Re: sh arp [7:17096]
The packet counters for incoming packets/sec look not very reasonable. Especially when relating them to the outgoing packets/sec. How high is the cpuload on the box ? Is there a possibility that some kind of attack is going on on the ethernet interface ? What confuses me a bit is that there are no drops or ignores with that high packets/sec value. Another thing to notice it that the collision rate is about 10%. Replacing the HUB/Shared media there with a switch would sure be a good idea ... Cisco's error message decoder results this about your error: http://www.cisco.com/support/Errordecoder/error-decoder.html # %AMDP2_FE-3-UNDERFLO: AMDP2/FE 0/0/[dec], Transmit underflow # # While transmitting a frame, the local buffer of the controller # chip received insufficient data because data could not be # transferred to the chip fast enough to keep pace with its # output rate. Normally, such a problem is temporary, depending # on transient peak loads within the system. The system should # recover. # # Recommended Action: No action is required. # # Related documents: No specific documents apply to this error message. This could also be a hint that there is unusual cpu load on the router. I would check the cpu load on the router. If it is unusual high (near 100%) shutdown the ethernet interface and see if the cpu load drops down. If this is the case go and find the hacked boxes on the lan ... Reinhold On Thu, 23 Aug 2001, Teresa Presutto wrote: It didn't ping successfully. In the sho log I see the following line: UTC: %AMDP2_FE-3-UNDERFLO: Ethernet0/1 transmit error I reloaded the router and now I can see all the MAC address in the arp cache. By the way something is going wrong... see this two sh int output grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:58:52 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2286000 bits/sec, 4703 packets/sec 30 second output rate 8000 bits/sec, 13 packets/sec 16568680 packets input, 1006250867 bytes, 0 no buffer Received 2701 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 41880 packets output, 20367226 bytes, 0 underruns(1268/2497/0) 0 output errors, 3765 collisions, 0 interface resets 0 babbles, 0 late collision, 6301 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out and after few seconds grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:59:13 Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2282000 bits/sec, 4695 packets/sec 30 second output rate 4000 bits/sec, 8 packets/sec 16670090 packets input, 1012418296 bytes, 0 no buffer Received 2716 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 42038 packets output, 20377608 bytes, 0 underruns(1268/2501/0) 0 output errors, 3769 collisions, 0 interface resets 0 babbles, 0 late collision, 6318 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out From: Odell Waters To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 8:05 PM Subject: RE: sh arp [7:17012] Try pinging the addresses that came up in your arp cache as incomplete. If it pings successfully then look at the arp cache. You
access-list [7:17097]
hi , hi i have made a access list to restrict telnet on my router from other network but when i implemented on vty it was no working .Pls help the acesslist wass access-list 55 permit 202.157.78.0 0.0.0.128 line vty 0 4 access-class 55 in but it restricted the whole network Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17097t=17097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: Re: sh arp [7:17012]
I've contacted the cisco TAC. The CE write is this router connected to the switch on the ethernet side. If it is then can you verify if the switch has good entries for the mac addreses of the PC's. Also you can run debug arp on the router and you will see that the router is sending arp request but never getting any replies back Regarding the WFQ, this is because I had problems last week with the same router and I opened another case, the CE suggested as workaround this queueing method and some route to null0... We are still investigating the problem, collision and deferred counters have been increasing for all the night, when no traffic should passing through the lan Teresa - Original Message - From: Paul Werner To: [EMAIL PROTECTED] ; [EMAIL PROTECTED] ; [EMAIL PROTECTED] Sent: Friday, August 24, 2001 1:29 AM Subject: Re: Subject: Re: sh arp [7:17012] Teresa, Here is what CCO has to say about the error you have: Error Message: %AMDP2_FE-3-UNDERFLO Unit [dec], underflow error Explanation: The Ethernet hardware is requesting data faster than the system can supply it. This should never happen unless a serious malfunction has occurred. Recommended Action: Contact Cisco Systems. Before you go about contacting Cisco TAC, I am curious about one item in your configuration. Why is your Ethernet interface set up with weighted fair queueing? WFQ is designed for low speed interfaces (T1/E1 and below). Also, the default queueing method for this interface is FIFO (First in, First out). You may want to try this and see if it helps: grp_ge#conf t grp_ge(config)#int e0/1 grp_ge#(config-if)#no fair-queue grp_ge#(config-if)#end grp_ge# Additionally, you may want to take a peek at this article; note the emphasis on queueing on **WAN** links/low speed links(watch wrap): http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/ 121cgcr/qos_c/qcprt2/qcdwfq.htm HTH, Paul Werner Subject: Re: sh arp [7:17012] It didn't ping successfully. In the sho log I see the following line: UTC: %AMDP2_FE-3-UNDERFLO: Ethernet0/1 transmit error I reloaded the router and now I can see all the MAC address in the arp cache. By the way something is going wrong... see this two sh int output grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:58:52 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2286000 bits/sec, 4703 packets/sec 30 second output rate 8000 bits/sec, 13 packets/sec 16568680 packets input, 1006250867 bytes, 0 no buffer Received 2701 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 41880 packets output, 20367226 bytes, 0 underruns (1268/2497/0) 0 output errors, 3765 collisions, 0 interface resets 0 babbles, 0 late collision, 6301 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out and after few seconds grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:59:13 Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2282000 bits/sec, 4695 packets/sec 30 second output rate 4000 bits/sec, 8 packets/sec 16670090 packets input, 1012418296 bytes, 0 no buffer Received
Re: sh arp [7:17101]
The cpu load is normal (10%) for all the time. There is a possibility that is an attack, but if I control nat translation, cpu, int stat , I find no trace for background traffic. Teresa - Original Message - From: Reinhold Fischer To: Teresa Presutto Cc: [EMAIL PROTECTED] Sent: Friday, August 24, 2001 9:16 AM Subject: Re: sh arp The packet counters for incoming packets/sec look not very reasonable. Especially when relating them to the outgoing packets/sec. How high is the cpuload on the box ? Is there a possibility that some kind of attack is going on on the ethernet interface ? What confuses me a bit is that there are no drops or ignores with that high packets/sec value. Another thing to notice it that the collision rate is about 10%. Replacing the HUB/Shared media there with a switch would sure be a good idea ... Cisco's error message decoder results this about your error: http://www.cisco.com/support/Errordecoder/error-decoder.html # %AMDP2_FE-3-UNDERFLO: AMDP2/FE 0/0/[dec], Transmit underflow # # While transmitting a frame, the local buffer of the controller # chip received insufficient data because data could not be # transferred to the chip fast enough to keep pace with its # output rate. Normally, such a problem is temporary, depending # on transient peak loads within the system. The system should # recover. # # Recommended Action: No action is required. # # Related documents: No specific documents apply to this error message. This could also be a hint that there is unusual cpu load on the router. I would check the cpu load on the router. If it is unusual high (near 100%) shutdown the ethernet interface and see if the cpu load drops down. If this is the case go and find the hacked boxes on the lan ... Reinhold On Thu, 23 Aug 2001, Teresa Presutto wrote: It didn't ping successfully. In the sho log I see the following line: UTC: %AMDP2_FE-3-UNDERFLO: Ethernet0/1 transmit error I reloaded the router and now I can see all the MAC address in the arp cache. By the way something is going wrong... see this two sh int output grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:58:52 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2286000 bits/sec, 4703 packets/sec 30 second output rate 8000 bits/sec, 13 packets/sec 16568680 packets input, 1006250867 bytes, 0 no buffer Received 2701 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 41880 packets output, 20367226 bytes, 0 underruns(1268/2497/0) 0 output errors, 3765 collisions, 0 interface resets 0 babbles, 0 late collision, 6301 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out and after few seconds grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:59:13 Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2282000 bits/sec, 4695 packets/sec 30 second output rate 4000 bits/sec, 8 packets/sec 16670090 packets input, 1012418296 bytes, 0 no buffer Received 2716 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition
Switching Paths [7:17102]
Hi Group What is the command to enable/disable optimum switching on an interface? What is the command to enable/disable silicon switching on an interface? Thanks Lw __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17102t=17102 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: access-list [7:17097]
You should change the order of your commands Line vty 0 4 access-class 55 in access-list 55 permit 202.157.78.0 0.0.0.128 For sure it will run correctly gook luck MNM --- kaushalenders wrote: hi , hi i have made a access list to restrict telnet on my router from other network but when i implemented on vty it was no working .Pls help the acesslist wass access-list 55 permit 202.157.78.0 0.0.0.128 line vty 0 4 access-class 55 in but it restricted the whole network [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17103t=17097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Checking Speed for IPLC on Router [7:16783]
Hi, You may want to take a look at this.. http://www.maximized.com/freeware/tcpspeed/ At 07:38 AM 8/22/01 -0400, Milan Saxena wrote: Sanjeev, Thanks I was having a similar problema nd was wondering where to look in for. If you get any clues, do let me know. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17104t=16783 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load Balancing between 2 unequal links using BGP [7:16528]
thanks tony With regard to this question , my load balancing solution is of this type with incoming traffic dual-homed with the same provider with one edge router what solution will you use for this ? regards, suaveguru --- Tony Medeiros wrote: Many ways: And it all depends on your exact setup, dual homed with same provider, two providers, one edge router or two, etc. Incoming traffic: MEDS (you control if provider excepts them) AS-PATH stuffing for certain networks. Outgoing traffic: Weight. Local preference. Statics All of these require a lot of analysis and thought. You just don't turn them on. But it's all do-able. Get my favorite little BGP book on these type of setups. BGP4 Inter-Domain Routing in the Internet. ISBN: 0201379511 This easy to read book will give some good understanding about what has to happen without haveing to become a BGP guru. Tony M. #6172 Hi all,, wonder if anyone knows how to do load-balancing across 2 unequal links using bgp ? regards, suaveguru __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17105t=16528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Code Red ! [7:16950]
Hey, experts any comments ? I thought i will get some info on code red here . but looks like nothing ! shella From: shella kevin Reply-To: shella kevin To: [EMAIL PROTECTED] Subject: Code Red ! [7:16950] Date: Thu, 23 Aug 2001 04:55:48 -0400 I am using cisco7200 series router with Version 12.0(9)S, is there anyway I can stop/block Code Red on router level ?Any other suggestions ?Thanks Shella K. Get your FREE download of MSN Explorer at http://explorer.msn.com misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17106t=16950 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Logging debug messages [7:17107]
I'm having a strange problem with a 2600 running 12.2(1a), after a short period of time (30 to 60 mins) the router will stop logging messages to the vty lines with terminal monitor. I can perform a show logging history and see the last message in the history but nothing is display as it happens, some details below have a look and if anyone can see what's wrong let me know, cheers Pat #sh logging Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns) Console logging: level debugging, 152 messages logged Monitor logging: level debugging, 233 messages logged Logging to: vty66(0) Buffer logging: disabled Logging Exception size (4096 bytes) Trap logging: level informational, 19 message lines logged #sh logging history Syslog History Table:1 maximum table entries, saving level warnings or higher 16 messages ignored, 0 dropped, 0 recursion drops 4 table entries flushed SNMP notifications not enabled entry number 5 : PARSER-3-BADSUBCMD Unrecognized subcommand 0 in exec command 'test crypto isa x.x.x.x x.x.x.x desmd5 ' timestamp: 699958 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17107t=17107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Logging debug messages [7:17107]
There is a bug when logging synchronous is used on the vty or console ports. I hit this issue also. ^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Donlon Sent: Friday, August 24, 2001 7:18 AM To: [EMAIL PROTECTED] Subject: Logging debug messages [7:17107] I'm having a strange problem with a 2600 running 12.2(1a), after a short period of time (30 to 60 mins) the router will stop logging messages to the vty lines with terminal monitor. I can perform a show logging history and see the last message in the history but nothing is display as it happens, some details below have a look and if anyone can see what's wrong let me know, cheers Pat #sh logging Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns) Console logging: level debugging, 152 messages logged Monitor logging: level debugging, 233 messages logged Logging to: vty66(0) Buffer logging: disabled Logging Exception size (4096 bytes) Trap logging: level informational, 19 message lines logged #sh logging history Syslog History Table:1 maximum table entries, saving level warnings or higher 16 messages ignored, 0 dropped, 0 recursion drops 4 table entries flushed SNMP notifications not enabled entry number 5 : PARSER-3-BADSUBCMD Unrecognized subcommand 0 in exec command 'test crypto isa x.x.x.x x.x.x.x desmd5 ' timestamp: 699958 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17108t=17107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another CCIE Written Question [7:17050]
Thanks for sharing questions from the CCIE written... let us know if you have any more... Wright, Jeremy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can you have collisions on a serial link? Thanks again. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17109t=17050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Tacacs [7:17110]
Hi, Just like everyone else sometimes I do not have enough time to do the research myself and I post questions here. Here is what I am trying to do: I am trying to set up some sort of security server on my network to authorize user access on routers and switches. First of all what should I use Tacacs (extended or +), Radius, Kerberos, which one seem to work better. Second where can I buy/download the software or can I just configure a router as a Tacacs server. Just give me some ideas on this. Thanks a lot, alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17110t=17110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Logging debug messages [7:17107]
Thanks Bill, I'll check this out straight away, was the bug introduced in 12.2? or earlier cheers Pat Bill Carter wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... There is a bug when logging synchronous is used on the vty or console ports. I hit this issue also. ^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Donlon Sent: Friday, August 24, 2001 7:18 AM To: [EMAIL PROTECTED] Subject: Logging debug messages [7:17107] I'm having a strange problem with a 2600 running 12.2(1a), after a short period of time (30 to 60 mins) the router will stop logging messages to the vty lines with terminal monitor. I can perform a show logging history and see the last message in the history but nothing is display as it happens, some details below have a look and if anyone can see what's wrong let me know, cheers Pat #sh logging Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns) Console logging: level debugging, 152 messages logged Monitor logging: level debugging, 233 messages logged Logging to: vty66(0) Buffer logging: disabled Logging Exception size (4096 bytes) Trap logging: level informational, 19 message lines logged #sh logging history Syslog History Table:1 maximum table entries, saving level warnings or higher 16 messages ignored, 0 dropped, 0 recursion drops 4 table entries flushed SNMP notifications not enabled entry number 5 : PARSER-3-BADSUBCMD Unrecognized subcommand 0 in exec command 'test crypto isa x.x.x.x x.x.x.x desmd5 ' timestamp: 699958 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17111t=17107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CHALLENGE PROBLEM (now herrings and lemmings) [7:17112]
Brian, I just wanted to say publicly that this was an outstanding test question. outstanding because of all the red herrings it contained, as we saw from the wild guess responses. Sir, after several trips to Scandinavia, I find it hard to believe that any sensible tester would use more than one red (presumably tomato-sauced) herring. There are wide range of herring to pick from, including the basic wine-pickled, mustard, sour cream, etc., to say nothing of the cooked dishes containing herring. It is also important not to confuse herrings with lemmings, which are excellent simulators either for marketingdroids or those led by marketingdroids. Perhaps they have even more simulation capabilities; I find many of the attempts to coerce things into a concept of the OSI model that is long obsolete, or insist that one or another term is correct because a review book says so in contradiction of the actual standards. Howard so everyone knows, my own private reply was incorrect as well. doh! thanks for this - these kinds of challenges are what make groupstudy worthwhile to me at least. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brian Sent: Tuesday, August 21, 2001 7:51 AM To: [EMAIL PROTECTED] Subject: CHALLENGE PROBLEM (was Re: For FR Grus [7:16635]) [7:16659] On Tue, 21 Aug 2001, Cisco Lover wrote: Hi Guys.. Come with some New Queston.. hmm, ok, so your looking for some challenging questions? Ok, I will post one, its got FR in it. First I'll post the problem, followed by the config: THE PROBLEM === Users on DLCI's 200, 224, 201, 225 cannot communicate to eachother. They can talk just fine to the rest of the network, but no packets can pass between them. Later discovery reveals that so long as they are on different layer 3 network addressing, communcation can occur, but if they are on the same network, such as 192.168.3.0, then they cannot communicate What is the problem? I will reply to let everyone know who got the correct answer. Below is the configuration: ! version 11.3 ! interface Ethernet2/0 ip address 192.168.1.242 255.255.255.0 ! interface Serial4/0 no ip address encapsulation frame-relay IETF keepalive 15 frame-relay map bridge 200 broadcast IETF frame-relay map bridge 224 broadcast IETF frame-relay map bridge 201 broadcast IETF frame-relay map bridge 225 broadcast IETF frame-relay lmi-type ansi bridge-group 1 ! interface BVI1 ip address 192.168.3.242 255.255.255.0 secondary ip address 192.168.2.242 255.255.255.0 ! router igrp 1 network 192.1.0.0 network 192.2.0.0 network 193.3.0.0 ! ip classless ! bridge irb bridge 1 protocol ieee bridge 1 route ip ! For eg, our FR switch is setup for Full mesh,But out network is setup as Hub Spoke FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- I'm buying / selling used CISCO gear!! email me for a quote Brian Feeny, CCIE #8036 Scarlett Parria [EMAIL PROTECTED] [EMAIL PROTECTED] 318-213-4709 318-213-4701 Netjam, LLC http://www.netjam.net 333 Texas St.VISA/MC/AMEX/COD Suite 1401 30 day warranty Shreveport, LA 71101 Cisco Channel Partner toll free: 866-2NETJAM phone:318-212-0245 fax: 318-212-0246 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17112t=17112 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: access-list [7:17097]
Remember that masks on standard access-lists are wildcard reverse masks. try using a mask of 255 like this access-list 55 permit 202.157.78.0 0.0.0.255 line vty 0 4 access-class 55 in I don't think the problem is the order of commands. --- Midnight Man wrote: You should change the order of your commands Line vty 0 4 access-class 55 in access-list 55 permit 202.157.78.0 0.0.0.128 For sure it will run correctly gook luck MNM --- kaushalenders wrote: hi , hi i have made a access list to restrict telnet on my router from other network but when i implemented on vty it was no working .Pls help the acesslist wass access-list 55 permit 202.157.78.0 0.0.0.128 line vty 0 4 access-class 55 in but it restricted the whole network [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17113t=17097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CHALLENGE PROBLEM (now herrings and lemmings) [7:17112]
Howard, you should try the Herrings in Curry Sauce the next time you're in Scandinavia (Denmark especially). Another good fish-out-of-a-can thing you should try, is the Macrel in tomato sause on an open faced sandwich with mayo on top - YUMMI!!! P.S. Don't forget that fish has to swim, so you'll have to swing down one or two small shots of Danish Akvavit. Ole (who's missing the Danish food now and then...) ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 8:24 AM To: [EMAIL PROTECTED] Subject: RE: CHALLENGE PROBLEM (now herrings and lemmings) [7:17112] Brian, I just wanted to say publicly that this was an outstanding test question. outstanding because of all the red herrings it contained, as we saw from the wild guess responses. Sir, after several trips to Scandinavia, I find it hard to believe that any sensible tester would use more than one red (presumably tomato-sauced) herring. There are wide range of herring to pick from, including the basic wine-pickled, mustard, sour cream, etc., to say nothing of the cooked dishes containing herring. It is also important not to confuse herrings with lemmings, which are excellent simulators either for marketingdroids or those led by marketingdroids. Perhaps they have even more simulation capabilities; I find many of the attempts to coerce things into a concept of the OSI model that is long obsolete, or insist that one or another term is correct because a review book says so in contradiction of the actual standards. Howard so everyone knows, my own private reply was incorrect as well. doh! thanks for this - these kinds of challenges are what make groupstudy worthwhile to me at least. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brian Sent: Tuesday, August 21, 2001 7:51 AM To: [EMAIL PROTECTED] Subject: CHALLENGE PROBLEM (was Re: For FR Grus [7:16635]) [7:16659] On Tue, 21 Aug 2001, Cisco Lover wrote: Hi Guys.. Come with some New Queston.. hmm, ok, so your looking for some challenging questions? Ok, I will post one, its got FR in it. First I'll post the problem, followed by the config: THE PROBLEM === Users on DLCI's 200, 224, 201, 225 cannot communicate to eachother. They can talk just fine to the rest of the network, but no packets can pass between them. Later discovery reveals that so long as they are on different layer 3 network addressing, communcation can occur, but if they are on the same network, such as 192.168.3.0, then they cannot communicate What is the problem? I will reply to let everyone know who got the correct answer. Below is the configuration: ! version 11.3 ! interface Ethernet2/0 ip address 192.168.1.242 255.255.255.0 ! interface Serial4/0 no ip address encapsulation frame-relay IETF keepalive 15 frame-relay map bridge 200 broadcast IETF frame-relay map bridge 224 broadcast IETF frame-relay map bridge 201 broadcast IETF frame-relay map bridge 225 broadcast IETF frame-relay lmi-type ansi bridge-group 1 ! interface BVI1 ip address 192.168.3.242 255.255.255.0 secondary ip address 192.168.2.242 255.255.255.0 ! router igrp 1 network 192.1.0.0 network 192.2.0.0 network 193.3.0.0 ! ip classless ! bridge irb bridge 1 protocol ieee bridge 1 route ip ! For eg, our FR switch is setup for Full mesh,But out network is setup as Hub Spoke FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --- I'm buying / selling used CISCO gear!! email me for a quote Brian Feeny, CCIE #8036 Scarlett Parria [EMAIL PROTECTED] [EMAIL PROTECTED] 318-213-4709 318-213-4701 Netjam, LLC http://www.netjam.net 333 Texas St.VISA/MC/AMEX/COD Suite 1401 30 day warranty Shreveport, LA 71101 Cisco Channel Partner toll free: 866-2NETJAM phone:318-212-0245 fax: 318-212-0246 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17114t=17112 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
hyperterminal for linux [7:17115]
is there a hyperterminal version for linux? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17115t=17115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Code Red ! [7:16950]
Learn to use the search engine on cisco.com. It's a very valuable tool. Searching for +code red +block yielded many results, including this one: http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml Additional Workarounds for Handling CodeRed Traffic Utilize the NBAR feature in supported Cisco IOS Software versions to aid in Code Red traffic identification and mitigation. This is discussed in detail at http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml This workaround is applicable in Cisco IOS Software version 12.1(5)T and later for many platforms. Classify inbound Code Red traffic with the class-based marking feature in IOS. Router(config)#class-map match-any http-coderedRouter(config-cmap)#match protocol http url *default.ida*Router(config-cmap)#match protocol http url *cmd.exe*Router(config-cmap)#match protocol http url *root.exe* Mark inbound Code Red traffic with a policy map. Once the inbound traffic has been classified as Code Red, it can be marked with a specific DSCP. For this example, a decimal value of '1' is used as it is unlikely that any other traffic would be marked with this DSCP. Router(config)#policy-map mark-inbound-http-coderedRouter(config-pmap)#class http-coderedRouter(config-pmap)#set ip dscp 1 Apply the service policy to the 'outside' interface so inbound traffic will be marked. Router(config)#int e 0/1Router(config-if)#service-policy input mark-inbound-http-codered Block marked Code Red attempts with an ACL. The ACL will match on the DSCP value of '1' that was marked as the Code Red attempt entered in the box. Router(config)#access-list 105 deny ip any any dscp 1 logRouter(config)#access-list 105 permit ip any any Apply it outbound on the 'inside' interface where the target web servers are. Router(config)#int e 0/1Router(config-if)#ip access-group 105 out - Original Message - From: shella kevin To: Sent: Friday, August 24, 2001 6:21 AM Subject: Re: Code Red ! [7:16950] Hey, experts any comments ? I thought i will get some info on code red here . but looks like nothing ! shella From: shella kevin Reply-To: shella kevin To: [EMAIL PROTECTED] Subject: Code Red ! [7:16950] Date: Thu, 23 Aug 2001 04:55:48 -0400 I am using cisco7200 series router with Version 12.0(9)S, is there anyway I can stop/block Code Red on router level ?Any other suggestions ?Thanks Shella K. Get your FREE download of MSN Explorer at http://explorer.msn.com misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17116t=16950 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hyperterminal for linux [7:17115]
minicom george gittins wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... is there a hyperterminal version for linux? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17118t=17115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs [7:17110]
After someone gives you an answer, are you going to have time to research if it is a good solution for you or are you going to just implement it. It sure must warm the cockles of your supervisors heart if he could see you now. actually the only two things that would make me to busy that I couldn't research an access solution would be; A raging blaze A Seinfeld rerun don - Original Message - From: khramov To: Sent: Friday, August 24, 2001 6:17 AM Subject: Tacacs [7:17110] Hi, Just like everyone else sometimes I do not have enough time to do the research myself and I post questions here. Here is what I am trying to do: I am trying to set up some sort of security server on my network to authorize user access on routers and switches. First of all what should I use Tacacs (extended or +), Radius, Kerberos, which one seem to work better. Second where can I buy/download the software or can I just configure a router as a Tacacs server. Just give me some ideas on this. Thanks a lot, alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17119t=17110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hyperterminal for linux [7:17115]
www.google.comm and search for seyon. It is the best hyperterminal bar NONE. And it is FREE too From: george gittins Reply-To: george gittins To: [EMAIL PROTECTED] Subject: hyperterminal for linux [7:17115] Date: Fri, 24 Aug 2001 10:01:06 -0400 is there a hyperterminal version for misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17120t=17115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hyperterminal for linux [7:17115]
minicom It's probably already on your system. start it up and gointo settings and take out all the dial and hangup commands. -Patrick george gittins 08/24/01 10:01AM is there a hyperterminal version for linux? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17121t=17115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Code Red ! [7:16950]
the only problem is that he doesn't have the code to support it. Allen May 08/24/01 10:13AM Learn to use the search engine on cisco.com. It's a very valuable tool. Searching for +code red +block yielded many results, including this one: http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml Additional Workarounds for Handling CodeRed Traffic Utilize the NBAR feature in supported Cisco IOS Software versions to aid in Code Red traffic identification and mitigation. This is discussed in detail at http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml This workaround is applicable in Cisco IOS Software version 12.1(5)T and later for many platforms. Classify inbound Code Red traffic with the class-based marking feature in IOS. Router(config)#class-map match-any http-coderedRouter(config-cmap)#match protocol http url *default.ida*Router(config-cmap)#match protocol http url *cmd.exe*Router(config-cmap)#match protocol http url *root.exe* Mark inbound Code Red traffic with a policy map. Once the inbound traffic has been classified as Code Red, it can be marked with a specific DSCP. For this example, a decimal value of '1' is used as it is unlikely that any other traffic would be marked with this DSCP. Router(config)#policy-map mark-inbound-http-coderedRouter(config-pmap)#class http-coderedRouter(config-pmap)#set ip dscp 1 Apply the service policy to the 'outside' interface so inbound traffic will be marked. Router(config)#int e 0/1Router(config-if)#service-policy input mark-inbound-http-codered Block marked Code Red attempts with an ACL. The ACL will match on the DSCP value of '1' that was marked as the Code Red attempt entered in the box. Router(config)#access-list 105 deny ip any any dscp 1 logRouter(config)#access-list 105 permit ip any any Apply it outbound on the 'inside' interface where the target web servers are. Router(config)#int e 0/1Router(config-if)#ip access-group 105 out - Original Message - From: shella kevin To: Sent: Friday, August 24, 2001 6:21 AM Subject: Re: Code Red ! [7:16950] Hey, experts any comments ? I thought i will get some info on code red here . but looks like nothing ! shella From: shella kevin Reply-To: shella kevin To: [EMAIL PROTECTED] Subject: Code Red ! [7:16950] Date: Thu, 23 Aug 2001 04:55:48 -0400 I am using cisco7200 series router with Version 12.0(9)S, is there anyway I can stop/block Code Red on router level ?Any other suggestions ?Thanks Shella K. Get your FREE download of MSN Explorer at http://explorer.msn.com misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17122t=16950 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Code Red ! [7:16950]
Oh yeahdidn't notice the mentioned version #. I'm still looking but not having any luck yet. It may be time to upgrade IOS - Original Message - From: Patrick Ramsey To: ; Sent: Friday, August 24, 2001 9:28 AM Subject: Re: Code Red ! [7:16950] the only problem is that he doesn't have the code to support it. Allen May 08/24/01 10:13AM Learn to use the search engine on cisco.com. It's a very valuable tool. Searching for +code red +block yielded many results, including this one: http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml Additional Workarounds for Handling CodeRed Traffic Utilize the NBAR feature in supported Cisco IOS Software versions to aid in Code Red traffic identification and mitigation. This is discussed in detail at http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml This workaround is applicable in Cisco IOS Software version 12.1(5)T and later for many platforms. Classify inbound Code Red traffic with the class-based marking feature in IOS. Router(config)#class-map match-any http-coderedRouter(config-cmap)#match protocol http url *default.ida*Router(config-cmap)#match protocol http url *cmd.exe*Router(config-cmap)#match protocol http url *root.exe* Mark inbound Code Red traffic with a policy map. Once the inbound traffic has been classified as Code Red, it can be marked with a specific DSCP. For this example, a decimal value of '1' is used as it is unlikely that any other traffic would be marked with this DSCP. Router(config)#policy-map mark-inbound-http-coderedRouter(config-pmap)#class http-coderedRouter(config-pmap)#set ip dscp 1 Apply the service policy to the 'outside' interface so inbound traffic will be marked. Router(config)#int e 0/1Router(config-if)#service-policy input mark-inbound-http-codered Block marked Code Red attempts with an ACL. The ACL will match on the DSCP value of '1' that was marked as the Code Red attempt entered in the box. Router(config)#access-list 105 deny ip any any dscp 1 logRouter(config)#access-list 105 permit ip any any Apply it outbound on the 'inside' interface where the target web servers are. Router(config)#int e 0/1Router(config-if)#ip access-group 105 out - Original Message - From: shella kevin To: Sent: Friday, August 24, 2001 6:21 AM Subject: Re: Code Red ! [7:16950] Hey, experts any comments ? I thought i will get some info on code red here . but looks like nothing ! shella From: shella kevin Reply-To: shella kevin To: [EMAIL PROTECTED] Subject: Code Red ! [7:16950] Date: Thu, 23 Aug 2001 04:55:48 -0400 I am using cisco7200 series router with Version 12.0(9)S, is there anyway I can stop/block Code Red on router level ?Any other suggestions ?Thanks Shella K. Get your FREE download of MSN Explorer at http://explorer.msn.com misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17124t=16950 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Logging debug messages [7:17107]
Ah, that's good to know! I've been noticing that problem on a 3660 running 12.2 and it was driving me crazy. Last time I looked at CCO I didn't see the bug report but either I missed it or it wasn't on there yet. Thanks for clearing that up for me. John Bill Carter 8/24/01 7:04:07 AM There is a bug when logging synchronous is used on the vty or console ports. I hit this issue also. ^-^-^-^-^-^-^-^-^-^-^ Bill Carter CCIE 5022 ^-^-^-^-^-^-^-^-^-^-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Donlon Sent: Friday, August 24, 2001 7:18 AM To: [EMAIL PROTECTED] Subject: Logging debug messages [7:17107] I'm having a strange problem with a 2600 running 12.2(1a), after a short period of time (30 to 60 mins) the router will stop logging messages to the vty lines with terminal monitor. I can perform a show logging history and see the last message in the history but nothing is display as it happens, some details below have a look and if anyone can see what's wrong let me know, cheers Pat #sh logging Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns) Console logging: level debugging, 152 messages logged Monitor logging: level debugging, 233 messages logged Logging to: vty66(0) Buffer logging: disabled Logging Exception size (4096 bytes) Trap logging: level informational, 19 message lines logged #sh logging history Syslog History Table:1 maximum table entries, saving level warnings or higher 16 messages ignored, 0 dropped, 0 recursion drops 4 table entries flushed SNMP notifications not enabled entry number 5 : PARSER-3-BADSUBCMD Unrecognized subcommand 0 in exec command 'test crypto isa x.x.x.x x.x.x.x desmd5 ' timestamp: 699958 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17125t=17107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs [7:17110]
As far as I know this is Cisco newsgroup and it should be used for technical discussions not for personal insults. If you think that you are smarter than me or have better work habits that is fine, I am not going to argue with that. Otherwise I would be asking questions. Donald B Johnson jr wrote: After someone gives you an answer, are you going to have time to research if it is a good solution for you or are you going to just implement it. It sure must warm the cockles of your supervisors heart if he could see you now. actually the only two things that would make me to busy that I couldn't research an access solution would be; A raging blaze A Seinfeld rerun don - Original Message - From: khramov To: Sent: Friday, August 24, 2001 6:17 AM Subject: Tacacs [7:17110] Hi, Just like everyone else sometimes I do not have enough time to do the research myself and I post questions here. Here is what I am trying to do: I am trying to set up some sort of security server on my network to authorize user access on routers and switches. First of all what should I use Tacacs (extended or +), Radius, Kerberos, which one seem to work better. Second where can I buy/download the software or can I just configure a router as a Tacacs server. Just give me some ideas on this. Thanks a lot, alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17126t=17110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hyperterminal for linux [7:17115]
if you are trying to access the router through the console port. You can use the linux console. Rico -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 10:01 AM To: [EMAIL PROTECTED] Subject: hyperterminal for linux [7:17115] is there a hyperterminal version for linux? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17127t=17115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17130]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17130t=17130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17132]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17132t=17132 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17128]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17128t=17128 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17129]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17129t=17129 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17131]
Hi All Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17131t=17131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hyperterminal for linux [7:17115]
the linux console? Is that an app or a physical device? Rico Ortiz 08/24/01 11:04AM if you are trying to access the router through the console port. You can use the linux console. Rico -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 10:01 AM To: [EMAIL PROTECTED] Subject: hyperterminal for linux [7:17115] is there a hyperterminal version for linux? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17133t=17115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Design Book [7:17134]
Hi All, I am designing a network with following requirements. Can somebody suggest me a good book on network design? The requirements are: 1. 2 T1's to 2 different ISP for redundancy 2. Firewall 3. Host own DNS, Webserver 4. Have private network separated from the public network. Please suggest something. Thanks ZZ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17134t=17134 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs [7:17110]
If you are familiar with Unix, contact me off-line and I will assist you with installing and configuring TACACS on Unix platform. I can also help you with configuring routers and switches as well. From: khramov Reply-To: khramov To: [EMAIL PROTECTED] Subject: Re: Tacacs [7:17110] Date: Fri, 24 Aug 2001 10:58:12 -0400 As far as I know this is Cisco newsgroup and it should be used for technical discussions not for personal insults. If you think that you are smarter than me or have better work habits that is fine, I am not going to argue with that. Otherwise I would be asking questions. Donald B Johnson jr wrote:After someone gives you an answer, are you going to have time to research if it is a good solution for you or are you going to just implement it. It sure must warm the cockles of your supervisors heart if he could see you now. actually the only two things that would make me to busy that I couldn't research an access solution would be; A raging blaze A Seinfeld rerun don - Original Message - From: khramov To: Sent: Friday, August 24, 2001 6:17 AM Subject: Tacacs [7:17110] Hi,Just like everyone else sometimes I do not have enough time to do theresearch myself and I post questions here. Here is what I am trying todo: I am trying to set up some sort of security server on my network to authorize user access on routers and switches. First of all what should I use Tacacs (extended or +), Radius, Kerberos, which one seem to workbetter. Second where can I buy/download the software or can I justconfigure a router as a Tacacs server. Just give me some ideas on this. Thanks a lot, misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17136t=17110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design Book [7:17134]
That's a very simple network... Basic design could be found on the internet without purchasing a book. I personally feel for a person just getting into networking, that the basic books are a waste... IF you have the abillity and drive to learn networking then you'll also feel shafted after you spend $50 on a book that only covers the basics. However, alot of the advanced stuff can seriously be overwhelming at times. So use the internet to get you knowledge of basic network design, learn a little as you go, then go to the advanced books. a search on google for basic network design examples would be a good place to start. -Patrick Zolla Zimmerman 08/24/01 11:16AM Hi All, I am designing a network with following requirements. Can somebody suggest me a good book on network design? The requirements are: 1. 2 T1's to 2 different ISP for redundancy 2. Firewall 3. Host own DNS, Webserver 4. Have private network separated from the public network. Please suggest something. Thanks ZZ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17137t=17134 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
test [7:17138]
test Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17138t=17138 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design Book [7:17134]
goto http://www.priscilla.com/ She has a BOOK about Network Design called TOP DOWN NETWORK DESIGN -Original Message- From: Zolla Zimmerman [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 10:16 AM To: [EMAIL PROTECTED] Subject: Network Design Book [7:17134] Hi All, I am designing a network with following requirements. Can somebody suggest me a good book on network design? The requirements are: 1. 2 T1's to 2 different ISP for redundancy 2. Firewall 3. Host own DNS, Webserver 4. Have private network separated from the public network. Please suggest something. Thanks ZZ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17139t=17134 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs [7:17110]
Hello, i don`t mean to be rude but i think the reason the gentleman replyed the way he did was because way you posed your question was to say i`m to busy ...you lot do it for me now i personal believe that that is not the case and you were simply asking (as i do all the time) for some assistance in this subject matter. unfortunatly i don`t have an answer to your question but also require info on tacacs+so please don`t be afraid to pass on what you may learn Kindest Regards steve From: khramov Reply-To: khramov To: [EMAIL PROTECTED] Subject: Re: Tacacs [7:17110] Date: Fri, 24 Aug 2001 10:58:12 -0400 As far as I know this is Cisco newsgroup and it should be used for technical discussions not for personal insults. If you think that you are smarter than me or have better work habits that is fine, I am not going to argue with that. Otherwise I would be asking questions. Donald B Johnson jr wrote: After someone gives you an answer, are you going to have time to research if it is a good solution for you or are you going to just implement it. It sure must warm the cockles of your supervisors heart if he could see you now. actually the only two things that would make me to busy that I couldn't research an access solution would be; A raging blaze A Seinfeld rerun don - Original Message - From: khramov To: Sent: Friday, August 24, 2001 6:17 AM Subject: Tacacs [7:17110] Hi, Just like everyone else sometimes I do not have enough time to do the research myself and I post questions here. Here is what I am trying to do: I am trying to set up some sort of security server on my network to authorize user access on routers and switches. First of all what should I use Tacacs (extended or +), Radius, Kerberos, which one seem to work better. Second where can I buy/download the software or can I just configure a router as a Tacacs server. Just give me some ideas on this. Thanks a lot, alex _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17140t=17110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Fridays funnies [7:17141]
Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17141t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Subject: Re: sh arp [7:17012]
Teresa, Well, that's more information than was previously disclosed:-) That sheds a totally different light on the matter. Maybe it might be possible to retrace the steps for all of this. First, was everything working okay at some time in the past? At what point did something change or go wrong? What are the exact problems(symptoms) that exist on both the router and the switch? Additionally, did somebody recently make an equipment change, or change some part of the configuration? It would probably help tremendously if you could post a sanitized configuration of both the router and the switch. Sanitized means that nothing identifying to your organization, nor any passwords are remaining. It may be just a simple configuration error on one of these two devices. I can think of at least three different possibilities that would cause arp failures between a router and a switch. Additionally, just to be sure, have you checked both the router and the switch for speed and duplex settings on the port? Autonegotiation does not work in my humble opinion. You may want to hard code these values to the best your router will support, which is probably 10Mbps, half duplex. Do the same on the switch port that the router is in. Also, make sure there are no port security issues on the switch. I have seen permanent mac table entries and port security both cause a port to be isolated from all other devices on a switch. Keep in mind, it could ultimately be a hardware failure, but investigating all other possibilities would narrow that down. Hang in there and don't despair. v/r, Paul Werner p.s. If the configs are too long to post to the list, you may want to put them on a URL (or I can) Get your own 800 number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag On Fri, 24 Aug 2001, Teresa Presutto ([EMAIL PROTECTED]) wrote: I've contacted the cisco TAC. The CE write is this router connected to the switch on the ethernet = side. If it is then can you verify if the switch has good entries for = the mac addreses of the PC's. Also you can run debug arp on the router = and you will see that the router is sending arp request but never = getting any replies back Regarding the WFQ, this is because I had problems last week with the = same router and I opened another case, the CE suggested as workaround = this queueing=20 method and some route to null0... We are still investigating the problem, collision and deferred = counters have been increasing for all the night, when no traffic should = passing through the lan Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17142t=17012 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
test again [7:17143]
Sorry about this. Trying to get the mailing list working at work. grrr Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17143t=17143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BSCN/CCIE: Friday's Brain Teaser #1 [7:17144]
No, Paul did not implement new subject header prepends, I did that to show where this teaser might be relevant. Okay, here goes. Not too difficult, but the idea is to learn. If you already have this stuff down cold, then please don't answer. ;-) That takes all of the fun out of it. Teaser #1 for today: Suppose you have two links connected to your router, one of which is faster and more reliable than the other. You want to utilize both links for the majority of your traffic but you have a few devices that you'd like to use the faster link exclusively. What mechanism do you have available to accomplish this? Do you have more than one? How would you do this if you wanted to select those devices based on IP address? Let's suppose that this were video traffic with an IP precedence higher than the rest of your traffic. Can you use this for path selection somehow? Now for the fun part. If you answer, please post a *short* configuration example. No need to get really complex, this is only for learning purposes. Good luck! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17144t=17144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hyperterminal for linux [7:17115]
At 10:44 AM 8/24/01 -0400, Patrick Ramsey wrote: minicom It's probably already on your system. start it up and gointo settings and take out all the dial and hangup commands. -Patrick george gittins 08/24/01 10:01AM is there a hyperterminal version for linux? For those who may not have installed it, you can almost always depend on cu. cu -l /dev/cuaa0 -s 9600 This will console into your serial device on COM1. To exit, type in ~ wait . then hit enter. The /dev/ might be different for Linux. You would have to know the same information for minicom anyway (IIRC). Very light and most likely in the most bare of systems as well. (like vi). -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17145t=17115 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Subject: Re: sh arp [7:17012]
Hi Paul, the following is the cisco tac case story. I closed the case just few minutes ago. Let me know what do you think about this. Teresa Hi, I will be assisting you in the case that you have opened with us at Cisco TAC. Can you please send the output of sh arp that you are seeing along with sh tech. Thanks. Hi, Teresa thansk for the info. An incomplete mac address means I am not getting the arp info from the host. It may be a bad nic on the host. What you can do is make a static arp on the router for that ip address with the mac address. The command will be; arp 172.17.1.5 arpa Also let me know if you can ping that address from the router. *** NOTES LOG 23-AUG-2001 13:44:57 PST, ciscodotcom, Action Type: Action *** Yasser, I tried pinging the addresses that came up in my arp cache as incomplete, but it didn't pings successfully. It may be a bad nic on the host all the hosts in my LAN? By the way the situation now is a little bit different. I reloaded the router and now I'm in able to see all the MAC associated with the IP addresses in the arp cache. But, please, see these outputs. In the first sh int eth0/1 I see 4494 collisions, 11176 deferred. After few seconds : 4497 collisions, 11184 deferred. Something is going wrong. Here is 22.40 (PM) nobody is working,so not to much traffic should passing through the lan... With my best, Teresa *** EMAIL OUT 23-AUG-2001 16:44:14 PSTAction Type: Email Out *** Hi, Teresa is this router connected to the switch on the ethernet side. If it is then can you verify if the switch has good entries for the mac addreses of the PC's. Also you can run debug arp on the router and you will see that the router is sending arp request but never getting any replies back. *** STATUS CHANGE 23-AUG-2001 16:44:14 PST: *** *** NOTES LOG 24-AUG-2001 01:44:32 PSTAction Type: Requeue Reason *** current engineer unavailable *** NOTES LOG 24-AUG-2001 01:45:03 PST Action Type: *** *** CASE LOG 24-AUG-2001 06:18:25 PSTAction Type: Action *** *p* dialin and found cpu 100%. the cause is due to input queue full: grp_ge#sh int e0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 18/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters never Input queue: 201/200/3150766/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 734000 bits/sec, 1527 packets/sec 30 second output rate 3000 bits/sec, 5 packets/sec 1816505 packets input, 109294388 bytes, 0 no buffer Received 1801634 broadcasts, 0 runts, 0 giants, 0 throttles 27318 input errors, 375 CRC, 197 frame, 0 overrun, 26943 ignored 0 input packets with dribble condition detected 11191 packets output, 749513 bytes, 0 underruns(17/37/0) 0 output errors, 54 collisions, 2 interface resets 0 babbles, 0 late collision, 3027 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out grp_ge# sh controll e0/1 Interface Ethernet0/1 Hardware is AMD Presidio2 ADDR: 80F78818, FASTSEND: 80029158, MCI_INDEX: 0 DIST ROUTE ENABLED: 0 Route Cache Flag: 11 LADRF=0x 0x 0x 0x CSR0 =0x0072, CSR3 =0x1044, CSR4 =0x491D, CSR15 =0x CSR80 =0xD900, CSR114=0x, CRDA =0x02D3E3F0, CXDA =0x02D3E7E0 BCR9 =0x0001 (full-duplex) HW filtering information: Promiscuous Mode Disabled, PHY Addr Enabled, Broadcast Addr Enabled PHY Addr=00B0.6469.4641, Multicast Filter=0x 0x 0x 0x amdp2_instance=0x80F7A4D8, registers=0x4010, ib=0x2D3E240 rx ring entries=32, tx ring entries=64 rxring=0x2D3E2A0, rxr shadow=0x80F7A610, rx_head=20, rx_tail=0 txring=0x2D3E4E0, txr shadow=0x80F7A6BC, tx_head=48, tx_tail=48, tx_count=0 Software MAC address filter(hash:length/addr/mask/hits): spurious_idon=0, throttled=0, enabled=0, disabled=0 rx_framing_err=0, rx_overflow_err=0, rx_buffer_err=0 rx_bpe_err=0, rx_soft_overflow_err=0, rx_no_enp=0, rx_discard=0 tx_one_col_err=17, tx_more_col_err=37, tx_no_enp=0, tx_deferred_err=3027 tx_underrun_err=0, tx_late_collision_err=0, tx_loss_carrier_err=0 tx_exc_collision_err=0, tx_buff_err=0, fatal_tx_err=0 hsrp_conf=0, need_af_check=0 tx_limited=1(4) Also reload did not help, tried upgrade to 12.2(3) doesn't help, tried to use int e0/0 same behaviour. The switch is from lucent *** CASE LOG 24-AUG-2001 06:28:35 PSTAction Type: Action *** *p* i did a reload with no ip address and i got : Output queue 0/40, 0 drops; input queue 201/200, 86371 drops customer will
differenece btw 2924 A and 2924 EN [7:17146]
subject says it all. trying to figure this one out. I have seen the enterprise software loaded on the A model, yet people selling the switches differentiate between A and EN models. please clear up my confusion. thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17146t=17146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BSCN/CCIE: Friday's Brain Teaser #1 [7:17144]
Please refer to the Swahili Binary Conversion book to answer this...:-) -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:08 AM To: [EMAIL PROTECTED] Subject:BSCN/CCIE: Friday's Brain Teaser #1 [7:17144] No, Paul did not implement new subject header prepends, I did that to show where this teaser might be relevant. Okay, here goes. Not too difficult, but the idea is to learn. If you already have this stuff down cold, then please don't answer. ;-) That takes all of the fun out of it. Teaser #1 for today: Suppose you have two links connected to your router, one of which is faster and more reliable than the other. You want to utilize both links for the majority of your traffic but you have a few devices that you'd like to use the faster link exclusively. What mechanism do you have available to accomplish this? Do you have more than one? How would you do this if you wanted to select those devices based on IP address? Let's suppose that this were video traffic with an IP precedence higher than the rest of your traffic. Can you use this for path selection somehow? Now for the fun part. If you answer, please post a *short* configuration example. No need to get really complex, this is only for learning purposes. Good luck! John [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17148t=17144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2Q: BOSON FOR CIT and Cisco Training Manuals [7:17149]
Two quick questions. Q1. BOSON CIT Are BOSON tests good for CIT exam? I plan to buy 2 BOSON tests. Which ones do you recommend? Should I buy test #1 and #2 or test #2 and #3? Q2. Cisco Training Manuals -- Copyright I attended all Cisco training classes and have the official training manuals. Cisco says Cisco and its suppliers grant to you a nonexclusive and nontransferable license to use the Cisco Materials solely for your own personal use... After I finish my CCNP, I don't plan to keep these manuals. If I donate (transfer?) them to our local library, does it violate the license/copyright rule? Regards, J. Li __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17149t=17149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BSCN/CCIE: Friday's Brain Teaser #1 [7:17144]
Dang it, I lent mine to a friend studying for the written exam! I don't even think he'll need it until he starts studying for the lab. I hope he gives it back, those are expensive and hard to find. Wright, Jeremy 8/24/01 10:00:32 AM Please refer to the Swahili Binary Conversion book to answer this...:-) -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:08 AM To: [EMAIL PROTECTED] Subject:BSCN/CCIE: Friday's Brain Teaser #1 [7:17144] No, Paul did not implement new subject header prepends, I did that to show where this teaser might be relevant. Okay, here goes. Not too difficult, but the idea is to learn. If you already have this stuff down cold, then please don't answer. ;-) That takes all of the fun out of it. Teaser #1 for today: Suppose you have two links connected to your router, one of which is faster and more reliable than the other. You want to utilize both links for the majority of your traffic but you have a few devices that you'd like to use the faster link exclusively. What mechanism do you have available to accomplish this? Do you have more than one? How would you do this if you wanted to select those devices based on IP address? Let's suppose that this were video traffic with an IP precedence higher than the rest of your traffic. Can you use this for path selection somehow? Now for the fun part. If you answer, please post a *short* configuration example. No need to get really complex, this is only for learning purposes. Good luck! John [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17150t=17144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Fridays funnies [7:17141]
Oh goodness He/She sounds all of 17. -Patrick Natasha 08/24/01 12:01PM Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17151t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: access-list [7:17097]
login and password need to be enabled in the vty configuration add vty 0 4 login password thepassword If no enable or secret password is set, you'll also need to do that to be able to get to priveleged EXEC mode on the router - use enable password password -e- - Original Message - From: Haydn Solomon To: Sent: Friday, August 24, 2001 6:47 AM Subject: Re: access-list [7:17097] Remember that masks on standard access-lists are wildcard reverse masks. try using a mask of 255 like this access-list 55 permit 202.157.78.0 0.0.0.255 line vty 0 4 access-class 55 in I don't think the problem is the order of commands. --- Midnight Man wrote: You should change the order of your commands Line vty 0 4 access-class 55 in access-list 55 permit 202.157.78.0 0.0.0.128 For sure it will run correctly gook luck MNM --- kaushalenders wrote: hi , hi i have made a access list to restrict telnet on my router from other network but when i implemented on vty it was no working .Pls help the acesslist wass access-list 55 permit 202.157.78.0 0.0.0.128 line vty 0 4 access-class 55 in but it restricted the whole network [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17152t=17097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Friday Brain Teaser #1 [7:17135]
No, Paul did not implement new subject header prepends, I did that to show where this teaser might be relevant. Okay, here goes. Not too difficult, but the idea is to learn. If you already have this stuff down cold, then please don't answer. ;-) That takes all of the fun out of it. Teaser #1 for today: Suppose you have two links connected to your router, one of which is faster and more reliable than the other. You want to utilize both links for the majority of your traffic but you have a few devices that you'd like to use the faster link exclusively. What mechanism do you have available to accomplish this? Do you have more than one? How would you do this if you wanted to select those devices based on IP address? Let's suppose that this were video traffic with an IP precedence higher than the rest of your traffic. Can you use this for path selection somehow? Now for the fun part. If you answer, please post a *short* configuration example. No need to get really complex, this is only for learning purposes. Good luck! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17135t=17135 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access-list [7:17097]
0.0.0.128 IS a wildcard mask. It just allows half of the IP addresses you allow using the mask you provided. The order of commands isn't important. Kaushalenders, perhaps you could indicate which address range you are trying to permit to have access, and which you are trying to deny access? That would help isolate the problem. -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Haydn Solomon Sent: Friday, August 24, 2001 7:47 AM To: [EMAIL PROTECTED] Subject: Re: access-list [7:17097] Remember that masks on standard access-lists are wildcard reverse masks. try using a mask of 255 like this access-list 55 permit 202.157.78.0 0.0.0.255 line vty 0 4 access-class 55 in I don't think the problem is the order of commands. --- Midnight Man wrote: You should change the order of your commands Line vty 0 4 access-class 55 in access-list 55 permit 202.157.78.0 0.0.0.128 For sure it will run correctly gook luck MNM --- kaushalenders wrote: hi , hi i have made a access list to restrict telnet on my router from other network but when i implemented on vty it was no working .Pls help the acesslist wass access-list 55 permit 202.157.78.0 0.0.0.128 line vty 0 4 access-class 55 in but it restricted the whole network [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17154t=17097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fridays funnies [7:17141]
Yeah, I'm going this weekend to do my Masters in Physics. Nothing better on a Saturday to do then ramp up my carrier! -Original Message- From: Natasha [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:02 AM To: [EMAIL PROTECTED] Subject: OT: Fridays funnies [7:17141] Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17155t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: sh arp [7:17012]
I had a similar problem a year ago which turned out to be a hardware defect in the router. It was over voltage on the line and would cause the ethernet port to go away. Its a documented feature. At 11:59 AM 8/23/2001, Teresa Presutto wrote: It didn't ping successfully. In the sho log I see the following line: UTC: %AMDP2_FE-3-UNDERFLO: Ethernet0/1 transmit error I reloaded the router and now I can see all the MAC address in the arp cache. By the way something is going wrong... see this two sh int output grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:58:52 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2286000 bits/sec, 4703 packets/sec 30 second output rate 8000 bits/sec, 13 packets/sec 16568680 packets input, 1006250867 bytes, 0 no buffer Received 2701 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 41880 packets output, 20367226 bytes, 0 underruns(1268/2497/0) 0 output errors, 3765 collisions, 0 interface resets 0 babbles, 0 late collision, 6301 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out and after few seconds grp_ge#sh int eth0/1 Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 58/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:00:00, output hang never Last clearing of show interface counters 00:59:13 Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 2282000 bits/sec, 4695 packets/sec 30 second output rate 4000 bits/sec, 8 packets/sec 16670090 packets input, 1012418296 bytes, 0 no buffer Received 2716 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 42038 packets output, 20377608 bytes, 0 underruns(1268/2501/0) 0 output errors, 3769 collisions, 0 interface resets 0 babbles, 0 late collision, 6318 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out From: Odell Waters To: [EMAIL PROTECTED] Sent: Thursday, August 23, 2001 8:05 PM Subject: RE: sh arp [7:17012] Try pinging the addresses that came up in your arp cache as incomplete. If it pings successfully then look at the arp cache. You should then see the MAC associated with the IP addresses following a successful ping. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17156t=17012 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNA exam [7:15284]
Try boson.com They have good tests and only cost 29.95 PA -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Artashes Kalantarian Sent: Wednesday, August 08, 2001 9:24 AM To: [EMAIL PROTECTED] Subject: CCNA exam [7:15284] Hi All I am new to this newsgroup I am 14 and I am going to take the CCNA exam on the middle of this month. Can anybody suggest me tests that I can use for checking my knowledge? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17157t=15284 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: differenece btw 2924 A and 2924 EN [7:17146]
The A model had an IOS with fewer features. EN upgrade was on the order of $500. The market pushed Cisco into selling both at the same price so I don't believe that there is an A anymore. -Original Message- From: chris klebl [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:13 AM To: [EMAIL PROTECTED] Subject: differenece btw 2924 A and 2924 EN [7:17146] subject says it all. trying to figure this one out. I have seen the enterprise software loaded on the A model, yet people selling the switches differentiate between A and EN models. please clear up my confusion. thanks Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17158t=17146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access-list [7:17097]
Yes I do agree that 0.0.0.128 can be a wildcard mask but that would only wildcard one bit. That 128 would only cover the uppermost bit. But I agree if we know what range of ips need access then we can help this guy out. -Haydn -Original Message- From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 12:24 PM To: Haydn Solomon; [EMAIL PROTECTED]; kaushalenders Subject: RE: access-list [7:17097] 0.0.0.128 IS a wildcard mask. It just allows half of the IP addresses you allow using the mask you provided. The order of commands isn't important. Kaushalenders, perhaps you could indicate which address range you are trying to permit to have access, and which you are trying to deny access? That would help isolate the problem. -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Haydn Solomon Sent: Friday, August 24, 2001 7:47 AM To: [EMAIL PROTECTED] Subject: Re: access-list [7:17097] Remember that masks on standard access-lists are wildcard reverse masks. try using a mask of 255 like this access-list 55 permit 202.157.78.0 0.0.0.255 line vty 0 4 access-class 55 in I don't think the problem is the order of commands. --- Midnight Man wrote: You should change the order of your commands Line vty 0 4 access-class 55 in access-list 55 permit 202.157.78.0 0.0.0.128 For sure it will run correctly gook luck MNM --- kaushalenders wrote: hi , hi i have made a access list to restrict telnet on my router from other network but when i implemented on vty it was no working .Pls help the acesslist wass access-list 55 permit 202.157.78.0 0.0.0.128 line vty 0 4 access-class 55 in but it restricted the whole network [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17159t=17097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Fridays funnies [7:17141]
Natasha that was a seminal moment in my life. I was planning on wasting 8-12 months studying for the lab. Maybe I need to join the jobs group if the humor is that rich. Probably a better fit for me. Thank You, Donald B Johnson Jr - Original Message - From: Natasha To: Sent: Friday, August 24, 2001 9:01 AM Subject: OT: Fridays funnies [7:17141] Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17160t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs [7:17110]
No that is not it Steve, my therapist says if I'm good all week I can have a relapse or two on friday. P) - Original Message - From: Stephen Skinner To: Sent: Friday, August 24, 2001 9:00 AM Subject: Re: Tacacs [7:17110] Hello, i don`t mean to be rude but i think the reason the gentleman replyed the way he did was because way you posed your question was to say i`m to busy ...you lot do it for me now i personal believe that that is not the case and you were simply asking (as i do all the time) for some assistance in this subject matter. unfortunatly i don`t have an answer to your question but also require info on tacacs+so please don`t be afraid to pass on what you may learn Kindest Regards steve From: khramov Reply-To: khramov To: [EMAIL PROTECTED] Subject: Re: Tacacs [7:17110] Date: Fri, 24 Aug 2001 10:58:12 -0400 As far as I know this is Cisco newsgroup and it should be used for technical discussions not for personal insults. If you think that you are smarter than me or have better work habits that is fine, I am not going to argue with that. Otherwise I would be asking questions. Donald B Johnson jr wrote: After someone gives you an answer, are you going to have time to research if it is a good solution for you or are you going to just implement it. It sure must warm the cockles of your supervisors heart if he could see you now. actually the only two things that would make me to busy that I couldn't research an access solution would be; A raging blaze A Seinfeld rerun don - Original Message - From: khramov To: Sent: Friday, August 24, 2001 6:17 AM Subject: Tacacs [7:17110] Hi, Just like everyone else sometimes I do not have enough time to do the research myself and I post questions here. Here is what I am trying to do: I am trying to set up some sort of security server on my network to authorize user access on routers and switches. First of all what should I use Tacacs (extended or +), Radius, Kerberos, which one seem to work better. Second where can I buy/download the software or can I just configure a router as a Tacacs server. Just give me some ideas on this. Thanks a lot, alex _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17161t=17110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
that funnie job posting [7:17164]
Natasha that was a seminal moment in my life. I was planning on wasting 8-12 months studying for the lab. Maybe I need to join the jobs group if the humor is that rich. Probably a better fit for me. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17164t=17164 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BOSON FOR CIT and Cisco Training Manuals [7:17149]
Answer 1 download the demos and see which ones you like best. I always checked which works they referenced for their explanations. if I had that volume in my libabry it was probably a shoe-in. Answer 2 good question my first thinking would be no but since I also donate stuff and work with my local libabry every year I know they work under some special rules. That solely for your own personal use. thing is the hook. You should call Cisco and see. - Original Message - From: J. Li To: Sent: Friday, August 24, 2001 9:19 AM Subject: 2Q: BOSON FOR CIT and Cisco Training Manuals [7:17149] Two quick questions. Q1. BOSON CIT Are BOSON tests good for CIT exam? I plan to buy 2 BOSON tests. Which ones do you recommend? Should I buy test #1 and #2 or test #2 and #3? Q2. Cisco Training Manuals -- Copyright I attended all Cisco training classes and have the official training manuals. Cisco says Cisco and its suppliers grant to you a nonexclusive and nontransferable license to use the Cisco Materials solely for your own personal use... After I finish my CCNP, I don't plan to keep these manuals. If I donate (transfer?) them to our local library, does it violate the license/copyright rule? Regards, J. Li __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17163t=17149 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
debug span on router acting as bridge [7:17165]
Does anyone have a router acting as a bridge in their lab network? Cisco documentation claims that there is a debug span command that shows BPDU frames in hex as they come in. Now, I think this is an awful idea, since they come in every 2 seconds, but for a project I'm working on I need to find out if the command really exists. My routers will not run IOS beyond 11.0. (Hey, they were free! ;-) They do not support debug span. They only support debug span events which shows this: Albany#debug span events Spanning Tree event debugging is on Albany# ST: Topology Change rcvd on Ethernet0 ST: Topology Change rcvd on Ethernet1 ST: Topology Change rcvd on Ethernet0 ST: Topology Change rcvd on Ethernet1 I'm wondering 2 things: Does debug span events still exist? (It's not in the documentation.) Does debug span exist? (It is in the documentation but doesn't work on my routers.) Could anyone try it for me and send me output? By the way, if you don't have bridging working on your routers, it's really easy to configure: bridge 1 protocol ieee int e0 bridge-group 1 int e1 bridge-group 1 THANK-YOU!! Priscilla Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17165t=17165 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Subject: Re: sh arp [7:17012]
Teresa, I read the email exchanges. Did Cisco resolve the matter for you? Reading the exchanges below, that is not exactly clear. If you were getting 4000+ packets per second very late at night, I would tend to agree with another poster (was it Rheinhold?) that there is possibly some form of hacking attack going on. This also assumes that you do not have any late night scheduled tasks that consume high bandwidth (such as an across the wire backup). Have you put a sniffer on the wire to see what is going on? There is a sinffer that you may want to look at that was written in Italy for a graduate project. The menus are in English, but the help files are in Italian: http://netgroup-serv.polito.it/analyzer/ http://netgroup-serv.polito.it/analyzer/install/default.htm If you are running a non-Windows platform, here is a list of others out there: http://www.cotse.com/tools/sniffers.htm Just to be sure, did Cisco resolve the problem? v/r, Paul Werner Get your own 800 number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag On Fri, 24 Aug 2001, Teresa Presutto ([EMAIL PROTECTED]) wrote: Hi Paul, the following is the cisco tac case story. I closed the case just few = minutes ago. Let me know what do you think about this. Teresa Hi, I will be assisting you in the case that you have opened with us at = Cisco TAC. Can you please send the output of sh arp that you are = seeing along with sh tech. Thanks. Hi, Teresa thansk for the info. An incomplete mac address means I am not = getting the arp info from the host. It may be a bad nic on the host. = What you can do is make a static arp on the router for that ip address = with the mac address. The command will be; arp 172.17.1.5 arpa Also let me know if you can ping that address from the router. *** NOTES LOG 23-AUG-2001 13:44:57 PST, ciscodotcom, Action Type: Action = ***=20 Yasser, I tried pinging the addresses that came up in my arp cache as = incomplete, but it didn't pings successfully. It may be a bad nic on the host all the hosts in my LAN? By the way the situation now is a little bit different. I reloaded the router and now I'm in able to see all the MAC associated = with the IP addresses in the arp cache. But, please, see these outputs. In the first sh int eth0/1 I see=20 4494 collisions, 11176 deferred. After few seconds : 4497 collisions, 11184 deferred. Something is going wrong. Here is 22.40 (PM) nobody is working,so not to = much traffic should passing through the lan... With my best, Teresa *** EMAIL OUT 23-AUG-2001 16:44:14 PSTAction Type: Email Out ***=20 Hi, Teresa is this router connected to the switch on the ethernet side. If = it is then can you verify if the switch has good entries for the mac = addreses of the PC's. Also you can run debug arp on the router and you = will see that the router is sending arp request but never getting any = replies back.=20 *** STATUS CHANGE 23-AUG-2001 16:44:14 PST: ***=20 *** NOTES LOG 24-AUG-2001 01:44:32 PSTAction Type: Requeue Reason ***=20 current engineer unavailable *** NOTES LOG 24-AUG-2001 01:45:03 PST Action Type: ***=20 *** CASE LOG 24-AUG-2001 06:18:25 PSTAction Type: Action ***=20 *p* dialin and found cpu 100%. the cause is due to input queue full: grp_ge#sh int e0/1 Ethernet0/1 is up, line protocol is up=20 Hardware is AmdP2, address is 00b0.6469.4641 (bia 00b0.6469.4641) Description: LAN Uffici Genova Internet address is 172.17.1.33/24 MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec,=20 reliability 255/255, txload 1/255, rxload 18/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters never Input queue: 201/200/3150766/0 (size/max/drops/flushes); Total output = drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops)=20 Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 7500 kilobits/sec 30 second input rate 734000 bits/sec, 1527 packets/sec 30 second output rate 3000 bits/sec, 5 packets/sec 1816505 packets input, 109294388 bytes, 0 no buffer Received 1801634 broadcasts, 0 runts, 0 giants, 0 throttles 27318 input errors, 375 CRC, 197 frame, 0 overrun, 26943 ignored 0 input packets with dribble condition detected 11191 packets output, 749513 bytes, 0 underruns(17/37/0) 0 output errors, 54 collisions, 2 interface resets 0 babbles, 0 late collision, 3027 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out grp_ge# sh controll e0/1 Interface Ethernet0/1 Hardware is AMD Presidio2 ADDR: 80F78818, FASTSEND: 80029158, MCI_INDEX: 0 DIST ROUTE ENABLED: 0 Route Cache Flag: 11
Re: Problem Using external routers to route between VLANs [7:17166]
Hamid, Don't know if you've already seen this, but check out http://www.cisco.com/warp/public/473/50.shtml#cisco2600 From what I see on this page, it would appear that a FastEthernet port is required for interVLAN routing. BTW, group, I noticed in the configuration section of this page that there's this statement on the two switch interfaces being trunked: spanning-tree portfast I was told that PORTFAST disabled spanning-tree?? Have I been given bogus information or is this possible on the swtich model given (3512-XL)? Hamid 08/22/01 01:28AM Hi group, I was wondering if it is A MUST for the external routers's interface to be a 100Mb interface, is it possible to do the InterVlan routing on an ethernet port (10Mb) on a 2600 router? I tried to setup a simple scenario with my 2600 router in my home lab, setting the port connected to the 2600 router to TRUNK mode with isl encapsulation , and allowing all vlans. But when I tried to confgure the router's sub-interfaces I the following errors: Router3(config)#int ethernet 0/0.2 Router3(config-subif)#ip address 10.10.2.1 255.255.255.0 Configuring IP routing on a LAN subinterface is only allowed if that subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q, or ISL vLAN. The other problem was that inthe SUBIF configuration mode I didn't have the ENCAPSULATION command available. Bellow is the output of the show version command: Router3#sh ver Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IO3-M), Version 12.2(3), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Wed 18-Jul-01 17:11 by pwade Image text-base: 0x80008088, data-base: 0x809C818C ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Router3 uptime is 6 hours, 3 minutes System returned to ROM by reload System image file is flash:c2600-io3-mz.122-3.bin cisco 2610 (MPC860) processor (revision 0x203) with 28672K/4096K bytes of memory. Processor board ID JAD04390FCB (93659888) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 1 Ethernet/IEEE 802.3 interface(s) 2 Serial(sync/async) network interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17166t=17166 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: debug span on router acting as bridge [7:17165]
RouterD#debug span debug span % Incomplete command. RouterD#debug span ? events Spanning tree topology events treeSpanning tree protocol data units RouterD#debug span events Spanning Tree event debugging is on RouterD#debug span tree ? RouterD#debug span tree Spanning Tree BPDU debugging is on RouterD# Do you need an example of what the debug output looks like? -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Friday, August 24, 2001 11:26 AM To: [EMAIL PROTECTED] Subject: debug span on router acting as bridge [7:17165] Does anyone have a router acting as a bridge in their lab network? Cisco documentation claims that there is a debug span command that shows BPDU frames in hex as they come in. Now, I think this is an awful idea, since they come in every 2 seconds, but for a project I'm working on I need to find out if the command really exists. My routers will not run IOS beyond 11.0. (Hey, they were free! ;-) They do not support debug span. They only support debug span events which shows this: Albany#debug span events Spanning Tree event debugging is on Albany# ST: Topology Change rcvd on Ethernet0 ST: Topology Change rcvd on Ethernet1 ST: Topology Change rcvd on Ethernet0 ST: Topology Change rcvd on Ethernet1 I'm wondering 2 things: Does debug span events still exist? (It's not in the documentation.) Does debug span exist? (It is in the documentation but doesn't work on my routers.) Could anyone try it for me and send me output? By the way, if you don't have bridging working on your routers, it's really easy to configure: bridge 1 protocol ieee int e0 bridge-group 1 int e1 bridge-group 1 THANK-YOU!! Priscilla Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17167t=17165 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another CCIE Written Question [7:17050]
Howard, Does is it really matter if it is BSC or SDLC multidrop network. In an IBM SDLC network you are dealing with Master/SLave design so you will never get collisions becuase the Master controlls the transmission time Most are full duplex, so in those cases, no you shouldn't.. Brian Sonic Whalen Success = Preparation + Opportunity On Thu, 23 Aug 2001, Wright, Jeremy wrote: Can you have collisions on a serial link? Thanks again. I'm in general agreement, but be aware that you might run into IBM BSC or SDLC networks that use polled multidrop on half-duplex facilities. Rare now, but you might see them on things like automatic teller machines, point-of-sale terminals, etc. -- those being critical business applications that work, so no one wants to fiddle with them. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17168t=17050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: debug span on router acting as bridge [7:17165]
I wonder if debug span tree is the one that shows the packets? Any chance you could try for me?? ;-] You would have to have bridging enabled on a couple routers or a router connected to a switch. I am interested in the output. I want to see the actual packet and document the output, because the Cisco documentation is wrong. Not only does it not mention the required argument, but it explains the output incorrectly. A missing carriage return messed it up for them. (If there's a carriage return after ST: Ether4, then their explanation works. I see these sorts of errors as an opportunity! ;-) To see what I'm babbling about, check http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122sup/122debug/dbfser.htm#xtocid471525 THANKS Priscilla At 11:24 AM 8/24/01, Leigh Anne Chisholm wrote: RouterD#debug span debug span % Incomplete command. RouterD#debug span ? events Spanning tree topology events treeSpanning tree protocol data units RouterD#debug span events Spanning Tree event debugging is on RouterD#debug span tree ? RouterD#debug span tree Spanning Tree BPDU debugging is on RouterD# Do you need an example of what the debug output looks like? -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Friday, August 24, 2001 11:26 AM To: [EMAIL PROTECTED] Subject: debug span on router acting as bridge [7:17165] Does anyone have a router acting as a bridge in their lab network? Cisco documentation claims that there is a debug span command that shows BPDU frames in hex as they come in. Now, I think this is an awful idea, since they come in every 2 seconds, but for a project I'm working on I need to find out if the command really exists. My routers will not run IOS beyond 11.0. (Hey, they were free! ;-) They do not support debug span. They only support debug span events which shows this: Albany#debug span events Spanning Tree event debugging is on Albany# ST: Topology Change rcvd on Ethernet0 ST: Topology Change rcvd on Ethernet1 ST: Topology Change rcvd on Ethernet0 ST: Topology Change rcvd on Ethernet1 I'm wondering 2 things: Does debug span events still exist? (It's not in the documentation.) Does debug span exist? (It is in the documentation but doesn't work on my routers.) Could anyone try it for me and send me output? By the way, if you don't have bridging working on your routers, it's really easy to configure: bridge 1 protocol ieee int e0 bridge-group 1 int e1 bridge-group 1 THANK-YOU!! Priscilla Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17169t=17165 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ccie lab training [7:17170]
Hi, Guys: Does anyone have a good suggestion which CCIE lab trainning camp is the best? mentortech, ccprep.com or others? Thanks, ~ml Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17170t=17170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Syslog Server [7:17171]
Does anyone have suggestions/preferences on what syslog server to get? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17171t=17171 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another CCIE Written Question [7:17050]
This isn't an actual answer to your question about BSC and SDLC, which Howard can do, but for all of you wondering about this issue, I recommend chapter 3 of Tannenbaum, Computer Networks. He goes into lots of interesting details about how to allocate a single broadcast channel among competing users. The traditional way was frequency-division multiplexing, he says. However when the number of stations is large and varies, or traffic is bursty, FDM presents some problems. New methods, models, and assumptions are needed. He goes into gory details about assumptions and then finally gets into protocols used in LANs, including ALOHA, 1-persistent CSMA, non-persistent CSMA, CSMA/CD, CSMA/CA, basic bit-map methods, BRAP, and a bunch of other stuff. But, bottom line (and I am finally getting to that), collisions occur on a single broadcast channel that is shared among competing users. This doesn't apply to a typical serial link. Cisco uses a template for the output of show interface commands that does not remove statistics that are irrelevant to the interface being shown. So show int s0 does include a collision count but it's always zero. It also shows a runt count and giants. Lazy programming? Memory constraints on how many templates that could maintain? Who knows. As a CCIE (even a CCNA?! ;-) you would be expected to know to ignore the collision, runt, and giants count on a show int s0. Cisco makes life difficult for engineers by using esoteric and non-intuitive commands and output, and then makes lots of money certifying people who understand these esoteric subtleties. ;-) Priscilla At 01:44 PM 8/24/01, John Nenye wrote: Howard, Does is it really matter if it is BSC or SDLC multidrop network. In an IBM SDLC network you are dealing with Master/SLave design so you will never get collisions becuase the Master controlls the transmission time Most are full duplex, so in those cases, no you shouldn't.. Brian Sonic Whalen Success = Preparation + Opportunity On Thu, 23 Aug 2001, Wright, Jeremy wrote: Can you have collisions on a serial link? Thanks again. I'm in general agreement, but be aware that you might run into IBM BSC or SDLC networks that use polled multidrop on half-duplex facilities. Rare now, but you might see them on things like automatic teller machines, point-of-sale terminals, etc. -- those being critical business applications that work, so no one wants to fiddle with them. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17174t=17050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Syslog Server [7:17171]
syslogd :) Of course it runs on unix/linux... Did I mention that Suse was a good distro to start with? Wright, Jeremy 08/24/01 02:10PM Does anyone have suggestions/preferences on what syslog server to get? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17173t=17171 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem Using external routers to route between VLANs [7:17175]
Portfast does not disable spanning-tree. It is meant for connections between an endstation PC and a switch. Upon PC startup the link immediately goes into forwarding mode. If a loop did exist the link would transition to blocking. -Original Message- From: Patricia Leeb-Hart [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Problem Using external routers to route between VLANs [7:17166] Hamid, Don't know if you've already seen this, but check out http://www.cisco.com/warp/public/473/50.shtml#cisco2600 From what I see on this page, it would appear that a FastEthernet port is required for interVLAN routing. BTW, group, I noticed in the configuration section of this page that there's this statement on the two switch interfaces being trunked: spanning-tree portfast I was told that PORTFAST disabled spanning-tree?? Have I been given bogus information or is this possible on the swtich model given (3512-XL)? Hamid 08/22/01 01:28AM Hi group, I was wondering if it is A MUST for the external routers's interface to be a 100Mb interface, is it possible to do the InterVlan routing on an ethernet port (10Mb) on a 2600 router? I tried to setup a simple scenario with my 2600 router in my home lab, setting the port connected to the 2600 router to TRUNK mode with isl encapsulation , and allowing all vlans. But when I tried to confgure the router's sub-interfaces I the following errors: Router3(config)#int ethernet 0/0.2 Router3(config-subif)#ip address 10.10.2.1 255.255.255.0 Configuring IP routing on a LAN subinterface is only allowed if that subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q, or ISL vLAN. The other problem was that inthe SUBIF configuration mode I didn't have the ENCAPSULATION command available. Bellow is the output of the show version command: Router3#sh ver Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-IO3-M), Version 12.2(3), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Wed 18-Jul-01 17:11 by pwade Image text-base: 0x80008088, data-base: 0x809C818C ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Router3 uptime is 6 hours, 3 minutes System returned to ROM by reload System image file is flash:c2600-io3-mz.122-3.bin cisco 2610 (MPC860) processor (revision 0x203) with 28672K/4096K bytes of memory. Processor board ID JAD04390FCB (93659888) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 1 Ethernet/IEEE 802.3 interface(s) 2 Serial(sync/async) network interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17175t=17175 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Syslog Server [7:17171]
You might also consider: http://www.kiwi-enterprises.com/software_downloads.htm#Syslogd It is now freeware.. and if your not a *nix user it runs under Win9x, ME, XP, NT4 2000. Really nice and easy to use.. Also supports SNMP traps etc etc.. Dave Wright, Jeremy 08/24/01 03:10PM Does anyone have suggestions/preferences on what syslog server to get? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17176t=17171 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
1900 CLI Same as Cat5K? [7:17177]
Hello, all. I hope I'm not being redundant redundant, but I can't locate this in the archives, so here goes: I haven't had the occasion to do much with either the Catalyst 5000 or the 1900 series, I've only worked with 2912/24. For purposes of studying for an eventual CCIE lab, are the 'set' and 'clear' commands pretty much the same for both series? To get right to the point, can I purchase the cheaper 1900 series and essentially learn the CLI structure of the Catalyst 5000 in this manner? Thanks, Don Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17177t=17177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Syslog Server [7:17171]
NT or UNIX - Original Message - From: Wright, Jeremy To: Sent: Friday, August 24, 2001 11:10 AM Subject: Syslog Server [7:17171] Does anyone have suggestions/preferences on what syslog server to get? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17178t=17171 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 1900 CLI Same as Cat5K? [7:17177]
It has been a while since I have touched a 1900 but I am pretty sure that the 1900 uses IOS so you would not be able to learn the Catalyst set/clear command structure on this switch. Heather -Original Message- From: Don Claybrook [SMTP:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 1:44 PM To: [EMAIL PROTECTED] Subject: 1900 CLI Same as Cat5K? [7:17177] Hello, all. I hope I'm not being redundant redundant, but I can't locate this in the archives, so here goes: I haven't had the occasion to do much with either the Catalyst 5000 or the 1900 series, I've only worked with 2912/24. For purposes of studying for an eventual CCIE lab, are the 'set' and 'clear' commands pretty much the same for both series? To get right to the point, can I purchase the cheaper 1900 series and essentially learn the CLI structure of the Catalyst 5000 in this manner? Thanks, Don Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17180t=17177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fridays funnies [7:17141]
Actually, I have been considering taking a couple of months off since the market is kind of slow right now and get my M.D. Never hurts to have a backup plan if the current career path doesn't pan out. ;-) Heather Buri -Original Message- From: Steve Smith [SMTP:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:44 AM To: [EMAIL PROTECTED] Subject: RE: Fridays funnies [7:17141] Yeah, I'm going this weekend to do my Masters in Physics. Nothing better on a Saturday to do then ramp up my carrier! -Original Message- From: Natasha [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:02 AM To: [EMAIL PROTECTED] Subject: OT: Fridays funnies [7:17141] Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17179t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fridays funnies [7:17141]
Heather, the job market isn't slow... it's that there's people like that which Natasha posted about out there that we're competing with. If an employer had to choose between someone who could pass the lab in 20 days, or someone like you or I that would take months, if not years to do, who would you hire? If you and I don't pick up the pace, we'll never find jobs! (-: -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Buri, Heather L. Sent: Friday, August 24, 2001 1:08 PM To: [EMAIL PROTECTED] Subject: RE: Fridays funnies [7:17141] Actually, I have been considering taking a couple of months off since the market is kind of slow right now and get my M.D. Never hurts to have a backup plan if the current career path doesn't pan out. ;-) Heather Buri -Original Message- From: Steve Smith [SMTP:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:44 AM To: [EMAIL PROTECTED] Subject: RE: Fridays funnies [7:17141] Yeah, I'm going this weekend to do my Masters in Physics. Nothing better on a Saturday to do then ramp up my carrier! -Original Message- From: Natasha [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:02 AM To: [EMAIL PROTECTED] Subject: OT: Fridays funnies [7:17141] Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17181t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem Using external routers to route between VLANs [7:17183]
Thanks for clearing this up! This comes as a tremendous a relief to me and inquiring minds on my other mailing lists Daniel Cotts 08/24/01 11:15AM Portfast does not disable spanning-tree. It is meant for connections between an endstation PC and a switch. Upon PC startup the link immediately goes into forwarding mode. If a loop did exist the link would transition to blocking. -Original Message- From: Patricia Leeb-Hart [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Problem Using external routers to route between VLANs [7:17166] Hamid, Don't know if you've already seen this, but check out http://www.cisco.com/warp/public/473/50.shtml#cisco2600 From what I see on this page, it would appear that a FastEthernet port is required for interVLAN routing. BTW, group, I noticed in the configuration section of this page that there's this statement on the two switch interfaces being trunked: spanning-tree portfast I was told that PORTFAST disabled spanning-tree?? Have I been given bogus information or is this possible on the swtich model given (3512-XL)? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17183t=17183 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 1900 CLI Same as Cat5K? [7:17177]
No. The 1900 is a unique cat in that while it is similar (more like router IOS)to the 2900 it is not the same. It is not at all like the Cat5K line which uses set and clear commands. An old 2901 might be your least expensive way to learn that command set. It is limited to about ver 4.9 of CatOS. Side comment. Todd Lammle's CCNA book ver 2 has a neat 1900 tutorial in an appendix. -Original Message- From: Don Claybrook [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 1:44 PM To: [EMAIL PROTECTED] Subject: 1900 CLI Same as Cat5K? [7:17177] Hello, all. I hope I'm not being redundant redundant, but I can't locate this in the archives, so here goes: I haven't had the occasion to do much with either the Catalyst 5000 or the 1900 series, I've only worked with 2912/24. For purposes of studying for an eventual CCIE lab, are the 'set' and 'clear' commands pretty much the same for both series? To get right to the point, can I purchase the cheaper 1900 series and essentially learn the CLI structure of the Catalyst 5000 in this manner? Thanks, Don Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17184t=17177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fridays funnies [7:17141]
Leigh Ann, that is a good point. I could never pass the CCIE in 20 days. Heck, I am still waiting for the CCIE for Dummies to get published. :-) I needed a good laugh today and that job posting sure did it for me! Thanks, Heather -Original Message- From: Leigh Anne Chisholm [SMTP:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 2:04 PM To: Buri, Heather L.; [EMAIL PROTECTED] Subject: RE: Fridays funnies [7:17141] Heather, the job market isn't slow... it's that there's people like that which Natasha posted about out there that we're competing with. If an employer had to choose between someone who could pass the lab in 20 days, or someone like you or I that would take months, if not years to do, who would you hire? If you and I don't pick up the pace, we'll never find jobs! (-: -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Buri, Heather L. Sent: Friday, August 24, 2001 1:08 PM To: [EMAIL PROTECTED] Subject: RE: Fridays funnies [7:17141] Actually, I have been considering taking a couple of months off since the market is kind of slow right now and get my M.D. Never hurts to have a backup plan if the current career path doesn't pan out. ;-) Heather Buri -Original Message- From: Steve Smith [SMTP:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:44 AM To: [EMAIL PROTECTED] Subject:RE: Fridays funnies [7:17141] Yeah, I'm going this weekend to do my Masters in Physics. Nothing better on a Saturday to do then ramp up my carrier! -Original Message- From: Natasha [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:02 AM To: [EMAIL PROTECTED] Subject: OT: Fridays funnies [7:17141] Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17182t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem Using external routers to route between VLANs [7:17185]
I just looked in Cisco LAN Switching from Cisco Press by Clark and Hamilton. A great reference book. -Original Message- From: Patricia Leeb-Hart [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 2:07 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Problem Using external routers to route between VLANs [7:17166] Thanks for clearing this up! This comes as a tremendous a relief to me and inquiring minds on my other mailing lists Daniel Cotts 08/24/01 11:15AM Portfast does not disable spanning-tree. It is meant for connections between an endstation PC and a switch. Upon PC startup the link immediately goes into forwarding mode. If a loop did exist the link would transition to blocking. -Original Message- From: Patricia Leeb-Hart [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Problem Using external routers to route between VLANs [7:17166] Hamid, Don't know if you've already seen this, but check out http://www.cisco.com/warp/public/473/50.shtml#cisco2600 From what I see on this page, it would appear that a FastEthernet port is required for interVLAN routing. BTW, group, I noticed in the configuration section of this page that there's this statement on the two switch interfaces being trunked: spanning-tree portfast I was told that PORTFAST disabled spanning-tree?? Have I been given bogus information or is this possible on the swtich model given (3512-XL)? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17185t=17185 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Security Knowledge, Cert and Choice [7:17186]
I am currently preparing for my last CCNP exam (CIT), and are therefore slowly considering what to do next. My experience with Cisco routers, switches, etc. is still too low for me to even consider going for the CCIE right away. However, security is one of the areas where I lack knowledge and experience, so I have decided to go that way next. Since the main reason for the security choice is that I want knowledge, I am therefore not that concerned with a special certification. Here are some questions: What route should I take to get the best knowledge about security areas like: firewalls, proxy servers, vpn, etc.? - Cisco, Central Point, ? How well does Cisco's PIX's do compared to other products, and is a PIX enough to protect against as much as possible (I know that you can never be 100.00% secure when you allow anything through). Are there any extremly good books you simply must recommend me reading (from beginner to advanced)? Any other good advise? Thanks in advance, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17186t=17186 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem Using external routers to route between VLANs [7:17187]
Thanks! Looks like I'll be visiting Stacey's bookstore again during lunch I've bought so many tech books there I've earned a $100 freebie. Daniel Cotts 08/24/01 12:12PM I just looked in Cisco LAN Switching from Cisco Press by Clark and Hamilton. A great reference book. -Original Message- From: Patricia Leeb-Hart [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 2:07 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Problem Using external routers to route between VLANs [7:17166] Thanks for clearing this up! This comes as a tremendous a relief to me and inquiring minds on my other mailing lists Daniel Cotts 08/24/01 11:15AM Portfast does not disable spanning-tree. It is meant for connections between an endstation PC and a switch. Upon PC startup the link immediately goes into forwarding mode. If a loop did exist the link would transition to blocking. -Original Message- From: Patricia Leeb-Hart [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 12:33 PM To: [EMAIL PROTECTED] Subject: Re: Problem Using external routers to route between VLANs [7:17166] Hamid, Don't know if you've already seen this, but check out http://www.cisco.com/warp/public/473/50.shtml#cisco2600 From what I see on this page, it would appear that a FastEthernet port is required for interVLAN routing. BTW, group, I noticed in the configuration section of this page that there's this statement on the two switch interfaces being trunked: spanning-tree portfast I was told that PORTFAST disabled spanning-tree?? Have I been given bogus information or is this possible on the swtich model given (3512-XL)? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17187t=17187 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco reorganizes into 11 technology groups [7:17188]
The networking giant will replace a structure aligned according to customer market. Cisco also said its business is stabilizing. http://computerworld.com/nlt/1%2C3590%2CNAV47_STO63262_NLTAM%2C00.html http://newsroom.cisco.com/dlls/corp_082301b.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17188t=17188 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 1900 CLI Same as Cat5K? [7:17177]
Don, The 1900 CLI is not the same as the 5000, but if you'd like, feel free to download my free homemade Cat5000 set-based command trainer by following the RouterChief link below. Have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Don Claybrook [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 1:44 PM To: [EMAIL PROTECTED] Subject: 1900 CLI Same as Cat5K? [7:17177] Hello, all. I hope I'm not being redundant redundant, but I can't locate this in the archives, so here goes: I haven't had the occasion to do much with either the Catalyst 5000 or the 1900 series, I've only worked with 2912/24. For purposes of studying for an eventual CCIE lab, are the 'set' and 'clear' commands pretty much the same for both series? To get right to the point, can I purchase the cheaper 1900 series and essentially learn the CLI structure of the Catalyst 5000 in this manner? Thanks, Don Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17189t=17177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: access-list [7:17097]
The inverse mask on this is likely incorrect, if yoy want it to be for half a class c, you want 0.0.0.127 Brian Sonic Whalen Success = Preparation + Opportunity On Fri, 24 Aug 2001, Midnight Man wrote: You should change the order of your commands Line vty 0 4 access-class 55 in access-list 55 permit 202.157.78.0 0.0.0.128 For sure it will run correctly gook luck MNM --- kaushalenders wrote: hi , hi i have made a access list to restrict telnet on my router from other network but when i implemented on vty it was no working .Pls help the acesslist wass access-list 55 permit 202.157.78.0 0.0.0.128 line vty 0 4 access-class 55 in but it restricted the whole network [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17190t=17097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security Knowledge, Cert and Choice [7:17186]
Hi Ole, I am in the same boat as you. I am getting ready to take my final exam (CIT) yet feel that I have nowhere near the experience level to think about attempting the CCIE lab. I need at least 2 more years of good, solid hands-on experience before I am ready to attempt that. I am also considering concentrating in security as well as voice applications. If you come across any good resources, please pass them along. I have the Managing Cisco Network Security book but have not started reading it yet. I will let you know my thoughts once I start it. Good luck on your exam! Heather -Original Message- From: Ole Drews Jensen [SMTP:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 2:31 PM To: [EMAIL PROTECTED] Subject: OT: Security Knowledge, Cert and Choice [7:17186] I am currently preparing for my last CCNP exam (CIT), and are therefore slowly considering what to do next. My experience with Cisco routers, switches, etc. is still too low for me to even consider going for the CCIE right away. However, security is one of the areas where I lack knowledge and experience, so I have decided to go that way next. Since the main reason for the security choice is that I want knowledge, I am therefore not that concerned with a special certification. Here are some questions: What route should I take to get the best knowledge about security areas like: firewalls, proxy servers, vpn, etc.? - Cisco, Central Point, ? How well does Cisco's PIX's do compared to other products, and is a PIX enough to protect against as much as possible (I know that you can never be 100.00% secure when you allow anything through). Are there any extremly good books you simply must recommend me reading (from beginner to advanced)? Any other good advise? Thanks in advance, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17191t=17186 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fridays funnies [7:17141]
OK that does it Heather! Next weekend I will test out and get my PhD. in Quantum physics. StevePhD / MD soon to be! -Original Message- From: Buri, Heather L. [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 1:51 PM To: Steve Smith; [EMAIL PROTECTED] Subject: RE: Fridays funnies [7:17141] Actually, I have been considering taking a couple of months off since the market is kind of slow right now and get my M.D. Never hurts to have a backup plan if the current career path doesn't pan out. ;-) Heather Buri -Original Message- From: Steve Smith [SMTP:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:44 AM To: [EMAIL PROTECTED] Subject: RE: Fridays funnies [7:17141] Yeah, I'm going this weekend to do my Masters in Physics. Nothing better on a Saturday to do then ramp up my carrier! -Original Message- From: Natasha [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 11:02 AM To: [EMAIL PROTECTED] Subject: OT: Fridays funnies [7:17141] Ok 2 jokes and then something that was posted on the groupstudy jobs list that you may get a kick out of. Name withheld of course. - Three men are traveling in the Amazon, a German, an American, and a Mexican, and they get captured by some Amazons. The head of the tribe says to the German, What do you want on your back for your whipping? The German responds, I will take oil! So they put oil on his back, and a large Amazon whips him 10 times. When he is finished the German has huge welts on his back, and he can hardly move. The Amazons haul the German away, and say to the Mexican, What do you want on your back? I will take sand! says the Mexican, and he stands there straight and takes his 10 lashings without a single flinch. What will you take on your back? the Amazons ask the American. I'll take the Mexican. -- A married couple is awakened by the sound of someone knocking on their door. The husband gets up, opens the window, and shouts, Who's there? A voice from below calls out, Please help. I need a push. It's three in the morning, the man hollers. Get lost before I call the cops! His wife rolls over and says, Honey, you should help that person. Remember when our children got stuck on the highway late that night and that trucker helped? The guy sighs, goes downstairs, and calls out, Hey, do you still need a push? Yes, a voice replies. Where are you? Over here, on the swings! Now the jobs list posting... good morning to you. I am looking out for a job real quick. I have been lazing around too much after I quit my job of 3 months and have finally decided to work and and shoot up my career. Presently MCSE. My friend has CCIE books and we two have decided to study hard for about 10 days and finish off the CCIE written and 10 days later the lab. You can interview me now and I would be able to join you only 20 days later, by Sept.15 definitely. I would send my resume to anybody interested. Specifications: Can relocate anywhere in USA. Salary Expected: $85,000. We can give you a better offer if you agree to employ me and my friend both. Will need 20 days leave in Jan 2002 to do CCEE. -- Natasha Flazynski CCNA, MCSE http://www.ciscobot.com My Cisco information site. http://www.botbuilders.com Artificial Intelligence and Linux development Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17192t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR +OSPF Scenerio...CCBOOTCAMP LAB:3 [7:17117]
Ah the old OSPF over frame relay problem! You, sir, have discovered one of the CCIE core topics - something you MUST know inside out to pass your Lab. This isn't a strange problem. This is a well known behaviors that gets to the heart of OSPF and NMBA. The fact that you are asking the question indicates you need to study OSPF a little more. Got your Caslow handy? Got the RFC? Doyle? Slattery? My own advice - change your focus from one of memorizing configurations that get things to work to one of intimately understanding the behaviours and the issues. Best wishes in your studies. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Cisco Lover Sent: Friday, August 24, 2001 5:13 PM To: [EMAIL PROTECTED] Subject: FR +OSPF Scenerio...CCBOOTCAMP LAB:3 [7:17117] Hi Guys.. Facing some strange problem in OSPF.. DO u know any condition if two routers become adjacent but still cant exchange routes???What could be the reasons for it? In this Lab, We have 2 subinterfaces on R1.One multipoint subinterface is connected to two routers R2 R3 physical interfaces. The other PtP subinterface on R1 is connected to R4 physical interface. Now problem is that we are not allowed to use IP OSPF NETWORK COMMADN on these interfaces in order to make the same network type. The problem I m facing is on R1 R4 link.When I applied debug ip ospf,I see Hello mismatch SO I match the Hello values on both sides .AFter that I am able to see that R4 is now adjacent with R1 Point to point interface but Still I cant see any route from R1 coming on R4 or vice versa.. Any Suggestion GUY; Thanks a lot _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17222t=17117 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: router boots into rommon mode... [7:16890]
Thanks everyone, I have fixed the rommon booting problem and the RSM now boots the image. The main issue was my understanding (or lack thereof) of the config-register. For some reason, I thought the value displayed in show versions was the value you were -supposed- to set the config-register to...I didn't realize that show versions simply displays what the register is currently set to. Once I booted the flash image manually via rommon, I then executed: RSM-5500(config)# boot system flash slot0:c5rsm-isv-mz.113-5.WA4.8.bin Which then boots that image from slot0. Later I copied the image to bootflash via RSM-5500# copy slot0:c5rsm-isv-mz.113-5.WA4.8.bin bootflash:c5rsm-isv-mz.113-5.WA4.8.bin and then I cleared the slot0 card by deleting the files on it and then doing a squeeze to wipe them permanently. Booting off the boot flash is faster than the PCMCIA card, correct? Thanks again, Sean Daniel Cotts wrote in message news:[EMAIL PROTECTED]... An RSM is similar to an RSP in a 7500 series router. From rommon it looks by default for a boot image in the bootflash. If you have a boot bootldr image name line in your config it will use that. It then loads the boot image. It next looks for a full image. By default that is the first image on the first Flash card. You may specify which image to use with boot system flash image name. boot system flash slot1:rsp-jsv-mz_113-11a.bin boot bootldr slot0:rsp-boot-mz_113-11a.bin My guess is that you don't have a boot image or your config is looking for an image that was erased. Look in your bootflash. TGE_7513#sh flash bootflash: -#- ED --type-- --crc--- -seek-- nlen -length- -date/time-- name 1 .. unknown 0FD57943 3CE2EC 21 3727980 Nov 01 1997 21:14:50 rsp-boot-mz.111-10.CA Check to see which is your present working directory TGE_7513#pwd slot0 You can change that. TGE_7513#cd slot1: TGE_7513#pwd slot1 TGE_7513#cd slot0: TGE_7513#pwd slot0 Check for the contents on the flash card. router#dir slot0: -Original Message- From: Sean Knox [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 12:51 AM To: [EMAIL PROTECTED] Subject: Re: router boots into rommon mode... [7:16890] I did change the config-register to 0x2102 (that's what was shown in sh version). Yet the router still boots to rommon. I will try issuing the confreg 0x2102 command in rommon, but I don't see how that will help. Would the fact that this router is actually a route switch module using a flash card possibly change the configuration steps? Regards, Sean richard dumoulin wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I think you should change the config-register to a value like 0x2102 or something finishing with 2. If I remember well, the number 2 means that the router should load the ios from flash.I believe you have set this value to something like 0x2101 or 0x2100. Regards. note: I need to check this, as I am forgetting the CCNA stuff :) note2: to change the register, you can try ? to see which rommon os command will let you do it. In certain rommon the command is confreg 0x2102 and in others it is o/r 0x2102.Then you issue boot or i to boot the router. Regards. Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17223t=16890 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: debug span on router acting as bridge [7:17165]
Comments within and below. Does anyone have a router acting as a bridge in their lab network? Yes, a bunch of 2500s running everything from 12.09 to 12.2(3) and experimental smokin IPv6 code. I also have a BFR (Cisco 7000) running 11.2(16) Cisco documentation claims that there is a debug span command that shows BPDU frames in hex as they come in. Now, I think this is an awful idea, since they come in every 2 seconds, but for a project I'm working on I need to find out if the command really exists. For starters, this appears to be one of those commands that has been propagated over the years as a recurring mistake in the command summaries. Just to let you know, this command first appeared in IOS 8.3 (yes, you are reading that correctly :-) http://www.cisco.com/univercd/cc/td/doc/product/software/ssr83/r pc_r/53998.htm#xtocid1116650 Although the command was released in 8.3 code, very little was mentioned about it in terms of what you should see and how to interpret it. That appears to have been documented in IOS 9.21, which is shown here: http://www.cisco.com/univercd/cc/td/doc/product/software/ssr921/ dcr/80432.htm#xtocid755369 It indicates the same sort of information that you read in the 12.2 command reference. My guess is that right about at that time the Kalpana switches were becoming the rage, bridging was taking a back seat to routing and the focus was on routing and routing protocols. Although the functionality and debugs for bridging did improve over the years, the documentation does not appear to have kept up. For example, here is what my 12.2(3) cisco 2511 has to say about the debugs available: 2511#debug spa? spanning-tree 2511#debug spa 2511#debug spanning-tree ? all All Spanning Tree debugging messages bpdu Spanning tree bridge protocol data units bpdu-opt Optimized BPDU handling configSpanning tree config changes etherchannel EtherChannel support eventsSpanning tree topology events exceptionsSpanning tree exceptions general Spanning tree general pvst+ PVST+ events root Spanning tree root events snmp Spanning Tree SNMP handling Just for grins, I turned them all on and configured an IEEE bridge with routing disabled. Here is what I get: 2511#sh span Bridge group 1 is executing the ieee compatible Spanning Tree protocol Bridge Identifier has priority 32768, address .0c92.7624 Configured hello time 2, max age 20, forward delay 15 Current root has priority 32768, address .0c83.e2d0 Root port is 3 (Serial0), cost of root path is 647 Topology change flag not set, detected flag not set Number of topology changes 3 last change occurred 00:38:31 ago from Serial0 Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0, aging 300 Port 3 (Serial0) of Bridge group 1 is forwarding --More-- 01:00:03: Returning spanning tree stats @ 5CEDA0 01:00:03: Returning spanning tree port stat Port path cost 647, Port priority 128, Port Identifier 128.3. Designated root has priority 32768, address .0c83.e2d0 Designated bridge has priority 32768, address .0c83.e2d0 Designated port id is 128.6, designated path cost 0 Timers: message age 2, forward delay 0, hold 0 Number of transitions to forwarding state: 3 BPDU: sent 57, received 1502 Port 4 (Serial1) of Bridge group 1 is blocking Port path cost 647, Port priority 128, Port Identifier 128.4. Designated root has priority 32768, address .0c83.e2d0 Designated bridge has priority 32768, address .0c83.e2d0 Designated port id is 128.7, designated path cost 0 Timers: message age 2, forward delay 0, hold 0 Number of transitions to forwarding state: 1 BPDU: sent 56, received 1509 Here are the debugs: 2511#sh deb Spanning Tree: Spanning Tree general debugging is on Spanning Tree Exceptions debugging is on Spanning Tree BPDU debugging is on Spanning Tree event debugging is on Spanning Tree root changes debugging is on Spanning Tree configuration debugging is on Spanning Tree etherchannel support debugging is on Spanning Tree PVST+ debugging is on Spanning Tree uplinkfast debugging is on Spanning Tree uplinkfast exceptions debugging is on Spanning Tree backbonefast general debugging is on Spanning Tree backbonefast detail debugging is on Spanning Tree backbonefast exceptions debugging is on Spanning Tree optimized bpdu handling debugging is on Spanning Tree optimized bpdu handling detail debugging is on Spanning Tree optimized bpdu handling packet level debugging is on Spanning Tree SNMP support debugging is on Here is the output from the debugs after one minute: nada... I was prepared to give up, but on a whim I decided that something just didn't feel right. Why do we have debugs in many cases?
Re: Don't buy from OneSource Was Don't buy from IQ [7:17225]
Well, my advise to all is still the same, don't buy from 1. OneSource 2. IQSale 3. GrandStore 4. Hitek They are the same companies and they seems to believe that changing their names help to avoid their responsibilities to their customers. They are FRAUD and CHEATER . I will also put up the names of the people that I was in contact with in a web page shortly... If you know of anybody that has been cheat or default by these companies above, please forward details to me and I will put it together in a web page as a warning to others. If anybody knows any other name that the companies go by , let me know... I will be putting up a web page pertaining to this company and I strongly suggest that anybody thinking of buying anything from them either directly or through eBay, seriously reconsider it. Brad Ellis wrote in message news:[EMAIL PROTECTED]... IQSale is now known as Onesource. FYI It seems like there are quite a few unhappy customers out there. We were (stopped using them about 6 mos ago) using them as one of our sources on occasion and I can't say we ever had any problems with them. -Brad Ellis CCIE#5796 [EMAIL PROTECTED] used Cisco: www.optsys.net Fanglo MA wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Agree! I also had such experience with IQSale. Fanglo Jason wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... And they probably thought that you didn't know what you are asking for and that they are doing you a favour by giving you a switch :-P What I would really tell everybody is not to buy from IQSale and Grandstore, these guys are FRAUD !!! CHEATERS. So guys, remember, don't buy from IQSale aka Grandstore aka HiTEK they also use different seller names in eBay FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17225t=17225 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BootCamp Lab 1..Help!!!!!!!!!!! [7:17094]
Do you have any of the commands similar to the ones below? ip local policy route-map 10 (needed for traffic created by the router) interface Serial0 ip address 10.10.1.2 255.255.0.0 encapsulation frame-relay ip ospf hello-interval 20 ip policy route-map 10 (needed to apply the policy routing to an interface) access-list 101 permit ip any 10.34.0.0 0.0.255.255 access-list 101 permit ip any 11.1.0.0 0.0.255.255 access-list 101 permit ip any 10.4.0.0 0.0.255.255 access-list 101 permit ip any host 10.10.1.3 access-list 101 permit ip any host 10.10.1.5 access-list 101 permit ip any 10.44.0.0 0.0.255.255 route-map 10 permit 10 match ip address 101 set ip next-hop 10.10.1.1 Marc Russell www.ccbootcamp.com Cisco Lover wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Guys, Can any one explain How to set up and use Route-map on Spoke routers in order to guide them to use The Hub interface as next hop and not the other spokes router addresses. I tried using.. route-map match ip add 101 set ip default next hop Hub router address access-list 101 permit ip any any but it doesnot work.. any help appreciated. Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17224t=17094 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Unable to detect source for attack [7:17095]
command debug ip packet detail Best Regards Have A Good Day!! *** Farhan Ahmed* MCSE+I, MCP Win2k, CCDA, CCNA, CSE Network Engineer Mideast Data Systems Abudhabi Uae. *** Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. -Original Message- From: suaveguru [mailto:[EMAIL PROTECTED]] Sent: Friday, August 24, 2001 9:54 AM To: [EMAIL PROTECTED] Subject: Unable to detect source for attack [7:17095] hi all, I am not able to detect the type of an ip attack on an interface . All I can detect is the source and destination ip addresees using ip accounting but I could not block the ip addresses because they are all in use . All I can do is to find out what kind of traffic is causing the attack for e.g. tcp, udp , sync etc. but what tools could I use? regards, suaveguru __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ [GroupStudy.com removed an attachment of type application/octet-stream which had a name of Farhan Ahmed.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17228t=17095 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS 4000 Routers [7:17202]
Phil, You didn't mention how much memory that you have. Some of the ones that I wanted to run required 32mb and I only had 16, so I am still running 12.0(2) or 12.0(6). Can't really recommend them though, as I am having problems running BGP on them. One of them keeps rebooting immediately after entering BGP neighbor commands. Good Luck, Tim - Original Message - From: Circusnuts To: Sent: Friday, August 24, 2001 5:28 PM Subject: IOS 4000 Routers [7:17202] I just bought my first regular 4000 router have an IOS question. I've upgraded the boot ROM's to the latest (2001) 10.0 version the FLASH board (to the one that allows (2) 8 Meg FLASH sticks, as apposed to the older imbedded type), but I can't seem to get any IOS above 11.3 to work. Even though I have enough memory to run newer 4000 images, I get an insufficient memory error. Any ideas ??? Thanks in advance Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17229t=17202 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
