Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Member since ‎07-23-2010
‎05-10-2018
philip moore
philip moore
Community Member

Csr azure route table

Created by philip moore in Cisco Cloud Service Router (CSR) for Public Cloud
‎04-29-2018 09:55 AM
‎04-29-2018 09:55 AM
Hi guys   I recently deployed csrv in azure as a trial. The plan is to deploy azure as an iwan branch. The deployment guides are not available for this so let's see how it goes. I am following the azure hub/spoke design. Csr will be in hub vnet with dmvpn to on premises. There are multiple spoke vnets, each has a vnet peering to hub. What I notice from the basic install is that the route table is incomplete. I was hoping to see all of the networks in the hub vnet, and also the spokes. Alas not, only a default route. Do you know if a way to import the azure routes into CSR route table? This would be really helpful in order to learn networks to advertise to dmvpn and pfr. Thanks a lot! Phil ... View more

Re:   http://www.cisco.com/c/en

Created by philip moore in WAN, Routing and Switching
‎04-28-2018 05:21 PM
‎04-28-2018 05:21 PM
Yes, but careful of the throughput limitations. We were advised that this platform would support around 25mbps but I thinkis much lower in reality. Especially critical if you're going to run waas/wccp as this is done in software in iwan template. If you can, move up to isr4k where these limitations go away. Hth ... View more

Re: Hi,

Created by philip moore in Cisco Cloud Service Router (CSR) for Public Cloud
‎04-28-2018 03:36 PM
‎04-28-2018 03:36 PM
Hi Guys I tried out the setup, works great. thanks! Do you know of a way to restore route table to original state once CSRv-1 is back up? i.e. set the VNet subnet UDR back to the IP address of CSRv-1 Thanks a lot!   ... View more

Iwan Pfr transit spoke

Created by philip moore in WAN, Routing and Switching
‎12-12-2016 03:03 PM
‎12-12-2016 03:03 PM
Hi community  Does anyone know if it is feasible to have 2 spokes at different sites advertise the same prefix? for example  Prefix 1.1.1.0/24 is advertised from Spoke a with bgp local pref 100 and from spoke b with lp 500 (prefer b) Or Spoke a advertises  1.1.1.0/24 and spoke b advertises 1.1.0.0/16 (prefer a) Are either of those scenarios supported by iwan/pfr? the reason to ask is that I'd like to have transit spoke available as a standby route available should the preferred path fail Many thanks!! ... View more

Is it mandatory to define an RD for IWA...

Created by philip moore in Other Service Provider Subjects
‎11-07-2016 03:23 AM
‎11-07-2016 03:23 AM
Hi Community! I have a question regarding IWAN configuration of VRF. Is it mandatory to define an RD? In the latest IWAN deployment it says is not required, example is: vrf definition IWAN-TRANSPORT-1  address-family ipv4 I was thought that RD was required for "what is essentially a vrf-lite configuration" in order for the router to locally distinguish which local routes belong in each vrf. In my mind that was why it was mandatory to type it, and why no 2 vrf's on the same router can share the same RD. If it's not required for this, I guess the router uses some other mechanism, like creating a seperate RiB for each vrf name. Thanks a lot for helping my understanding! Cheers! Ref: https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Oct2016/CVD-IWANDeployment-2016OCT.pdf The topic is also discussed here: http://ieoc.com/forums/t/16561.aspx ... View more

Genius!!

Created by philip moore in VPN
‎04-23-2016 10:45 AM
‎04-23-2016 10:45 AM
Genius!! ... View more

Iwan shopping list

Created by philip moore in WAN, Routing and Switching
‎04-23-2016 10:00 AM
‎04-23-2016 10:00 AM
Hi! The company where I work are interested in Iwan. I am looking for recommendations on hardware selection, particularly for master and transit master controller. I don't find anything in cvd or wiki. I guess ultimately what I need is an Iwan shopping list. branch are isrg2 all with sec lic. I guess I have to buy APP lic. The hub are asr1006. there is interest in prime Iwan so I need licenses there. the MC is somewhat a mystery. i guess answer is, as normal , it depends. there will be 10 branches with dual router to begin. Sizing up to maybe 50, 100, 150 over 3 years then who knows. Any pointers of other use case to follow would be appreciated  cheers!!! ... View more

Hello I have almost the same

Created by philip moore in MPLS
‎05-08-2015 08:18 AM
‎05-08-2015 08:18 AM
Hello   I have almost the same issue. The only difference is that I have to apply the ACL to non-mpls interface, not the tunnel. Test I am doing is a ping from loopback on MPLS switch with tunnel, through MPLSoGRE to other MPLS switch, then out interface to a regular router loopback. echo (out) is ok - it is received by rtrB loopback_swA > MPLSoGRE_swA > MPLSoGRE_swB > int_swB > int_rtrC > loopback_rtrC   echo-reply not ok  loopbackrtrB > int_rtrC > XXX But if I put the permit any any ACL on int_swB inbound it works.   In a packet capture on swB (NAM) I see the 2 packets: (see screenshot) 1) MPLS encap 2) regular icmp echo-reply I tried the mls commands, made no difference. All this started by upgrading to IOS 15.1(2)SY4a Did you get an answer from TAC? My case is in progress, no answer yet.   Thanks a lot! Phil   ... View more

hi, thanks for your reply. It

Created by philip moore in Network Management
‎04-27-2015 06:56 AM
‎04-27-2015 06:56 AM
hi, thanks for your reply. It is the config search archive feature we really need. It used for compliance check. Have you a recommendation on that. I agree, I'd rather Cisco (all other evndor) produce the ULTIMATE solution. I won't want to be left managing customer apps and scripts. Not scalable, and we don't have the time or skillset Do you work for Cisco? Is funny because I heard the same story from them 2 years about the "pipeline". Would love to see this plan with some timescales.   cheers ... View more

hi, thanks for your reply. It

Created by philip moore in Network Management
‎04-27-2015 06:55 AM
‎04-27-2015 06:55 AM
hi, thanks for your reply. It is the config search archive feature we really need. It used for compliance check. Have you a recommendation on that. I agree, I'd rather Cisco (all other evndor) produce the ULTIMATE solution. I won't want to be left managing customer apps and scripts. Not scalable, and we don't have the time or skillset Do you work for Cisco? Is funny because I heard the same story from them 2 years about the "pipeline". Would love to see this plan with some timescales.   cheers ... View more

free tools to replace Cisco Works RME f...

Created by philip moore in Network Management
‎04-27-2015 02:12 AM
‎04-27-2015 02:12 AM
Dear Community   We have recently "upgraded" to Cisco Prime from LMS 3.2 and what a sad state it is. We lost all of the great abilities we had before for archive search, and I I'm not enjoying the new GUI/flow. I'd like to hear of other peoples experience, and if there is any recommendation on free (or paid) tools to do the CiscoWorks RME fuction.   Thanks a lot! Phil ... View more

stability of IOS 15.1(2)SY4a on Catalys...

Created by philip moore in WAN, Routing and Switching
‎04-13-2015 02:50 PM
‎04-13-2015 02:50 PM
Dear Community In order to use a new feature ( BGP - local-AS allow-policy) , I am forced (or suggested) by TAC to upgrade to IOS 15.1(2)SY4a on Catalyst 6513 Sup720/MSFC3 (The feature actually appeared on 15.1(1)SY1, but the one quoted is recommended on Cisco download) Currently devices are running IOS 12.2(33)SXI9. Has anyone any experience of this image that could comment on stability/reliability? Thanks! Phil ... View more

If it is anything like LMS 4,

Created by philip moore in Security and Network Management
‎11-09-2014 03:30 PM
‎11-09-2014 03:30 PM
If it is anything like LMS 4, it treats each context as a separate object. Configure an IP on each context and add that to Prime. ... View more

Hi Bhastiann It entirely

Created by philip moore in LAN, Switching and Routing
‎11-09-2014 03:28 PM
‎11-09-2014 03:28 PM
Hi Bhastiann   It entirely depends on your requirements :)   Admins are generally considered to have access everywhere so maybe best as promiscuous. If the other groups need to connect to each other then they need to be in a community. Infrastructure generally do, and you could say they are trusted so why not place them in a single community. If you don't want students to connect directly, place them in an isolated. I'd trust teachers even less :) The method to share files should be by file server. Don't forget, subnetting and access control. I wouldn't recommend placing all devices in a single subnet. depends on how many you have, but certainly a subnet for end users (teachers, students) and infrastructure would be a good idea.   HTH   ... View more

Hi JosephThanks so much for

Created by philip moore in WAN, Routing and Switching
‎10-06-2014 07:21 AM
‎10-06-2014 07:21 AM
Hi Joseph Thanks so much for your reply. First I will add the missing info, yes there is QoS policy on both MPLS (5-class model with voice, video + 3 data classes, I don't think they are shaping, I expect is police.) and similar policy for VPN (using per-tunnel QoS). They both share the same DSCP marking, marked in the LAN ingress to the BR. SO yes, PfR traffic class by DSCP marking is what I would be looking into. Asymmetric is seen as a bad word in the customer's world, and is something to be avoided. Usually it is because it means some routing has gone awry and possibly traffic is being routed one way via high speed leased-line, and back via a low bw/high latency VSAT. Also apps like Domino don't seem to like it very much and refuse to transfer mail under those conditions. But all that said, I can try it. I think PfR can help us with the outbound traffic from branch, but I struggle to see how it can help with the inbound IF using utilization only on HUB BR - agree it would never go out of policy (10M to a single branch means the hub is only at 10%). So to enable this you think I should be looking at monitor delay also at HUB? Or have you any experience with inbound route control using BGP? http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/pfr/configuration/xe-3s/pfr-xe-3s-book/pfr-bgp-inbound.html The MPLS WAN does not use GETVPN. Do you think using that gives better options for traffic control? The suggested PfR policy came straight from the Cisco example. What is typical PfR policy for you/in the real world? Thanks a lot for your interest! ... View more
Public Statistics
Date Registered ‎07-23-2010 06:13 AM
Date Last Visited ‎05-10-2018 01:51 AM
Total Messages Posted 53
Badges
Bio
Network Engineer for United Nations