No Subject
Maybe a device is configured with proxy arp. A device that does proxy arp "tricks" the sending node into giving it packets for routing even if the sending node doesn't have a default gateway. Check http://www.cisco.com/univercd/cc/td/doc/product/software/ssr83/rpc_r/48383.htm#xtocid670617 - watch the word wrap. Hope that helps, BP You Wrote-- From: user [mailto:[EMAIL PROTECTED]] Subject: Catalyst 6500 How can separate VLANs on a 6500 talk without routing enabled? __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Admin distance on directly connected
IMHO, it is not correct. Have you checked it ? I mean, not only by looking at 'show ip route' output, but really checking that route has AD of 0 ? It is true that it is considered as directly connected, but it still has AD of one, and it can be easily proved ! Just add 'debug ip routing' before you add route, and you will see that it will be added into routing table with AD of 1. If you add two routes, for example: ip route 10.10.10.0 255.255.255.0 ethernet0 ip route 10.10.10.0 255.255.255.0 10.10.20.1 which one will be added into routing table (considering that you have 10.10.20.1 route in routing table, and that ethernet0 interface is up)? Guess what ? Both will be there ! Of course, both will be there 'cause both have the same AD (1)! Regards, Saa suaveguru wrote: > > This is correct , especially true if you want to avoid > ebgp multihop statement in BGP you will use a static > route to interface which treats it as though it is > directly connected > > hope this helps > > suaveguru > --- John Neiberger <[EMAIL PROTECTED]> wrote: > > Actually, I believe that a static route pointing to > > a next hop has an AD of > > 1, but a static route pointing to an interface shows > > as directly connected > > and has an AD of 0. > > > > I just tested this to be sure, but someone else > > might want to verify it. > > > > John > > > > > > > > > > A directly connected network has an AD=0. > > > > A static route via Interface has AD=0 > > > > A static route via IP address has AD=1 > > Correct? > > > > > > A static route via interface cannot have AD of 0. > > > It can have AD from 1 (default) to 255, just like > > > any other static route. > > > > > > Sasa > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to > > [EMAIL PROTECTED] > > > > > > > > > > > > > ___ > > Send a cool gift with your E-Card > > http://www.bluemountain.com/giftcenter/ > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > __ > Get personalized email addresses from Yahoo! Mail - only $35 > a year! http://personal.mail.yahoo.com/ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 6500
Maybe a device is configured with proxy arp. A device that does proxy arp "tricks" the sending node into giving it packets for routing even if the sending node doesn't have a default gateway. Check http://www.cisco.com/univercd/cc/td/doc/product/software/ssr83/rpc_r/48383.htm#xtocid670617 - watch the word wrap. Hope that helps, BP You Wrote-- From: user [mailto:[EMAIL PROTECTED]] Subject: Catalyst 6500 How can separate VLANs on a 6500 talk without routing enabled? __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subnet questions
It did not say you had to summarize into one route. Answer C means you would need two routes, but it is better than advertising networks which do not originate from your domain... - Original Message - From: Priscilla Oppenheimer <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, February 04, 2001 3:26 PM Subject: Re: Subnet questions > > > > > > Ok, I looked into the resources that you've referred to, and put a little > > > more thought into this question. > > Make sure the resources cover supernetting and not just subnetting. The > goal of supernetting is to group routes together so that a router reduces > the number of routes it tells other routers about. That's very different > from subnetting where the goal is to subdivide the network number assigned > to you by your ISP or ARIN. > > > > > So, we're given the networks, > > > > > > 192.168.9.0 (192.168. 1001. ) > > > 192.168.10.0 (192.168. 1010. ) > > > 192.168.11.0 (192.168. 1011. ) and > > > 192.168.12.0 (192.168. 1100. ). > > The question was, "When using classless supernetting, which route best > summarizes the following networks?" > > So we're looking for one route that will let us tell other routers about > our four networks. The possible answers were: > > A)192.168.0.9 / 20 obviously wrong because of the .9 at the end > > B)192.168.0.0 / 16 this could work, but it's less specific than answer D > > C)192.168.9.0 / 22 this doesn't work because it leaves out > 192.168.12.0, plus it would be stupid to use .9 when the one bit isn't even > referred to with a /22. The one bit is in the node ID (suffix) part of the > addresses. > > D)192.168.8.0 / 21 this works > > > > > > > > Keeping in mind that the question asks for the "best" summarization... > >since > > > 192.168.8.0/21 would include additional networks not mentioned in the > > > problem (i.e. 192.168.13.0, 192.168.14.0, etc.), I can see how this might > > > not be the best answer. > > With a /21, the one bit and two bit don't matter so 13 and 14 don't matter. > Those bits are in the node part when we use /21. > > > > > > > 192.168.9.0/22, on the other hand, is the "best" summarization for the > >first > > > three networks. The last network has no other networks to be summarized > > > with, therefore can be left out of the summarization. > > The goal is to group all four networks. Leaving out one would cause you not > to meet that goal. I think D is the right answer. > > Priscilla > > > > > > > Is this the right reasoning for the correct answer being C? > > > > > > > > > > > > Regards, > > > > > > Han-Song Kim > > > Network Engineer, CCNP/ MCSE/ MCDBA > > > Planetary Networks > > > (W)408.745.3065 (C)408.910.7907 > > > [EMAIL PROTECTED] > > > > > Priscilla Oppenheimer > http://www.priscilla.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: commands, please help
Follies are for Friday's please... You gotta be kidding right? - Original Message - From: yohanus <[EMAIL PROTECTED]> Newsgroups: groupstudy.cisco To: <[EMAIL PROTECTED]> Sent: Sunday, February 04, 2001 10:55 PM Subject: commands, please help > ---Sorry for asking this question, if it's been asked before--- > Anyone know of a good site that publicizes Cisco commands? If so, please > help. > Thanks to all replies. > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
named access lists
i brought new 805 router to connect my leasedline to my network. there is version 12.0 IOS. and named accesslists are not applying in that. priviously in 2600 router(11.3 IOS)named accesslists are applying. what is the problem? is 12.0 IOS will not support named access lists? or router it self won't support? what i have to do? bye Srihari --- Ron Tan <[EMAIL PROTECTED]> wrote: > 2 sites are connect to each other by ISDN Bri. Both > are configured to = > react by Dialer profile. Both links are ok and > connected but when = > performing a ping test to each other, the following > had been observed. = > Pinging from ethernet port to destination dialer > interface produces a = > very stable and reliable status while pinging from > ethernet port to = > destination ethernet port shows huge packet losses. > The same goes for = > the reverse. Anyone has any thought about this ? > > Ron > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: commands, please help
Yes this was a joke. Come on people. Let's get it together. ""yohanus"" <[EMAIL PROTECTED]> wrote in message 95ln27$8fh$[EMAIL PROTECTED]">news:95ln27$8fh$[EMAIL PROTECTED]... > ---Sorry for asking this question, if it's been asked before--- > Anyone know of a good site that publicizes Cisco commands? If so, please > help. > Thanks to all replies. > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
QOS for Citrix
G'day All, Currently got a problem with a WAN I support where they are getting time-outs with their Citrix Clients. Citrix Clients are connected via frame-relay edge routers 1700's to an ATM core router 7200VXR NPE-200 with ATM DS3 routing traffic between all sites. Can anybody suggest any QOS solutions to prioritize the Citrix traffic. So far I have reserched the following: Citrix Ports 1494/tcp ica 1494/udp ica (not sure which of these needs more priority) bandwidth ~ 20k per user (although I have heard that it can be a lot higher than this) average packet size 300 bytes delay sensitive I am looking at Priority queueing, but a little concerned about the warnings that it may starve other traffic if the Citrix queue is constantly full. If anyone has any suggestions, or played with this before it would much appreciated. Many Thanks Steve _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ip directed broadcast
Hi, The removal of directed-brooadcasts is one of the security messures that is being taken place on the router. The IP directed broadcast is a datagram which is sent to the broadcast address of a subnet to which the sending machine is not directly attached. The directed broadcast is routed through the network as a unicast packet until it arrives at the target subnet, where it is converted into a link-layer broadcast. The directed-broadcasts arp being used in the extremely common and popular "smurf" denial of service attack, and can also be used in related attacks. I hope it helps Gil -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: ??? ??? 05 ?? 2001 06:13 To: [EMAIL PROTECTED] Subject: Re: ip directed broadcast >hi all > >anyone knows why no ip directed broadcast is always >set for any interfaces? > > >regards, > >suaveguru RFC 2644 Changing the Default for Directed Broadcasts in Routers. D. Senie. August 1999. (Format: TXT=6820 bytes) (Updates RFC1812) (Also BCP0034) (Status: BEST CURRENT PRACTICE) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP set - tool?
Thanks a lot for that - It does exactly what I was after. For anyone interested, here is a brief overview of what I had to do to get it working: After installing the application, I grabbed all of the Cisco MIBs (http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml) and threw them in the MIBs directory of GetIF. I set up the router in the parameters tab (IP, SNMP community strings), then entered the command in the bottom of the MBrowser tab: .1.3.6.1.4.1.9.2.1.55.$.$.$.$, s (string), then the name of the file to write to on the tftp server. Rgds, Dave. ""Greg"" <[EMAIL PROTECTED]> wrote in message 95eqn3$q7e$[EMAIL PROTECTED]">news:95eqn3$q7e$[EMAIL PROTECTED]... > I use GetIF 2.2 to do exactly what you are trying to do and it works great. > > Regards, > Greg Weise > CCNA, CCDA > > > "David Steele" <[EMAIL PROTECTED]> wrote in message > 95epv6$lag$[EMAIL PROTECTED]">news:95epv6$lag$[EMAIL PROTECTED]... > > I'm looking for a tool that'll allow me to perform SNMP set commands, > > specifically to allow me to get a router to tftp it's running config to a > > tftp server of my choosing, per the Cisco document: > > http://www.cisco.com/warp/public/477/SNMP/11.html (this document is > designed > > for HP Openview users) > > > > My company has only provided me with What's Up Gold, which seems to be a > > viewer (get) tool only. OV / CiscoWorks are out of the question, and no, I > > don't have access to a Macintosh to run the SNMP program that has been > > mentioned recently for that platform. I actually only have access to Win > NT > > :( > > > > Can anyone recommend a freeware or similar application that will allow me > to > > perform SNMP queries? Effectively all I need is a command line tool, as I > > know the exact format of the command that I wish to run. > > > > Any and all thoughts are welcome. > > > > Rgds, > > David Steele > > CCNP, CCDA > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
very confused with access-list, pls help!!
Hi..Dear all, answer whatever you know 1)I am very confused with access-list now, I have named my access-list as below ip access-list extended a3000 permit tcp any eq 3000 any log permit udp any eq 3000 any log permit tcp any any eq 3000 log permit udp any any eq 3000 log ip access-list extended range permit tcp any any range 8194 8294 log permit udp any any range 48129 48192 log ip access-list extended telnet permit tcp host 57.198.165.199 any eq telnet log permit tcp host 57.198.165.229 any eq telnet log But I found when apply multiple access group in the int E0, like below Router(config-if)#ip access-group a3000 in Router(config-if)#ip access-group range in Router(config-if)#ip access-group telnet in but when I Router#sh run only ip access-group telnet in shown in the config (the last one), where are the a3000, range ?? 2)When I type sh access-list, why it shows me that access-group "range" is still applied as shown below. Besides, why the line permit tcp host 199.105.182.190 eq 8194 host 192.168.3.112 eq 8201 (17 matches) and etc appear in the Extended IP access list telnet and I thought it should show in the Extended IP access list range Extended IP access list range permit tcp any any range 8194 8294 log (6 matches) permit udp any any range 48129 48192 log (56 matches) Extended IP access list telnet permit tcp host 199.105.182.190 eq 8194 host 192.168.3.112 eq 8201 (17 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.107 eq 48129 (184 matches) permit tcp host 199.105.182.189 eq 8194 host 192.168.3.112 eq 8198 (18 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.110 eq 48129 (193 matches) permit tcp host 57.198.165.199 any eq telnet log permit tcp host 57.198.165.229 any eq telnet log 3)In my config file, there are entry like "no ip route-cache" as shown below, may I know how to delete it? ! interface Ethernet0 description Interface facing Financial Service Provider ip address 192.168.3.1 255.255.255.0 ip access-group 100 in no ip directed-broadcast ip nat outside no ip route-cache no ip mroute-cache 4)when I do a on router SIN01>sh ip route connected C 58.199.164.0/22 is directly connected, FastEthernet0/0 C 58.199.126.0/27 is directly connected, FastEthernet0/0 Why two networks can state directly connected to one interface, what does it mean?? == De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. == The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. == _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: why can't ping its own interface it is up ???-configattached !!
yes I solved the problem, I have to enable ICMP to pass thru so that I can ping the own interface, however I still doubt about it as I know the access-list only affect the traffic passing thru the router but not the traffic initiated from the router. Anyway. thanks for your help Sim -Original Message- From: Charles Ryan [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 03, 2001 7:14 AM To: Sim, CT (Chee Tong); 'Erick B.'; [EMAIL PROTECTED]; 'Kevin Wigle'; 'Curtis Call' Subject: Re: why can't ping its own interface it is up ???-config attached !! I believe it's because your ICMP packets are being snagged by the implicit "deny all" at the end of your access-list. Remove the access-list from the ethernet interface, then attempt to ping it. It will probably work. If it does, then you know that it's indeed your access-list that is prohibiting you from pinging the ethernet interface. -Chuck - Original Message - From: "Sim, CT (Chee Tong)" <[EMAIL PROTECTED]> To: "'Erick B.'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; "'Kevin Wigle'" <[EMAIL PROTECTED]>; "'Curtis Call'" <[EMAIL PROTECTED]> Sent: Friday, February 02, 2001 12:25 AM Subject: RE: why can't ping its own interface it is up ???-config attached !! > hi dear all, > > I should say sorry to you all, as I was trying to hide the real address, > from 192.168.3.1 to 100.200.3.1. Below are the full config.. Pls help me to > find out what is the problem Thank you very very much > > RBFW2514#sh conf > Using 2790 out of 32762 bytes > ! > version 12.0 > service timestamps debug uptime > service timestamps log uptime > no service password-encryption > ! > hostname RBFW2514 > ! > enable secret 5 $1$i8gB$psKZMoYyK9t2DRTQel4401 > ! > ! > ! > ! > ! > ip subnet-zero > no ip domain-lookup > ! > ip inspect name fw tcp > ip inspect name fw udp > ip inspect name fw smtp > ip inspect name fw ftp > ! > ! > process-max-time 200 > ! > interface Ethernet0 > description Interface facing Financial Service Provider > ip address 192.168.3.1 255.255.255.0 > ip access-group 100 in > no ip directed-broadcast > ip nat outside > ! > interface Ethernet1 > description Interface facing Rabobank (Trusted) network > ip address 58.199.165.240 255.255.252.0 > no ip directed-broadcast > ip nat inside > ip inspect fw in > ip route-cache flow > ! > interface Serial0 > ip unnumbered Ethernet0 > no ip directed-broadcast > no ip mroute-cache > shutdown > no fair-queue > ! > interface Serial1 > no ip address > no ip directed-broadcast > shutdown > ! > ip nat pool rabo 192.168.3.101 192.168.3.200 netmask 255.255.255.0 > ip nat pool rabo1 192.168.3.201 192.168.3.240 netmask 255.255.255.0 > ip nat pool rabo2 192.168.3.101 192.168.3.240 netmask 255.255.255.0 > ip nat inside source list 1 pool rabo2 > ip nat inside source list 2 pool rabo1 > ip classless > ip route 172.16.0.0 255.255.0.0 192.168.3.31 > ip route 192.168.3.0 255.255.255.0 10.168.3.2 > ip route 199.105.176.0 255.255.248.0 192.168.3.21 > ip route 199.105.184.0 255.255.254.0 192.168.3.21 > ip route 205.183.246.0 255.255.255.0 192.168.3.21 > ip route 208.134.161.0 255.255.255.0 192.168.3.21 > no ip http server > ! > logging trap debugging > logging facility local2 > logging 58.199.167.22 > access-list 1 permit any > access-list 100 permit tcp any any eq www > access-list 100 permit tcp any eq www any > access-list 100 permit tcp any any eq 5100 > access-list 100 permit tcp any eq 5100 any > access-list 100 permit tcp any any eq 60101 > access-list 100 permit tcp any eq 60101 any > access-list 100 permit tcp any any eq 7091 > access-list 100 permit tcp any eq 7091 any > access-list 100 permit udp any any eq 7091 > access-list 100 permit udp any eq 7091 any > access-list 100 permit udp any any eq domain > access-list 100 permit udp any eq domain any > access-list 100 permit tcp any eq 3000 any > access-list 100 permit udp any eq 3000 any > access-list 100 permit tcp any any eq 3000 > access-list 100 permit udp any any eq 3000 > access-list 100 permit tcp any any eq 4040 > access-list 100 permit tcp any any eq 6080 > access-list 100 permit tcp any any range 8194 8294 > access-list 100 permit udp any any range 48129 48192 log > access-list 100 permit udp any eq 6080 any > access-list 100 permit udp any eq 4040 any > snmp-server engineID local 000902107B8102E6 > snmp-server community public RO > ! > line con 0 > transport input none > line aux 0 > line vty 0 4 > password XXX > login > length 0 > ! > end > > -Original Message- > From: Erick B. [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 02, 2001 12:49 PM > To: Sim, CT (Chee Tong); [EMAIL PROTECTED] > Subject: Re: why can't ping its own interface it is up > > > Since your pinging from the same router that this IP > resides on the access-list doesn't come into play. > Traffic flowing through that interface will be looked > at against the access-list but not traffic sourced > from the router, unless you set up a local poli
Re:Which BCMSN Cisco book?
If you just want to pass the exam then take CISCO CCNP Switching Exam Certification Guide. It goes through point by point through the course. If you are the one to know hows and whys then take both since they refer back and forth. Both of them are good to have and study from. This is my point of view. Rajeev Soni Reply Separator Subject:Which BCMSN Cisco book? Author: "Terry" <[EMAIL PROTECTED]> Date: 2/2/2001 9:50 PM Trying to decide which book to get for the switching test. Anyone out there compared them both? Building Cisco Multilayer Switched Networks Hardcover - 500 pages 1st edition (May 15, 2000) Cisco Pr; ISBN: 1578700930 ; Dimensions (in inches): 1.40 x 9.47 x 7.70 - or - Cisco Ccnp Switching Exam Certification Guide Hardcover - 576 pages Bk&Cd-Rom edition (December 20, 2000) Cisco Systems; ISBN: 158727 ; Dimensions (in inches): 1.50 x 9.43 x 7.71 Thanks Terry _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Received: from groupstudy.com ([63.104.50.75]) by ccmail.itd.nps.gov with SMTP (IMA Internet Exchange 3.13) id 00857FCD; Fri, 2 Feb 2001 23:17:03 -0500 Received: from localhost (mail@localhost) by groupstudy.com (8.9.3/8.9.3) with SMTP id AAA21354; Sat, 3 Feb 2001 00:27:10 -0500 Received: by groupstudy.com (bulk_mailer v1.12); Fri, 2 Feb 2001 23:58:52 -0500 Received: (from listserver@localhost) by groupstudy.com (8.9.3/8.9.3) id XAA18581 GroupStudy Mailer; Fri, 2 Feb 2001 23:58:51 -0500 Received: (from news@localhost) by groupstudy.com (8.9.3/8.9.3) id XAA18557 GroupStudy Mailer; Fri, 2 Feb 2001 23:58:51 -0500 To: [EMAIL PROTECTED] Path: not-for-mail From: "Terry" <[EMAIL PROTECTED]> Newsgroups: groupstudy.cisco Subject: Which BCMSN Cisco book? Date: Fri, 2 Feb 2001 21:50:54 -0600 Organization: GroupStudy.com Discussion Groups Lines: 20 Message-ID: <95g36a$i3n$[EMAIL PROTECTED]> NNTP-Posting-Host: 1cust92.tnt7.gulfport.ms.da.uu.net NNTP-Posting-Date: 3 Feb 2001 04:58:50 GMT X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: [EMAIL PROTECTED] Reply-To: "Terry" <[EMAIL PROTECTED]> Precedence: bulk _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Netflow
hi all , Is there anyone who has used Cisco Netflow for collection of data how can you enable cisco netflow on a cisco catalyst 5505 with supervisor engine II G using a NFFC (Netflow Feature Card) Daley Okuwa EDS Network services Stockley Park Tel no0181-5353144 fax no 0181-7545983 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need Help about CCNP2
Hi Vikas, There is no hard & fast rule or fashion on sequence of exams to be taken. As for CCNP2.0 Cisco Press books r already out in market (published by Techmedia)in India. As for me i prefer the old sequence of taking CCNP exams: 1) routing (BSCN), 2) switching(BCMSN), 3) Remote Access(BCRAN), 4)CIT Hope this helps Regards Akshay CCNA2.0 -- Network Operations (Mumbai) Bharti BT Internet Ltd. Tel:- 091-22-6194142 / 619 4243 / 619 4244 ext.no 26/27 Email :- [EMAIL PROTECTED] "vikas patel" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello there, > How r u? i am new to this web site and i am quite amaze also and now > frequently visiting this web site. > I have a small question regarding my CCNP2.0. what if i give BCRAN exam > first in this CCNP2.0 track, which other topics that i need to take care of. > I am in india and no other book is available for CCNP2.0 track at this > moment. > any kind of help will be appreciated. > Kind regards > vikas > _ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: very confused with access-list, pls help!!
Chee Tong, > 1)I am very confused with access-list now, I have named my access-list as > below > > But I found when apply multiple access group in the int E0, > like below > Router(config-if)#ip access-group a3000 in > Router(config-if)#ip access-group range in > Router(config-if)#ip access-group telnet in > > but when I Router#sh run only ip access-group telnet in shown in the config > (the last one), where are the a3000, range ?? Only one access list may be applied per interface, per direction, at any given time. If you want all these access-list statements to work together, then you will need to put them into a single access list, ie: ip access-list extended MyGroovyStuff contents of a3000 ... contents of range ... contents of telnet ... Then apply the new list to your interface, ie: interface ethernet 0 ip access-group MyGroovyStuff in > 2)When I type sh access-list, why it shows me that access-group "range" is > still applied as shown below. Besides, why the line > permit tcp host 199.105.182.190 eq 8194 host 192.168.3.112 eq 8201 (17 > matches) and etc appear in the Extended IP access list telnet and I thought > it should show in the Extended IP access list range > I would guess that any matches on the 'a3000' and 'range' access lists (providing that you are applying them to your interface in the order you listed above) are as a result of 'hits' on the access list while you are making the change, eg: > Router(config-if)#ip access-group a3000 in When you type this command and press enter, it is applied to your interface. Stats will be logged for this list from now until when you type the next line and press enter (say 10 seconds). > Router(config-if)#ip access-group range in Same behavious as above, but now the 'range' access list has been applied and the 'a3000' list removed. > Router(config-if)#ip access-group telnet in Now your final access list 'telnet' is applied (and neither 'a3000' or 'range' are applied to the interface. I am also assuming that you have entered the 'ip access-group ...' commands a number of times in your effort to fix it and each time traffic that matches the list (even though that list may only be active for a very short while), a 'match' is recorded. > 3)In my config file, there are entry like "no ip route-cache" as shown > below, may I know how to delete it? Enter the command 'route-cache' (ie. the opposite of no route-cache), eg: router(config)#interface ethernet 0 router(config-if)#route-cache > 4)when I do a on router > SIN01>sh ip route connected > C 58.199.164.0/22 is directly connected, FastEthernet0/0 > C 58.199.126.0/27 is directly connected, FastEthernet0/0 > > Why two networks can state directly connected to one interface, what does it > mean?? You may have two IP addresses configured for the interface. Regards Adam Burgess Brisbane, Australia _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Product line
Does anyone knows what extent of Cisco product line knowledge is required for the CCDA exam? For example: the number of ports, the difference between 3620 and 3640 router etc? I know a few like 2524, 1004, 3600 etc... but there are too many to look up. Any help would be greatly appreciated. Regards, Hunt Lee IP Solution Analyst Cable and Wireless (Sydney) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: commands, please help
Yohanus, Try this for 12.1 (watch word wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/inde x.htm click on "contents" a couple of times to be able to drill to the command references for other versions. Dave Swink -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of yohanus Sent: Monday, February 05, 2001 12:56 AM To: [EMAIL PROTECTED] Subject: commands, please help ---Sorry for asking this question, if it's been asked before--- Anyone know of a good site that publicizes Cisco commands? If so, please help. Thanks to all replies. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re[2]: Subnet questions
Answer for the question 1 is B and I can prove it. Our subnet mask is 255.255.240.0 => which means 4 bits from the third octet are used for the subnet masking. That gives us the interval of 16 between the two networks. Following will be the networks for the subnet mask 10.6.16.0 Host range 10.6.16.1 - 10.6.31.254 B'cast Address 10.6.31.255 10.6.32.0 10.6.32.1 - 10.6.47.254 10.6.47.255 10.6.48.0 10.6.48.1 - 10.6.63.254 10.6.63.255 10.6.64.0 10.6.64.1 - 10.6.95.254 10.6.95.255 and so on. until 10.6.224.0 Thus our answer is 10.6.32.0, 10.6.47.255 Any more specifics, let me know I will explain. Then Hunt go through the TCP\IP subnetting and supernetting from as many books as possible until you feel comfortable. Any other help you need let me know. Rajeev Soni Reply Separator Subject:Re: Subnet questions Author: Andy <[EMAIL PROTECTED]> Date: 2/3/2001 5:40 PM On Sun, 4 Feb 2001, Hunt Lee wrote: > I have three subnet / route summarization questions but I don't > understand the answer, any help would be greatly appreciated. > > Q1) Choose the appropriate classless network address and broadcast > address for the IP address 10.6.38.50 with a subnet mask of > 255.255.240.0 > > A) 10.6.38.49 and 10.6.38.62 > > B) 10.6.32.0 and 10.6.47.255 > > C) 10.6.38.0 and 10.6.38.255 > > D) 10.0.0.0 and 10.255.255.255 > > Answer is B. No its not. The answer is 10.6.38.48 and 10.6.38.63. It probably meant to say classful. > Q2) Given a classless route summarization of 72.8.0.0 /13. Which IP > address fall into this scope? > > A) 72.15.36.8 > > B) 72.13.1.1 > > C) 72.8.20.10 > > D) 72.7.200.100 > > E) 72.16.7.4 > > F) 72.40.1.8 > > Answer is A, B & C - why isn't E the ansewr as well? The range of 72.8.0.0/13 is 72.8.0.0 - 72.15.255.255. Its 8 Class B's. > Q3) When using classless supernetting, which route best summarizes > the following networks? > > 192.168.9.0 > 192.168.10.0 > 192.168.11.0 > 192.168.12.0 > > A) 192.168.0.9 / 20 > > B) 192.168.0.0 / 16 > > C) 192.168.9.0 / 22 > > D) 192.168.8.0 / 21 > > I thought D is the answer, but the answer is C. A /22 is 4 Class C's, a /21 is 8. I recommand finding or making (to actually learn it) a subnet table and just keeping referencing it until you don't need to anymore. andy _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Received: from groupstudy.com ([63.104.50.75]) by ccmail.itd.nps.gov with SMTP (IMA Internet Exchange 3.13) id 00859E1E; Sat, 3 Feb 2001 19:11:10 -0500 Received: from localhost (mail@localhost) by groupstudy.com (8.9.3/8.9.3) with SMTP id UAA25291; Sat, 3 Feb 2001 20:21:20 -0500 Received: by groupstudy.com (bulk_mailer v1.12); Sat, 3 Feb 2001 19:56:45 -0500 Received: (from listserver@localhost) by groupstudy.com (8.9.3/8.9.3) id TAA21521 GroupStudy Mailer; Sat, 3 Feb 2001 19:56:44 -0500 Received: from vision.tigerteam.net ([EMAIL PROTECTED] [207.179.211.98]) by groupstudy.com (8.9.3/8.9.3) with SMTP id TAA21499 GroupStudy Mailer; Sat, 3 Feb 2001 19:56:43 -0500 Received: (qmail 4251 invoked for bounce); 3 Feb 2001 17:40:31 - Received: from vision.tigerteam.net ([EMAIL PROTECTED]) by vision.tigerteam.net with SMTP; 3 Feb 2001 17:40:31 - Date: Sat, 3 Feb 2001 17:40:31 + (/etc/localtime) From: Andy <[EMAIL PROTECTED]> To: Hunt Lee <[EMAIL PROTECTED]> cc: [EMAIL PROTECTED] Subject: Re: Subnet questions In-Reply-To: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by groupstudy.com id TAA21499 Sender: [EMAIL PROTECTED] Reply-To: Andy <[EMAIL PROTECTED]> Precedence: bulk _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re[2]: Subnet questions
Great explanations John. Rajeev Soni Reply Separator Subject:Re: Subnet questions Author: John Neiberger <[EMAIL PROTECTED]> Date: 2/3/2001 4:07 PM Let's work through one or two of these to demonstrate what needs to happen. I've never tried to explain it to someone else before, so this will be good practice and I hope it makes sense! :-) > I have three subnet / route summarization questions but I don't > understand the answer, any help would be greatly appreciated. > > Q1)??? Choose the appropriate classless network address and broadcast > address for the IP address 10.6.38.50 with a subnet mask of > 255.255.240.0 > > A)??? 10.6.38.49 and 10.6.38.62 > > B)??? 10.6.32.0 and 10.6.47.255 > > C)??? 10.6.38.0 and 10.6.38.255 > > D)??? 10.0.0.0 and 10.255.255.255 > > Answer is B. > ? Ok, to really understand what is happening our first step is to convert the IP address and mask to binary: 1010.0110.00100110.00110010 = 10.6.38.50 ... = 255.255.240.0 Focus on the bit boundary where the mask changes from ones to zeroes. What is the place value of that right-most one? It's 16. So you know that your subnet boundaries, in decimal, will be in increments of 16, e.g. 10.6.0.0, 10.6.16.0, 10.6.32.0, 10.6.48.0, etc. You can see that 10.6.38.50 falls in the 10.6.32.0 subnet so that is the first part of the answer. For the second part of the answer, take the subnet address and convert all the host bits from zero to one. 1010.0110.0010 . = 10.6.32.0 1010.0110.0010 . = 10.6.47.255 There ya go, that's all there is to it. If you understand binary, it's fairly simple but it still takes a lot of practice to do it quickly. Let's do one more using basically the same approach. > > Q2)??? Given a classless route summarization of 72.8.0.0 /13.? Which IP > address fall into this scope? > > A)??? 72.15.36.8 > > B)??? 72.13.1.1 > > C)??? 72.8.20.10 > > D)??? 72.7.200.100 > > E)??? 72.16.7.4 > > F)??? 72.40.1.8 > > Answer is A, B & C - why isn't E the ansewr as well? > ? Start by converting the prefix and mask to binary. 01001000.1 000.. = 72.8.0.0 .1 000.. = 255.248.0.0 = /13 You can see, as was stated in the question, that 72.8.0.0 is the boundary for that prefix and mask. The place value of the last bit in the mask is 8. The next higher network with that mask would be 72.16.0.0, so the range of the 72.8 prefix is 72.8.0.0 - 72.15.255.255. A,B,and C are all in the 72.8.0.0/13 network. D is in 72.0.0.0/13, E is in 72.16.0.0/13, and F is in 72.40.0.0/13. Does that make sense? If not, there are others who are better at explaining this than I am. If this does make sense, work through the last few problems in your first post and post those results to the list. Work through it step by step, justifying each step as you go, and you'll quickly see how this all works together. HTH, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Received: from groupstudy.com ([63.104.50.75]) by ccmail.itd.nps.gov with SMTP (IMA Internet Exchange 3.13) id 00859EAC; Sat, 3 Feb 2001 19:31:43 -0500 Received: from localhost (mail@localhost) by groupstudy.com (8.9.3/8.9.3) with SMTP id UAA29555; Sat, 3 Feb 2001 20:39:52 -0500 Received: by groupstudy.com (bulk_mailer v1.12); Sat, 3 Feb 2001 20:16:29 -0500 Received: (from listserver@localhost) by groupstudy.com (8.9.3/8.9.3) id UAA24318 GroupStudy Mailer; Sat, 3 Feb 2001 20:16:28 -0500 Received: from gigi.excite.com (gigi.excite.com [199.172.152.110]) by groupstudy.com (8.9.3/8.9.3) with ESMTP id UAA24298 GroupStudy Mailer; Sat, 3 Feb 2001 20:16:27 -0500 Received: from slippery ([199.172.153.106]) by gigi.excite.com (InterMail vM.4.01.02.39 201-229-119-122) with ESMTP id <20010204000758.DLHE16037.gigi.excite.com@slippery>; Sat, 3 Feb 2001 16:07:58 -0800 Message-ID: <32165776.981245278578.JavaMail.imail@slippery> Date: Sat, 3 Feb 2001 16:07:58 -0800 (PST) From: John Neiberger <[EMAIL PROTECTED]> To: Hunt Lee <[EMAIL PROTECTED]>, [EMAIL PROTECTED] Subject: Re: Subnet questions X-Mailer: Excite Inbox X-Sender-Ip: 64.12.103.29 Sender: [EMAIL PROTECTED] Reply-To: John Neiberger <[EMAIL PROTECTED]> Precedence: bulk _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCMSN Book Recommendation??
Look at my CiscoKing site by clicking the link below. Hth, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.CiscoKing.com NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: AndyD [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 04, 2001 10:13 PM To: [EMAIL PROTECTED] Subject: BCMSN Book Recommendation?? Can someone please recommend a good study guide for the BCMSN test?? Thanks! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: About MPLS
You can checkout http://www.mplsrc.com/ Peter Van Oene wrote: > > I would add to that RFC 2547 and the more recent modification 2547bis. > > *** REPLY SEPARATOR *** > > On 12/26/2000 at 11:24 AM Talib wrote: > > >Below are two cisco documents. > > > >http://www.cisco.com/warp/public/cc/so/neso/vvda/ipatm/index.shtml > > > >>http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t5/vpn.htm > > > > > >Shabbir S. Talib > >MCSE, CNE, CCNA > > > >Tony wrote: > >> > >> Hi FOLKS, > >> I want use MPLS to make a VPN for my client,is there anyone can > >> recommand some material of MPLS to me?some samples is best. > >> Thanks and Merry Christmas! > >> > >> -- > >> Yours sincerely > >> Tony > >> > >> _ > >> FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html > >> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > >_ > >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- Roger Opdebeke Consultant / Instructor Global Knowledge / The Netherlands tel.: +31 33 4506262 fax.: +31 33 4506263 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Packet vs Byte
Everyone I am just wondering why IP Accounting and Sniffers us both Packet and Byte counters? Can someone explain this to me, why they use both and what are the difference's or seen me to a website? Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QOS for Citrix
I am also looking for something to do the same thing. So far I have found that Packeteer is about as good as it gets, but requires that applications have to be published individually to provide QoS to them. Another company that is working on something of this nature but hasnt been able to get me any decent information is Sitara Networks. If you find anything better than this please let me know as I am very interested. Thanks Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Linney Sent: Monday, February 05, 2001 5:30 AM To: [EMAIL PROTECTED] Subject: QOS for Citrix G'day All, Currently got a problem with a WAN I support where they are getting time-outs with their Citrix Clients. Citrix Clients are connected via frame-relay edge routers 1700's to an ATM core router 7200VXR NPE-200 with ATM DS3 routing traffic between all sites. Can anybody suggest any QOS solutions to prioritize the Citrix traffic. So far I have reserched the following: Citrix Ports 1494/tcp ica 1494/udp ica (not sure which of these needs more priority) bandwidth ~ 20k per user (although I have heard that it can be a lot higher than this) average packet size 300 bytes delay sensitive I am looking at Priority queueing, but a little concerned about the warnings that it may starve other traffic if the Citrix queue is constantly full. If anyone has any suggestions, or played with this before it would much appreciated. Many Thanks Steve _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MSFC CPU Utilization Pegged at 99%....but a sh proc cpu does not reveal anything past 1%
Actually traced the issue down to a device (possibly a 2948 Switch) sending a stream of UDP packets causing the CPU to peg. Filtered all UDP and everything calmed down. In the process of tracing down the culprit. Thanks for everyone's input. Patrick Greene -Original Message- From: Robert Padjen [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 04, 2001 3:28 PM To: Greene, Patrick; [EMAIL PROTECTED] Subject: Re: MSFC CPU Utilization Pegged at 99%but a sh proc cpu does not reveal anything past 1% Check to see if you have a multicast (or several) stream going through. We are seeing the first signs of a bug on ours where it appears that all packets are written to MLS and process switching. --- "Greene, Patrick" <[EMAIL PROTECTED]> wrote: > Have a 6509 with 2 MSFC's. The MSFC's are running > 12.1(2)E. Just had one > of the MSFC's spike to 99%. A sh proc cpu reveals > that total utlization > should add up to about 5%. A reload of the module > causes the exact same > thing. A no changes have been made. Anybody seen > this before. Also, the > other MSFC and Switch Utilization are both showing > about 3-5%, which is > normal. > > > Thank You, > Patrick Greene > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Robert Padjen __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: QOS for Citrix
Hi Steve I currently use custom queueing to give priority to mainframe traffic then dec then citrix with any other ip in a default queue. the ports that you need for citrix are :- both tcp and udp ports 1494,1604,2512,2513,2598 hope this helps Dave "Steve Linney" cc: Sent by: Subject: QOS for Citrix [EMAIL PROTECTED] 05/02/2001 11:30 Please respond to "Steve Linney" G'day All, Currently got a problem with a WAN I support where they are getting time-outs with their Citrix Clients. Citrix Clients are connected via frame-relay edge routers 1700's to an ATM core router 7200VXR NPE-200 with ATM DS3 routing traffic between all sites. Can anybody suggest any QOS solutions to prioritize the Citrix traffic. So far I have reserched the following: Citrix Ports 1494/tcp ica 1494/udp ica (not sure which of these needs more priority) bandwidth ~ 20k per user (although I have heard that it can be a lot higher than this) average packet size 300 bytes delay sensitive I am looking at Priority queueing, but a little concerned about the warnings that it may starve other traffic if the Citrix queue is constantly full. If anyone has any suggestions, or played with this before it would much appreciated. Many Thanks Steve _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: [NAT on Cisco 2500 / 2600 series router]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ravi Kumar Sent: Sunday, February 04, 2001 9:58 PM To: Tariq; [EMAIL PROTECTED] Subject: Re: [NAT on Cisco 2500 / 2600 series router] hi tariq config#access-list 10 permit your networkID subnetMASK config#int e0: ip nat inside config# int s0: ip nat outside config# ip nat inside source list 10 int s0 overload To give the outside world access to something inside (ie Your FTP server) you would also want to add ip nat inside source static That should take care of it with the above commands also == thats all. it will work for 2500/2600 routers. bye ravee "Tariq" <[EMAIL PROTECTED]> wrote: Hello Everybody !!! Can anyobdy tell me how to define NAT on CISCO 2500 / 2600 series Router. ? Please send me some useful links and informations. I have to define NAT on my cisco router for my FTP server which resides in my local area network. Thanks Tariq _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get free email and a permanent address at http://www.netaddress.com/?N=1 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Has anyone purchase cables from this company before?
I ordered 5 60pin back to back cables...they came quickly and all worked finebest price that I could find...better than ebayetc. "fartcatcher" <[EMAIL PROTECTED]> wrote in message 95fhak$6e9$[EMAIL PROTECTED]">news:95fhak$6e9$[EMAIL PROTECTED]... > http://catalog.symmic.com/viewProduct.cfm?item_id=398076 > > They sell db60 DTE/DCE cables and lingerie(?). I have 2 2509s and a 2503 that > I wold like to setup a lab with and I need the db60 cables. > > Anyone ordered from them before? > > Thanks, > fartcatcher. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Router Rack Sytstem
I didnt really look at the site to hunt down the rack you are specifically talking about, but I have gotten several small racks from http://www.musiciansfriend.com/ex/shop/home/010201080620063168193003284192?p id=450238 Its just a small 8U that they charge 14.95 for. They work great -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ray Smith Sent: Sunday, February 04, 2001 12:49 PM To: [EMAIL PROTECTED] Subject: Router Rack Sytstem Hey Guys, Could you please take a look at these two racks and tell me which one is more appropriate for 4-5 routers for a home lab? Thanks for whatever help you can offer guys. http://catalog.blackbox.com/BlackBox/Templates/blackbox/mainscreen.asp http://catalog.blackbox.com/BlackBox/Templates/blackbox/mainscreen.asp By the way, this is the only site that I could find with network racks ...Peace! Ray _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring Bay router loopback
It just wont allow this command to be entered.? >>>Brian >From: "Howard C. Berkowitz" <[EMAIL PROTECTED]> >Reply-To: "Howard C. Berkowitz" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: Configuring Bay router loopback >Date: Fri, 2 Feb 2001 20:56:14 -0500 > > >Thanks Howard, > >I found something tried it, but we couldn't get it to work. > >Here are the commands we tried: > >Starting IP on the Circuitless Interface > >To configure a circuitless IP interface, begin at the Configuration > >Manager window and proceed as follows: > >1. Select Protocols > IP > Circuitless IP > Create to display the IP > >Configuration window. > > > >2. Edit the parameters on the IP Configuration window. > > > >3. Click on OK to save the circuitless IP interface. > > > >A special Select Protocols window opens, listing the protocols you > >can configure on a circuitless interface. > > > >4. Select a protocol and click on OK. > > > Brian > > >Even though I work for Nortel, my experience, of course, is much more >with Cisco. That looks reasonable. What isn't working? > > > > > > > > >>From: "Howard C. Berkowitz" <[EMAIL PROTECTED]> > >>Reply-To: "Howard C. Berkowitz" <[EMAIL PROTECTED]> > >>To: [EMAIL PROTECTED] > >>Subject: Re: Configuring Bay router loopback > >>Date: Fri, 2 Feb 2001 18:18:02 -0500 > >> > >>>Anybody know how to configure a loopback interface on a Bay router? > >>> > >>Brian > >>>_ > >> > >> > >> > >>Look under "circuitless interface". That's the Bay RS equivalent to > >>Cisco's "loopback interface." > >> > >>_ > >>FAQ, list archives, and subscription info: > >>http://www.groupstudy.com/list/cisco.html > >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > >_ > >Get your FREE download of MSN Explorer at http://explorer.msn.com > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: QOS for Citrix
Hi Steve I currently use custom queueing to give priority to mainframe traffic then dec then citrix with any other ip in a default queue. the ports that you need for citrix are :- both tcp and udp ports 1494,1604,2512,2513,2598 hope this helps Dave _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Clarify the differences between Ethernet & IEEE 802.3
Actually it was called "Aloha Protocol", with a successor called "Slotted Aloha" developed at the University of Hawai'i. Alloah is the Islamic version of this protocol ;-). Cheers, Gernot Phil Barker wrote: > > IEEE 802.3 does indeed define the operation of > CSMA/CD, which I believe is media - independent. > I seem to recall that CSMA/CD was first tried out with > a project called 'Alloah' in the 1970's between > several islands, one being Hawaii, so radio was the > medium here. > > http://www.smarthomeforum.com/ethernet.shtml > See link > > Phil. > > --- Billy Monroe <[EMAIL PROTECTED]> wrote: > > I see a description of the differences between them > > but I can't really > > understand that in practical terms. > > Is the IEEE 802.3 the CSMA/CD ? > > > > > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > Do You Yahoo!? > Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk > or your free @yahoo.ie address at http://mail.yahoo.ie > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Has anyone purchase cables from this company before?
Nice price. 29.95 for V.35 btb! I did find one aspect very amusing however. Here are the only two top level categories that this company seems to have: Computers AND Lingerie How could I not see the correlation between these two before? /sarcasm off (for my fellow EQ'ers out there) Frank DP/NP (Voice), Lab 3/14 --- Jeff McCoy <[EMAIL PROTECTED]> wrote: > I ordered 5 60pin back to back cables...they came > quickly and all worked > finebest price that I could find...better than > ebayetc. > > "fartcatcher" <[EMAIL PROTECTED]> wrote in > message > 95fhak$6e9$[EMAIL PROTECTED]">news:95fhak$6e9$[EMAIL PROTECTED]... > > > http://catalog.symmic.com/viewProduct.cfm?item_id=398076 > > > > They sell db60 DTE/DCE cables and lingerie(?). I > have 2 2509s and a 2503 > that > > I wold like to setup a lab with and I need the > db60 cables. > > > > Anyone ordered from them before? > > > > Thanks, > > fartcatcher. > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Fw: Doyle Vol. II
Forwarding this along, in case anyone else was wondering... - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, February 05, 2001 9:02 AM Subject: RE: Feedback Bradley, Thank you for your interest in Cisco Press. Routing TCP/IP Volume II, CCIE Professional Development will be released mid April 2001. Please let me know if you have any other questions. Amy Lewis Cisco Press _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Starting with VPN...help...
Hey Group, Just found out that I'm going to be a huge part of the VPN implementation where I work at. I need some info on which books to get. Let's pretend I have no clue how VPN works. What books will teach me from start to finish? I have been recomended Howard's "WAN Survival Guide : Strategies for VPN's, Multi-Service Networks, and Mobility" and have also found Cisco's "Enhanced IP Services for CISCO Networks: A Practical Resource for Deploying Quality of Service, Security, IP Routing, and VPN Services". What do you guys think. Thanks. Mark Z. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re[2]: Subnet questions
While I recognize many of the Cisco questions are terrible about being precise in their terminology, it's a slight help -- and every bit helps -- to make a point of avoiding the word "network," and possibly "subnet," in a classless environment. As many people have said, the answer is not in the octets, but is in the bits (sounds vaguely Shakespearean). From my own experience, it's far more effective to find the answer by playing with the prefix lengths rather than the octets. Q3 is terribly written, because the only information it gives you on prefix length is the classful implied length of /24. But under clasless terminology, the question _could_ be referring to: > > 192.168.9.0/28 > > 192.168.10.0/26 > > 192.168.11.0/24 > 192.168.12.0/27 for which summarization could not work. A way to pose what I think the real question is: "You have four /24 prefixes. If they are contiguous, what would be the prefix length of the supernet that appropriately aggregates them? What would the supernet address be?" >Answer for the question 1 is B and I can prove it. > >Our subnet mask is 255.255.240.0 => which means 4 bits from the >third octet are >used for the subnet masking. >That gives us the interval of 16 between the two networks. >Following will be the networks for the subnet mask > >10.6.16.0 Host range 10.6.16.1 - 10.6.31.254 B'cast Address 10.6.31.255 >10.6.32.0 10.6.32.1 - 10.6.47.254 10.6.47.255 >10.6.48.0 10.6.48.1 - 10.6.63.254 10.6.63.255 >10.6.64.0 10.6.64.1 - 10.6.95.254 10.6.95.255 >and so on. until >10.6.224.0 > >Thus our answer is 10.6.32.0, 10.6.47.255 > >Any more specifics, let me know I will explain. > >Then Hunt go through the TCP\IP subnetting and supernetting from as many books >as possible until you feel comfortable. Any other help you need let me know. > >Rajeev Soni > >Reply Separator >Subject:Re: Subnet questions >Author: Andy <[EMAIL PROTECTED]> >Date: 2/3/2001 5:40 PM > > > >On Sun, 4 Feb 2001, Hunt Lee wrote: > >> I have three subnet / route summarization questions but I don't >> understand the answer, any help would be greatly appreciated. >> >> Q1)ÝÝÝ Choose the appropriate classless network address and broadcast >> address for the IP address 10.6.38.50 with a subnet mask of >> 255.255.240.0 >> >> A)ÝÝÝ 10.6.38.49 and 10.6.38.62 >> >> B)ÝÝÝ 10.6.32.0 and 10.6.47.255 >> >> C)ÝÝÝ 10.6.38.0 and 10.6.38.255 >> >> D)ÝÝÝ 10.0.0.0 and 10.255.255.255 >> >> Answer is B. > >No its not. The answer is 10.6.38.48 and 10.6.38.63. It probably meant to >say classful. > >> Q2)ÝÝÝ Given a classless route summarization of 72.8.0.0 /13.Ý Which IP >> address fall into this scope? >> >> A)ÝÝÝ 72.15.36.8 >> >> B)ÝÝÝ 72.13.1.1 >> >> C)ÝÝÝ 72.8.20.10 >> >> D)ÝÝÝ 72.7.200.100 >> >> E)ÝÝÝ 72.16.7.4 >> >> F)ÝÝÝ 72.40.1.8 >> >> Answer is A, B & C - why isn't E the ansewr as well? > >The range of 72.8.0.0/13 is 72.8.0.0 - 72.15.255.255. Its 8 Class B's. > >> Q3)ÝÝÝ When using classless supernetting, which route best summarizes >> the following networks? >> > > 192.168.9.0 >> 192.168.10.0 >> 192.168.11.0 > > 192.168.12.0 >> >> A)ÝÝÝ 192.168.0.9 / 20 >> >> B)ÝÝÝ 192.168.0.0 / 16 >> >> C)ÝÝÝ 192.168.9.0 / 22 >> >> D)ÝÝÝ 192.168.8.0 / 21 >> >> I thought D is the answer, but the answer is C. > >A /22 is 4 Class C's, a /21 is 8. I recommand finding or making (to >actually learn it) a subnet table and just keeping referencing it until >you don't need to anymore. > >andy > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >Received: from groupstudy.com ([63.104.50.75]) by ccmail.itd.nps.gov with SMTP > (IMA Internet Exchange 3.13) id 00859E1E; Sat, 3 Feb 2001 19:11:10 -0500 >Received: from localhost (mail@localhost) > by groupstudy.com (8.9.3/8.9.3) with SMTP id UAA25291; > Sat, 3 Feb 2001 20:21:20 -0500 >Received: by groupstudy.com (bulk_mailer v1.12); Sat, 3 Feb 2001 >19:56:45 -0500 >Received: (from listserver@localhost) > by groupstudy.com (8.9.3/8.9.3) id TAA21521 > GroupStudy Mailer; Sat, 3 Feb 2001 19:56:44 -0500 >Received: from vision.tigerteam.net ([EMAIL PROTECTED] >[207.179.211.98]) > by groupstudy.com (8.9.3/8.9.3) with SMTP id TAA21499 > GroupStudy Mailer; Sat, 3 Feb 2001 19:56:43 -0500 >Received: (qmail 4251 invoked for bounce); 3 Feb 2001 17:40:31 - >Received: from vision.tigerteam.net ([EMAIL PROTECTED]) > by vision.tigerteam.net with SMTP; 3 Feb 2001 17:40:31 - >Date: Sat, 3 Feb 2001 17:40:31 + (/etc/localtime) >From: Andy <[EMAIL PROTECTED]> >To: Hunt Lee <[EMAIL PROTECTED]> >cc: [EMAIL PROTECTED] >Subject: Re: Subnet questions >In-Reply-To: <[EMAIL PROTECTED]> >Message-ID: <[EMAIL PROTECTED]> >X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8
2509 Terminal Server Problem
I have a 2509 connected via an OCTAL cable to a few console ports. When I connect using 'telnet router1 2001' I get no command line, but the connection says '.OPEN'. When I telnet to router1 and configure it, console messages appear on the reverse telnet session, but still no command prompt. I have it configured just as it is here: http://www.cisco.com/warp/public/793/access_dial/comm_server.html Any help would be greatly appreciated. thanks, ramius _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Disabling Spanning Tree!!!!!!!
OK, I know it's not a good idea, but we have a requirement to disable spanning tree on our switches. We have a 4908 to which we have 3548's connected. Could somebody confirm that I have disabled spanning tree in the configuration for the 4908 attached, as I think it is, but somebody on the relevant site is saying that it is not. <<4908_1.txt>> Many thanks Shaun This e-mail and any attachments may contain privileged, confidential and/or copyright information and is for the sole use of the intended addressee. If you are not the named recipient, please notify the sender immediately and do not disclose the contents to another person, use it for any purpose, or store or copy the information in any medium.This message is subject to and does not create or vary any contractual relationship between Telindus K-NET Ltd and you. ! version 12.0 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname 4908-01 ! ip subnet-zero ipx routing 0002.0002.0002 bridge irb ! interface GigabitEthernet1 ip address 10.192.1.1 255.255.255.0 no ip directed-broadcast shutdown ! interface GigabitEthernet2 ip address 10.192.2.1 255.255.255.0 no ip directed-broadcast shutdown ! interface GigabitEthernet3 no ip address no ip directed-broadcast ! interface GigabitEthernet3.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet3.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet3.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet4 no ip address no ip directed-broadcast ! interface GigabitEthernet4.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet4.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet4.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet5 no ip address no ip directed-broadcast ! interface GigabitEthernet5.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet5.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet5.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet6 no ip address no ip directed-broadcast ! interface GigabitEthernet6.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet6.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet6.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet7 no ip address no ip directed-broadcast ! interface GigabitEthernet7.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet7.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet7.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet8 no ip address no ip directed-broadcast ! interface GigabitEthernet8.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet8.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet8.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface BVI1 ip address 10.1.1.1 255.255.0.0 no ip redirects no ip directed-broadcast no ip route-cache cef ! interface BVI2 ip address 10.2.1.1 255.255.255.0 no ip redirects no ip directed-broadcast no ip route-cache cef ! interface BVI3 ip address 10.3.1.1 255.255.0.0 no ip redirects ip directed-broadcast no ip route-cache cef ipx network C21193 encapsulation SAP ipx network C31193 encapsulation NOVELL-ETHER secondary ! router rip network 10.0.0.0 ! ip classless ! snmp-server community public RO snmp-server community private RW ! bridge 1 protocol ieee bridge 1 route ip bridge 2 protocol ieee bridge 2 route ip bridge 3 protocol ieee bridge 3 route ip bridge 3 route ipx ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 session-timeout 60 exec-timeout 60 0 login ! end _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: very confused with access-list, pls help!!
>Chee Tong, > >> 1)I am very confused with access-list now, I have named my access-list as >> below >> >> But I found when apply multiple access group in the int E0, >> like below >> Router(config-if)#ip access-group a3000 in >> Router(config-if)#ip access-group range in >> Router(config-if)#ip access-group telnet in >> >> but when I Router#sh run only ip access-group telnet in shown in the >config >> (the last one), where are the a3000, range ?? > >Only one access list may be applied per interface, per direction, per protocol type. >at any >given time. For IP, access lists generally apply to the packet headers and possibly TCP/IP fields of packets that normally would enter the router at one interface and leave it on another. There are many other access-list like commands that deal with traffic that is intended to enter the router and stay there, such as access groups, distribute lists, etc., or cause an action originating in the router (e.g., dialer lists). The key to all of these is understanding that each line of access lists and access-list-like commands has a pattern to match and an action to take when that pattern is matched. Multi-line access lists are scanned top-to-bottom until either the match condition is met (and scanning stops) or the implicit deny all at the end is reached. Route maps, crypto maps, etc., are more complex, in that they have patterns to match, but can apply multiple actions on a match. > >If you want all these access-list statements to work together, then you will >need to put them into a single access list, ie: > ip access-list extended MyGroovyStuff >contents of a3000 ... >contents of range ... >contents of telnet ... > >Then apply the new list to your interface, ie: > interface ethernet 0 >ip access-group MyGroovyStuff in > >> 2)When I type sh access-list, why it shows me that access-group "range" is >> still applied as shown below. Besides, why the line >> permit tcp host 199.105.182.190 eq 8194 host 192.168.3.112 eq 8201 (17 >> matches) and etc appear in the Extended IP access list telnet and I >thought >> it should show in the Extended IP access list range >> > >I would guess that any matches on the 'a3000' and 'range' access lists >(providing that you are applying them to your interface in the order you >listed above) are as a result of 'hits' on the access list while you are >making the change, eg: > >> Router(config-if)#ip access-group a3000 in > >When you type this command and press enter, it is applied to your interface. >Stats will be logged for this list from now until when you type the next >line and press enter (say 10 seconds). > >> Router(config-if)#ip access-group range in > >Same behavious as above, but now the 'range' access list has been applied >and the 'a3000' list removed. > >> Router(config-if)#ip access-group telnet in > >Now your final access list 'telnet' is applied (and neither 'a3000' or >'range' are applied to the interface. > >I am also assuming that you have entered the 'ip access-group ...' commands >a number of times in your effort to fix it and each time traffic that >matches the list (even though that list may only be active for a very short >while), a 'match' is recorded. > >> 3)In my config file, there are entry like "no ip route-cache" as shown >> below, may I know how to delete it? > >Enter the command 'route-cache' (ie. the opposite of no route-cache), eg: > > router(config)#interface ethernet 0 > router(config-if)#route-cache > >> 4)when I do a on router >> SIN01>sh ip route connected >> C 58.199.164.0/22 is directly connected, FastEthernet0/0 >> C 58.199.126.0/27 is directly connected, FastEthernet0/0 >> >> Why two networks can state directly connected to one interface, what does >it >> mean?? > >You may have two IP addresses configured for the interface. > >Regards > >Adam Burgess >Brisbane, Australia > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Packet vs Byte
> Everyone > >I am just wondering why IP Accounting and Sniffers us both Packet and Byte >counters? Can someone explain this to me, why they use both and what are the >difference's or seen me to a website? > >Brian At the most basic, byte statistics tend to reflect limitations of bandwidth or congestion of the medium. Packet statistics tend to reflect limitations of forwarding devices (e.g., lookup speeds)--their ability to handle headers. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Disabling Spanning Tree!!!!!!!
Hi, As long as you don't have any L2 loops then your fine, it will be a more stable topology but only as long as you know there aren't any loops going on. On your 3500xl you can further improve this by enabling portfast on the switch ports connected to PC workstations, ( this eliminates the production of TCN's) check out. LAN tips http://www.cisco.com/warp/customer/473/ Port fast http://www.cisco.com/warp/customer/473/12.html spanning tree troubleshooting http://www.cisco.com/warp/customer/473/16.html regards /Stuart. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Shaun Wakelen Sent: Monday, February 05, 2001 2:46 PM To: Cisco GS Subject: Disabling Spanning Tree!!! OK, I know it's not a good idea, but we have a requirement to disable spanning tree on our switches. We have a 4908 to which we have 3548's connected. Could somebody confirm that I have disabled spanning tree in the configuration for the 4908 attached, as I think it is, but somebody on the relevant site is saying that it is not. <<4908_1.txt>> Many thanks Shaun This e-mail and any attachments may contain privileged, confidential and/or copyright information and is for the sole use of the intended addressee. If you are not the named recipient, please notify the sender immediately and do not disclose the contents to another person, use it for any purpose, or store or copy the information in any medium.This message is subject to and does not create or vary any contractual relationship between Telindus K-NET Ltd and you. ! version 12.0 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname 4908-01 ! ip subnet-zero ipx routing 0002.0002.0002 bridge irb ! interface GigabitEthernet1 ip address 10.192.1.1 255.255.255.0 no ip directed-broadcast shutdown ! interface GigabitEthernet2 ip address 10.192.2.1 255.255.255.0 no ip directed-broadcast shutdown ! interface GigabitEthernet3 no ip address no ip directed-broadcast ! interface GigabitEthernet3.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet3.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet3.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet4 no ip address no ip directed-broadcast ! interface GigabitEthernet4.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet4.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet4.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet5 no ip address no ip directed-broadcast ! interface GigabitEthernet5.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet5.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet5.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet6 no ip address no ip directed-broadcast ! interface GigabitEthernet6.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet6.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet6.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet7 no ip address no ip directed-broadcast ! interface GigabitEthernet7.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet7.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet7.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface GigabitEthernet8 no ip address no ip directed-broadcast ! interface GigabitEthernet8.1 encapsulation isl 1 no ip redirects no ip directed-broadcast bridge-group 1 spanning-disabled ! interface GigabitEthernet8.2 encapsulation isl 2 no ip redirects no ip directed-broadcast bridge-group 2 spanning-disabled ! interface GigabitEthernet8.3 encapsulation isl 3 no ip redirects no ip directed-broadcast bridge-group 3 spanning-disabled ! interface BVI1 ip address 10.1.1.1 255.255.0.0 no ip redirects no ip directed-broadcast no ip route-cache cef ! interface BVI2 ip address 10.2.1.1 255.255.255.0 no ip redirects no ip directed-broadcast no ip route-cache cef ! interface BVI3 ip address 10.3.1.1 255.255.0.0 no ip
Re: Packet vs Byte
This is because either counter by itself isn't very helpful. Let's say you saw 1 packets in a one minute period. If these were 64-byte packets, that's only 640kb, not a big deal. However, if these are 1500-byte packets, you're now approaching 15Mb. That's a pretty significant difference! To get a more realistic idea of your traffic flows, you really need to count both the number of bytes and packets. HTH, John (who, as usual, needs a caffeine IV drip right about now.) > >Everyone > > I am just wondering why IP Accounting and Sniffers us both Packet and Byte > counters? Can someone explain this to me, why they use both and what are the > difference's or seen me to a website? > > Brian > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Another 802.3 and Ethernet Question
While studying for CIT, I noticed something that had never occurred to me before. The default ethernet frame type on a Cisco router is Ethernet_II, but the only physical interface specified by Ethernet version 2 is 50-ohm coax, IIRC, similar to 10base5 On 10baseT or 100baseTX interfaces, which are on every router I've ever worked with, why is the default frame type not IEEE 802.3? Ethernet_II only has a type field, while IEEE 802.3 frames include 802.2 information. What sorts of functionality would be available through the use of that frame type that are not available with Ethernet_II? In IP-only environments, would there be a good reason to change to a different frame type, or would we only benefit from a different frame type in a non-IP environment or mixed environment? Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question: "stop-start packet"
I have looked for an explanation as to what a "stop-start packet" is. Protocol specific? Routing packet? True function? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Extremely Odd Routing resolved, sort of...
As we all know, when we configure a static IP route, the next hop IP address should be a host IP address of a directly connected network (or an exit interface number). for example, in Windows NT or Netware systems, if your system is connected to, say, network 192.168.50.0/24, and you try to add a static IP route, say, 192.168.60.0/24 with a next hop IP address 192.168.53.x. you will get an error message. Am I right? If you are thinking this will be the same in Cisco IOS, you could be wrong. Try to turn on you router (just one router is enough), and leave all you interface down. Then typing in the following lines IP route 200.168.1.16 255.255.255.240 192.168.92.65 IP route 192.168.92.0 255.255.255.255 192.168.1.65 IP route 192.168.1.64 255.255.255.240 Null 0 Note that, none of the router's interface is connected to any of the network numbers shown in the configuration (of course, except the null 0 interface). Now try a 'show IP route'. You will get the following lines s 200.168.1.16/28 via 192.168.92.65 s 192.168.92.0/24 via 192.168.1.65 s 192.168.1.64/28 is directly connected, null0 This experiment approved that IOS will keep a static route in its routing table as long as it thinks there is a 'live' path to that network, even that 'live' path will lead to a dead null interface. and it really does not care where the next hop IP address is located in the entire network as long as that hop is 'reachable' according to its own routing table. Is this a good thing, bad thing or an IOS Bug??? However, this explains John's problem very well. Even when the PVC is down the route entry 'S 10.50.1.1 255.255.255.255 via 10.1.1.2' will be still in routing table, because the next hop address 10.1.1.2 is still reachable via 'S 10.0.0.0 255.0.0.0 is directly connected Null0' Could anyone explain how John's problem would be fixed without turning off 'IP classless' and still keep the 'IP route 10.0.0.0 255.0.0.0 Null0' entry in the routing table? JZ "John Neiberger" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Ok, to recap, here was the problem. We have two PVCs from router A to > router B. We have eigrp running on the first PVC but not on the second, and > there are static routes forcing certain traffic to use the second PVC. > These are point-to-point frame relay links. Here are the relevant static > routes affecting the second PVC, and let's assume the loopback address at > the router B is 10.50.1.1: > > ip route 10.50.1.1 255.255.255.255 10.1.1.2 50 > > We also have another static route for an entirely separate reason, but it is > involved here, as well: > > ip route 10.0.0.0 255.0.0.0 Null0 > > We recently upgraded to 12.1 from 11.2. In 11.2, "no ip classless" was the > default. In 12.x, ip classless is the default. > > We thought that if the second PVC went down, since the next hop was > unavailable, the router would pick the next available route with a higher > administrative distance. Since there is a valid route to router B over the > first PVC, we thought it would take this route. The odd thing was, it > wasn't and we didn't know why. Here's why: > > Even though 10.1.1.2 was at the other end of a point-to-point link and shows > in the routing table as directly connected, the router never realized that > that route disappeared! When the PVC was down, if I did a show ip route > 10.50.1.1, it would show as reachable via 10.1.1.2. Then a show ip route > 10.1.1.2 would show that it was reachable thanks to the 10.0.0.0 route > pointing to null0. Isn't that freaky?? > > I assumed that the router would be smart enough to know that if a point to > point link is down, the remote IP address is truly unreachable, even if > there is valid supernet route; apparently, such is not the case. I did > some testing and proved to myself that this is what was happening. > > So, since we don't require classless routing on this router, I've turned it > off. Now, the router will not use the 10.0.0.0 supernet route and it will > correctly decide that the point to point link is down. Then, it will use > the eigrp-learned route on the other PVC. > > If someone understands why a router would choose a supernet route to reach a > directly attached down interface, please let me know. I'm sure this will > come up later! > > Thanks, > John > > > > > > ___ > Send a cool gift with your E-Card > http://www.bluemountain.com/giftcenter/ > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Exam Number: 640-503
Can anyone recommend a couple of good book for the Routing exam 640-503? Thanks, Mike _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Packet vs Byte
Does anyone have any good online sources for technical books? So far, the best site I have found is http://www.bookpool.com but I was just wondering if there were any others out there? Thanks! Heather Buri _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLAN routing on 2600
Don't forget the 2650 series as well plus IOS. ""Groupstudy"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The 2620 and 2621 have fast ethernet ports and support trunking with IP Plus > IOS. > > - Original Message - > From: Kevin Wigle <[EMAIL PROTECTED]> > To: Daniel Cotts <[EMAIL PROTECTED]>; 'kz' <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Saturday, February 03, 2001 8:13 PM > Subject: Re: VLAN routing on 2600 > > > > except 2600's don't do the fe thing.. > > > > > > - Original Message - > > From: "Daniel Cotts" <[EMAIL PROTECTED]> > > To: "'kz'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > > Sent: Friday, 02 February, 2001 10:26 > > Subject: RE: VLAN routing on 2600 > > > > > > > Those with 100Mbs ports. > > > > > > > -Original Message- > > > > From: kz [mailto:[EMAIL PROTECTED]] > > > > Sent: Friday, February 02, 2001 4:33 AM > > > > To: [EMAIL PROTECTED] > > > > Subject: VLAN routing on 2600 > > > > > > > > > > > > Hi > > > > > > > > Is it possible to perform VLAN routing on 2600 routers? > > > > > > > > thanx > > > > kz > > > > > > > > _ > > > > FAQ, list archives, and subscription info: > > > > http://www.groupstudy.com/list/cisco.html > > > > Report misconduct > > > > and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Extremely Odd Routing resolved, sort of...
Thanks, you nailed the problem exactly! I'm not sure if that behavior is good or bad, but I know that in my case it is bad. Since we don't need classless routing on this router, we turned it off, but I wish there were a better solution. My preference would be for the router to remove all static routes pointing to next-hop addresses at the other side of directly attached interfaces that are down, even if it thinks that network is reachable via another route. If the link is point-to-point, the network is absolutely unreachable, so why not treat it as such? Anyone else have thoughts about this? > As we all know, when we configure a static IP route, the next hop IP > address should be a host IP address of a directly connected network (or an > exit interface number). for example, in Windows NT or Netware systems, if > your system is connected to, say, network 192.168.50.0/24, and you try to > add a static IP route, say, 192.168.60.0/24 with a next hop IP address > 192.168.53.x. you will get an error message. Am I right? > If you are thinking this will be the same in Cisco IOS, you could be wrong. > Try to turn on you router (just one router is enough), and leave all you > interface down. Then typing in the following lines > > IP route 200.168.1.16 255.255.255.240 192.168.92.65 > IP route 192.168.92.0 255.255.255.255 192.168.1.65 > IP route 192.168.1.64 255.255.255.240 Null 0 > > Note that, none of the router's interface is connected to any of the network > numbers shown in the configuration (of course, except the null 0 interface). > > Now try a 'show IP route'. You will get the following lines > > s 200.168.1.16/28 via 192.168.92.65 > s 192.168.92.0/24 via 192.168.1.65 > s 192.168.1.64/28 is directly connected, null0 > > This experiment approved that IOS will keep a static route in its routing > table as long as it thinks there is a 'live' path to that network, even that > 'live' path will lead to a dead null interface. and it really does not care > where the next hop IP address is located in the entire network as long as > that hop is 'reachable' according to its own routing table. > > Is this a good thing, bad thing or an IOS Bug??? > > However, this explains John's problem very well. Even when the PVC is down > the route entry > 'S 10.50.1.1 255.255.255.255 via 10.1.1.2' > will be still in routing table, because the next hop address 10.1.1.2 is > still reachable via > 'S 10.0.0.0 255.0.0.0 is directly connected Null0' > > Could anyone explain how John's problem would be fixed without turning off > 'IP classless' and still keep the > 'IP route 10.0.0.0 255.0.0.0 Null0' entry in the routing table? > > JZ > > "John Neiberger" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Ok, to recap, here was the problem. We have two PVCs from router A to > > router B. We have eigrp running on the first PVC but not on the second, > and > > there are static routes forcing certain traffic to use the second PVC. > > These are point-to-point frame relay links. Here are the relevant static > > routes affecting the second PVC, and let's assume the loopback address at > > the router B is 10.50.1.1: > > > > ip route 10.50.1.1 255.255.255.255 10.1.1.2 50 > > > > We also have another static route for an entirely separate reason, but it > is > > involved here, as well: > > > > ip route 10.0.0.0 255.0.0.0 Null0 > > > > We recently upgraded to 12.1 from 11.2. In 11.2, "no ip classless" was > the > > default. In 12.x, ip classless is the default. > > > > We thought that if the second PVC went down, since the next hop was > > unavailable, the router would pick the next available route with a higher > > administrative distance. Since there is a valid route to router B over > the > > first PVC, we thought it would take this route. The odd thing was, it > > wasn't and we didn't know why. Here's why: > > > > Even though 10.1.1.2 was at the other end of a point-to-point link and > shows > > in the routing table as directly connected, the router never realized that > > that route disappeared! When the PVC was down, if I did a show ip route > > 10.50.1.1, it would show as reachable via 10.1.1.2. Then a show ip route > > 10.1.1.2 would show that it was reachable thanks to the 10.0.0.0 route > > pointing to null0. Isn't that freaky?? > > > > I assumed that the router would be smart enough to know that if a point to > > point link is down, the remote IP address is truly unreachable, even if > > there is valid supernet route; apparently, such is not the case. I did > > some testing and proved to myself that this is what was happening. > > > > So, since we don't require classless routing on this router, I've turned > it > > off. Now, the router will not use the 10.0.0.0 supernet route and it will > > correctly decide that the point to point link is down. Then, it will use >
Re: Exam Number: 640-503
I wholeheartedly recommend the Ciscopress BSCN study guide. It covers 95% of what you'll see on the test. Another excellent book for this test--and one that you should own anyway--is Routing TCP/IP by Jeff Doyle. Among other things, it covers EIGRP and OSPF very well. I also found Bridges, Routers, and Switches for CCIE's by Andrew Bruce Caslow helpful for understanding OSPF in NBMA environments. Heck, it helped me understand NBMA, period! :-) For additional BGP study, pick up the 2nd edition of Internet Routing Architectures. Actually, now that I think about it, you should own all of the above books, so go buy all of them . Those last three books will more than pay for themselves in the long run. If you're only going to get one study guide for this test, though, the Ciscopress study guide might be the way to go. HTH, John > Can anyone recommend a couple of good book for the Routing exam 640-503? > > Thanks, > Mike > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN3000
Does any body know this: I am configuring the VPN 3000 to send SNMP traps to our network monitoring system. I need to know the text that the VPN 3000 generates for all events in certain event classes. I will set the VPN 3000 to forward these events as traps. The event classes of interest are: HARDWAREMON IP REBOOT VRRP _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
learning facilities
Hello, If you were given the opportunity to choose your classes for BCMSN, BCRAN and CIT, which training facility would rank at the top. Which facility would be the second choice? TIA Robert M. Lopez Network Planning Ann Arbor Data Center Pfizer Global Research & Development Phone 734-622-3948 Fax 734-622-1690 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Duplex setting
I've read in messages, and in books, about setting the duplex to full/half vs. auto. I knew that it was flaky, but no specifics. We had a machine losing connectivity, and it turns out this was the reason. I changed the port from auto to full duplex, and everything seems to work great. Is there any specific information as to what can cause this? For instance, maybe the auto-detect detects it as half then changes to full, causing a brief outage in connectivity? Thanks, Joey Fowler We are told that talent creates its own opportunities. But it sometimes seems that intense desire creates not only its own opportunities, but its own talents. - Eric Hoffer (1902-1983 American Author & Philosopher) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Another 802.3 and Ethernet Question
To answer your question, my question to you John, would be this: What is the purpose of the default Ethernet frame type on a Cisco router? You've posed an excellent question - one that I mulled over for quite some time until I answered the question I've asked you to solve... Understanding why things work the way they do is the best way to understand and troubleshoot networks. -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: February 5, 2001 8:38 AM To: [EMAIL PROTECTED] Subject: Another 802.3 and Ethernet Question While studying for CIT, I noticed something that had never occurred to me before. The default ethernet frame type on a Cisco router is Ethernet_II, but the only physical interface specified by Ethernet version 2 is 50-ohm coax, IIRC, similar to 10base5 On 10baseT or 100baseTX interfaces, which are on every router I've ever worked with, why is the default frame type not IEEE 802.3? Ethernet_II only has a type field, while IEEE 802.3 frames include 802.2 information. What sorts of functionality would be available through the use of that frame type that are not available with Ethernet_II? In IP-only environments, would there be a good reason to change to a different frame type, or would we only benefit from a different frame type in a non-IP environment or mixed environment? Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISP/Dial Lab Mailing List
Since some people appear to be interested in ISP/Dial and studying via email. I setup a mail alias [EMAIL PROTECTED] It doesn't have any filters or automated procedures. So if you would like to join, please send me an email stating such and I'll add you to the aliases file. David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Duplex setting
In the past, everyone would blame the switch. If it was the switch then every NIC or device would have this problem. I have found that it's usually the NIC driver causing the issue. Is the NIC a reputable manufacture or is it a $15 noname NIC? This might also be the issue. Check to see if you can find a new driver. This will probably solve your problem. In the meantime you should be fine with setting the port to Full/Half duplex. - Tim -Original Message- From: Fowler, Robert J. [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 12:34 PM To: [EMAIL PROTECTED] Subject: Duplex setting I've read in messages, and in books, about setting the duplex to full/half vs. auto. I knew that it was flaky, but no specifics. We had a machine losing connectivity, and it turns out this was the reason. I changed the port from auto to full duplex, and everything seems to work great. Is there any specific information as to what can cause this? For instance, maybe the auto-detect detects it as half then changes to full, causing a brief outage in connectivity? Thanks, Joey Fowler We are told that talent creates its own opportunities. But it sometimes seems that intense desire creates not only its own opportunities, but its own talents. - Eric Hoffer (1902-1983 American Author & Philosopher) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BRI questions.
Try to disable fast switching.. Kenny ""Ron Tan"" <[EMAIL PROTECTED]> wrote in message 001401c08f43$aa521220$47755fca@rontan">news:001401c08f43$aa521220$47755fca@rontan... > 2 sites are connect to each other by ISDN Bri. Both are configured to = > react by Dialer profile. Both links are ok and connected but when = > performing a ping test to each other, the following had been observed. = > Pinging from ethernet port to destination dialer interface produces a = > very stable and reliable status while pinging from ethernet port to = > destination ethernet port shows huge packet losses. The same goes for = > the reverse. Anyone has any thought about this ? > > Ron > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP print through firewall
Hi, I think, you would doing a NAT in this case and your packets to the printer would already be going as a public IP address. So the printer would be knowing where to send the responses back and you wont be needing another NAT. BRgds Sudarshan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ole Drews Jensen Sent: Friday, February 02, 2001 5:10 PM To: '[EMAIL PROTECTED]' Subject: TCP/IP print through firewall All this reading about routed protocols and routing protocols makes you think you know it all, until you are in front of a new funny situation. I am sure that someone out there can explain this to me real quick and easy, so here's my question. We have a LAN with a private network 10.0.0.0, and from a workstation I need to print to a TCP/IP ready printer at another company, which has a public address 100.100.100.100 (this is ofcourse not the real one). My computer should not have any problems getting routed to that printer via it's default gateway (the firewall), via the firewalls default gateway (the router), via the routers default gateway (our isp), and so on. BUT, the computer needs a response from the printer so it knows that it's there and ready, but when the printer tries to reply to my computer 10.1.2.3, it will be dropped by it's default gateway (the other company's router), because the 10.0.0.0 network is not routable through the Internet. I'm I right, and what would be the thing to do here? Would I HAVE to do a NAT on my workstation so the printer can reply back that way? Thanks for any comments on this, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.CiscoKing.com NEED A JOB ??? http://www.oledrews.com/job _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
It's working now! (was TCP/IP print through firewall)
Actually, it's much simpler than I thought. The problem was that port 515 was not opened up on the firewall (I thought port 9100 was the only one needed). After that, the firewall keeps track of your print session, and no NAT or other fun stuff is needed. I was now able to print directly to the printer from anywhere. The other problem I had with my AS400 not being able to print to it, was that (this is really so stupid that I overlooked it at first) there was no default gateway setup on the AS400, and therefore no route to the printer either. But, it is all working now, so 'ho ho ho and a bottle of rum'. Thanks for all the replies. Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.CiscoKing.com NEED A JOB ??? http://www.oledrews.com/job Ole -Original Message- From: Sudarshan NChari [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 12:33 PM To: 'Ole Drews Jensen'; '[EMAIL PROTECTED]' Subject: RE: TCP/IP print through firewall Hi, I think, you would doing a NAT in this case and your packets to the printer would already be going as a public IP address. So the printer would be knowing where to send the responses back and you wont be needing another NAT. BRgds Sudarshan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ole Drews Jensen Sent: Friday, February 02, 2001 5:10 PM To: '[EMAIL PROTECTED]' Subject: TCP/IP print through firewall All this reading about routed protocols and routing protocols makes you think you know it all, until you are in front of a new funny situation. I am sure that someone out there can explain this to me real quick and easy, so here's my question. We have a LAN with a private network 10.0.0.0, and from a workstation I need to print to a TCP/IP ready printer at another company, which has a public address 100.100.100.100 (this is ofcourse not the real one). My computer should not have any problems getting routed to that printer via it's default gateway (the firewall), via the firewalls default gateway (the router), via the routers default gateway (our isp), and so on. BUT, the computer needs a response from the printer so it knows that it's there and ready, but when the printer tries to reply to my computer 10.1.2.3, it will be dropped by it's default gateway (the other company's router), because the 10.0.0.0 network is not routable through the Internet. I'm I right, and what would be the thing to do here? Would I HAVE to do a NAT on my workstation so the printer can reply back that way? Thanks for any comments on this, Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.CiscoKing.com NEED A JOB ??? http://www.oledrews.com/job _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: learning facilities
Top for me would be Mentor Technologies because many of their instructors are on staff as opposed to being contractors. They as a group have authored several books that we all use. They have a long history of involvement with Cisco. They even wrote some of the IOS. I took both the BCMSN and BSCN with them at their NYC office. Second choice would be Global Knowledge because I have taken two courses from them (when ARG) and felt that the instructors were excellent. Courses were ICRC and Campus ATM. ICRC was in a rented facility (OpreyLand, Tennessee). ATM at the GK facility in North Carolina. I cannot comment on any of the other Training Partners. > -Original Message- > From: Lopez, Robert [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 05, 2001 11:28 AM > To: [EMAIL PROTECTED] > Subject: learning facilities > > > Hello, > > If you were given the opportunity to choose your classes for > BCMSN, BCRAN > and CIT, which training facility would rank at the top. > Which facility > would be the second choice? TIA > > Robert M. Lopez > Network Planning > Ann Arbor Data Center > Pfizer Global Research & Development > Phone 734-622-3948Fax 734-622-1690 > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Another 802.3 and Ethernet Question
Hmm My first supposition is that they decided to default to the oldest frame type for interoperability. A few years ago, there were probably more network devices that used only the Ethernet_II frame type. As technology progressed, vendors added new frame types to their devices, with the Ethernet_II frame type remaining the common denominator. If a particular network had a mix of older and newer ethernet devices, the older ones might only understand the Ethernet_II frame type, and we wouldn't want to confuse them. If that were the case, it would make sense to use the older frame type as the default, but manually switch to some other frame type if it were advantageous to do so. Hmm I just checked the NIC on my PC here at work where we use Netware, so we have IPX running. In the IP settings, there is no option for different frame types. However, in the IPX settings, I can pick any of the four possible frame types. This is something else that had never really occurred to me: Why can't I pick a different frame type for IP use? Doesn't IP work using the IEEE 802.3 frame type? I thought that it would. I need to do some more research. I just checked, and the Caslow book doesn't even go into that much detail on Ethernet. I guess I'll be doing even more surfing when I should be working! I'm getting the feeling that at some point today a light bulb is going to go off inside my head and I'll have a different outlook on my understanding of all-things-ethernet. John > To answer your question, my question to you John, would be this: > > What is the purpose of the default Ethernet frame type on a Cisco router? > > You've posed an excellent question - one that I mulled over for quite some > time until I answered the question I've asked you to solve... Understanding > why things work the way they do is the best way to understand and > troubleshoot networks. > > >-- Leigh Anne > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > John Neiberger > Sent: February 5, 2001 8:38 AM > To: [EMAIL PROTECTED] > Subject: Another 802.3 and Ethernet Question > > > While studying for CIT, I noticed something that had never occurred to me > before. The default ethernet frame type on a Cisco router is Ethernet_II, > but the only physical interface specified by Ethernet version 2 is 50-ohm > coax, IIRC, similar to 10base5 On 10baseT or 100baseTX interfaces, which > are on every router I've ever worked with, why is the default frame type not > IEEE 802.3? > > Ethernet_II only has a type field, while IEEE 802.3 frames include 802.2 > information. What sorts of functionality would be available through the use > of that frame type that are not available with Ethernet_II? > > In IP-only environments, would there be a good reason to change to a > different frame type, or would we only benefit from a different frame type > in a non-IP environment or mixed environment? > > Thanks, > John > > > > > > ___ > Send a cool gift with your E-Card > http://www.bluemountain.com/giftcenter/ > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Duplex setting
Robert, This is true. I have recently done some tweaks on our new Cisco 4006's which we have installed in the network closets. Included in the items I researched were: Enabling portfast on ports connected to servers and workstations. Disabling Etherchannel and trunking (which I found out, are set to autonegotiate by default on Cisco Switches). And also, hardsetting the port switches to match the capabilities of the NIC cards. I had to do this for most of my Linux/Unix users as they were seeing the errors more than my PC users. Here are some links to some information from the Cisco website that I came across while doing my research: http://www.cisco.com/warp/public/473/3.html http://www.cisco.com/warp/public/473/46.html Hope this information helps! Heather Buri -Original Message- From: Fowler, Robert J. [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 11:34 AM To: [EMAIL PROTECTED] Subject: Duplex setting I've read in messages, and in books, about setting the duplex to full/half vs. auto. I knew that it was flaky, but no specifics. We had a machine losing connectivity, and it turns out this was the reason. I changed the port from auto to full duplex, and everything seems to work great. Is there any specific information as to what can cause this? For instance, maybe the auto-detect detects it as half then changes to full, causing a brief outage in connectivity? Thanks, Joey Fowler We are told that talent creates its own opportunities. But it sometimes seems that intense desire creates not only its own opportunities, but its own talents. - Eric Hoffer (1902-1983 American Author & Philosopher) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: learning facilities
I have only taken courses from Mentor Tech (previously Chesapeake Consultants) and I have to say, they are excellent, both in their coverage of the materials and in the knowledge of the proctors. Heather Buri -Original Message- From: Lopez, Robert [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 11:28 AM To: [EMAIL PROTECTED] Subject: learning facilities Hello, If you were given the opportunity to choose your classes for BCMSN, BCRAN and CIT, which training facility would rank at the top. Which facility would be the second choice? TIA Robert M. Lopez Network Planning Ann Arbor Data Center Pfizer Global Research & Development Phone 734-622-3948 Fax 734-622-1690 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: learning facilities
The best training I have gotten from Cisco came from Certification Solution. www.certificationsolution.com The worst we as a tech support group have attended lately has been Global Knowledge who seems to be going way down hill. Their classes seem to be getting smaller, their instructors seem to be having less experience and the equipment per student is getting less and has to be shared. Those are the only two though that I have personally attended. Because of the bad feedback from Global Knowledge we here at Excite IT are all booking classes through CS since they are cheaper, give the test vouchers and you get your own equipment to use(Which helps big time). Hope this helps. Carl Hagan Excite WAN Support Group On Mon, 5 Feb 2001 12:28:20 -0500 , Lopez, Robert wrote: > Hello, > > If you were given the opportunity to choose your classes for BCMSN, BCRAN > and CIT, which training facility would rank at the top. Which facility > would be the second choice? TIA > > Robert M. Lopez > Network Planning > Ann Arbor Data Center > Pfizer Global Research & Development > Phone 734-622-3948 Fax 734-622-1690 > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Books for CCNP (640-503 Routing) exam help please
Hi can anyone please recommend any good books/study resources for the CCNP (640-503 Routing) exam ? I have already taken CCNA v1.0 and would like to progress onto CCNP with Routing being the first exam Ill be work on. Any help would be most welcomed. Many thanks, Voirin. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Building CCIE test lab
I am actually working for a cisco gold partner and I was told that I could buy routers at up to half price. Cisco customer services seem not to know that and I am wondering if anybody on this site has ever bought routers and switches at half price with cisco for lab purposes. _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP print through firewall
We print to remote printers a lot. We do NOT give our inside workstations a static address. The printers on the remote end of course do have public addresses statically assigned. If you are doing straight TCP/IP printing then this should work fine. The problem (at least it used to be a problem) used to be that the PIX would not look inside the datagram and nat any addresses found in the data portion of the packet which you need to do for netbui or netbios over TCP/IP (Microsoft mostly). My understanding is that is corrected in the newer PIX codes. My suggestion would be that if you are using print server set them up for TCP/IP printing only and set your workstation up for it as well. This is how we do it. For straight plain old TCP/IP printing this should be fine!!! The printer should find it's way back to your workstation because on the way out YOUR SOURCE address was translated to a public address. When the printer responds it will be responding to that public address which of course maps back to your privately addressed workstation. -Original Message- From: Dennis [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 03, 2001 7:12 PM To: [EMAIL PROTECTED] Subject: Re: TCP/IP print through firewall In addition to the public routable address on the printer, you need a routable address on the workstation. You can accomplish this with a static NAT translation on your firewall. Most likely, you currently have one public address for your entire network for browsing. Hopefully you have a spare address that you are not using. Here is what is will look like: -request from workstation 10.x.x.x sends a print job to printer 100.100.100.100 -request goes to the workstation's gateway router to be routed to the printer. -gateway router forwards request to the firewall where the workstation's 10.x.x.x address is translated to a public address from the pool of addresses that were assigned to your company from your ISP. (This is already happening if the workstation has Internet access but the address currently being used for Internet browsing by the workstation is probably the same one as everyworkstation on your network. This is why you need to put a static translation on the firewall for this workstation. Same idea as if you have a webserver or email server with a private address which needs to be translated at the firewall). -There is one other possible gotcha--your firewall may need a rule which allows the remote printer in. Just my humble opinion. Let us know how it works out. "Ole Drews Jensen" <[EMAIL PROTECTED]> wrote in message 2019FB428FD3D311893700508B71EBFB54AE9E@RWR_MAIL_SVR">news:2019FB428FD3D311893700508B71EBFB54AE9E@RWR_MAIL_SVR... > All this reading about routed protocols and routing protocols makes you > think you know it all, until you are in front of a new funny situation. I am > sure that someone out there can explain this to me real quick and easy, so > here's my question. > > We have a LAN with a private network 10.0.0.0, and from a workstation I need > to print to a TCP/IP ready printer at another company, which has a public > address 100.100.100.100 (this is ofcourse not the real one). > > My computer should not have any problems getting routed to that printer via > it's default gateway (the firewall), via the firewalls default gateway (the > router), via the routers default gateway (our isp), and so on. > > BUT, the computer needs a response from the printer so it knows that it's > there and ready, but when the printer tries to reply to my computer > 10.1.2.3, it will be dropped by it's default gateway (the other company's > router), because the 10.0.0.0 network is not routable through the Internet. > > I'm I right, and what would be the thing to do here? > > Would I HAVE to do a NAT on my workstation so the printer can reply back > that way? > > Thanks for any comments on this, > > Ole > > > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > http://www.CiscoKing.com > > NEED A JOB ??? > http://www.oledrews.com/job > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: learning facilities
>Hello, > >If you were given the opportunity to choose your classes for BCMSN, BCRAN >and CIT, which training facility would rank at the top. Which facility >would be the second choice? TIA > >Robert M. Lopez >Network Planning >Ann Arbor Data Center >Pfizer Global Research & Development >Phone 734-622-3948 Fax 734-622-1690 Well, it needs to be clear what is "facility" and what is "instructor." There's no way that a traveling lab set up in a hotel or conference center will have the same convenience as a permanent training lab. In my experience, while onsite private courses for particular customers may allow special customization and content relevance, the facilities tend to be even worse than hotels. My experience with MCI facilities, for example, have been...interesting. Atlanta: Try setting up a 12 router lab in a classroom that has one electrical outlet. Not circuit. Not even duplex receptacle. Outlet. Chicago: Long, skinny meeting room that was too narrow to let me stand next to the LCD projector. While I left Geotrain before the GKN merger, their permanent facilities were decent. Mentor Labs and ARS have reasonable ones I've been in. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Paquet's BCRAN p. 194-195
One thing I'm confused about in Paquet's BCRAN book (1578700914): On p. 194/195, it shows a config which allegedly will cause Cisco-a to dial Cisco-b whenever any non-FTP or non-Telnet IP traffic comes through. My question is: given the two dialer map statements, why will Cisco-a call Cisco-b, and not Cisco-c? Will Cisco-a attempt to call Cisco-b first, and if that fails, then try Cisco-c? Thanks in advance - BJ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Duplex setting
One duplex setting is from Mars and the other is from Venus. Autonegotiation works only when the negotiator understands which is from where, and how to speak the language of each. ;-) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN Dialup Backup
Address your BRI seperatly, add static routes to the networks through the BRI, and then ping. Once you know you have connectivity and they are dialing, you should be able to change the addressing and add the backup interface command. You can also setup your ISDN as if you are going to make it a production backup interface, but instead of actually adding the backup interface command on the dedicated line, add a route with a higher admin distance through the BRI, then do a shut on the dedicated line. Traffic should almost immediatly take the BRI if everything is setup right. I know the second option does not sound any different then what you are doing, but it is my experience that simply doing a shutdown will not kick in a dedicated backup interface. You actually have to unplug the line. An ISND backup used in conjunction with the backup interface command will not respond to an administrative shutdown. -Original Message- From: Elijah Savage [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 04, 2001 8:54 PM To: Cisco (E-mail) Subject: ISDN Dialup Backup I support allot of customers with dedicated t1's and using isdn dialup backup. I have had some customers that want to test the dialup backup without taking the serial link down. I have noticed that on version 12.0 of the IOS you can take the dial backup command off the interface and ping the other side of the isdn link and make it come up and dial, this is great for not having a customer experience any down time. Well I was working on a 1720 on Friday with IOS 12.1 and this does not work. You actually have to take the serial link down to make the isdn dial. This is very inconvenient when you are setting up a new customer and you do not know if the isdn line is in place. Especially when setting up customers in Texas it seems like it takes an act of god to have someone at the phone company give you the right spids. I guess my question is this, does anyone know if this was a feature Cisco had in IOS 12.0 and removed it from later versions or if this was a bug in the 12.0 IOS. I have another engineer at work that swares it is a bug to be able to take the dial backup command off and make the link dial up. Any ideas? Or any other ways I am overlooking in making the backup link come up without having to take a customer down? Elijah _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: commands, please help
www.cisco.com -Original Message- From: yohanus [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 1:56 AM To: [EMAIL PROTECTED] Subject: commands, please help ---Sorry for asking this question, if it's been asked before--- Anyone know of a good site that publicizes Cisco commands? If so, please help. Thanks to all replies. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Starting with VPN...help...
I am a little biased since I authored the chapter, but check out chapter 4 of Syngress Media's BCRAN book (the latest). It has several VPN scenarios and configs as well as an explanation of ESP,AH, DES, Triple-pass DES, TRIPLE DES etc. As well as some good explanations of ISAKMP, IKE and how they fit together what they are. etc. Let me know what you think of the chapter, and if it was usefull!! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 9:39 AM To: [EMAIL PROTECTED] Subject: Starting with VPN...help... Hey Group, Just found out that I'm going to be a huge part of the VPN implementation where I work at. I need some info on which books to get. Let's pretend I have no clue how VPN works. What books will teach me from start to finish? I have been recomended Howard's "WAN Survival Guide : Strategies for VPN's, Multi-Service Networks, and Mobility" and have also found Cisco's "Enhanced IP Services for CISCO Networks: A Practical Resource for Deploying Quality of Service, Security, IP Routing, and VPN Services". What do you guys think. Thanks. Mark Z. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Paquet's BCRAN p. 194-195
Too weird, I'm on that page and took a break to read my mail! There is no default route, but there are two static routes, we can only assume that the example is talking about traffic directly addressed to the 192.168.1.0 network (router b) - even though they never say so... consider that a practice question for the test ;-) Tim > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Bradley J. Wilson > Sent: Monday, February 05, 2001 8:06 PM > To: cisco > Subject: Paquet's BCRAN p. 194-195 > > > One thing I'm confused about in Paquet's BCRAN book (1578700914): > > On p. 194/195, it shows a config which allegedly will cause > Cisco-a to dial > Cisco-b whenever any non-FTP or non-Telnet IP traffic comes through. My > question is: given the two dialer map statements, why will Cisco-a call > Cisco-b, and not Cisco-c? Will Cisco-a attempt to call Cisco-b first, and > if that fails, then try Cisco-c? > > Thanks in advance - > > BJ > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Duplex setting
This sounds a little like that "If your wife ran on IOS" thread from a couple months ago... ;-) - Original Message - From: Howard C. Berkowitz To: [EMAIL PROTECTED] Sent: Monday, February 05, 2001 2:08 PM Subject: RE: Duplex setting One duplex setting is from Mars and the other is from Venus. Autonegotiation works only when the negotiator understands which is from where, and how to speak the language of each. ;-) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP/IP print through firewall
You're right, I just had to open up for port 515 outgoing. Ole Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.CiscoKing.com NEED A JOB ??? http://www.oledrews.com/job -Original Message- From: Christopher Larson [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 1:05 PM To: 'Dennis'; [EMAIL PROTECTED] Subject: RE: TCP/IP print through firewall We print to remote printers a lot. We do NOT give our inside workstations a static address. The printers on the remote end of course do have public addresses statically assigned. If you are doing straight TCP/IP printing then this should work fine. The problem (at least it used to be a problem) used to be that the PIX would not look inside the datagram and nat any addresses found in the data portion of the packet which you need to do for netbui or netbios over TCP/IP (Microsoft mostly). My understanding is that is corrected in the newer PIX codes. My suggestion would be that if you are using print server set them up for TCP/IP printing only and set your workstation up for it as well. This is how we do it. For straight plain old TCP/IP printing this should be fine!!! The printer should find it's way back to your workstation because on the way out YOUR SOURCE address was translated to a public address. When the printer responds it will be responding to that public address which of course maps back to your privately addressed workstation. -Original Message- From: Dennis [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 03, 2001 7:12 PM To: [EMAIL PROTECTED] Subject: Re: TCP/IP print through firewall In addition to the public routable address on the printer, you need a routable address on the workstation. You can accomplish this with a static NAT translation on your firewall. Most likely, you currently have one public address for your entire network for browsing. Hopefully you have a spare address that you are not using. Here is what is will look like: -request from workstation 10.x.x.x sends a print job to printer 100.100.100.100 -request goes to the workstation's gateway router to be routed to the printer. -gateway router forwards request to the firewall where the workstation's 10.x.x.x address is translated to a public address from the pool of addresses that were assigned to your company from your ISP. (This is already happening if the workstation has Internet access but the address currently being used for Internet browsing by the workstation is probably the same one as everyworkstation on your network. This is why you need to put a static translation on the firewall for this workstation. Same idea as if you have a webserver or email server with a private address which needs to be translated at the firewall). -There is one other possible gotcha--your firewall may need a rule which allows the remote printer in. Just my humble opinion. Let us know how it works out. "Ole Drews Jensen" <[EMAIL PROTECTED]> wrote in message 2019FB428FD3D311893700508B71EBFB54AE9E@RWR_MAIL_SVR">news:2019FB428FD3D311893700508B71EBFB54AE9E@RWR_MAIL_SVR... > All this reading about routed protocols and routing protocols makes you > think you know it all, until you are in front of a new funny situation. I am > sure that someone out there can explain this to me real quick and easy, so > here's my question. > > We have a LAN with a private network 10.0.0.0, and from a workstation I need > to print to a TCP/IP ready printer at another company, which has a public > address 100.100.100.100 (this is ofcourse not the real one). > > My computer should not have any problems getting routed to that printer via > it's default gateway (the firewall), via the firewalls default gateway (the > router), via the routers default gateway (our isp), and so on. > > BUT, the computer needs a response from the printer so it knows that it's > there and ready, but when the printer tries to reply to my computer > 10.1.2.3, it will be dropped by it's default gateway (the other company's > router), because the 10.0.0.0 network is not routable through the Internet. > > I'm I right, and what would be the thing to do here? > > Would I HAVE to do a NAT on my workstation so the printer can reply back > that way? > > Thanks for any comments on this, > > Ole > > > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > http://www.CiscoKing.com > > NEED A JOB ??? > http://www.oledrews.com/job > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ,
ECP1 lab. Is it worth it?
I've heard a lot of folks mention different prep courses for the CCIE lab and ECP1 seems to be pretty well recommended. When I went to the site, however, the web pages imply that this is a preparation tool for "beginning" your CCIE lab track and isolating weaknesses to further focus on. I was going to take this class a week or so prior to my lab (scheduled for august and I'm not rushed to swap it up) but am not so sure now. Could someone who's done this please reply to this post or email me directly about their experiences with it? Thanks. -- Charles Henson [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ECP1 lab. Is it worth it?
i dink dis is good classroomie #3765well worth my peanuts ""Charles Henson"" <[EMAIL PROTECTED]> wrote in message 95n3ml$5ar$[EMAIL PROTECTED]">news:95n3ml$5ar$[EMAIL PROTECTED]... > I've heard a lot of folks mention different prep courses for the CCIE lab > and ECP1 seems to be pretty well recommended. When I went to the site, > however, the web pages imply that this is a preparation tool for "beginning" > your CCIE lab track and isolating weaknesses to further focus on. I was > going to take this class a week or so prior to my lab (scheduled for august > and I'm not rushed to swap it up) but am not so sure now. Could someone > who's done this please reply to this post or email me directly about their > experiences with it? Thanks. > > > > -- > Charles Henson > [EMAIL PROTECTED] > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ECP1 lab. Is it worth it?
Don't lie boy! You're just a CCIE-W, and that's not even a cert! Charles :>} ""Jeff McCoy"" <[EMAIL PROTECTED]> wrote in message 95n4if$8uc$[EMAIL PROTECTED]">news:95n4if$8uc$[EMAIL PROTECTED]... > i dink dis is good classroomie #3765well worth my peanuts > > > ""Charles Henson"" <[EMAIL PROTECTED]> wrote in message > 95n3ml$5ar$[EMAIL PROTECTED]">news:95n3ml$5ar$[EMAIL PROTECTED]... > > I've heard a lot of folks mention different prep courses for the CCIE lab > > and ECP1 seems to be pretty well recommended. When I went to the site, > > however, the web pages imply that this is a preparation tool for > "beginning" > > your CCIE lab track and isolating weaknesses to further focus on. I was > > going to take this class a week or so prior to my lab (scheduled for > august > > and I'm not rushed to swap it up) but am not so sure now. Could someone > > who's done this please reply to this post or email me directly about their > > experiences with it? Thanks. > > > > > > > > -- > > Charles Henson > > [EMAIL PROTECTED] > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Duplex setting
:) Nope it is not a $15 noname NIC. It is a Compaq NC3131 FastEthernet NIC. I don't know the exact price put I'm guessing 10-20 times that amount. The link that was given to me by someone else in this group, showed that Cisco says all Routers, Servers and production equipment should have this set manually, and that the auto setting should be used for Migrant users. -Original Message- From: Hornbeck, Timothy [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 1:14 PM To: '[EMAIL PROTECTED]' Subject: RE: Duplex setting In the past, everyone would blame the switch. If it was the switch then every NIC or device would have this problem. I have found that it's usually the NIC driver causing the issue. Is the NIC a reputable manufacture or is it a $15 noname NIC? This might also be the issue. Check to see if you can find a new driver. This will probably solve your problem. In the meantime you should be fine with setting the port to Full/Half duplex. - Tim -Original Message- From: Fowler, Robert J. [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 12:34 PM To: [EMAIL PROTECTED] Subject: Duplex setting I've read in messages, and in books, about setting the duplex to full/half vs. auto. I knew that it was flaky, but no specifics. We had a machine losing connectivity, and it turns out this was the reason. I changed the port from auto to full duplex, and everything seems to work great. Is there any specific information as to what can cause this? For instance, maybe the auto-detect detects it as half then changes to full, causing a brief outage in connectivity? Thanks, Joey Fowler We are told that talent creates its own opportunities. But it sometimes seems that intense desire creates not only its own opportunities, but its own talents. - Eric Hoffer (1902-1983 American Author & Philosopher) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ECP1 lab. Is it worth it?
I have heard it is best to take this class about 4 to 6 weeks before your test as the class will help you see where you may need improvements to pass the lab, and you will probably want the time to practice the areas identified. -Original Message- From: Charles Henson [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 3:39 PM To: [EMAIL PROTECTED] Subject: ECP1 lab. Is it worth it? I've heard a lot of folks mention different prep courses for the CCIE lab and ECP1 seems to be pretty well recommended. When I went to the site, however, the web pages imply that this is a preparation tool for "beginning" your CCIE lab track and isolating weaknesses to further focus on. I was going to take this class a week or so prior to my lab (scheduled for august and I'm not rushed to swap it up) but am not so sure now. Could someone who's done this please reply to this post or email me directly about their experiences with it? Thanks. -- Charles Henson [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ECP1 lab. Is it worth it?
Gotcha, IMS used to have a "prep lab" but I can't find any mention of it on their site anymore. The global knowledge idea is to span out 3 weeks of classes over about a 2 month window. I can't do that. I just need about a one week "focus" class prior to the lab. I think ECP1 may be my only option. I'm glad it's got a good rep. Charles "Christopher Larson" <[EMAIL PROTECTED]> wrote in message 61E62C3E8898D311BBE20050DA13E3F61BE2E3@NTMAIL">news:61E62C3E8898D311BBE20050DA13E3F61BE2E3@NTMAIL... > I have heard it is best to take this class about 4 to 6 weeks before your > test as the class will help you see where you may need improvements to pass > the lab, and you will probably want the time to practice the areas > identified. > > -Original Message- > From: Charles Henson [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 05, 2001 3:39 PM > To: [EMAIL PROTECTED] > Subject: ECP1 lab. Is it worth it? > > > I've heard a lot of folks mention different prep courses for the CCIE lab > and ECP1 seems to be pretty well recommended. When I went to the site, > however, the web pages imply that this is a preparation tool for "beginning" > your CCIE lab track and isolating weaknesses to further focus on. I was > going to take this class a week or so prior to my lab (scheduled for august > and I'm not rushed to swap it up) but am not so sure now. Could someone > who's done this please reply to this post or email me directly about their > experiences with it? Thanks. > > > > -- > Charles Henson > [EMAIL PROTECTED] > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ECP1 lab. Is it worth it?
3765 is Val's number .What are you referring to Jeff? Jeff McCoy wrote: > i dink dis is good classroomie #3765well worth my peanuts > > ""Charles Henson"" <[EMAIL PROTECTED]> wrote in message > 95n3ml$5ar$[EMAIL PROTECTED]">news:95n3ml$5ar$[EMAIL PROTECTED]... > > I've heard a lot of folks mention different prep courses for the CCIE lab > > and ECP1 seems to be pretty well recommended. When I went to the site, > > however, the web pages imply that this is a preparation tool for > "beginning" > > your CCIE lab track and isolating weaknesses to further focus on. I was > > going to take this class a week or so prior to my lab (scheduled for > august > > and I'm not rushed to swap it up) but am not so sure now. Could someone > > who's done this please reply to this post or email me directly about their > > experiences with it? Thanks. > > > > > > > > -- > > Charles Henson > > [EMAIL PROTECTED] > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ECP1 lab. Is it worth it?
being a smart-ass...just a joke with my friend charlesim not intending to stir anything up "Nathan Casassa" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > 3765 is Val's number .What are you referring to Jeff? > > Jeff McCoy wrote: > > > i dink dis is good classroomie #3765well worth my peanuts > > > > ""Charles Henson"" <[EMAIL PROTECTED]> wrote in message > > 95n3ml$5ar$[EMAIL PROTECTED]">news:95n3ml$5ar$[EMAIL PROTECTED]... > > > I've heard a lot of folks mention different prep courses for the CCIE lab > > > and ECP1 seems to be pretty well recommended. When I went to the site, > > > however, the web pages imply that this is a preparation tool for > > "beginning" > > > your CCIE lab track and isolating weaknesses to further focus on. I was > > > going to take this class a week or so prior to my lab (scheduled for > > august > > > and I'm not rushed to swap it up) but am not so sure now. Could someone > > > who's done this please reply to this post or email me directly about their > > > experiences with it? Thanks. > > > > > > > > > > > > -- > > > Charles Henson > > > [EMAIL PROTECTED] > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > _ > > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ECP1 lab. Is it worth it?
I have only heard good things about the class. I have heard wonderful things about Val, and have met Bruce Caslow personally so I am looking forward to the class in June in Falls Church, VA with Bruce. I am giving myself some time after the class to crack down on the things I learn in class that I am really behind on. Although the prereqs say you have to have all those classes, and have to have passed the written, it is very common for people to get in that really don't have a clue about the basics and have not taken those classes or passed the written, so you may be stuck with a lab partner that has never configured a router or does not understand IP basics, which may put you way behind if you are there to get serious with stuff you already fairly understand. This is not a spoon fed class, you better know what your doing when you get into the real stuff or you are going to look pretty silly if you don't understand simple things. I know several CCIE's that recommend the class so if your serious, this class is the way to go. Nate Charles Henson wrote: > Gotcha, > IMS used to have a "prep lab" but I can't find any mention of it on > their site anymore. The global knowledge idea is to span out 3 weeks of > classes over about a 2 month window. I can't do that. I just need about a > one week "focus" class prior to the lab. I think ECP1 may be my only option. > I'm glad it's got a good rep. > > Charles > > "Christopher Larson" <[EMAIL PROTECTED]> wrote in message > 61E62C3E8898D311BBE20050DA13E3F61BE2E3@NTMAIL">news:61E62C3E8898D311BBE20050DA13E3F61BE2E3@NTMAIL... > > I have heard it is best to take this class about 4 to 6 weeks before your > > test as the class will help you see where you may need improvements to > pass > > the lab, and you will probably want the time to practice the areas > > identified. > > > > -Original Message- > > From: Charles Henson [mailto:[EMAIL PROTECTED]] > > Sent: Monday, February 05, 2001 3:39 PM > > To: [EMAIL PROTECTED] > > Subject: ECP1 lab. Is it worth it? > > > > > > I've heard a lot of folks mention different prep courses for the CCIE lab > > and ECP1 seems to be pretty well recommended. When I went to the site, > > however, the web pages imply that this is a preparation tool for > "beginning" > > your CCIE lab track and isolating weaknesses to further focus on. I was > > going to take this class a week or so prior to my lab (scheduled for > august > > and I'm not rushed to swap it up) but am not so sure now. Could someone > > who's done this please reply to this post or email me directly about their > > experiences with it? Thanks. > > > > > > > > -- > > Charles Henson > > [EMAIL PROTECTED] > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fast Ethernet on 2600's
There are Fe Modules for the 2600's -Original Message- From: Kevin Wigle [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 03, 2001 11:54 PM To: Cisco Subject: Fast Ethernet on 2600's I goofed on that one.. as Pagorn corrected me - the 2620's have fe port(s) ... and as I did the correct thing and looked it up (after the fact) the 2650's do also. Too fast on the keyboard I guess. :-( My train of thought was modules... the book doesn't give any fe modules for the 2600s although there are for the 3600's. Forgot about the fixed ports. Kevin Wigle _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Exam Number: 640-503
Mike, I would recommend 'CCNP 2.0 Routing' from Robert Myhre. It covers all the material well and has very few errors. Regards Adam - Original Message - From: "Mike Bowlin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, February 06, 2001 1:54 AM Subject: Exam Number: 640-503 > Can anyone recommend a couple of good book for the Routing exam 640-503? > > Thanks, > Mike > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another 802.3 and Ethernet Question
At 07:38 AM 2/5/01, John Neiberger wrote: >While studying for CIT, I noticed something that had never occurred to me >before. The default ethernet frame type on a Cisco router is Ethernet_II, The default frame type depends on the payload. The default for IP is Ethernet V2 because the IP industry never adopted anything newer at the data-link layer. (They did adopt new physical-layer IEEE 802.3 standards.) Ethernet V2 has dest, source, and EtherType. If you were to change the frame type on the routers, you would have to change it on all IP hosts too, which would be a pain. Most operating systems (Windows 9x, Window NT, SunOS, Mac OS, etc.) default to Ethernet V2 for IP also. If you use AppleTalk Phase 2, the default frame type is 802.3 with 802.2 and SNAP. That's because all Macintoshes and other AppleTalk devices default to that frame type for AppleTalk also. (Phase 1 was Ethernet V2, by the way.) If you use Novell, the default is Novell "raw," aka Ethernet_802.3 which has dest, source, length, immediately followed by the IPX header which starts with an XNS checksum, which isn't used so it's always . The Novell default may have changed. I know Novell has been wanting to get with the rest of the world, plus they have been talking about actually using the checksum, which means they can't use the raw format. Also the raw format is kind of ugly because a "raw" frame arrives at a station configured for 802.3 with 802.2, the looks like a global LLC (802.2) SAP, which means "give this frame to all services!. Priscilla >but the only physical interface specified by Ethernet version 2 is 50-ohm >coax, IIRC, similar to 10base5 On 10baseT or 100baseTX interfaces, which >are on every router I've ever worked with, why is the default frame type not >IEEE 802.3? > >Ethernet_II only has a type field, while IEEE 802.3 frames include 802.2 >information. What sorts of functionality would be available through the use >of that frame type that are not available with Ethernet_II? > >In IP-only environments, would there be a good reason to change to a >different frame type, or would we only benefit from a different frame type >in a non-IP environment or mixed environment? > >Thanks, >John > > > > > >___ >Send a cool gift with your E-Card >http://www.bluemountain.com/giftcenter/ > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Packet vs Byte
Packets are variable sizes. In other words, they have varying amounts of bytes in them. If you base your "top talkers" statistics on the stations ending the most packets, you might get a skewed view of who is actually sending the most data. Maybe the stations sending the most packets are sending very small packets. It's best to look at both packets and bytes. Priscilla At 08:39 AM 2/5/01, [EMAIL PROTECTED] wrote: > Everyone > >I am just wondering why IP Accounting and Sniffers us both Packet and > Byte >counters? Can someone explain this to me, why they use both and what are the >difference's or seen me to a website? > >Brian > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX VPN IP Pool
On the isakmp key address netmask command I don't see how to specify differently for VPN clients. I have one key with the IPSec peer on the PIX-PIX vpn using a /32 subnet but if I specify 0.0.0.0 netmask 0.0.0.0 for the VPN clients, won't this interfere? - Original Message - From: "Christopher Larson" <[EMAIL PROTECTED]> To: "'Allen May'" <[EMAIL PROTECTED]>; "Christopher Larson" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, February 02, 2001 11:02 AM Subject: RE: PIX VPN IP Pool > Oh, in my experience all your IKE mode config clients would have to have the > same security policies. You would base your IPSEC lists on the IP address > assigned to them from the pool. > > -Original Message- > From: Allen May [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 02, 2001 11:05 AM > To: Christopher Larson; [EMAIL PROTECTED] > Subject: Re: PIX VPN IP Pool > > > THATS what I meant to say ;) I was wondering how the damn pool worked and > how you'd be able to differentiate the ACLs by IP. > > - Original Message - > From: "Christopher Larson" <[EMAIL PROTECTED]> > To: "'Allen May'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Friday, February 02, 2001 6:45 AM > Subject: RE: PIX VPN IP Pool > > > > This should not interfere with your other VPN's. It will simply allow the > > Client to get an address from the pool. What I haven't figured out yet is > if > > there is a way to seperate IKE mode configed clients so that each group of > > clients would have a different security policy. They have to get all their > > addresses from the same pool, and there is no way to differentiate pools, > or > > sets of clients so it seems to me that when using IKE mode config that you > > can only do it for a set of clients that will share the same security > > policy. > > > > > > Have you or anyone seen any way to do this using IKE mode config? > > > > > > > > > > > > > > > > > > > > > > > > > > -Original Message- > > From: Allen May [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, February 01, 2001 2:41 PM > > To: [EMAIL PROTECTED] > > Subject: PIX VPN IP Pool > > > > > > OK I get all the VPN stuff for IPSec. I have a working PIX-PIX VPN > working > > right now and am in the process of implementing CiscoSecure to PIX VPN. I > > haven't implemented it quite yet because I"m worried about a possible > > conflict here. > > > > Configuring IKE Mode Config parameters calls for the following: > > ip local pool (pool-name) ip-range > > isakmp cilent cnofiguration address-pool local (pool-name) outside > > crypto map (crypto-map-name) client configuration address initiate > > > > The first 2 lines have a common pool-name but have no places in there to > > match it to previous commands set up for the specific VPN. All others in > my > > config have some reference either by a name or a number in the command. > > > > The 3rd line also has no reference whatsoever to which VPN this should > > apply. There are no similar commands for the PIX-PIX vpn but I'm > wondering > > if this will somehow interfere or am I just being overly cautious here? > > > > Allen May > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Netflow
Daley, VLAN/MLS configuration example (using IP/IPX in VLAN 1 and IP only in VLAN 2): Router Configuration mls rp ip interface FastEthernet0/0 speed 100 full-duplex mls rp vtp-domain MyVTP mls rp ip interface FastEthernet0/0.1 encapsulation isl 1 ip address 192.168.0.1 255.255.255.0 mls rp management-interface mls rp ip interface FastEthernet0/0.2 encapsulation isl 2 ip address 192.168.1.1 255.255.255.0 mls rp ip Switch Config (Cat 55xx + NFFC) set vtp domain MyVTP set vlan 1 name default type ethernet mtu 1500 said 11 state active set vlan 2 name MySpecialLAN type ethernet mtu 1500 said 18 state active set interface sc0 1 192.168.0.2/255.255.255.0 172.168.0.255 set mls enable ipx set mls flow full set mls agingtime 512 set mls agingtime fast 32 0 set mls include 192.168.0.1 Cheers Adam Burgess Brisbane, Australia - Original Message - From: "Okuwa, Daley" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 05, 2001 10:40 PM Subject: Cisco Netflow > hi all , > > Is there anyone who has used Cisco Netflow for collection of data > how can you enable cisco netflow on a cisco catalyst 5505 with supervisor > engine II G using a NFFC (Netflow Feature Card) > > Daley Okuwa > EDS Network services > Stockley Park > Tel no0181-5353144 > fax no 0181-7545983 > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CiscoWorks2000 e-mail notification
Anyone know how to set up e-mail notifications for traps in CiscoWorks2000 LMS? Cheers, Jeff _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Extremely Odd Routing resolved, sort of...
Here's another way to recreate this problem. Bring up a router but leave all interfaces down. Configure a point-to-point interface (serial, frame relay, whatever) with the ip address 10.1.1.1. Then add: ip route 10.50.50.50 255.255.255.255 10.1.1.2 ip route 10.0.0.0 255.0.0.0 null0 Then, do show ip route 10.50.50.50. You will still see it reachable via 10.1.1.2! why? Because this router thinks that 10.1.1.2 is still reachable via null0. It's not realizing that 10.1.1.2 is at the other end of a dead point-to-point link and it could not possibly be up and running. If I had my druthers (not DRothers ), the router would not behave this way. The problem it created in our network was only resolvable by turning off classless routing, which is okay for us, but not for everyone. Hmm...I just discovered something interesting. If you replace the static route for 10.0.0.0 with a default route, 0.0.0.0/0 pointing to null0, this problem does not occur. Weird. So, the addition of a default route does not cause this behavior, but the addition of a supernet route does. In classless routing, why does it really matter? It seems to me that a supernet is a supernet is a supernet. Isn't a default route just the ultimate supernet route? Okay, more research needed... > I believe you have a default route or gateway of last resort set > I could not get the routes in my table until I added a default route > Duck > here is the config > Current configuration: > ! > version 12.0 > service timestamps debug uptime > service timestamps log uptime > no service password-encryption > ! > hostname Router > ! > ! > ip subnet-zero > ! > ! > process-max-time 200 > ! > interface Ethernet0 > no ip address > no ip directed-broadcast > shutdown > ! > interface Serial0 > ip address 172.16.10.1 255.255.255.252 > no ip directed-broadcast > no ip mroute-cache > shutdown > ! > router ospf 6 > ! > router bgp 65001 > ! > ip classless > ip route 0.0.0.0 0.0.0.0 172.16.10.2 > ip route 192.168.1.64 255.255.255.240 Null0 > ip route 192.168.92.0 255.255.255.255 192.168.1.65 > ip route 200.168.1.16 255.255.255.240 192.168.92.65 > ip ospf name-lookup > ! > ! > line con 0 > exec-timeout 0 0 > transport input none > line vty 0 4 > login > ! > end > > Router# > Router# > Router# > Router#sh ip route > Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP > D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area > N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 > E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP > i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default > U - per-user static route, o - ODR > > Gateway of last resort is not set > > 192.168.92.0/32 is subnetted, 1 subnets > S 192.168.92.0 [1/0] via 192.168.1.65 > 192.168.1.0/28 is subnetted, 1 subnets > S 192.168.1.64 is directly connected, Null0 > - Original Message - > From: John Neiberger <[EMAIL PROTECTED]> > To: JZ <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Monday, February 05, 2001 8:48 AM > Subject: Re: Extremely Odd Routing resolved, sort of... > > > > Thanks, you nailed the problem exactly! I'm not sure if that behavior is > > good or bad, but I know that in my case it is bad. Since we don't need > > classless routing on this router, we turned it off, but I wish there were a > > better solution. > > > > My preference would be for the router to remove all static routes pointing > > to next-hop addresses at the other side of directly attached interfaces that > > are down, even if it thinks that network is reachable via another route. If > > the link is point-to-point, the network is absolutely unreachable, so why > > not treat it as such? > > > > Anyone else have thoughts about this? > > > > > As we all know, when we configure a static IP route, the next hop IP > > > address should be a host IP address of a directly connected network (or > > an > > > exit interface number). for example, in Windows NT or Netware systems, > > if > > > your system is connected to, say, network 192.168.50.0/24, and you try > > to > > > add a static IP route, say, 192.168.60.0/24 with a next hop IP address > > > 192.168.53.x. you will get an error message. Am I right? > > > If you are thinking this will be the same in Cisco IOS, you could be > > wrong. > > > Try to turn on you router (just one router is enough), and leave all you > > > interface down. Then typing in the following lines > > > > > > IP route 200.168.1.16 255.255.255.240 192.168.92.65 > > > IP route 192.168.92.0 255.255.255.255 192.168.1.65 > > > IP route 192.168.1.64 255.255.255.240 Null 0 > > > > > > Note that, none of the router's interface is connected to any of the > > network > > > numbers shown in the configuration (of course, exc
MAC address
On a network with 12 switches all connected to 1 core switch using the default vlan 1. What is the best way to find out which port the MAC address is broadcasted from? Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN Dialup Backup
We use floating static routes rather than dial backup, but here's one way of doing it... Remove the dial backup command. Add a static IP route to a network that doesn't exist in your routing table. Make sure it's a network that you don't need to be able to connect to, at least temporarily (this obviously may be tricky if you use default routes and your users may need to connect to any network), or make the static route for the address of the dialer interface at the other end. Point the static route at the dialer interface (not the address, the interface). E.g.ip route 1.2.3.0 255.255.255.0 dialer1 Ping the address of your route - e.g 1.2.3.4 for the above route. If you've used a 'fake' address, the ping won't work, but it should bring up the ISDN link anyway. This is just basic routing stuff, so I assume it would work with 12.1. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 06/02/2001 08:44 am --- Elijah Savage <[EMAIL PROTECTED]>@groupstudy.com on 05/02/2001 12:53:32 pm Please respond to Elijah Savage <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] To: "Cisco (E-mail)" <[EMAIL PROTECTED]> cc: Subject: ISDN Dialup Backup I support allot of customers with dedicated t1's and using isdn dialup backup. I have had some customers that want to test the dialup backup without taking the serial link down. I have noticed that on version 12.0 of the IOS you can take the dial backup command off the interface and ping the other side of the isdn link and make it come up and dial, this is great for not having a customer experience any down time. Well I was working on a 1720 on Friday with IOS 12.1 and this does not work. You actually have to take the serial link down to make the isdn dial. This is very inconvenient when you are setting up a new customer and you do not know if the isdn line is in place. Especially when setting up customers in Texas it seems like it takes an act of god to have someone at the phone company give you the right spids. I guess my question is this, does anyone know if this was a feature Cisco had in IOS 12.0 and removed it from later versions or if this was a bug in the 12.0 IOS. I have another engineer at work that swares it is a bug to be able to take the dial backup command off and make the link dial up. Any ideas? Or any other ways I am overlooking in making the backup link come up without having to take a customer down? Elijah _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MAC address
show cam {dynamic | static | permanent} mod_num/port_num, if this is a set-based switch. HTH, Evan -Original Message- From: John Chang [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 3:52 PM To: [EMAIL PROTECTED] Subject: MAC address On a network with 12 switches all connected to 1 core switch using the default vlan 1. What is the best way to find out which port the MAC address is broadcasted from? Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Starting with VPN...help...
www.firstvpn.com (research section) proved useful when I implemented VPN. Doesn't include book listings that I'm aware of but it had a lot of comparisons and information. Don't know how up to date the site is. Hope it helps. <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hey Group, > Just found out that I'm going to be a huge part of the VPN implementation where I work at. I need some info on which books to get. Let's pretend I have no clue how VPN works. What books will teach me from start to finish? I have been recomended Howard's "WAN Survival Guide : Strategies for VPN's, Multi-Service Networks, and Mobility" and have also found Cisco's "Enhanced IP Services for CISCO Networks: A Practical Resource for Deploying Quality of Service, Security, IP Routing, and VPN Services". What do you guys think. Thanks. > > Mark Z. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VLANs on Catalyst 1900 Switches
I have 2 Cat1900 switches (WS-1912-A). One has the 8.01.00 Standard Edition loaded and the other has the 9.00.04 Enterprise Edition loaded. On neither of them are any of the VLAN commands available. The Cisco ICND book covers VLANs on Cat1900 switches and a co-worker just attended a GlobalKnowledge CCNA Boot Camp where they did configure VLANs on Cat1900s (with version 8.xx loaded). In addition to the software version, is there a hardware issue? Do some Cat1900s not support VLANs? Dave Goldsmith _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Packet vs Byte
Hi, If it was me I wouild charge by the packet then instist everybody used only telnet or restict packet sizes to 100 bytes. Sorry, Packets can contain from a few bytes (payload) to a lot of bytes (payload). A telnet session transmitting each character individually gives a large number of packets with few bytes. An FTP session with large packets gives a few number of packets with a large number of bytes. Why does it matter for sniffing purposes. The management of a network (the slowing down or whatever) might be due to the bandwith being swallowed up by the bytes on a network or it could be due the the having to handle the number of packets on a network. Being able to compare the two could assist in making choices as to what sort of queuing to use or how best to manipulate traffic. Just some thoughts and ramblings, Teunis Hobart, Tasmania Australia On Monday, February 05, 2001 at 09:56:16 AM, Howard C. Berkowitz wrote: > > Everyone > > > >I am just wondering why IP Accounting and Sniffers us both Packet and Byte > >counters? Can someone explain this to me, why they use both and what are the > >difference's or seen me to a website? > > > >Brian > > > At the most basic, byte statistics tend to reflect limitations of > bandwidth or congestion of the medium. Packet statistics tend to > reflect limitations of forwarding devices (e.g., lookup > speeds)--their ability to handle headers. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VLANs on Catalyst 1900 Switches
Cat1900's support VLANs. The command is from interface configuration mode, and it is vlan-membership static [vlan#]. Unless you are doing dynamic VLANs. Then substitute the static with dynamic, and configure that. 9.00.04 Enterprise definitely supports vlans, and all 1900s (1912, 1924, etc.) support this hardware-wise. I haven't worked with 8.01.00 Standard, so I can say for sure that vlans are supported, but I would be really surprised if they weren't. .02, Evan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, February 05, 2001 4:10 PM To: [EMAIL PROTECTED] Subject: VLANs on Catalyst 1900 Switches I have 2 Cat1900 switches (WS-1912-A). One has the 8.01.00 Standard Edition loaded and the other has the 9.00.04 Enterprise Edition loaded. On neither of them are any of the VLAN commands available. The Cisco ICND book covers VLANs on Cat1900 switches and a co-worker just attended a GlobalKnowledge CCNA Boot Camp where they did configure VLANs on Cat1900s (with version 8.xx loaded). In addition to the software version, is there a hardware issue? Do some Cat1900s not support VLANs? Dave Goldsmith _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]