[c-nsp] WARNING: Netflow Data Export & Hardware assisted NAT not supported on 76xx/65xx on the same interface

Pete Lumbis alumbis at gmail.com
Sun Aug 28 12:35:20 EDT 2011 

This is something I've pushed for in the past and is incredibly difficult to
do. I agree 100% that the CLI should be the first line of defense against
misconfiguration. One of the first challenges with this kind if check is the
need for the paraer to scan the entire config for compatiability everytime
you enter a command. The easiest fix to this would be a "config commit"
feature like I believe exists in XR but this would be a huge architectural
change that I wouldn't hold my breath to see.

Beyond this is the fact the parser is the same on all platforms so it
becomes difficult to have a platform independent parser to check for
platform specific feature conflicts. These kind of challenges don't let
Cisco off the hook i'm just trying to demonstrate that it is a non-trivial
task that won't happen overnight.

With all that being said it does not excuse the lack of documentation. I
would suggest to the OP and all of us that work with TAC and run into
undocumented restrictions to have the TAC engineer open a doc bug and push
until it is resolved (published).

Regards,
Pete

On Sunday, August 28, 2011, Robert Raszuk <robert at raszuk.net> wrote:
> If CLI/parser allows to co-exist any feature combination - they are
> expected to work. I am with Matthew here.
>
> If they do not work one should not be able to configure them .. get the
> error/warning or syslog message at min.

> Cheers,
> R.
>
>> On Aug 26, 2011, at 11:25 AM, Matthew Huff wrote:
>>
>>> Last winter we purchased a pair of 7606 routers to use out at the NYSE
colo facility. We connect via a 1gb fiber to the SFTI LCN for market data
and FIX traffic. We fully expected to be able to use hardware assisted NAT
and NDE to monitor the traffic. The netflow output we get is random,
sporadic and very incomplete. After dealing with our Sales team and TAC, we
have finally got them to admit that it doesn't work when NAT and NDE are
configured on the same interface.
>>
>> I seem to remember that being made apparent when the sup720 was first
>> announced, and I also think it was presented in the cat6k architecture
>> session at networkers when I went in 2005.
>>
>> Sounds to me that you really need a better sales team that can engage
>> the right TME.
>>
>> Dale
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list