This is an archived post. You won't be able to vote or comment.

all 7 comments

[–]meganaxCCNA R&S 0 points1 point  (0 children)

Excellent post! I love the knowledge you bestow upon us :)

[–]CBRjackCCNA RS/W, BCNP, BCvRE 0 points1 point  (0 children)

Excellent post! Keep them coming!

[–]gusgizmo 0 points1 point  (1 child)

Don't forget the delay feature, this is huge for making your routes not flap at the first sign of packet loss:

track 8 ip sla 1 reachability
 delay down 90 up 30

By making down a multiple of the frequency in the sla statement, you can require multiple lost pings to trigger the tracked route being pulled.

ip sla 1
 icmp-echo source-interface GigabitEthernet0/0
 threshold 1000
 frequency 30
ip sla schedule 1 life forever start-time no

I'm using this with a pair of routers on different ISP's advertising their defaults routes via ospf to a set of HA firewalls from another vendor. Works great. Would work equally well with two ISP's terminated on the same router with very little tweaking.

[–]the-packet-throwerMeow 🐈🐈Meow 🐱🐱 Meow Meow🍺🐈🐱Meow A+![S] 0 points1 point  (0 children)

Yup the delay is a handy thing!

[–]primalsmoke 0 points1 point  (2 children)

Thanks PT! I'll have to read this in more detail on a computer.

I have a question that has been lingering in my mind. Let's say I'm monitoring traffic using a FastE interface. The source is Gig. What happens when the amount of traffic is beyond the bandwidth of the Fa port?

Or I'm using RSPAN and the traffic analyzed is beyond the capabilities of the remote switch's uplinks?

In the above example, what would happen if the bottleneck was at my swiches uplink?

[–]the-packet-throwerMeow 🐈🐈Meow 🐱🐱 Meow Meow🍺🐈🐱Meow A+![S] 0 points1 point  (1 child)

You would basically DOS the port if the gig port happens to send more than 100mbs of traffic.

[–]primalsmoke 0 points1 point  (0 children)

does the port need to be reset? DOS would mean that no traffic would pass? Sort of like a CMSA\CD? Or would a percentage of the data go through.

The Gig port being snooped would go on unaffected?