Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Does anyone have any insight into what I am being blindsided with right now? Here is my predicament. 1. We have two N7K-C7010 chassis that were ordered and installed several years ago with SUP-1 modules, FAB-1 modules, and M1 line cards. We have si...
Hi - quick question, I see the capability to perform ERSPAN termination exists in IOS-XE 16.11 and beyond for the Catalyst 9K series, but I do not see any support for the Catalyst 3850 platform. I thought I heard at one point this capability would b...
I'm planning a firewall upgrade to two ASA5555-x appliances in HA failover from 9.4(4)5 to 9.6(3)1. Traditionally, a direct upgrade like this would break zero downtime functionality, as you were required to upgrade between adjacent releases when cha...
Hello,
I am investigating whether I can carve TCAM on a pair of Nexus 9396-PX switches to reclaim a slice from the RACL region and leverage it for another purpose. RACL is populated by default in this platform.
My question is this - utilization is m...
I'm wondering if anyone has implemented a custom Snort rule within their SourceFire IPS to strip X-Forwarded-For information from a packet in transit to the internet. This would be necessary to prevent internal IP disclosure, which could be a compli...
... and if you read the 2013 bulletin, it indicates there is a migration path between the old bundle and the new bundle, but a "bundle" merely represents the components that comprise it, and all of those components have been replaced. So I continue t...
Thanks for your reply. I guess I could leverage regex somehow if it is necessary to match IPs within the XFF header. But as I understand it, the rule would match any packet sourcing from RFC1918 addressing, reference the XFF header, and replace the...
Thanks for your feedback.
I expect some major architectural changes to this environment within the coming year, so though we are constantly addressing and maintaining QoS in other areas of the enterprise, this particular switch doesn't really warrant...
