When you get your brand new Cisco ASR1000 series router, Stateful Switchover (SSO) is disabled by default:

Router# show redundancy states
       my state = 13 -ACTIVE
     peer state = 1  -DISABLED
           Mode = Simplex
        Unit ID = 6
Redundancy Mode (Operational) = Non-redundant
Redundancy Mode (Configured)  = Non-redundant
Redundancy State              = Non Redundant

Enable SSO!

Router# config t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# redundancy
Router(config-red)# mode sso
Router(config-red)# ^Z
%CMRP-6-DUAL_IOS_REBOOT_REQUIRED: R0/0: cmand:  Configuration must be saved and the chassis must be rebooted for IOS redundancy changes to take effect
Router# reload

And once it's back live, you can see that SSO is up and working:

Router# show redundancy states
       my state = 13 -ACTIVE
     peer state = 8  -STANDBY HOT
           Mode = Duplex
           Unit = Primary
        Unit ID = 48

Redundancy Mode (Operational) = sso
Redundancy Mode (Configured)  = sso
Redundancy State              = sso
    Manual Swact = enabled
 Communications = Up

   client count = 87
 client_notification_TMR = 30000 milliseconds
          keep_alive TMR = 4000 milliseconds
        keep_alive count = 0
    keep_alive threshold = 7
           RF debug mask = 0x0

I recently needed to tag the first 5,389 messages in a mailbox using Mutt. This is much easier than you might think.

1. shift-t - By default, the command to tag messages based on a pattern is bound to shift-t. If you've changed this in your muttrc, use whatever you've bound tag-pattern to.
2. ~m1-5389 - ~m is the pattern indicator for message ID. It can accept a single value, or a range of values. In my case, I've told it to match messages 1 through 5,389.
3. Don't forget to use the tag-prefix key (; by default) to perform an action on the messages you've tagged.

You've certainly noticed when look at individual BGP routes on your Cisco routers that the route is advertised to specific update-groups. It isn't obvious from that output just what those update-groups are.

Router#show ip bgp 8.8.8.8
BGP routing table entry for 8.8.8.0/24, version 50004440
Paths: (3 available, best #3, table Default-IP-Routing-Table)
  Advertised to update-groups:
     2

BGP Dynamic Update Peer-Groups is a feature of IOS that groups together neighbors that receive the same updates. These groups are created automatically and do not require intervention from the user.

In order to see who is a member of an update-group, use the show ip bgp update-group command.

Router#show ip bgp update-group 2
BGP version 4 update-group 2, internal, Address Family: IPv4 Unicast
  BGP Update version : 50945923/0, messages 0
  NEXT_HOP is always this router
  Community attribute sent to this neighbor
  Update messages formatted 15921628, replicated 15921628
  Number of NLRIs in the update sent: max 1065, min 0
  Minimum time between advertisement runs is 0 seconds
  Has 2 members (* indicates the members currently being sent updates):
   x.x.x.x          x.x.x.x

If you need to comment something out of your .vimrc, start the line with a double quote (").

"autocmd BufRead *.xml :source ~/.vimrc.xml

It's embarrassing to admit how long it takes to find the answer to that question.

When I upgraded to OS X 10.7 (Lion), I started using the built-in IPSec VPN client rather than Cisco's VPNClient. I experienced problems immediately. At first it appeared that the connection was being made, but no traffic was passing. When I tried pinging by IP address, I found that traffic was passing, but I couldn't do anything by hostname.

Read More →