Re: Which Router for BGP4 ??
Is 64mb enough? regards, suaveguru --- John Neiberger [EMAIL PROTECTED] wrote: why not a 3640? I've got BGP running on a 3640 and the router barely knows that it's turned on most of the time. The processor usage is very low and I've had zero problems so far. I do have 128 MB of DRAM, though. That is necessary. From: "John Gesualdi" [EMAIL PROTECTED] Reply-To: "John Gesualdi" [EMAIL PROTECTED] To: "[EMAIL PROTECTED]" [EMAIL PROTECTED] Subject: Which Router for BGP4 ?? Date: Tue, 16 Jan 2001 10:40:18 + I need to run BGP4 with my ISP. Which router would you recommend I purchase? Should I go with a 3620,3640 or a 2650,2651? Thanks. None of the above, unless you want to filter just about everything that's useful. You'll need about 128Meg for the full table IIRC. Why do you *need* to run BGP4? Rob./ -- John A. Gesualdi,CCNP, CCDP [EMAIL PROTECTED] The Providence Journal Company Phone (401)277-8133 Pager (401)785-6938 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: various catalyst5505 syntax question..help as much as you can !
Hi.. Daniel and Dear all, Thanks for guiding me, but I still have a bit more question to consult you if you were free. 1) since the the following vlan are not in used, can I clear them? set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm 2) If set trunk 3/5 means that a trunk can never be established on this link, but is it a must to specify that. Is that the default? Can I clear them? I saw the configuration of the each module like set vlan XXX set port speed XXX set trunk on isl 1-1005 set trunk off negiotiate 1-1005-(1) set spantree portfast set spantree portcost- (2) set spantree portvlancost xx cost - (3) May I know whether no 1) 2) 3) are created by default?? Can I clear them?? 3)What is the different between auto negiotiate and off negiotiate ?? off isl and on isl Thank you very much.. sorry for disturbing you.. I am in rush to answer.. forgive me From: Daniel Cotts [EMAIL PROTECTED] To: "'Richard spalding'" [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: various catalyst5505 syntax question..help as much as you can ! Date: Thu, 8 Feb 2001 13:59:40 -0600 Your absolute best resource is "Cisco LAN Switching" by Clark and Hamilton, Cisco Press ISBN 1-57870-094-9 Chapter 7. Run to your local book store and buy it. Does your boss have pointy hair? 1) mtu is maximum transmission unit. 1500 is the default for ethernet. SAID, Security Association Identifier. Cisco adds 100,000 to the VLAN number to create the SAID value. VLAN 1 = 11 You have three active ethernet VLANs The FDDI and Token Ring VLANs are defaults and most likely not used. 2) sc0 1 means that the "virtual PC" that holds the IP stack is in VLAN 1 (which is default). sc0 vlan#, ip address, subnet mask, broadcast address 3) spantree priority default is 32768. 16384 may make this switch the root switch (for the VLAN in question. If no VLAN is specified then VLAN 1.) Do a "show spantree #" Where # is each VLAN. if you see "Designated Root Cost" at 0 then that switch is the root for that VLAN. 4 5) Don't have time to look it up. They did some tuning with the values. You'll have to look at all the switches to figure out what was intended. Create a drawing of the physical network. Map each VLAN individually unless all the values on all the VLANs are the same. 6) "off negotiate" means that a trunk can never be established on this link. 7) MLS only works if you have a Supervisor III E-2 or above with NFFC (open to correction on this one) and you have an internal routing function RSM card or RSFC or have an external router with MLS configured. If you have it working, someone went through the effort to create it. Don't change it until you know what was intended and why it should be changed. -Original Message- From: Richard spalding [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 12:11 PM To: [EMAIL PROTECTED] Subject: various catalyst5505 syntax question..help as much as you can! Hi...Dear All, Recently, we just took over the administrator of catalyst 5505 switches, my boss want me give me a full report on this switches in two days time. But I don't understand some of the syntax. Pls help as much as you can even you may only one of the question , welcome to contribute.. 1) What is mean by the following, how many vlan are there?? what is mean by mtu 1500 said 11 ? #vtp set vtp domain TOTO set vlan 1 name default type ethernet mtu 1500 said 11 state active set vlan 2 name VLAN0002 type ethernet mtu 1500 said 12set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state activ e stp ieee set vlan 1005 name trnet-default state active set vlan 3 name VLAN0003 type ethernet mtu 1500 said 13 state active type trbrf mtu 1500 said 101005 state active st p ibm set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state acti ve mode srb aremaxhop 0 stemaxhop 0 backupcrf off ! 2)Which interface is sc0 refer to? I know this represent IP of the switches, but any secial meaning of sc0 1 ??? set interface sc0 1 50.200.45.252/255.255.255.0 50.200.45.255 3)why vlan1,2,3 setting is different from vlan1003,1005?? what is mean by spantree priority 16384?? why vlan1002,1004 not specify here? not in use?? #spantree #vlan 1 set spantree priority 16384 1 #vlan 2 set spantree priority 16384 2 #vlan 3 set spantree priority 16384 3 #vlan 1003 set spantree fwddelay 151003 set spantree maxage 201003 #vlan 1005 set spantree fwddelay 151005 set spantree maxage 201005set spantree portcost1/1 3006 4)What is the
Lab Equipment BSCN- Cisco Press Book
Could someone please mail me the Equipment-list from the Cisco Press book? only the lab for one pod (without 3600 Routers) thanks for your help _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which Router for BGP4 ??
I think the new 265x with 128 Mbytes is a good choice. -Mensaje original- De: suaveguru [mailto:[EMAIL PROTECTED]] Enviado el: viernes, 09 de febrero de 2001 9:05 Para: John Neiberger; Robert Nelson-Cox; [EMAIL PROTECTED] Asunto: Re: Which Router for BGP4 ?? Is 64mb enough? regards, suaveguru --- John Neiberger [EMAIL PROTECTED] wrote: why not a 3640? I've got BGP running on a 3640 and the router barely knows that it's turned on most of the time. The processor usage is very low and I've had zero problems so far. I do have 128 MB of DRAM, though. That is necessary. From: "John Gesualdi" [EMAIL PROTECTED] Reply-To: "John Gesualdi" [EMAIL PROTECTED] To: "[EMAIL PROTECTED]" [EMAIL PROTECTED] Subject: Which Router for BGP4 ?? Date: Tue, 16 Jan 2001 10:40:18 + I need to run BGP4 with my ISP. Which router would you recommend I purchase? Should I go with a 3620,3640 or a 2650,2651? Thanks. None of the above, unless you want to filter just about everything that's useful. You'll need about 128Meg for the full table IIRC. Why do you *need* to run BGP4? Rob./ -- John A. Gesualdi,CCNP, CCDP [EMAIL PROTECTED] The Providence Journal Company Phone (401)277-8133 Pager (401)785-6938 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Firewall, Active Directory (Windows 2000 and Exchange 2000)
Hi all! I would like to keep in touch with people who is experimenting with Active Directory through PIX Firewall, new Exchange 2000, Windows 2000, PDC's, global catalogs and so on. I have made a lab with 10 computers (2 exchanges) and 5 dmz's. I have achieved to make it work but it´s very challenging. The most dificult is to change many tcp/udp ports on the windows registry. I think Microsoft's Active Directory's implementation is very poor. Anyway, if you are studying to upgrade to Win2000 and Exchange2000 (with PIX firewall) think twice. Ricardo Ciganda CCNA, CCDA, Security BCMSN, BCRAN Systems Engineer and Network Consultant BYTEMASTER, S.A. C/ Gran Capitan 2-4 4ª Planta Barcelona, SPAIN 08034 [EMAIL PROTECTED] Phone: (+34) 93-2520540 Fax:(+34) 93-2520541 Ask me I won't say no, how could I? The Smiths _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
why access-list match accounting doesn't match ?
Dear all, I do a show access-list on my Cisco packer filter, May I know what kind of access-list match will show in part 1 and what kind of access-list match will show in part 2. Whether the access-list match in part 1 will be counted or add together and show in part 2. Pls take a look on line (A) and (B), (C) and specify by me. 1)For A host eq 4040 talk to host eq 1117 was log in (A)-part 1 but not in (C)-part 2 2)For B permit udp any eq 7091 any log (164 matches) but I could find any host eq 7091 access-list match in part 1 Extended IP access list 100 Part1) permit udp host 199.105.182.173 eq 48130 host 192.168.3.134 eq 48130 (3 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.135 eq 48129 (1 match) permit tcp host 192.168.3.54 eq 3000 host 192.168.3.137 eq 1922 (141762 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.161 eq 48129 permit udp host 199.105.182.23 eq 48129 host 192.168.3.115 eq 48129 (2 matches) permit udp host 199.105.182.168 eq 48130 host 192.168.3.105 eq 48130 (34353 matches) permit tcp host 199.105.182.189 eq 8194 host 192.168.3.119 eq 8196 (10895 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.126 eq 48129 (1 match) permit tcp host 199.105.182.189 eq 8194 host 192.168.3.133 eq 8200 (10891 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.145 eq 48129 permit tcp host 199.105.182.190 eq 8194 host 192.168.3.119 eq 8198 (11616 matches) permit tcp host 192.168.3.54 eq 3000 host 192.168.3.117 eq 1834 (169566 matches) permit tcp host 199.105.182.190 eq 8194 host 192.168.3.133 eq 8197 (11603 matches) permit tcp host 199.105.182.190 eq 8194 host 192.168.3.102 eq 8201 (11610 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.108 eq 48129 permit udp host 199.105.182.86 eq 48129 host 192.168.3.121 eq 48129 (1 match) permit tcp host 199.105.182.189 eq 8194 host 192.168.3.102 eq 8200 (10894 matches) permit tcp host 199.105.182.28 eq 8292 host 192.168.3.149 eq 8277 (10672 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.170 eq 48129 permit udp host 199.105.182.173 eq 48130 host 192.168.3.141 eq 48130 (3 matches) permit udp host 199.105.182.15 eq 48129 host 192.168.3.166 eq 48129 (2 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.164 eq 48130 (3 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.147 eq 48130 (3 matches) permit udp host 199.105.182.23 eq 48129 host 192.168.3.142 eq 48129 (2 matches) permit tcp host 199.105.182.189 eq 8194 host 192.168.3.139 eq 8198 (10890 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.145 eq 48130 (3 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.121 eq 48130 (3 matches) permit tcp host 199.105.182.190 eq 8194 host 192.168.3.139 eq 8200 (11606 matches) permit udp host 199.105.182.170 eq 48130 host 192.168.3.142 eq 48130 (3 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.153 eq 48130 (63536 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.123 eq 48130 (3 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.161 eq 48130 (3 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.126 eq 48130 (3 matches) permit tcp host 192.168.3.54 eq 3000 host 192.168.3.130 eq 1849 (197151 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.123 eq 48129 (2 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.111 eq 48130 (3 matches) permit udp host 199.105.182.173 eq 48130 host 192.168.3.135 eq 48130 (3 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.164 eq 48129 permit udp host 199.105.182.86 eq 48129 host 192.168.3.147 eq 48129 permit udp host 199.105.182.173 eq 48130 host 192.168.3.107 eq 48130 (128770 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.134 eq 48129 permit udp host 199.105.182.173 eq 48130 host 192.168.3.170 eq 48130 (3 matches) permit tcp host 192.168.3.54 eq 3000 host 192.168.3.138 eq 4055 (204874 matches) permit udp host 199.105.182.170 eq 48130 host 192.168.3.115 eq 48130 (3 matches) permit tcp host 192.168.3.43 eq 4040 host 192.168.3.113 eq 1091 (527716 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.111 eq 48129 (1 match) permit udp host 199.105.182.29 eq 48129 host 192.168.3.146 eq 48129 (2 matches) permit udp host 199.105.182.86 eq 48129 host 192.168.3.141 eq 48129 permit udp host 199.105.182.171 eq 48130 host 192.168.3.151 eq 48130 permit tcp host 192.168.3.43 eq 4040 host 192.168.3.104 eq 1117 (529563 matches)--(A) Part 2 permit tcp any any eq www log permit tcp any eq www any log permit tcp any any eq 5100 log permit tcp any eq 5100 any log permit tcp any any eq 60101 log permit tcp any eq 60101 any log permit tcp any any eq 7091 log
Re: Which Router for BGP4 ??
The memory is needed to store and be able to retrieve from the routing table as fast as possible. Since with BGP you get all the routes on the net (which is quite elarge) they recommend 128MB. Now if you want to use less RAM you can. That is, if you have the ISP limit the numner of routers they are advertising to you. If you limit this to just a default route advertisment from the ISP you can run this on a 2600 with less than 64MB (this could give you the ISP redundancy that you may be looking for.) However I would suggest getting a 3600 series router (or better yet 2 of them for redundancy) and getting full routes so you can control things you may want with BGP. Moe Tavakoli --- suaveguru [EMAIL PROTECTED] wrote: Is 64mb enough? regards, suaveguru --- John Neiberger [EMAIL PROTECTED] wrote: why not a 3640? I've got BGP running on a 3640 and the router barely knows that it's turned on most of the time. The processor usage is very low and I've had zero problems so far. I do have 128 MB of DRAM, though. That is necessary. From: "John Gesualdi" [EMAIL PROTECTED] Reply-To: "John Gesualdi" [EMAIL PROTECTED] To: "[EMAIL PROTECTED]" [EMAIL PROTECTED] Subject: Which Router for BGP4 ?? Date: Tue, 16 Jan 2001 10:40:18 + I need to run BGP4 with my ISP. Which router would you recommend I purchase? Should I go with a 3620,3640 or a 2650,2651? Thanks. None of the above, unless you want to filter just about everything that's useful. You'll need about 128Meg for the full table IIRC. Why do you *need* to run BGP4? Rob./ -- John A. Gesualdi,CCNP, CCDP [EMAIL PROTECTED] The Providence Journal Company Phone (401)277-8133 Pager (401)785-6938 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = _ Moe __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco 2513
Hi; Anyone sell cheap 2513 ? For I can not afforad the expensive 2612, I am looking for the cheap 2513. Please send mail to [EMAIL PROTECTED] thanks Vincnet _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ITU-T G.707
Hi, Can someone tell me what exactly ITU-T G.707 is and how it plays a role in stacked DS3/E3 cards? and which cards in cisco/juniper would support ITU-T G.707 Thanks in advance, Brandon _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hacking!!!!!!!!!!!!!!!!!!!!!
htmlDIVHi Friends,/DIV DIVnbsp;/DIV DIVI need some information on hacking which is surely to gain knowledge and secure my corporate n/w. My office has Cisco 3600 Router for internet connaction. /DIV DIVnbsp;/DIV DIV1. How can someone hack the Router./DIV DIV2. If internet uses is trying to hack webserver using a hacking tool which is usingnbsp;port 80, how the administrator can block this action still allowing the trusted users to access the webserver./DIV DIVnbsp;/DIV DIVThanks and Regards/DIV DIVnbsp;/DIV DIVimran/DIV DIVnbsp;/DIV DIVnbsp;/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
This is the second time I have seen a post about HDLC enabling the router to retransmit, and some other people who I have brought the topic up to seem to think so to, so I dug up what Cisco says about HDLC encapsulation. "HDLC Serial Encapsulation Method Cisco provides HDLC serial encapsulation for serial lines. This encapsulation method provides the synchronous framing and error detection functions of HDLC without windowing or retransmission." Note: without retransmission http://www.cisco.com/univercd/cc/td/doc/product/software/ssr83/rpc_r/61110.h tm -Original Message- From: Jeremy Dumoit [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 5:10 PM To: Leigh Anne Chisholm; [EMAIL PROTECTED] Subject: RE: not quite sure... Frame relay has no means for packet loss detection, so a higher layer protocol (probably TCP) would have to request retransmission of the data. This would occur between hosts rather than the router. X.25 and HDLC on the other hand are both reliable protocols... they would recognize a packet loss and retransmit from the routers. However, PPP, like frame, is just a datagram service... the hosts would have to work it out at higher layers again. --- Leigh Anne Chisholm [EMAIL PROTECTED] wrote: Would Router B retransmit if Frame Relay was used as the encapsulation protocol? If so, how would Frame Relay detect the loss of the "packet"? What about X.25--would Router B retransmit? How would X.25 detect the loss? What about HDLC? PPP? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brant Stevens Sent: February 8, 2001 9:10 AM To: Dennis Laganiere; [EMAIL PROTECTED] Subject: RE: not quite sure... The question is if Router B and Router C are routing, or if they are bridging... If they are routing, then Router B would re-transmit a packet. If bridging is happening, then Host A would retransmit... Hope this helps... Brant I. Stevens Internetwork Solutions Engineer Thrupoint, Inc. 545 Fifth Avenue, 14th Floor New York, NY. 10017 646-562-6540 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dennis Laganiere Sent: Wednesday, February 07, 2001 11:32 PM To: '[EMAIL PROTECTED]' Subject: not quite sure... I've tried to diagram this question to make it clear... Host A is sending to Host D... A line error occurs on the serial link between Router-B and Router-C while passing a packet from Host-A to Host-B Devices - Host A-ROUTER B-ROUTER CHOST D Interfaces - (A1)(B1) (B2)(C1) (C2) (D1) What device would rebroadcast? I think that router-B (port B2) would realize an error had occured, and would resend, so the answer should be port B2, but I've been through all my books and can't find anything to confirm or deny my conclusion... Any thoughts? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
Sweet!!Nice Post. Learn something new everyday!!! For clarity though, native PPP will not retransmit. (Lest someone studying for a particular high level test get's a question about it) ;) -Original Message- From: Brian Dennis [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 8:45 PM To: Priscilla Oppenheimer; [EMAIL PROTECTED] Subject: RE: not quite sure... PPP can be reliable. http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/112cg_cr/4rb ook/4rppp.htm#xtocid2891421 http://www.landfield.com/rfcs/rfc1663.html Brian Dennis CCIE #2210 (RS)(ISP/Dial) CCSI #98640 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Thursday, February 08, 2001 4:04 PM To: [EMAIL PROTECTED] Subject: RE: not quite sure... At 11:19 AM 2/8/01, Jeremy Dumoit wrote: I actually think it depends on what encapsulation is running accross the serial link. If you're using HDLC then it's a connection oriented, reliable Cisco's HDLC is non-standard and is not connection-oriented. The router would not retransmit. The router also won't retransmit if it's PPP, Frame Relay, Ethernet, etc. etc etc. etc. protocol... meaning if a packet is lost in transit accross the serial link, the router will knw it when it receives a response from the destination router. It'll then resend the frame. If you're using a datagram protocol, like ppp, however, it will rely on the upper layer protocols to detect missing data.. --- Brant Stevens [EMAIL PROTECTED] wrote: The question is if Router B and Router C are routing, or if they are bridging... If they are routing, then Router B would re-transmit a packet. If bridging is happening, then Host A would retransmit... Hope this helps... Brant I. Stevens Internetwork Solutions Engineer Thrupoint, Inc. 545 Fifth Avenue, 14th Floor New York, NY. 10017 646-562-6540 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dennis Laganiere Sent: Wednesday, February 07, 2001 11:32 PM To: '[EMAIL PROTECTED]' Subject: not quite sure... I've tried to diagram this question to make it clear... Host A is sending to Host D... A line error occurs on the serial link between Router-B and Router-C while passing a packet from Host-A to Host-B Devices - Host A-ROUTER B-ROUTER CHOST D Interfaces - (A1)(B1) (B2)(C1) (C2) (D1) What device would rebroadcast? I think that router-B (port B2) would realize an error had occured, and would resend, so the answer should be port B2, but I've been through all my books and can't find anything to confirm or deny my conclusion... Any thoughts? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: Sniffer Program
Observer Suite It cost $3,000.00 but it can also be free if you seach around ;) "Erick B." [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... www.ethereal.com It's free and decent for LAN/Ethernet stuff. If you're looking for WAN, ATM, etc then you'll need to look at commericial products such as Sniffer Pro. --- Paul Werner [EMAIL PROTECTED] wrote: Can someone recommend a good WindowsME sniffer? Well, I am not sure if it works on Windows ME boxes, but there is a protocol analyzer that will work on most other Winthings (95,98, NT4, etc.) It is fairly decent given the cost(free). My understanding is that it comes from a Win32 ported version of TCPdump. There is only one downside that I am aware of. All of the help files are in Italian. If you can figure out how to get it all loaded, its fairly decent. I am trying to work on the documentation side of things by trying to get a deal struck between my wife and the guy that wrote the code for the program as part of his doctoral thesis. He is in no hurry to get everything translated into English. OTOH, if I give the right type of gratuity to my wife :-), she might be willing to do it herself (I hope). We'll see how (and if) it works out. Here it is: http://netgroup-serv.polito.it/windump/ http://netgroup-serv.polito.it/analyzer/ HTH, Paul Werner __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: need lab stuff
I have a ws-x5010 (telco connector) Etherner module for sale. "Mask Of Zorro" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Got any of the following items for sale??? ws-x5009 Cat 5000 Sup 1 card ws-x5010 Cat 5000 Ethernet module Rack mount ears for: 2500 need 4 sets Cat 5002 need 1 set Thanks in advance! Z _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hacking!!!!!!!!!!!!!!!!!!!!!
Read the book Hacking Exposed 2nd edition. "imran obaidullah" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... htmlDIVHi Friends,/DIV DIVnbsp;/DIV DIVI need some information on hacking which is surely to gain knowledge and secure my corporate n/w. My office has Cisco 3600 Router for internet connaction. /DIV DIVnbsp;/DIV DIV1. How can someone hack the Router./DIV DIV2. If internet uses is trying to hack webserver using a hacking tool which is usingnbsp;port 80, how the administrator can block this action still allowing the trusted users to access the webserver./DIV DIVnbsp;/DIV DIVThanks and Regards/DIV DIVnbsp;/DIV DIVimran/DIV DIVnbsp;/DIV DIVnbsp;/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
In the discussion of error correction, I think an error on my part has been missed. I was thinking about it and I wonder if this is entirely accurate: (concerning what happens after a frame is discarded on WAN link) "The end station will respond by acking the next packet it recieves with the appriopriate (lower numbered) sequence number (of the missed packet). The originating station will get this ack (with the lower sequence number) see that the end station is requesting a packet out of sequence and the originating station will begin it's next transmission with the data from that particular sequence number." Is this correct? -Original Message- From: Christopher Larson [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 3:22 PM To: 'Jeremy Dumoit'; Brant Stevens; Dennis Laganiere; [EMAIL PROTECTED] Subject: RE: not quite sure... HDLC will not retransmit as there is only error detection in HDLC, but no error correction. This is the same with Frame-relay. Frame-relay, and HDLC will detect and discard errored frames but will not retransmit those frames. They depend on upper layers (like TCP for TCP/IP) to recognize there is a missing packet and correct that error. -Original Message- From: Jeremy Dumoit [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 2:19 PM To: Brant Stevens; Dennis Laganiere; [EMAIL PROTECTED] Subject: RE: not quite sure... I actually think it depends on what encapsulation is running accross the serial link. If you're using HDLC then it's a connection oriented, reliable protocol... meaning if a packet is lost in transit accross the serial link, the router will knw it when it receives a response from the destination router. It'll then resend the frame. If you're using a datagram protocol, like ppp, however, it will rely on the upper layer protocols to detect missing data.. --- Brant Stevens [EMAIL PROTECTED] wrote: The question is if Router B and Router C are routing, or if they are bridging... If they are routing, then Router B would re-transmit a packet. If bridging is happening, then Host A would retransmit... Hope this helps... Brant I. Stevens Internetwork Solutions Engineer Thrupoint, Inc. 545 Fifth Avenue, 14th Floor New York, NY. 10017 646-562-6540 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dennis Laganiere Sent: Wednesday, February 07, 2001 11:32 PM To: '[EMAIL PROTECTED]' Subject: not quite sure... I've tried to diagram this question to make it clear... Host A is sending to Host D... A line error occurs on the serial link between Router-B and Router-C while passing a packet from Host-A to Host-B Devices - Host A-ROUTER B-ROUTER CHOST D Interfaces - (A1)(B1) (B2)(C1) (C2) (D1) What device would rebroadcast? I think that router-B (port B2) would realize an error had occured, and would resend, so the answer should be port B2, but I've been through all my books and can't find anything to confirm or deny my conclusion... Any thoughts? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dumb question
Jeremy - even better, what protocl is self correcting ? I need that protocol running on my network ASAP ! Nick Payton Forward error correcting protocols accept addional overhead to provide enough redundancy to give the receiver a fighting chance to correct the frame without retransmission. They tend to be used in radio applications, the extreme case being deep space missions where the probe doesn't have the power or antenna to do routine retransmission, and where the speed of light delay is in minutes or longer. Another approach to self correction can be seen in such protocols as SSCOP, which have options for sending the same message over parallel physical links, and retransmitting only if a frame with a correct checksum is not received on any link. While not strictly error correcting, TCP is highly self correcting with respect to congestion, although there is a continuing evolution of corrective mechanisms. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeremy Dumoit Sent: Thursday, February 08, 2001 8:32 PM To: [EMAIL PROTECTED] Subject: Dumb question I think I'm unclear on some of the protocols here... for what purpose would a protocol detect errors, but not correct them? Maybe QoS? Several reasons. One, the nature of the application is such that some errors are tolerable, and it is worse to delay the packet than drop it. Think packetized voice. Second, you need to look at the overall protocol stack. If you know a higher- or lower-layer protocol will retransmit, why bother duplicating error correction? Think of NFS over RPC over UDP, where RPC does the retransmission at the record level. Alternatively, think of UDP over X.25. Third, the topology is such that it's impractical to retransmit. Think one-to-many multicasting such as sending weather maps to thousands of airports. Individual errors are tolerable here, because weather only changes significantly at 5 or 10 minute intervals (or longer), and a new copy of the weather map is sent every 30-60 seconds. Statistically, you just need to wait and you will get a clean copy. -- "What Problem are you trying to solve?" ***send Cisco questions to the list, so all can benefit -- not directly to me*** Howard C. Berkowitz [EMAIL PROTECTED] Technical Director, CertificationZone.com Senior Mgr. IP Protocols Algorithms, Core Networks Advanced Technology, NortelNetworks (for ID only) but Cisco stockholder! "retired" Certified Cisco Systems Instructor (CID) #93005 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hacking!!!!!!!!!!!!!!!!!!!!!
Can you say NIDS? A must have for a multilayer security posture. Security does not start, or end for that matter with just a firewall..!! -Original Message- From: JCoyne [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 7:55 AM To: [EMAIL PROTECTED] Subject: Re: Hacking! Read the book Hacking Exposed 2nd edition. "imran obaidullah" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... htmlDIVHi Friends,/DIV DIVnbsp;/DIV DIVI need some information on hacking which is surely to gain knowledge and secure my corporate n/w. My office has Cisco 3600 Router for internet connaction. /DIV DIVnbsp;/DIV DIV1. How can someone hack the Router./DIV DIV2. If internet uses is trying to hack webserver using a hacking tool which is usingnbsp;port 80, how the administrator can block this action still allowing the trusted users to access the webserver./DIV DIVnbsp;/DIV DIVThanks and Regards/DIV DIVnbsp;/DIV DIVimran/DIV DIVnbsp;/DIV DIVnbsp;/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
some questions about cisco switchers
1.what's the mean of the suffix of cisco switchers? such as 2948G-L3(L3 may means layer-3,but how about G?),2900XL(what about the XL),could anyone tell me more details? and what do OC12,OC48,OC3 mean? 2.in my CISCO 1924,I set the port have TRUCK function,then the port only can forword the VLAN packet(can't forword any common packets),why?Is it same as the high-end switchers(such as 5500,6000..)?Can I forword common packets after I set the port TRUNCK? 3.what is GRE?what is TRUNCK?what is the difference about ISL and 802.1Q? thanx! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
distribute list in EIGRP
Hi Group, A quick question. If a distribute list has be established in EIGRP for a while, and you remove the list. How long will it take for the new route to be discovered? And how EIGRP is acting in this case. Thanks in advance. Adam __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HDLC
Getting some good info here.. So cisco has their own implementation of HDLC.. is it compatible with other non-cisco devices (nothing particular in mind here)? What does the control field of a cisco HDLC frame look like? Thanks!!! Jeremy _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ATM BOOK
Can anyone recommend a very good ATM book, please. -B __ FREE voicemail, email, and fax...all in one place. Sign Up Now! http://www.onebox.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Upload
Hi John, Thanks for the help, The router that is giving me this problem is a 2621, I also have a 2611 is it possible for me to tftp the flash from the 2611 onto my tftp server and then try and load that onto the 2621 or is that simply not possible. Sorry, probably a very novice question, but if I cant do that, what is the quickest and easiest way for me to get a different flash that I could try loading onto the router ? One more question :) ... Is it possible to sent a binary image to the router via the console cable ? If so does it need to be in another format or can you simple use something like xmodem to send the same binary image to the device ? Thanks Warrick FitzGerald LiveTechnology International Inc. "John Neiberger" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My first concern is that I have no idea what that image is. I searched CCO for that image name and couldn't find it, not in the IOS upgrade planner or the Feature Navigator. The only close one I could find was 12.1(2), not 2.5, and it was about 200k bigger than the file you mention. Do you have that image running on another router? If not, try loading a different image. That one spooks me. g Perhaps something is wrong with flash, so another option is to replace the flash and see if that helps. Another option is to use the -r option for tftpdnld which will load the image directly to DRAM instead of to flash. If that works, then you know your flash is hosed. I hate to even mention it, but make sure your basic networking setup is correct (addresses, masks, cables, etc.) That goes without saying, but I'll say it anyway. :-) Good luck! John Hi, When I tried to upload my IOS image to the my 2600 router it failed. When the router rebooted it kicked into Rommon mode with an error message that reads "boot: cannot determine first file name on device "flash:"". There is a command in rommon mode called "tftpdnld" which I run once I have set all my parameters, this is surposed to fetch the image of my tftp server. I see it connect to my TFTP server but after a second or two it times out and I dont get the image. If anyone knows why the image does not download, pls help. Filename = c2600-io3s56i-mz.121-2.5 File Size = 8,071 KB Thanks Warrick FitzGerald LiveTechnology International Inc. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ATM BOOK
Cisco ATM Solutions. by cisco press -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Boomie Okeowo Sent: Friday, February 09, 2001 1:44 PM To: [EMAIL PROTECTED] Subject: ATM BOOK Can anyone recommend a very good ATM book, please. -B __ FREE voicemail, email, and fax...all in one place. Sign Up Now! http://www.onebox.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Local Director Config
great post! - Original Message - From: "Moe Tavakoli" [EMAIL PROTECTED] To: "Keith Whitfield" [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, February 09, 2001 1:10 AM Subject: Re: Local Director Config You have the basic idea. the Local Director load-balances per packet. Now you are talking about 2 servers behind the LD and you want the same user (session) to continue to go to the same server till the transaction is complete (usually do to the fact that the server keeps the session ID and tracks it, very common.) What you will need to use is the STICKY command. This command will allow you to send a certain client session to the same "real" server. So once you create your 1 virtual server and 2 real servers type in the sticky command and apply it to the Virtual address. There are foure ways that the box will do the sticky: IP: Based on source and destination of the request. The problem here would be in the case your users are coming from a PAT. Lets say you have one large user base coming in with the same source. The LD would send these requests from that IP to one real (thinking it's the same session.) This could get in the way of actual load balancing. But th egood thing is that it works and is very easy to configure and make sure it works. SSL: This is the other sticky type which has been supported since aleast ver. 4.4. This tracks the SSL session ID and makes sure the client with the same SSL Session ID keeps going back to the same server. This had some problems with a couple of IE4.? vers, where the browser would request a new SSL ID too soon (the SSL TTL on the browser was set to small.) App Cookie: This was introduced in the 5.? releases. This allows you to define a session based on the cookie yor app gives to the session. This is assuming that you use Cookies. If your using cookies this is a pretty solid solution, though it is a bit slower than the previous two. LD Cookie: Released along witht the previous. You also have the option of having the LD assign cookies to the traffic (a great option when your app doesn't) Again this is a bit slower than the first two. On the cluster issue, remember that the cluster has a single VIP and this is the way it should be accessed. It will do it's own load-balancing (hopefully.) So the LD would be useless in this case, unless you have two sets of clusters that you'd like to load-balance. When installing also look at the way the LD is doing it's load-balancing. By default it is set to least-conn. That means the unit with the least amount of open connections gets the request. This may or may not be the right one for you, so read into them and apply it to your scenerio. Remember that your install is a very basic one: You need to set the management IP Set the Virt Set the Real Bind them Set your sticky The Default Gateway and plug two interfaces to separate VLANS. (I think thats it!) Also remember that the LD is a bridge (and never bridge it) the servers behind it use the same address space as the network in-front of it and use the default gateway of the network in-front of the LD. I hope that helps, I'm sure I would spew out some more if my fingers weren't tired! Moe Tavakoli --- Keith Whitfield [EMAIL PROTECTED] wrote: Thanks for the response. So, In what kind of server setup does LD work? Is there a way to disable load-balancing on the LD and configure it to work as a Redirector? I don't know if I am asking for something that LD doesn't do. But, I am confused at the scenario when LD is implemented and what are the things I need to keep in mind at the server sides when I go ahead with LD solution. Thanks [EMAIL PROTECTED] wrote... I'm not even sure it is possible to load balance between two servers in a cluster. Since clusters are generally presented as one server. Clayton "Keith Whitfield" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi... I am in the process of implementing a Local Director for the servers in our company. Right now in the process of documenting the requirements and design of it. I have some questions for which the cisco site don't have information in the LD documentation. I have 2 servers on which I need to do load balancing as well as have a fail over redundancy in case one of them goes down. I can achieve this by the LD. But the traffic that goes via the LD are real time transactions and I don't know how the application(our) will respond to these requests, since LD laod balances on a packet-packet basis. Basically we will be having 2 instances of the application running.So, my questions are 1.To achieve synchronization between the servers for every transaction that occur Do I need to have a clustering software for these servers?
RE: HDLC
Thats right, cisco hdlc is not compatible with other vendors implemenation of hdlc. An HDLC frame format is shown below: 111 2 variable 2 1 +++++---++-- --+ |flag|addr|ctrl|protocol|data | FCS |flag| |0x7E||0x00|| | |0x7E| +++++---++-- --+ flag = start/end of frame = 0x7E (Other special characters: Idle = 0xFF, Abort = 0x7F) address = this is really a frame type field 0x0F = Unicast Frame 0x80 = Broadcast Frame 0x40 = Padded Frame 0x20 = Compressed Frame Protocol = the Ethernet type of the encapsulated data: 0x0800 = IP 0x6003 = DECnet ... 0x6558 = Bridged Frame 0x8035 = Keepalive Frame 0x80C4 = CDP The bits in the frame (not counting the flag bytes) are 0 bit stuffed to insure that there is never more then 5 1 bits in a row on the wire. Therefore 0xFF, 0xFE, 0xFC, 0x7E, 0x7F, 0x3F bytes could never be in the data portion of the frame - so they are free to be used for start/end framing and other special functions on the wire. /Stuart. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jeremy Dumoit Sent: Friday, February 09, 2001 1:45 PM To: [EMAIL PROTECTED] Subject: HDLC Getting some good info here.. So cisco has their own implementation of HDLC.. is it compatible with other non-cisco devices (nothing particular in mind here)? What does the control field of a cisco HDLC frame look like? Thanks!!! Jeremy _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need Help ( DNS Server)
Hi, Check client hostname and domain name in local IP-stack. PER interface DNS resolution can done in NT, but normally PER DOMAIN/PER MACHINE. So check local IP settings. Browse trough hostname AND domain name of the DNS server locally (ipstack) also. Cheers, Martijn -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens Shahid Muhammad Shafi Verzonden: maandag 5 februari 2001 4:10 Aan: [EMAIL PROTECTED] Onderwerp: Need Help ( DNS Server) I m just running a DNS server with Microsoft DNS manager and I got 8 clients on the subnet. The problem i having here is that I can ping all the clients from DNS Server using their FQDN but when I try to ping the DNS server from the clients they ping it only when I give the Hostname i.e Labserver but they dont ping it whaen i try using Labserver.itplab.com Any suggestions??? Thanks in advance Shahid __ Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which Router for BGP4 ??
The WAN connection is often the deciding factor for model type. We typically use 2600's for 1 to 2 T1's, 3600's for more than 2 T1's and 7200's for DS3 and above. I know each platform has more options but that's the general baseline we run. As far as running BGP with your ISP, you'll need to consider how many routes you want from the ISP. You can use BGP to advertise your networks to the ISP but that doesn't mean that you have to get your ISP's full BGP route table advertised to you. You can simply use a default route out. If you do want the ISP's full routing table (possibly 96,000+ routes according to Tony's CIDR report), then you'll want atleast 64MB of RAM. You need to take into account the BGP process, the BGP routing table (remember, it has it's own table) and the total IP route table. If you are running something internally (i.e. OSPF) then take that into consideration also when determining how much RAM you'll need. HTH, Chris -Original Message- From: Javier Castillo Alcibar [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 3:53 AM To: [EMAIL PROTECTED] Subject: RE: Which Router for BGP4 ?? I think the new 265x with 128 Mbytes is a good choice. -Mensaje original- De: suaveguru [mailto:[EMAIL PROTECTED]] Enviado el: viernes, 09 de febrero de 2001 9:05 Para: John Neiberger; Robert Nelson-Cox; [EMAIL PROTECTED] Asunto: Re: Which Router for BGP4 ?? Is 64mb enough? regards, suaveguru --- John Neiberger [EMAIL PROTECTED] wrote: why not a 3640? I've got BGP running on a 3640 and the router barely knows that it's turned on most of the time. The processor usage is very low and I've had zero problems so far. I do have 128 MB of DRAM, though. That is necessary. From: "John Gesualdi" [EMAIL PROTECTED] Reply-To: "John Gesualdi" [EMAIL PROTECTED] To: "[EMAIL PROTECTED]" [EMAIL PROTECTED] Subject: Which Router for BGP4 ?? Date: Tue, 16 Jan 2001 10:40:18 + I need to run BGP4 with my ISP. Which router would you recommend I purchase? Should I go with a 3620,3640 or a 2650,2651? Thanks. None of the above, unless you want to filter just about everything that's useful. You'll need about 128Meg for the full table IIRC. Why do you *need* to run BGP4? Rob./ -- John A. Gesualdi,CCNP, CCDP [EMAIL PROTECTED] The Providence Journal Company Phone (401)277-8133 Pager (401)785-6938 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Upload
I believe that you can configure the 2611 to be a tftp server (using the global config mode 'tftp-server' command) but I've never tried it. If you can get that to work, connect the two routers directly together with a crossover cable or connect them both to a switch or hub. This will help eliminate any other potential difficulties. By far, the fastest method is tftp. From ROM Monitor mode, you can do a transfer over the console port using xmodem. If you're going to go this route, use the confreg command to raise the speed of the console port, and then use Xmodem-1K, not regular Xmodem, which is way too slow. Using this method, it's still going to take an hour or two, IIRC. It's not a speedy method, but it works. I should warn you that there are some 2610 and 2611 images out there that will NOT work on a 2620. Make sure you have an image that will actually run on this model. The one running on that 2611 may not even work. I've done this before, and it took me a while to figure out why none of my interfaces were showing up. :-) Speaking of images, where did you get that one? I couldn't find it on CCO, and that worries me. Regards, John Hi John, Thanks for the help, The router that is giving me this problem is a 2621, I also have a 2611 is it possible for me to tftp the flash from the 2611 onto my tftp server and then try and load that onto the 2621 or is that simply not possible. Sorry, probably a very novice question, but if I cant do that, what is the quickest and easiest way for me to get a different flash that I could try loading onto the router ? One more question :) ... Is it possible to sent a binary image to the router via the console cable ? If so does it need to be in another format or can you simple use something like xmodem to send the same binary image to the device ? Thanks Warrick FitzGerald LiveTechnology International Inc. "John Neiberger" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My first concern is that I have no idea what that image is. I searched CCO for that image name and couldn't find it, not in the IOS upgrade planner or the Feature Navigator. The only close one I could find was 12.1(2), not 2.5, and it was about 200k bigger than the file you mention. Do you have that image running on another router? If not, try loading a different image. That one spooks me. g Perhaps something is wrong with flash, so another option is to replace the flash and see if that helps. Another option is to use the -r option for tftpdnld which will load the image directly to DRAM instead of to flash. If that works, then you know your flash is hosed. I hate to even mention it, but make sure your basic networking setup is correct (addresses, masks, cables, etc.) That goes without saying, but I'll say it anyway. :-) Good luck! John Hi, When I tried to upload my IOS image to the my 2600 router it failed. When the router rebooted it kicked into Rommon mode with an error message that reads "boot: cannot determine first file name on device "flash:"". There is a command in rommon mode called "tftpdnld" which I run once I have set all my parameters, this is surposed to fetch the image of my tftp server. I see it connect to my TFTP server but after a second or two it times out and I dont get the image. If anyone knows why the image does not download, pls help. Filename = c2600-io3s56i-mz.121-2.5 File Size = 8,071 KB Thanks Warrick FitzGerald LiveTechnology International Inc. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
In the discussion of error correction, I think an error on my part has been missed. I was thinking about it and I wonder if this is entirely accurate: (concerning what happens after a frame is discarded on WAN link) "The end station will respond by acking the next packet it recieves with the appriopriate (lower numbered) sequence number (of the missed packet). The originating station will get this ack (with the lower sequence number) see that the end station is requesting a packet out of sequence and the originating station will begin it's next transmission with the data from that particular sequence number." Is this correct? Emphasis: end station. You are describing what TCP does. Routers typically are unconcerned with TCP. And again, not all applications need reliable links, so not all applications will have retransmission ANYWHERE in the path. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HDLC
Getting some good info here.. So cisco has their own implementation of HDLC.. is it compatible with other non-cisco devices (nothing particular in mind here)? What does the control field of a cisco HDLC frame look like? Thanks!!! Jeremy It's a little unfair to deprecate an "implementation" of HDLC. HDLC, as the standard is written, is much more an architecture for data link protocols than a protocol to be implemented and have multivendor compatibility. LAP, LAP-B, LAP-D, and LAP-F are all HDLC subsets that I would expect to be interoperable. Cisco, Codex/Motorola, Ascom/Timeplex, etc., would have made me much happier if they simply had said they had proprietary link protocols with HDLC-style framing. Remember that PPP wasn't around at the time these protocols were deployed. X.25 LAP (perhaps not LAP-B) was, but, again, link-level retransmission is not necessarily desirable. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Networking White Papers (NAP and BGP)
I am setting up a NAP using 3600's and need a site or location for obtaining whitepapers on both NAP's and BGP. I am going to use BGP for router redundancy across multiple ISPs. Where can I find these whitepapers on these two subjects? Thanks! Bandele Hinton Motorola Corporation 630-353-8286 (office) 877-992-7925 (pager) [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: General Networking Question
I'm sure there are several people on this board willing to do contract work for you. However, most cable modem providers require you (as a non commercial customer) to sign a contract stating you will not use the machine connected to their network as a server across their network. If you really want to be able to do this you need to contact your cable provider and get a commercial contract. You would be using more bandwidth than the normal customer and the cable company wants to be compensated. Stan Bowman wrote: Hi there to everyone. I have a computer question I need help with. I am not super-technical with computers so forgive any of my ignorance. My question relates to networking and cable modems. I am running an application for my business from my computer. My business partner lives in another town and she would like to be able to access the software from her location. I checked with the software manufacturer and they said that the software supports this. They said that we can install the application on both machines and that the database will reside only on my machine (the host). Then, they said we need to establish a "network" between the two machines so that the remote machine can map a drive to my machine. My partner needs to map a drive to my computer so that when she logs in, she can point to the database located on my machine and us it for the application. She is actually running the application on her machine, but through a mapped drive she is pointing to a database on my computer. Obviuosly, I could use dial-up networking and have her dial up my machine and map a drive that way. This is not the desired option for a couple reasons. First, my computer is NOT running NT server right now. As I understand it, I would need to upgrade my machine to Windows NT Server before she could dial into mine. Second, the performance over the phone line would most likely be too slow and negate the benefit of networking the application. My question is how can we network our to machines together using our cable modems. We both access the internet via cable modems. Both our machines are running win2000 (millenium). Both of us have static ip addresses so I was hoping we could somehow use this to network them together. We can ping each others machine through DOS without any problem, so I know that the communication works. I would welcome any suggestions on how we can solve this problem. Once again, the goal is to be able to map a drive from my partners computer to mine so when she logs into the application on her machine, she can browse to my computer and select the database. Thanks in advance for your help. Please email me if you have any questions or solutions. Thanks!! Stan [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffer Program
Ethereal, www.ethereal.com, works for me and is free. It actually also has some of the freshest decodes I've seen (ie RSVP-TE/OSPF-TE etc) *** REPLY SEPARATOR *** On 2/8/2001 at 8:56 PM [EMAIL PROTECTED] wrote: =A0=A0Can someone recommend reasonable price Windows sniffer?=20 =A0=A0Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No Subject
Question I am trying to find an updated listing of all udp and tcp ports so I can write an access list to block Real Audio, or is Real audio using port 80. Or is there a better way ? Write me back at this address thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Firewall Issue
Does anyone know of a vpn client for Windows 2000, I have Cisco Secure but it doesnt run on 2000, I need to implement a vpn solution for my company that will integrate with the PIX 515 that I just purchased.. Regards, Kevin From: "Kenny Sallee" [EMAIL PROTECTED] Reply-To: "Kenny Sallee" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Pix Firewall Issue Date: Wed, 7 Feb 2001 15:55:14 -0800 Actually it's not a good idea to do a 'conduit permit icmp any any'. If you want ping traffic to originate inside then do this: conduit permit icmp 208.184.23.0 255.255.255.0 any echoreply Think about the way ping works - your workstation sends an icmp echo - the end station sends an icmp echo-reply - which from the PIX standpoint is a new inbound packet ( cuz it's stateless ). Therefore - let the echo-reply in only. Not all ICMP messages. Kenny "Daniel Cotts" [EMAIL PROTECTED] wrote in message 303479FA060CD211B893F805A88AA10F4C@EXCHANGE1">news:303479FA060CD211B893F805A88AA10F4C@EXCHANGE1... You're not telling us from where you are pinging. From the PIX? From a host behind the Firewall? From a host outside the Firewall? Anyway this command is good to have in later versions if you want pings to traverse the PIX. conduit permit icmp any any You may also want to modify that command or eliminate it, if you want to enforce a stronger policy. http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v50/config/con fig.htm#xtocid1091627 -Original Message- From: exchange [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 07, 2001 1:09 PM To: '[EMAIL PROTECTED]' Subject: Pix Firewall Issue Hi Gang, I have a Pix Firewall 520 and wondered if this was a feature or a configuration issue on my firwall. We have an entire class C address say 208.184.23.x to use for our network. We use the 192.168.1.x network for our internal network. I am having problems pinging a machine's Internet ip address say 208.184.23.11 which I noticed is statically mapped to it's internal address say 192.168.1.10 on the pix. For example, If I ping another box 208.184.23.12 and not statically mapped to a internal ip address on the pix, I get a response. Any help or hints would be greatly appreciated. Thanks! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF: ASBR/ABR
Need suggestion: Has anyone ever implemented OSPF where they had their router been an ASBR and a ABR at the same time and if so was there any problems? I have to connect a non OSPF router to my AGG router (ABR). I really don't want to do any redistribution on the ABR routers but the powers that be are cheap :-) Before I even go into the lab I just want to get some feed back from anyone. Thanks Karl _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Has anyone seen a 2901 that has the same i.o.s as 5000 switch
Jeff, Technically, the 2901 is part of the C5000 Family of products (Its replacement was the C5002) and runs the same CATOS as the 5000. I don't remember the version in which support for the 2901 stops, but you could have a 2901 and a 5002 running CATOS 2.3. So the answer to your question is yes. Please remember that these products run CATOS and not IOS as your note suggests. IOS is however supported as a direct download to RSM / RSFC and ATM blades in a C5XXX chasis. Hope this helps Victor --- Jeff Kelly [EMAIL PROTECTED] wrote: _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:
this is where I look: http://www.isi.edu/in-notes/iana/assignments/port-numbers Chris Sweeting [EMAIL PROTECTED] 02/09/01 10:23AM Question I am trying to find an updated listing of all udp and tcp ports so I can write an access list to block Real Audio, or is Real audio using port 80. Or is there a better way ? Write me back at this address thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hacking!!!!!!!!!!!!!!!!!!!!!
Rick, PMI (pardon my ignorance), I can say it as well as spell it but what the hell is it and where can I get some. TIA. ""Watson, Rick, CTR, OUSDC"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can you say NIDS? A must have for a multilayer security posture. Security does not start, or end for that matter with just a firewall..!! -Original Message- From: JCoyne [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 7:55 AM To: [EMAIL PROTECTED] Subject: Re: Hacking! Read the book Hacking Exposed 2nd edition. "imran obaidullah" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... htmlDIVHi Friends,/DIV DIVnbsp;/DIV DIVI need some information on hacking which is surely to gain knowledge and secure my corporate n/w. My office has Cisco 3600 Router for internet connaction. /DIV DIVnbsp;/DIV DIV1. How can someone hack the Router./DIV DIV2. If internet uses is trying to hack webserver using a hacking tool which is usingnbsp;port 80, how the administrator can block this action still allowing the trusted users to access the webserver./DIV DIVnbsp;/DIV DIVThanks and Regards/DIV DIVnbsp;/DIV DIVimran/DIV DIVnbsp;/DIV DIVnbsp;/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hacking!!!!!!!!!!!!!!!!!!!!!
Network Intrusion Detection Systems Available most anywhere security solutions are sold. Brad Stanfield CCNA/CCDA Network/Integration Engineer [EMAIL PROTECTED] Government Micro Resources Network Operations Control Center Norfolk Naval Shipyard Bldg 33 NAVSEA NCOE 757-393-9526 1-800-626-6622 -Original Message- From: Luke [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 10:43 AM To: [EMAIL PROTECTED] Subject: Re: Hacking! Rick, PMI (pardon my ignorance), I can say it as well as spell it but what the hell is it and where can I get some. TIA. ""Watson, Rick, CTR, OUSDC"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can you say NIDS? A must have for a multilayer security posture. Security does not start, or end for that matter with just a firewall..!! -Original Message- From: JCoyne [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 7:55 AM To: [EMAIL PROTECTED] Subject: Re: Hacking! Read the book Hacking Exposed 2nd edition. "imran obaidullah" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... htmlDIVHi Friends,/DIV DIVnbsp;/DIV DIVI need some information on hacking which is surely to gain knowledge and secure my corporate n/w. My office has Cisco 3600 Router for internet connaction. /DIV DIVnbsp;/DIV DIV1. How can someone hack the Router./DIV DIV2. If internet uses is trying to hack webserver using a hacking tool which is usingnbsp;port 80, how the administrator can block this action still allowing the trusted users to access the webserver./DIV DIVnbsp;/DIV DIVThanks and Regards/DIV DIVnbsp;/DIV DIVimran/DIV DIVnbsp;/DIV DIVnbsp;/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
Right, I am speaking of the process between end stations here. My thinking is, if the router discarded the frame, then the originating station would not get an ack out of sequence from the remote end station because the packet was dropped (therefore the remote never got something to ack). The originating station would actually retransmit because it did not get an ack from the remote. Right? Unless TCP has negotiated that x number of packets can be transmitted w/o an ack. Which I know can be done, but don't know how common it is. -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 10:06 AM To: [EMAIL PROTECTED] Subject: RE: not quite sure... In the discussion of error correction, I think an error on my part has been missed. I was thinking about it and I wonder if this is entirely accurate: (concerning what happens after a frame is discarded on WAN link) "The end station will respond by acking the next packet it recieves with the appriopriate (lower numbered) sequence number (of the missed packet). The originating station will get this ack (with the lower sequence number) see that the end station is requesting a packet out of sequence and the originating station will begin it's next transmission with the data from that particular sequence number." Is this correct? Emphasis: end station. You are describing what TCP does. Routers typically are unconcerned with TCP. And again, not all applications need reliable links, so not all applications will have retransmission ANYWHERE in the path. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE:
Check this link for the IANA assigned numbers, and other non-IANA registered numbers: http://www.sockets.com/services.htm RealPlayer/RealAudio is very hard to filter because it can be configured to run over TCP port 80 (HTTP). So there ya go, Evan -Original Message- From: Chris Sweeting [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 9:23 AM To: [EMAIL PROTECTED] Subject: Question I am trying to find an updated listing of all udp and tcp ports so I can write an access list to block Real Audio, or is Real audio using port 80. Or is there a better way ? Write me back at this address thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
Howard's correct. Think about voice - do you really want voice packets retransmitted? Due to delay and sequencing issues, likely not... Understanding each protocol and its capabilities is the best way to understand where retransmission occurs. Some protocols have both error detection and error correction mechanisms as part of its design. Some protocols have simply error detection mechanisms but lack the capability to have the missing information resent--in such a case, protocols at higher layers are responsible for seeing data be retransmitted. And finally, some protocols have no error detection or correction capabilities. In my original "not quite sure" post, I purposely asked how certain data link layer protocols detect the loss of a "packet" because of the four listed, each fits into one of the three above categories. Error detection and correction begins at the lowest layers of the OSI model and works its way upwards through the protocol stack. As Howard pointed out, not all applications find retransmission desirable so you might not find retransmission capabilities anywhere within the protocol set used for transmission. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Howard C. Berkowitz Sent: February 9, 2001 8:06 AM To: [EMAIL PROTECTED] Subject: RE: not quite sure... In the discussion of error correction, I think an error on my part has been missed. I was thinking about it and I wonder if this is entirely accurate: (concerning what happens after a frame is discarded on WAN link) "The end station will respond by acking the next packet it recieves with the appriopriate (lower numbered) sequence number (of the missed packet). The originating station will get this ack (with the lower sequence number) see that the end station is requesting a packet out of sequence and the originating station will begin it's next transmission with the data from that particular sequence number." Is this correct? Emphasis: end station. You are describing what TCP does. Routers typically are unconcerned with TCP. And again, not all applications need reliable links, so not all applications will have retransmission ANYWHERE in the path. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Win2k and PIX IPSec?
Has anyone sucessfully set up an IPSec tunnel between a Windows 2000 client running the native Win2k IPSec stack and a PIX? If so, do you have a sample config? I'm able to establish an SA between the PIX and the Win2k box, but I'm unable to pass traffic. For instance, a ping from inside the PIX to the Win2k box outside the PIX results in an SA being established, but the packets are not passed, and a debug shows a "check crypto map deny". The access lists for nat 0 and for the encrypted traffic are identical and applied. Pix code 5.2.x. Thanks Ben -- Ben Hockenhull [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hacking!!!!!!!!!!!!!!!!!!!!!
Network Intrusion Detection System - when looking to evaluate a product look at both host-based and network-based solutions. Each type compliments one another. I can remember only one product that is a "quasi-hybrid" mix of both host and network-based. I think it is from ISS (Internet Security Systems). -Original Message- From: Luke [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 10:43 AM To: [EMAIL PROTECTED] Subject: Re: Hacking! Rick, PMI (pardon my ignorance), I can say it as well as spell it but what the hell is it and where can I get some. TIA. ""Watson, Rick, CTR, OUSDC"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can you say NIDS? A must have for a multilayer security posture. Security does not start, or end for that matter with just a firewall..!! -Original Message- From: JCoyne [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 7:55 AM To: [EMAIL PROTECTED] Subject: Re: Hacking! Read the book Hacking Exposed 2nd edition. "imran obaidullah" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... htmlDIVHi Friends,/DIV DIVnbsp;/DIV DIVI need some information on hacking which is surely to gain knowledge and secure my corporate n/w. My office has Cisco 3600 Router for internet connaction. /DIV DIVnbsp;/DIV DIV1. How can someone hack the Router./DIV DIV2. If internet uses is trying to hack webserver using a hacking tool which is usingnbsp;port 80, how the administrator can block this action still allowing the trusted users to access the webserver./DIV DIVnbsp;/DIV DIVThanks and Regards/DIV DIVnbsp;/DIV DIVimran/DIV DIVnbsp;/DIV DIVnbsp;/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: distribute list in EIGRP
If you do a Clear ip route * that will get the routes in faster! EIGRP just relearn it's neighbors/routes with out the effects of the distribute list. Karl -Original Message- From: Adam Wang [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 8:39 AM To: [EMAIL PROTECTED] Subject: distribute list in EIGRP Hi Group, A quick question. If a distribute list has be established in EIGRP for a while, and you remove the list. How long will it take for the new route to be discovered? And how EIGRP is acting in this case. Thanks in advance. Adam __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Win2k and PIX IPSec?
I've had that error before. It was between 2 PIX's though. The fix ( on both sides ) was to do a "clear crypto ipsec sa" and "clear crypto isakmp sa". And then it worked. It was like the SA's got outa sync or something. Or one side had a valid SA and the other didn't. On a side note - have you tried to use 'pl-compatable' instead of NAT 0? Pl-compat bypasses all translation and conduit requirements, effectivly terminating the tunnel on the inside interface or whichever interface the traffic is destined for. Kenny "Ben Hockenhull" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Has anyone sucessfully set up an IPSec tunnel between a Windows 2000 client running the native Win2k IPSec stack and a PIX? If so, do you have a sample config? I'm able to establish an SA between the PIX and the Win2k box, but I'm unable to pass traffic. For instance, a ping from inside the PIX to the Win2k box outside the PIX results in an SA being established, but the packets are not passed, and a debug shows a "check crypto map deny". The access lists for nat 0 and for the encrypted traffic are identical and applied. Pix code 5.2.x. Thanks Ben -- Ben Hockenhull [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Win2k and PIX IPSec?
I have not done it in awhile, and I don't have a config. However, when I did do it you had to setup an l2tp tunnel first between win2k and the router and then run ipsec through the l2tp tunnel. -Original Message- From: Ben Hockenhull [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 10:57 AM To: [EMAIL PROTECTED] Subject: Win2k and PIX IPSec? Has anyone sucessfully set up an IPSec tunnel between a Windows 2000 client running the native Win2k IPSec stack and a PIX? If so, do you have a sample config? I'm able to establish an SA between the PIX and the Win2k box, but I'm unable to pass traffic. For instance, a ping from inside the PIX to the Win2k box outside the PIX results in an SA being established, but the packets are not passed, and a debug shows a "check crypto map deny". The access lists for nat 0 and for the encrypted traffic are identical and applied. Pix code 5.2.x. Thanks Ben -- Ben Hockenhull [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Firewall Issue
Right now there is no Win2k client available from Cisco. There is a beta out of the Altiga 3000 client - which can work with the PIX as well. You may be able to call TAC and request a copy. Though if you are hiding behind PAT and terminating on a PIX you are still SOL. The alternative for win2k clients is PPTP with MPPE. Very simple to implement and is a hold over until the 2k client is available. You can either terminate on the PIX and use Funk software radius server ( cisco secure ACS doesn't support MPPE ), a local database created on the PIX, or put a beefy win2k server in a DMZ and pass the PPTP traffic to that server. It'll need to be dual homed and secure as much as possible. Good luck Kenny - Original Message - From: "Kevin O'Gilvie" [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, February 09, 2001 7:29 AM Subject: Re: Pix Firewall Issue Does anyone know of a vpn client for Windows 2000, I have Cisco Secure but it doesnt run on 2000, I need to implement a vpn solution for my company that will integrate with the PIX 515 that I just purchased.. Regards, Kevin From: "Kenny Sallee" [EMAIL PROTECTED] Reply-To: "Kenny Sallee" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Pix Firewall Issue Date: Wed, 7 Feb 2001 15:55:14 -0800 Actually it's not a good idea to do a 'conduit permit icmp any any'. If you want ping traffic to originate inside then do this: conduit permit icmp 208.184.23.0 255.255.255.0 any echoreply Think about the way ping works - your workstation sends an icmp echo - the end station sends an icmp echo-reply - which from the PIX standpoint is a new inbound packet ( cuz it's stateless ). Therefore - let the echo-reply in only. Not all ICMP messages. Kenny "Daniel Cotts" [EMAIL PROTECTED] wrote in message 303479FA060CD211B893F805A88AA10F4C@EXCHANGE1">news:303479FA060CD211B893F805A88AA10F4C@EXCHANGE1... You're not telling us from where you are pinging. From the PIX? From a host behind the Firewall? From a host outside the Firewall? Anyway this command is good to have in later versions if you want pings to traverse the PIX. conduit permit icmp any any You may also want to modify that command or eliminate it, if you want to enforce a stronger policy. http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v50/config/co n fig.htm#xtocid1091627 -Original Message- From: exchange [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 07, 2001 1:09 PM To: '[EMAIL PROTECTED]' Subject: Pix Firewall Issue Hi Gang, I have a Pix Firewall 520 and wondered if this was a feature or a configuration issue on my firwall. We have an entire class C address say 208.184.23.x to use for our network. We use the 192.168.1.x network for our internal network. I am having problems pinging a machine's Internet ip address say 208.184.23.11 which I noticed is statically mapped to it's internal address say 192.168.1.10 on the pix. For example, If I ping another box 208.184.23.12 and not statically mapped to a internal ip address on the pix, I get a response. Any help or hints would be greatly appreciated. Thanks! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
remote access?
Hi. I have a 1602 router, as well as a 2514 router at home. And an external modem. I was wondering, is there any way to connect from say, work, to home, via pcanywhere, or dial in to the router to control it? Thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
simple BW question
Everryone: If I have a 56K modem does that mean I have 56k upstrem BW 56 K down stream BW or I have total of 5k BW. The reason I am asking is I have 1MB BW from ISP. The ISP feed comes into Firewall. most of traffic is downstream that is traffic is going inside the company, as everybody uses internet download mails. Now if I have remote VPN users who connect to their ISP then establish VPN seession with the VPN server sitting behind firewall. They access internal windows network mostly to download files from shared folder. This traffic is mostly outbound. Does the VPN users get full 1MB BW for outgoing traffic OR is 1MB is shared by both internal external users. Can somebody give some clarifications? thanks in advance. __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
Right, I am speaking of the process between end stations here. My thinking is, if the router discarded the frame, then the originating station would not get an ack out of sequence from the remote end station because the packet was dropped (therefore the remote never got something to ack). The originating station would actually retransmit because it did not get an ack from the remote. Right? Unless TCP has negotiated that x number of packets can be transmitted w/o an ack. Which I know can be done, but don't know how common it is. Not the number of packets, but the number of bytes. The usual practice is to use a slow start mechanism, where TCP starts with one byte per ACK, then keeps increasing the window until delay or congestion limits performance (vast simplification). -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 10:06 AM To: [EMAIL PROTECTED] Subject: RE: not quite sure... In the discussion of error correction, I think an error on my part has been missed. I was thinking about it and I wonder if this is entirely accurate: (concerning what happens after a frame is discarded on WAN link) "The end station will respond by acking the next packet it recieves with the appriopriate (lower numbered) sequence number (of the missed packet). The originating station will get this ack (with the lower sequence number) see that the end station is requesting a packet out of sequence and the originating station will begin it's next transmission with the data from that particular sequence number." Is this correct? Emphasis: end station. You are describing what TCP does. Routers typically are unconcerned with TCP. And again, not all applications need reliable links, so not all applications will have retransmission ANYWHERE in the path. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Firewall Issue
Can you point me in the right direction of where I can research the alternatives.. Regards, Kevin From: "Kenny Sallee" [EMAIL PROTECTED] To: "Kevin O'Gilvie" [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Pix Firewall Issue Date: Fri, 9 Feb 2001 08:23:24 -0800 Right now there is no Win2k client available from Cisco. There is a beta out of the Altiga 3000 client - which can work with the PIX as well. You may be able to call TAC and request a copy. Though if you are hiding behind PAT and terminating on a PIX you are still SOL. The alternative for win2k clients is PPTP with MPPE. Very simple to implement and is a hold over until the 2k client is available. You can either terminate on the PIX and use Funk software radius server ( cisco secure ACS doesn't support MPPE ), a local database created on the PIX, or put a beefy win2k server in a DMZ and pass the PPTP traffic to that server. It'll need to be dual homed and secure as much as possible. Good luck Kenny - Original Message - From: "Kevin O'Gilvie" [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, February 09, 2001 7:29 AM Subject: Re: Pix Firewall Issue Does anyone know of a vpn client for Windows 2000, I have Cisco Secure but it doesnt run on 2000, I need to implement a vpn solution for my company that will integrate with the PIX 515 that I just purchased.. Regards, Kevin From: "Kenny Sallee" [EMAIL PROTECTED] Reply-To: "Kenny Sallee" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Pix Firewall Issue Date: Wed, 7 Feb 2001 15:55:14 -0800 Actually it's not a good idea to do a 'conduit permit icmp any any'. If you want ping traffic to originate inside then do this: conduit permit icmp 208.184.23.0 255.255.255.0 any echoreply Think about the way ping works - your workstation sends an icmp echo - the end station sends an icmp echo-reply - which from the PIX standpoint is a new inbound packet ( cuz it's stateless ). Therefore - let the echo-reply in only. Not all ICMP messages. Kenny "Daniel Cotts" [EMAIL PROTECTED] wrote in message 303479FA060CD211B893F805A88AA10F4C@EXCHANGE1">news:303479FA060CD211B893F805A88AA10F4C@EXCHANGE1... You're not telling us from where you are pinging. From the PIX? From a host behind the Firewall? From a host outside the Firewall? Anyway this command is good to have in later versions if you want pings to traverse the PIX. conduit permit icmp any any You may also want to modify that command or eliminate it, if you want to enforce a stronger policy. http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v50/config/co n fig.htm#xtocid1091627 -Original Message- From: exchange [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 07, 2001 1:09 PM To: '[EMAIL PROTECTED]' Subject: Pix Firewall Issue Hi Gang, I have a Pix Firewall 520 and wondered if this was a feature or a configuration issue on my firwall. We have an entire class C address say 208.184.23.x to use for our network. We use the 192.168.1.x network for our internal network. I am having problems pinging a machine's Internet ip address say 208.184.23.11 which I noticed is statically mapped to it's internal address say 192.168.1.10 on the pix. For example, If I ping another box 208.184.23.12 and not statically mapped to a internal ip address on the pix, I get a response. Any help or hints would be greatly appreciated. Thanks! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: distribute list in EIGRP
But what about this situation? Assume two routers, A and B. Router A has an outgoing distribute list set to filter the routes seen by router B. Doing nothing else, if you remove the distribute list from A, how long will it be until Router B sees the previously filtered routes? Does it learn them at all? If not, why not? If yes, is there a way to speed up the process? If you do a Clear ip route * that will get the routes in faster! EIGRP just relearn it's neighbors/routes with out the effects of the distribute list. Karl -Original Message- From: Adam Wang [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 8:39 AM To: [EMAIL PROTECTED] Subject: distribute list in EIGRP Hi Group, A quick question. If a distribute list has be established in EIGRP for a while, and you remove the list. How long will it take for the new route to be discovered? And how EIGRP is acting in this case. Thanks in advance. Adam __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No Subject
Dear fellows, Currently I am getting started to prepare for ccnp and I bought prep library from Cisco Press for this purpose. As a matter of fact my real and deep concern right now is "practice" the various commands throughout this track. When i got my ccna, i attended ICND class, hands-on was very successful and i am very aware of dealing with switches and routers. Of course, now i am not attending any class but the hands-on still needed. At work, i am not authorized to work with those products since i was not the guy in-charge from beginning. Thought about buying router simulator software that fulfils the needful, BUT there aren't any dedicated for such thing as have been informed by specialized firms on Internet. I know that buying those stuff will solve the issue in the first place . but the truth that they are costly enough for me not being able to afford Please recommend me some solution deeply appreciate in advance your positive assistance Willie _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ATM PVC statistics via SNMP
Hello, I'm using PA-A3-OC3 card in 7200 w/ NSE-1 card and IOS 12.1(5)T1 and trying to get information about traffic amount through ATM VCs (from interface, named as "ATM0/0.xxx-aal5 layer"). There are two places in SNMP tree, where is this information is available - standart interfaces.* section and cAal5VccTable (from CISCO-AAL5-MIB). Values from both are same and quite incorrect - calculated traffic on FastEthernet0/0 is about 7Mbps, while this one, calculated on ATM subif, is about 300-500Kbps! In this test configuration all traffic, which came on ATM interface, goes out to FastEthernet, so I expect same values on both interfaces. Is it possible to get true values about traffic on ATM interface? Thank you. -- Vladimir Litovka [EMAIL PROTECTED] | "I've seen the future and it's . Phone/Fax: +380 44 4900111 | Cisco switches!" . ICQ/none, talk/none ;) |Cat Alyst _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Broadcast LMI Keepalives?
We have a circuit that is having pretty severe problems. No errors are being seen at the router serial interface, but we are experiencing about 50% packet loss (500 byte packets) incoming. I've just noticed something else that is odd. For each incoming LMI response, the number of received broadcasts increments. Serial0 is up, line protocol is up Hardware is HD64570 Description: 24.YBGA.xx MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 2/255 Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) LMI enq sent 235, LMI stat recvd 218, LMI upd recvd 0, DTE LMI up LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 1135/0, interface broadcasts 1018 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters 00:39:18 Input queue: 1/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/23/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 17000 bits/sec, 7 packets/sec 5 minute output rate 14000 bits/sec, 9 packets/sec 20505 packets input, 5242248 bytes, 0 no buffer Received 218 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 26000 packets output, 5145390 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Because some keepalives are being missed, does that cause the frame switch to change the way it sends them? I couldn't find any other example of LMI keepalives causing the broadcast counters to increase, and I checked this on interfaces using both Cisco and ANSI LMI. any ideas? thanks, John Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Tutorial--anyone know a good one?
Hello! I'm looking for a BGP tutorial. If anyone know one it will help a lot. Tks. Leonardo Silva _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: deleting of my loopback interface
no int loopback # -Original Message- From: suaveguru [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 4:38 AM To: [EMAIL PROTECTED] Subject: deleting of my loopback interface Sorry anyone knows how to delete a loopback interface if it is incorrectly created? regards, suaveguru __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Tutorial--anyone know a good one?
Leonardo Silva - Tecnologia wrote: I'm looking for a BGP tutorial. If anyone know one it will help a lot. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/icsbgp4.htm -- Vladimir Litovka [EMAIL PROTECTED] | "I've seen the future and it's . Phone/Fax: +380 44 4900111 | Cisco switches!" . ICQ/none, talk/none ;) |Cat Alyst _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Broadcast LMI Keepalives?
As for your CKT issues the router is dropping LMI packets. From just the output given below it looks like the local bell probably has a transmit issue from your site to the end carrier (ie WCOM). I suggest opening a tkt with your frame-relay provider to resolve the issue. As for your broadcast question I do not know the answer of the top of my head. Could luck with your Frame-Relay provider. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Friday, February 09, 2001 11:57 AM To: [EMAIL PROTECTED] Subject: Broadcast LMI Keepalives? We have a circuit that is having pretty severe problems. No errors are being seen at the router serial interface, but we are experiencing about 50% packet loss (500 byte packets) incoming. I've just noticed something else that is odd. For each incoming LMI response, the number of received broadcasts increments. Serial0 is up, line protocol is up Hardware is HD64570 Description: 24.YBGA.xx MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 2/255 Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) LMI enq sent 235, LMI stat recvd 218, LMI upd recvd 0, DTE LMI up LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 1135/0, interface broadcasts 1018 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters 00:39:18 Input queue: 1/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/23/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 17000 bits/sec, 7 packets/sec 5 minute output rate 14000 bits/sec, 9 packets/sec 20505 packets input, 5242248 bytes, 0 no buffer Received 218 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 26000 packets output, 5145390 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Because some keepalives are being missed, does that cause the frame switch to change the way it sends them? I couldn't find any other example of LMI keepalives causing the broadcast counters to increase, and I checked this on interfaces using both Cisco and ANSI LMI. any ideas? thanks, John Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Tutorial--anyone know a good one?
There is a good Power Point presentation in two parts in the Presentations section on the DFW Cisco Users Group web site : http://www.cisco-users.org/previous_meetings.htm HTH, Casey Fahey, CCNP, MCSE Hello! I'm looking for a BGP tutorial. If anyone know one it will help a lot. Tks. Leonardo Silva _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP Tutorial--anyone know a good one?
http://joe.lindsay.net/bgp.html There is a Tutorial link half way down the page that presents a slide show tutorial. I've also found this link to be good. http://www.netaxs.com/~freedman/bgp/bgp.html In addition, Cisco's site has a ton of info. Here's a few links. http://www.cisco.com/warp/public/459/14.html http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c /ipcprt2/1cdbgp.htm http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/icsbgp4.htm Best Regards, --Mike -Original Message- From: Leonardo Silva - Tecnologia [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 9:03 AM To: [EMAIL PROTECTED] Subject: BGP Tutorial--anyone know a good one? Hello! I'm looking for a BGP tutorial. If anyone know one it will help a lot. Tks. Leonardo Silva _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:
Try this link, it might be one option: http://www.routersim.com/commerce/Pricing_SwitchSim.htm It doesn't appear that they have router modules for CCNP yet. Regards, John Dear fellows, Currently I am getting started to prepare for ccnp and I bought prep library from Cisco Press for this purpose. As a matter of fact my real and deep concern right now is "practice" the various commands throughout this track. When i got my ccna, i attended ICND class, hands-on was very successful and i am very aware of dealing with switches and routers. Of course, now i am not attending any class but the hands-on still needed. At work, i am not authorized to work with those products since i was not the guy in-charge from beginning. Thought about buying router simulator software that fulfils the needful, BUT there aren't any dedicated for such thing as have been informed by specialized firms on Internet. I know that buying those stuff will solve the issue in the first place . but the truth that they are costly enough for me not being able to afford Please recommend me some solution deeply appreciate in advance your positive assistance Willie _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Silly Question!
Do you know that the letters in "IOS" stand for? (Like in Cisco IOS 12.0) Pierre-Alex -Original Message- From: Dale Cunningham [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 7:29 AM To: [EMAIL PROTECTED] Subject: Fwd: failure notice Pierre This came back into my mailbox this morning. Dale - Forwarded Message - DATE: 5 Feb 2001 11:27:55 - From: MAILER-DAEMON To: [EMAIL PROTECTED] Hi. This is the mailer-daemon. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: CNAME lookup failed temporarily. (#4.4.3) I'm not going to try again; this message has been in the queue too long. --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: from Unknown/Local ([?.?.?.?]) by mailcity.com; Fri Feb 2 20:37:25 2001 To: "Pierre-Alex" [EMAIL PROTECTED] Date: Fri, 02 Feb 2001 22:37:25 -0600 From: "Dale Cunningham" [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 X-Sent-Mail: off Reply-To: [EMAIL PROTECTED] X-Mailer: MailCity Service Subject: Re: X-Sender-Ip: 208.50.127.100 Organization: Lycos Mail (http://mail.lycos.com:80) Content-Type: text/plain; charset=us-ascii Content-Language: en Content-Length: 880 Content-Transfer-Encoding: 7bit Pierre I think what they are trying to say is that by using vlsms you are getting as much efficiency as possible out of the addressing scheme (using a .252 for instance) so that using multipoint does not gain you anything. After all, you still have to have a seperate address within the subnet for each circuit. A .248 has six useable hosts, using multipoint with it would not gain you much. I would prefer to use point-to-point and use a /30 mask. Dale -- On Fri, 2 Feb 2001 09:27:47 Pierre-Alex wrote: On page 14-28 (ICND) It says: "Multipoint may not save you addresses if you are using VLSMs" What is the rational behind this statement. I would think that using a long subnet mask (i.e. 255.255.255.248 ) would not waste any ip address! Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html - End Forwarded Message - Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Hi
Hi Group, Please provide me with CCNP study links.=20 Thanks in advance. Naveen _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:
Dear fellows, Currently I am getting started to prepare for ccnp and I bought prep library from Cisco Press for this purpose. As a matter of fact my real and deep concern right now is "practice" the various commands throughout this track. When i got my ccna, i attended ICND class, hands-on was very successful and i am very aware of dealing with switches and routers. Of course, now i am not attending any class but the hands-on still needed. At work, i am not authorized to work with those products since i was not the guy in-charge from beginning. Thought about buying router simulator software that fulfils the needful, BUT there aren't any dedicated for such thing as have been informed by specialized firms on Internet. I know that buying those stuff will solve the issue in the first place . but the truth that they are costly enough for me not being able to afford Is there any chance your management might permit you to have user-level access to the equipment at work? While most people think in terms of configuring scenarios, there's still a lot of information you can get simply from displays -- and you will also get hands-on experience in using the CLI. Router simulators, in my opinion, are either impractical or are no more than pre-scripted computer assisted instruction. Remotely accessed labs are an option. I know I could look up the TLD, but are you in Qatar? -- "What Problem are you trying to solve?" ***send Cisco questions to the list, so all can benefit -- not directly to me*** Howard C. Berkowitz [EMAIL PROTECTED] Technical Director, CertificationZone.com Senior Mgr. IP Protocols Algorithms, Core Networks Advanced Technology, NortelNetworks (for ID only) but Cisco stockholder! "retired" Certified Cisco Systems Instructor (CID) #93005 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Silly Question!
It stands for "Internetwork Operating System" A little blurb from Cisco's web site: http://www.cisco.com/warp/public/732/ciscoios.html - raj ""Pierre-Alex"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Do you know that the letters in "IOS" stand for? (Like in Cisco IOS 12.0) Pierre-Alex -Original Message- From: Dale Cunningham [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 7:29 AM To: [EMAIL PROTECTED] Subject: Fwd: failure notice Pierre This came back into my mailbox this morning. Dale - Forwarded Message - DATE: 5 Feb 2001 11:27:55 - From: MAILER-DAEMON To: [EMAIL PROTECTED] Hi. This is the mailer-daemon. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: CNAME lookup failed temporarily. (#4.4.3) I'm not going to try again; this message has been in the queue too long. --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: from Unknown/Local ([?.?.?.?]) by mailcity.com; Fri Feb 2 20:37:25 2001 To: "Pierre-Alex" [EMAIL PROTECTED] Date: Fri, 02 Feb 2001 22:37:25 -0600 From: "Dale Cunningham" [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 X-Sent-Mail: off Reply-To: [EMAIL PROTECTED] X-Mailer: MailCity Service Subject: Re: X-Sender-Ip: 208.50.127.100 Organization: Lycos Mail (http://mail.lycos.com:80) Content-Type: text/plain; charset=us-ascii Content-Language: en Content-Length: 880 Content-Transfer-Encoding: 7bit Pierre I think what they are trying to say is that by using vlsms you are getting as much efficiency as possible out of the addressing scheme (using a .252 for instance) so that using multipoint does not gain you anything. After all, you still have to have a seperate address within the subnet for each circuit. A .248 has six useable hosts, using multipoint with it would not gain you much. I would prefer to use point-to-point and use a /30 mask. Dale -- On Fri, 2 Feb 2001 09:27:47 Pierre-Alex wrote: On page 14-28 (ICND) It says: "Multipoint may not save you addresses if you are using VLSMs" What is the rational behind this statement. I would think that using a long subnet mask (i.e. 255.255.255.248 ) would not waste any ip address! Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html - End Forwarded Message - Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Tutorial--anyone know a good one?
Try Avi Freedman's: BGP 101 http://www.freedman.net/bigbgp.ppt and BGP 102 http://www.freedman.net/bgp102.ppt tutorials. Also you should look into the Internet Routing Architectures 2nd edition, by Sam Halabi. http://www.amazon.com/exec/obidos/ASIN/157870233X/qid=981739964/sr=1-1/ref=s c_b_1/107-3760323-1100541 - raj "Leonardo Silva - Tecnologia" [EMAIL PROTECTED] wrote in message F7E7BC12B620D4119FA300C00D009BA0025C1AE8@EXCHANGESVRSAO">news:F7E7BC12B620D4119FA300C00D009BA0025C1AE8@EXCHANGESVRSAO... Hello! I'm looking for a BGP tutorial. If anyone know one it will help a lot. Tks. Leonardo Silva _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Campus Networks
Can anyone recommend a substitute for Designing Campus Networks by Terri Quinn-Andry Not for CCDA/CCDP, but if those are suitable/comparable references I'm willing to check them out. Something I can send to a "sales" type of person would be great. TIA, ~ak. __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Silly Question!
IOS = Internetwork Operating System -Original Message- From: Pierre-Alex [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 11:27 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Silly Question! Do you know that the letters in "IOS" stand for? (Like in Cisco IOS 12.0) Pierre-Alex -Original Message- From: Dale Cunningham [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 7:29 AM To: [EMAIL PROTECTED] Subject: Fwd: failure notice Pierre This came back into my mailbox this morning. Dale - Forwarded Message - DATE: 5 Feb 2001 11:27:55 - From: MAILER-DAEMON To: [EMAIL PROTECTED] Hi. This is the mailer-daemon. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: CNAME lookup failed temporarily. (#4.4.3) I'm not going to try again; this message has been in the queue too long. --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: from Unknown/Local ([?.?.?.?]) by mailcity.com; Fri Feb 2 20:37:25 2001 To: "Pierre-Alex" [EMAIL PROTECTED] Date: Fri, 02 Feb 2001 22:37:25 -0600 From: "Dale Cunningham" [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 X-Sent-Mail: off Reply-To: [EMAIL PROTECTED] X-Mailer: MailCity Service Subject: Re: X-Sender-Ip: 208.50.127.100 Organization: Lycos Mail (http://mail.lycos.com:80) Content-Type: text/plain; charset=us-ascii Content-Language: en Content-Length: 880 Content-Transfer-Encoding: 7bit Pierre I think what they are trying to say is that by using vlsms you are getting as much efficiency as possible out of the addressing scheme (using a .252 for instance) so that using multipoint does not gain you anything. After all, you still have to have a seperate address within the subnet for each circuit. A .248 has six useable hosts, using multipoint with it would not gain you much. I would prefer to use point-to-point and use a /30 mask. Dale -- On Fri, 2 Feb 2001 09:27:47 Pierre-Alex wrote: On page 14-28 (ICND) It says: "Multipoint may not save you addresses if you are using VLSMs" What is the rational behind this statement. I would think that using a long subnet mask (i.e. 255.255.255.248 ) would not waste any ip address! Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html - End Forwarded Message - Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
question re: selling a 2524
Hi, I am looking to sell a Cisco 2524 router with a FT1/T1 csu/dsu (can include an extra FT1/T1 if needed). I got this box as part of a package deal and do not need it. What price should I expect to get out of it? Thanks, Francis _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Prioirty Queuing Numbers
I have been playing with priority queuing today and noticed something that I thought was odd. I setup a very basic queue with the following commands. access-list 150 permit tcp any any eq lpd priority-list 1 protocol ip low list 150 then on the serial interface interface Serial0/0 priority-group 1 All seems well. I sent a printout to a print using lpd/lpr and all seemed well. I executed the command below to check my queue numbers: ROUTER#sh queueing interface s0/0 Interface Serial0/0 queueing strategy: priority Output queue utilization (queue/count) high/3564 medium/0 normal/1684 low/6 Considering I only defined a queue for low, why would the high count be so large? It could be normal as I am just playing with it for the first time but these seems out of place to me. Thanks Tim _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CSU/DSU question
I have an old csu/dsu (rad fcd 1 ) conected to a 7500 router. we use this T1 to enable two of our sites to communicate point to point (all is working at the moment). However I am trying to implement that same connection with a 2610 with a built in csu/dsu. Originally I configure the Controller on the 2610 to use ESF framing , B8ZS and PPP encapsulation. This router was in operation before , being used as an Internet router so I know the HW is good. Hower when i connected the 2610 with the new config (wiped out old onfig when used for internet) to the TI (provided by PAC BELL) being use on the 7500 I got some weird results. serial x (reset) , line prot down Then I changed the encapsultion to HDLC ,that got rid of the reset , and changed the framing to SF . When I changed to framing , i got se up, line prot up , then few seconds later i did a sh int and saw the up , down. I tested my controller to make sure HW is ok by connecting it to one of the T1'S providing internet access. It worked fine , off course I had to change to esf, b8zs and ppp. Is it the telco who prvides us what we should use as framing, linecode and encapsulation? or does it depend on the csu/dsu being used. ??? Mo Durrani IST WYSE\EDS phone:408-473 1246 [EMAIL PROTECTED] [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS firewall feature set
Hi to all I would like to know how to activate a IOS firewall on 2600. The router is running IOS 12.0 T3 (c2600-i-mz.120-3.T3) with 8 meg flash and 24576K/8192K bytes of memory. Do I need to buy a separate software or there is an activation key. Thanks in advance for your help. --- Moe Kazemian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: simple BW question
Pat- In the US, you have upto 53300 upsteam, and 38400 downstream, due to FCC/Telco mandated signal interference limitations. This refers to the v.90 standard implementation only, with an analog local loop and a digital PRI at the remote. ( As most ISP's are configured. ) Keith Merrill Nasdaq Network Engineering [EMAIL PROTECTED] -- From: pat[SMTP:[EMAIL PROTECTED]] Reply To: pat Sent: Friday, February 09, 2001 11:32 AM To: [EMAIL PROTECTED] Subject: simple BW question Everryone: If I have a 56K modem does that mean I have 56k upstrem BW 56 K down stream BW or I have total of 5k BW. The reason I am asking is I have 1MB BW from ISP. The ISP feed comes into Firewall. most of traffic is downstream that is traffic is going inside the company, as everybody uses internet download mails. Now if I have remote VPN users who connect to their ISP then establish VPN seession with the VPN server sitting behind firewall. They access internal windows network mostly to download files from shared folder. This traffic is mostly outbound. Does the VPN users get full 1MB BW for outgoing traffic OR is 1MB is shared by both internal external users. Can somebody give some clarifications? thanks in advance. __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP books
At 05:09 AM 2/9/01, Hunt Lee wrote: Hi Priscilla, I passed my CCDA yesterday. I got 854 out of 1000. Thanks so much for all your help and support. You're welcome. Do you know what is the difference between the CCNP Certification Library and CCNP Preparation Library? Which is better to use for studying the CCNP exams? CCNP Certification Library: CCNP Routing Exam Certification Guide CCNP Switching Exam Certification Guide CCNP Remote Access Exam Certification Guide CCNP Support Exam Certification Guide The certification guides are intended for somebody who already knows the material somewhat. They are especially helpful for review purposes as you get close to taking the exam. I used the older ACRC Exam Certification Guide by Clare Gough and it was very good (though it had some OSPF mistakes.) CCNP Preparation Library: Building Scalable Cisco Networks Building Cisco Multilayer Switched Networks Building Cisco Remote Access Networks Cisco Internetwork Troubleshooting These books are the actual course materials ported to book format. Since the tests are based on the courses, you can't go wrong with these books (in most cases). I used the Remote Access book, edited by Catherine Pacquet, and thought it was excellent. The CIT book, edited by Dan Farkas and Laura Chappell, is also very good. Good luck! I'm going to send this to the whole group in case others are wondering too. I hope you figured out that weird supernetting question from a few days ago. ;-) Priscilla Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Wants to buy !
Hi All, I thought I would make an offer to the group before I went search on E-bay. I need a Catalyst 1912-EN or Catalyst 1924-EN switch. Do you have one to sell? I would like the item shipped overnight this afternoon. So please make a quick bid.. Pierre-Alex I think there is something like an upgrade for the Catalyst 1900 Standard . If you know that it can Upgrade the switch to full Enterprise functionality and you have an upgrade pack I can also buy this from you. Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSU/DSU question
For data over T-1, you should use ESF/B8ZS, not SF/AMI. Assuming this is a clear channel T-1, the datalink protocol is up to you. If you have Cisco routers on each side, either HDLC or PPP would be good choices. If any of the routers are not Cisco, use PPP. Have you configured your serial controller correctly, making sure it is using the correct timeslots? Perhaps you should post the relevant portions of your config so we can troubleshoot further. Regards, John I have an old csu/dsu (rad fcd 1 ) conected to a 7500 router. we use this T1 to enable two of our sites to communicate point to point (all is working at the moment). However I am trying to implement that same connection with a 2610 with a built in csu/dsu. Originally I configure the Controller on the 2610 to use ESF framing , B8ZS and PPP encapsulation. This router was in operation before , being used as an Internet router so I know the HW is good. Hower when i connected the 2610 with the new config (wiped out old onfig when used for internet) to the TI (provided by PAC BELL) being use on the 7500 I got some weird results. serial x (reset) , line prot down Then I changed the encapsultion to HDLC ,that got rid of the reset , and changed the framing to SF . When I changed to framing , i got se up, line prot up , then few seconds later i did a sh int and saw the up , down. I tested my controller to make sure HW is ok by connecting it to one of the T1'S providing internet access. It worked fine , off course I had to change to esf, b8zs and ppp. Is it the telco who prvides us what we should use as framing, linecode and encapsulation? or does it depend on the csu/dsu being used. ??? Mo Durrani IST WYSE\EDS phone:408-473 1246 [EMAIL PROTECTED] [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: passed CCIE written with a little extra stress
It happened to me as well, back at Networkers. However they just ALT-CTRL-DEL'ed the machine and it came back with my half test to complete. I'd already passed away on the of the keyboard, and so couldn't finish it :-) just kidding, I did pass, and boy I'm happy! Frank. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CSU/DSU question
Telco dictates the circuits parameters.. The encapsulation however for a T1 can be decided by you... unless it is frame-relay or X.25 or some type of data link layer communications needs to happen to telco's switches. The normal settings these days is ESF / B8ZS for a T1. When you changed the framing to SF the line and protocol would go to up until the router realized it wasn't seeing the "keepalives" from the switch then it would switch it to down. If this is a new installation of the T1 you might want to make sure the T1 is turned up... I'm not positive what turned up means but I think its just telco's way of not activating the circuit until you call them and tell them your ready to be billed for it. Cory -Original Message- From: Moahzam Durrani [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 1:10 PM To: [EMAIL PROTECTED] Subject: CSU/DSU question I have an old csu/dsu (rad fcd 1 ) conected to a 7500 router. we use this T1 to enable two of our sites to communicate point to point (all is working at the moment). However I am trying to implement that same connection with a 2610 with a built in csu/dsu. Originally I configure the Controller on the 2610 to use ESF framing , B8ZS and PPP encapsulation. This router was in operation before , being used as an Internet router so I know the HW is good. Hower when i connected the 2610 with the new config (wiped out old onfig when used for internet) to the TI (provided by PAC BELL) being use on the 7500 I got some weird results. serial x (reset) , line prot down Then I changed the encapsultion to HDLC ,that got rid of the reset , and changed the framing to SF . When I changed to framing , i got se up, line prot up , then few seconds later i did a sh int and saw the up , down. I tested my controller to make sure HW is ok by connecting it to one of the T1'S providing internet access. It worked fine , off course I had to change to esf, b8zs and ppp. Is it the telco who prvides us what we should use as framing, linecode and encapsulation? or does it depend on the csu/dsu being used. ??? Mo Durrani IST WYSE\EDS phone:408-473 1246 [EMAIL PROTECTED] [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Silly Question!
This is a great URL. Thanks! Pierre-Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Raj Singh Sent: Friday, February 09, 2001 11:33 AM To: [EMAIL PROTECTED] Subject: Re: Silly Question! It stands for "Internetwork Operating System" A little blurb from Cisco's web site: http://www.cisco.com/warp/public/732/ciscoios.html - raj ""Pierre-Alex"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Do you know that the letters in "IOS" stand for? (Like in Cisco IOS 12.0) Pierre-Alex -Original Message- From: Dale Cunningham [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 7:29 AM To: [EMAIL PROTECTED] Subject: Fwd: failure notice Pierre This came back into my mailbox this morning. Dale - Forwarded Message - DATE: 5 Feb 2001 11:27:55 - From: MAILER-DAEMON To: [EMAIL PROTECTED] Hi. This is the mailer-daemon. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: CNAME lookup failed temporarily. (#4.4.3) I'm not going to try again; this message has been in the queue too long. --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: from Unknown/Local ([?.?.?.?]) by mailcity.com; Fri Feb 2 20:37:25 2001 To: "Pierre-Alex" [EMAIL PROTECTED] Date: Fri, 02 Feb 2001 22:37:25 -0600 From: "Dale Cunningham" [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 X-Sent-Mail: off Reply-To: [EMAIL PROTECTED] X-Mailer: MailCity Service Subject: Re: X-Sender-Ip: 208.50.127.100 Organization: Lycos Mail (http://mail.lycos.com:80) Content-Type: text/plain; charset=us-ascii Content-Language: en Content-Length: 880 Content-Transfer-Encoding: 7bit Pierre I think what they are trying to say is that by using vlsms you are getting as much efficiency as possible out of the addressing scheme (using a .252 for instance) so that using multipoint does not gain you anything. After all, you still have to have a seperate address within the subnet for each circuit. A .248 has six useable hosts, using multipoint with it would not gain you much. I would prefer to use point-to-point and use a /30 mask. Dale -- On Fri, 2 Feb 2001 09:27:47 Pierre-Alex wrote: On page 14-28 (ICND) It says: "Multipoint may not save you addresses if you are using VLSMs" What is the rational behind this statement. I would think that using a long subnet mask (i.e. 255.255.255.248 ) would not waste any ip address! Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html - End Forwarded Message - Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
loadbalancing with NIC's
We are planning to connect a server with a single NIC that supports faultolerance , redudndancy and load balancing. How does a C6509 treat a Nic that is connected to two of its ports (same vlans) Mo Durrani IST WYSE\EDS phone:408-473 1246 [EMAIL PROTECTED] [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Upload 12.1(2.5)
Regarding that particular image, I just ran across this blurb on CCO: snip Be extremely cautious with any release that has a number following the maintenance release number inside the parentheses (y)---for example, the .5 in parentheses in the version number 10.2(3.5). These numbers indicate that this version of software is an interim build. Interim builds are unit tested, but have not been fully regression tested and should be used only for short-term, urgent point-fix situations until the next maintenance release is available. snip So, as I thought, that may not be the best image to put on that router. :-) - Original Message - From: "John Neiberger" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: February 09, 2001 9:55 AM Subject: Re: IOS Upload I believe that you can configure the 2611 to be a tftp server (using the global config mode 'tftp-server' command) but I've never tried it. If you can get that to work, connect the two routers directly together with a crossover cable or connect them both to a switch or hub. This will help eliminate any other potential difficulties. By far, the fastest method is tftp. From ROM Monitor mode, you can do a transfer over the console port using xmodem. If you're going to go this route, use the confreg command to raise the speed of the console port, and then use Xmodem-1K, not regular Xmodem, which is way too slow. Using this method, it's still going to take an hour or two, IIRC. It's not a speedy method, but it works. I should warn you that there are some 2610 and 2611 images out there that will NOT work on a 2620. Make sure you have an image that will actually run on this model. The one running on that 2611 may not even work. I've done this before, and it took me a while to figure out why none of my interfaces were showing up. :-) Speaking of images, where did you get that one? I couldn't find it on CCO, and that worries me. Regards, John Hi John, Thanks for the help, The router that is giving me this problem is a 2621, I also have a 2611 is it possible for me to tftp the flash from the 2611 onto my tftp server and then try and load that onto the 2621 or is that simply not possible. Sorry, probably a very novice question, but if I cant do that, what is the quickest and easiest way for me to get a different flash that I could try loading onto the router ? One more question :) ... Is it possible to sent a binary image to the router via the console cable ? If so does it need to be in another format or can you simple use something like xmodem to send the same binary image to the device ? Thanks Warrick FitzGerald LiveTechnology International Inc. "John Neiberger" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My first concern is that I have no idea what that image is. I searched CCO for that image name and couldn't find it, not in the IOS upgrade planner or the Feature Navigator. The only close one I could find was 12.1(2), not 2.5, and it was about 200k bigger than the file you mention. Do you have that image running on another router? If not, try loading a different image. That one spooks me. g Perhaps something is wrong with flash, so another option is to replace the flash and see if that helps. Another option is to use the -r option for tftpdnld which will load the image directly to DRAM instead of to flash. If that works, then you know your flash is hosed. I hate to even mention it, but make sure your basic networking setup is correct (addresses, masks, cables, etc.) That goes without saying, but I'll say it anyway. :-) Good luck! John Hi, When I tried to upload my IOS image to the my 2600 router it failed. When the router rebooted it kicked into Rommon mode with an error message that reads "boot: cannot determine first file name on device "flash:"". There is a command in rommon mode called "tftpdnld" which I run once I have set all my parameters, this is surposed to fetch the image of my tftp server. I see it connect to my TFTP server but after a second or two it times out and I dont get the image. If anyone knows why the image does not download, pls help. Filename = c2600-io3s56i-mz.121-2.5 File Size = 8,071 KB Thanks Warrick FitzGerald LiveTechnology International Inc. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Find the
Re: CSU/DSU question
Is it the telco who prvides us what we should use as framing, linecode and encapsulation? or does it depend on the csu/dsu being used. ??? Telco configures the line for the proper coding. ESF/B8ZS is the most common, however SF/AMI is still around. A local carrier here normally provisions their lines (across town for example) for SF/AMI unless the customer requests otherwise. PPP vs. HDLC refers to the line encapsulation, or what the routers use to communicate. This is independent of the line coding (ESF/B8ZS). If you are talking Cisco to Cisco equipment use HDLC.If you are talking Cisco to something else, PPP is the way to go since Cisco's HDLC is a proprietary implementation. (PPP is common when talking to ISP's. Even if they have Cisco gear because it makes PPP their standard). Ed _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: T1 Link
Yup, SLARP is pretty cool. It's one good reason to use HDLC. It makes
configuration so easy. Also, the students will love saying SLARP. I'm
helping out with the academy at our local high school, as I've mentioned
before. Those students will love saying SLARP, over and over and over again.
Lately, they have taken to giving me a hard time about "Sniffer." They
snicker every time I say it. It's kind of embarrassing, to be honest. I
want them to take it seriously. It's all boys, so I'm worried that Sniffer
means something dirty. Sigh.
I'm having a hard time, in general, teaching networking to kids who don't
really love it and don't have to know it for their jobs. I got spoiled,
teaching classes to people who had paid money to be there and needed the
info to survive on the job. I'm sure it's quite different at a community
college, but you probably get some young people too. Any advice?? Thanks!
Talk to you later!
Priscilla
At 06:38 PM 2/8/01, Tom Lisa wrote:
WOW!! Great stuff, especially the SLARP info! I think I'll save this for
when we
start teaching CCNP level courses. It would frighten my CCNA students.
BTW, for all Las Vegas area members, the Community College will be
offering the
BSCN course in the Fall Semester. It will be offered at both the Cheyenne and
Henderson campuses. Email me directly if you would like more info.
Tom Lisa, Instructor, CCNA, CCAI
Community College of Southern Nevada
Cisco Regional Networking Academy
Priscilla Oppenheimer wrote:
At 03:09 PM 2/8/01, Tom Lisa wrote:
Priscilla,
In the Cisco Networking Academy (Sem4) curriculum, significantly more time
is spent on
PPP operation configuration than Cisco's HDLC.
That's just because you can say something useful about PPP. It's great for
instructors. They can show off how much they have learned about PAP and
CHAP. ;-)
What can you say about Cisco HDLC? Not much, though here are some comments
on Cisco HDLC, since it is being talked about so much today:
cisco's default encapsulation on synchronous serial lines uses HDLC
framing,
with packet contents defined as follows:
The first ("address") octet is set to 0x0F for unicast packets and 0x8F
for broadcast packets. Broadcast just means that the higher-level protocol
thought this was a broadcast packet; cisco doesn't support multidrop
HDLC at this time.
The second ("control") octet is always 0.
The next two octets are a 16-bit protocol code, sent
most-significant-first.
These codes are usually Ethernet type codes. cisco has added some codes to
support packet types that don't appear on Ethernets. The current list
of codes
is as follows:
TYPE_PUP0x0200 PUP
TYPE_XNS0x0600 XNS
TYPE_IP10MB 0x0800 IP
TYPE_CHAOS 0x0804 Chaos
TYPE_IEEE_SPANNING 0x4242 DSAP/SSAP for IEEE bridge spanning
prot.
TYPE_DECNET 0x6003 DECnet phase IV
TYPE_BRIDGE 0x6558 Bridged Ethernet/802.3 packet
TYPE_APOLLO 0x8019 Apollo domain
TYPE_REVERSE_ARP0x8035 cisco SLARP (not real reverse
ARP!)
TYPE_DEC_SPANNING 0x8038 DEC bridge spanning tree protocol
TYPE_ETHERTALK 0x809b Apple EtherTalk
TYPE_AARP 0x80f3 Appletalk ARP
TYPE_NOVELL10x8137 Novell IPX
TYPE_CLNS 0xFEFE ISO CLNP/ISO ES-IS DSAP/SSAP
This list is shared between serial and Ethernet encapsulations. Not all
these codes will necessarily appear on serial lines. This list will
probably
be extended as cisco adds support for more protocols.
Bytes after this are higher-level protocol data. These normally look the
same as they'd look on Ethernet. Bridging packets include Ethernet/802.3
MAC headers; no other packets do.
Packets with type 8035 (reverse ARP) don't contain reverse ARP data as
they would on an Ethernet. Instead, they carry a protocol cisco refers to
as SLARP. SLARP has two functions: dynamic IP address determination and
serial line keepalive.
The serial line model supported by SLARP assumes that each serial line is
a separate IP subnet, and that one end of the line is host number 1, while
the other end is host number 2. The SLARP address resolution protocol
allows
system A to request that system B tell system A system B's IP address,
along with the IP netmask to be used on the network. It does this by
sending
a SLARP address resolution request packet, to which system B responds
with a
SLARP address resolution reply packet. System A then attempts to
determine its
own IP address based on the address of system B. If the host portion of
system
B's address is 1, system A will use 2 for the host portion of its own IP
address. Conversely, if system B's IP host number is 2, system A will
use IP
Re: T1 Link
Sorry, I should have given credit for the info about HDLC. I got it from somewhere on Cisco's site, but I can't find it again. I've had it for a while. It's been posted to this list a few times before by Howard and others. Maybe I got it from Howard. You'll note that is uses "cisco" instead of "Cisco." That shows how old it is. Cisco used to go by "cisco." Too bad, I can't claim to have written it all myself! ;-) Priscilla At 11:18 PM 2/8/01, [EMAIL PROTECTED] wrote: Pricilla, please tell me that you pasted that from a file you had. I'd hate to think you spent 3 hours typing that out. Wow, that's actually the longest post I've seen in the year I've been on. =o) Mark Z. In a message dated 2/8/01 8:46:12 PM Eastern Standard Time, [EMAIL PROTECTED] writes: That's just because you can say something useful about PPP. It's great for instructors. They can show off how much they have learned about PAP and CHAP. ;-) What can you say about Cisco HDLC? Not much, though here are some comments on Cisco HDLC, since it is being talked about so much today: :::SNIP:: Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No Subject
I have just come across. NT Server 2000, NT Server 4.0, 2 Catalyst 2900xl switches, A cisco 2610 router with BRI interface,T1 interface, A 1610 router w/ 56k interface, an old HUGHES Lansystem Hub with 24 ports available, 1 Remote Bridge Module and a Fiber Module I have Fluke Lanmeter and Associated software.. to begin protocol sniffing. What i need.. is for someone to refer a / various lab setup diagrams that i can use to really gain experience in the setup and troubleshooting. various labs diagrams will be greatly appreciated.. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
protocol detects errors
At 11:31 PM 2/8/01, Jeremy Dumoit wrote: I think I'm unclear on some of the protocols here... for what purpose would a protocol detect errors, but not correct them? A protocol detects errors so it can throw a bad frame out rather than pass it to the next layer up. Most data-link-layer protocols have a CRC that does error detection. The sender adds up all the bits and does some bizarre calculation on them. The sender places the result in the CRC field of the frame. The receiver does the exact same algorithm. If the result is different than the CRC in the frame, the recipient throws out the frame. IP also has a checksum. If the frame arrives OK but gets damaged before IP gets it, then IP throws it out. How could that happen, you may wonder? Software bugs, memory overflows, other bad things like that. TCP also has a similar checksum for the same sorts of reasons. Hope that helps. There's no such thing as a dumb question. Seriously. No matter what you ask to this group, there will be lots of useful answers (and some not so useful answers. ;-) Priscilla _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
telnet access to pix
Hey guys, I got eth0= security0 and eth1=security100. I'm able to telnet from the inside network. Is there any way for me to telnet from the outside? Pix has disabled this by default. -Frank _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: not quite sure...
In the discussion of error correction, I think an error on my part has been missed. I was thinking about it and I wonder if this is entirely accurate: (concerning what happens after a frame is discarded on WAN link) "The end station will respond by acking the next packet it recieves with the appriopriate (lower numbered) sequence number (of the missed packet). The originating station will get this ack (with the lower sequence number) see that the end station is requesting a packet out of sequence and the originating station will begin it's next transmission with the data from that particular sequence number." Is this correct? That sounds right, except keep in mind that TCP sequences and acknowledges bytes, not packets. From watching TCP sessions with a Sniffer, I have noticed that when bytes arrive out of order and there's a hole, the recipient's ACK number is the number of the first byte of the hole. The sender uses a Positive Acknowledgement with Retransmission (PAR) mechanism. The sender also uses a sliding window. How much the window can slide forward depends on which bytes have been acknowledged and the size of the recipient's receive window. If bytes gets lost (due to a dropped packet at a router, for example), the sender resends everything from the start of the loss. I'm not saying this very well, but there are many good books on TCP. Be sure to read Comer, for one thing. It sounds like you have it down quite well already, actually. Also, check out the real-world behavior with a Sniffer. Implementations are sometimes different than what the spec says. Priscilla Emphasis: end station. You are describing what TCP does. Routers typically are unconcerned with TCP. And again, not all applications need reliable links, so not all applications will have retransmission ANYWHERE in the path. Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Silly Question!
Pierre, If you want to pick up more details on IOS, you might want to check out the Inside Cisco IOS Software Architecture book by Cisco Press. http://www.amazon.com/exec/obidos/ASIN/1578701813/o/qid=981751557/sr=8-1/ref =aps_sr_b_1_1/107-3760323-1100541 - raj -- ""Pierre-Alex"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... This is a great URL. Thanks! Pierre-Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Raj Singh Sent: Friday, February 09, 2001 11:33 AM To: [EMAIL PROTECTED] Subject: Re: Silly Question! It stands for "Internetwork Operating System" A little blurb from Cisco's web site: http://www.cisco.com/warp/public/732/ciscoios.html - raj ""Pierre-Alex"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Do you know that the letters in "IOS" stand for? (Like in Cisco IOS 12.0) Pierre-Alex -Original Message- From: Dale Cunningham [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 7:29 AM To: [EMAIL PROTECTED] Subject: Fwd: failure notice Pierre This came back into my mailbox this morning. Dale - Forwarded Message - DATE: 5 Feb 2001 11:27:55 - From: MAILER-DAEMON To: [EMAIL PROTECTED] Hi. This is the mailer-daemon. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: CNAME lookup failed temporarily. (#4.4.3) I'm not going to try again; this message has been in the queue too long. --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: from Unknown/Local ([?.?.?.?]) by mailcity.com; Fri Feb 2 20:37:25 2001 To: "Pierre-Alex" [EMAIL PROTECTED] Date: Fri, 02 Feb 2001 22:37:25 -0600 From: "Dale Cunningham" [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 X-Sent-Mail: off Reply-To: [EMAIL PROTECTED] X-Mailer: MailCity Service Subject: Re: X-Sender-Ip: 208.50.127.100 Organization: Lycos Mail (http://mail.lycos.com:80) Content-Type: text/plain; charset=us-ascii Content-Language: en Content-Length: 880 Content-Transfer-Encoding: 7bit Pierre I think what they are trying to say is that by using vlsms you are getting as much efficiency as possible out of the addressing scheme (using a .252 for instance) so that using multipoint does not gain you anything. After all, you still have to have a seperate address within the subnet for each circuit. A .248 has six useable hosts, using multipoint with it would not gain you much. I would prefer to use point-to-point and use a /30 mask. Dale -- On Fri, 2 Feb 2001 09:27:47 Pierre-Alex wrote: On page 14-28 (ICND) It says: "Multipoint may not save you addresses if you are using VLSMs" What is the rational behind this statement. I would think that using a long subnet mask (i.e. 255.255.255.248 ) would not waste any ip address! Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html - End Forwarded Message - Get your small business started at Lycos Small Business at http://www.lycos.com/business/mail.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cisco ios
Hello, I'm in the process of building a lab. I have 2 2501's and 2 2503's and a 3600. The 3600 has the 12.0 ios. The 2500's have a mixture of 11.0, 11.2 and 11.3. I'd like to have them all the same. (Should I have them the same?). My problem is that I do not have sufficient memory to load the 12.0 ios (enterprise plus) on the 2500's. What other 12.0 version of ios would give me the needed functionality for a lab environment. This is the link I was choosing from http://www.cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/iosplanner.cgi ?get_crypto=data_from=hardware_name=2501-2525software_name=release_name= majorRel=12.0state=:HW TIA Robert M. Lopez Network Planning Ann Arbor Data Center Pfizer Global Research Development Phone 734-622-3948 Fax 734-622-1690 "Imagination is more important than knowledge"...Albert Einstein _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Local Director Config
See below -Original Message- From: Keith Whitfield [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 08, 2001 5:33 PM To: [EMAIL PROTECTED] Subject: Local Director Config Hi... I am in the process of implementing a Local Director for the servers in our company. Right now in the process of documenting the requirements and design of it. I have some questions for which the cisco site don't have information in the LD documentation. I have 2 servers on which I need to do load balancing as well as have a fail over redundancy in case one of them goes down. I can achieve this by the LD. But the traffic that goes via the LD are real time transactions and I don't know how the application(our) will respond to these requests, since LD laod balances on a packet-packet basis. Basically we will be having 2 instances of the application running.So, my questions are 1.To achieve synchronization between the servers for every transaction that occur Do I need to have a clustering software for these servers? You'll need to be running co-standby or another clustering software to replicate the data. Local director won't do this for you. A common architecture is to avoid having that data saved directly to a web box, rather to separated and secure data stores which centralizes backup, administration ... yadda yaddda 2.Can I configure the LD to forward all requests to only one server (even though it is connected to another server) and make the second available when the first goes down? The short answer to this question is no. The way local director determines that a server is down is by using ping probe. If you're running www services or smtp services and those services fail yet the machine remains working, no fail over will occur. My belief, although it may be contrary to other's beliefs, is that local director is good only for load distribution and not fail over, though it makes the process of recovery easier if you're using the LD LUD. 3. Does the The sample configs in the LD documentation assume that the servers are already clustered or have only static data for the outside users? I may not have a clear idea of what you mean by this. Clustering in the logical sense or the physical sense? I have always configured local director only after physically connecting and configuring those load balanced servers. Any comments on this or if someone has a similar setup what I am trying to acheive , please reply back. Thanks in advance. Regards Keith. __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: loadbalancing with NIC's
We are planning to connect a server with a single NIC that supports faultolerance , redudndancy and load balancing. How does a C6509 treat a Nic that is connected to two of its ports (same vlans) Mo Durrani Multiple Fast EtherChannel aware NICs can load-share on the same VLAN. Otherwise, the 802.1D spanning tree algorithm will block more than one card; you will get failover but no load distribution. By putting them into different VLANs, you can get load-sharing, assuming, of course, that the higher layers know how to distribute the load. The ideal situation is that your clients could be configured with primary and secondary server addresses. At some point, you need to consider, in your fault tolerance model, what to do if either the server or the 6509 itself fails. Frankly, I'd consider isolated NIC failures less likely than either of these cases. Other people may have different experience. If you are going to have different NICs, do consider running them to different wire closets, or otherwise maximizing cable plant diversity. Never underestimate the power of a less than clueful wiring technician. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Motivations and Age (was Re: T1 Link)
Yup, SLARP is pretty cool. It's one good reason to use HDLC. It makes configuration so easy. Also, the students will love saying SLARP. I'm helping out with the academy at our local high school, as I've mentioned before. Those students will love saying SLARP, over and over and over again. Lately, they have taken to giving me a hard time about "Sniffer." They snicker every time I say it. It's kind of embarrassing, to be honest. I want them to take it seriously. It's all boys, so I'm worried that Sniffer means something dirty. Sigh. that context is rather clean, compared to my metaphor for doing a wireless transfer between two Palm Pilots: the yuppie version of dogs sniffing one another. I'm having a hard time, in general, teaching networking to kids who don't really love it and don't have to know it for their jobs. I got spoiled, teaching classes to people who had paid money to be there and needed the info to survive on the job. I'm sure it's quite different at a community college, but you probably get some young people too. Any advice?? Thanks! Talk to you later! Priscilla Priscilla, I think you raise some very good points, and this list may actually be a very good place to get insights into it. My teenage motivations were a long time ago in memory. At the time, routers were steam powered...actually, they hadn't been invented yet. My weird nerd interests were much more in microbiology. I'm afraid that I often go into hysterical giggling when people start saying their generation is so cool because they grew up with the technology...well, I can sort of say that too. Sure, I know people that have been doing networking longer than I have...Scott Bradner and Vint Cerf come to mind. So my perspective is going to be different from someone of the same age who is just transitioning into the field. But it's also going to be different from someone in high school or early college. I'd encourage people here that have peers in the situation Priscilla describes -- in networking classes, without much life experience -- help us understand how best to motivate them, how to communicate with them. You've also made the point with respect to the acceptance of software piracy, that perhaps there is a sense of entitlement by people that don't have a personal sense of earning one's living through product development. I'd pose the question to the younger people on the list -- does this fit your experience, or are we completely in left field? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: T1 Link
Sorry, I should have given credit for the info about HDLC. I got it from somewhere on Cisco's site, but I can't find it again. I've had it for a while. It's been posted to this list a few times before by Howard and others. Maybe I got it from Howard. I've posted it, but I think it's originally written by Chops Westerfield, who I think was something like Cisco employee #4 and was top-level support for many years. You'll note that is uses "cisco" instead of "Cisco." That shows how old it is. Cisco used to go by "cisco." Too bad, I can't claim to have written it all myself! ;-) Priscilla _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: telnet access to pix
Watch the line wrap: From http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/config/com mands.htm#xtocid1604970 "If IPSec is operating, PIX Firewall lets you specify an unsecure interface name, typically, the outside interface. At a minimum, the crypto map command must be configured to specify an interface name with the telnet command." So the answer is yes, but with caveats. Tommy -Original Message- From: Frank Kim [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 3:42 PM To: [EMAIL PROTECTED] Subject: telnet access to pix Hey guys, I got eth0= security0 and eth1=security100. I'm able to telnet from the inside network. Is there any way for me to telnet from the outside? Pix has disabled this by default. -Frank _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: protocol detects errors
At 11:31 PM 2/8/01, Jeremy Dumoit wrote: I think I'm unclear on some of the protocols here... for what purpose would a protocol detect errors, but not correct them? A protocol detects errors so it can throw a bad frame out rather than pass it to the next layer up. Most data-link-layer protocols have a CRC that does error detection. The sender adds up all the bits and does some bizarre calculation on them. The sender places the result in the CRC field of the frame. The receiver does the exact same algorithm. If the result is different than the CRC in the frame, the recipient throws out the frame. In modern implementations, the data link protocols have a frame checking sequence (a somewhat broader term than CRC), which is implemented in hardware and generates a 32-bit checksum. In contrast, IP and TCP use the simple Fletcher algorithm, and a much smaller field, so they don't have the same error detection (or even correction) power. Flashing back to the late seventies, I was in a US government standards meeting that was working on ADDCP, the ANSI predecessor of HDLC. One of the decisions was how long to make the checksum -- 16, 32, or 64 bits. There was a lot of interest in 16 bits rather than 32, but 32 was the consensus. It was agreed that 64 bits would improve things a bit. At one point in the discussion, after one of the military people had said 32 bits was enough for Emergency Action Messages -- better known as nuclear launch orders -- I observed that the incremental error-detection difference betweeen 32 and 64 bits appeared to be the acceptable risk of accidental nuclear war. People babbled a bit and said...well...that's not EXACTLY what we meant. As I believe Disraeli said, there are lies, damned lies, and statistics. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
