[c-nsp] Cisco 7500 High Availability
neal rauhauser
neal at lists.rauhauser.net
Mon Apr 10 22:45:36 EDT 2006
Rodney Dunn wrote:
> You should never run IPSEC on a 75xx other than just for
> management to/from the box. We strongly don't recommned it.
We use it for ssh only.
> As long as you have enough memory to do dCEF you should be ok
> with SSO with the hardware and OSPF and BGP.
The system fussed about CEF in conjunction with 802.1Q VLAN
trunking, so I shut it off :-( I guess I can redraw the picture and stop
using 802.1Q, but I really like being able to renumber things without a
lot of excitement ...
I'll try doing a no VLAN/CEF config and see if that acts a little
better. Thanks for the tips.
> Rodney
>
> On Mon, Apr 10, 2006 at 04:24:43PM -0500, neal rauhauser wrote:
>> They've got four 7507s with RSP4, 12.0.32S IPsec, they're running BGP,
>> OSPF, and they've got PA-FE-TX and PA-T3 in VIP-2/50s. And of course
>> they don't have Smartnet, because that doesn't come with Ebay purchases :-)
>>
>>
>>
>>
>>
>>
>> Rodney Dunn wrote:
>>> On Mon, Apr 10, 2006 at 03:54:13PM -0500, neal rauhauser wrote:
>>>> I've got a customer with some 75xx that have dual RSP4s in them.
>>>> We've got identical dram/flash/12.0.32S code on them and I've started
>>>> fooling with the high availability stuff. I've received feedback from a
>>>> couple people on NANOG that this doesn't work very well - the four to
>>>> eight minute recovery RPR works, but the faster modes do not behave.
>>> You will always get various levels of answers to questions like that.
>>> You should always ask for more specifics like "EXACTLY what code were
>>> you running, what EXACTLY did your full configuration look like, etc.."
>>>
>>> For all we know they were running protocols that are not HA supported.
>>>
>>> For raw IP on standard Ethernet and WAN circuits (not PPPoX type
>>> aggregation) SSO mode should work just fine in later code.
>>> We don't support PPPoX HA on the 75xx (well, we don't like to say
>>> PPPoanything is supported on that platform).
>>>
>>>
>>>> Can anyone comment on this? I'd like to make it go for this guy, but I
>>>> don't want to spend forty hours learning all of the failure modes for a
>>>> software product that works better on other hardware platforms ...
>>>>
>>>>
>>>>
>>>> --
>>>> mailto:Neal at Layer3Arts.com // IM:layer3arts
>>>> voice: 402 408 5951
>>>> cell : 402 301 9555
>>>> fax : 402 408 6902
>>>>
>>>> _______________________________________________
>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>> --
>> mailto:Neal at Layer3Arts.com // IM:layer3arts
>> voice: 402 408 5951
>> cell : 402 301 9555
>> fax : 402 408 6902
>
--
mailto:Neal at Layer3Arts.com // IM:layer3arts
voice: 402 408 5951
cell : 402 301 9555
fax : 402 408 6902
More information about the cisco-nsp
mailing list