Ask the Experts: JavaServer Technology (August 14-18)

Similar Messages

• Reminder: Ask the Experts Session on MSA -- August 20-24

  Got a question about Mobile Service Architecture (MSA), JSR 248, a Java ME optional package that defines the next generation Java ME platform? Post it during the week of August 20 on the Ask the Experts page (http://java.sun.com/developer/community/askxprt/) and get answers from Mickhail Gorshenev, Sun's lead for the JSR 248 Technology Conformance Kit (TCK), E-Ming Saung, Product Line Manager in the Java ME Marketing group, and Hinkmond Wong, one of the current project owners of the phoneME open source project and past specification lead for various mobility-related technologies such as the Java ME Connected Device Configuration (CDC) and Foundation Profile.

  Did you need to post this 27 times?He's a chronic cross-poster.
  http://java.sun.com/features/authors.html
  Ed Ort is a writer on the staff of the Sun Developer Network. He writes technical articles that appear on java.sun.com and developers.sun.com. After a long career at IBM, where he focused on relational database technologies and programming languages, Ed came to Sun and turned his attention exclusively to Java technology. Besides writing, Ed also manages the SDN chat program, and the newsletters: Core Java Technologies Tech Tips and Enterprise Java Technologies Tech Tips. When he's not writing, running chats, or handling newsletters, Ed is usually hiking or jogging in the mountains that surround Las Vegas, Nevada.

• Ask the Experts Session on Mobile Service Architecture (MSA), August 20-24

  Got a question about MSA, JSR 248, a Java ME optional package that defines the next generation Java ME platform? Post it during the week of August 20 on the Ask the Experts page (http://java.sun.com/developer/community/askxprt/) and get answers from Mickhail Gorshenev, Sun's lead for the JSR 248 Technology Conformance Kit (TCK), E-Ming Saung, Product Line Manager in the Java ME Marketing group, and Hinkmond Wong, one of the current project owners of the phoneME open source project and past specification lead for various mobility-related technologies such as the Java ME Connected Device Configuration (CDC) and Foundation Profile.

  i am working in struts with netbeans....can you please guide me in suggesting how to retrieve database in one table when it is already stored in another table in the same database?

• ASK THE EXPERTS : High Density Wireless Deployments and CleanAir Technology

  with
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to get an update on High Density Wireless Deployments and CleanAir technology with Cisco expert Fred Niehaus. Fred is a technical marketing engineer for the Wireless Networking Business Unit at Cisco, where he is responsible for developing and marketing enterprise wireless solutions using Cisco wireless LAN products. In addition to his participation in major deployments, Fred has served as technical editor for several Cisco Press books including the "Cisco 802.11 Wireless Networking Reference Guide" and "The Business Case for Enterprise-Class Wireless LANs." Prior to joining Cisco with the acquisition of Aironet, Fred was a support engineer for Telxon Corporation, supporting some of the very first wireless implementations for major corporate customers. Fred has been in the data communications and networking industry for more than 20 years and holds a Radio Amateur (Ham) License "N8CPI."
  Remember to use the rating system to let Fred know if you have received an adequate response.
  Fred might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the shortly after the event. This event lasts through June 3, 2011. Visit this forum often to view responses to your questions and the questions of other community members.

  You are correct, between the higher numbers of users with multiple devices the bandwidth requirements keep increasing.
  The limitation of three non-overlapping channels in the 2.4 GHz space is driving more customers to 5 GHz, it is important to have both bands when high density deployments are needed.  While many older devices only support 2.4 GHz, we are now seeing far more devices with 5 GHz as well.
  The recomendation of 20-25 clients and 8 voice calls on a given 2.4 GHz channel is still a good "rule of thumb" with actual customer data requirements driving those numbers higher or lower. You are right when you say "throwing Access Points" at the problem can degrade the wireless quality as co-channel interference and overall noise floor can rise with multiple Access Points that can all hear each other.
  A better approach to the problem is to throw more spectrum at this issue (using 5 GHz channels) and elements of 802.11n (20 MHz) bandwidth on 2.4 GHz.
  What we have been doing in high density deployments is to try to minimize the propagation of a cell and focus it in a given direction.  This can be done by
  1. Managing the RF power of the radios (Access Points) and in some cases the client's power (using elements of CCX).
  2. Using the right antennas to shape both Tx and Rx cell size to help isolate, we have recently introduced a new high gain antenna for stadiums that does this well.
  3. Limit supported rates, obviously the higher the data rate the less sensitive the receiver is and the smaller the cell size becomes.
  4. Enable 5 GHz (that adds far more channels for data throughput)
  5. Limit the number of SSIDs in use as each requires a separate beacon (adding to RF utilization)
  6. Co-locating access points with non-overlapping channels
  There are some challenges, for example; many dual -band clients prefer to connect to 2.4 GHz, and 2.4 GHz is more likely to be busier and subject to interference, so we also enable Cisco "Band-Select" which basically "nudges" those clients off 2.4 GHz and pushes them to 5 GHz so as to free up the 2.4 GHz band when we can determine the client has 5 GHz capability.
  So how is this done? well, we do this by listening to the clients and if we detect that the client is sending out probe requests on both bands we know the client can use 5 GHz so we essentially make the 5 GHz band "appear more attractive" to that client.
  Note: Client load balancing and Band select are features in the Cisco Unified controller menu.
  Also enabling client link (intelligent beam forming) helps direct the signal directly at the client and reduces same channel interference.

• Ask the Experts Session on Java Plug-In Technology

  Got a question about Java Plug-in technology? Submit your questions from February 12 through February 16 on the Ask the Experts page (http://java.sun.com/developer/community/askxprt/) and get answers from key members of the Java SE Deployment Team.

  Thank You :)
  Regards,
  Sim085

• Reminder: Ask the Experts Session on Java Plug-In Technology (Feb 12-16)

  This is a reminder that three key members of the Java SE Deployment Team at Sun will be on hand from February 12-16 to answer your Java Plug-In Technology questions. Submit your questions next week on the Ask the Experts page (http://java.sun.com/developer/community/askxprt/).

  Java Plug-in technology, included as part of the Java
  Runtime Environment, Standard Edition (Java SE),
  establishes a connection between popular browsers and
  the Java platform. This connection enables applets on
  Web sites to be run within a browser on the desktop.
  Got a question about Java Plug-in technology? Submit
  your questions from February 12 through February 16
  and get answers from key members of the Java SE
  Deployment Team.It's just two days since i read an article on developers who write Java Plug-in's for browsers.I just can't remember where!

• Ask the Experts :LAN Switching

  With Matt Blanshard and Jane Gao
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to ask your toughest layer 2 questions to two of the technical leaders of the San Jose LAN Switching team, Matt Blanshard and Jane Gao. Learn more about Spanning Tree, VTP, Trunking, Resilient Ethernet Protocol, IGMP Snooping, Private VLANS, Q-in-Q Tunneling, QoS, various switching platforms including all desktop switches, Metro Ethernet switches, 4500 and 6500 switches, Blade Center switches, and Nexus 7000 switches. 
  Matt Blanshard began his Cisco career as an intern in 2007.  He is now a technical leader at the Cisco Technical Assistance Center on the LAN Switching team. He holds a bachelor's degree from the University of Phoenix in computer science, and has CCNA certification.
  Jane Gao is a technical leader in the Lan Switching Technical Assistance Center (TAC) team in San Jose. She has been working with LAN switching technologies and supporting Cisco switching platforms Jane's Bio since 2009. Ms. Gao was previously a technical leader in the Wireless TAC team in San Jose. Prior to joining Cisco Ms. Gao was working in software development. She has a Master of Science degree in Computer Science from DePaul University in Chicago.
  Remember to use the rating system to let Matt and Jane know if you have received an adequate response.  
  They might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Lan Switching and Routing discussion forum shortly after the event. This event lasts through August 12, 2011. Visit this forum often to view responses to your questions and the questions of other community members.

  you can load you IOS from the tftpd32 , first donload tftpd32 from google its free, run it but make it sure that you have you IOS image bin file in you PC, then , follow these steps ,
  STEP 1.
                  Store the IOS image on the computer in any drive with its original name .
  STEP2.
             Connect the Switch to the Computer through straight cable.
  STEP 3.
               Come to the Switch , come in the enable or privilege mode by entering   enable
               Then come to the configuration mode , type  config terminal push enter
             Now type interface fast Ethernet or giga Ethernet port what ever the port is connected to the PC , example interface fast Ethernet 0/1 then push enter
  Now give ip address, like
  Ip address 1.1.1.1 255.0.0.0   enter
  No shut   enter
  STEP 3 .
                   Come to the PC GO TO THE NETWORk CARD and give the ip address 1.1.1.2 subnet mask 255.0.0.0 gateway 1.1.1.0 nothing else.
  STEP 4.
               Now download    tftpd32  you can get it on google download it  AND RUN IT . AFTER THAT OPEN THE TFTP WHICH WILL BE ON DESKTOP , DOUBLE CLICK IT AND COME TO current directory and brows the IOS IMAGE FILE where you save that and select that it will then comes to the current directory , now below current directory you will see server interface , in front of that you will have to click show dir and see that the IOS file can be seen .
  STEP 5. COME TO THE SWITCH AGAIN , GO in enable mode.
  Type this.
                     Copy tftp flash. Push enter
                   It will ask you the name and address of remote host ?
  Give the IP ADDRESS of the system , 1.1.1.2 and push enter .
  Now it will ask you about the source file name ?
  Copy the file name from pc where the IOS IMAGE which is saved on the PC and past on the switch and type.bin in the end and push enter.
  Now the SWITCH will ask you about the destination file name , you can create your own name or use the same default name that is saved on the PC which you copy past on switch , after entering the name push enter. NOW WAIT FOR 10 MINUTES IF IT WILL ASK YOU SOMETHING PUSH ENTER AND WAIT FOR THE IMAGE TO UPLOAD.
  AFTER THAT COME TO THE enable mode and type wr  and the type reload and wait for the reboot process, in case you are using same destination file name as kept on the pc otherwise. Look below
  If you have create your own choice name then,
  Come to configuration mode , by typing config terminal push enter.
  Type this command
     Boot system switch all flash:/new name that you have created and type.bin in the end push enter.
  Now type exit come to the enable mode .
  Type WR push enter.
  Now run these commands for verification.
  Show boot. ( after running this command check if the file name of the IOS is there then its ok )
  Dir flash. ( after running this command check if the file name of the IOS is there then its ok )
  Now TYPE THE LAST COMMAND
  Reload and allow the switch to reboot and wait .

• Ask the Expert: Cisco TelePresence for the Enterprise

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about Cisco Telepresence® for the enterprise. 
  Cisco experts Jaret, Fernando, and Fred will be covering all Cisco TelePresence products.  Topics include Cisco TelePresence endpoints and TelePresence infrastructure such as the Cisco TelePresence Video Communication Server (VCS), Cisco Expressway Series, Cisco Unified Communication Manager (CallManager), Cisco TelePresence Servers (MSE 8710, on Virtual Machine, etc.), MCU (MSE 8510, etc.), Cisco TelePresence Management Suite (TMS), and all other Cisco TelePresence related devices.
  Jaret Osborne is an 8-year Cisco Advanced Services veteran.  In his Advanced Services tour, Jaret has covered all aspects of Cisco Unified Communications and TelePresence products, including both enterprise and service provider verticals. Most recently Jaret has been working with global service providers supporting their Cisco TelePresence as a Service offerings while also incubating new cloud services at Cisco.
  Fernando Rivas is a Cisco Advanced Services NCE, starting in the Cisco Technical Assistance Center (TAC), 2007, on the Collaboration Technology Team mastering the Cisco Unified Communication  technologies and specialized in call control CUCM,VCS) and  conferencing (MeetingPlace, Telepresence). In 2011, he joined Cisco Advanced Services as a member of the Cisco Collaboration team and participated in several Cisco TelePresence and video-related technologies deployments. Currently he is a member of the Video Cloud Technology Team, supporting video exchanges in several and architecting new private video cloud solutions for large enterprises. Fernando holds a routing and switching CCIE® certification (22975).
  Fred Mollenkopf  is a Cisco Advanced Services Network consulting engineer working at Cisco for the last 7 years. Fred has led some of the largest Cisco Unified Communication and Collaboration deployments done for Cisco customers and partners. Over 15 years’ experience in data networking with a specialization in Cisco Unified Communications in 2004. Currently he is a member of the SP Video Advanced Services Team, supporting SP video exchanges and the Cisco Telepresence solutions.  Fred maintains an active CCIE® in Voice (17521).
  Remember to use the rating system to let Jaret, Fernando, and Fred know if you have received an adequate response. 
  Because of the volume expected during this event, Jaret, Fred, and Fernando might not be able to answer every question. Remember that you can continue the conversation in the Collaboration, Voice and Video Community, under the sub-community TelePresence, shortly after the event. This event lasts through August 15, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Tenaro,
  Additionally here are the most common login issues.  Unfortunately this includes items related to Presence implementation but I commented where we did not use these in our lab setup for CUCM Phone Capabilities only.  
  Login Issues
  Problem:
  Jabber Unable to Sign-in Through MRA
  Solution
  This can be caused by a number of things, a few of which are outlined below.
   1.  Collaboration Edge SRV record not created and/or port 8443 unreachable
  For a jabber client to be able to login successfully using MRA, a specific collaboration edge SRV record must be created and accessible externally. When a jabber client is initially started it will make server DNS SRV queries:
  _cisco-uds : this SRV record is used to determine if a CUCM server is available.
  _cuplogin : this SRV record is used to determine if an IM&P server is available.
  _collab-edge : this SRV record is used to determine if MRA is available.
  If the jabber client is started and does not receive an SRV answer for _cisco-uds and _cuplogin, and does receive an answer for _collab-edge then it will use this answer to try to contact the Expressway-E listed in the SRV answer.
  The _collab-edge SRV record should point to the FQDN of the Expressway-E using port 8443. If the _collab-edge SRV is not created, or is not externally available,  or if it is available, but port 8443 is not reachable, then the jabber client will fail to login.
   2.  Unacceptable or No Available Certificate on VCS Expressway
  After the jabber client has received an answer for _collab-edge, it will then contact the expressway using TLS over port 8443 to try to retrieve the certificate from the expressway to setup TLS for communication between the jabber client and the expressway.
  If the Expressway does not have a valid signed certificate that contains either the FQDN or domain of the Expressway, then this will fail and the jabber client will fail to login.
  If this is occurring, the you should use the CSR tool on the Expressway, which will automatically include the FQDN of the expressway as a Subject Alternative Name.
  MRA requires secure communication between the Expressway-C and Expressway-E, and between the Expressway-E and external endpoints.
  Expressway-C Server Certificate Requirements:
  The Chat Node Aliases configured on the IM&P servers. This is required if you are doing XMPP federation.  The Expressway-C should automatically include these in the CSR provided that an IM&P server has already been discovered on the Expressway-C.
  The names in FQDN format of all Phone Security Profiles in CUCM configured for TLS and used on devices configured for MRA. This allows for secure communication between the CUCM and Expressway-C  for the devices using those Phone Security Profiles.
  Expressway-E Server Certificate Requirements:
  All domains configured for Unified Communications. This includes the domain of the Expressway-E and C, e-mail address domain configured for Jabber, and any presence domains.
  The Chat Node Aliases configured on the IM&P servers. This is required if you are doing XMPP federation. 
  The MRA Deployment guide describes this in greater detail on pages 17-18. (http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Mobile-Remote-Ac...
  Note: In our lab for testing Phone Capabilities only, we did not include the Chat Node Aliases in the certificate as we were not using IM&P.
   3.  No UDS Servers Found in Edge Config
  After the Jabber client successfully establishes a secure connection with the Expressway-E, it will ask for its edge config. This edge config will contain the SRV records for _cuplogin and _cisco-uds. If these SRV records are not returned in the edge config, then the jabber client will not be able to proceed with trying to login.
  To fix this, make sure that _cisco-uds and _cuplogin SRV records are created internally and resolvable by the Expressway-C
  More information on the DNS SRV records can be found on page 10 of the MRA deployment guide for X8.1.1 (http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Mobile-Remote-Access-via-Expressway-Deployment-Guide-X8-1-1.pdf)
  Note: In our lab for testing Phone Capabilities only, we did not include the DNS SRV for _cuplogin.
   4.  The Expressway-C logs will indicate the following error: XCP_JABBERD  Detail="Unable to connect to host '%IP%', port 7400:(111) Connection  refused"
  If Expressway-E NIC is incorrectly configured, this can cause the XCP server to not be updated. If the Expressway-E meets the following criteria, then you will likely have this issue:
  Using a single NIC
  Advanced Networking Option Key is installed
  Use Dual Network Interfaces option is set to “Yes”
  To correct this problem, change the “Use Dual Network Interfaces” option to “No”
  The reason this is a problem is because the Expressway-E will be listening for the XCP session on the wrong network interface, which will cause the connection to fail/timeout. The Expressway-E listens on TCP port 7400 for the XCP session. You can verify this by using the netstat command from the VCS as root.
  Note: We used a Dual Network Interface Expressway for testing but were not using XCP, so this was not applicable to us.
   5.  VCE-E Server hostname/domain name does not match what is configured in the _collab-edge SRV.
  If the Expressway-E Server hostname/domain name does not match what was received in the _collab-edge SRV answer, the jabber client will not be able to communicate to the Expressway-E. The Jabber client uses the xmppEdgeServer/Address element in the get_edge_config response to establish the XMPP connection to the Expressway-E.
  This is an example of what the xmppEdgeServer/Address would look like in the get_edge_config response from the Expressway-E to the Jabber client:
  <xmppEdgeServer>
  <server>
  <address>ott-vcse1.vcx.cisco.com</address>
  <tlsPort>5222</tlsPort>
  </server>
  </xmppEdgeServer>
  To avoid this, make sure that the _collab-edge SRV record matches the Expressway-E hostname/domain name. Enhancement CSCuo83458 has been filed for this. 
  Note: This was one of our issues when we first setup.  We adjusted our Expressway-E to insure the below:
  System > Administration > System Name this was the FQDN
  System > DNS > System Host Name was the host portion of the FQDN
  System > DNS > Domain Name was the domain portion of the FQDN
  System > Clustering > Cluster Name (FQDN for Provisioning) was the FQDN
   6. Unable to log into certain IM&P servers. VCS logs say "No realm found for host cups-example.domain.com, check connect auth configuration"
  From the Expressway-E, go to Configuration -> Unified Communications -> IM&P Servers. Open each server and click "Save" again. Not sure exactly why this happens.
  Note:  This was N/A to our test and can be ignored with Phone Capabilities only.
  Thanks
  Fred

• Ask the Expert: Data Center Integrated Systems and Solutions

  Welcome to this Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about utilizing Cisco data center technology and solutions with subject matter expert Ramses Smeyers. Additionally, Ramses will answer questions about FlexPOD, vBlock, Unified Computing Systems, Nexus 2000/5000, SAP HANA, and VDI.
  Ramses Smeyers is a technical leader in Cisco Technical Services, where he works in the Datacenter Solutions support team. His main job consists of supporting customers to implement and manage Cisco UCS, FlexPod, vBlock, VDI, and VXI infrastructures. He has a very strong background in computing, networking, and storage and has 10+ years of experience deploying enterprise and service provider data center solutions. Relevant certifications include VMware VCDX, Cisco CCIE Voice, CCIE Data Center, and RHCE.
  Remember to use the rating system to let Ramses know if you have received an adequate response.
  Because of the volume expected during this event, Ramses might not be able to answer every question. Remember that you can continue the conversation in the Data Center Community, under the subcommunity Unified Computing, shortly after the event. This event lasts through August 1, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Ramses,
  I have dozen questions but will try to restrain myself and start with the most important ones :)
  1. Can cables between IOM and FI be configured in a port-channel? Let me clarify what I"m trying to achieve: if I have only one chassis with only one B200M3 blade inside, will the 2208 IOM and FI6296 allow me to achieve more than 10Gbps throughput between the blade and the Nexus 5k? Of course, we are talking here about clean ethernet environment.
       B200M3 --- IOM2208 --- 4 links --- FI6296 --- port-channel (4 links) --- Nexus5548
  2. Is it possible to view/measure throughput for Fibre Channel interfaces?
  3. Here is one about FlexPod: I know that in case of vBlock there is the company that delivers fully preconfigured system and offers one universal support point so customer don't have to call Cisco or VMware or storage supports separately. What I don't know is how it works for FlexPod. Before you answer that you are not sales guy, let me ask you more technical questions: Is FlexPod Cisco product or is NetApp product or this is just a concept developed by two companies that should be embraced by various Cisco/NetApp partners? As you obviously support Datacenter solutions, if customer/partner calls you with are FlexPod related problem, does it matter for you, from support side, if you are troubleshooting fully compliant FlexPod system or you'll provide same level of support even is the system is customized (not 100% FlexPod environment)?
  4. When talking about vCenter, can you share your opinion about following: what is the most important reason to create the cluster and what will be the most important limitation?
  5. I know that NetApp has feature called Rapid Clones that allows faster cloning than what vCenter offers. Any chance you can compare the two? I remember that NetApp option should be much faster but didn't understand what is actually happening during the cloning process and I'm hoping you can clarify this? Maybe a quick hint here: seems to me it will be helpful if I could understand the traffic path that is used in each case. Also, it will be nice to know if Vblock (i.e. EMC) offers similar feature and how it is called.
  6. Can I connect Nexus 2000 to the FI6xxx?
  7. Is vBlock utilizing Fabric Failover? Seems to me not and would like to hear your opinion why.
  Thanks for providing us this opportunity to talk about this great topic.
  Regards,
  Tenaro

• Ask the Expert: Different Flavors and Design with vPC on Cisco Nexus 5000 Series Switches

  Welcome to the Cisco® Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about Cisco® NX-OS.
  The biggest limitation to a classic port channel communication is that the port channel operates only between two devices. To overcome this limitation, Cisco NX-OS has a technology called virtual port channel (vPC). A pair of switches acting as a vPC peer endpoint looks like a single logical entity to port channel attached devices. The two devices that act as the logical port channel endpoint are actually two separate devices. This setup has the benefits of hardware redundancy combined with the benefits offered by a port channel, for example, loop management.
  vPC technology is the main factor for success of Cisco Nexus® data center switches such as the Cisco Nexus 5000 Series, Nexus 7000 Series, and Nexus 2000 Series Switches.
  This event is focused on discussing all possible types of vPC along-with best practices, failure scenarios, Cisco Technical Assistance Center (TAC) recommendations and troubleshooting
  Vishal Mehta is a customer support engineer for the Cisco Data Center Server Virtualization Technical Assistance Center (TAC) team based in San Jose, California. He has been working in TAC for the past 3 years with a primary focus on data center technologies, such as the Cisco Nexus 5000 Series Switches, Cisco Unified Computing System™ (Cisco UCS®), Cisco Nexus 1000V Switch, and virtualization. He presented at Cisco Live in Orlando 2013 and will present at Cisco Live Milan 2014 (BRKCOM-3003, BRKDCT-3444, and LABDCT-2333). He holds a master’s degree from Rutgers University in electrical and computer engineering and has CCIE® certification (number 37139) in routing and switching, and service provider.
  Nimit Pathak is a customer support engineer for the Cisco Data Center Server Virtualization TAC team based in San Jose, California, with primary focus on data center technologies, such as Cisco UCS, the Cisco Nexus 1000v Switch, and virtualization. Nimit holds a master's degree in electrical engineering from Bridgeport University, has CCNA® and CCNP® Nimit is also working on a Cisco data center CCIE® certification While also pursuing an MBA degree from Santa Clara University.
  Remember to use the rating system to let Vishal and Nimit know if you have received an adequate response. 
  Because of the volume expected during this event, Vishal and Nimit might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure Community, under the subcommunity LAN, Switching & Routing, shortly after the event. This event lasts through August 29, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Gustavo
  Please see my responses to your questions:
  Yes almost all routing protocols use Multicast to establish adjacencies. We are dealing with two different type of traffic –Control Plane and Data Plane.
  Control Plane: To establish Routing adjacency, the first packet (hello) is punted to CPU. So in the case of triangle routed VPC topology as specified on the Operations Guide Link, multicast for routing adjacencies will work. The hellos packets will be exchanged across all 3 routers and adjacency will be formed over VPC links
  http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_L3_w_vpc_5500platform.html#wp999181
  Now for Data Plane we have two types of traffic – Unicast and Multicast.
  The Unicast traffic will not have any forwarding issues, but because the Layer 3 ECMP and port channel run independent hash calculations there is a possibility that when the Layer 3 ECMP chooses N5k-1 as the Layer 3 next hop for a destination address while the port channel hashing chooses the physical link toward N5k-2. In this scenario,N5k-2 receives packets from R with the N5k-1 MAC as the destination MAC.
  Sending traffic over the peer-link to the correct gateway is acceptable for data forwarding, but it is suboptimal because it makes traffic cross the peer link when the traffic could be routed directly.
  For that topology, Multicast Traffic might have complete traffic loss due to the fact that when a PIM router is connected to Cisco Nexus 5500 Platform switches in a vPC topology, the PIM join messages are received only by one switch. The multicast data might be received by the other switch.
  The Loop avoidance works little different across Nexus 5000 and Nexus 7000.
  Similarity: For both products, loop avoidance is possible due to VSL bit
  The VSL bit is set in the DBUS header internal to the Nexus.
  It is not something that is set in the ethernet packet that can be identified. The VSL bit is set on the port asic for the port used for the vPC peer link, so if you have Nexus A and Nexus B configured for vPC and a packet leaves Nexus A towards Nexus B, Nexus B will set the VSL bit on the ingress port ASIC. This is not something that would traverse the peer link.
  This mechanism is used for loop prevention within the chassis.
  The idea being that if the port came in the peer link from the vPC peer, the system makes the assumption that the vPC peer would have forwarded this packet out the vPC-enabled port-channels towards the end device, so the egress vpc interface's port-asic will filter the packet on egress.
  Differences:  In Nexus 5000 when it has to do L3-to-L2 lookup for forwarding traffic, the VSL bit is cleared and so the traffic is not dropped as compared to Nexus 7000 and Nexus 3000.
  It still does loop prevention but the L3-to-L2 lookup is different in Nexus 5000 and Nexus 7000.
  For more details please see below presentation:
  https://supportforums.cisco.com/sites/default/files/session_14-_nexus.pdf
  DCI Scenario:  If 2 pairs are of Nexus 5000 then separation of L3/L2 links is not needed.
  But in most scenarios I have seen pair of Nexus 5000 with pair of Nexus 7000 over DCI or 2 pairs of Nexus 7000 over DCI. If Nexus 7000 are used then L3 and L2 links are required for sure as mentioned on above presentation link.
  Let us know if you have further questions.
  Thanks,
  Vishal

• Ask the Experts Live Chat - Home Hub 4

  Hello,
  Stephanie and I are pleased to announce our next live discussion with some of our BT experts! It's about one of our latest new products, the Hub 4. This will be a great chance to get our Hub 4 experts onto the community to tell you a bit more about that and answer any questions you may have.
  We have added the Chat transcript below for any of you guys who missed this event.
  7:02
  JacquiBT: 
  Hello everyone.
  Thank for you joining our ‘Ask the Experts’ Live chat. I would like to introduce Dave, Sam and Emma who are our hub 4 experts and will be answering your questions tonight. I would like to invite you to ask your questions now.
  7:03
  [Comment From imjolly imjolly : ] 
  why are there no adsl stats available on the HH4
  7:04
  [Comment From DS DS : ] 
  evening all. Are the antennae omni directional?
  7:05
  Sean Donnelly: 
  Thanks for the question, Emma will respond
  to that question Imjolly
  7:05
  JacquiBT: 
  Thanks DS, Dave will respond to your question now
  7:05
  Dave: 
  Hi DS, yes they are
  7:05
  [Comment From Steve Steve : ] 
  Are there any plans for new firmware on the hub 4 to bring new features?
  7:06
  JacquiBT: 
  Thanks Steve, Dave is answering that question for you
  7:07
  Dave: 
  Hi Steve - yes there are. There will be more information available about this - and any new features - before each firmware drop.
  7:07
  [Comment From Steve Steve : ] 
  why can you not opt out of BT WIFI on the home hub 4?
  7:07
  Dave: 
  Hi Steve - you should have no problem doing this through the Hub Manager
  7:09
  JacquiBT: 
  Some great questions coming through, the experts are typing up responses now
  7:09
  [Comment From DS DS : ] 
  Personal testing - Why is the 2.4GHz range less than the HH3 when at a distance from the hub, but better close up than the HH3?
  7:10
  JacquiBT: 
  Thanks DS, Dave is answering this now for you
  7:10
  [Comment From George George : ] 
  Will the 'Home Network' page show a HH4 instead of the Current image of the HH3?
  7:11
  JacquiBT: 
  Thanks George, Sam will answer that for you
  7:11
  Sam: 
  Hi George, the HH4 image will be displayed in place of the HH3 in the next firmware release
  7:12
  Dave: 
  Thanks again DS - you shouldn't find that, but this can depend on a lot of different factors in the home. I've found mine to be a bit better actually! But it should be pretty much the same for most customers.
  7:12
  Sean Donnelly: 
  Did you know the Hub 4 has Smart Setup?
  Easy set up in just a few minutes. No CD or computer needed, it's all online and works on any device. Set up your Hub 4 router and access all your free extras like BT Cloud and BT Family Protection in just a few clicks.
  7:12
  [Comment From DS DS : ] 
  Is it possible for BT to allow us to move the BTWifi SSID's to another channel, leaving our own SSID on a less congested channel?
  7:12
  Dave: 
  Hi imjolly, sorry for the delay, Emma asked me to reply on her behalf. We have made the stats in the Hub manager simpler for customers to understand, we were reacting to feedback that it was too general for the wide range of customers and tech understandings.
  7:12
  JacquiBT: 
  Hi DS, Sam is replying to you now
  7:14
  [Comment From JamesS JamesS : ] 
  What speeds can I achieve over wifi, assuming I'm connected to 5ghz? Thanks.
  7:14
  Sean Donnelly: 
  Did you know the hub offers Easy Wireless?
  Connect wirelessly by selecting your BT Home Hub connection on any compatible device and just push a button on the Hub and you're connected. It's that simple. No passwords needed.
  7:14
  JacquiBT: 
  Hi JamesS. Dave will reply to your question
  7:14
  Emma: 
  Hi imjolly, we have made the stats in the Hub manager simpler for customers to understand, we were reacting to feedback that it was too general for the wide range of customers and tech understandings.
  7:15
  Sam: 
  Hi DS, moving BT Wifi SSID's to another channel is not possible on the HH4. However, we are looking closely at the wi-fi SSID's the hub broadcasts to see whether we can improve this experience.
  7:15
  Dave: 
  Hi James, 5GHz maximum data transfer rate of 300Mb/s; this will tend to translate as an optimal actual speeds of up to 100 Mb/s - depending on lots of factors in your home
  7:15
  [Comment From George George : ] 
  Why did you remove the built in plastic wireless info tab with a card?
  7:15
  JacquiBT: 
  Hi George, Dave is going to reply to that question
  7:16
  Dave: 
  Hi George - this was part of the design process, we've tried to make it even easier for customers to find their wireless information. Now it's not integrated it's a little bit more accessible.
  7:16
  [Comment From thebennyboy thebennyboy : ] 
  I currently have the HH3 and would like to know what noticable difference it will make having a HH4 over a HH3? We use the ethernet ports and the wireless.
  7:17
  JacquiBT: 
  Hi Bennyboy. Emma is going to reply to that question.
  7:17
  [Comment From Paul Paul : ] 
  How much faster is the processor in the home hub 4, compared to previous versions? how will this effect my online experience?
  7:18
  JacquiBT: 
  Hi Paul. Sam will answer that for you
  7:18
  Sam: 
  Hi Paul, the processor is a staggering 3x faster compared to the HH3
  7:19
  [Comment From Guest Guest : ] 
  Although opted out of BT wifi the hub still shows as being active
  7:19
  JacquiBT: 
  Hi Guest, could we ask that you post this on the community so the moderators can pick this up
  7:19
  Sean Donnelly: 
  Did you know that the hub 4 offers Dual band frequency which makes for a more reliable wireless connection?
  Smart dual-band technology reduces wireless interference and drop out’s giving you a reliable connection for all your devices.
  7:20
  [Comment From Guest Guest : ] 
  When you opt out of BT WIFI it appears to only opt out on the 2.4ghz channel and not the 5ghz channel. Are you looking into this?
  7:20
  JacquiBT: 
  Hi Guest. Dave will reply to your question
  7:21
  Dave: 
  Hi - thanks for this feedback, we'll definitely look in to it for you
  7:21
  Sean Donnelly: 
  Excellent questions coming through folks
  7:21
  Sean Donnelly: 
  Our experts are typing answers so please keep them coming
  7:22
  [Comment From Josh Josh : ] 
  Is it a known issue that the HomeHub 4 has problems identify the Xbox 360 as a media center extender when connected through a wired connection?
  7:23
  JacquiBT: 
  Hi Josh. Sam is replying to your question
  7:23
  [Comment From Winston Winston : ] 
  How much power does the home hub 4 use?
  7:24
  JacquiBT: 
  Hi Winston. Dave will respond to your question
  7:24
  Sam: 
  Hi Josh, we are aware of this issue. This is a problem with the Xbox rather than the HH4 but something we are reviewing together.
  7:24
  Emma: 
  Hi the bennyboy, the main advantages of the hub 4 are the faster processor (3 x faster) and 5 GHz wifi. There is no interference with 5GHz so you get better performance and as the range isn't as wide you dont have to share the bandwidth with neighbours etc. the hub still has 2.4 GHz so you still have the range you have withhub 3 too!
  7:24
  Dave: 
  Hi Winston, I am afraid there's no simple answer as it really depends on what features are in use. But the Hub 4 meets the latest Broadband Equipment Energy Code of Conduct targets for energy consumption.
  7:25
  [Comment From Mel Mel : ] 
  Why did you ignore your existing customers loyalty by charging them for a new hub, don't they pay enough already in their monthly fees?
  7:25
  JacquiBT: 
  Hi Mel, Dave will reply to your question
  7:25
  [Comment From Winston Winston : ] 
  How long did it take you to design and develop the home hub 4?
  7:26
  JacquiBT: 
  Hi Winston, Emma will reply to your question
  7:27
  [Comment From George George : ] 
  Will we get manual power save back?
  7:27
  JacquiBT: 
  Hi Gerorge. Sam will answer your question
  7:28
  [Comment From Jade Jade : ] 
  Does the home hub 4 support ip6 through a future upgrade?
  7:28
  Emma: 
  Hi Winston, It was about 2 years when we first started the project with the first ideas and concepts
  7:29
  JacquiBT: 
  Hi Jade. Emma will reply to your question.
  7:29
  Emma: 
  Hi Jade, thats something we are working on so yes something for the future
  7:30
  Sam: 
  Hi George. With regards to the manual power save feature, we have looked to make this automatic for all of our customers. However, you are able to change the brightness of the lights as an additional step.
  7:30
  Dave: 
  Hi Mel - we've made a lot of changes for our existing customers since the launch of the Hub 3 a couple of years ago. Our customer offer for the Hub 4 only £35 - a really big discount compared to the full price of £109! We've also created a range of recontracting deals that contain a Hub 4 for only the cost of delivery. If you're out of contract or in the last 3 months, you could take advantage of those offers as well. We really want all of our customers to be able to take advantage of these options!
  7:31
  Sean Donnelly: 
  Did you know the Hub 4 has a faster processor? Inside the BT Home Hub 4 router is our latest Broadband processor – the brains of your Hub. It allows you to pass information between connected devices quicker than ever. So if you are transferring files from one computer to another or watching a film streamed from another device, the BT Home Hub 4 won't slow you down.
  7:31
  [Comment From thebennyboy thebennyboy : ] 
  Our house has very thick stone walls and the wireless is weak in certain rooms. We have a few devices in our house that support 5Ghz Wi-Fi. Does the HH4 also work ok with home plugs that use your power cables to provide network connectivity?
  7:32
  JacquiBT: 
  Hi thebennyboy. Sam will respond to your question
  7:32
  [Comment From Calvin Calvin : ] 
  What future developments are in the works for home hub 4?
  7:33

  DS wrote:
  Not many of my Q's are showing either. Could be busy I guess......
  yeah I can tell, I know your quesitons are pretty good but if you notice that JacquiBT is deliberately choosing the questions she wants to go through. The whole chat is based around the fact that they have added 5ghz. I am appauled as I was hoping to at least ask one question. 

• Ask the Expert: Cisco BYOD Wireless Solution: ISE and WLC Integration

  With Jacob Ideji, Richard Hamby  and Raphael Ohaemenyi   
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about  the new Identity Solutions Engine (ISE) and Wireless LAN Controller (WLC) hardware/software, integration, features, specifications, client details, or just questions about  Cisco's Bring-your-own device (BYOD) solution with cisco Experts Richard Hamby, Jacob Ideji, and Raphael Ohaemenyi. The interest in BYOD (Bring You Own Device) solutions in the enterprise has grown exponentially as guests and company users increasingly desire to use personal devices to access .  Cisco BYOD enhances user experience and productivity while providing security, ease-of-administration, and performance. The heart of the Cisco wireless BYOD solution is Identity Solutions Engine (ISE) utilizing the Cisco Unified Wireless portfolio.  Starting with ISE v1.1.1MR and WLC (Wireless LAN Controller) code v7.2.110.0 and higher, end-to-end wireless BYOD integration is reality. 
  Jacob Ideji is the technical team lead in the Cisco authentication, authorization and accounting (AAA) security team in Richardson, Texas. During his four years of experience at Cisco he has worked with Cisco VPN products, Cisco Network Admission Control (NAC) Appliance, Cisco Secure Access Control Server, and Dot1x technology as well as the current Cisco Identity Services Engine. He has a total of more than 12 years experience in the networking industry. Ideji holds CCNA, CCNP, CCSP, CCDA, CCDP, and CISM certifications from Cisco plus other industry certifications.
  Richard Hamby  works on the Cisco BYOD Plan, Design, Implement (PDI) Help Desk for Borderless Networks, where he is the subject matter expert on wireless, supporting partners in the deployment of Cisco Unified Wireless and Identity Services Engine solutions. Prior to his current position, Hamby was a customer support engineer with the Cisco Technical Assistance Center for 3 years on the authentication, authorization, accounting (AAA) and wireless technology teams. 
  Raphael Ohaemenyi  Raphael Ohaemenyi is a customer support engineer with the authentication, authorization and accounting (AAA) team in the Technical Assistance Center in Richardson, Texas, where he supports Cisco customers in identity management technologies. His areas of expertise include Cisco Access Control Server, Cisco Network Admission Control (NAC) Appliance, Cisco Identity Services Engine, and IEEE 802.1X technologies. He has been at Cisco for more than 2 years and has worked in the networking industry for 8 years. He holds CCNP, CCDP, and CCSP certification.
  Remember to use the rating system to let Jacob, Richard and Raphael know if you have received an adequate response.  
  Jacob, Richard and Raphael might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the wireless mobility sub community forum shortly after the event. This event lasts through Oct 5th, 2012. Visit this forum often to view responses to your questions and the questions of other community members.

  OOPS !!
  I will repost the whole messaqge with the correct external URL's:
  In  general, the Trustsec design and deployment guides address the specific  support for the various features of the 'whole' Cisco TS (and other  security) solution frameworks.  And then a drill-down (usually the  proper links are embedded) to the specifc feature, and then that feature  on a given device.  TS 2.1 defines the use of ISE or ACS5 as the policy  server, and confiugration examples for the platforms will include and  refer to them.
  TrustSec Home Page
  http://www.cisco.com/en/US/netsol/ns1051/index.html
  http://www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns1051/product_bulletin_c25-712066.html
  http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11637/ps11195/at_a_glance_c45-654884.pdf
  I find this page very helpful as a top-level start to what features and capabilities exist per device:
  http://www.cisco.com/en/US/solutions/ns170/ns896/ns1051/trustsec_matrix.html
  The TS 2.1 Design Guides
  http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns744/landing_DesignZone_TrustSec.html
  DesignZone has some updated docs as well
  http://www.cisco.com/en/US/netsol/ns982/networking_solutions_program_home.html#~bng
  As  the SGT functionality (at this point) is really more of a  router/LAN/client solution, the most detailed information will be in the  IOS TS guides like :
  http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/security/configuration/guide/b_Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_6.x.html
  http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_cts/configuration/xe-3s/asr1000/sec-usr-cts-xe-3s-asr1000-book.html
  http://www.cisco.com/en/US/docs/switches/lan/trustsec/configuration/guide/trustsec.html

• Ask the Expert: Single-Site and Multisite FlexPod Infrastructure

  With Haseeb Niazi and Chris O'Brien 
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Single-Site and Multisite FlexPod Infrastructure with experts Haseeb Niazi and Chris O'Brien.
  This is a continuation of the live webcast.
  FlexPod is a predesigned and prevalidated base data center configuration built on Cisco Unified Computing System, Cisco Nexus data center switches, NetApp FAS storage components, and a number of software infrastructure options supporting a range of IT initiatives. FlexPod is the result of deep technology collaboration between Cisco and NetApp, leading to the creation of an integrated, tested, and validated data center platform that has been thoroughly documented in a best practices design guide. In many cases, the availability of Cisco Validated Design guides has reduced the time to deployment of mission-critical applications by 30 percent.
  The FlexPod portfolio includes a number of validated design options that can be deployed in a single site to support both physical and virtual workloads or across metro sites for supporting high availability and disaster avoidance. This session covers various design options available to customers and partners, including the latest MetroCluster FlexPod design to support a VMware Metro Storage Cluster (vMSC) configuration.
  Haseeb Niazi is a technical marketing engineer in the Data Center Group specializing in security and data center technologies. His areas of expertise also include VPN and security, the Cisco Nexus product line, and FlexPod. Prior to joining the Data Center Group, he worked as a technical leader in the Solution Development Unit and as a solutions architect in Advanced Services. Haseeb holds a master of science degree in computer engineering from the University of Southern California. He’s CCIE certified (number 7848) and has 14 years of industry experience.   
  Chris O'Brien is a technical marketing manager with Cisco’s Computing Systems Product Group.  He is currently focused on developing infrastructure best practices and solutions that are designed, tested, and documented to facilitate and improve customer deployments. Previously, O'Brien was an application developer and has worked in the IT industry for more than 20 years.
  Remember to use the rating system to let Haseeb and Chris know if you have received an adequate response. 
  Because of the volume expected during this event, Haseeb and Chris might not be able to answer every question. Remember that you can continue the conversation in the Data Center community, subcommunity Unified Computing shortly after the event. This event lasts through September 27, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
  Webcast related links:
  Single-Site and Multisite FlexPod Infrastructure - Slides from live webcast
  Single-Site and Multisite FlexPod Infrastructure: FAQ from live webcast
  Single-Site and Multisite FlexPod Infrastructure - Video from live webcast

  I would suggest you read this white paper which details the pros and cons of direct connect storage. 
  http://www.cisco.com/en/US/partner/prod/collateral/ps10265/ps10276/whitepaper_c11-702584.html   This paper captures all the major design points for Ethernet and FC  protocols.
  I would only add that in FlexPod we are trying to create a highly  available solution and "flexible" solution; Nexus switching helps us  deliver on both with vPC and unified ports.
  NPV equats  to end-host mode which allows the system to present all of the servers  as N ports to the external fabric.  In this mode, the vHBAs are pinned  to the egress interfaces of the fabric interconnects.  This pinning  removes the potential of loops in the SAN fabric.  Host based multipathing of the  vHBAs account for potential uplink failures.  The NPV mode (end-host  mode) simplifies the attachment of UCS into the SAN fabric and that is  why it is in NPV mode by default.
  So for your last question, I will have to put my  Product Manager hat on so bear with me.   First off there is no drawback  to enabling the NPIV feature (none that I am aware of) the Nexus 5000  platform simply offers you a choice to design and support multiple FC  initiators (N-Ports) per F-Port via NPIV.  This allows for the  integration of the FI end-host mode described above.  I  imagine being a  unfied access layer switch, the Nexus team enabled standard Fibre  Channel switching capability and features first.  The implementatin of  NPIV is a customer choice based on their specific access layer  requirements.
  /Chris

• Ask the Expert: Scaling Data Center Networks with Cisco FabricPath

  With Hatim Badr and Iqbal Syed
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about the Cisco FabricPath with Cisco technical support experts Hatim Badr and Iqbal Syed. Cisco FabricPath is a Cisco NX-OS Software innovation combining the plug-and-play simplicity of Ethernet with the reliability and scalability of Layer 3 routing. Cisco FabricPath uses many of the best characteristics of traditional Layer 2 and Layer 3 technologies, combining them into a new control-plane and data-plane implementation that combines the immediately operational "plug-and-play" deployment model of a bridged spanning-tree environment with the stability, re-convergence characteristics, and ability to use multiple parallel paths typical of a Layer 3 routed environment. The result is a scalable, flexible, and highly available Ethernet fabric suitable for even the most demanding data center environments. Using FabricPath, you can build highly scalable Layer 2 multipath networks without the Spanning Tree Protocol. Such networks are particularly suitable for large virtualization deployments, private clouds, and high-performance computing (HPC) environments.
  This event will focus on technical support questions related to the benefits of Cisco FabricPath over STP or VPC based architectures, design options with FabricPath, migration to FabricPath from STP/VPC based networks and FabricPath design and implementation best practices.
  Hatim Badr is a Solutions Architect for Cisco Advanced Services in Toronto, where he supports Cisco customers across Canada as a specialist in Data Center architecture, design, and optimization projects. He has more than 12 years of experience in the networking industry. He holds CCIE (#14847) in Routing & Switching, CCDP and Cisco Data Center certifications.
  Iqbal Syed is a Technical Marketing Engineer for the Cisco Nexus 7000 Series of switches. He is responsible for product road-mapping and marketing the Nexus 7000 line of products with a focus on L2 technologies such as VPC & Cisco FabricPath and also helps customers with DC design and training. He also focuses on SP customers worldwide and helps promote N7K business within different SP segments. Syed has been with Cisco for more than 10 years, which includes experience in Cisco Advanced Services and the Cisco Technical Assistance Center. His experience ranges from reactive technical support to proactive engineering, design, and optimization. He holds CCIE (#24192) in Routing & Switching, CCDP, Cisco Data Center, and TOGAF (v9) certifications.
  Remember to use the rating system to let Hatim and Iqbal know if you have received an adequate response.  
  They might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Data Center sub-community Unified Computing discussion forum shortly after the event. This event lasts through Dec 7, 2012.. Visit this support forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Sarah,
  Thank you for your question.
  Spanning Tree Protocol is used to build a loop-free topology. Although Spanning Tree Protocol serves a critical function in these Layer 2 networks, it is also frequently the cause of a variety of problems, both operational and architectural.
  One important aspect of Spanning Tree Protocol behavior is its inability to use parallel forwarding paths. Spanning Tree Protocol forms a forwarding tree, rooted at a single device, along which all data-plane traffic must flow. The addition of parallel paths serves as a redundancy mechanism, but adding more than one such path has little benefit because Spanning Tree Protocol blocks any additional paths
  In addition, rooting the forwarding path at a single device results in suboptimal forwarding paths, as shown below, Although a direct connection may exist, it cannot be used because only one active forwarding path is allowed.
  Virtual PortChannel (vPC) technology partially mitigates the limitations of Spanning Tree Protocol. vPC allows a single Ethernet device to connect simultaneously to two discrete Cisco Nexus switches while treating these parallel connections as a single logical PortChannel interface. The result is active-active forwarding paths and the removal of Spanning Tree Protocol blocked links, delivering an effective way to use two parallel paths in the typical Layer 2 topologies used with Spanning Tree Protocol.
  vPC provides several benefits over a standard Spanning Tree Protocol such as elimination of blocker ports and both vPC switches can behave as active default gateway for first-hop redundancy protocols such as Hot Standby Router Protocol (HSRP): that is, traffic can be routed by either vPC peer switch.
  At the same time, however, many of the overall design constraints of a Spanning Tree Protocol network remain even when you deploy vPC such as
  1.     Although vPC provides active-active forwarding, only two active parallel paths are possible.
  2.     vPC offers no means by which VLANs can be extended, a critical limitation of traditional Spanning Tree Protocol designs.
  With Cisco FabricPath, you can create a flexible Ethernet fabric that eliminates many of the constraints of Spanning Tree Protocol. At the control plane, Cisco FabricPath uses a Shortest-Path First (SPF) routing protocol to determine reachability and selects the best path or paths to any given destination in the Cisco FabricPath domain. In addition, the Cisco FabricPath data plane introduces capabilities that help ensure that the network remains stable, and it provides scalable, hardware-based learning and forwarding capabilities not bound by software or CPU capacity.
  Benefits of deploying an Ethernet fabric based on Cisco FabricPath include:
  • Simplicity, reducing operating expenses
  – Cisco FabricPath is extremely simple to configure. In fact, the only necessary configuration consists of distinguishing the core ports, which link the switches, from the edge ports, where end devices are attached. There is no need to tune any parameter to get an optimal configuration, and switch addresses are assigned automatically.
  – A single control protocol is used for unicast forwarding, multicast forwarding, and VLAN pruning. The Cisco FabricPath solution requires less combined configuration than an equivalent Spanning Tree Protocol-based network, further reducing the overall management cost.
  – A device that does not support Cisco FabricPath can be attached redundantly to two separate Cisco FabricPath bridges with enhanced virtual PortChannel (vPC+) technology, providing an easy migration path. Just like vPC, vPC+ relies on PortChannel technology to provide multipathing and redundancy without resorting to Spanning Tree Protocol.
  Scalability based on proven technology
  – Cisco FabricPath uses a control protocol built on top of the powerful Intermediate System-to-Intermediate System (IS-IS) routing protocol, an industry standard that provides fast convergence and that has been proven to scale up to the largest service provider environments. Nevertheless, no specific knowledge of IS-IS is required in order to operate a Cisco FabricPath network.
  – Loop prevention and mitigation is available in the data plane, helping ensure safe forwarding that cannot be matched by any transparent bridging technology. The Cisco FabricPath frames include a time-to-live (TTL) field similar to the one used in IP, and a Reverse Path Forwarding (RPF) check is also applied.
  • Efficiency and high performance
  – Because equal-cost multipath (ECMP) can be used the data plane, the network can use all the links available between any two devices. The first-generation hardware supporting Cisco FabricPath can perform 16-way ECMP, which, when combined with 16-port 10-Gbps port channels, represents a potential bandwidth of 2.56 terabits per second (Tbps) between switches.
  – Frames are forwarded along the shortest path to their destination, reducing the latency of the exchanges between end stations compared to a spanning tree-based solution.
      – MAC addresses are learned selectively at the edge, allowing to scale the network beyond the limits of the MAC addr

• Ask the Expert: Plan, Design, and Implement Mobile Remote Access, the Cisco Collaboration Edge Architecture

  Welcome to the Cisco® Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about planning, designing, and implementing mobile remote access (Cisco Collaboration Edge Architecture) with Cisco subject matter experts Aashish Jolly and Abhijit Anand.
  Cisco Collaboration Edge Architecture is an architecture that provides VPN-less access of Cisco Unified Communications resources to Cisco Jabber® users. This discussion is dedicated to addressing questions about design best practices while implementing mobile remote access.
  For more information, refer to the Unified Communications Mobile and Remote Access via Cisco VCS deployment guide. 
  Aashish Jolly is a network consulting engineer who is currently serving as the Cisco Unified Communications consultant for the ExxonMobil Global account. Earlier at Cisco, he was part of the Cisco Technical Assistance Center (TAC), where he helped Cisco partners with installation, configuring, and troubleshooting Cisco Unified Communications products such as Cisco Unified Communications Manager and Manager Express, Cisco Unity® solutions, Cisco Unified Border Element, voice gateways and gatekeepers, and more. He has been associated with Cisco Unified Communications for more than seven years. He holds a bachelor of technology degree as well as Cisco CCIE® Voice (#18500), CCNP® Voice, and CCNA® certifications and VMware VCP5 and Red Hat RHCE certifications.
  Abhijit Singh Anand is a network consulting engineer with the Cisco Advanced Services field delivery team in New Delhi. His current role involves designing, implementing, and optimizing large-scale collaboration solutions for enterprise and defense customers. He has also been an engineer at the Cisco TAC. Having worked on multiple technologies including wireless and LAN switching, he has been associated with Cisco Unified Communications technologies since 2006. He holds a master’s degree in computer applications and multiple certifications, including CCIE Voice (#19590), RHCE, and CWSP and CWNP.
  Remember to use the rating system to let Aashish and Abhijit know if you have received an adequate response. 
  Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation on the Cisco Support Community Collaboration, Voice and Video page, in the Jabber Clients subcommunity, shortly after the event. This event lasts through June 20, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hi Marcelo,
     Yes, there are some requirements for certificates in Expressway.
  Expressway Core (Exp-C)
  - Can be signed by either External or Internal CA
  - Better to use a cluster name even if you start with 1 peer in Exp-C cluster. In the future, if more peers are added, changes would be minimal.
  - Better to use FQDN of cluster as CN of certificate, this way the traversal zone configuration on Expressway-E won't require any change even if new peers are added to Exp-C cluster.
  - If CUCM is mixed mode, include security profile names (in FQDN format) as Subject Alternate Names
  - The Chat Node Aliases that are configured on the IM and Presence servers. They will be required only for Unified Communications XMPP federation deployments that intend to use both TLS and group chat. (Note that Unified Communications XMPP federation will be supported in a future Expressway release). The Expressway-C automatically includes the chat node aliases in the CSR, providing it has discovered a set of IM&P servers.
  - For TLS b/w CUCM, IM-P & Exp-C
    + If using self-signed certificates on CUCM, IM/P. Load Cisco Tomcat, cup, cup-xmpp certificates from IM-P on Exp-C. Load callmanager, Cisco Tomcat certificates from CUCM on Exp-C.
    + If using Internal CA signed certificates on CUCM, IM/P. Load Root CA certificates on Exp-C.
    + Load CA certificate under tomcat-trust, cup-trust, cup-xmpp-trust on IM-P.
    + Load CA certificate under tomcat-trust, callmanager-trust on CUCM.
  Expressway Edge (Exp-E)
  - Signed by External CA
  - Configured Unified Communications domain as Subject Alternate Name
  - If using a cluster, select FQDN of this peer as CN and FQDN of Cluster + this peer as Subject Alternate Name.
  - If XMPP federation is being deployed, enter the same Chat Node Aliases as entered in Exp-C.
  For more details, please refer to the Certificate Creation Guide for Cisco Expressway x8.1.1
  http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Cisco-Expressway-Certificate-Creation-and-Use-Deployment-Guide-X8-1.pdf
  - Aashish