I can’t count how many times I’ve seen the topic of WCCP in the Cisco support forums where people want to use their Ironport WSA to block traffic from internal users *and* DMZ servers. This clearly DOES NOT WORK, but I’ve never seen a very good explanation of why it doesn’t work. This is my attempt to explain why this DOES NOT WORK.
I have a static IPv4 address from CenturyLink (x.y.z.198). To find my corresponding IPv6 6rd address I need to convert my IPv4 address to hex and append CenturyLink’s 6rd prefix.
My ipv4 address: x.y.z.198
My IPv6 6rd address: XX:YY:ZZ:C6
where XX (in hex)=x (in decimal)
Prepending CenturyLink’s IPv6 6rd prefix (2602::/24) to my 6rd address leaves me with 2602:00XX:YYZZ:C600::
I turned up a 7Mbps DSL connection with CenturyLink this evening. Here’s the configuration I used to get the circuit working. The ‘debug ppp authentication command’ helped a lot, too.
Note: To get the username and password I had to call CenturyLink technical support. The CenturyLink provisioned modems must have some mechanism to get the necessary information automatically.
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/32
dialer pool-member 1
protocol ppp dialer
!
!
interface Dialer0
ip address negotiated
ip nat outside
ip nbar protocol-discovery
encapsulation ppp
dialer pool 1
ppp pap sent-username USERNAME password PASSWORD
!
int FastEthernet0
ip nat inside
!
ip nat inside source list 111 interface Dialer0 overload
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
I’ve never seen a GigE interface that wouldn’t let me manually specify the speed and duplex. I’m not talking about the speed limitations of the Nexus 2148T (it can’t to 10/100), I’m talking about disabling Ethernet autonegotiation. While working with a Cisco ASR1001 the other day, I’d finally met my match.
The ASR1001 has four built-in GigE interfaces which accept copper for fiber SFPs (though not the traditional GLC-T). I was trying to disable autonegotiation on a single-mode fiber interface but the speed and duplex commands didn’t exist.
Router(config-if)#s?
!--Nothing
Router(config-if)#d?
!--Nothing
But, if autonegotiation was my only option, why did the IOS XE coders torment me by including it as a default part of the interface config?
Router(config-if)#do sh run int g0/0/0
interface GigabitEthernet0/0/0
ip address 1.1.1.1 255.255.255.252
negotiation auto
Turns out, these built-in interfaces only support GigE, not 10Mbps or 100Mbps. More to the point though, only copper interfaces support manually defined speeds. Fiber interfaces operate in one fashion only, the only choice you have is whether or not to use autonegotiation. In my case I disabled it like this.
Router(config)#int g0/0/0
Router(config-if)#no negotiation auto
Router(config-if)#do sh run int g0/0/0
interface GigabitEthernet0/0/0
ip address 1.1.1.1 255.255.255.252
no negotiation auto