Re: HSSI - Transmit only interface config in Cisco 7200 series [7:19097]
Hi Steve This is kiran. We do have ip-map-dlci statement. The configuration is given below. The other end is connected to other router configured for frame relay where dlci for interface is specified. interface Hssi1/0 description RESV: mtu 1500 bandwidth 6144 ip address 10.10.10.1 255.255.255.252 encapsulation frame-relay IETF no keepalive frame-relay map ip 10.10.10.2 102 broadcast IETF ! interface Hssi1/1 description RESV: mtu 1500 transmit-interface Hssi1/0 bandwidth 2048 ip address 10.10.10.10 255.255.255.252 encapsulation frame-relay IETF no keepalive frame-relay map ip 10.10.10.9 150 broadcast IETF ! The way it is configured, is it correct? Further details are as below. The through traffic is going well. Only distant end interfaces connected with above inetraceaces are unable to ping each-other as well as from Cisco after establishing telnet session from elsewhere at 10.10.10.10 (Telnet session), unable to ping 10.10.10.1. The distant end router is cabletron router. (The ip address are not the actual one) With regards, Kiran >From: "Stephen Skinner" >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: Re: HSSI - Transmit only interface config in Cisco 7200 series >[7:18940] >Date: Fri, 07 Sep 2001 13:43:09 + > >if you do not have ip-map-dlci stqatement for the other interface it will >not ping ... > >HTH > > >steve > > >>From: "Kirankumar Patel" >>Reply-To: "Kirankumar Patel" >>To: [EMAIL PROTECTED] >>Subject: HSSI - Transmit only interface config in Cisco 7200 series >>[7:18940] >>Date: Fri, 7 Sep 2001 06:43:18 -0400 >> >>Hi all >> >>We are facing following problem. If any body can help out pl. >> >>We have typical set up at our ISP. There are two HSSI ports, one >>configured >>as a transmit only interface using transmit interface command. The both >>interface are configured as a frame relay point to point link. But I am >>not >>able to ping one HSSI interface configured as as a transmit only. >> >>Can anybody tell me whether it can be ping or not? >> >> >>Kiran >> >>_ >>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19097&t=19097 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19095]
- Original Message - From: "Rik Guyler" To: Sent: Friday, September 07, 2001 11:14 PM Subject: RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19091] > However, it appears that Ole wants to (correct me if I'm wrong) limit the > bandwidth per DLCI. Is this true? If that's the case, unfortunately there > is no way to do this on the router. nah, that's not what he wants, nor asked for. His provider has given him a 768k access rate, and he thought he has to set up his T-1 WIC channelized for each DLCI. Chuck set him straight on that one, although I understand the confusion. And I'll do some research, but with newer versions of IOS one *might* now be able to limit bandwidth per DLCI. > > When you order a FR circuit, you are typically ordering a T1 for layer 1 so > you really are just getting 1 "pipe" capable of flowing 768k. The DLCIs > converge into this pipe in a logical fashion, not a physical one, hence the > layer 2 stuff (FR encapsulation) needed at this point. Same point Chuck made > > --- > Rik Guyler > > -Original Message- > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 11:21 PM > To: [EMAIL PROTECTED] > Subject: RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 > [7:19081] > > > Ole, my man, you are trying to outsmart yourself, and you're a pretty smart > guy ;-> > > Your T1 module is for the telco interface only. You purchased 768K, it > appears. Your DLCI's / PVC's will share that 768K with no further layer 1 > actions on your part > > once you have properly configured the layer one stuff - the timeslots and > B8ZS and ESF and yellow alarm and loopback and clock source, you are done > with the service module. > > All that remains is assigning the DLCI's to the appropriate subinterface, > and IP addressing for the PVC's, and you are on your way. > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Ole Drews Jensen > Sent: Friday, September 07, 2001 3:11 PM > To: [EMAIL PROTECTED] > Subject: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 > [7:19057] > > > I am now on unknown territory, where no man in my shoes has walked before. > > I have a Frame Relay scenario being setup, and my host router has just > received the green light from the provider. > > The Frame Relay host uses 12 channels, and connects on three PVC's to three > branch offices, each with 4 channels. > > I searched and found the answer on how to setup the channels on cisco's > site: > > router(config-if)#service-module t1 timeslots 1-12 > > but will I have to do that for my three sub interfaces also? > > Example: > > router(config)#int s0/0 > router(config-if)#service-module t1 timeslots 1-12 > > router(config-if)#int s0/0.101 point-to-point > router(config-subif)#frame-relay interface-dlci 101 > router(config-subif)#service-module t1 timeslots 1-4 > router(config-subif)#int s0/0.102 point-to-point > router(config-subif)#frame-relay interface-dlci 102 > router(config-subif)#service-module t1 timeslots 5-8 > router(config-subif)#int s0/0.103 point-to-point > router(config-subif)#frame-relay interface-dlci 103 > router(config-subif)#service-module t1 timeslots 9-12 > > Thanks and have a great weekend, > > Ole > > ~~~ > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > ~~~ > http://www.RouterChief.com > ~~~ > NEED A JOB ??? > http://www.oledrews.com/job > ~~~ _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19095&t=19095 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX & Citrix/nfuse access [7:18938]
udp should be 1604 instead - Original Message - From: "Eric Rivard" To: Sent: Saturday, September 08, 2001 4:03 AM Subject: RE: PIX & Citrix/nfuse access [7:18938] > on the pix make 2 conduit entries for tcp traffic on port 1494 and udp > traffic on port 1494. This will enable users to uses Citrix Program > Neigborhood to connect to the Citrix Server. If you want them to use > NFuse you have to have Citrix Service Pack 2 Installed (or the 3, the > newest SP) that supports XML. Then on the Web server that is going to > host NFuse install the NFuse application and uses XML port 80. When this > is done all you have to do at the PIX is make a conduit entry permitting > port 80 to the web server. I have done this many times like this and it > works great. > > -Original Message- > From: Jeff Smith > Sent: Fri 9/7/2001 8:05 AM > To: [EMAIL PROTECTED] > Cc: > Subject: Re: PIX & Citrix/nfuse access [7:18938] > > > > I am pretty sure that Citrix uses port 1604 also. > > > >From: "[EMAIL PROTECTED]" > >Reply-To: "[EMAIL PROTECTED]" > >To: [EMAIL PROTECTED] > >Subject: Re: PIX & Citrix/nfuse access [7:18938] > >Date: Fri, 7 Sep 2001 10:23:19 -0400 > > > >make a static mapping > > > >static (inside,outside) > >conduit permit tcp glbol ip add (citrix port ) 1494 i guess and > 80 for web > > > >shd work fine > >- Original Message - > >From: "Matthew Tayler" > >To: > >Sent: Friday, September 07, 2001 2:18 PM > >Subject: PIX & Citrix/nfuse access [7:18938] > > > > > > > Has anybody any experience on how I can allow remote workers > using > > > Citrix/nfuse through a PIX to access internal servers > please. > > > > > > I have tried using the notes from citrix but they cannot > help further > >and > > > all I get when making the connection is a long delay and > timeout. > > > > > > The idea is our home workers go to the site home page and > hit a link > >which > > > redirects them to the Citrix/nfuse server, where they login. > > > > > > I am not a Citrix expert and the in house Citrix guys are > saying that > >any > > > problems are on the PIX. They are talking about kicking PIX > out and just > > > using some freebi firewall from microsoft. > > > > > > Any help or config extracts would be appreciated > > _ > Get your FREE download of MSN Explorer at > http://explorer.msn.com/intl.asp > [EMAIL PROTECTED] > > [GroupStudy.com removed an attachment of type application/ms-tnef which had > a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19094&t=18938 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19093]
I had read the message as each of the branch offices having a 256K link. in any case, Rik, you are probably correct in your interpretation as well. Only Ole can clarify what he meant. My point ( and yours ) is that there is no way or need to do further configuration on the host site with regards to the frame connection. The timeslots are not "reserved" in terms of which DLCI uses which timeslots or group of timeslots. all data will go out the physical interface as fast as the wire permits. the layer three to layer two mapping will determine which PVC gets which of those frames. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rik Guyler Sent: Friday, September 07, 2001 11:14 PM To: [EMAIL PROTECTED] Subject: RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19091] However, it appears that Ole wants to (correct me if I'm wrong) limit the bandwidth per DLCI. Is this true? If that's the case, unfortunately there is no way to do this on the router. When you order a FR circuit, you are typically ordering a T1 for layer 1 so you really are just getting 1 "pipe" capable of flowing 768k. The DLCIs converge into this pipe in a logical fashion, not a physical one, hence the layer 2 stuff (FR encapsulation) needed at this point. --- Rik Guyler -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 11:21 PM To: [EMAIL PROTECTED] Subject: RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19081] Ole, my man, you are trying to outsmart yourself, and you're a pretty smart guy ;-> Your T1 module is for the telco interface only. You purchased 768K, it appears. Your DLCI's / PVC's will share that 768K with no further layer 1 actions on your part once you have properly configured the layer one stuff - the timeslots and B8ZS and ESF and yellow alarm and loopback and clock source, you are done with the service module. All that remains is assigning the DLCI's to the appropriate subinterface, and IP addressing for the PVC's, and you are on your way. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ole Drews Jensen Sent: Friday, September 07, 2001 3:11 PM To: [EMAIL PROTECTED] Subject: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19057] I am now on unknown territory, where no man in my shoes has walked before. I have a Frame Relay scenario being setup, and my host router has just received the green light from the provider. The Frame Relay host uses 12 channels, and connects on three PVC's to three branch offices, each with 4 channels. I searched and found the answer on how to setup the channels on cisco's site: router(config-if)#service-module t1 timeslots 1-12 but will I have to do that for my three sub interfaces also? Example: router(config)#int s0/0 router(config-if)#service-module t1 timeslots 1-12 router(config-if)#int s0/0.101 point-to-point router(config-subif)#frame-relay interface-dlci 101 router(config-subif)#service-module t1 timeslots 1-4 router(config-subif)#int s0/0.102 point-to-point router(config-subif)#frame-relay interface-dlci 102 router(config-subif)#service-module t1 timeslots 5-8 router(config-subif)#int s0/0.103 point-to-point router(config-subif)#frame-relay interface-dlci 103 router(config-subif)#service-module t1 timeslots 9-12 Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19093&t=19093 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to build a pix firewall out of a PC box. [7:18335]
Where did you get a quote for $100? The prices I have been quoted for the 16MB ISA flash card from Cisco were considerably more than that. I don't remember exactly what the price was but it was somewhere around $700-$800 if memory serves. -Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 4:16 PM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] well the flash card is only $100 dls, that pretty cheap versus going and buying a pix -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kent Hundley Sent: Thursday, September 06, 2001 6:23 PM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] I have tried building the PIX from a PC in the past and the sticking point is getting the correct ISA flash card. Unless there is some magic you know of, the card has to support booting from certain memory addresses or it won't work. (or at least it didn't when I tried) The PIX actually loads its bios from the flash card, so without the correct flash card you won't get far. If you got your flash from a friend, did they get it from a PIX? If so, this is obviously "cheating" since the point of trying to build a PIX is that you don't have one to get the flash card from in the first place. If not, where did they get it and what is the manufacturer and model? Regards, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sean Young Sent: Wednesday, September 05, 2001 7:55 AM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] OK, I have been getting 256 emails for the past few days regarding how to build a PIX out of an old PC. Now for thos, who have all the spare parts, you just have to wait a tad longer until everyone in the group get their parts so that we can build the PIX together at once. Regarding the flash card, this is rather an old technology before the PCMCIA card the old machine use to store program instead of the hard-drive or other means. The flash card I am talking about is the one that looks like an old ISA video card that gets inserted into the ISA slot on the motherboard. Because PIX doesn't use hard-drive, this flash card is where the PIX IOS code resides. I don't know where to purchase it. I got this card from a friend of mine. Another thing, as I've mentioned before, the NICs have to be Intel Etherexpress model 82577 (one of those weird shape looking card) or the PIX will not work. Now these cards you can get on Ebay very cheaply. Regards, Mike Johnson [CCNP Security Specialist] >From: "Paul Jin" >Reply-To: "Paul Jin" >To: [EMAIL PROTECTED] >Subject: RE: how to build a pix firewall out of a PC box. [7:18335] >Date: Mon, 3 Sep 2001 18:06:45 -0400 > >Hey Mike, > >I am definitely interested. > >I am assuming than we can do this with almost any spare misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19086&t=18335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19091]
However, it appears that Ole wants to (correct me if I'm wrong) limit the bandwidth per DLCI. Is this true? If that's the case, unfortunately there is no way to do this on the router. When you order a FR circuit, you are typically ordering a T1 for layer 1 so you really are just getting 1 "pipe" capable of flowing 768k. The DLCIs converge into this pipe in a logical fashion, not a physical one, hence the layer 2 stuff (FR encapsulation) needed at this point. --- Rik Guyler -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 11:21 PM To: [EMAIL PROTECTED] Subject: RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19081] Ole, my man, you are trying to outsmart yourself, and you're a pretty smart guy ;-> Your T1 module is for the telco interface only. You purchased 768K, it appears. Your DLCI's / PVC's will share that 768K with no further layer 1 actions on your part once you have properly configured the layer one stuff - the timeslots and B8ZS and ESF and yellow alarm and loopback and clock source, you are done with the service module. All that remains is assigning the DLCI's to the appropriate subinterface, and IP addressing for the PVC's, and you are on your way. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ole Drews Jensen Sent: Friday, September 07, 2001 3:11 PM To: [EMAIL PROTECTED] Subject: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19057] I am now on unknown territory, where no man in my shoes has walked before. I have a Frame Relay scenario being setup, and my host router has just received the green light from the provider. The Frame Relay host uses 12 channels, and connects on three PVC's to three branch offices, each with 4 channels. I searched and found the answer on how to setup the channels on cisco's site: router(config-if)#service-module t1 timeslots 1-12 but will I have to do that for my three sub interfaces also? Example: router(config)#int s0/0 router(config-if)#service-module t1 timeslots 1-12 router(config-if)#int s0/0.101 point-to-point router(config-subif)#frame-relay interface-dlci 101 router(config-subif)#service-module t1 timeslots 1-4 router(config-subif)#int s0/0.102 point-to-point router(config-subif)#frame-relay interface-dlci 102 router(config-subif)#service-module t1 timeslots 5-8 router(config-subif)#int s0/0.103 point-to-point router(config-subif)#frame-relay interface-dlci 103 router(config-subif)#service-module t1 timeslots 9-12 Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19091&t=19091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: One Journalist's Opinion of CCIE [7:18843]
Actually, it's likely the lawyer fresh out of lawschool will do a better job than the cratchety old lawyer that's had a few years to become jaded by the system or to get an over-inflated view of themselves. The new kid on the block has something to prove so he'll go that extra mile to do a superb job. Did I mention I used to head up an IT division at a major Canadian law firm? (-: My point is... experience doesn't always matter. Brilliance and the willingness to do a good job can compensate quite well for experience. > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Chuck Larrieu > Sent: Friday, September 07, 2001 10:48 PM > To: [EMAIL PROTECTED] > Subject: RE: One Journalist's Opinion of CCIE [7:18843] > > > hey, Brad, aren't you the guy who was complaining on the other list about > what the one day lab would end up doing? ;-> > > may I point out that the CPA or the State Bar, or the real estate broker's > exam, for that matter, are very difficult, and only a small percentage of > takers pass first time through. So who do you want doing your taxes - the > guy fresh out of accounting school, or the guy with a few years > experience? > How about if you find yourself in court for one reason or > another? Want that > lawyer fresh out of law school who happened to pass the bar first try > through? Hey - he's smart enough! Isn't he? > > and for those wondering, I deliberately avoided using real estate broker > examples because the house its up for sale, and I don't care about > credentials, just as long as I get my price. Any CCIE's out there want to > come live in California? > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Brad Ellis > Sent: Friday, September 07, 2001 9:10 AM > To: [EMAIL PROTECTED] > Subject: Re: One Journalist's Opinion of CCIE [7:18843] > > > Chuck, > > Hi! Don't get me wrong, Im not saying CCIE's sh*t don't stink!!! > I know a > few CCIEs that I would let touch my network. However, I consider that the > EXCEPTION and not the RULE. As a general rule of thumb, I > consider the CCIE > level of knowledge and applicable skills to be higher than "minimal > competence." I suppose it really depends on your definition of "minimal > competence." I define minimal competence as someone who has a fundamental > understanding of networking with a small amount of hands-on experience. I > would generally classify a CCIE to have a more in-depth understanding of > networking fundamentals and quite a bit more hands-on experience than > someone with minimal competence. > > Mr. Seltzer's writing says that the average CCIE is minimally competent in > the product (I'd guess he was referring to Cisco). I think that's like > saying NBA basketball players are minimally competent basketball players. > To Michael Jordan that's probably true, but Im sure the general > public would > disagree. I suppose it really comes down to your definition of "minimal > competence." I have a great deal of respect for the majority of other > CCIE's who I have come in contact with and consider calling them minimally > competent to be an insult. > > -Brad Ellis > CCIE#5796 > > ""Chuck Larrieu"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > like everything else in this business, the answer is "it depends". > > > > sorry folks, but CCIE's are not gods who walk among us. > > > > I personally know several CCIE's who are top notch and > deserving of every > > dollar they get and every contract they land. > > > > I also personally know a couple who couldn't tell you how a packet gets > from > > one interface to another in a router. > > > > all the CCIE certification proves is that you have passed Cisco's lab > test. > > It does not prove one way or another whether you know jack about > networking. > > I suggest that there is a percentage of the 2000 or so who have attained > the > > cert since last year who did so only because they successfully memorized > > enough scenario configurations that they were able to luck their way > through > > when their lab closely resembled one of those scenarios they memorized. > > > > I personally know several folks who passed over the last 18 months whose > > only hands on experience was in their practice labs. Of these, all were > > pretty sharp dudes, by the way. > > > > From personal experience I can tell you that I saw absolutely nothing in > my > > lab that made me wish I'd spent more time reading RFC's, or > Comer, or any > of > > the other great books of the networking world. I saw plenty that made me > > wish I'd spent more time on certain practice materials readily available > ( I > > refer to the commercially available products. please do not > contact me for > > names and sources ) > > > > whenever this topic comes up, I see the same kinds of thought > processes as > I > > used to see in the days when people asked what good an English > degree did > > yo
RE: One Journalist's Opinion of CCIE [7:18843]
hey, Brad, aren't you the guy who was complaining on the other list about what the one day lab would end up doing? ;-> may I point out that the CPA or the State Bar, or the real estate broker's exam, for that matter, are very difficult, and only a small percentage of takers pass first time through. So who do you want doing your taxes - the guy fresh out of accounting school, or the guy with a few years experience? How about if you find yourself in court for one reason or another? Want that lawyer fresh out of law school who happened to pass the bar first try through? Hey - he's smart enough! Isn't he? and for those wondering, I deliberately avoided using real estate broker examples because the house its up for sale, and I don't care about credentials, just as long as I get my price. Any CCIE's out there want to come live in California? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brad Ellis Sent: Friday, September 07, 2001 9:10 AM To: [EMAIL PROTECTED] Subject: Re: One Journalist's Opinion of CCIE [7:18843] Chuck, Hi! Don't get me wrong, Im not saying CCIE's sh*t don't stink!!! I know a few CCIEs that I would let touch my network. However, I consider that the EXCEPTION and not the RULE. As a general rule of thumb, I consider the CCIE level of knowledge and applicable skills to be higher than "minimal competence." I suppose it really depends on your definition of "minimal competence." I define minimal competence as someone who has a fundamental understanding of networking with a small amount of hands-on experience. I would generally classify a CCIE to have a more in-depth understanding of networking fundamentals and quite a bit more hands-on experience than someone with minimal competence. Mr. Seltzer's writing says that the average CCIE is minimally competent in the product (I'd guess he was referring to Cisco). I think that's like saying NBA basketball players are minimally competent basketball players. To Michael Jordan that's probably true, but Im sure the general public would disagree. I suppose it really comes down to your definition of "minimal competence." I have a great deal of respect for the majority of other CCIE's who I have come in contact with and consider calling them minimally competent to be an insult. -Brad Ellis CCIE#5796 ""Chuck Larrieu"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > like everything else in this business, the answer is "it depends". > > sorry folks, but CCIE's are not gods who walk among us. > > I personally know several CCIE's who are top notch and deserving of every > dollar they get and every contract they land. > > I also personally know a couple who couldn't tell you how a packet gets from > one interface to another in a router. > > all the CCIE certification proves is that you have passed Cisco's lab test. > It does not prove one way or another whether you know jack about networking. > I suggest that there is a percentage of the 2000 or so who have attained the > cert since last year who did so only because they successfully memorized > enough scenario configurations that they were able to luck their way through > when their lab closely resembled one of those scenarios they memorized. > > I personally know several folks who passed over the last 18 months whose > only hands on experience was in their practice labs. Of these, all were > pretty sharp dudes, by the way. > > From personal experience I can tell you that I saw absolutely nothing in my > lab that made me wish I'd spent more time reading RFC's, or Comer, or any of > the other great books of the networking world. I saw plenty that made me > wish I'd spent more time on certain practice materials readily available ( I > refer to the commercially available products. please do not contact me for > names and sources ) > > whenever this topic comes up, I see the same kinds of thought processes as I > used to see in the days when people asked what good an English degree did > you in the job market. It isn't the degree. it's the intelligence behind it. > > hate to say it, kids, but the CCIE has no clothes. Experience is what really > matters. the certification to many is just a ticket, just the beginning. to > those with a lot of experience, it is merely a validation of the skill set. > in and of itself it is like any other piece of paper - representative of > something, but perhaps not representative of what you may think. > > Chuck > back to the pod - got lots to do before December 3 > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Don Claybrook > Sent: Thursday, September 06, 2001 11:32 AM > To: [EMAIL PROTECTED] > Subject: One Journalist's Opinion of CCIE [7:18843] > > > I just ran across this one in Fortune Small Business. Below is an excerpt. > The journalist (Larry Seltzer) is attempting to give tips on how to hire > technical consultants to do work for your small busin
RE: Question about Cisco's Hierarchical Model [7:19069]
The building block method works in the campus. The access layer switches are layer-2 devices. The distribution layer switches have routing capabilities (either built-in such as a RSM or router-on-a-stick.) The core may be layer-2 or layer-3. See Cisco LAN Switching by Clark and Hamilton Chapters 14 & 15. Pages 630-637 particularly. VLANs exist in each Switch Block. The routing function provides for communication between VLANs in the block. Each switch block has its own VTP domain. If the core is layer-2, the connecting links are access links not trunks. Therefore VTP information will not traverse the links to other Switch Blocks. (Clark p539) Communication between Switch Blocks is at layer-3 between/among the Distribution switches of the various blocks. > -Original Message- > From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 9:59 PM > To: [EMAIL PROTECTED] > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > Chuck, that's an excellent point. I've been thinking in > terms of Campus > core, but Daniel Cotts reference applies to an Enterprise > core. And I think > what he had to offer definitely works. If that's what Cisco > meant, then > does that mean that the hierarchical model only applies to enterprise > networks and not campus environments? > > I've been thinking campus core because the beginning of "The > Building Block > Approach" section of the BCMSN courseware talks about network building > blocks being "any one of the following fundamental campus elements or > contributing variables. Campus Elements: Switch block, Core Block". > > They're talking about a campus network environment--and in > that type of > situation, I don't quite see how to terminate VLANs at the > distribution > layer. > > > -- Leigh Anne > > PS. Where's Howard? I wonder if he's got any input on this. He's > definitely a design guru! > > > -Original Message- > > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 07, 2001 8:35 PM > > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > > > > Leigh Anne, suppose we were to distinguish between a > "campus core" and > > "enterprise core"? > > > > I have a campus of several buildings, and servers / > services distributed > > across them. VLAN's across this "campus core" make perfect sense. > > > > OTOH, even with centralized servers / services in corporate > data centers, > > VLAN's across multiple campus locations make no sense. > > > > I'm trying to get at a clarification of what is meant by > "core" in your > > question. > > > > Saw another post on another topic, but which might be > relevant. Maybe you > > could bridge across your core? > > > > Naw. Back to the coal mines. > > > > Chuck > > > > -Original Message- > > From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 07, 2001 7:26 PM > > To: Chuck Larrieu; [EMAIL PROTECTED] > > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > > > > Yes, a single device can represent the core and distribution > > layers. That's > > your typical collapsed core. However, what of a link between two > > collapsed > > core devices. If it's not a trunk link, how does it carry > traffic that > > originated in a VLAN? How do you truly terminate the VLAN at the > > distribution layer? > > > > I've got an idea, but I just can't solidify all the pieces > currently. > > > > I eagerly await Tony's answer. > > > > > > -- Leigh Anne > > > > > -Original Message- > > > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, September 07, 2001 8:15 PM > > > To: Leigh Anne Chisholm; [EMAIL PROTECTED] > > > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > > > > > > > got a link to a diagram, LA? > > > > > > seriously, recall that core and distribution do not have > to be separate > > > devices. your 4006's terminate on the gigabit cards on your > > > 6513's, and the > > > MLS module does the routing on your core? > > > > > > Tony M will have a practical answer to this one, BTW. I happen > > to know he > > > was intimately involved with just this kind of issue with a > > > certain company > > > in Sacrapimento. :-> > > > > > > Chuck > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > > > Leigh Anne > Chisholm > > > Sent: Friday, September 07, 2001 6:55 PM > > > To: [EMAIL PROTECTED] > > > Subject: Question about Cisco's Hierarchical Model [7:19069] > > > > > > > > > I've been going through the BCMSN course and I'm a bit baffled on > > > how to do > > > something. There's the statement that: > > > > > > Because VLANs terminate at the distribution device, core links > > > are not trunk > > > links and traffic is routed across the core. > > > > > > What I'm puzzled by is how to terminate a VLAN at the > > distribut
Is there any good books recommanded for lower 2 layers? [7:19087]
I am trying to learn more about the lower 2 layer tech like X.25, ATM, Frame Relay in more detail. Is there any good books recommanded? I am reading a book named "emerging communications technologies 2nd editon" of Uyless Black, and I think it is only an overview of the topics. Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19087&t=19087 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TCP 3 way Handshake ? [7:18794]
Heres some pix and router security tips.. http://www.cisco.com/warp/public/cc/pd/rt/2600/prodlit/flrrr_ov.htm Brian "Sonic" Whalen Success = Preparation + Opportunity On Thu, 6 Sep 2001, Stephane LITKOWSKI wrote: > Yes, it's vendor dependant. > > TCP protocol doesn't specify any connection timeout. > A TCP connection can be alive forever. > > So the application (client or server side) must manage timeout, if needed > and send a TCP reset. > > ""Phil Barker"" a icrit dans le message news: > [EMAIL PROTECTED] > > I thought that would grab your attention Priscilla > > hehehe. > > > > I need to grant Terminal Service Access from anyone > > (internet) to a well known TCP port of a destination > > IP Server address x.x.x.x > > > > This is implemented as a permit on the PIX F/W. > > > > My problem is that I can telnet that well known port > > and the Server generates an Error Message "Error : > > Must Authenticate first." > > > > Obviously, I am open to a denial of service attack. > > > > I am attempting to rectify the Server Message issue by > > displaying a blank screen for this instance. > > > > However, my real question is : When I telnet the well > > known port, I can see the 3-WAY-HANDSHAKE with my > > Sniffer. How long will the connection be established > > for ? My gut feeling is that this will be vendor > > dependant as either side can Reset or Tear down the > > TCP connection, but a rough idea would do. > > > > Phil. > > > > > > > > > > Do You Yahoo!? > > Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk > > or your free @yahoo.ie address at http://mail.yahoo.ie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19085&t=18794 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access list question [7:19005]
the third line ( implicit deny - cannot be seen by people who have not studied access-lists ;-> ) will block everything else -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Joshua Vince Sent: Friday, September 07, 2001 10:40 AM To: [EMAIL PROTECTED] Subject: RE: access list question [7:19005] The first one will deny multicast packets from entering the interface. The second will prevent broadcasts from entering the interface. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 1:16 PM To: [EMAIL PROTECTED] Subject: access list question [7:19005] any one know what will be the result of it its an inbound acl access-list 100 deny ip 224.0.0.0 31.255.255.255 any access-list 100 deny ip host 0.0.0.0 any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19084&t=19005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question on routing [7:19083]
Hi All, I ran into a scenario below and I am not sure what path router A will choose to reach the destination network, 10.50.0.0 / 255.255.0.0, on router B. 10.1.1.1 / 255.255.0.0 | --S0- Router A-S1- || || || || --S0-Router B- S1-- | E0 = 10.50.1.1 / 255.255.0.0 --- Router A configuration: Interface serial 0 ip address 172.16.1.1 255.255.255.0 no shut Interface Serial 1 ip address 172.16.2.1 255.255.255.0 no shut Interface Ethernet 0 ip address 10.1.1.1 255.255.0.0 EIGRP 200 network 172.16.1.0 network 10.0.0.0 no auto-summary ip classless ip route 10.48.0.0 255.224.0.0 serial 1 Router B configuration Interface serial 0 ip address 172.16.1.2 255.255.255.0 no shut Interface Serial 1 ip address 172.16.2.2 255.255.255.0 no shut Interface Ethernet 0 ip address 10.50.1.1 255.255.0.0 no shut EIGRP 200 network 172.16.1.0 network 172.16.2.0 network 10.0.0.0 no auto-summary -- In this scenario, I assume router B knows how to reach 10.1.1.1 using both serial ports with EIGRP (administrative distance = 90). Router A has two paths to reach 10.50.1.1 destination: 1st path is learned through EIGRP with administrative distance of 90; the 2nd path is with the static route with network 10.48.0.0 and subnet mask of 255.224.0.0 or 12 bits. If I am not wrong, 10.48.0.0 / 255.224.0.0 will cover a range of IP addresses from 10.48.0.0 to 10.63.255.255; therefore, 10.50.1.1 falls into this scope. If I do the "show ip route", I will see both routes 10.50.0.0 / 16 and 10.48.0.0 / 12. My questions are: 1. With those 2 paths to reach 10.50.1.1, which path Router A will choose as a primary path? 2. If the path between 2 serial 0 of the 2 routers is down, Can router A reach 10.50.1.1 on router B with such a static route? Thanks All! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19083&t=19083 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: web pages not loading (from certain networks) but not a [7:19082]
No, can't be. They can get the page when the traffic is encrypted. I'd say that there's some sort of signature in the web page that's being blocked by an antivirus screening agent. When the traffic gets encrypted, whatever is causing the traffic to be dropped isn't being seen. During the resend of the blocked frames, the traffic is taking a different route bypassing the antivirus screener. > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Daniel Cotts > Sent: Friday, September 07, 2001 9:13 PM > To: [EMAIL PROTECTED] > Subject: RE: web pages not loading (from certain networks) but not a > [7:19080] > > > Quick hip shot would be to look at DNS. If they use an ip address > instead of > an URL will the web page load? > > > -Original Message- > > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 07, 2001 9:40 PM > > To: [EMAIL PROTECTED] > > Subject: FW: web pages not loading (from certain networks) but not a > > [7:19074] > > > > > > Saw this one on NANOG today. Any of you troubleshooting gurus > > want to take a > > crack? > > > > ( BTW, I believe I saw this problem myself today. OTOH, my > > issue could have > > been related to that stupid proxy my employer now makes me use. ;-> ) > > > > I'll post the answer the NANOG folks suggested later this weekend. > > > > Chuck > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On > > Behalf Of > > Nanog > > Sent: Friday, September 07, 2001 7:52 AM > > To: [EMAIL PROTECTED] > > Subject: web pages not loading (from certain networks) but > > not a routing > > issue. > > > > > > > > Ok guys, > > > > Interesting problem that seems to have started on Friday. > > > > Here's the deal, it seems that certain (not all) web pages on > > various sites > > we host are not loading for certain customers. It started on > > Friday with > > visitors on Verizon DSL waiting forever for pages to load. > > > > Yesterday and today PacBell DSL and some Netcom customers started > > complaining. > > > > This only seems to occur on HTTP traffic. If we have the > > visitors try HTTPS > > the pages load fine (with the normal encryption slowdown). > > > > We've looked at Layers 1-4, and can't see any problems, ping > > looks great, > > interfaces and cpus on routers, servers and switches look fine. > > > > It's almost like it's a transparent cache "bug". Anyone know > > if Inktomi, or > > any major cache vendors rolled out any new code this week? > > > > For that matter does anyone know what caches Verizon and SBC use for > > starters? > > > > Other variables: it only seems to occur on IIS based systems > > (I know I know, > > no flame wars or suggestions for replacements). Although it's > > not happening > > on all of our IIS servers. > > > > Any clues are greatly appreciated. > > > > Steve > > Report misconduct > > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19082&t=19082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19081]
Ole, my man, you are trying to outsmart yourself, and you're a pretty smart guy ;-> Your T1 module is for the telco interface only. You purchased 768K, it appears. Your DLCI's / PVC's will share that 768K with no further layer 1 actions on your part once you have properly configured the layer one stuff - the timeslots and B8ZS and ESF and yellow alarm and loopback and clock source, you are done with the service module. All that remains is assigning the DLCI's to the appropriate subinterface, and IP addressing for the PVC's, and you are on your way. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ole Drews Jensen Sent: Friday, September 07, 2001 3:11 PM To: [EMAIL PROTECTED] Subject: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19057] I am now on unknown territory, where no man in my shoes has walked before. I have a Frame Relay scenario being setup, and my host router has just received the green light from the provider. The Frame Relay host uses 12 channels, and connects on three PVC's to three branch offices, each with 4 channels. I searched and found the answer on how to setup the channels on cisco's site: router(config-if)#service-module t1 timeslots 1-12 but will I have to do that for my three sub interfaces also? Example: router(config)#int s0/0 router(config-if)#service-module t1 timeslots 1-12 router(config-if)#int s0/0.101 point-to-point router(config-subif)#frame-relay interface-dlci 101 router(config-subif)#service-module t1 timeslots 1-4 router(config-subif)#int s0/0.102 point-to-point router(config-subif)#frame-relay interface-dlci 102 router(config-subif)#service-module t1 timeslots 5-8 router(config-subif)#int s0/0.103 point-to-point router(config-subif)#frame-relay interface-dlci 103 router(config-subif)#service-module t1 timeslots 9-12 Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19081&t=19081 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: web pages not loading (from certain networks) but not a [7:19080]
Quick hip shot would be to look at DNS. If they use an ip address instead of an URL will the web page load? > -Original Message- > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 9:40 PM > To: [EMAIL PROTECTED] > Subject: FW: web pages not loading (from certain networks) but not a > [7:19074] > > > Saw this one on NANOG today. Any of you troubleshooting gurus > want to take a > crack? > > ( BTW, I believe I saw this problem myself today. OTOH, my > issue could have > been related to that stupid proxy my employer now makes me use. ;-> ) > > I'll post the answer the NANOG folks suggested later this weekend. > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On > Behalf Of > Nanog > Sent: Friday, September 07, 2001 7:52 AM > To: [EMAIL PROTECTED] > Subject: web pages not loading (from certain networks) but > not a routing > issue. > > > > Ok guys, > > Interesting problem that seems to have started on Friday. > > Here's the deal, it seems that certain (not all) web pages on > various sites > we host are not loading for certain customers. It started on > Friday with > visitors on Verizon DSL waiting forever for pages to load. > > Yesterday and today PacBell DSL and some Netcom customers started > complaining. > > This only seems to occur on HTTP traffic. If we have the > visitors try HTTPS > the pages load fine (with the normal encryption slowdown). > > We've looked at Layers 1-4, and can't see any problems, ping > looks great, > interfaces and cpus on routers, servers and switches look fine. > > It's almost like it's a transparent cache "bug". Anyone know > if Inktomi, or > any major cache vendors rolled out any new code this week? > > For that matter does anyone know what caches Verizon and SBC use for > starters? > > Other variables: it only seems to occur on IIS based systems > (I know I know, > no flame wars or suggestions for replacements). Although it's > not happening > on all of our IIS servers. > > Any clues are greatly appreciated. > > Steve > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19080&t=19080 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about Cisco's Hierarchical Model [7:19069]
Chuck, that's an excellent point. I've been thinking in terms of Campus core, but Daniel Cotts reference applies to an Enterprise core. And I think what he had to offer definitely works. If that's what Cisco meant, then does that mean that the hierarchical model only applies to enterprise networks and not campus environments? I've been thinking campus core because the beginning of "The Building Block Approach" section of the BCMSN courseware talks about network building blocks being "any one of the following fundamental campus elements or contributing variables. Campus Elements: Switch block, Core Block". They're talking about a campus network environment--and in that type of situation, I don't quite see how to terminate VLANs at the distribution layer. -- Leigh Anne PS. Where's Howard? I wonder if he's got any input on this. He's definitely a design guru! > -Original Message- > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 8:35 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > Leigh Anne, suppose we were to distinguish between a "campus core" and > "enterprise core"? > > I have a campus of several buildings, and servers / services distributed > across them. VLAN's across this "campus core" make perfect sense. > > OTOH, even with centralized servers / services in corporate data centers, > VLAN's across multiple campus locations make no sense. > > I'm trying to get at a clarification of what is meant by "core" in your > question. > > Saw another post on another topic, but which might be relevant. Maybe you > could bridge across your core? > > Naw. Back to the coal mines. > > Chuck > > -Original Message- > From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 7:26 PM > To: Chuck Larrieu; [EMAIL PROTECTED] > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > Yes, a single device can represent the core and distribution > layers. That's > your typical collapsed core. However, what of a link between two > collapsed > core devices. If it's not a trunk link, how does it carry traffic that > originated in a VLAN? How do you truly terminate the VLAN at the > distribution layer? > > I've got an idea, but I just can't solidify all the pieces currently. > > I eagerly await Tony's answer. > > > -- Leigh Anne > > > -Original Message- > > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 07, 2001 8:15 PM > > To: Leigh Anne Chisholm; [EMAIL PROTECTED] > > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > > > > got a link to a diagram, LA? > > > > seriously, recall that core and distribution do not have to be separate > > devices. your 4006's terminate on the gigabit cards on your > > 6513's, and the > > MLS module does the routing on your core? > > > > Tony M will have a practical answer to this one, BTW. I happen > to know he > > was intimately involved with just this kind of issue with a > > certain company > > in Sacrapimento. :-> > > > > Chuck > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Leigh Anne Chisholm > > Sent: Friday, September 07, 2001 6:55 PM > > To: [EMAIL PROTECTED] > > Subject: Question about Cisco's Hierarchical Model [7:19069] > > > > > > I've been going through the BCMSN course and I'm a bit baffled on > > how to do > > something. There's the statement that: > > > > Because VLANs terminate at the distribution device, core links > > are not trunk > > links and traffic is routed across the core. > > > > What I'm puzzled by is how to terminate a VLAN at the > distribution layer. > > What am I missing here? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19079&t=19069 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about Cisco's Hierarchical Model [7:19069]
Leigh Anne, suppose we were to distinguish between a "campus core" and "enterprise core"? I have a campus of several buildings, and servers / services distributed across them. VLAN's across this "campus core" make perfect sense. OTOH, even with centralized servers / services in corporate data centers, VLAN's across multiple campus locations make no sense. I'm trying to get at a clarification of what is meant by "core" in your question. Saw another post on another topic, but which might be relevant. Maybe you could bridge across your core? Naw. Back to the coal mines. Chuck -Original Message- From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 7:26 PM To: Chuck Larrieu; [EMAIL PROTECTED] Subject: RE: Question about Cisco's Hierarchical Model [7:19069] Yes, a single device can represent the core and distribution layers. That's your typical collapsed core. However, what of a link between two collapsed core devices. If it's not a trunk link, how does it carry traffic that originated in a VLAN? How do you truly terminate the VLAN at the distribution layer? I've got an idea, but I just can't solidify all the pieces currently. I eagerly await Tony's answer. -- Leigh Anne > -Original Message- > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 8:15 PM > To: Leigh Anne Chisholm; [EMAIL PROTECTED] > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > got a link to a diagram, LA? > > seriously, recall that core and distribution do not have to be separate > devices. your 4006's terminate on the gigabit cards on your > 6513's, and the > MLS module does the routing on your core? > > Tony M will have a practical answer to this one, BTW. I happen to know he > was intimately involved with just this kind of issue with a > certain company > in Sacrapimento. :-> > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Leigh Anne Chisholm > Sent: Friday, September 07, 2001 6:55 PM > To: [EMAIL PROTECTED] > Subject: Question about Cisco's Hierarchical Model [7:19069] > > > I've been going through the BCMSN course and I'm a bit baffled on > how to do > something. There's the statement that: > > Because VLANs terminate at the distribution device, core links > are not trunk > links and traffic is routed across the core. > > What I'm puzzled by is how to terminate a VLAN at the distribution layer. > What am I missing here? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19078&t=19069 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about Cisco's Hierarchical Model [7:19069]
Each Switch Block is its own VTP Domain. VLAN info is confined on purpose. - as opposed to the flat earth model of switch design where VLANs span the Enterprise. > -Original Message- > From: Leigh Anne Chisholm [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 8:55 PM > To: [EMAIL PROTECTED] > Subject: Question about Cisco's Hierarchical Model [7:19069] > > > I've been going through the BCMSN course and I'm a bit > baffled on how to do > something. There's the statement that: > > Because VLANs terminate at the distribution device, core > links are not trunk > links and traffic is routed across the core. > > What I'm puzzled by is how to terminate a VLAN at the > distribution layer. > What am I missing here? > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19077&t=19069 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boot image from the PCMCIA card [7:19076]
Hi All, My Cisco 3620 router has both internal flash SIMM and the external PCMCIA flash card. Each flash hold a different version of the IOS image. If I want the router to boot from the IOS image from the PCMCIA card, what boot system command should I use? Thanks! Thomas N. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19076&t=19076 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about Cisco's Hierarchical Model [7:19069]
Yes, a single device can represent the core and distribution layers. That's your typical collapsed core. However, what of a link between two collapsed core devices. If it's not a trunk link, how does it carry traffic that originated in a VLAN? How do you truly terminate the VLAN at the distribution layer? I've got an idea, but I just can't solidify all the pieces currently. I eagerly await Tony's answer. -- Leigh Anne > -Original Message- > From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 8:15 PM > To: Leigh Anne Chisholm; [EMAIL PROTECTED] > Subject: RE: Question about Cisco's Hierarchical Model [7:19069] > > > got a link to a diagram, LA? > > seriously, recall that core and distribution do not have to be separate > devices. your 4006's terminate on the gigabit cards on your > 6513's, and the > MLS module does the routing on your core? > > Tony M will have a practical answer to this one, BTW. I happen to know he > was intimately involved with just this kind of issue with a > certain company > in Sacrapimento. :-> > > Chuck > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Leigh Anne Chisholm > Sent: Friday, September 07, 2001 6:55 PM > To: [EMAIL PROTECTED] > Subject: Question about Cisco's Hierarchical Model [7:19069] > > > I've been going through the BCMSN course and I'm a bit baffled on > how to do > something. There's the statement that: > > Because VLANs terminate at the distribution device, core links > are not trunk > links and traffic is routed across the core. > > What I'm puzzled by is how to terminate a VLAN at the distribution layer. > What am I missing here? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19075&t=19069 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: web pages not loading (from certain networks) but not a [7:19074]
Saw this one on NANOG today. Any of you troubleshooting gurus want to take a crack? ( BTW, I believe I saw this problem myself today. OTOH, my issue could have been related to that stupid proxy my employer now makes me use. ;-> ) I'll post the answer the NANOG folks suggested later this weekend. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Nanog Sent: Friday, September 07, 2001 7:52 AM To: [EMAIL PROTECTED] Subject: web pages not loading (from certain networks) but not a routing issue. Ok guys, Interesting problem that seems to have started on Friday. Here's the deal, it seems that certain (not all) web pages on various sites we host are not loading for certain customers. It started on Friday with visitors on Verizon DSL waiting forever for pages to load. Yesterday and today PacBell DSL and some Netcom customers started complaining. This only seems to occur on HTTP traffic. If we have the visitors try HTTPS the pages load fine (with the normal encryption slowdown). We've looked at Layers 1-4, and can't see any problems, ping looks great, interfaces and cpus on routers, servers and switches look fine. It's almost like it's a transparent cache "bug". Anyone know if Inktomi, or any major cache vendors rolled out any new code this week? For that matter does anyone know what caches Verizon and SBC use for starters? Other variables: it only seems to occur on IIS based systems (I know I know, no flame wars or suggestions for replacements). Although it's not happening on all of our IIS servers. Any clues are greatly appreciated. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19074&t=19074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cheapest place to buy Transceivers.. [7:19061]
Talk to me off-line and I will let you know. Kelly D Griffin, CCDA, CCNA Network Engineer Kg2 Network Design http://kg2.com 877.418.4025 Toll-Free 501.418.4026 Fax -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, September 07, 2001 5:49 PM To: [EMAIL PROTECTED] Subject: Cheapest place to buy Transceivers.. [7:19061] I need to order 3 ethernet transceivers...for my 2500 routers...where is the cheapest place i can get that at? http://kg2.com 8Mb Flash for Cisco 2500 series routers for $47 16Mb DRAM for Cisco 2500 series routers for $24 Back-to-Back cables starting at $24 Octal cables for Cisco 2509 and 2511 for $28 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19073&t=19061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question about Cisco's Hierarchical Model [7:19069]
got a link to a diagram, LA? seriously, recall that core and distribution do not have to be separate devices. your 4006's terminate on the gigabit cards on your 6513's, and the MLS module does the routing on your core? Tony M will have a practical answer to this one, BTW. I happen to know he was intimately involved with just this kind of issue with a certain company in Sacrapimento. :-> Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Leigh Anne Chisholm Sent: Friday, September 07, 2001 6:55 PM To: [EMAIL PROTECTED] Subject: Question about Cisco's Hierarchical Model [7:19069] I've been going through the BCMSN course and I'm a bit baffled on how to do something. There's the statement that: Because VLANs terminate at the distribution device, core links are not trunk links and traffic is routed across the core. What I'm puzzled by is how to terminate a VLAN at the distribution layer. What am I missing here? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19072&t=19069 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Road Runner & 2514 [7:18901]
I had MediaVision (now ATT Broadband) so I think I was a RR customer too. I had a similar setup(2611) and a similar problem, I found out that they lock down your MAC address somehow in their DHCP database. So I spoofed my "outside" mac address on my router. As you can see I also was providing Nat translation for my home network. This worked great, I dumped it however in favor of DSL and some static addresses. What I find odd about your debug output is that the so called bridge is using a RFC1918 private address, this would make me think that it may not be a bridge?? You may want to take a sniffer trace of the interaction between your Win98 box and the Bridge as it aquires its address. Ethereal is free if you don't have one. My old home config: interface Ethernet0/1 description connected to Internet mac-address 0060.9720.5855 ip address dhcp ip nat outside half-duplex no cdp enable Hope this helps! Cassidy D. Smith Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19071&t=18901 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: THE KEY: regarding cisco and SecureCRT softwa [7:18979]
SecureCRT is a great, but PUTTY is free and works quite well. I use it regularly when I get stuck with a Windows machine. Check it out: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html Cassidy D. Smith Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19070&t=18979 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question about Cisco's Hierarchical Model [7:19069]
I've been going through the BCMSN course and I'm a bit baffled on how to do something. There's the statement that: Because VLANs terminate at the distribution device, core links are not trunk links and traffic is routed across the core. What I'm puzzled by is how to terminate a VLAN at the distribution layer. What am I missing here? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19069&t=19069 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Scripting to Reload a Router ??? [7:19068]
Is there any way to build a script via notepad that one could cut & paste in the appropriate commands in to do a "write erase" and "reload" without user intervention? Or will the associated prompts not allow cut & pasting without manually depressing the "enter key"? I can't seem to get pass the. "Erasing the NVRAM filesystem will remove all files! Continue? [confirm]" and the "Proceed with reload? [confirm]" prompts. Stefan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19068&t=19068 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: delete subinterface [7:18346]
As far as I know, it is due to IDB allocation . . . Cheers , Henrique Terada At 22:44 03/09/2001 -0400, Ednilson Rosa wrote: >You need to do a reload after removing it. > >ER >- Original Message - >From: "Md Nazri" >To: >Sent: Monday, September 03, 2001 10:54 PM >Subject: delete subinterface [7:18346] > > >hi all, > >how do i delete the sub-interface..? i tried using 'no sub#', but when i do >'sh ip int brie' it still give the sub# with status deleted...any help >appreciated > >TQ > >nazri >telekom malaysia Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19067&t=18346 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to build a pix firewall out of a PC box. [7:18335]
Where did you find this for $100? I can't seem to find a used 16MB ISA falsh card and new ones are like $715.00. Jeff -Original Message- From: george gittins [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 4:16 PM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] well the flash card is only $100 dls, that pretty cheap versus going and buying a pix -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kent Hundley Sent: Thursday, September 06, 2001 6:23 PM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] I have tried building the PIX from a PC in the past and the sticking point is getting the correct ISA flash card. Unless there is some magic you know of, the card has to support booting from certain memory addresses or it won't work. (or at least it didn't when I tried) The PIX actually loads its bios from the flash card, so without the correct flash card you won't get far. If you got your flash from a friend, did they get it from a PIX? If so, this is obviously "cheating" since the point of trying to build a PIX is that you don't have one to get the flash card from in the first place. If not, where did they get it and what is the manufacturer and model? Regards, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sean Young Sent: Wednesday, September 05, 2001 7:55 AM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] OK, I have been getting 256 emails for the past few days regarding how to build a PIX out of an old PC. Now for thos, who have all the spare parts, you just have to wait a tad longer until everyone in the group get their parts so that we can build the PIX together at once. Regarding the flash card, this is rather an old technology before the PCMCIA card the old machine use to store program instead of the hard-drive or other means. The flash card I am talking about is the one that looks like an old ISA video card that gets inserted into the ISA slot on the motherboard. Because PIX doesn't use hard-drive, this flash card is where the PIX IOS code resides. I don't know where to purchase it. I got this card from a friend of mine. Another thing, as I've mentioned before, the NICs have to be Intel Etherexpress model 82577 (one of those weird shape looking card) or the PIX will not work. Now these cards you can get on Ebay very cheaply. Regards, Mike Johnson [CCNP Security Specialist] >From: "Paul Jin" >Reply-To: "Paul Jin" >To: [EMAIL PROTECTED] >Subject: RE: how to build a pix firewall out of a PC box. [7:18335] >Date: Mon, 3 Sep 2001 18:06:45 -0400 > >Hey Mike, > >I am definitely interested. > >I am assuming than we can do this with almost any spare misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19066&t=18335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How can I change the default type of LSA 5 to E1 i [7:18957]
Hello sami, probably the best way to do what you're asking would be to set the type 5 type (E1 or E2) when and where you do the actual redistribution... ie: redistribute igrp 1 metric-type 1 but that wasn't really your question... I don't think that you would want to try to change the default type of all external routes to a type 1 on a single router even if you could (just don't think it's possible), as it would conflict with the rest of the area's type 5's. So, if you want to change to type 1's do it wherever you redistribute. hth, Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19065&t=18957 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX & Citrix/nfuse access [7:18938]
on the pix make 2 conduit entries for tcp traffic on port 1494 and udp traffic on port 1494. This will enable users to uses Citrix Program Neigborhood to connect to the Citrix Server. If you want them to use NFuse you have to have Citrix Service Pack 2 Installed (or the 3, the newest SP) that supports XML. Then on the Web server that is going to host NFuse install the NFuse application and uses XML port 80. When this is done all you have to do at the PIX is make a conduit entry permitting port 80 to the web server. I have done this many times like this and it works great. -Original Message- From: Jeff Smith Sent: Fri 9/7/2001 8:05 AM To: [EMAIL PROTECTED] Cc: Subject: Re: PIX & Citrix/nfuse access [7:18938] I am pretty sure that Citrix uses port 1604 also. >From: "[EMAIL PROTECTED]" >Reply-To: "[EMAIL PROTECTED]" >To: [EMAIL PROTECTED] >Subject: Re: PIX & Citrix/nfuse access [7:18938] >Date: Fri, 7 Sep 2001 10:23:19 -0400 > >make a static mapping > >static (inside,outside) >conduit permit tcp glbol ip add (citrix port ) 1494 i guess and 80 for web > >shd work fine >- Original Message - >From: "Matthew Tayler" >To: >Sent: Friday, September 07, 2001 2:18 PM >Subject: PIX & Citrix/nfuse access [7:18938] > > > > Has anybody any experience on how I can allow remote workers using > > Citrix/nfuse through a PIX to access internal servers please. > > > > I have tried using the notes from citrix but they cannot help further >and > > all I get when making the connection is a long delay and timeout. > > > > The idea is our home workers go to the site home page and hit a link >which > > redirects them to the Citrix/nfuse server, where they login. > > > > I am not a Citrix expert and the in house Citrix guys are saying that >any > > problems are on the PIX. They are talking about kicking PIX out and just > > using some freebi firewall from microsoft. > > > > Any help or config extracts would be appreciated _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp [EMAIL PROTECTED] [GroupStudy.com removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19064&t=18938 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cheapest place to buy Transceivers.. [7:19061]
I picked up brand new ones from buy.com for $13 each. Cheaper than used ones on ebay. Brand is Startech, model Li10bt. Mark -Original Message- From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 6:49 PM To: [EMAIL PROTECTED] Subject:Cheapest place to buy Transceivers.. [7:19061] I need to order 3 ethernet transceivers...for my 2500 routers...where is the cheapest place i can get that at? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19063&t=19061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to erase all the previous configuration on [7:18908]
clear config all if you reboot after that, it's gone for good... -Original Message- From: "Albert Y. Pak" To: [EMAIL PROTECTED] Date: Thu, 6 Sep 2001 21:20:16 -0400 Subject: How to erase all the previous configuration on Cat [7:18876] Hi all, Recently, I purchased a Supervisor Engine II on eBay. And I would like to erase all the previous configuration. How do I do that? I have searched on Cisco web site but I don't find any documentations. Thanks, Albert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18908&t=18908 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF over Frame-Relay - Interface-DLCI vs. Map [7:18917]
When you are using frame relay on a physical interface or p2m subintf, Map statement tells the router which PVC/DLCI to use when sending packets to a destination ip address. for example, frame map ip 10.10.10.1 200 frame map ip 20.20.20.1 201 These statements tell the router that to send packets to 10.10.10.1, use the PVC that is configured for DLCI 200. But, To get to 20.20.20.1, this time, send the packet to the PVC that is configured to 201. These statements are there because unlike a true point to point serial interface, you actually have multiple logical connections (PVCs) on this 1 physical interface. Because of this, you need to help the router distinguish which PVC should be used to get to one of the many remote sites. Now when you use a subinterface, what happens is that the router configures a logical interface, under the physical interface that is treated like a point to point serial link. In this type of of situation, you do not need to do any map statements because, in theory, there can be only one remote end router. Compared to when you just use the physical interface and have 5 PVCs terminated on the physical. The only additional thing you have to do on the subintf is that you use the interface dlci xxx command under the p2p subintf to tell it which DLCI this subintf belongs to. If you want to do a comparison, we can use a common telephone. you have 1 phone line coming into the house into 1 phone. Even though you have only 1 phone/phone line(physical serial interface), by utilizing the different phone numbers, you can call many different people because for each diff phone number(DLCI), phone and the phone company will create a logical/virtual connection(PVC) to the other phone... so instead of saying frame map ip 10.10.10.1 200, we have phone map john 555.1212 phone map bill 555.2525, which means, to talk to john on the phone, use the number 555.1212 And later, what you do is just run a single line (p2p subintf) to john's house direct and you run a single phone line to Bill's house direct. In this situation, all you need to do is just mark (intf dlci xxx) somewhere on the phone line which of the phone lines goes to john's and which one goes to Bill's. hope this helped and I did not ramble on stuff that did not make sense. Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18927&t=18917 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: how to build a pix firewall out of a PC box. [7:18335]
I acutally have an old Pix ISA flash card that I removed to install the 16 Meg flash. I have tried it on another motherboard, but it comes up with errors and just keeps rebooting. I am not sure if it has to do with the network cards or not. I can watch it from the serial port (console), and it gives me an error, then displays the config, a bunch of other stuff, and reboots. Don - Original Message - From: "Kent Hundley" To: Sent: Thursday, September 06, 2001 8:22 PM Subject: RE: how to build a pix firewall out of a PC box. [7:18335] > I have tried building the PIX from a PC in the past and the sticking point > is getting the correct ISA flash card. Unless there is some magic you know > of, the card has to support booting from certain memory addresses or it > won't work. (or at least it didn't when I tried) The PIX actually loads its > bios from the flash card, so without the correct flash card you won't get > far. > > If you got your flash from a friend, did they get it from a PIX? If so, > this is obviously "cheating" since the point of trying to build a PIX is > that you don't have one to get the flash card from in the first place. If > not, where did they get it and what is the manufacturer and model? > > Regards, > Kent Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18946&t=18335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to erase all the previous configuration on [7:18947]
Try clear config all Don - Original Message - From: "Albert Y. Pak" To: Sent: Thursday, September 06, 2001 8:20 PM Subject: How to erase all the previous configuration on Cat [7:18876] > Hi all, > Recently, I purchased a Supervisor Engine II on eBay. And I would like to > erase all the previous configuration. How do I do that? I have searched on > Cisco web site but I don't find any documentations. > Thanks, > Albert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18947&t=18947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How can I change the default type of LSA 5 to [7:19000]
Add the "metric type 1" to the end of your redistribution command. Such as "Redistribute connected metric XXX metric-type 1" ""sami natour"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > can somebody help me and tell me the command to change > the default type of LSA 5 to E1 in OSPF ? > > Best Regards , > sami , > > > __ > Do You Yahoo!? > Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger > http://im.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19000&t=19000 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to build a pix firewall out of a PC box. [7:18335]
well the flash card is only $100 dls, that pretty cheap versus going and buying a pix -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kent Hundley Sent: Thursday, September 06, 2001 6:23 PM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] I have tried building the PIX from a PC in the past and the sticking point is getting the correct ISA flash card. Unless there is some magic you know of, the card has to support booting from certain memory addresses or it won't work. (or at least it didn't when I tried) The PIX actually loads its bios from the flash card, so without the correct flash card you won't get far. If you got your flash from a friend, did they get it from a PIX? If so, this is obviously "cheating" since the point of trying to build a PIX is that you don't have one to get the flash card from in the first place. If not, where did they get it and what is the manufacturer and model? Regards, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sean Young Sent: Wednesday, September 05, 2001 7:55 AM To: [EMAIL PROTECTED] Subject: RE: how to build a pix firewall out of a PC box. [7:18335] OK, I have been getting 256 emails for the past few days regarding how to build a PIX out of an old PC. Now for thos, who have all the spare parts, you just have to wait a tad longer until everyone in the group get their parts so that we can build the PIX together at once. Regarding the flash card, this is rather an old technology before the PCMCIA card the old machine use to store program instead of the hard-drive or other means. The flash card I am talking about is the one that looks like an old ISA video card that gets inserted into the ISA slot on the motherboard. Because PIX doesn't use hard-drive, this flash card is where the PIX IOS code resides. I don't know where to purchase it. I got this card from a friend of mine. Another thing, as I've mentioned before, the NICs have to be Intel Etherexpress model 82577 (one of those weird shape looking card) or the PIX will not work. Now these cards you can get on Ebay very cheaply. Regards, Mike Johnson [CCNP Security Specialist] >From: "Paul Jin" >Reply-To: "Paul Jin" >To: [EMAIL PROTECTED] >Subject: RE: how to build a pix firewall out of a PC box. [7:18335] >Date: Mon, 3 Sep 2001 18:06:45 -0400 > >Hey Mike, > >I am definitely interested. > >I am assuming than we can do this with almost any spare misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18954&t=18335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF authentication question. [7:18813]
could be something to do with the defaults for the IOS. default for some IOS is clear tect, and some version IOS is encrypted. Jason > -Original Message- > From: Rajesh Kumar [SMTP:[EMAIL PROTECTED]] > Sent: Friday, 7 September 2001 11:22 am > To: [EMAIL PROTECTED] > Subject: OSPF authentication question. [7:18813] > > Hi all, > > The scenario is this : > > Three router pod in a triangular fashion connected via ethernet ports to > a switch in a common vlan. > > > > router a > | e0 > | >router b -switch---router c > e0fa0/0 > > > OSPF is running between ethernet interfaces in area 0. Normal OSPF > works fine and each router has entries about the other in > "sh ip ospf neighbor" output. > > I was trying authentication commands. I started enabling authentication > in area 0 under router ospf config " area 0 auth mess-dig" > and in the interface e0 I gave " ip ospf mess-digest-key 1 md5 7 abc" > > I gave the above commands in router b and router a - it was working > fine. they could exchange the OSPF information. When I gave the same > thing in router c - router c couldn't be seen in other routers. > > I tried several times but in vain. The only difference between the > routers is router c has fastethernet and models are : > > 1. router b 4500 > 2. router a 2514 > 3 router c 2600 > > On enabling the command : debug ip ospf events on router c, I observed > Mismatch authentication keys but I used the same authentication key , > number and the password. > > > Any insights would be highly appreciated. > > > thanks > rajesh > > [GroupStudy.com removed an attachment of type text/x-vcard which had a > name > of pikumar.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18886&t=18813 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to erase all the previous configuration on [7:18888]
clear config all give that a whack. -Brad ""Albert Y. Pak"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi all, > Recently, I purchased a Supervisor Engine II on eBay. And I would like to > erase all the previous configuration. How do I do that? I have searched on > Cisco web site but I don't find any documentations. > Thanks, > Albert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=1&t=1 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to erase all the previous configuration on [7:18891]
clear config or you can erase the config for a particular module clear config 3 > -Original Message- > From: Albert Y. Pak [mailto:[EMAIL PROTECTED]] > Sent: Thursday, September 06, 2001 8:20 PM > To: [EMAIL PROTECTED] > Subject: How to erase all the previous configuration on Cat [7:18876] > > > Hi all, > Recently, I purchased a Supervisor Engine II on eBay. And I > would like to > erase all the previous configuration. How do I do that? I > have searched on > Cisco web site but I don't find any documentations. > Thanks, > Albert > Report misconduct > and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18891&t=18891 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Upgrade of 3102 [7:19048]
Anyone have any experience with upgraded 310X to level of running 2500 IOS 12? Ive seen a couple on ebay and I have an old 3102 and if it can be upgraded it might be worth more than a boat anchor afterall. Thanks Dan Faulk Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19048&t=19048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to erase all the previous configuration on [7:18965]
clear config all Albert Y. Pak wrote: >Hi all, >Recently, I purchased a Supervisor Engine II on eBay. And I would like to >erase all the previous configuration. How do I do that? I have searched on >Cisco web site but I don't find any documentations. >Thanks, >Albert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18965&t=18965 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cheapest place to buy Transceivers.. [7:19061]
ebay.com wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I need to order 3 ethernet transceivers...for my 2500 routers...where is the > cheapest place i can get that at? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19062&t=19061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to erase all the previous configuration on [7:18960]
clear config all "Albert Y. Pak" wrote: > > Hi all, > Recently, I purchased a Supervisor Engine II on eBay. And I would like to > erase all the previous configuration. How do I do that? I have searched on > Cisco web site but I don't find any documentations. > Thanks, > Albert -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18960&t=18960 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF over Frame-Relay - Interface-DLCI vs. Map [7:18917]
When you are using frame relay on a physical interface or p2m subintf, Map statement tells the router which PVC/DLCI to use when sending packets to a destination ip address. for example, frame map ip 10.10.10.1 200 frame map ip 20.20.20.1 201 These statements tell the router that to send packets to 10.10.10.1, use the PVC that is configured for DLCI 200. But, To get to 20.20.20.1, this time, send the packet to the PVC that is configured to 201. These statements are there because unlike a true point to point serial interface, you actually have multiple logical connections (PVCs) on this 1 physical interface. Because of this, you need to help the router distinguish which PVC should be used to get to one of the many remote sites. Now when you use a subinterface, what happens is that the router configures a logical interface, under the physical interface that is treated like a point to point serial link. In this type of of situation, you do not need to do any map statements because, in theory, there can be only one remote end router. Compared to when you just use the physical interface and have 5 PVCs terminated on the physical. The only additional thing you have to do on the subintf is that you use the interface dlci xxx command under the p2p subintf to tell it which DLCI this subintf belongs to. If you want to do a comparison, we can use a common telephone. you have 1 phone line coming into the house into 1 phone. Even though you have only 1 phone/phone line(physical serial interface), by utilizing the different phone numbers, you can call many different people because for each diff phone number(DLCI), phone and the phone company will create a logical/virtual connection(PVC) to the other phone... so instead of saying frame map ip 10.10.10.1 200, we have phone map john 555.1212 phone map bill 555.2525, which means, to talk to john on the phone, use the number 555.1212 And later, what you do is just run a single line (p2p subintf) to john's house direct and you run a single phone line to Bill's house direct. In this situation, all you need to do is just mark (intf dlci xxx) somewhere on the phone line which of the phone lines goes to john's and which one goes to Bill's. hope this helped and I did not ramble on stuff that did not make sense. Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18928&t=18917 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cheapest place to buy Transceivers.. [7:19061]
I need to order 3 ethernet transceivers...for my 2500 routers...where is the cheapest place i can get that at? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19061&t=19061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: slightly [7:19060]
Dear Group, Have a problem that is puzzling. I am preparing to rollout W2K Pro across a very large organization which covers many buildings in a large city. The vast majority of switches/routers in the enterprise are Cisco. The support group uses an application called Support Magic to log trouble tickets and the normal help desk activities. There is one central database and all help desk agents connect to it from any building. The building I'm working in has a Cat5000 as the main switch sitting in front of a Cisco 4000 router. When I try to start Support Magic, on a sniffer I can see that the application makes a mac level broadcast seeking port 1498. Then it makes an IP subnet broadcast looking for port 1498. At this time the Cat5000 replies with a port unreachable and the W2K machine stops looking. However, in the odbc.ini there is an entry for where the database is. On the same hub is a NT4 workstation. When I sniff it's connection to Support Magic it also receives the port unreachable message from the Cat5000 but then it goes on to connect. So, I go to another building. We carry the same W2K PC with us and the laptop sniffer. We plug everything in and the trace is the same except nothing returns an unreachable message and the connection succeeds. I don't know what kind of switch is in this building but it shouldn't be a Cat5000 as only 40 people work there. I believe the router is a 2501 but I'm trying to find out exactly what the infrastructure is. We go to another building. This building has a cat 6509. We set up, do the trace and again - no unreachable message and the connection works. Don't know what the router is yet. On the face of it, it seems that W2K/Support Magic gets the unreachable msg and then stops trying although the address it needs is hardcoded. Which is weird because NT4/Support Magic works. And W2K/Support Magic works in a building that doesn't have a Cat5000. I will be chasing more of this down again on Monday by visiting other buildings and getting the infrastructure info to make comparisons. Unfortunately as a support organization - this application is mission critical so it is a show stopper for the migration. So one of my questions is. why does the Cat5000 answer the broadcast saying "I don't have this". Why doesn't it ignore it like the other devices on the network? (so far it is the only device to return an unreachable msg). The Cat5000 is not the default gateway for the building. The IP address of the server can be pinged regardless of what Support Magic does. Have not gone to Cisco, Microsoft or Support Magic yet with questions. We want to build a good history to present first. You can imagine that with 3 possible vendors to blame that we need a good description of the case. But just in case someone out there has already bumped into this... Can this behaviour be turned off? What is different between the Cat6509 and the Cat5000? (besides the obvious hardware...) Any guesses ? tia Kevin Wigle Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19060&t=19060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19059]
You set up the channels once, on the service module. The logical sub-interfaces are set up without channel info. Think of the service-module as the CSU/DSU portion of the interface. Mark -Original Message- From: Ole Drews Jensen [SMTP:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 6:11 PM To: [EMAIL PROTECTED] Subject:FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19057] I am now on unknown territory, where no man in my shoes has walked before. I have a Frame Relay scenario being setup, and my host router has just received the green light from the provider. The Frame Relay host uses 12 channels, and connects on three PVC's to three branch offices, each with 4 channels. I searched and found the answer on how to setup the channels on cisco's site: router(config-if)#service-module t1 timeslots 1-12 but will I have to do that for my three sub interfaces also? Example: router(config)#int s0/0 router(config-if)#service-module t1 timeslots 1-12 router(config-if)#int s0/0.101 point-to-point router(config-subif)#frame-relay interface-dlci 101 router(config-subif)#service-module t1 timeslots 1-4 router(config-subif)#int s0/0.102 point-to-point router(config-subif)#frame-relay interface-dlci 102 router(config-subif)#service-module t1 timeslots 5-8 router(config-subif)#int s0/0.103 point-to-point router(config-subif)#frame-relay interface-dlci 103 router(config-subif)#service-module t1 timeslots 9-12 Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19059&t=19059 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP address on two VLAN's [7:19050]
Yeah, I am starting to realize that now. That kind of sucks I must say. Well, what can you do. I am leaving for a needed cold one or two. Have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Rik Guyler [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 4:50 PM To: [EMAIL PROTECTED] Subject: RE: IP address on two VLAN's [7:19050] Ole my old friend, what are you tearing up now? ;-} Your problem is one of not enough virtual interfaces. From a switch perspective, it only needs a single management interface, which by default is the "vlan 1" interface on vlan 1. If you create a "vlan 13" or other, then you would have to "shutdown" the "vlan 1" interface first then bring up the new management interface. --- Rik Guyler -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 4:32 PM To: [EMAIL PROTECTED] Subject: IP address on two VLAN's [7:19050] I have a 2924 with all ports on VLAN1 and VLAN1 set with an IP address on network 10.0.0.0/8. I was not using more than half the ports, so I created a VLAN13 and moved ports 17 thru 24 over on it. So far, so good. Now, I wanted to give VLAN13 an IP address on network 192.168.0.0/24 so I can telnet to it if on one of the computers connected to VLAN13 on that LAN, but the VLAN13 keeps being in SHUTDOWN mode even if I do a conf t, int vlan13, no shut. What am I missing here? Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19058&t=19050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FR question - Configuring Fractional T1 on the WIC-1DSU-T1 [7:19057]
I am now on unknown territory, where no man in my shoes has walked before. I have a Frame Relay scenario being setup, and my host router has just received the green light from the provider. The Frame Relay host uses 12 channels, and connects on three PVC's to three branch offices, each with 4 channels. I searched and found the answer on how to setup the channels on cisco's site: router(config-if)#service-module t1 timeslots 1-12 but will I have to do that for my three sub interfaces also? Example: router(config)#int s0/0 router(config-if)#service-module t1 timeslots 1-12 router(config-if)#int s0/0.101 point-to-point router(config-subif)#frame-relay interface-dlci 101 router(config-subif)#service-module t1 timeslots 1-4 router(config-subif)#int s0/0.102 point-to-point router(config-subif)#frame-relay interface-dlci 102 router(config-subif)#service-module t1 timeslots 5-8 router(config-subif)#int s0/0.103 point-to-point router(config-subif)#frame-relay interface-dlci 103 router(config-subif)#service-module t1 timeslots 9-12 Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19057&t=19057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP address on two VLAN's [7:19050]
If you do not want to use VLAN 1 for managment then you must shut it down. Then VLAN 13 will pop up. It's not intuitive but it's how it works. Dave Ole Drews Jensen wrote: > > I have a 2924 with all ports on VLAN1 and VLAN1 set with an IP address on > network 10.0.0.0/8. > > I was not using more than half the ports, so I created a VLAN13 and moved > ports 17 thru 24 over on it. > > So far, so good. > > Now, I wanted to give VLAN13 an IP address on network 192.168.0.0/24 so I > can telnet to it if on one of the computers connected to VLAN13 on that LAN, > but the VLAN13 keeps being in SHUTDOWN mode even if I do a conf t, int > vlan13, no shut. > > What am I missing here? > > Thanks and have a great weekend, > > Ole > > ~~~ > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > ~~~ > http://www.RouterChief.com > ~~~ > NEED A JOB ??? > http://www.oledrews.com/job > ~~~ -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19055&t=19050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Books for Syslogmessages [7:18923]
Udo, Your best bet would be the CCO. Aziz -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 2:48 AM To: [EMAIL PROTECTED] Subject: Books for Syslogmessages [7:18923] Hi guys, I'm looking for a good book where can I find informationens about the cisco syslog messages. I mean how can I interprete this messages and any explanations Udo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19056&t=18923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP address on two VLAN's [7:19050]
Ole my old friend, what are you tearing up now? ;-} Your problem is one of not enough virtual interfaces. From a switch perspective, it only needs a single management interface, which by default is the "vlan 1" interface on vlan 1. If you create a "vlan 13" or other, then you would have to "shutdown" the "vlan 1" interface first then bring up the new management interface. --- Rik Guyler -Original Message- From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 4:32 PM To: [EMAIL PROTECTED] Subject: IP address on two VLAN's [7:19050] I have a 2924 with all ports on VLAN1 and VLAN1 set with an IP address on network 10.0.0.0/8. I was not using more than half the ports, so I created a VLAN13 and moved ports 17 thru 24 over on it. So far, so good. Now, I wanted to give VLAN13 an IP address on network 192.168.0.0/24 so I can telnet to it if on one of the computers connected to VLAN13 on that LAN, but the VLAN13 keeps being in SHUTDOWN mode even if I do a conf t, int vlan13, no shut. What am I missing here? Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19054&t=19050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: IP address on two VLAN's [7:19050]
Do you have anything attached to Port 13? The ports on the two 2924's on my network are in the down status unless a device is attached. David Toalson 816-701-4142 > -- > From: Ole Drews Jensen[SMTP:[EMAIL PROTECTED]] > Reply To: Ole Drews Jensen > Sent: Friday, September 07, 2001 3:32 PM > To: [EMAIL PROTECTED] > Subject: IP address on two VLAN's [7:19050] > > I have a 2924 with all ports on VLAN1 and VLAN1 set with an IP address on > network 10.0.0.0/8. > > I was not using more than half the ports, so I created a VLAN13 and moved > ports 17 thru 24 over on it. > > So far, so good. > > Now, I wanted to give VLAN13 an IP address on network 192.168.0.0/24 so I > can telnet to it if on one of the computers connected to VLAN13 on that > LAN, > but the VLAN13 keeps being in SHUTDOWN mode even if I do a conf t, int > vlan13, no shut. > > What am I missing here? > > Thanks and have a great weekend, > > Ole > > ~~~ > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > ~~~ > http://www.RouterChief.com > ~~~ > NEED A JOB ??? > http://www.oledrews.com/job > ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19053&t=19050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New to CCNP [7:18933]
Well that's not quite the case, if you follow the Cisco Network Academy Syllabus it's: 1)Routing 2)Remote Access 3)Switching 4)Support. Have a look at the Ciscopress Site www.ciscopress.com the books and other material here I reckon to be more on target for the exams than their other offerings, or Sybex, Syngress and many more. Have a look in your local book store first and compare. My 2 Groats Karl - Original Message - From: "Jeff Smith" To: Sent: Friday, September 07, 2001 2:06 PM Subject: Re: New to CCNP [7:18933] > Cisco suggests Routing, Switching, Remote Access and then Support. I would > say that you could take either of the first two initially. > > > >From: "Tel Khan" > >Reply-To: "Tel Khan" > >To: [EMAIL PROTECTED] > >Subject: New to CCNP [7:18933] > >Date: Fri, 7 Sep 2001 05:22:31 -0400 > > > >Hi guys i passed my CCNA 2.0, i would like to know which topic i should > >cover 1st? i think i should cover the Routing topic 1st. > > > >Can someone please come back to me on this. > > > >Kind reagrds > >Tel > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19052&t=18933 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP address on two VLAN's [7:19050]
You can only have one management VLAN per switch. You are trying to make 2 since by default VLAN 1 is the management VLAN. sam sneed ""Ole Drews Jensen"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have a 2924 with all ports on VLAN1 and VLAN1 set with an IP address on > network 10.0.0.0/8. > > I was not using more than half the ports, so I created a VLAN13 and moved > ports 17 thru 24 over on it. > > So far, so good. > > Now, I wanted to give VLAN13 an IP address on network 192.168.0.0/24 so I > can telnet to it if on one of the computers connected to VLAN13 on that LAN, > but the VLAN13 keeps being in SHUTDOWN mode even if I do a conf t, int > vlan13, no shut. > > What am I missing here? > > Thanks and have a great weekend, > > Ole > > ~~~ > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > ~~~ > http://www.RouterChief.com > ~~~ > NEED A JOB ??? > http://www.oledrews.com/job > ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19051&t=19050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
redundant VPN [7:19049]
Hi *.* (or, * for you unix folks), I have an opportunity to propose a 4-site wide area network connectivity solution where redundancy/up-time/availability is an important issue. This customer is currently running Win2k pptp VPN and is looking for a more secure and robust solution. All 4 sites have or will have full or frac T1. Backup is to be provided by either DSL or ISDN as follows: LA: VPN termination device, Cisco 2621, T1, DSL (or ISDN) NY: VPN termination device, Cisco 2621, T1, DSL (or ISDN) FL: VPN termination device, Cisco 2621, T1, DSL (or ISDN) UK: VPN termination device, Cisco 2621, T1, DSL (or ISDN) The 2621 will be providing "backup" switch-over between T1 and DSL (or ISDN) at each site. DSL (or ISDN) provider will be different from the T1 provider (in fact, depending on availability, all eight links may have different providers). In case of one of the T1's going down, I need to ensure fail-over backup occurring so that VPN tunnel is always up. So the question is, is it possible for a PIX or VPN Concentrator 3000 to be configured to allow either of the remote-end IP addresses to open the tunnel and to return the connection to whichever address it came from (since the 2621 will switch over to DSL (or ISDN) link when T1 goes down)? What have you folks seen as far as setting up redundant VPN tunnels? What do you guys recommend as best practice? Alternative to all this is to setup frame relay WAN with ISDN backup, which has worked well for me in the past. However, frame PVC going out to UK might be cost-prohibitive; plus, this customer is kinda in love with the concept of VPN. TIA, Randall Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19049&t=19049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IP address on two VLAN's [7:19050]
I have a 2924 with all ports on VLAN1 and VLAN1 set with an IP address on network 10.0.0.0/8. I was not using more than half the ports, so I created a VLAN13 and moved ports 17 thru 24 over on it. So far, so good. Now, I wanted to give VLAN13 an IP address on network 192.168.0.0/24 so I can telnet to it if on one of the computers connected to VLAN13 on that LAN, but the VLAN13 keeps being in SHUTDOWN mode even if I do a conf t, int vlan13, no shut. What am I missing here? Thanks and have a great weekend, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNA, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19050&t=19050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Remote SPAN on 3548 switch [7:19047]
Anyone know if its posible to remote SPAN to a monitor port between 2 3500 switches? A search for Remote span left me with a bunch catalyst 6000 references. thanks sam sneed Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19047&t=19047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what does "dark fiber" mean? [7:18718]
Coockoo works. :-) The solid answer is === It Depends. Take into consideration how much it costs to lay that fiber. Distance would play a big role in the pricing decision. At my last job (a city government) we ran our own fiber. I think 1000-2000 feet of 24 strand multimode cost us in the $50k-$200k range (it's been a while). We wanted to connect another site several miles away and were looking at figures in excess of $1,000,000. The price of the fiber was not the biggest cost. The digging up of the street was. What would a service provider charge for dark fiber? Probably a bunch. I would think it to be more than a light connection because the either must cross connect the fiber or run it direct, which could be a pain (in your wallet). If they were to light the fiber, they could have, say, OC-192 on theirs and provide you an OC-3. I would think that would be cheaper since all the connections are made in their equipment and they would have control over the bandwidth. After saying all that (and calling you coockoo), I'll finish by saying I probably have no idea what I'm talking about. :-) Have a great day. >>> "Mark Odette II" 09/06/01 08:58PM >>> So- Just out of curiousity- Anybody have a rough amt. that "Dark Fiber" runs for?? Is it dependent upon the mileage, or is it rated out at a flat monthly fee. You'ld think that if it was only a couple hundred bucks a month, that all kinds of ISP startups would be using it to put their infrastructure together, and just have a specific site as their gateway to an upstream provider. Tell me if I'm coockoo about this theory. Mark Odette II - Original Message - From: "Patrick Ramsey" To: Sent: Thursday, September 06, 2001 7:03 PM Subject: Re: what does "dark fiber" mean? [7:18718] > Close... > > Actually it's dark when nothing is attached, but it remain's "dark" even when > CPE is attached. > > Dark fiber, the term is used by providers meaning that they lease you fiber > that does not traverse their network. So technically, you can run anything > across it as you wish. > > Take this example... I have a sonet ring from a local carrier and it is > attached to their ATM infrastructure at 155mb. they (the carrier) are not > really lighting the fiber but since it is a sonet node it is limited to ATM. > (Or packet over sonet) but you still only get the bandwidth you pay for. > > However, if I purchase "dark" fiber meaning that it is not lit by the > carrier, > then I can run ATM across it at oc3, oc12, oc48, oc192, etc OR I can run > 100fx or gig across it... However much money I feel like spending on the > equipment is what will run across it. > > -Patrick > > > >>> "Tony van Ree" 09/06/01 06:24PM >>> > Hi, > > Dark fibre is when you have, buy or rent a fibre cable that is terminated > but has no equipment connected. Devices using fibre have either infra red > or laser light thus making the cale non "dark". > > Hope this helps. > > Teunis, > Hobart, Tasmania > Australia > > > On Wednesday, September 05, 2001 at 10:16:07 PM, david wrote: > > > Thanks, > > > > > > david > -- > www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19037&t=18718 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: One Journalist's Opinion of CCIE [7:18843]
Just some food for thought...I wonder how many people on this list would be getting this upset if the journalist had used the MCSE certification as an example and not the CCIE? :-) Don't get me wrong...I agree with most of the people's opinions expressed thus far and that is that this journalist most likely does not understand what goes into obtaining a CCIE and he probably pulled that cert from his morning read through the want ads, but I still think it is an interesting question. How many people would be as upset if he had used MCSE as the example. Ok. I am ducking for cover now. Hope everyone has a nice weekend! Heather > -Original Message- > From: Priscilla Oppenheimer [SMTP:[EMAIL PROTECTED]] > Sent: Friday, September 07, 2001 1:51 PM > To: [EMAIL PROTECTED] > Subject: Re: One Journalist's Opinion of CCIE [7:18843] > > Bottom line, IMHO: the journalist didn't know a thing about CCIE and > assumed it is similar to other certs. I bet he didn't even know that it > requires a hands-on lab. Notice that he also claims to be able to talk to > car mechanics and plumbers. I bet they just love him! He's probably one of > > those guys who mucks everything up and then calls the plumber. > > The REAL bottom line: We should just ignore his silly article. ;-) > > Priscilla > > At 12:09 PM 9/7/01, Brad Ellis wrote: > >Chuck, > > > >Hi! Don't get me wrong, Im not saying CCIE's sh*t don't stink!!! I know > a > >few CCIEs that I would let touch my network. However, I consider that > the > >EXCEPTION and not the RULE. As a general rule of thumb, I consider the > CCIE > >level of knowledge and applicable skills to be higher than "minimal > >competence." I suppose it really depends on your definition of "minimal > >competence." I define minimal competence as someone who has a > fundamental > >understanding of networking with a small amount of hands-on experience. > I > >would generally classify a CCIE to have a more in-depth understanding of > >networking fundamentals and quite a bit more hands-on experience than > >someone with minimal competence. > > > >Mr. Seltzer's writing says that the average CCIE is minimally competent > in > >the product (I'd guess he was referring to Cisco). I think that's like > >saying NBA basketball players are minimally competent basketball players. > >To Michael Jordan that's probably true, but Im sure the general public > would > >disagree. I suppose it really comes down to your definition of "minimal > >competence." I have a great deal of respect for the majority of other > >CCIE's who I have come in contact with and consider calling them > minimally > >competent to be an insult. > > > >-Brad Ellis > >CCIE#5796 > > > >""Chuck Larrieu"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > like everything else in this business, the answer is "it depends". > > > > > > sorry folks, but CCIE's are not gods who walk among us. > > > > > > I personally know several CCIE's who are top notch and deserving of > every > > > dollar they get and every contract they land. > > > > > > I also personally know a couple who couldn't tell you how a packet > gets > >from > > > one interface to another in a router. > > > > > > all the CCIE certification proves is that you have passed Cisco's lab > >test. > > > It does not prove one way or another whether you know jack about > >networking. > > > I suggest that there is a percentage of the 2000 or so who have > attained > >the > > > cert since last year who did so only because they successfully > memorized > > > enough scenario configurations that they were able to luck their way > >through > > > when their lab closely resembled one of those scenarios they > memorized. > > > > > > I personally know several folks who passed over the last 18 months > whose > > > only hands on experience was in their practice labs. Of these, all > were > > > pretty sharp dudes, by the way. > > > > > > From personal experience I can tell you that I saw absolutely nothing > in > >my > > > lab that made me wish I'd spent more time reading RFC's, or Comer, or > any > >of > > > the other great books of the networking world. I saw plenty that made > me > > > wish I'd spent more time on certain practice materials readily > available > >( I > > > refer to the commercially available products. please do not contact me > for > > > names and sources ) > > > > > > whenever this topic comes up, I see the same kinds of thought > processes > as > >I > > > used to see in the days when people asked what good an English degree > did > > > you in the job market. It isn't the degree. it's the intelligence > behind > >it. > > > > > > hate to say it, kids, but the CCIE has no clothes. Experience is what > >really > > > matters. the certification to many is just a ticket, just the > beginning. > >to > > > those with a lot of experience, it is merely a validation of the skill > >set. > > > in and of itself it is like any other piece of paper - repr
RE: Pinouts for t1 crossover [7:19028]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 2:43 PM To: [EMAIL PROTECTED] Subject: Pinouts for t1 crossover [7:19028] I am trying to find out what the pinout is for a t1 crossover cable ? (CSU/DSU back to back) Jim Phillipo, CCNP, CCDP Sr. Internetworking Engineer W: 401.456.1821 F: 401.456.0599 M: 781.983.0316 90 Royal Little Drive, Providence, RI 02904 www.guardent.com _ G U A R D E N T Security | Privacy | Data Protection Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19045&t=19028 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: LAB Equipement for CCIE [7:18877]
I'm getting me a 2509, 2501, 2x 2504, 4000. I will also purchase an Telton ISDN a couple of more routers later on. Thanks to all on the responses but I spoke with Rob a CCIE I met here in these newsgroups and he has been very helpful. THANKS Rob. ""Francisco deAmorim"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I would like to have some CCIEs or well informed people give me an idea of > what they consider a minimum equipment I should get for a home lab to > practice for my CCIE. I mean to buy but I need some serious thoughts. > > > I appreciate all the help in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19044&t=18877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Per destination switching [7:18931]
Priscilla Oppenheimer wrote: > > At 04:56 AM 9/7/01, Lupi, Guy wrote: > >When using fast switching, your load sharing is per destination. Lets say > >you have 2 T1s to a router, and it is using fast switching, and you go to > >AOL to download their newest version. Will your download use only 1 T1 due > >to per destination switching? > > Yes, that's true unfortunately. But you could use CEF instead of fast > switching. > Yes but be aware that you need to specify, when using CEF, per packet load sharing under the interfaces. In higher end platforms, 6500, you can't enable per packet load sharing, destination is all you get. Dave David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19042&t=18931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: One Journalist's Opinion of CCIE [7:18843]
This reminds me of a jury selection process I went through some time back. It was rape case against a Doctor. The defense counsel were asking about 25 of us questions trying to pare us down into a 14 person jury. 12 members two alternates. The defense asked us all to raise our hands if we had any work experience with the medical field. A few people did. The first question the defense counsel asked a perspective juror who had raised their hand was... "Have you ever had any prejudice for any doctor?" The juror answered yes. The second question... "what caused that perjudice"? I didn't like one Doctor because they didn't treat their patients right. Well as a look of disgust passed over the defense lawyer the judge jumped in and asked... "what do you do in the medical field?" I am a nurses assistant. Well there was an audible thud. The judge proceeded to go on a five minute tiraid undressing that person, summarizing that they were in no position to evaluate a Doctors competancy because they did not receive the proper training and that their prejudice was based solely on a personal bias. The judge then turned to the rest of us saying that we were excused, stating that we were tainted because of the personal bais that was expressed. Life lesson; people like Brad (CCIE's) have the right to determine and uphold the competency of CCIE's because, quess what, they're in the club, we're not. Cadets in training, wannabees, and fruitcakes can only speculate. Difference between some of us and the Larry's of the world, we will be joining that club then we can talk about what a CCIE should and shouldn't be because we are a CCIE and have undergone the training and became certified. That juvenile ripost "takes one to know one" aint a bad way to go. Don PS Brad Cool, Larry Smack!!! that's the old Don PSS That nurses aid is my hero they got me out of jury duty, which would of had me tied up for twenty two days. It was a highly publisized case in the media. Oh, and he went down. PSSS Ten hour work day, three hour lab action tonight and its friday. I changed my mind Larry is big Smack - Original Message - From: "Brad Ellis" To: Sent: Friday, September 07, 2001 9:09 AM Subject: Re: One Journalist's Opinion of CCIE [7:18843] > Chuck, > > Hi! Don't get me wrong, Im not saying CCIE's sh*t don't stink!!! I know a > few CCIEs that I would let touch my network. However, I consider that the > EXCEPTION and not the RULE. As a general rule of thumb, I consider the CCIE > level of knowledge and applicable skills to be higher than "minimal > competence." I suppose it really depends on your definition of "minimal > competence." I define minimal competence as someone who has a fundamental > understanding of networking with a small amount of hands-on experience. I > would generally classify a CCIE to have a more in-depth understanding of > networking fundamentals and quite a bit more hands-on experience than > someone with minimal competence. > > Mr. Seltzer's writing says that the average CCIE is minimally competent in > the product (I'd guess he was referring to Cisco). I think that's like > saying NBA basketball players are minimally competent basketball players. > To Michael Jordan that's probably true, but Im sure the general public would > disagree. I suppose it really comes down to your definition of "minimal > competence." I have a great deal of respect for the majority of other > CCIE's who I have come in contact with and consider calling them minimally > competent to be an insult. > > -Brad Ellis > CCIE#5796 > > ""Chuck Larrieu"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > like everything else in this business, the answer is "it depends". > > > > sorry folks, but CCIE's are not gods who walk among us. > > > > I personally know several CCIE's who are top notch and deserving of every > > dollar they get and every contract they land. > > > > I also personally know a couple who couldn't tell you how a packet gets > from > > one interface to another in a router. > > > > all the CCIE certification proves is that you have passed Cisco's lab > test. > > It does not prove one way or another whether you know jack about > networking. > > I suggest that there is a percentage of the 2000 or so who have attained > the > > cert since last year who did so only because they successfully memorized > > enough scenario configurations that they were able to luck their way > through > > when their lab closely resembled one of those scenarios they memorized. > > > > I personally know several folks who passed over the last 18 months whose > > only hands on experience was in their practice labs. Of these, all were > > pretty sharp dudes, by the way. > > > > From personal experience I can tell you that I saw absolutely nothing in > my > > lab that made me wish I'd spent more time reading RFC's, or Comer, or any > of > > the other great books of the networking world. I saw plenty that made me > > wish I'd sp
RE: Pinouts for t1 crossover [7:19028]
1 4 2 5 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, September 07, 2001 2:43 PM To: [EMAIL PROTECTED] Subject: Pinouts for t1 crossover [7:19028] I am trying to find out what the pinout is for a t1 crossover cable ? (CSU/DSU back to back) Jim Phillipo, CCNP, CCDP Sr. Internetworking Engineer W: 401.456.1821 F: 401.456.0599 M: 781.983.0316 90 Royal Little Drive, Providence, RI 02904 www.guardent.com _ G U A R D E N T Security | Privacy | Data Protection Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19041&t=19028 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pinouts for t1 crossover [7:19028]
Hi Jim, Here is ONE link that I found while searching Google.com for T1 Crossover Cable Pinout http://www.stayonline.com/catalog/cablesexternal/routercables/7794.asp Jim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 1:43 PM To: [EMAIL PROTECTED] Subject: Pinouts for t1 crossover [7:19028] I am trying to find out what the pinout is for a t1 crossover cable ? (CSU/DSU back to back) Jim Phillipo, CCNP, CCDP Sr. Internetworking Engineer W: 401.456.1821 F: 401.456.0599 M: 781.983.0316 90 Royal Little Drive, Providence, RI 02904 www.guardent.com _ G U A R D E N T Security | Privacy | Data Protection Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19040&t=19028 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE lab for sale [7:19016]
how much all these - Original Message - From: "Michael Hall" To: Sent: Friday, September 07, 2001 9:55 PM Subject: CCIE lab for sale [7:19016] > I am selling the following lab that I used to get my CCIE. Please make an > offer. > > Cisco Catalyst 5000 with a Sup 1 and 24 port Ethernet card > 1 - WS-X5009 > 1 - WS-X5013 > > Teltone ISDN Demonstrator > > Cisco 2502 with 8M of Flash and 16M of memory > 1 - MAU > 1 - Token Ring Cable > > Cisco 2511 with 16M of flash and 16M of memory > 1 - Octal Cable > 1 - Ethernet Transceiver > > Cisco 2613 with 24M of memory and 8M of flash > 1 - NM-4A/S > 1 - WIC-2A/S > 1 - WIC-1B-U > 2 - Smart Serial to DB60 Serial Cables > > Cisco 4000 with 16M of memory and 4M of flash. Includes the following: > 1 - NP-2R (2-port Token Ring) > 1 - NP-2T (2-port serial) > 1 - NP-4B (4-port ISDN BRI) > 1 - NP-1E (1-port Ethernet) > 1 - DTE to DCE cable to connect 4000 and 2500 series routers > 1 - IBM Token Ring MAU > 2 - MAU to 4000 Token Ring cables > 1 - Adtran NT-1 > > > Michael Hall CCIE, CISSP > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19038&t=19016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE lab for sale [7:19016]
how much all these - Original Message - From: "Michael Hall" To: Sent: Friday, September 07, 2001 9:55 PM Subject: CCIE lab for sale [7:19016] > I am selling the following lab that I used to get my CCIE. Please make an > offer. > > Cisco Catalyst 5000 with a Sup 1 and 24 port Ethernet card > 1 - WS-X5009 > 1 - WS-X5013 > > Teltone ISDN Demonstrator > > Cisco 2502 with 8M of Flash and 16M of memory > 1 - MAU > 1 - Token Ring Cable > > Cisco 2511 with 16M of flash and 16M of memory > 1 - Octal Cable > 1 - Ethernet Transceiver > > Cisco 2613 with 24M of memory and 8M of flash > 1 - NM-4A/S > 1 - WIC-2A/S > 1 - WIC-1B-U > 2 - Smart Serial to DB60 Serial Cables > > Cisco 4000 with 16M of memory and 4M of flash. Includes the following: > 1 - NP-2R (2-port Token Ring) > 1 - NP-2T (2-port serial) > 1 - NP-4B (4-port ISDN BRI) > 1 - NP-1E (1-port Ethernet) > 1 - DTE to DCE cable to connect 4000 and 2500 series routers > 1 - IBM Token Ring MAU > 2 - MAU to 4000 Token Ring cables > 1 - Adtran NT-1 > > > Michael Hall CCIE, CISSP > [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19039&t=19016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Troubleshooting a network [7:18707]
Check out Laura Chappel. She does awesome work in that area. If you ever have the chance to attend one of her presentations, take it. Have a look at www.packet-level.com. I think she talks about layer 2 stuff in her sleep... :-) >>> "mike rose" 09/05/01 06:10PM >>> Anyone know a good book that explains trouble shooting a network? (besides a certification book?) any help would be greatly appreciated. Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19036&t=18707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: prvilige on vty [7:18769]
Hi, I'm not sure about Radius, but if you use local authentication you should try something like this: username abc privilege 5 password 123 username rst privilege 10 password 456 username uvw privilege 10 password 789 username xyz privilege 15 password 789 # this gives user xyz immediate access to the enable level (15) ! Then you should have to change all non privileged level commands, except PING, to a level higher than the user that should be allowed to PING: ! privilege exec level 10 enable privilege exec level 10 show privilege exec level 10 telnet # and so on (type ? on non privileged prompt to see a list of the commands you should change) privilege exec level 5 ping # This is optional. You may list here all commands that user abc will be allowed, just for documentation. ! At the vty line do this: ! line vty 0 4 no password login local ! Hope this helps! ER - Original Message - From: "kaushalenders" To: Sent: Thursday, September 06, 2001 4:28 AM Subject: prvilige on vty [7:18769] hi I want that my all vty user should pe authenticated by radius and 1 of them should able to ping only and can not do any thing else.How can i set that privelege to user on vty . plz help me i have tried aaa new-model aaa authentication login default radius now what command i have to give to set the privilige yhanxs kaushalender Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19035&t=18769 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MC3810 Console Log Problems [7:19007]
Excuse me This is incorrect... Pls. disregard. Josh If it is 2142 you changed the baud rate of the console port to 19200. Change your comm software from 9600 to 19200 and you should be back in business. Josh -Original Message- From: Ednilson Rosa [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 2:19 PM To: [EMAIL PROTECTED] Subject: Re: MC3810 Console Log Problems [7:19007] You mean 2142 or 2104?? - Original Message - From: "SALDANA,FERNANDO (HP-Mexico,ex1)" To: Sent: Friday, September 07, 2001 2:25 PM Subject: MC3810 Console Log Problems [7:19007] Hi Everybody, Can somebody Help Me. I have A MC3810-V3 I was trying to recover the password and after changing the config register 21042 I jus turn it of and on. Now I just receives a G on the console. I assume that I disable the Ctrl. Does any body has a workaround to bring to life my router. Thank you Fer Saldana Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19034&t=19007 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MC3810 Console Log Problems [7:19007]
If it is 2142 you changed the baud rate of the console port to 19200. Change your comm software from 9600 to 19200 and you should be back in business. Josh -Original Message- From: Ednilson Rosa [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 2:19 PM To: [EMAIL PROTECTED] Subject: Re: MC3810 Console Log Problems [7:19007] You mean 2142 or 2104?? - Original Message - From: "SALDANA,FERNANDO (HP-Mexico,ex1)" To: Sent: Friday, September 07, 2001 2:25 PM Subject: MC3810 Console Log Problems [7:19007] Hi Everybody, Can somebody Help Me. I have A MC3810-V3 I was trying to recover the password and after changing the config register 21042 I jus turn it of and on. Now I just receives a G on the console. I assume that I disable the Ctrl. Does any body has a workaround to bring to life my router. Thank you Fer Saldana Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19033&t=19007 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pinouts for t1 crossover [7:19028]
Check this out: http://www.adtran.com/support/technotes/t1ddsadptxvr/ wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I am trying to find out what the pinout is for a t1 crossover cable ? > (CSU/DSU back to back) > Jim Phillipo, CCNP, CCDP > Sr. Internetworking Engineer > W: 401.456.1821 F: 401.456.0599 M: 781.983.0316 > 90 Royal Little Drive, Providence, RI 02904 > www.guardent.com > _ > G U A R D E N T > Security | Privacy | Data Protection Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19032&t=19028 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: One Journalist's Opinion of CCIE [7:18843]
Bottom line, IMHO: the journalist didn't know a thing about CCIE and assumed it is similar to other certs. I bet he didn't even know that it requires a hands-on lab. Notice that he also claims to be able to talk to car mechanics and plumbers. I bet they just love him! He's probably one of those guys who mucks everything up and then calls the plumber. The REAL bottom line: We should just ignore his silly article. ;-) Priscilla At 12:09 PM 9/7/01, Brad Ellis wrote: >Chuck, > >Hi! Don't get me wrong, Im not saying CCIE's sh*t don't stink!!! I know a >few CCIEs that I would let touch my network. However, I consider that the >EXCEPTION and not the RULE. As a general rule of thumb, I consider the CCIE >level of knowledge and applicable skills to be higher than "minimal >competence." I suppose it really depends on your definition of "minimal >competence." I define minimal competence as someone who has a fundamental >understanding of networking with a small amount of hands-on experience. I >would generally classify a CCIE to have a more in-depth understanding of >networking fundamentals and quite a bit more hands-on experience than >someone with minimal competence. > >Mr. Seltzer's writing says that the average CCIE is minimally competent in >the product (I'd guess he was referring to Cisco). I think that's like >saying NBA basketball players are minimally competent basketball players. >To Michael Jordan that's probably true, but Im sure the general public would >disagree. I suppose it really comes down to your definition of "minimal >competence." I have a great deal of respect for the majority of other >CCIE's who I have come in contact with and consider calling them minimally >competent to be an insult. > >-Brad Ellis >CCIE#5796 > >""Chuck Larrieu"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > like everything else in this business, the answer is "it depends". > > > > sorry folks, but CCIE's are not gods who walk among us. > > > > I personally know several CCIE's who are top notch and deserving of every > > dollar they get and every contract they land. > > > > I also personally know a couple who couldn't tell you how a packet gets >from > > one interface to another in a router. > > > > all the CCIE certification proves is that you have passed Cisco's lab >test. > > It does not prove one way or another whether you know jack about >networking. > > I suggest that there is a percentage of the 2000 or so who have attained >the > > cert since last year who did so only because they successfully memorized > > enough scenario configurations that they were able to luck their way >through > > when their lab closely resembled one of those scenarios they memorized. > > > > I personally know several folks who passed over the last 18 months whose > > only hands on experience was in their practice labs. Of these, all were > > pretty sharp dudes, by the way. > > > > From personal experience I can tell you that I saw absolutely nothing in >my > > lab that made me wish I'd spent more time reading RFC's, or Comer, or any >of > > the other great books of the networking world. I saw plenty that made me > > wish I'd spent more time on certain practice materials readily available >( I > > refer to the commercially available products. please do not contact me for > > names and sources ) > > > > whenever this topic comes up, I see the same kinds of thought processes as >I > > used to see in the days when people asked what good an English degree did > > you in the job market. It isn't the degree. it's the intelligence behind >it. > > > > hate to say it, kids, but the CCIE has no clothes. Experience is what >really > > matters. the certification to many is just a ticket, just the beginning. >to > > those with a lot of experience, it is merely a validation of the skill >set. > > in and of itself it is like any other piece of paper - representative of > > something, but perhaps not representative of what you may think. > > > > Chuck > > back to the pod - got lots to do before December 3 > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Don Claybrook > > Sent: Thursday, September 06, 2001 11:32 AM > > To: [EMAIL PROTECTED] > > Subject: One Journalist's Opinion of CCIE [7:18843] > > > > > > I just ran across this one in Fortune Small Business. Below is an >excerpt. > > The journalist (Larry Seltzer) is attempting to give tips on how to hire > > technical consultants to do work for your small business. He's talking > > about > > how certifications aren't as important as one might think: > > > > "When looking for qualified help, don't read too much into a consultant's > > alphabet soup of certifications. They don't signify ability, just as my > > political science degree doesn't make me your next President. Terms like > > CCIE > > (Cisco Certified Internetwork Expert) indicate only successful completion >of > > the program and minimal competence in
Re: EIGRP and ip default-network [7:18941]
Very cool! That was a total SWAG. I haven't had to play around with that yet so that is good information to know. Thanks, and good job on that brain teaser! John >>> "EA Louie" 9/7/01 11:55:32 AM >>> that was it exactly. Unless the major network specified in 'ip default-network' is advertised, the default network is NOT advertised. If it were a exam question where there was a 'no static route' restriction, then one could either use auto-summary or summarize the 24.0.0.0/8 route at the interfaces (as one does with eigrp). The tricky part is that most of us are trained to add the no auto-summary command to eigrp as soon as we configure it, so it becomes automatic and an (almost) mindless config task, and sometimes forget the effect that it has from a classful perspective. - Original Message - From: "John Neiberger" To: Cc: Sent: Friday, September 07, 2001 8:29 AM Subject: Re: EIGRP and ip default-network [7:18941] > Okay then, how about adding "auto-summary" to the termsrv router? That > would summarize on classfull boundaries which would force termsrv to > advertise 24.0.0.0/8 to rta instead of 24.0.0.0/26. > > Is that closer? > > >>> "EA Louie" 9/7/01 8:54:31 AM >>> > nope but it does have to do with 24.0.0.0/8 being advertised :-) > > no static routes allowed, my friend...the solution is even simpler than > that > > -e- > > - Original Message - > From: "John Neiberger" > To: > Cc: > Sent: Friday, September 07, 2001 7:22 AM > Subject: Re: EIGRP and ip default-network [7:18941] > > > > I'd like to hazard a guess here. > > > > My guess is that termsrv is passing 24.0.0.0/8 as the default > network, > > yet rta does not have this in its routing tables. If you add a > static > > route for 24.0.0.0/8 to Null0 on termsrv, eigrp will pass this route > to > > rta, allowing rta to make that the default network. > > > > This is a good one! Am I close? > > > > John > > > > >>> "EA Louie" 9/7/01 4:53:19 AM >>> > > While studying Doyle Vol 1 p. 755-758 (default-network), I made an > > interesting yet painful discovery (besides the typo on p 755). > Simple > > scenario: Two routers connected via serial interfaces and the > default > > network on the Ethernet interface of termsrv. I was trying to get > the > > candidate default route to advertise to rtra, but it wouldn't work > > until I > > made one config change. > > > > Can you figure out where, and what that change was? Bonus "points" > if > > you > > can tell me why. > > > > Hint: It surprised me because it's an almost automatic command that > I > > type > > in when I configure that particular feature. It showed up when I > did > > a > > debug ip eigrp on rtra > > > > Here are the configs and routing tables with the unneeded portions > > snipped: > > > > termsrv * > > > > hostname termsrv > > ! > > ip subnet-zero > > ! > > interface Ethernet0 > > ip address 24.21.8.200 255.255.255.192 > > no ip directed-broadcast > > ! > > interface Serial0 > > ip address 192.168.2.2 255.255.255.252 > > no ip directed-broadcast > > no ip mroute-cache > > no fair-queue > > ! > > router eigrp 1 > > network 24.0.0.0 > > network 192.168.2.0 > > no auto-summary > > ! > > ip classless > > ip default-network 24.0.0.0 > > ! > > > > * rtra * > > > > hostname rtra > > ! > > ip subnet-zero > > ! > > interface Serial0 > > ip address 192.168.2.1 255.255.255.252 > > no fair-queue > > clockrate 400 > > ! > > router eigrp 1 > > network 172.16.0.0 > > network 192.168.2.0 > > no auto-summary > > ! > > ip classless > > > > routing tables termsrv *** > > termsrv#sh ip route > > Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - > > BGP > >D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter > area > >N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type > 2 > >E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP > >i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - > > candidate > > default > >U - per-user static route, o - ODR > > > > Gateway of last resort is not set > > > > 1.0.0.0/32 is subnetted, 1 subnets > > C 1.1.1.1 is directly connected, Loopback0 > > C172.17.0.0/16 is directly connected, Loopback11 > > 172.16.0.0/24 is subnetted, 3 subnets > > D 172.16.4.0 [90/2185984] via 192.168.2.1, 00:09:53, Serial0 > > D 172.16.5.0 [90/2297856] via 192.168.2.1, 00:09:53, Serial0 > > C 172.16.1.0 is directly connected, Loopback10 > > * 24.0.0.0/26 is subnetted, 1 subnets > > C 24.21.8.192 is directly connected, Ethernet0 > > 192.168.2.0/30 is subnetted, 1 subnets > > C 192.168.2.0 is directly connected, Serial0 > > termsrv# > > > > routing table rtra > > rtra#sh ip route > > Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - > > BGP > >D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter > area > >N1
Re: Something annoying about show run [7:18746]
:) Well, the terminal software buffer would be enough. All he should have to do would be a scroll up. But it should be a good idea to change it to a greater size before that. ER - Original Message - From: "Chuck Larrieu" To: Sent: Thursday, September 06, 2001 11:17 PM Subject: RE: Something annoying about show run [7:18746] one hopes that the user is copying the output to a file. or is a VERY fast reader :-> -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Rahul Kachalia Sent: Wednesday, September 05, 2001 9:40 PM To: [EMAIL PROTECTED] Subject: Re: Something annoying about show run [7:18746] term len 0 should fix it. thanks, rahul. ""Lupi, Guy"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Does anyone know if there is a way to do a show run, and then hit a key that > makes the entire config show? I hate having to hit spacebar 100 times to > get all the way through. Thanks. > > Guy H. Lupi > NOC Engineer > Eureka GGN > 39 Broadway 19th Floor > NY, NY 10006 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19029&t=18746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ip inspect statements [7:19018]
Look it Up: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsec ur_r/ftrafwlr/srfcbac.htm#1020198 Watch the Wrap. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > what will be the effect > ? > > > ip inspect audit-trail > ip inspect max-incomplete high 1100 > ip inspect one-minute high 1100 > ip inspect tcp max-incomplete host 50 block-time 10 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19027&t=19018 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pinouts for t1 crossover [7:19028]
I am trying to find out what the pinout is for a t1 crossover cable ? (CSU/DSU back to back) Jim Phillipo, CCNP, CCDP Sr. Internetworking Engineer W: 401.456.1821 F: 401.456.0599 M: 781.983.0316 90 Royal Little Drive, Providence, RI 02904 www.guardent.com _ G U A R D E N T Security | Privacy | Data Protection Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19028&t=19028 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
1720 doen't accept input in Rom Monitor [7:19024]
Hi Guys, I'd like to share with you an experience I had yesterday: I had a 1720 router which had been turned off during an IOS update, so there was nothing in it's flash memory (or an incomplete IOS image). As result it entered in Rom Monitor when it was powered up again. There should have been be no problem, all I should have to do was to erase the flash again and copy another image to the flash memory from the rommon. But, although I could see the output when the router was booting and the rommon prompt when it was done, I was not able to type anything to it. I thought I had a problem with the serial port of my computer, the HyperTerminal software or the console cable, but I switched everything and nothing changed. I was up to consider that I had lost the router when I decided to disconnect the LAN cable from it's fast Ethernet port before trying again and, voila: It worked! I don't know why, but the LAN cable connected to the Fast Ethernet port of the router was preventing it from accepting any input from the console while in rommon! So, if you ever encounter a problem on typing anything on the rommon prompt of a router, try to disconnect the LAN cable cause it may be the source of your problem! []'s ER Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19024&t=19024 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HDLC [7:18970]
Cisco's categorization of topics for CIT is messed up and there really are very few questions on HDLC troubleshooting, despite what they say. My guess is that you missed other types of questions. Are you aware of the Internetwork Troubleshooting Guide here: http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/index.htm Also, try my CIT flash cards here: http://www.priscilla.com Good luck! Priscilla At 10:39 AM 9/7/01, Muhammad Alkhattab wrote: >Hi all, >I am about to take a second attempt with the CIT(support) exam.My first >attempt I had problem with HDLC topic.DO any one have any tips or web site, >cisco or otherwise, I could go to find out about HDLC(troubleshooting >tools,Methods and targets).Thanks. > >PS >Also on IOS backups(problem isolation for tcpip,Troubleshooting >tools,Methods and Targets) > >Regards, > >Muhammad Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19025&t=18970 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Per destination switching [7:18931]
At 04:56 AM 9/7/01, Lupi, Guy wrote: >When using fast switching, your load sharing is per destination. Lets say >you have 2 T1s to a router, and it is using fast switching, and you go to >AOL to download their newest version. Will your download use only 1 T1 due >to per destination switching? Yes, that's true unfortunately. But you could use CEF instead of fast switching. >If not, how long does the fast cache entry >stay valid for? Probably longer than the time between your packets. Let's say it is TCP and your window size is 8192 and your segment size is 1500 bytes. AOL would send you about 5 packets and then you would acknowledge and AOL would send you more. Your ACKs would probably happen faster than the entry for the AOL destination would leave the fast-switching cache. Not necessarily, but probably. It would depend on how much other traffic was putting entries in the cache and how big the cache is. Priscilla > Will the router switch paths in the middle of a download? >Thanks. > >Guy H. Lupi >NOC Engineer >Eureka GGN >39 Broadway 19th Floor >NY, NY 10006 Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19026&t=18931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DLSW Inside:SNA/Netbios traffic:FOR CCIES [7:18773]
I don't know what problem you are trying to solve and have never looked at any CCIE practice scenarios, but I can tell you this. SNA uses 0100 0100 (0404 for DSAP and SSAP) (test frame?) 0101 0101 (0505 for DSAP and SSAP) (session establishment?) 1000 1000 (0808 for DSAP and SSAP) (during the session?) 1100 1100 (0C0C for DSAP and SSAP) (during the session?) I can't remember for sure which DSAP and SSAP are used for which purpose, but I do know that 04 and 05 happen near the beginning of the session. I think 04 is used for the first LLC test frame, which is also sent as a Token Ring explorer, although that's not really relevant. To get 04 or 05, you could use 0100 (04) and a wildcard mask of 0001 (01) where 0 means must match and 1 means don't care, as in access-list wildcard masks. To get 08 or 0C, you could use 1100 (0C) and a wildcard mask of 0100 (04) where 0 means must match and 1 means don't care. Perhaps the 1101 (0D) is some weird way of combining everything? It could me a wildcard mask where 0 means must match and 1 means don't care. Notice that the third bit in for 4, 5, 8, and C is always 0 as it is in 1101 (D)! Ah hah, that's a clue! Please let us know what you find as you investigate this. I love a puzzle like this! ;-) Thanks. Priscilla At 06:18 AM 9/7/01, Cisco Lover wrote: >Hi Priscilla, > >Thanks for the reply. >This is actually what I seen in most of the CCIE preparation labs??? >But I donot know whats true to use.. > >I can see in Caslow that he is using 0x0404 and 0x0004 to filter SNA >traffic.But in some other test papers they are using >0x0d0d 0x0001. > >As far as I know it is the result of ANDING of test+explorer+...frames of >SNA and not sure How to get this.. > >Any idea??? > > >>From: "Priscilla Oppenheimer" >>Reply-To: "Priscilla Oppenheimer" >>To: [EMAIL PROTECTED] >>Subject: Re: DLSW Inside:SNA/Netbios traffic:FOR CCIES [7:18773] >>Date: Fri, 7 Sep 2001 00:33:37 -0400 >> >>The LLC SAP for NetBIOS is F0. DSAP, SSAP would be FOFO. >> >>SNA uses a bunch of SAPs. I have seen 0x04, 0x05, 0x08, 0x0C. I haven't >>seen D0. In fact, D0 would be a global DSAP because the first bit is set. >>In the SSAP the first bit is the command/response bit. The bit being set >>means that the frame is a response. >> >>What are the masks you mentioned? What are you working on?? >> >>Priscilla >> >>At 05:03 AM 9/6/01, Cisco Lover wrote: >> >Hi guys,, >> > >> >Any one can explain how the network+masks for NETBIOS and SNA traffic comes >> >as 0xf0f0 0x0001 and 0xd0d0 0x0001f >> > >> >IS IRB/RSRB/SRB/SRTB also important to consider for CCIE lab or DLSW is >> >enough >> > >> >Thanks for the help. >> > >> >Cisco lover >> > >> >_ >> >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp >> >> >>Priscilla Oppenheimer >>http://www.priscilla.com >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp > Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19022&t=18773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MC3810 Console Log Problems [7:19007]
You mean 2142 or 2104?? - Original Message - From: "SALDANA,FERNANDO (HP-Mexico,ex1)" To: Sent: Friday, September 07, 2001 2:25 PM Subject: MC3810 Console Log Problems [7:19007] Hi Everybody, Can somebody Help Me. I have A MC3810-V3 I was trying to recover the password and after changing the config register 21042 I jus turn it of and on. Now I just receives a G on the console. I assume that I disable the Ctrl. Does any body has a workaround to bring to life my router. Thank you Fer Saldana Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19023&t=19007 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF over Frame-Relay - Interface-DLCI vs. Map IP/Broadcast [7:19021]
I don't think this is correct. Bellow is a real working config example where there are more than one interface-dlci command on a single p2multipoint interface: interface Serial1 no ip address encapsulation frame-relay no keepalive ! interface Serial1.1 multipoint ip address 172.31.0.2 255.255.0.0 ip ospf network point-to-multipoint frame-relay interface-dlci 101 frame-relay interface-dlci 111 frame-relay interface-dlci 121 frame-relay interface-dlci 131 ! Frame-relay map ip statements should only be required if you don't want (or can't) use frame-relay inverse-arp.. Regards, ER - Original Message - From: "Lance" To: Sent: Friday, September 07, 2001 1:55 PM Subject: Re: OSPF over Frame-Relay - Interface-DLCI vs. Map IP/Broadcast [7:19001] If you are using p2multipoint mode then the router should not let you enter the frame-relay interface-dlci command, only the frame-relay map ip command would be allowed. Lance ""Roger Sohn"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I'm running OSPF over Frame-Relay in a hub and spoke > configuration.(CCbootcamp labs) I've set up Router1(hub) to have interface > S0.1 (p2p) and interface S0.2(multipoint). For multipoint connections, it's > pretty easy because I just input map ip statements. > > But for my p2p connection, I'm having trouble understanding when I'm > supposed to use the "frame-relay interface-dlci" , "frame-relay map ip", or > frame-relay map ip broadcast" statements on the hub and spokes. Can anyone > help shed some light on this? > > I've tried using a combination of all 3 types on both the hub and spoke, and > every time the hub and spoke are able to ping each other without any > problems. > > -Roger Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19021&t=19021 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access list question [7:19005]
There shouldn't be. But it is certainly possible. That is why it is best to protect against this via access lists. There is a good article on CCO about preventing DOS attacks. Multicast can be harmful depending on what is in the payload. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 1:28 PM To: Joshua Vince Cc: [EMAIL PROTECTED] Subject: Re: access list question [7:19005] will there be any broadcast comming from isp or internet to bri interface? also multicast is harmfull ? i dont think i didnt made this just wana know abt it - Original Message - From: "Joshua Vince" To: ; Sent: Friday, September 07, 2001 9:21 PM Subject: RE: access list question [7:19005] The first one will deny multicast packets from entering the interface. The second will prevent broadcasts from entering the interface. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 1:16 PM To: [EMAIL PROTECTED] Subject: access list question [7:19005] any one know what will be the result of it its an inbound acl access-list 100 deny ip 224.0.0.0 31.255.255.255 any access-list 100 deny ip host 0.0.0.0 any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19020&t=19005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Renting equipment [7:18766]
Actually I books a block of time for Monday (9/10) yesterday morning after I read Mark's original email. A couple of minutes later I received confirmation and I'm all set for Monday. That's just what happened for me though. :-> Hope everyone has a great weekend! GO CHIEFS!!! Eric -Original Message- From: Jkillion [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 12:53 PM To: [EMAIL PROTECTED] Subject: Re: Renting equipment [7:18766] Actually, the free lab days have been booked for some time now. ""Mark Bramblett"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > www.bfq.com for the next month they have this equipment and you can use it > for free,plus lots more. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19019&t=18766 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ip inspect statements [7:19018]
what will be the effect ? ip inspect audit-trail ip inspect max-incomplete high 1100 ip inspect one-minute high 1100 ip inspect tcp max-incomplete host 50 block-time 10 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19018&t=19018 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Deleting file from flash [7:18899]
OK. Thanks! - Original Message - From: "MADMAN" To: Sent: Friday, September 07, 2001 2:00 PM Subject: Re: Deleting file from flash [7:18899] As I mentioned earlier, it doesn't exsist on that platform, you must erase the WHOLE flash. Squeeze is available on 7500, 7200, 6500... Dave Ednilson Rosa wrote: > > I couldn't find this command in this router... > > - Original Message - > From: "Ed Seward" > To: > Sent: Friday, September 07, 2001 12:56 AM > Subject: RE: Deleting file from flash [7:18899] > > Use the 'squeeze' command. > > squeeze flash: > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Ednilson Rosa > Sent: Thursday, September 06, 2001 11:29 PM > To: [EMAIL PROTECTED] > Subject: Re: Deleting file from flash [7:18899] > > Just complementing: I already reloaded the router and it's still the same! > > Any clues?? > > ER > - Original Message - > From: "Ednilson Rosa" > To: > Sent: Thursday, September 06, 2001 11:45 PM > Subject: Deleting file from flash [7:18899] > > Hi List, > > I erased a file from the flash memory of a 3640 but I still can see it's > name on the flash marked as "deleted": > > System flash directory: > File Length Name/status > 1 5421492 c3640-io3-mz.121-4.bin > 2 3469688 c3640-sy-mz.120-5.T1.bin [deleted] > 3 5398220 c3640-is-mz_120-7.bin > [14289592 bytes used, 2487624 available, 16777216 total] > 16384K bytes of processor board System flash (Read/Write) > > How can I completely remove it from flash?? > > Thanks, > > ER > > - Original Message - > From: "Brad Ellis" > To: > Sent: Thursday, September 06, 2001 9:01 PM > Subject: Re: LAB Equipement for CCIE [7:18877] > > Francisco, > > hi! Please try searching the threads at www.groupstudy.com. I think I have > answered this question on here about 3-4 times in the past year. If you'd > like to purchase a complete CCIE lab, you can email me offline. > > thanks, > -Brad Ellis > CCIE#5796 > [EMAIL PROTECTED] > > ""Francisco deAmorim"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I know, yet I need a person who has for example, owned some of this > > equipment and tell me the bare minimums. > > > > > > > > > > > > ""Baker, Jason"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > try looking at the CCIE certification area on www.cisco.com > > > > > > it will tell you what you need to know knowledge and equipment wise. > > > > > > Jason > > > > > > > > > > -Original Message- > > > > From: Francisco deAmorim [SMTP:[EMAIL PROTECTED]] > > > > Sent: Friday, 7 September 2001 9:11 am > > > > To: [EMAIL PROTECTED] > > > > Subject: LAB Equipement for CCIE [7:18877] > > > > > > > > I would like to have some CCIEs or well informed people give me an > idea > > of > > > > what they consider a minimum equipment I should get for a home lab to > > > > practice for my CCIE. I mean to buy but I need some serious thoughts. > > > > > > > > > > > > I appreciate all the help in advance -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19017&t=18899 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Renting equipment [7:18766]
Actually, the free lab days have been booked for some time now. ""Mark Bramblett"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > www.bfq.com for the next month they have this equipment and you can use it > for free,plus lots more. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19013&t=18766 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLANs over WAN links ? [7:18911]
Tony van Ree said: > hi, > > yes using bridging but why would you want to. > > Teunis, > > On Friday, September 07, 2001 at 12:20:02 AM, Fuller Michael wrote: > > > Is it possible for VLANs in the same VTP domain to span WAN links ? > > If so, how can this be acheived ? > -- > www.tasmail.com How about LANE, I believe it can be achieved this way. -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19014&t=18911 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE lab for sale [7:19016]
I am selling the following lab that I used to get my CCIE. Please make an offer. Cisco Catalyst 5000 with a Sup 1 and 24 port Ethernet card 1 - WS-X5009 1 - WS-X5013 Teltone ISDN Demonstrator Cisco 2502 with 8M of Flash and 16M of memory 1 - MAU 1 - Token Ring Cable Cisco 2511 with 16M of flash and 16M of memory 1 - Octal Cable 1 - Ethernet Transceiver Cisco 2613 with 24M of memory and 8M of flash 1 - NM-4A/S 1 - WIC-2A/S 1 - WIC-1B-U 2 - Smart Serial to DB60 Serial Cables Cisco 4000 with 16M of memory and 4M of flash. Includes the following: 1 - NP-2R (2-port Token Ring) 1 - NP-2T (2-port serial) 1 - NP-4B (4-port ISDN BRI) 1 - NP-1E (1-port Ethernet) 1 - DTE to DCE cable to connect 4000 and 2500 series routers 1 - IBM Token Ring MAU 2 - MAU to 4000 Token Ring cables 1 - Adtran NT-1 Michael Hall CCIE, CISSP [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19016&t=19016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP and ip default-network [7:18941]
that was it exactly. Unless the major network specified in 'ip default-network' is advertised, the default network is NOT advertised. If it were a exam question where there was a 'no static route' restriction, then one could either use auto-summary or summarize the 24.0.0.0/8 route at the interfaces (as one does with eigrp). The tricky part is that most of us are trained to add the no auto-summary command to eigrp as soon as we configure it, so it becomes automatic and an (almost) mindless config task, and sometimes forget the effect that it has from a classful perspective. - Original Message - From: "John Neiberger" To: Cc: Sent: Friday, September 07, 2001 8:29 AM Subject: Re: EIGRP and ip default-network [7:18941] > Okay then, how about adding "auto-summary" to the termsrv router? That > would summarize on classfull boundaries which would force termsrv to > advertise 24.0.0.0/8 to rta instead of 24.0.0.0/26. > > Is that closer? > > >>> "EA Louie" 9/7/01 8:54:31 AM >>> > nope but it does have to do with 24.0.0.0/8 being advertised :-) > > no static routes allowed, my friend...the solution is even simpler than > that > > -e- > > - Original Message - > From: "John Neiberger" > To: > Cc: > Sent: Friday, September 07, 2001 7:22 AM > Subject: Re: EIGRP and ip default-network [7:18941] > > > > I'd like to hazard a guess here. > > > > My guess is that termsrv is passing 24.0.0.0/8 as the default > network, > > yet rta does not have this in its routing tables. If you add a > static > > route for 24.0.0.0/8 to Null0 on termsrv, eigrp will pass this route > to > > rta, allowing rta to make that the default network. > > > > This is a good one! Am I close? > > > > John > > > > >>> "EA Louie" 9/7/01 4:53:19 AM >>> > > While studying Doyle Vol 1 p. 755-758 (default-network), I made an > > interesting yet painful discovery (besides the typo on p 755). > Simple > > scenario: Two routers connected via serial interfaces and the > default > > network on the Ethernet interface of termsrv. I was trying to get > the > > candidate default route to advertise to rtra, but it wouldn't work > > until I > > made one config change. > > > > Can you figure out where, and what that change was? Bonus "points" > if > > you > > can tell me why. > > > > Hint: It surprised me because it's an almost automatic command that > I > > type > > in when I configure that particular feature. It showed up when I > did > > a > > debug ip eigrp on rtra > > > > Here are the configs and routing tables with the unneeded portions > > snipped: > > > > termsrv * > > > > hostname termsrv > > ! > > ip subnet-zero > > ! > > interface Ethernet0 > > ip address 24.21.8.200 255.255.255.192 > > no ip directed-broadcast > > ! > > interface Serial0 > > ip address 192.168.2.2 255.255.255.252 > > no ip directed-broadcast > > no ip mroute-cache > > no fair-queue > > ! > > router eigrp 1 > > network 24.0.0.0 > > network 192.168.2.0 > > no auto-summary > > ! > > ip classless > > ip default-network 24.0.0.0 > > ! > > > > * rtra * > > > > hostname rtra > > ! > > ip subnet-zero > > ! > > interface Serial0 > > ip address 192.168.2.1 255.255.255.252 > > no fair-queue > > clockrate 400 > > ! > > router eigrp 1 > > network 172.16.0.0 > > network 192.168.2.0 > > no auto-summary > > ! > > ip classless > > > > routing tables termsrv *** > > termsrv#sh ip route > > Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - > > BGP > >D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter > area > >N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type > 2 > >E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP > >i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - > > candidate > > default > >U - per-user static route, o - ODR > > > > Gateway of last resort is not set > > > > 1.0.0.0/32 is subnetted, 1 subnets > > C 1.1.1.1 is directly connected, Loopback0 > > C172.17.0.0/16 is directly connected, Loopback11 > > 172.16.0.0/24 is subnetted, 3 subnets > > D 172.16.4.0 [90/2185984] via 192.168.2.1, 00:09:53, Serial0 > > D 172.16.5.0 [90/2297856] via 192.168.2.1, 00:09:53, Serial0 > > C 172.16.1.0 is directly connected, Loopback10 > > * 24.0.0.0/26 is subnetted, 1 subnets > > C 24.21.8.192 is directly connected, Ethernet0 > > 192.168.2.0/30 is subnetted, 1 subnets > > C 192.168.2.0 is directly connected, Serial0 > > termsrv# > > > > routing table rtra > > rtra#sh ip route > > Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - > > BGP > >D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter > area > >N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type > 2 > >E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP > >i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-I
Re: access list question [7:19005]
will there be any broadcast comming from isp or internet to bri interface? also multicast is harmfull ? i dont think i didnt made this just wana know abt it - Original Message - From: "Joshua Vince" To: ; Sent: Friday, September 07, 2001 9:21 PM Subject: RE: access list question [7:19005] The first one will deny multicast packets from entering the interface. The second will prevent broadcasts from entering the interface. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 1:16 PM To: [EMAIL PROTECTED] Subject: access list question [7:19005] any one know what will be the result of it its an inbound acl access-list 100 deny ip 224.0.0.0 31.255.255.255 any access-list 100 deny ip host 0.0.0.0 any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19012&t=19005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access list again [7:19006]
The first line: any host can send ip packets to 194.172.253.0 - 194.172.253.127 on port 53 (DNS) The second line: denies icmp redirects from anywhere to anywhere. Third: denies ip packets with a source of localhost. Prevents spoofing of localhost address by remote system. The last two were answered in my previous e-mail. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 1:20 PM To: [EMAIL PROTECTED] Subject: access list again [7:19006] what will be the result of this access-list 101 permit udp any 194.172.253.0 0.0.0.127 eq domain access-list 101 deny icmp any any redirect access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip 224.0.0.0 31.255.255.255 any access-list 101 deny ip host 0.0.0.0 any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19011&t=19006 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access list question [7:19005]
The first one will deny multicast packets from entering the interface. The second will prevent broadcasts from entering the interface. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 07, 2001 1:16 PM To: [EMAIL PROTECTED] Subject: access list question [7:19005] any one know what will be the result of it its an inbound acl access-list 100 deny ip 224.0.0.0 31.255.255.255 any access-list 100 deny ip host 0.0.0.0 any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19010&t=19005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: access list again [7:19006]
it will allow dns requests destined for the 194.172.253.0 255.255.255.128 network. It will not allow people on that network to get dns form elsewhere as the source port in their request will be a random number 1024 or above, so when the response comes back it will come back to that random port instead of port 53. It will block all other traffic. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, September 07, 2001 12:20 PM To: [EMAIL PROTECTED] Subject: access list again [7:19006] what will be the result of this access-list 101 permit udp any 194.172.253.0 0.0.0.127 eq domain access-list 101 deny icmp any any redirect access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 deny ip 224.0.0.0 31.255.255.255 any access-list 101 deny ip host 0.0.0.0 any Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19009&t=19006 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MC3810 Console Log Problems [7:19007]
Hi Everybody, Can somebody Help Me. I have A MC3810-V3 I was trying to recover the password and after changing the config register 21042 I jus turn it of and on. Now I just receives a G on the console. I assume that I disable the Ctrl. Does any body has a workaround to bring to life my router. Thank you Fer Saldana Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19007&t=19007 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
