lunes, 25 de noviembre de 2013

Políticas de Cisco EoX - Línea de tiempo y compromisos en HW y SW OS



Definiciones EoX
HitosAcrónimoDefinición Global Cisco
End of Life External AnnouncementAvailableThe date that the end of sale and end of life of a product is announced to the general public.
End of SaleEoSaleThe last date to order the product through Cisco point-of-sale mechanisms. The product is no longer for sale after this date.
End of Software Maintenance ReleaseEoSWMThe last date that Cisco Engineering may release any software maintenance releases or bug fixes to the software product. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software.
End of Routine Failure AnalysisEoRFAThe last possible date Cisco may perform a routine failure analysis to determine the root cause of an engineering- or manufacturing-related issue.
End of Service Contract RenewalEoSCRThe last date to extend or renew a service contract for the product. The extension or renewal period may not extend beyond the last date of support.
Last Date of SupportLDoSThe last date to receive service and support for the product. After this date, all support services for the product are unavailable, and the product becomes obsolete.


Ejemplos del ciclo de vida de equipos Cisco



Product IDEOX PB #1End of Life External Announce DateEoSale DateEoSWM DateEoRFA DateEoSCR DateLDoS Date
WS-C3560-8PC-SEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18
WS-C3750G-12S-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750E-24TD-EEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750E-24TD-EEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3560-8PC-SEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18
WS-C3560-8PC-SEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18
WS-C3750G-24PS-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-24PS-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750E-24TD-EEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750E-24TD-EEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-24PS-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3560-8PC-SEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18
WS-C3750E-24TD-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750E-24TD-EEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750E-24TD-EEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-24PS-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-12S-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-12S-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-12S-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-12S-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750G-24PS-SEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3750E-24TD-EEOL804431-JAN-1230-JAN-1330-JAN-1430-JAN-1430-APR-1731-JAN-18
WS-C3560-8PC-SEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18
WS-C2960-8TC-LEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18
WS-C3560-8PC-SEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18
WS-C3560-8PC-SEOL905528-JAN-1329-JUL-1329-JUL-1429-JUL-1424-OCT-1731-JUL-18


Sígueme también en:



Publicado por en No hay comentarios:
Etiquetas: ,

jueves, 7 de noviembre de 2013

Mejores practicas configuraciones Cisco - NTP Update Calendar Disabled

NTP Update Calendar Disabled




ExcepciónNTP Update Calendar Disabled
CategoriaIP Applications
Tipo OSIOS
Reisgolow
DescripciónSome platforms have a battery-powered hardware clock, referred to in the command-line interface (CLI) as the "calendar," in addition to the software based system clock. The hardware clock runs continuously, even if the router is powered off or rebooted. If the software clock is synchronized to an outside time source via NTP, it is a good practice to periodically update the hardware clock with the time learned from NTP. Otherwise, the hardware clock will tend to gradually lose or gain time (drift), and the software clock and hardware clock may become out of synchronization with each other. The ntp update-calendar command will enable the hardware clock to be periodically updated with the time specified by the NTP source. The hardware clock will be updated only if NTP has synchronized to an authoritative time server.
URL referenciantp update-calendar
Cacción correctivantp update-calendar
AdveretenciaMany lower-end routers (for example, the Cisco 2500 series or the Cisco 2600 series) do not have hardware clocks, so this command is not available on those platforms.


Más "Mejoras de practicas de configuraciones Cisco" AQUÍ



Sígueme también en:



Publicado por en No hay comentarios:
Etiquetas: ,

Mejores practicas configuraciones Cisco - Standby delay minimum reload not configured

Standby delay minimum reload not configured





ExcepciónStandby delay minimum reload not configured
CategoriaIP Applications
Tipo OSIOS
Riesgomedio
Descripción"When configuring HSRP, Cisco recommens using the 'standby delay minimum|reload' command to prevent blackholing of traffic. This allows time for all ports in the VLAN to come up after a reload or module reset. In a subsecond timer scenario, hellos could be lost with CPU busy after reload.
Recomendación"If the active router fails or is removed from the network, then the standby router will automatically become the new active router. If the former active router comes back online, you can control whether it takes over as the active router by using the standby preempt command.

However, in some cases, even if the standby preempt command is not configured, the former active router will resume the active role after it reloads and comes back online. Use the standby delay minimum reload command to set a delay period for HSRP group initialization. This command allows time for the packets to get through before the router resumes the active role.

We recommend that all HSRP routers have the standby delay minimum reload configured with a minimum delay time of 30 seconds and a minimum reload time of 60 seconds.

The delay will be cancelled if an HSRP packet is received on an interface.

The standby delay minimum reload interface configuration command delays HSRP groups from initializing for the specified time after the interface comes up. "
Referencia URLStandby Delay Minimum Reload
Acción correctiva Under the interface mode, configure
Router(config)# interface ethernet x/y
Router(config-if)# standby delay minimum 30 reload 60





Sígueme también en:



Publicado por en 1 comentario:
Etiquetas: ,

Mejores practicas configuraciones Cisco - NTP not protected by ACL

NTP not protected by ACL




ExcepciónNTP not protected by ACL
CategoriaIP Applications;Security
Tipo OSIOS
Riesgomedio
DescripciónIn addition to an NTP authentication schema NTP can be protected through use of an access-list to further limit access privileges. If the source IP address matches the access-lists for more than one access type, the first type is granted. If no access groups are specified, all access types are granted to all systems. If any access groups are specified, only the specified access types will be granted.
Acción correctiva
access-list 40 permit 1.1.1.5
access-list 40 permit 1.1.1.6
ntp access-group peer 40





Sígueme también en:



Publicado por en No hay comentarios:
Etiquetas: ,

martes, 5 de noviembre de 2013

Mejores practicas configuraciones Cisco - HSRP Preempt delay not configured

HSRP Preempt delay not configured




ExcepciónHSRP Preempt delay not configured
CategoriaIP Applications
Tipo OSIOS
RiesgoMedio
DescripciónTraffic may be dropped after the primary Hot Standby Router Protocol (HSRP) router becomes active. When switch crashed or reloaded, the HSRP interface may be active before the uplink interface comes up or before Interior Gateway Protocol (IGP) convergence. The client sends traffic to the primary HSRP router, but the primary HSRP router is not ready to send the packet in the L3 domain, so the packet is dropped. After implementing the HSRP preempt delay, the primary HSRP router will not become active before the delay timer expires. The router is ready in uplink or L3 domain when it becomes active. Note: Remove the technology from the profile section while rule development and keep only feature rules.
RecomendaciónAvoid packet drop after the primary HSRP interface becomes active.
Referencia URLConfiguring HSRP
Referencia URLCommand Reference
Acción correctiva"Under the interface .* block, type the following command:

standby group# preempt delay minimum min-seconds

(for example, 'standby 1 preempt delay minimum 180')






Sígueme también en:



Publicado por en No hay comentarios:
Etiquetas: ,
Suscribirse a: Entradas (Atom)