[c-nsp] me3800x IOS

Jeremy Bresley brez at brezworks.com
Wed Aug 12 12:36:54 EDT 2015 

Just a guess, probably moving the SSH configuration down below the 
interface configuration so things like source-interfaces will exist 
before it tries to use them.  Also can bite you when copy/pasting an 
existing configuration file into a new device when you tell it to source 
from an interface that hasn't been created yet.

JunOS and IOS-XR don't have this issue as prevalent since you have to do 
a commit on the config before it takes effect.

Jeremy "TheBrez" Bresley
brez at brezworks.com

On 8/12/2015 4:26 AM, Mark Tinka wrote:
>
> On 12/Aug/15 11:00, James Bensley wrote:
>>
>> Why have they done that? That is very annoying (well not directly for
>> me, I'm feeling sympathetic annoyance).
>
> Agree.
>
> Not sure why they did that.
>
> Also, I wonder whether it will be across all product sets when they
> start supporting 15.5 (which is most now, anyway).
>
>
>> You can bet that out there are networks with automation scripts that
>> will be looking for bits on config in certain places etc, that kind of
>> thing. Cisco have just broken that for those people.
>
> If anyone wants a heads-up, here is what I can share after an upgrade to
> 15.5:
>
> - version 15.4
> + version 15.5
>    no service slave-log
>    no service pad
>    service tcp-keepalives-in
> @@ -250,12 +247,9 @@
>    ip spd queue max-threshold 2000
>    ip spd queue min-threshold 1000
>    !
> + ip name-server a.a.a.a b.b.b.b CCCC:CCCC::C DDDD:DDDD:D
> +
> - ip name-server a.a.a.a
> - ip name-server b.b.b.b
> - ip name-server CCCC:CCCC::C
> - ip name-server DDDD:DDDD::D
> -
>    no ipv6 source-route
>    ipv6 unicast-routing
>    !
> @@ -289,9 +283,6 @@
>    vlan internal allocation policy ascending
>    !
>    ip tcp mss 1500
> - ip ssh time-out 90
> - ip ssh authentication-retries 2
> - ip ssh version 2
>    !
> @@ -859,6 +847,9 @@
>    ip bgp-community new-format
>    no ip http server
>    no ip http secure-server
> + ip ssh time-out 90
> + ip ssh authentication-retries 2
> + ip ssh version 2
>    ip route 192.0.2.1 255.255.255.255 Null0 name blackhole-route
>    !
>    ip access-list standard ntp-access
>
> Mark.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list