Hi Georg,
This doesn't seem to work for me. No changes are made to BGP.
I seem to get mixed explanations on what the route map does.
If I have a match and set in sequence 5, does the route-map continue with sequence 10, or does it stop because it has found a match.
So create a sequence 5
route-map BGP-FILTER-OUT permit 5 match ip address prefix-list bgp-3ips set community xxxx:10095
route-map BGP-FILTER-OUT permit 10 match ip address prefix-list bgp-routes set community xxxx:0 !
... View more
Hello Harold,
Thanks for the help.
If I were to create sequence 5 and it has a match, wouldn't it skip sequence 10?
I always need to execute sequence 10 as well.
Thanks,
J.
... View more
Hi Everyone,
I have a question about BGP.
I would like to adapt the BGP community sent by my router based on an ACL.
I have 2 routers
R1 sets a community of 0 on all routes and R2 sets 10095 on all routes.
R1 is the primary router and R2 the secondary.
For 3 ip's I would like R2 to become the preferred router. In and out traffic.
So on R1 in my router bgp xxxx config I have created a route-map
"neighbor x.x.x.x route-map BGP-FILTER-OUT out"
This route map sets the community of all routes to 0
route-map BGP-FILTER-OUT permit 10 match ip address bgp-routes set community xxxx:0 !
How do I add the second part? Can I add it to sequence 10?
match ip address bgp-3ips
set community xxxx:10095.
If I create a sequence 20. I will never be executed since sequence 10 always has a hit.
I tried creating the sequence 20 and adding "continue 20" in sequence 10, but without success.
Any tips?
Thanks,
J.
... View more
Hi, The issue was resolved after applying below workaround to clean up the corrupted/wrong database: 1) Remove "snmp ifmib ifindex persist" from the config with: 2) Reload the switch, and bring up again with the same image 3) Add "snmp ifmib ifindex persist" CLI again and then write After that the issue was resolved. Br, J
... View more
Hi Guys,
I have upgraded some 2960S switches from version 150-2.SE11 to version 152-2.E8.
I have no production problems, but since then I have some alerts in my monitoring about the stack ports.
All stack ports show down. When I do a show switch detail. The ports show up.
switch#show snmp mib ifmib ifindex detail Description ifIndex Active Persistent Saved ------------------------------------------------------------------------- GigabitEthernet1/0/39 10139 yes enabled yes GigabitEthernet2/0/7 10607 yes enabled yes GigabitEthernet2/0/18 10618 yes enabled yes
... StackSub-St2-2 5142 no enabled yes ... StackSub-St3-2 5145 no enabled yes ... StackPort1 5137 no enabled yes
Our 2960X switches which have been upgrades as well to version 152-2.E8 do not show this issue.
Any idea's? Or tac case material?
Thanks, J
... View more
Hi All,
I have upgraded my prime 3.1.4 with the latest patch to 3.1.7.
The upgrade went fine, I'm able to log on to Prime and all functionalities are there. The only thing that does not work are the reports.
When I want to create a new report I get the message below in my report overview.
"java.lang.NoSuchFieldError: semaphoreCount"
When I want to rerun an existing report I get the following error:
"TypeError: doc.getElementsByTagName(...)[0] is undefined"
Any idea's?
Thanks,
J.
... View more
Hello,
We have a setup of 1 sg300 (core) with fiber sfp's and copper sfp's.
We have a star network to several sg200 access switches. There is only 1 vlan, no inter vlan routing.
There is a server on the sg300 which does multicast. However this does not work correctly. Multicast stream is not consistent, and does not restart when stopping and starting the stream.
When we replace the sg300 by another switch and connect the access switches by copper uplinks, this works fine.
Is there a specific setting on the sg300 which has to be activated? Most of the settings I have used are default.
Any ideas?
Thanks,
J
... View more
Hi All,
I'm migrating a 3750 switch to a 3850. On the 3750 macsec is configured.
cts manual
no propagate sgt
sap pmk 0 <pasw> mode-list gcm-encrypt
But this command does not seem to exist in my 3850.
(config-if-cts-manual)#sap pmk 0 pw mode-list ?
no-encap No encapsulation
gmc-encrypt is not available. I have found this information...
If the interface is not capable of data link encryption, no-encap is the default and the only available SAP operating mode. SGT is not supported.
What is a data link encryption capable interface?
Thanks,
J.
... View more
Hi all,
We have a 6880 vss setup with more than 20 2960x access switches connected to it with a port-channel.
Some time ago our network had major issues. Most of our access switches were no longer reachable, the access switches on which we could log on we saw very high CPU load. When we shut down 1 link of the port-channel to the vss, the cpu went down again, and normal operations resumed.
The IOS on the access switches is 12.2(2)E5. Is it the DHCP snooping process which was causing the memory issue?
In the log of the switches we saw the following messages:
%SYS-2-MALLOCFAIL: Memory allocation of 1692 bytes failed from 0x24C79E8, alignment 0
Pool: I/O Free: 972 Cause: Not enough free memory
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "HULC DHCP Snooping Process", ipl= 0, pid= 293
.....
Thanks,
Joris
... View more
Hi All,
We have just installed a prime infra 3.1 appliance.
When starting the GUI we notice that all logging is displayed with the AM and PM timeschedule. Is there a way to use the 24h format?
Is there a MIB available that can be used to monitor the Prime appliance itself?
Thanks,
Joris
... View more
Hi All,
We have configured our switchports with dot1x, authenticating on a Cisco ACS. Everything was running smooth. No issues with authentication at all.
During the last 2 weeks we have upgraded several models of Cisco switches, located on our site. 160 switches in total. The first series of upgrades went fine, no issues at all.
Yesterday we have upgraded the last switches along with the core switches. During the reboot of the core switches we shut down our ACS (connected on the core switch).
Now we are seeing some issues with the dot1x auth, not on all devices, but on some of them. It's not limited to a certain type of switch, or type of IOS.
On the switches, where the malfunctioning devices are connected we see the following message
"%DOT1X-5-FAIL: Authentication failed for client (xxxx.xxxx.xxxx on Interface Fa0/x AuditSessionID"
On the ACS we see the following message
"Authen session timed out: Supplicant didnot respond to ACS correctly. Check supplicant configuration"
I suppose this has something to do with the shutdown of the ACS.
Any ideas where to start looking?
Thanks,
Best regards,
Joris
... View more