[c-nsp] (no subject)

Church, Chuck cchurch at netcogov.com
Mon Apr 25 09:56:01 EDT 2005


Tom,

	Does that mean all of the Enhanced Object Tracking features
(like static routes based on reachability) will be available EOY also?

Thanks,

Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D 


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Tom Zingale
Sent: Sunday, April 24, 2005 10:09 PM
To: luan.nguyen at mci.com; helmwork at ruraltel.net;
cisco-nsp at puck.nether.net
Subject: [c-nsp] (no subject)

>Thanks for introduce me to the new command :) This ip sla monitor thing


>came out with 12.2SX and 12.2SB already?

Not yet by the end of the year

 

 IPSLA works in two phases:

1) Control phase uses UDP. Source port is random, destination port 1967.


As discussed below.

2) Measurement phase goes from source (port is either fixed, or picked

randomly) and go to destination where the port number has been
configured on
the sender. This is a stream of UDP packets.

3) The receiver (called the responder in our case) mirror the packets
back
to the sender.

Running an operation Inside->Outside is not a problem. However, from
outside
to inside it would require:

- To open 1967/UDP

- To statically configure the source-port AND dest-port

- To open the pair src-ip/src-port/dst-ip/dst-port on the firewall.

If you do not configure statically the ports, it is going to be really
difficult for the operation to go through without opening a lot of
useless
conduits.

 

>X-BrightmailFiltered: true

>X-Brightmail-Tracker: AAAAAA==

>X-IronPort-AV: i="3.92,124,1112598000"; 

> d="scan'208"; a="64678839:sNHT39166694"

>X-Envelope-From: luan.nguyen at mci.com

>Date: Fri, 22 Apr 2005 11:02:17 -0400

>From: Luan Nguyen <luan.nguyen at mci.com>

>Subject: RE: [c-nsp] IP SLA through NAT Firewall

>To: "'Eric Helm'" <helmwork at ruraltel.net>, cisco-nsp at puck.nether.net

>X-Mailer: Microsoft Office Outlook, Build 11.0.5510

>Thread-index: AcVHR69YGIN+dgbwTdKgur3cB//onAAA2qhQ

>X-BeenThere: cisco-nsp at puck.nether.net

>X-Mailman-Version: 2.1.6b1

>List-Id: "list for people using cisco in a NSP \(Network service
provider\)

> environment" <cisco-nsp.puck.nether.net>

>List-Unsubscribe: <
<https://puck.nether.net/mailman/listinfo/cisco-nsp>
https://puck.nether.net/mailman/listinfo/cisco-nsp>,

> < <mailto:cisco-nsp-request at puck.nether.net?subject=unsubscribe>
mailto:cisco-nsp-request at puck.nether.net?subject=unsubscribe>

>List-Archive: < <https://puck.nether.net/pipermail/cisco-nsp>
https://puck.nether.net/pipermail/cisco-nsp>

>List-Post: < <mailto:cisco-nsp at puck.nether.net>
mailto:cisco-nsp at puck.nether.net>

>List-Help: < <mailto:cisco-nsp-request at puck.nether.net?subject=help>
mailto:cisco-nsp-request at puck.nether.net?subject=help>

>List-Subscribe: < <https://puck.nether.net/mailman/listinfo/cisco-nsp>
https://puck.nether.net/mailman/listinfo/cisco-nsp>,

> < <mailto:cisco-nsp-request at puck.nether.net?subject=subscribe>
mailto:cisco-nsp-request at puck.nether.net?subject=subscribe>

>Sender: cisco-nsp-bounces at puck.nether.net

>X-PMX-Version: 4.7.0.111621

>X-from-outside-Cisco: 128.107.243.13

>X-OriginalArrivalTime: 22 Apr 2005 15:06:13.0595 (UTC) 

>FILETIME=[D32CEAB0:01C5474C]

>

>Thanks for introduce me to the new command :) This ip sla monitor thing


>came out with 12.2SX and 12.2SB already?

>I saw on Cisco web, it says coming out to replace rtr in 12.4 and
12.4.T.

>Anyhow, for rtr stuffs, first the router will send a control message 

>UDP high port to the responder udp port 1967. The responder will 

>respond back

>1967 ---> UDP highport. If this goes through the firewall, then normal 

>jitter operation will follow, from udp highport to the 16384 specified 

>by you.

>You config seems to specify the router as both the probe and the
responder.

>IMHO, NAT probably doesn't break your sla...probably the firewall.

>

>Luan

 
 
------------------------
Tom Zingale
Product Manager
Internet Technologies Group
408-527-7535
 <http://www.cisco.com/go/ipsla> Cisco IOS IP SLAs
http://www.cisco.com/go/ipsla
Cisco IOS NetFlow
http://www.cisco.com/go/netflow
--------------------------------
 
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list