Cisco ISR 4k BFD Session Host: Software

While deploying BFD on some ISR 4k's I noticed this "Session Host: Software". It turns out that BFD Echo mode is not hardware offloaded on these ISR 4K's, only the Control packets are. Although the echo packet is routed via CEF on the neighbor, when it comes back to us we process it in software. …

Continue reading "Cisco ISR 4k BFD Session Host: Software"

How to route between VRFs on a Cisco router

This guide is the simplest way to route between 2 VRFs on a Cisco router. I didn't invent this method as someone showed it to me. Here's the GNS3 project + images if you want to follow along. https://upw.io/3uh/route-between-vrfs.gns3project   Essentially IOU1 is the client with 192.168.1.1, and the default gateway is IOU2. IOU2 PATs …

Continue reading "How to route between VRFs on a Cisco router"

RDP error: This could be due to CredSSP encryption oracle remediation.

If you get this error, you need to create this registry key to fix it:   You can either download the fix for the .reg file here or create it yourself with the code below RDP CRED SSP FIX REG FILE   Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters] "AllowEncryptionOracle"=dword:00000002

Nexus 7k – show running-config aclmgr inactive-if-config for SVI ACL

I recently ran into an issue where I was preparing for a 7k ISSU. One of the first steps in the document from Cisco talks about running "show running-config aclmgr inactive-if-config". After I ran this I noticed that it listed an SVI with an ACL as inactive. After running "show interface vlan X" I saw …

Continue reading "Nexus 7k – show running-config aclmgr inactive-if-config for SVI ACL"