RE: BGP question [7:25130]
I am fairly inexperienced with bgp. Could you or anyone tell me what is the purpose of your excercise? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of adam lee Sent: Saturday, November 03, 2001 7:26 PM To: [EMAIL PROTECTED] Subject: RE: BGP question [7:25130] What version of IOS is that command in? I am using 12.0(9) and it's not in there. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of news Sent: Saturday, November 03, 2001 12:23 PM To: [EMAIL PROTECTED] Subject: Re: BGP question [7:25130] I think I got the correct answer On R3, use neighbor ip address local-as AS# Faisal Wojtek Zlobicki wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Oops, I misunderstood the question... what is the correct answer ? How is this command going to change the AS path list. The require task was that R4 should see the loopback is from AS 200 not AS 100 (which is the originator). Faisal Wojtek Zlobicki wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... news wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, greetings... While practicing for CCIE lab, I encounter a question that is something like this Topology: R1 R3 - R4 R1 is on AS 100 R3 is on AS 200 R4 is on AS 500 There is a loopback address on R1 Loopback0 200.200.200.1/24. I am suppose to advertise this through BGP. Now, in normal case, R4 should see this network coming from AS 200 and then AS 500 My task is to configure R3 with one statement so that R4 see this loopback coming from AS 200 instead of AS 500? Any idea how this is done? neighbor R3_LOOPBACK next-hop-self Thanks in advance. I appreciate your help. Faisal Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25210t=25130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
500-CS terminal server notes [7:25211]
If anyone is using a 500-CS terminal server and would like advice on how to upgrade the RAM to run IOS 10.l instead of the 9.1 ROM based IOS, drop me a line. I can supply a basic config and some intructions on how and what is needed for the upgrade. Here is a chance to recycle some OLD SIMMS ( or to buy something you just threw away, like me). Yes Cisco has docs on this, but it can be a pain to find them and then decipher exactly what needs to be done. Why would I put this much effort into an old terminal server? 'cause it's the equivelent to a 2509 or 2511 minus the serial ports and ALOT cheaper. Perfect for a CCIE lab or someone that is tired of swapping the cables every time you want to console into your pile of routers. So whats the catch? why free info? would you believe just because? No, I dont have a pile of these to sell nor am I going to push anyone else. Anyways.. I have seen questions posted occasionally about these.. so I know I'm not the only cheapskate out there using it... MikeS [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25211t=25211 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
off topic: Routers and Switches for sale... [7:25206]
Hello Cisco Gurus, I have some routers already on ebay to be sold. I would like to tell you guys and to be available to answer whatever questions you guys might have. Those are 2511's , 2511RJ and Cisco Catalyst Switch 1200. I just want to point that any deal to be treated off line. Here are the ebay auctions link.. Item # 1292112678 Item # 1292118544 http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItemitem=1292112678 http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItemitem=1292118544 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25206t=25206 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ARP - What protocols support it. [7:24738]
nrf wrote: No, I am referring to the original Apollo Domain networking protocol, before HP acquired Apollo (and changed things around). Check it out for yourself - router#(config) apollo routing Then set up an Apollo network on an interface, and do some show apollo xxx commands Jonathan Hays wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks - that's interesting. As far as trying that command, perhaps the technicians in the Smithsonian would be interested, but not me. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25213t=24738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Console Port Problem - Help ! [7:25201]
I have had this with an odd router and it's just a matter of playing with the cable.. A little wiggle here and there. I checked one console port out and the wires inside were a tad bent .. Also I have had some switches 19xx give me a wacked out ATHQ error and yet on another PC they work fine.. When I go back to the original PC just use another serial port and it's fine.. And yet Serial 1 will work fine with a router and serial 2 work with a switch on the same PC SO go figure ... The problem follows the PC .. Like other said get terra Term pro. and maybe try another PC ..and maybe even NT or 2k as windoze 9x can be funky I made a DOS boot disk with kermit loaded which negates all the windoze errors and if that does not work them I know it's a bad port on the router / switch Oz sNIP The symptom is as folows : Output from the router on the console screen will be seen, but anything which is typed in will not be seen Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25214t=25201 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Weirdness with OSPF--IGRP and Default Routes [7:25216]
I posted this to the ccie list as well. I'm hoping someone has run across this before. I'll start with the original scenario that worked so I can show you where I began before I show you what I'm trying to accomplish now. There are three relevant routers here: A(ospf)B(rip)-C A originates a default route to B and I use default-information originate in the RIP config to pass 0.0.0.0/0 to C. This works well. Then I took RIP away and tried this with IGRP and ip default-network. This took some tweaking before I could get B to originate default route to C with IGRP. Is it just me or did Cisco seem to make this very user-unfriendly?? Unbelievable. This is *so* easy with other protocols. Anyway... In the first scenario, B has a single gateway of last resort: 0.0.0.0/0 via router A. Beautiful. In the second scenario I end up with two candidate GOLRs but neither is picked and routing breaks! This makes *zero* sense to me. If ip classless is configured and still have 0.0.0.0/0 in my routing table then B should route all packets with unknown destinations to A, right?? Well, it's not working and I can consistently recreate it. If I remove the ip default-network statement routing works but then C has no default route. What could be wrong here? For grins, I'll paste in some command output to show you what I mean. R4 is Router B in the above scenario. Gateway of last resort is 152.1.3.2 to network 0.0.0.0 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:19:53, Serial0 C 152.1.3.0/30 is directly connected, Serial0 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 O 130.1.0.0/22 is a summary, 05:19:54, Null0 I 130.1.7.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 I 130.1.6.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 I 130.1.5.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 O 130.1.4.0/22 is a summary, 05:19:54, Null0 C 130.1.4.0/24 is directly connected, TokenRing0 C30.0.0.0/8 is directly connected, Loopback1 O*N2 0.0.0.0/0 [110/1] via 152.1.3.2, 05:19:56, Serial0 R4#ping 20.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/40 ms R4# After I add ip default-network 30.0.0.0: Gateway of last resort is not set 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:21:19, Serial0 C 152.1.3.0/30 is directly connected, Serial0 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 O 130.1.0.0/22 is a summary, 05:21:19, Null0 I 130.1.7.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 I 130.1.6.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 I 130.1.5.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 O 130.1.4.0/22 is a summary, 05:21:20, Null0 C 130.1.4.0/24 is directly connected, TokenRing0 C* 30.0.0.0/8 is directly connected, Loopback1 O*N2 0.0.0.0/0 [110/1] via 152.1.3.2, 05:21:22, Serial0 R4# R4#ping 20.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds: . Success rate is 0 percent (0/5) R4# Any help would be appreciated. I'm about to swear off using IGRP and EIGRP for the rest of my life just on principle. :-) Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25216t=25216 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cant firgure it out why accesslist not working [7:25217]
dear all this access list is allowing rdp and other connections to the hosts like .47, cant firgure it out why accesslist not working.. any thoughts sh runn Building configuration... ! ! ! ! ip subnet-zero no ip finger no ip domain-lookup ! --More-- isdn switch-type basic-net3 ! ! ! interface FastEthernet0/0 ip address 201.170.253.33 255.255.255.224 secondary ip address 201.170.253.1 255.255.255.224 speed 10 full-duplex ! interface BRI0/0 description connected to Internet ip unnumbered FastEthernet0/0 ip access-group 101 in encapsulation ppp dialer idle-timeout 2147483 dialer string 400 dialer hold-queue 100 dialer-group 1 isdn switch-type basic-net3 no cdp enable ppp authentication chap callin ppp chap hostname mdspc-0012 --More-- ppp chap password 7 06051F324843 hold-queue 50 in ! interface FastEthernet0/1 no ip address shutdown speed 10 full-duplex ! ip classless ip route 0.0.0.0 0.0.0.0 BRI0/0 no ip http server ! access-list 101 permit tcp any host 201.170.253.10 eq www access-list 101 permit tcp any host 201.170.253.47 eq smtp access-list 101 permit tcp any host 201.170.253.47 eq pop3 access-list 101 permit tcp any host 201.170.253.47 eq 143 access-list 101 permit tcp any host 201.170.253.47 eq domain access-list 101 permit udp any host 201.170.253.47 eq domain access-list 101 permit tcp any host 201.170.253.48 eq smtp access-list 101 permit tcp any host 201.170.253.48 eq pop3 access-list 101 permit tcp any host 201.170.253.48 eq 143 access-list 101 permit tcp any host 201.170.253.50 eq 3389 --More-- access-list 101 permit tcp any host 201.170.253.51 eq 1494 access-list 101 permit tcp any host 201.170.253.51 eq 3389 access-list 101 permit icmp any host 201.170.253.47 dialer-list 1 protocol ip permit ! line con 0 transport input none line aux 0 line vty 0 4 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25217t=25217 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: slightly [7:19060]
Kevin, anything further on this? I did some cursory searches on CCO TAC looking for a possible bug. There were some hits which led to discussions about broadcast throttling. There were some intriguing hits with regards to Layer 3 unreachable features, but nothing that I could find in the few minutes I spent that fit your scenario. I suppose now that you have turned off the server broadcast function, the only other test would be to do a ping to 255.255.255.255 and see if you get the same kinds of response. I'm wondering if there is an undocumented feature about broadcasts from the same source IP? doesn't seem right. At the brokerage firm there was a quote server all of whose traffic was broadcast. That was a few sup images and earl versions ago. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kevin Wigle Sent: Tuesday, October 30, 2001 5:41 PM To: [EMAIL PROTECTED] Subject: Re: slightly [7:19060] Just in case anybody is remotely interested - I didn't get one guess on this problem almost 2 months ago. Today we solved it - well at least got it to work. From my email below the salient issue was that a trace showed that broadcasts were made by the application. In buildings that had a Cat5000 - it answered with an unreachable message and the application stopped. In other buildings without a Cat5000, the broadcasts were still made but nothing answered and the application worked. Today from the software vendor we were advised of a configuration switch that turned off the broadcast. Now the application works in any building on W2K Pro. (It worked before from any building on Win95 / NT 4 without the config switch) So I should be happy - the migration goes on. But, why does a Cat5000 answer a broadcast?? Why doesn't it just shut up like all the other devices on the net? Since when does it participate in the conversation and not just be the relayer??? That question may linger for a long long time Kevin Wigle - Original Message - From: Kevin Wigle To: Sent: Friday, 07 September, 2001 17:47 Subject: OT: slightly [7:19060] Dear Group, Have a problem that is puzzling. I am preparing to rollout W2K Pro across a very large organization which covers many buildings in a large city. The vast majority of switches/routers in the enterprise are Cisco. The support group uses an application called Support Magic to log trouble tickets and the normal help desk activities. There is one central database and all help desk agents connect to it from any building. The building I'm working in has a Cat5000 as the main switch sitting in front of a Cisco 4000 router. When I try to start Support Magic, on a sniffer I can see that the application makes a mac level broadcast seeking port 1498. Then it makes an IP subnet broadcast looking for port 1498. At this time the Cat5000 replies with a port unreachable and the W2K machine stops looking. However, in the odbc.ini there is an entry for where the database is. On the same hub is a NT4 workstation. When I sniff it's connection to Support Magic it also receives the port unreachable message from the Cat5000 but then it goes on to connect. So, I go to another building. We carry the same W2K PC with us and the laptop sniffer. We plug everything in and the trace is the same except nothing returns an unreachable message and the connection succeeds. I don't know what kind of switch is in this building but it shouldn't be a Cat5000 as only 40 people work there. I believe the router is a 2501 but I'm trying to find out exactly what the infrastructure is. We go to another building. This building has a cat 6509. We set up, do the trace and again - no unreachable message and the connection works. Don't know what the router is yet. On the face of it, it seems that W2K/Support Magic gets the unreachable msg and then stops trying although the address it needs is hardcoded. Which is weird because NT4/Support Magic works. And W2K/Support Magic works in a building that doesn't have a Cat5000. I will be chasing more of this down again on Monday by visiting other buildings and getting the infrastructure info to make comparisons. Unfortunately as a support organization - this application is mission critical so it is a show stopper for the migration. So one of my questions is. why does the Cat5000 answer the broadcast saying I don't have this. Why doesn't it ignore it like the other devices on the network? (so far it is the only device to return an unreachable msg). The Cat5000 is not the default gateway for the building. The IP address of the server can be pinged regardless of what Support Magic does. Have not gone to Cisco, Microsoft or Support Magic yet with questions. We want to build a good history to present first. You can imagine that with 3 possible vendors to blame that we need a good description of the case. But just in
Re: BGP question [7:25130]
interesting question. a seach among the command references and configuration guides on CCO yields nothing under 12.1, but under 12.2 states this command was introduced in 12.0(4.4)S and that in 12.0(5)T the address family configuration mode was added. I copied this stuff out of CCO, but it is not making sense to me at the moment. I can find no reference to the command and function in Parkhurst, which carries a 2001 copyright but no telling when the contents were locked down for publishing. In re-reading this thread and the documentation below, I'm still a bit unclear as to what is being accomplished here. Telling a neighbor you are AS X when you are really AS Y ?? I'm working on some BGP scenarios now, so I'll try to add this to the list and report back. Chuck -- stuff from CCO: The next example shows how the route map named set-community is applied to the outbound updates to neighbor 171.69.232.50 and the local-as community attribute is used to filter the routes. The routes that pass access list 1 have the special community attribute value local-as. The remaining routes are advertised normally. This special community value automatically prevents the advertisement of those routes by the BGP speakers outside autonomous system 200. router bgp 65000 network 1.0.0.0 route-map set-community bgp confederation identifier 200 bgp confederation peers 65001 neighbor 171.69.232.50 remote-as 100 neighbor 171.69.233.2 remote-as 65001 ! route-map set-community permit 10 set community local-as neighbor local-as To allow customization of the autonomous system number for external Border Gateway Protocol (eBGP) peer groupings, use the neighbor local-as command in address family or router configuration mode. To disable this function, use the no form of this command. Command History Release Modification 12.0(4.4)S This command was introduced. 12.0(5)T Address family configuration mode was added. Usage Guidelines Each BGP peer or peer group can be made to have a local autonomous system value for the purpose of peering. In the case of peer groups, the local autonomous system value is valid for all peers in the peer group. This feature cannot be customized for individual peers in a peer group. If this command is configured, you cannot use the local BGP autonomous system number or the autonomous system number of the remote peer. This command is valid only if the peer is a true eBGP peer. This feature does not work for two peers in different subautonomous systems in a confederation. Examples The following address family configuration example shows the customization of neighbor 172.20.1.1 configured to have an autonomous system number of 300 for the purpose of peering: router bgp 109 address-family ipv4 multicast network 172.20.0.0 neighbor 172.20.1.1 local-as 300 The following router configuration example shows the customization of neighbor 172.20.1.1 configured to have autonomous system number of 300 for the purpose of peering: router bgp 109 network 172.20.0.0 neighbor 172.20.1.1 local-as 300 end of stuff from CCO - adam lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What version of IOS is that command in? I am using 12.0(9) and it's not in there. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of news Sent: Saturday, November 03, 2001 12:23 PM To: [EMAIL PROTECTED] Subject: Re: BGP question [7:25130] I think I got the correct answer On R3, use neighbor ip address local-as AS# Faisal Wojtek Zlobicki wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Oops, I misunderstood the question... what is the correct answer ? How is this command going to change the AS path list. The require task was that R4 should see the loopback is from AS 200 not AS 100 (which is the originator). Faisal Wojtek Zlobicki wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... news wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, greetings... While practicing for CCIE lab, I encounter a question that is something like this Topology: R1 R3 - R4 R1 is on AS 100 R3 is on AS 200 R4 is on AS 500 There is a loopback address on R1 Loopback0 200.200.200.1/24. I am suppose to advertise this through BGP. Now, in normal case, R4 should see this network coming from AS 200 and then AS 500 My task is to configure R3 with one statement so that R4 see this loopback coming from AS 200 instead of AS 500? Any idea how this is done? neighbor R3_LOOPBACK next-hop-self Thanks in advance. I appreciate your help. Faisal Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25218t=25130 -- FAQ, list archives, and subscription
Re: 2500 IOS TFTP Problem - For a change! (sarc) [7:25144]
Check for hardware problem... either DRAM faulty or Flash faulty or possibly insufficient Flash.. you may have 12 meg instead of 16 meg flash but the IOS still show as 16 due to some errors Gareth Hinton wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, This is not a major problem as I am just playing, but having a nightmare trying to get 2500 image on. I had the same nightmare last time with 12.1. It went on eventually, for no reason whatsoever, by just repeating the process. I seem to remember that there maybe a way to make the router ignore the checksum. Anybody know if I've dreamt this up or whether there is actually a method. Cheers, Gareth ! [OK - 15445320/16777216 bytes] Verifying checksum... invalid (expected 0x73BD, computed 0xE283) Flash copy took 0:08:26 [hh:mm:ss] A(boot)#reload snip.. System flash directory: File Length Name/status 1 15445320 122.bin [invalid checksum] [15445384 bytes used, 1331832 available, 16777216 total] 16384K bytes of processor board System flash (Read/Write) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25219t=25144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Any Ideas For Alternative Internet Route Redundancy??? [7:25220]
How is the traffic coming back ? :-)) On Sat, 3 Nov 2001, Dennis wrote: Why don't you just route traffic to the headquarters over the frame and internet traffic over other link? This could be done with static routes or through the use of a dynamic protocol such as ospf. If you require a more specific answer you'll need to be more specific with the question. Posting sanitized current configs also helps... -- -=Repy to group only... no personal=- Murphy, George wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Howdy folks, I was wondering if any of you have used any tricks that I have not though of for redundant routing to two internet sources. We have one remote office that uses their own ISP via default route but also connects to us over frame relay. Our headquarters has ISP connectivity of its own which some of the other remote offices use for access. We have tried to setup a second route with a different cost and OSPF was giving us troubles (not sure what) but we are looking to use another way... Any ideas?? George Murphy CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25220t=25220 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Weirdness with OSPF--IGRP and Default Routes [7:25216]
if I am not mistaken, the default network has to be learned via IGRP, and cannot be a connected interface. If I am reading your outputs correctly, your default network is a connected interface. am I misreading which router is the source of the pings? Chuck John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I posted this to the ccie list as well. I'm hoping someone has run across this before. I'll start with the original scenario that worked so I can show you where I began before I show you what I'm trying to accomplish now. There are three relevant routers here: A(ospf)B(rip)-C A originates a default route to B and I use default-information originate in the RIP config to pass 0.0.0.0/0 to C. This works well. Then I took RIP away and tried this with IGRP and ip default-network. This took some tweaking before I could get B to originate default route to C with IGRP. Is it just me or did Cisco seem to make this very user-unfriendly?? Unbelievable. This is *so* easy with other protocols. Anyway... In the first scenario, B has a single gateway of last resort: 0.0.0.0/0 via router A. Beautiful. In the second scenario I end up with two candidate GOLRs but neither is picked and routing breaks! This makes *zero* sense to me. If ip classless is configured and still have 0.0.0.0/0 in my routing table then B should route all packets with unknown destinations to A, right?? Well, it's not working and I can consistently recreate it. If I remove the ip default-network statement routing works but then C has no default route. What could be wrong here? For grins, I'll paste in some command output to show you what I mean. R4 is Router B in the above scenario. Gateway of last resort is 152.1.3.2 to network 0.0.0.0 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:19:53, Serial0 C 152.1.3.0/30 is directly connected, Serial0 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 O 130.1.0.0/22 is a summary, 05:19:54, Null0 I 130.1.7.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 I 130.1.6.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 I 130.1.5.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 O 130.1.4.0/22 is a summary, 05:19:54, Null0 C 130.1.4.0/24 is directly connected, TokenRing0 C30.0.0.0/8 is directly connected, Loopback1 O*N2 0.0.0.0/0 [110/1] via 152.1.3.2, 05:19:56, Serial0 R4#ping 20.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/40 ms R4# After I add ip default-network 30.0.0.0: Gateway of last resort is not set 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:21:19, Serial0 C 152.1.3.0/30 is directly connected, Serial0 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 O 130.1.0.0/22 is a summary, 05:21:19, Null0 I 130.1.7.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 I 130.1.6.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 I 130.1.5.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 O 130.1.4.0/22 is a summary, 05:21:20, Null0 C 130.1.4.0/24 is directly connected, TokenRing0 C* 30.0.0.0/8 is directly connected, Loopback1 O*N2 0.0.0.0/0 [110/1] via 152.1.3.2, 05:21:22, Serial0 R4# R4#ping 20.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds: . Success rate is 0 percent (0/5) R4# Any help would be appreciated. I'm about to swear off using IGRP and EIGRP for the rest of my life just on principle. :-) Thanks, John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25221t=25216 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Resetting password on Cat5XXX [7:24969]
You have to turn off the machine. After you turn on again in the first 30 sec. you can enter the cat via the console port without an password. schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greetings, Anyone know how to break into a cat5500 with tacacs configuration? Switch is not connected to the network. Thanks.Nabil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25222t=24969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How to configure multiple DLSw peer? [7:25223]
When I try to define remote peer in a router, I need to specify the remote peer IP address. dlsw remote-peer tcp 0 tcp x.x.x.x dlsw remote-peer tcp 0 tcp y.y.y.y What does the list-number 0 mean? Do I need to put them into the same list? What happens when I them into two different list-number? Please help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25223t=25223 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem booting a 3620 [7:25200]
Try pulling out all the cards etc and flash and RAM. If it still will not boot. Maybe the Boot roms are bad.. Check that the boot roms are in the rightslots.. I THINK they are FW1 or FS1 about 5/8th's of an inch square. But be careful as they only go in one way . One corner is cut off . You should be able to order new rom from Cisco they usually give them for free you pay the shipping.. 11.1(19)AA is I THINK the latest ROM BOOT-3600= this is the part number. It's a long shot but it may work Your router has the earlier version on the boot ROM Oz My father gave me a 3620 for my home lab but I'm having troubles with it. I've searched CCO but have not found anything useful. Any suggestions? Here is the output when I try going into the ROMMON: Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25224t=25200 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:25130]
Hi what I am trying to achieve is as follow AS 100 is connected to AS 200. AS 200 is connected to AS 300 AS 100 has route from AS 300. So the AS-PATH List is: 200, 300, i The task is: AS 100 should see all the route from AS 300 as if they came from AS 100 directly the path will look like 200, i Faisal Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... interesting question. a seach among the command references and configuration guides on CCO yields nothing under 12.1, but under 12.2 states this command was introduced in 12.0(4.4)S and that in 12.0(5)T the address family configuration mode was added. I copied this stuff out of CCO, but it is not making sense to me at the moment. I can find no reference to the command and function in Parkhurst, which carries a 2001 copyright but no telling when the contents were locked down for publishing. In re-reading this thread and the documentation below, I'm still a bit unclear as to what is being accomplished here. Telling a neighbor you are AS X when you are really AS Y ?? I'm working on some BGP scenarios now, so I'll try to add this to the list and report back. Chuck -- stuff from CCO: The next example shows how the route map named set-community is applied to the outbound updates to neighbor 171.69.232.50 and the local-as community attribute is used to filter the routes. The routes that pass access list 1 have the special community attribute value local-as. The remaining routes are advertised normally. This special community value automatically prevents the advertisement of those routes by the BGP speakers outside autonomous system 200. router bgp 65000 network 1.0.0.0 route-map set-community bgp confederation identifier 200 bgp confederation peers 65001 neighbor 171.69.232.50 remote-as 100 neighbor 171.69.233.2 remote-as 65001 ! route-map set-community permit 10 set community local-as neighbor local-as To allow customization of the autonomous system number for external Border Gateway Protocol (eBGP) peer groupings, use the neighbor local-as command in address family or router configuration mode. To disable this function, use the no form of this command. Command History Release Modification 12.0(4.4)S This command was introduced. 12.0(5)T Address family configuration mode was added. Usage Guidelines Each BGP peer or peer group can be made to have a local autonomous system value for the purpose of peering. In the case of peer groups, the local autonomous system value is valid for all peers in the peer group. This feature cannot be customized for individual peers in a peer group. If this command is configured, you cannot use the local BGP autonomous system number or the autonomous system number of the remote peer. This command is valid only if the peer is a true eBGP peer. This feature does not work for two peers in different subautonomous systems in a confederation. Examples The following address family configuration example shows the customization of neighbor 172.20.1.1 configured to have an autonomous system number of 300 for the purpose of peering: router bgp 109 address-family ipv4 multicast network 172.20.0.0 neighbor 172.20.1.1 local-as 300 The following router configuration example shows the customization of neighbor 172.20.1.1 configured to have autonomous system number of 300 for the purpose of peering: router bgp 109 network 172.20.0.0 neighbor 172.20.1.1 local-as 300 end of stuff from CCO - adam lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What version of IOS is that command in? I am using 12.0(9) and it's not in there. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of news Sent: Saturday, November 03, 2001 12:23 PM To: [EMAIL PROTECTED] Subject: Re: BGP question [7:25130] I think I got the correct answer On R3, use neighbor ip address local-as AS# Faisal Wojtek Zlobicki wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Oops, I misunderstood the question... what is the correct answer ? How is this command going to change the AS path list. The require task was that R4 should see the loopback is from AS 200 not AS 100 (which is the originator). Faisal Wojtek Zlobicki wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... news wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, greetings... While practicing for CCIE lab, I encounter a question that is something like this Topology: R1 R3 - R4 R1 is on AS 100 R3 is on AS 200 R4 is on AS 500 There is a loopback address on R1 Loopback0 200.200.200.1/24. I am suppose to advertise this through BGP. Now, in normal case, R4 should see
Re: Help with Voice over IP over ATM [7:25163]
On Fri, Nov 02, 2001 at 11:42:24PM -0500, William Lijewski wrote: In the lab I am working on you are to do Voice over IP over ATM SVC's. They want it so if no one is talking it still sends empty voice packets. Right now if no one is talking you can hear it go dead silent until someone speeks again. How do you get the empty voice packets to be transmitted so the line is constantly active even if no one is talking? Sounds like you're looking for the 'no vad' command to disable Voice Activity Detection, which is enabled on ATM circuits by default. UniverCD link at http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fvvfax_c/vvfport.htm. Hope this helps. David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25227t=25163 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Weirdness with OSPF--IGRP and Default Routes [7:25216]
You're reading it correctly. The real problem isn't with router C. Using either of the methods I tried it learns a default route from B. The real problem is that as soon as I add a default-network command to router B (so that it originates a default to C) default routing breaks. Others keep pointing out that having a loopback address as a default network creates a blackhole. In this case I'm using a dummy network that does not exist elsewhere so it won't create a black hole. In fact, when ip packet debugging is turned on the packets are unroutable. This makes no sense to me since a quad-zero default exists in the routing table. With ip classless nothing should be unroutable. Very weird. I must be missing something... You think this is weird, though, you ought to see the lab setup I'm using to test this. At the moment I have six routers running a combination of IS-IS, BGP, OSPF, and IGRP. :-) I'm a glutton for punishment! Regards, John On Sun, 4 Nov 2001 11:52:26 -0500, Chuck Larrieu wrote: | if I am not mistaken, the default network has to be learned via IGRP, and | cannot be a connected interface. If I am reading your outputs correctly, | your default network is a connected interface. | | am I misreading which router is the source of the pings? | | Chuck | | | John Neiberger wrote in message | [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... | I posted this to the ccie list as well. I'm hoping someone has run across | this before. | | I'll start with the original scenario that worked so I can show you where | I | began before I show you what I'm trying to accomplish now. There are | three | relevant routers here: | | A(ospf)B(rip)-C | | A originates a default route to B and I use default-information originate | in | the RIP config to pass 0.0.0.0/0 to C. This works well. Then I took RIP | away and tried this with IGRP and ip default-network. | | This took some tweaking before I could get B to originate default route | to | C with IGRP. Is it just me or did Cisco seem to make this very | user-unfriendly?? Unbelievable. This is *so* easy with other protocols. | Anyway... | | In the first scenario, B has a single gateway of last resort: 0.0.0.0/0 | via | router A. Beautiful. In the second scenario I end up with two candidate | GOLRs but neither is picked and routing breaks! | | This makes *zero* sense to me. If ip classless is configured and still | have 0.0.0.0/0 in my routing table then B should route all packets with | unknown destinations to A, right?? Well, it's not working and I can | consistently recreate it. | | If I remove the ip default-network statement routing works but then C has | no | default route. | | What could be wrong here? For grins, I'll paste in some command output to | show you what I mean. R4 is Router B in the above scenario. | | Gateway of last resort is 152.1.3.2 to network 0.0.0.0 | | 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks | O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:19:53, Serial0 | C 152.1.3.0/30 is directly connected, Serial0 | 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks | I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | O 130.1.0.0/22 is a summary, 05:19:54, Null0 | I 130.1.7.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 | I 130.1.6.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 | I 130.1.5.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 | O 130.1.4.0/22 is a summary, 05:19:54, Null0 | C 130.1.4.0/24 is directly connected, TokenRing0 | C30.0.0.0/8 is directly connected, Loopback1 | O*N2 0.0.0.0/0 [110/1] via 152.1.3.2, 05:19:56, Serial0 | R4#ping 20.1.1.1 | | Type escape sequence to abort. | Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds: | ! | Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/40 ms | R4# | | After I add ip default-network 30.0.0.0: | | Gateway of last resort is not set | | 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks | O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:21:19, Serial0 | C 152.1.3.0/30 is directly connected, Serial0 | 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks | I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 | I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 | I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:32, TokenRing0 | O 130.1.0.0/22 is a summary, 05:21:19, Null0 | I 130.1.7.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 | I 130.1.6.0/24 [100/1188] via 130.1.4.2, 00:00:34, TokenRing0 | I 130.1.5.0/24 [100/1188] via 130.1.4.2,
Cisco 4000 as a ISDN simulator? [7:25232]
Hello, I have heard that Cisco 4000M router can be used as a isdn simulator. (of course wiht 4 port isdn or more). And that there are special software for it. Can someone please verify this for me please? or am I just tripping? That would be very cool if you could do that. Thanks you! _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25232t=25232 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco 4000 as a ISDN simulator? [7:25231]
Hello, I have heard that Cisco 4000M router can be used as a isdn simulator. (of course wiht 4 port isdn or more). And that there are special software for it. Can someone please verify this for me please? or am I just tripping? That would be very cool if you could do that. Thanks you! _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25231t=25231 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Passed MCNS [7:25233]
Hi all, I passed my MCNS exam today.3 more to go.. I used MCNS cisco press book..and that was it. Thanks everybody.. Tribavan Raina Network Consultant TechTonics Group Limited Level 31 Grand Plimmer Tower 2-6 Gilmer Terrace PO Box 11 199 Wellington Ph: +64 4 385 2628 Fax: +64 4 385 2400 www.techtonics.co.nz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25233t=25233 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Console Port Problem - Help ! [7:25201]
Hi.. It happens when the scroll lock key is on your keyboard.I have faced it,. -Original Message- From: Jonathan Hays [mailto:[EMAIL PROTECTED]] Sent: Sunday, 4 November 2001 4:41 p.m. To: [EMAIL PROTECTED] Subject: Re: Console Port Problem - Help ! [7:25201] Navin Parwal wrote: Hi , Iam facing a similar consle port problem as mentioned on this tips at : http://www.cisco.com/warp/public/471/17.html on my Cisco 2610. The symptom is as folows : Output from the router on the console screen will be seen, but anything which is typed in will not be seen and the solution mentioned is: The fix is to have the customer disable hardware flowcontrol or strap CTS high. I have disabled the hardware flowcontrol but that does not solvemy problem , can anyone tell me how to strap CTS high as mentioned in the solution as i could ot find that option on the Hyper terminal . Thanks in Advance Navin Parwal Hi Navin, Before you get too carried away, I strongly suggest abandoning HyperTerminal and installing any other good terminal emulator. Try Teraterm Pro, which is an industrial-strength, stable, freeware terminal emulator that is MUCH better than HyperTerminal. See http://hp.vector.co.jp/authors/VA002416/teraterm.html Hardware-wise, I assume you are using the standard black or blue rollover cable from Cisco, right? Are you using the RJ-45/DB-9 adapter from Cisco or a something else? What kind of laptop or PC (or other?) are you using? In my job at a Cisco reseller I have successfully connected to thousands of Cisco console ports (old and new) over the last 3 years and have never even heard of this problem. Do other experienced Cisco people see this? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25234t=25201 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to configure multiple DLSw peer? [7:25223]
The 0 is the ring list number. From Cisco's website, is says The dlsw remote-peer command defines the IP address of the remote router. The number 0 that follows the remote-peer keyword is the ring-list number. Generally, if you want a fully meshed network, use the number 0. The ring-list number is used to control the flooding of explorer frames by allowing the network to be segmented (see example two for a ring-list demonstration). http://www.cisco.com/warp/public/701/45.html From another page, they describe the ring number as Maps the MAC address to a ring number or ring group number. The valid range is 1 to 4095. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_r/brprt2/br1ddlsw.htm#xtocid2569429 (careful of wrap in the above URL) HTH, Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25235t=25223 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco lab for sale [7:25228]
After reading this site for quite a long time, I thought I'd post this equipment here first before trying to sell on ebay. I started putting together this lab last spring, and then had a family crisis and some job changes that made me re-think my career path. Since this time, my career path has gone in a slightly different area that I enjoy immensely, so I'm selling the equipment I was using to build a lab. I say to build a lab because I never quite finished it. I ordered upgrade BOOT-2500 rom's for the 2 2503's and never put them in, and also ordered a upgraded boot-rom from Whirled routers for the 3102 that will allow you to upgrade the flash and memory so that you can load any newer 2500 series ios on it. However, I never did order upgraded ram/flash for any of the routers, so I never finished putting together this part of the lab. (The aforementioned family issues popped up about that time). One of the 4000 routers was upgraded -- I originally purchased the router with a DC power supply, and bought a 4000 (non-M model) for cheap so that I could swap the power supplies so all my equipment is AC powered. So, here's what I have: 2503 8 Ram 16 Flash (I have 2 Cisco 2500 boot roms for these that I acquired from Cisco Systems, 2503 6 Ram 4 Flash never installed because I was waiting until I upgraded ram and flash) 2507 16 Ram 8 Flash 4000M 12 Ram 4 Flash w/ 4-port 60 pin Serial 4000M 12 Ram 4 Flash w/ 2-port 50 pin Serial 1 Port Token Ring 3102 4 Ram 2 Flash (w/ upgrade boot roms from Whirled Routers) 3 Ethernet Adapters for the 2503's and 3102 2 50-pin to 60-pin back-to-back cables (for the 2-port serial card and/or the 3102 to connect to the 2500's and 4-port) 3 60-Pin to 60-Pin back-to-back cables (for the 4-port and 2500's) 2 9-pin console port adapters cables 1 25-pin to 9-pin serial console port cable (for the 4000's and 3102) Power Cables for everything above BCSN and BCRAN books by McGraw-Hill (by Thomas) BCSN and BCRAN books by Cisco Press (by Paquet) $2300 + shipping Firm. Will ship via UPS (insured only) from area code 53562 (Middleton, WI). Will Charge actual Shipping/Insurance only, no handling charges :) (If you are in the Madison/Milwaukee area, will deliver for free!) I've uploaded pictures of most everything (including routers, boot up screens for each, and extras) at http://www.yahara.net/cisco I will accept payment via paypal, money order or certified check only. You can see my ebay feedback at: http://cgi2.ebay.com/aw-cgi/eBayISAPI.dll?MfcISAPICommand=ViewFeedbackuseri [EMAIL PROTECTED]items=25 You can email me any questions at [EMAIL PROTECTED](make sure you actually removethispart ;) -Chris Hagen Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25228t=25228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:25130]
OK. I did some basic testing. Here is what I found: if you use the neighbor a.b.c.d local-as form of the command, then your neighbor sees you as AS , no matter what you have configured as your real AS. router bgp neighbor a.b.c.d remote-as 1000 neighbor a.b.c.d local-AS router bgp 1000 neighbor w.x.w.z remote-as --- your neighbor has to use the neighbor a.b.c.d remote-as , matching what you say is your local-as all routes sent to that neighbor have the as the most recent AS in the AS-Path. Doing it this way would accomplish what you are asking. The intent of the local-AS command apears to relate to BGP confederations and the way they behave. The alrternative method, as shown in the configuration guides on CCO, appears to be a means of modifying inbound routes to achieve the optional community status of local-AS. that is, these routes will be retained only in the local ( iBGP / confederation ) BGP table. and will not be advertised to an esternal BGP peer. Not being a BGP sophisticate, I may well be misunderstanding some of this. I invite those with better understanding to clarify. I certainly am hard pressed to see any value to this, but then I can fill a small library with what I don't know about the subtleties of BGP. HTH Chuck news wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi what I am trying to achieve is as follow AS 100 is connected to AS 200. AS 200 is connected to AS 300 AS 100 has route from AS 300. So the AS-PATH List is: 200, 300, i The task is: AS 100 should see all the route from AS 300 as if they came from AS 100 directly the path will look like 200, i Faisal Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... interesting question. a seach among the command references and configuration guides on CCO yields nothing under 12.1, but under 12.2 states this command was introduced in 12.0(4.4)S and that in 12.0(5)T the address family configuration mode was added. I copied this stuff out of CCO, but it is not making sense to me at the moment. I can find no reference to the command and function in Parkhurst, which carries a 2001 copyright but no telling when the contents were locked down for publishing. In re-reading this thread and the documentation below, I'm still a bit unclear as to what is being accomplished here. Telling a neighbor you are AS X when you are really AS Y ?? I'm working on some BGP scenarios now, so I'll try to add this to the list and report back. Chuck -- stuff from CCO: The next example shows how the route map named set-community is applied to the outbound updates to neighbor 171.69.232.50 and the local-as community attribute is used to filter the routes. The routes that pass access list 1 have the special community attribute value local-as. The remaining routes are advertised normally. This special community value automatically prevents the advertisement of those routes by the BGP speakers outside autonomous system 200. router bgp 65000 network 1.0.0.0 route-map set-community bgp confederation identifier 200 bgp confederation peers 65001 neighbor 171.69.232.50 remote-as 100 neighbor 171.69.233.2 remote-as 65001 ! route-map set-community permit 10 set community local-as neighbor local-as To allow customization of the autonomous system number for external Border Gateway Protocol (eBGP) peer groupings, use the neighbor local-as command in address family or router configuration mode. To disable this function, use the no form of this command. Command History Release Modification 12.0(4.4)S This command was introduced. 12.0(5)T Address family configuration mode was added. Usage Guidelines Each BGP peer or peer group can be made to have a local autonomous system value for the purpose of peering. In the case of peer groups, the local autonomous system value is valid for all peers in the peer group. This feature cannot be customized for individual peers in a peer group. If this command is configured, you cannot use the local BGP autonomous system number or the autonomous system number of the remote peer. This command is valid only if the peer is a true eBGP peer. This feature does not work for two peers in different subautonomous systems in a confederation. Examples The following address family configuration example shows the customization of neighbor 172.20.1.1 configured to have an autonomous system number of 300 for the purpose of peering: router bgp 109 address-family ipv4 multicast network 172.20.0.0 neighbor 172.20.1.1 local-as 300 The following router configuration example shows the customization of neighbor 172.20.1.1 configured to have autonomous system number of 300 for the purpose of peering: router bgp 109 network 172.20.0.0 neighbor
Re: Weirdness with OSPF--IGRP and Default Routes [7:25216]
John, it occurs to me that the other possibility is that your pings are getting out, but not getting back. On the surface, it would appear that is not the case because in part one of your scenario, you can successfully ping. However, it is possible that in doing what you did in setting up the default network, you broke something else such that the return route does not exist? just because you can see me, it does not automatically follow that I can see you. what do traceroutes reveal about where the breakdown occurs? How about an extended ping, using a different interface as the source address? Chuck John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You're reading it correctly. The real problem isn't with router C. Using either of the methods I tried it learns a default route from B. The real problem is that as soon as I add a default-network command to router B (so that it originates a default to C) default routing breaks. Others keep pointing out that having a loopback address as a default network creates a blackhole. In this case I'm using a dummy network that does not exist elsewhere so it won't create a black hole. In fact, when ip packet debugging is turned on the packets are unroutable. This makes no sense to me since a quad-zero default exists in the routing table. With ip classless nothing should be unroutable. Very weird. I must be missing something... You think this is weird, though, you ought to see the lab setup I'm using to test this. At the moment I have six routers running a combination of IS-IS, BGP, OSPF, and IGRP. :-) I'm a glutton for punishment! Regards, John On Sun, 4 Nov 2001 11:52:26 -0500, Chuck Larrieu wrote: | if I am not mistaken, the default network has to be learned via IGRP, and | cannot be a connected interface. If I am reading your outputs correctly, | your default network is a connected interface. | | am I misreading which router is the source of the pings? | | Chuck | | | John Neiberger wrote in message | [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... | I posted this to the ccie list as well. I'm hoping someone has run across | this before. | | I'll start with the original scenario that worked so I can show you where | I | began before I show you what I'm trying to accomplish now. There are | three | relevant routers here: | | A(ospf)B(rip)-C | | A originates a default route to B and I use default-information originate | in | the RIP config to pass 0.0.0.0/0 to C. This works well. Then I took RIP | away and tried this with IGRP and ip default-network. | | This took some tweaking before I could get B to originate default route | to | C with IGRP. Is it just me or did Cisco seem to make this very | user-unfriendly?? Unbelievable. This is *so* easy with other protocols. | Anyway... | | In the first scenario, B has a single gateway of last resort: 0.0.0.0/0 | via | router A. Beautiful. In the second scenario I end up with two candidate | GOLRs but neither is picked and routing breaks! | | This makes *zero* sense to me. If ip classless is configured and still | have 0.0.0.0/0 in my routing table then B should route all packets with | unknown destinations to A, right?? Well, it's not working and I can | consistently recreate it. | | If I remove the ip default-network statement routing works but then C has | no | default route. | | What could be wrong here? For grins, I'll paste in some command output to | show you what I mean. R4 is Router B in the above scenario. | | Gateway of last resort is 152.1.3.2 to network 0.0.0.0 | | 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks | O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:19:53, Serial0 | C 152.1.3.0/30 is directly connected, Serial0 | 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks | I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | O 130.1.0.0/22 is a summary, 05:19:54, Null0 | I 130.1.7.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 | I 130.1.6.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 | I 130.1.5.0/24 [100/1188] via 130.1.4.2, 00:00:29, TokenRing0 | O 130.1.4.0/22 is a summary, 05:19:54, Null0 | C 130.1.4.0/24 is directly connected, TokenRing0 | C30.0.0.0/8 is directly connected, Loopback1 | O*N2 0.0.0.0/0 [110/1] via 152.1.3.2, 05:19:56, Serial0 | R4#ping 20.1.1.1 | | Type escape sequence to abort. | Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds: | ! | Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/40 ms | R4# | | After I add ip
Re: CID: Token Ring and Mainframe computer [7:25166]
The mainframe would probably attach to the Token Ring network via a Front End Processor (FEP) which would have a Token Ring Interface Card (TIC). The FEP could be replaced with a router with a CIP. Priscilla At 12:25 AM 11/3/01, John Tafasi wrote: Hi Group, Can the IBM mainframe computer be connected directly to the token ring? Thanks John Tafasi ___ watch your phone call records on the web at: http://www.freedomstar.com/sh1885969 Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25238t=25166 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP question [7:25130]
Useful if you're using private AS addressing (AS 64512-65535) and you want your customer routes to appear as if they originated from your AS... I would have used a NO_EXPORT community on the routes being advertised from the AS and simply just advertised the address space that I own. It's rarely useful to advertise your own address space with a differing AS number. It's also more advised to keep advertising the correct AS in cases where this situation would occur, e.g., a dual-homed customer. However, to satisfy the question you can use BGP aggregation on R3 which was specifically designed for this purpose... router bgp 64512 aggregate-address 200.200.200.1 255.255.255.0 summary-only as-set You should only use a set-community conferderation route map when you have complex business rules that you need implemented. WAYNE BAETY, MCSE, A1C, USAF Network Systems Trainer -Original Message- From: news [mailto:[EMAIL PROTECTED]] Sent: Monday, November 05, 2001 2:53 AM To: [EMAIL PROTECTED] Subject: Re: BGP question [7:25130] Hi what I am trying to achieve is as follow AS 100 is connected to AS 200. AS 200 is connected to AS 300 AS 100 has route from AS 300. So the AS-PATH List is: 200, 300, i The task is: AS 100 should see all the route from AS 300 as if they came from AS 100 directly the path will look like 200, i Faisal Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... interesting question. a seach among the command references and configuration guides on CCO yields nothing under 12.1, but under 12.2 states this command was introduced in 12.0(4.4)S and that in 12.0(5)T the address family configuration mode was added. I copied this stuff out of CCO, but it is not making sense to me at the moment. I can find no reference to the command and function in Parkhurst, which carries a 2001 copyright but no telling when the contents were locked down for publishing. In re-reading this thread and the documentation below, I'm still a bit unclear as to what is being accomplished here. Telling a neighbor you are AS X when you are really AS Y ?? I'm working on some BGP scenarios now, so I'll try to add this to the list and report back. Chuck -- stuff from CCO: The next example shows how the route map named set-community is applied to the outbound updates to neighbor 171.69.232.50 and the local-as community attribute is used to filter the routes. The routes that pass access list 1 have the special community attribute value local-as. The remaining routes are advertised normally. This special community value automatically prevents the advertisement of those routes by the BGP speakers outside autonomous system 200. router bgp 65000 network 1.0.0.0 route-map set-community bgp confederation identifier 200 bgp confederation peers 65001 neighbor 171.69.232.50 remote-as 100 neighbor 171.69.233.2 remote-as 65001 ! route-map set-community permit 10 set community local-as neighbor local-as To allow customization of the autonomous system number for external Border Gateway Protocol (eBGP) peer groupings, use the neighbor local-as command in address family or router configuration mode. To disable this function, use the no form of this command. Command History Release Modification 12.0(4.4)S This command was introduced. 12.0(5)T Address family configuration mode was added. Usage Guidelines Each BGP peer or peer group can be made to have a local autonomous system value for the purpose of peering. In the case of peer groups, the local autonomous system value is valid for all peers in the peer group. This feature cannot be customized for individual peers in a peer group. If this command is configured, you cannot use the local BGP autonomous system number or the autonomous system number of the remote peer. This command is valid only if the peer is a true eBGP peer. This feature does not work for two peers in different subautonomous systems in a confederation. Examples The following address family configuration example shows the customization of neighbor 172.20.1.1 configured to have an autonomous system number of 300 for the purpose of peering: router bgp 109 address-family ipv4 multicast network 172.20.0.0 neighbor 172.20.1.1 local-as 300 The following router configuration example shows the customization of neighbor 172.20.1.1 configured to have autonomous system number of 300 for the purpose of peering: router bgp 109 network 172.20.0.0 neighbor 172.20.1.1 local-as 300 end of stuff from CCO - adam lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... What version of IOS is that command in? I am using 12.0(9) and it's not in there. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of news Sent: Saturday, November 03, 2001 12:23 PM To: [EMAIL PROTECTED] Subject: Re: BGP question [7:25130]
Re: Prioritizing Protocols???? [7:24959]
Priscilla summed up what I was trying to get at rather well. I just dug up the original post, and the original poster has a 56kbps link - not even 64kbps. Whenever anyone sends a large print job, does a large FTP, or is browsing the web it makes everyone else's telnet session at the remote site VERY SLOW. So, assuming that the default WFQ is in use, it isn't working too well at making sure that telnet isn't affected by other traffic. 3 - 4 people doing telnet (the number given) is unlikely to starve anything, even at Priscilla's typing speed and 56 kbps. That's why I suggested priority queueing. But as you say, it probably won't be much better than WFQ. Or, I suspect, than CB-WFQ, or any other queueing strategy. I know fragmentation is usually used for voice, but the FRF.12 agreement refers more to 'real-time traffic'. Telnet is real-time traffic, just not nearly as delay-sensitive as voice or video, so I reckon fragmentation could help quite a bit given the information we have on the network. Could the OP please let us know what they try and what the outcome is? JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 05/11/2001 10:57 am - VoIP Guy cc: Sent by: Subject: Re: Prioritizing Protocols nobody@groups [7:24959] tudy.com 03/11/2001 09:53 am Please respond to VoIP Guy Just time-sensitive applications like voice, video, etc. It may help with the telnet traffic though. Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 03:57 PM 11/2/01, VoIP Guy wrote: CB-WFQ (class-based WFQ) isn't enabled by default. It is started with the class-map (name), access-lists and policy-map (name) commands. It combines the best practicesof WFQ, WRED and proiority/custom queuing. It is highly customizable. You just create different policy-map's for the different types of traffic (RED data during congestion but not voice, give RTP from site A to site B priority, etc) Thanks for the info. It sounds like a good choice. If the original poster is just trying to pritorize only telnet traffic above all alse, there is absolutly no configuraton needed, cause WFQ is default below E1 speeds and telnet is by default already prioritized above all other traffic conversations. I was thinking the poster had other types of traffic like FTP, http, SMB traffic, etc., I think that was the case, but the default WFQ wasn't doing a good enough job. which is why the interleaving comes into play, (especially the FTP traffic). I can almost guess that Telnet traffic alone wouldn't starve any traffic out (around 23 bytes/packet or something like that) and interleaving it wouldn't touch it at all, since it's below the 80 bytes that interleaving would chop at on a 64k link. Telnet sends one character typed per packet by default! But it does get padded, since it starts on Ethernet usually, to 64 bytes. But what's relevant is that interleaving could chop up the other (FTP, etc.) large packets to reduce serialization delay. I've never heard of using it for something other than voice, though, have you?? Furthermore, if the link is constantly backed up, I'd upgrade bandwidth, as queuing is only supposed to be used when there is intermittent congestion. That's for sure! Thanks Priscilla If I could type 90 words a minute, I'd write a book too :) Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 01:35 PM 11/2/01, VoIP Guy wrote: I would use CB-WFQ, over all the others because of the control you can create. Protrity queuing will starve out the other protocols if one is given priority over the others and it is busy. Yes, but Telnet may not be so busy that it would cause a problem. It's true that priority queuing would always check for Telnet traffic first, but if there isn't any Telnet traffic, then it would move on. Telnet sends traffic as someone types. Now, I can type 90 words a minute (though not with much accuracy) but a lot of people can't type that fast. ;-) Seriously, it would be a good idea to test to see if prioritizing Telnet would cause a problem or not. It would depend on the number of users, their usage patterns, and the applications they are using.
RE: Weirdness with OSPF--IGRP and Default Routes [7:25216]
His pings are definetly going to the loopback on Router B (R4) and are probably being load balanced over the 0/0 [!.!.!.]. Use ip default-network and point it out the interface you really want traffic to go to by default. If you don't want R4 to use the default, then apply a static default on all your other routers. Otherwise you run the risk of load balancing through the loopback (?). I'm not near any routers atm so I can not verify this. Ip default-network 152.1.3.0 WAYNE BAETY, MCSE, A1C, USAF Network Systems Trainer -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Monday, November 05, 2001 8:09 AM To: [EMAIL PROTECTED] Subject: Re: Weirdness with OSPF--IGRP and Default Routes [7:25216] John, it occurs to me that the other possibility is that your pings are getting out, but not getting back. On the surface, it would appear that is not the case because in part one of your scenario, you can successfully ping. However, it is possible that in doing what you did in setting up the default network, you broke something else such that the return route does not exist? just because you can see me, it does not automatically follow that I can see you. what do traceroutes reveal about where the breakdown occurs? How about an extended ping, using a different interface as the source address? Chuck John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You're reading it correctly. The real problem isn't with router C. Using either of the methods I tried it learns a default route from B. The real problem is that as soon as I add a default-network command to router B (so that it originates a default to C) default routing breaks. Others keep pointing out that having a loopback address as a default network creates a blackhole. In this case I'm using a dummy network that does not exist elsewhere so it won't create a black hole. In fact, when ip packet debugging is turned on the packets are unroutable. This makes no sense to me since a quad-zero default exists in the routing table. With ip classless nothing should be unroutable. Very weird. I must be missing something... You think this is weird, though, you ought to see the lab setup I'm using to test this. At the moment I have six routers running a combination of IS-IS, BGP, OSPF, and IGRP. :-) I'm a glutton for punishment! Regards, John On Sun, 4 Nov 2001 11:52:26 -0500, Chuck Larrieu wrote: | if I am not mistaken, the default network has to be learned via IGRP, and | cannot be a connected interface. If I am reading your outputs correctly, | your default network is a connected interface. | | am I misreading which router is the source of the pings? | | Chuck | | | John Neiberger wrote in message | [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... | I posted this to the ccie list as well. I'm hoping someone has run across | this before. | | I'll start with the original scenario that worked so I can show you where | I | began before I show you what I'm trying to accomplish now. There are | three | relevant routers here: | | A(ospf)B(rip)-C | | A originates a default route to B and I use default-information originate | in | the RIP config to pass 0.0.0.0/0 to C. This works well. Then I took RIP | away and tried this with IGRP and ip default-network. | | This took some tweaking before I could get B to originate default route | to | C with IGRP. Is it just me or did Cisco seem to make this very | user-unfriendly?? Unbelievable. This is *so* easy with other protocols. | Anyway... | | In the first scenario, B has a single gateway of last resort: 0.0.0.0/0 | via | router A. Beautiful. In the second scenario I end up with two candidate | GOLRs but neither is picked and routing breaks! | | This makes *zero* sense to me. If ip classless is configured and still | have 0.0.0.0/0 in my routing table then B should route all packets with | unknown destinations to A, right?? Well, it's not working and I can | consistently recreate it. | | If I remove the ip default-network statement routing works but then C has | no | default route. | | What could be wrong here? For grins, I'll paste in some command output to | show you what I mean. R4 is Router B in the above scenario. | | Gateway of last resort is 152.1.3.2 to network 0.0.0.0 | | 152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks | O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:19:53, Serial0 | C 152.1.3.0/30 is directly connected, Serial0 | 130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks | I 130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | I 130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | I 130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0 | O
Re: slightly [7:19060]
Chuck, Unfortunately in my current capacity I don't have the responsibility (or authority) to investigate the infrastructure side of this further. As I said, I'm rolling out W2K and this issue slowed that migration to a crawl. The W2K Project Manager who knows about my Cisco abilities asked me to look into it. The responsible group hadn't even put a sniffer on it yet and I hesitate to say they understood the issue even after I gave them the resultant traces. Now with an application fix in place I don't think they will have the will to track down the Cisco issue although this could happen again tomorrow with a different legacy application once the migration ramps up again. Also, most of the Cat5000's are slated to be replaced by 5500s or 6509s so that probably won't have them doing much sleuthing on this particular issue. (This same group made some changes Thursday night to the infrastructure of a large building and the backbone ground to a halt Friday morning. It was still dead when I went home that evening) Oh well, there might be opportunities there yet... thanks for your interest Kevin Wigle - Original Message - From: Chuck Larrieu To: Sent: Sunday, 04 November, 2001 11:11 Subject: RE: slightly [7:19060] Kevin, anything further on this? I did some cursory searches on CCO TAC looking for a possible bug. There were some hits which led to discussions about broadcast throttling. There were some intriguing hits with regards to Layer 3 unreachable features, but nothing that I could find in the few minutes I spent that fit your scenario. I suppose now that you have turned off the server broadcast function, the only other test would be to do a ping to 255.255.255.255 and see if you get the same kinds of response. I'm wondering if there is an undocumented feature about broadcasts from the same source IP? doesn't seem right. At the brokerage firm there was a quote server all of whose traffic was broadcast. That was a few sup images and earl versions ago. Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25243t=19060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 5509 prob. [7:24461]
I couldn't find any bug reports related to your particular problem but the code you are running is almost two years old. Cisco recommends at least 4.5(8) for the 5509. The most recent version of 4.5 code is 4.5(13). Muralidhar A. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... sh ver WS-C5509 Software, Version McpSW: 4.5(1) NmpSW: 4.5(1) Copyright (c) 1995-1999 by Cisco Systems NMP S/W compiled on Mar 29 1999, 16:09:01 MCP S/W compiled on Mar 29 1999, 16:06:50 -Original Message- From: AMR [mailto:[EMAIL PROTECTED]] Sent: Monday, October 29, 2001 9:30 AM To: [EMAIL PROTECTED] Subject: Re: 5509 prob. [7:24461] what version OS are you running on it? Muralidhar A. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi... I am facing a strange problem. With this 5509 that I have.. 1. when I set the date with the set command it accepts. But when show config is given..it displays a wrong date.. 2. I have 2 line cards with 48 ports of 10 Mbps.. When I changes the ports to diff vlan's via TELNET there is no problem.. But when I do the same via CONSOLE.. Whole switch reset's.. What could be the reason ? ? Any ideas Thanks and regards, Murali STATEMENT OF CONFIDENTIALITY The information contained in this communication is Confidential and is intended only for the exclusive use of the Recipient named above, and may contain confidential or privileged Information. If the reader of this message is not the intended recipient ,please notify Freddie Samuel immediately either at +968- 684152 Extn 398 or [EMAIL PROTECTED] and destroy all copies of this message and any attachments. STATEMENT OF CONFIDENTIALITY The information contained in this communication is Confidential and is intended only for the exclusive use of the Recipient named above, and may contain confidential or privileged Information. If the reader of this message is not the intended recipient ,please notify Freddie Samuel immediately either at +968- 684152 Extn 398 or [EMAIL PROTECTED] and destroy all copies of this message and any attachments. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25244t=24461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: AS400 [7:25037]
I would say it is closer to an IBM midrange computer. John Tafasi wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello Group, Just a little question. Is AS400 an IBM mainframe computer? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25245t=25037 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP question [7:25130]
A simple confederaton seems to be the way to do this..the as-set command will not change the origin AS. In fact its purpose it to include the as path information in the summary announcement. See below... On Sun, 4 Nov 2001, Baety Wayne A1C 18 CS/SCBX wrote: However, to satisfy the question you can use BGP aggregation on R3 which was specifically designed for this purpose... router bgp 64512 aggregate-address 200.200.200.1 255.255.255.0 summary-only as-set http://www.cisco.com/warp/public/459/aggregation.html Using the as-set argument, the path information in the BGP table for the aggregate route changes to include a set from 300 {200,100}. This indicates that the aggregate actually summarizes routes that have passed through AS-200 and AS-100. The as-set information becomes important in avoiding routing loops because it records where the route has been. -Original Message- From: news [mailto:[EMAIL PROTECTED]] Sent: Monday, November 05, 2001 2:53 AM To: [EMAIL PROTECTED] Subject: Re: BGP question [7:25130] Hi what I am trying to achieve is as follow AS 100 is connected to AS 200. AS 200 is connected to AS 300 AS 100 has route from AS 300. So the AS-PATH List is: 200, 300, i The task is: AS 100 should see all the route from AS 300 as if they came from AS 100 directly the path will look like 200, i If AS 200 and AS 300 were in a confederation using 200 as the identifier this would be the result.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25246t=25130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sniffer pro question [7:25247]
Hi guys, I appreciate for any input here. I'm trying to sniffer a specific port that AIM(america online instant messenger) uses, which is 5190/tcp. I'm currently using network associates sniffer pro version 3.5. Since there wasn't a tcp/5190 port in the filter, I went into Tools---Options---Protocols to add in the 5190/tcp for AIM. After adding it in, I went to the Capture--Define-filter to try to select that port but it wasn't listed in there. So here is what i'm trying to do. I'm trying to sniffer hostA which has an ip address of 192.168.1.1 and I want to sniff specifically for traffic that is using port 5190/tcp. What am I missing here if I try to make sniffer pro to do it? Thanks for your help. -Frank Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25247t=25247 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:25130]
Well, it's interesting that in my research I found that CCO mentions that.. http://www.cisco.com/warp/public/459/39.html The local-as command is valid only if the peer is a true eBGP peer. It doesn't work for two peers in different sub-ASs in a confederation. Anyone tested this out yet.. .? Nigel - Original Message - From: Chuck Larrieu To: Sent: Sunday, November 04, 2001 5:55 PM Subject: Re: BGP question [7:25130] OK. I did some basic testing. Here is what I found: if you use the neighbor a.b.c.d local-as form of the command, then your neighbor sees you as AS , no matter what you have configured as your real AS. router bgp neighbor a.b.c.d remote-as 1000 neighbor a.b.c.d local-AS router bgp 1000 neighbor w.x.w.z remote-as --- your neighbor has to use the neighbor a.b.c.d remote-as , matching what you say is your local-as all routes sent to that neighbor have the as the most recent AS in the AS-Path. Doing it this way would accomplish what you are asking. The intent of the local-AS command apears to relate to BGP confederations and the way they behave. The alrternative method, as shown in the configuration guides on CCO, appears to be a means of modifying inbound routes to achieve the optional community status of local-AS. that is, these routes will be retained only in the local ( iBGP / confederation ) BGP table. and will not be advertised to an esternal BGP peer. Not being a BGP sophisticate, I may well be misunderstanding some of this. I invite those with better understanding to clarify. I certainly am hard pressed to see any value to this, but then I can fill a small library with what I don't know about the subtleties of BGP. HTH Chuck news wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi what I am trying to achieve is as follow AS 100 is connected to AS 200. AS 200 is connected to AS 300 AS 100 has route from AS 300. So the AS-PATH List is: 200, 300, i The task is: AS 100 should see all the route from AS 300 as if they came from AS 100 directly the path will look like 200, i Faisal Chuck Larrieu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... interesting question. a seach among the command references and configuration guides on CCO yields nothing under 12.1, but under 12.2 states this command was introduced in 12.0(4.4)S and that in 12.0(5)T the address family configuration mode was added. I copied this stuff out of CCO, but it is not making sense to me at the moment. I can find no reference to the command and function in Parkhurst, which carries a 2001 copyright but no telling when the contents were locked down for publishing. In re-reading this thread and the documentation below, I'm still a bit unclear as to what is being accomplished here. Telling a neighbor you are AS X when you are really AS Y ?? I'm working on some BGP scenarios now, so I'll try to add this to the list and report back. Chuck -- stuff from CCO: The next example shows how the route map named set-community is applied to the outbound updates to neighbor 171.69.232.50 and the local-as community attribute is used to filter the routes. The routes that pass access list 1 have the special community attribute value local-as. The remaining routes are advertised normally. This special community value automatically prevents the advertisement of those routes by the BGP speakers outside autonomous system 200. router bgp 65000 network 1.0.0.0 route-map set-community bgp confederation identifier 200 bgp confederation peers 65001 neighbor 171.69.232.50 remote-as 100 neighbor 171.69.233.2 remote-as 65001 ! route-map set-community permit 10 set community local-as neighbor local-as To allow customization of the autonomous system number for external Border Gateway Protocol (eBGP) peer groupings, use the neighbor local-as command in address family or router configuration mode. To disable this function, use the no form of this command. Command History Release Modification 12.0(4.4)S This command was introduced. 12.0(5)T Address family configuration mode was added. Usage Guidelines Each BGP peer or peer group can be made to have a local autonomous system value for the purpose of peering. In the case of peer groups, the local autonomous system value is valid for all peers in the peer group. This feature cannot be customized for individual peers in a peer group. If this command is configured, you cannot use the local BGP autonomous system number or the autonomous system number of the remote peer. This command is valid only if the peer is a true eBGP peer. This feature does not work for two peers in different subautonomous
Re: Sniffer pro question [7:25247]
You might also want to try Ethereal (www.ethereal.com) which has a dissector for AIM. --- Frank Kim wrote: Hi guys, I appreciate for any input here. I'm trying to sniffer a specific port that AIM(america online instant messenger) uses, which is 5190/tcp. I'm currently using network associates sniffer pro version 3.5. Since there wasn't a tcp/5190 port in the filter, I went into Tools---Options---Protocols to add in the 5190/tcp for AIM. After adding it in, I went to the Capture--Define-filter to try to select that port but it wasn't listed in there. So here is what i'm trying to do. I'm trying to sniffer hostA which has an ip address of 192.168.1.1 and I want to sniff specifically for traffic that is using port 5190/tcp. What am I missing here if I try to make sniffer pro to do it? Thanks for your help. -Frank [EMAIL PROTECTED] __ Do You Yahoo!? Find a job, post your resume. http://careers.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25249t=25247 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]