different aggregate shaper on this interface aside from the individual connected subs on LNS. My guess is: You cant really do QOS on the interfacing LAC on the same router together with subs shaper policy. I hope someone can confirm it. ... View more

issue is solved turns out bgp network command does work for me, as in my routing table on r1 i am getting ospf e2 routes to the 30 network, and thus i can advertise them into bgp my prefix list out to the provider was blocking the 30 network, as i had a specific subnet mask allowed (/28) while the actual network was /29 and i had no le 32 option behind my prefix list ... View more

if you can't ping or trace the server, it could be the folowing problems: 1. check the IP address information IP and subnetmask on servers on both subnets. Can server reach each other inside of same subnet? 2. check the default router configuration on the servers. can servers reach default gateway? 3. are both routers exchange the routing information? do you use static routes? 4. can server reach the IPof the router  on the "remote" subnet? 5. If you use ACL's may be it's better to deactivate them on all interfaces during the tests (don't forget to activate them again after tests) if you can check and answer all these questons, then you will probably find your problem. ... View more