Thanks Rob for doing within the CLI. Using the Feature then Device template takes too much time. I personally leverage the latter UI templates for TACAS, SNMP or any common configurations across the footprint depending on the site-type or formfactor. I do understand that Cisco recommends pushing via the UI. However, for many customers I manage the CLI is simply quicker when having a huge rollout with an aggressive target. The point would be... that the templates you will still have to input many variables within a CVS file aside the common standard configs. This can get a bit messy due to the site-type or platform desired at even the placement level. TI do leverage the CLI templates on occasion that appears like Jinja braces {stuff} to input within the UI. There would be a downside to using CLI mode versus vManage Mode. You will have to ensure you replicate changes on all vSmarts. Anyone else in within the community have different experiences? Still a greenhorn myself, but had to digest quickly :)
Hi Rob , Will HP DL360 P G8 server with 64GB ram ddr3 , dual xenon E5-2620 v2 with 24 core 1.2TB hdd with win server 2019 installation is enough Or Dell R710 with dual intel xenon processor 24 core x5650 32GB ram 900 gb hdd Enough for sdwan and ACI labs Please suggest as i m planning to buy one of them for sdwan and aci lab practise.
Thank you Rob for this great video. I am having an issue with VRRP on the vEdge1 and vEdge2. It seems like my routers IOS5 and IOS6 are able to resolve the ARP for the VRRP gateway IP address, but aren't able to ping the VRRP gateway IP address. I cannot even see any traffic on vEdge1 or vEdge2 tcpdump from the IOS5 and IOS6 routers except the initial ARP traffic. I have even tried replacing the switch in between the routers and vEdges, i've used IOU, etherswitch cards on routers, and even a typical GNS3 switch, but didn't work. I tried VRRP on regular IOS-based routers and it works with the aforementioned switches, but not at all for vEdges, I am not sure what is the issue; even though the VRRP is working between the vEdges and vEdge1 is replying for the ARP query. What could be the issue? Thanks.
Hi Rob, in this VRRP lab. You seems like forgot to attach the VIP for vEdge2, that's fine. on IOS15 I can ping 13.13.13.13 via vEdge1 ge0/3 10.5.6.1, but when I shutdown SW17 Gi0, traceroute shows ping 13.13.13.13 go to vEdge2 ge0/3 10.5.6.2, then go to 10.3.13.3, stops there. I did a packet capture, I can see IOS13 is reply ICMP request at this point, also I am seeing on vEdge1 ge0/3 I can see the ICMP reply, but the link is down, so the ICMP reply got blocked. I also expect vEdge2 ge0/3 got the same ICMP reply from 13.13.13.13 but it didn't, the ICMP reply should have 4 path to reach 10.5.6.0/24, and it should reach to vEdge2, any idea why it's not? I understand that once I shutdown SW17 Gi0. the VRRP would not see each other they will both claim they are master, but this should not affect, vEdge2 got the ICMP reply form IOS13, yes?
VRRP isn't a load balancing feature. It's a HA feature. You could create different groups and then have device 1 forward for group 1 and device 2 forward for group 2.
Hi Rob.. Good Day.. i am in Lab 11. unable to ping 13.13.13.13 from router IOS5 router .. while i am shut downing switch17 port G0/0 .. connected to Vedge11 ... if its VRRP it should work . but its not working ... GW is 10.5.6.254 .... it means Switch17 its not checking of VEDGE router heartbeat? please find the logs as below IOS5#ping 13.13.13.13 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 13.13.13.13, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) IOS5#sh ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 10.5.6.254 to network 0.0.0.0 S* 0.0.0.0/0 [254/0] via 10.5.6.254 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.5.6.0/24 is directly connected, GigabitEthernet0/0 L 10.5.6.177/32 is directly connected, GigabitEthernet0/0 IOS5#ping 10.5.6.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.5.6.254, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) IOS5#sh ip int bri Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 10.5.6.177 YES DHCP up up After enabling port G0/0.. its working fine .. IOS5#ping 13.13.13.13 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 13.13.13.13, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 67/83/96 ms IOS5#tra IOS5#traceroute 13.13.13.13 Type escape sequence to abort. Tracing the route to 13.13.13.13 VRF info: (vrf in name/id, vrf out name/id) 1 10.5.6.1 29 msec 18 msec 18 msec 2 * 10.3.13.3 60 msec 43 msec 3 10.3.13.13 54 msec * 69 msec
Thank you very much Rob for this wonderful series - fantastic job
Thanks Rob for doing within the CLI. Using the Feature then Device template takes too much time. I personally leverage the latter UI templates for TACAS, SNMP or any common configurations across the footprint depending on the site-type or formfactor.
I do understand that Cisco recommends pushing via the UI. However, for many customers I manage the CLI is simply quicker when having a huge rollout with an aggressive target.
The point would be... that the templates you will still have to input many variables within a CVS file aside the common standard configs. This can get a bit messy due to the site-type or platform desired at even the placement level.
TI do leverage the CLI templates on occasion that appears like Jinja braces {stuff} to input within the UI. There would be a downside to using CLI mode versus vManage Mode.
You will have to ensure you replicate changes on all vSmarts.
Anyone else in within the community have different experiences? Still a greenhorn myself, but had to digest quickly :)
great videos. fyi you forgot to add the vrrp vip "10.5.6.254" in the template for vedge2
Good Catch.. Thank you
thanks
Hello Rob - question about DHCP: How can I make assure that the DHCP-daemons on vEdge1 and vEdge2 are on the same pace regarding leased addresses?
I have no idea. Not even sure that would be an option.
Hi Rob ,
Will HP DL360 P G8 server with 64GB ram ddr3 , dual xenon E5-2620 v2 with 24 core 1.2TB hdd with win server 2019 installation is enough
Or
Dell R710 with dual intel xenon processor 24 core x5650
32GB ram 900 gb hdd
Enough for sdwan and ACI labs
Please suggest as i m planning to buy one of them for sdwan and aci lab practise.
Go with the HP one, newer CPU
Thank you Rob for this great video. I am having an issue with VRRP on the vEdge1 and vEdge2. It seems like my routers IOS5 and IOS6 are able to resolve the ARP for the VRRP gateway IP address, but aren't able to ping the VRRP gateway IP address. I cannot even see any traffic on vEdge1 or vEdge2 tcpdump from the IOS5 and IOS6 routers except the initial ARP traffic.
I have even tried replacing the switch in between the routers and vEdges, i've used IOU, etherswitch cards on routers, and even a typical GNS3 switch, but didn't work. I tried VRRP on regular IOS-based routers and it works with the aforementioned switches, but not at all for vEdges, I am not sure what is the issue; even though the VRRP is working between the vEdges and vEdge1 is replying for the ARP query. What could be the issue? Thanks.
I only demo'd this in EVE-NG and not GNS3, so it might be a GNS3 related issue. Beyond that I have no idea.
@@RobRikerTechChannel Ok thanks!
Hi is there the possibility to configure authentication on VRRP as we could do on IOS/IOS-XE?
Hi Rob, in this VRRP lab. You seems like forgot to attach the VIP for vEdge2, that's fine. on IOS15 I can ping 13.13.13.13 via vEdge1 ge0/3 10.5.6.1, but when I shutdown SW17 Gi0, traceroute shows ping 13.13.13.13 go to vEdge2 ge0/3 10.5.6.2, then go to 10.3.13.3, stops there. I did a packet capture, I can see IOS13 is reply ICMP request at this point, also I am seeing on vEdge1 ge0/3 I can see the ICMP reply, but the link is down, so the ICMP reply got blocked. I also expect vEdge2 ge0/3 got the same ICMP reply from 13.13.13.13 but it didn't, the ICMP reply should have 4 path to reach 10.5.6.0/24, and it should reach to vEdge2, any idea why it's not? I understand that once I shutdown SW17 Gi0. the VRRP would not see each other they will both claim they are master, but this should not affect, vEdge2 got the ICMP reply form IOS13, yes?
i saw vrrp priority is configured, so what about load balance? how does it manage LB in this case?
VRRP isn't a load balancing feature. It's a HA feature. You could create different groups and then have device 1 forward for group 1 and device 2 forward for group 2.
Hi Rob.. Good Day..
i am in Lab 11. unable to ping 13.13.13.13 from router IOS5 router .. while i am shut downing switch17 port G0/0 .. connected to Vedge11 ... if its VRRP it should work . but its not working ... GW is 10.5.6.254 .... it means Switch17 its not checking of VEDGE router heartbeat?
please find the logs as below
IOS5#ping 13.13.13.13
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.13.13.13, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
IOS5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 10.5.6.254 to network 0.0.0.0
S* 0.0.0.0/0 [254/0] via 10.5.6.254
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.5.6.0/24 is directly connected, GigabitEthernet0/0
L 10.5.6.177/32 is directly connected, GigabitEthernet0/0
IOS5#ping 10.5.6.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.5.6.254, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
IOS5#sh ip int bri
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 10.5.6.177 YES DHCP up up
After enabling port G0/0.. its working fine ..
IOS5#ping 13.13.13.13
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.13.13.13, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 67/83/96 ms
IOS5#tra
IOS5#traceroute 13.13.13.13
Type escape sequence to abort.
Tracing the route to 13.13.13.13
VRF info: (vrf in name/id, vrf out name/id)
1 10.5.6.1 29 msec 18 msec 18 msec
2 *
10.3.13.3 60 msec 43 msec
3 10.3.13.13 54 msec * 69 msec
Hi. What is the spec of the server/pc you are using to run this eve-ng lab on ?
Cisco UCS C220 M3 2x 8 core E5-2650s and 256 GB RAM