Re: Back to Back config
I figured it out, the Cisco 1005 is not capable of being a DCE, so I just switched the cable around and it works now..thanks for your help! ""CiScO"" <[EMAIL PROTECTED]> wrote in message 96nvg4$psa$[EMAIL PROTECTED]">news:96nvg4$psa$[EMAIL PROTECTED]... > I've already done that, but when I do sho run on the DCE router it doesn't > show the clock rate in the config.whats going on? > > > "John Neiberger" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I believe the cause of your problem is that you are using the bandwidth > > statement instead of the clock rate statement. The bandwidth statement > has > > no effect on physical layer clocking, it only makes adjustments to routing > > protocol metric calculations. > > > > To make this behave correctly, add "clockrate 64000" to the DCE side. If > > that doesn't work, let us know. > > > > HTH, > > John > > > > > I can't seem to bring up the protocol on my 2 routers. A 2503 (DTE) > and > > a > > > 1005(DCE w/ clockrate of 64000) connected via crossover serial. Here > are > > the > > > serial interfaces configs.. > > > > > > Cisco 1005 > > > interface Serail0 > > > ip address 192.0.0.2 255.255.255.0 > > > encap ppp > > > bandwidth 64 > > > > > > > > > > > > Cisco 2503 > > > interface Serial0 > > > ip address 192.0.0.1 255.255.255.0 > > > encap ppp > > > bandwidth 64 > > > > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > > > ___ > > Send a cool gift with your E-Card > > http://www.bluemountain.com/giftcenter/ > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IGRP to EIGRP conversion #2
This will probably help: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_r /1rprt1/1reigrp.htm#xtocid135027 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of suaveguru Sent: Sunday, 18 February 2001 5:46 PM To: Russell Lusignan; [EMAIL PROTECTED] Subject: Re: IGRP to EIGRP conversion #2 sorry mind if I ask what is the command to change default admin dist of a routing protocol regards, suaveguru --- Russell Lusignan <[EMAIL PROTECTED]> wrote: > Enable EIGRP on the routers and add the network > statements as you normally > would.. raise the administrative distance of EIGRP > to 110, I believe IGRP > is 100 so even though both routing protocols are > running on every router, > EIGRP routes will be rejected because IGRP has a > lower admin distance.. > Once the routers are ready, simply put the admin > distance of EIGRP back to > 90 and it should converge within a few mins.. Once > the network is using > only EIGRP learned routes, remote IGRP off the > routers. > > hope that helps > Russ.. > > > ""Roberts, Timothy"" <[EMAIL PROTECTED]> > wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I have a hub site with 5 remote sites connecting > to it via frame relay. > > They are all running IGRP with the same AS. What > would be the best way to > > migrate from IGRP to EIGRP? Starting by enabling > EIGRP on the core router > > and run both IGRP and EIGRP. Then convert the > spokes one by one. Then > > remove IGRP from the core. Can I just enable > EIGRP on the remotes, allow > > some time to propagate routes in to the table, and > then disable IGRP? The > > people up stairs will not allow for any > significant down time. > > Thanks > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Back to Back config
I've already done that, but when I do sho run on the DCE router it doesn't show the clock rate in the config.whats going on? "John Neiberger" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I believe the cause of your problem is that you are using the bandwidth > statement instead of the clock rate statement. The bandwidth statement has > no effect on physical layer clocking, it only makes adjustments to routing > protocol metric calculations. > > To make this behave correctly, add "clockrate 64000" to the DCE side. If > that doesn't work, let us know. > > HTH, > John > > > I can't seem to bring up the protocol on my 2 routers. A 2503 (DTE) and > a > > 1005(DCE w/ clockrate of 64000) connected via crossover serial. Here are > the > > serial interfaces configs.. > > > > Cisco 1005 > > interface Serail0 > > ip address 192.0.0.2 255.255.255.0 > > encap ppp > > bandwidth 64 > > > > > > > > Cisco 2503 > > interface Serial0 > > ip address 192.0.0.1 255.255.255.0 > > encap ppp > > bandwidth 64 > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > ___ > Send a cool gift with your E-Card > http://www.bluemountain.com/giftcenter/ > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IGRP to EIGRP conversion #2
sorry mind if I ask what is the command to change default admin dist of a routing protocol regards, suaveguru --- Russell Lusignan <[EMAIL PROTECTED]> wrote: > Enable EIGRP on the routers and add the network > statements as you normally > would.. raise the administrative distance of EIGRP > to 110, I believe IGRP > is 100 so even though both routing protocols are > running on every router, > EIGRP routes will be rejected because IGRP has a > lower admin distance.. > Once the routers are ready, simply put the admin > distance of EIGRP back to > 90 and it should converge within a few mins.. Once > the network is using > only EIGRP learned routes, remote IGRP off the > routers. > > hope that helps > Russ.. > > > ""Roberts, Timothy"" <[EMAIL PROTECTED]> > wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I have a hub site with 5 remote sites connecting > to it via frame relay. > > They are all running IGRP with the same AS. What > would be the best way to > > migrate from IGRP to EIGRP? Starting by enabling > EIGRP on the core router > > and run both IGRP and EIGRP. Then convert the > spokes one by one. Then > > remove IGRP from the core. Can I just enable > EIGRP on the remotes, allow > > some time to propagate routes in to the table, and > then disable IGRP? The > > people up stairs will not allow for any > significant down time. > > Thanks > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Back to Back config
I believe the cause of your problem is that you are using the bandwidth statement instead of the clock rate statement. The bandwidth statement has no effect on physical layer clocking, it only makes adjustments to routing protocol metric calculations. To make this behave correctly, add "clockrate 64000" to the DCE side. If that doesn't work, let us know. HTH, John > I can't seem to bring up the protocol on my 2 routers. A 2503 (DTE) and a > 1005(DCE w/ clockrate of 64000) connected via crossover serial. Here are the > serial interfaces configs.. > > Cisco 1005 > interface Serail0 > ip address 192.0.0.2 255.255.255.0 > encap ppp > bandwidth 64 > > > > Cisco 2503 > interface Serial0 > ip address 192.0.0.1 255.255.255.0 > encap ppp > bandwidth 64 > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does a PIX Route (was Re: Firewalls and VPNs)
Is there any good reason why the PIX doesn't route? Why it doesn't run OSPF? A Checkpoint firewall running on a Solaris box would be able to run OSPF or something, right? Why not a PIX? Michael --- anthony kim <[EMAIL PROTECTED]> wrote: > Does your pix have a default route? > Does your pix forward packets between subnets? > Logically, then, the pix routes. Call it what you > will, when forwarding > between disparate networks, you route. I suppose > cisco misunderstands the > term "route" too. > > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v42/pix42cfg/pix42apa.htm#xtocid88422 > > Here's from Cisco: > > route Command > > The following are the extensions to the route > command: > > The routing table has been improved to let you > specify the IP address > of a PIX Firewall interface in the route command. If > the route > command statement uses the IP address from one > of the PIX Firewall > unit's interfaces as the gateway IP address, PIX > Firewall will > ARP for the destination IP address in the > packet instead of ARPing > for the gateway IP address. > > PIX Firewall also does not accept duplicate > routes with different > metrics for the same gateway. > > In version 5.1(1), the CONNECT route entry is > supported. (This > identifier appears when you use the show route > command.) The > CONNECT identifier is assigned to an > interface's local network and > the interface IP address, which is in the IP local > subnet. PIX > Firewall will use ARP for the destination > address. The CONNECT > identifier cannot be removed, but changes when you > change the > IP address on the interface. > > You can now enter duplicate route command > statements with different > gateways and metrics. > > You can now enter static route command > statements with virtual > subnets; for example: > > route outside 10.2.2.8 255.255.255.248 192.168.1.3 > route outside 10.2.2.8 255.255.255.255 192.168.1.1 > > --- Jason <[EMAIL PROTECTED]> wrote: > > As someone said yesterday: The PIX will not route, > period. It will NAT > > (including NAT 0), but it will not route packets > between different > > networks. > > If you need routing off any interface on a PIX, > you need a router there. > > > > -- > > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, > Network+, A+ > > List email: [EMAIL PROTECTED] > > Homepage: http://jason.artoo.net/ > > Cisco resources: http://r2cisco.artoo.net/ > > > > > > "anthony kim" <[EMAIL PROTECTED]> wrote in > message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > A device can best be described by its chief > function. You can use a > > > PIX as a router, just allow everything through. > In fact you can use a > > > router as a firewall, be selective with access > lists. Terminology is > > > flexible as long as you're pragmatic about > function. > > > > > > > > > On Fri, Feb 16, 2001 at 10:52:06AM -0800, Dan > West wrote: > > > >PIX - sounds like a router to me - packet > forwarding > > > >based on layer 3 addressing. It has extra > security > > > >features and all of a sudden it's a > > > >firewall...marketing fluff? or accurate > description??? > > > >who will uncover this mystery ;> > > > > > > > >--- mtieast <[EMAIL PROTECTED]> wrote: > > > >> I think this comes from the fact that cisco > > > >> instructors in class say that > > > >> the Pix is not a router. I have heard this as > well > > > >> when I had the class. > > > >> > > > >> I know the Pix is not a router, but does it > route? > > > >> Well, if making decisions > > > >> about where to send traffic based on layer 3 > info is > > > >> routing then I would > > > >> argue it does route. It does not forward > traffic > > > >> based on layer 2 info so > > > >> .. > > > >> > > > >> It routes traffic to the appropriate > interface. Can > > > >> someone else shed some > > > >> light as to why this is said. If it doesn't > route > > > >> the traffic it recieves > > > >> what does it do? > > > >> > > > >> > > > >> > > > >> -Original Message- > > > >> From: haroldnjoe <[EMAIL PROTECTED]> > > > >> Newsgroups: groupstudy.cisco > > > >> To: [EMAIL PROTECTED] > <[EMAIL PROTECTED]> > > > >> Date: Friday, February 16, 2001 12:41 PM > > > >> Subject: Firewalls and VPNs > > > >> > > > >> > > > >> >I've read here a couple of times that PIX's > don't > > > >> route. Period. In light > > > >> of > > > >> >this I'm left a little confused as to a > proposed > > > >> network map I was given > > > >> >recently. > > > >> > > > > >> >The core layer router is a 3640 linking all > of our > > > >> branch offices together. > > > >> >From the 3640, there is an ethernet > connection to a > > > >> PIX 515R. From the > > > >> PIX, > > > >> >there is another ethernet connection to a > 1750 > > > >> router. The 1750 connects > > > >> via > > > >> >T1 to our ISP. There is yet another > ethernet > > > >> connection from the PIX to > > > >> the > > > >> >isolation lan, on which reside
Back to Back config
I can't seem to bring up the protocol on my 2 routers. A 2503 (DTE) and a 1005(DCE w/ clockrate of 64000) connected via crossover serial. Here are the serial interfaces configs.. Cisco 1005 interface Serail0 ip address 192.0.0.2 255.255.255.0 encap ppp bandwidth 64 Cisco 2503 interface Serial0 ip address 192.0.0.1 255.255.255.0 encap ppp bandwidth 64 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Firewalls and VPNs
Anyone can confirm that a PIX decrements TTL? On Sat, Feb 17, 2001 at 11:35:46AM -0500, Howard C. Berkowitz wrote: >This is a less marketing-speak and more technically driven >terminology problem than router versus switch, but, again, I fall >back on there being no such thing as a router. There are L3 route >determination and L3 packet forwarding functions. > >In the case of the PIX, we have what the IETF is loosely calling a >"midbox". It does not have route determination, but it does have >packet forwarding. It also has NAT with higher-layer awareness, >stateful packet screening, etc. > >I honestly don't know if the PIX decrements the TTL field when it >rewrites a packet header. It has to recompute the IP header checksum >(and, indeed, TCP/UDP checksums) if it is NAT'ing, not just >inspecting. > > From my point of view, I'd like the midbox to decrement TTL, to give >any chance of a traceroute being meaningful. Of course, if the PIX >does NAT, a traceroute is useless. > >>As someone said yesterday: The PIX will not route, period. It will NAT >>(including NAT 0), but it will not route packets between different networks. >>If you need routing off any interface on a PIX, you need a router there. >> >>-- >>Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ >>List email: [EMAIL PROTECTED] >>Homepage: http://jason.artoo.net/ >>Cisco resources: http://r2cisco.artoo.net/ >> >> >>"anthony kim" <[EMAIL PROTECTED]> wrote in message >>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >>> A device can best be described by its chief function. You can use a >>> PIX as a router, just allow everything through. In fact you can use a >>> router as a firewall, be selective with access lists. Terminology is >>> flexible as long as you're pragmatic about function. >>> >>> >>> On Fri, Feb 16, 2001 at 10:52:06AM -0800, Dan West wrote: >>> >PIX - sounds like a router to me - packet forwarding >>> >based on layer 3 addressing. It has extra security >>> >features and all of a sudden it's a >>> >firewall...marketing fluff? or accurate description??? >>> >who will uncover this mystery ;> >>> > >>> >--- mtieast <[EMAIL PROTECTED]> wrote: >>> >> I think this comes from the fact that cisco >>> >> instructors in class say that >>> >> the Pix is not a router. I have heard this as well >>> >> when I had the class. >>> >> >>> >> I know the Pix is not a router, but does it route? >>> >> Well, if making decisions >>> >> about where to send traffic based on layer 3 info is >>> >> routing then I would >>> >> argue it does route. It does not forward traffic >>> >> based on layer 2 info so >>> >> .. >>> >> >>> >> It routes traffic to the appropriate interface. Can >>> >> someone else shed some >>> >> light as to why this is said. If it doesn't route >>> >> the traffic it recieves >>> >> what does it do? >>> >> >>> >> >>> >> >>> >> -Original Message- >>> >> From: haroldnjoe <[EMAIL PROTECTED]> >>> >> Newsgroups: groupstudy.cisco >>> >> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> >>> >> Date: Friday, February 16, 2001 12:41 PM >>> >> Subject: Firewalls and VPNs >>> >> >>> >> >>> >> >I've read here a couple of times that PIX's don't >>> >> route. Period. In light >>> >> of >>> >> >this I'm left a little confused as to a proposed >>> >> network map I was given >>> >> >recently. >>> >> > >>> >> >The core layer router is a 3640 linking all of our >>> >> branch offices together. >>> >> >From the 3640, there is an ethernet connection to a >>> >> PIX 515R. From the >>> >> PIX, >>> >> >there is another ethernet connection to a 1750 >>> >> router. The 1750 connects >>> >> via >>> >> >T1 to our ISP. There is yet another ethernet >>> >> connection from the PIX to >>> >> the >>> >> >isolation lan, on which resides an internet >>> >> mail/web server and a VPN 3000 >>> >> >concentrator. >>> >> > >>> >> >If PIX's don't route, what subnet is the isolation >>> >> lan going to sit on? As >>> >> >I understand it, the PIX will be providing NAT >>> >> functionality for the 3640 >>> >> >and everything behind it. So I would assume that >>> >> the T1 and ethernet >>> >> >interfaces on the 1750, the outside interfaces on >>> >> the PIX, and everything >>> >> in >>> >> >the isolation lan including the VPN concentrator >>> >> will have to have public >> > >> IP >>> >> >addresses which will be given to us by our ISP. >>> >> The way the map is layed >>> >> >out, it looks to me like the isolation lan would >>> >> have to be on its own >>> >> >subnet. >>> >> > >>> >> >What am I missing? If the PIX doesn't route, do >>> >> it's ethernet interfaces >>> >> >reside on the same subnet as the isolation lan? If >>> >> so, then the ethernet >>> >> >interface on the 1750 must also be on that subnet, >>> >> right? >>> >> > >>> >> >This is the proposed network map that Cisco's >>> >> presale engineers gave me. >>> >> >I'm sure it's a solid design, but I'm stil
question about frame
Hey guys, I just got a quick question about Frame Relay. I've been reading the BCRAN book published by Sybex, and I'm finding the frame relay chapter a bit confusing. A few paragraphs from the Sybex book state the following: "Committed burst size and excess burst size are the two types of burst sizes. Each of these sizes is measured over a specific time interval called the committed rate measurement interval. Committed burst size is the maximum amount of data that the network can guarantee will be delivered during the committed time interval. The excess burst size is the amount of traffic which the user may exceed the committed burst size. For example, take a user who buys a Frame Relay circuit with the following characteristics: 1544Kbs access rate, 256K CIR, 4 second committed time interval. The user is guaranteed a CIR of 256Kbps over a four-second period. The user could transmit 256Kbps for four seconds, and the network would ensure delivery. The user could alternately send 1024Kbps for one second, representing the committed burst. However for the remaining three seconds, there would be no guarantee of delivery for the excess burst traffic." When the author says "The user could alternately send 1024Kbps for one second, representing the committed burst.", is he defining the committed burst as any speed above the CIR that does not exceed the total amount of information (256Kbps * 4 second interval = 1024K, total info) allowed to be sent during the time interval ? I always thought of the committed burst rate as a rate of information agreed upon with the Telco. For example, I thought you could get a CIR of 256Kbps and a burst up to 512Kbps, or a CIR of 256Kbps with a burst up to 1.544 Mbps. Could anyone do me the favor of defining committed burst rate and excess burst rate, and while you're at it differentiate between the two? :) Thanks, Fred Danson _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
question about frame
Hey guys, I just got a quick question about Frame Relay. I've been reading the BCRAN book published by Sybex, and I'm finding the frame relay chapter a bit confusing. A few paragraphs from the Sybex book state the following: "Committed burst size and excess burst size are the two types of burst sizes. Each of these sizes is measured over a specific time interval called the committed rate measurement interval. Committed burst size is the maximum amount of data that the network can guarantee will be delivered during the committed time interval. The excess burst size is the amount of traffic which the user may exceed the committed burst size. For example, take a user who buys a Frame Relay circuit with the following characteristics: 1544Kbs access rate, 256K CIR, 4 second committed time interval. The user is guaranteed a CIR of 256Kbps over a four-second period. The user could transmit 256Kbps for four seconds, and the network would ensure delivery. The user could alternately send 1024Kbps for one second, representing the committed burst. However for the remaining three seconds, there would be no guarantee of delivery for the excess burst traffic." When the author says "The user could alternately send 1024Kbps for one second, representing the committed burst.", is he defining the committed burst as any speed above the CIR that does not exceed the total amount of information (256Kbps * 4 second interval = 1024K, total info) allowed to be sent during the time interval ? I always thought of the committed burst rate as a rate of information agreed upon with the Telco. For example, I thought you could get a CIR of 256Kbps and a burst up to 512Kbps, or a CIR of 256Kbps with a burst up to 1.544 Mbps. Could anyone do me the favor of defining committed burst rate and excess burst rate, and while you're at it differentiate between the two? :) Thanks, Fred Danson _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT & HSRP Problem
Currently the IOS does not support NAT & HSRP operating together It's not a bug as they do mention it somewhere on CCO (possibly in the NAT FAQ) There is both the problem with the standby router not knowing the NAT translation table of the active router and the fact that NAT won't use the virtual MAC address but uses the actual physical address I've heard that they are working on a enhancement that should address both issues. Hopefully it will be out in 12.2x. Bob -Original Message- From: Jason Fletcher To: [EMAIL PROTECTED] Sent: 2/16/01 3:24 PM Subject: Re: NAT & HSRP Problem I don't think you can do this? The standby router doesn't have the translation table of the active router, so when the active router went down you will lose your connection. Jason Fletcher "Simon Watson" wrote in message ... >Hi Guys > >I've got 2 dual ethernet Cisco 1605 routers connected to each other via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of both routers are in one HSRP group & eth1 are in another HSRP group). Both routers have also been set up to staically NAT a device(which will be called Test PC) on the local network which is connected to eth 1 of the routers.Also tracking is set on both of the primary router's interfaces to monitor the other interface. > >Eth0 on both routers are connected to a Core router via a hub. In normal operation, if the test PC sent continous PING's to a device hanging on the Core router, it's local IP address is translated by the HSRP Primary router & routed towards the core router & all is well. On inspection of the Core routers ARP cache shows the translated IP address of test PC and the virtual MAC- address of the primary (int eth0) HSRP router as expected. > >However if the cable on eth1 of the Primary router is plugged out to invoke the Standby router to become active the PING's seemed to be not getting through. On inspection of the 2 1600 routers the changover of the Standby router from standby to active has taken place, with the Primary router now in a standby state. > >However on inspecting the ARP cache of the core router, instead of seeing the translated IP address of the test PC with the virtual MAC address, the translated IP address was seen with the REAL hardware address of the now standby interface on the primary router, thus causing the PING's not to work. > >I've tried this with another set of routers & the same thing happened. Has Cisco got a bug with HSRP being configured with a router when NAT is also configued. Plase let me know your thoughts on this matter. > >Thanks >Simon CCNPGet Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com">http://www.hotmail.com. > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ghost Server and clients using multicast
Jeff, My understanding of the Ghost multicast clients is that they use the OSI Packet Driver, and support layer 2 multicast only (ie. cannot be routerd through VLANs). You may need to put a multicast server in any VLAN where there are clients (remember that the server does very little and could just be an ordinary PC). Another option would be to purchase an Intel Server Pro (or similar) card that supports VLAN trunking at the server, so the one multicast server system could be logically connected to all VLANs. Adam - Original Message - From: "Jeff" <[EMAIL PROTECTED]> Newsgroups: groupstudy.cisco To: <[EMAIL PROTECTED]> Sent: Saturday, February 17, 2001 2:06 AM Subject: Ghost Server and clients using multicast > Does anyone have experience working with a Ghost Server that multicast? I > have a 6509 and 4006's in the closets with multiple VLANs and having > troubles with the client using a boot floppy. It works fine if you iniate > from the server though. > > Thanks in advance, > Jeff > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Good study guide for CCNP?
<<< I just passed the CCNA exam and I would like to study CCNP. >>> I say this not as a joke, but PRACTICAL EXPERIENCE. Let your first router job teach you a little & educate yourself with a real network. It's @ that point you can figure what it is you really want to do... Phil - Original Message - From: "John" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, February 17, 2001 3:56 PM Subject: Good study guide for CCNP? > Hi Folks: > I just passed the CCNA exam and I would like to study CCNP. Could > someone give me a suggestion what books will be good resource for my > CCNP study? Thanks! > > John > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab Prep Boot Camps
Has anyone here attended any of the CCIE lab prep boot camps? If so what training company was it with, and was the boot camp worth it? Chad A. Simmons, MCSE, CCDA, CCNP Network/Systems Consultant Network Services Group Court Sqare Data Group, Inc. [EMAIL PROTECTED] Mail2Web - Check your email from the web at http://www.mail2web.com/ . _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: promiscuous mode (NIC)
Well if you're looking to sniff for traffic, you can use a Linux box with tools like Ethereal and IPTraf (traffic data) to collect information. [EMAIL PROTECTED] wrote in message <[EMAIL PROTECTED]>... > > Does anyone no of any good promiscuous tools? and how do you no your NIC is >in or have a promiscuous NIC in your Computer > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Systemic problems at Verizon
I had a similar experience at a familiar location in Washington, DC. I can
still taste the funny taste that it left in my mouth. No - I didn't grab the
wires in my teeth - but the experience did leave me with a funny taste. If I
think about it, I can still taste it today...
Was no wall there - went straight out the door and into the cubes...
Z
>From: "Howard C. Berkowitz" <[EMAIL PROTECTED]>
>Reply-To: "Howard C. Berkowitz" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: Systemic problems at Verizon
>Date: Fri, 16 Feb 2001 15:53:47 -0500
>
> >There exist little red caps that fit onto 66 blocks and binding
> >posts. They're hard to find, though. If someone here knows of
> >the supplier, I'll buy a few hundred.
> >
> >In the 60's there was a special red ty-wrap that went around/over
> >posts/punches for ""national security"" lines. You had to cut same
> >off to test, and {in theory} requisition a replacement. I've only
> >see same in BSP's so I've no idea if they ever got much use.
>
>I think the BSP called them Special Service Protection, and there was
>a more stringent version called Special Safeguarding Measures. The
>latter, IIRC, didn't quite qualify as a military grade Protected
>Wireline Distribution System, which went to the extents of
>pressurized conduit with intrusion detectors.
>
> >
> >We used to protect leased metallic pairs in a simpler manner; we
> >parked +130 Tip/-130 Ring on same. When Mr. Green put his butt set
> >on same; if his fingers didn't alert him, the BANG in his ear did.
>
>Someone did that once with _stranded_ wire, so the strand was fine
>enough to puncture the skin. I found myself in a corner with very
>little recollection of how I got there, and am really not sure that
>if there had not been a wall there, I would have kept going. Oh
>well...I didn't freeze to the conductor.
>
>_
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_
Get your FREE download of MSN Explorer at http://explorer.msn.com
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT & HSRP Problem
I don't think you can do this? The standby router doesn't have the translation table of the active router, so when the active router went down you will lose your connection. Jason Fletcher "Simon Watson" wrote in message ... >Hi Guys > >I've got 2 dual ethernet Cisco 1605 routers connected to each other via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of both routers are in one HSRP group & eth1 are in another HSRP group). Both routers have also been set up to staically NAT a device(which will be called Test PC) on the local network which is connected to eth 1 of the routers.Also tracking is set on both of the primary router's interfaces to monitor the other interface. > >Eth0 on both routers are connected to a Core router via a hub. In normal operation, if the test PC sent continous PING's to a device hanging on the Core router, it's local IP address is translated by the HSRP Primary router & routed towards the core router & all is well. On inspection of the Core routers ARP cache shows the translated IP address of test PC and the virtual MAC- address of the primary (int eth0) HSRP router as expected. > >However if the cable on eth1 of the Primary router is plugged out to invoke the Standby router to become active the PING's seemed to be not getting through. On inspection of the 2 1600 routers the changover of the Standby router from standby to active has taken place, with the Primary router now in a standby state. > >However on inspecting the ARP cache of the core router, instead of seeing the translated IP address of the test PC with the virtual MAC address, the translated IP address was seen with the REAL hardware address of the now standby interface on the primary router, thus causing the PING's not to work. > >I've tried this with another set of routers & the same thing happened. Has Cisco got a bug with HSRP being configured with a router when NAT is also configued. Plase let me know your thoughts on this matter. > >Thanks >Simon CCNPGet Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com">http://www.hotmail.com. > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
promiscuous mode (NIC)
Does anyone no of any good promiscuous tools? and how do you no your NIC is in or have a promiscuous NIC in your Computer _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT & HSRP Problem
Hi Guys I've got 2 dual ethernet Cisco 1605 routers connected to each other via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of both routers are in one HSRP group & eth1 are in another HSRP group). Both routers have also been set up to staically NAT a device(which will be called Test PC) on the local network which is connected to eth 1 of the routers.Also tracking is set on both of the primary router's interfaces to monitor the other interface. Eth0 on both routers are connected to a Core router via a hub. In normal operation, if the test PC sent continous PING's to a device hanging on the Core router, it's local IP address is translated by the HSRP Primary router & routed towards the core router & all is well. On inspection of the Core routers ARP cache shows the translated IP address of test PC and the virtual MAC- address of the primary (int eth0) HSRP router as expected. However if the cable on eth1 of the Primary router is plugged out to invoke the Standby router to become active the PING's seemed to be not getting through. On inspection of the 2 1600 routers the changover of the Standby router from standby to active has taken place, with the Primary router now in a standby state. However on inspecting the ARP cache of the core router, instead of seeing the translated IP address of the test PC with the virtual MAC address, the translated IP address was seen with the REAL hardware address of the now standby interface on the primary router, thus causing the PING's not to work. I've tried this with another set of routers & the same thing happened. Has Cisco got a bug with HSRP being configured with a router when NAT is also configued. Plase let me know your thoughts on this matter. Thanks Simon CCNPGet Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com">http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Does a PIX Route (was Re: Firewalls and VPNs)
Does your pix have a default route? Does your pix forward packets between subnets? Logically, then, the pix routes. Call it what you will, when forwarding between disparate networks, you route. I suppose cisco misunderstands the term "route" too. http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v42/pix42cfg/pix42apa.htm#xtocid88422 Here's from Cisco: route Command The following are the extensions to the route command: The routing table has been improved to let you specify the IP address of a PIX Firewall interface in the route command. If the route command statement uses the IP address from one of the PIX Firewall unit's interfaces as the gateway IP address, PIX Firewall will ARP for the destination IP address in the packet instead of ARPing for the gateway IP address. PIX Firewall also does not accept duplicate routes with different metrics for the same gateway. In version 5.1(1), the CONNECT route entry is supported. (This identifier appears when you use the show route command.) The CONNECT identifier is assigned to an interface's local network and the interface IP address, which is in the IP local subnet. PIX Firewall will use ARP for the destination address. The CONNECT identifier cannot be removed, but changes when you change the IP address on the interface. You can now enter duplicate route command statements with different gateways and metrics. You can now enter static route command statements with virtual subnets; for example: route outside 10.2.2.8 255.255.255.248 192.168.1.3 route outside 10.2.2.8 255.255.255.255 192.168.1.1 --- Jason <[EMAIL PROTECTED]> wrote: > As someone said yesterday: The PIX will not route, period. It will NAT > (including NAT 0), but it will not route packets between different > networks. > If you need routing off any interface on a PIX, you need a router there. > > -- > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > List email: [EMAIL PROTECTED] > Homepage: http://jason.artoo.net/ > Cisco resources: http://r2cisco.artoo.net/ > > > "anthony kim" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > A device can best be described by its chief function. You can use a > > PIX as a router, just allow everything through. In fact you can use a > > router as a firewall, be selective with access lists. Terminology is > > flexible as long as you're pragmatic about function. > > > > > > On Fri, Feb 16, 2001 at 10:52:06AM -0800, Dan West wrote: > > >PIX - sounds like a router to me - packet forwarding > > >based on layer 3 addressing. It has extra security > > >features and all of a sudden it's a > > >firewall...marketing fluff? or accurate description??? > > >who will uncover this mystery ;> > > > > > >--- mtieast <[EMAIL PROTECTED]> wrote: > > >> I think this comes from the fact that cisco > > >> instructors in class say that > > >> the Pix is not a router. I have heard this as well > > >> when I had the class. > > >> > > >> I know the Pix is not a router, but does it route? > > >> Well, if making decisions > > >> about where to send traffic based on layer 3 info is > > >> routing then I would > > >> argue it does route. It does not forward traffic > > >> based on layer 2 info so > > >> .. > > >> > > >> It routes traffic to the appropriate interface. Can > > >> someone else shed some > > >> light as to why this is said. If it doesn't route > > >> the traffic it recieves > > >> what does it do? > > >> > > >> > > >> > > >> -Original Message- > > >> From: haroldnjoe <[EMAIL PROTECTED]> > > >> Newsgroups: groupstudy.cisco > > >> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> > > >> Date: Friday, February 16, 2001 12:41 PM > > >> Subject: Firewalls and VPNs > > >> > > >> > > >> >I've read here a couple of times that PIX's don't > > >> route. Period. In light > > >> of > > >> >this I'm left a little confused as to a proposed > > >> network map I was given > > >> >recently. > > >> > > > >> >The core layer router is a 3640 linking all of our > > >> branch offices together. > > >> >From the 3640, there is an ethernet connection to a > > >> PIX 515R. From the > > >> PIX, > > >> >there is another ethernet connection to a 1750 > > >> router. The 1750 connects > > >> via > > >> >T1 to our ISP. There is yet another ethernet > > >> connection from the PIX to > > >> the > > >> >isolation lan, on which resides an internet > > >> mail/web server and a VPN 3000 > > >> >concentrator. > > >> > > > >> >If PIX's don't route, what subnet is the isolation > > >> lan going to sit on? As > > >> >I understand it, the PIX will be providing NAT > > >> functionality for the 3640 > > >> >and everything behind it. So I would assume that > > >> the T1 and ethernet > > >> >interfaces on the 1750, the outside interfaces on > > >> the PIX, and everything > > >> in > > >> >the isolation lan including the VPN concentrator > > >> will have to have public > > >> IP > > >> >address
Re: LoopBack
Cisco routers on an Ethernet interface send a keepalive frame to themselves every 10 seconds by default. Sniffers call the packets loopbacks. They are no big deal. They just appear to be a lot of traffic when you first see it with a sniffer. They use very little bandwidth and are not sent as broadcast, so it's not a problem. Priscilla At 02:10 PM 2/17/01, yong choonhwa wrote: >Hi, > >Recently, I done a snffing in my network and it showed a warning -same >source destination which I happen to found out is the cisco router doing a >loopback every 10 min to itself (router 1720). >However I have check the fasteth interface, no loopback been set and no >debug on. >Is this a common sign? >Can someone enlighten me on this? > >thank you >_ >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: The Juniper Networks Certified Internet Specialist (CIS)JN0-301
just a question. If you know the answer then answer otherwise keep quite !!! - Original Message - From: "Christopher Kolp" <[EMAIL PROTECTED]> To: "'Nathan'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, February 17, 2001 8:23 PM Subject: RE: The Juniper Networks Certified Internet Specialist (CIS)JN0-301 > Maybe he was asking an opinion? > > Why dontcha chill out, eh? I didn't know you were now a moderator. > > ck > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Nathan > Sent: Saturday, February 17, 2001 2:37 AM > To: [EMAIL PROTECTED] > Subject: Re: The Juniper Networks Certified Internet Specialist > (CIS)JN0-301 > > > And this relates to groupstudy.cisco how? > > Muhammad Zahid wrote: > > > Hi Fellows, > > > > Is any one have done "The Juniper Networks Certified Internet Specialist > > (CIS)JN0-301" please guide me how can i do prepare the exam. > > I have 5 year network experience and done my CCNP and almost complete > > the CCIE Written preparation. because i failed in it just with the 2%. I > > will try again . > > but now i want to do the JUNIPER CIS. > > > > I have done the > > > > M40 Architecture and Configuration EDU-M40-CON > > JUNOS Routing Policy EDU-JUN-RP > > Troubleshooting with JUNOS Software EDU-JUN-TS > > MPLS Traffic Engineering EDU-JUN-MP > > > > Bassam Halabi, Internet Routing Architectures > > Jeff Doyle, Routing TCP/IP Volume 1 > > Radia Perlman, Interconnections > > > > Now what can i do for the Exam. > > > > Kindest Regards > > Muhammad Zahid > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 3548 not seeing vlans
Hmm, certainly a trunking problem I would say, might want to check that both trunk ports (the 5500 and 3548) are not set to auto as they will never trunk (and auto is the Cisco default). You should set the trunk port on the 5500 to desirable. BUT, I think this is the problemYOU GOT LUCKY! I think that you probably initially set all the VTP AND VLAN information on the 3548 didn't you? It doesn't matter that the switch was set to VTP client. If the VTP domain configuration revision is set higher on the 3548 then on the 5500 that you plugged it into then the 5500's are pulling their VTP and VLAN info from the 3548. That is to say that if you had not configured the VLAN's on the 3548 prior to trunking it to the 5500 then your entire network would have gone down as the VLAN configs on all the other switches would have taken their config from the new "client". Well, I would first check to see that the revision is indeed greater on the new switch than on your VTP server (use the show vtp domain command) If it is greater, then I would reset the revision by changing he domain name on the new switch to some dummy domain...like set vtp domain reset then change it back to the correct domain. This reset's the revision back to 0 and everything should start working properly. Well, it may just be a shot in the dark, but I think one of the above two items is the issue. Jason Fletcher CCNP "alex campbell" wrote in message ... >hello all. >I have a switched network of 2 cat 5500s and 1 3548 >the cat 5500s have rsms, and there are 10 vlans in use which are seen by all >three switches. one of the 5500s is the vtp server. the switches are >connected via gigabit ethernet >now last week i bought another 3548 and gigabit connectors, with the >intention of connecting to the other 3548 and seeing all the vlans. Now >there is a connection (show cdp neigh) and i have copied al the relevant vtp >info and set it to a client. >Yet it refuses to see the other vlans...the original 3 switches can see them >fine. >encapsulation seems ok, so can anyone please give me some pointers ? > >Regards >Alex >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 3548 not seeing vlans
errata...didn't mean to say the revision was greater than the 5500 that you plugged the 3548 into. The revision would be greater than your VTP domain server, could be either of your 5500's. Jason Fletcher CCNP "Jason Fletcher" wrote in message <96mvpu$nre$[EMAIL PROTECTED]>... >Hmm, certainly a trunking problem I would say, might want to check that both >trunk ports (the 5500 and 3548) are not set to auto as they will never trunk >(and auto is the Cisco default). You should set the trunk port on the 5500 >to desirable. BUT, I think this is the problemYOU GOT LUCKY! I think >that you probably initially set all the VTP AND VLAN information on the 3548 >didn't you? It doesn't matter that the switch was set to VTP client. If >the VTP domain configuration revision is set higher on the 3548 then on the >5500 that you plugged it into then the 5500's are pulling their VTP and VLAN >info from the 3548. That is to say that if you had not configured the >VLAN's on the 3548 prior to trunking it to the 5500 then your entire network >would have gone down as the VLAN configs on all the other switches would >have taken their config from the new "client". Well, I would first check to >see that the revision is indeed greater on the new switch than on your VTP >server (use the show vtp domain command) If it is greater, then I would >reset the revision by changing he domain name on the new switch to some >dummy domain...like set vtp domain reset then change it back to the correct >domain. This reset's the revision back to 0 and everything should start >working properly. Well, it may just be a shot in the dark, but I think one >of the above two items is the issue. > >Jason Fletcher >CCNP >"alex campbell" wrote in message ... >>hello all. >>I have a switched network of 2 cat 5500s and 1 3548 >>the cat 5500s have rsms, and there are 10 vlans in use which are seen by >all >>three switches. one of the 5500s is the vtp server. the switches are >>connected via gigabit ethernet >>now last week i bought another 3548 and gigabit connectors, with the >>intention of connecting to the other 3548 and seeing all the vlans. Now >>there is a connection (show cdp neigh) and i have copied al the relevant >vtp >>info and set it to a client. >>Yet it refuses to see the other vlans...the original 3 switches can see >them >>fine. >>encapsulation seems ok, so can anyone please give me some pointers ? >> >>Regards >>Alex >>_ >>Get your FREE download of MSN Explorer at http://explorer.msn.com >> >>_ >>FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >> > > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Good study guide for CCNP?
There are four tests (or equivalent) for CCNP, each of which have separate materials, take a look at: http://www.cisco.com/warp/public/10/wwtraining/certprog/lan/programs/ccnp.ht ml and http://www.ciscopress.com/series.cfm?series=2&news=0 and/or the CCNP study guides by Todd Lammle. Cisco course materials are also excellent. If you plan to go beyond CCNP or get seriously into the topics, you'll want to get the standard references - Comer, Doyle, Clark, Halabi or equivalents. Enjoy. Arthur Stewart CCNP John wrote in message <[EMAIL PROTECTED]>... >Hi Folks: >I just passed the CCNA exam and I would like to study CCNP. Could >someone give me a suggestion what books will be good resource for my >CCNP study? Thanks! > >John > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cat 3548 not seeing vlans
Jonathan, A few things you can check: 1) Double check that switches are in same VTP domain, and 3500 are set as clients and not transparent 2) check the date and time on the new switches. I have seen this prevent VTP clients from being updated before, if they think the update is coming from the future. 3) Double check your trunking encapsulation and channeling(if there is any) Tough to call without the configs. Capture the Vlan config VLAN DATABASE. Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jonathan Hays Sent: Saturday, February 17, 2001 2:10 PM To: [EMAIL PROTECTED]; alex campbell Subject: Re: Cat 3548 not seeing vlans Here's a Cisco TAC URL that might help your technical problem. http://www.cisco.com/warp/public/793/lan_switching/2.html (As far as your shift key being broken... ) alex campbell wrote: > hello all. > I have a switched network of 2 cat 5500s and 1 3548 > the cat 5500s have rsms, and there are 10 vlans in use which are seen by all > three switches. one of the 5500s is the vtp server. the switches are > connected via gigabit ethernet > now last week i bought another 3548 and gigabit connectors, with the > intention of connecting to the other 3548 and seeing all the vlans. Now > there is a connection (show cdp neigh) and i have copied al the relevant vtp > info and set it to a client. > Yet it refuses to see the other vlans...the original 3 switches can see them > fine. > encapsulation seems ok, so can anyone please give me some pointers ? > > Regards > Alex > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: The Juniper Networks Certified Internet Specialist (CIS)JN0-301
Maybe he was asking an opinion? Why dontcha chill out, eh? I didn't know you were now a moderator. ck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nathan Sent: Saturday, February 17, 2001 2:37 AM To: [EMAIL PROTECTED] Subject: Re: The Juniper Networks Certified Internet Specialist (CIS)JN0-301 And this relates to groupstudy.cisco how? Muhammad Zahid wrote: > Hi Fellows, > > Is any one have done "The Juniper Networks Certified Internet Specialist > (CIS)JN0-301" please guide me how can i do prepare the exam. > I have 5 year network experience and done my CCNP and almost complete > the CCIE Written preparation. because i failed in it just with the 2%. I > will try again . > but now i want to do the JUNIPER CIS. > > I have done the > > M40 Architecture and Configuration EDU-M40-CON > JUNOS Routing Policy EDU-JUN-RP > Troubleshooting with JUNOS Software EDU-JUN-TS > MPLS Traffic Engineering EDU-JUN-MP > > Bassam Halabi, Internet Routing Architectures > Jeff Doyle, Routing TCP/IP Volume 1 > Radia Perlman, Interconnections > > Now what can i do for the Exam. > > Kindest Regards > Muhammad Zahid > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE and 2500 series issue
At 10:43 AM 2/17/01 -0500, you wrote: >All, > >I have 2 guys at work that have passed the ccie written and are going to >take the practical at the end of this month. I have 3 2500 series at home 2 >2501 and a 2503 along with a cisco 804. I have a chance to buy 3 more 2500 >at a very very good price, Well if that price is very, very good, buy them, use them, and then sell for a profit. You may find that they work just fine, and if the price is right <$600us, then you should be able to make some $ off of them to buy bigger toys. Matt Wehland _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Good study guide for CCNP?
Acutally you can go wrong. That book is for the old 1.0 track. You want the "Building Cisco Multilayer Switched Networks" for the 2.0 track. Personally...I like the books published by Cisco. Cheerz- Brent CCNA, CCDA, MCSE, MCP+I "Sammi" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > I can't vouch how effective this book is, as I've just ordered it > myself, but at regular price $69.99 and on sale for $7.00 I figured > can't go wrong. > > CCNP Cisco LAN Switch Configuration Study Guide > > http://www.amazon.com/exec/obidos/ASIN/0072119063/ref%3Dnosim/dominantsystem s/103-3082053-3995832 > > On 17 Feb 2001 13:58:26 -0500, [EMAIL PROTECTED] (John) mentioned: > > >Hi Folks: > >I just passed the CCNA exam and I would like to study CCNP. Could > >someone give me a suggestion what books will be good resource for my > >CCNP study? Thanks! > > > >John > > > >_ > >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: The Juniper Networks Certified Internet Specialist (CIS)JN0-301
Thanks Kevin [EMAIL PROTECTED] wrote: > I can discern 2 indirect relationships: > > 1. For people who are bored after achieving CCIE status in 2 or more of the > possible tracks AND are desparately seeking to differentiate themselves > from all the other CCIEs out there (since it's presumably a little less > exclusive each time a new # is doled out), this might be the next > certification they pursue. > > 2. Some of the advanced, non-vendor specific IGP & EGP content comprising > the CCIE exams might also be found in the Juniper exams. > > It would probably be amusing to see how much initial demand there would be > if groupstudy or some other capable entity were to set up an analagous > mailing list for juniper certification. > > Nathan <[EMAIL PROTECTED]>@groupstudy.com on 02/17/2001 02:36:30 AM > > Please respond to Nathan <[EMAIL PROTECTED]> > > Sent by: [EMAIL PROTECTED] > > To: [EMAIL PROTECTED] > cc:(bcc: Kevin Cullimore) > Subject: Re: The Juniper Networks Certified Internet Specialist > (CIS)JN0-301 > > And this relates to groupstudy.cisco how? > > Muhammad Zahid wrote: > > > Hi Fellows, > > > > Is any one have done "The Juniper Networks Certified Internet Specialist > > (CIS)JN0-301" please guide me how can i do prepare the exam. > > I have 5 year network experience and done my CCNP and almost complete > > the CCIE Written preparation. because i failed in it just with the 2%. I > > will try again . > > but now i want to do the JUNIPER CIS. > > > > I have done the > > > > M40 Architecture and Configuration EDU-M40-CON > > JUNOS Routing Policy EDU-JUN-RP > > Troubleshooting with JUNOS Software EDU-JUN-TS > > MPLS Traffic Engineering EDU-JUN-MP > > > > Bassam Halabi, Internet Routing Architectures > > Jeff Doyle, Routing TCP/IP Volume 1 > > Radia Perlman, Interconnections > > > > Now what can i do for the Exam. > > > > Kindest Regards > > Muhammad Zahid > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > +-+ > | This message may contain confidential and/or privileged | > | information. If you are not the addressee or authorized to | > | receive this for the addressee, you must not use, copy, | > | disclose or take any action based on this message or any| > | information herein. If you have received this message in | > | error, please advise the sender immediately by reply e-mail | > | and delete this message. Thank you for your cooperation. | > +-+ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE and 2500 series issue
The 2501 is still very useful for most of the lab scenarios you have to master. The 2600 does open up the Voice issues. ATM is expensive no matter what so it may be better to rent rack time for ATM studies and if you do that it might be a great time to do Voice studies too instead of buying Voice capable stuff for the lab. Just recently I found a configuration for using 2 x 2501s tunneled together on their ethernet ports to make a 4 port frame relay switch. Damn if I can't find it just at this moment But the point is, don't write off the 2501s yet for a study tool. I have a 1005 and a 3002 which do great to add an interface or two at the stubs of a network. 2501s for a good price? GO for it. Kevin Wigle CCDP/CCNP - Original Message - From: "Elijah Savage" <[EMAIL PROTECTED]> To: "Cisco (E-mail)" <[EMAIL PROTECTED]> Sent: Saturday, 17 February, 2001 10:43 Subject: CCIE and 2500 series issue > All, > > I have 2 guys at work that have passed the ccie written and are going to > take the practical at the end of this month. I have 3 2500 series at home 2 > 2501 and a 2503 along with a cisco 804. I have a chance to buy 3 more 2500 > at a very very good price, Our job is replacing them with 2600. But these > guys said its not a good idea to buy all that equipment because the 2500 > will not help you anymore that it would be better to go to the 2600 modular > series. We have a very nice lab that they have setup at work, and they have > went out and purchased some CCIE labs paid like 700 bucks for them. And one > of the labs basically required a 2600 be setup as a frame switch. > I guess now you all can see the dilemma I am in, do I buy these 2500's. > Everyone that is building labs at home to try and conquer this beast with > 2500's are we missing the mark here. I mean I wonder how many have labs at > home that think they are useful? Is it worth the investment anymore? > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco books
Cisco certification books for sale; Sybex CCDA ISBN 0782125344 Sybex CCNA w/ Exam Notes ISBN 0782123813 and 0782125352 (used) $10+ shipping Sybex CCNP ACRC guide ISBN 0782124038 Cisco Press ACRC Exam guide ISBN 0735700753 Cisco Press CCNA Exam guide ISBN 0735700737 Sybex CCNA e-trainer ISBN 0782127983 All books are new (unused), unless otherwise noted. Any book for $20+ shipping, unless otherwise noted. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 3548 not seeing vlans
Here's a Cisco TAC URL that might help your technical problem. http://www.cisco.com/warp/public/793/lan_switching/2.html (As far as your shift key being broken... ) alex campbell wrote: > hello all. > I have a switched network of 2 cat 5500s and 1 3548 > the cat 5500s have rsms, and there are 10 vlans in use which are seen by all > three switches. one of the 5500s is the vtp server. the switches are > connected via gigabit ethernet > now last week i bought another 3548 and gigabit connectors, with the > intention of connecting to the other 3548 and seeing all the vlans. Now > there is a connection (show cdp neigh) and i have copied al the relevant vtp > info and set it to a client. > Yet it refuses to see the other vlans...the original 3 switches can see them > fine. > encapsulation seems ok, so can anyone please give me some pointers ? > > Regards > Alex > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Design Qualification Exam 350-014 will be off-line
Anybody know if it's ever coming back ??? "JimYam" wrote in message <96fdsa$32p$[EMAIL PROTECTED]>... >FYI... > >**The Design qualification exam will be off-line effective February 15, >2001. Please see the What's New page for more information. > >http://cisco.com/warp/public/625/ccie/ccie_program/whatsnew.html#4 >Design Exam Currently Off-line > >The Design lab exam is currently off-line and undergoing revisions. It was >recently introduced in beta form which allowed us to collect some valuable >feedback from those customers who elected to take it. Their feedback, along >with additional observations we made, have resulted in changes that will >make the Design Lab even more relevant to the customers it is intended to >support. An announcement regarding Design Lab availability will be made by >April, 2001. > >The Design qualification exam is also suspended as part of this review, >effective February 15, 2001. Until this review is complete, candidates who >have passed the CCIE Design qualification may use that exam as qualification >for the Routing and Switching lab exam. > >Jim > > > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SolutionLabs
- The SolutionLabs v1.20 Errata has been posted for download from the SolutionLabs website (http://www.solutionlabs.com) under the Support page. --- Thanks --- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Good study guide for CCNP?
Hi Folks: I just passed the CCNA exam and I would like to study CCNP. Could someone give me a suggestion what books will be good resource for my CCNP study? Thanks! John _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE and 2500 series issue
Hi I think your co workers are off the mark a little bit. For the R/S lab you need routers and switches. To be more specific you need routers and switches that mirror the lab functionality, not necessarily the exact model. So from a functionality point of view what does a 2600 give that a 2500 can not. 1) VoIP, VoFR, and VoATM. But keep in mind that the 2600 series require a NV to use a VIC which are expensive, $1000+ and you still need a couple of VICs at about $300 each. Better to get a couple of 1750s with a built-in VIC slot. 2) ATM. Again there are other options, e.g. 4500 or 4700 3) FE for ISL trunking. Here the 2600 is dead on, unless somewhere down the line Cisco adds ISL capability to the 1700s. So get the 2500s and be happy that you have a valid router for your lab work. BTW, when you get labs, don't look at the router model, look at the functionality that it is providing, a 2600 as a FR switch is a laugh! HTH -- John Hardman CCNP MCSE+I "Elijah Savage" <[EMAIL PROTECTED]> wrote in message 83F1C14B5FC6D411B82400A0C90DEDDF0351A3@MRNT">news:83F1C14B5FC6D411B82400A0C90DEDDF0351A3@MRNT... > All, > > I have 2 guys at work that have passed the ccie written and are going to > take the practical at the end of this month. I have 3 2500 series at home 2 > 2501 and a 2503 along with a cisco 804. I have a chance to buy 3 more 2500 > at a very very good price, Our job is replacing them with 2600. But these > guys said its not a good idea to buy all that equipment because the 2500 > will not help you anymore that it would be better to go to the 2600 modular > series. We have a very nice lab that they have setup at work, and they have > went out and purchased some CCIE labs paid like 700 bucks for them. And one > of the labs basically required a 2600 be setup as a frame switch. > I guess now you all can see the dilemma I am in, do I buy these 2500's. > Everyone that is building labs at home to try and conquer this beast with > 2500's are we missing the mark here. I mean I wonder how many have labs at > home that think they are useful? Is it worth the investment anymore? > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Radiator
Its not free, maybe for trial, but not free for normal use. Its an EXCELLENT radius server, I highly recommend. Brian On Mon, 29 Jan 2001, Chiao Liang wrote: > Hi All > > Does anyone know about a radius server known as Radiator? I heard that it's > free and can downloaded from web site, > anyone know where can i get it from? it's is free?? > > Than in advance > Chan > CCDA CCNA > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- I'm buying used CISCO gear!! email me for a quote Brian Feeny e:[EMAIL PROTECTED] CCNP+Voice/ATM/Security p:318.222.2638x109 CCDPf:318.221.6612 Network Administrator ShreveNet Inc. (ASN 11881) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NANOG presentations
I'm giving two tutorials, Exterior Routing 201 and Customer Satisfaction 201, at the NANOG meeting in Atlanta tomorrow. http://www.nanog.org. The presentations will be available on the NANOG site, but I'm not sure if they are yet (I just finished the second one and sent it to the secretariat). While they aren't specifically certification focused, and indeed intended for an ISP audience, they may be useful in understanding BGP and the broader problem of multihoming. Lots of other interesting ISP-oriented programs on Monday and Tuesday. These are often available live on the net, and presentations are usually viewable or downloadable from the web page. -- "What Problem are you trying to solve?" ***send Cisco questions to the list, so all can benefit -- not directly to me*** Howard C. Berkowitz [EMAIL PROTECTED] Technical Director, CertificationZone.com Senior Mgr. IP Protocols & Algorithms, Core Networks Advanced Technology, NortelNetworks (for ID only) but Cisco stockholder! "retired" Certified Cisco Systems Instructor (CID) #93005 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Firewalls and VPNs
This is a less marketing-speak and more technically driven terminology problem than router versus switch, but, again, I fall back on there being no such thing as a router. There are L3 route determination and L3 packet forwarding functions. In the case of the PIX, we have what the IETF is loosely calling a "midbox". It does not have route determination, but it does have packet forwarding. It also has NAT with higher-layer awareness, stateful packet screening, etc. I honestly don't know if the PIX decrements the TTL field when it rewrites a packet header. It has to recompute the IP header checksum (and, indeed, TCP/UDP checksums) if it is NAT'ing, not just inspecting. From my point of view, I'd like the midbox to decrement TTL, to give any chance of a traceroute being meaningful. Of course, if the PIX does NAT, a traceroute is useless. >As someone said yesterday: The PIX will not route, period. It will NAT >(including NAT 0), but it will not route packets between different networks. >If you need routing off any interface on a PIX, you need a router there. > >-- >Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ >List email: [EMAIL PROTECTED] >Homepage: http://jason.artoo.net/ >Cisco resources: http://r2cisco.artoo.net/ > > >"anthony kim" <[EMAIL PROTECTED]> wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >> A device can best be described by its chief function. You can use a >> PIX as a router, just allow everything through. In fact you can use a >> router as a firewall, be selective with access lists. Terminology is >> flexible as long as you're pragmatic about function. >> >> >> On Fri, Feb 16, 2001 at 10:52:06AM -0800, Dan West wrote: >> >PIX - sounds like a router to me - packet forwarding >> >based on layer 3 addressing. It has extra security >> >features and all of a sudden it's a >> >firewall...marketing fluff? or accurate description??? >> >who will uncover this mystery ;> >> > >> >--- mtieast <[EMAIL PROTECTED]> wrote: >> >> I think this comes from the fact that cisco >> >> instructors in class say that >> >> the Pix is not a router. I have heard this as well >> >> when I had the class. >> >> >> >> I know the Pix is not a router, but does it route? >> >> Well, if making decisions >> >> about where to send traffic based on layer 3 info is >> >> routing then I would >> >> argue it does route. It does not forward traffic >> >> based on layer 2 info so >> >> .. >> >> >> >> It routes traffic to the appropriate interface. Can >> >> someone else shed some >> >> light as to why this is said. If it doesn't route >> >> the traffic it recieves >> >> what does it do? >> >> >> >> >> >> >> >> -Original Message- >> >> From: haroldnjoe <[EMAIL PROTECTED]> >> >> Newsgroups: groupstudy.cisco >> >> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> >> >> Date: Friday, February 16, 2001 12:41 PM >> >> Subject: Firewalls and VPNs >> >> >> >> >> >> >I've read here a couple of times that PIX's don't >> >> route. Period. In light >> >> of >> >> >this I'm left a little confused as to a proposed >> >> network map I was given >> >> >recently. >> >> > >> >> >The core layer router is a 3640 linking all of our >> >> branch offices together. >> >> >From the 3640, there is an ethernet connection to a >> >> PIX 515R. From the >> >> PIX, >> >> >there is another ethernet connection to a 1750 >> >> router. The 1750 connects >> >> via >> >> >T1 to our ISP. There is yet another ethernet >> >> connection from the PIX to >> >> the >> >> >isolation lan, on which resides an internet >> >> mail/web server and a VPN 3000 >> >> >concentrator. >> >> > >> >> >If PIX's don't route, what subnet is the isolation >> >> lan going to sit on? As >> >> >I understand it, the PIX will be providing NAT >> >> functionality for the 3640 >> >> >and everything behind it. So I would assume that >> >> the T1 and ethernet >> >> >interfaces on the 1750, the outside interfaces on >> >> the PIX, and everything >> >> in >> >> >the isolation lan including the VPN concentrator >> >> will have to have public > > >> IP >> >> >addresses which will be given to us by our ISP. >> >> The way the map is layed >> >> >out, it looks to me like the isolation lan would >> >> have to be on its own >> >> >subnet. >> >> > >> >> >What am I missing? If the PIX doesn't route, do >> >> it's ethernet interfaces >> >> >reside on the same subnet as the isolation lan? If >> >> so, then the ethernet >> >> >interface on the 1750 must also be on that subnet, >> >> right? >> >> > >> >> >This is the proposed network map that Cisco's >> >> presale engineers gave me. >> >> >I'm sure it's a solid design, but I'm still trying >> >> to work out the details >> >> >so that I understand what I'm implementing (always >> >> a good thing, I think). >> >> > >> >> >Thanks for your time, >> >> > >> >> >[EMAIL PROTECTED] >> >> > >> >> > >> >> >
Re: CCIE and 2500 series issue
I would ask your friends what they believe major differences between the 2600 & the 2500's are. The 2600 is modular & offers a few more advancements (FE modules, etc.). The 2600 is pretty much the same chassis (blue instead of black) & that same slow processor we've all grown to love ;-) I would say your friends are missing the mark here. If they have lab dates already, they'll surly see 2500 @ the testing center. It's widely advertised that 2511's are the method of access in the Cisco lab racks. If you can get 2500's for a reasonable price, I'd jump. As far as using a 2600 as a frame switch, I cannot think of a more expensive method (maybe using a 3640). This is a layer 2 process & the commands you need to support Frame-Relay Switching started in 10.X(X). Most CCIE study-ers are using AGS+'s & MGS's, which both have a max of 11.0(22) IOS. I use a 4500, which I consider the Cadillac of Frame Clouds & maybe a waist of money for such a small job (but my ears like the quite fans :-) All the best in your decision, but again your friends are not demonstrating a great understanding of available hardware in this instance ... Phil - Original Message - From: "Elijah Savage" <[EMAIL PROTECTED]> To: "Cisco (E-mail)" <[EMAIL PROTECTED]> Sent: Saturday, February 17, 2001 1:43 PM Subject: CCIE and 2500 series issue > All, > > I have 2 guys at work that have passed the ccie written and are going to > take the practical at the end of this month. I have 3 2500 series at home 2 > 2501 and a 2503 along with a cisco 804. I have a chance to buy 3 more 2500 > at a very very good price, Our job is replacing them with 2600. But these > guys said its not a good idea to buy all that equipment because the 2500 > will not help you anymore that it would be better to go to the 2600 modular > series. We have a very nice lab that they have setup at work, and they have > went out and purchased some CCIE labs paid like 700 bucks for them. And one > of the labs basically required a 2600 be setup as a frame switch. > I guess now you all can see the dilemma I am in, do I buy these 2500's. > Everyone that is building labs at home to try and conquer this beast with > 2500's are we missing the mark here. I mean I wonder how many have labs at > home that think they are useful? Is it worth the investment anymore? > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE and 2500 series issue
All, I have 2 guys at work that have passed the ccie written and are going to take the practical at the end of this month. I have 3 2500 series at home 2 2501 and a 2503 along with a cisco 804. I have a chance to buy 3 more 2500 at a very very good price, Our job is replacing them with 2600. But these guys said its not a good idea to buy all that equipment because the 2500 will not help you anymore that it would be better to go to the 2600 modular series. We have a very nice lab that they have setup at work, and they have went out and purchased some CCIE labs paid like 700 bucks for them. And one of the labs basically required a 2600 be setup as a frame switch. I guess now you all can see the dilemma I am in, do I buy these 2500's. Everyone that is building labs at home to try and conquer this beast with 2500's are we missing the mark here. I mean I wonder how many have labs at home that think they are useful? Is it worth the investment anymore? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cat 3548 not seeing vlans
hello all. I have a switched network of 2 cat 5500s and 1 3548 the cat 5500s have rsms, and there are 10 vlans in use which are seen by all three switches. one of the 5500s is the vtp server. the switches are connected via gigabit ethernet now last week i bought another 3548 and gigabit connectors, with the intention of connecting to the other 3548 and seeing all the vlans. Now there is a connection (show cdp neigh) and i have copied al the relevant vtp info and set it to a client. Yet it refuses to see the other vlans...the original 3 switches can see them fine. encapsulation seems ok, so can anyone please give me some pointers ? Regards Alex _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: no domain controller available
One thing I do is enable Port Host which not only enables Portfast, but disable the default auto-neg for trunking and channeling. Also, make sure your dia is set right for STP. Jeff "Jim Bond" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello, > > I have users at different buildings (on different > subnets), when they move their laptop to another > building, they have to do ip release/renew, otherwise, > they won't get new ip address. Swithes are > 5000/5500/6500. Port fast is already enabled. Anything > needs to be done on PCs? > > Thanks in advance. > > > Jim > > __ > Do You Yahoo!? > Get personalized email addresses from Yahoo! Mail - only $35 > a year! http://personal.mail.yahoo.com/ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ghost Server and clients using multicast
Since they're in different vlans I had to enable PIM/IGMP and CGMP on the router and then enable CGMP on my closet switches... everything's working liking a charm. Jeff ""Jeff"" <[EMAIL PROTECTED]> wrote in message 96js95$fh3$[EMAIL PROTECTED]">news:96js95$fh3$[EMAIL PROTECTED]... > Does anyone have experience working with a Ghost Server that multicast? I > have a 6509 and 4006's in the closets with multiple VLANs and having > troubles with the client using a boot floppy. It works fine if you iniate > from the server though. > > Thanks in advance, > Jeff > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
LoopBack
Hi, Recently, I done a snffing in my network and it showed a warning -same source destination which I happen to found out is the cisco router doing a loopback every 10 min to itself (router 1720). However I have check the fasteth interface, no loopback been set and no debug on. Is this a common sign? Can someone enlighten me on this? thank you _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: The Juniper Networks Certified Internet Specialist (CIS)JN0-301
I can discern 2 indirect relationships: 1. For people who are bored after achieving CCIE status in 2 or more of the possible tracks AND are desparately seeking to differentiate themselves from all the other CCIEs out there (since it's presumably a little less exclusive each time a new # is doled out), this might be the next certification they pursue. 2. Some of the advanced, non-vendor specific IGP & EGP content comprising the CCIE exams might also be found in the Juniper exams. It would probably be amusing to see how much initial demand there would be if groupstudy or some other capable entity were to set up an analagous mailing list for juniper certification. Nathan <[EMAIL PROTECTED]>@groupstudy.com on 02/17/2001 02:36:30 AM Please respond to Nathan <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Kevin Cullimore) Subject: Re: The Juniper Networks Certified Internet Specialist (CIS)JN0-301 And this relates to groupstudy.cisco how? Muhammad Zahid wrote: > Hi Fellows, > > Is any one have done "The Juniper Networks Certified Internet Specialist > (CIS)JN0-301" please guide me how can i do prepare the exam. > I have 5 year network experience and done my CCNP and almost complete > the CCIE Written preparation. because i failed in it just with the 2%. I > will try again . > but now i want to do the JUNIPER CIS. > > I have done the > > M40 Architecture and Configuration EDU-M40-CON > JUNOS Routing Policy EDU-JUN-RP > Troubleshooting with JUNOS Software EDU-JUN-TS > MPLS Traffic Engineering EDU-JUN-MP > > Bassam Halabi, Internet Routing Architectures > Jeff Doyle, Routing TCP/IP Volume 1 > Radia Perlman, Interconnections > > Now what can i do for the Exam. > > Kindest Regards > Muhammad Zahid > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] +-+ | This message may contain confidential and/or privileged | | information. If you are not the addressee or authorized to | | receive this for the addressee, you must not use, copy, | | disclose or take any action based on this message or any| | information herein. If you have received this message in | | error, please advise the sender immediately by reply e-mail | | and delete this message. Thank you for your cooperation. | +-+ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Favorable purchases and work for you.
Hi! My participant's ID code is 1072. Do you want to earn some money using you computer? Do you want to get the popular electronics , investing $65? Important addition: If you reconsider, you can return your $65 anytime. If the answer is "Yes", please read this letter and/or visit http://www.friendlybuys.com Friendly Buys program gives you all these opportunities. -You may get real, but not virtual, goods. -You may make money, not virtual millions, but you will get your 5-7 thousands per month. -Credit cards are accepted. (Online) -If you reconsider, your $65 will be returned to you by first request. The catalogue is updated regularly, the entire catalogue you may examine on http://www.friendlybuys.com If you are interested with the program and you decide to become its participant, while registration you should enter my ID code: 1072. Attention! I'm terribly sorry if you are not interested in the participation in any sort of net programs and you have received this letter accidentally. I'm not going to use your e-mail to inform you about the program in the future. Good luck! Be happy! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Firewalls and VPNs
Actually, Jason, a PIX will route. The only problem is that it is not designed to do it (there are no WAN interfaces available for it.) And as such is not very scalable. How do you plan on moving traffic if you have 6 to 10 interfaces with 6 to 10 different networks in a PIX? You use STATIC routes. Tim - Original Message - From: "Jason" <[EMAIL PROTECTED]> Newsgroups: groupstudy.cisco To: <[EMAIL PROTECTED]> Sent: Friday, February 16, 2001 11:27 PM Subject: Re: Firewalls and VPNs As someone said yesterday: The PIX will not route, period. It will NAT (including NAT 0), but it will not route packets between different networks. If you need routing off any interface on a PIX, you need a router there. -- Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Cisco resources: http://r2cisco.artoo.net/ "anthony kim" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > A device can best be described by its chief function. You can use a > PIX as a router, just allow everything through. In fact you can use a > router as a firewall, be selective with access lists. Terminology is > flexible as long as you're pragmatic about function. > > > On Fri, Feb 16, 2001 at 10:52:06AM -0800, Dan West wrote: > >PIX - sounds like a router to me - packet forwarding > >based on layer 3 addressing. It has extra security > >features and all of a sudden it's a > >firewall...marketing fluff? or accurate description??? > >who will uncover this mystery ;> > > > >--- mtieast <[EMAIL PROTECTED]> wrote: > >> I think this comes from the fact that cisco > >> instructors in class say that > >> the Pix is not a router. I have heard this as well > >> when I had the class. > >> > >> I know the Pix is not a router, but does it route? > >> Well, if making decisions > >> about where to send traffic based on layer 3 info is > >> routing then I would > >> argue it does route. It does not forward traffic > >> based on layer 2 info so > >> .. > >> > >> It routes traffic to the appropriate interface. Can > >> someone else shed some > >> light as to why this is said. If it doesn't route > >> the traffic it recieves > >> what does it do? > >> > >> > >> > >> -Original Message- > >> From: haroldnjoe <[EMAIL PROTECTED]> > >> Newsgroups: groupstudy.cisco > >> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> > >> Date: Friday, February 16, 2001 12:41 PM > >> Subject: Firewalls and VPNs > >> > >> > >> >I've read here a couple of times that PIX's don't > >> route. Period. In light > >> of > >> >this I'm left a little confused as to a proposed > >> network map I was given > >> >recently. > >> > > >> >The core layer router is a 3640 linking all of our > >> branch offices together. > >> >From the 3640, there is an ethernet connection to a > >> PIX 515R. From the > >> PIX, > >> >there is another ethernet connection to a 1750 > >> router. The 1750 connects > >> via > >> >T1 to our ISP. There is yet another ethernet > >> connection from the PIX to > >> the > >> >isolation lan, on which resides an internet > >> mail/web server and a VPN 3000 > >> >concentrator. > >> > > >> >If PIX's don't route, what subnet is the isolation > >> lan going to sit on? As > >> >I understand it, the PIX will be providing NAT > >> functionality for the 3640 > >> >and everything behind it. So I would assume that > >> the T1 and ethernet > >> >interfaces on the 1750, the outside interfaces on > >> the PIX, and everything > >> in > >> >the isolation lan including the VPN concentrator > >> will have to have public > >> IP > >> >addresses which will be given to us by our ISP. > >> The way the map is layed > >> >out, it looks to me like the isolation lan would > >> have to be on its own > >> >subnet. > >> > > >> >What am I missing? If the PIX doesn't route, do > >> it's ethernet interfaces > >> >reside on the same subnet as the isolation lan? If > >> so, then the ethernet > >> >interface on the 1750 must also be on that subnet, > >> right? > >> > > >> >This is the proposed network map that Cisco's > >> presale engineers gave me. > >> >I'm sure it's a solid design, but I'm still trying > >> to work out the details > >> >so that I understand what I'm implementing (always > >> a good thing, I think). > >> > > >> >Thanks for your time, > >> > > >> >[EMAIL PROTECTED] > >> > > >> > > >> >_ > >> >FAQ, list archives, and subscription info: > >> http://www.groupstudy.com/list/cisco.html > >> >Report misconduct and Nondisclosure violations to > >> [EMAIL PROTECTED] > >> > > >> > >> _ > >> FAQ, list archives, and subscription info: > >> http://www.groupstudy.com/list/cisco.html > >> Report misconduct and Nondisclosure violations to > >[EMAIL PROTECTED] > > > > > >= > >from The Big Lebowski... > > > >The Dude: You sure he won't mind? > >Bunny: Dieter doesn't care about anything. He's a nihilist. > >The Dude: Ohh
ISDN Simulator (rent or lease) Wanted
Hello All, Does anyone know where I can rent or lease an ISDN simulator such as a Teltone for my CCIE prep lab? I'd rather spend a few hundred dollars and rent one for a month as opposed to buying one for $1800.00. And I haven't seen any on Ebay for a while. Thanks, Pete _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Bandwidth Monitor
Look into a PERL script called MRTG which will let you graph your traffic usage on your lease line. Srihari Babu wrote in message <[EMAIL PROTECTED]>... >hi all, >i want to know about bandwith monitor.by >which i can check the bandwidth of my leased line. >because i am not getting sufficient bandwidth fron my >ISP> >i would like to know whether my ISP is not providiing >sufficient bandwidht what he promised, or there may be >a problem in our LAN.how to know the band width. is >there any tools to check the leased line bandwidth. >please help. > >thanks in advance. > > >SRIHARI > >--- John Neiberger <[EMAIL PROTECTED]> wrote: >> We have a 7513 as our backbone router and pre-12.0 >> it was running on average at maybe 9-10% CPU. After >> upgrading to 12.1 and turning on CEF, that dropped >> to around 5%. That's really not a good test because >> we were hardly pushing the thing to begin with. >> Still, it does seem to make a noticable difference >> and we haven't had any problems with it. >> >> By the way, off-topic, I seem to have resolved the >> problems I had with excitemail, so I've moved back >> to using [EMAIL PROTECTED] Lately, my email address >> has been changing almost daily! >> >> John >> >> > >> > John, Bob, Raj, Phillip and the Group, >> > >> > I hadn't thought of CEF much as I "thought" it >> wasn't available on the >> > smaller routers. i.e. - only on the routers with >> line cards etc. >> > >> > However, I just enabled CEF on a 2611 and it >> created its table on the fly in >> > no time flat. The 2611 won't do dCEF however. >> Also, the smaller routers >> > can't do cef accounting. >> > >> > Anyway, now I have to mock something up in the lab >> to see if we can >> > determine how much of any improvement CEF will >> give us. Since we're not >> > using CEF anywhere in our network I can't just >> turn it on without a bit more >> > research. >> > >> > If it only lessens the CPU load by a few percent >> then bigger hardware is in >> > our future, but if we see gains of 20% or more >> then CEF would indeed be a >> > cheap solution. >> > >> > I noticed that CEF has issues with policy routing >> and other features - but >> > so far we're not using any of them. >> > >> > So, another question - does anyone have any >> idea/experience on how much CEF >> > will gain for us? Given the average 50% load on >> the router - practically >> > all switching load??? >> > >> > tia >> > >> > Kevin Wigle >> > >> > >> > - Original Message - >> > From: "John Neiberger" <[EMAIL PROTECTED]> >> > To: <[EMAIL PROTECTED]> >> > Cc: <[EMAIL PROTECTED]> >> > Sent: Monday, February 12, 2001 4:11 PM >> > Subject: Re: Can someone interpret this please? >> > >> > >> > > I just checked CCO and there are so many >> CPU-related bugs in 12.0(5) that >> > I stopped counting after a while. You might want >> to upgrade, if feasible. >> > > >> > > Also, try doing a show align to see if you're >> getting spurious memory >> > access errors. One of the bugs mentioned a high >> CPU usage due to these. >> > > >> > > HTH, >> > > John >> > > >> > > > >> > > > Bob, Phil - and the group. >> > > > >> > > > Thanks for the input, gives me more to think >> about. >> > > > >> > > > Some more history.. >> > > > >> > > > This router is a 3620 with OC3 and >> FastEthernet interfaces. It has 48 >> > meg >> > > > and is running 12.0(5)XK1. >> > > > >> > > > According to Cisco's docs, the 3620 should be >> able to handle around >> > 20-40 >> > > > kpps. >> > > > >> > > > However, the router shows only around 2.6 kpps >> almost evenly split >> > in/out. >> > > > >> > > > I have been unable to verify exactly on CCO >> but I suspect that a 3620 >> > cannot >> > > > handle (very well) two high-speed interfaces - >> more specifically if one >> > is >> > > > OC3. >> > > > >> > > > I have found info where Cisco, when talking >> about the OC3 interface for >> > the >> > > > 3600 series stated: >> > > > >> > > > "Max two high-speed network modules in a Cisco >> 3640 (includes Fast >> > Ethernet, >> > > > ATM, HSSI)" >> > > > >> > > > Now the 3640 has a 100mhz processor and the >> 3620 has a 80 mhz processor. >> > > > >> > > > I'm wondering if the SAR process is >> overwhelming the 3620? I'm sure I >> > read >> > > > someplace that only one high-speed interface >> was recommended for the >> > 3620 >> > > > but I haven't found that info again. >> > > > >> > > > Considering the low level of traffic, what >> else could be keeping the cpu >> > > > utilization up so high? Need more info. >> let me know! >> > > > >> > > > Kevin Wigle >> > > > >> > > > >> > > > - Original Message - >> > > > From: "Phillip Heller" <[EMAIL PROTECTED]> >> > > > To: "Kevin Wigle" <[EMAIL PROTECTED]> >> > > > Cc: "cisco" <[EMAIL PROTECTED]> >> > > > Sent: Monday, February 12, 2001 2:12 PM >> > > > Subject: Re: Can someone interpret this >> please? >> > > > >> > > > >> > > > > On Mon, 12 Feb 2001, Kevin Wigle wrote: >> > > > > >> > > > > Dear group, >
Re: Problems?
Yes, Cisco cancelled the CCIE and all certification programs after Juniper announced they are going to open source their CLI software. (Hey, Juniper: *HINT*) I just changed my shell to `junosh' on my FreeBSD box. Now only if I could run `tin' inside it. I guess I will just have to stick with telneting to port 119 and reading groupstudy that way ;< -dre "Drew Simonis" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > List traffic has decreased dramatically in the last week (only > 4 messages this week). > > Is it just me? > > -ds > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
