Importance of specifiying MAC add of next hop L3 device in FWSM config
Hi,
With refrence of Cisco Secure Firewall Services Module (FWSM) of Cisco Press book it's mentioned that
"While configuring the transparent mode in FWSM, it is important to specify the MAC address and the CAM entries on the Layer 3 next hop device of FWSM."
This part of configuration is not very much clear to me please let me know the logic of this things
The following are two examples:
Layer 3 Device A (PFC) at the Outside Security Domain
! IP address of the next hop for the outside security domain
interface Vlan20
mac-address 0000.0000.0001
ip address 10.10.1.1 255.255.255.0
! Specify the IP address and MAC address at the first hop layer 3 interface
! of the inside security domain
arp 10.10.1.21 0000.0000.0001 ARPA
Layer 3 Device B at the Inside Security Domain
! IP address of the next hop for the inside security domain
interface Vlan21
mac-address 0000.0000.0021
ip address 10.10.1.21 255.255.255.0
! Specify the IP address and MAC address defined at the first hop interface
! of the outside security domain
arp 10.10.1.21 0000.0000.0002 ARPA
Regards
Ambivert Skill
Hello Mikis,
Fair enough, Just remember beggining on 8.3 how the ASA handles the packets it's different from 8.2 and older versions.
As you said now the ASA is going to check the proper Nat rules first and then the Acl's that is why when we want to allow traffic from outside to an inside server we need to poing the ACL to the private or un-nated Ip as the nat rule was taken in place first
Good post by the way,
Remember to rate all the community answers, for us that is more important than a thanks
Julio
Similar Messages
-
When plguging my iPad into my mac nothing happens at all. looking at iTunes there is no devices and I can't add any. Hope you can help. Vic Donovan
If you are using iTunes version 11...
See Here first...
http://osxdaily.com/2012/11/29/5-tips-make-itunes-look-normal/
If no joy... See these 2 links...
For Mac > http://support.apple.com/kb/ts1591
iPhone not appearing in iTunes -
Import user drive (Mac HD) not found / not available as import source
Hi,
the Mac internal HD ist not shown on import screen (no user drive shown!). Whenn I select 'choose other source' I can see the user drive but no
finder-structure an all!!! pictures appear for import (sorry if I don't use the
right words no nativ!)
pls tell me how to add screenshots to explain - thxHi,
thank you for this incredibly helpful advice.
The vanished folders are back in place. :-D
Great!
Am 16.05.2014 um 23:31 schrieb blokfluitist <[email protected]>:
import user drive (Mac HD) not found / not available as import source
created by blokfluitist in Photoshop Lightroom - View the full discussion
I just had the exact same problem ! And am delighted to say that it's fixed thanks to a friend who pointed me here... http://m.imore.com/how-unhide-your-users-directory-1093
I followed the instructions and my user drive has now been restored to the image source list... phew !!
https://forums.adobe.com/servlet/JiveServlet/downloadImage/2-6385792-640708/ScreenShot2014-05-16at19.21.51.png
https://forums.adobe.com/servlet/JiveServlet/downloadImage/2-6385792-640715/277-605/ScreenShot2014-05-16at22.03.52.png
Please note that the Adobe Forums do not accept email attachments. If you want to embed a screen image in your message please visit the thread in the forum to embed the image at https://forums.adobe.com/message/6385792#6385792
Replies to this message go to everyone subscribed to this thread, not directly to the person who posted the message. To post a reply, either reply to this email or visit the message page:
To unsubscribe from this thread, please visit the message page at . In the Actions box on the right, click the Stop Email Notifications link.
Start a new discussion in Photoshop Lightroom by email or at Adobe Community
For more information about maintaining your forum email notifications please go to http://forums.adobe.com/thread/416458?tstart=0. -
Hi,
I am learning bgp...need your help...
Connectivity is like as follows:
Router A (ebgp) Router B (ibgp) Router C (ibgp) Router D
when loopback subnet of Router A is received at Router C, defalult with next hop address of outgoing interface of router A.
after configuring next hop self command on router B to C, on Router C then show next hop add outgoing interface of router B. k no prob.
but same subnet isn't received on router D because of ibgp split horizon rule; used route-reflector client on router C. then router D received subnet of Router A; but shows next hop address outgoing interface of router B. even though i used next hop self on router C towards D.; router D didn't show next hop add of router C. Why ??
Its ok i used IGP i.e. EIGRP in between router B, C & D. it works.
=> why next hop self doesn't work in this scenario ?? & is it the reaseon we need to use IGP into IBGP AS ??
--Sandy.Hi,
I agree with Milan, you can use a route-map applied in the outbound direction to rewrite the next-hop.
Another option is to use the "next-hop-self all" (note the keyword all), that will update the next hop of both iBGP and eBGP learned prefixes:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/command/irg-cr-book/bgp-m1.html#wp4972925610
The use case for this (next-hop-self all) is I see is in a DMVPN Network, but not for an ISP - MPLS/VPN Provider.
Regarding BGP and the need of IGP, think that different protocols have different purposes. The IGP, specially used in large-scale deployments, is used to build the topology and provide reachability to internal prefixes. The IGPs used in large-scale designs, IS-IS/OSPF, are good here because as they are link-state protocols and have a complete view of the network and will detect fast a change and run SPF for a new topology if needed. Furthermore, they have extensions to use MPLS/Traffic Engineering.
Once the topology is build and the routers have reachability to internal prefixes, then you can run iBGP (typically between loopbacks) to provide reachability to external prefixes. BGP is very good to transport a good amount of prefixes, as it is based in TCP. If the IGPs could handle the amount of prefixes can handle BGP, then you would not need iBGP, you would redistribute (which is another option) them to the IGP and we will only have external BGP. However, in order to provide reachability and build and scalable network, you need BGP plus an IGP.
The reason of having the need of an iBGP full mesh is to prevent black-holes in the network. Think that routers A-B-C, A is running iBGP with C, which are edge routers receiving prefixes from other ASN´s. As B is not running BGP, when it receives a packet destined to an external network it will drop that packet as it has no information in the RIB.
There was also an old rule called synchronization that prevented the problem of advertising a black hole to another AS. The rule was that if the prefix is not in the IGP, BGP will not advertise that prefix. So, redistribution solved in the old days the problem of black holes and the rule of sync the problem of advertising them to other ASNs. As the networks got bigger and bigger, there was no point to redistribute the external prefixes to the IGP, so iBGP full-mesh/RRs were deployed and the sync rule disabled.
Hope this helps,
Jose. -
Ip next-hop verify-availability problem
track 123 rtr 1 reachability
track 124 rtr 2 reachability
route-map PBR_IN permit 10
match ip address RB_SWI_IN RB_HK_IN
set ip next-hop verify-availability x.x.x.x 10 track 123
set ip next-hop verify-availability x.x.x.x 20 track 124
route-map PBR_OUT permit 10
match ip address RB_SWI_OUT RB_HK_OUT
set ip next-hop verify-availability x.x.x.x 10 track 123
set ip next-hop verify-availability x.x.x.x 20 track 124
control-plane
rtr 1
!--- Define and start Router 1.
type echo protocol ipIcmpEcho x.x.x.x
rtr schedule 1 life forever start-time now
rtr 2
!--- Define and start Router 2.
type echo protocol ipIcmpEcho x.x.x.x
rtr schedule 2 life forever start-time now
interface GigabitEthernet0/0
ip policy route-map PBR_OUT
duplex auto
speed auto
interface GigabitEthernet0/1
ip policy route-map PBR_IN
duplex auto
speed auto
crypto map SDM_CMAP_1
service-policy input inbound
service-policy output outbound
This is my configuration and i wonder whether it need license or not!
The vendor didn't let me type it in my border-router,they say this configuration need license.
And they want us to buy it!
Is it necessary to buy the license?IOF-3945E#show version
Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.2(4)M4, R
ELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Thu 20-Jun-13 14:38 by prod_rel_team
ROM: System Bootstrap, Version 15.1(1r)T5, RELEASE SOFTWARE (fc1)
IOF-3945E uptime is 17 hours, 25 minutes
System returned to ROM by power-on
System image file is "flash0:c3900e-universalk9-mz.SPA.152-4.M4.bin"
Last reload type: Normal Reload
Last reload reason: power-on
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO3945-CHASSIS (revision 1.0) with C3900-SPE250/K9 with 1792000K/305152
K bytes of memory.
Processor board ID FGL173811LR
8 Gigabit Ethernet interfaces
2 terminal lines
1 Virtual Private Network (VPN) Module
1 cisco UCSE Module(s)
DRAM configuration is 72 bits wide with parity enabled.
256K bytes of non-volatile configuration memory.
999936K bytes of ATA System CompactFlash 0 (Read/Write)
License Info:
License UDI:
Device# PID SN
*0 C3900-SPE250/K9 FOC17356KNW
Technology Package License Information for Module:'c3900e'
Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security securityk9 Permanent securityk9
uc None None None
data None None None
Configuration register is 0x2102
IOF-3945E# -
Edge server high availability and next hop to FE servers
Hi All,
As per the article https://technet.microsoft.com/en-us/library/gg412847.aspx "Each Edge Server is a multihomed computer
with external and internal facing interfaces. The adapter Domain Name System (DNS) settings depend on whether there are DNS servers in the perimeter network. If
no DNS servers exist in the perimeter, the Edge Server(s) use external DNS servers to resolve Internet name lookups, and each Edge Server uses a HOST to resolve the next hop server names to IP addresses."
If i have 3 FE servers with DNS load balancing, where the pool.contoso.com would be associated with 192.168.0.1,
192.168.0.2, 192.168.0.3.
How do i create Host record for front end pool in the edge server? i mean which among the 3 ips should i use? as i can use only one IP in the host file record for a host name.
If i create pool.contoso.com
192.168.0.1 and that server is unavailable then the whole purpose of Edge and FE HA is defeated !!The same doc says: "Edit the HOST file on each Edge Server to contain a record for the next hop server or virtual IP (VIP) (the record will be the Director, Standard Edition server, or a Front End pool that was configured as the Edge Server next hop
address in Topology Builder). If you are using DNS load balancing, include a line for each member of the next hop pool."
But you're right, it was my understanding that only the first line of the hosts file was used. I'd have to presume the application is somewhat intelligent about this or it's incorrect guidance. I've never tested it.
You could use internal DNS too, resolving the issue, but if your DMZ was ever penetrated, someone could potentially use DNS to help map out your network. Otherwise, you'd want to add a DNS server in your DMZ or use HLB just for this which I wouldn't
be in love with.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
BGP Next-hop conflict with MPLS Label.
Hi, Experts
Equipment: Cisco ASR9922, IOS-XR 4.3.2
Issue: I have problem that my RR do the next-hop-self by using route-policy for client routers, the next-hop is changed as intended but the MPLS label doesn’t changed to reflect the new next-hop.
What I would like to achieve: I would like RR to set next-hop-self only for selected prefixes(172.168.0.0/24, 0.0.0.0/0) but maintain original next-hop for the rest, I do this by using route-policy.
Detail:
I have routers running MPLS infrastructure with ASR9922 as an RR. RN router is in neighbor-group RN and CPE-xx routers are in neighbor-group AN.
•- Every routers are in same BGP AS64549.
•- RN sends prefixes 0.0.0.0/0 and 172.168.0.0/24 to RR.
•- CPE-25 sends prefix 192.168.25.1/32 to RR.
Neighbor-group AN has the route-policy AN-OUT2 to set next-hop of prefix 172.168.0.0/24 and 0.0.0.0/0 to RR#loopback1 before send out update to CPE routers. Below is BGP and RPL configuration at RR.
router bgp 64549
nsr
bgp graceful-restart
ibgp policy out enforce-modifications
address-family vpnv4 unicast
additional-paths receive
additional-paths send
additional-paths selection route-policy ADD-PATH-iBGP
retain route-target all
neighbor-group AN
remote-as 64549
cluster-id 172.16.1.11
update-source Loopback1
address-family vpnv4 unicast
route-reflector-client
route-policy AN-OUT2 out
soft-reconfiguration inbound
route-policy AN-OUT2
if destination in DEFAULT or destination in RNC then
set next-hop 192.168.10.11
else
pass
endif
end-policy
This is what RR advertises to CPE-24
RP/0/RP0/CPU0:RR#show bgp vpnv4 unicast neighbors 192.168.10.24 advertised-routes
Fri Dec 20 15:23:14.931 BKK
Network Next Hop From AS Path
Route Distinguisher: 64549:3339
0.0.0.0/0 192.168.10.11 172.16.1.1 ?
172.16.1.2 ?
172.168.0.0/24 192.168.10.11 172.16.1.1 ?
172.16.1.2 ?
192.168.0.1/32 192.168.10.11 192.168.10.24 i
192.168.0.26/32 192.168.10.26 192.168.10.26 i
192.168.25.1/32 192.168.10.25 192.168.10.25 i
192.168.211.8/30 192.168.10.22 192.168.10.22 i
The IP part works as intended but MPLS Label doesn’t work as intended. Please take a look at RN who is originates 172.168.0.0/24, label 16025 is locally assigned.
RP/0/RP0/CPU0:RN1#show bgp vpnv4 unicast labels
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 64549:3339 (default for vrf VLAN3339)
*> 0.0.0.0/0 0.0.0.0 nolabel 16025
* i 172.16.1.11 16068 16025
* i 172.16.1.13 16033 16025
*> 172.168.0.0/24 0.0.0.0 nolabel 16025
* i 172.16.1.11 16059 16025
* i 172.16.1.13 16024 16025
172.168.0.0/24 at RR, label 16059 is locally assigned, label 16025 is receive from RN router. It should send 172.168.0.0/24 with label 16059 to CPE-24 to reflect next-hop changed.
RP/0/RSP0/CPU0:RR#show bgp vpnv4 unicast labels
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 64549:3339
*>i0.0.0.0/0 172.16.1.1 16025 16068
* i 172.16.1.2 16007 16068
*>i172.168.0.0/24 172.16.1.1 16025 16059
* i 172.16.1.2 16007 16059
*>i192.168.0.1/32 192.168.10.24 131070 16060
*>i192.168.25.1/32 192.168.10.25 131070 16062
*>i192.168.211.8/30 192.168.10.22 131070 16065
What I found at CPE-24 which is Alcatel router is that, RR send prefix 172.168.0.0/24, nh 192.168.10.11 with label 16025 which is incorrect.
A:CPE-24# show router bgp routes vpn-ipv4 172.168.0.0/24
===============================================================================
BGP Router ID:192.168.10.24 AS:64549 Local AS:64549
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best, b - backup
===============================================================================
BGP VPN-IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop Path-Id VPNLabel
As-Path
u*>? 64549:3339:172.168.0.0/24 100 0
192.168.10.11 None 16025
No As-Path
Routes : 1
===============================================================================
On RR If I just remove the policy and do the next-hop-self under vpv4 address family, CPE-24 will get corrent nh with correct label(16059) but that won’t achieve our requirement to change nh only on selected prefixes. Is this software problem? Or is there any solution to work around?
Regard,
MaritHello Marit,
I am able to recreate this in the lab, and unfortunately this scenario is not supported. BGP does not advertise allocated label if we set nexhop using route policy. The only way is by next-hop-self configured on RR, and yes it eventually will applies to all prefixes advertised to neighbor-group AN. Currently i do not have workaround available.
Below is the capture of what i have tested in the lab:
The topology:
CRS-4-02 ---------- CRS-8-01 ------------ ASR-9006-1
CRS-8-01 is Route-reflector of CRS-4-02 and ASR-9006-1.
CRS-4-02 advertise some prefixes.
This issue occurs when RR have route-policy toward ASR-9006-1, where it assign incorrect label. But it assign correct label if CRS-8-01 use next-hop-self.
Below is the test done in the lab if RR use next-hop-self:
RP/0/RP0/CPU0:CRS-4-02#show run router bgp
Tue Jan 7 08:16:18.945 UTC
router bgp 1
bgp router-id 172.16.4.1
ibgp policy out enforce-modifications
address-family ipv4 unicast
address-family vpnv4 unicast
neighbor 172.16.8.3
remote-as 1
update-source Loopback0
address-family ipv4 unicast
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
vrf RTAMAELA
rd 100:1
address-family ipv4 unicast
redistribute connected
RP/0/RP0/CPU0:CRS-4-02#show bgp vpnv4 unicast advertised summary
Tue Jan 7 08:16:29.001 UTC
Network Next Hop From Advertised to
Route Distinguisher: 100:1
78.22.11.2/32 172.16.4.1 Local 172.16.8.3
78.22.11.3/32 172.16.4.1 Local 172.16.8.3
93.22.15.61/32 172.16.4.1 Local 172.16.8.3
RP/0/RP0/CPU0:CRS-4-02#
RP/0/RP0/CPU0:CRS-4-02#show bgp vpnv4 unicast labels
Tue Jan 7 08:16:53.655 UTC
BGP router identifier 172.16.4.1, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0
BGP main routing table version 57
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1 (default for vrf RTAMAELA)
*>i22.51.32.77/32 172.16.8.3 16056 nolabel
*> 78.22.11.2/32 0.0.0.0 nolabel 16003
*> 78.22.11.3/32 0.0.0.0 nolabel 16003
*> 93.22.15.61/32 0.0.0.0 nolabel 16003
Processed 4 prefixes, 4 paths
RP/0/RP0/CPU0:CRS-4-02#
RP/0/RP1/CPU0:CRS-8-01#show run router bgp
Wed Jan 8 11:07:05.436 UTC
router bgp 1
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
allocate-label all
address-family vpnv4 unicast
retain route-target all
neighbor-group AN
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-reflector-client
next-hop-self <-- use next-hop-self toward ASR-9006-1
soft-reconfiguration inbound
neighbor-group RN
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
next-hop-self
soft-reconfiguration inbound
neighbor 10.10.10.10
remote-as 1
address-family ipv4 unicast
neighbor 72.15.48.5
use neighbor-group AN
neighbor 172.16.4.1
use neighbor-group RN
RP/0/RP1/CPU0:CRS-8-01#show bgp vpnv4 unicast labels
Wed Jan 8 11:07:09.091 UTC
BGP router identifier 172.16.8.3, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 344169
BGP main routing table version 92
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1
*>i22.51.32.77/32 72.15.48.5 16000 16056
*>i78.22.11.2/32 172.16.4.1 16003 16053
*>i78.22.11.3/32 172.16.4.1 16003 16054
*>i93.22.15.61/32 172.16.4.1 16003 16055
Processed 4 prefixes, 4 paths
RP/0/RP1/CPU0:CRS-8-01#
RP/0/RSP1/CPU0:ASR-9006-01#show run router bgp
Wed Jan 8 17:02:02.796 UTC
router bgp 1
bgp router-id 72.15.48.5
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
address-family vpnv4 unicast
retain route-target all
neighbor-group RR
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
soft-reconfiguration inbound
neighbor 172.16.8.3
use neighbor-group RR
neighbor 192.169.1.2
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
vrf RTAMAELA
rd 100:1
address-family ipv4 unicast
redistribute connected
RP/0/RSP1/CPU0:ASR-9006-01#show bgp vpnv4 unicast labels
Wed Jan 8 17:02:04.381 UTC
BGP router identifier 72.15.48.5, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 253825
BGP main routing table version 126
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1 (default for vrf RTAMAELA)
*> 22.51.32.77/32 0.0.0.0 nolabel 16000
*>i78.22.11.2/32 172.16.8.3 16053 nolabel <== 172.16.8.3 is the loopback address of CRS-8-01
*>i78.22.11.3/32 172.16.8.3 16054 nolabel
*>i93.22.15.61/32 172.16.8.3 16055 nolabel
Processed 4 prefixes, 4 paths
RP/0/RSP1/CPU0:ASR-9006-01#
From output above we can see that ASR-9006-01 received correct label for each prefix.
Below is the output with route-policy configured and ASR-9006-01 receive incorrect label:
RP/0/RP1/CPU0:CRS-8-01#show run router bgp
Wed Jan 8 11:04:46.310 UTC
router bgp 1
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
allocate-label all
address-family vpnv4 unicast
retain route-target all
neighbor-group AN
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-reflector-client
route-policy RTAMAELA out
soft-reconfiguration inbound
neighbor-group RN
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
next-hop-self
soft-reconfiguration inbound
neighbor 72.15.48.5
use neighbor-group AN
neighbor 172.16.4.1
use neighbor-group RN
RP/0/RP1/CPU0:CRS-8-01#show run route-policy RTAMAELA
Wed Jan 8 11:16:06.847 UTC
route-policy RTAMAELA
if destination in RNC then
set next-hop 172.16.8.3
else
pass
endif
end-policy
RP/0/RP1/CPU0:CRS-8-01#show run prefix-set RNC
Wed Jan 8 11:16:12.099 UTC
prefix-set RNC
78.22.11.3/32
end-set
RP/0/RP1/CPU0:CRS-8-01#show bgp vpnv4 unicast labels
Wed Jan 8 11:04:33.512 UTC
BGP router identifier 172.16.8.3, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 344013
BGP main routing table version 92
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1
*>i22.51.32.77/32 72.15.48.5 16000 16056
*>i78.22.11.2/32 172.16.4.1 16003 16053
*>i78.22.11.3/32 172.16.4.1 16003 16054
*>i93.22.15.61/32 172.16.4.1 16003 16055
Processed 4 prefixes, 4 paths
RP/0/RP1/CPU0:CRS-8-01#
RP/0/RSP1/CPU0:ASR-9006-01#show run router bgp
Wed Jan 8 16:59:41.601 UTC
router bgp 1
bgp router-id 72.15.48.5
bgp graceful-restart
ibgp policy out enforce-modifications
address-family ipv4 unicast
address-family vpnv4 unicast
retain route-target all
neighbor-group RR
remote-as 1
update-source Loopback0
graceful-restart
address-family vpnv4 unicast
route-reflector-client
soft-reconfiguration inbound
neighbor 172.16.8.3
use neighbor-group RR
neighbor 192.169.1.2
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
vrf RTAMAELA
rd 100:1
address-family ipv4 unicast
redistribute connected
RP/0/RSP1/CPU0:ASR-9006-01#show bgp ipv4 unicast labels
Wed Jan 8 16:59:52.173 UTC
RP/0/RSP1/CPU0:ASR-9006-01#show bgp vpnv4 unicast labels
Wed Jan 8 17:00:00.457 UTC
BGP router identifier 72.15.48.5, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 253701
BGP main routing table version 123
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 100:1 (default for vrf RTAMAELA)
*> 22.51.32.77/32 0.0.0.0 nolabel 16000
*>i78.22.11.2/32 172.16.4.1 16003 nolabel
*>i78.22.11.3/32 172.16.8.3 16003 nolabel <-- It receive label 16003, which is wrong. it should receive label 16054.
*>i93.22.15.61/32 172.16.4.1 16003 nolabel
Processed 4 prefixes, 4 paths
RP/0/RSP1/CPU0:ASR-9006-01#
Rivalino -
Hi, just started on photoshop 13. When i import a photo and open layers, next to the imported photo is an icon indicating the layer is partially locked. When i try to unlock the image, the editing part of the screen disappears and is replaced by a transparency. What am i doing wrong
Good day!
Just to make sure: You are talking about Photoshop 13 aka Photoshop CS6?
Regards,
Pfaffenbichler -
Syncing new iphone 5 with a Mac with itunes 10.6.3. Error message says iphone cannot be used because requires itunes 10.7 or later. Unable to download Itunes 10.7 to Mac. What do I have to do to import songs from Mac to new Iphone 5 ?
iOS 6 (which runs on the iPhone 5) requires iTunes 10.7, which requires OS X 10.6.8 or higher.
Upgrade OS X on your Mac. -
I can no longer open numbers and am therefore barred from access to important accounts.What do I do next?
Hi mp,
If you updated to OS X Mavericks, there may have been an automatic update to Numbers 3. Numbers 3 will be in your Applications folder. Numbers '09 has not been replaced. Look for Numbers '09 (Numbers 2.3) in a folder called iWork '09 inside your Applications folder. You can run both versions of Numbers at the same time.
I have icons for both versions on my Dock. Drag each to the Dock from Applications folder and Applications > iWork '09 folder. Right click on each and Options > Keep in Dock. Now you have the choice of which to use.
Numbers 2 (3 column chart) on the left. Numbers 3 (4 column chart) on the right.
If a document won't open, try opening from within each version. Or right click on the document and Open With...
You can Export a Numbers 3 document back to Numbers '09 with Menu > Export > Numbers '09...
Post back if you have problems.
Regards,
Ian. -
I have Adobe Photoshop Elements 12 on my iMac and am licensed to add it to a 2nd device. I would like to put it on my mac laptop. How do I do this?
If you do not have it on disc, then download it, install it, and activate it with your serial numnber. If you need to download it, if you purchased it online thru Adobe look for a link in your Adobe account online. You can also download the trial version and activate it with your serial number...
Adobe - Download free trial version Adobe Photoshop Elements 12 | Adobe -
Anyone having problems with Elements organiser 13 when try to import photos from Mac photos which was an upgrade from Iphotos on 9th April 2015. Before when I was using Iphotos all was ok...
hi I have been trying to do this, but PE13 comes up with a fail message saying that file types are not supported, am only trying to import jpeg files so can't understand this. So far have been unable to use PE13 at all, any ideas anyone please!
-
How do I get numbers to automatically add the next date down a column in numbers?
How do I get numbers to automatically add the next date down a column in numbers?
Hi Dd,
If you want the next date automaitcally filled in when you add a row to the bottom of the table, you can use a formula.
Here's an example, done in Numbers 2.3 (Numbers '09). The method is basically the same in Numbers 3.
Formulas in row 3:
B3: =B2+1
C3: =C2+7
D3: =D2+14
These have been filled down to the last row of the table.
The same table is shown below after three rows have been added by dragging the Row control handle (below the tab for row 7) down. No changes other than adding thse three rows were made by the user.
Note that rows 1 and 2 are header rows, and that row 2 contains the starting date for the seraies of date in each column. In the formula, the number at the end tells Numbers how many days to add to the previous date to get the next date.
Autofill of the formula requires that every non-header cell located above the cell into which the formula is to be filled contains the same formula.
Regards,
Barry -
How can I access old Entourage emails to import them into Mac Mail after upgrading to OS Lion?il
How can I access old Entourage emails to import them into Mac Mail after upgrading to OS Lion? I don't really want to go back to Snow Leopard in order to access the old Microsoft Applications, but they simply aren't supported in Lion.
In Mail you can select Import Mailboxes... from the File menu. There is an import from Entourage feature.
-
BGP route-reflector next-hop issue
Hello,
I have a small GNS3 lab that is working with one exception: I cannot ping loopback0 on RRc2 and RRc3 from RRc1.
RRc1, RRc2 and RRc3 can all ping loopback0 on SmileyISP and RRc2 and RRc3 can ping each others loopback0
interfaces.
I am broken between the two route-reflectors: RRS1 and RRS2.
Given these conditions:
1) Do not configure any IGP.
2) No static routes
How do I get connectivity from RRc1's loopback0 interface to RRc2 loopback0 and RRc3 loopback0?
I used a route-map to set the next hop, but I am obviously doing something wrong.
I am providing relevant show command outputs, router configs, and the GNS3 topology.net config.
You will have to change the image and working directories to match your computer.
Not quite sure where I am going wrong.
Any help would be greatly appreciated.
Thanks.
-- Mark
RRc1#sh ip bgp
BGP table version is 53, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.25.5 0 100 0 100 i
*>i 10.1.12.0/24 10.1.26.2 0 100 0 i
*>i 10.1.13.0/24 10.1.12.1 0 100 0 i
*>i 10.1.14.0/24 10.1.12.1 0 100 0 i
*>i 10.1.15.0/24 10.1.12.1 0 100 0 i
*>i 10.1.25.0/24 10.1.26.2 0 100 0 i
* i 10.1.26.0/24 10.1.26.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 172.16.1.0/24 0.0.0.0 0 32768 i
*>i 172.16.2.0/24 10.1.12.1 0 100 0 i
*>i 172.16.3.0/24 10.1.12.1 0 100 0 i
RRc1#
RRc1#ping 172.16.2.1 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
Success rate is 0 percent (0/5)
RRc1#
RRc2#sh ip bgp
BGP table version is 31, local router ID is 172.16.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.15.5 0 100 0 100 i
* i 10.1.12.0/24 10.1.12.2 0 100 0 i
* i 10.1.13.0/24 10.1.13.1 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i 10.1.14.0/24 10.1.13.1 0 100 0 i
*>i 10.1.15.0/24 10.1.13.1 0 100 0 i
* i 10.1.25.0/24 10.1.12.2 0 100 0 i
* i 10.1.26.0/24 10.1.12.2 0 100 0 i
* i 172.16.1.0/24 10.1.12.2 0 100 0 i
*> 172.16.2.0/24 0.0.0.0 0 32768 i
*>i 172.16.3.0/24 10.1.14.4 0 100 0 i
RRc2#
SmileyISP#sh run
Building configuration...
Current configuration : 988 bytes
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname SmileyISP
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 1.1.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.5 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.5 255.255.255.0
speed auto
duplex auto
router bgp 100
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor 10.1.15.1 remote-as 200
neighbor 10.1.25.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS1#sh run
Building configuration...
Current configuration : 1594 bytes
! Last configuration change at 19:24:34 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.12.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.13.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
ip address 10.1.14.1 255.255.255.0
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 10.1.14.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.2 peer-group RouteReflectors
neighbor 10.1.13.3 peer-group RRClients
neighbor 10.1.14.4 peer-group RRClients
neighbor 10.1.15.5 remote-as 100
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS2#sh ru
Building configuration...
Current configuration : 1542 bytes
! Last configuration change at 19:42:06 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.12.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.26.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.12.0 mask 255.255.255.0
network 10.1.25.0 mask 255.255.255.0
network 10.1.26.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.1 peer-group RouteReflectors
neighbor 10.1.25.5 remote-as 100
neighbor 10.1.26.6 peer-group RRClients
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc1#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:43:57 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.26.6 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.26.0 mask 255.255.255.0
network 172.16.1.0 mask 255.255.255.0
neighbor 10.1.26.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc2#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:45:05 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.2.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.13.3 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 172.16.2.0 mask 255.255.255.0
neighbor 10.1.13.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc3#wr term
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:31:12 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc3
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.3.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.14.4 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.14.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.0
neighbor 10.1.14.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
autostart = False
version = 0.8.6
[127.0.0.1:7202]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10200
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2005
aux = 2100
cnfg = configs\SmileyISP.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/0
f1/1 = RRS2 f1/1
x = -24.0
y = -259.0
z = 1.0
hx = -1.5
hy = -24.0
console = 2015
aux = 2101
cnfg = configs\RRc1.cfg
slot1 = PA-2FE-TX
f1/0 = RRS2 f2/0
x = -292.0
y = 200.0
z = 1.0
hx = -5.5
hy = -25.0
[127.0.0.1:7200]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10000
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2012
aux = 2102
cnfg = configs\RRS1.cfg
slot1 = PA-2FE-TX
f1/0 = SmileyISP f1/0
f1/1 = RRS2 f1/0
slot2 = PA-2FE-TX
f2/0 = RRc2 f1/0
f2/1 = RRc3 f1/0
x = 197.0
y = 6.0
z = 1.0
hx = 42.5
hy = -20.0
console = 2013
aux = 2103
cnfg = configs\RRS2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/1
f1/1 = SmileyISP f1/1
slot2 = PA-2FE-TX
f2/0 = RRc1 f1/0
x = -239.0
y = 9.0
z = 1.0
hx = 1.5
hy = -24.0
[127.0.0.1:7201]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10100
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2009
aux = 2104
cnfg = configs\RRc3.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/1
x = 337.0
y = 155.0
z = 1.0
hx = 17.5
hy = -25.0
console = 2008
aux = 2105
cnfg = configs\RRc2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/0
x = 149.0
y = 204.0
z = 1.0
hx = -13.5
hy = -23.0
[GNS3-DATA]
configs = configs
text = ".1"
x = 208.0
y = -23.0
text = "10.1.12.0/24"
x = -19.0
y = 5.0
text = ".1"
x = 153.0
y = 25.0
text = ".1"
x = 259.0
y = 33.0
text = "10.1.13.0/24"
x = 238.0
y = 84.0
rotate = 99
text = "10.1.25.0/24"
x = -188.0
y = -124.0
text = "l0: 172.16.2.1/24"
x = 125.0
y = 244.0
text = "l0:172.16.1.1/24"
x = -269.0
y = 240.0
text = "10.1.15.0/24"
x = 116.0
y = -127.0
text = "10.1.14.0/24"
x = 293.0
y = 53.0
rotate = 50
text = ".1"
x = 194.0
y = 68.0
text = "AS100"
x = -20.0
y = -342.0
text = ".2"
x = -148.0
y = 46.0
text = "AS200"
x = 33.0
y = 300.0
text = "l0: 1.1.1.1/24"
x = -42.0
y = -306.0
text = ".5"
x = 50.0
y = -213.0
text = ".2"
x = -248.0
y = 60.0
text = ".2"
x = -174.0
y = -52.0
text = ".5"
x = -54.0
y = -209.0
text = ".6"
x = -232.0
y = 189.0
text = "l0:172.16.3.1/24"
x = 299.0
y = 194.0
text = "10.1.26.0/24"
x = -274.0
y = 167.0
rotate = 290
text = ".3"
x = 208.0
y = 187.0
text = ".4"
x = 312.0
y = 155.0
type = ellipse
x = 50.0
y = -35.0
width = 385.0
height = 345.0
fill_color = "#ffff7f"
border_style = 2
z = -1.0
type = ellipse
x = -171.0
y = -346.0
width = 359.0
height = 200.0
fill_color = "#aaff7f"
border_style = 2
z = -1.0
type = ellipse
x = -407.0
y = -87.0
width = 883.0
height = 443.0
border_style = 2
z = -2.0
type = ellipse
x = -361.0
y = -29.0
width = 385.0
height = 326.0
fill_color = "#55aaff"
border_style = 2
z = -3.0BD,
Ahh...
OK. In the original article, the author states that the final piece with the route map
NEXTHOP was supposed to fix the reachability issue. Obviously it doesn't.
After reading your last post, I looked more carefully at the output from 'sh ip bgp'
on each of the client routers and I realized that several of the next hop addresses were
wrong for some of the prefixes.
1) I completely removed the 'neighbor RouteReflectors route-map NEXTHOP out'
from both RR's. Then I ran 'sh ip bgp' on the clients and noted a change in the next hop addresses. Still wrong, but it changed.
2) I then tried next-hop-self from the RR's to the clients, but it did not change from where
it was after I completed step 1. I am not sure why there was no change. (actually, see the very end of this post)
3) I then applied my version of the route map: route-map NEXTHOP permit 10
set ip next-hop peer-address
to the RR's with this: neighbor RRClients route-map NEXTHOP out
That fixed it. All three clients have as their next hop for all prefixes their respective
RR's (which is what they should have for this topology).
I have full connectivity everywhere, even loopback to loopback between all clients.
1) THANK YOU for pointing me in the right direction.
2) If I may ask, why did next hop self fail? More specifically, I saw no change at all
in the next hop for the advertised prefixes. Is it because next-hop-self should be used
for eBGP peers and all of the RR's and clients are all within the same AS?
Maybe you are looking for
-
Where can I get a keyboard and mouse for a Mac SE?
I have a 1988 Mac SE but am missing the keyboard and mouse. Where can I get a keyboard and mouse?
-
External hd to internal hd switch while in project edit
I just ran out of space on my external HD, and I'm only half done my project. I have plenty more space on my internal HD, how can I continue working using my internal HD ?
-
i googled this error but had no luck- what does this mean, it showed up right when GoLive crashed. thanks in advance 4/12/11 11:58:09 AM [0x0-0x79079].com.adobe.GoLive[973] Menus Exhausted! 4/12/11 10:00:20 AM Adobe GoLive CS2[212] Error
-
Problems Installing Netweaver Developer Studio 7.0 SP 15
Hello friends, I have currently NWDS 7.0 SP9 installed. I need to install NWDS 7.0 SP15. For that I have downloaded the JIDE15_0-10003480.SAR file from Service Market place. I don't know what to do after that. Please can anyone help me on this. Point
-
Post Here YouR (OC) Bios Stable Settings.
K, Since i wanna know how to get even higher clocks than my current oc @ 2552 see sig. I would like to know what your Stable settings in bios are. Mine is now: 4xHt 232 HTT (233 causes no boot, looking for array but its disabled in bios, quite weird?