Dual asr 9006 cluster
Hi expert,
I have two asr 9006. I'm using dual rsp on router. I'm using Cisco IOS XR Software, Version 4.1.2.
I want to use two asr 9006 to cluster. But How can do this? I can't find documents on the cisco web site or internet.
Hi Umit,
SW requirement
•Supported since 4.2.1
•Requires cluster software license on each chassis
HW requirement – Chassis
•Only ASR 9006 and 9010 are supported in 4.2.x
•ASR 9001 is supported starting in 4.3.0
•ASR 9001-S and 9922 are supported starting in 4.3.1
•ASR 9904 and 9912 are supported starting in 5.1.1
•Only like-like chassis are supported
HW requirement – Line card and RSP
•Dual RSP440 for 9006/9010/9904
•Dual RP for 9912/9922
•Single RSP 9001/9001-S
•No RSP-4/8G support
•Only Typhoon LC and SIP-700 allowed to boot
•Only Typhoon LC support IRL
•VSM/ISM not supported
We have more information on nV Edge posted here
https://supportforums.cisco.com/docs/DOC-34114
HTH,
Sam
Similar Messages
-
ASR 9006 to 6509 1 gig fiber connection
I have an ASR 9006 with a SFP-GE-L connecting to a Cisco 6500. The link shows up on the ASR side but not on the 6500 side. If I move the SFP from the ASR to a
different 6500 chassis the connection works so I know the SFP is working.
Any ideas on making this link work?The issue ended up being a negotiation issue. Apparently IOS-XR is set for nonegotiate disabled by default and IOS is enabled by default.
The fix being to put "speed nonegotiate" on the IOS side interfaces and it came up -
STM1 Back-to-Back Between ASR 9006 and ASR 903
Dear Gents,
Seeking your usual support to aid me to connect STM1 Back-to-Back between ASR 9006 and ASR 903.
I have ASR 9006 comes with SPA-4XOC3-POS-V2 and SFP-OC3-MM using XR-A9K-PXK9-04.03 IOS-XR.
Also I have ASR 903 comes with A900-IMA4OS interface module with ONS-SI-155-SR-MM SFP using SASR903R1NPEK9-38S IOS-XE.
I'm using Multi Mode fiber cable between them and the interfaces never came UP UP.
Below the configuration i did to both sides.
ASR 903 configuration:
ASR903#sh run | sec contro
controller SONET 0/0/0
framing sdh
clock source internal
aug mapping au-4
au-4 1 pos
interfaces POS0/0/0.1
ip address 10.10.10.2 255.255.255.252
ASR 9006 configuration
ASR9006#sh running-config controller soNET 0/1/0/0
controller SONET0/1/0/0
framing sdh
clock source internal
interface POS0/1/0/0
ipv4 address 10.10.10.1 255.255.255.252
Thanks in advance.I think your 900 is running in an oc12/stm4 mode (as you seem to subrate the sonet controller), so they have a speed mismatch already although it looks like you're using the right STM1 optic.
also one side you will want to have use clock from line while the other internal, otherwise you'll get a lot of clock slips.
cheers
xander -
Cisco ASR 9006 IOS XR 4.3.0 aaa authorization
Hi,
I've configured two Cisco ASR 9006 with IOS XR 4.3.0 with the aaa. I've a problem with the authorization statement.
I need to distiguish two groups.
Network Administrator (Full access, show, configuration etc etc)
Network Viewer (Users in this group can use only the show command)
I cannot find anything clear on the documentation. Can you help me?
Below the actual configuration (without authorization)
tacacs source-interface Loopback0 vrf default
tacacs-server host 10.10.10.1 port 49
tacacs-server key 7 XXXXXXXXXX
tacacs-server timeout 10
username emergency
group netadmin
password 7 XXXXXXXXXXXXXXX
aaa accounting exec default start-stop group ACS
aaa accounting system default start-stop group ACS
aaa group server tacacs+ ACS
server 10.10.10.1
aaa authentication login default group ACS local
I have configured two Shell Command Authorization Sets in my ACS. One for ReadOnly and one for Full Access.
The ReadOnly Group (called AccessoSolaLettura) is on the attacched png called asr_1.PNG
The Full Access Group (called AccessCompleto) is on the attached png called asr_2.PNG
I associated this Shell Authorization sets to two users group. (Network Administrator and Network Viewer).
The first one with Level 15 and the second one with Level 7. (Attached file ACS_1.png and ACS_2.png)
Can you tell me if the ACS configuration is right and which configuration is needed on the ASR?
The ACS Release is 4.2(0) Build 124.
Tnx
LeonardoHi Leonardo,
In XR we have the concept of tasks and taskgroup for determining what a user can do, and we recommend using this. For tasks we have the read/write/execute/debug permissions.
For instance to run 'show bgp summary' we need the read permission on the task BGP. Instead of assigning individual permissions per user we can create a taskgroup and the user can inherit everything from a taskgroup.
So for instance we can add read BGP, read OSPF, and read system to the taskgroup test. We can then have the user inherit the taskgroup test and get all the permissions that taskgroup has. We can inherit multiple tasks and taskgroups.
In addition we have some predefined task groups (for the full access user you will want the cisco-support and root-system taskgroups).
You can find some more information in the following posts
http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-3/security/configuration/guide/b_syssec_cg43xasr9k/b_syssec_cg43asr9k_chapter_010.html
https://supportforums.cisco.com/docs/DOC-15944
HTH,
Sam -
Hello All,
I am configuring Netflow on ASR 9006 IOS-XR. I need to be able to specify specify flow records (basically flexible Netflow) and configure flow aggregation based on destination prefix. This is not possible with the device.
I will be glad if anyone could help with this challenge.
Thanks.Hi Leonardo,
In XR we have the concept of tasks and taskgroup for determining what a user can do, and we recommend using this. For tasks we have the read/write/execute/debug permissions.
For instance to run 'show bgp summary' we need the read permission on the task BGP. Instead of assigning individual permissions per user we can create a taskgroup and the user can inherit everything from a taskgroup.
So for instance we can add read BGP, read OSPF, and read system to the taskgroup test. We can then have the user inherit the taskgroup test and get all the permissions that taskgroup has. We can inherit multiple tasks and taskgroups.
In addition we have some predefined task groups (for the full access user you will want the cisco-support and root-system taskgroups).
You can find some more information in the following posts
http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-3/security/configuration/guide/b_syssec_cg43xasr9k/b_syssec_cg43asr9k_chapter_010.html
https://supportforums.cisco.com/docs/DOC-15944
HTH,
Sam -
ASR 9001 Cluster (Nv)
Dear ASR9000 experts,
If using 2 x ASR9001 with the Cluster technology (starting on the 4.3.0) can we assume that we can achieve processor redundancy ? For instance, if the active RP on the ASR9001 #1 fails can we assume that the standby RP on the ASR9001 #2 will assume the job in hands and that LC on the #1 and #2 chassis will continue forwarding NSR style ?
Thanks !Hi Sam
I'm using XR 4.3.2 on two ASR9001. I've connected the cluster ports with GLC-SX-MMD in Port 0 and SFP-10G-SR in Port 1. They both work. You cannot see them in show inventory (not even in show inventory raw).
RP/0/RSP0/CPU0:Jan 7 00:40:44.150 : cluster_clm_rp[166]: %PLATFORM-CLUSTER_CLM-6-UPDN : Interface 14 (Clustering Port0) is Up
RP/1/RSP0/CPU0:Jan 7 00:42:46.744 : cluster_clm_rp[166]: %PLATFORM-CLUSTER_CLM-6-UPDN : Interface 14 (Clustering Port0) is Up
RP/0/RSP0/CPU0:Jan 7 00:51:35.519 : cluster_clm_rp[166]: %PLATFORM-CLUSTER_CLM-6-UPDN : Interface 15 (Clustering Port1) is Up
RP/1/RSP0/CPU0:Jan 7 00:51:37.944 : cluster_clm_rp[166]: %PLATFORM-CLUSTER_CLM-6-UPDN : Interface 15 (Clustering Port1) is Up
The good news is that GLC-SX-MMD is working!
Thanks, kind regards,
Edi -
With Xander Thuijs
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn how to Cisco ASR 9000 Series Aggregation Services Routers with Cisco expert Xander Thuijs. The Cisco ASR 9000 Series Aggregation Services Routers product family offers a significant added value compared to the prior generations of carrier Ethernet routing offerings. The Cisco ASR 9000 Series is an operationally simple, future-optimized platform using next-generation hardware and software. The ASR 9000 platform family is composed of the Cisco ASR 9010 Router, the Cisco ASR 9006 Router, the Cisco ASR 9922 Router, Cisco ASR 9001 Router and the Cisco ASR 9000v Router.
This is a continuation of the live Webcast.
Xander Thuijs is a principal engineer for the Cisco ASR 9000 Series and Cisco IOS-XR product family at Cisco. He is an expert and advisor in many technology areas, including IP routing, WAN, WAN switching, MPLS, multicast, BNG, ISDN, VoIP, Carrier Ethernet, System Architecture, network design and many others. He has more than 20 years of industry experience in carrier Ethernet, carrier routing, and network access technologies. Xander holds a dual CCIE certification (number 6775) in service provider and voice technologies. He has a master of science degree in electrical engineering from Hogeschool van University in Amsterdam.
Remember to use the rating system to let Xander know if you have received an adequate response.
Xander might not be able to answer each question because of the volume expected during this event. Remember that you can continue the conversation on the Service Providers community XR OS And Platforms shortly after the event. This event lasts through Friday, May 24, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
Webcast related links:
Slides
Webcast Video Recording
FAQIs there a Cisco lab available for ASR 9000
we have "XR4U" stations coming available soon when XR 511 comes alive. The plan is for a downloadable play image like that. In the interim we have 2 demo systems available, and they can be booked via your account manager representative.
How will MOD160 perform with multiple 9000NVS?
very well. the mod 160 has 4 NPU's, 2 per bay. So if you have a 4x10 MPA to serve a satellite, you effectively have a single NPU per 20 1Gigs from the satellite. The pps performance will be stellar. However it might be price technically more ideal to connect satellite with a 36x10. Since the MOD-x has native MPA's with 1G also.
2. Is there a shortcut for a Bundle-EthernetX interface, such as port-channel interface (poX), in Cisco IOS® ?.
usability enhancement is there, we are trying to push this into a new reasonable release. follow CSCuh04526
3. What is the revolutions per minute (RPM) on these hard disk drives (HDDs) compared to the solid state drives (SDDs)? Will the spinning drives be slow?
depends on the type we had avaialble at time of production, you will see different sizes and disks on the RSP2. the rpm of the HD is not so much an issue as much as the buffered writing we used to do in XR. This is fixed up with XR43 where the disk writing performance is much better. the HD/SDD is used for logging storage only (and maybe your pictures) but other then that we're not that concerned with write perf of the HD.
regards
xander -
Any experience with NFS failover in Sun Cluster?
Hello,
I am planning to install dual-node Sun Cluster for NFS failover configuration. The SAN storage is shared between nodes via Fibre Channel. The NFS shares will be manually assigned to nodes and should fail over / takeback between nodes.
Is this setup tested well? How the NFS clients survive the failover (without "stale NFS handle" errrors)? Does it work smoothly for Solaris,Linux,FreeBSD clients?
Please share your experience.
TIA,
-- LeonMy 3 year old linux installtion on my laptop, which is my NFS client most of the time uses udp as default (kernel 2.4.19).
Anyway the key is that the NFS client, or better, the RPC implementation on the client is intelligent enough to detect a failed TCP connection and tries to reestablish it with the same IP address. Now once the cluster has failed over the logical IP the reconnect will be successful and NFS traffic continues as if nothing bad had happened. This only(!) works if the NFS mount was done with the "hard" option. Only this makes the client retry the connection.
Other "dumb" TCP based applications might not retry and thus would need manual intervention.
Regarding UFS or PxFS, it does not make a difference. NFS does not know the difference. It shares a mount point.
Hope that helped. -
VSM with NAT Between two ASR routers
We are new to the ASR platform and IOS XR. We have two new ASR 9006's with the VSM module. These two routers are not yet in production so we can play around with them. We will be moving the NAT functionality from our firewalls to these two routers. Is it possible for these two routers to share NAT translations? It is entirely possible that outbound traffic could be NAT'ed out one of these ASR's and the return traffic come through the other ASR. In this scenario how is the NAT translation handled? I've not had much luck finding documentation on this specific topic.
Thanks,
MarcHi,
To my understanding its not possible to connect to an ASA interface through interface other than the interface where the IP address is located.
In other words you are not able to connect from behind "inside" to the IP address of "mgmt" interface
I will try to find you a link to some Cisco documentation stating this. (I have never really had to find it though)
- Jouni -
BGP Next-hop conflict with MPLS Label.
Hi, Experts
Equipment: Cisco ASR9922, IOS-XR 4.3.2
Issue: I have problem that my RR do the next-hop-self by using route-policy for client routers, the next-hop is changed as intended but the MPLS label doesn’t changed to reflect the new next-hop.
What I would like to achieve: I would like RR to set next-hop-self only for selected prefixes(172.168.0.0/24, 0.0.0.0/0) but maintain original next-hop for the rest, I do this by using route-policy.
Detail:
I have routers running MPLS infrastructure with ASR9922 as an RR. RN router is in neighbor-group RN and CPE-xx routers are in neighbor-group AN.
•- Every routers are in same BGP AS64549.
•- RN sends prefixes 0.0.0.0/0 and 172.168.0.0/24 to RR.
•- CPE-25 sends prefix 192.168.25.1/32 to RR.
Neighbor-group AN has the route-policy AN-OUT2 to set next-hop of prefix 172.168.0.0/24 and 0.0.0.0/0 to RR#loopback1 before send out update to CPE routers. Below is BGP and RPL configuration at RR.
router bgp 64549
nsr
bgp graceful-restart
ibgp policy out enforce-modifications
address-family vpnv4 unicast
additional-paths receive
additional-paths send
additional-paths selection route-policy ADD-PATH-iBGP
retain route-target all
neighbor-group AN
remote-as 64549
cluster-id 172.16.1.11
update-source Loopback1
address-family vpnv4 unicast
route-reflector-client
route-policy AN-OUT2 out
soft-reconfiguration inbound
route-policy AN-OUT2
if destination in DEFAULT or destination in RNC then
set next-hop 192.168.10.11
else
pass
endif
end-policy
This is what RR advertises to CPE-24
RP/0/RP0/CPU0:RR#show bgp vpnv4 unicast neighbors 192.168.10.24 advertised-routes
Fri Dec 20 15:23:14.931 BKK
Network Next Hop From AS Path
Route Distinguisher: 64549:3339
0.0.0.0/0 192.168.10.11 172.16.1.1 ?
172.16.1.2 ?
172.168.0.0/24 192.168.10.11 172.16.1.1 ?
172.16.1.2 ?
192.168.0.1/32 192.168.10.11 192.168.10.24 i
192.168.0.26/32 192.168.10.26 192.168.10.26 i
192.168.25.1/32 192.168.10.25 192.168.10.25 i
192.168.211.8/30 192.168.10.22 192.168.10.22 i
The IP part works as intended but MPLS Label doesn’t work as intended. Please take a look at RN who is originates 172.168.0.0/24, label 16025 is locally assigned.
RP/0/RP0/CPU0:RN1#show bgp vpnv4 unicast labels
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 64549:3339 (default for vrf VLAN3339)
*> 0.0.0.0/0 0.0.0.0 nolabel 16025
* i 172.16.1.11 16068 16025
* i 172.16.1.13 16033 16025
*> 172.168.0.0/24 0.0.0.0 nolabel 16025
* i 172.16.1.11 16059 16025
* i 172.16.1.13 16024 16025
172.168.0.0/24 at RR, label 16059 is locally assigned, label 16025 is receive from RN router. It should send 172.168.0.0/24 with label 16059 to CPE-24 to reflect next-hop changed.
RP/0/RSP0/CPU0:RR#show bgp vpnv4 unicast labels
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 64549:3339
*>i0.0.0.0/0 172.16.1.1 16025 16068
* i 172.16.1.2 16007 16068
*>i172.168.0.0/24 172.16.1.1 16025 16059
* i 172.16.1.2 16007 16059
*>i192.168.0.1/32 192.168.10.24 131070 16060
*>i192.168.25.1/32 192.168.10.25 131070 16062
*>i192.168.211.8/30 192.168.10.22 131070 16065
What I found at CPE-24 which is Alcatel router is that, RR send prefix 172.168.0.0/24, nh 192.168.10.11 with label 16025 which is incorrect.
A:CPE-24# show router bgp routes vpn-ipv4 172.168.0.0/24
===============================================================================
BGP Router ID:192.168.10.24 AS:64549 Local AS:64549
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best, b - backup
===============================================================================
BGP VPN-IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop Path-Id VPNLabel
As-Path
u*>? 64549:3339:172.168.0.0/24 100 0
192.168.10.11 None 16025
No As-Path
Routes : 1
===============================================================================
On RR If I just remove the policy and do the next-hop-self under vpv4 address family, CPE-24 will get corrent nh with correct label(16059) but that won’t achieve our requirement to change nh only on selected prefixes. Is this software problem? Or is there any solution to work around?
Regard,
MaritHello Marit,
I am able to recreate this in the lab, and unfortunately this scenario is not supported. BGP does not advertise allocated label if we set nexhop using route policy. The only way is by next-hop-self configured on RR, and yes it eventually will applies to all prefixes advertised to neighbor-group AN. Currently i do not have workaround available.
Below is the capture of what i have tested in the lab:
The topology:
CRS-4-02 ---------- CRS-8-01 ------------ ASR-9006-1
CRS-8-01 is Route-reflector of CRS-4-02 and ASR-9006-1.
CRS-4-02 advertise some prefixes.
This issue occurs when RR have route-policy toward ASR-9006-1, where it assign incorrect label. But it assign correct label if CRS-8-01 use next-hop-self.
Below is the test done in the lab if RR use next-hop-self:
RP/0/RP0/CPU0:CRS-4-02#show run router bgp
Tue Jan 7 08:16:18.945 UTC
router bgp 1
bgp router-id 172.16.4.1
ibgp policy out enforce-modifications
address-family ipv4 unicast
address-family vpnv4 unicast
neighbor 172.16.8.3
remote-as 1
update-source Loopback0
address-family ipv4 unicast
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
vrf RTAMAELA
rd 100:1
address-family ipv4 unicast
redistribute connected
RP/0/RP0/CPU0:CRS-4-02#show bgp vpnv4 unicast advertised summary
Tue Jan 7 08:16:29.001 UTC
Network Next Hop From Advertised to
Route Distinguisher: 100:1
78.22.11.2/32 172.16.4.1 Local 172.16.8.3
78.22.11.3/32 172.16.4.1 Local 172.16.8.3
93.22.15.61/32 172.16.4.1 Local 172.16.8.3
RP/0/RP0/CPU0:CRS-4-02#
RP/0/RP0/CPU0:CRS-4-02#show bgp vpnv4 unicast labels
Tue Jan 7 08:16:53.655 UTC
BGP router identifier 172.16.4.1, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0
BGP main routing table version 57
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1 (default for vrf RTAMAELA)
*>i22.51.32.77/32 172.16.8.3 16056 nolabel
*> 78.22.11.2/32 0.0.0.0 nolabel 16003
*> 78.22.11.3/32 0.0.0.0 nolabel 16003
*> 93.22.15.61/32 0.0.0.0 nolabel 16003
Processed 4 prefixes, 4 paths
RP/0/RP0/CPU0:CRS-4-02#
RP/0/RP1/CPU0:CRS-8-01#show run router bgp
Wed Jan 8 11:07:05.436 UTC
router bgp 1
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
allocate-label all
address-family vpnv4 unicast
retain route-target all
neighbor-group AN
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-reflector-client
next-hop-self <-- use next-hop-self toward ASR-9006-1
soft-reconfiguration inbound
neighbor-group RN
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
next-hop-self
soft-reconfiguration inbound
neighbor 10.10.10.10
remote-as 1
address-family ipv4 unicast
neighbor 72.15.48.5
use neighbor-group AN
neighbor 172.16.4.1
use neighbor-group RN
RP/0/RP1/CPU0:CRS-8-01#show bgp vpnv4 unicast labels
Wed Jan 8 11:07:09.091 UTC
BGP router identifier 172.16.8.3, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 344169
BGP main routing table version 92
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1
*>i22.51.32.77/32 72.15.48.5 16000 16056
*>i78.22.11.2/32 172.16.4.1 16003 16053
*>i78.22.11.3/32 172.16.4.1 16003 16054
*>i93.22.15.61/32 172.16.4.1 16003 16055
Processed 4 prefixes, 4 paths
RP/0/RP1/CPU0:CRS-8-01#
RP/0/RSP1/CPU0:ASR-9006-01#show run router bgp
Wed Jan 8 17:02:02.796 UTC
router bgp 1
bgp router-id 72.15.48.5
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
address-family vpnv4 unicast
retain route-target all
neighbor-group RR
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
soft-reconfiguration inbound
neighbor 172.16.8.3
use neighbor-group RR
neighbor 192.169.1.2
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
vrf RTAMAELA
rd 100:1
address-family ipv4 unicast
redistribute connected
RP/0/RSP1/CPU0:ASR-9006-01#show bgp vpnv4 unicast labels
Wed Jan 8 17:02:04.381 UTC
BGP router identifier 72.15.48.5, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 253825
BGP main routing table version 126
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1 (default for vrf RTAMAELA)
*> 22.51.32.77/32 0.0.0.0 nolabel 16000
*>i78.22.11.2/32 172.16.8.3 16053 nolabel <== 172.16.8.3 is the loopback address of CRS-8-01
*>i78.22.11.3/32 172.16.8.3 16054 nolabel
*>i93.22.15.61/32 172.16.8.3 16055 nolabel
Processed 4 prefixes, 4 paths
RP/0/RSP1/CPU0:ASR-9006-01#
From output above we can see that ASR-9006-01 received correct label for each prefix.
Below is the output with route-policy configured and ASR-9006-01 receive incorrect label:
RP/0/RP1/CPU0:CRS-8-01#show run router bgp
Wed Jan 8 11:04:46.310 UTC
router bgp 1
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
allocate-label all
address-family vpnv4 unicast
retain route-target all
neighbor-group AN
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-reflector-client
route-policy RTAMAELA out
soft-reconfiguration inbound
neighbor-group RN
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
next-hop-self
soft-reconfiguration inbound
neighbor 72.15.48.5
use neighbor-group AN
neighbor 172.16.4.1
use neighbor-group RN
RP/0/RP1/CPU0:CRS-8-01#show run route-policy RTAMAELA
Wed Jan 8 11:16:06.847 UTC
route-policy RTAMAELA
if destination in RNC then
set next-hop 172.16.8.3
else
pass
endif
end-policy
RP/0/RP1/CPU0:CRS-8-01#show run prefix-set RNC
Wed Jan 8 11:16:12.099 UTC
prefix-set RNC
78.22.11.3/32
end-set
RP/0/RP1/CPU0:CRS-8-01#show bgp vpnv4 unicast labels
Wed Jan 8 11:04:33.512 UTC
BGP router identifier 172.16.8.3, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 344013
BGP main routing table version 92
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1
*>i22.51.32.77/32 72.15.48.5 16000 16056
*>i78.22.11.2/32 172.16.4.1 16003 16053
*>i78.22.11.3/32 172.16.4.1 16003 16054
*>i93.22.15.61/32 172.16.4.1 16003 16055
Processed 4 prefixes, 4 paths
RP/0/RP1/CPU0:CRS-8-01#
RP/0/RSP1/CPU0:ASR-9006-01#show run router bgp
Wed Jan 8 16:59:41.601 UTC
router bgp 1
bgp router-id 72.15.48.5
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
address-family vpnv4 unicast
retain route-target all
neighbor-group RR
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
soft-reconfiguration inbound
neighbor 172.16.8.3
use neighbor-group RR
neighbor 192.169.1.2
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
vrf RTAMAELA
rd 100:1
address-family ipv4 unicast
redistribute connected
RP/0/RSP1/CPU0:ASR-9006-01#show bgp ipv4 unicast labels
Wed Jan 8 16:59:52.173 UTC
RP/0/RSP1/CPU0:ASR-9006-01#show bgp vpnv4 unicast labels
Wed Jan 8 17:00:00.457 UTC
BGP router identifier 72.15.48.5, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 253701
BGP main routing table version 123
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1 (default for vrf RTAMAELA)
*> 22.51.32.77/32 0.0.0.0 nolabel 16000
*>i78.22.11.2/32 172.16.4.1 16003 nolabel
*>i78.22.11.3/32 172.16.8.3 16003 nolabel <-- It receive label 16003, which is wrong. it should receive label 16054.
*>i93.22.15.61/32 172.16.4.1 16003 nolabel
Processed 4 prefixes, 4 paths
RP/0/RSP1/CPU0:ASR-9006-01#
Rivalino -
BGP Multi-instance was supposed to be released in XR 4.2, I could not find any mention of it in the Release notes for 4.2, 4.3, & 5.1?
How do I find out if it was implemented and if so how to configure it, if not if it is still on the road map?
Thanks,
JohnHello,
It is in release note XR .4.2:
http://www.cisco.com/en/US/docs/routers/asr9000/software/asr9k_r4.2/general/release/notes/reln_a9k_42.html
And some writing on Cisco doc:
http://www.cisco.com/en/US/docs/routers/crs/software/crs_r4.2/routing/configuration/guide/b_routing_cg42crs_chapter_01.html#concept_E6B1D3D6B8CA4742AED837B3A94E826F
Below is the example what i did in my lab running 4.2.3:
RP/0/RSP1/CPU0:ASR-9006-01#show run router bgp
Fri Jan 31 21:05:02.170 UTC
router bgp 1 instance IPV4
bgp router-id 72.15.48.5
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
redistribute connected
allocate-label all
address-family vpnv4 unicast
retain route-target all
neighbor 172.16.8.3
remote-as 1
update-source Loopback0
address-family ipv4 labeled-unicast
route-policy PASS in
route-policy PASS out
router bgp 1 instance IPV6
bgp router-id 99.2.3.4
address-family ipv6 unicast
redistribute connected
thanks,
rivalino -
ASR9K Series devices inventory is not working.
Hi all. Inventory in CiscoWorks with new devices ASR9K Series is not working. CW version: LMS3.2.1. Device: ASR-9006 AC Chassis. Credentials correct. Can any help me?
Screenshot1: inventory request fail.
Screenshot2: RME knows Cisco ASR9006 Router.Hello again and thx for advice,
I've tried the solution from Cisco for this bug (CSCte95623 ), by manipulating delays values in cmdsvc.properties file and restarting cfgmngmt process. I've changed delay values in very different manner (delay after connect, tunesleepmills, login, e.t.c). Unfortunately this solution didn't help. A CDA work for SSH fails all the time. Also i've manipulated
ssh rate-limit and ssh session-limit values on device. It's a pity that opportunity to set on only sshv1 on device doesn't exist, so CW tries to connect only with sshv2 and there is no chance to check how it work with sshv1.
I'm becoming a bit desperate about that issue. Any ideas?!
There is some output from ssh debugs on device:
debug ssh server
RP/0/RSP1/CPU0:May 31 12:02:14.068 : SSHD_[1114]: Spawned new child process 5869901
RP/0/RSP1/CPU0:May 31 12:02:14.149 : SSHD_[65869]: Client sockfd 3
RP/0/RSP1/CPU0:May 31 12:02:14.151 : SSHD_[65869]: Setting IP_TOS value:192
RP/0/RSP1/CPU0:May 31 12:02:14.152 : SSHD_[65869]: After setting socket options, sndbuf33792, rcvbuf - 33792
RP/0/RSP1/CPU0:May 31 12:02:14.153 : SSHD_[65869]: Connection from ------------ port ---------
RP/0/RSP1/CPU0:May 31 12:02:14.158 : SSHD_[65869]: (addrem_ssh_info_tuple) user:()
RP/0/RSP1/CPU0:May 31 12:02:14.162 : SSHD_[65869]: Session id 0
RP/0/RSP1/CPU0:May 31 12:02:14.162 : SSHD_[65869]: Exchanging versions
RP/0/RSP1/CPU0:May 31 12:02:14.164 : SSHD_[65869]: %SECURITY-SSHD-6-INFO_GENERAL : Client ------ closes socket connection
RP/0/RSP1/CPU0:May 31 12:02:14.164 : SSHD_[65869]: %SECURITY-SSHD-3-ERR_GENERAL : Failed in version exchange
RP/0/RSP1/CPU0:May 31 12:02:14.164 : SSHD_[65869]: In cleanup code, pid:5869901, sig rcvd:0, state:1
RP/0/RSP1/CPU0:May 31 12:02:14.166 : SSHD_[65869]: Cleanup sshd process 5869901, session id 0
RP/0/RSP1/CPU0:May 31 12:02:14.171 : SSHD_[65869]: Closing connection to --------
RP/0/RSP1/CPU0:May 31 12:02:14.171 : SSHD_[65869]: Sending Disconnect msg
RP/0/RSP1/CPU0:May 31 12:02:14.172 : SSHD_[65869]: sshd_shm_acquire_lock: SHM Lock is NULL
RP/0/RSP1/CPU0:May 31 12:02:14.172 : SSHD_[65869]: sshd_shm_unlock: SHM Lock is NULL
RP/0/RSP1/CPU0:May 31 12:02:14.184 : SSHD_[1114]: Signal 18 received in handler: pid 5869901
RP/0/RSP1/CPU0:May 31 12:02:14.207 : SSHD_[1114]: ratelimit_msecs:1000.000000, ratelimit_count:1
RP/0/RSP1/CPU0:May 31 12:02:14.207 : SSHD_[1114]: elapsed:145.976000, ratelimit_msecs:1000.000000, count:1
RP/0/RSP1/CPU0:May 31 12:02:14.207 : SSHD_[1114]: %SECURITY-SSHD-6-INFO_GENERAL : Incoming SSH session rate limit exceeded
And CDA ssh work log from CW:
Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.rmeng.util.rmedaa.RMEDeviceContext,getCmdSvc,1571,Iam inside ssh ....
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.rmeng.util.rmedaa.RMEDeviceContext,getCmdSvc,1573,Initial time_out : 0
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.rmeng.util.rmedaa.RMEDeviceContext,getCmdSvc,1583,Computed time_out : 30
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.rmeng.util.rmedaa.RMEDeviceContext,getCmdSvc,1599,After computing time_out : 30
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.rmeng.util.rmedaa.RMEDeviceContext,getSshCmdSvc,1637,inside getSshCmdSvc with timeout : 30000
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.rmeng.util.rmedaa.RMEDeviceContext,getSshProtocols,1743,Inside getsshprotocols with time out : 30000
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.rmeng.util.rmedaa.RMEDeviceContext,getSshCmdSvc,1651,SSH2 is running
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,136,Got CmdSvc for SSH
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,141,Before Resetting the counters i.e before invoking counters for CredType :: SSH
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,151,After Resetting the counters i.e before invoking counters for CredType :: SSH
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,156,Getting Primary credentails to reset again to Primary only..
[ Thu May 31 12:10:17 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,201,trying to connect for SSH
[ Thu May 31 12:10:18 MSD 2012 ],ERROR,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,272,Got CmdSvcException com.cisco.nm.lib.cmdsvc.CmdSvcException: java.net.SocketException: Connection reset
at com.cisco.nm.lib.cmdsvc.OpConnect.invoke(OpConnect.java:57)
at com.cisco.nm.lib.cmdsvc.SessionContext.invoke(SessionContext.java:299)
at com.cisco.nm.lib.cmdsvc.Engine.process(Engine.java:57)
at com.cisco.nm.lib.cmdsvc.LocalProxy.process(LocalProxy.java:22)
at com.cisco.nm.lib.cmdsvc.CmdSvc.connect(CmdSvc.java:190)
at com.cisco.nm.lib.cmdsvc.CmdSvc.connect(CmdSvc.java:166)
at com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler.verify(CmdSvc_CDACredTypeHandler.java:202)
at com.cisco.nm.xms.xdi.pkgs.LibCda.GenericCdaHandler.checkSanity(GenericCdaHandler.java:37)
at com.cisco.nm.rmeng.inventory.cda.job.DoCDAonDevice.checkSanity(CdaJobEngine.java:1565)
at com.cisco.nm.rmeng.inventory.cda.job.DoCDAonDevice.run(CdaJobEngine.java:1429)
at com.cisco.nm.rmeng.inventory.cda.job.CdaJobMonitor$ExecutorThread.run(CdaJobMonitor.java:244)
[ Thu May 31 12:10:18 MSD 2012 ],ERROR,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,308,exception occured at the time of closing cmdsvccom.cisco.nm.lib.cmdsvc.CmdSvcException: java.net.SocketException: Connection reset
at com.cisco.nm.lib.cmdsvc.OpConnect.invoke(OpConnect.java:57)
at com.cisco.nm.lib.cmdsvc.SessionContext.invoke(SessionContext.java:299)
at com.cisco.nm.lib.cmdsvc.Engine.process(Engine.java:57)
at com.cisco.nm.lib.cmdsvc.LocalProxy.process(LocalProxy.java:22)
at com.cisco.nm.lib.cmdsvc.CmdSvc.connect(CmdSvc.java:190)
at com.cisco.nm.lib.cmdsvc.CmdSvc.connect(CmdSvc.java:166)
at com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler.verify(CmdSvc_CDACredTypeHandler.java:202)
at com.cisco.nm.xms.xdi.pkgs.LibCda.GenericCdaHandler.checkSanity(GenericCdaHandler.java:37)
at com.cisco.nm.rmeng.inventory.cda.job.DoCDAonDevice.checkSanity(CdaJobEngine.java:1565)
at com.cisco.nm.rmeng.inventory.cda.job.DoCDAonDevice.run(CdaJobEngine.java:1429)
at com.cisco.nm.rmeng.inventory.cda.job.CdaJobMonitor$ExecutorThread.run(CdaJobMonitor.java:244)
[ Thu May 31 12:10:18 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,310,Some exception not handled....
[ Thu May 31 12:10:18 MSD 2012 ],INFO ,[Thread-1],com.cisco.nm.xms.xdi.pkgs.LibCda.CmdSvc_CDACredTypeHandler,verify,312,Not for enable test -
Parameter changes prevent SAP from starting
Hello all,
We are running SAP ERP 4.7ext 2.00 with two nodes in a Windows/MSSQL Cluster environment.
1. Last night, we made parameter changes to the central instance profile. In particular, we started with adding the parameter enque/table_size = 16384, activated the profile and took the SAP R/3 RP1 Resource offline. We then tried to bring it back online but it went into a failed status. We removed this parameter using a text editor, and then retried to bring the SAP Resource online again, but to no avail it went into a failed state again.
2. We had previously made backups of the profile files created by the reinstallation of the central instance (DEFAULT, START_DVEBMGS00_ZAASAPCCI001, and RP1_DVEBMGS00_ZAASAPCCI001 lets call this File Set A.) and decided to use these files instead. These files had the default parameters created on installation. We were successful in bringing the SAP resource online.
3, We made a parameter change and activated the profile in SAP it does not matter which parameter you choose, for example, changing the number of dialog work processes from the default 2 to 20 . We took the SAP R/3 RP1 Resource offline but were unable to bring it back online - it went into a failed status.
4. We then took File Set A, and using a text editor (1) made changes to the number of work processes; and (2) appended the extra parameters to them. Using these files we were now successful in bringing the SAP Resource online.
5. If we now made any changes to these files either through SAP or by using the text editor, we are unable to restart SAP. We have to revert to step 4 above.
6. A strange anomaly we noticed is that if the profile files have the following commented lines in the beginning of the file RP1_DVEBMGS00_ZAASAPCCI001. for example:
#.* Instance profile RP1_DVEBMGS00_ZAASAPCCI00 *
#.* Version = 000007 *
#.* Generated by user = ABOOM *
#.* Generated on = 11.05.2006 , 09:04:07 *
Then we are unable to restart SAP.
Is this a bug related to running a dual-node SAP cluster? We were previously able to make parameter changes (either through SAP or through the use of a text editor) and restart SAP successfully.
It is now become critical to determine the cause of this anomalous behaviour and resolve the problem. Failing this, the client wants to break the cluster and revert to a distributed SAP system installation (with separate DB and central instance hosts).
Your comments and help wil be greatly appreciated.
Regards,
LeboHi Lebo,
Can you try to edit your profiles (the correct ones) using sappad tool (/usr/sap/<SID>/<INST-ID>/run/exe/) and save it in the same format that was used to open it.
Regards,
Mike -
What is the maximum and average power consumption on an xServe G5 cluster node?
Apple only ever publish maximum power draw levels for the family - in this case, according to the technote, that's 4A @ 110V (or 2A at 220V).
However, you have to bear in mind that the same spec is given to the single processor, dual processor and cluster node versions of the XServe G5. Clearly a dual processor machine with three drives, two PCI cards and a DVD drive is going to pull more power than a single CPU system with one drive and no PCI cards.
This also extends to typical power draw - the system dynamically adjusts to load, so while a fully-spec'd machine could pull 4A under stress (e.g. CPU maxed, all fans at top speed, three drives in a RAID 5 config reading and writing, etc.), it might pull less than 1A if it's sitting idle waiting for something to do. Therefore there is no such thing as 'average' since everyone's circumstances are different.
Most of my servers sit in the 1A - 2A range if that's any help. -
MPLS Core sharing a net /25
Hi,
I need help, I have a core MPLS made by four devices. They are ASR 9006, everything works perfect, lately we installed a client that need redundancy so I configure two BGP session on my internet VRF, the problem is that I assigned to the client a netmask 25. A client that depends on the same ASR can make ping to the new client but if a client depends of another ASR can make ping to this client. I checked and I have to entries for this net on my routing table, I don't know which is the problem. can you help me?
RP/0/RSP0/CPU0:ASR9K_PEREIRA#show route vrf INTERNET 190.X.243.1
Thu Jan 8 10:20:18.860 gmt
Routing entry for 190.X.243.0/24
Known via "bgp 2X51", distance 200, metric 0, type internal
Installed Dec 30 01:29:43.582 for 1w2d
Routing Descriptor Blocks
10.248.10.1, from 10.248.10.1
Nexthop in Vrf: "default", Table: "default", IPv4 Unicast, Table Id: 0xe0000000
Route metric is 0
No advertising protos.
RP/0/RSP0/CPU0:ASR9K_PEREIRA#show route vrf INTERNET 190.X.243.129
Thu Jan 8 10:20:21.793 gmt
Routing entry for 190.X.243.128/25
Known via "bgp 2X951", distance 200, metric 0
Tag 65497, type internal
Installed Dec 30 01:29:44.163 for 1w2d
Routing Descriptor Blocks
10.248.10.1, from 10.248.10.1
Nexthop in Vrf: "default", Table: "default", IPv4 Unicast, Table Id: 0xe0000000
Route metric is 0
No advertising protos.
RP/0/RSP0/CPU0:ASR9K_PEREIRA#
The problem is only with the last /25.
Sorry for my english.hi ,
i have been troubleshooting the same issue for the last 2 days , i go the same message
*Mar 2 02:06:34.973: TE-PCALC_PATH: get_path: system_id not initialized!
R6#show mpls traffic-eng tunnels
Name: R6_t1 (Tunnel1) Destination: 1.1.1.1
Status:
Admin: up Oper: down Path: not valid Signalling: Down
path option 10, type dynamic
Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: disabled LockDown: disabled Loadshare: 0 bw-based
auto-bw: disabled
History:
Tunnel:
Time since created: 1 days, 17 minutes
Path Option 10:
Last Error: PCALC:: Local system ID has not been set
R6#
i am using ISIS as routing protocol , I dont know if is a bug with GNS3 or something is wrong with my config wich i dont think so !!
can anybody help me please !
Maybe you are looking for
-
ITunes skipping during audio while browsing the web - Quicktime issue?
iTunes 11.1.2 for Win 7 is skipping during playback of audio when I am browsing the web. Is this a Quicktime issue? I tried changing the audio output device latency but it didn't do anything different as far as skipping goes. Any suggestions?
-
Performance Assistance (F1) : very small Font size
Hi, When we press a F1 key on any field. The Performance Assistance(help) pops up. 1.The problem is the user cant read it as it has very small font size. How to change the font size and Make it Bigger.?? So it become Readable Regards, Anupam
-
The latest Yosemite update will not finish downloading
MacBook Pro mid 2012 I am in the middle of the latest Yosemite update. It requires a restart, so it restarted my computer. Then the normal white screen came up as it was turning on with the loading bar underneath the Apple logo. This is where the pro
-
Update termination Error : Maintain Output device in User master record
Hi All, For transaction IW32 when print is given we have getting Update termination error : Maintain Output device in User master record. I have set the user_settings = Space, for output_Options passed the output device . Even for control_paramters I
-
XSAN1.1 License Keys won't work on 10.3.9
We have retail versions of XSAN1.1 and installed XSAN1.1 on a 10.3.9 Mac with the latest updates, and it will not accept the serial number...in fact it will not accept any serial number from a 1.1 package. We did the "XSAN reset" (deleted XSAN config