I think the SFM's were an interim step; the current direction seems to be
the Sup720 blades. What kind of speeds feeds are you requiring?
~~
R. Benjamin Kessler
Network Engineer
CCIE #8762, CISSP, CCSE
Kessler Consulting
Email: [EMAIL PROTECTED]
http://www.kesslerconsulting.com
Phone
.
Does this clear it up for you or are you more confused?
~~
R. Benjamin Kessler
Network Engineer
CCIE #8762, CISSP, CCSE
Kessler Consulting
Email: [EMAIL PROTECTED]
http://www.kesslerconsulting.com
Phone: 260-625-3273
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL
pretty well.
HTH
~~
R. Benjamin Kessler
Network Engineer
CCIE #8762, CISSP, CCSE
Kessler Consulting
Email: [EMAIL PROTECTED]
http://www.kesslerconsulting.com
Phone: 260-625-3273
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Lopez, Robert
Sent
I have a couple of 6509's with Sup1/MSFC1 cards that have a feature (I
can't get TAC to agree that it is a bug) which cause this type of
problem.
If you have an MLS entry built for a host and the MAC address associated
with that host's IP address (ARP entry) changes, the MSFC will see this
(via
You could be experiencing the long, fat network (LFN) problem.
How far apart are these locations? (average round-trip time with ping?)
-Original Message-
From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com] On Behalf Of
Kim Seng
Sent: Thursday, October 31, 2002 11:57 AM
To: [EMAIL
I have a client that used to have a pair of them...chucked them about
a year ago. 8540's (at least in the L2/L3 LAN-Switching arena) were an
abortion of a product; it was merely a stop-gap measure to say that
Cisco had a L3 switch on the market. With the 6500-series they've got a
capable product
I'm surprised Howard hasn't chimed in yet, this is definitely a what
problem are you trying to solve sort of case...
More details please. Personally, I don't believe VLANs should extend
outside a building (even with Dark Fibre); but perhaps you have
requirements that would justify this...
Check out the following link; it talks about high availability and
versioning.
I've not had a chance personally to try the versioning support to
perform an upgrade but I think this might be what you're after...
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_2/confg
Anyone from the list going? Is there going to be a GroupStudy
gathering?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47846t=47846
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report
Sounds good. When? Where?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Paul Borghese
Sent: Monday, July 01, 2002 3:04 PM
To: [EMAIL PROTECTED]
Subject: Re: OT - Networkers, Orlando [7:47846]
Sure. I will be there. Two years ago we had a
Try configuring your machine(s) with addresses in the following
networks:
198.62.0.0/28 - e.g. 192.168.0.1-14
and
192.168.0.240/28 - e.g. 192.168.0.241-254
This would be utilizing the all-zeros and all-ones subnets of
192.168.0.0/24
You tested configuring machines in the *networks*
To be more correct I should have said:
Try configuring your machine(s) with addresses in the following
subnets:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
R. Benjamin Kessler
Sent: Saturday, June 29, 2002 12:43 PM
To: [EMAIL PROTECTED]
Subject: RE
Sorry for the cross-post. Anyone from Northeast Indiana please reply to
me off-list.
Thanks,
Ben
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47507t=47507
--
FAQ, list archives, and subscription info:
I know I've done four at one time (long story) without incident; I
generally don't like to have more than two...how many are you trying to
configure? Why?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Phil Wallisch
Sent: Friday, June 14, 2002 10:19
I have a client who experienced this as well on a pair of 7206VXR's.
The two routers rebooted themselves due to memory parity error. The
cosmic radiation was kind enough to cause the reload in the wee hours
so no harm done.
What's weird is that we have six 7206's in the same cabinet but only
Look at the new 1700's (I think it's called 1760 or 1761) - they've got
a 1U rack form factor.
I haven't laid hands on one yet but it looks promising.
It's only got one 10/100 Ethernet built-in but you can add a 10mb
Ethernet via a WIC.
Obviously you'd need another WIC for the serial
I don't
Nothing like the bleeding edge...
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
John Neiberger
Sent: Wednesday, June 12, 2002 9:37 AM
To: [EMAIL PROTECTED]
Subject: IOS Caveats: Do I just need more coffee?? [7:46346]
I just don't get this. I'm
Do a copy tftp start and then reload.
Hi.. Dear all,
Why you I copy the config from the tftp server to replace the old
config
on
the router (copy tftp run) or copy the config from startup to running
(copy
star run). But the resulting config is not exactly the same as the
config
that I
One of the nice features of Ethereal is that you can do TCP Stream
Analysis. Basically, this shows the ASCII stream of data going
back-and-forth between the client and server. When analyzing telnet
sessions it is pretty easy to see the clear-text passwords this way.
HTH
Ben
-Original
I know on RedHat you have to ensure that syslogd is started with the -r
flag so that it accepts syslog messages from remote systems.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Steven A. Ridder
Sent: Friday, May 24, 2002 10:16 AM
To: [EMAIL
If you substitute the word segment where they have subnet then I'd
be happy with the description.
I've seen others use the two terms to mean the same thing, I suppose you
could argue it both ways. In my mind, segment = L2; subnet = L3.
-Original Message-
From: [EMAIL PROTECTED]
Jose,
Here's a snip that talks about your message...
http://www.cisco.com/warp/public/473/62.shtml#casestudy5:
Unfortunately, given their explanation, it doesn't really explain what
port 51 is now does it...
I know this is a cop out, but if you can you might want to look into
upgrading code
Ah yes, the financial industry...I'm glad someone else can feel my pain.
I've been consulting in this industry for the last five years and let me
say that I'm not surprised by too much anymore.
I actually had the pleasure of meeting the authors of the Advanced IP
Network Design book when they
While we're off-topic (somewhat) -
What are people doing for non-Ethernet traffic analysis?
I'm specifically interested in T1 and V.35 interfaces
I've used Sniffers for this in the past with quite a bit of success however
given the current state of the economy, etc. my current client is
While we're off-topic (somewhat) -
What are people doing for non-Ethernet traffic analysis?
I'm specifically interested in T1 and V.35 interfaces
I've used Sniffers for this in the past with quite a bit of success however
given the current state of the economy, etc. my current client is
I've seen similar behavior when both ends receive clock but no data passes
end-to-end. I recently experienced this when the telco didn't have a
cross-connect set right somewhere in the middle of the long-haul ckt. I saw
that both ends were sending packets (via simple 'show int' counters) but
1. in FR, when we specify clock rate for 64k, we use clock rate 64000, why
not 64 x 1024 = 65536 ? and for 1.544 mbps, we use 148000, why not 1.544 x
1024 x 1024 ?
This isn't just FR, but any connection that uses T1 signaling.
At 8000 frames/s (these are T1 frames); each frame is composed of
I think Cisco generally recommends that your switch mgmt interface is on a
different VLAN than your regular (read: end-user/server) devices. This
helps isolate broadcast/multicast traffic so the switch CPU doesn't have to
process it - especially critical in networks where there is a high
I haven't seen the Sup III for Cat4K's yet but I do have a bit of experience
with the L3 cards and am fairly unimpressed. After working with the 6500's
(with MSFCs) configuring a Cat4K with L3 module certainly seems like a few
steps backwards. My current client has a couple of Cat4K's with L3
As someone who has achieved both certs, I'd have to voice an objection to
the common myth that the CISSP is on the same level as the CCIE; it's not
even close.
The CISSP is well-known (it was listed in some rag as one of the top ten
certs to get this year), but it is entirely theory. That in
flip-flop your primary and secondary addresses on the hub router:
interface Ethernet0
ip address 192.168.1.1 255.255.255.0 secondary
ip address 192.168.13.1 255.255.255.0
ip helper-address 192.168.12.17
This will let the old 192.168.1.x addresses age-out gracefully while
assigning new
We could debate the TR vs. Ethernet thing 'till the cows come home
Are there any new Token-Ring networks being deployed? Probably not.
Unfortunately, there are still a TON of Token-Ring networks in use. Lately,
I've seen these in financial settings mostly. I know of one brokerage
company
hope your customer isn't a subscriber to this list :)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Chuck Larrieu
Sent: Saturday, February 02, 2002 6:20 PM
To: [EMAIL PROTECTED]
Subject: IPX over IPSec Tunnel - mystery solved?!?!? [7:34231]
It's been
Re your questions:
1 - I think you are correct. In the past candidates were required to
configure the F/R switch but I believe this is done for you now. Whether or
not you have any access to it is another question...I would have to assume
no but I won't know for sure for another 7 days :)
2 -
I'm guessing duplex-mismatch problem. Your in-lost packets are equal to
your Rcv-Err, I would read this as the switch saw an incoming packet but it
was malformed and threw it away.
Generally when I see a switch configured for 100/full and incrementing runts
and FCS errors it means the device on
Can I ask why you're buying 7204's vs. 7206's? I don't think the cost
difference between the two is that great and you get 50% more slots - not to
sound like a sales guy or anything.
At any rate, my take on the VXR vs. non-VXR thing. The 'regular' 7200's
were the first edition of the product
dialer-watch will do this as well; it basically removes the interesting
traffic requirement.
To answer what I think is your original question - with basic ppp dial-in if
one side is set to an idle-timeout of 60 seconds and the other set to 600,
if the router with the 60-second timeout doesn't
The only way I've seen Cisco recommend any one version of IOS/CatOS over
another is 1) for customers with an open P1 case (that has been open for
quite a while, escalated to the Nth degree, etc.) where moving to a
different version of code would resolve particular known issues that they
are
Scott, I'm in a similar spot regarding both the calendar and mental state.
Let me preface this by saying that I've not (yet) attended the 1-day lab and
thus can't be accused of breaking NDA. For what it's worth, these are the
operating assumptions I'm using to prepare for my 1st attempt at the
Yes, and do an atdt5551212 to dial-out...pretty cool stuff (see below).
I setup some 3640's a while back as out-of-band management for a client's
different data center locations. It was a bit over-engineered (read: $$,
see my note on WICs below) but highly-available - thus would provide
Yes, even the Sup if you have two of them :)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
George Dodds
Sent: Thursday, January 17, 2002 9:08 AM
To: [EMAIL PROTECTED]
Subject: 6509 cards hot swapable? [7:32288]
Are 6509 cards hot swapable or does the
I have a couple of nit-picky complaints about the book (as I do about
almost every book I read). There are some typo's as a previous poster
indicated. One of my biggest pet peeves is the use of the term continuous
when the author (probably) means contiguous - one sees this most often
when
Yes, I think Digi made/makes one. I have a client that used that for their
remote access (NT RAS) before I installed an AS5300.
I don't have a part number or any experience with them, I just know they
exist.
Sorry I can offer more...
Ben
-Original Message-
From: [EMAIL PROTECTED]
Obviously a high-bandwidth application. :) What are you installing, a bunch
of ATMs or something?
I'm assuming that the remote routers will be pretty low-end - 2500/2600 at
most.
Of the three options, I'd say if you have to do this, EIGRP would probably
be the best option. Make sure you
David,
Another thing that I wonder about is the remote end; what do those routers
look like?
If you have something like this:
+-Hub1---Hub3-+
| \ / |
RemoteX-+ X +-RemoteY
| / \ |
+-Hub2---Hub4-+
You'll probably want to restrict what
I can't speak for the 3600's - the latest I have running on them is
12.1(5)T8 but I only have a couple doing NAT and they're configured with
static entries not multiple pools.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Kaminski, Shawn G
Sent:
I think you may have to reload the router to reset these counters. I've
never seen a command to reset these counters and given what you're doing a
reload might be called for anyway to avoid problems (i.e. memory
fragmentation, etc.).
-Original Message-
From: [EMAIL PROTECTED]
policy routing (using route-maps).
You can specify next-hop and/or which outbound interface to use, etc.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Joy Wang
Sent: Tuesday, January 15, 2002 8:25 PM
To: [EMAIL PROTECTED]
Subject: conditional static
Chuck,
See my post to the CCIE list from Sat (1/12) titled Re: IGRP Timers
I ran into this too...
Ben
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 13, 2002 10:39 PM
To: [EMAIL PROTECTED]
Subject: OT: Gawd I hate my life ;- [7:31817]
OK,
Chuck,
See my post to the CCIE list from Sat (1/12) titled Re: IGRP Timers
I ran into this too...
Ben
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 13, 2002 10:39 PM
To: [EMAIL PROTECTED]
Subject: OT: Gawd I hate my life ;- [7:31817]
OK,
What platform? I was doing a bug search for 7200's and saw several NAT
bugs - some of which are unresolved.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Patrick Ramsey
Sent: Monday, January 14, 2002 3:24 PM
To: [EMAIL PROTECTED]
Subject: NAT Problems
Actually, both are fabric-enabled.
In the main 65xx box you have the 32Gb/s backplane (BUS) and now you can
also take advantage of the Switch Fabric to bump your capacity up to
256Gb/s. Regarding the different 16-port GBIC cards you have three options:
6416 - BUS-only (32Gb/s) - SUP handles
I've done it with about 100 interfaces on 7513's and didn't see this
problem. It may be a limitation of the code on the box, memory (as you
indicated), or something else. Have you been able to rule-out as many
something elses as possible?
What does the network topology look like? Do you have
I agree with Jenny's comments. I've also used floating-statics for quite
some time to backup frame links. I was playing around with dialer watch in
the lab this weekend and it does some 'interesting' things...
For one, it seems to do away with the interesting traffic requirement. If
the main
Per the docs. a 2500 has a *max* draw of 1A @ 110V - YMMV but I'd imagine
that you'll see these boxes pull significantly less than the advertised max
value.
Using the worst case number:
110W/hr * 12hrs = 1320W or 1.32KW
At $0.10/KW Hour it will cost ~ $0.13 per router
Again, this is based off
Even Cisco 2600/3600
routers with ISDN interfaces can simulate the ISDN network, now. Fun stuff!
really? cool...can you point me to a link with a sample config?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29798t=29787
--
Warning, this is a bit longish...I'd be interested in feedback to see if
anyone agrees/disagrees, finds this at all helpful, etc. Part of this
exercise is to make sure I've got this straight in my head.
Here's a CCO link that may help:
http://www.cisco.com/warp/public/103/5.html
The scenario
You can implement fast/gigabit EtherChannels in a STP environment. One of
the benefits to F/GEC is that it can take redundant paths between switches
and make them appear to STP as a single link (thus no blocking). Don't
believe the hype entirely about the performance benefits. Because of the
The ASCII Art didn't come through too well on my e-mail so let me see if I
have this straight...
NY is the hub, PVCs between DLCI's 300 and 301 (CH) and 300 and 302 (SF).
If you want to make CH the hub you'll need to add a PVC between 301 (CH) and
302 (SF); you can then remove the PVC between
try using the commands
dir disk0:
and
format disk0:
you'll need to modify the boot string as well - for example:
boot system flash disk0:c7200-io3s-mz.121-5.T8.bin
use the copy tftp disk0: command to get files on the disk.
HTH,
Ben
-Original Message-
From: [EMAIL PROTECTED]
Been there, done that...not any fun. Brokerage environment; UDP
directed-broadcast traffic to nearly 200 sites. Buffers tuned to the max to
keep from dropping packets because the application didn't handle
re-transmissions...etc., etc., Of course, priority queuing was required to
ensure that
Verify that the router can reach the TACACS server (ping) and verify that
the TACACS server and router are configured with matching parameters. Note:
you may have to restart the TACACS server process when you add a router.
I'm assuming that you copy/pasted the same set of config lines in all of
Drew, I don't know if your question has already been answered or not but
here my $0.02.
One reason to use the MAC-layer multicast address is to minimize the impact
of the BPDU flooding on non-switch/bridge devices. Regular end-stations
will not need to process the BPDU packets because the
I believe it is Ethernet_II (in Novell-speak) or ARPA (in Cisco-language)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
CCIE TB
Sent: Monday, November 12, 2001 7:55 AM
To: [EMAIL PROTECTED]
Subject: What frame format used by TCP/IP? [7:25924]
I didn't see this come through the list so I'm re-posting.
-Original Message-
From: R. Benjamin Kessler [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 08, 2001 10:01 AM
To: Cisco GroupStudy List
Subject: RE: Subnet Mask question [7:25602]
I'm assuming that you entered something
a subnet
broadcast, so they all agreed that this was not completely expected
behavior.
Thanks again,
Priscilla
At 10:00 AM 11/7/01, R. Benjamin Kessler wrote:
I setup a remote unix box running nmap and had it send packets to the
subnet
broadcast address (in my case 192.168.72.255). I configured my
manipulator available?
For added fun you could put together a frame with a destination IP of
the subnet's broadcast addy, and a destination MAC of the routers MAC
address...
-Original Message-
From: R. Benjamin Kessler [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 07, 2001 2:03 PM
sorry if you've received this before...I'm having problems posting it
seems...
-Original Message-
From: R. Benjamin Kessler [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 08, 2001 10:01 AM
To: Priscilla Oppenheimer; Cisco GroupStudy List
Subject: RE: IP helper address and subnet
I'm assuming that you entered something like this in a router:
ip route 63.182.182.182 255.0.0.0
where = an interface name or IP address of a neighboring
router.
If this is an accurate assumption when you do a show run you'll probably
see the following instead:
ip route 63.0.0.0 255.0.0.0
Some books describe the topology table as a compilation of routing tables
from all the neighboring routers.
Gareth did a good job trying to explain the feasible distance vs. advertised
distance thing...there's also a good explanation of this in Ch 1 of the
EGIRP Network Design Solutions (Cisco
Are you sure that it is reporting the same serial # that is on the chassis?
In my experience, the only way I could get the serial number remotely is by
entering the snmp-server chassis-id command into the config manually.
I just double-checked on a 3600, 7200 and 7500 (running various 12.x code)
I have a text file that I do a 'select-all', 'copy' from and then 'paste'
into a new CatOS switch. Here's the AAA lines that I paste, in the order I
paste them:
#authentication
set authentication login tacacs enable console primary
set authentication login tacacs enable telnet primary
set
I was scheduled to take the class in December...I don't think my CC has been
charged yet but I'll be calling them to check for sure. I have a whole list
of Mentor phone #'s but all of the ones I called weren't answered by humans.
Can anyone offer feedback on the CCBootcamp 5-day course (anyone
...in an attempt to torch the straw man...
We could talk at length about the pros and cons of the straw man you
present; if I understand the main question at hand the question is how to
provide some redundancy to the WAN link.
Short answer is that real-world solutions would include some type of
: Carroll Kong [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 31, 2001 10:32 AM
To: R. Benjamin Kessler
Cc: [EMAIL PROTECTED]
Subject: RE: Migration EIGRP-OSPF [7:5724]
At 08:27 AM 5/31/01 -0400, R. Benjamin Kessler wrote:
What is the reason for going to OSPF in this instance, stability problems
You also need to make sure that you have good address summarization if you
want it to be successful. I've seen more than my fair share of networks
that ran EIGRP, didn't have proper summarization and/or had a lot of
redundancy. Because, out of the box EIGRP doesn't require you to build
networks
If you're connecting to the switch via telnet - keeping with the below
suggestion - assuming you're running CatOS, you might want to also turn off
session logging. That combined with creating a big buffer for the logging
messages and/or sending them to a syslog host will keep these messages off
Just getting started, there are probably some easier reads out there but
that book will definitely give you the goods on TCP/IP...
Regarding your question/statement, you are accurate that the raw Ethernet
frame format has DA, SA, EtherType, Data, and FCS - to be a valid frame it
just has to be
78 matches
Mail list logo