RE: quick question - router for regular dial in isp? [7:36006]
Beth- Yes. You can use the 804 in the fashion you ask. In fact, that's what it is designed to do... if you want it to perform as if it were routing traffic in a nailed-up state, you just set the dialer timer to an infinitely high value... and then it'll never hang up, unless you kill the power, or circuit (of which, depending on your locale and provider, the circuit flap might occur more often than you desire :) ). When you configure the Dialer idle-timeout paramater, you can set it for say 10 minutes, and then if no defined interesting traffic doesn't traverse the interface, it'll hang up. As soon as the 'interesting traffic' comes back across, it'll dial back out. If you don't have a lot of experience with it, you can Download the ConfigMaker 2.6 tool from Cisco (free), and use it to help generate your config with the required info. After that, if you want to control your dialer interface even further, such as to follow a time-table for allowing dial-up (such as to conserve telco dial costs), and deny certain traffic that would keep the idle-timeout parameter from ever being reached, you should consider creating some access-lists to deny ports 135-137 (Windoze NetBios broadcast traffic). Hope this leads you to your answers. See CCO for config samples. Good Luck, Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of beth Sent: Wednesday, February 20, 2002 4:30 PM To: [EMAIL PROTECTED] Subject: quick question - router for regular dial in isp? [7:36006] Hello, i have a quick question. Can you use a regular 804 cisco router to dial into a regular dial in isdn isp account? not a dedicated account. Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36045t=36006 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Global line config question [7:36046]
I have a question regarding the use of the login keyword within global config-line - in this example with the vty entries. A default config would read :- ! line vty 0 4 ! ! Entering global config-line mode, and entering the login command, we get :- ! line vty 0 4 login ! However, entering global config-line mode, and entering the 'no login' command, we get :- ! line vty 0 4 no login ! the login command is still referenced - It hasnt been removed Is there functionally any difference between this state and the default config shown originally. I am curious whether this is caused by a quirk in IOS that doesn't tidy the config wording, or whether the default behaviour has changed. Best regards, Julian Fletcher [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36046t=36046 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IDS 4210 help again [7:36047]
I have setup the ids with the all the relevant in for such as the sensor and ids manager details as well as the ip address,netmask,default gateway. My question is that if 1 interface is the monitoring interface and it is connected to the internet router and the other is the command and control interface and that is connected to my switch , that interface needs and address if I am correct as it will have to have a vlan number. Which interface uses the ip address that I entered in the configuration and how will I get the command and control interface to work ? Thanks _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36047t=36047 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: China/Cisco connection [7:35946]
I agree with Joseph Brunner. To compare the two is absurd! The Chinese will use the technology to suppress the truth from becoming known to the people ( peasants to the elite). It is also a good way to find the subversives and eliminate them. As for the US government monitoring the traffic, I doubt that they plan on killing anyone for their selection of web sites. Unless they are terrorists, then, if they want, I will supply the bullets myself. Dom Marino B.J. Wilson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... An interesting article I came across this morning: http://www.weeklystandard.com/Content/Public/Articles/000/000/000/922dgmtd.a sp Comments? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36048t=35946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boson's CCIE LAB Practice [7:36049]
Group, I am going for CCIE RS lab soon. Boson released CCIE Lab practice book, plus some simulation software. The total price in current introductry offer is abt 750USD approx. I dont mind investing in it, but before that as usual I would like to take some vauable inputs from Group. If any one has bought this or have some experience or heard of it, please provide your feeback. Anyone preparing for LAB in Netherlands or Belgium...get in touch Regards, Kaushik Khakhar A Send and receive Hotmail on your mobile device: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36049t=36049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSPM 2.3i and NT versus 2000 [7:35980]
This is what I have discovered while preparing for the CSIDS exam a while back. I was using a CSPM 2.3.2i eval copy. For CSPM standalone mode, you need to have NT 4.0 SP6a and IE 5.5. I installed IE 5.5 SP2 to get it working on the NT box. You won't be able to install CSPM (standalone mode) if you are using W2K. For CSPM client-server mode, you can install the client only on W2K. Your W2K must be SP1. It will not work on W2K (no SP) and W2K SP2. Regards, cheekin - Original Message - From: Richard Deal To: Sent: Thursday, February 21, 2002 4:23 AM Subject: CSPM 2.3i and NT versus 2000 [7:35980] I'm about to run a trial of CSPM 2.3i for some IDS sensors that I have. I noticed in the release notes that this version of the product only runs on Windows NT 4.0; however, I --REALLY-- would like to run this on Windows 200 server. Has anyone had any success on running this on Windows 2000 server? If so, what SP were you using for W2000 server? and what other things did you have to do to get it up and running? Any of the functionality of 2.3i that you couldn't get to function? Thanks for the info!!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36050t=35980 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: exec-timeout 0 0 ?? [7:36018]
You gotta love this one. Real pain in the *ss to get back in. Chuck wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... and if you want to have a ton of fun, set it to something like 0 1 ;- Thom Castognalia wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Phil - It will make your timeout infinity. If you want to set your timeout to absolutely nothing, do the command, no exec Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36052t=36018 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Should I buy IDS ? [7:36053]
I am administrating a network of about 500 computers, 30 servers, and somthink like 70 WAN locations, I have been thinking about the Cisco IDS system, anyone have any good reasons to use one, have you used it, and has it detected much intrusion. I realy need somthing to sell the ides to the managment. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36053t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
So is it safe for me to conclude that I was wrong in stating that EIGRP sends the metrics to its neighbors. It actually sends the raw data such as bandwidth, and delay, and the neighbor router uses the DUAL FSM process to calculate the Reported Distance and then it's distance? I've been sniffing and debugging all morning and I can't find a metric in a packet, just raw data. -- RFC 1149 Compliant. Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The delay part of the EIGRP composite metric is not measured. It's based on the type of interface. Each type of interface has a default value. You can change it, although this is risky and not recommended. Because EIGRP is a distance-vector protocol, the router sends route updates that list networks. For each network, the router states the different parts of the composite metric: 1) The delay to get to the network, which is a cumulation of all interface delays. 2) The bandwidth to that network, which is the minimum bandwidth for all interfaces. 3) Reliability which is not used by default, but you can configure the router to use it. If used, the reliability is measured and represents how much of the bandwidth to the network is in use. 4) Load which is not used by default, but you can configure the router to use it. If used, the load is measured and represents the fraction of packets that arrive at the network undamaged. The router also sends the following info, which is not part of the metric, but useful for other routers to know: 1) MTU is the maximum packet size that can be sent along the entire path without fragmentation. (That is, it is the minimum of the MTUs of all the networks involved in the path.) 2) The hop count is simply the number of routers that a packet will have to go through to get to the destination. 3) Next hop is the address of the router to use to get to the destination, which is usually the router sending the update. Priscilla At 05:15 PM 2/20/02, Yatou Wu wrote: Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36054t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should I buy IDS ? [7:36053]
For that small of a network SNORT would be fine and it costs quite a bit less. -Original Message- From: Arni V. Skarphedinsson [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 9:32 AM To: [EMAIL PROTECTED] Subject: Should I buy IDS ? [7:36053] I am administrating a network of about 500 computers, 30 servers, and somthink like 70 WAN locations, I have been thinking about the Cisco IDS system, anyone have any good reasons to use one, have you used it, and has it detected much intrusion. I realy need somthing to sell the ides to the managment. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36055t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boot Rom upgrade on SUP I? [7:36056]
Does anyone know if it is possible to upgrade the NMP and MCP boot roms on a Supervisor I switch engine? I have found the procedure for the upgrade on a SUP II and III, but I am unable to locate the procedure for a SUP I. Thanks in advance Paul C. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36056t=36056 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should I buy IDS ? [7:36053]
Hi, Where can i obtain information on SNORT? Thanks in advance Tel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36057t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Should I buy IDS ? [7:36053]
Well...it depends on how secure you want your network! The size is completely irrelevant... if you own a medical practice with patient data floating around your network and you only have 10 computers, with 4 of them offering some type of internet service through the firewal,etc etc... then I would say yes...ids is important... if you own jokenetwork.com and you have 50,000 machines trading jokes all day, are you worried about sombody stealing your jokes? probably not... If you do decide to implement some type of ids, look at http://www.lids.org/ remember signature based ids are signature based ids regardless of company and price as long as you have a constant way to update signatures, you should be fine. To supplement your signature based design, though check out www.lancope.com ...They have an AWESOME supplement to signature based systems. Even though there box will trigger on some signature based attacks, it is not meant to trigger on them as soon as they happenThis is why I say it is a supplement and not a complete kit. Of course...a good security policy would help you decide on what you need! :) http://www.sans.org/newlook/resources/policies/policies.htm#template -Patrick ps. if you run tons of data through your internet connection (45mb plus) or your ids is from backbone to backbone, I would stay away from LIDS unless you have a BADA$$ machine to run it on... :) Arni V. Skarphedinsson 02/21/02 09:32AM I am administrating a network of about 500 computers, 30 servers, and somthink like 70 WAN locations, I have been thinking about the Cisco IDS system, anyone have any good reasons to use one, have you used it, and has it detected much intrusion. I realy need somthing to sell the ides to the managment. Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36058t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
The 'Bandwidth' and 'Delay' parameters ARE metrics, which are sent to neighbours in packets in order that DUAL can be run to calculate its topological database and routing table. Phil. --- Steven A. Ridder wrote: So is it safe for me to conclude that I was wrong in stating that EIGRP sends the metrics to its neighbors. It actually sends the raw data such as bandwidth, and delay, and the neighbor router uses the DUAL FSM process to calculate the Reported Distance and then it's distance? I've been sniffing and debugging all morning and I can't find a metric in a packet, just raw data. -- RFC 1149 Compliant. Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The delay part of the EIGRP composite metric is not measured. It's based on the type of interface. Each type of interface has a default value. You can change it, although this is risky and not recommended. Because EIGRP is a distance-vector protocol, the router sends route updates that list networks. For each network, the router states the different parts of the composite metric: 1) The delay to get to the network, which is a cumulation of all interface delays. 2) The bandwidth to that network, which is the minimum bandwidth for all interfaces. 3) Reliability which is not used by default, but you can configure the router to use it. If used, the reliability is measured and represents how much of the bandwidth to the network is in use. 4) Load which is not used by default, but you can configure the router to use it. If used, the load is measured and represents the fraction of packets that arrive at the network undamaged. The router also sends the following info, which is not part of the metric, but useful for other routers to know: 1) MTU is the maximum packet size that can be sent along the entire path without fragmentation. (That is, it is the minimum of the MTUs of all the networks involved in the path.) 2) The hop count is simply the number of routers that a packet will have to go through to get to the destination. 3) Next hop is the address of the router to use to get to the destination, which is usually the router sending the update. Priscilla At 05:15 PM 2/20/02, Yatou Wu wrote: Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Priscilla Oppenheimer http://www.priscilla.com [EMAIL PROTECTED] __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36059t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MLPS-VPN requirements [7:35972]
Hi Stanzin, See www.mplsrc.com/vendor.shtml for links to Cisco VPN configuration information. irwin -Original Message- From: Stanzin Takpa [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 2:49 PM To: [EMAIL PROTECTED] Subject: MLPS-VPN requirements [7:35972] Hi ! Can anybody know, what are the basic MPLS things that should be configured there on the routers (backbone) before going for MPLS-VPN. Thanks Stanzin Takpa Astracon, 6560 S Greenwood Plaza Blvd., Engelwood, CO-80111 USA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36062t=35972 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should I buy IDS ? [7:36053]
www.snort.org and remember www.lids.org :) Install lids then snort... (unless you are plannign on runnign snort on a microsoft platform! :) (but that kinda defeats the purpose of security...) Tel Khan 02/21/02 10:12AM Hi, Where can i obtain information on SNORT? Thanks in advance Tel Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36063t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should I buy IDS ? [7:36053]
Hi Patrick, Thanks for the urls Tel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36064t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DEC server addressing [7:36065]
Hi there Does anyone know how to change the ip address and default gateway on a dec server then the correct way of saving it to memory. Cheers Gavin Gavin Wilson Kleinwort Benson Private Bank Tel: 0207 4751771 Mobile: 07989441850 email: [EMAIL PROTECTED] -- This email and any files transmitted with it are intended solely for the addressee(s) and may be legally privileged and/or confidential. If you have received this email in error you may not copy, forward or use the contents, attachments or information in any way. Please destroy it and contact the sender via our switchboard on +44(0) 20 7475 6600 or via return email. Any unauthorised use or disclosure may be unlawful. Kleinwort Benson Private Bank give no warranty as to the accuracy or completeness of this email after it is sent over the Internet and accept no responsibility for change made after it was sent. Any opinions expressed in this email may be personal to the author and may not necessarily reflect the opinions of Dresdner Bank or its affiliates. They may also be subject to change without notice. -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36065t=36065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should I buy IDS ? [7:36053]
Before you go for a solution you need to understand the requirements. What is the threat from attack? What can be lost? What is the impact on the business? If you can demonstrate sufficient requirements for an IDS, selling a solution to management should be easy. Irwin -- Irwin Lazar Senior Consultant and Practice Manager, Burton Group www.burtongroup.com [EMAIL PROTECTED] Office: 703-742-9659 Cell: 703-402-4119 DrivingNetworkEvolution -Original Message- From: Arni V. Skarphedinsson [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 9:32 AM To: [EMAIL PROTECTED] Subject: Should I buy IDS ? [7:36053] I am administrating a network of about 500 computers, 30 servers, and somthink like 70 WAN locations, I have been thinking about the Cisco IDS system, anyone have any good reasons to use one, have you used it, and has it detected much intrusion. I realy need somthing to sell the ides to the managment. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36066t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Autonomous-system command [7:36067]
In 12.2(3) I just ran across the following global configuration command: autonomous-system [AS] Router(config)#? Configure commands: aaa Authentication, Authorization and Accounting. access-list Add an access list entry alias Create command alias alpsConfigure Airline Protocol Support apollo Apollo global configuration commands appletalk Appletalk global configuration commands arapAppletalk Remote Access Protocol arp Set a static ARP entry async-bootp Modify system bootp parameters autonomous-system Specify local AS number to which we belong I can't find this command in the master indexes and I've done a google search on CCO and wasn't able to find it. Any idea what this command might be used for? John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36067t=36067 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DEC server addressing [7:36068]
Hi there Does anyone know how to change the ip address and default gateway on a dec server then the correct way of saving it to memory. Cheers Gavin Gavin Wilson Kleinwort Benson Private Bank Tel: 0207 4751771 Mobile: 07989441850 email: [EMAIL PROTECTED] -- This email and any files transmitted with it are intended solely for the addressee(s) and may be legally privileged and/or confidential. If you have received this email in error you may not copy, forward or use the contents, attachments or information in any way. Please destroy it and contact the sender via our switchboard on +44(0) 20 7475 6600 or via return email. Any unauthorised use or disclosure may be unlawful. Kleinwort Benson Private Bank give no warranty as to the accuracy or completeness of this email after it is sent over the Internet and accept no responsibility for change made after it was sent. Any opinions expressed in this email may be personal to the author and may not necessarily reflect the opinions of Dresdner Bank or its affiliates. They may also be subject to change without notice. -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36068t=36068 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAS and NACServer [7:36069]
i need some quick help with this. please post asap. thanks -- Network Access Server and Network Access Control Server are two different boxes ? eg CiscoSecure Access Control Server (unix) is a software that is installed on Solaris box, to which a Network Access Server like a AS5300 can connect to or vice-versa for user authentication and authorization purposes ? but if you would refer to the software specifications as mentioned in http://www.cisco.com/univercd/cc/td/doc/pcat/sqasux.htm1 it refers to IOS as well. Software specifications for CiscoSecure Access Control Server v2.3 for UNIX (Solaris). Solaris V2.51 or V2.6, V7, V8 IOS v11.1 (TACACS+) IOS v11.2 (RADIUS) the Solaris OS versions refer to the fact that the Access Control Server software can be installed onto these Solaris Operating system versions. fine. where is this IOS ? where is this IOS installed ? is the logical diagram ok as below NAS---User | | AccessControl server is the logical flow ok ? __ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36069t=36069 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson's CCIE LAB Practice [7:36049]
There is also : http://www.ipexpert.net/products/workbook/workbook.asp Any one knpw about this one as well? I am interested in feedback on both... kaushik khakhar wrote: Group, I am going for CCIE RS lab soon. Boson released CCIE Lab practice book, plus some simulation software. The total price in current introductry offer is abt 750USD approx. I dont mind investing in it, but before that as usual I would like to take some vauable inputs from Group. If any one has bought this or have some experience or heard of it, please provide your feeback. Anyone preparing for LAB in Netherlands or Belgium...get in touch Regards, Kaushik Khakhar A Send and receive Hotmail on your mobile device: Click Here _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36070t=36049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DEC server addressing [7:36068]
def int gateway x.x.x.x Wilson, Gavin (KBPB) 02/21/02 10:46AM Hi there Does anyone know how to change the ip address and default gateway on a dec server then the correct way of saving it to memory. Cheers Gavin Gavin Wilson Kleinwort Benson Private Bank Tel: 0207 4751771 Mobile: 07989441850 email: [EMAIL PROTECTED] -- This email and any files transmitted with it are intended solely for the addressee(s) and may be legally privileged and/or confidential. If you have received this email in error you may not copy, forward or use the contents, attachments or information in any way. Please destroy it and contact the sender via our switchboard on +44(0) 20 7475 6600 or via return email. Any unauthorised use or disclosure may be unlawful. Kleinwort Benson Private Bank give no warranty as to the accuracy or completeness of this email after it is sent over the Internet and accept no responsibility for change made after it was sent. Any opinions expressed in this email may be personal to the author and may not necessarily reflect the opinions of Dresdner Bank or its affiliates. They may also be subject to change without notice. -- Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36071t=36068 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should I buy IDS ? [7:36053]
Ken Tel Khan 02/21/02 09:12AM Hi, Where can i obtain information on SNORT? Thanks in advance Tel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36072t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DEC server addressing [7:36068]
sorry def int address x.x.x.x def int mask x.x.x.x -Patrick Wilson, Gavin (KBPB) 02/21/02 10:46AM Hi there Does anyone know how to change the ip address and default gateway on a dec server then the correct way of saving it to memory. Cheers Gavin Gavin Wilson Kleinwort Benson Private Bank Tel: 0207 4751771 Mobile: 07989441850 email: [EMAIL PROTECTED] -- This email and any files transmitted with it are intended solely for the addressee(s) and may be legally privileged and/or confidential. If you have received this email in error you may not copy, forward or use the contents, attachments or information in any way. Please destroy it and contact the sender via our switchboard on +44(0) 20 7475 6600 or via return email. Any unauthorised use or disclosure may be unlawful. Kleinwort Benson Private Bank give no warranty as to the accuracy or completeness of this email after it is sent over the Internet and accept no responsibility for change made after it was sent. Any opinions expressed in this email may be personal to the author and may not necessarily reflect the opinions of Dresdner Bank or its affiliates. They may also be subject to change without notice. -- Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36073t=36068 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: %Error: No System flash chip information available - Help [7:36074]
Are you installing two 8M SIMMs? Scratching my head but I seem to recall that if you do you will have partitoned flash. If you want an unpartitioned 16M you need to install a single 16M SIMM. I'm sure this can be verified on CCO if your so inclined. good luck Dave Cisco Nuts wrote: Ok, Just tried to unpartition and partition my flash and then this error msg. when I do a #sh ver . help!! :-) %Error: No System flash chip information available Here is what happened: First configed-register to 0x2101...Reloaded... Then a erase flash cmd. Remote(boot)#erase flash Partition SizeUsed Free Bank-Size State Copy Mode 1 8192K 5180K 3011K 8192K Read/Write Direct 2 8192K 7918K 273K 8192K Read/Write Direct [Type ? for partition directory; ? for full directory; q to abort] Which partition? [default = 1] 2 System flash directory, partition 2: File Length Name/status 1 8108960 /c2500-js-l_112-17.bin [8109024 bytes used, 279584 available, 8388608 total] Erase flash device, partition 2? [confirm] Are you sure? [yes/no]: y Erasing device... ...erased Next step did a: Remote(boot)(config)#partition flash 2 16 to make it one big 16MB Then did a #sh flash Remote(boot)#sh flash System flash directory, partition 1: File Length Name/status 1 5304572 80135005.bin [5304636 bytes used, 11472580 available, 16777216 total] 16384K bytes of processor board System flash (Read/Write) %Error: No System flash chip information available Can anyone help?? Thank you. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36074t=36074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Works Now!! Was: Re: 16MB Flash (Read) (Read/Write) on a [7:36075]
should read all the mail before responding, forget my last message and I'll go back to scrathing my head;) Dave Cisco Nuts wrote: OK, Finally got it to work!! Thank you so much Sasa and the rest of you for helping me out. Here is what I did: (for others who might have a similiar problem) 1. Set the #config-register to 0x2101..Reloaded 2. Did a #erase flashDeleted the 2nd partition 3. Did a #partition flash 1 16 4. Erased the flash #erase flash 5. Set an #ip default-gateway and ip tftp source-interface cmd. 6. Did a #copy tftp flash.Bingo it worked beautifully!!! :-) Thank you all once again for your help. From: Sasa Milic To: Cisco Nuts Subject: Re: 16MB Flash (Read) (Read/Write) on a 2524 ?? [7:35989] Date: Wed, 20 Feb 2002 17:47:01 -0800 Erase and Unpartition flash...Which one?? Not clear on this Is this what I do? And would you mind if you clarified step # 3. When you try to erase flash, with erase flash:, it will show you two partitions, one with the image, and will ask for a confirmation to delete the file. When both partitions are empty, you can go into config mode, and type no partition flash, or partition flash 1 16. Be sure to save old image and config ! Hope this helps. Regards, Sasa Join the worlds largest e-mail service with MSN Hotmail. Click Here -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36075t=36075 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX v6.2 [7:35987]
I have not used it, but I think there is going to be some issues for someone trying to use PPPoe on a firewall, especially if the IP is dynamic. Just to get hands on with a firewall, I was playing with ISA 2000 Server at home (Microsoft Firewall). Their packet filters would not bind to a dynamic IP. My opinion of using PPPoe with Pix 6.2b is that if you're using a DSL line with a static IP, it should work, but if the IP is dynamic I think there is going to be a lot of issues with stability. Packet filters like to be bound to a static IP, when the IP suddenly disappears, it doesn't work correctly. So what I did was installed a small router that accepted PPPoe, with client side DCHP, so I set the PPPOE password on the router. Then my inside interface is 10.x.x.1, which goes do a switch. Though port forwarding, I can forward packets different servers. So like my first server is 10.x.x.3, and I make a rule to forward port 21 there. I am also doing DNS forwarding, for port 81, cause my ISP blocks incoming 80. I also run dynamic DNS services to keep my domain name mapped to the ip of the day. Maybe they will make a router as small at the 501 pix next, if they did, I would use that with PPPoe instead of a firewall. I think it's a nice theory, but I am skeptical. -Original Message- From: Clayton Dukes [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 3:49 PM To: [EMAIL PROTECTED] Subject: PIX v6.2 [7:35987] Has anyone installed and used PPPoE with the new Pix 6.2 Beta? Clayton Dukes CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 #rm -rf /bin/laden #kill -9 /bin/laden Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36079t=35987 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trunk Modes Perspective [7:36016]
... And the answer comes from ... you guessed it ... Cisco LAN Switching by Clark and Hamilton. page 320 The 'desirable' mode causes a Catalyst interface to inform the remote end of its 'intent' to enable ISL, but does not actually enable ISL unless the remote end agrees to enable it. The remote end must be set in the 'on', 'auto', or 'desirable' mode for the link to establish an ISL trunk. Do not use the 'desirable' mode if the remote end does not support DISL. Configuring a Catalyst in 'auto' mode enables the Catalyst to recieve a request to enable ISL trunking and to automatically enter that mode. The Catalyst configured in 'auto' never initiates a request to create a trunk and never becomes a trunk unless the remote end is configured as 'on' or 'desirable'. The 'auto' mode is the Catalyst default configuration. In when enabling a trunk you do not specify a mode, 'auto' is assumed. A Catalyst never enables trunk mode when left to the default value at both ends. When one end is set as 'auto', you must set the other end to either 'on' or 'desirable' to activate a trunk. -Original Message- From: Pierre-Alex GUANEL [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 6:36 PM To: [EMAIL PROTECTED] Subject: Trunk Modes Perspective [7:36016] In the real world when would you set a trunk type in auto rather than desirable? Both will be triggered when the connected device is set to on, desirable (or auto when setup with desirable). Thank you, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36080t=36016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trunk Modes Perspective [7:36016]
Thanks again ... I wished we add a major bookstore in Fairfield Do you have a real world practical example of when you used one versus the other I would like to share something concrete with my class tonight... Pierre-Alex -Original Message- From: Daniel Cotts [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 10:28 AM To: 'Pierre-Alex GUANEL'; [EMAIL PROTECTED] Subject: RE: Trunk Modes Perspective [7:36016] ... And the answer comes from ... you guessed it ... Cisco LAN Switching by Clark and Hamilton. page 320 The 'desirable' mode causes a Catalyst interface to inform the remote end of its 'intent' to enable ISL, but does not actually enable ISL unless the remote end agrees to enable it. The remote end must be set in the 'on', 'auto', or 'desirable' mode for the link to establish an ISL trunk. Do not use the 'desirable' mode if the remote end does not support DISL. Configuring a Catalyst in 'auto' mode enables the Catalyst to recieve a request to enable ISL trunking and to automatically enter that mode. The Catalyst configured in 'auto' never initiates a request to create a trunk and never becomes a trunk unless the remote end is configured as 'on' or 'desirable'. The 'auto' mode is the Catalyst default configuration. In when enabling a trunk you do not specify a mode, 'auto' is assumed. A Catalyst never enables trunk mode when left to the default value at both ends. When one end is set as 'auto', you must set the other end to either 'on' or 'desirable' to activate a trunk. -Original Message- From: Pierre-Alex GUANEL [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 6:36 PM To: [EMAIL PROTECTED] Subject: Trunk Modes Perspective [7:36016] In the real world when would you set a trunk type in auto rather than desirable? Both will be triggered when the connected device is set to on, desirable (or auto when setup with desirable). Thank you, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36081t=36016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Should I buy IDS ? [7:36053]
There is another public domain IDS at http://www.icir.org/vern/bro-info.html it is also worth checking out http://www.networkintrusion.co.uk/ids.htm for a detailed list of IDSs irwin -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 10:28 AM To: [EMAIL PROTECTED] Subject: RE: Should I buy IDS ? [7:36053] www.snort.org and remember www.lids.org :) Install lids then snort... (unless you are plannign on runnign snort on a microsoft platform! :) (but that kinda defeats the purpose of security...) Tel Khan 02/21/02 10:12AM Hi, Where can i obtain information on SNORT? Thanks in advance Tel Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36078t=36053 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP Successor [7:36044]
Hunt Lee wrote: I have an EIGRP question that I'm a bit confused: Firstly, let me try to see if I understand the terms: (for EIGRP) Successor - A neighoring router used for packet forwarding that has a least cost path to a destination. Feasible Successor - Next-hop router for the backup path. If this is the case, on TCP / IP Vol 1 (by Doyle) at p342 Fig 8.8 It shows the following EIGRP topology table:- (for Router Chanute) Chanute# show ip eigrp topology P10.1.6.0 /24, 1 successors, FD is 768 via 10.1.2.1 (768 / 512), Ethernet0 First number (768) is the Feasible Dist of this local router (Chanute), while the second number is the Advertised Dist from the neighbor router (at 10.1.2.1) Since the first number equals the FD, this 10.1.2.1 is a successor for subnet 10.1.6.0 /24. However, Jeff said the route to 10.1.6.0 has an FD of 768 (which I agree so far), and Wright (at 10.1.2.1) is the only feasible successor. ??? But isn't 10.1.2.1 the successor rather than the feasible successor? Yes, I think you are correct. This is a fairly common use of terminology though. If a successor stands alone, it also by default is the only *feasible* successor. You could just as well debate the definition of synchronous. As another example: (for another router called Langley) Langley# show ip eigrp topology P10.1.2.0 /24, 1 successors, FD is 768 via 10.1.3.1 (768 / 256), Serial 0 via 10.1.5.2 (1280 / 256), Serial 1 In this case, since the route via 10.1.3.1 has FD have 768, it will be the successor, and the route via 10.1.5.2 has FD have 1280 (which is 768) - so it is a feasible successor Am I on the right track? I don't think so. I think that DUAL requires that the AD of the FS be less than the FD via the successor. Now if you are just asking whether or not the fact that the FD is higher makes it a FS instead of a full-fledged successor, I would sort of agree. But the loop-prevention aspect of DUAL needs to be met before a route becomes a FS. Time to go home Thanks for any help in advance, Best Regards, Hunt Lee System Engineer WebCentral Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36076t=36044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: %Error: No System flash chip information available - Help [7:36077]
on the 25xx series, you can have 2x4 meg or 2x8 meg I believe what needs be done is to enter the command partition flash 1 this will perform some magic that will result in one great big 16 meg flash after reloading. Chuck MADMAN wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Are you installing two 8M SIMMs? Scratching my head but I seem to recall that if you do you will have partitoned flash. If you want an unpartitioned 16M you need to install a single 16M SIMM. I'm sure this can be verified on CCO if your so inclined. good luck Dave Cisco Nuts wrote: Ok, Just tried to unpartition and partition my flash and then this error msg. when I do a #sh ver . help!! :-) %Error: No System flash chip information available Here is what happened: First configed-register to 0x2101...Reloaded... Then a erase flash cmd. Remote(boot)#erase flash Partition SizeUsed Free Bank-Size State Copy Mode 1 8192K 5180K 3011K 8192K Read/Write Direct 2 8192K 7918K 273K 8192K Read/Write Direct [Type ? for partition directory; ? for full directory; q to abort] Which partition? [default = 1] 2 System flash directory, partition 2: File Length Name/status 1 8108960 /c2500-js-l_112-17.bin [8109024 bytes used, 279584 available, 8388608 total] Erase flash device, partition 2? [confirm] Are you sure? [yes/no]: y Erasing device... ...erased Next step did a: Remote(boot)(config)#partition flash 2 16 to make it one big 16MB Then did a #sh flash Remote(boot)#sh flash System flash directory, partition 1: File Length Name/status 1 5304572 80135005.bin [5304636 bytes used, 11472580 available, 16777216 total] 16384K bytes of processor board System flash (Read/Write) %Error: No System flash chip information available Can anyone help?? Thank you. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36077t=36077 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
A router sends the components of the metric. The recipient calculates the actual composite metric by working a bunch of black magic. The DUAL process and figuring out successors are separate from the metric calculation, but use the metric info. Here's a terrific paper on the topic: http://www.cisco.com/warp/public/103/eigrp-toc.html Priscilla At 09:36 AM 2/21/02, Steven A. Ridder wrote: So is it safe for me to conclude that I was wrong in stating that EIGRP sends the metrics to its neighbors. It actually sends the raw data such as bandwidth, and delay, and the neighbor router uses the DUAL FSM process to calculate the Reported Distance and then it's distance? I've been sniffing and debugging all morning and I can't find a metric in a packet, just raw data. -- RFC 1149 Compliant. Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The delay part of the EIGRP composite metric is not measured. It's based on the type of interface. Each type of interface has a default value. You can change it, although this is risky and not recommended. Because EIGRP is a distance-vector protocol, the router sends route updates that list networks. For each network, the router states the different parts of the composite metric: 1) The delay to get to the network, which is a cumulation of all interface delays. 2) The bandwidth to that network, which is the minimum bandwidth for all interfaces. 3) Reliability which is not used by default, but you can configure the router to use it. If used, the reliability is measured and represents how much of the bandwidth to the network is in use. 4) Load which is not used by default, but you can configure the router to use it. If used, the load is measured and represents the fraction of packets that arrive at the network undamaged. The router also sends the following info, which is not part of the metric, but useful for other routers to know: 1) MTU is the maximum packet size that can be sent along the entire path without fragmentation. (That is, it is the minimum of the MTUs of all the networks involved in the path.) 2) The hop count is simply the number of routers that a packet will have to go through to get to the destination. 3) Next hop is the address of the router to use to get to the destination, which is usually the router sending the update. Priscilla At 05:15 PM 2/20/02, Yatou Wu wrote: Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36083t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hop count in EIGRP? [7:36082]
Actually there are hop count limits that need to be adhered to when you implement EIGRP for Appletalk and IPX. You can search on CCO and read all about it. Steven A. Ridder wrote: Anyone know why there is a hop-count in EIGRP? It has a 1 byte value, but it doesn't limit the number of hops and it looks like routers don't use it in their calculations. Why is it there? -- RFC 1149 Compliant. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36084t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Autonomous-system command [7:36067]
Checked one of my lab boxes, it's running 12.0(16) and had that command as well. Like you I searched cisco command ref online and couldn't find it. I have an old 11.1 command summary manual and found it on page 453. [no] autonomous-system (local-as) To specify the local autonomous system that the router resides in for EGP, use the autonomous-system global configuration command. To me it looks as if this is a throwback to the EGP days (pre-BGP). Rather than do a search for EGP on CCO and get 1100 results that are referring to anything but the old protocol, I have Doyle's VOL II handy. His first chapter in VOL II is about EGP, the protocol. On page 26 he lists the steps for turning it on: 1. Specify the router's AS with the command autonomous-system 2. Start the EGP process and specify the neighbor's AS with the command router egp 3. Specify the EGP neighbors with the neighbor command 4. Specify what networks are to be advertised by EGP HTH, -chris -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 10:39 AM To: [EMAIL PROTECTED] Subject: Autonomous-system command [7:36067] In 12.2(3) I just ran across the following global configuration command: autonomous-system [AS] Router(config)#? Configure commands: aaa Authentication, Authorization and Accounting. access-list Add an access list entry alias Create command alias alpsConfigure Airline Protocol Support apollo Apollo global configuration commands appletalk Appletalk global configuration commands arapAppletalk Remote Access Protocol arp Set a static ARP entry async-bootp Modify system bootp parameters autonomous-system Specify local AS number to which we belong I can't find this command in the master indexes and I've done a google search on CCO and wasn't able to find it. Any idea what this command might be used for? John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36085t=36067 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hop count in EIGRP? [7:36082]
thanks! -- RFC 1149 Compliant. s vermill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Actually there are hop count limits that need to be adhered to when you implement EIGRP for Appletalk and IPX. You can search on CCO and read all about it. Steven A. Ridder wrote: Anyone know why there is a hop-count in EIGRP? It has a 1 byte value, but it doesn't limit the number of hops and it looks like routers don't use it in their calculations. Why is it there? -- RFC 1149 Compliant. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36086t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Autonomous-system command [7:36067]
Thanks! I figured it must do something or they wouldn't have it there. :-) It's interesting that they don't have it in the command references any longer, though. You'd think that if you check the master index that all possible commands would be in there somewhere, but I couldn't find this one. Thanks again, John Kane, Christopher A. 2/21/02 10:51:16 AM Checked one of my lab boxes, it's running 12.0(16) and had that command as well. Like you I searched cisco command ref online and couldn't find it. I have an old 11.1 command summary manual and found it on page 453. [no] autonomous-system (local-as) To specify the local autonomous system that the router resides in for EGP, use the autonomous-system global configuration command. To me it looks as if this is a throwback to the EGP days (pre-BGP). Rather than do a search for EGP on CCO and get 1100 results that are referring to anything but the old protocol, I have Doyle's VOL II handy. His first chapter in VOL II is about EGP, the protocol. On page 26 he lists the steps for turning it on: 1. Specify the router's AS with the command autonomous-system 2. Start the EGP process and specify the neighbor's AS with the command router egp 3. Specify the EGP neighbors with the neighbor command 4. Specify what networks are to be advertised by EGP HTH, -chris -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 10:39 AM To: [EMAIL PROTECTED] Subject: Autonomous-system command [7:36067] In 12.2(3) I just ran across the following global configuration command: autonomous-system [AS] Router(config)#? Configure commands: aaa Authentication, Authorization and Accounting. access-list Add an access list entry alias Create command alias alpsConfigure Airline Protocol Support apollo Apollo global configuration commands appletalk Appletalk global configuration commands arapAppletalk Remote Access Protocol arp Set a static ARP entry async-bootp Modify system bootp parameters autonomous-system Specify local AS number to which we belong I can't find this command in the master indexes and I've done a google search on CCO and wasn't able to find it. Any idea what this command might be used for? John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36087t=36067 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
route selection in BGP [7:36088]
Can someone solve this confusion regarding the route selection process in Cisco BGP. Suppose the route is sync and the next-hop is reachable, which is then thru? A) 1) highest weight 2) highest local preference 3) shortest AS-path 4) lowest origin code (IGPEGPunknown) 5) lowest MED 6) EBGP learned over IBGP learned etc B) 1) highest weight 2) highest local preference 3) originated by local router *1 4) shortest AS-path 5) lowest origin code (IGPEGPunknown) 6) lowest MED 7) EBGP learned over IBGP learned *1: Is this correct, one source says yes, one says no? Cheers, Joep Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36088t=36088 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Logs [7:36090]
Greetings all, I have a big pix log (50mb) and I need to clean it up to get src/dest and port numbers in a clean format. Do you guys know of any freebie I can use to clean it? Thanks.Nabil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36090t=36090 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: route selection in BGP [7:36088]
I am not that familiar with BGP but I would say weight. Select the path with the highest administrative weight. * If weights are equal, prefer the route with the highest local preference; * If the local preferences are the same, prefer the route originated by this router; * If none of the routes originated from this router, prefer the route that passes through the fewest ASes; -Original Message- From: Joep Hoet [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 1:09 PM To: [EMAIL PROTECTED] Subject: route selection in BGP [7:36088] Can someone solve this confusion regarding the route selection process in Cisco BGP. Suppose the route is sync and the next-hop is reachable, which is then thru? A) 1) highest weight 2) highest local preference 3) shortest AS-path 4) lowest origin code (IGPEGPunknown) 5) lowest MED 6) EBGP learned over IBGP learned etc B) 1) highest weight 2) highest local preference 3) originated by local router *1 4) shortest AS-path 5) lowest origin code (IGPEGPunknown) 6) lowest MED 7) EBGP learned over IBGP learned *1: Is this correct, one source says yes, one says no? Cheers, Joep Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36092t=36088 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX v6.2 [7:35987]
Where did you guys find the new 6.2 versions? I looked at Cisco's site, no luck. Thanksnabil Brian Zeitz cc: Sent by:Subject: RE: PIX v6.2 [7:35987] nobody@groupstud y.com 02/21/2002 11:27 AM Please respond to Brian Zeitz I have not used it, but I think there is going to be some issues for someone trying to use PPPoe on a firewall, especially if the IP is dynamic. Just to get hands on with a firewall, I was playing with ISA 2000 Server at home (Microsoft Firewall). Their packet filters would not bind to a dynamic IP. My opinion of using PPPoe with Pix 6.2b is that if you're using a DSL line with a static IP, it should work, but if the IP is dynamic I think there is going to be a lot of issues with stability. Packet filters like to be bound to a static IP, when the IP suddenly disappears, it doesn't work correctly. So what I did was installed a small router that accepted PPPoe, with client side DCHP, so I set the PPPOE password on the router. Then my inside interface is 10.x.x.1, which goes do a switch. Though port forwarding, I can forward packets different servers. So like my first server is 10.x.x.3, and I make a rule to forward port 21 there. I am also doing DNS forwarding, for port 81, cause my ISP blocks incoming 80. I also run dynamic DNS services to keep my domain name mapped to the ip of the day. Maybe they will make a router as small at the 501 pix next, if they did, I would use that with PPPoe instead of a firewall. I think it's a nice theory, but I am skeptical. -Original Message- From: Clayton Dukes [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 3:49 PM To: [EMAIL PROTECTED] Subject: PIX v6.2 [7:35987] Has anyone installed and used PPPoE with the new Pix 6.2 Beta? Clayton Dukes CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 #rm -rf /bin/laden #kill -9 /bin/laden Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36093t=35987 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pin #6 - DSR - Why?? [7:36094]
Hello, The BCRAN course book mentions 8 pins being used for modem connections: Pins 2,3,4,5,6,7,8,20...Pin # 6 it says is not really used for modem connection and infact I don't even see that pin on the actual adapter. Then why is it mentioned and if it is actually used, when would it be used? Can someone help clarify this for me? Thank you. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36094t=36094 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36095t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36096t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
Did anyone notice that I explained reliability and load backwards? ;-) It was a copy-and-paste error. Reverse the two explanations below please. Priscilla At 08:43 PM 2/20/02, Priscilla Oppenheimer wrote: The delay part of the EIGRP composite metric is not measured. It's based on the type of interface. Each type of interface has a default value. You can change it, although this is risky and not recommended. Because EIGRP is a distance-vector protocol, the router sends route updates that list networks. For each network, the router states the different parts of the composite metric: 1) The delay to get to the network, which is a cumulation of all interface delays. 2) The bandwidth to that network, which is the minimum bandwidth for all interfaces. 3) Reliability which is not used by default, but you can configure the router to use it. If used, the reliability is measured and represents how much of the bandwidth to the network is in use. 4) Load which is not used by default, but you can configure the router to use it. If used, the load is measured and represents the fraction of packets that arrive at the network undamaged. The router also sends the following info, which is not part of the metric, but useful for other routers to know: 1) MTU is the maximum packet size that can be sent along the entire path without fragmentation. (That is, it is the minimum of the MTUs of all the networks involved in the path.) 2) The hop count is simply the number of routers that a packet will have to go through to get to the destination. 3) Next hop is the address of the router to use to get to the destination, which is usually the router sending the update. Priscilla At 05:15 PM 2/20/02, Yatou Wu wrote: Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36097t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Practical studies - review by Brad. [7:36038]
We have a complete archive of all messages sent at www.groupstudy.com. You may also try the Webboard for this group which has every message from the last six months. Take care, Paul - Original Message - From: Rajesh Kumar To: Sent: Wednesday, February 20, 2002 10:28 PM Subject: CCIE Practical studies - review by Brad. [7:36038] Hi all, Some time back, Brad had sent out an email about the review of the book - CCIE Practical Studies Vol I - chapter wise. Somehow I couldn't see this in my mail box. If anybody have saved a copy of the mail, Is it possible to forward to me? Thanks Rajesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36098t=36038 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pin #6 - DSR - Why?? [7:36094]
I suspect that you will get a fair number of responses since there are many variations on the use of this signal. I seem to recall reading that section and disagreeing somewhat on the author's comments. But the perspective was a Cisco one, so you can't fight City Hall. Asserting DSR is typically a DCE response to a DTR having asserted DTR. In reality, it often just comes on with power. Sometimes it comes one with power and a sucessfully passed self test on the interface. When the author said that it isn't often used, I think she meant that the DTE rarely cares. The DCE will usually support the signal anyway just to meet specs. I suspect that it was mentioned in the interest of being thorough. Cisco Nuts wrote: Hello, The BCRAN course book mentions 8 pins being used for modem connections: Pins 2,3,4,5,6,7,8,20...Pin # 6 it says is not really used for modem connection and infact I don't even see that pin on the actual adapter. Then why is it mentioned and if it is actually used, when would it be used? Can someone help clarify this for me? Thank you. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36100t=36094 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CISCO INTERNSHIP.....CCIE..... [7:36091]
I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36101t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36102t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CISCO INTERNSHIP.....CCIE..... [7:36091]
A CCNA with little or no experience? Hardly. He's lucky to even land a job right now. I think this intern program is aimed at people new to the field. -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 12:50 PM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36103t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
Well in the good old days of the economy, I made more than that even before becoming a CCNA. I would never settle for 50k, even in this econ., especially as a CCIE. Plus, a CCIE IMO should already have exp., and lots of it. Otherwise it defeats the purpose of becoming a CCIE - cisco certified internet EXPERT! -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A CCNA with little or no experience? Hardly. He's lucky to even land a job right now. I think this intern program is aimed at people new to the field. -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 12:50 PM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36104t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX v6.2 [7:35987]
Hummm, I too scanned the Cisco site for 6.2 and only found 6.1.2. I'd heard from the rumor-mill that 6.2 was out, but perhaps that's incorrect. As I'm about ready to upgrade the failover 515UR, it'd be nice if I only had to do this once -- this year. Any speculation on that 6.2 release date? Best, G. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:08 AM To: [EMAIL PROTECTED] Subject: RE: PIX v6.2 [7:35987] Where did you guys find the new 6.2 versions? I looked at Cisco's site, no luck. Thanksnabil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36105t=35987 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Logs [7:36090]
50mb? What are you logging to? check out kiwisyslog and the various utils on their site www.kiwisyslog.com -Patrick [EMAIL PROTECTED] 02/21/02 01:37PM Greetings all, I have a big pix log (50mb) and I need to clean it up to get src/dest and port numbers in a clean format. Do you guys know of any freebie I can use to clean it? Thanks.Nabil Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36106t=36090 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
ahhh you ole cut'n'paster :p :) Priscilla Oppenheimer 02/21/02 02:51PM Did anyone notice that I explained reliability and load backwards? ;-) It was a copy-and-paste error. Reverse the two explanations below please. Priscilla At 08:43 PM 2/20/02, Priscilla Oppenheimer wrote: The delay part of the EIGRP composite metric is not measured. It's based on the type of interface. Each type of interface has a default value. You can change it, although this is risky and not recommended. Because EIGRP is a distance-vector protocol, the router sends route updates that list networks. For each network, the router states the different parts of the composite metric: 1) The delay to get to the network, which is a cumulation of all interface delays. 2) The bandwidth to that network, which is the minimum bandwidth for all interfaces. 3) Reliability which is not used by default, but you can configure the router to use it. If used, the reliability is measured and represents how much of the bandwidth to the network is in use. 4) Load which is not used by default, but you can configure the router to use it. If used, the load is measured and represents the fraction of packets that arrive at the network undamaged. The router also sends the following info, which is not part of the metric, but useful for other routers to know: 1) MTU is the maximum packet size that can be sent along the entire path without fragmentation. (That is, it is the minimum of the MTUs of all the networks involved in the path.) 2) The hop count is simply the number of routers that a packet will have to go through to get to the destination. 3) Next hop is the address of the router to use to get to the destination, which is usually the router sending the update. Priscilla At 05:15 PM 2/20/02, Yatou Wu wrote: Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36107t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
ccna makes 50? uh maybe with a little experience Here in atlanta cna means squat Steven A. Ridder 02/21/02 03:50PM A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36108t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trunk Modes Perspective [7:36016]
Try Amazon. COM, Barnes and Noble is out there and there are a bunch more book sales on the net, then you do not have to fight the traffic to find that book you want. Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Pierre-Alex GUANEL Sent: Thursday, February 21, 2002 10:34 AM To: [EMAIL PROTECTED] Subject: RE: Trunk Modes Perspective [7:36016] Thanks again ... I wished we add a major bookstore in Fairfield Do you have a real world practical example of when you used one versus the other I would like to share something concrete with my class tonight... Pierre-Alex -Original Message- From: Daniel Cotts [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 10:28 AM To: 'Pierre-Alex GUANEL'; [EMAIL PROTECTED] Subject: RE: Trunk Modes Perspective [7:36016] ... And the answer comes from ... you guessed it ... Cisco LAN Switching by Clark and Hamilton. page 320 The 'desirable' mode causes a Catalyst interface to inform the remote end of its 'intent' to enable ISL, but does not actually enable ISL unless the remote end agrees to enable it. The remote end must be set in the 'on', 'auto', or 'desirable' mode for the link to establish an ISL trunk. Do not use the 'desirable' mode if the remote end does not support DISL. Configuring a Catalyst in 'auto' mode enables the Catalyst to recieve a request to enable ISL trunking and to automatically enter that mode. The Catalyst configured in 'auto' never initiates a request to create a trunk and never becomes a trunk unless the remote end is configured as 'on' or 'desirable'. The 'auto' mode is the Catalyst default configuration. In when enabling a trunk you do not specify a mode, 'auto' is assumed. A Catalyst never enables trunk mode when left to the default value at both ends. When one end is set as 'auto', you must set the other end to either 'on' or 'desirable' to activate a trunk. -Original Message- From: Pierre-Alex GUANEL [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 6:36 PM To: [EMAIL PROTECTED] Subject: Trunk Modes Perspective [7:36016] In the real world when would you set a trunk type in auto rather than desirable? Both will be triggered when the connected device is set to on, desirable (or auto when setup with desirable). Thank you, Pierre-Alex - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36109t=36016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
That's right. A CCNA could potentially make more than $50K (with skills though) Here is what I don't understand: Jason states that his company is looking(note) for people while Sean mentions that you do have to actually sign up(note) for their program which he adds is not cheap?? So basically, looks like people will first have to shell out this huge dough out of their pocket to get an intership thru this company. From: Steven A. Ridder Reply-To: Steven A. Ridder To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 15:50:16 -0500 A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will weunfortunate ones be indebted to your gracious company? :-)Can you clarify this?? From: Jason LeeReply-To: Jason LeeTo: [EMAIL PROTECTED]Subject: CISCO INTERNSHIP.CCIE. [7:36091]Date: Thu, 21 Feb 2002 13:40:20 -0500Hi all,My name is Jason Lee I currently work for ICTP located in anaheimcaliforniawe are currently looking for few candidates to go through our very intensecisco training, also to note that upon finishing the program CEA (ciscoexpert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you,or if you need a lab to study for the ccie or ccnp please give me a call.Jason LeeIT specialist 714-783-1083www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36110t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trunk Modes Perspective [7:36016]
Thanks, sometimes I forget the obvious :) Pierre-Alex -Original Message- From: McIntosh, Leslie (US - Tulsa) [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 3:54 PM To: 'Pierre-Alex GUANEL'; '[EMAIL PROTECTED]' Subject: RE: Trunk Modes Perspective [7:36016] Try Amazon. COM, Barnes and Noble is out there and there are a bunch more book sales on the net, then you do not have to fight the traffic to find that book you want. Thank You, Leslie McIntosh Network Engineer Deloitte Touche (918)461-4894 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Pierre-Alex GUANEL Sent: Thursday, February 21, 2002 10:34 AM To: [EMAIL PROTECTED] Subject: RE: Trunk Modes Perspective [7:36016] Thanks again ... I wished we add a major bookstore in Fairfield Do you have a real world practical example of when you used one versus the other I would like to share something concrete with my class tonight... Pierre-Alex -Original Message- From: Daniel Cotts [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 10:28 AM To: 'Pierre-Alex GUANEL'; [EMAIL PROTECTED] Subject: RE: Trunk Modes Perspective [7:36016] ... And the answer comes from ... you guessed it ... Cisco LAN Switching by Clark and Hamilton. page 320 The 'desirable' mode causes a Catalyst interface to inform the remote end of its 'intent' to enable ISL, but does not actually enable ISL unless the remote end agrees to enable it. The remote end must be set in the 'on', 'auto', or 'desirable' mode for the link to establish an ISL trunk. Do not use the 'desirable' mode if the remote end does not support DISL. Configuring a Catalyst in 'auto' mode enables the Catalyst to recieve a request to enable ISL trunking and to automatically enter that mode. The Catalyst configured in 'auto' never initiates a request to create a trunk and never becomes a trunk unless the remote end is configured as 'on' or 'desirable'. The 'auto' mode is the Catalyst default configuration. In when enabling a trunk you do not specify a mode, 'auto' is assumed. A Catalyst never enables trunk mode when left to the default value at both ends. When one end is set as 'auto', you must set the other end to either 'on' or 'desirable' to activate a trunk. -Original Message- From: Pierre-Alex GUANEL [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 6:36 PM To: [EMAIL PROTECTED] Subject: Trunk Modes Perspective [7:36016] In the real world when would you set a trunk type in auto rather than desirable? Both will be triggered when the connected device is set to on, desirable (or auto when setup with desirable). Thank you, Pierre-Alex - This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. - If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36111t=36016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
pay for an internship? sounds like I am in the wrong business all together... hehe Cisco Nuts 02/21/02 04:54PM That's right. A CCNA could potentially make more than $50K (with skills though) Here is what I don't understand: Jason states that his company is looking(note) for people while Sean mentions that you do have to actually sign up(note) for their program which he adds is not cheap?? So basically, looks like people will first have to shell out this huge dough out of their pocket to get an intership thru this company. From: Steven A. Ridder Reply-To: Steven A. Ridder To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 15:50:16 -0500 A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will weunfortunate ones be indebted to your gracious company? :-)Can you clarify this?? From: Jason LeeReply-To: Jason LeeTo: [EMAIL PROTECTED]Subject: CISCO INTERNSHIP.CCIE. [7:36091]Date: Thu, 21 Feb 2002 13:40:20 -0500Hi all,My name is Jason Lee I currently work for ICTP located in anaheimcaliforniawe are currently looking for few candidates to go through our very intensecisco training, also to note that upon finishing the program CEA (ciscoexpert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you,or if you need a lab to study for the ccie or ccnp please give me a call.Jason LeeIT specialist 714-783-1083www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com. Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36112t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
The EIGRP bandwidth metric is 2.56 billion divided by the real bandwidth. That's just how Cisco does it (and how Sniffer displays it). In this case, the bandwidth metric is 1657856, as the Sniffer reports. The network is reachable via a single, ordinary 1544 Kbps serial interface. Do the math. ;-) Priscilla At 10:00 PM 2/20/02, Chuck wrote: I'm curious about the EIGRP bandwidth being reported at 2.5 billion bps. what kind of a network you running there, PO? ;- see below: Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 07:03 PM 2/20/02, Steven A. Ridder wrote: It's not in a packet that gets sent. It is actually. Here's a packet for you: DLC: - DLC Header - DLC: Destination = Station Cisco1053E80 DLC: Source = Station Cisco1002E75 DLC: Ethertype = 0800 (IP) IP: - IP Header - IP: Version = 4, header length = 20 bytes IP: Type of service = 00 IP: 000. = routine IP: ...0 = normal delay IP: 0... = normal throughput IP: .0.. = normal reliability IP: Total length= 68 bytes IP: Identification = 0 IP: Flags = 0X IP: .0.. = may fragment IP: ..0. = last fragment IP: Fragment offset = 0 bytes IP: Time to live= 2 seconds/hops IP: Protocol= 88 (EIGRP) IP: Header checksum = 4C3F (correct) IP: Source address = [172.16.10.2] Charlotte IP: Destination address = [172.16.10.1] Albany IP: No options EIGRP: - Enhanced IGRP Header - EIGRP: EIGRP: Version= 2 EIGRP: Opcode = 1 (Update) EIGRP: EIGRP Checksum = E17D (correct) EIGRP: Flags (unused) = EIGRP: Flags = 0001 EIGRP: ..0. = Conditionally receive mode is not required EIGRP: ...1 = Is an initial update packet EIGRP: Sequence number = 1 EIGRP: Acknowledgment number= 0 EIGRP: Autonomous System number = 100 EIGRP: EIGRP: Protocol ID = 0x01 (IP) EIGRP: Type Code= 0x0102 (IP Internal Routes) EIGRP: Field length = 28 EIGRP: Next hop address= 0 (use source IP addr) EIGRP: Time delay (10 msec/256)= 512000EIGRP: Path bandwidth (2,560,000,000/kbps) = 1657856 EIGRP: Min/max transmission unit (MTU) = 1500 EIGRP: Hop count = 0 EIGRP: Reliability (error percentage) = 250 EIGRP: Load utilization percentage = 1 EIGRP: Reserved EIGRP: Prefix length in bits = 24 EIGRP: IP Destination Address = 0.172.16.40 Priscilla Sasa Milic wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The router DOES pass total delay and minumum bandwidth of the route to neighbors. check show ip eigrp topologu Sasa CCIE No 8635 Steven A. Ridder wrote: I believe the delay is by default set on the interface by the router based on the type of link it is. I'm sure there's charts on CCO somewhere. You can change this info on the interface with the delay command, which is the recommended way of changing a metric if you are forced to do so. The router dosen't pass the delay info of a link to other routers as a raw figure, it calculates the BW and delay, then multiplies it by 256 and sends that calculation to a neighbor, which is the metric. Yatou Wu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36114t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
I suspect the below is not as true as it used to be.. Brian On Thu, 21 Feb 2002, Steven A. Ridder wrote: A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36113t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
Reposting. I never saw this one get posted. The EIGRP bandwidth metric is 2.56 billion divided by the real bandwidth. That's just how Cisco does it (and how Sniffer displays it). In this case, the bandwidth metric is 1657856, as the Sniffer reports. The network is reachable via a single, ordinary 1544 Kbps serial interface. Do the math. ;-) Priscilla At 10:00 PM 2/20/02, Chuck wrote: I'm curious about the EIGRP bandwidth being reported at 2.5 billion bps. what kind of a network you running there, PO? ;- see below: Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 07:03 PM 2/20/02, Steven A. Ridder wrote: It's not in a packet that gets sent. It is actually. Here's a packet for you: DLC: - DLC Header - DLC: Destination = Station Cisco1053E80 DLC: Source = Station Cisco1002E75 DLC: Ethertype = 0800 (IP) IP: - IP Header - IP: Version = 4, header length = 20 bytes IP: Type of service = 00 IP: 000. = routine IP: ...0 = normal delay IP: 0... = normal throughput IP: .0.. = normal reliability IP: Total length= 68 bytes IP: Identification = 0 IP: Flags = 0X IP: .0.. = may fragment IP: ..0. = last fragment IP: Fragment offset = 0 bytes IP: Time to live= 2 seconds/hops IP: Protocol= 88 (EIGRP) IP: Header checksum = 4C3F (correct) IP: Source address = [172.16.10.2] Charlotte IP: Destination address = [172.16.10.1] Albany IP: No options EIGRP: - Enhanced IGRP Header - EIGRP: EIGRP: Version= 2 EIGRP: Opcode = 1 (Update) EIGRP: EIGRP Checksum = E17D (correct) EIGRP: Flags (unused) = EIGRP: Flags = 0001 EIGRP: ..0. = Conditionally receive mode is not required EIGRP: ...1 = Is an initial update packet EIGRP: Sequence number = 1 EIGRP: Acknowledgment number= 0 EIGRP: Autonomous System number = 100 EIGRP: EIGRP: Protocol ID = 0x01 (IP) EIGRP: Type Code= 0x0102 (IP Internal Routes) EIGRP: Field length = 28 EIGRP: Next hop address= 0 (use source IP addr) EIGRP: Time delay (10 msec/256)= 512000EIGRP: Path bandwidth (2,560,000,000/kbps) = 1657856 EIGRP: Min/max transmission unit (MTU) = 1500 EIGRP: Hop count = 0 EIGRP: Reliability (error percentage) = 250 EIGRP: Load utilization percentage = 1 EIGRP: Reserved EIGRP: Prefix length in bits = 24 EIGRP: IP Destination Address = 0.172.16.40 Priscilla Sasa Milic wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The router DOES pass total delay and minumum bandwidth of the route to neighbors. check show ip eigrp topologu Sasa CCIE No 8635 Steven A. Ridder wrote: I believe the delay is by default set on the interface by the router based on the type of link it is. I'm sure there's charts on CCO somewhere. You can change this info on the interface with the delay command, which is the recommended way of changing a metric if you are forced to do so. The router dosen't pass the delay info of a link to other routers as a raw figure, it calculates the BW and delay, then multiplies it by 256 and sends that calculation to a neighbor, which is the metric. Yatou Wu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36115t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct
Re: hop count in EIGRP? [7:36082]
It's possible it's just a holdover from IGRP which does limit the diameter of a network by checking the hop count. But EIGRP may limit the number of hops too, depending on which document you read. ;-) The following document says that the default max is 100 but can be increased with the metric maximum-hops command (even though it's not part of the metric). Some docs say this is for IGRP only, so you better try it. http://www.cisco.com/warp/public/103/eigrp12.html Also, I know we discussed this before so you might want to check the Group Study archives. Priscilla At 11:56 AM 2/21/02, Steven A. Ridder wrote: Anyone know why there is a hop-count in EIGRP? It has a 1 byte value, but it doesn't limit the number of hops and it looks like routers don't use it in their calculations. Why is it there? -- RFC 1149 Compliant. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36116t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX information [7:35294]
Any changes you make to the Pri PIX will be written to the SEC, no need to day anything. Good Idea to move the sec and do a Wr M Rob -Original Message- From: Evans, TJ [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 12:53 PM To: [EMAIL PROTECTED] Subject: RE: PIX information [7:35294] I believe it sync's them auto-magically, or perhaps on a timed basis. Regardless ... I always do a wr standby ... just to be sure. Thanks! TJ -Original Message- From: Hartnell, George [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 12:46 PM To: [EMAIL PROTECTED] Subject:RE: PIX information [7:35294] AND, am I to understand correctly, as the manual is quite vague, that an upgrade of the primary failover unit also updates the secondary? Or, must the hapless administrator do each individually? Best, G. -Original Message- From: Jose Celestino [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 7:12 AM To: [EMAIL PROTECTED] Subject: Re: PIX information [7:35294] PIX-FW1# copy ? usage: copy tftp[:[[//location][/pathname]]] flash For instance: copy tftp://192.168.2.2/configs/pix.cfg flash Thus spake BASSOLE Rock, on Wed, Feb 13, 2002 at 09:06:59AM -0500: Hello group, What command can I use to copy a configuraton form a tftp server to a PIX Firewall? I have look on the cisco web site for the command but couldn't find. Can somebody help. Thank you. Rock -- Jose Celestino - Little prigs and three-quarter madmen may have the conceit that the laws of nature are constantly broken for their sakes. -- Friedrich Nietzsche * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36117t=35294 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hop count in EIGRP? [7:36082]
Priscilla Oppenheimer wrote: It's possible it's just a holdover from IGRP which does limit the diameter of a network by checking the hop count. But EIGRP may limit the number of hops too, depending on which document you read. ;-) The following document says that the default max is 100 but can be increased with the metric maximum-hops command (even though it's not part of the metric). Some docs say this is for IGRP only, so you better try it. http://www.cisco.com/warp/public/103/eigrp12.html Also, I know we discussed this before so you might want to check the Group Study archives. Priscilla I have seen references to EIGRP hop count limits before. As I mentioned in my first post, that seems related to Appletalk and IPX support. However, a 'sh ip prot' will indeed produce a line that stated EIGRP maximum hopcount 100. Thus far, I haven't been able to find a command to change that value. Interesting. Scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36118t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
I would be curious to know what type of contractual obligation is involved here. I would be willing to look at *something*, as long as it wasn't too binding (yeah right). And I *haven't* seen companies pay for training, at least not this (the good kind, that advances your career). Many if not most companies make it clear that they want you to stay whereever you are at. Marc From: Cisco Nuts Reply-To: Cisco Nuts To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 16:54:41 -0500 That's right. A CCNA could potentially make more than $50K (with skills though) Here is what I don't understand: Jason states that his company is looking(note) for people while Sean mentions that you do have to actually sign up(note) for their program which he adds is not cheap?? So basically, looks like people will first have to shell out this huge dough out of their pocket to get an intership thru this company. From: Steven A. Ridder Reply-To: Steven A. Ridder To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 15:50:16 -0500 A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will weunfortunate ones be indebted to your gracious company? :-)Can you clarify this?? From: Jason LeeReply-To: Jason LeeTo: [EMAIL PROTECTED]Subject: CISCO INTERNSHIP.CCIE. [7:36091]Date: Thu, 21 Feb 2002 13:40:20 -0500Hi all,My name is Jason Lee I currently work for ICTP located in anaheimcaliforniawe are currently looking for few candidates to go through our very intensecisco training, also to note that upon finishing the program CEA (ciscoexpert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you,or if you need a lab to study for the ccie or ccnp please give me a call.Jason LeeIT specialist 714-783-1083www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. misconduct and Nondisclosure violations to [EMAIL PROTECTED] Get your FREE download of MSN Explorer at http://explorer.msn.com. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36119t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hop count in EIGRP? [7:36082]
I have seen references to EIGRP hop count limits before. As I mentioned in my first post, that seems related to Appletalk and IPX support. However, a 'sh ip prot' will indeed produce a line that stated EIGRP maximum hopcount 100. Thus far, I haven't been able to find a command to change that value. Interesting. Scott Well, a little messing around with the command line produced this: p1r1(config-router)#metric ? holddown Enable IGRP holddown maximum-hops Advertise IGRP routes greater than as unreachable weights Modify IGRP metric coefficients Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36120t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hop count in EIGRP? [7:36082]
Well, a little messing around with the command line produced this: p1r1(config-router)#metric ? holddown Enable IGRP holddown maximum-hops Advertise IGRP routes greater than as unreachable weights Modify IGRP metric coefficients However, setting the max-hops metric and then exceeding that value seems to cause routes to disappear - even if only running EIGRP. So this appears to be a true-blue hop count limit for EIGRP. Is it just me or does there seem to be a bit of inconsistency in the description and the functionality of this command? Note: This appears to impact only incoming routes and not outgoing. That makes sense I guess but just thought I would throw that out there. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36121t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CISCO INTERNSHIP.....CCIE..... [7:36091]
I would have to assume that your ccna candidates are paid well then..Most places in the midwest pay ccnp people about 60K or so...as far as training I have not been seeing many people in the last few classes I have attended. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steven A. Ridder Sent: Thursday, February 21, 2002 1:35 PM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Well in the good old days of the economy, I made more than that even before becoming a CCNA. I would never settle for 50k, even in this econ., especially as a CCIE. Plus, a CCIE IMO should already have exp., and lots of it. Otherwise it defeats the purpose of becoming a CCIE - cisco certified internet EXPERT! -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A CCNA with little or no experience? Hardly. He's lucky to even land a job right now. I think this intern program is aimed at people new to the field. -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 12:50 PM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36123t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Access list question [7:36124]
can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36124t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list question [7:36124]
Justin M. Clark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36125t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list question [7:36124]
If you're on your lan and go to an external website, you presumably want the data to be able to get back to you, you dont want to write a permit statement for the return traffic of every site people visit. This allows tcp traffic from any ip to any ip in the direction implied in the config. Brian On Thu, 21 Feb 2002, Justin M. Clark wrote: can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36126t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access list question [7:36124]
Justin, This is typically used in an Internet/NAT situation where you are allowing something from the Internet to come back in, only if it's a reply to a request that originated from inside your network. For instance, with a router connected to the Internet, you typically want an access-list applied to your Internet-facing port that denies incoming traffic, as you don't want them trying to walk all over your router or network. However, this same access list will drop valid replies to requests from clients inside your network, i.e. http replies, etc. With the 'established' option, you can tell the router with access lists drop everything inbound from the Internet, except replies to requests made from inside my network. Typically, people do this because they don't want to pay for a firewall, but this isn't the best thing to do. If you need to set this up for someone for Internet access, you need to dig a little deeper into it because if my memory serves me right, this command may or may not work with UDP traffic and only TCP traffic. I'm not sure and might be totally wrong, so you need to check. Hope this helps, Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36127t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list question [7:36124]
Or for a better explanation, see the ack bit discussion on http://www.daemon.org/tcp.html. Brian On Thu, 21 Feb 2002, Justin M. Clark wrote: can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36128t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CISCO INTERNSHIP.....CCIE..... [7:36091]
In MA we have a high cost of living, so maybe that explains it. Larry Letterman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I would have to assume that your ccna candidates are paid well then..Most places in the midwest pay ccnp people about 60K or so...as far as training I have not been seeing many people in the last few classes I have attended. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steven A. Ridder Sent: Thursday, February 21, 2002 1:35 PM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Well in the good old days of the economy, I made more than that even before becoming a CCNA. I would never settle for 50k, even in this econ., especially as a CCIE. Plus, a CCIE IMO should already have exp., and lots of it. Otherwise it defeats the purpose of becoming a CCIE - cisco certified internet EXPERT! -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A CCNA with little or no experience? Hardly. He's lucky to even land a job right now. I think this intern program is aimed at people new to the field. -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 12:50 PM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] A CCNA makes more than 50k. And you wouldn't have to pay your company to work for them and get training. Most companies pay you and pay for your training. -- RFC 1149 Compliant. Sean Knox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I've taken some classes at ICTP. From what I gather, their CCIE intern program works like this: you sign up for their CCIE program (which is not cheap I should add) and when you pass your CCIE written/lab (I vaguely remember that the CCIE written pass is all you need), you can work as a subcontractor for ICTP. You make substantially less money than a CCIE is worth, (I believe around $50,000, don't quote me on that) but for those with little or no experience (i.e., people enrolling in this program), it works out really well. Hopefully Mr. Lee could explain the program more in detail. - Sean -Original Message- From: Brian [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: Re: CISCO INTERNSHIP.CCIE. [7:36091] Perhaps its a new look on recruiting, they train u, get a slice of the dough for awhile?? Just speculating of course.. Brian On Thu, 21 Feb 2002, Cisco Nuts wrote: And upon finishing the program, how many years of slavery will we unfortunate ones be indebted to your gracious company? :-) Can you clarify this?? From: Jason Lee Reply-To: Jason Lee To: [EMAIL PROTECTED] Subject: CISCO INTERNSHIP.CCIE. [7:36091] Date: Thu, 21 Feb 2002 13:40:20 -0500 Hi all, My name is Jason Lee I currently work for ICTP located in anaheim california we are currently looking for few candidates to go through our very intense cisco training, also to note that upon finishing the program CEA (cisco expert academy)you can be eligible for an internship... we have information session going on every other friday, so if this sounds interesting to you, or if you need a lab to study for the ccie or ccnp please give me a call. Jason Lee IT specialist 714-783-1083 www.ICTP.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36130t=36091 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Another access list question [7:36131]
I have the following access list and am trying to make since of it. Here is what I have sofar with what I think the line does. 1. access-list 101 deny icmp any any redirect stop all redirects 2. access-list 101 deny icmp any any echo stop ping 3. access-list 101 deny ip 127.0.0.0 0.255.255.255 any stop localhost from going anywhere 4. access-list 101 deny ip 224.0.0.0 31.255.255.255 any stop private address from going anywhere 5. access-list 101 deny ip xxx.xxx.40.0 0.0.0.255 any stop xxx.xxx.40.0/24 from getting to anything 6. access-list 101 permit tcp any any eq telnet permit telnet from anywhere 7. access-list 101 permit tcp any any established permit anything from established connection 8. access-list 101 permit tcp any host xxx.xxx.43.133 eq smtp permit anyone to xxx.xxx.43.113 port 25 9. access-list 101 permit tcp any host xxx.xxx.43.133 eq pop3 permit anyone to xxx.xxx.43.113 port 110 10. access-list 101 permit tcp any host xxx.xxx.43.133 eq ftp permit anyone to xxx.xxx.43.113 port 21 11. access-list 101 permit ip host XXX.152.0.8 any permit external dns servers to go anywhere 12. access-list 101 permit ip host XXX.152.16.8 any permit external dns servers to go anywhere 13. access-list 101 permit tcp any host xxx.xxx.43.134 eq www permit anyone to xxx.xxx.43.134 port 80 14. access-list 101 permit tcp any host xxx.xxx.43.134 eq 443 permit anyone to xxx.xxx.43.134 port 443 15. access-list 101 permit icmp any any permit ping from anywhere to anywhere this is applied to a serial interface in. we have external DNS and internal SMTP and POP3 and WWW the lines that are confusing me are 1, 2, and 15 it looks to me that at first it is denying redirects and ping but then on line 15 it permits everything. is this correct? Also, if you notice anything else that i don't have right could you please mention it as well. thanks, Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36131t=36131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list question [7:36124]
I can get through it by just setting the ack bit in the IP packet on. That's all it check for. Not very secure. Justin M. Clark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36132t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another access list question [7:36131]
the last line doesnt permit everything, just icmp packets that are not echo request, since those will be dropped by the second line. Looks like the icmp approach is block ping, permit other icmp, which is a common approach. First match wins.. Bri On Thu, 21 Feb 2002, Justin M. Clark wrote: I have the following access list and am trying to make since of it. Here is what I have sofar with what I think the line does. 1. access-list 101 deny icmp any any redirect stop all redirects 2. access-list 101 deny icmp any any echo stop ping 3. access-list 101 deny ip 127.0.0.0 0.255.255.255 any stop localhost from going anywhere 4. access-list 101 deny ip 224.0.0.0 31.255.255.255 any stop private address from going anywhere 5. access-list 101 deny ip xxx.xxx.40.0 0.0.0.255 any stop xxx.xxx.40.0/24 from getting to anything 6. access-list 101 permit tcp any any eq telnet permit telnet from anywhere 7. access-list 101 permit tcp any any established permit anything from established connection 8. access-list 101 permit tcp any host xxx.xxx.43.133 eq smtp permit anyone to xxx.xxx.43.113 port 25 9. access-list 101 permit tcp any host xxx.xxx.43.133 eq pop3 permit anyone to xxx.xxx.43.113 port 110 10. access-list 101 permit tcp any host xxx.xxx.43.133 eq ftp permit anyone to xxx.xxx.43.113 port 21 11. access-list 101 permit ip host XXX.152.0.8 any permit external dns servers to go anywhere 12. access-list 101 permit ip host XXX.152.16.8 any permit external dns servers to go anywhere 13. access-list 101 permit tcp any host xxx.xxx.43.134 eq www permit anyone to xxx.xxx.43.134 port 80 14. access-list 101 permit tcp any host xxx.xxx.43.134 eq 443 permit anyone to xxx.xxx.43.134 port 443 15. access-list 101 permit icmp any any permit ping from anywhere to anywhere this is applied to a serial interface in. we have external DNS and internal SMTP and POP3 and WWW the lines that are confusing me are 1, 2, and 15 it looks to me that at first it is denying redirects and ping but then on line 15 it permits everything. is this correct? Also, if you notice anything else that i don't have right could you please mention it as well. thanks, Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36133t=36131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list question [7:36124]
packets coming into the router that are part of a session initiated from within. I'm sure someone came be more eloquent in describing it though:) Dave Justin M. Clark wrote: can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36134t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list question [7:36124]
Which is why most people who are concerned use firewalls that actually keep a table of open connections. Brian On Thu, 21 Feb 2002, Steven A. Ridder wrote: I can get through it by just setting the ack bit in the IP packet on. That's all it check for. Not very secure. Justin M. Clark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36135t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Re: China/Cisco connection [7:35946]
I only agree partially. On the other hand, US government put censorship on the whole Internet, if anyone could remember what happened during US bombing of the Serbs. The news said that a virus sent NATO secrets to an ICQ site, which was quickly deleted by an USA robot, and the robot notified government angecies of the discovery and the results. The same news claimed that the whole Internet is been checked every 10 minutes by various government programs. From TV, FRI (or CIA) experts publicly demostrated how they could trace a message from one end of the world to another end of the world. There was another news said that US government put on filters on Internet to search keywords, such as weapon. Since I am too old to be naive, I wonder what else would be on the filter list, or inside the robot programs. Let's hope whoever has the power to control information on Internet only do it for legitimate purpose. But, I know that I asked for too much. Tony Dominick Marino wrote: I agree with Joseph Brunner. To compare the two is absurd! The Chinese will use the technology to suppress the truth from becoming known to the people ( peasants to the elite). It is also a good way to find the subversives and eliminate them. As for the US government monitoring the traffic, I doubt that they plan on killing anyone for their selection of web sites. Unless they are terrorists, then, if they want, I will supply the bullets myself. Dom Marino B.J. Wilson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... An interesting article I came across this morning: http://www.weeklystandard.com/Content/Public/Articles/000/000/000/922dgmtd.a sp Comments? -- __ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36137t=35946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX 520 ---no console access [7:36138]
Hi All, I recently upgraded Flash and RAM on a Cisco PIX 520 and it worked fine for a week.After a week or so in production it suddenly stopped , rebooted but no luck, I could not even console into it.What happend is after some time I had the console access again and everything is fine, no errors.Its behaviour is intermittent. One thing I also noticed is that when I don't have console access, It doesn't check the floppy drive which it normally does. Any sugessions? Sunil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36138t=36138 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another access list question [7:36131]
Thats, that just slipped my mind. Justin Brian wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... the last line doesnt permit everything, just icmp packets that are not echo request, since those will be dropped by the second line. Looks like the icmp approach is block ping, permit other icmp, which is a common approach. First match wins.. Bri On Thu, 21 Feb 2002, Justin M. Clark wrote: I have the following access list and am trying to make since of it. Here is what I have sofar with what I think the line does. 1. access-list 101 deny icmp any any redirect stop all redirects 2. access-list 101 deny icmp any any echo stop ping 3. access-list 101 deny ip 127.0.0.0 0.255.255.255 any stop localhost from going anywhere 4. access-list 101 deny ip 224.0.0.0 31.255.255.255 any stop private address from going anywhere 5. access-list 101 deny ip xxx.xxx.40.0 0.0.0.255 any stop xxx.xxx.40.0/24 from getting to anything 6. access-list 101 permit tcp any any eq telnet permit telnet from anywhere 7. access-list 101 permit tcp any any established permit anything from established connection 8. access-list 101 permit tcp any host xxx.xxx.43.133 eq smtp permit anyone to xxx.xxx.43.113 port 25 9. access-list 101 permit tcp any host xxx.xxx.43.133 eq pop3 permit anyone to xxx.xxx.43.113 port 110 10. access-list 101 permit tcp any host xxx.xxx.43.133 eq ftp permit anyone to xxx.xxx.43.113 port 21 11. access-list 101 permit ip host XXX.152.0.8 any permit external dns servers to go anywhere 12. access-list 101 permit ip host XXX.152.16.8 any permit external dns servers to go anywhere 13. access-list 101 permit tcp any host xxx.xxx.43.134 eq www permit anyone to xxx.xxx.43.134 port 80 14. access-list 101 permit tcp any host xxx.xxx.43.134 eq 443 permit anyone to xxx.xxx.43.134 port 443 15. access-list 101 permit icmp any any permit ping from anywhere to anywhere this is applied to a serial interface in. we have external DNS and internal SMTP and POP3 and WWW the lines that are confusing me are 1, 2, and 15 it looks to me that at first it is denying redirects and ping but then on line 15 it permits everything. is this correct? Also, if you notice anything else that i don't have right could you please mention it as well. thanks, Justin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36139t=36131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX 520 ---no console access [7:36138]
Sunil - Open up the PIX. Remove the flash card and the RAM. Re-install the flash card and the RAM. See if that does the trick. If not, replace the RAM. TC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36140t=36138 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Practical Volume I [7:36060]
Is this book good for the written exam too? Where's the cheapest place to pick it up at? TC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36141t=36060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: China/Cisco connection [7:35946]
It's a rumor. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I only agree partially. On the other hand, US government put censorship on the whole Internet, if anyone could remember what happened during US bombing of the Serbs. The news said that a virus sent NATO secrets to an ICQ site, which was quickly deleted by an USA robot, and the robot notified government angecies of the discovery and the results. The same news claimed that the whole Internet is been checked every 10 minutes by various government programs. From TV, FRI (or CIA) experts publicly demostrated how they could trace a message from one end of the world to another end of the world. There was another news said that US government put on filters on Internet to search keywords, such as weapon. Since I am too old to be naive, I wonder what else would be on the filter list, or inside the robot programs. Let's hope whoever has the power to control information on Internet only do it for legitimate purpose. But, I know that I asked for too much. Tony Dominick Marino wrote: I agree with Joseph Brunner. To compare the two is absurd! The Chinese will use the technology to suppress the truth from becoming known to the people ( peasants to the elite). It is also a good way to find the subversives and eliminate them. As for the US government monitoring the traffic, I doubt that they plan on killing anyone for their selection of web sites. Unless they are terrorists, then, if they want, I will supply the bullets myself. Dom Marino B.J. Wilson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... An interesting article I came across this morning: http://www.weeklystandard.com/Content/Public/Articles/000/000/000/922dgmtd. a sp Comments? -- __ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36142t=35946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
https to log in to a router - Possible?? [7:36143]
Hello, Is it possible to use https:// to access a router? I have just been thinking about this and would like to know if and how it would indeed be possible? An acl permitting 443 would not work as it is not for traffic originating from the router itself, correct? Is there like a access-class cmd. for https at all? Thank you. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36143t=36143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hop count in EIGRP? [7:36082]
to augment the other answers, the IP hop count is really the IP TTL value. It can never exceed 255 EIGRP defaults to 100 hops, so I would expect that the routing packet IP TTL is set at 100 at that point. Well ( checking the sniffer trace that Priscilla so thoughtfully supplied a couple of days ago ) I'm seeing the IP TTL as 2. Still, maybe there is an adjustment made. After all, the (E)IGRP metric includes end to end metrics. hhmmm... ( looking over Priscilla's trace again ) way down there I see an EIGRP hop count 0 line. the IP TTL is still really the only thing that makes sense in terms of the way IP works. Anyone? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone know why there is a hop-count in EIGRP? It has a 1 byte value, but it doesn't limit the number of hops and it looks like routers don't use it in their calculations. Why is it there? -- RFC 1149 Compliant. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36145t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: https to log in to a router - Possible?? [7:36143]
The router would have to have a web server with ssl built in, and I don't believe Cisco's do. Cisco Nuts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, Is it possible to use https:// to access a router? I have just been thinking about this and would like to know if and how it would indeed be possible? An acl permitting 443 would not work as it is not for traffic originating from the router itself, correct? Is there like a access-class cmd. for https at all? Thank you. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36146t=36143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access list question [7:36124]
That's a good conceptual explanation. I would add that technically, it allows TCP packets that have the ACK bit set. In other words, it allows packets that are acknowledging another packet. That means it would not allow an incoming SYN used to set up a session, but it would allow a reply to a SYN that already happened. Priscilla At 06:26 PM 2/21/02, David Jones wrote: Justin, This is typically used in an Internet/NAT situation where you are allowing something from the Internet to come back in, only if it's a reply to a request that originated from inside your network. For instance, with a router connected to the Internet, you typically want an access-list applied to your Internet-facing port that denies incoming traffic, as you don't want them trying to walk all over your router or network. However, this same access list will drop valid replies to requests from clients inside your network, i.e. http replies, etc. With the 'established' option, you can tell the router with access lists drop everything inbound from the Internet, except replies to requests made from inside my network. Typically, people do this because they don't want to pay for a firewall, but this isn't the best thing to do. If you need to set this up for someone for Internet access, you need to dig a little deeper into it because if my memory serves me right, this command may or may not work with UDP traffic and only TCP traffic. I'm not sure and might be totally wrong, so you need to check. Hope this helps, Dave Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36147t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
cipt [7:36148]
Anyone take this yet..What is passing..What are some key areas to study.. Thanks Tony Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36148t=36148 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access list question [7:36124]
IP doesn't have an ACK bit. You mean TCP. Picky, picky, I know. ;-) Priscilla At 07:00 PM 2/21/02, Steven A. Ridder wrote: I can get through it by just setting the ack bit in the IP packet on. That's all it check for. Not very secure. Justin M. Clark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... can someone explain to me exactly what this line means: access-list 101 permit tcp any any established thanks Justin Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36149t=36124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Re: China/Cisco connection [7:35946]
At 07:13 PM 2/21/02, [EMAIL PROTECTED] wrote: Let's hope whoever has the power to control information on Internet only do it for legitimate purpose. That would be nobody. (at least in most countries ;-) It's out of control. But, I know that I asked for too much. Tony Dominick Marino wrote: I agree with Joseph Brunner. To compare the two is absurd! The Chinese will use the technology to suppress the truth from becoming known to the people ( peasants to the elite). It is also a good way to find the subversives and eliminate them. As for the US government monitoring the traffic, I doubt that they plan on killing anyone for their selection of web sites. Unless they are terrorists, then, if they want, I will supply the bullets myself. Dom Marino B.J. Wilson wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... An interesting article I came across this morning: http://www.weeklystandard.com/Content/Public/Articles/000/000/000/922dgmtd.a sp Comments? -- __ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36150t=35946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hop count in EIGRP? [7:36082]
At 08:05 PM 2/21/02, Chuck wrote: to augment the other answers, the IP hop count is really the IP TTL value. It can never exceed 255 You're confusing two issues. Remember the router has two jobs: forwarding packets and learning the topology. Hop count has to do with the latter and affects what goes in the routing table. The IP TTL causes a router to drop a packet before forwarding if the TTL becomes zero. EIGRP defaults to 100 hops, so I would expect that the routing packet IP TTL is set at 100 at that point. Routing packets only go to neighbors. The IP TTL should be set to one or two. This has nothing to do with hop count which will be later in the packet in the distance vectors. Well ( checking the sniffer trace that Priscilla so thoughtfully supplied a couple of days ago ) I'm seeing the IP TTL as 2. Still, maybe there is an adjustment made. After all, the (E)IGRP metric includes end to end metrics. hhmmm... ( looking over Priscilla's trace again ) way down there I see an EIGRP hop count 0 line. The router was advertising a directly-connected network. the IP TTL is still really the only thing that makes sense in terms of the way IP works. In terms of forwarding maybe. You better reconsider routing protocols though... Priscilla Anyone? Chuck Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone know why there is a hop-count in EIGRP? It has a 1 byte value, but it doesn't limit the number of hops and it looks like routers don't use it in their calculations. Why is it there? -- RFC 1149 Compliant. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36151t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hop count in EIGRP? [7:36082]
At 05:45 PM 2/21/02, s vermill wrote: Well, a little messing around with the command line produced this: p1r1(config-router)#metric ? holddown Enable IGRP holddown maximum-hops Advertise IGRP routes greater than as unreachable weights Modify IGRP metric coefficients However, setting the max-hops metric and then exceeding that value seems to cause routes to disappear - even if only running EIGRP. So this appears to be a true-blue hop count limit for EIGRP. Is it just me or does there seem to be a bit of inconsistency in the description and the functionality of this command? I think the description is wrong in a couple ways. First of all, it actually affects EIGRP too, not just IGRP. Secondly, it sounds like a RIP sort of explanation where a router announces that a route is unreachable by announcing a hop count of 16 (infinity). IGRP and EIGRP don't do that. They announce that the delay is infinite. When they do this, they don't increase the hop count. If there were a loop, on the other hand, the hop count would increase. Although that shouldn't happen, I think I remember hearing that it's one more reason to have a hop count in IGRP and EIGRP. The protocol developers were pretty paranoid about avoiding routing loops. If a router notices an increasing hop count, it puts the route in holddown. Now, I need some hops after this discussion! ;-) Priscilla Note: This appears to impact only incoming routes and not outgoing. That makes sense I guess but just thought I would throw that out there. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36153t=36082 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Autonomous-system command [7:36067]
John, I don't know if you found an answer. Looks like this command is used to specify your AS number when you are running EGP, which is something like the precursor to BGP. There is actually a chapter on this in Doyle's Routing TCP/IP Volume II, chapter 1. HTH. From CCO: autonomous-system (EGP) Use the autonomous-system global configuration command to specify the local autonomous system that the router resides in for EGP. To remove the AS number, use the no autonomous-system command. autonomous-system local-as no autonomous-system local-as Syntax Description local-as Local autonomous system (AS) number to which the router belongs. Default None Command Mode Global configuration Usage Guidelines Before you can set up EGP routing, you must specify an autonomous system number. The local AS number will be included in EGP messages sent by the router. Example The following sample configuration specifies an autonomous system number of 110: autonomous-system 110 Related Command router egp -Original Message- From: John Neiberger To: [EMAIL PROTECTED] Sent: 2/21/2002 10:39 AM Subject: Autonomous-system command [7:36067] In 12.2(3) I just ran across the following global configuration command: autonomous-system [AS] Router(config)#? Configure commands: aaa Authentication, Authorization and Accounting. access-list Add an access list entry alias Create command alias alpsConfigure Airline Protocol Support apollo Apollo global configuration commands appletalk Appletalk global configuration commands arapAppletalk Remote Access Protocol arp Set a static ARP entry async-bootp Modify system bootp parameters autonomous-system Specify local AS number to which we belong I can't find this command in the master indexes and I've done a google search on CCO and wasn't able to find it. Any idea what this command might be used for? John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36154t=36067 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: https to log in to a router - Possible?? [7:36143]
Hum! Suprisingly it has the http built-in. I would think that they should have implemented ssl functionality in the code than http From: Steven A. Ridder Reply-To: Steven A. Ridder To: [EMAIL PROTECTED] Subject: Re: https to log in to a router - Possible?? [7:36143] Date: Thu, 21 Feb 2002 20:22:00 -0500 The router would have to have a web server with ssl built in, and I don't believe Cisco's do. Cisco Nuts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, Is it possible to use https:// to access a router? I have just been thinking about this and would like to know if and how it would indeed be possible? An acl permitting 443 would not work as it is not for traffic originating from the router itself, correct? Is there like a access-class cmd. for https at all? Thank you. _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36156t=36143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Console speed [7:36155]
Re-start the router then BREAK it during it boot up and enter rommonconfig it will ask you question one by one... choose the option of different console=speed here then reboot the machine again. NK Sat wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi guys, I am not able to change the console speed of my 7204 VXR at all.I wanted it at 115200 to do a xmodem But it just cannot beyond 9600 What am i missing here. r7#line con 0 r7(config-line)#speed 0 Failed to change line 0's speed Does 7204 VXR console cannot go beyond 9600 ? Please advise Thanks _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36157t=36155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]