Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I have an OSPF issue in a datacenter. This infrastructure exist in a redundant core and aggregation layer which are build with Cisco C6509-E with a Sup720-3BXL in the core and Sup720-3B in de aggregation. The interconnects are etherchannels of...
Hi All,FiFo queueing is the default on high speed interfaces and does not prioritize traffic. Network traffic, like routing updates, are marked as high priority traffic.I always thought that this kind of traffic gets served first even on FiFo interfa...
Hi All,I am facing some issues where OSPF does not learn routes from multiple vrf's via a backend firewall which is in the same OSPF area.Here is how the topology looks like:MPLS VPN Backbone-->PE router (vrf) ospf area 1-->CE router (vrf) ospf area ...
Hi there,I have an issue with Cisco ACS and an Infoblox appliance. We want to authenticate users, that login on the Infoblox, via the Cisco ACS. After that the ACS should reply with a passed (RADIUS) authentication and reply with an administrative gr...
Found the issue that is causing this behavior.There was this commando in the configuration:"mls qos protocol ospf police 32000 1000"And a lot of dropped ospf packets. Anyway happy now.
Thank you both for explaning this "default" behaviour for control traffic. It's also sound logic, because control traffic should be priority treated before any other "production" traffic. I can assume that BPDU's also falls into the category "control...
Thank you Peter for clarifying my setup. This example that I drawed is one of the many vpn's that is entering the datacenter. I have about 30 of these OSPF area's that are entering the datacenter this way. Untill now everything from the CE is routed ...
Also response to Peter PaluchThank you all for thinking this through. I am not a good draftsman but here is how it looks like. The routing between the PE and CE is done with the "capability vrf-lite" on the CE router. The route towards the firewall i...
Ok,I have re-imaged the ACS with the recovery DVD and applied the patch 4.2.0.124.15. Next I imported the VSA and rebooted the server. After this I added the Infoblox appliance and could choose the VSA for authentication. Under "interface configurati...
