Re: Bay question
Ed, http://support.baynetworks.com/library/tpubs/pdf/switches/bstack/450/02401D00.PDF See Appendix E. --- ed smith <[EMAIL PROTECTED]> wrote: > Anyone have any idea where I can find some info on > Bay Networks 450 series > console cable pinout. It's a DCE connection but are > unable to make any of > our cables work to get in. > > We work mostly Cisco. = -----/--- Erick B. / http://berk.dhs.org [EMAIL PROTECTED] / CCNP+Security+NetRanger / NNCSS, CCIE-Lab 9/21 SJ -/--- __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Reversed Telnet
Let me take a hit at it... it's not one my favorite terms... > If someone has a way to describe the term so a 6 > year old can understand it,I would appreciate it. Typically for 'reverse telnet' one configures a static host table on the router pointing to a loopback IP address on a certain port. The port # being the line # on the router. So one can simply type r1, etc at prompt then the router telnets to port 20xx and you make your connection the device hanging off that line. I think redirection is a better term actually but that's me. You don't need a host table (it makes things easier for repeated use). You can simply do 'telnet ip-of-router 20xx' from the router or any PC/etc to get to devices hanging off the router. Use 'show line' to get the line # and add 2000 to it for the TCP port # mapped to that line. -E __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Deferred Packets
Defered packets occur when the ethernet is too busy and the interface can't put the packet out on the wire, so the packet is dropped. This is normal. I would throw a sniffer on this segment and see whats going on and try to clean it up. --- "Luong, David" <[EMAIL PROTECTED]> wrote: > Hi Folks: > > On a 10-half ethernet connection between two > routers, we are seeing deferred > packets happening as well as the normal usual > collisions. Are deferred > packets just normal as well? Is it expected in > ethernet media? Thanks in > advance... __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Deferred Packets
> > } Defered packets occur when the ethernet is too > busy > } and the interface can't put the packet out on the > } wire, so the packet is dropped. This is normal. I > > Bzzt, wrong! The packet isn't dropped, it's > held and transmitted when the wire is free. My mistake. I would argue that if there are many deferred packets queue'd up waiting to being transmitted that possibly the buffer for holding these packets could become full, thus packets could get dropped. __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Secundary IP address
ip route-cac same-interface --- Francisco Muniz <[EMAIL PROTECTED]> wrote: > Well, elaborating on it... It IS process switched (s > ip inter et0/0 says > "Fast switching on the same interface is disabled") > so now the question is: > can I enable fast switching on the same interface? > > Francisco Muniz > > "Francisco Muniz" <[EMAIL PROTECTED]> escribió en > el mensaje de noticias > 8f7pfh$62h$[EMAIL PROTECTED] > > I'm trying to find out the performance > implications of using secundary IP > > addresses on an ethernet interface (configuring > "layer 3 VLANS"). From the > > looks of it, it seems packets are process > switched... Anyone know about > > this? Any help would be appreciated. > > > > Francisco Muniz > > > > > > ___ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com > > Posting Guidelines: > http://www.groupstudy.com/list/guide.html > > --- > > > ___ > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Posting Guidelines: http://www.groupstudy.com/list/guide.html = - Erick B. | erickbe(a)yahoo.com | http://berk.dhs.org __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ FAQ, list archives, and subscription info: http://www.groupstudy.com Posting Guidelines: http://www.groupstudy.com/list/guide.html
Re: CCIE
The CCIE is a seperate track and you can go straight for the CCIE without having any of the Career Certifications (CCNA/CCNP/etc). It might aid in your studying to get CCNA/CCNP/etc along the way perhaps. --- Brett Hairbottle <[EMAIL PROTECTED]> wrote: > I am planning on becoming a CCIE. Do I have to do my > CCNA and then CCNP before I can take the CCIE course = - Erick B. | erickbe(a)yahoo.com | http://berk.dhs.org __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF
Do you have a IP interface up? IOS will give that error if IP isn't up, or if the feature set you have doesn't support OSPF. This being a 4000 I doubt that but you may want to look into it if the first suggestion doesn't resolve your problem. --- "Timothy W. Roberts" <[EMAIL PROTECTED]> wrote: > When trying to enable OSPF, I get the error :OSFP: > Could not allocate > router id". This is on a 4000. Please help. = - Erick B. | erickbe(a)yahoo.com | http://berk.dhs.org __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: sniffer
Hi, Here you go.. this is free for Windows. This is a port of tcpdump btw. WinDump: http://netgroup-serv.polito.it/windump You need the Packet Drivers also: http://netgroup-serv.polito.it/winpcap And theres a GUI as well: http://netgroup-serv.polito.it/analyzer You can get a demo version of Sniffer as well. > Can anyone suggest decent sniffer software that I > might be able to download > as trial ware or shareware? Thanks a lot, Lance = - Erick B. | erickbe(a)yahoo.com | http://berk.dhs.org __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: telnet to internet?
No. I suppose you could hack up a program to telnet to port 80 and intrepret the web page code and display it properly but after the headers are output your telnet session will be disconnected. Usually a second. router# lynx http://www.groupstudy.com :) --- Oladele Ayuba <[EMAIL PROTECTED]> > There exists this router that has one of its serial > interfaces connected to the > internet. the best access to this router besides a > proxy server is a telnet or > tn3270 session. Is it remotely possible to jump off > this router via the telnet > connection into the world of http and www. = - Erick B. | erickbe(a)yahoo.com | http://berk.dhs.org __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Jeff Doyle's book
It's the second revision. --- net explorer <[EMAIL PROTECTED]> wrote: > I ve seen on amazon.com that there is a new book > called "routing TCP/IP" > by Jeff Doyle. It 'll be published on July. > It seems to be a Vol 2 book. Is that right, or is > this book only a new > release of "routing TCP/IP vol1". This book was > recommended many times > by members of this list and I wanted to buy it. > Should I have to wait for the new one? > BGP, QoS... will be covered on the new book? > > Any information about that? > Thank you for your help > > ___ > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: new version of 802.1q?
Well, at the Bay/Nortel acclear class I went to they stated that spanning tree didn't care about VLANs and BPDUs, etc effected all VLANs. This is 802.1q. Also, the acclear supports multiple spanning tree groups (STGs) per VLAN by putting propiertary header on spanning tree packets for other STGs. Default spanning tree group (1) is normal. I haven't ran into anyone using multiple-STGs however and haven't looked into this in much detail (trace, etc) yet. --- Andy Harding <[EMAIL PROTECTED]> wrote: > have been having (semi) argument at work about dot1q > versus ISL > > my understanding is that dot 1q runs one instance of > spanning tree per trunk, rather than per vlan as ISL > does - hence if one VLAN is blocking then dot1q > disables the entire trunk > > A collegue of mine reckons that dot 1q now does as > per ISL and runs STP on a per-vlan basis, but the > 802.1q spec has changed without the # changing > > someone help me out here... > > thanks > > Andy > > > __ Do You Yahoo!? Yahoo! Photos -- now, 100 FREE prints! http://photos.yahoo.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help! What happen??? URGENT!
Have you tried a different port in the hub, tried another hub, or took your PC/laptop and plugged it into router with crossover to see if interface stays up? Was this working fine and just started being a problem? - Erick --- William Wong <[EMAIL PROTECTED]> wrote: > Help me guys > > Interface Ethenet0 on cisco 2503 router problem! > > Physical connection:- > > AUI port -> Transceiver -> > Hub > > I use Hyperterminal to logon into the router. > > It keep showing that the line protocol for interface > ethernet0 change state > to up and change state to down and I cannot ping the > router. > > I have:- > Changed the router > Changed the transceiver and all the cables > But still the same. > > What is the possibility now __ Do You Yahoo!? Yahoo! Photos -- now, 100 FREE prints! http://photos.yahoo.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCO Searching
I noticed this to. Not sure if it is any better then before but I use www.google.com first before the search box at cisco.com. Google.com returns more accurate hits on cisco.com most of the time. --- Rik Guyler <[EMAIL PROTECTED]> wrote: > I was just on CCO and the search engine changed! > You no longer get 10k > responses (looks like 100 max and no other > parameters given). I wonder if > this is a new limitation or if the engine has been > upgraded and refined? > Hm > > Rik __ Do You Yahoo!? Yahoo! Photos -- now, 100 FREE prints! http://photos.yahoo.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Diff between point to point T1 & T1 with frame relay
Hi John, On serial interfaces you have a few WAN protocols you can use depending on what your doing, what type of circuit provider is providing/type of circuit ordered, etc. With Point to Point T1s or leased lines these are connections between 2 locations and you can use WAN protocols such as HDLC, PPP, etc. With Frame Relay, this is a WAN switching technology where a virtual circuit is built between you and the remote end. Between your router and the carriers frame relay switch there is signalling (LMI) that provides status of Virtual Circuit, DLCI info, etc. You can find out more at http://www.frforum.com --- John Zaggat <[EMAIL PROTECTED]> wrote: > Guys, > I am confused on this, couldn't find a satisfactory > answer in the archives. Can some clearly explain the > diff between, p-to-p T1 and T1 with frame-relay. Can > some post sample configs for both. Sorry about the > newbie question. > Thank you __ Do You Yahoo!? Yahoo! Photos -- now, 100 FREE prints! http://photos.yahoo.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: alternative for specific packet filtering
Hi, I haven't tested this myself yet, but perhaps doing a route map and matching an access list with logging option set then modifying the route if theres a match would be a solution. Of course, this is going to use more CPU then a null0 static route but a ACL w/log option is needed to see how many hits your getting. ...Erick --- Barry Hofland <[EMAIL PROTECTED]> wrote: > There's no way counting matches for a null0 > interface. > If you need the number, fall back to access-lists... > > Barry > "D. J. Jones" <[EMAIL PROTECTED]> wrote in message > 8ik0d7$iqe$[EMAIL PROTECTED]">news:8ik0d7$iqe$[EMAIL PROTECTED]... > > I've been reading and trying to understand > interior redistribution and > came > > across the following technique as an alternative > for the specific packet > > filtering requirement of discarding certain > packets based solely on their > > destination address. > > > > In this case Cisco static route command are used > to discard packets > destined > > to private address space using null0. Here is an > example: > > > > ip route 10.0.0.0 255.0.0.0.0 null0 > > > > My question is whether it is possible to show the > system log and display > the > > number of times a packet was discarded destined to > private or RFC1918 > > address space. If the logs showed that, would it > also show the source? > > > > I don't have a test lab setup to try this but was > hoping someone on the > list > > has experience with this. Thanks for you help.. = - Erick B. | erickbe(a)yahoo.com | http://berk.dhs.org __ Do You Yahoo!? Send instant messages with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Unknown Routing Protocol
IP Plus for 11.2/11.3 and OSPF is in 12.0... --- Peter Godfrey <[EMAIL PROTECTED]> wrote: > From memory you need the IP Plus IOS to run OSPF on > a 1601-R... More memory too I suspect :-) > > Cheers, > Pete. > > > Dear Guys > > i was trying to enable OSPF on a Cisco 1601R > > router when i got a message "unknown routing > > protocol" what the hell is in the 1601 ??? doesnt > > it support OSPF ??? = - Erick B. | erickbe(a)yahoo.com | http://berk.dhs.org __ Do You Yahoo!? Send instant messages with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can you block CDP with an access list???
CDP is layer 2. Offhand, I don't remember the MAC address it uses but perhaps a MAC-address ACL will do the trick. Personally, I disable it since it is Cisco-only and I work in multi-vendor environments. --- Aaron Prather <[EMAIL PROTECTED]> wrote: > If you can what protocol does it use? UDP? i know > its a protocol in > itself, but can this be done? what port number? > > Thanks guys, > > Aaron > > ___ > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can you block CDP with an access list???
Hi again, I tried blocking it going out the router with ACL but didn't succeed. I think this is because you can only apply MAC-address ACLs to certain objects (bridge groups, etc) and my lab setup isn't setup right to really see if this works. CDP uses 01000C-CC which is a Multicast MAC. Below is the config I thru together which wasn't working from sniffer traces I was doing on my ethernet segment. As others have said, disable CDP on the interface (no cdp enable) so the information isn't advertised. Lots of useful information can be learned from sniffing a segment and looking at CDP packet entries :) interface Ethernet0 ip address 192.168.1.2 255.255.255.0 bridge-group 1 bridge-group 1 output-address-list 701 ! access-list 701 deny .. 0100.0ccc. (I reversed this and also tried extended) --- Aaron Prather <[EMAIL PROTECTED]> wrote: > If you can what protocol does it use? UDP? i know > its a protocol in > itself, but can this be done? what port number? > > Thanks guys, > > Aaron __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Which access-list increase load the most?
Another thing, you can use the newer TurboACL (compiled ACLs) on higher platforms. access-list compiled http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s6/turboacl.htm --- Robert Cabeca <[EMAIL PROTECTED]> wrote: > Just want to say that this was a great and useful > response!! > Rob > > -Original Message- > From: [EMAIL PROTECTED] > <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> > Date: Tuesday, June 27, 2000 19:51 > Subject: Which access-list increase load the most? > > > > > > > > > >It depends (well, what did you expect??) > >As a general rule, you're better off putting the > access list on the > outgoing > >interface. That way you don't waste bandwidth by > transmitting traffic > you're > >just going to throw away anyway. > >BUT, your *first* priority is to make sure the > access list does what you > want. > >To do this, you may need to use an incoming access > list instead. > > > >Example... > > > >rtrA rtrB > > > >Let's say you want to prevent telnet traffic from > rtrA to rtrB. > >Assume for now that the link between the routers is > a serial link (int S0 > on > >both routers). > >You could put an outgoing access list on S0 on > rtrA: > >rtrA: > >access-list 101 deny tcp any any eq 23 > >access-list 101 permit ip any any > >int s 0 > >access-class 101 out > > > >This will work fine (assuming my access list syntax > is correct which I am > making > >no guarantees about - I haven't checked it). You > could put the same access > list > >on rtrB as an incoming access list instead, and it > would have the same > effect, > >but your telnet traffic would cross the serial link > before being dropped - > >generally not very efficient. > > > >OK, what if it's not a serial link, but an > ethernet? Time to throw another > >router into the mix... > > > >rtrA rtrB > > | > >rtrC > > > >Now, putting that same outgoing access list on rtrA > has a different effect > to > >putting it as an incoming access list on rtrB. If > you put the outgoing > access > >list on rtrA, you will not be able to telnet from > rtrA to rtrB *or to > rtrC*. If > >you put it as an incoming access list on rtrB, you > will not be able to > telnet > >from rtrA to rtrB but you will be able to telnet > from rtrA to rtrC. > >In this case, where should you put the access list? > That depends > completely on > >what you are trying to achieve with your access > list. > > > >Regardless of where you are putting your access > list, try to put the lines > that > >will get the most hits near the top (again, make > sure you don't change the > >meaning of the access list if you change the order > of statements). The > lines of > >an access list are checked in order, and once a > match for a packet is > found, the > >rest of the list isn't checked - so if most of your > packets match the first > >line, rather than the last, your router will spend > less time checking > access > >lists. > > > >Here endeth the chapter :-) > > > >JMcL > > > >-- Forwarded by Jenny > Mcleod/NSO/CSDA on 27/06/2000 > 16:28 > >--- > > > > > >"K.FUJIWARA" <[EMAIL PROTECTED]> on 26/06/2000 > 15:59:31 > > > >Please respond to "K.FUJIWARA" > <[EMAIL PROTECTED]> > > > > > >To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > >cc:(bcc: JENNY MCLEOD/NSO/CSDA) > >Subject: Which access-list increase load the most? > > > > > > > >Hi, all. > > > >Though the null interface is the best solution for > load in the ruter > >CPU, which > >extended / standard access-list is the best to > reduce the load? > >Extended one's result may be depends on where it > will be put or the > >case, so where > >should it be configured? Destination? > >If you have some good examples, please show me. > > > >And then, do you know good tools or utility to > monitor the routers > >performance on > >CPU or RAM in real time? > > > >Kazuyo Fujiwara > >MCSE/CCNA > >Japan Kobe > > > > > > > >___ > >UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > >FAQ, l
Re: Route Summarisation, once again!
Hi, Comments inline. --- Ishtiaque Mahbub <[EMAIL PROTECTED]> wrote: > Hello Group! > > Could someone be kind enough to explain a dilemma > that I have been facing > with route summarisation? In Todd's book I found the > following question: > > How the following networks should be summarised? > 172.16.1.0/24 > 172.16.2.0/24 > 172.16.3.0/24 > > a) They cant be summarised > b) 172.16.1.0/24 and 172.16.2.0/23 > c) 172.16.1.0/22 > d) 172.16.0.0 > > Well I chose C. > > Here is my explanation: 3rd octet in Binary: 1234 5678 - 172.16.1.0/24 = 0001 172.16.2.0/24 = 0010 172.16.3.0/24 = 0011 > So the highest number of similar bits for this octet > is 6 > The total number of bits similar for the networks: > 8+8+6=22 > That summarises the network to 172.16.1.0/22 When summarizing, the similar bit is 1 and where the bit-boundary is common you can summarize. Remember 1=network and 0=host. In this example, 2 and 3 have a common bit-boundry on the 7th bit (8+8+7=23), so 172.16.2.0/23 for networks 172.16.2.0/24 and 172.16.3.0/24. The first network, 172.16.1.0 the 8th bit is 1 and there are no common bits with the other networks provided so can't summarize it with others. Hope this helps... keep at it. > But the answer says B with the explanation: Networks > must share the same > high-order bits. Look at the binary values to > understand more clearly. - Erick B. __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can you block CDP with an access list???
Paul, Disabling CDP is ideal.. but the poster wanted to know how to block it with a ACL so thats what I was trying to do. --- paul doyl <[EMAIL PROTECTED]> wrote: > > Chaps > Why not just disable it on the interface? I have > done it for security > purposes in the past. Perhaps I'm missing sommat, if > so, my apologies. > Paul __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another Non-Cisco Question (SOS)
Umm... I have a backdoor password to reset the 3300/1100s - maybe older models? --- [EMAIL PROTECTED] wrote: > Iftekhar, > > It is a bad news but you cannot break a password in > 3-com superstack II > 1100/3300 switches. The only way to recover is it > have to be sent to 3-com > this is due to those switches were made for > government uses in the begining > > Elias > > > Hi all > > I am in desperate need to know the procedure to > break password in 3com > superstack II 1100/3300 switches. > > Thanks in advance > iftekhar __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:pasting access list to router config
Do you have this access list applied to the interface your telnet'd into/across? If so, you may be blocking your telnet for a second while access list is changed? Just a thought. --- [EMAIL PROTECTED] wrote: > Hi group, > > I've been having some problems when pasting access > lists to routers over > telnet. > > sometimes the paste "crashes" and sometimes the > lines get corrupted! I've had > to resort to pasting the list a bit at a time - but > even this isn't always > 100% successful. > > just wondered if anyone has had similar problems? > > > Simon > > ___ > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written
You get the sylvan prometric print out, and the right to call and schedule a lab date. --- Johnny Honk <[EMAIL PROTECTED]> wrote: > Hi Everyone, > > A quick question...upon successful completion of the > CCIE written, do you > recieve a certificate or anything...or do you miss > out until you have completed the lab? __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice Over IP configuration
Hi, What is the problem and do you have configs? You will need a vofr dial-peer and a pots dial-peer setup, then on the frame DLCI you're using you'll need to configure it with traffic shaping. Lastly, what ver of IOS? --- Antonius Kurniadi <[EMAIL PROTECTED]> wrote: > Hi all, > > I have problem when configuring VoIP over Frame > Relay. > I have both 3640 Routers with 2 slot VoIP modules. > Any body has working configuration about VoIP over > Frame Relay ..? > > Thanks for help. > > Antonius Kurniadi __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice Over IP configuration
Send me a copy of your configs. Sounds like you have a port / dest-pattern mapping mismatch. Are you able to dial the local phones fine connected to router (if you have 2 phones plugged into the ports)? --- Antonius Kurniadi <[EMAIL PROTECTED]> wrote: > Hi Erick, > > I'm using 11.3(4)T software. > The problem is when I tried to call extension at > another side, it always > busy. > Do you have working config for this ? > > Thanks for help. > > Rgds- > Anton > > Erick wrote: > > > Hi, > > > > What is the problem and do you have configs? > > > > You will need a vofr dial-peer and a pots > dial-peer > > setup, then on the frame DLCI you're using you'll > need > > to configure it with traffic shaping. Lastly, what > ver > > of IOS? > > > > --- Antonius Kurniadi <[EMAIL PROTECTED]> > > wrote: > > > Hi all, > > > > > > I have problem when configuring VoIP over Frame > > > Relay. > > > I have both 3640 Routers with 2 slot VoIP > modules. > > > Any body has working configuration about VoIP > over > > > Frame Relay ..? > > > > > > Thanks for help. > > > > > > Antonius Kurniadi __ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: collision on cut-through switch
Sorry for the late response on this one... You will also see alignment errors if there is a speed/duplex mismatch. --- Chuck Larrieu <[EMAIL PROTECTED]> wrote: > Gentle correction - late collisions occur after the > first 64 bytes of a > frame have been placed on the wire. > > Essentially, a station listens, perceives the wire > as clear, starts sending, > only to find that another station has already begun > to transmit. > > Can happen for a couple of reasons. Network too > long. Faulty hardware. Real > busy network, possibly with lots of very small > packets ( as might happen in > a brokerage firm, where I used to see my fair share > of late collisions. ) > > Interesting point about the duplex settings. Having > made that mistake once > or twice, my recollection is that connectivity is > not established, but then > memory may not serve on this one. Does that show up > as 100% collisions? > > Chuck > > > A late collision usually occurs when one end of a > switched ethernet link > is set to full duplex but the other end of the link > is set to half-duplex. > > Darren __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can you block CDP with an access list???
John, Yep... was pretty sure a MAC-address ACL wouldn't do the job unless he was bridging. Verified this in my lab the other day. Gave me a reason to play with MAC-address ACLs which I normally don't do so learned something. --- John Neiberger <[EMAIL PROTECTED]> wrote: > IIRC, MAC access lists can only be applied on > bridging interfaces, not > routing interfaces. Is that right? If that's the > case, a MAC access list > wouldn't block CDP anyway, assuming that he is > routing on this interface. > He'd have to disable CDP on the router or the > interface. > > John Neiberger, CCNA/CCDA > > > Paul, > > > > Disabling CDP is ideal.. but the poster wanted to > know > > how to block it with a ACL so thats what I was > trying > > to do. > > > > --- paul doyl <[EMAIL PROTECTED]> wrote: > > > > > > Chaps > > > Why not just disable it on the interface? I > have > > > done it for security > > > purposes in the past. Perhaps I'm missing > sommat, if > > > so, my apologies. > > > Paul > > > > > > > > > __ > > Do You Yahoo!? > > Get Yahoo! Mail - Free email you can access from > anywhere! > > http://mail.yahoo.com/ > > > > ___ > > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: > http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > > ___ > Get 100% FREE Internet Access powered by Excite > Visit http://freelane.excite.com/freeisp > > ___ > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: MS router fixed (was whois microsoft.com)
http://www.microsoft.com/info/siteaccess.htm Microsoft Explains Site Access Issues On Tuesday evening and Wednesday, many Microsoft customers had difficulty accessing the company's Web sites. The cause has been determined, and the issue is resolved. At 6:30 p.m. Tuesday (PST), a Microsoft technician made a configuration change to the routers on the edge of Microsoft's Domain Name Server network. The DNS servers are used to connect domain names with numeric IP addresses (e.g. 207.46.230.219) of the various servers and networks that make up Microsoft's Web presence. The mistaken configuration change limited communication between DNS servers on the Internet and Microsoft's DNS servers. This limited communication caused many of Microsoft's sites to be unreachable (although they were actually still operational) to a large number of customers throughout last night and today. This was an operational error, and not the result of any issue with Microsoft or third-party products nor the security of our networks. Microsoft regrets any inconvenience caused to customers due to this issue. At approximately 5 p.m. Wednesday (PST), Microsoft removed the changes to the router configuration and immediately saw a massive improvement in the DNS network. All sites are currently available to customers. Again, Microsoft apologizes for the inconvenience. --- Adam Hickey <[EMAIL PROTECTED]> wrote: > http://www.cnn.com/2001/TECH/computing/01/24/microsoft.blackout.idg/index.ht > ml > > http://slashdot.org/articles/01/01/24/1455247.shtml > > Adam Hickey > [EMAIL PROTECTED] > CCNA CCNP (in progress) > > > Oh that is just so funny > > To bad I can't paste the whois in here lol > > Allen May wrote: > > > > > > Quick! do a whois no microsoft.com. It's been > hacked ;) Huh? I looked it off and on yesterday and today and it was correct. __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BRI interface
The 2503 and 2522 are S/T. Usually on U interfaces, the interface has 'ISDN U' or similar. Most of the older routers are S/T but some may be U. It is sometimes hard to find if something is S/T or U in some cisco docs. Older docs say the port is ISDN BRI only. On newer docs I've read they mention the interface type. What I do sometimes is go to google.com and search on cisco 2503, etc and look at other companys selling it and some of those have the ISDN interface type in the description/specs. You can do the following to find out also: router#show int bri0 (cisco 800) BRI0 is up (spoofing), line protocol is up (spoofing) Hardware is BRI with U interface and POTS Router#show int bri1/0 (cisco 2620) BRI1/0 is administratively down, line protocol is down Hardware is BRI router#show diag (2620) Slot 1: BRI (S/T) Port adapter, 4 ports --- Hubert Pun <[EMAIL PROTECTED]> wrote: > Hi, > > I have a Cisco 2503 and a Cisco 2522DC router. They > both have BRI > interface. However, how can I check out that whether > they are U > interface or S/T interface? The cisco web site just > says that this is a > BRI interface without specifying what kind it is. > (Both routers are for Canada routers) > > Thanks > > Hubert __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to limit the speed of a switch or router's port?
Look into the traffic-shape command (GTS). int e0 traffic-shape ... --- dovelet <[EMAIL PROTECTED]> wrote: > Hi all, > > Is there any ways to limit the speed of a switch or > router's ethernet port? > Example, limit the max. speed of an ethernet port to > 3Mbps. __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: MS router fixed (was whois microsoft.com)
Which whois tool do you use? Some of them return all the hosts as well that contain microsoft.com somewhere in the mix. I checked it off on throughout their problem and it was correct. --- Dan West <[EMAIL PROTECTED]> wrote: > Hmmm...doesn't sound like quite the whole picture. > How > would that explain what happened when you ran a > "whois" on microsoft.com? Did anyone else see > that?!?! It was pretty funny. -- about 15 lines of > hacker orgs and comments about MS. > > A more frightening possibilitydid someone hack > the > DNS root servers?? > > --- "Erick B." <[EMAIL PROTECTED]> wrote: > > http://www.microsoft.com/info/siteaccess.htm > > > > Microsoft Explains Site Access Issues > > > > On Tuesday evening and Wednesday, many Microsoft > > customers had difficulty accessing the company's > Web > > sites. The cause has been determined, and the > issue > > is > > resolved. > > > > At 6:30 p.m. Tuesday (PST), a Microsoft technician > > made a configuration change to the routers on the > > edge > > of Microsoft's Domain Name Server network. The DNS > > servers are used to connect domain names with > > numeric > > IP addresses (e.g. 207.46.230.219) of the various > > servers and networks that make up Microsoft's Web > > presence. > > > > The mistaken configuration change limited > > communication between DNS servers on the Internet > > and > > Microsoft's DNS servers. This limited > communication > > caused many of Microsoft's sites to be unreachable > > (although they were actually still operational) to > a > > large number of customers throughout last night > and > > today. > > > > This was an operational error, and not the result > of > > any issue with Microsoft or third-party products > nor > > the security of our networks. Microsoft regrets > any > > inconvenience caused to customers due to this > issue. > > > > > > At approximately 5 p.m. Wednesday (PST), Microsoft > > removed the changes to the router configuration > and > > immediately saw a massive improvement in the DNS > > network. > > > > All sites are currently available to customers. > > Again, > > Microsoft apologizes for the inconvenience. __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: process-max-time
Hi, This command used to be hidden but became visible in the last year or so. Don't mess with it unless you need to. If you use Voice, etc it may be useful to tweak this value I've heard. Here are my notes on this (from a friend at cisco): CSCdp38617 requesting that process-max-time be unhidden CSCdp38633 requesting that process-max-time be documented static ulong process_max_time; /* Max allowed tick count for any process */ sets the max voluntary duration for a process. i believe this is used to set how long a process may run. i have seen the command parsed into the config when you load recent (11.3(9.x)T IPSec) code. -- It somewhat limits the amount of time a given process can hold the CPU for (in milliseconds). It's a knob that I think has always been there, but recently became un-hidden because if processes run for too long and we're process-switching voice traffic for some reason, voice quality suffers across the box. Unless you're process-switching voice, you don't need to touch it. If you are running voice, dorking with it (down to 50-100ms or so) may improve voice quality across the box -- we limit the amount of time a process level activity can hold onto CPU in case we were process switching voice traffic. otherwise voice quality is going to suffer. HTH, Erick --- Hugo <[EMAIL PROTECTED]> wrote: > Flem Hi, > If you do not specify a process-max-time does that > mean that a process never > voluntarily relinquishes the processor? > Regards, > -- > Hugo > [EMAIL PROTECTED] > "Flem" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Maximum time for a process to run before > voluntarily > > relinquishing the processor . > > > > > > > > flem > > > > --- Yi Fang <[EMAIL PROTECTED]> wrote: > > > Hello, > > > > > > Can anybody tell me what's the meaning of ios > > > command = > > > "process-max-time". I couldn't find it on CD. > > > Thanks. > > > > > > Yi=20 > > > > > > _ > > > FAQ, list archives, and subscription info: > > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations > to > > [EMAIL PROTECTED] > > > > > > __ > > Do You Yahoo!? > > Yahoo! Auctions - Buy the things you want at great > prices. > > http://auctions.yahoo.com/ > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Managment Interface for Router
Use an access-list + access-group to permit only the stations that need to manage the router. You can't get rid of the directly connected routes unless you remove IP from the interface. If the IP network is entering the routing table on another router then you have this network in a routing process and if you don't want that then remove it from the routing process or filter it. --- boconnell <[EMAIL PROTECTED]> wrote: > Can you eliminate the directly connected route for > an interface from the > routing table? > The intention would be to have a management > connection to the router which > cannot be routed to from other connections. __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: why can't ping its own interface it is up ????
Since your pinging from the same router that this IP resides on the access-list doesn't come into play. Traffic flowing through that interface will be looked at against the access-list but not traffic sourced from the router, unless you set up a local policy route. If you have a static route routing traffic destined to 100.200.3.0 to 192.168.3.1 this will cause what your seeing and NAT could effect it as well. Hows the NAT configured and what are you permitting to be NAT'd? If your permitting 100.200.3.x and your outside NAT pool is 192.168.3.x then this could be the problem as well. Need to know more about the config. --- "Sim, CT (Chee Tong)" <[EMAIL PROTECTED]> wrote: > Dear all, > > I really don't understand, I have the router > interface which is up up > status, but I can't even ping it? What could be the > reasons?? is that > because of access-list?? Pls tell me!! > > interface Ethernet0 > description Interface facing Financial Service > Provider > ip address 100.200.3.1 255.255.255.0 > ip access-group 100 in > no ip directed-broadcast > ip nat outside > > RBFW2514#sh int e0 > Ethernet0 is up, line protocol is up > Hardware is Lance, address is 0010.7b81.02e6 (bia > 0010.7b81.02e6) > Description: Interface facing Financial Service > Provider > Internet address is 100.200.3.1/24 > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, > reliability 255/255, txload 1/255, rxload 1/255 > Encapsulation ARPA, loopback not set > Keepalive set (10 sec) > ARP type: ARPA, ARP Timeout 04:00:00 > Last input 00:00:00, output 00:00:00, output hang > never > Last clearing of "show interface" counters never > Queueing strategy: fifo > Output queue 0/40, 0 drops; input queue 0/75, 0 > drops > 5 minute input rate 45000 bits/sec, 21 packets/sec > 5 minute output rate 8000 bits/sec, 16 packets/sec > 161686946 packets input, 2454329523 bytes, 0 no > buffer > Received 1076750 broadcasts, 0 runts, 0 giants, > 0 throttles > 181 input errors, 0 CRC, 0 frame, 0 overrun, > 181 ignored > 0 input packets with dribble condition detected > 129416824 packets output, 3918760326 bytes, 0 > underruns > 0 output errors, 296169 collisions, 1 interface > resets > 0 babbles, 0 late collision, 478162 deferred > 0 lost carrier, 0 no carrier > 0 output buffer failures, 0 output buffers > swapped out > RBFW2514#ping 100.200.3.1 > > Type escape sequence to abort. > Sending 5, 100-byte ICMP Echos to 192.168.3.1, > timeout is 2 seconds: > . > Success rate is 0 percent (0/5) > RBFW2514# __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tunnel
What type of tunnel? I'm presuming some sort of VPN tunnel. Sure you can. Set one end up as a server and the other as a client. Check out www.bigdig.com for cool pictures of tunnel making :) --- "N.Anand" <[EMAIL PROTECTED]> wrote: > Can we create tunnel between 2 hosts without the > help of isps. > > N.Anand > > _ > Chat with your friends as soon as they come online. > Get Rediff Bol at > http://bol.rediff.com > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISL vs. 802.1Q
Other vendors (Nortel/Bay) support multiple spanning tree groups on 802.1q as well. I think each implementation is propiertary at moment. I heard something about the IEEE working on a updated 802.1q standard but I don't know where that stands today. Anyone know? I haven't tried Cisco 802.1q w/multiple VLANs and STGs to a Nortel/Bay box so can't comment on how Cisco's per-vlan stg extension effects the trunk link; I'll have to give it a try to see what happens. --- Chris Supino <[EMAIL PROTECTED]> wrote: > I would suspect that non-cisco devices would > probably ignore the additional > info(bits?). I really didn't press the lecturer as > this was an off-topic > discussion. You do have an interesting point, > though. > > -Original Message- > From: Fred Danson [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 01, 2001 1:57 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: RE: ISL vs. 802.1Q > > If Cisco were to add-on to dot1q, how would it be > able to communicate with > other non-Cisco routers using 802.1q? > > > >From: Chris Supino <[EMAIL PROTECTED]> > >Reply-To: Chris Supino <[EMAIL PROTECTED]> > >To: Jun Pati <[EMAIL PROTECTED]>, > [EMAIL PROTECTED] > >Subject: RE: ISL vs. 802.1Q > >Date: Wed, 31 Jan 2001 21:04:30 -0500 > > > >Jun, > > > >Used to be that ISL supported a spanning-tree per > VLAN, where Dot1q > >supported only a single spanning-tree. I was told > at a seminar recently > >that > >Cisco has expanded the capabilities of their > implementation of Dot1q, and > >it > >is now almost as fully featured as ISL, including > supporting a > >spanning-tree > >per vlan. ISL is being phased out. > > > >Christopher Supino > >MCSE, MCP+I, CCNA, CNA Netware 5, Compaq ASE > >Senior Systems Engineer > >TransNet Corp. > > > >-Original Message- > >From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > >Jun Pati > >Sent: Wednesday, January 31, 2001 7:29 PM > >To: [EMAIL PROTECTED] > >Subject: ISL vs. 802.1Q > > > > > >What is the advantage of using ISL on an all-Cisco > network compared to > >dot1Q > >aside from being able to handle frames larger than > the ethernet mtu. > > > > > >_ > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > >_ > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > _ > Get your FREE download of MSN Explorer at > http://explorer.msn.com > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Favorite Network Sniffer
I use Sniffer Pro and Ethereal often. I like both of them. Sniffer Pro supports alot more and Ethereal is free and does a decent job at LAN/Ethernet traffic. Ethereal also can decode application packets for applications like Yahoo Messenger, AIM, Quake, ICQ, etc which can be useful. This is available on most *nix flavors and has a win32 port. www.ethereal.com --- Russell Frame <[EMAIL PROTECTED]> wrote: > What's your favorite network sniffer/analyzer? __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TFTP Server
With a TFTP server application. PumpKIN is my favorite. Nice and small and gets job done. www.klever.net/kin. Read the story :) They also make some other nifty apps. --- Turfis <[EMAIL PROTECTED]> wrote: > How do you setup a WindowsME laptop as a TFTP server > so that you can > upload/download Cisco configs? Thanks. __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring Bay router loopback
It's called Circuitless IP. Protocols -> Circuitless IP. You can only have one per router however and can enable RIP, OSPF, etc for it. --- Brian Lodwick <[EMAIL PROTECTED]> wrote: > Anybody know how to configure a loopback interface > on a Bay router? > > >>>Brian __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Configuring Bay router loopback
By default the arp cache never ages out. You can change this by changing the value of Host Cache under each IP interface. Protocols -> IP -> Interface then scroll down until you find host cache then highlight it and click values. The cisco default is 4 hours. You can change it through MIBs and probably BCC as well. wfIpIntfCfgEntry (or wfIpInterfaceEntry for older code). Do a 'list wfIpIntfCfgEntry' to see what object the host cache is, then you can do a 'set wfIpIntfCfgEntry.(object#).(instance) (new value) ; commit' to change it. The values for this object can be found in the MIBs under the site manager dir. C:\WF\MIBS and you want to look at IP.MIB I think. It's a ASCII file. To see what instances you have do, 'list -i wfIpIntfCfgEntry' or the older MIB for older code and this will return something like: inst_id = x.x.x.x.x where x.x.x.x.x is the instance. Just put the stuff after the = in the get/set commands. If you need assistance let me know. I'm in a rush to get someplace right now so writing this real quick. Erick > >Wish I could help but I haven't touched a Bay in > years, do you know how to > >configure the arp cache timers on a bay? > > > >Thanks > >Cory __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring Bay router loopback
It is nice, but BCC doesn't do everything Site Manager does and vice versa. Also, last time I configured a router completely from scratch w/BCC and then used Site Manager it didn't recognize parts of the configuration. Your milage may vary though. I haven't tried this on newer versions of code to see if it improved. My recommendation from scratch is to boot off ti.cfg, etc then run install.bat and get 1 interface up, go into SM and finish the configuration or do it locally and TFTP the config to the router and reboot. I use BCC once the routers up to make small changes but prefer SM for major changes for compatibility reasons. Erick --- "Bradley J. Wilson" <[EMAIL PROTECTED]> wrote: > Don't forget that you may have another excellent > configuration tool at your > fingertips - the BCC (Bay Command Console), despite > its relative immaturity > compared to Site Mangler, is light-years ahead in > terms of speed and > reliability. If you have BayRS version 12.20 or > higher running on your > router, just type "bcc" at the TI prompt and press > enter. > > Once the BCC launches (it takes a second or two to > load), enter config mode > by typing "config." Change to the global IP object > by entering the "ip" > command, then you can configure a virtual interface > simply by entering > "virtual," then entering an IP address. I'm doing > all this from memory as I > write this, so it may be a little off: > > bcc> config > box# ip > ip# virtual > virtual# ip w.x.y.z /mask > > all done. > > Not too many people know about the BCC. IMO, Bay > did a fabulous job in > creating it, but a lousy job marketing and including > it in their training > courses. When I worked for Bay's Educational > Services, I made sure to cover > the BCC in every course I taught. Not every > instructor got as excited about > the BCC as I did...I still don't know why. It > rocks! :-) > > BJ > > > - Original Message - > From: Brian Lodwick > To: [EMAIL PROTECTED] ; [EMAIL PROTECTED] > Sent: Friday, February 02, 2001 8:14 PM > Subject: Re: Configuring Bay router loopback > > > Thanks Howard, > I found something tried it, but we couldn't get it > to work. > Here are the commands we tried: > Starting IP on the Circuitless Interface > To configure a circuitless IP interface, begin at > the Configuration Manager > window and proceed as follows: > 1. Select Protocols > IP > Circuitless IP > Create > to display the IP > Configuration window. > > 2. Edit the parameters on the IP Configuration > window. > > 3. Click on OK to save the circuitless IP interface. > > A special Select Protocols window opens, listing the > protocols you can > configure on a circuitless interface. > > 4. Select a protocol and click on OK. > > >>>Brian > > > > >From: "Howard C. Berkowitz" <[EMAIL PROTECTED]> > >Reply-To: "Howard C. Berkowitz" <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: Re: Configuring Bay router loopback > >Date: Fri, 2 Feb 2001 18:18:02 -0500 > > > > >Anybody know how to configure a loopback > interface on a Bay router? > > > > > >>>>Brian __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Admin distance on directly connected
You're right. --- John Neiberger <[EMAIL PROTECTED]> wrote: > Actually, I believe that a static route pointing to > a next hop has an AD of > 1, but a static route pointing to an interface shows > as directly connected > and has an AD of 0. > > I just tested this to be sure, but someone else > might want to verify it. > > John > > > > > > > A directly connected network has an AD=0. > > > A static route via Interface has AD=0 > > > A static route via IP address has AD=1 > Correct? > > > > A static route via interface cannot have AD of 0. > > It can have AD from 1 (default) to 255, just like > > any other static route. > > > > Sasa __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: External Ethernet Loopback Plug
Why do you need a ethernet loopback plug? I've never heard of or tried crossing the wires on a cable. Don't know what would happen. Use caution. It may not even come up or you might get a ton of collisions or smoke... which reminds me of a graphic I have. :) http://erickbe.home.dhs.org/etherkiller.jpg But seriously, if you're looking to just bring a Ethernet interface up with no hub, PC, etc hanging off it then do 'no keep' to turn keepalives off and that will bring it up but you won't be able to do much with it. Connecting the ethernet interface to a hub, PC, etc will bring it up as well as well as the cabling is good, etc. --- Tony van Ree <[EMAIL PROTECTED]> wrote: > Hi, > > I don't know that making a loopback is a good idea. > There is a fair chance you'll let the smoke out of > the interface chips. This makes them unusable. I > also don't know how you would address such a thing. > > Most IP stacks can be tested by pinging yourself. > There are various bits of software around that do > testing of NIC's. There are a number of packages > that inject traffic onto networks that will allow > testing. > > If you really want to send something up itself you > could try making a cable that connects pin 1 - 3 and > pin 2 - 6. What it will do is not necessarily what > you need. But, don't let the smoke out of the > interface chips. > > Teunis > Hobart, Tasmania > Australia > > > On Tuesday, February 06, 2001 at 04:48:43 PM, > [EMAIL PROTECTED] wrote: > > > To all - > > > > Can someone please tell me how to make an external > ethernet loopback plug? > > If you know of a website with instructions, please > include the URL. > > > > Thanks, > > Matt __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: Sniffer Program
www.ethereal.com It's free and decent for LAN/Ethernet stuff. If you're looking for WAN, ATM, etc then you'll need to look at commericial products such as Sniffer Pro. --- Paul Werner <[EMAIL PROTECTED]> wrote: > > >Can someone recommend a good WindowsME > sniffer? > > Well, I am not sure if it works on Windows ME > boxes, but there is a protocol analyzer that will > work on most other Winthings (95,98, NT4, etc.) > It is fairly decent given the cost(free). My > understanding is that it comes from a Win32 > ported version of TCPdump. There is only one > downside that I am aware of. All of the help > files are in Italian. If you can figure out how > to get it all loaded, its fairly decent. > > I am trying to work on the documentation side of > things by trying to get a deal struck between my > wife and the guy that wrote the code for the > program as part of his doctoral thesis. He is in > no hurry to get everything translated into > English. OTOH, if I give the right type of > gratuity to my wife :-), she might be willing to > do it herself (I hope). We'll see how (and if) > it works out. > > Here it is: > > http://netgroup-serv.polito.it/windump/ > > http://netgroup-serv.polito.it/analyzer/ > > HTH, > > Paul Werner __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Traffic Shaping and Access control
Hi, You want to look into policy routing and route-maps on cisco.com. Plenty of docs on the subject. You will need two route-map sequences. One to match on www and set next hop to R3 and the other to set next hop for all other traffic to R2. --- A Mateen <[EMAIL PROTECTED]> wrote: > Hi ! > > I have the following scenario > > -- R2 LAN2 > LAN1---R1 > -- R3 - LAN3 > > > Note: R1 is the end customer > R2 is ISP1 edge router > R3 is ISP2 edge router > DEFAULT IP ROUTE IS POINTING TO BOTH R2 AND R3. > (MUST) > > Any traffic comes from LAN1 with www request to go > on R3 > and rest of the traffic shud be routed via R2 only. > > How do I limit this acess.. Apprecite the update on > this __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: how to configure US robotic modem on a 2620 router
I get the best results w/USRs by setting them to dumb mode, auto-answer, echo off, and default factory settings. The jumpers are on the back edge or bottom on the USRs depending on model. Newer ones are on back. There should be a little chart on bottom with what each DIP switch is for. This way the modem has less chance to get screwed up and it will work fine a majority of the time. Some routers (3Com NB's particularly) have issues with echo locking up the port they're hanging off of. Your milage may vary... --- John Chambers <[EMAIL PROTECTED]> wrote: > How do I set the jumper on the modem in order for it > to work with a > cisco router 2620? Thanks. > > John Chambers > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Erasing a image from flash in 11.2
If I recall correctly, you can mark the files for deletion on a 3600 but the 3600 series uses a flash type that you can't squeeze to regain space. You need to erase the contents of the whole partition to free the space. If you only have one partition then you need to erase the flash and TFTP the image back down. I'm not sure why it lets you mark files for deletion if you have to erase flash to regain space. I can't find the cisco page on this at moment, but do have it bookmarked on my other PC. I'll follow up with the URL tomorrow. Erick --- "Roberts, Timothy" <[EMAIL PROTECTED]> wrote: > > How do I erase one of the three images on the flash > card of a 3640 running > 11.2? > Thanks __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Problem with Cisco 2620 (24MB RAM/8MB Flash) keep rebooting
Can you TFTP boot off your previous image or another image? You have 24meg DRAM total but the router takes a chunk of that for shared memory thus I'm suspecting that the total main DRAM (total minus shared) is less then 20. You can check this by doing a 'show version' and seeing how much you have. Plug your router model and modules through the HW/SW compatibility matrix and see if this is a good version of IOS to support your hardware modules as well. On a 2600, it will look something like: cisco 2610 () processor (revision...) with ###/### bytes of memory. ###/### == main/shared HTH, Erick --- David Tran <[EMAIL PROTECTED]> wrote: > Hi Everyone, > I have a cisco router 2620 that was running fine > until Sunday when I = > decided to upgrade the router=20 > with a new IOS. The new IOS image is specifically > for cisco2610-2621. = > However, after upgrading > the flash and reboot the router, my Fast Ethernet > Interface (f0/0) is = > completely gone from the=20 > configuration file. Furthermore, the IOS image file > on the flash is = > also gone. So I tried to bootup > the router via tftp server. The router can see the > tftp server and load = > the image into memory. =20 > However, after loading the image into memory (RAM), > the router just = > keeps rebooting itself=20 > (running in a loop) and each time this is the > message that I keep = > getting: > > SYSTEM INIT: INSUFFICIENT MEMORY TO BOOT THE IMAGE! > > Is this because 24MB is not sufficient? The IOS > image that I use is: = > c2600-i-mz.120-5.T1.bin=20 > Cisco says that this image only requires 20MB of RAM > and 8MB of Flash. = > As of now, the router=20 > just keeps running in a loop. > > Can anyone help me with this problem? =20 > > > Cisco Internetwork Operating System Software > IOS (tm) C2600 Software (C2600-D-M), Version > 12.0(5)T1, RELEASE = > SOFTWARE (fc1) > Copyright (c) 1986-1999 by cisco Systems, Inc. > Compiled Tue 17-Aug-99 13:11 by cmong > Image text-base: 0x80008088, data-base: 0x80859E60 > > > SYSTEM INIT: INSUFFICIENT MEMORY TO BOOT THE IMAGE! > > > System Bootstrap, Version 11.3(2)XA4, RELEASE > SOFTWARE (fc1) > Copyright (c) 1999 by cisco Systems, Inc. > TAC:Home:SW:IOS:Specials for info > C2600 platform with 24576 Kbytes of main memory > > David Tran > [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PPP multilink over 2 serial interface
You can use the interface multilink feature to tie serial interfaces together into one circuit. This is fairly recent feature, mid 12.xT somewhere abouts. multilink-group does not work on DDR interfaces. Look into multilink virtual-template to do serial & ddr but virtual-template is for inbound calls mainly. int multilink1 ip address .. encaps ppp ppp multi multilink-group 1 multilink max-link # .. other interface commands int s0 encaps ppp ppp multilink multilink-group 1 int s1 encaps ppp ppp multilink multilink-group 1 router# show ppp multi .. displays stats on multilink bundle --- "West, Karl" <[EMAIL PROTECTED]> wrote: > Well If the Chanelized E3 works like our Chanelized > T3 here in the US then > your answer is yes! > > 2 serial T1's = 3Mb (ppp Multilinked) > > Karl > > -Original Message- > From: Kim Quang Vo > [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, February 13, 2001 2:28 PM > To: [EMAIL PROTECTED] > Subject: PPP multilink over 2 serial interface > > > > I have no experience to configure PPP multilink at > Cisco 2610 ( 2 serial , > 2Mb) to 7206 with > E3 Chanelized inteface. (It will get 4 Mb) > > Is it possible. > > > Rergards, > > Kim __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: "no shutdown " command
The default configuration, will have all the physical interfaces shutdown (serial, ethernet, etc). To make the interface active you must go into configuration mode and put 'no shutdown' under the interface. New routers or routers without a local configuration or image file might have physical interfaces active for network booting purposes, but if the router has a local image and config then it loads off that and on all routers I've encountered physical interfaces are disabled until they are configured - besids some of the small soho home routers. Logical/Virtual interfaces (loopback, etc) become active once you create them. You can shut them down by putting the 'shutdown' command under the interface. --- thinkworker <[EMAIL PROTECTED]> wrote: > Is "no shutdown" a must command for configure > interfaces? Or just on some serial ports? __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: backup subinterface on another subinterface
It will if they both have different IP subnets, thus the floating route has it's own next hop. If you want to go further you can use route-maps and do policy routing. If PVC1 was down you could match on the sub interface that was up and change the next hop. Same for other PVC... Why are you backing up one PVC with another PVC on the same physical circuit? I work with Frame regularly and a majority of the time frame outages involve the entire circuit (loss of signalling / LMI, circuit down, line problems, etc) and not just one PVC, unless each PVC is going to a different site/spoke and the spoke was having line/LMI issues. If this were the case then routing traffic for this site over the other PVC might make sense if that spoke/site had a link to the original destination or served as a backup for that location being down. --- Adam Wang <[EMAIL PROTECTED]> wrote: > Thanks for all your input on setting up a floating > static suggestion, but the 2 PVCs that I have are > both active and in production, and each is carrying > different type of traffic. > > They are both acting as primary links. I want to > set up something that if one fail, it will jump to the > other one. I don't think floating static will work > in > this case. > > Adam > > > > --- Kelly D Griffin <[EMAIL PROTECTED]> wrote: > > The way my company does it is to weight routes for > > the two PVC's. > > > > Serial0/0.1 point-to-point > > ip address 192.168.255.1 255.255.255.252 > > no ip route-cache > > no cdp enable > > frame-relay interface-dlci 20 > > ! > > Serial0/0.2 point-to-point > > ip address 192.168.255.5 255.255.255.252 > > no ip route-cache > > no cdp enable > > frame-relay interface-dlci 21 > > ! > > ip route 10.0.0.0 255.0.0.0 192.168.255.2 > > ip route 10.0.0.0 255.0.0.0 192.168.255.6 200 > > ! > > end > > wr > > > > This says to route the traffic over S0/0.1 as it > is > > directly connected. > > Route the traffic over S0/0.2 if the primary link > > should become unreachable. > > You have to be careful with the administrative > > distance on the backup route. > > If you are running a routing protocol (OSPF, RIP, > > etc.) you will have to > > take into account what the default distances are > for > > these protocols. Keep > > in mind that a route that points to an interface > is > > distance 0 and a route > > to an IP address is distance 1. > > > > Kelly D Griffin, CCNA, CCDA > > Network Engineer > > Kg2 Network Design > > http://www.kg2.com > > > > > > - Original Message - > > From: "Adam Wang" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, February 14, 2001 10:08 AM > > Subject: backup subinterface on another > subinterface > > > > > > > Hi group, > > > > > > I have 2 PVCs setup using Frame Relay on a > serial > > > interface with 2 subinterafces, and I want these > 2 > > > subinterfaces to backup each other when 1 fails. > > > > > > I did backup interface s0.2, but it won't allow > a > > > subinterface on the backup command, only the > > physical > > > interface. So backup interface s0 is possible. > > > > > > Why is that and how can I do this > > > > > > > > > Thanks in advance > __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Fw: Is this COOL or what? Cisco Space Phones!
So, wheres the URL or info on 'Cisco Space Phones' ? --- Arthur Simplina <[EMAIL PROTECTED]> wrote: > This is COOL!!! > > >Received this today from my inside sales manager. > > > >Though you "might" consider blowing your own horn - > it is still cool. > > > >Kevin Wigle __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PPP multilink over 2 serial interface
Virtual-Template is different than interface multilink/multilink-group. I don't have much experience with virtual-template or multilink virtual-template other then playing with them in lab. I can't get a virtual-template make a outbound call over ddr. I have the same problem with IRB (BVIs) and ddr though. Not sure if there designed for outbound ddr calls. I have succesfully tied 2 serial interfaces and a inbound call over ISDN into one ppp multilink ckt with a virtual template on 2600's though. --- "West, Karl" <[EMAIL PROTECTED]> wrote: > I have been having some problems with Multilink PPP > recently. We have used > Virtual-Template but have found that you can only > have 1 Virtual-Template > per Router (7507 in this case). > > Karl > > -Original Message- > From: Erick B. [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 14, 2001 1:28 AM > To: West, Karl; 'Kim Quang Vo'; [EMAIL PROTECTED] > Subject: RE: PPP multilink over 2 serial interface > > > You can use the interface multilink feature to tie > serial interfaces together into one circuit. This is > fairly recent feature, mid 12.xT somewhere abouts. > multilink-group does not work on DDR interfaces. > Look > into multilink virtual-template to do serial & ddr > but > virtual-template is for inbound calls mainly. > > int multilink1 > ip address .. > encaps ppp > ppp multi > multilink-group 1 > multilink max-link # >.. other interface commands > > int s0 > encaps ppp > ppp multilink > multilink-group 1 > > int s1 > encaps ppp > ppp multilink > multilink-group 1 > > router# show ppp multi > .. displays stats on multilink bundle > > --- "West, Karl" <[EMAIL PROTECTED]> wrote: > > Well If the Chanelized E3 works like our > Chanelized > > T3 here in the US then > > your answer is yes! > > > > 2 serial T1's = 3Mb (ppp Multilinked) > > > > Karl > > > > -Original Message- > > From: Kim Quang Vo > > [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, February 13, 2001 2:28 PM > > To: [EMAIL PROTECTED] > > Subject: PPP multilink over 2 serial interface > > > > > > > > I have no experience to configure PPP multilink at > > Cisco 2610 ( 2 serial , > > 2Mb) to 7206 with > > E3 Chanelized inteface. (It will get 4 Mb) > > > > Is it possible. > > > > > > Rergards, > > > > Kim > > > __ > Do You Yahoo!? > Get personalized email addresses from Yahoo! Mail - > only $35 > a year! http://personal.mail.yahoo.com/ > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ip default gateway
ip default-gateway works if ip routing is disabled and the router is basically a host on the network like your PCs, etc. You would turn IP routing off (no ip routing) to bridge all traffic for example. Using ip default-network would let you propagate a route via IGRP/EIGRP or RIP to a neighbor router also doing IGRP/EIGRP or RIP and all the rules were met (IGRP/EIGRP especially - RIP just announces a 0.0.0.0 no matter what ip default-network is pointing to on the router). ip default-network must use a classful network address. ip route 0.0.0.0/0 next-hop will forward traffic to unknown networks. If you have 'no ip classless' and your next-hop is a directly connected network the 0.0.0.0/0 route won't be used. --- "West, Karl" <[EMAIL PROTECTED]> wrote: > I think what you really wanted to do was use "Ip > default-network" > here is a link that will explain it to you further > and what the difference > is. It has to do with weather you have ip routing > enabled on your system. > > Karl > http://www.cisco.com/warp/public/105/default.html > > -Original Message- > From: birs [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 15, 2001 5:02 AM > To: [EMAIL PROTECTED] > Subject: Ip default gateway > > > Hello > > I just had a situation like this: > I connected a Cisco1750 to Catalist2924, and > then Catalist2924 to > Catalist8540 and configured "ip default-gateway > 10.0.1.1" in > 1750(10.0.1.1 is the ip of 8540). Then 1750 was > ping'in only 10.0.1.1 > 255.255.255.240's hosts and no other network in my > backbone. > Then I turned "ip default gateway 10.0.1.1" into > "ip route 0.0.0.0 > 0.0.0.0 10.0.1.1" and my Cisco1750 started pinging > every ip in my > backbone. > > I will be grateful if anyone explains why "ip > default-gateway" > didn't worked and what is the difference between > these two. Thanks. > > Birsen Ozturk > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Command line sniffer
Windump, tethereal (part of ethereal), probably a few more libpcap/winpcap based apps. --- [EMAIL PROTECTED] wrote: > Hello, > > Is somebody know a command line sniffer for windows > NT ? __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: question about frame
Hi, I'm not sure how to calculate it for 4 seconds, but all the documentation and examples I've seen explain Bc (Commited burst) as bc = 1/8 / line access rate, where 1/8 is the time period for a one second period which is a common time period from my understanding. Example: line access rate: 64k CIR Contracted: 32k bc (1/8 / line access rate) = 8000 be (excess burst) = 0 (recommended) According to what I read, there are 8 intervals (transmission periods) in this one second period. Interval 1: bc + be (be is only sent on 1st interval) Interval 2-8: bc only So, using a bc of 8000 and be of 0, 8000 * 8 = 64000 which is the line speed. If you make bc 4000 and be 32000 then you will be sending 32000 commited burst and 32000 excess on first interval of cycle, for total of 64000. In cisco terms (Frame Relay traffic shaping) cir = line access rate mincir = contracted CIR with provider bc = commited burst be = excess burst I hope this helps and is accurate. --- Fred Danson <[EMAIL PROTECTED]> wrote: > Hey guys, I just got a quick question about Frame > Relay. > > I've been reading the BCRAN book published by > Sybex, and I'm finding > the frame relay chapter a bit confusing. A few > paragraphs from the Sybex > book state the following: > "Committed burst size and excess burst size are > the two types of burst > sizes. Each of these sizes is measured over a > specific time interval called > the committed rate measurement interval. Committed > burst size is the maximum > amount of data that the network can guarantee will > be delivered during the > committed time interval. The excess burst size is > the amount of traffic > which the user may exceed the committed burst size. > For example, take a user who buys a Frame Relay > circuit with the > following characteristics: 1544Kbs access rate, 256K > CIR, 4 second committed > time interval. > The user is guaranteed a CIR of 256Kbps over a > four-second period. The > user could transmit 256Kbps for four seconds, and > the network would ensure > delivery. The user could alternately send 1024Kbps > for one second, > representing the committed burst. However for the > remaining three seconds, > there would be no guarantee of delivery for the > excess burst traffic." > > When the author says "The user could > alternately send 1024Kbps for one > second, representing the committed burst.", is he > defining the committed > burst as any speed above the CIR that does not > exceed the total amount of > information (256Kbps * 4 second interval = 1024K, > total info) allowed to be > sent during the time interval ? I always thought of > the committed burst rate > as a rate of information agreed upon with the Telco. > For example, I thought > you could get a CIR of 256Kbps and a burst up to > 512Kbps, or a CIR of > 256Kbps with a burst up to 1.544 Mbps. > Could anyone do me the favor of defining > committed burst rate and > excess burst rate, and while you're at it > differentiate between the two? :) > > Thanks, > Fred Danson > > _ > Get your FREE download of MSN Explorer at > http://explorer.msn.com > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: tftp-server :mismatch not ok?(CONFIGS)
It looks like the c2500 image you have is a relocatable image, and the 4000 doesn't support relocatable images. A relocatable image is one that can be a different file # on flash. A non-relocatable image has to be file 1. The 4500 is newer then the 4000 so may support relocatable images; this may be a bootloader/bootrom version issue as well. cisco.com will have the info though. I know when you do a copy tftp on cisco, Pumpkin TFTP server reports 2-3 aborted transfers before the full tftp download. This may mean that IOS is checking the image name or just grabbing the first few bytes of the file to look at the headers, etc to see if its a valid image for that router. You can try renaming the image, etc but I'm not sure what IOS looks at exactly. --- Pierre-Alex <[EMAIL PROTECTED]> wrote: > Ok, still does not work! > > Cisco4000#copy tftp flash > Address or name of remote host [192.168.0.253]? > Source filename [c2500-js-l_112-17.bin]? > Destination filename [c2500-js-l_112-17.bin]? > Accessing > tftp://192.168.0.253/c2500-js-l_112-17.bin... > %Warning: File not a valid executable for this > system > %Error: This platform does not support relocatable > images. > Abort Copy? [confirm]n > Cisco4000# > > -Original Message- > From: Circusnuts [mailto:[EMAIL PROTECTED]] > Sent: Sunday, February 18, 2001 12:13 PM > To: Pierre-Alex > Cc: [EMAIL PROTECTED] > Subject: Re: tftp-server :mismatch not ok?(CONFIGS) > > > > Abort Copy? [confirm] > > Cisco4000# > > Type the letter N next to confirm. You do not want > to abort the download & > you do not want to erase FLASH before copying the > image. > > Phil > > > - Original Message - > From: "Pierre-Alex" <[EMAIL PROTECTED]> > To: "Circusnuts" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Sunday, February 18, 2001 7:03 PM > Subject: RE: tftp-server :mismatch not ok?(CONFIGS) > > > > Alright, I did a tftp-server on the 2513 then I > did the following: > > > > Cisco4000#copy tftp flash > > Address or name of remote host [192.168.0.253]? > > Source filename [c2500-js-l_112-17.bin]? > > Destination filename [c2500-js-l_112-17.bin]? > > Accessing > tftp://192.168.0.253/c2500-js-l_112-17.bin... > > %Warning: File not a valid executable for this > system > > %Error: This platform does not support relocatable > images. > > Abort Copy? [confirm] > > Cisco4000# > > > > -Original Message- > > From: Circusnuts [mailto:[EMAIL PROTECTED]] > > Sent: Sunday, February 18, 2001 11:24 AM > > To: Pierre-Alex; [EMAIL PROTECTED] > > Cc: [EMAIL PROTECTED] > > Subject: Re: tftp-server :mismatch not > ok?(CONFIGS) > > > > > > I've done this a million times... Check that you > have sufficient room in > > FLASH (for both images to reside), Ping the TFTP > Server, & Copy TFTP FLASH > > (WITH OUT ERASE). > > > > Looks like this: > > > > 4500(a)#copy tftp flash > > Address or name of remote host []? 10.10.10.10 > > Source filename []? 12-9Enterprise.MZ > > Destination filename [12-9Enterprise.MZ]? > > Accessing tftp://10.10.10.10/12-9Enterprise.MZ... > > Erase flash: before copying? [confirm] > > Erasing the flash filesystem will remove all > files! Continue? [confirm]n > > Loading 12-9Enterprise.MZ from 10.10.10.10 (via > Ethernet0): > > > > > !!! > > > > Then: > > > > 4500(a)(config)#tftp-server flash > 12-9Enterprise.MZ > > 4500(a)(config)#^Z > > 4500(a)#wr > > Building configuration... > > > > 00:09:20: %SYS-5-CONFIG_I: Configured from console > by console[OK] > > 4500(a)# > > > > Lastly: > > > > 4500(a)#sh flash > > > > System flash directory: > > File Length Name/status > > 1 8052512 c4500-js-mz.121-6.bin > > 2 4784286 12-9Enterprise.MZ > > [12836928 bytes used, 3940288 available, 16777216 > total] > > 16384K bytes of processor board System flash > (Read/Write) > > > > I am showing a 4500 with 12.1(6) (the running > IOS), housing > 12.0(9)Enteprise > > destined for all my 2500 series routers. Now- I > generally change the IOS > > names to avoid personal confusion (so please > ignore the clarity ;-) > > > > Good Luck !!! > > Phil > > > > > > - Original Message - > > From: "Pierre-Alex" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Sunday, February 18, 2001 11:48 AM > > Subject: tftp-server :mismatch not ok? > > > > > > > Hi, > > > > > > I posted this a few months ago. I am still > looking for a good > > explaination. > > > > > > Question: WHY CAN'T I TFTP THE IOS OF THE 2513 > INTO THE FLASH OF THE > 4000? > > > (see below) > > > > > > Cisco4000(config)#tftp-server > > > flash:c2500-js-l_112-17.bin > > > Warning: flash:c2500-js-l_112-17.bin does not > > > exist. Command retained > > > > > > > > > Cisco2513#copy flash tftp > > > > > > System flash directory: > > > File Length Name/status > > >1 8108960 c2500-js-l_112-17.bin > > > [8109024 bytes used, 279584 available, 8388608
Re: HSRP and UDP forwarding.
Look at this way. HSRP (and VRRP) share a virtual IP address among the devices participating. Hosts point their default-gateway to this Virtual IP address. This allows the hosts to still forward traffic when the primary router/switch interface goes down and the standby router/switch changes over to active. This is the function of HSRP/VRRP - to provide a shared IP address among multiple interfaces on the same network. If the interface is in standby mode for HSRP then the standby IP address isn't active on this interface, but the primary IP is active and ip-helper, routing, and all other IP features you have configured are active unless the interface is down, etc. Currently, there isn't a way to stop ip-helper from forwarding when the HSRP address is in standby mode since ip-helper isn't part of HSRP. Maybe they need to add a feature, like standby helper or something so when HSRP is being used it will only forward UDP broadcast traffic on the device that has the HSRP IP active. Example: if such a feature existed, then you wouldn't use ip-helper on HSRP interfaces - you would use standby-helper if you just wanted UDP forwarded on device with active HSRP IP address. The only way to get around forwarding UDP broadcasts from both routers would to remove the ip-helper from one of the interfaces. The problem here is when the other interface goes down you're not going to forward the UDP broadcasts anymore. The other solution would to be make the DHCP server local so ip-helper wasn't needed. If you search on cisco.com for HSRP and IP-helper you'll get a document on UDP Flooding which involves bridge-groups and using spanning-tree to block. Erick --- Bob Vance <[EMAIL PROTECTED]> wrote: > I was told this in another venue: > > >It is the nature of HSRP. Both routers listen to > broadcast traffic. > Both > >routers are configured as a DHCP and BOOTP relay > agent in order to get > >redundancy. So all DHCP and BOOTP broadcast traffic > is sent twice to > the > >central server. > > Is there some reason for this to be true? > It does not seem right to me. > > My understanding is that, normally, HSRP does not > depend on multiple > routers in the group to forward traffic. The HSRP > group appears as one > router to the side where it is being redundant, with > the primary router > forwarding all traffic. The standby doesn't > participate, except > possibly > on reply traffic > > I think that you would agree that it is not normal > nor good (maybe not > necessarily bad, but certainly not good :) for a > router arbitrarily to > send duplicate packets onto a subnet and this is, in > effect, what would > be happening here. > > In single-group HSRP mode, I can see no reason for > this to be > required -- > I would think that it would be sufficient for the > UDP forwarding simply > to follow the primary router. > > Multi-group HSRP seems to present some other > possibilities/problems that > I haven't explored in depth yet. One point is that > it would appear that > having MHSRP primary routers forwarding DHCP (at > least the broadcasts) > would require extraordinary configuration on the > DHCP server. For > example, if the clients are in the same subnet, then > which default > gateway should it send to the client? Thus, MHSRP > *with* DHCP > forwarding > would seem to require, practically, multiple subnets > and broadcast > domains -- i.e., VLANs. > > Comments? __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: tftp-server :mismatch not ok?(CONFIGS)
> %Error: This platform does not support relocatable > images It is erroring because of the above. Look over my msg below again. To eliminate tftp'ing it off the 2500 put the c2500 image on a PC and tftp it from there. You should be able to tftp it off the 2500 to a 4000 because that is reading from flash only... --- Pierre-Alex <[EMAIL PROTECTED]> wrote: > Hi Darren, > > I did what you asked (rebooted the Cisco2500 in boot > mode). Still did not > work. > > Cisco4000#copy tftp flash > Address or name of remote host [192.168.0.253]? > Source filename [c2500-js-l_112-17.bin]? > Destination filename [c2500-js-l_112-17.bin]? > Accessing > tftp://192.168.0.253/c2500-js-l_112-17.bin... > %Warning: File not a valid executable for this > system > %Error: This platform does not support relocatable > images. > Abort Copy? [confirm]n > Cisco4000# > > -Original Message- > From: Darren Henwood [mailto:[EMAIL PROTECTED]] > Sent: Sunday, February 18, 2001 5:19 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: RE: tftp-server :mismatch not ok?(CONFIGS) > > > Hi Pierre-Alex, > The reason you are unable to TFTP an image to/from a > Cisco2500 series > router is because, unlike most other platforms, it > runs the IOS from > flash. If you do a "show version" on a Cisco2500 the > flash will appear > as read-only and not read/write. Therefore, you will > have to boot the > router into boot-mode (change the config register to > 0x2101) and you > will notice now that the flash is read/write. You > will now be able to > TFTP the image to flash. > > I hope this helps, and if you have any problems let > me know. > > Cheers > Darren > > From: "Pierre-Alex" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>, "Circusnuts" > <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Subject: RE: tftp-server :mismatch not ok?(CONFIGS) > Date: Sun, 18 Feb 2001 16:10:59 -0600 > Message-ID: > <[EMAIL PROTECTED]> > X-Priority: 3 (Normal) > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 > (9.0.2910.0) > X-MimeOLE: Produced By Microsoft MimeOLE > V5.00.2919.6700 > Importance: Normal > In-Reply-To: > <[EMAIL PROTECTED]> > Sender: [EMAIL PROTECTED] > Reply-To: "Pierre-Alex" <[EMAIL PROTECTED]> > Precedence: bulk > Status: > > This is very useful thanks! > > -Original Message- > From: Erick B. [mailto:[EMAIL PROTECTED]] > Sent: Sunday, February 18, 2001 3:58 PM > To: Pierre-Alex; Circusnuts > Cc: [EMAIL PROTECTED] > Subject: RE: tftp-server :mismatch not ok?(CONFIGS) > > > It looks like the c2500 image you have is a > relocatable image, and the 4000 doesn't support > relocatable images. A relocatable image is one that > can be a different file # on flash. A > non-relocatable > image has to be file 1. The 4500 is newer then the > 4000 so may support relocatable images; this may be > a > bootloader/bootrom version issue as well. cisco.com > will have the info though. > > I know when you do a copy tftp on cisco, Pumpkin > TFTP > server reports 2-3 aborted transfers before the full > tftp download. This may mean that IOS is checking > the > image name or just grabbing the first few bytes of > the > file to look at the headers, etc to see if its a > valid > image for that router. You can try renaming the > image, > etc but I'm not sure what IOS looks at exactly. > > --- Pierre-Alex <[EMAIL PROTECTED]> wrote: > > Ok, still does not work! > > > > Cisco4000#copy tftp flash > > Address or name of remote host [192.168.0.253]? > > Source filename [c2500-js-l_112-17.bin]? > > Destination filename [c2500-js-l_112-17.bin]? > > Accessing > > tftp://192.168.0.253/c2500-js-l_112-17.bin... > > %Warning: File not a valid executable for this > > system > > %Error: This platform does not support relocatable > > images. > > Abort Copy? [confirm]n > > Cisco4000# > > > > -Original Message- > > From: Circusnuts [mailto:[EMAIL PROTECTED]] > > Sent: Sunday, February 18, 2001 12:13 PM > > To: Pierre-Alex > > Cc: [EMAIL PROTECTED] > > Subject: Re: tftp-server :mismatch not > ok?(CONFIGS) > > > > > > > Abort Copy? [confirm] > > > Cisco4000# > > > > Type the letter N next to confirm. You do not > want > > to abort the download & > > you do not want to erase FLASH before copying the > > image. > > > > Phil > > > > > > - Original Message - > >
RE: tftp-server :mismatch not ok?(CONFIGS)
I sent that too soon. I meant, to eliminate TFTP'ing the image off a 2500 as a problem put the image on your PC and set it up as TFTP server. Then try TFTP'ing from your PC to the 4000. You'll probably get the relocatable image error still... I'm not sure if a newer boot prom version adds support for relocatable images or not with the 4000. A brief look on CCO didn't reveal anything. If a image on the 2500 is running from flash - the flash is read-only. Try TFTP'ing the image from the 2500 with your PC to see if it sends it to you. I don't have a 2500 handy to try. This isn't going to solve your problem but would be interesting to see result. Erick --- "Erick B." <[EMAIL PROTECTED]> wrote: > > %Error: This platform does not support relocatable > > images > > It is erroring because of the above. Look over my > msg > below again. To eliminate tftp'ing it off the 2500 > put > the c2500 image on a PC and tftp it from there. You > should be able to tftp it off the 2500 to a 4000 > because that is reading from flash only... > > --- Pierre-Alex <[EMAIL PROTECTED]> wrote: > > Hi Darren, > > > > I did what you asked (rebooted the Cisco2500 in > boot > > mode). Still did not > > work. > > > > Cisco4000#copy tftp flash > > Address or name of remote host [192.168.0.253]? > > Source filename [c2500-js-l_112-17.bin]? > > Destination filename [c2500-js-l_112-17.bin]? > > Accessing > > tftp://192.168.0.253/c2500-js-l_112-17.bin... > > %Warning: File not a valid executable for this > > system > > %Error: This platform does not support relocatable > > images. > > Abort Copy? [confirm]n > > Cisco4000# > > > > -Original Message- > > From: Darren Henwood > [mailto:[EMAIL PROTECTED]] > > Sent: Sunday, February 18, 2001 5:19 PM > > To: [EMAIL PROTECTED] > > Cc: [EMAIL PROTECTED] > > Subject: RE: tftp-server :mismatch not > ok?(CONFIGS) > > > > > > Hi Pierre-Alex, > > The reason you are unable to TFTP an image to/from > a > > Cisco2500 series > > router is because, unlike most other platforms, it > > runs the IOS from > > flash. If you do a "show version" on a Cisco2500 > the > > flash will appear > > as read-only and not read/write. Therefore, you > will > > have to boot the > > router into boot-mode (change the config register > to > > 0x2101) and you > > will notice now that the flash is read/write. You > > will now be able to > > TFTP the image to flash. > > > > I hope this helps, and if you have any problems > let > > me know. > > > > Cheers > > Darren > > > > From: "Pierre-Alex" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]>, "Circusnuts" > > <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Subject: RE: tftp-server :mismatch not > ok?(CONFIGS) > > Date: Sun, 18 Feb 2001 16:10:59 -0600 > > Message-ID: > > > <[EMAIL PROTECTED]> > > X-Priority: 3 (Normal) > > X-MSMail-Priority: Normal > > X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 > > (9.0.2910.0) > > X-MimeOLE: Produced By Microsoft MimeOLE > > V5.00.2919.6700 > > Importance: Normal > > In-Reply-To: > > > <[EMAIL PROTECTED]> > > Sender: [EMAIL PROTECTED] > > Reply-To: "Pierre-Alex" > <[EMAIL PROTECTED]> > > Precedence: bulk > > Status: > > > > This is very useful thanks! > > > > -Original Message- > > From: Erick B. [mailto:[EMAIL PROTECTED]] > > Sent: Sunday, February 18, 2001 3:58 PM > > To: Pierre-Alex; Circusnuts > > Cc: [EMAIL PROTECTED] > > Subject: RE: tftp-server :mismatch not > ok?(CONFIGS) > > > > > > It looks like the c2500 image you have is a > > relocatable image, and the 4000 doesn't support > > relocatable images. A relocatable image is one > that > > can be a different file # on flash. A > > non-relocatable > > image has to be file 1. The 4500 is newer then the > > 4000 so may support relocatable images; this may > be > > a > > bootloader/bootrom version issue as well. > cisco.com > > will have the info though. > > > > I know when you do a copy tftp on cisco, Pumpkin > > TFTP > > server reports 2-3 aborted transfers before the > full > > tftp download. This may mean that IOS is checking > > the > > image name or just grabbing the first few bytes of > > the > > file to look at the headers,
Re: Cisco 4000 error message..
Looks like the image on flash went corrupt, or the flash simm did. Try setting it up for a TFTP boot. If you can get it to boot off TFTP erase the flash and squeeze it and try putting a new image on the flash. --- "Stull, Cory" <[EMAIL PROTECTED]> wrote: > Has anyone seen this below error message? My Cisco > 4000 was working fine > for a long time and then all of a sudden failed... > no changes have been made > it...I've been researching it on Cisco but can't > find any good info.. > I'm thinking maybe my flash is bad?I already > tried loading a new image > (erased flash) and that didn't help. > > thanks for your help.. > Cory > > > Error : compressed image checksum is incorrect > 0x30EAA646 > > Expected a checksum of 0x30EA3646 > > > > Exception: Software forced crash at 0x1211e (PC) > > > > System Bootstrap, Version 4.6(4), SOFTWARE > > Copyright (c) 1986-1993 by cisco Systems > > 4000 processor with 16384 Kbytes of memory > > > > Unknown or ambiguous service arg - > udp-small-servers > > Unknown or ambiguous service arg - > tcp-small-servers > > Bad interface specification > > No interface specified - IP address > > Bad interface specification > > No interface specified - IP address > > Bad interface specification > > No interface specified - IP address > > Bad interface specification > > No interface specified - IP address > > Bad interface specification > > No interface specified - IP address > > Bad interface specification > > No interface specified - IP address > > Illegal IP keyword - classless > > Booting c4000-j-mz.112-24.bin from flash memory > > RRR] > > F3: 8852+3701831+165008 at 0x12000 > > > > Error : compressed image checksum is incorrect > 0x30EAA646 > > Expected a checksum of 0x30EA3646 > > > > Exception: Software forced crash at 0x1211e (PC) > > > > System Bootstrap, Version 4.6(4), SOFTWARE > > Copyright (c) 1986-1993 by cisco Systems > > > > Cory R. Stull > > MCSE, CCNP, CCDP, BNCS > > Communications Concepts Unlimited > > 262-814-7214 > > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How many VLAN's on a switch
Well, you have port-based VLANs and protocol-based VLANs. A switch/bridge builds a MAC address table (CAM) and association MAC address's with a port. So, within the switch arch. they extend these tables for VLAN membership(s). Lets say ports 1-5 are in VLAN 1 and 6-12 are in VLAN 2. So any MAC address in ports 1-5 are in VLAN 1 and 6-12 in VLAN 2. Similar thing for protocol-based but they need to look at more information to determine which MAC address is in which VLAN(s). Within the switch, they have internal index #s / id #s to tell difference between VLANs. Usually these indexes are not configurable by the user - but on some switches you can change the index #. Thats it basically. Some switches have extended VLAN features (mostly propiertary). If you want to know how 802.1q and ISL do it there are plenty of web sites that explain it. Check the archives and search on google.com. --- Santosh Koshy <[EMAIL PROTECTED]> wrote: > How are vlans uniquely identified then; if the > switch itself supports only > 1024 MAC addresses. > Can u point me to some white paper or tutorial as to > how this works... > > Thanx, > Santosh > > ""Brant Stevens"" <[EMAIL PROTECTED]> wrote in > message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I believe the limit is 4096 when using 802.1q... > > > > Brant I. Stevens > > Internetwork Solutions Engineer > > Thrupoint, Inc. > > 545 Fifth Avenue, 14th Floor > > New York, NY. 10017 > > 646-562-6540 > > > > -Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Z > > Sent: Sunday, February 18, 2001 11:08 PM > > To: Santosh Koshy; [EMAIL PROTECTED] > > Subject: Re: How many VLAN's on a switch > > > > > > You got it...1024 VLANs allowed...God forbid you > ever have to handle a > > network that has that many of them though. ;o) > > > > > > > This has been an Eyez Only streaming e-mail > broadcast...We are watching. > > > > ~ NetEyez ~ CCNP, CCDA > > > > - Original Message - > > From: Santosh Koshy <[EMAIL PROTECTED]> > > Newsgroups: groupstudy.cisco > > To: <[EMAIL PROTECTED]> > > Sent: Sunday, February 18, 2001 10:31 PM > > Subject: How many VLAN's on a switch > > > > > > > VLAN 1 will be the first MAC address in the > switch's supervisor module's > > > range of 1024 MAC aaddressess. VLAN 2 will be > the second MAC address. > VLAN > > 3 > > > will be the third MAC address and so on and so > forth. > > > > > > From the above statement, am I correct in > deducing that one can create > > only > > > 1024 VLANS on a switch > > > > > > Thanx, > > > Santosh Koshy __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HDLC
PPP uses magic numbers to detect loops. You'll see warnings about receiving your magic #, etc if it detects a loop. The magic number is a optional feature though and every vendor doesn't use it or have it enabled by default. If using BayRS's 'Wellfleet Standard' which is their implementation of HDLC - IP will come up if the circuit/line is looped somewhere. Setting it to HDLC on Cisco or Bay is a good test for pointing problem to carrier when they've tested the line and swear its ok and tests clean. It's also a good way to make sure the cables between the router interface and the CSU/DSU config are good. To prove it's not your equipment you unplug the circuit from the CSU/DSU and IP will go down if your local equipment is functioning/configured fine. Also, HDLC is less picky then PPP usually. Changing the encaps to HDLC may be useful in troubleshooting either a PPP configuration problem or line/circuit issue. If IP comes up and you can ping other end then you have connectivity to the other site - but how good? :) Time to look at the interface stats to see what errors your getting. --- "Howard C. Berkowitz" <[EMAIL PROTECTED]> wrote: > > I wasn't aware of that! Thanks. > > But isn't loop detection also a PPP option? > > At 10:16 PM 2/19/2001 -0500, Marty Adkins wrote: > >"Howard C. Berkowitz" wrote: > > > > > > HDLC really doesn't offer any advantages over > PPP, so it really > > > reflects someone who doesn't want to do minimum > reconfiguration of > > > their Ciscos to worry about using PPP for > multivendor compatibility. > > > > >Well, one small advantage is that Cisco's > proprietary HDLC keepalive > >will report a loop condition on the layer 1. And > it will also, by > >default, treat a looped interface as "line protocol > up", which is > >great for testing, using just the router. __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dialer NAT backup dilemma
Here ya go... adjust as necessary. There are similar examples on cisco.com. ip nat pool backup 10.10.10.6 10.10.10.6 netmask 255.255.255.0 ip nat pool primary 2.2.2.10 2.2.2.20 netmask 255.255.255.0 ip nat inside source route-map backup pool backup ip nat inside source route-map primary pool primary access-list 1 permit any dialer-list 1 protocol ip permit route-map backup permit 10 match ip address 1 match interface BRI1/0 route-map primary permit 10 match ip address 1 match interface Serial0/1 --- "Stull, Cory" <[EMAIL PROTECTED]> wrote: > Kevin, > > I just got in a hurry so I'll give a quick short > answer You should be > able to do pat using the interface.. Define both > the dialer interface and > the dsl interface as outside interfaces and the > local area network interface > as inside.. Setup the nat command to use the > interface so that whenever it > goes out the dsl interface it will be PATted to that > IP and whenever it goes > out the dialer interface it will be PATted to that > IP address.. > > I've never tried this but in theory it should > work... Let me know if > not... > > Thanks > Cory > > > -Original Message- > From: Kevin L. Kultgen [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, February 20, 2001 2:34 PM > To: [EMAIL PROTECTED] > Subject: Dialer NAT backup dilemma > > > I have scoured all the books I have and CCO for an > answer but keep coming up > dry. So I hope someone has an answer. It's not an > ovely complex scenario, > and I would think that someone else has tripped > across it before. > > I have a client that requires 24x7 Internet Access. > The have a DSL Modem > plugged into a 2611 (Eth 0/0) and a BRI NT1 WIC for > backup. I can get it > all to work, in terms of floating static routes and > connectivity, but the > catch is that they use a private address space and > require the use of NAT. > NAT doesn't appear to fail over. Actually it does > but it continues to use > the address of the Ethernet 0/0 interface, (Same for > a Tunnel interface that > they have). Is there a way to set NAT up so that > the address will change to > the new address assigned to the Dialer Interface? > Maybe same for the > Tunnel. I was thinking that a Loopback interface > may be required but keep > failing to see the appropriate usage... > > Any ideas? Like I said, it's not hugely complex and > I'm sure that other > people have tripped across it, but I don't see it > documented anywhere. > > -- > Kevin L. Kultgen __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dialer NAT backup dilemma
That works for me... --- "Kevin L. Kultgen" <[EMAIL PROTECTED]> wrote: > Thanx, I'll let ya know if it doesn't work. No news > is good news. > > Kevin L. Kultgen > > - Original Message - > From: ""Erick B."" <[EMAIL PROTECTED]> > Newsgroups: groupstudy.cisco > Sent: Tuesday, February 20, 2001 3:42 PM > Subject: RE: Dialer NAT backup dilemma > > > > Here ya go... adjust as necessary. There are > similar > > examples on cisco.com. > > > > ip nat pool backup 10.10.10.6 10.10.10.6 netmask > > 255.255.255.0 > > ip nat pool primary 2.2.2.10 2.2.2.20 netmask > > 255.255.255.0 > > ip nat inside source route-map backup pool backup > > ip nat inside source route-map primary pool > primary > > > > access-list 1 permit any > > > > dialer-list 1 protocol ip permit > > > > route-map backup permit 10 > > match ip address 1 > > match interface BRI1/0 > > > > route-map primary permit 10 > > match ip address 1 > > match interface Serial0/1 > > > > --- "Stull, Cory" <[EMAIL PROTECTED]> wrote: > > > Kevin, > > > > > > I just got in a hurry so I'll give a quick short > > > answer You should be > > > able to do pat using the interface.. Define > both > > > the dialer interface and > > > the dsl interface as outside interfaces and the > > > local area network interface > > > as inside.. Setup the nat command to use the > > > interface so that whenever it > > > goes out the dsl interface it will be PATted to > that > > > IP and whenever it goes > > > out the dialer interface it will be PATted to > that > > > IP address.. > > > > > > I've never tried this but in theory it should > > > work... Let me know if > > > not... > > > > > > Thanks > > > Cory > > > > > > > > > -Original Message- > > > From: Kevin L. Kultgen > [mailto:[EMAIL PROTECTED]] > > > Sent: Tuesday, February 20, 2001 2:34 PM > > > To: [EMAIL PROTECTED] > > > Subject: Dialer NAT backup dilemma > > > > > > > > > I have scoured all the books I have and CCO for > an > > > answer but keep coming up > > > dry. So I hope someone has an answer. It's not > an > > > ovely complex scenario, > > > and I would think that someone else has tripped > > > across it before. > > > > > > I have a client that requires 24x7 Internet > Access. > > > The have a DSL Modem > > > plugged into a 2611 (Eth 0/0) and a BRI NT1 WIC > for > > > backup. I can get it > > > all to work, in terms of floating static routes > and > > > connectivity, but the > > > catch is that they use a private address space > and > > > require the use of NAT. > > > NAT doesn't appear to fail over. Actually it > does > > > but it continues to use > > > the address of the Ethernet 0/0 interface, (Same > for > > > a Tunnel interface that > > > they have). Is there a way to set NAT up so > that > > > the address will change to > > > the new address assigned to the Dialer > Interface? > > > Maybe same for the > > > Tunnel. I was thinking that a Loopback > interface > > > may be required but keep > > > failing to see the appropriate usage... > > > > > > Any ideas? Like I said, it's not hugely complex > and > > > I'm sure that other > > > people have tripped across it, but I don't see > it > > > documented anywhere. > > > > > > -- > > > Kevin L. Kultgen __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: tcpdump
I'm not familiar with tcpdump output to well, what are these IP address's for (router, pc, etc) 212.137.64.1 , 212.137.46.9 , 146.135.27.10 Can you provide a sanitized config along with a copy of 'show ip route' and description of topology? It could be a ip classless or classful issue perhaps or that device just might not a valid route. --- Dennis Ighomereho <[EMAIL PROTECTED]> wrote: > hi,Can someone explain this to me.Will appreciate > this.Why is the response > failing.There is a default route out. > > cheers, > Dennis > > 02:09:54.217832 146.135.27.10.25092 > > 212.137.46.9.: S > 1975235817:1975235817 > (0) win 65535 45636507[|tcp]> > 02:09:54.218416 212.137.46.9. > > 146.135.27.10.25092: S > 1377685018:1377685018 > (0) ack 1975235818 win 10136 1290050 45636507,nop,[|tcp]> > (DF > ) > 02:09:54.218624 212.137.64.1 > 212.137.46.9: icmp: > host 146.135.27.10 > unreachabl > e > 02:09:57.798453 146.135.27.10.25924 > > 212.137.46.9.: S > 1967920814:1967920814 > (0) win 65535 45636865[|tcp]> > 02:09:57.798898 212.137.46.9. > > 146.135.27.10.25924: S > 3590197277:3590197277 > (0) ack 1967920815 win 10136 1290408 45636865,nop,[|tcp]> > (DF > ) > 02:09:57.799048 212.137.64.1 > 212.137.46.9: icmp: > host 146.135.27.10 > unreachabl > e > 02:10:09.213396 212.137.46.9. > > 146.135.27.10.25092: F 1:1(0) ack 1 win > 1022 > 0 (DF) > 02:10:09.213517 212.137.64.1 > 212.137.46.9: icmp: > host 146.135.27.10 > unreachable __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF config
I would say it will always go through, since null0 is always up. The route-map will perform the actions specified if the match conditions are all true. The second null0 is a second interface to match against if first one is down/unavailabe. if you had: route-map test perm 10 match interface s0 s1 set ip next-hop x.x.x.x if s0 is down, but s1 is up then the next-hop will be changed. If s1 was also down then nothing would be changed and normal routing would occur. --- Jon Kuhn <[EMAIL PROTECTED]> wrote: > Hi all, > > There's a route map for an OSPF configuration I'm > working on that has a > line: > > match interface Null0 Null0 > > Does this mean match any interface or no interface? > I can't get any > information from cisco. > > Thanks! > Jon > > > > > > > > __ > Jon Kuhn > IGNYTE Technology, Inc. > 3226 scott boulevard > santa clara, california 95054 > phone 408.350.2600 ext. 335 > fax 408.350.2601 > [EMAIL PROTECTED] > www.ignyte.com > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: where can I download free TFTP server?
Windows: www.klever.net/kin (look for PumpKIN) Also, Cisco and 3Com have free TFTP servers. Linux: You need to enable the TFTP service. Depending on the distro you have it may be there or not. You can download a tftp daemon too. --- "Sim, CT (Chee Tong)" <[EMAIL PROTECTED]> wrote: > Hi..Dear all, just a short question where can I > download the free TFTP > server and install on Windows NT or Linux? > > Tong __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4 Ethernet Int
You can get 1 port FE NMs for 36xx series. The 3662 has 2 10/100s in the base plus 6 slots. The 2621 and 2651 have 2 10/100 ports in the base. No modules though. Or you can look at a layer 3 switch w/routing capabilities (might be cheaper). --- Jason Baker <[EMAIL PROTECTED]> wrote: > nope FE modules are not supported by the 2600 > range... > > go ahead try it. > > It is to do with the architecture of the router. > > Regards, > > Jason Baker > Network Engineer > MCSE, CCNA > > > > > Does anyone know what the smallest Cisco router I > can place 4 routable > fast > > ethernet interfaces might be? > > > > TIA __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF config
It won't achieve anything. Infact, matching against a null0 interface isn't going to gain you anything since it will always match. So, you might as well just match on other criteria and leave the 'match interface null0' out of your route-map statement. Maybe the person who did the config your trying to figure out didn't understand route maps or something and plugged in commands until it worked As far as which interfaces it will match, since null0 is up all the time - it will match on the criteria in the ACL if you have 'match ip address' and set the criteria defined if any. I can't think of a reason to use null0 for match interface offhand because it's basically the same as not having a 'match interface' in the config. Now, a 'set interface null0' makes sense. That would take the traffic that matched the ACL and route it to the null0 interface which would blackhole/kill that traffic basically. --- Stephen Skinner <[EMAIL PROTECTED]> wrote: > Hi , > Can i ask ?? > > but i thought that the null0 int was always up (i.e > loopback fashion) > so what is the point of putting the second null0 > statement??? > > Confused...(but thick enough to be happy) > > steve > > >From: "Erick B." <[EMAIL PROTECTED]> > >Reply-To: "Erick B." <[EMAIL PROTECTED]> > >To: Jon Kuhn <[EMAIL PROTECTED]>, > "'[EMAIL PROTECTED]'" > ><[EMAIL PROTECTED]> > >Subject: Re: OSPF config > >Date: Tue, 20 Feb 2001 15:43:14 -0800 (PST) > > > >I would say it will always go through, since null0 > is > >always up. The route-map will perform the actions > >specified if the match conditions are all true. The > >second null0 is a second interface to match against > if > >first one is down/unavailabe. > > > >if you had: > > > >route-map test perm 10 > > match interface s0 s1 > > set ip next-hop x.x.x.x > > > >if s0 is down, but s1 is up then the next-hop will > be > >changed. If s1 was also down then nothing would be > >changed and normal routing would occur. > > > > > >--- Jon Kuhn <[EMAIL PROTECTED]> wrote: > > > Hi all, > > > > > > There's a route map for an OSPF configuration > I'm > > > working on that has a > > > line: > > > > > > match interface Null0 Null0 > > > > > > Does this mean match any interface or no > interface? > > > I can't get any > > > information from cisco. > > > > > > Thanks! > > > Jon __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: testing dial backup...
Some suggestions. Make sure the ISDN link works first by not placing backup interface commands in the config. Just ping the remote dialer interface IP and see if it is succesful. If its not theres a config issue. Once you know the dialer connection works then place the backup interface command on one side only. If you place it on both sides then the receiving side will be in standby mode and not accept a call. --- Brian <[EMAIL PROTECTED]> wrote: > > You have to test it...no matter what. Thats > like having a "Tape > backup" system, but never actually trying to do a > restore until you *have* > to. > > > On Thu, 22 Feb 2001, Z wrote: > > > Question... Anybody know how I can test to see if > our dial backup on our = > > devices actually kicks up when the primary > interface goes down? We have = > > dialer interfaces as our backup and I want to see > if they work. I just = > > got to this place a month ago and have noticed > that in most of the = > > devices, they don't even have the backup > statements configured on the = > > primary int. Here's the kicker. I can't take the > primary down to do this = > > and I don't feel like coming in on the weekend > =3Do) I remember = > > somebody said something about creating a floating > static and pinging = > > something but I forget what was said. Is there > just an easy way to do = > > this? I would imagine there is. Thanks all, __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Advertising networks in OSPF
The 144.20.0.0 network is not on router B so won't be advertised. You can put it under the OSPF process but it isn't going to do anything with that network because it doesn't exist on that router at this time. If it did, it would announce it. If router B has a static route to 144.20.0.0 then you can do a redist static under the ospf process to redistribute the static routes on RouterB into OSPF. Look at setting up distribute-lists and set the metrics right to get proper results for what you are looking to do. --- "Deloso, Elmer G (WPNSTA Yorktown)" <[EMAIL PROTECTED]> wrote: > Hello, all. > I would like to confirm if this is correct: do you > need an to have an IP > address assigned to the same router that you want to > advertise the IP's > network out via OSPF? I noticed this with my test > routers where I need to > advertise say 144.20.0.0 which belongs to RouterA > but is not doing OSPF with > my RouterB and instead doing static routes between > them. Now Router B is > assigned the 164.x.x.x and is doing OSPF with the > ISProuter asfollows: > 144.20.0.0 > 193.x.x.x ---RouterA--STATIC--RouterB > OSPF > -ISP--OSPF/BGP-Internet > 204.x.x.x e1 e0 > e1 e0 > e0 T1's > > RouterA's E1 = 144.20.1.1, 193.x.x.x and 204.x.x.x > are both secondary, E0 = > 207.x.x.1 > RouterB's E1 = 207.x.x.2 , E0 = 164.x.x.2 > RouterISP's E0 = 164.x.x.1 > > It seems that even if I include a network 144.20.x.x > , 193.x.x.x and > 204.x.x.x in RouterB's OSPF config and even though > it shows as these > networks are being redistributed via OSPF when I do > A show ip route NETWORK, the ISP is not receiving > these networks via OSPF's > LSAs. > So it seems that RouterB cannot advertise these > networks since it does not > have any interface that belongs to these networks. > And I guess configuring > loopbacks to "represent" these 3 networks is out of > the question? > The reason this is set up this way is just a > temporary 'TEST' if we can get > this design to work. Eventually RouterA will be > replaced by a firewall which > of course does not speak OSPF. > I could not find any OSPF "rule" on what it can > originate in its > advertisements in my ACRC, BSCN or Hutnik's books, > unless I got it all wrong > from the beginning. > Thanks for all responses. __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Squeeze not working in 12.0
I don't have the link handy, but there are different flash types on Cisco routers. Some don't allow you to squeeze the flash to regain space, others do. I'll see if I can find the link (I had it bookmarked on my work PC). I also question why you can delete if you can't squeeze, but did find a useful reason for it. If you copy your config to flash for backup and make changes to it later and want to keep same name without erasing flash its useful. The only drawback to this is when you do a show flash you have the one filename listed as many times as you saved it to flash. All of them have deleted next to them except for one. So... eventually you'll need to TFTP the files on flash to elsewhere, erase the flash and TFTP the files back down to clean it up. If your flash is big enough, you could also download a new image and delete old one. This way you don't have to use boot system commands to tell router which to boot off of. --- Richard Gallagher <[EMAIL PROTECTED]> wrote: > Don't ask me either, I have no idea why they did > this. I have wondered for some > time!!! > > Yes it's OK to erase the flash whilst the router is > running, just don't reload > it - or bang bye bye network!! > > Rich > > On Feb 22, 5:12pm, John Neiberger chatted about: > > Subject:Re: Squeeze not working in 12.0 > > Well, that makes perfect sense! heh heh I > won't even bother asking > > why they implemented the delete command if it > doesn't really do > > anything. > > > > Since the 2611 IOS runs from RAM, I'd be okay > deleting the entire > > flash, right? Geez, I hate doing stuff like that > on a production > > router. :-) But, that's never really stopped > me. > > > > >>> "Richard Gallagher" <[EMAIL PROTECTED]> > 2/22/01 9:05:24 AM >>> > > This command only works on the higher end > paltforms - 7200, 7500 > > etc... > > > > Although the delete command is present there is no > way to squeeze the > > flash. So > > to free up some room you are going to have to > erase the flash and start > > from > > scratch. > > > > Rich > > > > On Feb 22, 5:03pm, John Neiberger chatted about: > > > Subject:Squeeze not working in 12.0 > > > I just now deleted one of two IOS files on a > 2611 running 12.0(5). > > When > > > I tried to "squeeze" the file system, the CLI > did not recognize the > > > squeeze command. I tried to undelete that file > and again, it did > > not > > > recognize the command. So, I have a file that > is marked as deleted > > and > > > can't do anything with it. > > > > > > I checked CCO and the docs there say that both > squeeze and undelete > > > should be available in 12.0. > > > > > > Am I missing something obvious here? I need to > free up some room on > > > that file system so that I can do an upgrade. > > > > > > Any ideas? > > > > > > Thanks, > > > John > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations > to > > [EMAIL PROTECTED] > > >-- End of waffle from John Neiberger > > > > > > > > -- > > > > *** Please copy your emails to > [EMAIL PROTECTED] *** > > > > > #---# > > #.. ..| Richard Gallagher | > Office:+32 2 704 5000 > > # > > #|| ||| Euro-CATS | > Direct:+32 2 704 5421 > > # > > #|| ||| Cisco Systems Belgium | Fax: > +32 2 704 6000 > > # > > # | Pegasus Park | > email: [EMAIL PROTECTED] > > # > > #.:||:.:||:.| De Kleetlaan, 6A | > > # > > # Cisco Systems | BE 1831 Diegem| > http://www.cisco.com/tac > > # > > > #---# > > "Normal people believe that if it ain't broke, > don't fix it. > > Engineers > > believe that if it ain't broke, it doesn't have > enough features > > yet." > > > > Check out this link: > http://www.cisco.com/warp/customer/63/ > > > >-- End of waffle from John Neiberger > > > > -- > > *** Please copy your emails to > [EMAIL PROTECTED] *** > > #---# > #.. ..| Richard Gallagher | > Office:+32 2 704 5000 # > #|| ||| Euro-CATS | > Direct:+32 2 704 5421 # > #|| ||| Cisco Systems Belgium | Fax: > +32 2 704 6000 # > # | Pegasus Park | email: > [EMAIL PROTECTED] # > #.:||:.:||:.| De Kleetlaan, 6A | ># > # Cisco Systems | BE 1831 Diegem| > http://www.cisco.com/tac # > #---# > "Normal people believe that if it ain't broke, > don't fix it. Engineers > believe that if it ain't broke, it doesn't have > enough features yet." > > Check out this link: > http://www.cisco.com/warp/c
Re: IBM ATM Switches
The LightStream is Cisco's ATM Switch and good. It's pricy though and may be hard to find. IBM. I'm familiar with the MSS products (don't know part # but it is 82xx.. may be 8285). The MSS were OEM'd from Xylan. IBM OEM'd some of their switches to. The MSS has a very cryptic configuration. The Cat 5000 ATM module is for LANE. Not switching. You might be able to pick up some older FORE gear for ATM switching at a decent price. FORE was known for ATM and still is. You can also get ATM modules for each router and do back-to-back ATM. This is limited though for scenarios. --- Albert Lu <[EMAIL PROTECTED]> wrote: > Hi, > > Does anyone know about the IBM ATM switches. > Specifically the 8285 ATM > switches, I believe are the lower end ATM switches. > > Is this sufficient for an ATM switch for a home lab? > > I'm not too familiar with ATM product range. I > believe there is an ATM > module for the Catalyst 5000, so does that make it > an ATM switch? What about > the Cisco LightStream products, are they no a switch > as well? > > Is setting up ATM in a home lab a matter of getting > the right module for the > router, and hooking it up to the switch? > > Thanks > > Albert __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Client question
This feature was introduced in 12.1(3)T. 12.1.6 mainline does not include T features. The 12.1.x mainline features were stopped at 12.0(7)T basically. --- Chad Humphries <[EMAIL PROTECTED]> wrote: > I know that newer releases of the IOS allow a cisco > router to act as a DHCP > client and get it's IP address dynamically. Usually > "ip address negotiate" > is used on WAN links but can't be configured on a > LAN interface. Now the > newer versions allow the router to get it's IP > address from a DHCP server. > This now allows all of the cable and DSL users to > use newer Cisco routers > with these dynamic IP connections. I have seen a > 2621 router work fine with > this setup and get an IP address just fine > dynamically. However, even with > the latest code on a 4000M 12.1(6) that functiond > doesn't seem to be > available. Am I missing something here? > > Thanks, > > Chad Humphries __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Managed or "smart" Hub
That describes a bridge or switch. A switch is basically a multi-port bridge with advanced features. A bridge just tracks port to MAC address; same for basic switches. Advanced switches with layer 3/4 functions may track port #s as well. A managed or smart hub lets you assign a network address (IP, IPX, etc) to the network management portion of the hub. This is a seperate function of the hub and is basically another device on the network. This allows you to telnet to the hub and check stats, RMON information, etc. --- "C.M. Weaver" <[EMAIL PROTECTED]> wrote: > Am I correct in stating that a managed or "smart" > hub maintains MAC address > tables along with port number information to forward > packets to the > appropriate destination? > > C.M. __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FW: Dialer Watch
You can do a show dialer to see whats bringing up the line. You can also use 'debug dialer' and the debugs will show you when it dials. Turn off debugs when done. --- Nonnweiler Daniel <[EMAIL PROTECTED]> wrote: > > > -Original Message- > From: Nonnweiler Daniel [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 26, 2001 12:10 > To: McCallum, Robert > Subject: RE: Dialer Watch > > > Hi Robert, > Thanks for replying. But maybe I am out to lunch > here. If i dont specify > interesting traffic, what couses the dialer to dial > out? > I have attached the config file to explain. If you > can spare some time to > have a look at it, that would be great. > > The 3 routers are connected each one via a serial > link to the central > Router. Router2 should never dial out. No LAN needs > to be reachable on > Central router. > > > Thanks > Daniel > > > > -Original Message- > From: McCallum, Robert > [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 26, 2001 11:34 > To: 'Nonnweiler Daniel'; [EMAIL PROTECTED] > Subject: RE: Dialer Watch > > > When using dialer watch you should still configure > your isdn line as normal. > If you do not specify interesting traffic then the > isdn line wont come up. > > -Original Message- > From: Nonnweiler Daniel [mailto:[EMAIL PROTECTED]] > Sent: 25 February 2001 11:04 > To: [EMAIL PROTECTED] > Subject: Dialer Watch > > > Hi all, > > When using dialer watch is it normal, that the ISDN > line will be up all the > time or can I configure it in a way, that it will > only open calls when > interesting packets are seen. > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > ! > version 12.0 > service timestamps debug datetime localtime > service timestamps log datetime localtime > service password-encryption > ! > hostname Central > ! > enable password 7 xxx > ! > ! > ip subnet-zero > no ip domain-lookup > ! > ! > process-max-time 200 > ! > interface Ethernet0/0 > ip address 172.30.12.254 255.255.255.248 > no ip directed-broadcast > no shutdown > ! > interface Serial0/0 > description connected to Router1 > ip address 10.0.1.2 255.255.255.252 > no ip directed-broadcast > encapsulation ppp > no shutdown > ! > interface Serial0/1 > description connected to Router3 > ip address 10.0.1.6 255.255.255.252 > no ip directed-broadcast > encapsulation ppp > no shutdown > ! > interface Serial0/2 > description connected to Router2 > ip address 10.0.1.10 255.255.255.252 > no ip directed-broadcast > encapsulation ppp > no shutdown > ! > router eigrp 777 > network 10.0.0.0 > network 172.30.12.0 > no auto-summary > ! > ip classless > no ip http server > ! > ! > line con 0 > exec-timeout 0 0 > password 7 x > login > transport input none > line aux 0 > line vty 0 4 > password 7 > login > ! > end > ! > service timestamps debug datetime localtime > service timestamps log datetime localtime > service password-encryption > ! > hostname Router3 > ! > enable password 7 xx > ! > username Router1 password 7 x > username Router2 password 7 x > ! > ! > ! > ! > ip subnet-zero > no ip domain-lookup > ! > isdn switch-type basic-net3 > ! > ! > process-max-time 200 > ! > interface loopback9 > ip address 10.0.1.17 255.255.255.252 > no ip directed-broadcast > no shutdown > ! > interface Ethernet0/0 > description connected to EthernetLAN_1 > ip address 200.61.201.190 255.255.255.0 > no ip directed-broadcast > no shutdown > ! > interface Serial0/0 > description connected to Central > ip address 10.0.1.5 255.255.255.252 > no ip directed-broadcast > encapsulation ppp > no ip mroute-cache > no fair-queue > no shutdown > ! > interface BRI0/0 > description connected to Router2 Router3 > ip address 10.0.1.35 255.255.255.248 > ip directed-broadcast > encapsulation ppp > dialer idle-timeout 30 > dialer map ip 10.0.1.12 name Router2 broadcast 286 > dialer map ip 10.0.1.34 name Router2 broadcast 286 > dialer map ip 10.0.1.20 name Router1 broadcast 284 > dialer map ip 10.0.1.33 name Router1 broadcast 284 > dialer watch-group 1 > dialer-group 1 > isdn switch-type basic-net3 > isdn send-alerting > ppp authentication chap > no shutdown > ! > ! > router eigrp 777 > network 10.0.0.0 > network 200.61.201.0 > no auto-summary > ! > ip classless > no ip http server > ! > access-list 101 deny eigrp any any > access-list 101 permit ip any any > dialer watch-list 1 ip 10.0.1.12 255.255.255.252 > dialer watch-list 1 ip 10.0.1.20 255.255.255.252 > dialer-list 1 protocol ip list 101 > ! > line con 0 > exec-timeout 0 0 > password 7 > login > transport input none > line aux 0 > line vty 0 4 > password 7 > login > ! > end > > ! > service timestamps debug datetime localtime > service timestamps log datetime localtime > service password-
RE: Dial-Up Experts...
I did that way back when. Vic-20 to Atari as well. I have a c64 and amiga 500 still, as well as a Commodore datasette in the original target box with price tag intact. --- Mel Chandler PMI <[EMAIL PROTECTED]> wrote: > OMG, but I'd really be impressed if you connected a > VIC-20 up to a TRS-80. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Sunday, February 25, 2001 10:01 AM > To: Circusnuts > Cc: [EMAIL PROTECTED] > Subject: RE: Dial-Up Experts... > > > I've done this with two modems and two computers... > not trying to show my > age but I connected a Kaypro 2X and a Commodore 128 > through their respective > modems at 300 baud ;-) Pretty big feat back then... > > Tim > > > -Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > > Circusnuts > > Sent: Sunday, February 25, 2001 3:50 PM > > To: [EMAIL PROTECTED] > > Subject: Dial-Up Experts... > > > > > > Hey All- is there a way to simulate dial-up > without going through the = > > Telco (i.e. point to point, using no dial tone). > I'm practicing CCIE = > > labs & have a few with dial scenario. I wondered > it I could do a call = > > back without tying up two phone lines, say a modem > off of my 2509 = > > connected to another modem @ Aux of another > router. > > > > Any advice would be greatly appreciated... > > > > Thanks > > Phil __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Flashing a 2600 series by modem
Do a 'show version'. The 2500 flash runs in read-only mode unless you have enough DRAM and a compressed image. At the bottom of the 'show version' output it will say of flash is read-only or read/write. The 2600 is read-write and shouldn't be giiving you read-only. --- Ron Stark <[EMAIL PROTECTED]> wrote: > Christopher, This is a remote session to a WAN > router in Boston. This session is > without PPP, the error I'm getting is "%opening > xmodem, read only file system." > > Christopher Larson <[EMAIL PROTECTED]> on > 02/26/2001 12:18:21 PM > > To: Ron Stark/SanDiego/Cymer@Cymer, > [EMAIL PROTECTED] > cc: > Subject: RE: Flashing a 2600 series by modem > > > > Is the remote negotiating a ppp session or is it a > straight serial > connection? If you are dialing in directly w/o ppp > then you will most likely > want to do a reload and a break to get into rommon > and then issue the > command xmodem (or whatever it is) and upload the > new IOS. If you go this > route, change the speed of the console or aux port > first so you are not > uploading an entire image across a 9600 baud port. > This will of course take > much longer then a tftp upload, and there will be > more downtime. > > -Original Message- > From: Ron Stark [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 26, 2001 1:49 PM > To: [EMAIL PROTECTED] > Subject: Flashing a 2600 series by modem > > > Hey gang, > > I'm having trouble flashing a 2620 through a modem > connection, any help > would be > appreciated. > > Ron __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: juniper and cisco
I've been reading this thread and have been resisting to reply but am now. This thread comes up every now and then. The bottom line is all vendors have their issues and software problems. No single vendor is perfect. It's like a catchup game in a way. Someone comes out with something first then the competitor comes out with something slightly better. In this case, Juniper m160 can have 8 OC-192 cards and Cisco 120xx can have 9. Cisco beat them by and also has more bandwidth across the backplane. Until someone else comes out with a better product. Cycle repeats... and repeats. I haven't looked at the dimensions of the Cisco 120xxx series closely but you can fit 2 M160s in a rack which gives you 16 OC-192s per rack. I'm not sure if 2 Cisco 120xx's can fit in one rack offhand. Port density per rack is why Juniper is getting customers as well. Personally, I work for a multi-vendor shop and hold stock in both companies and am not bias to any vendor. More comments inline... --- Net Bum <[EMAIL PROTECTED]> wrote: > Roger (I am assuming the same Roger from Securabyte > Group), > > >I've seen many tests as where the Juniper routers > experience a lot of > >packet > >loss and a decrease in performance and reliability > when the node is fully > >configured with a complete set of cards. This is same for other vendors including the ones discussed in this thread. It all depends on the router model, architecture, etc. Each box has it's limits. Typically, the specs will say you can put x cards in a chassis and typically if you fully load the chassis and push the full bandwidth that each interface can handle then you are exceeding the bandwidth of the backplane. In most situations (non core) customers don't push full loads across all interfaces constantly. Example. Let's say you have a module with 4 sync interfaces on it. Each interface can handle 2meg but the entire module can handle 6meg total. 2*4 = 8meg. So, you can put 3 interfaces at full speed or 2 at 2meg and 2 at 1 meg. > Each time a card is removed or > >added, there is downtime with traffic interruptions > with the Juniper router trying to "catch up" with > the changes. That happens with equipment from every vendor. If you pull a card out, it's going to cause your routing tables to re-converge and will effect connectivity throughout the network for a moment or two depending on the size of the network. The effects vary from product to product and depend on what protocols are running. Also depends on the software... some software gets flaky if you hot swap cards and don't recover pretty which can lead to problems later at unknown times. > Do you have a URL to these tests? Or is this again, > is this "what Cisco > says?" > > > If you talk with the Engineers at > >Juniper, they will tell you that scalability is > their biggest problem with > >their M series routers. You can run with a few, > but they won't scale and > >you're not able to run a huge network with them > without running into major > >problems. > > That sounds fishyWhy would Juniper Engineers say > that their products > won't scale? Sounds more like something a > competitor would say. > > >It's very much true that Juniper owns 30% of the > Enterprise market share >and > > You a little behind here. That was the Dell'Oro > Group's estimates for third quarter of last year. > Their latest estimates say it's 34% of the Core > (NOT Enterprise). > > http://www.thestreet.com/_yahoo/tech/telecom/1314412.html > > >I know tons of loyal Cisco > >powered ISPs were waiting for this breakthrough as > well. > > Tons? Which ISPs are you refering to? I tend to > follow Howard B.'s belief > that most ISPs (in the core) use more than one > vendor. I talked to an > install engineer at uunet two weeks ago when I > brought up a T1 for a remote > office. I had a Cisco 2600 series on my side and I > asked him what he had on > his side. He said (as if I wouldn't know :-), "A > big router, it's a Cisco > 12000 series." Then I asked him, "Do you use any > Juniper stuff?" He said, > "Yes, we use them in our core. They are behind the > 12000's." > > >But I have to admit, Juniper does make some good > stuff too (Lots of > >ex-Cisco employees migrated over to Juniper to work > there). > The most important asset to a technology company is > their intellectual > assets. If their top employees (guys who wrote the > BGP, OSPF, MPLS, ISIS, > etc. code) leave, they won't be able to replace > them. > > >But I'm partial to Cisco and their equipment > > I can understand that. Many people on this list > have vested interest in > Cisco (both hardware and intellectual). It would be > terrible if our Cisco > skills were no longer marketablebut I don't > think this will ever happen. > Cisco still dominates the Enterprise. Knowing how > to configure Cisco > products will land you a nice paying job. Knowing > Juniper products will > land you a nicer paying job. Knowing both Ci
Re: icmp weirdness
David, A normal ping is being sourced from 132.158.132.252 to 10.43.3.230. You need to do a extended ping specifying 10.43.0.1 as the source. Type 'ping' then enter and enter the target address then enter for the following questions to take defaults. On the extended commands question answer Yes. The next question is the source address. Enter 10.43.0.1 and take the defaults for the rest. The ping should work. What is the default gateway on this 10.43.3.230 PC? If their default gateway is 10.43.0.1 it should work but if it's not and the PC has a static route for the 10.43.0.x with next hop of 10.43.0.1 then the ping response (echo-reply) is being sent to the default gateway address that PC has set. This is because it doesn't know how to get back to the 132.158.132.x network the ping (echo) came from. If you have the user at the PC do a traceroute (tracert on windows) to 132.158.132.152 what is first IP address returned? That is the first router it hits. The issue with secondary address's is that traffic generated from the router usually uses the primary IP address on the interfaces unless told not to. Routing protocols can have issues with secondarys. You should only use secondary address's for a short time while changes are being made if needed for the above reasons. If the 10.43.0.x network is the main network at this location now then make that the primary address on the interface and the other address with less users the secondary until they get their IP address changed. HTH, Erick --- David Cooper <[EMAIL PROTECTED]> wrote: > Hey folks, > > I've got an issue at work I'd like to run by you. I > sent a request to > cisco's forum but have yet to hear an answer from > anyone. We have a Cisco > 2610 router in Ireland. This router has 1 Ethernet > connected to a local > segment and s0 point-to-point frame relay going to > chicago, Ill (sub > interface). Heres the details on the Ireland > router: > > Ethernet segment: e0's primary address is > 132.158.132.252/24 (some hosts > refuse to change addresses). e0's secondary is > 10.43.0.1/16. > Serial 0/0.1 is 10.126.43.2/24. All advertised by > Eigrp. > > > Chicago's router is: > > Ethernet segment is varibly subnetted 10.4.0.0/16. > Serial 0/0.13 is 10.126.43.1/24. Once again, Eigrp > is the routing protocol. > > There is a host on Ireland's lan with address > 10.43.3.230/16. > > If I log into Ireland's router and issue ping > 10.43.3.230, nothing happens. > It just times out. If I log into Chicago's router > and ping the same host, it > replies fine. If I ping it from a host behind > Chicago's router, it replies as > well. If another host on 10.43.0.0/16 pings that > host it replies fine. I > can ping any of 3.230's neighbors no problem. Its > just that Ireland's router > wont ping it at all. show ip route verifies a route > as directly connected. > > Has anyone heard of this? A bug? I can't verify all > the way down because I > don't have physical access to Ireland's lan (thank > god) to put a sniffer up. > > > We are trying to use this host for a second default > route to a vpn box incase > the frame relay ever fails (and it does... often). > > Sorry to drag this on. > > Thanks in advance. > Dave Cooper, CCNA > Littelfuse, Inc. __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to stash more than 100 ACLs in a router
On the higher-end routers you can compile the ACLs and they get processed a little bit quicker. The feature is called Turbo ACLs. I haven't had a oppurtunity to be around a higher-end router long enough to really test them to see how much of a difference it makes. --- "Howard C. Berkowitz" <[EMAIL PROTECTED]> wrote: > >You need to limit your ACLs because the more ACLs > your CPU usage will go up. > > > No, the total number of ACLs affects memory but not > CPU. > > The number of lines in each ACL affects CPU. > > Depending on platform and switching mode, adding > access-lists at ALL > is the main impact on performance and CPU. > > But saying you need to limit your ACL's because > usage will go up > doesn't make sense. If you have a legitimate need > for the functions > that the ACLs perform, and your CPU isn't fast > enough, you need to > get a router with a faster CPU. The ACLs are there > for a business > reason. The only justification for the router is to > meet business > requirements. There's no value to conserving a > resource just for the > sake of conserving it. > > >-Original Message- > >From: ciscojolof [mailto:[EMAIL PROTECTED]] > >Sent: Wednesday, February 28, 2001 9:51 AM > >To: [EMAIL PROTECTED] > >Subject: How to stash more than 100 ACLs in a > router > > > > > >Guys, > > > >I have a problem, in our network we are > rate-limiting customers but we > >cannot get more than 100 ACLs per router so once we > have over 100 customers > >we are compelled to install a second router. > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New CCIE Tracks
C'mon... get real. If one has the skillset to get a JNPR cert they are knowledgable and good most likely. Same for CCIE. Then again, it also depends on ones attitude and what they'll work on and not work on. Certifications *help* open doors but they don't necessarily get you jobs. You still have to prove you know your stuff. People who know their stuff can get jobs almost anywhere based on their skillset and history. They have a good reputation (ie: they get the job done, done right, don't feed you some BS story, etc). Whats wrong with working for a ISP? I can understand if it were some small Ma and Pa shop but if it was say Level3 would you say yuck? I don't think so. Look at the opportunitys you have at larger ISPs (new equipment, multi-vendor, always changing, etc). I would hate working in an all-Cisco shop. Thats yucky to me. No exposure to other gear. And whats so yucky about working at Juniper? Smart, sharp, intelligent, nice people there. I know - I've been there. You'll be working hard... but you do this stuff because you ENJOY it right??? or do you do it for a fat paycheck and little work? You can tell what category people fall into fairly quickly. Sorry for ranting... Erick --- Mask Of Zorro <[EMAIL PROTECTED]> wrote: > But what would you do with a Juniper cert? > > Work for an ISP? Yuck! > Work for Juniper??? YUCK! > > Doesn't exactly open up the world of opportunity > that the CCIE does... > > Z > > >From: "Gernot W. Schmied" <[EMAIL PROTECTED]> > >Reply-To: "Gernot W. Schmied" <[EMAIL PROTECTED]> > >CC: [EMAIL PROTECTED] > >Subject: Re: New CCIE Tracks > >Date: Wed, 07 Mar 2001 23:04:46 +0100 > > > >Well, the sad story is: > > > >ISP-DIAL-CCIE retired > >SNA-CCIE retired > >WAN-Switching CCIE retired > >Design-CCIE "decommissioned due to redesign" > >New SP-CCIE just myth and vaporware so far > >Security-CCIE no glimpse so far > > > >Leaves: > > > >R&S-CCIE up and running ;-) > >or maybe the nice new Juniper certifications! > > > >Regards, > >Gernot > > > >Bruce Williams wrote: > > > > > > I am anxiously waiting for the arrival of the > CCIE Service Provider > >track. > > > Has anyone heard anything at all about the > status of this track? Cisco > >Web > > > site says basically the same thing about it that > they said three months > >ago. > > > How about CCIE Design? > > > > > > Bruce Williams > > > [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: replacing bay routers
Whats wrong with the ASN's and what problem are you looking to solve? You already own the ASN's so buying another router will cost money. If you're using standard protocols then the ASN should work fine. Maybe putting more memory in it will help if it is a memory/resource issue if it isn't max'd already. --- Greg <[EMAIL PROTECTED]> wrote: > > > I've been told that we need to switch our > BayNetworks ASN routers (2) to a > Cisco equivalent. They have dual PRI's, even though > we are only using three > of them. Off of the top of my head I was thinking of > a 3640. We are a school system that needs to watch costs. > Thanks > Greg __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3COM - CISCO interoperability
Freddy, VTP is Cisco propiertary and the 3Com will not understand it. It might come up but it won't learn the VLANs. 3Com does standard 802.1q which is one spanning tree instance. I'm not sure offhand if they have their own method of doing spanning tree per VLAN like Cisco and others do. If you focus on one spanning tree instance for that link, VTP transparent mode, and use 802.1q then it should come up and be fine. Doing 'set port 1/1 nonegotiate' on the cisco side configures the cisco not to try to negotiate either the trunk or port channel features which would also be propiertary to cisco. --- freddy moreno <[EMAIL PROTECTED]> wrote: > what I did is : > configured port 1/1 on the 6506 as a trunk DOT1Q > VTP Domain test Server > > and configured the 3com port 3.1 with the DOT1Q > trunking as well. > > I was getting traffic running from the 3com but the > cisco was not receiving > until I ran the command > set port 1/1 nonegotiate > and the light turned on and everything started > working but I think I created > a spanning tree loop because other switches on my > test LAN lost > connectivity. >I am thinking either a VTP error or a VLAN > problem. >This is why I decided to post this here to see if > anyone had any > experience. > > > FMD > > > > ""freddy moreno"" <[EMAIL PROTECTED]> wrote in > message > 98m95v$a1u$[EMAIL PROTECTED]">news:98m95v$a1u$[EMAIL PROTECTED]... > > do any of you have experience connecting a 3com > Corebuilder 9000 to a > Cisco > > 6506 > > using Gig Trunking? > >any gotchas, special things that need to be > done. > > > > please let me know than you > > > > thank you very much > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3COM - CISCO interoperability
One more thing, Frank, look at seeing if these devices support IEEE 802.3ad which is a Link Aggregation standard. It's recent and I haven't checked to see if it's supported on the gear you mentioned or not. --- "Erick B." <[EMAIL PROTECTED]> wrote: > Freddy, > > VTP is Cisco propiertary and the 3Com will not > understand it. It might come up but it won't learn > the > VLANs. 3Com does standard 802.1q which is one > spanning > tree instance. I'm not sure offhand if they have > their > own method of doing spanning tree per VLAN like > Cisco > and others do. > > If you focus on one spanning tree instance for that > link, VTP transparent mode, and use 802.1q then it > should come up and be fine. > > Doing 'set port 1/1 nonegotiate' on the cisco side > configures the cisco not to try to negotiate either > the trunk or port channel features which would also > be > propiertary to cisco. > > --- freddy moreno <[EMAIL PROTECTED]> wrote: > > what I did is : > > configured port 1/1 on the 6506 as a trunk > DOT1Q > > VTP Domain test Server > > > > and configured the 3com port 3.1 with the DOT1Q > > trunking as well. > > > > I was getting traffic running from the 3com but > the > > cisco was not receiving > > until I ran the command > > set port 1/1 nonegotiate > > and the light turned on and everything started > > working but I think I created > > a spanning tree loop because other switches on my > > test LAN lost > > connectivity. > >I am thinking either a VTP error or a VLAN > > problem. > >This is why I decided to post this here to see > if > > anyone had any > > experience. > > > > > > FMD > > > > > > > > ""freddy moreno"" <[EMAIL PROTECTED]> wrote in > > message > > 98m95v$a1u$[EMAIL PROTECTED]">news:98m95v$a1u$[EMAIL PROTECTED]... > > > do any of you have experience connecting a 3com > > Corebuilder 9000 to a > > Cisco > > > 6506 > > > using Gig Trunking? > > >any gotchas, special things that need to be > > done. > > > > > > please let me know than you > > > > > > thank you very much > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations > to > > [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > __ > Do You Yahoo!? > Yahoo! Auctions - Buy the things you want at great > prices. > http://auctions.yahoo.com/ > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = - Erick B | [EMAIL PROTECTED] http://erickbe.home.dhs.org - __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load Balacing with static routing ?
Yes, 6 is the limit of max-paths allowed for most of the routing protocols in IOS last time I checked. If you're using recent 12.1T code (12.1(2)T I believe) you can use multilink-group/interface multilink to bond the serial links together into 1 circuit. The other end also has to be Cisco and have proper IOS to do same. You could also bridge and use IRB with serials. This will work with DDR but on inbound only since theres no way for a BVI to place outbound call over a ddr interface that I know of (I've tried). --- Brian <[EMAIL PROTECTED]> wrote: > The max number of routes you can balance this way is > 6 I believe?? > > Bri > > On Sun, 18 Mar 2001, Santosh Koshy wrote: > > > Yes you can load balance using static routes. Lets > take for example a router > > that has > > 1 ethernet int (1.1.1.1) --> to Local LAN > > 1 serial int (2.2.2.2) --> to WEB > > 1 serial int (3.3.3.3) --> to WEB > > > > in the above scenario if u want to load balance > across both the serial > > links, type in the following command > > ip route 1.1.1.0 255.255.255.0 2.2.2.2 > > ip route 1.1.1.0 255.255.255.0 3.3.3.3 > > > > C ya, > > Santosh > > > > > > ""norsyam ariffin"" <[EMAIL PROTECTED]> wrote > in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hi, > > > > > > Could we do a load balancing by using static > routing? > > > > > > Thanks. > > > > > > Syam __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: loopback the WIC card, how is it done?
The best way to do this is build yourself a T1 or 56 cross-over plug and set the clocking to internal. You can use loopback commands to do it as well but I prefer external plug which is a more complete test IMHO (traffic leaves the interface and comes back). Set encaps to HDLC. --- "Bullock, Jason (1125)" <[EMAIL PROTECTED]> wrote: > Hey Listers. > > I was thinking about this cool thing one of the > cisco TAC engineers did when > helping me troubleshoot a tricky network problem a > few months ago. They > looped up my serial interface on a 2600 to verify > the WIC card was working > properly, and that the attached CSU was not faulty. > They configured the WIC > interface to show up and up , even though there T1 > was down. > The problem is , I can not remember the command sets > that were run to make > this work. ! Anyone know this one? ugh. > > jason > > > -Original Message- > From: Tony van Ree > To: David A. Lauer; [EMAIL PROTECTED] > Sent: 3/19/2001 4:17 PM > Subject: RE: loopback test > > Hi, > > If you want to check your protocol stack you should > be able to ping > yourself, check you ip interfaces and/or check your > route table > (assuming IP is used). There are a number of > utilities that check > network cards. > > Teunis > Hobart, Tasmania > Australia > > > On Monday, March 19, 2001 at 07:56:26 AM, David A. > Lauer wrote: > > > > > Why would you need to? Do you have a link light > at the interface port > and > > the hub/switch? Does the interface show Interface > UP line Protocol > up? > > > > Cat 5 ethernet uses the 568B pinout for the RJ45 > connectors. You > could > > create loopback plug by cross-connecting pins 1-3 > and 2-6. > > > > > > -Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > > zd z > > Sent: Monday, March 19, 2001 4:26 AM > > To: [EMAIL PROTECTED] > > Subject: loopback test > > > > > > Is there any one knows how to do the > > loopback test on ethernet or fastethernet port ? __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to Make Frame Relay Redundant?
HSRP isn't going to provide router redundancy. Let routing protocols handle that. HSRP provides redundancy for hosts default-gateway settings. Also, you can't assign the same IP subnet to more then one interface on a router (or VLAN on switch). I agree with the other comments. Get another serial line going to another provider on another circuit, or ISDN, or 56k dial up depending on your backup needs. I have seen people backup a frame PVC with another PVC on the same physical circuit which isn't really effective. 99.9% of the time the whole frame relay circuit goes away (physical issue, frame switch mis-config, etc). --- "Bradley J. Wilson" <[EMAIL PROTECTED]> wrote: > I think the only way to make FR redundant with one > router would be to have > the PVCs going to different providers. HSRP will > only work with two routers > over a LAN. I think your best option is to stick an > ISDN BRI port in the > 3640 and use it if the FR fails (which it *will* at > some point ;-). But an > important question is: why is redundancy important > to you, and how much are > you willing to spend for it? > > BJ > > - Original Message - > From: Raul De La Garza > To: [EMAIL PROTECTED] > Sent: Monday, March 19, 2001 4:16 PM > Subject: How to Make Frame Relay Redundant? > > > Please forgive me if this topic has already been > explored. > > I am considering the purchase of a 3640 in order to > provide Internet access > to our office at 100 Mbps. I will outfit it with 2 > 10/100 2-port modules. > > I am also considering making our Frame Relay network > redundant by adding two > 1-port T1 w/CSU WICs, however, with only two FR > lines coming in how would I > make this a fault tolerant solution without having > to obtain two more FR > circuits? HSRP is definitely being considered. > Obviously, an Ethernet hub > or switch is out of the question. > > Any help you could provide would be greatly > appreciated. > > Raul De La Garza III __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BRIDGE GROUP!!????
bridge-group protocol ieee uses the 802.1d Spanning tree standard. DEC was the original and is slightly different then IEEE. Similar for IBM. Use IEEE unless your connecting to a legacy device that uses DEC or IBM and doesn't conform to the IEEE 802.1d standard. There's more on this in the archives. A great book by the creator (Radia Perlman) is Interconnections, or you can buy the IEEE 802.1d spec from IEEE. --- [EMAIL PROTECTED] wrote: > The following is based on bridge groups configured > on Bay equipment. I believe that a > bridge group is like a vlan. don't know exactly > what the all differences are aside from > the bridge groups not being significant outside of > the actual switch ( Information not > passed on from switch to switch). > > The Bridge group protocol IEEE probably refers to > the version of spanning tree running. > (It could also be IBM which is another version of > spanning tree used in source route > bridging. ) > > I don't know what your setup is but maybe check the > version of spanning tree on the IBM > switch. > > I hope this is helpful. > > Marcel Adolfo Pividal Perez wrote: > > > Hi guys, > > > > > > I have a Catalyst Switch (layer 3) and i´m > trying to conected to > > another IBM switch, from the console(catalyst) i > can ping the other side but > > from the computers connected to the switch i > can´t. When i ask for the > > running config(catalyst), he shows me in all of > the interfaces listed " > > BRIDGE GROUP 1 " in the end of each interface, and > at the end of the list " > > BRIGDE GROUP PROTOCOL IEEE" .I don´t know the > meaning of the BRIDGE GROUP > > and BRIDGE GROUP PROTOCOL IEEE and why it is > used!!!.. can anybody help me > > ? > > > > Tks!!! > > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: question about loopback interfaces
For OSPF, if no loopback address is configured OSPF uses the highest IP address on the router being used. This could be a WAN interface. You may be running OSPF only on your Ethernet interface and not this WAN interface OSPF is using for the router ID. If the WAN interface bounces, it effects OSPF and causes OSPF to re-converge. If you have a loopback interface, then OSPF will use the highest IP on a loopback as it's router ID and thus when the WAN interface bounces it's not going to effect the OSPF process. --- suaveguru <[EMAIL PROTECTED]> wrote: > if I am not wrong for some routing protocols like > ospf > it needs a always up interface like a loopback > interface . Also for BGP peering with a loopback > interface makes tcp connection more reliable > > > suaveguru > --- whitaker <[EMAIL PROTECTED]> wrote: > > Could someone explain the importance of using > > loopback interfaces? I keep > > reading that it is important when using routing > > protocols to use loopback > > interfaces. A consultant that is writing > > documentation for me suggested I > > obtain an entire class C network just for loopback > > addresses. Cisco says > > when configuring BGP that, "We recommend you use a > > loopback interface to > > guarantee reachability in networks with multiple > > paths." (from > > http://www.cisco.com/warp/public/459/23.html#3). > > > > Maybe I'm missing something totally obvious here, > > but exactly what benefit > > do I gain from using loopback addresses? I know > it > > is supposed to provide > > reliability for routing protocols, but how? __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: question-reg dialer group command
Yes, The dialer-list command specifies interesting traffic. Traffic that matches this will reset the idle timer for the dialer interface. The default idle timeout is 120 seconds. In your example below, the dialer interface will come up and work if the config is good, etc and after 120 seconds it will disconnect because there isn't a dialer-list entry to define what traffic is interesting and reset the idle timer. The dialer-list is used only to define interesting traffic to bring up a interface and keep it from idling out. You can permit all ip traffic as interesting or restrict by using an access-list. This access-list doesn't block traffic from going across the dialer interface once the interface is up -- to do that use ip access-group on the interface. I hope this clears things up. If not ask away. Erick --- BENO JACOB <[EMAIL PROTECTED]> wrote: > hi, > >we would like to introduce u all to our problem. > in cisco 3660 router when the dialer-group1 command > is specified with out dialer-list 1 protocol ip > permit, the host pc is able to ping to the bri 3/0 > interface ip address ( 192.168.150.1). is it > possible > to apply an access list without the dialer-list 1 > list access-list number using dialer -group command. __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF host routes
Change the ospf network type on the loopback to multipoint. --- Simon Hope <[EMAIL PROTECTED]> wrote: > Hi Guys / Gals > > Does anyone know of a way to make OSPF advertise the > loopback network > instead of the host route? > > ie: > > int lo0 > ip add 213.166.24.161 255.255.255.240 > > comes up in other routers routing tables as: > > O213.166.24.161/32 [110/154] via > 213.166.25.17 Serial0.3 > > when i would like it to look like: > > O213.166.24.160/28 [110 etc etc > > Apparently OSPF just treats loopbacks like this, > EIGRP doesn't, therefore > the ospf route is always more specific when setting > up lab exercises with > redistribution, so its hard to get into trouble! > > Simon > > > > > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Routing Protocols Load balancing vs. other solutions
I'm no expert here, but from my experience... Alot of this depends on the forwarding methoding/switching method (whatever x vendor calls it) of a device as well as the end station. The end stations are responsible for pieceing the packets back together in the right order (going over multiple paths you can get out of order packets). Each vendor has different ways of forwarding across equal paths. Theres per-packet, fast-switching (building a cache based on src/dest hash), CEF, etc. These have an effect how load balancing works as well. On 3Com, they have 2 options for Equal Cost. Basically, either do per-packet among the equal paths or go over one path. BayRS has 2-3 options but I haven't really played with it much to comment on how well it performs/behaves. I've worked on several networks using equal cost (OSPF mainly) and haven't seen many issues but have seen 1-2 cases where some applications didn't work well. This was heavy traffic as well. I'm not familiar with F5 or Windows NT. Now, some of those boxes do a different form of load balancing at the upper layers to balance web-server traffic among a group of servers. Hope this helps. --- Billy Monroe <[EMAIL PROTECTED]> wrote: > How effective is the load balance features of > routing protocols (for > example, OSPF equal paths load balancing) when > compared to solutions such as F5 or Windows NT load > balancing ? __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Lab - DR behaviour with loopbacks WAS: RE: question about loopback interfaces
Chuck and others, I've been following this conversation and it is a good review. Without a loopback interface, the OSPF RID (Router ID) will be the highest IP address on the router when the OSPF process becomes active. If that interface isn't stable (say the highest IP is on a WAN circuit) then when that interface bounces it will cause OSPF to re-converge. Using a loopback interface, the OSPF RID will be the highest IP on a loopback when the OSPF process starts. If you have OSPF running already and add loopback interfaces OSPF doesn't use the loopback IP address for a RID until the OSPF process is restarted, removed and added back (copy-paste), or the router is rebooted on saved cfg. So for a stable OSPF environment, using loopbacks reduces the chances of un-necessary OSPF re-convergance and updates occuring when a interface bounces. Example, if you had no loopbacks and had s1 and e1 interfaces. s1 having highest IP and was RID but s1 wasn't running OSPF - when s1 bounced for whatever reason OSPF would re-converge because the OSPF RID went down and came back up. Also, you don't need to advertise the loopback IP address into routing protocols unless you want to reach that from another device. I hope this clears things up... it's late so I hope my explanation makes sense. :) If not, hit me for the mistakes if your ever in Chicago area. Erick B. - Prepping for attempt 2. (Why am I still up at 6am?) --- Chuck Larrieu <[EMAIL PROTECTED]> wrote: > Much as I personally rant about cross posting the > two lists, I believe this > one might be worth examination from all levels. > > Recall the questions and answers about the purpose > of the loopback > interface, particularly in OSPF. Among the answers > proposed is that the > loopback, being always up, provides continuity, in > case an interface fails. > In particular, the book answer is that because the > loopback is always up, it > provides the means of reaching a router so long as > the loopback is reachable > via any interface that remains operational. I wish this lab had been a bit quicker and less > dirty. But it has provided > an interesting learning experience for me. Thought I > would pass along my > observations for those who want to ponder yet > another protocol behaviour. > > My supposition: > > - ethernet > | | | > DR BDR DR/other > | | | > (---frame relay cloud ) > > >DR ethernet hardware fails. > > > >I would venture a guess that the BDR > >would be promoted because even though there is an > alternative route to the > >DR loopback, hellos go only to adjacent routers, > and the DR is no longer > >adjacent. > > Well, I proved my point. Under this scenario, when I > unplug the DR ethernet > port, the BDR becomes the DR. > > Some router outputs are listed below. I hope this > message falls below the > reject size threshold. > > OK. The observations: > > 1) I am correct that in the case of the ethernet DR > becoming disabled, the > BDR still becomes the DR. > > 2) If the frame cloud is a different area than the > ethernet segment, the > loopback route disappears. This behaviour is > specific to OSPF, because of > the fact that all inter-area traffic MUST pass > through area 0. When the area > 0 link goes down, the route to the loopback may > disappear, depending upon > the OSPF topology. > > 3) When I reconfigured everything so that both the > frame relay and ethernet > segments were area 0, and the loopback interfaces > remained visible via the > frame segment after disconnecting the ethernet > segment, the process still > occurred as predicted. That is, the BDR became the > DR and the DR/Other > became the BDR. The fact that the loopback route > remained visible had NO > EFFECT whatsoever on the DR/BDR situation. Why? > Because the DR/BDR > relationship is unique to a segment. Again, this is > a behaviour specific to > OSPF. > > 4) My frame cloud was configured as a point to > multipoint network. As you > will see in the outputs, the routers form full > adjacencies on the frame > segment, but elect no DR or BDR. I believe that if I > were to configure the > frame segment as a broadcast network, that DR and > BDR's would be elected, > but that those designations would remain local to > that segment, and would > have no effect on any transactions on the ethernet > segment. I leave that > experiment to some other brave soul. > > Conclusion: > > With regards to OSPF, at least, the idea that the > loopback interface > provides any kind of reliability is in and o
Re: OSPF Lab - DR behaviour with loopbacks WAS: RE: question about loopback interfaces
Right. But if a interface bounces that isn't part of OSPF that shouldn't cause a OSPF reconvergence to occur. Thats what I was attempting to say below. --- Jason <[EMAIL PROTECTED]> wrote: > I thought OSPF is suppose to converge whenever you > have a change in the > route. I.e whenever any interface bounce.. > regardless of the OSPF Router ID. > The difference is probably in terms of the amount of > "data" being sent.. but > definitely a covergence would occur.. > > > > - Original Message - > From: "Erick B." <[EMAIL PROTECTED]> > To: "Chuck Larrieu" <[EMAIL PROTECTED]>; "CCIE_Lab > Groupstudy List" > <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Cc: "Priscilla Oppenheimer" <[EMAIL PROTECTED]> > Sent: Thursday, November 30, 2000 8:04 PM > Subject: Re: OSPF Lab - DR behaviour with loopbacks > WAS: RE: question about > loopback interfaces > > > > Chuck and others, > > > > I've been following this conversation and it is a > good > > review. > > > > Without a loopback interface, the OSPF RID (Router > ID) > > will be the highest IP address on the router when > the > > OSPF process becomes active. If that interface > isn't > > stable (say the highest IP is on a WAN circuit) > then > > when that interface bounces it will cause OSPF to > > re-converge. > > > > Using a loopback interface, the OSPF RID will be > the > > highest IP on a loopback when the OSPF process > starts. > > If you have OSPF running already and add loopback > > interfaces OSPF doesn't use the loopback IP > address > > for a RID until the OSPF process is restarted, > removed > > and added back (copy-paste), or the router is > rebooted > > on saved cfg. > > > > So for a stable OSPF environment, using loopbacks > > reduces the chances of un-necessary OSPF > > re-convergance and updates occuring when a > interface > > bounces. Example, if you had no loopbacks and had > s1 > > and e1 interfaces. s1 having highest IP and was > RID > > but s1 wasn't running OSPF - when s1 bounced for > > whatever reason OSPF would re-converge because the > > OSPF RID went down and came back up. > > > > Also, you don't need to advertise the loopback IP > > address into routing protocols unless you want to > > reach that from another device. > > > > I hope this clears things up... it's late so I > hope my > > explanation makes sense. :) If not, hit me for the > > mistakes if your ever in Chicago area. > > > > Erick B. - Prepping for attempt 2. > > (Why am I still up at 6am?) > > > > --- Chuck Larrieu <[EMAIL PROTECTED]> wrote: > > > Much as I personally rant about cross posting > the > > > two lists, I believe this > > > one might be worth examination from all levels. > > > > > > Recall the questions and answers about the > purpose > > > of the loopback > > > interface, particularly in OSPF. Among the > answers > > > proposed is that the > > > loopback, being always up, provides continuity, > in > > > case an interface fails. > > > In particular, the book answer is that because > the > > > loopback is always up, it > > > provides the means of reaching a router so long > as > > > the loopback is reachable > > > via any interface that remains operational. > > > > I wish this lab had been a bit quicker and less > > > dirty. But it has provided > > > an interesting learning experience for me. > Thought I > > > would pass along my > > > observations for those who want to ponder yet > > > another protocol behaviour. > > > > > > My supposition: > > > > > > - ethernet > > > | | | > > > DR BDR DR/other > > > | | | > > > (---frame relay cloud ) > > > > > > >DR ethernet hardware fails. > > > > > > > >I would venture a guess that the BDR > > > >would be promoted because even though there is > an > > > alternative route to the > > > >DR loopback, hellos go only to adjacent > routers, > > > and the DR is no longer > > > >adjacent. > > > > > > Well, I proved my point. Under this scenario, > when I > > > unplug the DR ethernet > > > port, the BDR b
Re: Frame Relay - Real Life Problem
If you look at the interface input stats for s0 there are input errors, CRC errors, framing errors, overruns, etc. Clear the counters if this has been up awhile, and see if those values increase still. If they do have the line looked at. This is a physical layer problem. If you want to make sure it's not a router/internal CSU problem swap your s0 and s1 configs and move the cables if you can take s1 down. Your s0 config doesn't have the service-module command specifying the timeslots. By default it should use all 24 timeslots but I have seen this not work correctly unless you put the command in there. Also, If you look at the LMI stats you are sending but not receiving. Is this a new Frame circuit? If so check with the provider and make sure the circuit is turned up, have right LMI type, etc. Sometimes they turn it off to stop the alarms until the customer installs their equipment. > - Original Message - > > > This is a configuration problem. > > > > Situation: I have two ISP's involved. The router > is a 2500 series. > > Internal CSU/DSU. > > On DLCI 17 ISP traffic routes. The other DLCI 16 > doesn't. Information > > is correct - > > I must be missing something. > > > > > > > Cormick#show frame-relay map > > Serial0.16 (down): point-to-point dlci, dlci > 16(0x10,0x400), broadcast > > status deleted > > Serial1.1 (up): point-to-point dlci, dlci > 17(0x11,0x410), broadcast, > > IETF > > status defined, active > > > > > > > Cormick#show frame-relay pvc > > > > PVC Statistics for interface Serial0 (Frame Relay > DTE) > > > > DLCI = 16, DLCI USAGE = LOCAL, PVC STATUS = > DELETED, INTERFACE = > > Serial0.16 > > > > input pkts 0 output pkts 4 > in bytes 0 > > out bytes 1794 dropped pkts 0 > in FECN pkts 0 > > in BECN pkts 0 out FECN pkts 0 > out BECN pkts 0 > > in DE pkts 0 out DE pkts 0 > > out bcast pkts 4 out bcast bytes 1794 > > pvc create time 9w3d, last time pvc status > changed 7w4d > > > > PVC Statistics for interface Serial1 (Frame Relay > DTE) > > > > DLCI = 16, DLCI USAGE = UNUSED, PVC STATUS = > INACTIVE, INTERFACE = > > Serial1 > > > > input pkts 0 output pkts 0 > in bytes 0 > > out bytes 0 dropped pkts 0 > in FECN pkts 0 > > in BECN pkts 0 out FECN pkts 0 > out BECN pkts 0 > > in DE pkts 0 out DE pkts 0 > > out bcast pkts 0 out bcast bytes 0 > Num Pkts > > Switched 0 > > pvc create time 9w3d, last time pvc status > changed 7w4d > > > > DLCI = 17, DLCI USAGE = LOCAL, PVC STATUS = > ACTIVE, INTERFACE = > > Serial1.1 > > > > input pkts 73176244 output pkts 63755322 > in bytes 2986909822 > > out bytes 4214766293 dropped pkts 239 > in FECN pkts 273970 > > in BECN pkts 254655 out FECN pkts 0 > out BECN pkts 0 > > in DE pkts 940978out DE pkts 0 > > out bcast pkts 96267 out bcast bytes > 27724896 > > pvc create time 9w3d, last time pvc status > changed 7w4d > > > > > > > Serial0 is up, line protocol is down > > Hardware is HD64570 with FT1 CSU/DSU > > MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, > rely 255/255, load 1/255 > > > > Encapsulation FRAME-RELAY IETF, loopback not > set, keepalive set (10 > > sec) > > LMI enq sent 578802, LMI stat recvd 0, LMI upd > recvd 0, DTE LMI down > > LMI enq recvd 0, LMI stat sent 0, LMI upd sent > 0 > > LMI DLCI 0 LMI type is ANSI Annex D frame > relay DTE > > Broadcast queue 0/64, broadcasts sent/dropped > 4/0, interface > > broadcasts 2 > > Last input never, output 00:00:04, output hang > never > > Last clearing of "show interface" counters never > > Queueing strategy: fifo > > Output queue 0/40, 0 drops; input queue 0/75, 0 > drops > > 5 minute input rate 0 bits/sec, 0 packets/sec > > 5 minute output rate 0 bits/sec, 0 packets/sec > > 0 packets input, 0 bytes, 0 no buffer > > Received 0 broadcasts, 0 runts, 0 giants, 0 > throttles > > 5210 input errors, 52 CRC, 2 frame, 3 > overrun, 320 ignored, 11 > > abort > > 578805 packets output, 8105008 bytes, 0 > underruns > > 0 output errors, 0 collisions, 192612 > interface resets > > 0 output buffer failures, 0 output buffers > swapped out > > 12 carrier transitions > > DCD=up DSR=up DTR=up RTS=up CTS=up > > Serial0.16 is down, line protocol is down > > Hardware is HD64570 with FT1 CSU/DSU > > Internet address is 216.224.128.66/30 > > MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, > rely 255/255, load 1/255 > > > > Encapsulation FRAME-RELAY IETF > > Serial1 is up, line protocol is up > > Hardware is HD64570 with FT1 CSU/DSU > > MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, > rely 255/255, load 2/255 > > > > Encapsulation FRAME-RELAY IETF, loopback not > set, keepalive set (10 > > sec) > > LMI enq sent 578763, LMI stat recvd
Re: Cisco 3920 in CCIE Lab?
It's on the equipment list and it is fair game (from experience in SJ). If you review the docs on cisco.com on configuration, etc that should provide enough information on how the device operates and is configured. --- Tim Ross <[EMAIL PROTECTED]> wrote: > Is a 3920 still used in the CCIE Lab? If so, is it > used as a major configuration problem? I haven't > used the 3920 and have been searching for one for my > home lab but all that I find are too expensive. Am I > missing much? __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
12.1(5)T enhancement... interface range
While browsing through the new features in recent releases I found something very useful that will speed up our config making/changing sessions. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t5/range.htm Router(config-if)# interface range fastethernet 5/1 - 5, gigabitethernet 1/1 - 2 Router(config-if)# no shutdown Router(config-if)# *Oct 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet5/1, changed state to up *Oct 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet5/2, changed state to up *Oct 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet5/3, changed state to up *Oct 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet5/4, changed state to up *Oct 6 08:29:28: %LINK-3-UPDOWN: Interface FastEthernet5/5, changed state to up *Oct 6 08:29:28: %LINK-3-UPDOWN: Interface GigabitEthernet1/1, changed state to up *Oct 6 08:29:28: %LINK-3-UPDOWN: Interface GigabitEthernet1/2, changed state to up *Oct 6 08:29:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/ 5, changed state to up *Oct 6 08:29:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/ 3, changed state to up *Oct 6 08:29:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet5/ 4, changed state to up Router(config-if)# Need I say more? I love the enhancements their making to the CLI. __ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
