Pages

9/25/2013

SPANning ports on Cisco Nexus 5K Switch "brings down network"

DO NOT SPAN PORTS ON NEXUS 5K

Cisco Nexus 5000 Series NX-OS System Management Configuration Guide, Release 5.1(3)N1(1) - Configuring SPAN  [Cisco Nexus 5000 Series Switches] - Cisco Systems: If a destination port is oversubscribed, it can become congested. This congestion can affect traffic forwarding on one or more of the source ports.

I'm told this is not an issue on 7K's.

9/17/2013

Cisco Identity Services Engine (ISE) - Cisco Systems

Cisco Identity Services Engine (ISE) - Cisco Systems: Cisco Identity Services Engine

Cisco ACS - Accounting

Configure a device to log every command to the ACS server:

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

9/10/2013

STP loops strike again

STP loops strike again
this is a very interesting post about a L2 loop experience.  The "best practice" I've always been told, isn't enough.
And an interesting solution:
use switchport port-security and limit the number of MAC addresses accepted on the switch port.