RE: frame relay Down [7:8648]
It looks like you are also having issues at your end and your router might be part of the problem since you don't even have your serial interface up. reboot the router. also check on your csu and find out if the send and receive lights are green .also make sure there is no bipolar violation with the wan. if the receive light is not on, it's likely that you are not receving no lmi from the frame relay switch. you also made mention of the fact that telco cannot loop their smart jack and I think they certainly have to dispatch on site and check on the smart jack. if they end up running the circuit clean to the smart jack and your circuit is still not up, the problem might lie between the csu and your router. first make sure your serial interface is up then check on the cable between the csu and the router. sometimes power cycling the csu also resolves some of these issues. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8681&t=8648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: Re: PPP Negotiation question --- HELP!!! PLEASE! [7:8671]
thanks. There is a bug in 12.2.1 IOS that wouldn't let me connect via PAP, CHAP or MS-CHAP. Now that I'm using 12.1.5T7, It's working better although if I use Ms-chap, it lets me in but wouldn't let me ping anything unless I disable PPP ENCRYPT MPPE which is not desireable at all. I'm going to have to use plain CHAP for this. ""michael liu"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > First check your router IOS version, only Enterprise version support > ms-chap?What kind of radius server you use? I use Microsoft radius server > with support ms-chap.enable debug aaa authen will give you enough info. > about radius authentication info. Good Luck, ~ml > > > > Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8671&t=8671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 60 or 90 minutes for BSCN? [7:8607]
60 Kim Fisk wrote: > 60 or 90 minute test duration for BSCN? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8680&t=8607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Changing the Flash mode [7:8657]
I think the easiest way of changing to R/W and understanding it is to have the router boot from a TFTP server. When it is booting from a TFTP server, whatever is in flash is of no concern, so therefore it is read/write and you can delete it or whatever you want. However, if you are booting from an IOS you have in flash, then the flash is going to only be Read only as the 2500 series runs the IOS from flash and therefore you can't delete something you are currently using. Clear? as mud? ;) ""friend"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello, > Does any one know how to change the Flash from Read-only mode to R/W mode ? > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8679&t=8657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Quiz:"auto proxy IP" [7:8308]
On Thu, 14 Jun 2001, [EMAIL PROTECTED] wrote: > On Thu, 14 Jun 2001, Susan Stone wrote: > > > >proxy.your.domain.goes.there. IN A 10.0.0.6 > > > IN A 10.0.0.7 > > > > > >Then you can just configure proxy.your.domain.goes.there. as the HTTP > > >proxy in your users' browsers and forget that there are 2 addresses > > >behind that name. > > > can this be done is Microsoft DNS?? > > Certianly! > > Do note that you will only get a round-robin solution here, vs a failover > solution. > > That is to say that, generally, both servers willl get used all of the > time. And if one server goes down, you'll find that you'll still get the > server-unreachable's that you dont want. Not sure what you're saying there. Does M$ DNS return single addresses in answer to an A query instead of swapping them, eg alternating between 10.0.0.6 and 10.0.0.7 instead of (10.0.0.6, 10.0.0.7) and (10.0.0.7, 10.0.0.6)? Or are you saying that most clients, when presented with more than 1 address in answer, would ignore all but the 1st? -- "Someone approached me and asked me to teach a javascript course. I was about to decline, saying that my complete ignorance of the subject made me unsuitable, then I thought again, that maybe it doesn't, as driving people away from it is a desirable outcome." --Me Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8678&t=8308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed Switching 2.0 Exam [7:8647]
My heavens, what a horrible test. It felt like there was virtually nothing on MLS and multicast, but they were very interested in my choices for switches in different scenarios, what hardware could do what and what lights blinked when as a router powered up or was connected to a switch. And trunking - lots and lots of trunking. What do you need on this end vs. that end of a trunk, what if this is wrong, encapsulations... egad. Some of the worst wording on a test I've ever seen. Five questions into it I was taking notes so I would be better prepared when I came to take it again. Luckily I won't have to. Stuy materials: - Cisco LAN Switching (Cisco Press) - Exam Prep: Switching (Coriolis) - CCNP: Switching (Osborne) - Boson practice exams (www.boson.com) Good luck! Doug [EMAIL PROTECTED] = Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8647&t=8647 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Brand new Cisco 776M router [7:8677]
Hi all, I have a brand new Cisco 776M router, shrink-wrapped-all good,inside it's original box. If anyone is interested in this baby, I am asking a price of $199.99 - before I put it on Ebay, orcourse :-) Please contact me at the earliest. Thanks!! RG _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8677&t=8677 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IBGP Lab - Can't get from IBGP to External BGP site [7:8639]
Hi Group, Trying to do some IBGP from Doyle II and from Hutnik's All-in-1-Lab 2nd edition. I know I'm doing something wrong - just can't figure out the issue. I'll use Hutnik's stuff - from lab #48 - page 533: AS 100| AS 200 | RtrA-S0---S0-RtrB-E0-E0-RtrC S0 192.1.1.1/24 | S0 192.1.1.2/24 E0 193.1.1.2/24 L0 1.1.1.1/24 | E0 193.1.1.1/24 | L0 2.2.2.2/24 AS 100| AS 200 AS 200 Basically, RouterA is in AS 100 connected via S0 to RouterB (AS 200) on RouterB's S0 and using BGP. RouterB and RouterC are connected Ethernet and using IBGP for AS 200. I'm trying to get Router C to be able to hit RouterA's ints. I'm doing the basics of no sync on Router C and B and also having Router B announcing itself as next-hop-self. I've also cleared ip bgp * on router B and C. Still no-go. I can hit RtrA from RtrB S0 interface but not from RtrB's E0 interface using an extended ping. So what is wrong with Router B? What am I missing? Router A's config: ! hostname RouterA ! interface Loopback0 ip address 1.1.1.1 255.255.255.0 ! interface Serial0 ip address 192.1.1.1 255.255.255.0 clockrate 400 ! router bgp 100 network 1.0.0.0 neighbor 192.1.1.2 remote-as 200 ! === Router B's config: ! hostname RouterB ! interface Loopback0 ip address 2.2.2.2 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 193.1.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial0/0 ip address 192.1.1.2 255.255.255.0 no ip directed-broadcast ! router bgp 200 no synchronization neighbor 192.1.1.1 remote-as 100 neighbor 193.1.1.2 remote-as 200 neighbor 193.1.1.2 next-hop-self ! RouterB#sh ip bgp BGP table version is 2, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *> 1.0.0.0 192.1.1.10 0 100 i RouterB#sh ip rout B1.0.0.0/8 [20/0] via 192.1.1.1, 00:34:47 2.0.0.0/24 is subnetted, 1 subnets C 2.2.2.0 is directly connected, Loopback0 C193.1.1.0/24 is directly connected, Ethernet0/0 C192.1.1.0/24 is directly connected, Serial0/0 == Router C's config: ! hostname RouterC ! interface Loopback0 ip address 3.3.3.3 255.255.255.0 no ip directed-broadcast ! interface Ethernet0 ip address 193.1.1.2 255.255.255.0 no ip directed-broadcast ! router bgp 200 no synchronization neighbor 193.1.1.1 remote-as 200 RouterC#sh ip bgp BGP table version is 2, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *>i1.0.0.0 193.1.1.10100 0 100 i RouterC#sh ip rout B1.0.0.0/8 [200/0] via 193.1.1.1, 00:30:21 3.0.0.0/24 is subnetted, 1 subnets C 3.3.3.0 is directly connected, Loopback0 C193.1.1.0/24 is directly connected, Ethernet0 Like I wrote at the top, this is just for my lab setup. Thanks in advance!! Sean CCNP, CCDP, MCSE Email: [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8639&t=8639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: LLC2 [7:8315]
"Burnham, Chris" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Michael I am a bit confused.If you have SNA still on the network (which most > big Corporates do) would you not be using Token Ring? > Can you run SNA over Ethernet using LLC2? why only LLC2 & not LLC1 or EV2 ?? It seems Priscilla got to the answers before I did =). But I echo her statements. Personally, most places I have worked run SNA over Token Ring. > Below you stated that LLC2 is diminishing because of the reliability of > higher protocols such as TCP, however as I understand SNA does not use TCP > and therefor you will always need LLC2 if you are running SNA.?? Can > you please clarify or point me in the direction of a good book. As far as this point goes, many people are choosing to implement STUN/BSTUN or DSLw in order to transport SNA over the much more common IP WAN. The place I work uses these technologies strictly. We have our mainframes that connect to mainframes of 20 other businesses and for each of those we have routers on the clients' sites that are there strictly to act as a DLSw tunnel endpoint (peer). > As I understand Netbios & SNA can be encapsulated in TCP ,& therefor use its > connection orientated services & run over ev2 or 802.3SNAP. If you were > implementing SNA & NETBIOS straight onto the wire would you then have to use > LLC2 ( DO THESE PROTOCOLS HAVE TO RUN ON A CONNECTION ORIETATED TRANSPORT) Can't answer that one I would think that if they wanted reliability, they would need to use LLC2... > rgds. Chris.B > > > > Chris Burnham, > Systems Engineer, > Delphis Consulting Plc. > Tel: +(44) 020 7916 0200 > Mob: +(44) 07799403576 > [EMAIL PROTECTED] > > > This e-mail and any files transmitted with it are intended solely for the > addressee and are confidential. They may also be legally privileged. > Copyright in them is reserved by Delphis Consulting PLC ["Delphis"] and they > must not be disclosed to, or used by, anyone other than the addressee. If > you have received this e-mail and any accompanying files in error, you may > not copy, publish or use them in any way and you should delete them from > your system and notify us immediately.E-mails are not secure. Delphis does > not accept responsibility for changes to e-mails that occur after they have > been sent. Any opinions expressed in this e-mail may be personal to the > author and may not necessarily reflect the opinions of Delphis. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8636&t=8315 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP and TCP/IP layering [7:8335]
On Fri, 15 Jun 2001, Howard C. Berkowitz wrote: > I will never forget the day when, while shaving, I suddenly realized I > completely understood the abstract definition of the Presentation > Service, and almost cut my throat. I would consider cutting my throat too, if that should ever happen to me. -- "Someone approached me and asked me to teach a javascript course. I was about to decline, saying that my complete ignorance of the subject made me unsuitable, then I thought again, that maybe it doesn't, as driving people away from it is a desirable outcome." --Me Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8676&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: connectivity problem [7:8664]
Unfortunately, there is no hosts.deny / hosts.allow file. Tcpwarpper is not enable on that machine. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, June 15, 2001 12:41 PM To: Andy Low Cc: [EMAIL PROTECTED] Subject: Re: connectivity problem [7:8664] > >From the message below, I still can't figure out which refuse which machine > and why? > Jun 14 16:06:34 titan [EMAIL PROTECTED][16621]: warning: can't > verify hostname: getaddrinfo(68-202.xxx.com) failed: no address > associated with hostname That's not a connectivity problem. Look at /etc/hosts.deny and look for ALL: PARANOID or something like that, delete that line and it will work. > Jun 14 16:06:34 titan [EMAIL PROTECTED][16621]: refused connect > from 213.213.213.213 > > 16:06:34.465784 68-202.xxx.com.4688 > 123.123.123.123.telnet: S > 21249554:21249554(0) win 8192 (DF) > > 16:06:34.472310 68-202.xxx.com.4688 > 123.123.123.123.telnet: . ack > 2903684027 win 8616 (DF) > > 16:06:39.520449 68-202.xxx.com.4688 > 123.123.123.123.telnet: . ack > 2 win 8616 (DF) > > 16:06:44.349187 68-202.xxx.com.4688 > 123.123.123.123.telnet: F > 0:0(0) ack 2 win 8616 (DF) > > Thanks, > > Andy -- HoraPe --- Horacio J. Peqa [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8675&t=8664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: connectivity problem [7:8664]
> >From the message below, I still can't figure out which refuse which machine > and why? > Jun 14 16:06:34 titan [EMAIL PROTECTED][16621]: warning: can't > verify hostname: getaddrinfo(68-202.xxx.com) failed: no address > associated with hostname That's not a connectivity problem. Look at /etc/hosts.deny and look for ALL: PARANOID or something like that, delete that line and it will work. > Jun 14 16:06:34 titan [EMAIL PROTECTED][16621]: refused connect > from 213.213.213.213 > > 16:06:34.465784 68-202.xxx.com.4688 > 123.123.123.123.telnet: S > 21249554:21249554(0) win 8192 (DF) > > 16:06:34.472310 68-202.xxx.com.4688 > 123.123.123.123.telnet: . ack > 2903684027 win 8616 (DF) > > 16:06:39.520449 68-202.xxx.com.4688 > 123.123.123.123.telnet: . ack > 2 win 8616 (DF) > > 16:06:44.349187 68-202.xxx.com.4688 > 123.123.123.123.telnet: F > 0:0(0) ack 2 win 8616 (DF) > > Thanks, > > Andy -- HoraPe --- Horacio J. Peqa [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8674&t=8664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Web caching....Big question!!!!!! [7:8540]
Are you having a problem with your cache/content engine and web traffic?? I'm not a expert but do have experience with the cache and content engines from a troubleshooting standpoint and are aware of some of the issues/limitations with various code versions. Depending on the problem, it may be a web server issue and not a Cache/Content Engine issue. What version of code are you running if you're having a problem? There are other products out there (CacheFlow, Squid, etc) but I don't have experience with them. I don't know which other box I would use but there are companies out there who specialize in this area, so I would probably look at one of those if I were shopping. --- John Kale wrote: > if u had a 250 user network that runs ip and ipx, > contains 4 switches > (catalyst 4006) running vlans and 2 3640 running a > Gre tunnel and > ipsecwhat solution beside the cisco caching > engine would u use for web > caching? __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8673&t=8540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP and TCP/IP layering [7:8335]
The topic that will never die... :-) Priscilla's frame oriented definition certainly is operationally useful, but doesn't quite fit within the formal OSI architecture. Mike's point is true with respect to formal protocol, but not to service definition in very formal OSIism. (Incidentally, I do consider myself a recovering OSIholic. I will never forget the day when, while shaving, I suddenly realized I completely understood the abstract definition of the Presentation Service, and almost cut my throat). From a formal OSI standpoint, we can speak of a protocol data unit with a header at layer (N) as an (N)-PDU. The payload of such a packet is normally a service data unit of layer (M), or (M)-SDU. For most user plane communications, the payload in an (N)-PDU is at layer (N+1), such as TCP in IP. The OSI management architecture annex to the basic reference model distinguishes between layer management (e.g., keepalives internal to a layer) and system management (e.g., SNMP or CMIP from the application layer). A routing protocol packet, therefore, is layer management, with a (N)-PDU header and a (N)-SDU payload. I realize this gets ugly with routing protocols such as RIP and BGP that use a transport header, but, hey, nobody's prefect. So ARP has a (2)-PDU header and a payload that contains (2)- and (3)-information. Since the only motivation to have a PDU is to exchange payload information, I would argue, if I had to put ARP into a specific layer -- which I think is coercion -- I would call it a layer management protocol for layer 3. Again, we are getting into a situation where there is a desire to coerce things into a simplified version of the OSI model. Real OSI documents are very careful about the protocol versus service definition, and indeed you will find separate documents, say, for the transport service and the (several) transport services. Doing things this way completely sidesteps the "what layer is this" problem. >At 06:52 PM 6/14/01, Michael L. Williams wrote: >>Isn't arp a layer 2 protocol? I realize the goal of ARP is to find a MAC >>for a given layer 3 address, but the broadcast is done on layer 2, and the >>remote station responds with layer 2 > >That's a good way of thinking about it that I don't think the rest of us >thought of, Michael. > >An ARP frame has no Layer 3, contrary to what so many books claim. Here is >an ARP frame for reference. Note that there is no IP layer. The ARP header >references IP addressing information, but there's no IP header. > >Flags:0x00 >Status: 0x00 >Packet Length:64 >Timestamp:16:10:31.101000 06/14/2001 >Ethernet Header >Destination: FF:FF:FF:FF:FF:FF Ethernet Broadcast >Source: 00:00:0E:D5:C7:E7 >Protocol Type:0x0806 IP ARP >ARP - Address Resolution Protocol >Hardware: 1 Ethernet (10Mb) >Protocol: 0x0800 IP >Hardware Address Length: 6 >Protocol Address Length: 4 >Operation:1 ARP Request >Sender Hardware Address: 00:00:0E:D5:C7:E7 >Sender Internet Address: 10.0.0.1 >Target Hardware Address: 00:00:00:00:00:00 (ignored) >Target Internet Address: 10.0.0.2 > >Some people might argue that the frame format isn't a good way to >characterize a layer, but I think it is. > >And you make a good point that this frame would not go through a router, >which is another argument in favor of it being at Layer 2. The frame stays >on its local segment. It's a broadcast frame and it has no layer 3. > >Priscilla > > >>the layer 3 information in the ARP >>request and response is just encapsulated data at that point.. which I >>don't think qualifies it as a layer 3 procotol. If that were the case, TCP >>could be considered a layer 4-7 protocol because all of the data it >>encapsulates comes from all of the above layers.. >> > >Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8672&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IBGP Lab - Can't get from IBGP to External BGP sit [7:8639]
Sean. There is nothing wrong with your BGP configs. Everything is working just the way you told it to. :) What is wrong is your test methology. Since 192.168.1.0 is unknown in As200, you must do an extended ping on router 1 to router 3 with the loopback address as the source of the ping. HTH Feel free to email me @ [EMAIL PROTECTED] Doug Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8670&t=8639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Gre tunnel - ip and ipx packet loss -URGENT!!!!!!! [7:8190]
John; IPX is very sensitive to delay variation. That is why you are dropping IPX more than IP. My Novel expert recommends running an NWIP tunnel if you have a novel server on each side. I know. Great. Another tunnel. The large number of differed packets could mean several things. My first WAG would be a broadcast storm. Second would be a routing loop of some type. A packet capture on the link during the problem should tell the tale. My impression is that there is very little to "tweak" on a GRE. Also, it could be a service provider congestion issue. If that is the case, a SLA (service Level Agreement) would be the only effective cure. If the traffic travels through multiple ISP's the SLA becomes more challenging. HTH Doug Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8669&t=8190 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ideas on integrating VLAN and DHCP? [7:8651]
What are you using for inter V-lan routing? On your router use the ip helper command. Hope this helps George, Head Janitor, CCNA CCDA Cisco Systems ""Rich Chang"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone have any ideas on how to integrate DHCP with VLAN. For instance > if I have three switches, each switch supporting four VLANs 10, 20,30 and > 40,on ports 2/1, 2/2, 2/3 and 2/4 respectively, how can i make sure the > proper DHCP broadcast/traffic is sent to each port? Is there a Cisco > whitepaper supporting this topic and showing one how yto set this up? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8668&t=8651 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Changing the Flash mode [7:8657]
Daniel Maybe I am just misunderstanding your answer but you can alter the flash when the router is booted up normally. If you type the command "copy tftp flash" and go through the prompts it will ask you if you want to erase the flash and put the new one in. By erasing the flash and writing the new one in there it is in essence altering the flash. I have done this many times on a 2501 router. Am i mistaken as to what happens when you do a copy tftp flash? Please advise. George, Head Janitor, CCNA CCDA Cisco Systems ""Daniel Cotts"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I'll assume that you are referring to a 2500 series router. Keep in mind > that a 2500 runs from Flash. You can't alter the Flash while it is in use. > Change the configuration register to 0x2101 and reload. It will then boot > from ROM as router(boot)>. The Flash will then be R/W. > Check on CCO for instructions on updating IOS for a more full explanation. > > > -Original Message- > > From: friend [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, June 14, 2001 9:36 PM > > To: [EMAIL PROTECTED] > > Subject: Changing the Flash mode [7:8657] > > > > > > Hello, > > Does any one know how to change the Flash from Read-only mode > > to R/W mode ? > > Thanks > > Report misconduct > > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8667&t=8657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #1370 [7:8666]
I am on a brief and important outing. I will return Wed. 20 June. You should only get one auto-responder from me (this one.) If you keep getting auto responses, please contact [EMAIL PROTECTED] Thanks Tcat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8666&t=8666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 'show controllers' command [7:8528]
Rick, I work for an ISP and I use this command to look at how the T1's or PRI's are doing on my AS5300. By appending options to the end of this command it can be quite useful. The first example below will show you if you are receiving errors on the T1 (or PRI) form the CO switch. The second example will show you how many calls each channel (DS0) has taken. You can use this command to make sure that all 24 channels are being used by the T1 (23 for PRI's using non NFAS signaling), and how many DS0's are active at this moment in time. Example 1 Router#sh controllers t1 0 T1 0 is up. Applique type is Channelized T1 Cablelength is long gain36 0db Description: TDSNET#1 No alarms detected. Version info of slot 0: HW: 1, Firmware: 16, PLD Rev: 11 Framer Version: 0x8 Manufacture Cookie Info: EEPROM Type 0x0001, EEPROM Version 0x01, Board ID 0x48, Board Hardware Version 1.0, Item Number 800-3883-1, Board Revision A0, Serial Number 14034532, PLD/ISP Version 0.1, Manufacture Date 23-May-1999. Framing is ESF, Line Code is B8ZS, Clock Source is Line Primary. Data in current interval (2 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs Router# Example 2 Router#sh controllers t1 0 call-counters T1 0: DS0's Active: 2 DS0's Active High Water Mark: 24 TimeSlot Type TotalCalls TotalDuration 1 cas 88 3d06h 2 cas 87 3d09h 3 cas 101 2d13h 4 cas 107 2d11h 5 cas 98 2d11h 6 cas 101 2d09h 7 cas 98 2d20h 8 cas 84 2d18h 9 cas 100 2d06h 10 cas 95 2d09h 11 cas 104 2d02h 12 cas 92 3d08h 13 cas 102 2d17h 14 cas 87 3d01h 15 cas 108 2d03h 16 cas 97 2d08h 17 cas 100 2d06h 18 cas 88 3d05h 19 cas 90 3d13h 20 cas 101 1d21h 21 cas 104 1d18h 22 cas 98 2d13h 23 cas 87 2d23h 24 cas 86 2d22h System's DS0's Active High Water Mark: 138 Router# Hope this helps. Scott Ladd Data Network Technical Support [EMAIL PROTECTED] - Original Message - From: "Watson, Rick, CTR, OUSDC" To: Sent: Thursday, June 14, 2001 10:09 AM Subject: 'show controllers' command [7:8528] > ...reading the Cisco Press Support Book. They talked about the 'show > controllers' command. My question is when and why would you use this > command? I read that the output can be overwhelming, and that some of the > information is irrelevant! Go figure!. But again, when would you need the > information form this command? Thanks for the insight. > > Rick Watson > Network Engineer > Advanced Systems Development, Inc. > OUSD(Comptroller) > 703.697.5710 office > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8663&t=8528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
try show run regards suaveguru --- Vlade wrote: > Is there a way to check if an interface on a router > is running at full or > half duplex? Show int shows the bandwidth but not > the mode. Thanks. [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8665&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
connectivity problem [7:8664]
Hi, Below is my tcpdump message from machine A (123.123.123.123), machine B with 213.213.213.213 unable to telnet into machine A. However machine B is able to telnet to other server. Other machines can telnet into machine A other than machine B, there is no firewall or tcpwrapper enable. >From the message below, I still can't figure out which refuse which machine and why? Jun 14 16:06:34 titan [EMAIL PROTECTED][16621]: warning: can't verify hostname: getaddrinfo(68-202.xxx.com) failed: no address associated with hostname Jun 14 16:06:34 titan [EMAIL PROTECTED][16621]: refused connect from 213.213.213.213 16:06:34.465784 68-202.xxx.com.4688 > 123.123.123.123.telnet: S 21249554:21249554(0) win 8192 (DF) 16:06:34.472310 68-202.xxx.com.4688 > 123.123.123.123.telnet: . ack 2903684027 win 8616 (DF) 16:06:39.520449 68-202.xxx.com.4688 > 123.123.123.123.telnet: . ack 2 win 8616 (DF) 16:06:44.349187 68-202.xxx.com.4688 > 123.123.123.123.telnet: F 0:0(0) ack 2 win 8616 (DF) Thanks, Andy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8664&t=8664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: frame relay DLCIs [7:8611]
It should be OK for a serial interface (encap with frame-relay of course) to have more than one DLCI. I used to setup a frame-relay switch for my lab such as a hub-and-poke and had it working. Basically, on the serial interface of the hub router, you assign multiple DLCIs and map each of them to that of the poke router. In short, yes, it is normal to have multiple DLCIs on a single interface. See this link below for more reference: http://www.cisco.com/warp/public/125/15.html Good luck! ""Bradley J. Wilson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > How about a fully-meshed, one-subnet topology? > > > - Original Message - > From: No Data > To: [EMAIL PROTECTED] > Sent: Thursday, June 14, 2001 4:20 PM > Subject: frame relay DLCIs [7:8611] > > > I was playing around with a router here at work before > I have to put it into production. I've got a serial > interface that is set to encapsulation frame relay. > Well, I forgot to take one dlci off and then I > assigned another dlci to s0 giving s0 both dlci 100 > and dlci 429 (there are no sub interfaces here). Is > this really possible in a real network and why would > one have 2 dlcis on a single interface? > > > Ben, CCNP > > __ > Do You Yahoo!? > Spot the hottest trends in music, movies, and more. > http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8660&t=8611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP and TCP/IP layering [7:8335]
At 06:52 PM 6/14/01, Michael L. Williams wrote: >Isn't arp a layer 2 protocol? I realize the goal of ARP is to find a MAC >for a given layer 3 address, but the broadcast is done on layer 2, and the >remote station responds with layer 2 That's a good way of thinking about it that I don't think the rest of us thought of, Michael. An ARP frame has no Layer 3, contrary to what so many books claim. Here is an ARP frame for reference. Note that there is no IP layer. The ARP header references IP addressing information, but there's no IP header. Flags:0x00 Status: 0x00 Packet Length:64 Timestamp:16:10:31.101000 06/14/2001 Ethernet Header Destination: FF:FF:FF:FF:FF:FF Ethernet Broadcast Source: 00:00:0E:D5:C7:E7 Protocol Type:0x0806 IP ARP ARP - Address Resolution Protocol Hardware: 1 Ethernet (10Mb) Protocol: 0x0800 IP Hardware Address Length: 6 Protocol Address Length: 4 Operation:1 ARP Request Sender Hardware Address: 00:00:0E:D5:C7:E7 Sender Internet Address: 10.0.0.1 Target Hardware Address: 00:00:00:00:00:00 (ignored) Target Internet Address: 10.0.0.2 Some people might argue that the frame format isn't a good way to characterize a layer, but I think it is. And you make a good point that this frame would not go through a router, which is another argument in favor of it being at Layer 2. The frame stays on its local segment. It's a broadcast frame and it has no layer 3. Priscilla >the layer 3 information in the ARP >request and response is just encapsulated data at that point.. which I >don't think qualifies it as a layer 3 procotol. If that were the case, TCP >could be considered a layer 4-7 protocol because all of the data it >encapsulates comes from all of the above layers.. > >Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8662&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
If you do a show int on an ethernet interface and there's nothing indicating the duplex, then it's half. otherwise it would explicitly state full-duplex Mike W. "Vlade" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > It is an ethernet. Here is the show int output: > I don't see anything indicating the duplex or half duplex. > > Cisco-4700#sh int eth1 > Ethernet1 is up, line protocol is up > Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) > Description: To Internal Ethernet > Internet address is 63.109.136.65/28 > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 8/255 > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > ARP type: ARPA, ARP Timeout 04:00:00 > Last input 00:00:00, output 00:00:00, output hang never > Last clearing of "show interface" counters 17w6d > Queueing strategy: fifo > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > 5 minute input rate 125000 bits/sec, 69 packets/sec > 5 minute output rate 34 bits/sec, 77 packets/sec > 622847166 packets input, 2416393310 bytes, 0 no buffer > Received 16924 broadcasts, 0 runts, 0 giants > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > 0 input packets with dribble condition detected > 734906950 packets output, 2580891812 bytes, 0 underruns > 47 output errors, 4136024 collisions, 0 interface resets > 0 babbles, 0 late collision, 7288239 deferred > 47 lost carrier, 0 no carrier > 0 output buffer failures, 0 output buffers swapped out > Cisco-4700# > > ""John Neiberger"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > What type of interface are you talking about? > > > > Serial interfaces are full duplex, ethernet are either half or full but > > the show interface output will indicate the current mode. > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > Is there a way to check if an interface on a router is running at full > > or > > half duplex? Show int shows the bandwidth but not the mode. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8661&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Changing the Flash mode [7:8657]
I'll assume that you are referring to a 2500 series router. Keep in mind that a 2500 runs from Flash. You can't alter the Flash while it is in use. Change the configuration register to 0x2101 and reload. It will then boot from ROM as router(boot)>. The Flash will then be R/W. Check on CCO for instructions on updating IOS for a more full explanation. > -Original Message- > From: friend [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 14, 2001 9:36 PM > To: [EMAIL PROTECTED] > Subject: Changing the Flash mode [7:8657] > > > Hello, > Does any one know how to change the Flash from Read-only mode > to R/W mode ? > Thanks > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8659&t=8657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
someone know 6506's switch load led setup? [7:8658]
I have a 6506,supervisor1's switch load led need setup? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8658&t=8658 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Changing the Flash mode [7:8657]
Hello, Does any one know how to change the Flash from Read-only mode to R/W mode ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8657&t=8657 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CIR/Port speed/PVC speed [7:8480]
Here is the breakdown you have a Partial T coming into a router SE0, it is Frame you are only using 12 channels --> Port Speed 768, You have two PVC's riding this partial T SE0.1 and SE0.2 both are 384 K through the frame cloud, But because your traffic is bursty and you are trying to save your company a buck or two you only have a CIR of 192K I.e. the Telco guarantees 192K get's through. This makes a lot more since when you are talking connections with oversubsciption i.e. a T1 1.544 port speed and 24 128K PVC speed circuits, with CIR of 64, You are not truly over subscribing here if you are the Telco because you can still get 64 K to all customers. Sorry if I babbled need more caffeine -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Thomas Sent: Thursday, June 14, 2001 7:07 PM To: [EMAIL PROTECTED] Subject: Re: CIR/Port speed/PVC speed [7:8480] Thanks All for response!!! So are PVC speed and CIR speed the same??? ""Thomas"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > > Can someone definde the difference between CIR, Port speed and PVC speed on > routers? I am so confused on these items with my current ISPs. Thanks in > advance!!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8655&t=8480 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco VoFR [7:8656]
Hi! I am trying to configure two Cisco routers MC3810 and 1750-4V to do Voice over Frame Relay. Both the router have the latest IOS. As soon as I enable the vofr cisco command, all my data communications stop. I cannot even ping across. BUT the funny bit is that voice can go through!!! The config on the MC 3810 is : ! interface Serial0 bandwidth 64 no ip address encapsulation frame-relay frame-relay traffic-shaping frame-relay lmi-type ansi ! interface Serial0.1 point-to-point bandwidth 48 ip address 10.1.1.5 255.255.255.252 frame-relay interface-dlci 16 class Voice vofr cisco map-class frame-relay Voice frame-relay voice bandwidth 32000 frame-relay fragment 80 no frame-relay adaptive-shaping frame-relay cir 48000 frame-relay bc 1000 frame-relay be 16000 frame-relay mincir 2 frame-relay fair-queue The config on the 1750 is: ! interface Serial0 bandwidth 64 no ip address encapsulation frame-relay no ip mroute-cache frame-relay traffic-shaping frame-relay lmi-type ansi ! interface Serial0.1 point-to-point bandwidth 48 ip address 10.1.1.6 255.255.255.252 no ip mroute-cache frame-relay interface-dlci 16 class Voice vofr cisco map-class frame-relay Voice frame-relay cir 48000 frame-relay bc 1000 frame-relay be 16000 frame-relay mincir 2 no frame-relay adaptive-shaping frame-relay fair-queue frame-relay voice bandwidth 32000 frame-relay fragment 80 Can someone please explain what am I doing wrong and how can I make this work?? Any Help will be appreciated. Mitesh Important Notice ***This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the post master or system manager @tfl.com.fj [Telecom Fiji Ltd.]*** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8656&t=8656 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CIR/Port speed/PVC speed [7:8480]
Thanks All for response!!! So are PVC speed and CIR speed the same??? ""Thomas"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > > Can someone definde the difference between CIR, Port speed and PVC speed on > routers? I am so confused on these items with my current ISPs. Thanks in > advance!!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8653&t=8480 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 'show controllers' command [7:8528]
I mentioned this in passing a few days ago. If your router(s) have a cybus then the command: show controllers cbus utilization will let you know how hard those cybus' are working Router7513>sh cont cbus util CY0Bus utilization for five seconds: 8%; one minute: 8%; five minutes: 8% CY1Bus utilization for five seconds: 13%; one minute: 13%; five minutes: 13% You would use this to help you load balance the buses. Kevin Wigle - Original Message - From: "Watson, Rick, CTR, OUSDC" To: Sent: Thursday, 14 June, 2001 11:09 Subject: 'show controllers' command [7:8528] > ...reading the Cisco Press Support Book. They talked about the 'show > controllers' command. My question is when and why would you use this > command? I read that the output can be overwhelming, and that some of the > information is irrelevant! Go figure!. But again, when would you need the > information form this command? Thanks for the insight. > > Rick Watson > Network Engineer > Advanced Systems Development, Inc. > OUSD(Comptroller) > 703.697.5710 office > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8652&t=8528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ideas on integrating VLAN and DHCP? [7:8651]
Does anyone have any ideas on how to integrate DHCP with VLAN. For instance if I have three switches, each switch supporting four VLANs 10, 20,30 and 40,on ports 2/1, 2/2, 2/3 and 2/4 respectively, how can i make sure the proper DHCP broadcast/traffic is sent to each port? Is there a Cisco whitepaper supporting this topic and showing one how yto set this up? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8651&t=8651 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
Not quite true There is a "special" 10BaseT interface for the 4700 that supports full-duplex. Observe this show interface from one of our production 4700s: Name_Replaced>sh int e0 Ethernet0 is up, line protocol is up Hardware is Am79c970, address is snipped Description: ::snipped Internet address is ::snipped:: MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 31/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec), Full-duplex ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters 28w0d Queueing strategy: fifo :: snip! :: On the encapsulation line, at the end it says Full-duplex. Now, as far as full duplex on a 2611.. I tried this connected to a 2924 switch and we had a devil of a time trying to figure out what was going on. The config of the router said one thing but the switch said another. Don't remember the IOS version though - but it probably wasn't a "T". Kevin Wigle - Original Message - From: "John Neiberger" To: Sent: Thursday, 14 June, 2001 18:03 Subject: Re: duplex [7:8553] > This is true of switch ports but the original post was regarding 10BaseT > interfaces on Cisco routers. In the past, there were no Cisco 10BaseT > interfaces that supported full duplex. It appears that has changed on > the 2600/3600 series beginning with IOS 12.0(4)T. It still remains true > for other platforms as far as I can tell. > > John > > >>> "Brian" 6/14/01 3:29:28 PM >>> > Pete you are correct, 10 meg on a hub/repeater is not full duplex, 10 > meg > switch ports can be full duplex, though are not necessarily that way. > > Brian "Sonic" Whalen > Success = Preparation + Opportunity > > > On Thu, 14 Jun 2001, Peter I. Slow, CCNP wrote: > > > I beg to differ. > > I can set an interface for ten megs and full dup. > > also. > > arent swith interfaces full duplez? > > what about 10 M interfaces? > > that one i am unsure about... > > Peter Slow, CCNP Voice Specialist > > Network Engineer > > Planetary Networks > > 535 West 34th Street > > New York, New York > > 10001 > > > > cell: (516)782.1535 > > desk: (646)792.2395 > > mail: [EMAIL PROTECTED] > > > > - Original Message - > > From: John Neiberger > > To: > > Sent: Thursday, June 14, 2001 1:39 PM > > Subject: Re: duplex [7:8553] > > > > > > > Oh, okay. I should have been more specific in my previous email. > > > Fastethernet can be full or half duplex. Ethernet can only be > half > > > duplex which is why it does not mention it in that output. That is > a > > > standard 10BaseT interface and can only do 10Mbs and half duplex. > > > > > > HTH, > > > John > > > > > > >>> "Vlade" 6/14/01 11:11:03 AM >>> > > > It is an ethernet. Here is the show int output: > > > I don't see anything indicating the duplex or half duplex. > > > > > > Cisco-4700#sh int eth1 > > > Ethernet1 is up, line protocol is up > > > Hardware is Am79c970, address is 0060.471f.8b3b (bia > 0060.471f.8b3b) > > > Description: To Internal Ethernet > > > Internet address is 63.109.136.65/28 > > > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load > > > 8/255 > > > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > > > ARP type: ARPA, ARP Timeout 04:00:00 > > > Last input 00:00:00, output 00:00:00, output hang never > > > Last clearing of "show interface" counters 17w6d > > > Queueing strategy: fifo > > > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > > > 5 minute input rate 125000 bits/sec, 69 packets/sec > > > 5 minute output rate 34 bits/sec, 77 packets/sec > > > 622847166 packets input, 2416393310 bytes, 0 no buffer > > > Received 16924 broadcasts, 0 runts, 0 giants > > > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > > > 0 input packets with dribble condition detected > > > 734906950 packets output, 2580891812 bytes, 0 underruns > > > 47 output errors, 4136024 collisions, 0 interface resets > > > 0 babbles, 0 late collision, 7288239 deferred > > > 47 lost carrier, 0 no carrier > > > 0 output buffer failures, 0 output buffers swapped out > > > Cisco-4700# > > > > > > ""John Neiberger"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > What type of interface are you talking about? > > > > > > > > Serial interfaces are full duplex, ethernet are either half or > full > > > but > > > > the show interface output will indicate the current mode. > > > > > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > > > Is there a way to check if an interface on a router is running > at > > > full > > > > or > > > > half duplex? Show int shows the bandwidth but not the mode. > Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8650&t=8553 -- FAQ, list archives, and subscriptio
Re: IBGP Lab - Can't get from IBGP to External BGP site [7:8649]
I did this lab earlier today and was wondering the same thing. If i remember correctly router B did not have a network statement to advertise the link that exists between B and C. If you add that statement router A then learns about the link thru IBGP and can find the path back to C when you ping from C to A. HTH. Ed ""Sean C."" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Group, > > Trying to do some IBGP from Doyle II and from Hutnik's All-in-1-Lab 2nd > edition. I know I'm doing something wrong - just can't figure out the > issue. I'll use Hutnik's stuff - from lab #48 - page 533: > > > AS 100| AS 200 > | > RtrA-S0---S0-RtrB-E0-E0-RtrC > S0 192.1.1.1/24 | S0 192.1.1.2/24 E0 > 193.1.1.2/24 > L0 1.1.1.1/24 | E0 193.1.1.1/24 > | L0 2.2.2.2/24 > AS 100| AS 200 AS > 200 > > > Basically, RouterA is in AS 100 connected via S0 to RouterB (AS 200) on > RouterB's S0 and using BGP. RouterB and RouterC are connected Ethernet and > using IBGP for AS 200. I'm trying to get Router C to be able to hit > RouterA's ints. I'm doing the basics of no sync on Router C and B and also > having Router B announcing itself as next-hop-self. I've also cleared ip > bgp * on router B and C. Still no-go. I can hit RtrA from RtrB S0 > interface but not from RtrB's E0 interface using an extended ping. So what > is wrong with Router B? What am I missing? > > Router A's config: > ! > hostname RouterA > ! > interface Loopback0 > ip address 1.1.1.1 255.255.255.0 > ! > interface Serial0 > ip address 192.1.1.1 255.255.255.0 > clockrate 400 > ! > router bgp 100 > network 1.0.0.0 > neighbor 192.1.1.2 remote-as 200 > ! > > === > Router B's config: > ! > hostname RouterB > ! > interface Loopback0 > ip address 2.2.2.2 255.255.255.0 > no ip directed-broadcast > ! > interface Ethernet0/0 > ip address 193.1.1.1 255.255.255.0 > no ip directed-broadcast > ! > interface Serial0/0 > ip address 192.1.1.2 255.255.255.0 > no ip directed-broadcast > ! > router bgp 200 > no synchronization > neighbor 192.1.1.1 remote-as 100 > neighbor 193.1.1.2 remote-as 200 > neighbor 193.1.1.2 next-hop-self > ! > > > RouterB#sh ip bgp > BGP table version is 2, local router ID is 2.2.2.2 > Status codes: s suppressed, d damped, h history, * valid, > best, i - > internal > Origin codes: i - IGP, e - EGP, ? - incomplete >Network Next HopMetric LocPrf Weight Path > *> 1.0.0.0 192.1.1.10 0 100 i > > RouterB#sh ip rout > B1.0.0.0/8 [20/0] via 192.1.1.1, 00:34:47 > 2.0.0.0/24 is subnetted, 1 subnets > C 2.2.2.0 is directly connected, Loopback0 > C193.1.1.0/24 is directly connected, Ethernet0/0 > C192.1.1.0/24 is directly connected, Serial0/0 > > == > Router C's config: > ! > hostname RouterC > ! > interface Loopback0 > ip address 3.3.3.3 255.255.255.0 > no ip directed-broadcast > ! > interface Ethernet0 > ip address 193.1.1.2 255.255.255.0 > no ip directed-broadcast > ! > router bgp 200 > no synchronization > neighbor 193.1.1.1 remote-as 200 > > > RouterC#sh ip bgp > BGP table version is 2, local router ID is 3.3.3.3 > Status codes: s suppressed, d damped, h history, * valid, > best, i - > internal > Origin codes: i - IGP, e - EGP, ? - incomplete > >Network Next HopMetric LocPrf Weight Path > *>i1.0.0.0 193.1.1.10100 0 100 i > > RouterC#sh ip rout > B1.0.0.0/8 [200/0] via 193.1.1.1, 00:30:21 > 3.0.0.0/24 is subnetted, 1 subnets > C 3.3.3.0 is directly connected, Loopback0 > C193.1.1.0/24 is directly connected, Ethernet0 > > > Like I wrote at the top, this is just for my lab setup. Thanks in advance!! > Sean > > CCNP, CCDP, MCSE > Email: [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8649&t=8649 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: frame relay Down [7:8648]
I have a frame relay site that is down, yesterday the other end was down with a blown CSU (I know this really should not effect it after all the CSU is only used for telco loop and act as a surge for electrical impulses) Anyhow the other end is down and this is my INT Serial0/1 is down, line protocol is down Hardware is QUICC with integrated T1 CSU/DSU Description: AT&T t1 to carlisle MTU 1500 bytes, BW 768 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, loopback not set Keepalive set (10 sec) LMI enq sent 60, LMI stat recvd 59, LMI upd recvd 0, DTE LMI down LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 119/0, interface broadcasts 38 Last input 17:18:28, output 17:18:28, output hang never Last clearing of "show interface" counters 5w6d Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 74 packets input, 4791 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 185 packets output, 34289 bytes, 0 underruns 0 output errors, 0 collisions, 119106 interface resets 0 output buffer failures, 0 output buffers swapped out 54 carrier transitions DCD=down DSR=up DTR=up RTS=up CTS=down I have read that 99.9% percent of the time with down, up,up,up, Down, situations it is the telco. At&t have claimed that they can loop the CSU but when they loop I don't see anything in the sh int that indicates loopback, shouldn't the first line say up, loop or something? Also they say they can't loop the SmartJack which already makes it sound weird to me. I have been preaching to my customer that it is the Telco, should I try something else, Note I would put a loop on the module and see if it goes up up but there is no one at the location capable of making a cable and I don't feel like driving 10hrs. round trip to plug it in. Any other ideas, I have the telco dispatching in the AM and I wanted to have the Telco loop and have the customer pull the line and see if they still see it in loop but that was not possible either cause the Telco, cough AT&T cough cough, took 5 hours to get a tech assigned to the case. Thanks in advance for all your ideas. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8648&t=8648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 'show controllers' command [7:8528]
You also can see if the signal from the CSU/DSU is detected by the serial. see example below. This output is taken from Cisco router 2600 series. router#sh controller s0/0 Interface Serial0/0 Hardware is PowerQUICC MPC860 DTE V.35 TX and RX clocks detected >From: "Lowell Sharrah" >Reply-To: "Lowell Sharrah" >To: [EMAIL PROTECTED] >Subject: Re: 'show controllers' command [7:8528] >Date: Thu, 14 Jun 2001 11:48:10 -0400 > >it's good stuff when troubleshooting atm. gives you clokc source and what >type of errors you are receiving > > >>> "Watson, Rick, CTR, OUSDC" 06/14/01 11:09AM >>> >...reading the Cisco Press Support Book. They talked about the 'show >controllers' command. My question is when and why would you use this >command? I read that the output can be overwhelming, and that some of the >information is irrelevant! Go figure!. But again, when would you need the >information form this command? Thanks for the insight. > >Rick Watson >Network Engineer >Advanced Systems Development, Inc. >OUSD(Comptroller) >703.697.5710 office >[EMAIL PROTECTED] > misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8645&t=8528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IBGP Lab - Can't get from IBGP to External BGP site [7:8646]
Probably your return path A does not know about network 193.1.1/24. Need a network statement in B to announce that subnet. pete At 07:35 PM 6/14/2001 -0400, Sean C. wrote: >Hi Group, > >Trying to do some IBGP from Doyle II and from Hutnik's All-in-1-Lab 2nd >edition. I know I'm doing something wrong - just can't figure out the >issue. I'll use Hutnik's stuff - from lab #48 - page 533: > > >AS 100| AS 200 > | > RtrA-S0---S0-RtrB-E0-E0-RtrC >S0 192.1.1.1/24 | S0 192.1.1.2/24 E0 >193.1.1.2/24 >L0 1.1.1.1/24 | E0 193.1.1.1/24 > | L0 2.2.2.2/24 >AS 100| AS 200 AS >200 > > >Basically, RouterA is in AS 100 connected via S0 to RouterB (AS 200) on >RouterB's S0 and using BGP. RouterB and RouterC are connected Ethernet and >using IBGP for AS 200. I'm trying to get Router C to be able to hit >RouterA's ints. I'm doing the basics of no sync on Router C and B and also >having Router B announcing itself as next-hop-self. I've also cleared ip >bgp * on router B and C. Still no-go. I can hit RtrA from RtrB S0 >interface but not from RtrB's E0 interface using an extended ping. So what >is wrong with Router B? What am I missing? > >Router A's config: >! >hostname RouterA >! >interface Loopback0 > ip address 1.1.1.1 255.255.255.0 >! >interface Serial0 > ip address 192.1.1.1 255.255.255.0 > clockrate 400 >! >router bgp 100 > network 1.0.0.0 > neighbor 192.1.1.2 remote-as 200 >! > >=== >Router B's config: >! >hostname RouterB >! >interface Loopback0 > ip address 2.2.2.2 255.255.255.0 > no ip directed-broadcast >! >interface Ethernet0/0 > ip address 193.1.1.1 255.255.255.0 > no ip directed-broadcast >! >interface Serial0/0 > ip address 192.1.1.2 255.255.255.0 > no ip directed-broadcast >! >router bgp 200 > no synchronization > neighbor 192.1.1.1 remote-as 100 > neighbor 193.1.1.2 remote-as 200 > neighbor 193.1.1.2 next-hop-self >! > > >RouterB#sh ip bgp >BGP table version is 2, local router ID is 2.2.2.2 >Status codes: s suppressed, d damped, h history, * valid, > best, i - >internal >Origin codes: i - IGP, e - EGP, ? - incomplete >Network Next HopMetric LocPrf Weight Path >*> 1.0.0.0 192.1.1.10 0 100 i > >RouterB#sh ip rout >B1.0.0.0/8 [20/0] via 192.1.1.1, 00:34:47 > 2.0.0.0/24 is subnetted, 1 subnets >C 2.2.2.0 is directly connected, Loopback0 >C193.1.1.0/24 is directly connected, Ethernet0/0 >C192.1.1.0/24 is directly connected, Serial0/0 > >== >Router C's config: >! >hostname RouterC >! >interface Loopback0 > ip address 3.3.3.3 255.255.255.0 > no ip directed-broadcast >! >interface Ethernet0 > ip address 193.1.1.2 255.255.255.0 > no ip directed-broadcast >! >router bgp 200 > no synchronization > neighbor 193.1.1.1 remote-as 200 > > >RouterC#sh ip bgp >BGP table version is 2, local router ID is 3.3.3.3 >Status codes: s suppressed, d damped, h history, * valid, > best, i - >internal >Origin codes: i - IGP, e - EGP, ? - incomplete > >Network Next HopMetric LocPrf Weight Path >*>i1.0.0.0 193.1.1.10100 0 100 i > >RouterC#sh ip rout >B1.0.0.0/8 [200/0] via 193.1.1.1, 00:30:21 > 3.0.0.0/24 is subnetted, 1 subnets >C 3.3.3.0 is directly connected, Loopback0 >C193.1.1.0/24 is directly connected, Ethernet0 > > >Like I wrote at the top, this is just for my lab setup. Thanks in advance!! >Sean > >CCNP, CCDP, MCSE >Email: [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8646&t=8646 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: lab no more 12 months.. [7:8509]
Here is the url: http://www.cisco.com/warp/public/625/ccie/ccie_program/policies.html Here is the quote from the site: Written Exam Expiry Candidates must attempt the CCIE Lab exam within 18 months of passing the CCIE Qualification exam. As long as a candidate attempts the CCIE Lab at least once every 12 months after the first lab attempt, the candidate may take up to three years to pass the Lab Exam. However, if a candidate has not passed the CCIE Lab exam within three years of passing the written exam, he or she must retake the CCIE Qualification exam before the candidate will be allowed to schedule the Lab exam again. -Original Message- From: Robert Nelson-Cox [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 10:24 AM To: Morabito Joe Subject: Re: lab no more 12 months.. [7:8509] >From: "Morabito Joe" >Reply-To: "Morabito Joe" >To: [EMAIL PROTECTED] >Subject: lab no more 12 months.. [7:8509] >Date: Thu, 14 Jun 2001 08:45:35 -0400 > >Did anyone catch that the lab must now be taken no longer than 18 months. >I >was looking at the web site and was surprised to see this change. Nope, can't find it. The one change I can find is that if you score less than 20 points on your first day, you have to wait six months before trying again, but you only have to wait 30 days if you score over this. >Has anyone else seen any other changes? I heard a rumor about 2900 series >switches in the lab. Can't see the point, their is little difference between these and the 5000s. The G's are a little different being classical IOS based. Rob./ >Joe Morabito > _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8525&t=8509 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN call Command [7:8351]
Scott you need the telephone number after your bri0/0 isdn call int bri0/0 234234234 to disconnet the call type isdn dis int bri0/0 all -Original Message- From: STRAND Scott [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 13, 2001 4:47 PM To: [EMAIL PROTECTED] Subject: ISDN call Command [7:8351] I need to test if the bri interface used for DDR works without taking the serial interface down. (Don't ask me why, the reasons are political). So basically, I just want to see if it works. I've done the "sh isdn status" to check level 1 & 2 but is it possible to bring up an interface in this situation? How does the: isdn call int bri0/0 command work? I tried this with no luck. Thanks, Scott ***> = THE INFORMATION IN THIS E-MAIL AND IN ANY ATTACHMENTS IS CONFIDENTIAL AND MAY BE PRIVILEGED. IF YOU ARE NOT THE INTENDED RECIPIENT, PLEASE DESTROY THIS MESSAGE AND NOTIFY THE SENDER IMMEDIATELY. YOU SHOULD NOT RETAIN, COPY OR USE THIS E-MAIL FOR ANY PURPOSE, NOR DISCLOSE ALL OR ANY PART OF ITS CONTENTS TO ANY OTHER PERSON. ANY VIEWS EXPRESSED IN THIS MESSAGE ARE THOSE OF THE INDIVIDUAL SENDER, EXCEPT WHERE THE SENDER SPECIFICALLY STATES THEM TO BE THE VIEWS OF LLOYD'S. LLOYD'S MAY MONITOR THE CONTENT OF E-MAILS SENT AND RECEIVED VIA ITS NETWORK FOR VIRUSES OR UNAUTHORISED USE AND FOR OTHER LAWFUL BUSINESS PURPOSES. mail06 = > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8527&t=8351 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IBGP Lab - Can't get from IBGP to External BGP site [7:8644]
Sean, Try adding "redistribute connected" to all 3 router configurations. This will ensure that all of your connected interfaces gets advertised. The problem sounds as though Router A does not have the 193.1.1.0/24 network in it's BGP table, thus that's why Router C can not ping Router A, because A does not know how to get to C. -Chuck - Original Message - From: "Sean C." To: Sent: Thursday, June 14, 2001 7:35 PM Subject: IBGP Lab - Can't get from IBGP to External BGP site [7:8639] > Hi Group, > > Trying to do some IBGP from Doyle II and from Hutnik's All-in-1-Lab 2nd > edition. I know I'm doing something wrong - just can't figure out the > issue. I'll use Hutnik's stuff - from lab #48 - page 533: > > > AS 100| AS 200 > | > RtrA-S0---S0-RtrB-E0-E0-RtrC > S0 192.1.1.1/24 | S0 192.1.1.2/24 E0 > 193.1.1.2/24 > L0 1.1.1.1/24 | E0 193.1.1.1/24 > | L0 2.2.2.2/24 > AS 100| AS 200 AS > 200 > > > Basically, RouterA is in AS 100 connected via S0 to RouterB (AS 200) on > RouterB's S0 and using BGP. RouterB and RouterC are connected Ethernet and > using IBGP for AS 200. I'm trying to get Router C to be able to hit > RouterA's ints. I'm doing the basics of no sync on Router C and B and also > having Router B announcing itself as next-hop-self. I've also cleared ip > bgp * on router B and C. Still no-go. I can hit RtrA from RtrB S0 > interface but not from RtrB's E0 interface using an extended ping. So what > is wrong with Router B? What am I missing? > > Router A's config: > ! > hostname RouterA > ! > interface Loopback0 > ip address 1.1.1.1 255.255.255.0 > ! > interface Serial0 > ip address 192.1.1.1 255.255.255.0 > clockrate 400 > ! > router bgp 100 > network 1.0.0.0 > neighbor 192.1.1.2 remote-as 200 > ! > > === > Router B's config: > ! > hostname RouterB > ! > interface Loopback0 > ip address 2.2.2.2 255.255.255.0 > no ip directed-broadcast > ! > interface Ethernet0/0 > ip address 193.1.1.1 255.255.255.0 > no ip directed-broadcast > ! > interface Serial0/0 > ip address 192.1.1.2 255.255.255.0 > no ip directed-broadcast > ! > router bgp 200 > no synchronization > neighbor 192.1.1.1 remote-as 100 > neighbor 193.1.1.2 remote-as 200 > neighbor 193.1.1.2 next-hop-self > ! > > > RouterB#sh ip bgp > BGP table version is 2, local router ID is 2.2.2.2 > Status codes: s suppressed, d damped, h history, * valid, > best, i - > internal > Origin codes: i - IGP, e - EGP, ? - incomplete >Network Next HopMetric LocPrf Weight Path > *> 1.0.0.0 192.1.1.10 0 100 i > > RouterB#sh ip rout > B1.0.0.0/8 [20/0] via 192.1.1.1, 00:34:47 > 2.0.0.0/24 is subnetted, 1 subnets > C 2.2.2.0 is directly connected, Loopback0 > C193.1.1.0/24 is directly connected, Ethernet0/0 > C192.1.1.0/24 is directly connected, Serial0/0 > > == > Router C's config: > ! > hostname RouterC > ! > interface Loopback0 > ip address 3.3.3.3 255.255.255.0 > no ip directed-broadcast > ! > interface Ethernet0 > ip address 193.1.1.2 255.255.255.0 > no ip directed-broadcast > ! > router bgp 200 > no synchronization > neighbor 193.1.1.1 remote-as 200 > > > RouterC#sh ip bgp > BGP table version is 2, local router ID is 3.3.3.3 > Status codes: s suppressed, d damped, h history, * valid, > best, i - > internal > Origin codes: i - IGP, e - EGP, ? - incomplete > >Network Next HopMetric LocPrf Weight Path > *>i1.0.0.0 193.1.1.10100 0 100 i > > RouterC#sh ip rout > B1.0.0.0/8 [200/0] via 193.1.1.1, 00:30:21 > 3.0.0.0/24 is subnetted, 1 subnets > C 3.3.3.0 is directly connected, Loopback0 > C193.1.1.0/24 is directly connected, Ethernet0 > > > Like I wrote at the top, this is just for my lab setup. Thanks in advance!! > Sean > > CCNP, CCDP, MCSE > Email: [EMAIL PROTECTED] _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8644&t=8644 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RADIUS solution [7:8640]
Hi Rick, I will look at it. Just in case, anyone wants it, here are my requirements. I would appreciate any pointers on it. Thanx. Requirements Purpose - To provide username/password security to all our network devices - All logins must be logged to a file - Must support 3Com, Cisco, Juniper equipment - The ability to have a redundant solution(ie. two boxes on separate subnets) - The ability to support interaction to a third party Kerberos server - Must support authentication via Cisco 7206 for DSL PPP sessions - Must support authentication via Cisco AS5300's for PPP sessions - Must support up to 30,000 users (I am not sure on this number) - Config devices to use ssh only where possible, upgrade software to support ssh, (note 3500's do not support ssh) - Linux/UNIX platform preferred - Gigabit interface - Dual power supplies - rack-mountable - Backups, etc Thanx again. Imran. --- Rick Holden wrote: > I have used one called radtac. It works good for > me, but I only use it > for very simple configs and don't really hit it vary > hard, so I can't say > much more about it. You can get a full trial version > off their web sight > that is good for 30 day. (www.radtac.com) > /Rick > - Original Message - > From: "Imran Moin" > To: > Sent: Thursday, June 14, 2001 7:48 PM > Subject: RADIUS solution [7:8640] > > > > Hi all, > > > > I have to implement a RADIUS solution for my > network. > > Before researching, i wanted to ask you all if you > > have used any product. > > > > How good is Cisco's Ciscosecure 2.1 > > > > Thanx in advance. > > > > Imran. > > > > __ > > Do You Yahoo!? > > Spot the hottest trends in music, movies, and > more. > > http://buzz.yahoo.com/ > [EMAIL PROTECTED] > __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8642&t=8640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: High output errors [7:8633]
hi, You should set the switch port to a fix speed that the hub can take. If the hub is only a 10Mb hub then set the switch port to 10Mb half duplex. This will eliminate some potential problem. Regards, Justin Vo ""Vlade"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have a 2948L3 switch that is connected to a 10/100 hub. The output errors > are very high.After clearing counters I have 100 output errors every ten > minutes. The port is set to autonegotiate and set itself to 100Mb full > duplex. I figured it would autonegotiate to half duplex since its connected > to a hub. Here is a look at the counters: > My question is should I manually set the port to half duplex and would that > remedy these errors? > Or is there something else I should do? Thanks. > > Output queue 0/150, 0 drops; input queue 0/150, 0 drops > 5 minute input rate 199000 bits/sec, 78 packets/sec > 5 minute output rate 0 bits/sec, 0 packets/sec > 46471 packets input, 13423563 bytes, 0 no buffer > Received 78 broadcasts, 17 runts, 0 giants, 0 throttles > 100 input errors, 34 CRC, 49 frame, 0 overrun, 0 ignored, 0 abort > 0 watchdog, 0 multicast > 0 input packets with dribble condition detected > 3373 packets output, 381430 bytes, 0 underruns(0/0/0) > 0 output errors, 54 collisions, 0 interface resets Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8643&t=8633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RADIUS solution [7:8640]
I have used one called radtac. It works good for me, but I only use it for very simple configs and don't really hit it vary hard, so I can't say much more about it. You can get a full trial version off their web sight that is good for 30 day. (www.radtac.com) /Rick - Original Message - From: "Imran Moin" To: Sent: Thursday, June 14, 2001 7:48 PM Subject: RADIUS solution [7:8640] > Hi all, > > I have to implement a RADIUS solution for my network. > Before researching, i wanted to ask you all if you > have used any product. > > How good is Cisco's Ciscosecure 2.1 > > Thanx in advance. > > Imran. > > __ > Do You Yahoo!? > Spot the hottest trends in music, movies, and more. > http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8641&t=8640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RADIUS solution [7:8640]
Hi all, I have to implement a RADIUS solution for my network. Before researching, i wanted to ask you all if you have used any product. How good is Cisco's Ciscosecure 2.1 Thanx in advance. Imran. __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8640&t=8640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP and TCP/IP layering [7:8335]
Isn't arp a layer 2 protocol? I realize the goal of ARP is to find a MAC for a given layer 3 address, but the broadcast is done on layer 2, and the remote station responds with layer 2 the layer 3 information in the ARP request and response is just encapsulated data at that point.. which I don't think qualifies it as a layer 3 procotol. If that were the case, TCP could be considered a layer 4-7 protocol because all of the data it encapsulates comes from all of the above layers.. Mike W. "Charles Manafa" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I think that ARP straddles both Layer 2 and Layer 3. It does not completely > belong to either. > > CM > > -Original Message- > From: Dr Rita Puzmanova > To: [EMAIL PROTECTED] > Sent: 13/06/01 14:58 > Subject: ARP and TCP/IP layering [7:8335] > > Hi all, > > Trivial yet fundamental question. I have seen ARP described as part of > the network (internet) layer so many times that I have started to > believe it belongs there (although I know well that it operates "as if" > the Layer 2 protocol - as per OSI RM). Now I have eventually come across > Doug Comer's statement: "It's part of the network interface layer." > > I should not ask where the truth is but still I will. That would mean > quite a lot of books are incorrect in this (including Cisco materials). > > Rita Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8637&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNA T-shirt [7:8634]
Brand-new CCNA T-shirt for sale on ebay. Please search for "CCNA T-shirt" on ebay. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8634&t=8634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
High output errors [7:8633]
I have a 2948L3 switch that is connected to a 10/100 hub. The output errors are very high.After clearing counters I have 100 output errors every ten minutes. The port is set to autonegotiate and set itself to 100Mb full duplex. I figured it would autonegotiate to half duplex since its connected to a hub. Here is a look at the counters: My question is should I manually set the port to half duplex and would that remedy these errors? Or is there something else I should do? Thanks. Output queue 0/150, 0 drops; input queue 0/150, 0 drops 5 minute input rate 199000 bits/sec, 78 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 46471 packets input, 13423563 bytes, 0 no buffer Received 78 broadcasts, 17 runts, 0 giants, 0 throttles 100 input errors, 34 CRC, 49 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast 0 input packets with dribble condition detected 3373 packets output, 381430 bytes, 0 underruns(0/0/0) 0 output errors, 54 collisions, 0 interface resets Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8633&t=8633 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
agreed.. Brian "Sonic" Whalen Success = Preparation + Opportunity On Thu, 14 Jun 2001, John Neiberger wrote: > This is true of switch ports but the original post was regarding 10BaseT > interfaces on Cisco routers. In the past, there were no Cisco 10BaseT > interfaces that supported full duplex. It appears that has changed on > the 2600/3600 series beginning with IOS 12.0(4)T. It still remains true > for other platforms as far as I can tell. > > John > > >>> "Brian" 6/14/01 3:29:28 PM >>> > Pete you are correct, 10 meg on a hub/repeater is not full duplex, 10 > meg > switch ports can be full duplex, though are not necessarily that way. > > Brian "Sonic" Whalen > Success = Preparation + Opportunity > > > On Thu, 14 Jun 2001, Peter I. Slow, CCNP wrote: > > > I beg to differ. > > I can set an interface for ten megs and full dup. > > also. > > arent swith interfaces full duplez? > > what about 10 M interfaces? > > that one i am unsure about... > > Peter Slow, CCNP Voice Specialist > > Network Engineer > > Planetary Networks > > 535 West 34th Street > > New York, New York > > 10001 > > > > cell: (516)782.1535 > > desk: (646)792.2395 > > mail: [EMAIL PROTECTED] > > > > - Original Message - > > From: John Neiberger > > To: > > Sent: Thursday, June 14, 2001 1:39 PM > > Subject: Re: duplex [7:8553] > > > > > > > Oh, okay. I should have been more specific in my previous email. > > > Fastethernet can be full or half duplex. Ethernet can only be > half > > > duplex which is why it does not mention it in that output. That is > a > > > standard 10BaseT interface and can only do 10Mbs and half duplex. > > > > > > HTH, > > > John > > > > > > >>> "Vlade" 6/14/01 11:11:03 AM >>> > > > It is an ethernet. Here is the show int output: > > > I don't see anything indicating the duplex or half duplex. > > > > > > Cisco-4700#sh int eth1 > > > Ethernet1 is up, line protocol is up > > > Hardware is Am79c970, address is 0060.471f.8b3b (bia > 0060.471f.8b3b) > > > Description: To Internal Ethernet > > > Internet address is 63.109.136.65/28 > > > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load > > > 8/255 > > > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > > > ARP type: ARPA, ARP Timeout 04:00:00 > > > Last input 00:00:00, output 00:00:00, output hang never > > > Last clearing of "show interface" counters 17w6d > > > Queueing strategy: fifo > > > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > > > 5 minute input rate 125000 bits/sec, 69 packets/sec > > > 5 minute output rate 34 bits/sec, 77 packets/sec > > > 622847166 packets input, 2416393310 bytes, 0 no buffer > > > Received 16924 broadcasts, 0 runts, 0 giants > > > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > > > 0 input packets with dribble condition detected > > > 734906950 packets output, 2580891812 bytes, 0 underruns > > > 47 output errors, 4136024 collisions, 0 interface resets > > > 0 babbles, 0 late collision, 7288239 deferred > > > 47 lost carrier, 0 no carrier > > > 0 output buffer failures, 0 output buffers swapped out > > > Cisco-4700# > > > > > > ""John Neiberger"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > What type of interface are you talking about? > > > > > > > > Serial interfaces are full duplex, ethernet are either half or > full > > > but > > > > the show interface output will indicate the current mode. > > > > > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > > > Is there a way to check if an interface on a router is running > at > > > full > > > > or > > > > half duplex? Show int shows the bandwidth but not the mode. > Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8632&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
This is true of switch ports but the original post was regarding 10BaseT interfaces on Cisco routers. In the past, there were no Cisco 10BaseT interfaces that supported full duplex. It appears that has changed on the 2600/3600 series beginning with IOS 12.0(4)T. It still remains true for other platforms as far as I can tell. John >>> "Brian" 6/14/01 3:29:28 PM >>> Pete you are correct, 10 meg on a hub/repeater is not full duplex, 10 meg switch ports can be full duplex, though are not necessarily that way. Brian "Sonic" Whalen Success = Preparation + Opportunity On Thu, 14 Jun 2001, Peter I. Slow, CCNP wrote: > I beg to differ. > I can set an interface for ten megs and full dup. > also. > arent swith interfaces full duplez? > what about 10 M interfaces? > that one i am unsure about... > Peter Slow, CCNP Voice Specialist > Network Engineer > Planetary Networks > 535 West 34th Street > New York, New York > 10001 > > cell: (516)782.1535 > desk: (646)792.2395 > mail: [EMAIL PROTECTED] > > - Original Message - > From: John Neiberger > To: > Sent: Thursday, June 14, 2001 1:39 PM > Subject: Re: duplex [7:8553] > > > > Oh, okay. I should have been more specific in my previous email. > > Fastethernet can be full or half duplex. Ethernet can only be half > > duplex which is why it does not mention it in that output. That is a > > standard 10BaseT interface and can only do 10Mbs and half duplex. > > > > HTH, > > John > > > > >>> "Vlade" 6/14/01 11:11:03 AM >>> > > It is an ethernet. Here is the show int output: > > I don't see anything indicating the duplex or half duplex. > > > > Cisco-4700#sh int eth1 > > Ethernet1 is up, line protocol is up > > Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) > > Description: To Internal Ethernet > > Internet address is 63.109.136.65/28 > > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load > > 8/255 > > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > > ARP type: ARPA, ARP Timeout 04:00:00 > > Last input 00:00:00, output 00:00:00, output hang never > > Last clearing of "show interface" counters 17w6d > > Queueing strategy: fifo > > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > > 5 minute input rate 125000 bits/sec, 69 packets/sec > > 5 minute output rate 34 bits/sec, 77 packets/sec > > 622847166 packets input, 2416393310 bytes, 0 no buffer > > Received 16924 broadcasts, 0 runts, 0 giants > > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > > 0 input packets with dribble condition detected > > 734906950 packets output, 2580891812 bytes, 0 underruns > > 47 output errors, 4136024 collisions, 0 interface resets > > 0 babbles, 0 late collision, 7288239 deferred > > 47 lost carrier, 0 no carrier > > 0 output buffer failures, 0 output buffers swapped out > > Cisco-4700# > > > > ""John Neiberger"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > What type of interface are you talking about? > > > > > > Serial interfaces are full duplex, ethernet are either half or full > > but > > > the show interface output will indicate the current mode. > > > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > > Is there a way to check if an interface on a router is running at > > full > > > or > > > half duplex? Show int shows the bandwidth but not the mode. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8631&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: frame relay DLCIs [7:8625]
Thank you, that clears many things up. Ben, CCNP --- Mike Fountain wrote: > If it is a multi-point interface you can have more > then one DLCI configured. > > The DLCI configured in the router is actually the > DLCI for the remote end > that the Frame-Relay switch would be telling the > router about. The router > doesn't really care what it's local DLCI is, only > what the remote DLCIs it > should be listening for. > > So this router would expect your frame-relay > vendor's switch to be giving > him LMI updates for PVCs with remote DLCIs of 100 > and 429. > > > > > - Original Message - > From: "No Data" > To: > Sent: Thursday, June 14, 2001 4:20 PM > Subject: frame relay DLCIs [7:8611] > > > > I was playing around with a router here at work > before > > I have to put it into production. I've got a > serial > > interface that is set to encapsulation frame > relay. > > Well, I forgot to take one dlci off and then I > > assigned another dlci to s0 giving s0 both dlci > 100 > > and dlci 429 (there are no sub interfaces here). > Is > > this really possible in a real network and why > would > > one have 2 dlcis on a single interface? > > > > > > Ben, CCNP [EMAIL PROTECTED] __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8630&t=8625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: Switch 2924 [7:8613]
A router/Switch supports up to X simultaneous telnet sessions. If you were using a switch/router as a telnet gateway, and you want to make sure that if all of the ports are taken up you can get access to the network you would set the password for the last vty (line vty X) to be different than the rest. Anyone have any other examples? -Original Message- From: khramov [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 4:56 PM To: Hire, Ejay Subject: Re: Switch 2924 [7:8613] Thanks, but why would you want to set telnet to vty 0 4, for example, what would be the difference between that and lets say vty 5 15? "Hire, Ejay" wrote: Ip http-server uses the enable password, the vty password is for telnet access. This is the desired behavior -Original Message- From: khramov [ mailto:[EMAIL PROTECTED] ] Sent: Thursday, June 14, 2001 4:26 PM To: [EMAIL PROTECTED] Subject: Switch 2924 [7:8613] I am configuring 2924 and I am trying to set a password for http. I did: line vty 5 15 password **, However, instead of the password that I typed in, it uses my enable password to log into the switch through http. What am I doing wrong? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8629&t=8613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help! Urgent!!! [7:8485]
I'm not entirely sure I understand what you mean. As I understand it, you have 2 routers connected to the Ethernet segment of an Alpha Server that has an incorrect but unchangeable subnet mask. Additionally, if one of the links fails, you manually reroute traffic to the working link. Problem 1: Getting Alpha traffic out to the remote sites, without changing the subnet mask. Solution: On both Ethernet routers, enable proxy-arp Commands: (On both Hq routers) Router#config term Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface ethernet 0 Router(config-if)#ip proxy-arp Router(config-if)#^Z Router# Problem 2: No Automatic failover to the second serial connection if one fails. Solution: Run a routing protocol that supports vlsm. Commands: (on every router) router#config term Enter configuration commands, one per line. End with CNTL/Z. router(config)#router rip router(config-router)#version 2 router(config-router)#network 10.0.0.0 router(config-router)#^Z router# If this doesn't work, Send me (not the group) a copy of your configs and I'll try to help. -Ejay -Original Message- From: Vichai Viriyathanaporn [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 9:38 AM To: [EMAIL PROTECTED] Subject: Please Help! Urgent!!! [7:8485] My company have an Alpha Server at Head Office. The server's IP address is 10.1.1.1 and netmask is 255.0.0.0. This Alpha Server OS version can not change the subnet mask. My company have sevaral branch. The Nework Number on each brach look like 10.2.0.0, 10.3.0.0, 10.4.0.0, . I cannot add static route like 10.2.0.0, 10.3.0.0, ... on Alpha Server.Because it's not accept. (It's Network Number is 10.0.0.0) At Head Office, There are 2 Cisco Routers to Connect to branch A. Each Router connect to branch A on different Path. There are only one router at branch A but two Serial interface. The 1st Serial interface connect to H/O. The another connect to the other branch. Let's say the Network Number of Branch A is 10.2.0.0. Pls. see the picture H/O-R1--Ra---Brach A | | |--R2--{Rx--Branch C--Rx}- When Server at H/O send packet to address 10.2.1.1 that the host address in branch A. It broadcast then R1 an R2 catch the packet then tried to send to branch A. Cisco Router automatically send the packet. (There are no static route to brach A on Server (because I cannot do that, the server does not accept it) and the Default Route is not both R1 and R2.) I want R1 is a main router to send packet. If Serial interface of R1 down then R1 send the packet to R2. (I do this by manual configure static route and set the cost on R1) But in the real world it cannot do like that. Because R1 and R2 are automatically forward the packet. Is there a command to disable the automatically forward? Don't try to tell me to change the IP Numbering because there are a lot of factor that I can not do that. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8610&t=8485 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Switch 2924 [7:8613]
I don't think you should go to the vty portion of you config. Your real auth for http should be configured with ip http auth ? (options) command. Default is enable. But, again, I might be wrong... Dragi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8618&t=8613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
Pete you are correct, 10 meg on a hub/repeater is not full duplex, 10 meg switch ports can be full duplex, though are not necessarily that way. Brian "Sonic" Whalen Success = Preparation + Opportunity On Thu, 14 Jun 2001, Peter I. Slow, CCNP wrote: > I beg to differ. > I can set an interface for ten megs and full dup. > also. > arent swith interfaces full duplez? > what about 10 M interfaces? > that one i am unsure about... > Peter Slow, CCNP Voice Specialist > Network Engineer > Planetary Networks > 535 West 34th Street > New York, New York > 10001 > > cell: (516)782.1535 > desk: (646)792.2395 > mail: [EMAIL PROTECTED] > > - Original Message - > From: John Neiberger > To: > Sent: Thursday, June 14, 2001 1:39 PM > Subject: Re: duplex [7:8553] > > > > Oh, okay. I should have been more specific in my previous email. > > Fastethernet can be full or half duplex. Ethernet can only be half > > duplex which is why it does not mention it in that output. That is a > > standard 10BaseT interface and can only do 10Mbs and half duplex. > > > > HTH, > > John > > > > >>> "Vlade" 6/14/01 11:11:03 AM >>> > > It is an ethernet. Here is the show int output: > > I don't see anything indicating the duplex or half duplex. > > > > Cisco-4700#sh int eth1 > > Ethernet1 is up, line protocol is up > > Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) > > Description: To Internal Ethernet > > Internet address is 63.109.136.65/28 > > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load > > 8/255 > > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > > ARP type: ARPA, ARP Timeout 04:00:00 > > Last input 00:00:00, output 00:00:00, output hang never > > Last clearing of "show interface" counters 17w6d > > Queueing strategy: fifo > > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > > 5 minute input rate 125000 bits/sec, 69 packets/sec > > 5 minute output rate 34 bits/sec, 77 packets/sec > > 622847166 packets input, 2416393310 bytes, 0 no buffer > > Received 16924 broadcasts, 0 runts, 0 giants > > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > > 0 input packets with dribble condition detected > > 734906950 packets output, 2580891812 bytes, 0 underruns > > 47 output errors, 4136024 collisions, 0 interface resets > > 0 babbles, 0 late collision, 7288239 deferred > > 47 lost carrier, 0 no carrier > > 0 output buffer failures, 0 output buffers swapped out > > Cisco-4700# > > > > ""John Neiberger"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > What type of interface are you talking about? > > > > > > Serial interfaces are full duplex, ethernet are either half or full > > but > > > the show interface output will indicate the current mode. > > > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > > Is there a way to check if an interface on a router is running at > > full > > > or > > > half duplex? Show int shows the bandwidth but not the mode. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8628&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP and TCP/IP layering [7:8335]
And a more detailed reading of Comer found these statements: Protocols like ARP belong in the network interface layer. Application programs as well as all protocol software from the Internet layer upward use only IP addresses. The network interface layer handles physical addresses. Comer, for those of you just joining says that broadly speaking, TCP/IP has four conceptual layers: Application Transport Internet Network Interface Priscilla At 04:35 PM 6/14/01, Priscilla Oppenheimer wrote: >At 03:42 PM 6/14/01, Dr Rita Puzmanova wrote: > >Thank you all for valid perspectives. Yet my original question (I had on > >mind but perhaps not clearly worded) is still unanswered. I will > >rephrase it: > > > >Does ARP operates at network interface layer or internet layer of TCP/IP > >protocol stack? > >Where are you getting those names for TCP/IP layers? I don't see them in >early TCP/IP RFCs. > >The original ARP RFC is here, and it doesn't use those terms: > >http://andrew2.andrew.cmu.edu/rfc/rfc826.html > >The early TCP standard says the four layers are higher-level, TCP, internet >protocol, and communication network. A search of the early IP standard >didn't find the word layer at all!? ;-) > >Here's my guess. Check the discussion of layering in Douglas Comer's >Internetworking with TCP/IP, Volume I. He says that "broadly speaking, >TCP/IP software is organized into four conceptual layers: application, >transport, Internet, and Network Interface." > >Since 80% of the people on the planet (rough estimate) that learned TCP/IP >learned it from Comer, including authors and tech writers, this conceptual >drawing became "fact" and is explained as THE DOD model, even though DOD >documents don't have such a model. That's my guess. > >Priscilla > > > >Just forget anything else (in particular OSI concepts) - concentrate on > >TCP/IP. To my opinion every protocol must belong somewhere (otherwise > >the whole layering concept would be useless and could not work), it > >cannot be an "interface" (it is a layer protocol, not an interlayer > >protocol within a single system). > > > >No matter whether IETF currently bothers about its own layering system - > >at the beginning they for sure managed to fit the pieces in the puzzle > >(I mean protocols) according to their original, simple > >4-layer-architecture. > > > >Sorry for being s persistent ;-) > > > >Rita > > > >Dr Rita Puzmanova wrote: > > > > > > Hi all, > > > > > > Trivial yet fundamental question. I have seen ARP described as part of > > > the network (internet) layer so many times that I have started to > > > believe it belongs there (although I know well that it operates "as if" > > > the Layer 2 protocol - as per OSI RM). Now I have eventually come across > > > Doug Comer's statement: "It's part of the network interface layer." > > > > > > I should not ask where the truth is but still I will. That would mean > > > quite a lot of books are incorrect in this (including Cisco materials). > > > > > > Rita > > >Priscilla Oppenheimer >http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8627&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 60 or 90 minutes for BSCN? [7:8607]
I passed yesterday, when I started answering questions, the timer showed 1:15 and counting. This was after the questionnaire asking me whether I knew anything about the exam topics, and after accepting the NDA. -jon- --- Kim Fisk wrote: > 60 or 90 minute test duration for BSCN? __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8626&t=8607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: frame relay DLCIs [7:8625]
If it is a multi-point interface you can have more then one DLCI configured. The DLCI configured in the router is actually the DLCI for the remote end that the Frame-Relay switch would be telling the router about. The router doesn't really care what it's local DLCI is, only what the remote DLCIs it should be listening for. So this router would expect your frame-relay vendor's switch to be giving him LMI updates for PVCs with remote DLCIs of 100 and 429. - Original Message - From: "No Data" To: Sent: Thursday, June 14, 2001 4:20 PM Subject: frame relay DLCIs [7:8611] > I was playing around with a router here at work before > I have to put it into production. I've got a serial > interface that is set to encapsulation frame relay. > Well, I forgot to take one dlci off and then I > assigned another dlci to s0 giving s0 both dlci 100 > and dlci 429 (there are no sub interfaces here). Is > this really possible in a real network and why would > one have 2 dlcis on a single interface? > > > Ben, CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8625&t=8625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Beware of Fatbrain [7:7949]
ditto that, i've placed several orders with them, i used to live in San Jose near one of their stores. They have always served me well. Brian "Sonic" Whalen Success = Preparation + Opportunity On Thu, 14 Jun 2001, Bob Vance wrote: > Hmmm. > I've been very pleased with FatBrain, where I get most of my books. > > - > Tks| > BV | > Sr. Technical Consultant, SBM, A Gates/Arrow Co. > Vox 770-623-3430 11455 Lakefield Dr. > Fax 770-623-3429 Duluth, GA 30097-1511 > = > > > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > [EMAIL PROTECTED] > Sent: Monday, June 11, 2001 5:26 AM > To: [EMAIL PROTECTED] > Subject: Beware of Fatbrain [7:7949] > > > Hi Friends, > I would like to share my unfortunate experience shopping with > fatbrain.com > with you all. I had ordered on 18th May 2001 two books from their > website > www.fatbrain.com for my CCIE studies > 1. All-in-one Cisco CCIE Lab Study Guide $ 63.99 > 2. Cisco CCIE Lab Practice Kit $47.99 > Total $ 153.88 (inclusive of Shipping $41.90) > the first book was to be released in June so I had instructed them to > ship > both the books together so that I don't end up paying for shipping > twice. > Then on the 5th June I asked them as to why my books were not shipped as > on > amazon.com as well as Macgraw hill website and their own website showed > the > book released and ready to ship in 24hours. > Fatbrain replied as under : > > Dear customer: > I apologize for the delay > Unfortunately, we were informed by the publisher that the release date > for the book " All-in-One Cisco CCIE Lab Study Guide " has been moved to > June 22nd. This is the reason why this order has not shipped yet. We > will ship the book as soon as we receive them. We will send you an > e-mail notification when the merchandise has actually been shipped. > > If you would like us to proceed with this course, you do not need to > contact us. If we do not receive a cancellation request from you, we > will assume that you agree to the shipment delay and that you still want > the merchandise. > > Thank you for shopping at Fatbrain.com. > > I was shocked when on the 9th of June they sent me an email : > > We are pleased to inform you that your order #1100193440 has shipped. > For > your convenience, we have > provided the details of your order below > Cisco CCIE Lab Practice Kit $47.99 > Shipping $35.95 > >From the above it is clear for all to see that fatbrain does not want to > send the second book as the same now sells for $79.99 > I live in Mumbai and the cost of shipping is exhorbitant and so fatbrain > wants me to cancel my order for the second book. > I request you friends staying in the U.S.A. to help me in this matter. > Niloufer Tamboly. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8624&t=7949 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
bandwidth [7:8623]
I have a 3640 Router with IOS v. 11. Is there a command that displays the speed of the frame relay that's connected to my serial interface? I'd like to find out if it's a full T1 or a partial T1. _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8623&t=8623 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Switch 2924 [7:8613]
Ip http-server uses the enable password, the vty password is for telnet access. This is the desired behavior -Original Message- From: khramov [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 4:26 PM To: [EMAIL PROTECTED] Subject: Switch 2924 [7:8613] I am configuring 2924 and I am trying to set a password for http. I did: line vty 5 15 password **, However, instead of the password that I typed in, it uses my enable password to log into the switch through http. What am I doing wrong? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8622&t=8613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ARP and TCP/IP layering [7:8335]
All nuances aside, the answer for the exams is layer two. That's logical because it is a broadcast and doesn't cross routers unless specifically misconfigured to do so. -Original Message- From: Dr Rita Puzmanova [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 3:42 PM To: [EMAIL PROTECTED] Subject: Re: ARP and TCP/IP layering [7:8335] Thank you all for valid perspectives. Yet my original question (I had on mind but perhaps not clearly worded) is still unanswered. I will rephrase it: Does ARP operates at network interface layer or internet layer of TCP/IP protocol stack? Just forget anything else (in particular OSI concepts) - concentrate on TCP/IP. To my opinion every protocol must belong somewhere (otherwise the whole layering concept would be useless and could not work), it cannot be an "interface" (it is a layer protocol, not an interlayer protocol within a single system). No matter whether IETF currently bothers about its own layering system - at the beginning they for sure managed to fit the pieces in the puzzle (I mean protocols) according to their original, simple 4-layer-architecture. Sorry for being s persistent ;-) Rita Dr Rita Puzmanova wrote: > > Hi all, > > Trivial yet fundamental question. I have seen ARP described as part of > the network (internet) layer so many times that I have started to > believe it belongs there (although I know well that it operates "as if" > the Layer 2 protocol - as per OSI RM). Now I have eventually come across > Doug Comer's statement: "It's part of the network interface layer." > > I should not ask where the truth is but still I will. That would mean > quite a lot of books are incorrect in this (including Cisco materials). > > Rita Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8621&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problems with Snap Shot Routing [7:8609]
you are saying broadcast fixes the issue, but keeps up the bri line? put an access list that would deny broadcasts, of make any type of rip updated uninteresting for the ddr. then, just apply it to the dialer list dialer-list protocol ip list 101 Dragi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8620&t=8609 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Switch 2924 [7:8613]
I looked on Cisco's web site and I couldn't find any information. Would you please explain me what is vty anyway, is it only for telnet sessions? How would you then configure access to the switch from browser. khramov wrote: > I am configuring 2924 and I am trying to set a password for http. > I did: > line vty 5 15 > password **, > However, instead of the password that I typed in, it uses my enable > password to log into the switch through http. What am I doing wrong? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8619&t=8613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: frame relay DLCIs [7:8611]
How about a fully-meshed, one-subnet topology? - Original Message - From: No Data To: [EMAIL PROTECTED] Sent: Thursday, June 14, 2001 4:20 PM Subject: frame relay DLCIs [7:8611] I was playing around with a router here at work before I have to put it into production. I've got a serial interface that is set to encapsulation frame relay. Well, I forgot to take one dlci off and then I assigned another dlci to s0 giving s0 both dlci 100 and dlci 429 (there are no sub interfaces here). Is this really possible in a real network and why would one have 2 dlcis on a single interface? Ben, CCNP __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8617&t=8611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP and TCP/IP layering [7:8335]
At 03:42 PM 6/14/01, Dr Rita Puzmanova wrote: >Thank you all for valid perspectives. Yet my original question (I had on >mind but perhaps not clearly worded) is still unanswered. I will >rephrase it: > >Does ARP operates at network interface layer or internet layer of TCP/IP >protocol stack? Where are you getting those names for TCP/IP layers? I don't see them in early TCP/IP RFCs. The original ARP RFC is here, and it doesn't use those terms: http://andrew2.andrew.cmu.edu/rfc/rfc826.html The early TCP standard says the four layers are higher-level, TCP, internet protocol, and communication network. A search of the early IP standard didn't find the word layer at all!? ;-) Here's my guess. Check the discussion of layering in Douglas Comer's Internetworking with TCP/IP, Volume I. He says that "broadly speaking, TCP/IP software is organized into four conceptual layers: application, transport, Internet, and Network Interface." Since 80% of the people on the planet (rough estimate) that learned TCP/IP learned it from Comer, including authors and tech writers, this conceptual drawing became "fact" and is explained as THE DOD model, even though DOD documents don't have such a model. That's my guess. Priscilla >Just forget anything else (in particular OSI concepts) - concentrate on >TCP/IP. To my opinion every protocol must belong somewhere (otherwise >the whole layering concept would be useless and could not work), it >cannot be an "interface" (it is a layer protocol, not an interlayer >protocol within a single system). > >No matter whether IETF currently bothers about its own layering system - >at the beginning they for sure managed to fit the pieces in the puzzle >(I mean protocols) according to their original, simple >4-layer-architecture. > >Sorry for being s persistent ;-) > >Rita > >Dr Rita Puzmanova wrote: > > > > Hi all, > > > > Trivial yet fundamental question. I have seen ARP described as part of > > the network (internet) layer so many times that I have started to > > believe it belongs there (although I know well that it operates "as if" > > the Layer 2 protocol - as per OSI RM). Now I have eventually come across > > Doug Comer's statement: "It's part of the network interface layer." > > > > I should not ask where the truth is but still I will. That would mean > > quite a lot of books are incorrect in this (including Cisco materials). > > > > Rita Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8615&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
3640S do have duplexing as an option on the fast ethernet NAMs. The 2620s may as well.. HTH Kelly > On what Cisco platform can you configure a regular ethernet port for > full duplex? I've worked on 2500/2600/3600/7500 series routers and > I've never seen this capability. I saw that someone mentioned that in > a newer IOS version they could change the duplex on a standard ethernet > port, but I was under the impression that this was a hardware > limitation, not a software limitation. > > Can any of you point to documentation regarding this? > > Thanks, > John > "Peter I. Slow, CCNP" 6/14/01 12:15:44 PM > I beg to differ. > I can set an interface for ten megs and full dup. > also. > arent swith interfaces full duplez? > what about 10 M interfaces? > that one i am unsure about... > Peter Slow, CCNP Voice Specialist > Network Engineer > Planetary Networks > 535 West 34th Street > New York, New York > 10001 > > cell: (516)782.1535 > desk: (646)792.2395 > mail: [EMAIL PROTECTED] > > - Original Message - > From: John Neiberger > To: > Sent: Thursday, June 14, 2001 1:39 PM > Subject: Re: duplex [7:8553] > > >> Oh, okay. I should have been more specific in my previous email. >> Fastethernet can be full or half duplex. Ethernet can only be half >> duplex which is why it does not mention it in that output. That is > a >> standard 10BaseT interface and can only do 10Mbs and half duplex. >> >> HTH, >> John >> >> >>> "Vlade" 6/14/01 11:11:03 AM >>> >> It is an ethernet. Here is the show int output: >> I don't see anything indicating the duplex or half duplex. >> >> Cisco-4700#sh int eth1 >> Ethernet1 is up, line protocol is up >> Hardware is Am79c970, address is 0060.471f.8b3b (bia > 0060.471f.8b3b) >> Description: To Internal Ethernet >> Internet address is 63.109.136.65/28 >> MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load >> 8/255 >> Encapsulation ARPA, loopback not set, keepalive set (10 sec) >> ARP type: ARPA, ARP Timeout 04:00:00 >> Last input 00:00:00, output 00:00:00, output hang never >> Last clearing of "show interface" counters 17w6d >> Queueing strategy: fifo >> Output queue 0/150, 0 drops; input queue 0/150, 619 drops >> 5 minute input rate 125000 bits/sec, 69 packets/sec >> 5 minute output rate 34 bits/sec, 77 packets/sec >> 622847166 packets input, 2416393310 bytes, 0 no buffer >> Received 16924 broadcasts, 0 runts, 0 giants >> 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort 0 >> input packets with dribble condition detected >> 734906950 packets output, 2580891812 bytes, 0 underruns >> 47 output errors, 4136024 collisions, 0 interface resets >> 0 babbles, 0 late collision, 7288239 deferred >> 47 lost carrier, 0 no carrier >> 0 output buffer failures, 0 output buffers swapped out >> Cisco-4700# >> >> ""John Neiberger"" wrote in message >> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >> > What type of interface are you talking about? >> > >> > Serial interfaces are full duplex, ethernet are either half or > full >> but >> > the show interface output will indicate the current mode. >> > >> > >>> "Vlade" 6/14/01 10:35:02 AM >>> >> > Is there a way to check if an interface on a router is running at >> full >> > or >> > half duplex? Show int shows the bandwidth but not the mode. > Thanks. > [EMAIL PROTECTED] > Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8616&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ipx sap & ddr - my brain hurts! [7:8614]
Hi - I'm trying to rewrite cisco configs for a very small client with cisco routers, frame, and isdn dial backup. They are using both ipx (rip) and ip (eigrp). I'm using floating static ip and ipx routes to cause the isdn interface to dial when there is interesting traffic and the frame interface is down. It works fine. When the frame connection is down and the dial connection is up, I can see ipx saps on the remote network (i.e, each router knows about saps on the remote net). When the dial circuit drops, the ipx rip routes are removed in 240 sec (so far, so good) but the saps disappear at the same time, despite: 1. the "ipx update interval sap changes-only" command in the dialer interfaces, and 2. the floating static routes to the ipx net with the ipx server 3. the dial map command in each dial interface that shows the phone number for the remote dialer interface Why, when the rip routes age out, aren't the floating static routes sufficient for keeping the saps in the sap table? As an alternative, I've tried running ipx eigrp on my frame connection and ipx rip with snapshot routing on my dial up ... the theory being that when the frame connection drops and the eigrp routes go away, the snapshot rip routes will be there, but no dice! I guess IPX administrative distance doesn't work like IP? Or perhaps IPX RIP routes can only be installed in the ipx route table when they are learned? Help, my brain hurts! Thanks in advance! -- Jason Douglas Lucent World Wide Services Pager 888-451-0755 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8614&t=8614 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Switch 2924 [7:8613]
I am configuring 2924 and I am trying to set a password for http. I did: line vty 5 15 password **, However, instead of the password that I typed in, it uses my enable password to log into the switch through http. What am I doing wrong? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8613&t=8613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Problems with Snap Shot Routing [7:8609]
I'm struggling with similar issues myself, so feel incompetent at this point ... however, it looks to me like the reason the line does not disc. when you have the broadcast param is that your ipx rip is considered interesting traffic. I think you need to add the access-list 915 you defined to your dialer-list access-list 915 deny 0 any all any 457 access-list 915 deny rip any rip any rip access-list 915 deny sap any sap any sap access-list 915 permit any any all any all dialer-list 1 protocol ip permit dialer-list 1 protocol ipx list 915 Jason Circusnuts wrote: > > Hey all- I'm trying to get Snap Shot Routing "up" on an ISDN link. I spent > most the morning with it & checked the CCO's Open Forum many times. > Basically- I cannot get IPX RIP updates to cross the BRI, for route table > updates. Snap Shot is doing it's part, opens & closes @ the specified times. > If I allow the "broadcast" statement in the "dialer map," this of course > fixes > the routing table update issue... but BRI never goes down (semi obvious > reaction :o) I've found very little information dealing with the mechanics > of > Snap Shot, except for configs. > > If anyone can please take a glance @ the configs for me, I would be very > appreciative of any suggestions !!! > http://www.geocities.com/circusnuts_1999/SnapShot.htm > > Thanks !!! > Phil -- Jason Douglas Lucent World Wide Services Pager 888-451-0755 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8612&t=8609 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
frame relay DLCIs [7:8611]
I was playing around with a router here at work before I have to put it into production. I've got a serial interface that is set to encapsulation frame relay. Well, I forgot to take one dlci off and then I assigned another dlci to s0 giving s0 both dlci 100 and dlci 429 (there are no sub interfaces here). Is this really possible in a real network and why would one have 2 dlcis on a single interface? Ben, CCNP __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8611&t=8611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Problems with Snap Shot Routing [7:8609]
Hey all- I'm trying to get Snap Shot Routing "up" on an ISDN link. I spent most the morning with it & checked the CCO's Open Forum many times. Basically- I cannot get IPX RIP updates to cross the BRI, for route table updates. Snap Shot is doing it's part, opens & closes @ the specified times. If I allow the "broadcast" statement in the "dialer map," this of course fixes the routing table update issue... but BRI never goes down (semi obvious reaction :o) I've found very little information dealing with the mechanics of Snap Shot, except for configs. If anyone can please take a glance @ the configs for me, I would be very appreciative of any suggestions !!! http://www.geocities.com/circusnuts_1999/SnapShot.htm Thanks !!! Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8609&t=8609 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2600 Ethernet Full Duplex [7:8608]
I finally found a single reference after a *lot* of searching on CCO that indicates in 12.0(4)T, full duplex capability was added to ethernet interfaces on the 2600 and 3600 platforms. I found this in a list of caveats that mentioned a situation where this would not work even though it was supposed to. I found no other reference anywhere that mentioned this was possible. This actually makes me pretty happy because I upgraded a 2611 a while back and it would help us out greatly if those ports could do full duplex. To the person who pointed this out, I thank you! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8608&t=8608 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
60 or 90 minutes for BSCN? [7:8607]
60 or 90 minute test duration for BSCN? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8607&t=8607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Bridging IRB versus CRB [7:8331]
Hmmm...I'd say #1 sounds like IRB - assigning an IP address to a BVI. #2...doesn't make any sense to me. If you understand my explanation below, then I'd ignore what the book says and just start playing around with it in the lab. :-) - Original Message - From: Burnham, Chris To: 'Bradley J. Wilson' Sent: Thursday, June 14, 2001 4:34 AM Subject: RE: Bridging IRB versus CRB [7:8331] I understand this fully but it states in the "Baer Wolf CCIE 350-001 Routing & Switching Prep" "Traffic from each group of interfaces cannot be switched between groups unless either of the following conditions are met: 1) The bridged interfaces are given a network layer address 2) The routed interfaces are added to the same bridge group. So you can bridge or route on the same interfaces using CRB . THEN WHY IRB OR IS THE BOOK WRONG.I HAVE NOT TRIED IT IN THE LAB -Original Message- From: Bradley J. Wilson [mailto:[EMAIL PROTECTED]] Sent: 13 June 2001 22:55 To: [EMAIL PROTECTED] Subject: Re: Bridging IRB versus CRB [7:8331] I just got through learning about this myself over the past couple of weeks - I was working a lab problem that was kicking my a$$, but I got through it. Here's how I look at the basics, though - in an evolutionary pattern: 1) Think of your basic, not-overly-bright router. You can either have "ip routing" enabled, in which case IP is routed between ports, or you can have "no ip routing," in which case you'll bridge between ports. Can't have both, so that's where CRB comes in. 2) With CRB, you can set up some ports for routing, and some ports for bridging. Unfortunately, this solution didn't really help anyone, since the bridge ports could only talk to other bridge ports, and the router ports could only talk to other router ports, but never the twain did meet. Enter IRB. 3) With IRB, you can now have some ports that bridge, some ports that route, and then route between the bridge ports and the routed ports by using a BVI - a bridged virtual interface. (Here's the hint, and the key to the problem that was raking me over the coals for two solid weeks: whatever protocol you want to bridge (IPX, in my case) needs to be *routed* on the BVI!) HTH, BJ - Original Message - From: Burnham, Chris To: [EMAIL PROTECTED] Sent: Wednesday, June 13, 2001 9:40 AM Subject: Bridging IRB versus CRB [7:8331] In CRB. Concurrent Routing & Bridging can route a protocol on one group of interfaces & bridge that protocol on another group of interfaces The traffic on each group of interfaces cannot be switched between groups unless either of the following conditions are met: 1)Bridged Interfaces are given Network layer address 2)Routed interfaces are put in the bridge group. Once either of these two conditions are met you are routing and bridging on the same interface.? My question is ,isn't this is what IRB (integrated routing & bridging) is ment to achieve.? If so what is the difference? Chris Burnham, Systems Engineer, Delphis Consulting Plc. Tel: +(44) 020 7916 0200 Mob: +(44) 07799403576 [EMAIL PROTECTED] This e-mail and any files transmitted with it are intended solely for the addressee and are confidential. They may also be legally privileged. Copyright in them is reserved by Delphis Consulting PLC ["Delphis"] and they must not be disclosed to, or used by, anyone other than the addressee. If you have received this e-mail and any accompanying files in error, you may not copy, publish or use them in any way and you should delete them from your system and notify us immediately.E-mails are not secure. Delphis does not accept responsibility for changes to e-mails that occur after they have been sent. Any opinions expressed in this e-mail may be personal to the author and may not necessarily reflect the opinions of Delphis. This e-mail and any files transmitted with it are intended solely for the addressee and are confidential. They may also be legally privileged. Copyright in them is reserved by Delphis Consulting PLC ["Delphis"] and they must not be disclosed to, or used by, anyone other than the addressee. If you have received this e-mail and any accompanying files in error, you may not copy, publish or use them in any way and you should delete them from your system and notify us immediately.E-mails are not secure. Delphis does not accept responsibility for changes to e-mails that occur after they have been sent. Any opinions expressed in this e-mail may be personal to the author and may not necessarily reflect the opinions of Delphis. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8606&t=8331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP and TCP/IP layering [7:8335]
Thank you all for valid perspectives. Yet my original question (I had on mind but perhaps not clearly worded) is still unanswered. I will rephrase it: Does ARP operates at network interface layer or internet layer of TCP/IP protocol stack? Just forget anything else (in particular OSI concepts) - concentrate on TCP/IP. To my opinion every protocol must belong somewhere (otherwise the whole layering concept would be useless and could not work), it cannot be an "interface" (it is a layer protocol, not an interlayer protocol within a single system). No matter whether IETF currently bothers about its own layering system - at the beginning they for sure managed to fit the pieces in the puzzle (I mean protocols) according to their original, simple 4-layer-architecture. Sorry for being s persistent ;-) Rita Dr Rita Puzmanova wrote: > > Hi all, > > Trivial yet fundamental question. I have seen ARP described as part of > the network (internet) layer so many times that I have started to > believe it belongs there (although I know well that it operates "as if" > the Layer 2 protocol - as per OSI RM). Now I have eventually come across > Doug Comer's statement: "It's part of the network interface layer." > > I should not ask where the truth is but still I will. That would mean > quite a lot of books are incorrect in this (including Cisco materials). > > Rita Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8605&t=8335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Tools [7:8541]
And Netforensics (Realtime, Global, Syslog Manipulation and presentation and event notification) www.netforensics.com -Original Message- From: Stephen Skinner [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 1:09 PM To: [EMAIL PROTECTED] Subject: Re: Network Tools [7:8541] Okey Dokey hardware get a laptop...running Win2000 (that way you can change ip address(non-dhcp) on the Fly software www.solarwinds.net ( solarwinds pro) managment+troubleshooting $500 www.nai.com (snifferpro or netXray) troubleshooting $500-10,000 www.concord.com (Nethealth) reporting+Stats $20-100,00 www.hp.com (Hpopenview) reporting+managment+troublshooting $ www.cisco.com (ciscoworks2000) Reporting (Resource manager essentials)+ Troubleshooting (Vlan,ATM,WAN manager) managemnt (CSWI,etc,etc) $30,000 as you can see it depends on your budget . i use hpopenview all day as it flags up devices/office/ospf area`s going down ..and can do some real-time int stats(nice graph).also logging of error`s ...Node down,SNMP mis-match,etc,etc,etc also concord nethealth...good for telling me what has happened...can tell say ,,,cpu utilization on a router for the last 12/24H..t up to weeks...gives graph... if you can`t stretch to that use solarwinds( some good tools for small networks) and netXray (packet analyser)we have 1,000s of devises over 100`s of sites so use enterprise tools HTH steve >From: "Jim Yam" >Reply-To: "Jim Yam" >To: [EMAIL PROTECTED] >Subject: Network Tools [7:8541] >Date: Thu, 14 Jun 2001 11:43:59 -0400 > >Can anybody recommend some good hardware and software tools for networking >and troubleshooting. >Please do let me know estimate cost if possible. Thanks in advance. _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8604&t=8541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: system:/running-config (Not enough space) [7:8555]
check your iomem config. you probably don't have enough iomem. change it with memory-size iomem 25 (25 ie) save it and reload. Dragi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8603&t=8555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: system:/running-config (Not enough space) [7:8555]
A SWAG is that the router's memory doesn't have enough space for the running config. At issue is whether that is normal for what you are doing vs the amount of DRAM .. or .. whether there is a bug in your version of IOS that is causing a memory leak. The former can be solved with more DRAM. The latter with an IOS update. Check on the CCO TAC page for "Troubleshooting Memory Problems". > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 14, 2001 11:52 AM > To: [EMAIL PROTECTED] > Subject: system:/running-config (Not enough space) [7:8555] > > > fairly newbie question > I'm having trouble understanding why from time to time on my > 2610 router > 12.0(5)T1when i do a sh run nothing appears , as in > router#sh run > router# > it seems to occur when the router has been up a while (a few > weeks) and > usually i reload (not very scientific) and the problem > pleasantly goes away. > > i get the following error when i do a "copy start run" > %Error opening system:/running-config (Not enough space) > > how can this be? > > any suggestions other than reload or upgrade IOS > > > > Simon Halder > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8602&t=8555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Looking for position in Northern Virginia [7:8600]
Hi all, I'm looking for a Sr. Network Engineer position in the Norther Virginia area. Interests include LAN/WAN/IP Telephony design/implementiona. I have 8 years experience in the networking industry. I have passed my CCIE written, and currently hold my CCNP, CCDA, CCNA, and MCSE. I also have a VOIP background (Softswitch/AVVID exp) If anyone out there knows of a position, please let me know. Thanks [EMAIL PROTECTED] __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8600&t=8600 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Arrowpoint NAT [7:8324]
Inbound set to a virtual server IP and trying to do outbound NAT? You using the same IP for both? - Original Message - From: "George Dodds" To: Sent: Wednesday, June 13, 2001 6:51 AM Subject: OT: Arrowpoint NAT [7:8324] > Had an issue recently where our arrowpoint cs800 was > able do do NAT for inbound packets to a server, but > was unable to perform NAT for outbound packets. > > Has anyone come across this issue before?? > > Cheers > > George > > = > George Dodds > > CCNA, MCP > > __ > Do You Yahoo!? > Get personalized email addresses from Yahoo! Mail - only $35 > a year! http://personal.mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8598&t=8324 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE lab? [7:8596]
As far as voice goes, if you use 2600 routers with voice cards, it can get spendy. Alternately, you can use one of Cisco's SOHO 800 series routers that has VoIP features. The 827-4v has ethernet, aDSL (Alcatel DMT), and four FXS/FXO ports, for $1000 list (DPRG shows refurbished 827-4v's for $500). Don't even use the DSL port, just hook up some cheap analog phones to the VoIP ports, and you're off and running. Build a simple dial plan to call from one port to the other. Buy two routers, and run the VoIP across your existing lab network -- you're still well under the cost of the network and voice modules, never mind what you spent on the 1700/2600 to house them. Note that the 827-4v was initially shipped with less than the minimum required memory to run a stable IP-Voice IOS version; that should be fixed by now. If there's something on the CCIE lab that can't be done with this setup, I'm not aware of it -- N.B. I haven't done the lab, just some initial VoIP playing around. If anyone knows why the 827-4v isn't a good lab solution, please share. -jon- --- Brad Ellis wrote: > Anthony, > > There are a couple things to look at when developing a CCIE home lab: > > 1) How much can I afford? (The big question) > 2) What practice labs am I going to work on? > 3) Will my wife care if she doesnt ever see me? > > 1 - The amount you can afford on a lab will determine the type of > hardware > you will have. ISDN will cost about $4k to include the simulator and a > couple of 25xx's that can support ISDN. VoIP will cost about $4500 > (including routers and modules). ATM will cost $$$. > > 2 - The practice labs you are going to attempt will help determine the > topology you would like to simulate, i.e. which routers/switches will > best apply (interfaces, etc). > > For example, if you were going to purchase and do the ccbootcamp labs, > you > would probably want 8-10 routers, a catalyst 5000 type switch, and an > ISDN > simulator which will probably run you around $12k-$15k. On top of that, > you'll still need some ATM and VoIP experience; which I typically > recommend using remote-rack time. > > That should get you started. Let me know if you have anymore questions > or need any hardware. > > thanks, > -Brad Ellis > CCIE#5796 > [EMAIL PROTECTED] > cisco hardware: www.optsys.net > > ""anthony moore"" wrote: > Anyone got any advice on equipment that should go into CCIE lab. > What has worked for you. I know that the Cisco web site has the lab > equipment list but what I want to know is LITERALLY what equipment do > you have in your lab or do you know of that has worked for others. > Thanks. . this site is awesome? __ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8596&t=8596 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
On what Cisco platform can you configure a regular ethernet port for full duplex? I've worked on 2500/2600/3600/7500 series routers and I've never seen this capability. I saw that someone mentioned that in a newer IOS version they could change the duplex on a standard ethernet port, but I was under the impression that this was a hardware limitation, not a software limitation. Can any of you point to documentation regarding this? Thanks, John >>> "Peter I. Slow, CCNP" 6/14/01 12:15:44 PM >>> I beg to differ. I can set an interface for ten megs and full dup. also. arent swith interfaces full duplez? what about 10 M interfaces? that one i am unsure about... Peter Slow, CCNP Voice Specialist Network Engineer Planetary Networks 535 West 34th Street New York, New York 10001 cell: (516)782.1535 desk: (646)792.2395 mail: [EMAIL PROTECTED] - Original Message - From: John Neiberger To: Sent: Thursday, June 14, 2001 1:39 PM Subject: Re: duplex [7:8553] > Oh, okay. I should have been more specific in my previous email. > Fastethernet can be full or half duplex. Ethernet can only be half > duplex which is why it does not mention it in that output. That is a > standard 10BaseT interface and can only do 10Mbs and half duplex. > > HTH, > John > > >>> "Vlade" 6/14/01 11:11:03 AM >>> > It is an ethernet. Here is the show int output: > I don't see anything indicating the duplex or half duplex. > > Cisco-4700#sh int eth1 > Ethernet1 is up, line protocol is up > Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) > Description: To Internal Ethernet > Internet address is 63.109.136.65/28 > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load > 8/255 > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > ARP type: ARPA, ARP Timeout 04:00:00 > Last input 00:00:00, output 00:00:00, output hang never > Last clearing of "show interface" counters 17w6d > Queueing strategy: fifo > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > 5 minute input rate 125000 bits/sec, 69 packets/sec > 5 minute output rate 34 bits/sec, 77 packets/sec > 622847166 packets input, 2416393310 bytes, 0 no buffer > Received 16924 broadcasts, 0 runts, 0 giants > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > 0 input packets with dribble condition detected > 734906950 packets output, 2580891812 bytes, 0 underruns > 47 output errors, 4136024 collisions, 0 interface resets > 0 babbles, 0 late collision, 7288239 deferred > 47 lost carrier, 0 no carrier > 0 output buffer failures, 0 output buffers swapped out > Cisco-4700# > > ""John Neiberger"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > What type of interface are you talking about? > > > > Serial interfaces are full duplex, ethernet are either half or full > but > > the show interface output will indicate the current mode. > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > Is there a way to check if an interface on a router is running at > full > > or > > half duplex? Show int shows the bandwidth but not the mode. Thanks. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8595&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: poor web acces through PIX [7:7812]
Just a thought. Use the access-list as trouble-shooting help. put a permit tcp any any in there and try to get a page. then do a sho access-list...or is it sho logg...anyway, see if the rule is getting hit (in parenthesis after the rule). I had a similar situation that even stumped tac. The client had tried to install proxy the day before I got there with the pix. Proxy cilent was on the machines and it wasn't even getting to the pix. I put permit tcp any any statement and could see it wasn't even hitting the pix. Hansraj Patil wrote: > here is pix config > > PIX Version 5.2(5) > nameif ethernet0 outside security0 > nameif ethernet1 inside security100 > enable password * encrypted > passwd ** encrypted > hostname host515 > fixup protocol ftp 21 > fixup protocol http 80 > fixup protocol h323 1720 > fixup protocol rsh 514 > fixup protocol smtp 25 > fixup protocol sqlnet 1521 > fixup protocol sip 5060 > names > access-list icmp_traffic permit icmp any any > pager lines 24 > logging on > no logging timestamp > no logging standby > no logging console > no logging monitor > logging buffered debugging > no logging trap > no logging history > logging facility 20 > logging queue 512 > interface ethernet0 auto > interface ethernet1 auto > mtu outside 1500 > mtu inside 1500 > ip address outside 208.68.87.26 255.255.255.0 > ip address inside 192.168.20.1 255.255.255.0 > ip audit info action alarm > ip audit attack action alarm > arp timeout 14400 > global (outside) 1 interface > nat (inside) 1 192.168.20.0 255.255.255.0 0 0 > static (inside,outside) 208.68.87.33 192.168.20.100 netmask 255.255.255.255 > 0 0 > access-group icmp_traffic in interface outside > route outside 0.0.0.0 0.0.0.0 208.68.87.25 1 > timeout xlate 3:00:00 > timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 > 0:05:00 si > p 0:30:00 sip_media 0:02:00 > timeout uauth 0:05:00 absolute > aaa-server TACACS+ protocol tacacs+ > aaa-server RADIUS protocol radius > no snmp-server location > no snmp-server contact > snmp-server community public > no snmp-server enable traps > floodguard enable > no sysopt route dnat > isakmp identity hostname > telnet timeout 5 > ssh timeout 15 > terminal width 80 > Cryptochecksum:b9b3c3f7fb3d4543a6a41ac6 > > >From: "Allen May" > >Reply-To: "Allen May" > >To: [EMAIL PROTECTED] > >Subject: Re: poor web acces through PIX [7:7812] > >Date: Mon, 11 Jun 2001 10:52:04 -0400 > > > >If you still need help, cut & paste your config into an email. Just remove > >any sensitive information first. > > > >Allen May > > > >- Original Message - > >From: "Hansraj Patil" > >To: > >Sent: Friday, June 08, 2001 11:22 PM > >Subject: poor web acces through PIX [7:7812] > > > > > > > Hello friends, > > > > > > Here is problem... > > > > > > I have straightforward configuration of pix firewall. PIX is doing PAT & > > > IPsec tunnel. > > > > > > PIX ver is 5.2(5) > > > > > > Inside machine can ping outside but when tried to access any web site it > > > times out. Web page is not downloaded. If I see log, they are normal. I > >can > > > see request going for web page & repply comming back. This is not an > >issue > > > with access-list, because I tried with 'permit ip any any'. I tried > >using > > > access-list as well as conduits. But still no luck. > > > > > > IF I remove PIX & directly connect machine to internt everything workes > > > fine. > > > > > > > > > Can anybody help me out with this problem ? > > > > > > I open Cisco TAC. They checked the configs and looks like there is no > > > problem with config. > > > > > > > > > Any help is greatly appriciated. > > > > > > thanks > > > hansraj. > > > > > > > > > > > > _ > > > Get your FREE download of MSN Explorer at http://explorer.msn.com > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8587&t=7812 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Exam Study Questions [7:8594]
I made the mistake of buying practice exam questions from WANPROS.COM they are so out of date and seem tailored to the old exam format. Does anyone know of something better? I am trying to get myself ready for an exam and these outdated WANPOR>COM questions are whack. Please help!!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8594&t=8594 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help! Urgent!!! [7:8485]
If your Alpha has a route to 10.0.0.0 then of course you can't add a route to 10.2.0.0, 10.3.0.0 etc. You need to delete the 10.0.0.0 route first. Feargal -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vichai Viriyathanaporn Sent: Thursday, June 14, 2001 6:38 AM To: [EMAIL PROTECTED] Subject: Please Help! Urgent!!! [7:8485] My company have an Alpha Server at Head Office. The server's IP address is 10.1.1.1 and netmask is 255.0.0.0. This Alpha Server OS version can not change the subnet mask. My company have sevaral branch. The Nework Number on each brach look like 10.2.0.0, 10.3.0.0, 10.4.0.0, . I cannot add static route like 10.2.0.0, 10.3.0.0, ... on Alpha Server.Because it's not accept. (It's Network Number is 10.0.0.0) At Head Office, There are 2 Cisco Routers to Connect to branch A. Each Router connect to branch A on different Path. There are only one router at branch A but two Serial interface. The 1st Serial interface connect to H/O. The another connect to the other branch. Let's say the Network Number of Branch A is 10.2.0.0. Pls. see the picture H/O-R1--Ra---Brach A | | |--R2--{Rx--Branch C--Rx}- When Server at H/O send packet to address 10.2.1.1 that the host address in branch A. It broadcast then R1 an R2 catch the packet then tried to send to branch A. Cisco Router automatically send the packet. (There are no static route to brach A on Server (because I cannot do that, the server does not accept it) and the Default Route is not both R1 and R2.) I want R1 is a main router to send packet. If Serial interface of R1 down then R1 send the packet to R2. (I do this by manual configure static route and set the cost on R1) But in the real world it cannot do like that. Because R1 and R2 are automatically forward the packet. Is there a command to disable the automatically forward? Don't try to tell me to change the IP Numbering because there are a lot of factor that I can not do that. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8526&t=8485 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPP Negotiation question --- HELP!!! PLEASE! [7:8438]
I got it to work! I decided to "downgrade" to an older IOS 12.1.5T and the ppp negotiation and AAA authentication worked! Now my other problem is I'm getting routing issues. I can't seem to ping the laptop that has established the session from the Router - ? ""Rahul Kachalia"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Kenneth, > > Few strange this from following trace.. > > 1. PPTP does comes in & establishes connection & which brings vaccess > interface up too..if thats the case then why outgoing PPP packets are not > shown in debug. Try turning "debug vpdn packet" "debug vpdn error" & "debug > vpdn event" on & see if you get traces after placing pptp call. > > 2. As you mentioned connection doesnt comes up, from following traces i > didnt found it went back down if its true then i need traces till that level > to see which process/layer failed to establish connection . > > 3. You have configured AAA for login but i didnt saw any UDP packet going to > internal network for getting authenticatad. > > Just curious if you can try after removing MPPE if that works then try > configuring it to auto "ppp encrypt mppe auto", but i would prefer just try > without encryption first & see if that works. Tommorow i will simulate in > lab to figure out whats causing it meanwhile you can provide above traces. > > Also let me know your email id, since this email id fails to deliver > message. > > thanks, > rahul. > > om: "Kenneth" > Reply-To: "Kenneth" > To: [EMAIL PROTECTED] > Subject: Re: PPP Negotiation question --- HELP!!! PLEASE! [7:8438] > Date: Wed, 13 Jun 2001 23:17:09 -0400 > > Nothing came up with the debugs you listed except for ip packet detail > > The router is a 2621 with 2 Fastethernet ports. Fa0/0 is connected to our > internal network, while Fa0/1 is connected to a border router to the > internet. PPTP arrives on the Fa0/1 interface. Fa0/1 has a public IP > address while Fa0/0 has the private address. > > Here's the debug from debug ip packet det - I replaced the router's public > ip with A.B.C.D > > > Jun 13 22:51:35: IP: s=A.B.C.D (local), d=66.32.46.139 (FastEthernet0/1), > len 116, sending > Jun 13 22:51:35: TCP src=22, dst=2604, seq=1252417216, ack=391149, > win=4028 ACK PSH > Jun 13 22:51:35: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 40, rcvd 3 > Jun 13 22:51:35: TCP src=2604, dst=22, seq=391149, ack=1252417292, > win=8120 ACK > Jun 13 22:51:36: IP: s=192.168.1.3 (FastEthernet0/0), d=224.0.0.10, len 60, > rcvd 2, proto=88 > Jun 13 22:51:36: IP: s=192.168.1.1 (FastEthernet0/0), d=224.0.0.10, len 60, > rcvd 2, proto=88 > Jun 13 22:51:36: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 44, rcvd 3 > Jun 13 22:51:36: TCP src=2626, dst=1723, seq=384185, ack=0, win=8192 SYN > Jun 13 22:51:36: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 40, rcvd 3 > Jun 13 22:51:36: TCP src=2626, dst=1723, seq=384186, ack=79997953, > win=8576 ACK > Jun 13 22:51:36: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 196, rcvd 3 > Jun 13 22:51:36: TCP src=2626, dst=1723, seq=384186, ack=79997953, > win=8576 ACK PSH > Jun 13 22:51:37: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 208, rcvd 3 > Jun 13 22:51:37: TCP src=2626, dst=1723, seq=384342, ack=79998109, > win=8420 ACK PSH > Jun 13 22:51:37: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to > up > Jun 13 22:51:37: IP: s=A.B.C.D (local), d=66.32.46.139 (FastEthernet0/1), > len 55, sending, proto=47 > Jun 13 22:51:37: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 64, rcvd 3 > Jun 13 22:51:37: TCP src=2626, dst=1723, seq=384510, ack=79998141, > win=8388 ACK PSH > Jun 13 22:51:37: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 53, rcvd 3, proto=47 > Jun 13 22:51:37: IP: s=192.168.1.5 (FastEthernet0/0), d=224.0.0.10, len 60, > rcvd 2, proto=88 > Jun 13 22:51:37: IP: s=192.168.1.10 (local), d=224.0.0.10 (FastEthernet0/0), > len 60, sending broad/multicast, proto=88 > Jun 13 22:51:37: IP: s=66.32.46.139 (FastEthernet0/1), d=A.B.C.D > (FastEthernet0/1), len 55, rcvd 3, proto=47 > Jun 13 22:51:38: IP: s=172.16.3.1 (local), d=224.0.0.10 (Loopback0), len 60, > sending broad/multicast, proto=88 > Jun 13 22:51:38: IP: s=172.16.3.1 (Loopback0), d=224.0.0.10, len 60, rcvd 2, > proto=88 > Jun 13 22:51:38: %LINEPROTO-5-UPDOWN: Line protocol on Interface > Virtual-Access1, changed state to up > Jun 13 22:51:38: IP: s=192.168.1.97 (FastEthernet0/0), d=192.168.1.255 > (FastEthernet0/0), len 229, rcvd 3 > Jun 13 22:51:38: UDP src=138, dst=138 > Jun 13 22:51:38: IP: s=192.168.1.9 (FastEthernet0/0), d=224.0.0.10, len 60, > rcvd 2, proto=88 > Jun 13 22:51:38: IP: s=192.168.1.33 (FastEthernet0/0), d=192.168.1.255 > (FastEthernet0/0), len 78, rcvd 3 > Jun 13 22:51:38: UDP src=137, dst=137 > Jun 13 22:51:39: IP: s=A.B.C.D (local), d=66
RE: CIR/Port speed/PVC speed [7:8480]
Port Speed - The connection to the providers network. Physically limits the maximum amount of data you can push to the provider. CIR - Committed Information Rate - The amount of data the provider guarantees (by contract) to transport for you in a given amount of time. PVC Speed - ? You've got me on this one, I've never heard of it before. Anyone? -Original Message- From: Thomas [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 14, 2001 3:03 AM To: [EMAIL PROTECTED] Subject: CIR/Port speed/PVC speed [7:8480] Hi All, Can someone definde the difference between CIR, Port speed and PVC speed on routers? I am so confused on these items with my current ISPs. Thanks in advance!!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8592&t=8480 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Web caching....Big question!!!!!! [7:8540]
Check out cache flow, Foundry Networks works alot with them on bid Web deals; good products! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Thursday, June 14, 2001 11:15 AM To: [EMAIL PROTECTED] Subject: Re: Web cachingBig question!! [7:8540] Have a look at http://www.squid-cache.org/ HTH Dom Stocqueler "John Kale" cc: Sent by: Subject: Web cachingBig question!! [7:8540] nobody@groups tudy.com 14/06/2001 16:39 Please respond to "John Kale" if u had a 250 user network that runs ip and ipx, contains 4 switches (catalyst 4006) running vlans and 2 3640 running a Gre tunnel and ipsecwhat solution beside the cisco caching engine would u use for web caching? John _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8580&t=8540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE lab? [7:8440]
Anthony, There are a couple things to look at when developing a CCIE home lab: 1) How much can I afford? (The big question) 2) What practice labs am I going to work on? 3) Will my wife care if she doesnt ever see me? 1 - The amount you can afford on a lab will determine the type of hardware you will have. ISDN will cost about $4k to include the simulator and a couple of 25xx's that can support ISDN. VoIP will cost about $4500 (including routers and modules). ATM will cost $$$. 2 - The practice labs you are going to attempt will help determine the topology you would like to simulate, i.e. which routers/switches will best apply (interfaces, etc). For example, if you were going to purchase and do the ccbootcamp labs, you would probably want 8-10 routers, a catalyst 5000 type switch, and an ISDN simulator which will probably run you around $12k-$15k. On top of that, you'll still need some ATM and VoIP experience; which I typically recommend using remote-rack time. That should get you started. Let me know if you have anymore questions or need any hardware. thanks, -Brad Ellis CCIE#5796 [EMAIL PROTECTED] cisco hardware: www.optsys.net ""anthony moore"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Anyone got any advice on equipment that should go into CCIE lab. What has > worked for you. I know that the Cisco web site has the lab equipment list > but what I want to know is LITERALLY what equipment do you have in your lab > or do you know of that has worked for others. Thanks. . this site is awesome? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8591&t=8440 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
If you have a router connected to a hub on eth0 you must use half duplex since you do not have a swicthed connection. Switches do not have this limititaion because each port is in its own collision domain allows for full duplex communication. My problem is I have a direct conection via a crossover cable from the eth0 int to a Nokia firewall's eth5. The Nokia is capable of 10/100 full or half duplex . The firewall is set for half dulplex 10Mb but I wanted to know if I could change this to a full duplex connection. ""Peter I. Slow, CCNP"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I beg to differ. > I can set an interface for ten megs and full dup. > also. > arent swith interfaces full duplez? > what about 10 M interfaces? > that one i am unsure about... > Peter Slow, CCNP Voice Specialist > Network Engineer > Planetary Networks > 535 West 34th Street > New York, New York > 10001 > > cell: (516)782.1535 > desk: (646)792.2395 > mail: [EMAIL PROTECTED] > > - Original Message - > From: John Neiberger > To: > Sent: Thursday, June 14, 2001 1:39 PM > Subject: Re: duplex [7:8553] > > > > Oh, okay. I should have been more specific in my previous email. > > Fastethernet can be full or half duplex. Ethernet can only be half > > duplex which is why it does not mention it in that output. That is a > > standard 10BaseT interface and can only do 10Mbs and half duplex. > > > > HTH, > > John > > > > >>> "Vlade" 6/14/01 11:11:03 AM >>> > > It is an ethernet. Here is the show int output: > > I don't see anything indicating the duplex or half duplex. > > > > Cisco-4700#sh int eth1 > > Ethernet1 is up, line protocol is up > > Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) > > Description: To Internal Ethernet > > Internet address is 63.109.136.65/28 > > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load > > 8/255 > > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > > ARP type: ARPA, ARP Timeout 04:00:00 > > Last input 00:00:00, output 00:00:00, output hang never > > Last clearing of "show interface" counters 17w6d > > Queueing strategy: fifo > > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > > 5 minute input rate 125000 bits/sec, 69 packets/sec > > 5 minute output rate 34 bits/sec, 77 packets/sec > > 622847166 packets input, 2416393310 bytes, 0 no buffer > > Received 16924 broadcasts, 0 runts, 0 giants > > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > > 0 input packets with dribble condition detected > > 734906950 packets output, 2580891812 bytes, 0 underruns > > 47 output errors, 4136024 collisions, 0 interface resets > > 0 babbles, 0 late collision, 7288239 deferred > > 47 lost carrier, 0 no carrier > > 0 output buffer failures, 0 output buffers swapped out > > Cisco-4700# > > > > ""John Neiberger"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > What type of interface are you talking about? > > > > > > Serial interfaces are full duplex, ethernet are either half or full > > but > > > the show interface output will indicate the current mode. > > > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > > Is there a way to check if an interface on a router is running at > > full > > > or > > > half duplex? Show int shows the bandwidth but not the mode. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8590&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab Retake Policy Question [7:8542]
Yup, right back to the end of the line! Your best bet is to pass!!! :) There is a waiting list you can put your name on for cancelations, but Im guessing that waiting list is pretty large by now. I think Cisco is trying to figure something out to alleviate the long waiting period (hence the email they sent out to the current CCIEs). thanks, -Brad Ellis CCIE#5796 [EMAIL PROTECTED] cisco hardware: www.optsys.net ""Craig Columbus"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Regarding the CCIE lab retake policy: > > If one takes the lab and narrowly fails, the official waiting period to > retake is thirty days. Is there a separate queue for retake candidates, or > do retake candidates have to re-register in the standard queue, with a > waiting period of (currently) 8 months in some places? My assumption is > that someone retaking goes back to the end of the line. Can anyone confirm? > > Thanks, > Craig Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8589&t=8542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
I beg to differ. I can set an interface for ten megs and full dup. also. arent swith interfaces full duplez? what about 10 M interfaces? that one i am unsure about... Peter Slow, CCNP Voice Specialist Network Engineer Planetary Networks 535 West 34th Street New York, New York 10001 cell: (516)782.1535 desk: (646)792.2395 mail: [EMAIL PROTECTED] - Original Message - From: John Neiberger To: Sent: Thursday, June 14, 2001 1:39 PM Subject: Re: duplex [7:8553] > Oh, okay. I should have been more specific in my previous email. > Fastethernet can be full or half duplex. Ethernet can only be half > duplex which is why it does not mention it in that output. That is a > standard 10BaseT interface and can only do 10Mbs and half duplex. > > HTH, > John > > >>> "Vlade" 6/14/01 11:11:03 AM >>> > It is an ethernet. Here is the show int output: > I don't see anything indicating the duplex or half duplex. > > Cisco-4700#sh int eth1 > Ethernet1 is up, line protocol is up > Hardware is Am79c970, address is 0060.471f.8b3b (bia 0060.471f.8b3b) > Description: To Internal Ethernet > Internet address is 63.109.136.65/28 > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load > 8/255 > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > ARP type: ARPA, ARP Timeout 04:00:00 > Last input 00:00:00, output 00:00:00, output hang never > Last clearing of "show interface" counters 17w6d > Queueing strategy: fifo > Output queue 0/150, 0 drops; input queue 0/150, 619 drops > 5 minute input rate 125000 bits/sec, 69 packets/sec > 5 minute output rate 34 bits/sec, 77 packets/sec > 622847166 packets input, 2416393310 bytes, 0 no buffer > Received 16924 broadcasts, 0 runts, 0 giants > 1 input errors, 1 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > 0 input packets with dribble condition detected > 734906950 packets output, 2580891812 bytes, 0 underruns > 47 output errors, 4136024 collisions, 0 interface resets > 0 babbles, 0 late collision, 7288239 deferred > 47 lost carrier, 0 no carrier > 0 output buffer failures, 0 output buffers swapped out > Cisco-4700# > > ""John Neiberger"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > What type of interface are you talking about? > > > > Serial interfaces are full duplex, ethernet are either half or full > but > > the show interface output will indicate the current mode. > > > > >>> "Vlade" 6/14/01 10:35:02 AM >>> > > Is there a way to check if an interface on a router is running at > full > > or > > half duplex? Show int shows the bandwidth but not the mode. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8588&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: duplex [7:8553]
Vlade, You will see full/half duplex on FE interface because can be work on both but not on any other interface type.. thanks, rahul. - Original Message - From: "Vlade" To: Sent: Thursday, June 14, 2001 9:35 AM Subject: duplex [7:8553] > Is there a way to check if an interface on a router is running at full or > half duplex? Show int shows the bandwidth but not the mode. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8585&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Subject: Re: PPP Negotiation question --- HELP!!! PLEASE! [7:8586]
First check your router IOS version, only Enterprise version support ms-chap?What kind of radius server you use? I use Microsoft radius server with support ms-chap.enable debug aaa authen will give you enough info. about radius authentication info. Good Luck, ~ml Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8586&t=8586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Tools [7:8541]
Okey Dokey hardware get a laptop...running Win2000 (that way you can change ip address(non-dhcp) on the Fly software www.solarwinds.net ( solarwinds pro) managment+troubleshooting $500 www.nai.com (snifferpro or netXray) troubleshooting $500-10,000 www.concord.com (Nethealth) reporting+Stats $20-100,00 www.hp.com (Hpopenview) reporting+managment+troublshooting $ www.cisco.com (ciscoworks2000) Reporting (Resource manager essentials)+ Troubleshooting (Vlan,ATM,WAN manager) managemnt (CSWI,etc,etc) $30,000 as you can see it depends on your budget . i use hpopenview all day as it flags up devices/office/ospf area`s going down ..and can do some real-time int stats(nice graph).also logging of error`s ...Node down,SNMP mis-match,etc,etc,etc also concord nethealth...good for telling me what has happened...can tell say ,,,cpu utilization on a router for the last 12/24H..t up to weeks...gives graph... if you can`t stretch to that use solarwinds( some good tools for small networks) and netXray (packet analyser)we have 1,000s of devises over 100`s of sites so use enterprise tools HTH steve >From: "Jim Yam" >Reply-To: "Jim Yam" >To: [EMAIL PROTECTED] >Subject: Network Tools [7:8541] >Date: Thu, 14 Jun 2001 11:43:59 -0400 > >Can anybody recommend some good hardware and software tools for networking >and troubleshooting. >Please do let me know estimate cost if possible. Thanks in advance. _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8584&t=8541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Reverse Telnet Problem. [7:8455]
hehe make SURE that Peter Slow, CCNP Voice Specialist Network Engineer Planetary Networks 535 West 34th Street New York, New York 10001 cell: (516)782.1535 desk: (646)792.2395 mail: [EMAIL PROTECTED] trans in all and mod inout are in the auxport configs. - Original Message - From: Hire, Ejay To: Sent: Thursday, June 14, 2001 1:05 PM Subject: RE: Reverse Telnet Problem. [7:8455] > The two quick biggies are: > > Is the aux port configured at 9600 Baud? > Switch cables. If you are using a rollover cable, try a straight through or > vice-versa. > -Ej > > -Original Message- > From: Tariq Azad [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 13, 2001 8:56 PM > To: [EMAIL PROTECTED] > Subject: Reverse Telnet Problem. [7:8455] > > > Hello Everybody ! > > I am trying to telnet my Cisco 2503 router from Cisco 2511 router. > I am getting the follwing message > > Trying Cisco2503 (1.1.1.1 2001) open > > > > but I am not getting any thing on screen. > My Cisco 2503 router is working OK and I can use regular console cable with > my > Cisco 2503 router without any problem. > > > Please let me know how to configure this reverse telnet with Cisco 2511 > > Thanks > > TARIQ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8582&t=8455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS feature pack for VOIP [7:8563]
...depends on the router! Peter Slow, CCNP Voice Specialist Network Engineer Planetary Networks 535 West 34th Street New York, New York 10001 cell: (516)782.1535 desk: (646)792.2395 mail: [EMAIL PROTECTED] - Original Message - From: dragi radovanovic To: Sent: Thursday, June 14, 2001 1:36 PM Subject: RE: IOS feature pack for VOIP [7:8563] > Voice requires an IOS "Plus" feature set. (from cisco's tac page) > > Dragi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8583&t=8563 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Web caching....Big question!!!!!! [7:8540]
Check cacheflow caching products, they are really good and work with Cisco routers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8581&t=8540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: duplex [7:8553]
the ethernet port on 2610 and 11 can be full-duplex in 12.7 ( i think ) and above, which you usually don't use, to be honest, unless dot1 has to be run. sh contro e0/0 will give you the right output about the duplex. Dragi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8579&t=8553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]