RE: How to NAT [7:17499]
Hi, one problem with the config that you listed below, is that you have 2 different interface in the same subnet as far as the Cisco goes. Unless your doing IRB and the interfaces share the same bridge-group, you cannot have multiple interfaces in the same subnet. Another problem that you will run into is routing, You can only have one path to a subnet (with obvious exceptions being made with certain routing protocols) in the config that you listed, the Cisco will have what looks (to the cisco) like 2 paths to the same subnet. For this to work IMHO , you actually need to put at one intermediary router to do the NAT for one of the 10.1.3.0/24 networks. HTH __ Thomas Crowe Senior Systems Engineer / Architect CTS Professional Services - Atlanta Phone: 770-664-3900 Cell: 404-277-4089 __ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nelluri Reddy Sent: Tuesday, August 28, 2001 2:17 AM To: [EMAIL PROTECTED] Subject: How to NAT [7:17499] I hope that some one out there can help me with a NAT problem 1) The router has a FA0/0 which connects to my internal network using 10.0.0.0/8 2) It has a s0/0 interface connecting to Minot, which has PC's on 10.1.3.0/24 3) It has s0/1 interface connecting to Bismarck, which also has PC's on 10.1.3.0/24 Both sets of PC's need to connect to servers on my internal network which uses 10.1.3.0/24 as well. Luckily the servers are not on 10.1.3.0/24, but on 10.104.243.0/24 inside my network. So I have to use NAT. So far I have come up with the following. int fa0/0 ip address 10.121.5.135 255.255.255.240 (part of a vlan) ip nat inside int s0/0 ip address 10.121.40.1 255.255.255.252 ip nat outside ip access-group minot in int s0/1 ip address 10.121.40.5 255.255.255.252 ip nat outside ip access-group bismarck in ip nat pool minot 10.121.52.1 10.121.52.127 255.255.255.128 ip nat pool bismarck 10.121.52.129 10.121.52.254 255.255.255.128 ip nat outside source list minot pool minot ip nat outside source list bismarck pool bismarck ip access-list extended minot permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 ip access-list extended bismarck permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 ip route 10.0.0.0 255.0.0.0 10.121.5.142 (towards my internal network) ip route 10.121.52.0 255.255.255.128 int s0/0 ip route 10.121.52.128 255.255.255.128 int s0/1 First, this won't work because the two access lists are the same. How about the IP ROUTE statements for the serial interfaces? Do I use real addresses or translated addresses? Any help would be appreciated. Thanks in anticipation. Nelluri [GroupStudy.com removed an attachment of type text/x-vcard which had a name of Thomas Crowe.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17502&t=17499 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to NAT [7:17499]
I think this will work for you. I've used this before with ISDN and dialer profiles. Use route-maps and then apply the route-map to the nat statement. Use the real ip addresses for your routes. access-list 101 permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 access-list 102 permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 ip nat pool minot 10.121.52.1 10.121.52.127 255.255.255.128 ip nat pool bismarck 10.121.52.129 10.121.52.254 255.255.255.128 ip nat inside source route-map minot pool minot ip nat inside source route-map bismarck pool bismarck route-map minot permit 10 match ip address 101 match interface S0/0 route-map bismarck permit 10 match ip address 102 match interface S0/1 Please let me know if you have any problems. Thanks, MikeN ""Nelluri Reddy"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I hope that some one out there can help me with a NAT problem > > 1) The router has a FA0/0 which connects to my internal network using > 10.0.0.0/8 > 2) It has a s0/0 interface connecting to Minot, which has PC's on > 10.1.3.0/24 > 3) It has s0/1 interface connecting to Bismarck, which also has PC's on > 10.1.3.0/24 > > Both sets of PC's need to connect to servers on my internal network > which uses 10.1.3.0/24 as well. Luckily the servers are not on > 10.1.3.0/24, but on 10.104.243.0/24 inside my network. So I have to use > NAT. So far I have come up with the following. > > int fa0/0 > ip address 10.121.5.135 255.255.255.240 (part of a vlan) > ip nat inside > > int s0/0 > ip address 10.121.40.1 255.255.255.252 > ip nat outside > ip access-group minot in > > int s0/1 > ip address 10.121.40.5 255.255.255.252 > ip nat outside > ip access-group bismarck in > > ip nat pool minot 10.121.52.1 10.121.52.127 255.255.255.128 > ip nat pool bismarck 10.121.52.129 10.121.52.254 255.255.255.128 > ip nat outside source list minot pool minot > ip nat outside source list bismarck pool bismarck > > ip access-list extended minot > permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 > > ip access-list extended bismarck > permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 > > ip route 10.0.0.0 255.0.0.0 10.121.5.142 (towards my internal network) > ip route 10.121.52.0 255.255.255.128 int s0/0 > ip route 10.121.52.128 255.255.255.128 int s0/1 > > First, this won't work because the two access lists are the same. How > about the IP ROUTE statements for the serial interfaces? Do I use real > addresses or translated addresses? > > Any help would be appreciated. Thanks in anticipation. > > Nelluri Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17503&t=17499 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
I: PSTN and ISDN call in on a PRI [7:17505]
> We have a 3600 Cisco router with a PRI and 30 digital modems. > We are not sure that the router is able to accept both PSTN and ISDN call > in (if possible witch is the right configuration). > The hardware configuration of the router is the following: > > > > > > > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17505&t=17505 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Questions on CCIE written [7:17494]
My recommendation would be to study up on LANE! You may see this on some test you quite possibly may consider taking in the future. HTH MikeN ""Tricia Wang"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Is LAN Emulation gonna be on the exam ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17506&t=17494 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX design question [7:16801]
Thanks for the comments, just to clarify things the inside interfaces will be connected to 6k cats and the connection between the two firewalls ( if it does happen ) will have a cat 2924. cheers ""Kent Hundley"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Patrick, > > First, I'm generally not a fan of the interface to interface design for > firewalls for one simple reason: IDS. If you wanted to deploy any kind of > IDS, and I highly recommend that you do, you would not be able to place a > sensor between the Internet and Intranet firewalls. Switches are cheap and > add no amount of latency that will be noticable. I wouldn't do it this way. > > As to the second question, it's best to keep servers on protected DMZ's. I > would place the servers in question on the Internet firewalls' DMZ for > consistency and simplicity of design. > > HTH, > Kent > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Patrick Donlon > Sent: Wednesday, August 22, 2001 6:56 AM > To: [EMAIL PROTECTED] > Subject: PIX design question [7:16801] > > > We are in the middle of migrating to a new network, this includes replacing > Checkpoint firewalls with PIX. My question concerns the proposed design of > the Internet and IntrAnet PIX firewalls and in particular a connection > between the two firewalls. It has been suggested that we connect the > IntrAnet firewall's outside interface to one of the Internet firewalls DMZs. > I can see that this may reduce latency for traffic passing to the internet > from our intrAnet but I'd like to hear anyone's thoughts on this one, > routing or security issues perhaps. > > Another design issue which was raised was the placement of some servers in > the same outside interface of the intrAnet firewall. These servers would > require access to one of the intrAnet firewall's DMZ and be accessible from > another DMZ on the internet firewall which are in turn are accessible from > the Internet. This seems a bit of a complicated design and could be a > security loophole (??). Thoughts and experiences please > > regards Pat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17507&t=16801 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to NAT [7:17499]
Good catch Tom! I shouldn't be wasting people's time this late at night without really reading the question and looking at the config info. What if he were to use ip nat inside on his Serial interfaces and then translate on the FE side using route-maps similar to my previous but obviously wrong reply? The routing statements could be directed to the interface instead of the next hop which should resolve the duplicate network routing problem. Red in the face with embarrassment, MikeN ""Nelluri Reddy"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I hope that some one out there can help me with a NAT problem > > 1) The router has a FA0/0 which connects to my internal network using > 10.0.0.0/8 > 2) It has a s0/0 interface connecting to Minot, which has PC's on > 10.1.3.0/24 > 3) It has s0/1 interface connecting to Bismarck, which also has PC's on > 10.1.3.0/24 > > Both sets of PC's need to connect to servers on my internal network > which uses 10.1.3.0/24 as well. Luckily the servers are not on > 10.1.3.0/24, but on 10.104.243.0/24 inside my network. So I have to use > NAT. So far I have come up with the following. > > int fa0/0 > ip address 10.121.5.135 255.255.255.240 (part of a vlan) > ip nat inside > > int s0/0 > ip address 10.121.40.1 255.255.255.252 > ip nat outside > ip access-group minot in > > int s0/1 > ip address 10.121.40.5 255.255.255.252 > ip nat outside > ip access-group bismarck in > > ip nat pool minot 10.121.52.1 10.121.52.127 255.255.255.128 > ip nat pool bismarck 10.121.52.129 10.121.52.254 255.255.255.128 > ip nat outside source list minot pool minot > ip nat outside source list bismarck pool bismarck > > ip access-list extended minot > permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 > > ip access-list extended bismarck > permit ip 10.1.3.0 255.255.255.0 10.104.243.0 255.255.255.0 > > ip route 10.0.0.0 255.0.0.0 10.121.5.142 (towards my internal network) > ip route 10.121.52.0 255.255.255.128 int s0/0 > ip route 10.121.52.128 255.255.255.128 int s0/1 > > First, this won't work because the two access lists are the same. How > about the IP ROUTE statements for the serial interfaces? Do I use real > addresses or translated addresses? > > Any help would be appreciated. Thanks in anticipation. > > Nelluri Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17508&t=17499 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Unix & AS2511 console [7:17509]
Hi All, is it possible to connect to a Unix Machine via console using AS2511 (Reverse Telnet)? I tried it and it don't work. Do some has any guide lines how to use it with 3rd party Equi. Regards, Tarry -- Sent through GMX FreeMail - http://www.gmx.net Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17509&t=17509 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2503 serial problem please help [7:17510]
Hi, I have just bought a 2503 with 4 mb of ram.The problem is that the serial interfaces on it dont even show up when you do a "sh int". The other interfaces seem to work fine.It is running IOS 10.2(5). Any suggestions as to why this might happen would be greatly appreciated Thanks Paul Please email [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17510&t=17510 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I: PSTN and ISDN call in on a PRI [7:17505]
You can use this as a guide for your config - just replace the BRI config with your PRI stuff. http://www.cisco.com/warp/public/471/bri_3640.html The Digital Modems are designed to accept analogue (PSTN) calls through the digital ISDN circuit. When a call comes into the ISDN interface it can see that it is an analogue or digital call by checking the "bearercap" field. If the call is analogue then your 3600 will switch the call over to the Mica modem banks. This is all done in software so the Mica modems have no external connections. If you need to support pure PSTN calls then you will need Microcom modems which are just traditional modems but I'm sure you will find the Mica modems are a good solution. Keep an eye on CCO for field notices about this solution, there have been a lot of software issues with the Mica Modem firmware and the 12.1 IOS releases and you will need to find a good "blend". last I heard 12.1(5)T and 2.7.2.0 were recommended but that was a few months ago and v.92 has arrived since then. Good luck! Charlie --- Picciani Francesco Saverio wrote: > > We have a 3600 Cisco router with a PRI and 30 digital modems. > > We are not sure that the router is able to accept both PSTN and > ISDN call > > in (if possible witch is the right configuration). > > The hardware configuration of the router is the following: > > > > > > > > > > > > > Thanks [EMAIL PROTECTED] Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17511&t=17505 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PPPoE sessions supported for 3660 [7:17513]
HI all, I would like to know how many PPPoE sessions can be supported by 3660 with IOS 12.2(2)T Thanks in advance. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17513&t=17513 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2503 serial problem please help [7:17510]
Paul- sounds like you have old boot ROM's & new IOS. If you are using 10.0 or older ROM's, you are probably getting some sort of "no usable interfaces." Break the boot & get into ROM mode to download something 11.2. Until you get the 11.0 ROM's, older IOS should fix it. All the best Phil - Original Message - From: "Paul Brown" To: Sent: Tuesday, August 28, 2001 4:49 AM Subject: 2503 serial problem please help [7:17510] > Hi, > > I have just bought a 2503 with 4 mb of ram.The problem is that the serial > interfaces on it dont even show up when you do a "sh int". The other > interfaces seem to work fine.It is running IOS 10.2(5). Any suggestions as > to why this might happen would be greatly appreciated > > Thanks > > Paul > > > Please email [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17514&t=17510 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPPoE sessions supported for 3660 [7:17513]
I assume that you are asking how many PPPoE sessions can be terminated on this device ? ""Daigorho"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > HI all, > > I would like to know how many PPPoE sessions can be supported by 3660 with > IOS 12.2(2)T > > Thanks in advance. > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17515&t=17513 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 3com router configuration [7:17491]
Did Cisco buy 3com too -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Baker, Jason Sent: Tuesday, August 28, 2001 12:11 AM To: [EMAIL PROTECTED] Subject: RE: 3com router configuration [7:17491] This might be hard to understand but how on earth does 3com translate into cisco ? i would suggest the 3com site might be more beneficial or even try a 3com newsgroup ??? > -Original Message- > From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]] > Sent: Tuesday, 28 August 2001 2:50 pm > To: [EMAIL PROTECTED] > Subject: 3com router configuration [7:17491] > > Hi group, > I have 3Com acessBuilder 2208 router which I want to configure as acess > server .Can I get some help like sample onfiguration or URL Etc.? > Thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17516&t=17491 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HElP! Xyplex terminal server. [7:17384]
Tim, According to documentation located at http://www.itouchcom.com/websrc/support/documentation/maxserver/10013a.p df, you can load the OS via TFTP. Thus you can use any Unix machine with a TFTP server or you can download Cisco's free TFTP server for Windows. The process is described on page 10 of the PDF. I just purchased a Xyplex 1600 server myself and I was wondering where you get the software image from. The manufacturer's web site does not seem to have any software available for download, which is pretty lame. Eugene Kushnirskiy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ouellette, Tim Sent: Monday, August 27, 2001 10:32 AM To: [EMAIL PROTECTED] Subject: HElP! Xyplex terminal server. [7:17384] Good monday morning all! I recently purchased a Xyplex 1600 Series terminal server. The box cost me $30 without a flash card. Supposedly I can load it via the network with a rarp/bootp server. Anyone know a working rarp/bootp server? I tried to force down the OS with hyperterm but was unsuccessful and the only output I see from the xyplex box is "requesting network load" and I can't seem to send down the OS to it. Has anyone here in this group ever worked with such a device and had it load successfully? If anyone has any hints, please let me know. Thanks all! Tim [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17518&t=17384 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix Route issue [7:17242]
In fact, only one DEFAULT route is allowed on a PIX firewall (according to Cisco). Eugene -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Patrick Ramsey Sent: Monday, August 27, 2001 12:20 PM To: [EMAIL PROTECTED] Subject: RE: Pix Route issue [7:17242] Only one route is allowed? I hope you are not reffering to the pix or a 2600 as those are the only pieces of hardware in the scenario...Becausde both allow for multiple routes. -Patrick >>> "Farhan Ahmed" 08/26/01 01:26AM >>> only one route is allowed.. Best Regards Have A Good Day!! *** Farhan Ahmed* MCSE+I, MCP Win2k, CCDA, CCNA, CSE Network Engineer Mideast Data Systems Abudhabi Uae. *** Privileged/Confidential Information may be contained in this message or Attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, Conclusions and other information in this message that do not relate to the Official business of this company shall be understood as neither given nor Endorsed by it. > -Original Message- > From: Bob Nawrocki [mailto:[EMAIL PROTECTED]] > Sent: Saturday, August 25, 2001 8:30 PM > To: [EMAIL PROTECTED] > Subject: Pix Route issue [7:17242] > > > We have a Pix firewall that is serving as a default gateway > to the Internet > as well as providing ipsec tunnel connectivity to several > remote offices for > serveral hosts on a subnet. On the same subnet we have a 2600 > providing a > point to point wan link. I added a route to the Pix on the > inside interface > to point to the 2600 for the wan route. I am still not able > to connect to > that subnet unless i add a specific route on the hosts. When > running debug > logging on the Pix I get the following output: > > 106011: Deny inbound (No xlate) icmp src inside:10.111.1.55 dst > inside:10.112.3.3 (type 8, code 0) > > Any thoughts? > > Bob Nawrocki > CCNP CCDP [GroupStudy.com removed an attachment of type application/octet-stream which had a name of Farhan Ahmed.vcf] [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17517&t=17242 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: $10 Vitual CCIE/CCNP LAB NOW AVAILABLE [7:17490]
We don't support spammers... thank you... ""John Doe"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > www.it3networksonline.com is an up an coming web site that hosts virtual > labs to help individuals gain hans on training for CCIE/CCNP/CCNA status. > > We also provide free over the phone support to help you get started and to > answer network related questions at 917-880-6532. > > The first lab will be FREE! > > Please visit www.it3networksonline.com. > > Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17519&t=17490 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed BSCN [7:17460]
Congratulations Juan, Follow my RouterChief link below for advise and free Cat5K trainer. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Juan Blanco [mailto:[EMAIL PROTECTED]] Sent: Monday, August 27, 2001 5:56 PM To: [EMAIL PROTECTED] Subject: Passed BSCN [7:17460] Team, I want to thanks for all your help one way of another in passing my BSCN test(wow it was hard), this group is great and I know many people feel the the same way. Now to start working on the switching test, I have two questionAny recomendation on which books to buyWhat hardware do I need in order to get readyPlease I want to pass the test but at the same time I want to learn in order for me to be ready one day for the CCIE(I feel good).I would not have done this without God blessing...Thanks God Thanks to all. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17521&t=17460 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: $10 Vitual CCIE/CCNP LAB NOW AVAILABLE [7:17490]
They also say that they have CCIE's on staff to deploy for all your networking needs. If CCIE's were behind those Labs they should be ashamed of themselves. Why don't John Doe send us their names and IE numbers and Chuck and I could check them out on our favorite tool, the CCIE verification tool on CCO. Little advice to the dude that wants to sell rack time, focus on CCNA's first, you do have equipment to satisfy their needs but you don't even come close to NP or IE level with what you are showing. Don't say I didn't try to help. - Original Message - From: "Chuck Larrieu" To: Sent: Monday, August 27, 2001 10:29 PM Subject: RE: $10 Vitual CCIE/CCNP LAB NOW AVAILABLE [7:17490] > I was a bit more interested in fritz on training, rather than hans on, > but... > > with regards to Lab 1, you may want to add some commentary regarding the > issue around the links between R2-R4 and R3-R4. it is an important issue, > and the earlier one learns it, the better. > > with regards to Lab 2, I believe you meant to say issue a "shut" command, > rather than a "no shut" > > a good hard working pre-CCNA level should be able to do the RIP lab in an > hour, with plenty of time for troubleshooting. > > the IGRP lab appears to be a BCRAN level lab, and maybe 90 minutes or so. > > hiding behind the John Doe moniker leaves me wondering. got a real name and > real e-mail? > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 27, 2001 9:13 PM > To: [EMAIL PROTECTED] > Subject: $10 Vitual CCIE/CCNP LAB NOW AVAILABLE [7:17490] > > > www.it3networksonline.com is an up an coming web site that hosts virtual > labs to help individuals gain hans on training for CCIE/CCNP/CCNA status. > > We also provide free over the phone support to help you get started and to > answer network related questions at 917-880-6532. > > The first lab will be FREE! > > Please visit www.it3networksonline.com. > > Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17520&t=17490 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Voice Ports Need to handle?? [7:17523]
Hi Guys, I want to implement Priority/Custom Queuing for Voice in my network. Which ports I need to handle with??? I read that voice uses UDP ports 16384-16624??? Any suggestions/Corrections?? Thanks. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17523&t=17523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed BSCN [7:17522]
Hello all, Today I passed the Routing test.I must say that I studied more for this test than any of the previous tests (main reason being that I had zero experience with OSPF and BGP).IMHO BCRAN was a harder test. Anyway the exam was fair and the wording of the questions was very good.My method of preparing was reading Cisco Press Exam Certification Guide, a little OSPF Network Design Solutions by Thomas Thomas, Cisco OSPF Design Guide,Cisco BGP Case Studies (both free from CCO) CIM Routing Link-State Protocols, CIM Distance-Vector Protocols and for final preparation Boson tests. Thank you all for your help, three down CIT to go ! George Yiannibas MCSE CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17522&t=17522 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2500/2600 rack bracket screws??? [7:17461]
I always just take one or two with me to the hardware store and buy a box or two of whatever they are. -Original Message- From: Brad Ellis [mailto:[EMAIL PROTECTED]] Sent: Monday, August 27, 2001 8:25 PM To: [EMAIL PROTECTED] Subject: Re: 2500/2600 rack bracket screws??? [7:17461] I'll send you some free of charge, you just have to cover shipping...or you can come to my office and pick them up! :) -Brad ""Bob Johnson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone have a source for the little screws you need to mount the rack > ears onto 2500/2600 series chassis? > I always seem to lose a few here and there.. > > > > Bob Johnson > [EMAIL PROTECTED] > Engineering > Stox Broadcast Corporation > The Landing, 300-375 Water St. > Vancouver, BC V6B 5C6 > Tel. 604-633-2900 > Fax. 604-685-3170 > www.stox.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17525&t=17461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passed Written [7:17466]
Congratulations! That's awesome! As far as lab scheduling, I don't think you'll have much luck getting an early April lab, but it's always possible. I rescheduled mine just the other day and the best I could get was 4/26. Good luck on the rest of your studies, John >>> "Christopher Supino" 8/27/01 6:03:24 PM >>> Hey all, Well, I passed the written today. That was one tough test! Glad it is over. I plan on taking a break from studying for a couple of months. One question: What are the scheduling times looking like right now? I am hoping to get in for an early April lab. Ohh.. and let me not forget. Thanks again to all on the list for all the great posts that stimulate thinking. This list has been an invaluable asset to me throughout my Cisco studies. P.S. Are any of the CCIE candidates on the list involved with the Cisco ASET program, and if so, can you contact me offline with what the experience has been like? Thanks in advance. Christopher Supino CCNP, CCDP, MCSE, CNA5, ASE Senior Network Design Engineer (and CCIE candidate that feels good :)) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17528&t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Subject: Re: Subject: Re: TCP/IP question [7:17343]
>From Paul Werner Actually, you and I are not as much in disagreement as it might seem at first. Unfortunately, the reality is that some RFCs don't track industry practice. I would say 1812 is the definitive document, but I would also agree this is largely by reference rather than official supercession. At the London IETF a couple of weeks ago, some people (I'd have to dig up names, but I think they are at USC/ISI, where the RFC Editor function lives) said they are actively working on an update to the host requirements document. I didn't have a chance to ask whether they are also thinking of an 1812 update so the pair of documents are again more or less in sync. I do plan to follow up on this. The discussion was in the PTOMAINE BOF, so it isn't even a WG yet that could act as a home for these documents. I'd suspect they would be directly overseen by the IESG. >omments within and below. > >> Subject: Re: Subject: Re: TCP/IP question [7:17343] >> >> >This subject is not as clear as it ought to be. If you look >at >> >the subject of loopbacks generically, there are two RFCs that >> >come to mind. The first deals with RFC 1122 "Requirements >for >> >Internet Hosts". The second deals with RFC >1122 "Requirements >> >for IPv4 Routers". >> >> Kind of a nit, but 1122 has been superceded by 1812. >> > >I must respectfully disagree. > >The lineage of the RFC progression of Internet Gateways is >documented very well in Fred Baker's hyperlinked RFC pages and >other sources. On the first page he notes in the preface the >following: > >"PREFACE >This document is an updated version of RFC 1716, the historical >Router Requirements document. That RFC preserved the >significant work that went into the working group, but failed >to adequately describe current technology for the IESG to >consider it a current standard." > >This disclaimer statement is likely necessary because RFC 1716 >was categorized as informational, not standards track. > >If you go to RFC 1716 and look at the introductory paragraph it >states the following: > >"1 INTRODUCTION > >The goal of this work is to replace RFC-1009, Requirements for >Internet Gateways ([INTRO:1]) with a new document." > >If you go to RFC 1009, that appears to be more or less the >first defined RFC named, "Requirements for Internet Gateways". >Although RFC 985 does deserve mention, it was only a draft >standard. The RFCs that are referenced in this document number >62 references, including the original RFCs governing IP (700 >series RFCs). > >If you look at RFC 1122, it states the following: > >"Status of This Memo > >This RFC is an official specification for the Internet >community. It incorporates by reference, amends, corrects, and >supplements the primary protocol standards documents relating >to hosts. Distribution of this document is unlimited." > >There are no listed or named successor standards that supercede >RFC 1122 in the standards track (as they relate exclusively to >Internet Hosts). > >The general point of confusion exists around this specific >statement in RFC 1812, para. 1.2 appropriately >titled, "Relationship to other standards". It states, > >"Host Requirements - This pair of documents reviews the >specifications that apply to hosts and supplies guidance and >clarification for any ambiguities. Note that these requirements >also apply to routers, except where otherwise specified in this >memo. As of this writing, the current versions of these >documents are RFC 1122 and RFC 1123 (STD 3), [INTRO:2] and >[INTRO:3]. > >This is saying not that the standard has been superceded, but >rather it has been incoporated by reference. Any areas of >ambiguities (as they apply to Internet gateways) are to be >resolved explicitly in RFC 1812. > >Okay, if you have made it this far, you are naturally >asking, "what is my point"? There are discontinuities in >certain areas of RFC 1122 and RFC 1812. If the device is an >Internet host (not a router), it is only required to comply >with the requirrements in RFC 1122. If it is an IPv4 router, >than it should comply with the requirements in RFC 1812. So >where's the discontinuity? > >Let's try subnet zero for starters. Look at this statement >from RFC 1812, page 49, para. 4.2.2.11: > >"DISCUSSION >Previous versions of this document also noted that subnet >numbers must be neither 0 nor -1, and must be at least two bits >in length. In a CIDR world, the subnet number is clearly an >extension of the network prefix and cannot be interpreted >without the remainder of the prefix. This restriction of subnet >numbers is therefore meaningless in view of CIDR and may be >safely ignored. " > >This says that subnet zero is allowed and is considered a good >practice to use in the CIDR world (why waste address space?) > >Here's the rub. Go to RFC 1122 and see what it says about >subnet zero: > >"From the Assigned Numbers memo [9]: > > "In certain contexts, it is useful to have fixed >addresses
Re: Voice Ports Need to handle?? [7:17523]
Here's a sample config below, 16k to 32k are for rtp stream and 1k to 16k is for the control traffic for the call. Hope this is useful cheers Pat ip access-list extended voice-rtp remark matches out-bound rtp voice traffic permit udp host any range 16384 32768 ip access-list extended voice-ctrl permit tcp host any range 1023 16384 ""Cisco Lover"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Guys, > > I want to implement Priority/Custom Queuing for Voice in my network. > Which ports I need to handle with??? I read that voice uses > UDP ports 16384-16624??? > > Any suggestions/Corrections?? > > > > Thanks. > > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17526&t=17523 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: access-list & ports ( TCP /UDP) [7:17374]
Just to complicate things a bit: A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Assigned Numbers: RFC 1700 is Obsolete Author(s) : J. Reynolds et al. Filename: draft-rfc-editor-rfc1700bis-00.txt Pages : 3 Date: 15-Aug-01 This memo obsoletes RFC 1700 (STD 2) 'Assigned Numbers', which contained an October 1994 snapshot of assigned Internet protocol parameters. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-rfc-editor-rfc1700bis-00.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-rfc-editor-rfc1700bis-00.txt". >Hopefully you know enough about or can find out enough about your >application to see whether it uses tcp or udp or both. > >Brian "Sonic" Whalen >Success = Preparation + Opportunity > > >On Mon, 27 Aug 2001, Ednilson Rosa wrote: > >> The problem with this list is that every application seem to use both UDP >> and TCP, which is not always true. >> >> Ednilson Rosa >> >> - Original Message - >> From: "Brian Whalen" >> To: >> Sent: Monday, August 27, 2001 5:03 PM >> Subject: Re: access-list & ports ( TCP /UDP) [7:17374] >> >> >> I use http://www.iana.org/assignments/port-numbers for finding out about >> port numbers. Re the dns topic below, udp is fine for a company that does >> not have its own dns servers and only makes queries. TCP is used for zone >> transfers. I believe that in newer versions of bind, random hi port >> numbers are used. >> >> Brian "Sonic" Whalen >> Success = Preparation + Opportunity >> >> >> On Mon, 27 Aug 2001, shella kevin wrote: >> >> > when dealing with access-list we use both TCP & UDP. For example we use >> > tcp 53 or udp 53 for domain. >> > >> > My Q is when & how we know when we should use UDP and when TCP . >> > what is the difference . >> > >> > >> > >> > Thanks >> > >> > Shella K. >> > >> > >> > >> > >> > >> > Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17529&t=17374 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Unix & AS2511 console [7:17509]
When you tried it were you using the Cisco rolled console cable? If so, try replacing that with a straight through cable. I've had a lot of success with that method on non-Cisco equipment. John >>> "[EMAIL PROTECTED]" 8/28/01 2:43:13 AM >>> Hi All, is it possible to connect to a Unix Machine via console using AS2511 (Reverse Telnet)? I tried it and it don't work. Do some has any guide lines how to use it with 3rd party Equi. Regards, Tarry -- Sent through GMX FreeMail - http://www.gmx.net Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17530&t=17509 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How do I get into the COLT? [7:17531]
I am studying for my third Cisco exam. I've heard about taking the Colt testing for a practice dry run. How do I get into the COLT? I have a CCO account, but I can't seem to find the COLT within the CISCO website. Thanks in advance... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17531&t=17531 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How do I get into the COLT? [7:17531]
Try the link out cheers Pat ""Ariel"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am studying for my third Cisco exam. I've heard about taking the Colt > testing for a practice dry run. How do I get into the COLT? I have a CCO > account, but I can't seem to find the COLT within the CISCO website. > > Thanks in advance... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17533&t=17531 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2500/2600 rack bracket screws??? [7:17461]
Thanks to all that responded (especially Brad Ellis's kind offer).. I'll head to Home depot and see what I can find first. Brad, I'll take you up on your offer if I can't find anything Thanks > -Original Message- > From: Brad Ellis [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 27, 2001 6:25 PM > To: [EMAIL PROTECTED] > Subject: Re: 2500/2600 rack bracket screws??? [7:17461] > > > I'll send you some free of charge, you just have to cover > shipping...or you > can come to my office and pick them up! :) > > -Brad > > ""Bob Johnson"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Does anyone have a source for the little screws you need to > mount the rack > > ears onto 2500/2600 series chassis? > > I always seem to lose a few here and there.. > > > > > > > > Bob Johnson > > [EMAIL PROTECTED] > > Engineering > > Stox Broadcast Corporation > > The Landing, 300-375 Water St. > > Vancouver, BC V6B 5C6 > > Tel. 604-633-2900 > > Fax. 604-685-3170 > > www.stox.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17535&t=17461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How do I get into the COLT? [7:17531]
I don't believe the Colt exams exist any longer. Please correct me if I am wrong. -Eric -Original Message- From: Ariel [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 9:57 AM To: [EMAIL PROTECTED] Subject: How do I get into the COLT? [7:17531] I am studying for my third Cisco exam. I've heard about taking the Colt testing for a practice dry run. How do I get into the COLT? I have a CCO account, but I can't seem to find the COLT within the CISCO website. Thanks in advance... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17537&t=17531 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How do I get into the COLT? [7:17531]
Gone! Check the archives a detailed discussion there. - Original Message - From: "Ariel" To: Sent: Tuesday, August 28, 2001 7:56 AM Subject: How do I get into the COLT? [7:17531] > I am studying for my third Cisco exam. I've heard about taking the Colt > testing for a practice dry run. How do I get into the COLT? I have a CCO > account, but I can't seem to find the COLT within the CISCO website. > > Thanks in advance... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17534&t=17531 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX design question [7:16801]
Nah I didn't misunderstand...I think my reponse was the unclear portion. I was referring to those who run IDS and firewall software on a PC based firewall ;) - Original Message - From: "Kent Hundley" To: Sent: Monday, August 27, 2001 4:11 PM Subject: RE: PIX design question [7:16801] > I think you misunderstood my response. I wasn't saying to run IDS on the > PIX, I was saying that a good reason not to run a cross-over cable between > the Intranet PIX and Internet PIX was so that one could deploy an IDS > sensore between the 2 PIXen and this would require a switch. Sorry if this > wasn't clear. > > -Kent > > -Original Message- > From: Allen May [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 27, 2001 7:48 AM > To: Kent Hundley; [EMAIL PROTECTED] > Subject: Re: PIX design question [7:16801] > > > Check out Dragon Sensor. It has a client that sits outside the firewall to > communicate with the internal sensors. Personally, at the risk of starting > a flame war, I hate the idea of running ANYTHING besides firewall software > on a firewall. IDS just adds strain and possible added points of failure > when run on the firewall in my opinion. IDS should just sit by & passively > check packets on a separate box. > > Allen > > - Original Message - > From: "Kent Hundley" > To: > Sent: Saturday, August 25, 2001 1:19 PM > Subject: RE: PIX design question [7:16801] > > > > Patrick, > > > > First, I'm generally not a fan of the interface to interface design for > > firewalls for one simple reason: IDS. If you wanted to deploy any kind of > > IDS, and I highly recommend that you do, you would not be able to place a > > sensor between the Internet and Intranet firewalls. Switches are cheap > and > > add no amount of latency that will be noticable. I wouldn't do it this > way. > > > > As to the second question, it's best to keep servers on protected DMZ's. > I > > would place the servers in question on the Internet firewalls' DMZ for > > consistency and simplicity of design. > > > > HTH, > > Kent > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Patrick Donlon > > Sent: Wednesday, August 22, 2001 6:56 AM > > To: [EMAIL PROTECTED] > > Subject: PIX design question [7:16801] > > > > > > We are in the middle of migrating to a new network, this includes > replacing > > Checkpoint firewalls with PIX. My question concerns the proposed design of > > the Internet and IntrAnet PIX firewalls and in particular a connection > > between the two firewalls. It has been suggested that we connect the > > IntrAnet firewall's outside interface to one of the Internet firewalls > DMZs. > > I can see that this may reduce latency for traffic passing to the internet > > from our intrAnet but I'd like to hear anyone's thoughts on this one, > > routing or security issues perhaps. > > > > Another design issue which was raised was the placement of some servers in > > the same outside interface of the intrAnet firewall. These servers would > > require access to one of the intrAnet firewall's DMZ and be accessible > from > > another DMZ on the internet firewall which are in turn are accessible from > > the Internet. This seems a bit of a complicated design and could be a > > security loophole (??). Thoughts and experiences please > > > > regards Pat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17536&t=16801 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How do I get into the COLT? [7:17531]
No no no. Colt is not gone - it's been moved to the partner e-learning website. Of the Colt exams I've taken recently, they're not ambiguously worded nor are questions marked incorrectly. Strange, isn't it? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Donald B Johnson jr Sent: Tuesday, August 28, 2001 9:36 AM To: [EMAIL PROTECTED] Subject: Re: How do I get into the COLT? [7:17531] Gone! Check the archives a detailed discussion there. - Original Message - From: "Ariel" To: Sent: Tuesday, August 28, 2001 7:56 AM Subject: How do I get into the COLT? [7:17531] > I am studying for my third Cisco exam. I've heard about taking the Colt > testing for a practice dry run. How do I get into the COLT? I have a CCO > account, but I can't seem to find the COLT within the CISCO website. > > Thanks in advance... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17539&t=17531 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How do I get into the COLT? [7:17531]
AFAIK the link is no longer available even if you have CCO account. > I am studying for my third Cisco exam. I've heard about taking the Colt > testing for a practice dry run. How do I get into the COLT? I have a CCO > account, but I can't seem to find the COLT within the CISCO website. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17538&t=17531 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Netmeeting and PIX [7:17540]
I'm about to do some testing with a PIX 5.3(2) and netmeeting, I can't find specific URLs for both subject on CCO can anyone help? thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17540&t=17540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF question [7:17541]
Hi all, If I setup OSPF between two routers in two different states, one with a 192.168.* address and the other with a 10.10.* address; Is it possible to have these setup as neighbors so that they pass along keepalive messages with each other such as the Hello/Dead intervals? Bob Perez EPX Network Support 302-326-0700 x4242 Cell 302-420-6883 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17541&t=17541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Netmeeting and PIX [7:17540]
This link will tell you what needs to be opened up. Unfortunately, Netmeeting requires you to open up a whole range up high UDP ports to effectively work. And due to terrible Microsoft design, these ports are randomly selected from this range. http://support.microsoft.com/support/kb/articles/Q158/6/23.asp sam sneed ""Patrick Donlon"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I'm about to do some testing with a PIX 5.3(2) and netmeeting, I can't find > specific URLs for both subject on CCO can anyone help? > > thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17543&t=17540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What's the diameter of your switched network? [7:17489]
If max age isn't changed from the default of 20 seconds, it shouldn't be a problem? The seven hops came from an assumption that each bridge spends a few seconds taking in and propagating configuration BPDUs, but high-speed switches don't take that much time. However, they also don't track how much time they take and simply add one second, per Clark and Kennedy. It's like a reverse TTL. Interestingly, Radia Perlman's description of message age and propagating BPDUs in her book "Interconnections: Bridges, Routers, Switches, and Internetworking Protocols" doesn't agree with IEEE. See page 63 of the second edition. She says the Root Bridge sends BPDUs with the message age set to 0. When bridges receive the message they transmit a message on each of their ports for which they are the Designated Bridge with the message age set to 0. IEEE says the recipient bridges must send the BPDU with the message age greater than the value received. IEEE says: "If the Bridge has been selected as the Root, i.e., if the values of the Designated Root and Bridge Identifier parameters held by the Bridge are the same, the Message Age shall be set to zero. f) Otherwise, the value of the Message Age shall be set such that the transmitted Configuration BPDU does not convey an underestimate of the age of the Protocol Message received on the Root Port; i.e., the value transmitted shall be no less than that recorded by the Message Age Timer for that Port, shall be greater than the value received, and will incorporate any transmission delay. The value of the parameter shall not exceed its true value by more than the maximum Message Age increment overestimate as specified in 8.10.2." By the way, I have captured some BPDUs where the message age is more than zero, so I think switches are following IEEE. Interesting, eh? Priscilla At 11:38 PM 8/27/01, Leigh Anne Chisholm wrote: >Here's something funky I've just started researching. Thought many of you >might not be aware of this... > >Awkward STP Parameter Tuning and Diameter Issues > >We already saw that an aggressive value for the max-age parameter and the >forward-delay could lead to a very unstable STP. The loss of some BPDUs can >then cause a loop to appear. Another issue, not very known, is related to >the diameter of the bridged network. The conservative default values for the >STP impose a maximum network diameter of seven. This means that two distinct >bridges in the network should not be more than seven hops away the one to >the other. Part of this restriction is coming from the age field BPDU carry: >when a BPDU is propagated from the root bridge towards the leaves of the >tree, the age field is incremented each time it goes though a bridge. >Eventually, when the age field of a BPDU goes beyond max age, it is >discarded. Typically, this will occur if the root is too far away from some >bridges of the network. This issue will impact convergence of the spanning >tree. > > >This came from: http://www.cisco.com/warp/public/473/16.html#2f Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17542&t=17489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Netmeeting and PIX [7:17540]
SD=gn&FR=0&qry=Firewall%20ports&rnk=2&src=DHCS_MSPSS_gn_SRCH&SPR=NMT -Original Message- From: Patrick Donlon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 11:05 AM To: [EMAIL PROTECTED] Subject: Netmeeting and PIX [7:17540] I'm about to do some testing with a PIX 5.3(2) and netmeeting, I can't find specific URLs for both subject on CCO can anyone help? thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17544&t=17540 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF question [7:17541]
I'm not sure I understand the question and I can interpret it a couple of ways. Are you asking if you can have a different IP address on each end of the link? If so, why would you consider doing that? Is there some problem that you're trying to solve? Since I'm pretty sure you don't mean that, let's move on. I'm not sure why you're asking if you can configure them to pass along keepalives. By that, do you mean you want to only pass keepalives but no network information? As soon as you configure OSPF and these two routers become neighbors they will begin sending keepalives. Perhaps you should approach this from the top down instead of bottom up. What is the main thing you're trying to accomplish? Let us know the big picture and it will be easier to help you out. Regards, John >>> "Robert Perez" 8/28/01 10:10:20 AM >>> Hi all, If I setup OSPF between two routers in two different states, one with a 192.168.* address and the other with a 10.10.* address; Is it possible to have these setup as neighbors so that they pass along keepalive messages with each other such as the Hello/Dead intervals? Bob Perez EPX Network Support 302-326-0700 x4242 Cell 302-420-6883 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17545&t=17541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Connecting 2501 Ethernet. [7:17546]
I am new to Cisco hardware so this may seem an a dumb question. I found a 2501 router at work. The Eth0 int is a DB-15 interface. I looked at Cisco's site and the instrucitons showed how to connect it to a 10base2 network only, using a transceiver. What cable/part do I need to connect to a regular Cat 5 network? Our production router is a 4700 with regular ethernet ports, like every other modern router or network device so I am confused by this interface. Also, do they still ship new 2500 series routers with this arcane interface? thanks sam sneed Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17546&t=17546 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Info on CCIE lab Paul what say yee [7:17548]
I just got off the phone with Robin from Cisco's CCIE team. Here is a synopsis of that conversation. 1. Halifax, San Jose, RTP are all running neck-and-neck for dates. Sometime in May 2002 is first available. 2. Anyone scheduled for a date after Oct 1 will automatically receive a One-Day Lab, even if you scheduled a Two-day Lab. In fact they are still scheduling Two-Day'ers. 3. Sometime in mid-to-end Oct they will release the freed up dates, resulting from Labs scheduled for two days that are now only one day. I guess you pick which day you want, I didn't ask that, just thought of it. This means that there will be a lot of open spots. 4. You cannot request a date for a one-day lab until all the dates are freed up. So start your engines, put that number in speed dial, and bookmark that page, the race is ON. In October some lucky fool could potentially, call on a Tuesday and stand on a Saturday for the CCIE lab. Unbelievable. Rashid are you listening you could call right after the proctor is done chatting with you, almost like a double booking. 5. It takes at least 5-to-7 business days for the information to make it from Prometric/Vue into the CCIE database. (Despite what the WEB page says) Been itching to schedule for a long time (39 yrs pre written, 6 days post written). Little personal issue there. 6. You may be able to move up once the one-day schedule is released, Robin was unclear on this point, she stated they were going to see how the program phases in. The operative word here is "may". 7. Paul B. may want to relax his restrictions on gaining access to the CCIE list in light of the ambiguity surrounding scheduling issues. If I schedule now, I have to wait till May 2002, someone can wait and call after Oct 2001 and stand the lab in a short amount of time. This person that waits technically won't be able to access the list but he would go to the lab within the three month time frame. That is just one scenario. Paul what say yee about those of us that have passed the written but are in this Lab scheduling quandry. Don Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17548&t=17548 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Connecting 2501 Ethernet. [7:17546]
You need a 10baseT transceiver, which I think are fairly inexpensive (like around $15). The interface on the 2501 is an AUI (Attachment Unit Interface). To this you can connect whichever transceiver suits your needs. If you have a 10base2 network, the transceiver will have a coax connector. In the case of 10baseT it will have an RJ-45 jack. And yes, they still ship with these interfaces. HTH, John >>> "sam sneed" 8/28/01 11:18:38 AM >>> I am new to Cisco hardware so this may seem an a dumb question. I found a 2501 router at work. The Eth0 int is a DB-15 interface. I looked at Cisco's site and the instrucitons showed how to connect it to a 10base2 network only, using a transceiver. What cable/part do I need to connect to a regular Cat 5 network? Our production router is a 4700 with regular ethernet ports, like every other modern router or network device so I am confused by this interface. Also, do they still ship new 2500 series routers with this arcane interface? thanks sam sneed Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17550&t=17546 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3com router configuration [7:17491]
Nah... they looked at buying em and determined they were a dead horse ;-) ""Dan Faulk"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Did Cisco buy 3com too > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Baker, Jason > Sent: Tuesday, August 28, 2001 12:11 AM > To: [EMAIL PROTECTED] > Subject: RE: 3com router configuration [7:17491] > > > This might be hard to understand but how on earth does 3com translate into > cisco ? > > i would suggest the 3com site might be more beneficial or even try a 3com > newsgroup ??? > > > > > > > -Original Message- > > From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]] > > Sent: Tuesday, 28 August 2001 2:50 pm > > To: [EMAIL PROTECTED] > > Subject: 3com router configuration [7:17491] > > > > Hi group, > > I have 3Com acessBuilder 2208 router which I want to configure as acess > > server .Can I get some help like sample onfiguration or URL Etc.? > > Thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17551&t=17491 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
QoS on CAT6k [7:17555]
Hi group, I want to do some rate-limiting on a CAT6k. Consider a physical port in a VLAN (with many ports), I want to do bidirectionnal rate-limiting (one bandwidth for in, and one for out). Trafic might be distinguished by subnet (-> an access-list can be used to characterize trafic) Can I do this by using CAR on Routers ? How is the configuration ? thanks. -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom & Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17555&t=17555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Netigy and Thrupoint merge [7:17554]
Thrupoint and Netigy are now one. At least in terms of Thrupoint being like a vulture and picking the bones of the carcass that once was Netigy. __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17554&t=17554 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF question [7:17541]
Are they connected? Perhaps some sort of virtual link with authentication would be good?? Brian - Original Message - From: "Robert Perez" To: Sent: Tuesday, August 28, 2001 9:10 AM Subject: OSPF question [7:17541] > Hi all, > > If I setup OSPF between two routers in two different states, one with a > 192.168.* address and the other with a 10.10.* address; Is it possible to > have these setup as neighbors so that they pass along keepalive messages > with each other such as the Hello/Dead intervals? > > Bob Perez > EPX Network Support > 302-326-0700 x4242 > Cell 302-420-6883 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17557&t=17541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF question [7:17541]
Well heres the situation. I have a point to point T-1 with ethernwt and I want to kick off an ISDN BRI when traffic is at 0, so I was going to implement OSPF and have the keepalives let me know when there is no response so that it will kick-off the ISDN. Mainly because you can have a T-1 in a comatose state and still be presented as up but it does not pass traffic. I already have two 2500 routers setup with the direct connection but think it would be optimumly configured for failover with the OSPF keepalives since I cannot use a regular threshold setting for the activation of my backup line since I would like to perform the opposite type of configuration. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 12:50 PM To: [EMAIL PROTECTED] Subject: Re: OSPF question [7:17541] I'm not sure I understand the question and I can interpret it a couple of ways. Are you asking if you can have a different IP address on each end of the link? If so, why would you consider doing that? Is there some problem that you're trying to solve? Since I'm pretty sure you don't mean that, let's move on. I'm not sure why you're asking if you can configure them to pass along keepalives. By that, do you mean you want to only pass keepalives but no network information? As soon as you configure OSPF and these two routers become neighbors they will begin sending keepalives. Perhaps you should approach this from the top down instead of bottom up. What is the main thing you're trying to accomplish? Let us know the big picture and it will be easier to help you out. Regards, John >>> "Robert Perez" 8/28/01 10:10:20 AM >>> Hi all, If I setup OSPF between two routers in two different states, one with a 192.168.* address and the other with a 10.10.* address; Is it possible to have these setup as neighbors so that they pass along keepalive messages with each other such as the Hello/Dead intervals? Bob Perez EPX Network Support 302-326-0700 x4242 Cell 302-420-6883 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17558&t=17541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Logging traffic [7:17559]
Here's what I want to do: Log all traffic (source/destination ip address/port #) from a specific subnet (our HQ) to see what's passing through our external router, and where they're going. Any suggestions? Thanks, Jeff Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17559&t=17559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF question [7:17541]
I have a similar situation here and I used the Dialer Watch feature with great results. That's basically a dialer that is activated when a route that is being monitored disappears. So, if your remote site had 192.168.*.* addresses, you could watch some specific subnet of that network. If it goes away due to the link freaking out, that will cause your dialer to bring up your ISDN interface. Works like a dream. Check out CCO for configuration details. It's very simple and you can have it setup in a couple of minutes. Good luck! John >>> Robert Perez 8/28/01 12:34:34 PM >>> Well heres the situation. I have a point to point T-1 with ethernwt and I want to kick off an ISDN BRI when traffic is at 0, so I was going to implement OSPF and have the keepalives let me know when there is no response so that it will kick-off the ISDN. Mainly because you can have a T-1 in a comatose state and still be presented as up but it does not pass traffic. I already have two 2500 routers setup with the direct connection but think it would be optimumly configured for failover with the OSPF keepalives since I cannot use a regular threshold setting for the activation of my backup line since I would like to perform the opposite type of configuration. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 12:50 PM To: [EMAIL PROTECTED] Subject: Re: OSPF question [7:17541] I'm not sure I understand the question and I can interpret it a couple of ways. Are you asking if you can have a different IP address on each end of the link? If so, why would you consider doing that? Is there some problem that you're trying to solve? Since I'm pretty sure you don't mean that, let's move on. I'm not sure why you're asking if you can configure them to pass along keepalives. By that, do you mean you want to only pass keepalives but no network information? As soon as you configure OSPF and these two routers become neighbors they will begin sending keepalives. Perhaps you should approach this from the top down instead of bottom up. What is the main thing you're trying to accomplish? Let us know the big picture and it will be easier to help you out. Regards, John >>> "Robert Perez" 8/28/01 10:10:20 AM >>> Hi all, If I setup OSPF between two routers in two different states, one with a 192.168.* address and the other with a 10.10.* address; Is it possible to have these setup as neighbors so that they pass along keepalive messages with each other such as the Hello/Dead intervals? Bob Perez EPX Network Support 302-326-0700 x4242 Cell 302-420-6883 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17560&t=17541 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Flash memory issues [7:17561]
I have a 2514 set up in my home lab that is having memory problems. It currently reports the following errors on boot up: %Error: System flash bank 0 chip 2 unknown, chip id 0xB36 (reversed = 0xD06C) %Error: System flash initialization failed F3: 6218292+86976+534512 at 0x360 However, it boots to the image stored on the flash. ( 12.04T) My goal is to upgrade the flash to 16MB so I can run some of the larger Enterprise images on the router. I know that one method is to install 2 8MB flash simms. But, when I try to erase the 8MB flash that is currently installed I get an error that it is read-only. I've also attempted to erase flash from rommon mode, but the command is not available. I've worked in Rommon before on other Cisco devices, but am not familiar with the > prompt. I've attempted to set the Boot var to ROM with no luck. Currently I'm net booting to a 12.2 IOS version, but I really need to configure it to boot to flash for Enterprise IOS images. Following is the output of the Show Version command: 2500#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IO-L), Version 12.2(1b), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Fri 15-Jun-01 06:20 by pwade Image text-base: 0x144C, data-base: 0x007FD064 ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE SOFTW ARE (fc1) c2500 uptime is 29 minutes System returned to ROM by reload System image file is "tftp://172.16.1.1/c2500-io-l.122-1b.bin"; cisco 2500 (68030) processor (revision D) with 16384K/2048K bytes of memory. Processor board ID 03946976, with hardware revision Bridging software. X.25 software, Version 3.0.0. 2 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of System flash (Device not programmable) Configuration register is 0x2102 At this point I'm just looking for a quick fix to get to 16MB of flash. How can I tell if the 8MB flash I've got is useable? I see a PCMCIA slot on hte system board - can this be used to upgrade the flash? I've checked for a write-protect jumper on the system board, but there isn't one. Is my current flash going to be reusable in upgrading? Do I need to upgrade boot roms? These are the questions. If anybody can shed some light on this process, I'd appreciate the help. Thanks in advance, Bob McIntire, CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17561&t=17561 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Logging traffic [7:17559]
You can use a freeware utility that runs on UNIX called ACID (Intrusin detection) that can pick up all of this info. -Original Message- From: cisco skin [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:04 PM To: [EMAIL PROTECTED] Subject: Logging traffic [7:17559] Here's what I want to do: Log all traffic (source/destination ip address/port #) from a specific subnet (our HQ) to see what's passing through our external router, and where they're going. Any suggestions? Thanks, Jeff Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17563&t=17559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
network i.d. [7:17566]
hi I had this question on a test: What is the network i.d a)the network and mac address B)the network and host thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17566&t=17566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Flash memory issues [7:17561]
Robert, You can set the config register to not boot the IOS. Then you should be able to erase the flash. From what you show, it may be a bad simm, bad motherboard (I've seen that a lot with this type of error), or possibly older bootroms that don't support the simm in there (though it looks like you have a recent bootrom). Has this been running ok, then started flaking out, or has it always been this way? I believe netbooting should also allow you to erase flash, as you won't be locking it during boot/run-from-flash. Mark -Original Message- From: Robert McIntire [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:17 PM To: [EMAIL PROTECTED] Subject:Flash memory issues [7:17561] I have a 2514 set up in my home lab that is having memory problems. It currently reports the following errors on boot up: %Error: System flash bank 0 chip 2 unknown, chip id 0xB36 (reversed = 0xD06C) %Error: System flash initialization failed F3: 6218292+86976+534512 at 0x360 However, it boots to the image stored on the flash. ( 12.04T) My goal is to upgrade the flash to 16MB so I can run some of the larger Enterprise images on the router. I know that one method is to install 2 8MB flash simms. But, when I try to erase the 8MB flash that is currently installed I get an error that it is read-only. I've also attempted to erase flash from rommon mode, but the command is not available. I've worked in Rommon before on other Cisco devices, but am not familiar with the > prompt. I've attempted to set the Boot var to ROM with no luck. Currently I'm net booting to a 12.2 IOS version, but I really need to configure it to boot to flash for Enterprise IOS images. Following is the output of the Show Version command: 2500#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IO-L), Version 12.2(1b), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Fri 15-Jun-01 06:20 by pwade Image text-base: 0x144C, data-base: 0x007FD064 ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE SOFTW ARE (fc1) c2500 uptime is 29 minutes System returned to ROM by reload System image file is "tftp://172.16.1.1/c2500-io-l.122-1b.bin"; cisco 2500 (68030) processor (revision D) with 16384K/2048K bytes of memory. Processor board ID 03946976, with hardware revision Bridging software. X.25 software, Version 3.0.0. 2 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of System flash (Device not programmable) Configuration register is 0x2102 At this point I'm just looking for a quick fix to get to 16MB of flash. How can I tell if the 8MB flash I've got is useable? I see a PCMCIA slot on hte system board - can this be used to upgrade the flash? I've checked for a write-protect jumper on the system board, but there isn't one. Is my current flash going to be reusable in upgrading? Do I need to upgrade boot roms? These are the questions. If anybody can shed some light on this process, I'd appreciate the help. Thanks in advance, Bob McIntire, CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17565&t=17561 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3com router configuration [7:17491]
As far as I remember (I configured 2 3com routers 2 years ago), the 3com router has a menu driven console (much the same as the catalyst 1900).So the only thing you have to do is to connect to the console port and select the number of the option you want to configure, then you type the parameter needed etc ... If you can configure a Cisco router, 3com will be very easy. Regards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17567&t=17491 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Flash memory issues [7:17561]
Try to follow the instructions on my RouterChief site (see link below). It should be the same, except that I went from 4MB to 8MB with two 4MB modules. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Robert McIntire [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 2:17 PM To: [EMAIL PROTECTED] Subject: Flash memory issues [7:17561] I have a 2514 set up in my home lab that is having memory problems. It currently reports the following errors on boot up: %Error: System flash bank 0 chip 2 unknown, chip id 0xB36 (reversed = 0xD06C) %Error: System flash initialization failed F3: 6218292+86976+534512 at 0x360 However, it boots to the image stored on the flash. ( 12.04T) My goal is to upgrade the flash to 16MB so I can run some of the larger Enterprise images on the router. I know that one method is to install 2 8MB flash simms. But, when I try to erase the 8MB flash that is currently installed I get an error that it is read-only. I've also attempted to erase flash from rommon mode, but the command is not available. I've worked in Rommon before on other Cisco devices, but am not familiar with the > prompt. I've attempted to set the Boot var to ROM with no luck. Currently I'm net booting to a 12.2 IOS version, but I really need to configure it to boot to flash for Enterprise IOS images. Following is the output of the Show Version command: 2500#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IO-L), Version 12.2(1b), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Fri 15-Jun-01 06:20 by pwade Image text-base: 0x144C, data-base: 0x007FD064 ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE SOFTW ARE (fc1) c2500 uptime is 29 minutes System returned to ROM by reload System image file is "tftp://172.16.1.1/c2500-io-l.122-1b.bin"; cisco 2500 (68030) processor (revision D) with 16384K/2048K bytes of memory. Processor board ID 03946976, with hardware revision Bridging software. X.25 software, Version 3.0.0. 2 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of System flash (Device not programmable) Configuration register is 0x2102 At this point I'm just looking for a quick fix to get to 16MB of flash. How can I tell if the 8MB flash I've got is useable? I see a PCMCIA slot on hte system board - can this be used to upgrade the flash? I've checked for a write-protect jumper on the system board, but there isn't one. Is my current flash going to be reusable in upgrading? Do I need to upgrade boot roms? These are the questions. If anybody can shed some light on this process, I'd appreciate the help. Thanks in advance, Bob McIntire, CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17562&t=17561 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ambiguous command [7:17568]
Hi I had a question on a test that said if after a command you get %ambiguous command will the router return to the original command or just router# Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17568&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Trunking through a Brick Firewall [7:17569]
> Hello All > > Have somewhat of a unique situation. Have a client that is interested in > seeing if they would be able to pass tagged info through a firewall. I am > currently trying to test this in a Lab environment so I am just doing > "routing on a stick", to see if I can even get this config to work. I > currently cannot even ping the Default Gateways for the VLAN's. > > Configuration is as follows. > > SW A---VLAN 1, 4, 5 --TRUNK ISL ---VLAN 1, 4, 5 -RT A > w/ sub-ifs. > > I don't know whether the Subinterfaces are thowing off the firewall, or do > I need to put some type of route statements into the FW. It is a Lucent > Brick. Another strange thing is that when I was going from a 100Mb FD > port to the FW, the management station loses contact. Once I change the > port from the 100Mb FD to the 100Mb Hub portion the management console > comes back up. Previous to passing this through the FW I verified that all > the VLAN info was setup correctly. The rules on the FW are wide open as > well. If anyone has any info or ideas it would be greatly appreciated. > > Steven Kell Bates > Senior Systems Engineer, CCNP > comm 520-533-3998 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17569&t=17569 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ambiguous command [7:17568]
Can't answer- must respect NDA -Original Message- From: jo carol [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:08 PM To: [EMAIL PROTECTED] Subject:ambiguous command [7:17568] Hi I had a question on a test that said if after a command you get %ambiguous command will the router return to the original command or just router# Thanks [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17570&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ambiguous command [7:17568]
I'm not arguing, I just thought with the first statement "I had a test question" and asking for an answer would be a violation of the NDA by revealing what is on the test. I really don't care personally, but just chipping in my 2 cents. -Original Message- From: James Willard [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:17 PM To: Wright, Jeremy; [EMAIL PROTECTED] Subject:Re: ambiguous command [7:17568] That isn't a NDA issue. That's something you can easily test on any router that runs IOS. A quick test of telneting to a router and typing "show i" results in the "ambiguous command" message followed by the Router# prompt. There's your answer. James Willard [EMAIL PROTECTED] "Wright, Jeremy" wrote: > > Can't answer- must respect NDA > > -Original Message- > From: jo carol [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 28, 2001 3:08 PM > To: [EMAIL PROTECTED] > Subject:ambiguous command [7:17568] > > Hi > I had a question on a test that said if after a command you > get > %ambiguous command will the router return to the original > command or > just router# > Thanks > [EMAIL PROTECTED] [EMAIL PROTECTED] -- -James Donavon Willard ([EMAIL PROTECTED]) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17573&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ambiguous command [7:17568]
That isn't a NDA issue. That's something you can easily test on any router that runs IOS. A quick test of telneting to a router and typing "show i" results in the "ambiguous command" message followed by the Router# prompt. There's your answer. James Willard [EMAIL PROTECTED] "Wright, Jeremy" wrote: > > Can't answer- must respect NDA > > -Original Message- > From: jo carol [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 28, 2001 3:08 PM > To: [EMAIL PROTECTED] > Subject:ambiguous command [7:17568] > > Hi > I had a question on a test that said if after a command you > get > %ambiguous command will the router return to the original > command or > just router# > Thanks > [EMAIL PROTECTED] -- -James Donavon Willard ([EMAIL PROTECTED]) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17571&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ambiguous command [7:17568]
That is confidential information. ""jo carol"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi > I had a question on a test that said if after a command you get > %ambiguous command will the router return to the original command or > just router# > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17572&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: network i.d. [7:17566]
Were you refering to the NET ID as in Network Entity Title. In which case 47.0004.004D.0003..0C00.62E6.00 as an example would be the Domain ID, Area ID, Station ID and selector bit. Is that what your looking for? Tim > -Original Message- > From: jo carol [SMTP:[EMAIL PROTECTED]] > Sent: Tuesday, August 28, 2001 3:54 PM > To: [EMAIL PROTECTED] > Subject: network i.d. [7:17566] > > hi > I had this question on a test: > What is the network i.d > a)the network and mac address > B)the network and host > thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17574&t=17566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
I HAVE QUESTION How can i know who conn to my router [7:17575]
HELLO I have a question what COMMAND help me to know what connection in your router . and who is connecting to your router now Like in Window you can use NETSTAT But in Router what command should i type Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17575&t=17575 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I HAVE QUESTION How can i know who conn to my rout [7:17575]
Try a router> show sessions show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17577&t=17575 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE:QoS on CAT6k [7:17576]
You can use CAR on a router to rate-limit by aggregate. It will rate-limit by IP, sub-net, or just blanket converage. If you want to rate-limit with a CAT6k, then you must have a MSFC card. You can use CAR on the MSFC. But that is creating (one token bucket) or one rate for all the traffice within the designation. If your CAT6k has a PFC also, then you can implement microflow switching, another form of rate-limiting for QoS. Microflow switching can scale to a maximum of 32,000 flows on the PFC. After that, it will start taxing your processor. I do not know the age-out time for the flows, using microflow switching, if anyone know, please let me know. You can set microflow switching to use the ingress or egress. You create a QoS ACL, then you map the QoS ACL to either a port or a VLAN. QoS rate-limiting can also be done the same way as microflow switching, except as an aggregate; you simply choose aggregate instead of microflow. Microflow switching will rate-limit by flow. You could create a rate-limit for the flows within a VLAN, and then an aggregate rate-limit for all of the traffic. There are several ways of doing rate-limiting this way. Hope his helps. Joe Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17576&t=17576 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: access-list & ports ( TCP /UDP) [7:17374]
They had to release a new Standards Track RFC just to say that RFC 1700 is obsolete? That's pretty funny. ;-) Priscilla At 10:32 AM 8/28/01, Howard C. Berkowitz wrote: >Just to complicate things a bit: > >A New Internet-Draft is available from the on-line Internet-Drafts >directories. > > > Title : Assigned Numbers: RFC 1700 is Obsolete > Author(s) : J. Reynolds et al. > Filename: draft-rfc-editor-rfc1700bis-00.txt > Pages : 3 > Date: 15-Aug-01 > >This memo obsoletes RFC 1700 (STD 2) 'Assigned Numbers', which >contained an October 1994 snapshot of assigned Internet protocol >parameters. > >A URL for this Internet-Draft is: >http://www.ietf.org/internet-drafts/draft-rfc-editor-rfc1700bis-00.txt > >Internet-Drafts are also available by anonymous FTP. Login with the username >"anonymous" and a password of your e-mail address. After logging in, >type "cd internet-drafts" and then > "get draft-rfc-editor-rfc1700bis-00.txt". > > > > > >Hopefully you know enough about or can find out enough about your > >application to see whether it uses tcp or udp or both. > > > >Brian "Sonic" Whalen > >Success = Preparation + Opportunity > > > > > >On Mon, 27 Aug 2001, Ednilson Rosa wrote: > > > >> The problem with this list is that every application seem to use both UDP > >> and TCP, which is not always true. > >> > >> Ednilson Rosa > >> > >> - Original Message - > >> From: "Brian Whalen" > >> To: > >> Sent: Monday, August 27, 2001 5:03 PM > >> Subject: Re: access-list & ports ( TCP /UDP) [7:17374] > >> > >> > >> I use http://www.iana.org/assignments/port-numbers for finding out about > >> port numbers. Re the dns topic below, udp is fine for a company that >does > >> not have its own dns servers and only makes queries. TCP is used for >zone > >> transfers. I believe that in newer versions of bind, random hi port > >> numbers are used. > >> > >> Brian "Sonic" Whalen > >> Success = Preparation + Opportunity > >> > >> > >> On Mon, 27 Aug 2001, shella kevin wrote: > >> > >> > when dealing with access-list we use both TCP & UDP. For example we use > >> > tcp 53 or udp 53 for domain. > >> > > >> > My Q is when & how we know when we should use UDP and when TCP >. > >> > what is the difference . > >> > > >> > > >> > > >> > Thanks > >> > > >> > Shella K. > >> > > >> > > >> > > >> > > > >> > > >> > Get your FREE download of MSN Explorer at http://explorer.msn.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17579&t=17374 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ambiguous command [7:17568]
I could tell you, but then I'd have to kill you. p.s. just joking (in case you're paranoid) ""jo carol"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi > I had a question on a test that said if after a command you get > %ambiguous command will the router return to the original command or > just router# > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17580&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17581]
but those command is only show you a telnet session or soem one currently log in router i would like to kow the command like show all ip connecting to the router Thanks all ""Shojayi Joe"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Try a > router> show sessions > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17581&t=17581 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ADV: Need More Internet Traffic? [7:17582]
To remove see below. I work with a company that submits web sites to search engines and saw your listing on the internet. We can submit your site twice a month to over 400 search engines and directories for only $29.95 per month. We periodically mail you progress reports showing where you are ranked. To get your web site in the fast lane call our toll free number below! Sincerely, Brian Waters 888-892-7537 * All work is verified To be removed call: 888-800-6339 X1377 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17582&t=17582 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17583]
How about show tcp brief? >>> "PHIMHONGKONG" 8/28/01 4:14:25 PM >>> but those command is only show you a telnet session or soem one currently log in router i would like to kow the command like show all ip connecting to the router Thanks all ""Shojayi Joe"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Try a > router> show sessions > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17583&t=17583 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I HAVE QUESTION How can i know who conn to my rout [7:17585]
"Show arp" will show you all the IP's on the router with their MAC addresses. Hope this is what you want. -Original Message- From: PHIMHONGKONG [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 5:14 PM To: [EMAIL PROTECTED] Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17581] but those command is only show you a telnet session or soem one currently log in router i would like to kow the command like show all ip connecting to the router Thanks all ""Shojayi Joe"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Try a > router> show sessions > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17585&t=17585 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix NIGHTMARE [7:17586]
OK...the scenario is this: a pix 535 failover pair - so Im really only working with one... an old pix (version 4) 2 Nic Cards in each. Internetpix---cisco7200-VLAN1 | Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17586&t=17586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix NIGHTMARE [7:17587]
OK...the scenario is this: a pix 535 failover pair - so Im really only working with one... an old pix (version 4) 2 Nic Cards in each. Internetpix1---cisco7200-VLAN1(routable/24)---| | | VLAN2(192.168.yyy.yyy)| | | VLAN3(192.168.xxx.xxx)---pix2 Ok as if this was fuzzy enough The Inside network - VLAN1 needs to originate traffic to the outside. This appears to be working. We cannot, however, get through port 80 which is supposedly open at the pix. We can PING the outside interface of pix 1, but traceroutes die 2 hops before it and as I mentioned, port80 appears to be closed. In the mean time, VLAN3 needs to get out to the internet, so I have pix2 configured with a global pool of addresses and a static translation for the 4 servers on that vlan that are getting out. Is it OK to go NAT from VLAN3 to VLAN1 then go through the firewall. VLAN1 is technically doing PAT since its from routable to routable... Is this all making sense? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17587&t=17587 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network i.d. [7:17566]
>hi >I had this question on a test: >What is the network i.d >a)the network and mac address >B)the network and host >thanks First, this is a poorly worded question. I can answer it in a way for which neither A nor B is correct. Further, that answer will differ with the particular protocol family in use. Let me give you some clues that will help you figure out the answer for IP. IP strictly operates at OSI layer 3. Are all of the components in the answer at layer 3? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17588&t=17566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ambiguous command [7:17568]
I didn't realize the answer to this a more closely guarded secret than the size of... I remember doing this exact thing in my cisco class but no longer have access to a router but now I'll try to find one Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17589&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17590]
IP is connectionless, so your question doesn't quite make sense. "show ip route" displays routes and some other information about next hop, neighbor, etc. depending on the ip routing protocol being used. It might help you. If you're trying to see traffic forwarded through the router and the addresses associated with that traffic, you could use one of the debug commands, but that is not recommended on an operational router. It slows the router down too much. You could also set up some access lists with the log parameter, but that's not really recommended either. You could use a sniffer. There are some free ones such as Ethereal. Priscilla At 06:14 PM 8/28/01, you wrote: >but those command is only show you a telnet session or soem one currently >log in router > >i would like to kow the command like show all ip connecting to the router > >Thanks all >""Shojayi Joe"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Try a > > router> show sessions > > > > show sessions is the command Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17590&t=17590 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17592]
I think that's for Telnet also or other cases where one of the TCP endpoints is the router itself. I don't think that's what he's looking for? Priscilla At 06:31 PM 8/28/01, John Neiberger wrote: >How about show tcp brief? > > >>> "PHIMHONGKONG" 8/28/01 4:14:25 PM >>> >but those command is only show you a telnet session or soem one >currently >log in router > >i would like to kow the command like show all ip connecting to the >router > >Thanks all >""Shojayi Joe"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Try a > > router> show sessions > > > > show sessions is the command Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17592&t=17592 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17594]
I've lost the beginning of this thread, but "show users" is another possibility. JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 29/08/2001 09:05 am - "John Neiberger" cc: Sent by: Subject: Re: I HAVE QUESTION How can i know [EMAIL PROTECTED]who conn to my rout [7:17583] 29/08/2001 08:31 am Please respond to "John Neiberger" How about show tcp brief? >>> "PHIMHONGKONG" 8/28/01 4:14:25 PM >>> but those command is only show you a telnet session or soem one currently log in router i would like to kow the command like show all ip connecting to the router Thanks all ""Shojayi Joe"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Try a > router> show sessions > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17594&t=17594 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ambiguous command [7:17568]
I think it is indeed a violation of the NDA to discuss actual test questions. I suggest we ignore questions that appear to come from an actual test. If the poster doesn't say which practice test the question comes from, then don't answer it. Also, for a question that can easily be answered by typing a few characters in exec mode, it would be best to teach the person how to get the answer rather than just give them the answer, especially since there are router simulators out there. On a tangent, if the test really expects one to memorize what happens when you type a typo, that's pretty silly. Maybe it did come from a practice test. It seems too stupid to have come from an actual test!? ;-) Priscilla At 04:38 PM 8/28/01, Wright, Jeremy wrote: >I'm not arguing, I just thought with the first statement "I had a test >question" and asking for an answer would be a violation of the NDA by >revealing what is on the test. I really don't care personally, but just >chipping in my 2 cents. > > -Original Message- > From: James Willard [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 28, 2001 3:17 PM > To: Wright, Jeremy; [EMAIL PROTECTED] > Subject:Re: ambiguous command [7:17568] > > That isn't a NDA issue. That's something you can easily test >on any > router that runs IOS. A quick test of telneting to a router >and typing > "show i" results in the "ambiguous command" message followed >by the > Router# prompt. There's your answer. > > James Willard > [EMAIL PROTECTED] > > > "Wright, Jeremy" wrote: > > > > Can't answer- must respect NDA > > > > -Original Message- > > From: jo carol >[mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, August 28, 2001 3:08 PM > > To: [EMAIL PROTECTED] > > Subject:ambiguous command >[7:17568] > > > > Hi > > I had a question on a test that said if >after a command you > > get > > %ambiguous command will the router return >to the original > > command or > > just router# > > Thanks > > [EMAIL PROTECTED] >[EMAIL PROTECTED] > > -- > > -James Donavon Willard >([EMAIL PROTECTED]) Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17595&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17593]
MaizeHello Sorry I confuse all you guy Let say In Window xx You Put a command NETSTATS It will OUTPUT some thing like this Active Connections Proto Local Address Foreign AddressState TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4227 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4228 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4229 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4230 = TIME_WAIT TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4231 = TIME_WAIT TCPcx541749-a:ftp-datac1771000-a.stcla1.sfba.home.com:2815 = ESTABLISHE D TCPcx541749-a:ftp bb-62-5-49-77.bb.tninet.se:4226 = ESTABLISHED TCPcx541749-a:ftp c1771000-a.stcla1.sfba.home.com:2810 = ESTABLISHE D TCPcx541749-a:ftp h230n3fls21o906.telia.com:65002 = ESTABLISHED I would like to know !!1 is it possible i can do the same on router = ?? If yes What command !! Thanks If no What the most closest command :-) Thanks IF some hacker log in to your rotuer and network ( he delete history and = log) How can you know your network hacked=20 Thanks [GroupStudy.com removed an attachment of type image/gif which had a name of amaizrul.gif] [GroupStudy.com removed an attachment of type image/jpeg which had a name of Maize Bkgrd.jpg] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17593&t=17593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What's the diameter of your switched network? [7:17489]
Always thought that Diameter was a misleading term. If the root bridge is physically in the centre of the bridged network, the diameter is actually the radius. Hmmm - more coffee - it's late. ""Leigh Anne Chisholm"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Here's something funky I've just started researching. Thought many of you > might not be aware of this... > > Awkward STP Parameter Tuning and Diameter Issues > > We already saw that an aggressive value for the max-age parameter and the > forward-delay could lead to a very unstable STP. The loss of some BPDUs can > then cause a loop to appear. Another issue, not very known, is related to > the diameter of the bridged network. The conservative default values for the > STP impose a maximum network diameter of seven. This means that two distinct > bridges in the network should not be more than seven hops away the one to > the other. Part of this restriction is coming from the age field BPDU carry: > when a BPDU is propagated from the root bridge towards the leaves of the > tree, the age field is incremented each time it goes though a bridge. > Eventually, when the age field of a BPDU goes beyond max age, it is > discarded. Typically, this will occur if the root is too far away from some > bridges of the network. This issue will impact convergence of the spanning > tree. > > > This came from: http://www.cisco.com/warp/public/473/16.html#2f Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17596&t=17489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17597]
nahhh... methinks he's looking for debug ip packet, meself remember, a debug ip packet will display every packet that travels through the router. Every one. Don't use it on a production router (have a very specific access list, if you must use it there) If you are telnetted into the router, in order to see the display on your terminal session you must type term mon (EXEC command) If you are on the console, make sure that logging console is enabled (configuration command) - Original Message - From: "John Neiberger" To: Sent: Tuesday, August 28, 2001 3:31 PM Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17583] > How about show tcp brief? > > >>> "PHIMHONGKONG" 8/28/01 4:14:25 PM >>> > but those command is only show you a telnet session or soem one > currently > log in router > > i would like to kow the command like show all ip connecting to the > router > > Thanks all > ""Shojayi Joe"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Try a > > router> show sessions > > > > show sessions is the command _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17597&t=17597 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Flash memory issues [7:17561]
Very odd. I suspect bad simms or m/b. Could also be non-cisco approved mem. Some had a middle chip on them that seemed to do some sort of key/ID function. Do you have any other known good (preferably Cisco) simms to try? I don't believe the pc card slot works for reg IOS. I believe it is part of their diagnostics system. Anyone else know for sure? Have you considered a Smartnet for it? List is $315, but you should be able to get it for 15% or more off. Have you tried doing a standard tftp upgrade? -Original Message- From: Robert McIntire [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 7:32 PM To: [EMAIL PROTECTED] Subject:Re: Flash memory issues [7:17561] Good idea. But, I when it net boots I still can't erase flash. I'm stumped at this point. If I have to buy 2 8MB simms, that fine, but I'm wondering if I can use a PCMCIA memory card ( and how much) ?? Any ideas? Thanks, Bob McIntire - Original Message - From: "mbaker2507" To: "'Robert McIntire'" ; Sent: Tuesday, August 28, 2001 3:34 PM Subject: RE: Flash memory issues [7:17561] > Robert, > > You can set the config register to not boot the IOS. Then you should be > able to erase the flash. From what you show, it may be a bad simm, bad > motherboard (I've seen that a lot with this type of error), or possibly > older bootroms that don't support the simm in there (though it looks like > you have a recent bootrom). Has this been running ok, then started flaking > out, or has it always been this way? I believe netbooting should also allow > you to erase flash, as you won't be locking it during boot/run-from-flash. > > Mark > > -Original Message- > From: Robert McIntire [SMTP:[EMAIL PROTECTED]] > Sent: Tuesday, August 28, 2001 3:17 PM > To: [EMAIL PROTECTED] > Subject: Flash memory issues [7:17561] > > I have a 2514 set up in my home lab that is having memory problems. It > currently reports the following errors on boot up: > > %Error: System flash bank 0 chip 2 unknown, chip id 0xB36 (reversed = > 0xD06C) > > %Error: System flash initialization failed > > F3: 6218292+86976+534512 at 0x360 > > > However, it boots to the image stored on the flash. ( 12.04T) > > > My goal is to upgrade the flash to 16MB so I can run some of the larger > Enterprise images on the router. I know that one method is to install 2 > 8MB > flash simms. But, when I try to erase the 8MB flash that is currently > installed I get an error that it is read-only. I've also attempted to > erase > flash from rommon mode, but the command is not available. I've worked in > Rommon before on other Cisco devices, but am not familiar with the > > prompt. > I've attempted to set the Boot var to ROM with no luck. Currently I'm net > booting to a 12.2 IOS version, but I really need to configure it to boot to > flash for Enterprise IOS images. > > Following is the output of the Show Version command: > > 2500#show version > Cisco Internetwork Operating System Software > IOS (tm) 2500 Software (C2500-IO-L), Version 12.2(1b), RELEASE SOFTWARE > (fc1) > Copyright (c) 1986-2001 by cisco Systems, Inc. > Compiled Fri 15-Jun-01 06:20 by pwade > Image text-base: 0x144C, data-base: 0x007FD064 > > ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE > BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE > SOFTW > ARE (fc1) > > c2500 uptime is 29 minutes > System returned to ROM by reload > System image file is "tftp://172.16.1.1/c2500-io-l.122-1b.bin"; > > cisco 2500 (68030) processor (revision D) with 16384K/2048K bytes of > memory. > Processor board ID 03946976, with hardware revision > Bridging software. > X.25 software, Version 3.0.0. > 2 Ethernet/IEEE 802.3 interface(s) > 2 Serial network interface(s) > 32K bytes of non-volatile configuration memory. > 8192K bytes of System flash (Device not programmable) > > Configuration register is 0x2102 > > At this point I'm just looking for a quick fix to get to 16MB of flash. > How > can I tell if the 8MB flash I've got is useable? I see a PCMCIA slot on > hte > system board - can this be used to upgrade the flash? I've checked for a > write-protect jumper on the system board, but there isn't one. Is my > current > flash going to be reusable in upgrading? Do I need to upgrade boot roms? > These are the questions. If anybody can shed some light on this process, > I'd > appreciate the help. > > Thanks in advance, Bob McIntire, CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17599&t=17561 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17598]
The netstat that you refer to are connections from a workstation to a server. There is no equivalent command on a cisco router. The show users command shows you the users that are connected to a router via port 23 and port 80 (if ip http server is running on the router) There's no equivalent if a device is tftp connected to the router There's no equivalent if someone tries to access the router on any other port - Original Message - From: "PHIMHONGKONG" To: Sent: Tuesday, August 28, 2001 4:24 PM Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17593] > MaizeHello > Sorry I confuse all you guy > > > > > > Let say In Window xx You Put a command NETSTATS > > It will OUTPUT some thing like this > > Active Connections > > Proto Local Address Foreign AddressState > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4227 = > TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4228 = > TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4229 = > TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4230 = > TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4231 = > TIME_WAIT > TCPcx541749-a:ftp-datac1771000-a.stcla1.sfba.home.com:2815 = > ESTABLISHE > D > TCPcx541749-a:ftp bb-62-5-49-77.bb.tninet.se:4226 = > ESTABLISHED > TCPcx541749-a:ftp c1771000-a.stcla1.sfba.home.com:2810 = > ESTABLISHE > D > TCPcx541749-a:ftp h230n3fls21o906.telia.com:65002 = > ESTABLISHED > > > > I would like to know !!1 is it possible i can do the same on router = > ?? > > If yes What command !! Thanks > > If no > > What the most closest command :-) > > Thanks > > > > IF some hacker log in to your rotuer and network ( he delete history and = > log) > > How can you know your network hacked=20 > > Thanks > > [GroupStudy.com removed an attachment of type image/gif which had a name of > amaizrul.gif] > > [GroupStudy.com removed an attachment of type image/jpeg which had a name of > Maize Bkgrd.jpg] _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17598&t=17598 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ILMI Vulnerability [7:17600]
The ILMI issue was cleared with the 12.1 release, I assume it was fixed in all other releases too ??? Why I ask, I suggested a customer run a PVC "in the clear" (through their hardware encrypors) for a BGP link to the ISP. My suggestion was met with opposition, due to the ILMI issue from late last year. My reply was that this was found by Cisco as a design flaw & was fixed in 12.1. In researching this a little more today, I see the LS1010's don't have a 12.1 code yet. It's safe to assume this was fixed for all codes ??? Thanks Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17600&t=17600 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17601]
What if u enable'ip route-cache flow' and then do a #sh ip cache flow, what if u enable logging (tweeking your access-list accordingly), if you using nat, try #sh ip na tr, or get hold of a sniffer, don4t know if your 'boss' would agree :=) - Original Message - From: To: Sent: Wednesday, August 29, 2001 12:25 AM Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17594] > I've lost the beginning of this thread, but "show users" is another > possibility. > > JMcL > - Forwarded by Jenny Mcleod/NSO/CSDA on 29/08/2001 09:05 am - > > "John > Neiberger" > > cc: > Sent by: Subject: Re: I HAVE > QUESTION How can i know > [EMAIL PROTECTED]who conn to my rout > [7:17583] > > > 29/08/2001 08:31 > am > Please respond > to > "John > Neiberger" > > > > > > > How about show tcp brief? > > >>> "PHIMHONGKONG" 8/28/01 4:14:25 PM >>> > but those command is only show you a telnet session or soem one > currently > log in router > > i would like to kow the command like show all ip connecting to the > router > > Thanks all > ""Shojayi Joe"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Try a > > router> show sessions > > > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17601&t=17601 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ambiguous command [7:17568]
> On a tangent, if the test really expects one to memorize what happens when > you type a typo, that's pretty silly. Maybe it did come from a practice > test. It seems too stupid to have come from an actual test!? ;-) "Stupid is as stupid does" - Sally Field as Mama Gump I've seen dumber questions on exams _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17602&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ambiguous command [7:17568]
I recognized it from a test (I'd rather not say which one- "even the paranoid have enemies") -Original Message- From: Priscilla Oppenheimer [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 7:26 PM To: [EMAIL PROTECTED] Subject:RE: ambiguous command [7:17568] I think it is indeed a violation of the NDA to discuss actual test questions. I suggest we ignore questions that appear to come from an actual test. If the poster doesn't say which practice test the question comes from, then don't answer it. Also, for a question that can easily be answered by typing a few characters in exec mode, it would be best to teach the person how to get the answer rather than just give them the answer, especially since there are router simulators out there. On a tangent, if the test really expects one to memorize what happens when you type a typo, that's pretty silly. Maybe it did come from a practice test. It seems too stupid to have come from an actual test!? ;-) Priscilla At 04:38 PM 8/28/01, Wright, Jeremy wrote: >I'm not arguing, I just thought with the first statement "I had a test >question" and asking for an answer would be a violation of the NDA by >revealing what is on the test. I really don't care personally, but just >chipping in my 2 cents. > > -Original Message- > From: James Willard [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 28, 2001 3:17 PM > To: Wright, Jeremy; [EMAIL PROTECTED] > Subject:Re: ambiguous command [7:17568] > > That isn't a NDA issue. That's something you can easily test >on any > router that runs IOS. A quick test of telneting to a router >and typing > "show i" results in the "ambiguous command" message followed >by the > Router# prompt. There's your answer. > > James Willard > [EMAIL PROTECTED] > > > "Wright, Jeremy" wrote: > > > > Can't answer- must respect NDA > > > > -Original Message- > > From: jo carol >[mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, August 28, 2001 3:08 PM > > To: [EMAIL PROTECTED] > > Subject:ambiguous command >[7:17568] > > > > Hi > > I had a question on a test that said if >after a command you > > get > > %ambiguous command will the router return >to the original > > command or > > just router# > > Thanks > > [EMAIL PROTECTED] >[EMAIL PROTECTED] > > -- > > -James Donavon Willard >([EMAIL PROTECTED]) Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17604&t=17568 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17605]
YES Dlc116 is great that what i am looking for hehehe Thanks ""dlci_16"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > What if u enable'ip route-cache flow' and then do a #sh ip cache flow, > what if u enable logging (tweeking your access-list accordingly), > if you using nat, try #sh ip na tr, > or get hold of a sniffer, don4t know if your 'boss' would agree :=) > > > > - Original Message - > From: > To: > Sent: Wednesday, August 29, 2001 12:25 AM > Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17594] > > > > I've lost the beginning of this thread, but "show users" is another > > possibility. > > > > JMcL > > - Forwarded by Jenny Mcleod/NSO/CSDA on 29/08/2001 09:05 am - > > > > "John > > Neiberger" > > > > cc: > > Sent by: Subject: Re: I HAVE > > QUESTION How can i know > > [EMAIL PROTECTED]who conn to my rout > > [7:17583] > > > > > > 29/08/2001 08:31 > > am > > Please respond > > to > > "John > > Neiberger" > > > > > > > > > > > > > > How about show tcp brief? > > > > >>> "PHIMHONGKONG" 8/28/01 4:14:25 PM >>> > > but those command is only show you a telnet session or soem one > > currently > > log in router > > > > i would like to kow the command like show all ip connecting to the > > router > > > > Thanks all > > ""Shojayi Joe"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Try a > > > router> show sessions > > > > > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17605&t=17605 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17606]
but it didnot show the port hehe :-) but it fine ""dlci_16"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > What if u enable'ip route-cache flow' and then do a #sh ip cache flow, > what if u enable logging (tweeking your access-list accordingly), > if you using nat, try #sh ip na tr, > or get hold of a sniffer, don4t know if your 'boss' would agree :=) > > > > - Original Message - > From: > To: > Sent: Wednesday, August 29, 2001 12:25 AM > Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17594] > > > > I've lost the beginning of this thread, but "show users" is another > > possibility. > > > > JMcL > > - Forwarded by Jenny Mcleod/NSO/CSDA on 29/08/2001 09:05 am - > > > > "John > > Neiberger" > > > > cc: > > Sent by: Subject: Re: I HAVE > > QUESTION How can i know > > [EMAIL PROTECTED]who conn to my rout > > [7:17583] > > > > > > 29/08/2001 08:31 > > am > > Please respond > > to > > "John > > Neiberger" > > > > > > > > > > > > > > How about show tcp brief? > > > > >>> "PHIMHONGKONG" 8/28/01 4:14:25 PM >>> > > but those command is only show you a telnet session or soem one > > currently > > log in router > > > > i would like to kow the command like show all ip connecting to the > > router > > > > Thanks all > > ""Shojayi Joe"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Try a > > > router> show sessions > > > > > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17606&t=17606 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BPDUs [7:17607]
All , I came across this question while studying: How are BPDU's propagated amongst switches? Broadcast, multicast, or unicast? Anyone have an explanation? Christopher Supino CCNP, CCDP, MCSE, CNA5, ASE Senior System Engineer Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17607&t=17607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed Written [7:17466]
Congratulations. I've been studying for it. Plan on taking it soon. What is the ASET program? Dan Allison CCNP, MCSE, CNE Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17603&t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I HAVE QUESTION How can i know who conn to my rout [7:17608]
logging 1.2.3.5 logging buffered 1 debugging logging trap debugging access-list 101 permit tcp any host 1.2.3.4 eq 23 syn log access-list 101 permit ip any any interface fast0/0 ip access-group 101 in This config snippet will log all port 23 connects to host 1.2.3.4 which should be an interface on your local router. You'll have to make a rule to match and log each interface on your router for this to match all possible paths to your router. The logging global config command sends syslog messages to a syslog server (There are daemons for WinNT). You can set up a crontab on a Unix server to grep the syslog for IPACCESSLOGP and mail this output to yourself for a more complete solution. In Windows a Windows Scripting Host script, or Perl for Windows script can be created to the same effect. Caveats: Input access lists break certain flow enhancement features in certain routers, I'd suggest you fully research the impact an input access list will have on your router before implementing this. Every interface on your router would need to have the first rule in the above access list changed to its respective network layer address (1.2.3.4) in this case. Wayne -Original Message- From: Bolton, Travis [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 7:33 AM To: [EMAIL PROTECTED] Subject: RE: I HAVE QUESTION How can i know who conn to my rout [7:17585] "Show arp" will show you all the IP's on the router with their MAC addresses. Hope this is what you want. -Original Message- From: PHIMHONGKONG [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 5:14 PM To: [EMAIL PROTECTED] Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17581] but those command is only show you a telnet session or soem one currently log in router i would like to kow the command like show all ip connecting to the router Thanks all ""Shojayi Joe"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Try a > router> show sessions > > show sessions is the command Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17608&t=17608 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed Written [7:17466]
ASET is Cisco's CCIE mentoring program for resellers. They help you thru the certification process, and will even allow you some rack time once you have PAID for a lab. Sounds good, I was just wondering if anyone on the list had been through it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Allison Dan Sent: Tuesday, August 28, 2001 8:21 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] Congratulations. I've been studying for it. Plan on taking it soon. What is the ASET program? Dan Allison CCNP, MCSE, CNE Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17609&t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: What's the diameter of your switched network? [7:17489]
Of course, how often is the root "physically" in the center? ;-} --- Rik Guyler -Original Message- From: Gareth Hinton [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 7:28 PM To: [EMAIL PROTECTED] Subject: Re: What's the diameter of your switched network? [7:17489] Always thought that Diameter was a misleading term. If the root bridge is physically in the centre of the bridged network, the diameter is actually the radius. Hmmm - more coffee - it's late. ""Leigh Anne Chisholm"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Here's something funky I've just started researching. Thought many of you > might not be aware of this... > > Awkward STP Parameter Tuning and Diameter Issues > > We already saw that an aggressive value for the max-age parameter and the > forward-delay could lead to a very unstable STP. The loss of some BPDUs can > then cause a loop to appear. Another issue, not very known, is related to > the diameter of the bridged network. The conservative default values for the > STP impose a maximum network diameter of seven. This means that two distinct > bridges in the network should not be more than seven hops away the one to > the other. Part of this restriction is coming from the age field BPDU carry: > when a BPDU is propagated from the root bridge towards the leaves of the > tree, the age field is incremented each time it goes though a bridge. > Eventually, when the age field of a BPDU goes beyond max age, it is > discarded. Typically, this will occur if the root is too far away from some > bridges of the network. This issue will impact convergence of the spanning > tree. > > > This came from: http://www.cisco.com/warp/public/473/16.html#2f Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17610&t=17489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17611]
Oh, so you are considering connections TO the router, not connections through the router. You must be asking about Telnet sessions (or HTTP on some routers) used for configuring or managing the router. So, in that case, use the show tcp brief command, as John suggested. Here's an example courtesy of Leigh Anne: RouterD#show tcp brief TCB Local Address Foreign Address(state) 81770CA8 172.16.1.110.23 172.16.1.1.1067ESTAB Priscilla At 07:24 PM 8/28/01, PHIMHONGKONG wrote: >MaizeHello >Sorry I confuse all you guy > > > > > >Let say In Window xx You Put a command NETSTATS > >It will OUTPUT some thing like this > >Active Connections > > Proto Local Address Foreign AddressState > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4227 = >TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4228 = >TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4229 = >TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4230 = >TIME_WAIT > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4231 = >TIME_WAIT > TCPcx541749-a:ftp-datac1771000-a.stcla1.sfba.home.com:2815 = >ESTABLISHE >D > TCPcx541749-a:ftp bb-62-5-49-77.bb.tninet.se:4226 = >ESTABLISHED > TCPcx541749-a:ftp c1771000-a.stcla1.sfba.home.com:2810 = >ESTABLISHE >D > TCPcx541749-a:ftp h230n3fls21o906.telia.com:65002 = >ESTABLISHED > > > >I would like to know !!1 is it possible i can do the same on router = >?? > >If yes What command !! Thanks > >If no > >What the most closest command :-) > >Thanks > > > >IF some hacker log in to your rotuer and network ( he delete history and = >log) > >How can you know your network hacked=20 > >Thanks > >[GroupStudy.com removed an attachment of type image/gif which had a name of >amaizrul.gif] > >[GroupStudy.com removed an attachment of type image/jpeg which had a name of >Maize Bkgrd.jpg] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17611&t=17611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed Written [7:17466]
I went thru it, very worthwhile if you can get in. Last I checked (earlier this year) there was a long wait for it, comparable to the wait for the lab itself. You are run through a ccie-level lab over 3 days with a Cisco ccie who really knows his stuff (at least the one in my session sure did). mark -Original Message- From: Christopher Supino [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 9:35 PM To: [EMAIL PROTECTED] Subject:RE: Passed Written [7:17466] ASET is Cisco's CCIE mentoring program for resellers. They help you thru the certification process, and will even allow you some rack time once you have PAID for a lab. Sounds good, I was just wondering if anyone on the list had been through it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Allison Dan Sent: Tuesday, August 28, 2001 8:21 PM To: [EMAIL PROTECTED] Subject: RE: Passed Written [7:17466] Congratulations. I've been studying for it. Plan on taking it soon. What is the ASET program? Dan Allison CCNP, MCSE, CNE Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17612&t=17466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I HAVE QUESTION How can i know who conn to my rout [7:17613]
I believe another command would also accomplish the same thing, correct me if I'm wrong : show users Donny >From: "Priscilla Oppenheimer" >Reply-To: "Priscilla Oppenheimer" >To: [EMAIL PROTECTED] >Subject: Re: I HAVE QUESTION How can i know who conn to my rout [7:17611] >Date: Tue, 28 Aug 2001 22:08:17 -0400 > >Oh, so you are considering connections TO the router, not connections >through the router. You must be asking about Telnet sessions (or HTTP on >some routers) used for configuring or managing the router. > >So, in that case, use the show tcp brief command, as John suggested. > >Here's an example courtesy of Leigh Anne: > >RouterD#show tcp brief >TCB Local Address Foreign Address(state) >81770CA8 172.16.1.110.23 172.16.1.1.1067ESTAB > >Priscilla > >At 07:24 PM 8/28/01, PHIMHONGKONG wrote: > >MaizeHello > >Sorry I confuse all you guy > > > > > > > > > > > >Let say In Window xx You Put a command NETSTATS > > > >It will OUTPUT some thing like this > > > >Active Connections > > > > Proto Local Address Foreign AddressState > > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4227 = > >TIME_WAIT > > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4228 = > >TIME_WAIT > > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4229 = > >TIME_WAIT > > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4230 = > >TIME_WAIT > > TCPcx541749-a:ftp-databb-62-5-49-77.bb.tninet.se:4231 = > >TIME_WAIT > > TCPcx541749-a:ftp-datac1771000-a.stcla1.sfba.home.com:2815 = > >ESTABLISHE > >D > > TCPcx541749-a:ftp bb-62-5-49-77.bb.tninet.se:4226 = > >ESTABLISHED > > TCPcx541749-a:ftp c1771000-a.stcla1.sfba.home.com:2810 = > >ESTABLISHE > >D > > TCPcx541749-a:ftp h230n3fls21o906.telia.com:65002 = > >ESTABLISHED > > > > > > > >I would like to know !!1 is it possible i can do the same on router = > >?? > > > >If yes What command !! Thanks > > > >If no > > > >What the most closest command :-) > > > >Thanks > > > > > > > >IF some hacker log in to your rotuer and network ( he delete history and >= > >log) > > > >How can you know your network hacked=20 > > > >Thanks > > > >[GroupStudy.com removed an attachment of type image/gif which had a name >of > >amaizrul.gif] > > > >[GroupStudy.com removed an attachment of type image/jpeg which had a name >of > >Maize Bkgrd.jpg] > > >Priscilla Oppenheimer >http://www.priscilla.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17613&t=17613 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
how to get frame-relay DNA number?? [7:17614]
Hi.. When I report a frame-relay link fault to my ISP vendor. They always ask me what is the DNA (data network address) number of the link, but I can only able to give the frame-relay circuit ID? May I know how can I know what is the DNA number of FR link ? And what is that for? If I have two routers A and B, A is link to the backbone and B is link to A via Frame-relay. If this frame-relay is down. Whether I can still see the DLCI number when I console into B? Who decided the DLCI number?? Thanks CT == De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. == The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. == Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17614&t=17614 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
