ASR 9001 management interfaces

Similar Messages

• Prime Network and ASR 9001

  I have Prime Network 4.0 and ASR 9001 with A9K-MPA-20x1GE and IOS XR 5.1.0. Prime connects to ASR9k with Telnet, SNMP and XML, status says reachable, operational. Updated prime to latest PrimeNetwork-4.0-DP1308.
  Still, Prime can not see any physical interfaces except MgmtEth (no on-board 4x10G, no 20x1G). Basically, nothing in Slot0.
  Can not see any VRFs and BNG functionality configured in VRF.
  Only single static route in routing table (does not show connected routes in global routing table)
  What can it be?
  Is it me not configuring something, or Prime Network should not be seeing this things?
  George

  I assume you are asking about Cisco Prime LAN Management System (LMS) vs. Cisco Prime Infrastructure (PI).
  LMS is currently the leading Cisco offering for wired infrastructure management. It is the evolution of the earlier CiscoWorks LMS, CiscoWorks RWAN CiscoWorks 2000, CWSI, VLAN Director, original CiscoWorks classic etc. products going back almost 20 years.
  PI is the equivalent Cisco offering for wireless LANs and is the successor to NCS and WCS products.
  The overlap and confusion comes from the fact the Cisco is positioning PI as the overall wireless and wired management platform and gradually introducing wired network management features to make it equal (and eventually exceed) LMS's capabilities.
  There is a comparison table here that shows the current differences. A major new release of PI (2.0) is due out shortly which will close many (but not all) of the gaps on that table.

• ASR-9001 - XR_434 - HSRP

  How many HSRP / Subinterfaces will be recomend to be the max in a Teng. port for an ASR-9001.
  If i have over 500, what will be the configuration best practice?
  I have seen Multiple Group Optimization (MGO) for HSRP as an option, but i dont have a clear example of how to configure it on XR.

  In spanish ¡¡ APLAUSOS !!
  Also i take a look on Struc 33 of the NP, and the max entries change from 1024 to 8192
  router hsrp
   interface TenGigE0/0/0/3
    address-family ipv4
     hsrp 4094
      name PRINCIPAL
      priority 110
      track object PRUEBA_1 40
   interface TenGigE0/0/0/3.2
    address-family ipv4
     hsrp 2 slave
      follow PRINCIPAL
      address 198.18.0.1
   interface TenGigE0/0/0/3.3
    address-family ipv4
     hsrp 3 slave
      follow PRINCIPAL
      address 198.18.0.9
  RP/0/RSP0/CPU0:ASR-9001_1#sh hsrp br
  Wed Mar 25 02:13:58.791 MEX
  IPv4 Groups:
                          P indicates configured to preempt.
                          |
  Interface      Grp  Pri P State   Active addr     Standby addr   Group addr    
  Te0/0/0/3      4094  70   Init    unknown         unknown        unknown       
  Te0/0/0/3.2       2 sla   Init    unknown         unknown        198.18.0.1    
  Te0/0/0/3.3       3 sla   Init    unknown         unknown        198.18.0.9  
  RP/0/RSP0/CPU0:ASR-9001_1#show controllers np struct 33 np0 location 0/0/CPU0
  Wed Mar 25 02:14:30.375 MEX
                  Node: 0/0/CPU0:
  NP: 0  Struct 33: VRRP_MAC  
  Struct is a PHYSICAL entity
  Reserved Entries: 0, Used Entries: 6, Max Entries: 8192
  Tks!!!!

• ASR 1006 vs ASR 9001

  Hi All:
  I would appreciate if someone can share their lifetime experience and suggest me to finalize the right product between ASR 1006 or ASR 9001.
  Requirements:
  - We need full internet feed with IPv4 and IPv6.
  -10 G & STM-16 interfaces for connectivity.
  - 10 Gbps traffic need to be handled by the box.
  - MPLS L3/L2 VPN's
  I personally after going through IOS-XR feature, prefer this.
  Need some expert thoughts in the light of real world experience.
  Regards,

  Hi Sayed,
  ASR 9001 does not support STM-16 interfaces. It is purely 1 GE/10 GE platform.
  If you are looking for an XR platform that supports STM-16 interfaces, you need to go with the 9006 (or 9904) , RSP-440, SIP-700 and POS SPA (for STM) and Typhoon 10GE linecard. (with Trident you might face an issue for the number of learned prefixes depending on the scale profile you choose: http://www.cisco.com/c/en/us/support/docs/routers/asr-9000-series-aggregation-services-routers/116999-problem-line-card-00.html)
  If you decide to go with the ASR 1006, make sure you choose dual RP2 ( with 16GB mem), ESP-100 (or ESP-200) and SIP40. This should eliminate the TCAM exhaustion issue, if you decide to do NAT and ACL.; and guarantee and route-scale that might occur. (for the ASR 1000, I would recommend upgrading all of the memories)
  HTH,
  Michel.

• ASR 9001 Licensing

  Hi,
  I want to use the nV feature to cluster 2 ASR 9001.
  For that I will need to add the A9K-NV-CLUSTR-LIC license.
  What would the A9K-NVSAT5-LIC do for me? (nV Host License for up to 5 nV clients) I would need it to cluster my 2 ASR 9001?
  I would also like to know if I would require the L-A9K-9001OPT-LIC= (ASR 9001 Advanced Optical License) in order to use 10Gbps fiber connections. What does this license provide to my ASR 9001?
  Thanks a lot for the help.
  Regards,
  J

  Hi.
  Let me answer your questions. I wrote an article about licensing on ASR 9000 - http://blog.netfi.co/cisco-asr-9000-licensing/
  1. nV Licensing
  A9K-NV-CLUSTR-LIC is for nV Edge
  A9K-NVSAT5-LIC allows you to connect 5 satellites (9000v, 901 or 903).
  Additionaly you need appropriate license on ASR 901 or ASR 903. ASR 9000v doesn't require any additional license. More about it in my article.
  2. L-A9K-9001OPT-LIC=
  You don't need this license to use 10G links. It allows you to configure G.709/ONT on 10G interfaces.

• ASR 9001 temperature threshold

  Hi, we have a couple of ASR 9001.
  The threshold value on our managment sytem for the temperature is 45 C.This value seems to be too low to me
  Does anyone know the temperature threshold of the ASR 9001 Router?
  I found nothing in the documents.
  br, Peter

  Hi Sam,
  you misunderstand me.
  What I am looking for is the threshhold for alarms.
  like this example from a N5k
  show environment temperature
  Temperature
  Module   Sensor     MajorThresh   MinorThres           CurTemp     Status
                                (Celsius)           (Celsius)              (Celsius)        
  1        Outlet             67                      58                     47                    ok  
  At which temperatur logs/sends the router the MinorThres alarm, and of course the MajorThresh alarm?
  br, Peter

• ASR 9001 QoS Capabilities

  Hello,
  As I understood, ASR 9001 has integrated 4 onboard 10 GB interfaces and two Line Card slots. It has MOD 80 architecture.
  Onboard 10 Gb interfaces has same QoS capabilities as MOD TR modular line cards. ( 8 queues per port and etc)
  What about the two Line Card Slots? If I use A9K-MPA-20x1GE, A9K-MPA-2x10GE or A9K-MPA-4x10GE line card , which QoS specifications I will have? Like MOD SE or MOD TR?  As I know, these line cards has SE functions on the ASR 9001/9001S. Does it mean more than 8 queues per port? Can I terminate Pseudowire Headend on these interfaces and use QoS on them?
  Regards,
  Guner

  Noup, the ingress / egress counters keep in 0, some times ARP complete sometimes it dont.
  The router crash traing to do an OIR.
  RP/0/RSP0/CPU0:ASR-9001#admin show inst act summ
  Default Profile:
    SDRs:
      Owner
    Active Packages:
      disk0:asr9k-mini-px-4.3.4
      disk0:asr9k-k9sec-px-4.3.4
      disk0:asr9k-mcast-px-4.3.4
      disk0:asr9k-optic-px-4.3.4
      disk0:asr9k-fpd-px-4.3.4
      disk0:asr9k-doc-px-4.3.4
      disk0:asr9k-mpls-px-4.3.4
      disk0:asr9k-px-4.3.4.CSCul58246-1.0.0
      disk0:asr9k-px-4.3.4.CSCui94441-1.0.0
      disk0:asr9k-px-4.3.4.CSCug75299-1.0.0
      disk0:asr9k-px-4.3.4.CSCuj01579-1.0.0
      disk0:asr9k-px-4.3.4.CSCum51429-1.0.0

• ASA 5515 management interface

  I started to configure a new ASA 5515 to replace an 5510.  When I attempted to remove the "management-only" command from the Management0/0 interface I was greeted with the following error:
  "ERROR: It is not allowed to make changes to this option for management interface on this platform."
  Does this mean we can't use the managment interface anymore on these newer ASAs?  I was planning on using that port when we bought it.  If this is the case, let this be a warning to whoever is counting the managment port as a 7th interface on the 5515!

  Update: I just found out that you can't use the management interface for failover purposes either.     Argggggg.
  "Management interface cannot be configured for failover on this platform."

• Home Hub 3.0B Management interface unresponsive.

  This month (2 weeks ago) I upgraded to Infinity 2 and got a new Home Hub 3.0 Type B.
  I was able to get it all working as I wanted to - home network using 172.16.0.1/23 (because of conflicts with vpning into work which already routes 192.168./16 and 10./8)
  However, often, very often, trying to access the Hub web interface on 172.16.0.1 or via bthomehub.home simply fails to respond. Regardless of the browser, or me using telnet to simulate a HTTP call.
  #host bthomehub.home 172.16.0.1
  Using domain server:
  Name: 172.16.0.1
  Address: 172.16.0.1#53
  Aliases:
  bthomehub.home has address 172.16.0.1
  # telnet 172.16.0.1 80
  Trying 172.16.0.1...
  Connected to 172.16.0.1.
  Escape character is '^]'.
  GET /
  And it just hangs.
  Even though the web management interface is unresponsive, the internet seems to work ok, though wifi is sporadic.
  Rebooting the hub doesn't seem to help.  I read some reports of badly fitted heatsinks on these Type B's - so could mine be over heating and causing this lock up?  If I leave it and try again in a few hours it may work again.  Yesterday the internet connection dropped twice and when I was able to login to the web interface, the Event log showed that the hub had spontaneously rebooted itself.
  Do I have a bad home hub?

  Hi pgregg,
  Have you tried a full reset of the hub yet? Not just a reboot?
  Chris
  BT Mod Team.
  If you like a post, or want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side of the post.
  If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.

• WLC Duplicate IP address detected for AP-Manager Interface

  I am getting an error log in the WLC saying, its IP address is duplicate by another machine with MAC address A.B.C.D
  But this MAC address A.B.C.D is the MAC address of the AP-Manager Interface in the same controller.
  Model No.                   AIR-WLC2106-K9
  Software Version                 7.0.116.0
  %LWAPP-3-DUP_IP: spam_lrad.c:27626 Adding client 58:b0:35:83:72:86 to  exclusion list due to IP Address conflict with AP 'AP_DUXO_3'
  %LWAPP-3-DUP_AP_IP: spam_lrad.c:27612 Duplicate IP address  detected for AP AP_DUXO_3, IP address of AP  10.184.1.224, this is a  duplicate of IP on another machine (MAC address 58:b0:35:83:72:86)
  Cisco AP Identifier.............................. 1
  Cisco AP Name.................................... AP_DUXO_3
  Country code..................................... US  - United States
  Regulatory Domain allowed by Country............. 802.11bg:-A     802.11a:-A
  AP Country code.................................. US  - United States
  AP Regulatory Domain............................. 802.11bg:-A    802.11a:-N
  Switch Port Number .............................. 1
  MAC Address...................................... cc:ef:48:1a:e4:af
  IP Address Configuration......................... Static IP assigned
  IP Address....................................... 10.184.1.224
  IP NetMask....................................... 255.255.0.0
  Gateway IP Addr.................................. 10.184.20.2
  Domain...........................................
  Name Server......................................
  NAT External IP Address.......................... None
  CAPWAP Path MTU.................................. 1485
  Telnet State..................................... Enabled
  Ssh State........................................ Disabled
  Cisco AP Location................................ DUXO_BOX
  Cisco AP Group Name.............................. default-group
  Does anyone have an issue like this ?

  Are you sure this MAC address 58:b0:35:83:72:86 isn't some type of Apple device?  Its OUI is registered to apple.  How do clients get ip addresses DHCP?  It appears that the IP 10.184.1.224 is statically assigned to your ap-manager and that this client 58:b0:35:83:72:86 is either getting that same IP from DHCP or the client is statically assigning it themselves. 

• I accidently deleted my ap-manager interface How can I get it back? WLC440

  I accidently deleted my ap-manager interface How can I get it back? WLC4400
  Thanks in advance..
  admin_users 1 301 10.147.1.8 Dynamic No
  hvac 1 268 172.19.15.8 Dynamic No
  management 1 447 10.147.8.8 Static No
  nwlan 1 862 10.147.6.8 Dynamic No
  service-port N/A N/A 192.168.168.200 Static No
  switch mgmt 1 1 192.168.15.8 Dynamic No
  virtual N/A N/A 1.1.1.1 Static No
  voice 1 860 10.147.4.8 Dynamic No

  Take a look at this documentation:
  http://www.cisco.com/en/US/docs/wireless/controller/5.2/configuration/guide/c52mint.html#wpmkr1159694
  It should help with creating ap-manager interfaces.

• Standard Asynchronous ES for Quality Management interface

  Hi,
  Synchronous standard ES is available for Quality Management interfaces under ES bundle. 
  Could you please suggest if there is any standard Asynchronous ES available for above QM interfaces like Inspection plan, Inspection results and Usage Decision.
  Br,
  Madan

  Dear Hummel
  This link required SAP ID and use less for those who do not have S User ID's.
  further more.... could you please differentiate Stand SAP QM process compare to QM process in  RDS?

• WLC to use Management Interface & Few more getting started Questions

  Hello,
  I'm yet to implement the Wireless LAN in one of our client's corporate office. There 40 x 1130AG LWAPP AP's and 4404 WLC with ACS 4.x for the Authentication of the Wireless Clients who is trying to access the LAN.
  For the WLC to connect to the Dual Core Switch, i need to use only one Management Interface with Distribution System port 1 being the Primary and mapping the DS Port 2 as the Backup port for the Management Interface. Is this Right? or do i have configure Dynamic Interfaces as well. Is management interface for accessing / management and configuration only? Management Interface will communicate with ACS for AAA and AP's who would like to associate with the WLC, is this Right?
  Note: WLC, AP's, Wireless Clients & AP's are in the same IP Subnet.
  Few other question of WLAN's so it helps me during implementation -
  • Can I use the 802.1x Authentication application found in the Windows XP for the Wireless Interface; instead of Cisco Client Application. For this; I have to configure the WLC / Wireless Client to use EAP algorithm; is this Right?
  • With the help of RRM, the channel interference between multiple AP's (3 - 4 AP's) in the same area is controlled by the WLC by changing the Channels used by the AP which is not same on all the AP's. Is this right?
  • How many Client Users will connect per Channels. 802.11 a / g will provide 11 Channels, is this Right?.
  • I'm trying to set in the WLC to limit the Client connections per AP to 25, can this be achieved?
  Please, can anyone help me in calrifying the above points.
  Regards,
  Keshava Raju

  Many Thanks Mr. Dennis for your help & Clarification.
  With ref to your reply point no# 1. I have actually planned to connect one Gig port of the controller to each of the Dual Cisco Core Switch setup. Can i use all 4 Controller Interfaces configured as LAG and Port 1 & 2 connecting to Core Switch 01 and Port 3 & 4 connecting to Core Switch 02?
  I have Final two more questions, Request you to help me calrifying this?
  • I'm willing to configure Multicast communication between the WLC & AP's. For this configuration is it necessary to Connect the WLC in a different VLAN than the VLAN of the AP's. Is it necessary that I have to set the controller to LWAPP Layer 3 mode to support the Multicast communication?
  • Though I do not have implementation experience of the WLAN. My understanding of the Interface settings on the WLC - is I will have to configure one Management Interface for in-band management. Do I have to configure AP-Manager Interface (to support Multicast communication) and to make the WLC to communicate with ACS for Client Authentication. All of the Wireless Devices including the ACS are in one VLAN / IP Subnet, is only one Management Interface is enough for communicating with AP's (with Multicast) and communicating with ACS for forwarding the Authentication messages between the ACS & Wireless Clients?

• Setting management interface WLC 7.4.121.0

  Hello.
  I have a problem setting Management interface IP in new controller 5508. I get the error "Error in setting management interface IP".I can not place a management controller IP.
  Starting IPv6 Services: ok
  Starting Config Sync Manager : ok
  Starting Hotspot Services: ok
  Starting PMIP Services: ok
  Starting Portal Server Services: ok
  Starting mDNS Services: ok
  Starting Management Services: 
     Web Server:    CLI: ok
     Secure Web: Web Authentication Certificate not found (error). If you cannot access management interface via HTTPS please reconfigure Virtual Interface.
     License Agent: ok
  (Cisco Controller) 
  Welcome to the Cisco Wizard Configuration Tool
  Use the '-' character to backup
  Would you like to terminate autoinstall? [yes]: -
  Invalid response
  Would you like to terminate autoinstall? [yes]: no
  System Name [Cisco_bf:dd:c4] (31 characters max): 
  AUTO-INSTALL: process terminated -- no configuration loaded
  Enter Administrative User Name (24 characters max): admin
  Enter Administrative Password (3 to 24 characters): ********
  Re-enter Administrative Password                 : ********
  Service Interface IP Address Configuration [static][DHCP]: none
  Service Interface IP Address: 1.1.1.1
  Service Interface Netmask: 255.255.255.0
  Enable Link Aggregation (LAG) [yes][NO]: no
  Management Interface IP Address: 192.168.10.1
  Management Interface Netmask: 255.255.255.0
  Management Interface Default Router: 192.168.10.10
  Error in setting management interface IP 
  Management Interface IP Address: 10.10.10.1
  Management Interface Netmask: 255.255.255.0
  Management Interface Default Router: 10.10.10.100
  Error in setting management interface IP 
  Management Interface IP Address: 
  Does anyone faced this issue?
  Thanks. 

  Hi,
  Try these:
  1. With the WLC, Please set flow control(in SecureCRT or hperterminal) to none. Once the changes are made, CLI will start working as usual.
   2. Another  common reason can be related to the virtual interface configuration of the controller. In order to resolve this problem, remove the virtual interface and then re-generate it with this command:
  WLC>config interface address virtual 1.1.1.1
  Then, reboot the controller. After the controller is rebooted, re-generate the webauth certificate locally on the controller with this command:
  WLC>config certificate generate webauth
  In the output of this command, you should see this message: Web Authentication certificate has been generated.
  Now, you should be able to access the secure web mode of the controller upon reboot.
  3. Try to use some diff IP address for service interface don't use 1.1.1.1.
  Regards
  Dont forget to rate helpful posts

• Mobility group only works using management interface?

  Hello,  in order to stablish the control traffic between 2 WLC-5508, it's necessary to use the management interface??
  It's possible using a dynamic interface o service port ?
  I think it only works with management interface,  but I don't understand the meaning of this text in the Configuration Manual:
  "Mobility control packets can use any interface address as the source, based on routing table."
  Thank you,

  No... mobility communication is done only with the management interface.
  Thanks,
  Scott
  *****Help out other by using the rating system and marking answered questions as "Answered"*****