Month: February 2014

A lesson in verifying Nexus 7000 MTU

Nexus 7000 has it’s system jumbo mtu set to 9216 by default.  Even though system MTU is set, notice the interface MTU:

N7K-1# sh run all | i mtu
  system jumbomtu 9216
N7K-1# sh int e3/7 | i MTU
  MTU 1500 bytes, BW 10000000 Kbit, DLY 10 usec

Try to ping over that interface with a large packet, and it will certainly drop:

N7K-1# ping 10.12.0.29 df-bit packet-size 8972
  PING 10.12.0.29 (10.12.0.29): 8972 data bytes
  Request 0 timed out
  Request 1 timed out
  ^C
  --- 10.12.0.29 ping statistics ---
  3 packets transmitted, 0 packets received, 100.00% packet loss

Change the interface MTU and try another ping across that interface: (more…)

Advertisements

Export Check Point Policies to HTML or XML

Check Point polices are easy to manage when you have access to SmartDashboard. However, sometimes you may need to share these polices with other individuals, such as auditors, and it’s helpful to know how to export these in an easy to read format. Check Point actually has some decent documentation around this, but I ran into a few bumps, so here are my notes. I followed the guide below; make sure to download and install the appropriate WebVI tool before proceeding:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk64501

First – Extract the WebVI Tool to C:\webvi
Next – Open command prompt and cd to C:\webvi

(more…)