Router Repair - Best Option
Hello all, I started building my lab for my upcoming CCIE test and bought several routers off of e-bay. The D-60 serial interface on one of the 2500 routers has mangled pins and makes the interface unusable...I need both interfaces. Where can I get the D-60 connector replaced quickly and cheaply ? Thanks in advance. --perry _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ethernet address question (long)
First. Thank you very much answering my question. Let me clarify some background about this MAC-address case. We have many different IP-subnets at same side of router. Please don't ask me why, it's too long story to tell here :-) Some of traffic which goes to router and back is targeted at layer-2 to this 00:00:00:00:00:01 ethernet address. Still Layer-3 destination address vary depending targeted IP-host. Problem is that our Layer-2 switches pass through these 00:00:00:00:00:01 frames even Layer-3 (IP) hosts are in other parts of our Layer-2 switched network. Example: Source: IP-HostA 10.65.10.1/16 - Destination: IP-HostB 10.100.100.10/16 Packet goes to Default router as it should (10.65.0.1) and leaves from same router interface to other network. BUT when it leaves router, MAC-Destination address is sometimes this strange 00:00:00:00:01. And this is Unicast packet from/to Telnet or POP3 services (for example). Source and Destination IP-hosts are not same pair ie. they may be whatever IP-hosts in whatever different subnets. This problem appears in traffic to any direction in any subnets in any OS-system type. I think our router is doing something strange, but because I can't get it's configuration I can't tell you more details from there at the moment (It's Cisco router). That's why I'm interested to know something about this MAC-address. PS. We have also DECnet,IPX and LAT traffic in our network, but these problem packets are definitely IP traffic. -- Regards Janne Kettunen CCNA, CFFE _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco VPN client
Hi, I was wondering in what fashion the softnet/soft-pk software works, capi,pkcsii, etc. Thank you in advance Gil Shulman _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIP does not advertise in IGRP - what's wrong?
Thomas, You might want to look at what metrics you are using on redistribution... router rip redistribute igrp 200 metric 4 16 is unreachable...! router igrp 200 redistribute rip metric bandwidth delay reliability load mtu You see these protocols don't use the same metrics so you must tell them how to redistributed... HTH Nigel.. - Original Message - From: Vincent [EMAIL PROTECTED] Newsgroups: groupstudy.cisco To: [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 1:23 AM Subject: Re: RIP does not advertise in IGRP - what's wrong? using eigrp in your network 10.0.0.0 instead. turn on auto-summary. probably you can ping. ""Thomas"" [EMAIL PROTECTED] ¼¶¼g©ó¶l¥ó 99k20t$s6p$[EMAIL PROTECTED]">news:99k20t$s6p$[EMAIL PROTECTED]... Hi All - In my network enviroment, I have LANs with 10.x.0.0/16 networks and WAN with 192.168.10.0/24. I use RIP for LAN and IGRP for WAN. On RIP, I redistribute IGRP, and vice versa, on IGRP I redistribute RIP. However, I cannot ping from one LAN to the other LAN. If I put a static route to specify the next hop, then I can ping the other LAN. Is there a way to have the network learn all the LAN dynamically, instead of static route? I am running IOS ver 11.3 on both routers. Here is my configuration: --- Router1# ! interface Ethernet0/0 ip address 10.1.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.1 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router1# -- -- -- Router2# ! interface Ethernet0/0 ip address 10.2.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.2 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router2# -- -- -- Thanks All in advance! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Home Lab Cost (GBP)
Hi, I'm trying to find out the cost (in GBP) of setting up a home lab for the CCNP. I'm fairly sure I'm going with a 2501 2503 (I'll add a switch later). Thanks, Graham _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router Repair - Best Option
buy a SmartNet, hold the router for a few weeks to a month send it back under warranty. There is nothing you can do. These interfaces are built into the motherboard. Phil - Original Message - From: "perryb" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 8:42 AM Subject: Router Repair - Best Option Hello all, I started building my lab for my upcoming CCIE test and bought several routers off of e-bay. The D-60 serial interface on one of the 2500 routers has mangled pins and makes the interface unusable...I need both interfaces. Where can I get the D-60 connector replaced quickly and cheaply ? Thanks in advance. --perry _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID BETA
14 weeks and still waiting "Tim Noonan" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi. Has anyone got the results from the CID beta test yet? I have taken several beta test and this is the longest I have had to wait for the results. Thanks, Tim Ps. Please cc me with any reply becuase I don't have access to the mailing list right now. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP 1.0 and 2.0
I am going to takes BCMSN tomorrow. I just coming to find the CLSL is quite different from BCMSN. Can anyone tell me if it is true that BCMSN cares less on the the line cards or some other switch engines. I thought they should be some what similar. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bri flapping with demand cirquit/igrp redistribution
James, On your access list 15 try changing the mask to .255 instead of .3, even though you are using a 30 bit mask at the interface. This has worked for me before. jer At 09:59 AM 3/24/2001 -0800, James wrote: it shouldn't. its layer two, and if you put dialer in debug you see that it is shown as uninteresting traffic. - Original Message - From: "perez claude-vincent" [EMAIL PROTECTED] To: "Ya Wen" [EMAIL PROTECTED]; "Patrick Murphy" [EMAIL PROTECTED]; "Leah Lynch" [EMAIL PROTECTED]; "'Jay Chandradas'" [EMAIL PROTECTED]; "'Chris Larson'" [EMAIL PROTECTED]; "'Bob Boone'" [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, March 24, 2001 6:22 AM Subject: RE: bri flapping with demand cirquit/igrp redistribution Can somebody tell me how come CDP may bring the line up? As you know, it works only in layer 2 as said before. Your dialer-list works at layer 3 4 only. Did I miss something? :-( --- Ya Wen [EMAIL PROTECTED] wrote: Try remove the "log" from the access-list 15 associated with the route-map stuff. Also, you do not need the summary-address under OSPF. -Ya -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Murphy Sent: Friday, March 23, 2001 5:04 PM To: Leah Lynch; 'Jay Chandradas'; 'Chris Larson'; 'Bob Boone'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: bri flapping with demand cirquit/igrp redistribution Also check the BRI interface and see if you see IPCDP, it should disapper when you no cdp en! Patrick - Original Message - From: "Leah Lynch" [EMAIL PROTECTED] To: "'Jay Chandradas'" [EMAIL PROTECTED]; "'Chris Larson'" [EMAIL PROTECTED]; "'Bob Boone'" [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, March 23, 2001 7:45 PM Subject: RE: bri flapping with demand cirquit/igrp redistribution I think you normally disable CDP in dialup lines for efficiency. Leah -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jay Chandradas Sent: Friday, March 23, 2001 2:57 PM To: Chris Larson; Bob Boone; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: bri flapping with demand cirquit/igrp redistribution I am not sure CDP will keep the line up ? And ur interesting traffic is permit ip any any . I dont think CDP will keep the line up. When u do a debug ip pack.. u can nvr see CDP.. CDP is layer 2. my 0.02 - Original Message - From: "Chris Larson" [EMAIL PROTECTED] To: "Bob Boone" [EMAIL PROTECTED]; "Jay Chandradas" [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, March 23, 2001 2:40 PM Subject: RE: bri flapping with demand cirquit/igrp redistribution Will CDP keep the line up? Turn off CDP. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bob Boone Sent: Friday, March 16, 2001 5:30 PM To: Jay Chandradas; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: bri flapping with demand cirquit/igrp redistribution Yes i do have passive BRI on IGRP, and also, the way it is done now, it restricts ALL networks, if you look at the access-list 15 it has one statement and then explisit deny all. still not working. - Original Message - From: "Jay Chandradas" [EMAIL PROTECTED] To: "Netguy" [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, March 16, 2001 12:22 PM Subject: Re: bri flapping with demand cirquit/igrp redistribution 1. DO u have a passive interface on bri0 under router IGRP 2. I wud do this way !! when u r redisributing into OSPG .. allow only the IGRP networks ( including the network conneted with is running IGRP ) Jay when u r redistributing into - Original Message - From: "Netguy" [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, March 16, 2001 12:01 PM Subject: bri flapping with demand cirquit/igrp redistribution Hello all you happy people. Router A has ospf/igrp mutual redistribution and bri int dialing elsewhere with demand circuit. it keeps flapping. i followed someone's advice and created a route/map filter to filter out bri network from igrp redistributing back into ospf. what the hell am i doing wrong? i know its a big thing that lots of people had problems with. here's the key configs: interface BRI0/0 ip address 173.5.8.1 255.255.255.252 encapsulation ppp ip ospf demand-circuit dialer idle-timeout 15 dialer map ip 173.5.8.2 name R5 broadcast 8667007 dialer map ip 173.5.8.2 name R5 broadcast 8667008 dialer
Cisco Book, High Availability Networking with Cisco
I just bought the High Availability Networking with Cisco router and I must say it's OUTSTANDING. The author goes into many great topic's, that other books don't. I would encourage everyone to at least look at it. You can get online or your local book store Autor Vincent C. Jones ISBN # 0201704552 Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Book, High Availability Networking with Cisco
I just bought the High Availability Networking with Cisco router and I must say it's OUTSTANDING. The author goes into many great topic's, that other books don't. I would encourage everyone to at least look at it. You can get online or your local book store Autor Vincent C. Jones ISBN # 0201704552 Brian I'm reading it now, and my first reactions also are favorable. It's not precisely aimed at an exam, but that's not necessarily bad. For those of you that read CertificationZone, we've been finding it useful to publish what we call "metapapers" internally -- papers that talk about real areas of application and help integrate different parts of the technologies discussed in the roadmaps. Bruce Caslow has taken a different but complementary approach to presenting information not just at the configuration level, with his problem recognition methodology. This book does such integration at book length, and does consider selected non-Cisco devices. In my newest book, WAN Survival Guide, I go into more fault tolerance mechanisms, but deliberately do not provide configurations since my emphasis is on design. A more detailed review will follow. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OFF TOPIC - Juniper's concept of multiple routing tables.
Hi Folks, Can anyone ( specially the likes of Berkowitzs, Forsyths, Oppenheimers, etc ) comment on the advantages of having multiple "IP routing tables" in a router such as featured by Juniper in its M-Series machines. Would it not consume comparatively more hardware resources on a router in terms of RAM, CPU cycles, etc ? Thanks in advance. Aziz S. Islam _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP Classless Revisited (this is just odd...)
Sure, I'll try that but I don't see why it should matter. As I understand it, ip classless affects routing table lookups only and it doesn't care how those routes were installed into the table. Although, given this behavior, my assumption might be wrong. Thanks, John John, Interesting. I think this is due to OSPF, not redistribution problem. Can you try running RIP instead of OSPF ? Cheers, YY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, March 25, 2001 5:28 AM To: [EMAIL PROTECTED] Subject: IP Classless Revisited (this is just odd...) Ok, just when you thought it was safe to go back in the water Or should I say, just when I thought I understood the behavior of 'ip classess' and 'no ip classless' Let me summarize my lab setup. RouterA-RouterB--RouterC Pretty simple. AtoB is 10.1.1.0/24, BtoA is 10.1.2.0/24. OSPF is running on both links. 'ip classless' is on A and C, but not B initially. On B I see these routes: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 That's what I expect to see. Then I add a default route on B, 'ip route 0.0.0.0 0.0.0.0 10.1.1.2'. With no ip classless configured, any packets to unknown subnets of 10.0.0.0/8 should be dropped. I tested it and that is the case. With 'ip classless' configured, and unknown packets regardless of major network get routed to 10.1.1.2. Now here is what I don't understand. Let's turn off ip classless on B again, then go to Router C and add a default route to null0 and default-information originate to the ospf process. I now see this in router B: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 O*E2 0.0.0.0/0 [110/1] via 10.1.2.2, 00:06:38, Serial1 There is indeed a default route. With no ip classless configured, I would expect the same behavior as before. If I were to ping 10.5.5.5 the packets should be unroutable, but they're not! They get routed to the default route whether or not ip classless is configured. Why is a default route learned through a routing protocol treated differently than a manually configured default route? I went through this entire process twice and I just don't understand the behavior. What am I missing? I know it's going to be something obvious, but I don't see it yet. Ok, I just now tried this: with the ospf external default route still in the routing table, I pinged 10.5.5.5 and it took the default route. Then I manually added a default static route and the destination became unroutable due to 'no ip classless' being configured. Removing the static default it becomes routable again. Weird. What's going on? Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIP does not advertise in IGRP - what's wrong?
If I understand your topology, the problem is that you are running RIP and IGRP with a discontiguous classfull network. Let me rephrase that. g It appears that your network looks like this: A 10.1.0.0 - 192.168.10.0 -- B 10.2.0.0 RIP and IGRP cannot pass subnet mask information in their routing updates. This means that router A above thinks that the entire 10.0.0.0 network --not just 10.1.0.0/16-- resides to its left. Router B think the entire 10.0.0.0/16 network resides to its right. These routers will get very confused and will behave in the manner that you're seeing. To correct this behavior you must run a classless routing protocol that includes subnet mask information in its updates, so your options are eigrp, ospf, and is-is. This will solve your problem. I hope that makes sense. I just woke up and I'm still pretty groggy! Regards, John Hi All - In my network enviroment, I have LANs with 10.x.0.0/16 networks and WAN with 192.168.10.0/24. I use RIP for LAN and IGRP for WAN. On RIP, I redistribute IGRP, and vice versa, on IGRP I redistribute RIP. However, I cannot ping from one LAN to the other LAN. If I put a static route to specify the next hop, then I can ping the other LAN. Is there a way to have the network learn all the LAN dynamically, instead of static route? I am running IOS ver 11.3 on both routers. Here is my configuration: --- Router1# ! interface Ethernet0/0 ip address 10.1.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.1 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router1# -- Router2# ! interface Ethernet0/0 ip address 10.2.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.2 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router2# -- Thanks All in advance! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP Classless Revisited (More info)
Okay, I just tried this with RIP advertising the default route and I'm even more confused! Now, it behaves as I would expect. With no ip classless, pings to unknown 10.x.x.x subnets are unroutable even though there is a default route in the routing table. With no ip classless, why does my router take the default route when it was installed by OSPF but not when it was installed by RIP? I would expect it to never take the default route for 10.x.x.x addresses with no ip classless. This really concerns me because I was taking a practice CCIE written exam a few days ago and ran across a question like this and I answered the question assuming normal behavior of no ip classless and got it right. Now I'm thinking there are some more twists to its behavior that i'm not aware of. John Sure, I'll try that but I don't see why it should matter. As I understand it, ip classless affects routing table lookups only and it doesn't care how those routes were installed into the table. Although, given this behavior, my assumption might be wrong. Thanks, John John, Interesting. I think this is due to OSPF, not redistribution problem. Can you try running RIP instead of OSPF ? Cheers, YY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, March 25, 2001 5:28 AM To: [EMAIL PROTECTED] Subject: IP Classless Revisited (this is just odd...) Ok, just when you thought it was safe to go back in the water Or should I say, just when I thought I understood the behavior of 'ip classess' and 'no ip classless' Let me summarize my lab setup. RouterA-RouterB--RouterC Pretty simple. AtoB is 10.1.1.0/24, BtoA is 10.1.2.0/24. OSPF is running on both links. 'ip classless' is on A and C, but not B initially. On B I see these routes: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 That's what I expect to see. Then I add a default route on B, 'ip route 0.0.0.0 0.0.0.0 10.1.1.2'. With no ip classless configured, any packets to unknown subnets of 10.0.0.0/8 should be dropped. I tested it and that is the case. With 'ip classless' configured, and unknown packets regardless of major network get routed to 10.1.1.2. Now here is what I don't understand. Let's turn off ip classless on B again, then go to Router C and add a default route to null0 and default-information originate to the ospf process. I now see this in router B: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 O*E2 0.0.0.0/0 [110/1] via 10.1.2.2, 00:06:38, Serial1 There is indeed a default route. With no ip classless configured, I would expect the same behavior as before. If I were to ping 10.5.5.5 the packets should be unroutable, but they're not! They get routed to the default route whether or not ip classless is configured. Why is a default route learned through a routing protocol treated differently than a manually configured default route? I went through this entire process twice and I just don't understand the behavior. What am I missing? I know it's going to be something obvious, but I don't see it yet. Ok, I just now tried this: with the ospf external default route still in the routing table, I pinged 10.5.5.5 and it took the default route. Then I manually added a default static route and the destination became unroutable due to 'no ip classless' being configured. Removing the static default it becomes routable again. Weird. What's going on? Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure
Re: RIP does not advertise in IGRP - what's wrong?
Thanks John! It starts to make sense to me know! Is it possible to take out RIP and just run EIGRP without "passive-interface" and "redistribute"? If so what's the trade off? Again Thanks for the help! "John Neiberger" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If I understand your topology, the problem is that you are running RIP and IGRP with a discontiguous classfull network. Let me rephrase that. g It appears that your network looks like this: A 10.1.0.0 - 192.168.10.0 -- B 10.2.0.0 RIP and IGRP cannot pass subnet mask information in their routing updates. This means that router A above thinks that the entire 10.0.0.0 network --not just 10.1.0.0/16-- resides to its left. Router B think the entire 10.0.0.0/16 network resides to its right. These routers will get very confused and will behave in the manner that you're seeing. To correct this behavior you must run a classless routing protocol that includes subnet mask information in its updates, so your options are eigrp, ospf, and is-is. This will solve your problem. I hope that makes sense. I just woke up and I'm still pretty groggy! Regards, John Hi All - In my network enviroment, I have LANs with 10.x.0.0/16 networks and WAN with 192.168.10.0/24. I use RIP for LAN and IGRP for WAN. On RIP, I redistribute IGRP, and vice versa, on IGRP I redistribute RIP. However, I cannot ping from one LAN to the other LAN. If I put a static route to specify the next hop, then I can ping the other LAN. Is there a way to have the network learn all the LAN dynamically, instead of static route? I am running IOS ver 11.3 on both routers. Here is my configuration: --- Router1# ! interface Ethernet0/0 ip address 10.1.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.1 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router1# -- -- -- Router2# ! interface Ethernet0/0 ip address 10.2.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.2 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router2# -- -- -- Thanks All in advance! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OFF TOPIC - Juniper's concept of multiple routing tables.
Hi Folks, Can anyone ( specially the likes of Berkowitzs, Forsyths, Oppenheimers, etc ) comment on the advantages of having multiple "IP routing tables" in a router such as featured by Juniper in its M-Series machines. Would it not consume comparatively more hardware resources on a router in terms of RAM, CPU cycles, etc ? Thanks in advance. Aziz S. Islam I'm not an expert on Juniper's implementation, but I am going to assume, by routing table, you refer to multiple routing information bases (RIB), not multiple forwarding information bases (FIB). Multiple FIBs are necessary in any high-performance implementation that uses distributed forwarding, such as dCEF. Frankly, there's a religious war among protocol architects about whether to have one main routing table and process into which you load more and more state, or multiple routing tables/instances for different communities of interest. These issues are especially heated when dealing with VPNs. If you look through IETF drafts, you will find lots of different opinions. RFC2547 style VPNs, for example, load lots and lots of VPN state into a provider's BGP. Admittedly, not all this state information is propagated to other providers. Even if you are doing a multiprovider VPN, only subsets will be advertised outside the provider. But there are certainly concerns about the amount of state and complexity this adds to BGP. There are some proposals to do a 2547-variant using IGPs to disseminate information within providers. I like this somewhat better, although I haven't done detailed analysis. A comment from the audience at the last NANOG, with respect to 2547: "if this is the answer, it must have been a pretty stupid question." The multiple virtual router approach reduces the amount of state that any single process has to maintain, but may have operational limitations (or operational benefits, depending on your point of view) in that it doesn't show a consistent, provider-wide view of routing. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP 1.0 and 2.0
BCMSN does care less about the line cards and processors, but you had better understand multilayer switching. Best Regards, Chad A. Simmons, MCSE, CCNP, CCDP Network Consultant Network Services Group Court Square Data Group, Inc. 1391 Main St. Springfield, Ma. 01103 (413) 746-0054 (Phone) (413) 746-0058 (Fax) [EMAIL PROTECTED] http://www.csdg.com Information solutions that work in the real world. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 9:03 AM To: Cisco Subject: CCNP 1.0 and 2.0 I am going to takes BCMSN tomorrow. I just coming to find the CLSL is quite different from BCMSN. Can anyone tell me if it is true that BCMSN cares less on the the line cards or some other switch engines. I thought they should be some what similar. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Routing on a stick with 3Com Switch?
should work on 802.1q ""Thomas"" [EMAIL PROTECTED] ¼¶¼g©ó¶l¥ó 99h0pd$471$[EMAIL PROTECTED]">news:99h0pd$471$[EMAIL PROTECTED]... Hi All - I wonder if it is possible to implement the "Routing on a stick" method using Cisco 3620 router (with 1 fast ethernet port) and the 3Com CoreBuilder 5000 switch? Thanks in advance!!! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP Classless Revisited (More info)
I guess in faovour of metric. "John Neiberger" [EMAIL PROTECTED] ¼¶¼g©ó¶l¥ó [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Okay, I just tried this with RIP advertising the default route and I'm even more confused! Now, it behaves as I would expect. With no ip classless, pings to unknown 10.x.x.x subnets are unroutable even though there is a default route in the routing table. With no ip classless, why does my router take the default route when it was installed by OSPF but not when it was installed by RIP? I would expect it to never take the default route for 10.x.x.x addresses with no ip classless. This really concerns me because I was taking a practice CCIE written exam a few days ago and ran across a question like this and I answered the question assuming normal behavior of no ip classless and got it right. Now I'm thinking there are some more twists to its behavior that i'm not aware of. John Sure, I'll try that but I don't see why it should matter. As I understand it, ip classless affects routing table lookups only and it doesn't care how those routes were installed into the table. Although, given this behavior, my assumption might be wrong. Thanks, John John, Interesting. I think this is due to OSPF, not redistribution problem. Can you try running RIP instead of OSPF ? Cheers, YY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, March 25, 2001 5:28 AM To: [EMAIL PROTECTED] Subject: IP Classless Revisited (this is just odd...) Ok, just when you thought it was safe to go back in the water Or should I say, just when I thought I understood the behavior of 'ip classess' and 'no ip classless' Let me summarize my lab setup. RouterA-RouterB--RouterC Pretty simple. AtoB is 10.1.1.0/24, BtoA is 10.1.2.0/24. OSPF is running on both links. 'ip classless' is on A and C, but not B initially. On B I see these routes: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 That's what I expect to see. Then I add a default route on B, 'ip route 0.0.0.0 0.0.0.0 10.1.1.2'. With no ip classless configured, any packets to unknown subnets of 10.0.0.0/8 should be dropped. I tested it and that is the case. With 'ip classless' configured, and unknown packets regardless of major network get routed to 10.1.1.2. Now here is what I don't understand. Let's turn off ip classless on B again, then go to Router C and add a default route to null0 and default-information originate to the ospf process. I now see this in router B: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 O*E2 0.0.0.0/0 [110/1] via 10.1.2.2, 00:06:38, Serial1 There is indeed a default route. With no ip classless configured, I would expect the same behavior as before. If I were to ping 10.5.5.5 the packets should be unroutable, but they're not! They get routed to the default route whether or not ip classless is configured. Why is a default route learned through a routing protocol treated differently than a manually configured default route? I went through this entire process twice and I just don't understand the behavior. What am I missing? I know it's going to be something obvious, but I don't see it yet. Ok, I just now tried this: with the ospf external default route still in the routing table, I pinged 10.5.5.5 and it took the default route. Then I manually added a default static route and the destination became unroutable due to 'no ip classless' being configured. Removing the static default it becomes routable again. Weird. What's going on? Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card
Cisco IDS + Cisco Secure Policy Manager
Hi! I'm trying to setup a configuration mentioned in the subject... Everything works nice with sensing, shunning, alarming, etc... but I have one question. Should I direct the syslog data stream to the sensor or to the policy manager when monitoring ACL violations? -- cU, Laszlo Csosza _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
redundant serial links in same subnet??
I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router ARouter B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIP does not advertise in IGRP - what's wrong?
Without knowing why you originally chose to run both RIP and IGRP, I can't tell you exactly what the trade-offs might be. Unless you have some other non-Cisco devices (like Unix boxes) that need to listen to RIP updates, why not turn off both RIP and IGRP and then only run EIGRP? You wouldn't have to worry about those redistribution issues if you were running a single routing protocol. HTH, John Thanks John! It starts to make sense to me know! Is it possible to take out RIP and just run EIGRP without "passive-interface" and "redistribute"? If so what's the trade off? Again Thanks for the help! "John Neiberger" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If I understand your topology, the problem is that you are running RIP and IGRP with a discontiguous classfull network. Let me rephrase that. g It appears that your network looks like this: A 10.1.0.0 - 192.168.10.0 -- B 10.2.0.0 RIP and IGRP cannot pass subnet mask information in their routing updates. This means that router A above thinks that the entire 10.0.0.0 network --not just 10.1.0.0/16-- resides to its left. Router B think the entire 10.0.0.0/16 network resides to its right. These routers will get very confused and will behave in the manner that you're seeing. To correct this behavior you must run a classless routing protocol that includes subnet mask information in its updates, so your options are eigrp, ospf, and is-is. This will solve your problem. I hope that makes sense. I just woke up and I'm still pretty groggy! Regards, John Hi All - In my network enviroment, I have LANs with 10.x.0.0/16 networks and WAN with 192.168.10.0/24. I use RIP for LAN and IGRP for WAN. On RIP, I redistribute IGRP, and vice versa, on IGRP I redistribute RIP. However, I cannot ping from one LAN to the other LAN. If I put a static route to specify the next hop, then I can ping the other LAN. Is there a way to have the network learn all the LAN dynamically, instead of static route? I am running IOS ver 11.3 on both routers. Here is my configuration: --- Router1# ! interface Ethernet0/0 ip address 10.1.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.1 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router1# -- -- -- Router2# ! interface Ethernet0/0 ip address 10.2.100.100 255.255.0.0 ! ! interface Serial0/0 ip address 192.168.10.2 255.255.255.0 encapsulation frame-relay keepalive 5 ! ! router rip redistribute igrp 200 passive-interface Serial0/0 passive-interface Serial0/1 network 10.0.0.0 ! router igrp 200 redistribute rip passive-interface Ethernet0/0 network 192.168.10.0 no default-information in no default-information out ! .. ! Router2# -- -- -- Thanks All in advance! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP Classless Revisited (More info)
Metric shouldn't have anything to do with it. Whether I'm using RIP or OSPF the default route is being added to the routing table of the hub router. The issue is that with no ip classless configured, the hub router should NOT ever pick the default route when trying to reach unknown subnets of the 10.x.x.x network. In my case, when RIP installed the default route it behaves correctly. When OSPF installed the route it behaved as if 'ip classless' were configured. Very odd. John I guess in faovour of metric. "John Neiberger" [EMAIL PROTECTED] ¼¶¼g©ó¶l¥ó [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Okay, I just tried this with RIP advertising the default route and I'm even more confused! Now, it behaves as I would expect. With no ip classless, pings to unknown 10.x.x.x subnets are unroutable even though there is a default route in the routing table. With no ip classless, why does my router take the default route when it was installed by OSPF but not when it was installed by RIP? I would expect it to never take the default route for 10.x.x.x addresses with no ip classless. This really concerns me because I was taking a practice CCIE written exam a few days ago and ran across a question like this and I answered the question assuming normal behavior of no ip classless and got it right. Now I'm thinking there are some more twists to its behavior that i'm not aware of. John Sure, I'll try that but I don't see why it should matter. As I understand it, ip classless affects routing table lookups only and it doesn't care how those routes were installed into the table. Although, given this behavior, my assumption might be wrong. Thanks, John John, Interesting. I think this is due to OSPF, not redistribution problem. Can you try running RIP instead of OSPF ? Cheers, YY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, March 25, 2001 5:28 AM To: [EMAIL PROTECTED] Subject: IP Classless Revisited (this is just odd...) Ok, just when you thought it was safe to go back in the water Or should I say, just when I thought I understood the behavior of 'ip classess' and 'no ip classless' Let me summarize my lab setup. RouterA-RouterB--RouterC Pretty simple. AtoB is 10.1.1.0/24, BtoA is 10.1.2.0/24. OSPF is running on both links. 'ip classless' is on A and C, but not B initially. On B I see these routes: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 That's what I expect to see. Then I add a default route on B, 'ip route 0.0.0.0 0.0.0.0 10.1.1.2'. With no ip classless configured, any packets to unknown subnets of 10.0.0.0/8 should be dropped. I tested it and that is the case. With 'ip classless' configured, and unknown packets regardless of major network get routed to 10.1.1.2. Now here is what I don't understand. Let's turn off ip classless on B again, then go to Router C and add a default route to null0 and default-information originate to the ospf process. I now see this in router B: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 O*E2 0.0.0.0/0 [110/1] via 10.1.2.2, 00:06:38, Serial1 There is indeed a default route. With no ip classless configured, I would expect the same behavior as before. If I were to ping 10.5.5.5 the packets should be unroutable, but they're not! They get routed to the default route whether or not ip classless is configured. Why is a default route learned through a routing protocol treated differently than a manually configured default route? I went through this entire process twice and I just don't understand the behavior. What am I missing? I know it's going to be something obvious, but I don't see it yet. Ok, I just now tried this: with the ospf external default route still in the routing table, I pinged 10.5.5.5 and it took the default route. Then I manually added a default static route and the destination became unroutable due to 'no ip classless' being configured. Removing the static default it becomes routable again. Weird. What's going on? Thanks, John
RE: IP Classless Revisited (this is just odd...)
I'm not sure how that helps in this case. In both scenarios, whether using RIP or OSPF, the default route is being learned dynamically by the hub router and it is installed into the routing table. The problem is that with no ip classless configured, that router should never use the default route when trying to reach unknown subnets of 10.x.x.x. When running RIP, it behaves as expected. When running OSPF, it behaves as if ip classless were configured. Any other thoughts? Thanks John On Sun, 25 Mar 2001 10:11:40 -0800 (PST), Mike McCline wrote: John Take a look at the Cisco link below, for a sanity check.http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/np1_c/1cindep.htm#37279 -Mike ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ethernet address question ...
I don't recognize the packets. Maybe someone else will. You could look up the TCP port numbers for a clue. Port 1389, for example, claims to be for Document Management. TCP port numbers are in the Assigned Numbers RFC 1700. Also, check the IP source. Determine if it's a server, end station, or whatever. This is probably some proprietary application. Priscilla At 01:29 PM 3/25/01, you wrote: Here is some packets from tcpdump capture and printed out with tethereal. Public IP-addresses and host names edited for security reasons ... I really don't expect you to use too much time to this problen, but here is capture when you asked. Thank you very much for interest. Frame 1 (298 on wire, 158 captured) Arrival Time: Mar 23, 2001 11:40:21.9112 Time delta from previous packet: 0.00 seconds Time relative to first packet: 0.00 seconds Frame Number: 1 Packet Length: 298 bytes Capture Length: 158 bytes Ethernet II Destination: 00:00:00:00:00:01 (XEROX_00:00:01) Source: 00:50:50:c4:ec:38 (Cisco_c4:ec:38) Type: IP (0x0800) Internet Protocol Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 284 Identification: 0xa452 Flags: 0x00 .0.. = Don't fragment: Not set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 59 Protocol: TCP (0x06) Header checksum: 0x7ad2 (correct) Source: somehost.huch.fi (195.215.135.75) Destination: 10.65.11.84 (10.65.11.84) Transmission Control Protocol, Src Port: 9005 (9005), Dst Port: 1389 (1389), Seq: 2585933962, Ack: 99353967 Source port: 9005 (9005) Destination port: 1389 (1389) Sequence number: 2585933962 Next sequence number: 2585934206 Acknowledgement number: 99353967 Header length: 20 bytes Flags: 0x0018 (PSH, ACK) 0... = Congestion Window Reduced (CWR): Not set .0.. = ECN-Echo: Not set ..0. = Urgent: Not set ...1 = Acknowledgment: Set 1... = Push: Set .0.. = Reset: Not set ..0. = Syn: Not set ...0 = Fin: Not set Window size: 16384 Checksum: 0x0175 Data (104 bytes) DATA SNIPPED OUT Frame 2 (150 on wire, 150 captured) Arrival Time: Mar 23, 2001 11:40:22.1129 Time delta from previous packet: 0.201696 seconds Time relative to first packet: 0.201696 seconds Frame Number: 2 Packet Length: 150 bytes Capture Length: 150 bytes Ethernet II Destination: 00:00:00:00:00:01 (XEROX_00:00:01) Source: 00:50:50:c4:ec:38 (Cisco_c4:ec:38) Type: IP (0x0800) Internet Protocol Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 136 Identification: 0x2e0c Flags: 0x04 .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 127 Protocol: TCP (0x06) Header checksum: 0x69f8 (correct) Source: otherhost.huch.fi (195.215.135.60) Destination: 10.65.15.23 (10.65.15.23) Transmission Control Protocol, Src Port: 2632 (2632), Dst Port: 1152 (1152), Seq: 499318847, Ack: 7520061 Source port: 2632 (2632) Destination port: 1152 (1152) Sequence number: 499318847 Next sequence number: 499318943 Acknowledgement number: 7520061 Header length: 20 bytes Flags: 0x0018 (PSH, ACK) 0... = Congestion Window Reduced (CWR): Not set .0.. = ECN-Echo: Not set ..0. = Urgent: Not set ...1 = Acknowledgment: Set 1... = Push: Set .0.. = Reset: Not set ..0. = Syn: Not set ...0 = Fin: Not set Window size: 8304 Checksum: 0xfa51 (correct) Data (96 bytes) DATA SNIPPED OUT Frame 3 (150 on wire, 150 captured) Arrival Time: Mar 23, 2001 11:40:22.5730 Time delta from previous packet: 0.460179 seconds Time relative to first packet: 0.661875 seconds Frame Number: 3 Packet Length: 150 bytes Capture Length: 150 bytes Ethernet II Destination: 00:00:00:00:00:01 (XEROX_00:00:01) Source: 00:50:50:c4:ec:38 (Cisco_c4:ec:38) Type: IP (0x0800) Internet Protocol Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 136 Identification:
Re: CID BETA
Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past experience with them). Not to spread rumors, but I think this is related to them not having published the updated CID 4.0 class yet. I can't find any mention of it anywhere. Beta exams from other companies are not this bad, I've never even had one from Novell, Microsoft, or CompTIA take more than 8 weeks for me to get my report in the mail. Well, I'll continue waiting... On 25 Mar 2001 09:56:29 -0500, [EMAIL PROTECTED] ("GNOME") wrote: 14 weeks and still waiting "Tim Noonan" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi. Has anyone got the results from the CID beta test yet? I have taken several beta test and this is the longest I have had to wait for the results. Thanks, Tim Ps. Please cc me with any reply becuase I don't have access to the mailing list right now. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ethernet address question (long)
The router should get the MAC address by ARPing. Try to capture the ARPs. If the router is fast-switching, then you wouldn't catch the ARPs unless you clear the ARP table on the router first, (which it sounds like you can't do since you don't have access to the router.) But this may not be a problem since fast switching is not the default when the ingress and egress ports are the same as you describe. Priscilla At 12:38 PM 3/25/01, Janne Kettunen wrote: First. Thank you very much answering my question. Let me clarify some background about this MAC-address case. We have many different IP-subnets at same side of router. Please don't ask me why, it's too long story to tell here :-) Some of traffic which goes to router and back is targeted at layer-2 to this 00:00:00:00:00:01 ethernet address. Still Layer-3 destination address vary depending targeted IP-host. Problem is that our Layer-2 switches pass through these 00:00:00:00:00:01 frames even Layer-3 (IP) hosts are in other parts of our Layer-2 switched network. Example: Source: IP-HostA 10.65.10.1/16 - Destination: IP-HostB 10.100.100.10/16 Packet goes to Default router as it should (10.65.0.1) and leaves from same router interface to other network. BUT when it leaves router, MAC-Destination address is sometimes this strange 00:00:00:00:01. And this is Unicast packet from/to Telnet or POP3 services (for example). Source and Destination IP-hosts are not same pair ie. they may be whatever IP-hosts in whatever different subnets. This problem appears in traffic to any direction in any subnets in any OS-system type. I think our router is doing something strange, but because I can't get it's configuration I can't tell you more details from there at the moment (It's Cisco router). That's why I'm interested to know something about this MAC-address. PS. We have also DECnet,IPX and LAT traffic in our network, but these problem packets are definitely IP traffic. -- Regards Janne Kettunen CCNA, CFFE _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID BETA
Maybe they laid off the people working on it. Just kidding. Seriously, the Cisco training department has always worked at about 1/100,000,000 the speed of Internet time. Analyzing the results of a beta test is time-consuming, though, and sometimes there are arguments on the meaning of the results. The test writers must go through and weed out questions that everyone got right, even the obvious newbies. (Newbies and experts are defined by the test results, so it's an iterative process.) They must eliminate questions that nobody got right. They must eliminate questions that the newbies got right but the experts got wrong. Then they have to rescore the beta results. If they eliminated too many questions, they have to add new ones. This must be done with care since the new questions won't go through the same beta test. Then, they must make sure the course matches the test. Still, I agree that it's egregious that it has taken 14 weeks. Priscilla At 02:22 PM 3/25/01, F.G.J. Ruiz-Alaniz wrote: Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past experience with them). Not to spread rumors, but I think this is related to them not having published the updated CID 4.0 class yet. I can't find any mention of it anywhere. Beta exams from other companies are not this bad, I've never even had one from Novell, Microsoft, or CompTIA take more than 8 weeks for me to get my report in the mail. Well, I'll continue waiting... On 25 Mar 2001 09:56:29 -0500, [EMAIL PROTECTED] ("GNOME") wrote: 14 weeks and still waiting "Tim Noonan" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi. Has anyone got the results from the CID beta test yet? I have taken several beta test and this is the longest I have had to wait for the results. Thanks, Tim Ps. Please cc me with any reply becuase I don't have access to the mailing list right now. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
/24? Subnet them. I like /30 for p to p links. run rip version 2. "Dimitrije" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Token Ring Setup
Howdy all! I have a request for those token ring experts. I am seting up a token = ring network as part of my home lab. I am going to hang the network off = a 2502 router. I am using an IBM 8228 MAU with IBM 16/4 ISA TR Adapters = running over Windows NT 4 Workstation OS. NET properties says adapter = is working properly. I am running both NetBIOS and TCP/IP protocols. I = have static addresses assigned to each adapter. I can "see" the = workgroup, TOKENRING, under NET Neighborhood, but no machines. Event = Viewer say Nbf could not find or bind to adapter. I have tried to ping, = nothing. Checked the ipconfig, no ip address. I have changed the = network address on the adapter from "blank" to 01-02-03-04-05-06, = nothing. What am I doing wrong or have I missed something completely? = Thanks in advance for any suggestions. =20 Kraig=20 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID BETA
Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past experience with them). Not to spread rumors, but I think this is related to them not having published the updated CID 4.0 class yet. I can't find any mention of it anywhere. Beta exams from other companies are not this bad, I've never even had one from Novell, Microsoft, or CompTIA take more than 8 weeks for me to get my report in the mail. Well, I'll continue waiting... This is obviously an educational experience, since a valuable network design skill is often "don't just do something, sit there! (until understanding is present.)" Significant smileys apply. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP Classless Revisited (this is just odd...)
Could this have been an issue with route summarization, where the pass-through router (C) had summaries from both sides (couldn't make a decision). If you disable classless on one router, the route summary will be assigned in one direction the true path to the second router will be defined. Phil - Original Message - From: "John Neiberger" [EMAIL PROTECTED] To: "YY" [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 3:01 PM Subject: RE: IP Classless Revisited (this is just odd...) Sure, I'll try that but I don't see why it should matter. As I understand it, ip classless affects routing table lookups only and it doesn't care how those routes were installed into the table. Although, given this behavior, my assumption might be wrong. Thanks, John John, Interesting. I think this is due to OSPF, not redistribution problem. Can you try running RIP instead of OSPF ? Cheers, YY -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Sunday, March 25, 2001 5:28 AM To: [EMAIL PROTECTED] Subject: IP Classless Revisited (this is just odd...) Ok, just when you thought it was safe to go back in the water Or should I say, just when I thought I understood the behavior of 'ip classess' and 'no ip classless' Let me summarize my lab setup. RouterA-RouterB--RouterC Pretty simple. AtoB is 10.1.1.0/24, BtoA is 10.1.2.0/24. OSPF is running on both links. 'ip classless' is on A and C, but not B initially. On B I see these routes: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 That's what I expect to see. Then I add a default route on B, 'ip route 0.0.0.0 0.0.0.0 10.1.1.2'. With no ip classless configured, any packets to unknown subnets of 10.0.0.0/8 should be dropped. I tested it and that is the case. With 'ip classless' configured, and unknown packets regardless of major network get routed to 10.1.1.2. Now here is what I don't understand. Let's turn off ip classless on B again, then go to Router C and add a default route to null0 and default-information originate to the ospf process. I now see this in router B: 10.0.0.0/24 is subnetted, 2 subnets C 10.1.2.0 is directly connected, Serial1 C 10.1.1.0 is directly connected, Serial0 O*E2 0.0.0.0/0 [110/1] via 10.1.2.2, 00:06:38, Serial1 There is indeed a default route. With no ip classless configured, I would expect the same behavior as before. If I were to ping 10.5.5.5 the packets should be unroutable, but they're not! They get routed to the default route whether or not ip classless is configured. Why is a default route learned through a routing protocol treated differently than a manually configured default route? I went through this entire process twice and I just don't understand the behavior. What am I missing? I know it's going to be something obvious, but I don't see it yet. Ok, I just now tried this: with the ospf external default route still in the routing table, I pinged 10.5.5.5 and it took the default route. Then I manually added a default static route and the destination became unroutable due to 'no ip classless' being configured. Removing the static default it becomes routable again. Weird. What's going on? Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:
Looks like a Serial connection through a Frame-Relay network, with Traffic Shaping applied in low/ medium/ high intervals. Whatever you do not understand in this config can be easily plugged into the CCO search engine. www.Cisco.com Phil - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, March 24, 2001 5:40 PM Can anyone explain to me this confi": int se0 ip add 10.0.0.2 255.0.0.0 load interval 3 traffic-shape group 101 32000 8000 8000 traffic-shape group 102 32000 8000 8000 access-list 101 permit ip host 172.17.246.169 host 10.0.0.2 access-list 102 permit ip host 172.17.246.169 host 10.0.0.2 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID BETA
I thank Priscilla for her candor on this topic. I for one was pretty livid with the exam, and I wrote over seven pages of comments to the Cisco team both through the exam comments feature and off-line. Specifically I was disappointed that the questions were poorly crafted, afforded few solid answers, and many were flat-out wrong. It is further disappointing that Cisco has failed to take advantage of this forum and others like it to improve the quality of their product from a technical perspective, much like one would expect a better level set with enterprise and service provider customers to develop the program further. --- Priscilla Oppenheimer [EMAIL PROTECTED] wrote: Maybe they laid off the people working on it. Just kidding. Seriously, the Cisco training department has always worked at about 1/100,000,000 the speed of Internet time. Analyzing the results of a beta test is time-consuming, though, and sometimes there are arguments on the meaning of the results. The test writers must go through and weed out questions that everyone got right, even the obvious newbies. (Newbies and experts are defined by the test results, so it's an iterative process.) They must eliminate questions that nobody got right. They must eliminate questions that the newbies got right but the experts got wrong. Then they have to rescore the beta results. If they eliminated too many questions, they have to add new ones. This must be done with care since the new questions won't go through the same beta test. Then, they must make sure the course matches the test. Still, I agree that it's egregious that it has taken 14 weeks. Priscilla At 02:22 PM 3/25/01, F.G.J. Ruiz-Alaniz wrote: Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past experience with them). Not to spread rumors, but I think this is related to them not having published the updated CID 4.0 class yet. I can't find any mention of it anywhere. Beta exams from other companies are not this bad, I've never even had one from Novell, Microsoft, or CompTIA take more than 8 weeks for me to get my report in the mail. Well, I'll continue waiting... On 25 Mar 2001 09:56:29 -0500, [EMAIL PROTECTED] ("GNOME") wrote: 14 weeks and still waiting "Tim Noonan" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi. Has anyone got the results from the CID beta test yet? I have taken several beta test and this is the longest I have had to wait for the results. Thanks, Tim Ps. Please cc me with any reply becuase I don't have access to the mailing list right now. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Robert Padjen __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hi folks, I've been thinking about Cisco as an investment.
All - Cisco is a great company. It has one of the best developed business models in the world. Their products afford a well-rounded feature set that is first rate. ARE YOU INSANE!!! ;) Let's see. CSCO is trading at a P/E of just over 45. Companies normally trade in the area of 30, and WorldCom, etc., are at 10-15. Thus, Cisco is overvalued by 50%, and historically would price at $12/share if they were a normal company. OK, they're not, so a slight premium would be warranted (where that is between $12-18/share is unknown, but we'd likely be near the top of the range). Further, Cisco is recording P/E (price/earnings) on last quarters numbers, which could be 30% BETTER than this quarters. A lowering of up to 30% could warrant a price range of $10-14/share to hold the same P/E ratio. Since the next two quarters appear down, and lowering is more likely, you would view this as a bargin why? ;) In addition, Cisco is the largest holding of most money market funds. As the price increases it would be likely that they will sell to diversify. Look, I like the company. I think very long term they will be an IBM or a Microsoft. But short term, with any stock, don't allow a lower price than yesterday to be a measure of a bargin. If I believed that any/all of us would save Cisco with our thousand share buys I'd likely be a bit more positive, but since the loss will hurt us MUCH more than the aggrigate company or economy, please save your capital and do the analysis before investing! Kidding about the insane thing BTW. Now, for a really good investment, the Bank of Rob is taking deposits, cash only please! --- ItsMe [EMAIL PROTECTED] wrote: Myself and a few others are buying. Same story as yourself couldn't afford it before. As for going to hell in a hand basket; if Cisco went down the tubes, there would be many other things you would be worried about then the money you would be investing with now. (i.e. radiation poising from the Nuclear War :-) just my opinion "Natasha" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi gang, this is a little off topic but... I've been watching the stock price of Cisco drop from where it was to where it is now, and have been agonizing over the fact that I can actually afford some. Reading the Analyst Consensus on various sites and Cnbc it seems like we're going to hell in a hand basket. The insight that I need is, Is it slowing down as bad as they tell us? What is the life span of the average router, warranty? How often are routers, switches, etc. replaced? Is Cisco a bad investment right now? You folks are out in the trenches so any help or insight that you can offer is a help. Thanks -- Natasha Flazynski http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Robert Padjen __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Performance Comparision between Linux OS Firewall and Cisco PIX 525
Ken, Thank you very much for the advice. This past Friday, my company has decided to use Linux as our company Firewall. Furthermore, we've decided that this Firewall will be running kernel 2.4.2 with only two services running on it, SSH and netfilter (aka iptables). I've tested kernel 2.4.2 in the lab and notice it performs better than kernel 2.2.x. I've also performed various intrusion detection tests on the box using Cisco NetSonar, Cybercop, ISS, Axent Netrecon but is unable to break it. The linux box is rock-solid. I am also running portsentry (IDS) on the Firewall itself. Also, we decide to running our squid proxy server on another linux box to provide transparent caching for our internal users. As far as VPN is concerns, we are going to implement FreeS/WAN on another box. I think in the long run, it is going to save the company a lot of money. We end up not buying the PIX and web-caching engine from Cisco. Oh, the networking guy in our group who recommends Cisco PIX and Cisco web- caching engine as a solution, he has been fired. Go figure. Regards, Sean P.S. Priscilla, why not implementing TRANSPARENT caching by using squid to speed up internet connection for your users? Squid is free and very secure and easy to use. From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED], "Stuart Brockwell" [EMAIL PROTECTED] Subject: Re: Performance Comparision between Linux OS Firewall and Cisco PIX 525 Date: Sat, 24 Mar 2001 20:02:26 -0800 Sean, Comments imbedded: On 23 Mar 2001, at 16:12, Stuart Brockwell wrote: Hi Sean, I am a Linux head my self, and one of our firewalls is in fact running on a Linux box. The only problem with this type of firewall is that you inherit all of the known bugs that the software has. Given that the source code to Linux is widely available, you have a lot of very talented people out there who know these holes and are able to exploit them very easily. It also means that there are a lot of talented people who are looking at the code to make sure that any holes are patched. In fact, when new exploits are found, Linux is usually the fastest platform to have a patch available. Compare this to having to wait weeks for vendor patches or having to prove to a vendor that a problem exists. Also, a service can only be exploited if it is running. A properly configured firewall doesn't run unecessary services, this makes it very difficult to exploit. Essentially, it would come down to trying to DoS it or running a password guessing program against it to get remote access. If you maintain your own Linux firewall, you will need to continuously look for the latest bug fixes to install on your Linux box to address the latest round of holes that have been released. If the Linux firewall is properly setup, the only services running on it are ipchains and SSH. This means that you have to be aware of 2 services. While there could always be a local exploit, if only trusted admins have access, the trouble with keeping up patches is minimal. It is certainly no more trouble than keeping up with bugs on a vendor platform. Cisco and companies such as Watch Guard closely guard their source code, often you can elect to take on a maintenance contract with the firewall where you recieve all the latest fixes for a 12 month period (this is what we did). As this is their bread and butter, they spend a lot of time looking for holes and fixes to known bugs. While true, this doesn't mean that their code will have fewer bugs or that the bugs will be patched quicker. There is a very large support community for Linux that is very technical. Most bugs are patched in a matter of days, sometimes hours. the main plus for each of the commercial packages is that there is large support base, where as skilled Linux admin staff who can lock down a firewall are very few and far between. This is simply not true. There is a very large community of Linux developers and admins, and most of them are very knowledgable. There are good mailing lists and _plenty_ of good Linux security/firewall books, articles, web sites, etc. available. Locking down a Linux box is not rocket science. That is FUD that is propagated by vendors who want to sell product. It's not hard to configure a Linux box to be secure, the difficulty comes in running lots of services and providing access to users. If you have a box that runs web, ftp, smtp, nfs, etc., then it becomes much harder to secure, but none of these services should be running on a firewall. The bottom line is that there are several good commercial firewalls, but that doesn't mean that a Linux box cannot serve as a good, low- end alternative. Especially if cost is one of the main decision factors. -Kent _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations
RE: IP Classless Revisited (this is just odd...)
Not that its at all helpful in this situation, but ip classless, much like bgp synchronization, fall into the category of commands that simply defy understanding when presented with test criteria. One must keep in mind that these are implementations of code that sometimes are not 100% reflective of what the designer intended. On the other hand, just when you think the code is flawed, you find out that you truly misunderstood the feature in the first place :) The end result is generally frustration or increased understanding, or sometimes both in that order. Pete *** REPLY SEPARATOR *** On 3/25/2001 at 10:38 AM John Neiberger wrote: I'm not sure how that helps in this case. In both scenarios, whether using RIP or OSPF, the default route is being learned dynamically by the hub router and it is installed into the routing table. The problem is that with no ip classless configured, that router should never use the default route when trying to reach unknown subnets of 10.x.x.x. When running RIP, it behaves as expected. When running OSPF, it behaves as if ip classless were configured. Any other thoughts? Thanks John On Sun, 25 Mar 2001 10:11:40 -0800 (PST), Mike McCline wrote: John Take a look at the Cisco link below, for a sanity check.http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/np1_c/1cindep.htm#37279 -Mike ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Advise for BCMSN
I have heard varying opinions on the difficulty of BCMSN. Could somebody let me know one/both of the foll. things : 1. As related to questions on commands, will I have to select it from a list of type it in ? 2. How many questions (approximately) are covered on Multicasting ? (I find all other topics easy !!) Cheers, - Get free personalized email at http://email.lycos.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
If you have routing enabled, Cisco IOS will not let you put multiple interfaces in the same subnet. What version of code are you using and are you sure this is the way he has it configured? You're using RIP so have routing enabled so something is fishy here. Equal-cost multipath should work fine unless CEF or fast-switching is giving you trouble. Try putting 'no ip route-cache' under the serial interfaces. If your using 12.1(3)T and above on both routers you can bond both serial interfaces into a multilink group and use 1 subnet. Erick --- Dimitrije [EMAIL PROTECTED] wrote: I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
Right off the top I wanted to say "NO! - you can't do this..." but then I saw that we were talking about serials here so I did a test. Sure enough I was able to put two serial interfaces on the same router into the same subnet. Didn't think that was possible. However, as I suspected - as soon as I tried to put an Ethernet interface into any subnet in use by any other interface - I got the error that it "overlaps" with interface x. So now we know that Yes you can do it - but will it work. first - we'll assume that the 192.1.67.202/14 is a typo and it should be 192.1.67.202/24 second - let's get rid of the /24 on the transit links RouterA S0 - 192.1.67.1/30 RouterB S0 - 192.1.67.2/30 RouterA S1 - 192.1.67.5/30 RouterB S1 - 192.1.67.6/30 third - RIP won't like that so change it to version 2 router RIP version 2 (on both routers of course) or better yet - use EIGRP. But - you didn't give us any info about where you pinged from, the router? a client on the ethernet segment? - what ip address is/are the ethernet segments? and what was the destination of the ping??? How is RIP configured? The more I look at it, it seems like a strange network - is he maybe bridging and not routing? That the network is slow isn't too hard to figure. With two interfaces in the same subnet the router has to try and figure out - here's a packet - I can ship it to: 1. S0 2. S1 3. Nowhere - I don't have to!! we're all on the same network!! 4. All of the above 5. None of the above 6. 1 and 2 With only one serial up, the choices become easier. And are we talking about redundant, x amount of bandwidth required but a backup connection? Or two circuits load balancing, or a combination? Too many variables not presented, need more info - perhaps configs??? (and design objectives?) Kevin Wigle - Original Message - From: "Dimitrije" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, 25 March, 2001 13:13 Subject: redundant serial links in same subnet?? I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hi folks, I've been thinking about Cisco as an investment.
Got a bunch of Covad stock options I'll sell ya !!! :o) Phil - Original Message - From: "Robert Padjen" [EMAIL PROTECTED] To: "ItsMe" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 8:02 PM Subject: Re: Hi folks, I've been thinking about Cisco as an investment. All - Cisco is a great company. It has one of the best developed business models in the world. Their products afford a well-rounded feature set that is first rate. ARE YOU INSANE!!! ;) Let's see. CSCO is trading at a P/E of just over 45. Companies normally trade in the area of 30, and WorldCom, etc., are at 10-15. Thus, Cisco is overvalued by 50%, and historically would price at $12/share if they were a normal company. OK, they're not, so a slight premium would be warranted (where that is between $12-18/share is unknown, but we'd likely be near the top of the range). Further, Cisco is recording P/E (price/earnings) on last quarters numbers, which could be 30% BETTER than this quarters. A lowering of up to 30% could warrant a price range of $10-14/share to hold the same P/E ratio. Since the next two quarters appear down, and lowering is more likely, you would view this as a bargin why? ;) In addition, Cisco is the largest holding of most money market funds. As the price increases it would be likely that they will sell to diversify. Look, I like the company. I think very long term they will be an IBM or a Microsoft. But short term, with any stock, don't allow a lower price than yesterday to be a measure of a bargin. If I believed that any/all of us would save Cisco with our thousand share buys I'd likely be a bit more positive, but since the loss will hurt us MUCH more than the aggrigate company or economy, please save your capital and do the analysis before investing! Kidding about the insane thing BTW. Now, for a really good investment, the Bank of Rob is taking deposits, cash only please! --- ItsMe [EMAIL PROTECTED] wrote: Myself and a few others are buying. Same story as yourself couldn't afford it before. As for going to hell in a hand basket; if Cisco went down the tubes, there would be many other things you would be worried about then the money you would be investing with now. (i.e. radiation poising from the Nuclear War :-) just my opinion "Natasha" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi gang, this is a little off topic but... I've been watching the stock price of Cisco drop from where it was to where it is now, and have been agonizing over the fact that I can actually afford some. Reading the Analyst Consensus on various sites and Cnbc it seems like we're going to hell in a hand basket. The insight that I need is, Is it slowing down as bad as they tell us? What is the life span of the average router, warranty? How often are routers, switches, etc. replaced? Is Cisco a bad investment right now? You folks are out in the trenches so any help or insight that you can offer is a help. Thanks -- Natasha Flazynski http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Robert Padjen __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Missing dynamic dialer maps using dialer profiles
Greetings, I'm using dialer profiles for DDR configuration. I can successfully setup the ISDN call and interfaces are up/up on both ends. However, I'm getting an "encapsulation failed" message when trying to ping the remote interface IP address. This is obviously the failure of the router to get a MAC address for the dialer interface. Using dialer profiles, I do not need dialer map statements. However, when I issue "sh dialer map", there are no entries indicating that dynamic map statements are not being generated. Any ideas? The caller is a 1604 running 11.2(8)P and the called is a 3640 running 12.0(8). Kurt _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID BETA
The last thing this business needs in the possibility of a recession is a company like Cisco a Market Leader vacillating on which way any single thing goes. Changes in CID like CCNP/CCDP and CCs can only confuse situations. How do you induce stability in a market that needs certain stability at this time. I don't think it's this way! Besides will companies pay in a period of recession for another round of qualifications, I think not! Cisco pull this one around and look at the markets! Karl - Original Message - From: "Robert Padjen" [EMAIL PROTECTED] To: "Priscilla Oppenheimer" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 9:52 PM Subject: Re: CID BETA I thank Priscilla for her candor on this topic. I for one was pretty livid with the exam, and I wrote over seven pages of comments to the Cisco team both through the exam comments feature and off-line. Specifically I was disappointed that the questions were poorly crafted, afforded few solid answers, and many were flat-out wrong. It is further disappointing that Cisco has failed to take advantage of this forum and others like it to improve the quality of their product from a technical perspective, much like one would expect a better level set with enterprise and service provider customers to develop the program further. --- Priscilla Oppenheimer [EMAIL PROTECTED] wrote: Maybe they laid off the people working on it. Just kidding. Seriously, the Cisco training department has always worked at about 1/100,000,000 the speed of Internet time. Analyzing the results of a beta test is time-consuming, though, and sometimes there are arguments on the meaning of the results. The test writers must go through and weed out questions that everyone got right, even the obvious newbies. (Newbies and experts are defined by the test results, so it's an iterative process.) They must eliminate questions that nobody got right. They must eliminate questions that the newbies got right but the experts got wrong. Then they have to rescore the beta results. If they eliminated too many questions, they have to add new ones. This must be done with care since the new questions won't go through the same beta test. Then, they must make sure the course matches the test. Still, I agree that it's egregious that it has taken 14 weeks. Priscilla At 02:22 PM 3/25/01, F.G.J. Ruiz-Alaniz wrote: Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past experience with them). Not to spread rumors, but I think this is related to them not having published the updated CID 4.0 class yet. I can't find any mention of it anywhere. Beta exams from other companies are not this bad, I've never even had one from Novell, Microsoft, or CompTIA take more than 8 weeks for me to get my report in the mail. Well, I'll continue waiting... On 25 Mar 2001 09:56:29 -0500, [EMAIL PROTECTED] ("GNOME") wrote: 14 weeks and still waiting "Tim Noonan" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi. Has anyone got the results from the CID beta test yet? I have taken several beta test and this is the longest I have had to wait for the results. Thanks, Tim Ps. Please cc me with any reply becuase I don't have access to the mailing list right now. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Robert Padjen __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription
Re: Performance Comparision between Linux OS Firewall and Cisco PIX 525
Sean, Have you guys compared FreeBSD with Linux for the firewall? Thanks KY ""Sean Young"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Ken, Thank you very much for the advice. This past Friday, my company has decided to use Linux as our company Firewall. Furthermore, we've decided that this Firewall will be running kernel 2.4.2 with only two services running on it, SSH and netfilter (aka iptables). I've tested kernel 2.4.2 in the lab and notice it performs better than kernel 2.2.x. I've also performed various intrusion detection tests on the box using Cisco NetSonar, Cybercop, ISS, Axent Netrecon but is unable to break it. The linux box is rock-solid. I am also running portsentry (IDS) on the Firewall itself. Also, we decide to running our squid proxy server on another linux box to provide transparent caching for our internal users. As far as VPN is concerns, we are going to implement FreeS/WAN on another box. I think in the long run, it is going to save the company a lot of money. We end up not buying the PIX and web-caching engine from Cisco. Oh, the networking guy in our group who recommends Cisco PIX and Cisco web- caching engine as a solution, he has been fired. Go figure. Regards, Sean P.S. Priscilla, why not implementing TRANSPARENT caching by using squid to speed up internet connection for your users? Squid is free and very secure and easy to use. From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED], "Stuart Brockwell" [EMAIL PROTECTED] Subject: Re: Performance Comparision between Linux OS Firewall and Cisco PIX 525 Date: Sat, 24 Mar 2001 20:02:26 -0800 Sean, Comments imbedded: On 23 Mar 2001, at 16:12, Stuart Brockwell wrote: Hi Sean, I am a Linux head my self, and one of our firewalls is in fact running on a Linux box. The only problem with this type of firewall is that you inherit all of the known bugs that the software has. Given that the source code to Linux is widely available, you have a lot of very talented people out there who know these holes and are able to exploit them very easily. It also means that there are a lot of talented people who are looking at the code to make sure that any holes are patched. In fact, when new exploits are found, Linux is usually the fastest platform to have a patch available. Compare this to having to wait weeks for vendor patches or having to prove to a vendor that a problem exists. Also, a service can only be exploited if it is running. A properly configured firewall doesn't run unecessary services, this makes it very difficult to exploit. Essentially, it would come down to trying to DoS it or running a password guessing program against it to get remote access. If you maintain your own Linux firewall, you will need to continuously look for the latest bug fixes to install on your Linux box to address the latest round of holes that have been released. If the Linux firewall is properly setup, the only services running on it are ipchains and SSH. This means that you have to be aware of 2 services. While there could always be a local exploit, if only trusted admins have access, the trouble with keeping up patches is minimal. It is certainly no more trouble than keeping up with bugs on a vendor platform. Cisco and companies such as Watch Guard closely guard their source code, often you can elect to take on a maintenance contract with the firewall where you recieve all the latest fixes for a 12 month period (this is what we did). As this is their bread and butter, they spend a lot of time looking for holes and fixes to known bugs. While true, this doesn't mean that their code will have fewer bugs or that the bugs will be patched quicker. There is a very large support community for Linux that is very technical. Most bugs are patched in a matter of days, sometimes hours. the main plus for each of the commercial packages is that there is large support base, where as skilled Linux admin staff who can lock down a firewall are very few and far between. This is simply not true. There is a very large community of Linux developers and admins, and most of them are very knowledgable. There are good mailing lists and _plenty_ of good Linux security/firewall books, articles, web sites, etc. available. Locking down a Linux box is not rocket science. That is FUD that is propagated by vendors who want to sell product. It's not hard to configure a Linux box to be secure, the difficulty comes in running lots of services and providing access to users. If you have a box that runs web, ftp, smtp, nfs, etc., then it becomes much harder to secure, but none of these services should be running on a firewall. The bottom line is that there are several good commercial firewalls, but that doesn't mean that a Linux box cannot
Re: CID BETA
I got off the list temporarily because I am on vacation, but I must comment once more. Vacillating on test results is normal and healthy and has been going on forever. It has nothing to do with the economy. I would suspect that one thing that's holding up the test is the seven pages of comments from Robert and probably other people. This is a good thing. Declaring the test final and past the beta stage when it's not really ready would be a bad thing. Priscilla At 11:27 PM 3/25/01, hal9001 wrote: The last thing this business needs in the possibility of a recession is a company like Cisco a Market Leader vacillating on which way any single thing goes. Changes in CID like CCNP/CCDP and CCs can only confuse situations. How do you induce stability in a market that needs certain stability at this time. I don't think it's this way! Besides will companies pay in a period of recession for another round of qualifications, I think not! Cisco pull this one around and look at the markets! Karl - Original Message - From: "Robert Padjen" [EMAIL PROTECTED] To: "Priscilla Oppenheimer" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 9:52 PM Subject: Re: CID BETA I thank Priscilla for her candor on this topic. I for one was pretty livid with the exam, and I wrote over seven pages of comments to the Cisco team both through the exam comments feature and off-line. Specifically I was disappointed that the questions were poorly crafted, afforded few solid answers, and many were flat-out wrong. It is further disappointing that Cisco has failed to take advantage of this forum and others like it to improve the quality of their product from a technical perspective, much like one would expect a better level set with enterprise and service provider customers to develop the program further. --- Priscilla Oppenheimer [EMAIL PROTECTED] wrote: Maybe they laid off the people working on it. Just kidding. Seriously, the Cisco training department has always worked at about 1/100,000,000 the speed of Internet time. Analyzing the results of a beta test is time-consuming, though, and sometimes there are arguments on the meaning of the results. The test writers must go through and weed out questions that everyone got right, even the obvious newbies. (Newbies and experts are defined by the test results, so it's an iterative process.) They must eliminate questions that nobody got right. They must eliminate questions that the newbies got right but the experts got wrong. Then they have to rescore the beta results. If they eliminated too many questions, they have to add new ones. This must be done with care since the new questions won't go through the same beta test. Then, they must make sure the course matches the test. Still, I agree that it's egregious that it has taken 14 weeks. Priscilla At 02:22 PM 3/25/01, F.G.J. Ruiz-Alaniz wrote: Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past experience with them). Not to spread rumors, but I think this is related to them not having published the updated CID 4.0 class yet. I can't find any mention of it anywhere. Beta exams from other companies are not this bad, I've never even had one from Novell, Microsoft, or CompTIA take more than 8 weeks for me to get my report in the mail. Well, I'll continue waiting... On 25 Mar 2001 09:56:29 -0500, [EMAIL PROTECTED] ("GNOME") wrote: 14 weeks and still waiting "Tim Noonan" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi. Has anyone got the results from the CID beta test yet? I have taken several beta test and this is the longest I have had to wait for the results. Thanks, Tim Ps. Please cc me with any reply becuase I don't have access to the mailing list right now. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com
looking for 2500 rack mount
Can anyone spare or sell me a rack mount kit for a 2500 series router? Don't want to spend $100 ea. I need 5. Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE:
Look like this is one of the CCIE questions -Original Message- From: Circusnuts [SMTP:[EMAIL PROTECTED]] Sent: Monday, March 26, 2001 12:55 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Looks like a Serial connection through a Frame-Relay network, with Traffic Shaping applied in low/ medium/ high intervals. Whatever you do not understand in this config can be easily plugged into the CCO search engine. www.Cisco.com Phil - Original Message - To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, March 24, 2001 5:40 PM Can anyone explain to me this confi": int se0 ip add 10.0.0.2 255.0.0.0 load interval 3 traffic-shape group 101 32000 8000 8000 traffic-shape group 102 32000 8000 8000 access-list 101 permit ip host 172.17.246.169 host 10.0.0.2 access-list 102 permit ip host 172.17.246.169 host 10.0.0.2 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: looking for 2500 rack mount
The best deal I've found is at http://www.optsys.net -Original Message- From: John Chang To: [EMAIL PROTECTED] Sent: 03/25/2001 3:35 PM Subject: looking for 2500 rack mount Can anyone spare or sell me a rack mount kit for a 2500 series router? Don't want to spend $100 ea. I need 5. Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: looking for 2500 rack mount
htmlDIV Pyou can get them off ebay for around $20-30 a set. BR/P/DIV DIV/DIV DIV/DIVgt;From: John Chang [EMAIL PROTECTED] DIV/DIVgt;Reply-To: John Chang [EMAIL PROTECTED] DIV/DIVgt;To: [EMAIL PROTECTED] DIV/DIVgt;Subject: looking for 2500 rack mount DIV/DIVgt;Date: Sun, 25 Mar 2001 18:35:19 -0500 DIV/DIVgt; DIV/DIVgt;Can anyone spare or sell me a rack mount kit for a 2500 series DIV/DIVgt;router? Don't want to spend $100 ea. I need 5. Thanks. DIV/DIVgt; DIV/DIVgt;_ DIV/DIVgt;FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html DIV/DIVgt;Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] DIV/DIVbr clear=allhrGet your FREE download of MSN Explorer at a href="http://explorer.msn.com"http://explorer.msn.com/abr/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP Classless Revisited (this is just odd...)
Heh heh...yes, ip classless and bgp synchronization do fit into that category quite well! I am starting to think this is an IOS feature on this router. I tried this with RIP, EIGRP, and OSPF. 'no ip classless' behaved exactly as expected when running RIP and EIGRP. It was only when I used OSPF that it started to behave classlessly without my prior authorization. g I've got a 2501 running a different IOS image. I think I'll try this experiment on that to see what happens. Thanks, John Not that its at all helpful in this situation, but ip classless, much like bgp synchronization, fall into the category of commands that simply defy understanding when presented with test criteria. One must keep in mind that these are implementations of code that sometimes are not 100% reflective of what the designer intended. On the other hand, just when you think the code is flawed, you find out that you truly misunderstood the feature in the first place :) The end result is generally frustration or increased understanding, or sometimes both in that order. Pete *** REPLY SEPARATOR *** On 3/25/2001 at 10:38 AM John Neiberger wrote: I'm not sure how that helps in this case. In both scenarios, whether using RIP or OSPF, the default route is being learned dynamically by the hub router and it is installed into the routing table. The problem is that with no ip classless configured, that router should never use the default route when trying to reach unknown subnets of 10.x.x.x. When running RIP, it behaves as expected. When running OSPF, it behaves as if ip classless were configured. Any other thoughts? Thanks John On Sun, 25 Mar 2001 10:11:40 -0800 (PST), Mike McCline wrote: John Take a look at the Cisco link below, for a sanity check.http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/np1_c/1cindep.htm#37279 -Mike ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID BETA
My point of view might be wrong for every case, but most the of the world "really" only readily recognizes the CCNA, CCNP, CCIE certifications. We have DP's in the office more often than not (some where down the road)- they end up having to explain their certification to new contract customers (pointing out they are really CCNP's). You may say shame on them, but they're the public (customer). I think the new certs show diversity, but the Liberal Arts of you network degree is really recognized within the main certifications (for now). Avoiding my reading Phil - Original Message - From: "hal9001" [EMAIL PROTECTED] To: "Robert Padjen" [EMAIL PROTECTED]; "Priscilla Oppenheimer" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 9:27 PM Subject: Re: CID BETA The last thing this business needs in the possibility of a recession is a company like Cisco a Market Leader vacillating on which way any single thing goes. Changes in CID like CCNP/CCDP and CCs can only confuse situations. How do you induce stability in a market that needs certain stability at this time. I don't think it's this way! Besides will companies pay in a period of recession for another round of qualifications, I think not! Cisco pull this one around and look at the markets! Karl - Original Message - From: "Robert Padjen" [EMAIL PROTECTED] To: "Priscilla Oppenheimer" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 9:52 PM Subject: Re: CID BETA I thank Priscilla for her candor on this topic. I for one was pretty livid with the exam, and I wrote over seven pages of comments to the Cisco team both through the exam comments feature and off-line. Specifically I was disappointed that the questions were poorly crafted, afforded few solid answers, and many were flat-out wrong. It is further disappointing that Cisco has failed to take advantage of this forum and others like it to improve the quality of their product from a technical perspective, much like one would expect a better level set with enterprise and service provider customers to develop the program further. --- Priscilla Oppenheimer [EMAIL PROTECTED] wrote: Maybe they laid off the people working on it. Just kidding. Seriously, the Cisco training department has always worked at about 1/100,000,000 the speed of Internet time. Analyzing the results of a beta test is time-consuming, though, and sometimes there are arguments on the meaning of the results. The test writers must go through and weed out questions that everyone got right, even the obvious newbies. (Newbies and experts are defined by the test results, so it's an iterative process.) They must eliminate questions that nobody got right. They must eliminate questions that the newbies got right but the experts got wrong. Then they have to rescore the beta results. If they eliminated too many questions, they have to add new ones. This must be done with care since the new questions won't go through the same beta test. Then, they must make sure the course matches the test. Still, I agree that it's egregious that it has taken 14 weeks. Priscilla At 02:22 PM 3/25/01, F.G.J. Ruiz-Alaniz wrote: Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past experience with them). Not to spread rumors, but I think this is related to them not having published the updated CID 4.0 class yet. I can't find any mention of it anywhere. Beta exams from other companies are not this bad, I've never even had one from Novell, Microsoft, or CompTIA take more than 8 weeks for me to get my report in the mail. Well, I'll continue waiting... On 25 Mar 2001 09:56:29 -0500, [EMAIL PROTECTED] ("GNOME") wrote: 14 weeks and still waiting "Tim Noonan" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi. Has anyone got the results from the CID beta test yet? I have taken several beta test and this is the longest I have had to wait for the results. Thanks, Tim Ps. Please cc me with any reply becuase I don't have access to the mailing list right now. _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2500 series e0 fullduplex?
SAIF, Glad you looked it up. Now, how about in the future you check _before_ you start spreading incorrect info? TIA B "SAIF" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Yeah u r right ,i checked it I was confused thanx for correction budy :) Eric Fairfield wrote: 100 Mb FE still falls under CSMA/CD rules especially when using a Fast Ethernet Hub that doesn't support Full duplex. There can and will be collisions at 100Mb Fast Ethernet in a shared environment. -- Eric Fairfield CCIE #6413 "SAIF" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... well its not a terminology thing u see its understood when u use 100mbps its then not csma/cd ethernet thing ,they made it like thre will be no collisions and speed will be 10 times than 10 mbps yes u r right on 36xx router there is full/half/auto duplex but u didnt get the idea ,its basically technology which is sensing which media is supported to that interface ,if it is 10mbps then interface will make it half duplex ethernet and i it is 100mbs it will make it fast ethernet full duplex and u have choice to make it half/full duplex by ur choice according to ur existing medium and toplogy THAT PORT MUST BE NOT A FASTETHERNET PORT BUT IT CAN BE IF U USE IT IN 100MBPS WAY THERE IS ANOTHER THING YES IT IS POSSIBL I AGREE U CAN WORK 10BASE T (ONLY NOT COAXIAL) WITH FULL DUPLEX BUT THE THING IS THAT WHAT I WAS POINTING THAT CISCO PRODUCTS USUALLY DONT SUPPORTFULL DUPLEX WITH 10MBPS AM I WRONG ? Neil Schneider wrote: Sorry but you are incorrect. (unless we just have a terminology difference here) Just becuase you are running 100mbps. it is not automatically full duplex. the Fastethernet ports on routers (3640 seriesfor example) can be set to full/half/auto duplex. why bother with a half duplex setting if all fastethernet is full duplex? -- Neil Schneider MCT MCSE CCSI CCNP "SAIF" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... 100mbps is not ethernet be sure its fast ethernet ,also their is no collisions in fast ethernet ,its colliision free and this is only possible if u have one way to send and one way to recieve data simultaneously :) i am sure u got the idea secondly in ethernet there are collisions and if there are colliisions Can u use one to send and one way to recieve simultaneously with collisions so if u cant the result is ethernet works in half duplex mode and fast ethernnet works in full duplex if u have any thing different than me plz share with us waiting ur reply Saif Neil Schneider wrote: It is NOT true that ethernet is half and fastethernet is full duplex. Either 10Mbps or 100Mbps ehternet can be run in half or full duplex mode. And offhand I don't know if the 2500 AUI port will do full ethernet. -- Neil Schneider MCT MCSE CCSI CCNP "SAIF" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... NO ITS ETHERNET PORT AND WORKING HALF DUPLEX ONLY ,U SEE CISCO GIVES FASTETHERNET PORTS SPECIALLY IN THEIR ROUTERS SPECIALLY IN 4XXX SERIES AND U KNOW ETHERNET WORKS IN HALF DUPLEX AND FASTETHERNET WORKS IN FULL DUPLEX SO THE RESULT IS AUI PORT IS HALF DUPLEX ETHERNET NOT AUTO SENSE AND IF U WANT AUTOSENSE 10/100 BASE T GO TO ANY OTHER ROUTER ,CHECK THE ROUTER;S MANUAL :) HOPT IT WILL HELP IS IT ? Turfis wrote: Is the Ethernet AUI port on the 2500 series Cisco routers Full Duplex compatible? Does it autonegoiate? Can you hard code the interface for half/full/auto? Thanks! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Running from ROM?
The line "System returned to ROM by power-on" bothers me, do I have a problem with my router? I think it appears to be running from ROM, is this true? ROUTERsh ver Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-I-L), Version 12.1(2), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2000 by cisco Systems, Inc. Compiled Tue 09-May-00 19:57 by linda Image text-base: 0x0303E424, data-base: 0x1000 ROM: System Bootstrap, Version 11.0(10c), SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFT WARE (fc1) ROUTER uptime is 6 days, 8 hours, 24 minutes System returned to ROM by power-on System restarted at 11:37:17 UTC Mon Mar 19 2001 System image file is "flash:/c2500-i-l.121-2.bin" cisco 2500 (68030) processor (revision N) with 14336K/2048K bytes of memory. Processor board ID 10415097, with hardware revision Bridging software. X.25 software, Version 3.0.0. 1 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash (Read ONLY) Configuration register is 0x2102 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Equipment Seller - Where are you ?
WOuld the person who post (a few days ago) to this list, a long list of lab vintage equipment - please contact me at [EMAIL PROTECTED] The person referred to is the one that stated the whole bundle for $15,000. I lost the original message, but would like to to see the list again. thanks _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ethernet address question
Priscilla Oppenheimer wrote: At 10:09 PM 3/23/01, you wrote: Are you sure that the LAA bit applies to Ethernet? I've never seen that defined as such in any doc. Only for Token Ring. - Marty It's in IEEE 802.3. I just checked. And I bet you have seen it used! How about in DECnet networks? The MAC address gets changed to be based on the network-layer address and to start with AA. So, unless I'm twiddling the bits wrong, which is possible, since it is early Saturday morning, and I didn't get enough sleep, I think that's an example of an Ethernet locally-administered address. You were twiddling correctly. I looked up the Ethernet V2 spec vs. 802.3 and found what you stated -- bit 1 (the 2nd from the LSB) is the LAA bit for 802.3, but _not_ for Ethernet V2. Since DEC was using AA-00-04-00-xx-xx prior to 802.3 being created, is it just coincidence that AA happens to set the LAA bit? And here's yet another fairly well-written reference on Ethernet/802.3 operation: http://ethernet.industrial-networking.com/articles/gthomas.asp - Marty _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Load balancing switch
Hi All, I have been asked to design an internal lan structure at an ISP which has load balancing for our server farm of 5 servers at the switching level. Can some one tell me how good cisco switch's are in this area compared to Foundry. Also, what protocols are used at the switch layer to create load balancing (if any ) Thanks in advance John Brandis Network Infrastructure Engineer GoWireless Communications Level 7, 155 George Street Sydney, NSW Australia 2000 02-9251-5000 0418-613-976 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
Responding to your good questions: - Yes, the /14 was a typo. Should be /24. - Router A is running IOS 11.1 - Router B is running IOS 11.0 - I believe RIP version 1 is used. - No, he is routing and not bridging. (At least he is attempting to route) - All other interfaces on either router are on different networks - With both serial interfaces up/up, router A can ping router B's serial interface IP addresses only intermittently and visa-versa. With either serial interface shut down, all pings work in all directions. - I also think this network used to have only one serial link (I believe a T1), and the second T1 serial interface was added to increase performance with the intention of load balancing. I have no idea why both links were put on the same subnet. Maybe the original person didn't know what he was doing, or he did it this way to overcome another problem that I am not aware of. Everything else in both routers' configurations looks pretty innocent except for the following: ip irdp on Router B's serial 2 interface (This is a completely diifferent serial link from the redundant links we've been addressing. I think it has no bearing, but maybe it does. I don't know. If the intent of the redundant serial links is to provide equal-cost load-balancing, does putting them on the same subnet open you to unnecessary problems??? What are your thoughts?? Thanks, dj Kevin Wigle wrote: Right off the top I wanted to say "NO! - you can't do this..." but then I saw that we were talking about serials here so I did a test. Sure enough I was able to put two serial interfaces on the same router into the same subnet. Didn't think that was possible. However, as I suspected - as soon as I tried to put an Ethernet interface into any subnet in use by any other interface - I got the error that it "overlaps" with interface x. So now we know that Yes you can do it - but will it work. first - we'll assume that the 192.1.67.202/14 is a typo and it should be 192.1.67.202/24 second - let's get rid of the /24 on the transit links RouterA S0 - 192.1.67.1/30 RouterB S0 - 192.1.67.2/30 RouterA S1 - 192.1.67.5/30 RouterB S1 - 192.1.67.6/30 third - RIP won't like that so change it to version 2 router RIP version 2 (on both routers of course) or better yet - use EIGRP. But - you didn't give us any info about where you pinged from, the router? a client on the ethernet segment? - what ip address is/are the ethernet segments? and what was the destination of the ping??? How is RIP configured? The more I look at it, it seems like a strange network - is he maybe bridging and not routing? That the network is slow isn't too hard to figure. With two interfaces in the same subnet the router has to try and figure out - here's a packet - I can ship it to: 1. S0 2. S1 3. Nowhere - I don't have to!! we're all on the same network!! 4. All of the above 5. None of the above 6. 1 and 2 With only one serial up, the choices become easier. And are we talking about redundant, x amount of bandwidth required but a backup connection? Or two circuits load balancing, or a combination? Too many variables not presented, need more info - perhaps configs??? (and design objectives?) Kevin Wigle - Original Message - From: "Dimitrije" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, 25 March, 2001 13:13 Subject: redundant serial links in same subnet?? I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations
RE: looking for 2500 rack mount
I bought three sets from [EMAIL PROTECTED] for $15 per set including shipping. Original Cisco with screws. -Original Message- From: John Chang [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 5:35 PM To: [EMAIL PROTECTED] Subject: looking for 2500 rack mount Can anyone spare or sell me a rack mount kit for a 2500 series router? Don't want to spend $100 ea. I need 5. Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
Responding to your good questions: - Yes, the /14 was a typo. Should be /24. - Router A is running IOS 11.1 - Router B is running IOS 11.0 - I believe RIP version 1 is used. - No, he is routing and not bridging. (At least he is attempting to route) - All other interfaces on either router are on different networks - With both serial interfaces up/up, router A can ping router B's serial interface IP addresses only intermittently and visa-versa. With either serial interface shut down, all pings work in all directions. - I also think this network used to have only one serial link (I believe a T1), and the second T1 serial interface was added to increase performance with the intention of load balancing. I have no idea why both links were put on the same subnet. Maybe the original person didn't know what he was doing, or he did it this way to overcome another problem that I am not aware of. Everything else in both routers' configurations looks pretty innocent except for the following: ip irdp on Router B's serial 2 interface (This is a completely diifferent serial link from the redundant links we've been addressing. I think it has no bearing, but maybe it does. I don't know. If the intent of the redundant serial links is to provide equal-cost load-balancing, does putting them on the same subnet open you to unnecessary problems??? What are your thoughts?? Thanks, dj Kevin Wigle wrote: Right off the top I wanted to say "NO! - you can't do this..." but then I saw that we were talking about serials here so I did a test. Sure enough I was able to put two serial interfaces on the same router into the same subnet. Didn't think that was possible. However, as I suspected - as soon as I tried to put an Ethernet interface into any subnet in use by any other interface - I got the error that it "overlaps" with interface x. So now we know that Yes you can do it - but will it work. first - we'll assume that the 192.1.67.202/14 is a typo and it should be 192.1.67.202/24 second - let's get rid of the /24 on the transit links RouterA S0 - 192.1.67.1/30 RouterB S0 - 192.1.67.2/30 RouterA S1 - 192.1.67.5/30 RouterB S1 - 192.1.67.6/30 third - RIP won't like that so change it to version 2 router RIP version 2 (on both routers of course) or better yet - use EIGRP. But - you didn't give us any info about where you pinged from, the router? a client on the ethernet segment? - what ip address is/are the ethernet segments? and what was the destination of the ping??? How is RIP configured? The more I look at it, it seems like a strange network - is he maybe bridging and not routing? That the network is slow isn't too hard to figure. With two interfaces in the same subnet the router has to try and figure out - here's a packet - I can ship it to: 1. S0 2. S1 3. Nowhere - I don't have to!! we're all on the same network!! 4. All of the above 5. None of the above 6. 1 and 2 With only one serial up, the choices become easier. And are we talking about redundant, x amount of bandwidth required but a backup connection? Or two circuits load balancing, or a combination? Too many variables not presented, need more info - perhaps configs??? (and design objectives?) Kevin Wigle - Original Message - From: "Dimitrije" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, 25 March, 2001 13:13 Subject: redundant serial links in same subnet?? I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to
Routing on a stick with Ethernet, not FastEthernet???
Hi All - Is it possible to run "routing on a stick" on an regular ethernet interface, not fastethernet??? I loaded IOS version 12.1.7 onto the 2611 and I could create subinterface on its ethernet ports. I could also encapsulate these subinterfaces to 802.1q and assign IP addresses for them. It seems I am able to do the routing on a stick here. However, when I tried it on a 2500 router with the same IOS version, I could only create the subinterface, but the encapsulation. There's no encapsulation command on the subinterface mode this time. Does this new IOS version not support this feature on 2500 series? or it allows me to successfully create and encapsuate subinterface on 2611, but the routing will never work if I plug in a CAT3500 switch? I am just experiencing if this method is working with Ethernet interface, because they said version 12.0T supports 802.1q encapsulation on Ethernet media Thanks All in advance! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RIPv2 starts available on which IOS version???
Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Hi folks, I've been thinking about Cisco as an investment.
So by your statement you analyze/buy stocks on P/E? You must own not own a single tech stock then. World Com is 15 and Lucent and some others because they have already lost their butts. If you want to make money you have to accept risk. Of course you could be old, in which case capital preserversation it your main philosophy. "Robert Padjen" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All - Cisco is a great company. It has one of the best developed business models in the world. Their products afford a well-rounded feature set that is first rate. ARE YOU INSANE!!! ;) Let's see. CSCO is trading at a P/E of just over 45. Companies normally trade in the area of 30, and WorldCom, etc., are at 10-15. Thus, Cisco is overvalued by 50%, and historically would price at $12/share if they were a normal company. OK, they're not, so a slight premium would be warranted (where that is between $12-18/share is unknown, but we'd likely be near the top of the range). Further, Cisco is recording P/E (price/earnings) on last quarters numbers, which could be 30% BETTER than this quarters. A lowering of up to 30% could warrant a price range of $10-14/share to hold the same P/E ratio. Since the next two quarters appear down, and lowering is more likely, you would view this as a bargin why? ;) In addition, Cisco is the largest holding of most money market funds. As the price increases it would be likely that they will sell to diversify. Look, I like the company. I think very long term they will be an IBM or a Microsoft. But short term, with any stock, don't allow a lower price than yesterday to be a measure of a bargin. If I believed that any/all of us would save Cisco with our thousand share buys I'd likely be a bit more positive, but since the loss will hurt us MUCH more than the aggrigate company or economy, please save your capital and do the analysis before investing! Kidding about the insane thing BTW. Now, for a really good investment, the Bank of Rob is taking deposits, cash only please! --- ItsMe [EMAIL PROTECTED] wrote: Myself and a few others are buying. Same story as yourself couldn't afford it before. As for going to hell in a hand basket; if Cisco went down the tubes, there would be many other things you would be worried about then the money you would be investing with now. (i.e. radiation poising from the Nuclear War :-) just my opinion "Natasha" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi gang, this is a little off topic but... I've been watching the stock price of Cisco drop from where it was to where it is now, and have been agonizing over the fact that I can actually afford some. Reading the Analyst Consensus on various sites and Cnbc it seems like we're going to hell in a hand basket. The insight that I need is, Is it slowing down as bad as they tell us? What is the life span of the average router, warranty? How often are routers, switches, etc. replaced? Is Cisco a bad investment right now? You folks are out in the trenches so any help or insight that you can offer is a help. Thanks -- Natasha Flazynski http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Robert Padjen __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIPv2 starts available on which IOS version???
You neglected to say what verion of ios you had, I see it is supported in 11.2, and I know they supported it in versions available in 1998/1999. Brian On Sun, 25 Mar 2001, Thomas wrote: Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIPv2 starts available on which IOS version???
How can I find out if what version of RIP I am using and how to enable it? Thanks! "Brian" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED] ... You neglected to say what verion of ios you had, I see it is supported in 11.2, and I know they supported it in versions available in 1998/1999. Brian On Sun, 25 Mar 2001, Thomas wrote: Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIPv2 starts available on which IOS version???
sh ip int x Will show you what version you are using on an interface. Set up rip for version 2 only router rip version 2 or on an interface level ip rip send/recieve version 1 or 2 or 1 2 Chad A. Simmons, MCSE, CCNP, CCDP Network Consultant Network Services Group Court Square Data Group, Inc. 1391 Main St. Springfield, Ma. 01103 (413) 746-0054 (Phone) (413) 746-0058 (Fax) [EMAIL PROTECTED] http://www.csdg.com Information solutions that work in the real world. -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 10:15 PM To: [EMAIL PROTECTED] Subject: Re: RIPv2 starts available on which IOS version??? How can I find out if what version of RIP I am using and how to enable it? Thanks! "Brian" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED] ... You neglected to say what verion of ios you had, I see it is supported in 11.2, and I know they supported it in versions available in 1998/1999. Brian On Sun, 25 Mar 2001, Thomas wrote: Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing on a stick with Ethernet, not FastEthernet???
No the Catalysts, and routers only support "802.1q" on fastethernet ports. Chad A. Simmons, MCSE, CCNP, CCDP Network Consultant Network Services Group Court Square Data Group, Inc. 1391 Main St. Springfield, Ma. 01103 (413) 746-0054 (Phone) (413) 746-0058 (Fax) [EMAIL PROTECTED] http://www.csdg.com Information solutions that work in the real world. -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 9:30 PM To: [EMAIL PROTECTED] Subject: "Routing on a stick" with Ethernet, not FastEthernet??? Hi All - Is it possible to run "routing on a stick" on an regular ethernet interface, not fastethernet??? I loaded IOS version 12.1.7 onto the 2611 and I could create subinterface on its ethernet ports. I could also encapsulate these subinterfaces to 802.1q and assign IP addresses for them. It seems I am able to do the routing on a stick here. However, when I tried it on a 2500 router with the same IOS version, I could only create the subinterface, but the encapsulation. There's no encapsulation command on the subinterface mode this time. Does this new IOS version not support this feature on 2500 series? or it allows me to successfully create and encapsuate subinterface on 2611, but the routing will never work if I plug in a CAT3500 switch? I am just experiencing if this method is working with Ethernet interface, because they said version 12.0T supports 802.1q encapsulation on Ethernet media Thanks All in advance! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Implementing SSH on Cisco IOS
Doesn't Cisco realize that telnet is a security risk on Cisco devices especially for us who often has to telnet to the router remotely to fix/troubleshoot problems? Because username and password are traveling across the Internet in CLEAR TEXT, the risk is too great. I work for a company that would not allow us to telnet to the router from the Internet to our company routers and switches. I know that SSH (version 1) is available on IOS 12.1.x (only on 7000 and GSR platforms). Why don't they just implement SSH on all platforms? It is not that difficult to do this (in my opinion). Because of SSH lacking in Cisco IOS, I have to drive all the way to work to troubleshoot when there is problem. This is suck. You could implement all access-list all you like; however, the problem is that telnet will no encrypt information especially username and password across the Internet. SSH is widely implemented on almost all of Unix flavor and Juniper as well. How difficult is it to implement it on Cisco IOS? Anyone disagree? Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
Cisco allows up to 4 serial links in the same subnet. There are situations where you would want to do that, but I cannot for the life of me recall what they are... I did read about it once, and actually had to research it with the TAC. Search the TAC archives and you will find the message from them that indicates you cannot do the 5th link... Z From: "Michael Snyder" [EMAIL PROTECTED] Reply-To: "Michael Snyder" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: redundant serial links in same subnet?? Date: Sun, 25 Mar 2001 11:50:19 -0800 /24? Subnet them. I like /30 for p to p links. run rip version 2. "Dimitrije" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIPv2 starts available on which IOS version???
If your configuration just says "router rip" then it is version 1. If the next line says version 2 - bingo! To see if your version of IOS supports version 2 try the old "?". 2523(config)#router rip 2523(config-router)#? Router configuration commands: auto-summaryEnable automatic network number summarization . . version Set routing protocol version 2523(config-router)#version ? 1-2 version You can also use the following. This is version 1 2523#sh ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 26 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is Incoming update filter list for all interfaces is Redistributing: rip Default version control: send version 1, receive any version InterfaceSend Recv Key-chain TokenRing0 1 1 2 Routing for Networks: 192.168.2.0 192.168.3.0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 120) This is version 2 2523#sh ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 18 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is Incoming update filter list for all interfaces is Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSend Recv Key-chain TokenRing0 2 2 Routing for Networks: 192.168.2.0 192.168.3.0 Routing Information Sources: Gateway Distance Last Update -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 9:15 PM To: [EMAIL PROTECTED] Subject: Re: RIPv2 starts available on which IOS version??? How can I find out if what version of RIP I am using and how to enable it? Thanks! "Brian" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] .sdca.home.com ... You neglected to say what verion of ios you had, I see it is supported in 11.2, and I know they supported it in versions available in 1998/1999. Brian On Sun, 25 Mar 2001, Thomas wrote: Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIPv2 starts available on which IOS version???
Thanks Chad! Is RIPv2 compatiable with RIP? In order words, If I have one router running RIP and the other running RIPv2, can they still work together? My concern is convering RIP to RIPv2 so that I can turn off the "auto-summary" feature. ""Simmons, Chad"" [EMAIL PROTECTED] wrote in message E3160AD94522D311BA0A00508B2CAA0F6C76E5@ANAKIN">news:E3160AD94522D311BA0A00508B2CAA0F6C76E5@ANAKIN... sh ip int x Will show you what version you are using on an interface. Set up rip for version 2 only router rip version 2 or on an interface level ip rip send/recieve version 1 or 2 or 1 2 Chad A. Simmons, MCSE, CCNP, CCDP Network Consultant Network Services Group Court Square Data Group, Inc. 1391 Main St. Springfield, Ma. 01103 (413) 746-0054 (Phone) (413) 746-0058 (Fax) [EMAIL PROTECTED] http://www.csdg.com Information solutions that work in the real world. -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 10:15 PM To: [EMAIL PROTECTED] Subject: Re: RIPv2 starts available on which IOS version??? How can I find out if what version of RIP I am using and how to enable it? Thanks! "Brian" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED] ... You neglected to say what verion of ios you had, I see it is supported in 11.2, and I know they supported it in versions available in 1998/1999. Brian On Sun, 25 Mar 2001, Thomas wrote: Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load balancing switch
I can only speak for the Cisco 11000 series (formerly Arrowpoint) switches. They're really designed for more than load sharing, but they are seriously cool devices. It's better that you read about their capabilities first hand, though. Just go to CCO and read up on the 11050 and 11150, one of which is probably what you'd want to use. They're very easy to configure, at least at the basic level. When you start to do some of the more advanced stuff you'll probably end up needing some support, but I wouldn't say that is a negative. These switches have a lot of features and you can use them in a number of ways. As a front end for a server farm, they excel. I would swiftly kick in the head anyone trying to take mine away from me. :-) HTH, John Hi All, I have been asked to design an internal lan structure at an ISP which has load balancing for our server farm of 5 servers at the switching level. Can some one tell me how good cisco switch's are in this area compared to Foundry. Also, what protocols are used at the switch layer to create load balancing (if any ) Thanks in advance John Brandis Network Infrastructure Engineer GoWireless Communications Level 7, 155 George Street Sydney, NSW Australia 2000 02-9251-5000 0418-613-976 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load balancing switch
I can only speak for the Cisco 11000 series (formerly Arrowpoint) switches. They're really designed for more than load sharing, but they are seriously cool devices. It's better that you read about their capabilities first hand, though. Just go to CCO and read up on the 11050 and 11150, one of which is probably what you'd want to use. They're very easy to configure, at least at the basic level. When you start to do some of the more advanced stuff you'll probably end up needing some support, but I wouldn't say that is a negative. These switches have a lot of features and you can use them in a number of ways. As a front end for a server farm, they excel. I would swiftly kick in the head anyone trying to take mine away from me. :-) HTH, John Hi All, I have been asked to design an internal lan structure at an ISP which has load balancing for our server farm of 5 servers at the switching level. Can some one tell me how good cisco switch's are in this area compared to Foundry. Also, what protocols are used at the switch layer to create load balancing (if any ) Thanks in advance John Brandis Network Infrastructure Engineer GoWireless Communications Level 7, 155 George Street Sydney, NSW Australia 2000 02-9251-5000 0418-613-976 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIPv2 starts available on which IOS version???
That works! Thanks Daniel! "Daniel Cotts" [EMAIL PROTECTED] wrote in message 303479FA060CD211B893F805A88AA110EB@EXCHANGE1">news:303479FA060CD211B893F805A88AA110EB@EXCHANGE1... If your configuration just says "router rip" then it is version 1. If the next line says version 2 - bingo! To see if your version of IOS supports version 2 try the old "?". 2523(config)#router rip 2523(config-router)#? Router configuration commands: auto-summaryEnable automatic network number summarization . . version Set routing protocol version 2523(config-router)#version ? 1-2 version You can also use the following. This is version 1 2523#sh ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 26 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is Incoming update filter list for all interfaces is Redistributing: rip Default version control: send version 1, receive any version InterfaceSend Recv Key-chain TokenRing0 1 1 2 Routing for Networks: 192.168.2.0 192.168.3.0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 120) This is version 2 2523#sh ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 18 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is Incoming update filter list for all interfaces is Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSend Recv Key-chain TokenRing0 2 2 Routing for Networks: 192.168.2.0 192.168.3.0 Routing Information Sources: Gateway Distance Last Update -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 9:15 PM To: [EMAIL PROTECTED] Subject: Re: RIPv2 starts available on which IOS version??? How can I find out if what version of RIP I am using and how to enable it? Thanks! "Brian" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] .sdca.home.com ... You neglected to say what verion of ios you had, I see it is supported in 11.2, and I know they supported it in versions available in 1998/1999. Brian On Sun, 25 Mar 2001, Thomas wrote: Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Implementing SSH on Cisco IOS
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121 t/121t1/sshv1.htm Supported Platforms Cisco 1700 series Cisco 2600 series Cisco 3600 series Cisco 7200 series Cisco 7500 series Cisco ubr920 series But it does require a DES or 3Des software image. You may want to check CCO before posting erronious info. Best Regards, Chad A. Simmons, MCSE, CCNP, CCDP Network Consultant Network Services Group Court Square Data Group, Inc. 1391 Main St. Springfield, Ma. 01103 (413) 746-0054 (Phone) (413) 746-0058 (Fax) [EMAIL PROTECTED] http://www.csdg.com Information solutions that work in the real world. -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 10:50 PM To: [EMAIL PROTECTED] Subject: Implementing SSH on Cisco IOS Doesn't Cisco realize that telnet is a security risk on Cisco devices especially for us who often has to telnet to the router remotely to fix/troubleshoot problems? Because username and password are traveling across the Internet in CLEAR TEXT, the risk is too great. I work for a company that would not allow us to telnet to the router from the Internet to our company routers and switches. I know that SSH (version 1) is available on IOS 12.1.x (only on 7000 and GSR platforms). Why don't they just implement SSH on all platforms? It is not that difficult to do this (in my opinion). Because of SSH lacking in Cisco IOS, I have to drive all the way to work to troubleshoot when there is problem. This is suck. You could implement all access-list all you like; however, the problem is that telnet will no encrypt information especially username and password across the Internet. SSH is widely implemented on almost all of Unix flavor and Juniper as well. How difficult is it to implement it on Cisco IOS? Anyone disagree? Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIPv2 starts available on which IOS version???
Don't use the version 2 command in router config mode. Instead use ip rip send version 2 on interfaces you wish to upgrade to version 2. Chad -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 10:59 PM To: [EMAIL PROTECTED] Subject: Re: RIPv2 starts available on which IOS version??? Thanks Chad! Is RIPv2 compatiable with RIP? In order words, If I have one router running RIP and the other running RIPv2, can they still work together? My concern is convering RIP to RIPv2 so that I can turn off the "auto-summary" feature. ""Simmons, Chad"" [EMAIL PROTECTED] wrote in message E3160AD94522D311BA0A00508B2CAA0F6C76E5@ANAKIN">news:E3160AD94522D311BA0A00508B2CAA0F6C76E5@ANAKIN... sh ip int x Will show you what version you are using on an interface. Set up rip for version 2 only router rip version 2 or on an interface level ip rip send/recieve version 1 or 2 or 1 2 Chad A. Simmons, MCSE, CCNP, CCDP Network Consultant Network Services Group Court Square Data Group, Inc. 1391 Main St. Springfield, Ma. 01103 (413) 746-0054 (Phone) (413) 746-0058 (Fax) [EMAIL PROTECTED] http://www.csdg.com Information solutions that work in the real world. -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 10:15 PM To: [EMAIL PROTECTED] Subject: Re: RIPv2 starts available on which IOS version??? How can I find out if what version of RIP I am using and how to enable it? Thanks! "Brian" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED] ... You neglected to say what verion of ios you had, I see it is supported in 11.2, and I know they supported it in versions available in 1998/1999. Brian On Sun, 25 Mar 2001, Thomas wrote: Hi All, I am thinking about running RIPv2 on my 2500. I am not sure which IOS version starts supporting RIPv2. My 2500 only has 8MB of flash, and I don't want to spend another couple hundreds for flash upgrade... Thanks All! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Implementing SSH on Cisco IOS
- Original Message - From: "Sean Young" [EMAIL PROTECTED] Doesn't Cisco realize that telnet is a security risk on Cisco devices especially for us who often has to telnet to the router remotely to fix/troubleshoot problems? Because username and password are traveling across the Internet in CLEAR TEXT, the risk is too great. I work for a company that would not allow us to telnet to the router from the Internet to our company routers and switches. I know that SSH (version 1) is available on IOS 12.1.x (only on 7000 and GSR platforms). Why don't they just implement SSH on all platforms? It is not that difficult to do this (in my opinion). Because of SSH lacking in Cisco IOS, I have to drive all the way to work to troubleshoot when there is problem. This is suck. You could implement all access-list all you like; however, the problem is that telnet will no encrypt information especially username and password across the Internet. SSH is widely implemented on almost all of Unix flavor and Juniper as well. How difficult is it to implement it on Cisco IOS? Anyone disagree? Sean Yes, Cisco does realize this. This is why SSH is coming out on more and more devices. What I always do is setup SSH on a box internal to the network, and then telnet from their to the routers and switches. And then you can use Access-lists. David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID BETA
I think that Novell has the best grasp on things out of all the certification programs (too bad they have never invested the same level of foresight into their marketing department). They first do an alpha test for a new course. When the results come in they can weed out obviously confusing and ambiguous questions without having to deal with a curve. One time I had one with at least 8 stupid typos, and more than a few really screwed up questions, none of which made it to the beta. No one gets any certification credit for the alpha since it's never graded, but it gives us a heads up on what the exam objectives are like. Sometime between two and six weeks, depending on how well the alpha was put together, they publish the beta. There they follow pretty much the same procedures everyone else does to curve an exam. I've always found their beta exams to be of a higher quality because of the extra step. Another thing they do differently is they will revise each product exam with a new test version and go through the beta process again. I hope Cisco will be revising their exams every couple of years, since that's how often they want us to recertify. The other option is horrible. I don't think it's right how everyone's favorite monopoly does it, by shoving in a couple of raw, often times, ambiguous, badly written questions in the middle of someone's paid, live exam. I understand they have to reseed the testing pool, but isn't there a better way? I might be wrong on my critiques, maybe other companies have in-house alpha and beta exams in a small scale, privately, or in their corporate campus, but I've never heard of it, have any of you? Just recently, someone on a Novell educational forum on cnenet inquired on the results of a beta that was overdue, and the moderator got an answer for us from the testing people themselves. I posted a large thank you message for how serious they handle their education department, and someone from their testing group personally replied on the board and assured us the results would be posted soon. (The Netware 5.1 advanced admin exam revision had to go into beta twice because the first time one of the simulations crashed and prevented many of us from finishing the exam) I realized Cisco needed help in their training department when they changed their beta exam policy on the 5th week of waiting for the Foundations exam from 6-8 weeks to 8-12 weeks. It took them a little over 12 weeks to publish beta results for an exam that's supposed to be made up of questions from the live exams. For the CCNA 2.0 CCNP 2.0 exams, the beta test takers had to wait at least 2 weeks from the time their respective exam went live. I've convinced myself that Cisco takes this time to validate the pass rate they've established. The test results couldn't have just been sitting on someone's hard drive waiting to be sent to Prometric for that time. At best, hopefully their training department will read our suggestions and critiques, or someone who has always wanted to know how the beta exam process works will come across this thread and learn something. F.G.J. Ruiz-Alaniz MCSE, CNEx3, CCNP And if I might add a reply to Priscilla's latter comment that we don't want them to give us a flawed test. You're absolutely right. With all the comments we gave them that the exam was not well-written (to put it mildly) they're kind of stuck since they can't just throw the test out, since they took our money and HAVE to give us something. Here's a new suggestion, which I don't know if they'll even read: They could do a beta retake with a refined, exam. It will never happen, I know Does anyone know the size of their test sample? I think Microsoft's is 500 and Novell's is 300. On 25 Mar 2001 15:47:27 -0500, in groupstudy.cisco [EMAIL PROTECTED] (Priscilla Oppenheimer) wrote: Maybe they laid off the people working on it. Just kidding. Seriously, the Cisco training department has always worked at about 1/100,000,000 the speed of Internet time. Analyzing the results of a beta test is time-consuming, though, and sometimes there are arguments on the meaning of the results. The test writers must go through and weed out questions that everyone got right, even the obvious newbies. (Newbies and experts are defined by the test results, so it's an iterative process.) They must eliminate questions that nobody got right. They must eliminate questions that the newbies got right but the experts got wrong. Then they have to rescore the beta results. If they eliminated too many questions, they have to add new ones. This must be done with care since the new questions won't go through the same beta test. Then, they must make sure the course matches the test. Still, I agree that it's egregious that it has taken 14 weeks. Priscilla At 02:22 PM 3/25/01, F.G.J. Ruiz-Alaniz wrote: Anyone know who we can call at Cisco? Speaking to Prometric is a waste of time because they blame Cisco (this from past
RE: Missing dynamic dialer maps using dialer profiles
IOS versions 12.0(3) through 12.0(9) are known to have issues with ISDN... now i am not saying this maybe the problem but something to keep in mind but hard for us to hepl you without the configs :). Regards, Jason Baker -Original Message- From: Kurt Sherman [mailto:[EMAIL PROTECTED]] Sent: Monday, March 26, 2001 8:15 AM To: [EMAIL PROTECTED] Subject: Missing dynamic dialer maps using dialer profiles Greetings, I'm using dialer profiles for DDR configuration. I can successfully setup the ISDN call and interfaces are up/up on both ends. However, I'm getting an "encapsulation failed" message when trying to ping the remote interface IP address. This is obviously the failure of the router to get a MAC address for the dialer interface. Using dialer profiles, I do not need dialer map statements. However, when I issue "sh dialer map", there are no entries indicating that dynamic map statements are not being generated. Any ideas? The caller is a 1604 running 11.2(8)P and the called is a 3640 running 12.0(8). Kurt _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Catalyst Switch
Hi Gang In the process of building the network here. I am not a switching person. I would like to know if the Catalyst 5000 has modules that support ISDN bri or Serial Modules ?, this way I dont have to go and also purchase another router I can just simply add modules for ISDN and frame Also, do they come standard with A RSM module Thanks once again John Brandis Network Infrastructure Engineer GoWireless Communications Level 7, 155 George Street Sydney, NSW Australia 2000 02-9251-5000 0418-613-976 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cisco mailing list in Japan
Started March 23, 2001. This user group is for Cisco professionals or learners living and working in Japan. There is a Cisco sponsored mailing list that announces Tokyo meetings, but posting to it is restricted to Cisco employees, so I created this group. All official Cisco sponsored user groups meetings in Tokyo will be posted here as well. Contact [EMAIL PROTECTED] to be put on that list. To join, see http://groups.yahoo.com/group/cisco-tokyo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst Switch
RSM is an option, and expensive - a router could be cheaper. Cat5000 don't do serial or ISDN. Check out modules here: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/hardware/modules /01overvw.htm#xtocid161762 Looks like a router is in your future. Kevin Wigle - Original Message - From: "John Brandis" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, 26 March, 2001 01:00 Subject: Catalyst Switch Hi Gang In the process of building the network here. I am not a switching person. I would like to know if the Catalyst 5000 has modules that support ISDN bri or Serial Modules ?, this way I dont have to go and also purchase another router I can just simply add modules for ISDN and frame Also, do they come standard with A RSM module Thanks once again John Brandis Network Infrastructure Engineer GoWireless Communications Level 7, 155 George Street Sydney, NSW Australia 2000 02-9251-5000 0418-613-976 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
Weird. I wasn't aware of that... just tried it and it doesn't complain about overlapping subnet. I need to research this. If anyone finds a Cisco.com page explaining this let me know. I suspect I may have hard time finding a doc page on it. --- Mask Of Zorro [EMAIL PROTECTED] wrote: Cisco allows up to 4 serial links in the same subnet. There are situations where you would want to do that, but I cannot for the life of me recall what they are... I did read about it once, and actually had to research it with the TAC. Search the TAC archives and you will find the message from them that indicates you cannot do the 5th link... Z From: "Michael Snyder" [EMAIL PROTECTED] Reply-To: "Michael Snyder" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: redundant serial links in same subnet?? Date: Sun, 25 Mar 2001 11:50:19 -0800 /24? Subnet them. I like /30 for p to p links. run rip version 2. "Dimitrije" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = - Erick B | [EMAIL PROTECTED] http://erickbe.home.dhs.org - __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
I found some docs mentioning this and it does make sense for dial backup and related scenarios. I can't think of anything else offhand that it would be useful for. Perhaps thats why load balancing over it wasn't working well... with both interfaces up at same time on same router. I'll have to do some testing with this. --- Mask Of Zorro [EMAIL PROTECTED] wrote: Cisco allows up to 4 serial links in the same subnet. There are situations where you would want to do that, but I cannot for the life of me recall what they are... I did read about it once, and actually had to research it with the TAC. Search the TAC archives and you will find the message from them that indicates you cannot do the 5th link... Z From: "Michael Snyder" [EMAIL PROTECTED] Reply-To: "Michael Snyder" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: redundant serial links in same subnet?? Date: Sun, 25 Mar 2001 11:50:19 -0800 /24? Subnet them. I like /30 for p to p links. run rip version 2. "Dimitrije" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Implementing SSH on Cisco IOS
Related Q: Anyone know if Cisco has plans to support SSH2 anytime soon? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Simmons, Chad Sent: Sunday, March 25, 2001 11:00 PM To: 'Sean Young'; [EMAIL PROTECTED] Subject: RE: Implementing SSH on Cisco IOS http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121 t/121t1/sshv1.htm Supported Platforms Cisco 1700 series Cisco 2600 series Cisco 3600 series Cisco 7200 series Cisco 7500 series Cisco ubr920 series But it does require a DES or 3Des software image. You may want to check CCO before posting erronious info. Best Regards, Chad A. Simmons, MCSE, CCNP, CCDP Network Consultant Network Services Group Court Square Data Group, Inc. 1391 Main St. Springfield, Ma. 01103 (413) 746-0054 (Phone) (413) 746-0058 (Fax) [EMAIL PROTECTED] http://www.csdg.com Information solutions that work in the real world. -Original Message- From: Sean Young [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 25, 2001 10:50 PM To: [EMAIL PROTECTED] Subject: Implementing SSH on Cisco IOS Doesn't Cisco realize that telnet is a security risk on Cisco devices especially for us who often has to telnet to the router remotely to fix/troubleshoot problems? Because username and password are traveling across the Internet in CLEAR TEXT, the risk is too great. I work for a company that would not allow us to telnet to the router from the Internet to our company routers and switches. I know that SSH (version 1) is available on IOS 12.1.x (only on 7000 and GSR platforms). Why don't they just implement SSH on all platforms? It is not that difficult to do this (in my opinion). Because of SSH lacking in Cisco IOS, I have to drive all the way to work to troubleshoot when there is problem. This is suck. You could implement all access-list all you like; however, the problem is that telnet will no encrypt information especially username and password across the Internet. SSH is widely implemented on almost all of Unix flavor and Juniper as well. How difficult is it to implement it on Cisco IOS? Anyone disagree? Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst Switch
- Original Message - From: "Kevin Wigle" [EMAIL PROTECTED] RSM is an option, and expensive - a router could be cheaper. Cat5000 don't do serial or ISDN. Check out modules here: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/hardware/modules /01overvw.htm#xtocid161762 Sure they do, add a VIP to the RSM. Just like the Flexwan on a Cat6000. Have a look at: http://www.cisco.com/univercd/cc/td/doc/pcat/ca5000.htm WS-X5303-15 and WS-X5303-40 David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: redundant serial links in same subnet??
If you were doing IP unnumbered and wanted failover, perhaps that would be one. Just a guess though, I would never try the serial links with overlapping addresses like the ones that started this thread. Bri - Original Message - From: "Erick B." [EMAIL PROTECTED] To: "Mask Of Zorro" [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 10:43 PM Subject: Re: redundant serial links in same subnet?? I found some docs mentioning this and it does make sense for dial backup and related scenarios. I can't think of anything else offhand that it would be useful for. Perhaps thats why load balancing over it wasn't working well... with both interfaces up at same time on same router. I'll have to do some testing with this. --- Mask Of Zorro [EMAIL PROTECTED] wrote: Cisco allows up to 4 serial links in the same subnet. There are situations where you would want to do that, but I cannot for the life of me recall what they are... I did read about it once, and actually had to research it with the TAC. Search the TAC archives and you will find the message from them that indicates you cannot do the 5th link... Z From: "Michael Snyder" [EMAIL PROTECTED] Reply-To: "Michael Snyder" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: redundant serial links in same subnet?? Date: Sun, 25 Mar 2001 11:50:19 -0800 /24? Subnet them. I like /30 for p to p links. run rip version 2. "Dimitrije" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I colleague of mine has a network connecting two routers with redundant serial links. These serial links happen to reside in the same subnet as follows: Router A Router B S0 - 192.1.67.1/24 - 192.1.67.201/24 - S0 S1 - 192.1.67.2/24 - 192.1.67.202/14 - S1 Both Routers are running RIP. When both links are up, network is very sluggish and ping works intermittently (anywhere from 40%-70% of the time) between Routers A B. When either link is shut down (only one link is up at a time), pings work 100% of the time. I'm suspecting that having both serial links in the same subnet is creating problems. First of all, can you even do this? Secondly, if you can put both serial 0 1 in the same subnet, is this creating a layer-2 bridge-loop environment? I think that putting each serial link in a separate sub-net should solve the problem, but I don't have access to any equipment to test this. Am I correct or off-base?? Any definitive feedback would be great. Any links to spell out the issues with this scenario would also be helpful. thanks, dj __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Book, High Availability Networking with Cisco
If you frequent the comp.dcom.sys.cisco newsgroup you will be very familiar with Dr Jones. He regularly takes time to post solutions to various topics that interest him. I have always found his comments very pertinent and usually insightful. I am glad to see he has taken the time to share some of his wealth of knowledge with others in the form of a book. I anticipate it will be a good read. - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, March 25, 2001 6:42 AM Subject: Cisco Book, High Availability Networking with Cisco I just bought the High Availability Networking with Cisco router and I must say it's OUTSTANDING. The author goes into many great topic's, that other books don't. I would encourage everyone to at least look at it. You can get online or your local book store Autor Vincent C. Jones ISBN # 0201704552 Brian _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Running from ROM?
On Sun, Mar 25, 2001 at 08:11:19PM -0500, Russ Kreigh wrote: The line "System returned to ROM by power-on" bothers me, do I have a problem with my router? I think it appears to be running from ROM, is this true? [snip] System returned to ROM by power-on [snip] The "returned to ROM by power-on" line is normal, it indicates the router was rstarted alst when it was physically turned on, as opposed to a crash or manual reload. The router has booted out of flash, not ROM, this is the important line: System image file is "flash:/c2500-i-l.121-2.bin" If the router was running from ROM, the prompt would be rommon (ROM Monitor mode) and standard IOS commands wouldn't work. -- Ryan O'Connell - [EMAIL PROTECTED] - http://www.complicity.co.uk I'm not losing my mind, no I'm not changing my lines, I'm just learning new things with the passage of time _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
No Subject
Is Autoroute in IGX/BPX put on RFC ? _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]