Ethernet Class I and Class II repeaters [7:27420]
Does any one remeber which one of the cisco press book covers Ethernet repeater classes? Your answer is highly appreciated Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27420&t=27420 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Routers as tftp servers [7:27912]
"TFTP does not provide any security for file transfers, so it should not be available to a public firewall interface. Unauthorized users can upload new config files to your router, as well as download your current stored configs for analysis." How can you configure the router to accept TFTP file uploads? Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27912&t=27912 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Routers as tftp servers [7:27912]
Ok, I guess I need to explain my question in other words. If you are at the console of route A, can you upload a config file from router A to Router B? Thanks John Tafasi ""Nicolas FEVRIER"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > "TFTP does not provide any security for file transfers, so it should not be > > available to a public firewall interface. Unauthorized users can upload new > > config files to your router, as well as download your current stored > configs > > for analysis." > > > > How can you configure the router to accept TFTP file uploads? > > I use : > tftp-server flash:c3640-is-mz.121-5.T9.bin > in my "source" router to allow other routers to copy the ios image from > this > one. > > Check this out : > http://www.cisco.com/warp/public/63/copyimage.html > > Nicolas. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28035&t=27912 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Telephone lines [7:28151]
Hi group, Can some one tell me how many twisted pair there are in a regular telephone line. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28151&t=28151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Connecting Windows NT RAS [7:28570]
Hi Group, Assume that I have a T1 line that need to be connected to a Windows NT 4.0 server running RAS. The goal is to allow 24 simultaneous call to the server. What hardware do I need to provide this kind of connectivity? Do I need 24 serial ports on the server, each connected to an external modem? If the answer is yes, how do connect these 24 modems to the T1 line? Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28570&t=28570 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ip mtu command [7:29019]
Hi group Assume I have the following configuration on my router interface e0 ip mtu 128 Does the 128 incude the ip header? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=29019&t=29019 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Connecting Windows NT RAS [7:28570]
I agree 100% with what Michael said. I know I can terminate the T1 line on a cisco access server. But I am assuming that I want to use the Windows NT RAS service. So the quesion again is what hardware is required to enable a window nt server to accept 24 simultaneous calls? Assume that you do not want to use a Cisco Access server. Thanks John Tafasi ""Michael Williams"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Brad, is it possible that John is asking about terminating an ISDN PRI line > somehow so that the NT server *would* handle the incoming calls? When he > says "NT 4.0 running RAS" that's what I think of first thing. I agree with > you that the best way to handle it would be to use an Access Server which > authenticates to the NT Box (using Radius or TACACS or the like), however, > then the NT server (technically) would no longer need to run RAS services > nor would it be called a RAS box (in Microsoft terms). It would just simply > be an NT box used for authentication purposes. > > John, another good box to check out is the Cisco3600 series. With a > NM-1CT1-CSU, and a network module loaded with four of the 6-modem mica > modules, you can handle a T1's worth of dial-up no sweat. We have two 3640s > in use for such right now (one with a single T1 PRI and one with two T1 PRIs > for different parts of our organization) and we couldn't be happier with > them. Although for a single T1 PRI and 24 Mica modems, (I believe) you > coudl get away with using a 3620. > > Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=29020&t=28570 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Written: DNS and NAT [7:29461]
Does any body have good resource that explains how NAT on the firewall works with DNS? Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=29461&t=29461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written: DNS and NAT [7:29461]
Thanks Phil and every body for your efforts to answer my questions. To be more specific, I have included the scenario that caused me to start this thread. Visit the link below and view the graphic and the solution to the scenario. Click here and wait until the word document loads I will post more DNS-NAT scenarios later for discussions. So please stay tune. Thanks John Tafasi ""Phil"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > John- specifically what is your question ??? I've had to do a lot of > DNS related research these past few months (using Meta, Garner, White > Papers, Berkley, Microsoft, etc.), but I don't believe I have seen > specific issues with NAT and DNS. The Firewalls must be configured to > pass UDP port 53 and can enforce an access-list only to allow certain > servers (say the ISPs primary and yours), TSIG (BIND), or to proxy. > With proxy (say Gauntlet or Symantec's Raptor line-up) the NAT or PAT > portion plays no roll. As the query moves, @ no time should the DNS > server being polled need to cache the resolver's information (does this > makes sense ???). I guess, what I am trying to say is that it does not > matter is I am requesting from a global IP address or a private 10.0.0.0 > address. If your lookup is recursive or iterative, the firewall has a > state table, NAT statistics, or a PAT lookup (UNIX programs refer to it > as IP Masquerading), mapping it back to the resolver (be it PC or file > server) that initiated the lookup. > > I believe I may not have answered your question > > Let me know- I never was asked to deliver my DNS presentation and Im > still miffed Ive been studying such a boring subject as of late :-) > Phil > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > John Tafasi > Sent: Tuesday, December 18, 2001 3:37 AM > To: [EMAIL PROTECTED] > Subject: CCIE Written: DNS and NAT [7:29461] > > Does any body have good resource that explains how NAT on the firewall > works > with DNS? > > > Thanks > > John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=29631&t=29461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written: DNS and NAT [7:29461]
Thanks Phil and every body for your efforts to answer my questions. To be more specific, I have included the scenario that caused me to start this thread. Visit the link below and view the graphic and the solution to the scenario. (watch the wrap around the link) http://us.f1.yahoofs.com/users/2362c12b/bc/Questions/NAT-DNS1.doc?bcGtOc8AMR WqvCn2 I will post more DNS-NAT scenarios later for discussions. So please stay tune. Thanks John Tafasi ""Phil"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > John- specifically what is your question ??? I've had to do a lot of > DNS related research these past few months (using Meta, Garner, White > Papers, Berkley, Microsoft, etc.), but I don't believe I have seen > specific issues with NAT and DNS. The Firewalls must be configured to > pass UDP port 53 and can enforce an access-list only to allow certain > servers (say the ISPs primary and yours), TSIG (BIND), or to proxy. > With proxy (say Gauntlet or Symantec's Raptor line-up) the NAT or PAT > portion plays no roll. As the query moves, @ no time should the DNS > server being polled need to cache the resolver's information (does this > makes sense ???). I guess, what I am trying to say is that it does not > matter is I am requesting from a global IP address or a private 10.0.0.0 > address. If your lookup is recursive or iterative, the firewall has a > state table, NAT statistics, or a PAT lookup (UNIX programs refer to it > as IP Masquerading), mapping it back to the resolver (be it PC or file > server) that initiated the lookup. > > I believe I may not have answered your question > > Let me know- I never was asked to deliver my DNS presentation and Im > still miffed Ive been studying such a boring subject as of late :-) > Phil > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > John Tafasi > Sent: Tuesday, December 18, 2001 3:37 AM > To: [EMAIL PROTECTED] > Subject: CCIE Written: DNS and NAT [7:29461] > > Does any body have good resource that explains how NAT on the firewall > works > with DNS? > > > Thanks > > John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=29632&t=29461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Difference between SNMP notifications and traps [7:62478]
What is the difference between an SNMP notification and an SNMP trap? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62478&t=62478 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Difference between SNMP notifications and traps [7:62478]
I also found this from cisco's web site "SNMP notifications can be sent as traps or inform requests" So notification is either a trap or inform request sent by the router. Thanks for all - Original Message - From: "brett spunt" To: "'John Tafasi'" ; Sent: Tuesday, February 04, 2003 10:51 PM Subject: RE: Difference between SNMP notifications and traps [7:62478] > I guess it depends on the context, but when configuring a Network Mgmt > Server, like Ciscoworks, insight manager, etc. a SNMP notification > refers to a SMTP email, or pager notification, etc. of a warning, or > critical situation that has occurred, with the NMS learning about it > through various methods, like SNMP polling, or SNMP trap receiving (the > end node sends a trap about an event that has occurred, like a link > down, power supply failure, etc) > Polling is done on a different UDP port, and is done by the NMS > actively, where a "trap" is generated by the end node to the NMS > (Network mgmt server) > > Hope that helps... > > Brett Spunt > > -----Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > John Tafasi > Sent: Tuesday, February 04, 2003 4:22 PM > To: [EMAIL PROTECTED] > Subject: Difference between SNMP notifications and traps [7:62478] > > What is the difference between an SNMP notification and an SNMP trap? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63130&t=62478 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Van Jacopson TCP/IP header compression (RFC 1144) [7:64045]
Hi group, Does the Van Jacopson TCP/IP header compression algorithm compresses both ip and tcp headers or only the tcp header? Thanks in advance John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64045&t=64045 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
show frame-relay traffic [7:64046]
I have noticed that the show frame-relay traffic on my routers does not show that routers have sent and received inverse arp requests. Does any body know why is that? Thanks John Tafasi r5#show frame-relay map Serial0 (up): ip 10.10.10.2 dlci 501(0x1F5,0x7C50), dynamic, broadcast,, status defined, active Serial0 (up): ip 10.10.10.4 dlci 504(0x1F8,0x7C80), dynamic, broadcast,, status defined, active r5#show frame-relay traffic Frame Relay statistics: ARP requests sent 0, ARP replies sent 0 ARP request recvd 0, ARP replies recvd 0 r5# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64046&t=64046 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Configuring CIR on a cisco 2522 FR switch [7:64187]
Hi group, I have a cisco 2522 router that is configured as a frame relay switch. I am trying to configure CIR on serial 4 so that if the router connected to s4 is sending more traffic than the configured CIR, packets will be dropped at fhe frame relay switch. I configured the CIR on the switch but it seems that the router connected to s4 can still send traffic at rates exceeding the CIR, and the FR switch will not drop any packet. Can some one give an advice here? Below is the configuration of the frame relay switch. Frame_Relay_Switch#show run Building configuration... Current configuration: ! version 11.2 no service password-encryption no service udp-small-servers no service tcp-small-servers ! hostname Frame_Relay_Switch ! enable secret 5 $1$dzof$Eb3uuMoHCj2x4/dCZFZ5T. ! frame-relay switching ! interface Ethernet0 no ip address shutdown ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface Serial2 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay route 104 interface Serial4 401 frame-relay route 105 interface Serial5 501 frame-relay route 106 interface Serial6 601 ! interface Serial3 no ip address shutdown ! interface Serial4 no ip address encapsulation frame-relay clockrate 64000 frame-relay class para frame-relay intf-type dce frame-relay route 401 interface Serial2 104 frame-relay route 405 interface Serial5 504 frame-relay route 406 interface Serial6 604 ! interface Serial5 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay route 501 interface Serial2 105 frame-relay route 504 interface Serial4 405 frame-relay route 506 interface Serial6 605 ! interface Serial6 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay route 601 interface Serial2 106 frame-relay route 604 interface Serial4 406 frame-relay route 605 interface Serial5 506 ! interface Serial7 no ip address shutdown ! interface Serial8 no ip address shutdown ! interface Serial9 no ip address shutdown ! interface BRI0 no ip address shutdown ! no ip classless ! map-class frame-relay parameters frame-relay cir 300 ! map-class frame-relay para frame-relay traffic-rate 1000 frame-relay cir 1000 frame-relay bc 1000 ! line con 0 exec-timeout 3 0 line aux 0 line vty 0 4 login ! end Frame_Relay_Switch# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64187&t=64187 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
catalyst 3550 and CGMP [7:64240]
Does any body know how to enable CGMP on a 3550 catalyst switch? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64240&t=64240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Certified Cisco System Instructor (CCSI) [7:64313]
Hi Group, I am interested in becoming a CCSI but i could not find any information regarding procedures for this certification on Cisco's web site. Can some one give me some advice. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64313&t=64313 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Certified Cisco System Instructor (CCSI) [7:64436]
Thanks Brian. That makes sense. - Original Message - From: "Brian Dennis" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Monday, March 03, 2003 10:13 PM Subject: RE: Certified Cisco System Instructor (CCSI) > In order to become a CCSI you have to be sponsored by a Cisco Training > (Learning) Partner. > > In today's market there aren't a lot of jobs, if any, for CCSIs. I would > estimate that about 50% of the CCSIs I know aren't teaching authorized > Cisco classes anymore. All the good CCSIs I know are off on there own > consulting or teaching private classes. > > Unless someone can teach a ton of Cisco classes right off the bat (MPLS, > CVOICE, CWFUN, MCAST, etc) I would be very surprised if a Cisco training > partner was willing to sponsor someone new. > > Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security) CCSI #98640 > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > John Tafasi > Sent: Monday, March 03, 2003 7:59 PM > To: Cisco Group Study; ccielab > Subject: Certified Cisco System Instructor (CCSI) > > Hi Group, > > I am interested in becoming a CCSI but i could not find any information > regarding procedures for this certification on Cisco's web site. Can > some > one give me some advice. > > Thanks > > John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64436&t=64436 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Catalyst 3550 SMI or EMI [7:64442]
How do I know if a catalyst 3550 is running EMI or SMI image. I tried using show version but that gave me no clue. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64442&t=64442 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Problem with Lightstream 100, SVC [7:64755]
Hi Group, I have two atm routers that are connected to a Cisco Lightstream 100 atm switch. I am trying to cause r6 to call r9 but the call does not succeed. I have configured svc routes on the switch and configured the two routers to use svc to reach each other. Below you will find the necessary configurations and output of the debug commands. From the output of the debug commands on the routers I can see that the routers could not register their addresses with the arp server. A r6#show run Building configuration... Current configuration : 883 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname r6 ! ! ip subnet-zero ! ip ssh time-out 120 ip ssh authentication-retries 3 ! ! ! ! interface Ethernet0 no ip address shutdown media-type 10BaseT ! interface Ethernet1 no ip address shutdown media-type 10BaseT ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface ATM0 no ip address atm pvc 1 0 5 qsaal atm pvc 2 0 16 ilmi no atm ilmi-keepalive ! interface ATM0.1 multipoint ip address 138.10.168.1 255.255.255.0 atm nsap-address 47.000100010001000100010001.111011101110.00 atm arp-server nsap 47.000200020002000200020002.222022202220.00 ! ! ip classless no ip http server ip pim bidir-enable ! ! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end r6# === r9>ena r9#show run Building configuration... Current configuration : 643 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname r9 ! ! ip subnet-zero ! ip ssh time-out 120 ip ssh authentication-retries 3 ! ! ! ! interface Ethernet0 no ip address shutdown ! interface Ethernet1 no ip address shutdown ! interface ATM0 no ip address atm pvc 1 0 5 qsaal atm pvc 2 0 16 ilmi no atm ilmi-keepalive ! interface ATM0.1 multipoint ip address 138.108.168.2 255.255.255.0 atm nsap-address 47.000200020002000200020002.222022202220.00 atm arp-server self ! ! ip classless no ip http server ip pim bidir-enable ! ! ! ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! end r9# === LS100#show pvc 0 Bandwidth Available (Forward/Backward/Line Rate): 0.0 / 0.0 / 155.0 Mbps Existing connections :0 (Uni),2 (Bi),0 (Multipoint),2 (Gateway) LowLine LowVPI LowVCI HiLine HiVPI HiVCI TrfType CONNECTION 0 0 516 0 2 UBR-BE Gateway 0 0 1616 0 3 UBR-BE Gateway 0 0 32 2 0 32 UBR-BE Bi 0 0 100 2 0 101 VBR-GS Bi LS100# LS100# LS100# LS100# LS100# LS100#show pvc 0 Bandwidth Available (Forward/Backward/Line Rate): 0.0 / 0.0 / 155.0 Mbps Existing connections :0 (Uni),2 (Bi),0 (Multipoint),2 (Gateway) LowLine LowVPI LowVCI HiLine HiVPI HiVCI TrfType CONNECTION 0 0 516 0 2 UBR-BE Gateway 0 0 1616 0 3 UBR-BE Gateway 0 0 32 2 0 32 UBR-BE Bi 0 0 100 2 0 101 VBR-GS Bi LS100#show pvc 2 Bandwidth Available (Forward/Backward/Line Rate): 0.0 / 0.0 / 155.0 Mbps Existing connections :0 (Uni),2 (Bi),0 (Multipoint),2 (Gateway) LowLine LowVPI LowVCI HiLine HiVPI HiVCI TrfType CONNECTION 2 0 516 0 2 UBR-BE Gateway 2 0 1616 0 3 UBR-BE Gateway 2 0 32 0 0 32 UBR-BE Bi 2 0 101 0 0 100 VBR-GS Bi LS100#show route Destination Type PrimaryVPI Secondary VPI 4700010001 0001000100 011110 1110111000 NSAP * 0 10 0 200 4700020002 0002000200 020000 2220222000 NSAP * 2 10 2 200 LS100#show line Line 0 :(GOOD) Line 1 :(NA) Line 2 :(GOOD) Line 3 :(NA) Line 4 :(Loss of Signal) Line 5 :(NA) Line 6 :(Loss of Signal) Line 7 :(NA) Line 8 :(NA) Line 9 :(NA) Line 10:(NA) Line 11:(NA) Line 12:(NA) Line 13:(NA) Line 14:(NA) Line 15:(NA) LS100# == Output of debug atm sig-all on r6 r6# 00:14:02: ATMSIG(ATM0 0,0 - 0014/00): (vcnum:0) API - alloc_connection_id E 00:14:02: ATMAPI: (c->s): SETUPv2 ci: 0xE mp: 0 ei: 0x 00:14:02: ATMSIG: Called len 20 00:14:02: ATMSIG: Calling len 20 00:14:02: ATMSIG(ATM0 0,0 - 0014/00): (vcnum:0) build Setup msg, Null(U0) state 00:14:02: ATMSIG(ATM0 0,0 - 0014/00): (vcnum:0) API - from sig-client ATM_OWNER_SMAP 00:14:02: ATMSIG(ATM0 0,0 - 0014/00): (vcnum:16) Input event : Req Setup in Null(U0) 00:14:02: ATMSIG(ATM0 0,0 - 0014/00): (vcnum:16) Output Setup msg(XferAndTx), Null(U0) state 00:14:02: ATMSIG: Called Party Addr: 47.000200020002000200020002.222022202220.00 r6# 00:14:02: ATMSIG: Calling Party Addr: 47.000100010001000100010001.111011101110.00 00:14:02: ATMSIG(AT
Re: Problem with Lightstream 100, SVC [7:64788]
Yes. And you will find below the output of the show route on the LS100: LS100#show route Destination Type PrimaryVPI Secondary VPI 4700010001 0001000100 011110 1110111000 NSAP * 0 10 0 200 4700020002 0002000200 020000 2220222000 NSAP * 2 10 2 200 LS100# - Original Message - From: "Tony Schaffran" To: "John Tafasi" ; "Cisco Group Study" ; "ccielab" Sent: Friday, March 07, 2003 1:11 PM Subject: Re: Problem with Lightstream 100, SVC > My first question would be, is your LS100 configured for routing NSAP > addresses? > > > > Tony Schaffran > Network Analyst > CCIE #11071 > CCNP, CCNA, CCDA, > NNCSS, NNCDS, CNE, MCSE > > www.cconlinelabs.com > "Your #1 choice for Cisco rack rentals." > > > - Original Message - > From: "John Tafasi" > To: "Cisco Group Study" ; "ccielab" > > Sent: Friday, March 07, 2003 11:37 AM > Subject: Problem with Lightstream 100, SVC > > > > Hi Group, > > > > I have two atm routers that are connected to a Cisco Lightstream 100 atm > > switch. I am trying to cause r6 to call r9 but the call does not succeed. > I > > have configured svc routes on the switch and configured the two routers to > > use svc to reach each other. Below you will find the necessary > > configurations and output of the debug commands. From the output of the > > debug commands on the routers I can see that the routers could not > register > > their addresses with the arp server. > > > > > > A > > > > r6#show run > > Building configuration... > > > > Current configuration : 883 bytes > > ! > > version 12.2 > > service timestamps debug uptime > > service timestamps log uptime > > no service password-encryption > > ! > > hostname r6 > > ! > > ! > > ip subnet-zero > > ! > > ip ssh time-out 120 > > ip ssh authentication-retries 3 > > ! > > ! > > ! > > ! > > interface Ethernet0 > > no ip address > > shutdown > > media-type 10BaseT > > ! > > interface Ethernet1 > > no ip address > > shutdown > > media-type 10BaseT > > ! > > interface Serial0 > > no ip address > > shutdown > > ! > > interface Serial1 > > no ip address > > shutdown > > ! > > interface ATM0 > > no ip address > > atm pvc 1 0 5 qsaal > > atm pvc 2 0 16 ilmi > > no atm ilmi-keepalive > > ! > > interface ATM0.1 multipoint > > ip address 138.10.168.1 255.255.255.0 > > atm nsap-address 47.000100010001000100010001.111011101110.00 > > atm arp-server nsap 47.000200020002000200020002.222022202220.00 > > ! > > ! > > ip classless > > no ip http server > > ip pim bidir-enable > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > line con 0 > > exec-timeout 0 0 > > logging synchronous > > line aux 0 > > line vty 0 4 > > login > > ! > > end > > > > r6# > > > > === > > > > r9>ena > > r9#show run > > Building configuration... > > > > Current configuration : 643 bytes > > ! > > version 12.2 > > service timestamps debug uptime > > service timestamps log uptime > > no service password-encryption > > ! > > hostname r9 > > ! > > ! > > ip subnet-zero > > ! > > ip ssh time-out 120 > > ip ssh authentication-retries 3 > > ! > > ! > > ! > > ! > > interface Ethernet0 > > no ip address > > shutdown > > ! > > interface Ethernet1 > > no ip address > > shutdown > > ! > > interface ATM0 > > no ip address > > atm pvc 1 0 5 qsaal > > atm pvc 2 0 16 ilmi > > no atm ilmi-keepalive > > ! > > interface ATM0.1 multipoint > > ip address 138.108.168.2 255.255.255.0 > > atm nsap-address 47.000200020002000200020002.222022202220.00 > > atm arp-server self > > ! > > ! > > ip classless > > no ip http server > > ip pim bidir-enable > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > line con 0 > > line aux 0 > > line vty 0 4 > > ! > > end > > > > r9# > > > > > > === > > > > > > LS100#show pvc 0 > > Band
Re: Problem with Lightstream 100, SVC [7:64789]
I corrected the ip address but the routers still can not complete the call. Here is the output of the debug atm sig-all after i configured the switch that connected routers are users no another switch: r6# 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:0) API - alloc_connection_id F3 04:02:04: ATMAPI: (c->s): SETUPv2 ci: 0xF3 mp: 0 ei: 0x 04:02:04: ATMSIG: Called len 20 04:02:04: ATMSIG: Calling len 20 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:0) build Setup msg, Null(U0) state 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:0) API - from sig-client ATM_OWNER_SMAP 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Input event : Req Setup in Null(U0) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Output Setup msg(XferAndTx), Null(U0) state 04:02:04: ATMSIG: Called Party Addr: 47.000200020002000200020002.222022202220.00 r6# 04:02:04: ATMSIG: Calling Party Addr: 47.000100010001000100010001.111011101110.00 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Null(U0) -> Call Initiated(U1) 04:02:04: E164 NOT Converted 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Input event : Rcvd Release Complete in Call Initiated(U1) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245)cause = mandatory information element is missing, location = User 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Call Initiated(U1) -> Null(U0) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) API - notifying Release Complete event to client ATM0.1 04:02:04: ATMAPI: (cs): SETUPv2 ci: 0xE9 mp: 0 ei: 0x 04:01:04: ATMSIG: Called len 20 04:01:04: ATMSIG: Calling len 20 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) build Setup msg, Null(U0) state 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) API - from sig-client ATM_OWNER_SMAP 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Req Setup in Null(U0) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Output Setup msg(XferAndTx), Null(U0) state 04:01:04: ATMSIG: Called Party Addr: 47.000200020002000200020002.222022202220.00 04:01:04: ATMSIG: Calling Party Addr: 47.000200020002000200020002.222022202220.00 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Null(U0) -> Call Initiated(U1) 04:01:04: E164 NOT Converted 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Rcvd Release Complete in Call Initiated(U1) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234)cause = mandatory information element is missing, location = User 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Call Initiated(U1) -> Null(U0) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) API - notifying Release Complete event to client ATM0.1 04:01:04: ATMAPI: (c To: "John Tafasi" ; "Cisco Group Study" ; "ccielab" Sent: Friday, March 07, 2003 1:18 PM Subject: Re: Problem with Lightstream 100, SVC > Your IP addresses are incorrect. It looks like you forgot the 8 in 108 on > R6. > > > > Tony Schaffran > Network Analyst > CCIE #11071 > CCNP, CCNA, CCDA, > NNCSS, NNCDS, CNE, MCSE > > www.cconlinelabs.com > "Your #1 choice for Cisco rack rentals." > > > - Original Message - > From: "John Tafasi" > To: "Cisco Group Study" ; "ccielab" > > Sent: Friday, March 07, 2003 11:37 AM > Subject: Problem with Lightstream 100, SVC > > > > Hi Group, > > > > I have two atm routers that are connected to a Cisco Lightstream 100 atm > > switch. I am trying to cause r6 to call r9 but the call does not succeed. > I > > have configured svc routes on the switch and configured the two routers to > > use svc to reach each other. Below you will find the necessary > > configurations and output of the debug commands. From the output of the > > debug commands on the routers I can see that the routers could not > register > > their addresses with the arp server. > > > > > > A > > > > r6#show run > > Building configuration... > > > > Current configuration : 883 bytes > > ! > > version 12.2 > > service timestamps debug uptime > > service timestamps log uptime > > no service password-encryption > > ! > > hostname r6 > > ! > > ! > > ip subnet-zero > > ! > > ip ssh time-out 120 > > ip ssh authentication-retries 3 > > ! > > ! > > ! > > ! > > interface Ethernet0 > > no ip address > > shutdown > > media-type 10BaseT > > ! > > interface Ethernet1 > > no ip address > > shutdown > > media-type 10BaseT > > ! > > interface Serial0 > > no ip address > > shutdown > > ! > > interface Serial1 > > no ip address > > shutdown > > ! > > interface ATM0 > > no ip address > > atm pvc 1 0 5 qsaal > > atm pvc 2 0 16 ilmi > &
Re: Problem with Lightstream 100, SVC [7:64790]
omplete in Call Initiated(U1) > 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245)cause = mandatory > information element is missing, location = User > 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Call Initiated(U1) -> > Null(U0) > 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) API - notifying Release > Complete event to client ATM0.1 > 04:02:04: > ATMAPI: (c r6# > > === > r9# > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) API - alloc_connection_id E9 > 04:01:04: > ATMAPI: (c->s): SETUPv2 ci: 0xE9 mp: 0 ei: 0x > 04:01:04: ATMSIG: Called len 20 > 04:01:04: ATMSIG: Calling len 20 > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) build Setup msg, Null(U0) > state > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) API - from sig-client > ATM_OWNER_SMAP > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Req Setup in > Null(U0) > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Output Setup > msg(XferAndTx), Null(U0) state > 04:01:04: ATMSIG: Called Party Addr: > 47.000200020002000200020002.222022202220.00 > 04:01:04: ATMSIG: Calling Party Addr: > 47.000200020002000200020002.222022202220.00 > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Null(U0) -> Call > Initiated(U1) > 04:01:04: E164 NOT Converted > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Rcvd Release > Complete in Call Initiated(U1) > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234)cause = mandatory > information element is missing, location = User > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Call Initiated(U1) -> > Null(U0) > 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) API - notifying Release > Complete event to client ATM0.1 > 04:01:04: > ATMAPI: (c > > > > - Original Message - > From: "Tony Schaffran" > To: "John Tafasi" ; "Cisco Group Study" > ; "ccielab" > Sent: Friday, March 07, 2003 1:18 PM > Subject: Re: Problem with Lightstream 100, SVC > > > > Your IP addresses are incorrect. It looks like you forgot the 8 in 108 on > > R6. > > > > > > > > Tony Schaffran > > Network Analyst > > CCIE #11071 > > CCNP, CCNA, CCDA, > > NNCSS, NNCDS, CNE, MCSE > > > > www.cconlinelabs.com > > "Your #1 choice for Cisco rack rentals." > > > > > > - Original Message - > > From: "John Tafasi" > > To: "Cisco Group Study" ; "ccielab" > > > > Sent: Friday, March 07, 2003 11:37 AM > > Subject: Problem with Lightstream 100, SVC > > > > > > > Hi Group, > > > > > > I have two atm routers that are connected to a Cisco Lightstream 100 atm > > > switch. I am trying to cause r6 to call r9 but the call does not > succeed. > > I > > > have configured svc routes on the switch and configured the two routers > to > > > use svc to reach each other. Below you will find the necessary > > > configurations and output of the debug commands. From the output of the > > > debug commands on the routers I can see that the routers could not > > register > > > their addresses with the arp server. > > > > > > > > > A > > > > > > r6#show run > > > Building configuration... > > > > > > Current configuration : 883 bytes > > > ! > > > version 12.2 > > > service timestamps debug uptime > > > service timestamps log uptime > > > no service password-encryption > > > ! > > > hostname r6 > > > ! > > > ! > > > ip subnet-zero > > > ! > > > ip ssh time-out 120 > > > ip ssh authentication-retries 3 > > > ! > > > ! > > > ! > > > ! > > > interface Ethernet0 > > > no ip address > > > shutdown > > > media-type 10BaseT > > > ! > > > interface Ethernet1 > > > no ip address > > > shutdown > > > media-type 10BaseT > > > ! > > > interface Serial0 > > > no ip address > > > shutdown > > > ! > > > interface Serial1 > > > no ip address > > > shutdown > > > ! > > > interface ATM0 > > > no ip address > > > atm pvc 1 0 5 qsaal > > > atm pvc 2 0 16 ilmi > > > no atm ilmi-keepalive > > > ! > > > interface ATM0.1 multipoint > > > ip address 138.10.168.1 255.255.255.0 > > > atm nsap-address 47.000100010001000100010001.111011101110.00 > > >
Debug atm ilmi [7:64849]
Hi group, I am receiving ilmi errored responses from the Lightstream 100 switch that I am using. Does any body know what could be wrong ? Here is the output from r6. r9#debug atm ilmi Setting ILMI debug for all interfaces. r9# 01:55:18: ILMI(ATM0):Trying keepalive objects one at a time 01:55:18: ILMI(ATM0):SystemId being queried for keepalive 01:55:18: ILMI(ATM0):PortMyIfId being queried for keepalive 01:55:18: ILMI(ATM0):peerSysUpTime being queried for keepalive 01:55:18: ILMI(ATM0):Sending out Request 108 01:55:18: ILMI(ATM0):Sending out Request 109 01:55:18: ILMI(ATM0):Sending out Request 110 01:55:18: ILMI(ATM0):Response received for request 108 01:55:18: ILMI(ATM0): Errored response Function Type = ilmiKeepAliveSysIdQuery 01:55:18: ILMI(ATM0): Errored response to ilmiKeepAliveSysIdQuery 01:55:18: ILMI(ATM0):Response received for request 109 01:55:18: ILMI(ATM0): Errored response Function Type = ilmiKeepAlivePortIfQuery 01:55:18: ILMI(ATM0): Errored response to ilmiKeepAlivePortIfQuery 01:55:18: ILMI(ATM0):Response received for request 110 01:55:18: ILMI(ATM0):Verifying response to SysUpTime query 01:55:23: ILMI(ATM0):Trying keepalive objects one at a time 01:55:23: ILMI(ATM0):SystemId being queried for keepalive 01:55:23: ILMI(ATM0):PortMyIfId being queried for keepalive 01:55:23: ILMI(ATM0):peerSysUpTime being queried for keepalive 01:55:23: ILMI(ATM0):Sending out Request 111 01:55:23: ILMI(ATM0):Sending out Request 112 01:55:23: ILMI(ATM0):Sending out Request 113 01:55:23: ILMI(ATM0):Response received for request 111 01:55:23: ILMI(ATM0): Errored response Function Type = ilmiKeepAliveSysIdQuery 01:55:23: ILMI(ATM0): Errored response to ilmiKeepAliveSysIdQuery 01:55:23: ILMI(ATM0):Response received for request 112 01:55:23: ILMI(ATM0): Errored response Function Type = ilmiKeepAlivePortIfQuery 01:55:23: ILMI(ATM0): Errored response to ilmiKeepAlivePortIfQuery 01:55:23: ILMI(ATM0):Response received for request 113 01:55:23: ILMI(ATM0):Verifying response to SysUpTime query 01:55:28: ILMI(ATM0):Trying keepalive objects one at a time 01:55:28: ILMI(ATM0):SystemId being queried for keepalive 01:55:28: ILMI(ATM0):PortMyIfId being queried for keepalive 01:55:28: ILMI(ATM0):peerSysUpTime being queried for keepalive 01:55:28: ILMI(ATM0):Sending out Request 114 01:55:28: ILMI(ATM0):Sending out Request 115 01:55:28: ILMI(ATM0):Sending out Request 116 01:55:28: ILMI(ATM0):Response received for request 114 01:55:28: ILMI(ATM0): Errored response Function Type = ilmiKeepAliveSysIdQuery 01:55:28: ILMI(ATM0): Errored response to ilmiKeepAliveSysIdQuery 01:55:28: ILMI(ATM0):Response received for request 115 01:55:28: ILMI(ATM0): Errored response Function Type = ilmiKeepAlivePortIfQuery 01:55:28: ILMI(ATM0): Errored response to ilmiKeepAlivePortIfQuery 01:55:28: ILMI(ATM0):Response received for request 116 01:55:28: ILMI(ATM0):Verifying response to SysUpTime query 01:55:33: ILMI(ATM0):Trying keepalive objects one at a time 01:55:33: ILMI(ATM0):SystemId being queried for keepalive 01:55:33: ILMI(ATM0):PortMyIfId being queried for keepalive 01:55:33: ILMI(ATM0):peerSysUpTime being queried for keepalive 01:55:33: ILMI(ATM0):Sending out Request 117 01:55:33: ILMI(ATM0):Sending out Request 118 01:55:33: ILMI(ATM0):Sending out Request 119 01:55:33: ILMI(ATM0):Response received for request 117 01:55:33: ILMI(ATM0): Errored response Function Type = ilmiKeepAliveSysIdQuery 01:55:33: ILMI(ATM0): Errored response to ilmiKeepAliveSysIdQuery 01:55:33: ILMI(ATM0):Response received for request 118 01:55:33: ILMI(ATM0): Errored response Function Type = ilmiKeepAlivePortIfQuery 01:55:33: ILMI(ATM0): Errored response to ilmiKeepAlivePortIfQuery 01:55:33: ILMI(ATM0):Response received for request 119 01:55:33: ILMI(ATM0):Verifying response to SysUpTime query 01:55:38: ILMI(ATM0):Trying keepalive objects one at a time 01:55:38: ILMI(ATM0):SystemId being queried for keepalive 01:55:38: ILMI(ATM0):PortMyIfId being queried for keepalive 01:55:38: ILMI(ATM0):peerSysUpTime being queried for keepalive 01:55:38: ILMI(ATM0):Sending out Request 120 01:55:38: ILMI(ATM0):Sending out Request 121 01:55:38: ILMI(ATM0):Sending out Request 122 01:55:38: ILMI(ATM0):Response received for request 120 01:55:38: ILMI(ATM0): Errored response Function Type = ilmiKeepAliveSysIdQuery 01:55:38: ILMI(ATM0): Errored response to ilmiKeepAliveSysIdQuery 01:55:38: ILMI(ATM0):Response received for request 121 01:55:38: ILMI(ATM0): Errored response Function Type = ilmiKeepAlivePortIfQuery 01:55:38: ILMI(ATM0): Errored response to ilmiKeepAlivePortIfQuery 01:55:38: ILMI(ATM0):Response received for request 122 01:55:38: ILMI(ATM0):Verifying response to SysUpTime query 01:55:43: ILMI(ATM0):Trying keepalive objects one at a time 01:55:43: ILMI(ATM0):SystemId being queried for keepalive 01:55:43: ILMI(ATM0):PortMyIfId being queried for keepalive 01:55:43: ILMI(ATM0):peerSysUpTime being queried for keepalive 01:55:43: ILMI(ATM0):Sending out Request 123 01:55:43:
Pinging a Multicast address [7:65130]
Hi group, I practicing multicast and I am trying to get the router below to send a continuous multicast stream. I receive response to only the first multicast packet. Can some one give me a solution for this? Thanks John Tafasi r1#ping Protocol [ip]: Target IP address: 225.2.2.2 Repeat count [1]: 100 Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 100, 100-byte ICMP Echos to 225.2.2.2, timeout is 2 seconds: Reply to request 0 from 150.50.7.7, 440 ms.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65130&t=65130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
"Building Graft message" [7:65413]
Hi Group, The debug ip pim command on my router shows the router building a graft message but i could not understand what "no entries" at the end of the message mean. Can some one tell me what it means? Thanks John Tafasi r6(config-if)#ip igmp join-group 225.22.2.2 19:30:16: PIM: Send v2 Hello on Serial0 19:30:17: PIM: Building Graft message for 225.22.2.2, Serial0: no entries r6(config-if)# r6(config-if)# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65413&t=65413 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
R6 does not send prune message [7:65415]
Hi Group, When i configured r6 with "ip igmp join-group" command it generated I graft message to the ustream router, but it did not generat a prune message when i entered "ip igmp join-group." Could some one just tell me why ? BTW the network is runing dense mode multicast. Thanks John Tafasi r6(config-if)#ip igmp join-group 225.22.2.2 19:30:17: PIM: Building Graft message for 225.22.2.2, Serial0: no entries r6(config-if)# r6(config-if)# r6(config-if)#no ip igmp join-group 225.22.2.2 r6(config-if)#end r6# 19:37:15: %SYS-5-CONFIG_I: Configured from console by console 19:37:16: PIM: Send v2 Hello on Serial0 19:37:18: PIM: Received v2 Hello on Serial0 from 150.50.100.5 19:37:22: PIM: Received v2 Hello on Serial0 from 150.50.100.2 r6# r6# 19:37:46: PIM: Send v2 Hello on Serial0 19:37:48: PIM: Received v2 Hello on Serial0 from 150.50.100.5 19:37:52: PIM: Received v2 Hello on Serial0 from 150.50.100.2 19:38:16: PIM: Send v2 Hello on Serial0 19:38:18: PIM: Received v2 Hello on Serial0 from 150.50.100.5 19:38:22: PIM: Received v2 Hello on Serial0 from 150.50.100.2 19:38:46: PIM: Send v2 Hello on Serial0 19:38:48: PIM: Received v2 Hello on Serial0 from 150.50.100.5 19:38:52: PIM: Received v2 Hello on Serial0 from 150.50.100.2 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65415&t=65415 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: "Building Graft message" [7:65477]
I beleive it means: no (S.G) entries. - Original Message - From: "John Tafasi" To: "Cisco Group Study" ; "ccielab" Sent: Friday, March 14, 2003 3:28 AM Subject: "Building Graft message" > Hi Group, > > The debug ip pim command on my router shows the router building a graft > message but i could not understand what "no entries" at the end of the > message mean. Can some one tell me what it means? > > Thanks > > John Tafasi > > r6(config-if)#ip igmp join-group 225.22.2.2 > 19:30:16: PIM: Send v2 Hello on Serial0 > 19:30:17: PIM: Building Graft message for 225.22.2.2, Serial0: no entries > r6(config-if)# > r6(config-if)# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65477&t=65477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Unable to delete flash [7:65529]
Hi Group, I have a problem deleting a file from a 4500 series flash memory. The file shows up as been deleted but the available free space indicates that the file has not been deleted yet. I tried to use the squeeze command but it will not work with this file system. Can you guys suggest something. Thanks John Tafasi r1#show fla System flash directory: File Length Name/status 1 10031664 c4500-a3jk8s-mz.122-7b.bin [deleted] 2 3668568 c4500-i-mz.120-25.bin [13700360 bytes used, 3076856 available, 16777216 total] 16384K bytes of processor board System flash (Read/Write) r1#delete flash:c4500-a3jk8s-mz.122-7b.bin Delete filename [c4500-a3jk8s-mz.122-7b.bin]? Delete flash:c4500-a3jk8s-mz.122-7b.bin? [confirm] %Error deleting flash:c4500-a3jk8s-mz.122-7b.bin (No such file or directory) r1# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65529&t=65529 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Documentation CD [7:70490]
Hi Group, I need to buy an updated documentation cd that contains Catalyst 3550 documentations. If any one can sell me one please let me know. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70490&t=70490 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need Urjent help and save my Job.(configuring 2600 routers [7:24495]
which routing protocol are you using? John Tafasi watch your call records on the web at www.freedomstar.com/sh1885969 ""Rishi"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > > I want to know how to configure the routers for load > balancing. > Here is the situation. > I have 3 2610 Routers.One is having two serial > interfaces.What i want is the two serial interfaces of > that router should be connected two another two > router's serial interfaces.After that those two > routers should be connected to two web servers. > When i am going to hit the web server,there i should > hit the servers simultanuasly,that means if i hit the > server first it should go to one server and second > request should hit the second server and so on > > Can any body can give complete configuration commands > for all three routers and which type of cables should > i connect for serial int of routers to another router. > > it is urjent.Any body's help may save my Job. > > Thanks in Advance... > BY > Rishi. > > __ > Do You Yahoo!? > Make a great connection at Yahoo! Personals. > http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24495&t=24495 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCDP [7:24433]
I am using the Cisco CID Exam Certification Guide (cisco press) by Mike Crane. It is better than the Cisco Internetwork Desing from cisco press. The book comes with a test engine on a CD. I hope that will help John Tafasi watch your phone call records on the web at: www.freedomstar.com/sh1885969 wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I'm studing for my CID test I would like suggestions of some good study > material. > > James Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24497&t=24433 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Explorer Queue Depth [7:24806]
Hi Group, The CID exam guide by Cisco press mention somthing about configuring explorer queue depth in a very generic way. Does any body know the configuration details as related to DLSw+? Thanks -- watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24806&t=24806 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
TCP Window size [7:24875]
Hi Group, I have a little but difficut question regarding TCP window size. How can the tcp window size configured on a host affect ip packet fragmentation? What will happen if configure a host with a tcp window size that larger than the ip mtu size? What is the command to configure tcp window size? Thanks John Tafasi -- watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24875&t=24875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TCP Window size [7:24875]
Here is an excerpt of what Mike Crane, author of the Cisco CID Exam Certification Guide from Cisco Press, is saying in his own words in this book, page 538: "Another adjustment is to increase the TCP window size to allow more outstanding requests. This command can also minimize packet fragmentation fragmentation, because larger packets means fewer smaller ones" To me this make sense, because when you decrease the TCP window size you will need more IP packets to carry the TCP Traffic. Here the packet fragmentation occurs due to the TCP window size limit and not due to the IP MTU size limit What you think guys -- watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 | ""Circusnuts"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > John- I believe you've let this term confuse you. What you are seeing with > TCP windowing is how may packets you send before requiring an > acknowledgement. This is better know as the sliding window principle, > because consistent connections allow the window to open more freely (i.e. > larger periods without an ack). When a network hiccup occurs, the window > shuts and eases back open when the connection resumes. > > http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ip.htm#xtocid223631 > 9 > > All the best !!! > Phil > > - Original Message - > From: "John Tafasi" > To: > Sent: Wednesday, October 31, 2001 7:25 PM > Subject: TCP Window size [7:24875] > > > > Hi Group, > > > > I have a little but difficut question regarding TCP window size. How can > the > > tcp window size configured on a host affect ip packet fragmentation? What > > will happen if configure a host with a tcp window size that larger than > the > > ip mtu size? What is the command to configure tcp window size? > > > > Thanks > > > > John Tafasi > > -- > > watch your phone call records on the web at: > > http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24889&t=24875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TCP Window size [7:24875]
Thank you Priscilla. Now thing are quite clear. >From now on I have to look out for authors' mistakes. John Tafasi ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > At 09:44 PM 10/31/01, John Tafasi wrote: > >Here is an excerpt of what Mike Crane, author of the Cisco CID Exam > >Certification > >Guide from Cisco Press, is saying in his own words in this book, page 538: > > > >"Another adjustment is to increase the TCP window size to allow more > >outstanding requests. > > What he means is that one can increase the TCP window size to allow more > outstanding packets that haven't been ACKed. ACKs are overhead. The fewer, > the better. > > >This command can also minimize packet fragmentation > >fragmentation, because larger packets means fewer smaller ones" > > That's where he goes astray. > > > >To me this make sense, because when you decrease the TCP window size you > >will need more IP packets to carry the TCP Traffic. Here the packet > >fragmentation occurs due to the TCP window size limit and not due to the IP > >MTU size limit > > Typical values of the TCP window size are 8,192 bytes and 24,000 bytes, > etc. They are much larger than a single packet size. It would be extremely > bizarre for the window size to be smaller than a single typical IP datagram > size (~1500 bytes). On the other hand, it's not a problem that the window > size is much larger than an IP datagram and it doesn't affect fragmentation. > > The window size is used for flow control. Each side specifies in every > packet how many bytes it is currently able to receive before the other side > should stop and wait for an ACK. As I mentioned, this is usually a large > number, which means the partner sends a few packets without waiting for an > ACK for each one. Each side can have a different window size. PCs usually > have a window size of about 8,192 bytes. I have seen big servers advertise > a window size of 24,000 bytes. > > During the three-way handshake, each side also specifies the maximum > segment (packet) size it is able to receive. Unlike the window size, which > is advertised in every packet, the segment size is added as a TCP option to > the TCP header in a SYN packet. The two sides do not need to agree, but > they usually do. A typical size is 1460 bytes. Add the 20-byte TCP header > and the 20-byte IP header, and you have a typical Ethernet packet. That's a > good thing because otherwise fragmentation would be necessary. > > As an example, if a client says that its segment size is 1460 bytes and its > window size is 8192 bytes, the server on the other end of the connection > will send 5 1460-byte segments and then wait for an ACK. (Well, there's > also the little matter of delayed ACKs and slow start, but ignore those for > now.) > > I wish I had more time to explain it, but any good book on TCP (Comer, > Stevens) explains it correctly. You should also take a look at a TCP > session with a protocol analyzer and it will make sense. > > Unfortunately, the book you are reading does not seem to characterize TCP > correctly. > > Priscilla > > > >What you think guys > > > > > >-- > >watch your phone call records on the web at: > >http://www.freedomstar.com/sh1885969 > > > > > >| > >""Circusnuts"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > John- I believe you've let this term confuse you. What you are seeing > >with > > > TCP windowing is how may packets you send before requiring an > > > acknowledgement. This is better know as the sliding window principle, > > > because consistent connections allow the window to open more freely (i.e. > > > larger periods without an ack). When a network hiccup occurs, the window > > > shuts and eases back open when the connection resumes. > > > > > > > >http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ip.htm#xtocid22363 1 > > > 9 > > > > > > All the best !!! > > > Phil > > > > > > - Original Message - > > > From: "John Tafasi" > > > To: > > > Sent: Wednesday, October 31, 2001 7:25 PM > > > Subject: TCP Window size [7:24875] > > > > > > > > > > Hi Group, > > > > > > > > I have a little but difficut question regarding TCP window size. How > can > > > the > > > > tcp window size configured on a host affect ip packet fragmentation? > >What > > >
CID: AS400 [7:25037]
Hello Group, Just a little question. Is AS400 an IBM mainframe computer? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25037&t=25037 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why can't I ping my own interface address? [7:25040]
This happen often when there is duplicate address. Make sure you do not have a duplicate address. Some times even when you remove the duplicate address, you still need to restart the interface. -- watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 ""Zahid Hassan"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Folks, > > > I am not being able to ping a local interface on a router. > The encapsulation is default and is connected back to back > on a serial interface to the next router. The output of show interface > shows that the interface is up. > > I would appreciate if someone could shed some light into this problem. > > Thanking in advance. > > Zahid Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25042&t=25040 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID: AS400 [7:25037]
I like your sense of humour. Thanks -- watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 ""Charlie Hartwell"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Just a little answer... > > yes > > (but not a very big one) > > --- John Tafasi wrote: > Hello Group, > > > > Just a little question. Is AS400 an IBM mainframe computer? > > > > > > Nokia Game is on again. > Go to http://uk.yahoo.com/nokiagame/ and join the new > all media adventure before November 3rd. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25043&t=25037 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Token Ring and Mainframe computer [7:25166]
Hi Group, Can the IBM mainframe computer be connected directly to the token ring? Thanks John Tafasi ___ watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25166&t=25166 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Token Ring and Mainframe computer [7:25167]
Hi Group, Can the IBM mainframe computer be connected directly to the token ring? Thanks John Tafasi ___ watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25167&t=25167 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Firewalls [7:25757]
Hi Group, I a little confused about osi layers at different types of firewalls work (proxy, packet filters and stateful firewalls). Can any body help with that. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25757&t=25757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Firewalls [7:25777]
Hi Group, I a little confused about osi layers at different types of firewalls work (proxy, packet filters and stateful firewalls). Can any body help with that. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25777&t=25777 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Tie Trunk [7:25886]
Hello, What voice port is needed to connect a PBX in New York to another PBX in San Francisco with tie trunk. Thanks John Tafasi watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=25886&t=25886 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Firewalls [7:25757]
Thank you Kent for the elaborate answer. I realy appreciate it. John ""Kent Hundley"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > John, > > The question is not as simple as it seems. Over the past 3-4 years the > terms "proxy" and "stateful filtering" have been considerably "vendorized" > so that what one vendor or person refers to as a "proxy" may not be exactly > the same as what another vendor or person refers to. Ditto for "stateful > filtering". > > The easy one first. Packet filtering, sometimes called non-stateful > filtering, works up through layer 4. You can filter on IP address, TCP or > UDP port numbers and some limited TCP flags. (such as the SYN or ACK bit) > If a filter can do more than this, its probably a stateful filter. > > The idea behind a proxy server is that a proxy server acts as a server to a > trusted client and as a client to an untrusted server. In transparent mode, > both the trusted client and the untrusted server believe they are talking to > each other and are unaware that there is a 3rd party, the proxy, involved. > In non-transparent mode, at least the client is aware of the proxy although > the server may not be. Some applications can be proxied transparently, other > can be but require additional software, some are very difficult to proxy > transparently. > > Since proxies must support the actual application used, it works through all > 7 layers. The basic idea is that since the proxy actually terminates the > connection on both the client side and the server side, it can inspect and > reject any portion of the application that does not conform to certain rules > defined by the site implementing the proxy. > > While this works well in theory, in reality a true proxy can be problematic > and may not be any more secure than other methods such as SPF. (more on this > in a minute) > > Stateful filtering generally implies inspecting a packet at least up through > layer 4, but not necessarily beyond that. Strictly speaking, a SPF must be > aware of the way an app uses ports, but its arguable whether this is layer 7 > awareness. For example, an SPF must understand that FTP opens a > back-channel connection. Some SPF's examine the FTP PORT command to see > which port the reverse connection should originate from. This could be > called layer 7 since you must look at the actual FTP commands. In general, > the layer at which the SPF operates depends on the application used and the > vendors implementation. For common apps, an SPF implementation may have > limited functionality at layer 7, but for uncommon apps it is probably > functioning more at layer 4 and just maintaining "state". (IP src/dst, TCP > src/dst, etc) > > It is generally believed that a true proxy is more secure than SPF. The > idea being that a proxy is "forced" to look at all 7 layers. This is not > exactly true. A proxy must terminate an application, but if an app is not > well known, it is typical for the proxy to use a "plug gateway" and simply > take the data from the server and give it to the client and vice versa. > Even for well-known apps, it is difficult to determine what may or may not > be "dangerous" content and typically a proxy will just block application > commands that are erroneous or malformed although more options may be > available for well-known apps. Additionally, there is no technical reason > why a SPF cannot look at the data portion of a packet, in fact most SPF > implementations look at the data portion of some well-known apps and allow > limited filtering. (i.e blocking FTP get or put requests) > > On top of all this, some SPF implementations have limited true proxy abilty > (i.e. Checkpoint) and some proxy implementations have some SPF ability (i.e. > Gauntlet). > > That's a bit of a long-winded answer, but the skinny of all this would be: > > packet filter - layer 4 > SPF - layer 4-7 depending on app > proxy - layer 7 (but may not _examine_ layer 7 info depending on app, so may > really be only looking at layer 4 info) > > HTH, > Kent > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > John Tafasi > Sent: Saturday, November 10, 2001 8:50 PM > To: [EMAIL PROTECTED] > Subject: CID: Firewalls [7:25757] > > > Hi Group, > > I a little confused about osi layers at different types of firewalls work > (proxy, packet filters and stateful firewalls). Can any body help with that. > > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26018&t=25757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Private phone numbering [7:26021]
Hello Group, When designing an enterprise voice network, is it normal practice to give phone devices private phone numbers that have to be translated to a valid phone number when calling another external phone number, that is to say, similar to IP NAT translation? Does any body know about a good reference that could explain this design issue? Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26021&t=26021 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID: Dial Plans [7:26027]
Are dial plans configured on the PBX or the router? Thanks John Tafasi watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26027&t=26027 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Advice [7:26053]
I have CCNP and will finish CCDP in two weeks. I advice you to go with cisco press books since they are based on the actual course. John Tafasi watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 ""Mitchell Hershkowitz"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I just passed my CCNA exam and now plan to study for my CCNP certification. > I used Sybex/Lammle to study for CCNA and found it to be an easy read. Can > anyone recommend his CCNP books or should I go with Cisco Press? Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26058&t=26053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Private phone numbering [7:26021]
So extension part of a phone numer does not come from telco, is that corect? Thanks John Tafasi ""VoIP Guy"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > DID is the "public address" of voice, but you may still need to map over DID > numbers to your internal extensions. Otherwise you need an auto-attendant > that asks you to enter the extension of the person you are trying to reach, > which could be considered the NAT of voice, since you need a box to route > your call to the proper person. > > > ""John Tafasi"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hello Group, > > > > > > When designing an enterprise voice network, is it normal practice to give > > phone devices private phone numbers that have to be translated to a valid > > phone number when calling another external phone number, that is to say, > > similar to IP NAT translation? Does any body know about a good reference > > that could explain this design issue? > > > > > > > > Thanks > > > > John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26198&t=26021 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame Relay CIR [7:26199]
Does it affect IPX tick? Does it affect OSPF cost? (assuming subinterfaces are used) Thanks John Tafasi watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26199&t=26199 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sell me your Cisco Secure CD [7:55770]
Hi, does any body here want to sell me his Cisco Secure for windows nt? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55770&t=55770 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Clearing access lists counters [7:57241]
Can some one tell me how to clear access-list counters? I tried to use the command "clear access-list counters" but it did not work. Please see the output of the show command below. R5-2503#show access-lis abc Extended IP access list abc Dynamic test permit ip any any permit ip any any (158 matches) permit tcp any host 10.10.110.3 eq telnet R5-2503# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57241&t=57241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Clearing access lists counters [7:57241]
I tried this also and it did not work. He is what I did: R5-2503#clear ip access-list count R5-2503#show access-lists abc Extended IP access list abc Dynamic test permit ip any any permit ip host 10.10.110.16 any (38 matches) (time left 134) permit tcp any host 10.10.110.3 eq telnet R5-2503# ""Tim Metz"" wrote in message news:200211120457.EAA20795@;groupstudy.com... > although that should have worked, try clear ip access-list counter as > well I just tested this on a 3662 and both commands worked (IOS 12.1) > > Tim > > ""John Tafasi"" wrote in message > news:20022125.VAA01591@;groupstudy.com... > > Can some one tell me how to clear access-list counters? I tried to use the > > command "clear access-list counters" but it did not work. Please see the > > output of the show command below. > > > > R5-2503#show access-lis abc > > Extended IP access list abc > > Dynamic test permit ip any any > > permit ip any any (158 matches) > > permit tcp any host 10.10.110.3 eq telnet > > R5-2503# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57325&t=57241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
full duplex or half duplex, how can you tell [7:57431]
Hi, I have a cisco 2516 router with an ethernet interface. How can I find out if this inteface is full duplex or half duplex? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57431&t=57431 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Virtual Console ISDN Simulator [7:57641]
Hi Group, I have a "Virual Console" ISDN simulator. It crashes when I send extended ping traffic through it, and I have to reboot it again. Has any one been through the same experience? Do I need to upgrade the firmware? Any Advice is appreciated. Thanks John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57641&t=57641 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN PRI and CCIE lab [7:57868]
Hi Folks, I have noticed that none of the online rack offers scenarios for ISDN PRI configuration. Does that mean this is not on the CCIE lab? I mean the current topologies that services such as Ipexpert offers does not give meaningful topology for practicing rotary group or dialer profiles. In my opinion a typical topology that justifies configuration of rotary groups or dialer profiles is that of central site with at least tow bri interfaces and at least tow remote sites with a bri interface each. Any comments or advice will be appreciated. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57868&t=57868 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Home Lab Materials and Equipments [7:57810]
You will be tested on Catalyst 3550 not 5000. ""Godswill HO"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi group, > > I want to get it right the first time. I intend > setting up my CCIE lab at home. I will appreciate if > someone that have taken the lab or preparing for it, > tell me what Switches, Routers, materials I need to > buy. > > Also information about the various needed blades on > the switches is important, cables, cards, modules, > etc. > > I currently have a cable connection and also a dialup > connection from home to the internet, are these enough > or do I need to get a second cable connection? > > I curently have the following books: > 1. CCIE Fundametals Network Design and Case Studies > 2nd Edition by Cisco Press. > > 2. Routing TCP/IP, volume 1 by Cisco Press (Jeff > Doyle) > > also > 1. Cisco router 1601 > 2. Cisco router 2502 > 3. cisco router 3000 > > I intend buying Cisco Catalyst Switch 5000 within a > few days, but I need your assistance. > > > Please I will appreciate an answer for my big brothers > & sisters CCIEs and those who are currently working > towards it. > > Thanks in advance. > Godswill Oletu > CCNP, CCDP, CSS1. > > __ > Do you Yahoo!? > Yahoo! Web Hosting - Let the expert host your site > http://webhosting.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57874&t=57810 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ppp multilink problem [7:57918]
Hi Group, As the ouput of the show dialer command shows it, my ISDN router r2 has successfully established an ISDN connection to r5 and the ppp multilink is working fine. The problem is that i am receiving a cryptic console message every few seconds and it looks like an error message. Can some one tell me what that is ? Thanks r2-2516#show dial BRI0 - dialer type = ISDN Rotary group 1, priority = 0 0 incoming call(s) have been screened. 0 incoming call(s) rejected for callback. BRI0:1 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is multilink member Dial reason: ip (s=12.0.0.2, d=10.10.10.2) Connected to 8358664 (r5) BRI0:2 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is multilink member Connected to 8358664 (r5) Dialer1 - dialer type = IN-BAND SYNC NO-PARITY Load threshold for dialing additional calls is 70 Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dial String Successes FailuresLast called Last status 8358664 2 000:04:54 successful r2-2516# Mar 1 00:30:04.099: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:30:34.107: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:31:04.219: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:31:34.239: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:32:04.343: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:32:34.371: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57918&t=57918 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ppp multilink problem [7:57919]
Hi Group, As the output of the show dialer command shows it, my ISDN router r2 has successfully established an ISDN connection to r5 and the ppp multilink is working fine. The problem is that i am receiving a cryptic console message every few seconds and it looks like an error message. Can some one tell me what that is ? Thanks r2-2516#show dial BRI0 - dialer type = ISDN Rotary group 1, priority = 0 0 incoming call(s) have been screened. 0 incoming call(s) rejected for callback. BRI0:1 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is multilink member Dial reason: ip (s=12.0.0.2, d=10.10.10.2) Connected to 8358664 (r5) BRI0:2 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is multilink member Connected to 8358664 (r5) Dialer1 - dialer type = IN-BAND SYNC NO-PARITY Load threshold for dialing additional calls is 70 Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dial String Successes FailuresLast called Last status 8358664 2 000:04:54 successful r2-2516# Mar 1 00:30:04.099: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:30:34.107: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:31:04.219: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:31:34.239: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:32:04.343: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Mar 1 00:32:34.371: %LINK-2-INTVULN: In critical region with interrupt level=0, intfc=Virtual-Access1 -Process= "Multilink PPP out", ipl= 0, pid= 48 -Traceback= 1560E8 2B4FBC 2B5596 159E0A 2AD488 r2-2516# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57919&t=57919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Programming Language for Network Engingeers. [7:58032]
What programming languages a network engineer MIGHT need to perform his job? What do network engineers or adminiastrators do with a programming language? please elaborate I am looking to learn a couple of programming language that I may need on the job and I need you advice. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58032&t=58032 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Programming Language for Network Engingeers. [7:58032]
This a nice answer, but do you know any book that specifically deal with programming for network engineers? - Original Message - From: "Moffett, Ryan" To: "'John Tafasi'" ; Sent: Monday, November 25, 2002 10:20 AM Subject: RE: Programming Language for Network Engingeers. [7:58032] > Perl - Use it to do many things like parsing log files, parsing and even > generating config files. Too many uses to list. Once you learn what perl > is and what it can do, you WILL find uses for it. > > Expect - Use it to script things that otherwise would only be able to occur > interactively with network devices, such as Telnet to a router, log on, dump > the config to a tftp server. Or, create an expect script to log on to a > router, copy tftp image to flash and reload, then set this to run via a cron > job for an unattended router upgrade (yes, that is risky but some people can > get away with it :-). > > If you run both on unix/linux, learn bash or whatever shell you plan on > using because you will find many useful functions built into the shell. > > It isn't unrealistic to setup a generic unix/linux system with Perl, Expect > and a TFTP server to to manage all of your device configs, images and > logfiles. > > -Original Message- > From: John Tafasi [mailto:[EMAIL PROTECTED]] > Sent: Monday, November 25, 2002 10:28 AM > To: [EMAIL PROTECTED] > Subject: Programming Language for Network Engingeers. [7:58032] > > > What programming languages a network engineer MIGHT need to perform his job? > > What do network engineers or adminiastrators do with a programming language? > please elaborate > > I am looking to learn a couple of programming language that I may need on > the job and I need you advice. > > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58043&t=58032 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN Dialer Profiles strange behavior [7:58086]
I have noticed that you have to configure encapsulation on both physical and dialer interface when configuring dialer profiles. Did any body notice that? The following configuration on r2 would only work when I add "encapsulation PPP" to bri0 configuration, something that is not needed when configuring rotary groups interface BRI0 no ip address no ip directed-broadcast dialer pool-member 1 isdn spid1 0835866101 isdn spid2 0835866301 ! interface Dialer1 ip address 10.10.10.1 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer remote-name r5 dialer string 8358662 dialer pool 1 dialer-group 1 ppp chap hostname r2 ! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58086&t=58086 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ntp packets modes [7:58359]
the debug ntp packets command shows packets sent and received with different modes. What are these modes? can some one explain? R5-2503# Mar 6 02:42:08.879: NTP: rcv packet from 10.10.10.1 to 10.10.10.2 on BRI0: Mar 6 02:42:08.883: leap 0, mode 2, version 3, stratum 8, ppoll 64 Mar 6 02:42:08.887: rtdel (0.000), rtdsp 0009 (0.137), refid 7F7F0701 (12 7.127.7.1) Mar 6 02:42:08.891: ref AF428DF1.DDC96254 (02:41:53.866 UTC Sat Mar 6 1993) Mar 6 02:42:08.891: org AF428DCF.F7F245A8 (02:41:19.968 UTC Sat Mar 6 1993) Mar 6 02:42:08.895: rec AF428DCF.FC06E685 (02:41:19.984 UTC Sat Mar 6 1993) Mar 6 02:42:08.899: xmt AF428E00.DDC524C4 (02:42:08.866 UTC Sat Mar 6 1993) Mar 6 02:42:08.903: inp AF428E00.E1C1EE1B (02:42:08.881 UTC Sat Mar 6 1993) R5-2503# Mar 6 02:42:23.966: NTP: xmit packet to 10.10.10.1: Mar 6 02:42:23.970: leap 0, mode 1, version 3, stratum 8, ppoll 1024 Mar 6 02:42:23.970: rtdel (0.000), rtdsp 000B (0.168), refid 7F7F0701 (12 7.127.7.1) Mar 6 02:42:23.974: ref AF428DEF.F7D4D2C0 (02:41:51.968 UTC Sat Mar 6 1993) Mar 6 02:42:23.978: org AF428E00.DDC524C4 (02:42:08.866 UTC Sat Mar 6 1993) Mar 6 02:42:23.982: rec AF428E00.E1C1EE1B (02:42:08.881 UTC Sat Mar 6 1993) Mar 6 02:42:23.986: xmt AF428E0F.F7B05F8D (02:42:23.967 UTC Sat Mar 6 1993) R5-2503# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58359&t=58359 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ntp stateless packet [7:58446]
Hi group, Below is the output of debug ntp packets on my router. It show that the router is sending ntp stateless packets. Why is that? What it means? When will the router send stateless packet? Dec 2 22:43:12.909: NTP: rcv packet from 10.10.10.2: Dec 2 22:43:12.909: leap 0, mode 3, version 3, stratum 9, ppoll 64 Dec 2 22:43:12.913: rtdel 08B1 (33.951), rtdsp 0077 (1.816), refid 0A0A0A01 (10.10.10.1) Dec 2 22:43:12.913: ref C1966040.F259C10C (22:42:08.946 UTC Mon Dec 2 2002) Dec 2 22:43:12.917: org C1966049.0FCC1B7E (22:42:17.061 UTC Mon Dec 2 2002) Dec 2 22:43:12.921: rec C1966049.13E7D9BE (22:42:17.077 UTC Mon Dec 2 2002) Dec 2 22:43:12.921: xmt C1966080.E4581349 (22:43:12.891 UTC Mon Dec 2 2002) Dec 2 22:43:12.925: inp C1966080.E8FD727C (22:43:12.910 UTC Mon Dec 2 2002) Dec 2 22:43:12.929: NTP: stateless xmit packet to 10.10.10.2: Dec 2 22:43:12.933: leap 0, mode 4, version 3, stratum 8, ppoll 64 Dec 2 22:43:12.933: rtdel (0.000), rtdsp 0002 (0.031), refid 7F7F0701 (127.127.7.1) Dec 2 22:43:12.937: ref C196607F.0FC1FFAC (22:43:11.061 UTC Mon Dec 2 2002) Dec 2 22:43:12.937: org C1966080.E4581349 (22:43:12.891 UTC Mon Dec 2 2002) Dec 2 22:43:12.941: rec C1966080.E8FD727C (22:43:12.910 UTC Mon Dec 2 2002) Dec 2 22:43:12.945: xmt C1966080.EE2232A6 (22:43:12.930 UTC Mon Dec 2 2002) r2-2516#show debug NTP: Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58446&t=58446 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dialer profiles and broadcast [7:58500]
I am using dialer profiles on r2 below and wants protocol broadcast such as rip to be sent out accross the isdn link to r5. I tried to find the command that allows me to configure broadcast but dialer interfaces do not accept the dialer map command. Does any body of you know? hostname r2 ! interface BRI0 no ip address no ip directed-broadcast encapsulation ppp dialer pool-member 1 isdn spid1 0835866101 isdn spid2 0835866301 ! interface Dialer1 ip address 10.10.10.1 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer remote-name r5 dialer string 8358662 dialer pool 1 dialer-group 1 pulse-time 0 ppp chap hostname r2 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58500&t=58500 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NTP: Synchronization problem [7:58515]
Hi group, I have r2 (ntp server) and r5 (ntp client) exchnaging (or supposed to) ntp information accross an isdn link. r2 is configured to broadcast ntp packets via its bri0 interface and is doing so sucessfully. r5 is receiving the ntp packets but the "debug ntp packets" on r5 does not produce any output. I can see the packets arriving at r5 from the output of the "debug ip packet" on r5. r5 stil not synchronized. what is the problem?How ntp broadcast should be configured for this to be successfull? Has any one tried this on an ethernet segment? I have a feeling that ntp broadcast will not work on an isdn link I have included the following snippet from both routers' configuration. Also bear in mind that I am connected to both routers through the console. Thank you for any comment hostname r2-2516 ! interface BRI0 no ip address no ip directed-broadcast encapsulation ppp dialer pool-member 1 isdn spid1 0835866101 isdn spid2 0835866301 ! interface Dialer1 ip address 10.10.10.1 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer remote-name r5 dialer idle-timeout 2147483 dialer string 8358662 dialer pool 1 dialer-group 1 ntp broadcast pulse-time 0 ppp chap hostname r2 ! ! ntp clock-period 17179826 ntp master end r2-2516#show ntp status Clock is synchronized, stratum 8, reference is 127.127.7.1 nominal freq is 250. Hz, actual freq is 250.0006 Hz, precision is 2**19 reference time is C197833E.E008EAFC (19:23:42.875 UTC Tue Dec 3 2002) clock offset is 0. msec, root delay is 0.00 msec root dispersion is 0.02 msec, peer dispersion is 0.02 msec r2-2516#show ntp associations address ref clock st when poll reach delay offset disp *~127.127.7.1 127.127.7.1 75564 377 0.00.00 0.0 * master (synced), # master (unsynced), + selected, - candidate, ~ configured r2-2516# == hostname R5-2503 ! interface BRI0 ip address 10.10.10.2 255.255.255.0 encapsulation ppp dialer idle-timeout 2147483 dialer map ip 10.10.10.1 name r2 broadcast 8358661 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 ppp authentication chap ppp chap hostname r5 ppp multilink ! ntp clock-period 17179601 end R5-2503#show ntp stat Clock is unsynchronized, stratum 16, no reference clock nominal freq is 250. Hz, actual freq is 250.0039 Hz, precision is 2**19 reference time is AF3BF1EE.0D8B939B (02:22:38.052 UTC Mon Mar 1 1993) clock offset is 0. msec, root delay is 0.00 msec root dispersion is 0.02 msec, peer dispersion is 0.02 msec R5-2503# R5-2503#show ntp associ address ref clock st when poll reach delay offset disp * master (synced), # master (unsynced), + selected, - candidate, ~ configured R5-2503# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58515&t=58515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Synchronization problem [7:58515]
I am expecting that r5 will synchronize to the broadcast heared from r2. That is why I did not configure the command "ntp server". ""rcblock"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Looks like you are missing "ntp server ip address" global config command on > r5. That's why there are not any associations on r5. > > > ""John Tafasi"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi group, > > > > I have r2 (ntp server) and r5 (ntp client) exchnaging (or supposed to) ntp > > information accross an isdn link. r2 is configured to broadcast ntp packets > > via its bri0 interface and is doing so sucessfully. r5 is receiving the ntp > > packets but the "debug ntp packets" on r5 does not produce any output. I > can > > see the packets arriving at r5 from the output of the "debug ip packet" on > > r5. r5 stil not synchronized. what is the problem?How ntp broadcast should > > be configured for this to be successfull? Has any one tried this on an > > ethernet segment? I have a feeling that ntp broadcast will not work on an > > isdn link > > > > I have included the following snippet from both routers' configuration. > Also > > bear in mind that I am connected to both routers through the console. Thank > > you for any comment > > > > hostname r2-2516 > > ! > > interface BRI0 > > no ip address > > no ip directed-broadcast > > encapsulation ppp > > dialer pool-member 1 > > isdn spid1 0835866101 > > isdn spid2 0835866301 > > ! > > interface Dialer1 > > ip address 10.10.10.1 255.255.255.0 > > no ip directed-broadcast > > encapsulation ppp > > dialer remote-name r5 > > dialer idle-timeout 2147483 > > dialer string 8358662 > > dialer pool 1 > > dialer-group 1 > > ntp broadcast > > pulse-time 0 > > ppp chap hostname r2 > > ! > > ! > > ntp clock-period 17179826 > > ntp master > > end > > > > r2-2516#show ntp status > > Clock is synchronized, stratum 8, reference is 127.127.7.1 > > nominal freq is 250. Hz, actual freq is 250.0006 Hz, precision is 2**19 > > reference time is C197833E.E008EAFC (19:23:42.875 UTC Tue Dec 3 2002) > > clock offset is 0. msec, root delay is 0.00 msec > > root dispersion is 0.02 msec, peer dispersion is 0.02 msec > > > > r2-2516#show ntp associations > > > > address ref clock st when poll reach delay offset > > disp > > *~127.127.7.1 127.127.7.1 75564 377 0.00.00 > > 0.0 > > * master (synced), # master (unsynced), + selected, - candidate, ~ > > configured > > r2-2516# > > > > == > > > > hostname R5-2503 > > ! > > interface BRI0 > > ip address 10.10.10.2 255.255.255.0 > > encapsulation ppp > > dialer idle-timeout 2147483 > > dialer map ip 10.10.10.1 name r2 broadcast 8358661 > > dialer-group 1 > > isdn switch-type basic-ni > > isdn spid1 0835866201 > > isdn spid2 0835866401 > > cdapi buffers regular 0 > > cdapi buffers raw 0 > > cdapi buffers large 0 > > ppp authentication chap > > ppp chap hostname r5 > > ppp multilink > > ! > > ntp clock-period 17179601 > > end > > > > R5-2503#show ntp stat > > Clock is unsynchronized, stratum 16, no reference clock > > nominal freq is 250. Hz, actual freq is 250.0039 Hz, precision is 2**19 > > reference time is AF3BF1EE.0D8B939B (02:22:38.052 UTC Mon Mar 1 1993) > > clock offset is 0. msec, root delay is 0.00 msec > > root dispersion is 0.02 msec, peer dispersion is 0.02 msec > > R5-2503# > > > > R5-2503#show ntp associ > > > > address ref clock st when poll reach delay offset > > disp > > * master (synced), # master (unsynced), + selected, - candidate, ~ > > configured > > R5-2503# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58522&t=58515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Synchronization problem [7:58515]
I just need to add something to what i said below; once you configure clients with the ip address of the ntp server, the server does not need to broadcast ""John Tafasi"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am expecting that r5 will synchronize to the broadcast heared from r2. > That is why I did not configure the command "ntp server". > > ""rcblock"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Looks like you are missing "ntp server ip address" global config command > on > > r5. That's why there are not any associations on r5. > > > > > > ""John Tafasi"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hi group, > > > > > > I have r2 (ntp server) and r5 (ntp client) exchnaging (or supposed to) > ntp > > > information accross an isdn link. r2 is configured to broadcast ntp > packets > > > via its bri0 interface and is doing so sucessfully. r5 is receiving the > ntp > > > packets but the "debug ntp packets" on r5 does not produce any output. I > > can > > > see the packets arriving at r5 from the output of the "debug ip packet" > on > > > r5. r5 stil not synchronized. what is the problem?How ntp broadcast > should > > > be configured for this to be successfull? Has any one tried this on an > > > ethernet segment? I have a feeling that ntp broadcast will not work on > an > > > isdn link > > > > > > I have included the following snippet from both routers' configuration. > > Also > > > bear in mind that I am connected to both routers through the console. > Thank > > > you for any comment > > > > > > hostname r2-2516 > > > ! > > > interface BRI0 > > > no ip address > > > no ip directed-broadcast > > > encapsulation ppp > > > dialer pool-member 1 > > > isdn spid1 0835866101 > > > isdn spid2 0835866301 > > > ! > > > interface Dialer1 > > > ip address 10.10.10.1 255.255.255.0 > > > no ip directed-broadcast > > > encapsulation ppp > > > dialer remote-name r5 > > > dialer idle-timeout 2147483 > > > dialer string 8358662 > > > dialer pool 1 > > > dialer-group 1 > > > ntp broadcast > > > pulse-time 0 > > > ppp chap hostname r2 > > > ! > > > ! > > > ntp clock-period 17179826 > > > ntp master > > > end > > > > > > r2-2516#show ntp status > > > Clock is synchronized, stratum 8, reference is 127.127.7.1 > > > nominal freq is 250. Hz, actual freq is 250.0006 Hz, precision is > 2**19 > > > reference time is C197833E.E008EAFC (19:23:42.875 UTC Tue Dec 3 2002) > > > clock offset is 0. msec, root delay is 0.00 msec > > > root dispersion is 0.02 msec, peer dispersion is 0.02 msec > > > > > > r2-2516#show ntp associations > > > > > > address ref clock st when poll reach delay offset > > > disp > > > *~127.127.7.1 127.127.7.1 75564 377 0.0 0.00 > > > 0.0 > > > * master (synced), # master (unsynced), + selected, - candidate, ~ > > > configured > > > r2-2516# > > > > > > == > > > > > > hostname R5-2503 > > > ! > > > interface BRI0 > > > ip address 10.10.10.2 255.255.255.0 > > > encapsulation ppp > > > dialer idle-timeout 2147483 > > > dialer map ip 10.10.10.1 name r2 broadcast 8358661 > > > dialer-group 1 > > > isdn switch-type basic-ni > > > isdn spid1 0835866201 > > > isdn spid2 0835866401 > > > cdapi buffers regular 0 > > > cdapi buffers raw 0 > > > cdapi buffers large 0 > > > ppp authentication chap > > > ppp chap hostname r5 > > > ppp multilink > > > ! > > > ntp clock-period 17179601 > > > end > > > > > > R5-2503#show ntp stat > > > Clock is unsynchronized, stratum 16, no reference clock > > > nominal freq is 250. Hz, actual freq is 250.0039 Hz, precision is > 2**19 > > > reference time is AF3BF1EE.0D8B939B (02:22:38.052 UTC Mon Mar 1 1993) > > > clock offset is 0. msec, root delay is 0.00 msec > > > root dispersion is 0.02 msec, peer dispersion is 0.02 msec > > > R5-2503# > > > > > > R5-2503#show ntp associ > > > > > > address ref clock st when poll reach delay offset > > > disp > > > * master (synced), # master (unsynced), + selected, - candidate, ~ > > > configured > > > R5-2503# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58523&t=58515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
problem with reflexive access list [7:59211]
Hello, I have a problem telneting from r5 to r2 when reflexive ip access list is configured. Without the reflexive access list, the telnet will work fine. The two routers are directly connect via their ethernet 0 interfaces. Could some one find out what is wrong with my configuration. Both routers are using their ethernet ip addresses for source and destination of the telnet traffic. hostname r5 ! ip reflexive-list timeout 1000 ! ip access-list extended inboundfilter permit igrp any any evaluate tcptraffic ip access-list extended outboundfilter permit tcp any any reflect tcptraffic timeout 5000 ! interface Ethernet0 ip address 10.10.110.3 255.255.255.0 ip access-group inboundfilter in ip access-group outboundfiler out ntp disable hostname r2 ! interface Ethernet0 ip address 10.10.110.16 255.255.255.0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59211&t=59211 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: problem with reflexive access list [7:59214]
I tried that too and it did not work. - Original Message - From: "Brian Dennis" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Friday, December 13, 2002 11:56 PM Subject: RE: problem with reflexive access list > John, > By default packets sourced by the router will not be affected by an > outbound ACL. Since the outbound ACL does not "see" the telnet traffic > sourced by the router, the router does not add an entry to the inbound > ACL to allow the traffic to return. Try telneting from behind R5. > > Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security) > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > John Tafasi > Sent: Friday, December 13, 2002 4:32 PM > To: Cisco Group Study; ccielab > Subject: problem with reflexive access list > > Hello, > > I have a problem telneting from r5 to r2 when reflexive ip access list > is > configured. Without the reflexive access list, the telnet will work > fine. > The two routers are directly connect via their ethernet 0 interfaces. > Could > some one find out what is wrong with my configuration. Both routers are > using their ethernet ip addresses for source and destination of the > telnet > traffic. > > > hostname r5 > ! > ip reflexive-list timeout 1000 > ! > ip access-list extended inboundfilter > permit igrp any any > evaluate tcptraffic > ip access-list extended outboundfilter > permit tcp any any reflect tcptraffic timeout 5000 > ! > interface Ethernet0 > ip address 10.10.110.3 255.255.255.0 > ip access-group inboundfilter in > ip access-group outboundfiler out > ntp disable > > > > hostname r2 > ! > interface Ethernet0 > ip address 10.10.110.16 255.255.255.0 > . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59214&t=59214 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: problem with reflexive access list [7:59232]
Thank you Brian that was why it did not work. Now it is working . - Original Message - From: "Brian Dennis" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Saturday, December 14, 2002 12:35 PM Subject: RE: problem with reflexive access list > You also misspelled "outboundfilter" when you applied it to Ethernet 0. > > Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security) > > -Original Message- > From: John Tafasi [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 11:43 PM > To: Brian Dennis; 'Cisco Group Study'; 'ccielab' > Subject: Re: problem with reflexive access list > > I tried that too and it did not work. > - Original Message - > From: "Brian Dennis" > To: "'John Tafasi'" ; "'Cisco Group Study'" > ; "'ccielab'" > Sent: Friday, December 13, 2002 11:56 PM > Subject: RE: problem with reflexive access list > > > > John, > > By default packets sourced by the router will not be affected by an > > outbound ACL. Since the outbound ACL does not "see" the telnet traffic > > sourced by the router, the router does not add an entry to the inbound > > ACL to allow the traffic to return. Try telneting from behind R5. > > > > Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security) > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of > > John Tafasi > > Sent: Friday, December 13, 2002 4:32 PM > > To: Cisco Group Study; ccielab > > Subject: problem with reflexive access list > > > > Hello, > > > > I have a problem telneting from r5 to r2 when reflexive ip access list > > is > > configured. Without the reflexive access list, the telnet will work > > fine. > > The two routers are directly connect via their ethernet 0 interfaces. > > Could > > some one find out what is wrong with my configuration. Both routers > are > > using their ethernet ip addresses for source and destination of the > > telnet > > traffic. > > > > > > hostname r5 > > ! > > ip reflexive-list timeout 1000 > > ! > > ip access-list extended inboundfilter > > permit igrp any any > > evaluate tcptraffic > > ip access-list extended outboundfilter > > permit tcp any any reflect tcptraffic timeout 5000 > > ! > > interface Ethernet0 > > ip address 10.10.110.3 255.255.255.0 > > ip access-group inboundfilter in > > ip access-group outboundfiler out > > ntp disable > > > > > > > > hostname r2 > > ! > > interface Ethernet0 > > ip address 10.10.110.16 255.255.255.0 > > . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59232&t=59232 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BR0:1 DDR: No callback negotiated [7:59277]
I have two isdn routers r2 (callback client) and r5 (callback server). without callback configuration r2 will connect to r5 successfully. With the callback configuration added, r5 will disconnect the call and will not callback r2. Can some one figure out what is wrong with my configuration? I have included configuration of both routers and the result of debug dialer on r5. It seems to me that r2 is not negotiating callback. R5-2503#show debug Dial on demand: Dial on demand events debugging is on R5-2503# 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up R5-2503# Mar 3 11:05:34.703: BR0:1 DDR: No callback negotiated Mar 3 11:05:34.703: BR0:1 DDR: disconnecting call 2d11h: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 8358661 r2, call lasted 2 seconds 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down R5-2503# Mar 3 11:05:34.851: BR0:1 DDR: disconnecting call R5-2503# 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up R5-2503# Mar 3 11:05:40.179: BR0:1 DDR: No callback negotiated Mar 3 11:05:40.179: BR0:1 DDR: disconnecting call 2d11h: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 8358661 r2, call lasted 4 seconds 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down R5-2503# Mar 3 11:05:40.331: BR0:1 DDR: disconnecting call R5-2503#show run hostname r5-2503 ! interface BRI0 ip address 10.10.10.2 255.255.255.0 ip access-group 101 in encapsulation ppp dialer callback-secure dialer map ip 10.10.10.1 name r2 class eng broadcast 8358661 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 ppp callback accept ppp authentication chap ppp chap hostname r5 ppp multilink ! ! map-class dialer eng dialer callback-server username - hostname r2-2516 ! interface Dialer1 ip address 10.10.10.1 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer remote-name r5 dialer string 8358662 dialer pool 1 dialer-group 1 ntp broadcast pulse-time 0 ppp callback request ppp chap hostname r2 ! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59277&t=59277 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BR0:1 DDR: No callback negotiated [7:59300]
Yes, and the ping work fine when there is no callback configuration on the routers. - Original Message - From: "Tony Schaffran" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Monday, December 16, 2002 7:24 AM Subject: RE: BR0:1 DDR: No callback negotiated > Do you have "username" configured? > > > Tony Schaffran > Network Analyst > CCNP, CCNA, CCDA, > NNCDS, NNCSS, CNE, MCSE > > CCOnlineLabs.com > http://www.cconlinelabs.com > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > John Tafasi > Sent: Monday, December 16, 2002 1:32 AM > To: Cisco Group Study; ccielab > Subject: BR0:1 DDR: No callback negotiated > > I have two isdn routers r2 (callback client) and r5 (callback server). > without callback configuration r2 will connect to r5 successfully. With > the > callback configuration added, r5 will disconnect the call and will not > callback r2. Can some one figure out what is wrong with my > configuration? I > have included configuration of both routers and the result of debug > dialer > on r5. It seems to me that r2 is not negotiating callback. > > R5-2503#show debug > Dial on demand: > Dial on demand events debugging is on > R5-2503# > 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up > R5-2503# > Mar 3 11:05:34.703: BR0:1 DDR: No callback negotiated > Mar 3 11:05:34.703: BR0:1 DDR: disconnecting call > 2d11h: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 8358661 > r2, > call lasted 2 seconds > 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down > R5-2503# > Mar 3 11:05:34.851: BR0:1 DDR: disconnecting call > R5-2503# > 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up > R5-2503# > Mar 3 11:05:40.179: BR0:1 DDR: No callback negotiated > Mar 3 11:05:40.179: BR0:1 DDR: disconnecting call > 2d11h: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 8358661 > r2, > call lasted 4 seconds > 2d11h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down > R5-2503# > Mar 3 11:05:40.331: BR0:1 DDR: disconnecting call > > > R5-2503#show run > > hostname r5-2503 > ! > interface BRI0 > ip address 10.10.10.2 255.255.255.0 > ip access-group 101 in > encapsulation ppp > dialer callback-secure > dialer map ip 10.10.10.1 name r2 class eng broadcast 8358661 > dialer-group 1 > isdn switch-type basic-ni > isdn spid1 0835866201 > isdn spid2 0835866401 > cdapi buffers regular 0 > cdapi buffers raw 0 > cdapi buffers large 0 > ppp callback accept > ppp authentication chap > ppp chap hostname r5 > ppp multilink > ! > ! > map-class dialer eng > dialer callback-server username > - > > hostname r2-2516 > ! > interface Dialer1 > ip address 10.10.10.1 255.255.255.0 > no ip directed-broadcast > encapsulation ppp > dialer remote-name r5 > dialer string 8358662 > dialer pool 1 > dialer-group 1 > ntp broadcast > pulse-time 0 > ppp callback request > ppp chap hostname r2 > ! > . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59300&t=59300 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Isdn callback problem [7:59444]
Hi group, I have r2 which is configured to request callback from r5. The problem is that r2 does not wait for r5 to callback and will repeat the calling r5 and request callback. However r5 will eventually succeed and callback r2. My question is how can you prevent r2 from repeating the call to r5? I have pasted below the configuration for both routers and the output of "debug isdn q931" and "debug ppp authentication" on r2. r2#show run ! version 11.3 ! hostname r2 ! username r5 password 7 13061E010803 ip subnet-zero no ip domain-lookup isdn switch-type basic-ni1 ! ! interface BRI0 no ip address no ip directed-broadcast encapsulation ppp dialer pool-member 1 isdn spid1 0835866101 isdn spid2 0835866301 ppp callback request ! interface Dialer1 ip address 10.10.10.1 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer remote-name r5 dialer enable-timeout 1000 dialer string 8358662 dialer hold-queue 100 timeout 30 dialer pool 1 dialer-group 1 ntp broadcast pulse-time 0 ppp authentication chap ! ! map-class dialer eng access-list 1 deny any access-list 100 permit tcp any any eq telnet access-list 100 permit icmp any any dialer-list 1 protocol ip list 100 ! line con 0 exec-timeout 0 0 logging synchronous transport input none line aux 0 line vty 0 4 exec-timeout 0 0 password 7 06101B38 login telnet break-on-ip telnet ip-on-break ! ntp clock-period 17179853 end r2# = r5#show run version 12.2 ! hostname r5 username r2 password 7 045802150C2E no ip domain-lookup ! isdn switch-type basic-ni ! ! ! ! ! interface BRI0 ip address 10.10.10.2 255.255.255.0 encapsulation ppp dialer callback-secure dialer map ip 10.10.10.1 name r2 class eng broadcast 8358661 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 ppp callback accept ppp authentication chap ppp chap hostname r5 ! ! map-class dialer eng dialer callback-server username access-list 100 permit tcp any any eq telnet access-list 100 permit icmp any any dialer-list 1 protocol ip list 100 ! ! line con 0 exec-timeout 0 0 logging synchronous transport input none line aux 0 line vty 0 4 password 7 045802150C2E login autocommand access-enable host timeout 5 ! ntp clock-period 17179628 ntp master 4 ntp peer 10.10.110.16 end r5# == r2#show debug ISDN: ISDN Q931 packets debugging is on r2#debu ppp authen PPP authentication debugging is on r2# r2#ping 10.10.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds: . Success rate is 0 percent (0/5) r2# .Mar 2 11:01:03.477: ISDN BR0: TX -> SETUP pd = 8 callref = 0x04 .Mar 2 11:01:03.481: Bearer Capability i = 0x8890 .Mar 2 11:01:03.485: Channel ID i = 0x83 .Mar 2 11:01:03.485: Keypad Facility i = '8358662' .Mar 2 11:01:03.529: ISDN BR0: RX CONNECT_ACK pd = 8 callref = 0x04 .Mar 2 11:01:05.797: BR0:1 PPP: Phase is AUTHENTICATING, by the peer .Mar 2 11:01:07.653: BR0:1 PPP: Phase is AUTHENTICATING, by the peer .Mar 2 11:01:07.673: BR0:1 CHAP: I CHALLENGE id 195 len 23 from "r5" .Mar 2 11:01:07.681: BR0:1 CHAP: O RESPONSE id 195 len 23 from "r2" .Mar 2 11:01:07.705: BR0:1 CHAP: I SUCCESS id 195 len 4 .Mar 2 11:01:07.769: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up .Mar 2 11:01:07.777: ISDN BR0: RX RELEASE pd = 8 callref = 0x04 .Mar 2 11:01:07.857: ISDN BR0: RX SETUP pd = 8 callref = 0x05 .Mar 2 11:01:09.481: Bearer Capability i = 0x8890 .Mar 2 11:01:09.481: Channel ID i = 0x83 .Mar 2 11:01:09.485: Keypad Facility i = '8358662' .Mar 2 11:01:09.525: ISDN BR0: RX CONNECT_ACK pd = 8 callref = 0x05 .Mar 2 11:01:11.809: BR0:1 PPP: Phase is AUTHENTICATING, by the peer .Mar 2 11:01:13.657: BR0:1 PPP: Phase is AUTHENTICATING, by the peer .Mar 2 11:01:13.681: BR0:1 CHAP: I CHALLENGE id 196 len 23 from "r5" .Mar 2 11:01:13.689: BR0:1 CHAP: O RESPONSE id 196 len 23 from "r2" .Mar 2 11:01:13.709: BR0:1 CHAP: I SUCCESS id 196 len 4 .Mar 2 11:01:13.773: ISDN BR0: RX RELEASE pd = 8 callref = 0x05 .Mar 2 11:01:13.853: ISDN BR0: RX CONNECT pd = 8 callref = 0x8E .Mar 2 11:01:22.853: Channel ID i = 0x89 .Mar 2 11:01:22.961: ISDN BR0: RX <- CONNECT_ACK pd = 8 callref = 0x0E r2# .Mar 2 11:01:26.889: BR0:1 PPP: Phase is AUTHENTICATING, by the peer .Mar 2 11:01:26.901: BR0:1 CHAP: I CHALLENGE id 197 len 23 from "r5" .Mar 2 11:01:26.909: BR0:1 CHAP: O RESPONSE id 197 len 23 from "r2" .Mar 2 11:01:26.933: BR0:1 CHAP: I SUCCESS id 197 len 4 r2# .Mar 2 11:01:27.865: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up r2# .Mar 2 11:01:28.837: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662 8358662 r2# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59444&t=59444 --
Limiting TFTP Servers Used Via SNMP [7:59823]
Hi Group, Below I pasted what the command refernce is saying about limiting tftp servers used via snmp. My question is can you tell a router to save or copy configuration files to or from a tftp server via snmp? = snmp-server tftp-server-list To limit the TFTP servers used via Simple Network Management Protocol-controlled TFTP operations (saving and loading configuration files) to the servers specified in an access list, use the snmp-server tftp-server-list global configuration command. To disable this feature, use the no form of this command. snmp-server tftp-server-list number no snmp-server tftp-server-list Syntax Description number Standard IP access list number from 1 to 99. Defaults Disabled Command Modes Global configuration Command History Release Modification 10.2 This command was introduced. Examples The following example limits the TFTP servers that can be used for configuration file copies via SNMP to the servers in access list 44: snmp-server tftp-server-list 44 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59823&t=59823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No input access group defined for BRI0 [7:59849]
Hi Groub, r2 and r5 are connected via isdn. I am trying to telnet to r5 from r2 but I receive the message "No input access group defined for BRI0." Does that mean you cannot access a router via its bri interface unless an access list is configured on bri0? r2#telnet 10.10.10.2 Trying 10.10.10.2 ... Open User Access Verification Password: Password: No input access group defined for BRI0. [Connection to 10.10.10.2 closed by foreign host] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59849&t=59849 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: No input access group defined for BRI0 [7:59860]
here is the configuration in r5: ! interface BRI0 ip address 10.10.10.2 255.255.255.0 encapsulation ppp dialer callback-secure dialer idle-timeout 300 dialer enable-timeout 1 dialer map ip 10.10.10.1 name r2 class eng broadcast 8358661 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 snapshot server 5 ppp callback accept ppp authentication chap ppp chap hostname r5 ! - Original Message - From: "Brian Dennis" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Friday, December 27, 2002 1:17 PM Subject: RE: No input access group defined for BRI0 > John, > Is "lock and key" security configured on R5? > > Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security) > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > John Tafasi > Sent: Friday, December 27, 2002 11:51 AM > To: Cisco Group Study; ccielab > Subject: No input access group defined for BRI0 > > Hi Groub, > > r2 and r5 are connected via isdn. I am trying to telnet to r5 from r2 > but I > receive the message "No input access group defined for BRI0." Does that > mean > you cannot access a router via its bri interface unless an access list > is > configured on bri0? > > r2#telnet 10.10.10.2 > Trying 10.10.10.2 ... Open > > > User Access Verification > > Password: > Password: > No input access group defined for BRI0. > [Connection to 10.10.10.2 closed by foreign host] > . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59860&t=59860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: No input access group defined for BRI0 [7:59861]
Here is the complete configuration file for r5 r5#show run Building configuration... Current configuration : 2245 bytes ! ! Last configuration change at 22:38:53 UTC Thu Mar 11 1993 ! NVRAM config last updated at 15:54:58 UTC Wed Mar 10 1993 ! version 12.2 no service single-slot-reload-enable service timestamps debug datetime msec service timestamps log uptime no service password-encryption ! hostname r5 ! logging rate-limit console 10 except errors ! username omer password 7 14141B180F0B username r4 password 7 095E1B username r2 password 7 045802150C2E username r5 password 7 13061E010803 ip subnet-zero no ip finger no ip domain-lookup ! ip reflexive-list timeout 1000 no ip dhcp-client network-discovery isdn switch-type basic-ni ! ! ! ! interface Loopback5 ip address 5.5.5.5 255.255.255.0 ! interface Ethernet0 ip address 10.10.110.3 255.255.255.0 shutdown ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface BRI0 ip address 10.10.10.2 255.255.255.0 encapsulation ppp dialer callback-secure dialer idle-timeout 300 dialer enable-timeout 1 dialer map ip 10.10.10.1 name r2 class eng broadcast 8358661 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 snapshot server 5 ppp callback accept ppp authentication chap ppp chap hostname r5 ! router rip network 5.0.0.0 network 10.0.0.0 ! ip kerberos source-interface any ip classless ip route 0.0.0.0 0.0.0.0 10.10.10.1 ip route 0.0.0.0 0.0.0.0 10.10.110.16 ip http server ! ! ip access-list extended abc dynamic test permit ip any any permit tcp any host 10.10.110.3 eq telnet ip access-list extended inboundfilter permit igrp any any evaluate tcptraffic ip access-list extended outboundfilter permit tcp any any reflect tcptraffic timeout 5000 ! map-class dialer eng dialer callback-server username access-list 21 deny any access-list 100 permit tcp any any eq telnet access-list 100 permit icmp any any dialer-list 1 protocol ip list 100 ! snmp-server engineID local 55 snmp-server engineID remote 10.10.10.1 22 ! line con 0 exec-timeout 0 0 logging synchronous transport input none line aux 0 line vty 0 4 password cisco login autocommand access-enable host timeout 5 ! ntp clock-period 17179628 end - Original Message - From: "Brian McGahan" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Friday, December 27, 2002 1:29 PM Subject: RE: No input access group defined for BRI0 > John, > > This is most likely due to the fact that you have a dynamic > access-list configured, yet the dynamic list is not applied to that > interface. Once you have the 'access-enable' command defined, telnet on > tcp 23 is used exclusively to authenticate. > > Try something like this: > > line vty 0 3 > autocommand access-enable host timeout 20 > line vty 4 > rotary 1 > > Now the router will listen on TCP 7001 for actual telnet traffic > to the CLI. > > HTH > > Brian McGahan, CCIE #8593 > Director of Design and Implementation > [EMAIL PROTECTED] > > CyscoExpert Corporation > Internetwork Consulting & Training > Voice: 847.674.3392 > Fax: 847.674.2625 > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of > > John Tafasi > > Sent: Friday, December 27, 2002 1:51 PM > > To: Cisco Group Study; ccielab > > Subject: No input access group defined for BRI0 > > > > Hi Groub, > > > > r2 and r5 are connected via isdn. I am trying to telnet to r5 from r2 > but > > I > > receive the message "No input access group defined for BRI0." Does > that > > mean > > you cannot access a router via its bri interface unless an access list > is > > configured on bri0? > > > > r2#telnet 10.10.10.2 > > Trying 10.10.10.2 ... Open > > > > > > User Access Verification > > > > Password: > > Password: > > No input access group defined for BRI0. > > [Connection to 10.10.10.2 closed by foreign host] > > . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59861&t=59861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: No input access group defined for BRI0 [7:59866]
Thank you Brian. I found the problem is that: I have "autocommand access-enable host " on the vty line while there is no dynamic access list applied on the bri0 interface. Here is the complete configuration of r5 before removing the "autocommand access-enable host " from the vty lines. r5#show run Building configuration... Current configuration : 2202 bytes ! ! Last configuration change at 00:10:38 UTC Fri Mar 12 1993 ! NVRAM config last updated at 00:10:44 UTC Fri Mar 12 1993 ! version 12.2 no service single-slot-reload-enable service timestamps debug datetime msec service timestamps log uptime no service password-encryption ! hostname r5 ! logging rate-limit console 10 except errors ! username omer password 7 14141B180F0B username r4 password 7 095E1B username r2 password 7 045802150C2E username r5 password 7 13061E010803 ip subnet-zero no ip finger no ip domain-lookup ! ip reflexive-list timeout 1000 no ip dhcp-client network-discovery isdn switch-type basic-ni ! ! ! ! interface Loopback5 ip address 5.5.5.5 255.255.255.0 ! interface Ethernet0 ip address 10.10.110.3 255.255.255.0 shutdown ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface BRI0 ip address 10.10.10.2 255.255.255.0 encapsulation ppp dialer callback-secure dialer idle-timeout 300 dialer enable-timeout 1 dialer map ip 10.10.10.1 name r2 class eng broadcast 8358661 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 snapshot server 5 ppp callback accept ppp authentication chap ppp chap hostname r5 ! router rip network 5.0.0.0 network 10.0.0.0 ! ip kerberos source-interface any ip classless ip route 0.0.0.0 0.0.0.0 10.10.10.1 ip route 0.0.0.0 0.0.0.0 10.10.110.16 ip http server ! ! ip access-list extended abc dynamic test permit ip any any permit tcp any host 10.10.110.3 eq telnet ip access-list extended inboundfilter permit igrp any any evaluate tcptraffic ip access-list extended outboundfilter permit tcp any any reflect tcptraffic timeout 5000 ! map-class dialer eng dialer callback-server username access-list 21 deny any access-list 100 permit tcp any any eq telnet access-list 100 permit icmp any any dialer-list 1 protocol ip list 100 ! snmp-server engineID local 55 snmp-server engineID remote 10.10.10.1 22 ! line con 0 exec-timeout 0 0 logging synchronous transport input none line aux 0 line vty 0 4 password cisco login ! ntp clock-period 17179628 end r5# - Original Message - From: "Brian McGahan" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Friday, December 27, 2002 1:29 PM Subject: RE: No input access group defined for BRI0 > John, > > This is most likely due to the fact that you have a dynamic > access-list configured, yet the dynamic list is not applied to that > interface. Once you have the 'access-enable' command defined, telnet on > tcp 23 is used exclusively to authenticate. > > Try something like this: > > line vty 0 3 > autocommand access-enable host timeout 20 > line vty 4 > rotary 1 > > Now the router will listen on TCP 7001 for actual telnet traffic > to the CLI. > > HTH > > Brian McGahan, CCIE #8593 > Director of Design and Implementation > [EMAIL PROTECTED] > > CyscoExpert Corporation > Internetwork Consulting & Training > Voice: 847.674.3392 > Fax: 847.674.2625 > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of > > John Tafasi > > Sent: Friday, December 27, 2002 1:51 PM > > To: Cisco Group Study; ccielab > > Subject: No input access group defined for BRI0 > > > > Hi Groub, > > > > r2 and r5 are connected via isdn. I am trying to telnet to r5 from r2 > but > > I > > receive the message "No input access group defined for BRI0." Does > that > > mean > > you cannot access a router via its bri interface unless an access list > is > > configured on bri0? > > > > r2#telnet 10.10.10.2 > > Trying 10.10.10.2 ... Open > > > > > > User Access Verification > > > > Password: > > Password: > > No input access group defined for BRI0. > > [Connection to 10.10.10.2 closed by foreign host] > > . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59866&t=59866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ip netmask [7:60156]
Hi, does any one remembers the command to change how the netmask is represented in the "show interface". 192.168.5.0/24 versus 192.168.5.0 255.255.255.0 Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=60156&t=60156 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
llc2 MS-DOS tutorial [7:61921]
Hi Group, I have once used a ms-dos tutorial that wounderfully explains how llc2 works. It was an animation of frames transmission between two hosts. Does any body knows where is the location of this program now? I need to download it again. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61921&t=61921 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BayTech RPC-2 [7:62331]
Hi Group, I am using baytech rpc-2 in my home lab but I could not get it to work with a cisoc 2511 terminal server. I am using the correct cable from baytech. Could some one with a similar experience show me how to configure the 2511 to work with baytech? Thanks in advance John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62331&t=62331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
LightStream 100 atm switch [7:54953]
I have a LightStream atm switch is it enough for practicing for the CCIE lab Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54953&t=54953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE: Cisco 3550 [7:54958]
Do you guys no when the Catalyst 3550 will replace the 5000 series switches in the lab exam? Do you any online lab that gives good scenarios related to this new switch? Thanks Omer Shommo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54958&t=54958 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]