Category Archives: networking

How To Fix IPSec Anti Replay Errors On Cisco IOS and IOS XE

I’m sure you’ve all logged into a VPN Router once or twice and seen this syslog: %IOSXE-3-PLATFORM: R0/0: cpp_cp: QFP:0.0 Thread:000 TS: %IPSEC-3-REPLAY_ERROR: IPSec SA receives anti-replay error, DP Handle X, src_addr x.x.x.x, dest_addr y.y.y.y, SPI 0x0 Here is everything you need to know regarding the feature, the causes of the syslog, and the solutions …

Continue reading “How To Fix IPSec Anti Replay Errors On Cisco IOS and IOS XE”

How To Configure IP SLA with DF-BIT Set and 9K MTU Payload On Cisco IOS XE

Here are instructions on how to configure an IP SLA to ping with an IP MTU of 9K and the don’t fragment (DF-BIT) set. I used a CSR1000V (IOS XE) running Fuji. This also works on regular IOS. First configure the IP SLA: ip sla 1 icmp-echo <dest IP> source-interface <source int> request-data-size 8964 !vrf …

Continue reading “How To Configure IP SLA with DF-BIT Set and 9K MTU Payload On Cisco IOS XE”

EVE-NG NESTED USB WIFI-NIC and ETHERNET-NIC Passthrough To VMs

I have an EVE-NG VM and I am passing through my USB ethernet and WIFI nics to it. Then I am passing those nics over to the guests running in labs. Here is how to get this properly working, when editing your windows 7, 8, 10, or even linux guests, you need to change a …

Continue reading “EVE-NG NESTED USB WIFI-NIC and ETHERNET-NIC Passthrough To VMs”

Cisco ISR 4k BFD Session Host: Software

While deploying BFD on some ISR 4k’s I noticed this “Session Host: Software”. It turns out that BFD Echo mode is not hardware offloaded on these ISR 4K’s, only the Control packets are. Although the echo packet is routed via CEF on the neighbor, when it comes back to us we process it in software. …

Continue reading “Cisco ISR 4k BFD Session Host: Software”