[c-nsp] me3800x IOS
Jeremy Bresley
brez at brezworks.com
Wed Aug 12 12:36:54 EDT 2015
Just a guess, probably moving the SSH configuration down below the
interface configuration so things like source-interfaces will exist
before it tries to use them. Also can bite you when copy/pasting an
existing configuration file into a new device when you tell it to source
from an interface that hasn't been created yet.
JunOS and IOS-XR don't have this issue as prevalent since you have to do
a commit on the config before it takes effect.
Jeremy "TheBrez" Bresley
brez at brezworks.com
On 8/12/2015 4:26 AM, Mark Tinka wrote:
>
> On 12/Aug/15 11:00, James Bensley wrote:
>>
>> Why have they done that? That is very annoying (well not directly for
>> me, I'm feeling sympathetic annoyance).
>
> Agree.
>
> Not sure why they did that.
>
> Also, I wonder whether it will be across all product sets when they
> start supporting 15.5 (which is most now, anyway).
>
>
>> You can bet that out there are networks with automation scripts that
>> will be looking for bits on config in certain places etc, that kind of
>> thing. Cisco have just broken that for those people.
>
> If anyone wants a heads-up, here is what I can share after an upgrade to
> 15.5:
>
> - version 15.4
> + version 15.5
> no service slave-log
> no service pad
> service tcp-keepalives-in
> @@ -250,12 +247,9 @@
> ip spd queue max-threshold 2000
> ip spd queue min-threshold 1000
> !
> + ip name-server a.a.a.a b.b.b.b CCCC:CCCC::C DDDD:DDDD:D
> +
> - ip name-server a.a.a.a
> - ip name-server b.b.b.b
> - ip name-server CCCC:CCCC::C
> - ip name-server DDDD:DDDD::D
> -
> no ipv6 source-route
> ipv6 unicast-routing
> !
> @@ -289,9 +283,6 @@
> vlan internal allocation policy ascending
> !
> ip tcp mss 1500
> - ip ssh time-out 90
> - ip ssh authentication-retries 2
> - ip ssh version 2
> !
> @@ -859,6 +847,9 @@
> ip bgp-community new-format
> no ip http server
> no ip http secure-server
> + ip ssh time-out 90
> + ip ssh authentication-retries 2
> + ip ssh version 2
> ip route 192.0.2.1 255.255.255.255 Null0 name blackhole-route
> !
> ip access-list standard ntp-access
>
> Mark.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list