Re: read and not write TOS [7:36946]
I said special switch: it is a switch with ethernet ports and voice ports, with the voice processor and its stack. So, I can program the special switch in order to set the TOS (layer 3) per port basis and the COS (layer 2) per port basis. What happens to my packet (or frames) when I connect this switch to a router (827 per adsl) or to a layer 3 catalyst for different design? - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 01, 2002 6:05 PM Subject: Re: read and not write TOS [7:36946] I don't think you can set the ToS bits on a switch. You can only set the CoS bit and the CoS will not be translated to a ToS on router unless you force it to in the configuration. ToS is a layer 3 function and CoS is a layer 2 function From: TP Reply-To: TP To: [EMAIL PROTECTED] Subject: read and not write TOS [7:36946] Date: Fri, 1 Mar 2002 06:14:30 -0500 Dear group, i have the following situation: a special switch connected to a cisco router via ethernet interface. This switch is enable to set TOS based on its ports. I'd like to configure the router in order to have different queuing based on the TOS (two or three queues). The router should read (and NOT write) the TOS and priorituze the traffic with the higher TOS: is it possible? If yes, maybe with access-list or samething different, can you provide the proper command lines? Thanks in advance Teresa _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37136t=36946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Lab Rat [7:37130]
i agree. that 'lab rat' bullshit has been created by cisco engineers fearful of their status/positions because nowadays anyone get reasonable proficient at cisco routing and switching - which SHOULD be the case!! I remember people (and they still do) cryin' the frickin' blues beacuse people were paper certified, and that they had no hands-on experience. Well, now that they are getting hands-on experience albeit in a lab environment (which is in some cases presents a more convoluted routing and switching environment because it allows them to set the level of complexity depending on the amount and type of lab equipment...phew - long comment) - they have the audacity to label them 'lab rats' - honestly i think these fucks expect you to be born with this knowledge!! By all means get stuck into your lab - get your CCNP, go for the CCIE and improve your standard of living - after all that's what this is all about - don't let a bunch of narrow-minded, paranoid, tall-poppy syndrome minded dicks dictate what you should or should not do. B Rudy wrote in message news:[EMAIL PROTECTED]; Hey guys, I have been looking for a job for the past 8 months. I decided to get some professional Cisco training since the market was doing so badly. I have read some message boards talking about CCIE lab rats, and how they are a disgrace.. I dont want to be looked at like that. I have purchased a year of training where I can utilize all the Cisco equipment they have on their premises. I am going to be a lab rat for a while.. Will i be able to find a job once i am a ccnp and proficcient with Cisco and their equipment?? That lab rat being a disgrace comment is totally absurd my bio: B.S in Telecommunications No experience in the field-but a lot in the labs CCDA CCNA Network+ MCSE 2k LPI 1 A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37137t=37130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE strategy [7:37127]
All answers can be found on Cisco's website. If you do not have it already get a CCO account!!!. Goto http://www.cisco.com/warp/public/625/ccie/certifications/routing.html Has the answers you are wanting except for strategy. I see training the same way you build a house. Lay the Foundation FIRST. Without a good foundation the house will not stand the test of time. I think the Foundation will also reinforce your perceived strengths and weaknesses. At this point, I would spend the bulk of your time with the weaker area and still spend time shapening your strengths. My $0.02 worth Through Complexity there is Simplicity, Through Simplicity there is Complexity David L. Blair - CCNP, CCNA, MCSE, CBE, CIW Associate, A+, 3Wizard Karl Thrasher wrote in message news:[EMAIL PROTECTED]; I have decided to proceed with working on my written CCIE. I was wondering what gameplans any of you already certified CCIE's took. Did you start on some of your weaker topics, or start from general reading then narrow to the specific? Did you just read from a recommended reading list,etc...? The reason I'm asking is that I want to make sure I cover all my bases and all the test's topics. Does anyone have a recommended reading list or should I just do a search on CCIE at CiscoPress and read them all? Thanks, Karl. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37139t=37127 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CID exam has changed [7:37074]
I also took it last week, after 2/25/02, and noticed no changes from the objective list prior to the date that you have stated. While there are some changes on the objectives listed on the website, now, ATM ATM LANE are still mentioned as objective categorys. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37140t=37074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 3508G XL , 2950T-24 [7:37098]
I wouldn't upgrade the IOS. We had a 3550 that was doing the same thing (GBIC not blinking at all). We called into TAC and got a replacement. We did the upgrade first and when the switch would boot it would no recognize the Ethernet controller. It may be different for you since you have a 3508. I guess you would need to ask yourself do I feel lucky? Good Luck, Chuck Collins -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 10:33 AM To: [EMAIL PROTECTED] Subject: Catalyst 3508G XL , 2950T-24 [7:37098] Dear all I need clarification regarding these two points thanking your help in proceed, First point: We have Catalyst 3508G XL , 8 GBIC slots , 12.0(5.2)XU IOS software. We tried to make operate it but the GBIC was not blinking at all , as I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/ins tnot e.htm , I got conclusion that the switches detect and enable the GBIC only when they are running the minimum software releases which in case of Catalyst 3508G XL Cisco the minimum IOS Release is 12.0(5)XW , so in order to enable the GBIC we have to upgrade the IOS software from 12.0(5.2)XU to 12.0(5)XW . Second point: we have Catalyst 2950T-24 Switch-24 10/100 ports and 2 fixed 10/100/1000BaseT uplink ports, IOS available 12.0(5.3)WC(1). As I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/2950_wc/1169 303. htm , I got conclusion that we do not have to upgrade the ios image because the ios will support the following: Catalyst 2950T-24 24 fixed autosensing 10/100 ports and 2 fixed autosensing 10/100/1000 Ethernet ports. please tell me if there is something missing here , the equipment is placed far away from our office we need to put the network on there as soon as possible , in case we have to upgrade the ios of the any platform then please let us go ahead solving this issue. Warm regards, Ismail Al-shelh Network Engineer [GroupStudy.com removed an attachment of type application/ms-tnef] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37141t=37098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
basic OSPF questions [7:37142]
1) A loopback address is normally advertised by OSPF as a host route. The command ip ospf network point-to-point enables one to specify that the interface should be advertised as a subnet route. What are the benefits for doing this? 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? 3) In the Exstart phase, how is the master selected? Chappel's book says RID while Doyle's say highest interface IP address. Which is it? 4) I'm somewhat unclear on the Exchange and the Loading states. When a router goes into Exchange state, does it send all DDPs it knows about before processing any DDPs received from other adjancent neighbors? Thus, a router goes into Exchange state, sends all DDPs it knows about, then goes into Loading state, where it issues LSRs for LSAs it wants more details on? Is this the process? 5) Is there a difference between DBD and DDP packets? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37142t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 1924 Switch Problem [7:37058]
Have you tried restoring the switch to it's default settings? go to this link http://www.cisco.com/warp/public/474/pswdrec_2800.shtml When you go thru the Password recovery procedures, the switch will default to 9600,8N1 I believe also, their may be a little reset button on the back of the switch next to the console port that has a reset button to reset the port to 9600,8N1. You could try that as well to make sure. Hope that helps. Woody CCNP -Original Message- From: martijn michiel [mailto:[EMAIL PROTECTED]] Sent: Saturday, March 02, 2002 11:29 AM To: [EMAIL PROTECTED] Subject: RE: Cisco 1924 Switch Problem [7:37058] Best to go with an adapter: See pinout: http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/6700/iad1101/ca ble.htm#xtocid296711 Martijn Jansen _ Meld je aan bij de grootste e-mailservice wereldwijd met MSN Hotmail: http://www.hotmail.com/nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37144t=37058 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
mac address searcher [7:37143]
Guys, you assistance if you please.. i am looking for a new tool to help me automate a task... i work for a global company with multiple it teams,who like to move multiple it servers willy-nilly... i suppport the switches 65`s but due to politics i am not allowed to set port secuirty on them... is there any tool out there that will queiry a cisco switch and tell me if it has a MAC record in its cam table.. i have got 60 65`s in 18 different MAN locations...and christ knows how many servers... it`s just i am lazy and dont want to keep typing Sh ip arp and sh cam dyn all the time... any help would be great. TIA steve _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp; Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37143t=37143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Well it's my turn...CCIE#8878 [7:37145]
With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37145t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
hey norco [7:37146]
hey norco...that was a great post..ye..those guys who brought up the term lab rats really think that you should have been born with that knowledge. apart from that, yes its all about improving your standard of living and a lot more things exterior to one's work. cya. norco wrote: i agree. that 'lab rat' bullshit has been created by cisco engineers fearful of their status/positions because nowadays anyone get reasonable proficient at cisco routing and switching - which SHOULD be the case!! I remember people (and they still do) cryin' the frickin' blues beacuse people were paper certified, and that they had no hands-on experience. Well, now that they are getting hands-on experience albeit in a lab environment (which is in some cases presents a more convoluted routing and switching environment because it allows them to set the level of complexity depending on the amount and type of lab equipment...phew - long comment) - they have the audacity to label them 'lab rats' - honestly i think these fucks expect you to be born with this knowledge!! By all means get stuck into your lab - get your CCNP, go for the CCIE and improve your standard of living - after all that's what this is all about - don't let a bunch of narrow-minded, paranoid, tall-poppy syndrome minded dicks dictate what you should or should not do. B Rudy wrote in message news:[EMAIL PROTECTED]; Hey guys, I have been looking for a job for the past 8 months. I decided to get some professional Cisco training since the market was doing so badly. I have read some message boards talking about CCIE lab rats, and how they are a disgrace.. I dont want to be looked at like that. I have purchased a year of training where I can utilize all the Cisco equipment they have on their premises. I am going to be a lab rat for a while.. Will i be able to find a job once i am a ccnp and proficcient with Cisco and their equipment?? That lab rat being a disgrace comment is totally absurd my bio: B.S in Telecommunications No experience in the field-but a lot in the labs CCDA CCNA Network+ MCSE 2k LPI 1 A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37146t=37146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Well it's my turn...CCIE#8878 [7:37145]
too good man.. those numbers are real growing now.. good job. congrats Richard Newman wrote: With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37147t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISP Question [7:37006]
OK, well first let me explain my idea for an ISP isn't to sell dial up, or internet access. I already sell devices that use a dial up. I work for a company so they worry about the business plan. I already checked out where to buy a block of IP addresses, the min you can buy direct is /20 or 4096 public IPs. I know it sounds like a strange idea for you to start my own ISP. Also I wanted to mention that Cisco press is coming out with a new book about Starting an ISP ISP Essentials in April. I am trying to find more out about the book. I know it has a lot of stuff about the features of IOS for ISPs. I guess the book is really what I need. I would also need my own ASN. The /20 block of registered IPs would not be routable, I assume because they are not attached to anyones ASN. So I would have to register my own ASN. And of course I would need a connection to an ISP backbone. Please don't think I am Ignorant and think it is as easy as buying a few routers. I am trying to come up with an estimate for how much it would cost to start an ISP. Like for instance the block of IPs would be $3000 a year, another cost would be the modem board, the routers etc. Thanks for your help. -Original Message- From: Schneider, Matt [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 5:49 PM To: [EMAIL PROTECTED] Subject: RE: ISP Question [7:37006] I'm in -Original Message- From: Craig Columbus To: [EMAIL PROTECTED] Sent: 3/3/2002 5:05 PM Subject: Re: ISP Question [7:37006] Ok, I'll bite... Don't start buying equipment yet. The technical component of an ISP is only one very small part of a big picture. If you're seriously thinking about starting an ISP, you first need to write a business plan that delineates your idea, your potential market, your competition, your management team, your organizational structure, your cashflow analysis, your initial funding, and your exit strategy. This includes a full and honest SWOT (strengths, weaknesses, opportunities, and threats) analysis. Once you've refined your plan, show it to people who know a lot more about running a business than you do. Go visit SCORE (look them up in the phone book) and be prepared to rewrite everything you've written. Once you've got a final product, then you're going to need funding. Remember, you need to account for more than the technical equipment. You'll have to consider rents, leases, insurance, utilities, payroll, taxes, etc. Once you've got the funding, you can bring on qualified management and engineers (read experienced in this field) and let them decide on the particular equipment you'll need. If this sounds like too much to tackle, then you're not ready to run your own business. On the other hand, if you're financially well off (rich) and are determined to go forward anyway, I'll be glad to walk you down the path for a fee. ;-) Good luck, Craig At 02:35 PM 3/1/2002 -0500, you wrote: Does anyone have a list of equipment for a company to become and ISP? I also want to buy a class of IP addresses and host them myself. Is there a link on Cisco to help someone like myself get started. Any help on this topic would be appreciated. I really don't know where to start Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37148t=37006 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Well it's my turn...CCIE#8878 [7:37145]
Congratulations. -- James Haynes Network Architect Cendant IT A+,MCSE,CCNA,CCDA,CCNP,CCDP, CQS-SNA/IPSS Richard Newman wrote in message news:[EMAIL PROTECTED]; With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37149t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2501 console port doesn't respond to reverse telnet connection [7:37150]
I have a 2501 router whose console (and aux) port doesn't respond when connected to a 2511 and accessed via reverse telnet. The 2511 reports the connection is open, but I never get back a prompt from the 2501. The console port works when directly connected to the serial port of my laptop. Also, I've switched cables between the problem 2501 and other routers in my lab, and the problem follows the 2501, not the cable nor the line on the 2511. I've tried the 'clear line #' command, but it doesn't help. Any ideas? TIA Mike Dickson MCSE+Internet, MCDBA, CCNP, CCDP Dickson Network Designs voice (512)-422-3192 fax (512) 394-0320 www.dicksonnetworks.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37150t=37150 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Well it's my turn...CCIE#8878 [7:37145]
Congratulations Richard, Pretty awesome to pass the first attempt - way to go! Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Richard Newman [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 8:14 AM To: [EMAIL PROTECTED] Subject: Well it's my turn...CCIE#8878 [7:37145] With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37153t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
any comment please [7:37154]
Hello all I have Catalyst 3508G XL , 8 GBIC slots , 12.0(5.2)XU IOS software. We tried to make operate it but the GBIC was not blinking at all , as I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/instnot e.htm , I got conclusion that the switches detect and enable the GBIC only when they are running the minimum software releases which in case of Catalyst 3508G XL Cisco the minimum IOS Release is 12.0(5)XW , so in order to enable the GBIC we have to upgrade the IOS software from 12.0(5.2)XU to 12.0(5)XW . any comment please !!! Al-shelh Network Engineer. [GroupStudy.com removed an attachment of type application/ms-tnef] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37154t=37154 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: basic OSPF questions [7:37142]
1. Hopefully someone else will tell you the answer to this one as I have no idea what the benefit is. 2. The cost dosen't have to be the same. The router will report it's own calculated cost to the neighbor based on it's cost because it's directly connected to it. So if you have: RA--RB (s0)--(s0) RC (e0)___| If router C considers it's S0 link to be a cost of 2 and Router B considers the same link to be 1000, then RA will receive link to be based on RB's calculation. But router A will receive Router C's e0 link as based on the cost of Rc's calculation of the link. 3. According to RFC 2328, it's the router ID which is used in the master/slave determination. I tested it and it is the Router ID. 4. I believe you are correct in your explanation. 5. I believe they both mean Database Descriptor Packet. -- RFC 1149 Compliant. bergenpeak wrote in message news:[EMAIL PROTECTED]; 1) A loopback address is normally advertised by OSPF as a host route. The command ip ospf network point-to-point enables one to specify that the interface should be advertised as a subnet route. What are the benefits for doing this? 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? 3) In the Exstart phase, how is the master selected? Chappel's book says RID while Doyle's say highest interface IP address. Which is it? 4) I'm somewhat unclear on the Exchange and the Loading states. When a router goes into Exchange state, does it send all DDPs it knows about before processing any DDPs received from other adjancent neighbors? Thus, a router goes into Exchange state, sends all DDPs it knows about, then goes into Loading state, where it issues LSRs for LSAs it wants more details on? Is this the process? 5) Is there a difference between DBD and DDP packets? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37156t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 3508G XL , 2950T-24 [7:37098]
I don't believe that it's the IOS on the 3508. First, check to make sure your fiber is connected correctly. When the switch is powered up, you can see which side the laser is on in the GBIC connector. Then, if you cup the fiber in your hands, briefly (very briefly) look to see which connector the laser is on. Then make sure that the connector with the laser goes to the connector on the switch without the laser. If this isn't the problem, there's a good chance it's probably a bad GBIC. Shawn K. -Original Message- From: Chuck Collins [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 8:22 AM To: [EMAIL PROTECTED] Subject: RE: Catalyst 3508G XL , 2950T-24 [7:37098] I wouldn't upgrade the IOS. We had a 3550 that was doing the same thing (GBIC not blinking at all). We called into TAC and got a replacement. We did the upgrade first and when the switch would boot it would no recognize the Ethernet controller. It may be different for you since you have a 3508. I guess you would need to ask yourself do I feel lucky? Good Luck, Chuck Collins -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 10:33 AM To: [EMAIL PROTECTED] Subject: Catalyst 3508G XL , 2950T-24 [7:37098] Dear all I need clarification regarding these two points thanking your help in proceed, First point: We have Catalyst 3508G XL , 8 GBIC slots , 12.0(5.2)XU IOS software. We tried to make operate it but the GBIC was not blinking at all , as I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/ins tnot e.htm , I got conclusion that the switches detect and enable the GBIC only when they are running the minimum software releases which in case of Catalyst 3508G XL Cisco the minimum IOS Release is 12.0(5)XW , so in order to enable the GBIC we have to upgrade the IOS software from 12.0(5.2)XU to 12.0(5)XW . Second point: we have Catalyst 2950T-24 Switch-24 10/100 ports and 2 fixed 10/100/1000BaseT uplink ports, IOS available 12.0(5.3)WC(1). As I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/2950_wc/1169 303. htm , I got conclusion that we do not have to upgrade the ios image because the ios will support the following: Catalyst 2950T-24 24 fixed autosensing 10/100 ports and 2 fixed autosensing 10/100/1000 Ethernet ports. please tell me if there is something missing here , the equipment is placed far away from our office we need to put the network on there as soon as possible , in case we have to upgrade the ios of the any platform then please let us go ahead solving this issue. Warm regards, Ismail Al-shelh Network Engineer [GroupStudy.com removed an attachment of type application/ms-tnef] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37155t=37098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISP Question [7:37006]
Brian, There are a million things to consider about setting up an ISP before you even need a book like ISP Essentials. Knowing how to setup redundancy and shape traffic is great, but it's really not at the top of the priority list when talking about setting up something as complex as an ISP that'll serve thousands of customers (you will have thousands right? I mean you're not going to waste a /20?). Before you can begin estimating your technical costs, you first need to define your target market. Will you have 10 customers or 10,000,000? Are you looking more at a traditional ISP model of providing Internet access (your note says no at the beginning, but you mention modem board at the end, so I'm not clear) or are you looking more at an ASP model where you're only concerned about providing applications? I guess what I'm saying is that there is no cookie cutter approach to building an ISP, ASP, or any other business. Only after you've fully defined your operational parameters can you start filling in the blanks. It's like asking, How much will it cost me to build an airplane?. There's really no easy answer to the question. Rough cost areas to think about in terms of an ISP are: IP space ASN Registration Physical space (NOC rents/leases) Equipment costs (routers (12000 series or 2600 series?), switches (6509 or 2924?), servers, perf monitors/tools, etc.) Bandwidth costs (T1 or OC48?) Personnel costs Helpdesk costs Licensing / membership costs Insurance costs Marketing costs (even if you're only providing intracompany services, there will be costs here) Legal costs Etc. You may want to head over to NANOG (http://www.nanog.org/resources.html) and look through some of the ISP resources to fill in some of the blanks. I hope this helps. Craig At 09:22 AM 3/4/2002 -0500, you wrote: OK, well first let me explain my idea for an ISP isn't to sell dial up, or internet access. I already sell devices that use a dial up. I work for a company so they worry about the business plan. I already checked out where to buy a block of IP addresses, the min you can buy direct is /20 or 4096 public IPs. I know it sounds like a strange idea for you to start my own ISP. Also I wanted to mention that Cisco press is coming out with a new book about Starting an ISP ISP Essentials in April. I am trying to find more out about the book. I know it has a lot of stuff about the features of IOS for ISPs. I guess the book is really what I need. I would also need my own ASN. The /20 block of registered IPs would not be routable, I assume because they are not attached to anyones ASN. So I would have to register my own ASN. And of course I would need a connection to an ISP backbone. Please don't think I am Ignorant and think it is as easy as buying a few routers. I am trying to come up with an estimate for how much it would cost to start an ISP. Like for instance the block of IPs would be $3000 a year, another cost would be the modem board, the routers etc. Thanks for your help. -Original Message- From: Schneider, Matt [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 5:49 PM To: [EMAIL PROTECTED] Subject: RE: ISP Question [7:37006] I'm in -Original Message- From: Craig Columbus To: [EMAIL PROTECTED] Sent: 3/3/2002 5:05 PM Subject: Re: ISP Question [7:37006] Ok, I'll bite... Don't start buying equipment yet. The technical component of an ISP is only one very small part of a big picture. If you're seriously thinking about starting an ISP, you first need to write a business plan that delineates your idea, your potential market, your competition, your management team, your organizational structure, your cashflow analysis, your initial funding, and your exit strategy. This includes a full and honest SWOT (strengths, weaknesses, opportunities, and threats) analysis. Once you've refined your plan, show it to people who know a lot more about running a business than you do. Go visit SCORE (look them up in the phone book) and be prepared to rewrite everything you've written. Once you've got a final product, then you're going to need funding. Remember, you need to account for more than the technical equipment. You'll have to consider rents, leases, insurance, utilities, payroll, taxes, etc. Once you've got the funding, you can bring on qualified management and engineers (read experienced in this field) and let them decide on the particular equipment you'll need. If this sounds like too much to tackle, then you're not ready to run your own business. On the other hand, if you're financially well off (rich) and are determined to go forward anyway, I'll be glad to walk you down the path for a fee. ;-) Good luck, Craig At 02:35 PM 3/1/2002 -0500, you wrote: Does anyone have a list of equipment for a company to become and ISP? I also want to buy a class of IP addresses and host them myself. Is there a link on Cisco to help someone like myself get started. Any help on this topic
Re: any comment please [7:37154]
The software you're running is fine. I don't think Cisco would sell an 8 port Gig switch with software that doesn't support GBIC. We have a few of those switches in our environment running the same software and they work fine. How are you trunking the ports? What are you connecting the ports to, one port to your distribution layer switch and the other ports straight into servers? Audy Ismail Al-Shelh wrote in message news:[EMAIL PROTECTED]; Hello all I have Catalyst 3508G XL , 8 GBIC slots , 12.0(5.2)XU IOS software. We tried to make operate it but the GBIC was not blinking at all , as I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/instnot e.htm , I got conclusion that the switches detect and enable the GBIC only when they are running the minimum software releases which in case of Catalyst 3508G XL Cisco the minimum IOS Release is 12.0(5)XW , so in order to enable the GBIC we have to upgrade the IOS software from 12.0(5.2)XU to 12.0(5)XW . any comment please !!! Al-shelh Network Engineer. [GroupStudy.com removed an attachment of type application/ms-tnef] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37158t=37154 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2501 console port doesn't respond to reverse telnet [7:37160]
Have you got login enabled and transport input all enabled. Phil. --- Mike Dickson wrote: I have a 2501 router whose console (and aux) port doesn't respond when connected to a 2511 and accessed via reverse telnet. The 2511 reports the connection is open, but I never get back a prompt from the 2501. The console port works when directly connected to the serial port of my laptop. Also, I've switched cables between the problem 2501 and other routers in my lab, and the problem follows the 2501, not the cable nor the line on the 2511. I've tried the 'clear line #' command, but it doesn't help. Any ideas? TIA Mike Dickson MCSE+Internet, MCDBA, CCNP, CCDP Dickson Network Designs voice (512)-422-3192 fax (512) 394-0320 www.dicksonnetworks.com [EMAIL PROTECTED] __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37160t=37160 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSw+ and SDLC Port Lists [7:37159]
I have a problem that needs a temporary fix. At one of our branches we have four attached SDLC devices and I need to use one dlsw peer for one device and a different peer for the other three. At first I thought this was easy and I'd use a port list. Well, it appears that the use of the word 'list' in the name 'port list' is deceiving because you can only have one port listed! At least that's how it appears. So, I can't create one list for the single device and a different list for the other three. I'm wondering if I can do the following: dlsw port-list 1 s4 dlsw remote-peer 0 tcp 10.1.1.1 dlsw remote-peer 1 tcp 10.2.2.2 Will this work the way I think it will? Since the '0' in the first list includes all ports I'm not sure if this would be a valid configuration. Any thoughts? This is only for disaster recovery testing and will only be necessary for a few hours, but if I can't figure out how to do something like this I'll have to take all of the SDLC devices at the branch down while we do testing. I'd rather just take one device down. Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37159t=37159 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2501 console port doesn't respond to reverse telnet [7:37161]
Make sure the flow-control (on your hyperterminal) is set to NONE, and not HARDWARE. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: Mike Dickson [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 8:47 AM To: [EMAIL PROTECTED] Subject: 2501 console port doesn't respond to reverse telnet connection [7:37150] I have a 2501 router whose console (and aux) port doesn't respond when connected to a 2511 and accessed via reverse telnet. The 2511 reports the connection is open, but I never get back a prompt from the 2501. The console port works when directly connected to the serial port of my laptop. Also, I've switched cables between the problem 2501 and other routers in my lab, and the problem follows the 2501, not the cable nor the line on the 2511. I've tried the 'clear line #' command, but it doesn't help. Any ideas? TIA Mike Dickson MCSE+Internet, MCDBA, CCNP, CCDP Dickson Network Designs voice (512)-422-3192 fax (512) 394-0320 www.dicksonnetworks.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37161t=37161 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: basic OSPF questions [7:37142]
Someone else has tackled the others, I go after #1): As you probably already know, in a lab setting, loopbacks are great for building up fictional stub networks to be used in reachability testing and summarization/filtering scenarios. For example, you can create interface loopback0 with an ip address of 10.1.1.1/24. By default, in OSPF, this loopback interface's network would be advertised as 10.1.1.1/32 even though you have specified the /24 mask. This makes for some confusion. If you specify on the loopback interface OSPF network type as point-to-point, it will force the /24 advertisement to be made instead of the /32. This makes the loopback interfaces appear to be just another stub network (not to be confused with OSPF stub area). Ryan -Original Message- From: bergenpeak [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 9:00 AM To: [EMAIL PROTECTED] Subject: basic OSPF questions [7:37142] 1) A loopback address is normally advertised by OSPF as a host route. The command ip ospf network point-to-point enables one to specify that the interface should be advertised as a subnet route. What are the benefits for doing this? 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? 3) In the Exstart phase, how is the master selected? Chappel's book says RID while Doyle's say highest interface IP address. Which is it? 4) I'm somewhat unclear on the Exchange and the Loading states. When a router goes into Exchange state, does it send all DDPs it knows about before processing any DDPs received from other adjancent neighbors? Thus, a router goes into Exchange state, sends all DDPs it knows about, then goes into Loading state, where it issues LSRs for LSAs it wants more details on? Is this the process? 5) Is there a difference between DBD and DDP packets? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37162t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2501 console port doesn't respond to reverse telnet [7:37163]
The asynch line configuration on the 2511: line 1 16 no exec modem InOut transport input all The console config on all of my lab routers, including the problem router: line con 0 exec-timeout 0 0 The other routers work just fine; this one doesn't. Moreover, the problem router works fine if I'm using a direct connection between a computer's serial port and the console, but doesn't when using a connection to the 2511. Mike -Original Message- From: Phil Barker [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 9:26 AM To: Mike Dickson; [EMAIL PROTECTED] Subject: Re: 2501 console port doesn't respond to reverse telnet connection [7:37150] Have you got login enabled and transport input all enabled. Phil. --- Mike Dickson wrote: I have a 2501 router whose console (and aux) port doesn't respond when connected to a 2511 and accessed via reverse telnet. The 2511 reports the connection is open, but I never get back a prompt from the 2501. The console port works when directly connected to the serial port of my laptop. Also, I've switched cables between the problem 2501 and other routers in my lab, and the problem follows the 2501, not the cable nor the line on the 2511. I've tried the 'clear line #' command, but it doesn't help. Any ideas? TIA Mike Dickson MCSE+Internet, MCDBA, CCNP, CCDP Dickson Network Designs voice (512)-422-3192 fax (512) 394-0320 www.dicksonnetworks.com [EMAIL PROTECTED] __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37163t=37163 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: 2501 console port doesn't respond to reverse telnet [7:37165]
-Original Message- From: Gyorfy, Shawn Sent: Monday, March 04, 2002 11:34 AM To: '[EMAIL PROTECTED]' Subject: RE: 2501 console port doesn't respond to reverse telnet connection [7:37150] ^^x CTRL+SHIFT+6 And X Disconnect 1 - check out the term, make sure baud rate and flow are set correctly on the 2511. Show terminal shawn -Original Message- From: Matthew Kessler [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 11:27 AM To: [EMAIL PROTECTED] Subject: Fw: 2501 console port doesn't respond to reverse telnet connection [7:37150] - Original Message - From: Mike Dickson To: Sent: Monday, March 04, 2002 9:47 AM Subject: 2501 console port doesn't respond to reverse telnet connection [7:37150] I have a 2501 router whose console (and aux) port doesn't respond when connected to a 2511 and accessed via reverse telnet. The 2511 reports the connection is open, but I never get back a prompt from the 2501. The console port works when directly connected to the serial port of my laptop. Also, I've switched cables between the problem 2501 and other routers in my lab, and the problem follows the 2501, not the cable nor the line on the 2511. I've tried the 'clear line #' command, but it doesn't help. Any ideas? TIA Mike Dickson MCSE+Internet, MCDBA, CCNP, CCDP Dickson Network Designs voice (512)-422-3192 fax (512) 394-0320 www.dicksonnetworks.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37165t=37165 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Well it's my turn...CCIE#8878 [7:37145]
Congrats Richard... Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Richard Newman Sent: Monday, March 04, 2002 6:14 AM To: [EMAIL PROTECTED] Subject: Well it's my turn...CCIE#8878 [7:37145] With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37166t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Help with AS5224 remove dhcp settings. [7:37167]
Hello everyone, we have a AS5224 that is working quite well. I have setup a RADIUS server which is controlling the passwords only. I want the RAIDUS sever to give out ips based on user ids. How do I remove the dhcp settings from the AS5224? I have tried 'no local pool dial 10.x.x.100 10.x.x.253' followed by a 'no peer default ip address pool dial'. Is that all I have to do? Thanks, FC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37167t=37167 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Well it's my turn...CCIE#8878 [7:37145]
Richard, Top Man - really well done - 1st go aswell. lets just hope I get the same result in Brussels on Thursday Well done again Regards Richard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37170t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Well it's my turn...CCIE#8878 [7:37145]
Job well done! I know you mentioned OJT, did that come from your associates at ALLTEL? Jeff Jeffrey Bond, CCNP, MCSE Technology Solutions Engineer NCR Corporation Global Network Services mailto:[EMAIL PROTECTED] -Original Message- From: Richard Newman [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 9:14 AM To: [EMAIL PROTECTED] Subject: Well it's my turn...CCIE#8878 [7:37145] With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37171t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Well it's my turn...CCIE#8878 [7:37145]
Congratulations! Pierre-Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Richard Newman Sent: Monday, March 04, 2002 8:14 AM To: [EMAIL PROTECTED] Subject: Well it's my turn...CCIE#8878 [7:37145] With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37173t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSw+ and SDLC Port lists, Part 2 [7:37168]
Please ignore the last post, I'm just being a dork again. :-) I thought the usage of the dlsw port list command was like this: dlsw port-list 1 s1 dlsw port-list 1 s2 That does not work and I end up with a one-entry port list. The actual usage should be like this: dlsw port-list 1 s1 s2 This solves my problem. I even quickly looked through the command reference and didn't notice that additional ports could be added on one line. Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37168t=37168 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Well it's my turn...CCIE#8878 [7:37145]
GEEAT JOB! (say it like Tony the tiger) Richard Newman wrote in message news:[EMAIL PROTECTED]; With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37174t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX questions [7:37129]
Hunt/Swapnil - You can not telnet to the outside interface. You will need to configure SSH. Swapnil Jain wrote in message news:[EMAIL PROTECTED]; u dont need to add a conduit for telnet unless u have blocked port 23. just add telnet ip_address [netmask] [if_name] to allow telnet from ip_address bye swapnil Hunt Lee wrote in message news:[EMAIL PROTECTED]; Hi all, I have two questions about PIX 501, it would be great if someone can shed some light on this: 1)Currently, I'm using a software called RANCID to monitor and save configs for my works' routers.I know that RANCID uses a Clogin to get into the router, it then do a show running-config command to veiw the configs, and then backs it up. My question is, would PIX 501 supports Clogin? 2)Also, I know one can use conduit permit icmp any any to allow the PING packets to get thru the PIX. Would I be able to use a similar command which will allow me to telnet from outside network into the PIX? Please help... Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37175t=37129 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Written - ATM Questions [7:37176]
Hi all. I'm taking my CCIE written this afternoon and I'm wondering if there's a lot of ATM questions on the exam? I'm doing some heavy cramming so I just want to know if I should concentrate on ATM. Any other tips would be appreciated. Thanks. Audy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37176t=37176 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Setting up Catalyst 6500 as a Layer 2 switch [7:37177]
I'm trying to setup a Cat 6500 running IOS 12.1 (c6sup22-dsv-mz.121-8a.E5) as a layer two switch and I'm running into some issues. I have a group of ports all on the same vlan, with switchport set to enable them as layer 2 switch ports. Directed IP traffic flows fine, but broadcast traffic is not flowing between the ports. The short story of the problem. In this test environment I have 5 NT servers plugged into the Cat 6500 and they can't see each other view Network Neighborhood. My current goal is to just get this switch to act like your basic unmanaged switch (I'll work on the more interesting settings after I get this basic functionality working.) Any ideas what I might be missing? Matt ! Example of the current configuration: interface FastEthernet2/1 no ip address switchport ! interface FastEthernet2/2 no ip address switchport ! interface Vlan1 ip address 192.168.0.1 255.255.255.0 no ip route-cache cef no ip mroute-cache Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37177t=37177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: basic OSPF questions [7:37142]
At 08:59 AM 3/4/02, bergenpeak wrote: 1) A loopback address is normally advertised by OSPF as a host route. The command ip ospf network point-to-point enables one to specify that the interface should be advertised as a subnet route. What are the benefits for doing this? I can't imagine any benefits. Where did you find this info?? I do see some mention in RFC 2328 of using a host versus a subnet for the Link ID. On point-to-point networks, if the neighbor's IP address is known, set the Link ID of the Type 3 link to the neighbor's IP address, and the Link Data to the mask 0x (indicating a host route) If a subnet has been assigned to the point-to-point link, set the Link ID of the Type 3 link to the subnet's IP address, and the Link Data to the subnet's mask... 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? I couldn't find anything in RFC 2328 that says that two routers connected to a link MUST agree on the cost. The RFC writers use the term MUST carefully. If it were required, they would put it in the RFC. I think it would be a good idea to make them agree, though 3) In the Exstart phase, how is the master selected? Chappel's book says RID while Doyle's say highest interface IP address. Which is it? The router with the higher Router ID becomes the master. 4) I'm somewhat unclear on the Exchange and the Loading states. When a router goes into Exchange state, does it send all DDPs it knows about before processing any DDPs received from other adjancent neighbors? I think so, but I've never thought about the database synchronization issues associated with a router that is a neighbor to many routers. My guess is that it can only be in the exchange state with one router at a time. Otherwise it would be exchanging database info with one router as the info was being updated by another router?? Thus, a router goes into Exchange state, sends all DDPs it knows about, then goes into Loading state, where it issues LSRs for LSAs it wants more details on? Is this the process? Sounds right. See the RFC for the details. 5) Is there a difference between DBD and DDP packets? I would avoid the term DDP, since it means Datagram Delivery Protocol to AppleTalk people. ;-) Thanks Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37178t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix NAT - Two to one [7:37179]
Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37179t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: read and not write TOS [7:36946]
At 03:11 AM 3/4/02, TP wrote: I said special switch: it is a switch with ethernet ports and voice ports, with the voice processor and its stack. So, I can program the special switch in order to set the TOS (layer 3) per port basis and the COS (layer 2) per port basis. What happens to my packet (or frames) when I connect this switch to a router (827 per adsl) or to a layer 3 catalyst for different design? What do you want to happen to the packets? Cisco supports so many Quality of Service (QoS) features, it's hard to answer your question! For example, although IP Precedence is not a queuing method, queuing methods such as weighted fair queuing (WFQ) and Weighted Random Early Detection (WRED) can use the IP Precedence setting of the packet in the TOS field to prioritize traffic. Committed Access Rate (CAR) can also use the IP Precedence. Cisco also supports the newer meanings for TOS (that is the Differentiated Services bits). Anyway, you probably haven't gotten a good answer from us because Cisco makes all of this so complicated, it's hard to give a simple answer. ;-) You should start by skimming the Cisco IOS Quality of Service Solutions Configuration Guide here: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/index.htm I don't know much about the 827 router. Hopefully it can do everything a bigger router could do. If not, check its specific documentation for QoS configuration information. Good luck. Let us know how it goes. Thanks. Priscilla - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 01, 2002 6:05 PM Subject: Re: read and not write TOS [7:36946] I don't think you can set the ToS bits on a switch. You can only set the CoS bit and the CoS will not be translated to a ToS on router unless you force it to in the configuration. ToS is a layer 3 function and CoS is a layer 2 function From: TP Reply-To: TP To: [EMAIL PROTECTED] Subject: read and not write TOS [7:36946] Date: Fri, 1 Mar 2002 06:14:30 -0500 Dear group, i have the following situation: a special switch connected to a cisco router via ethernet interface. This switch is enable to set TOS based on its ports. I'd like to configure the router in order to have different queuing based on the TOS (two or three queues). The router should read (and NOT write) the TOS and priorituze the traffic with the higher TOS: is it possible? If yes, maybe with access-list or samething different, can you provide the proper command lines? Thanks in advance Teresa _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37180t=36946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: mac address searcher [7:37143]
CiscoWorks/Campus Manager knows to do that. Sasa CCIE #8635 steve skinner wrote: Guys, you assistance if you please.. i am looking for a new tool to help me automate a task... i work for a global company with multiple it teams,who like to move multiple it servers willy-nilly... i suppport the switches 65`s but due to politics i am not allowed to set port secuirty on them... is there any tool out there that will queiry a cisco switch and tell me if it has a MAC record in its cam table.. i have got 60 65`s in 18 different MAN locations...and christ knows how many servers... it`s just i am lazy and dont want to keep typing Sh ip arp and sh cam dyn all the time... any help would be great. TIA steve _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp; Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37181t=37143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Written - ATM Questions [7:37176]
I think I had about 2 maybe 3 questions last Thursday. Woody CCNP -Original Message- From: Audy Bautista [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:38 PM To: [EMAIL PROTECTED] Subject: CCIE Written - ATM Questions [7:37176] Hi all. I'm taking my CCIE written this afternoon and I'm wondering if there's a lot of ATM questions on the exam? I'm doing some heavy cramming so I just want to know if I should concentrate on ATM. Any other tips would be appreciated. Thanks. Audy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37183t=37176 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX questions [7:37129]
If you really want to create a loophole so you can telnet into the firewall from the outside, and you do not want to create a secure connection to it, you can place a dummy router (or other telnet ready device) on the inside, allow telnet to it from the outside, allow the device to telnet to the PIX, telnet to it and reverse telnet back to the PIX. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: MJ [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 1:35 PM To: [EMAIL PROTECTED] Subject: Re: PIX questions [7:37129] Hunt/Swapnil - You can not telnet to the outside interface. You will need to configure SSH. Swapnil Jain wrote in message news:[EMAIL PROTECTED]; u dont need to add a conduit for telnet unless u have blocked port 23. just add telnet ip_address [netmask] [if_name] to allow telnet from ip_address bye swapnil Hunt Lee wrote in message news:[EMAIL PROTECTED]; Hi all, I have two questions about PIX 501, it would be great if someone can shed some light on this: 1)Currently, I'm using a software called RANCID to monitor and save configs for my works' routers.I know that RANCID uses a Clogin to get into the router, it then do a show running-config command to veiw the configs, and then backs it up. My question is, would PIX 501 supports Clogin? 2)Also, I know one can use conduit permit icmp any any to allow the PING packets to get thru the PIX. Would I be able to use a similar command which will allow me to telnet from outside network into the PIX? Please help... Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37184t=37129 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX questions [7:37129]
If you really want to create a loophole so you can telnet into the firewall from the outside, and you do not want to create a secure connection to it, you can place a dummy router (or other telnet ready device) on the inside, allow telnet to it from the outside, allow the device to telnet to the PIX, telnet to it and reverse telnet back to the PIX. Hth, Ole ~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~ http://www.RouterChief.com ~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~ -Original Message- From: MJ [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 1:35 PM To: [EMAIL PROTECTED] Subject: Re: PIX questions [7:37129] Hunt/Swapnil - You can not telnet to the outside interface. You will need to configure SSH. Swapnil Jain wrote in message news:[EMAIL PROTECTED]; u dont need to add a conduit for telnet unless u have blocked port 23. just add telnet ip_address [netmask] [if_name] to allow telnet from ip_address bye swapnil Hunt Lee wrote in message news:[EMAIL PROTECTED]; Hi all, I have two questions about PIX 501, it would be great if someone can shed some light on this: 1)Currently, I'm using a software called RANCID to monitor and save configs for my works' routers.I know that RANCID uses a Clogin to get into the router, it then do a show running-config command to veiw the configs, and then backs it up. My question is, would PIX 501 supports Clogin? 2)Also, I know one can use conduit permit icmp any any to allow the PING packets to get thru the PIX. Would I be able to use a similar command which will allow me to telnet from outside network into the PIX? Please help... Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37182t=37129 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: read and not write TOS [7:36946]
I'm pretty good with QOS. If you connect your special switch to a router and you mark your packets with IP Prec or DiffServ (which one is it?) your packet will remain marked until they reach the destination. The only time you would lose these markings is if a router is programmed to strip the markings and replace them with something else. As for your CoS bits, they will be fine until they hit a layer 3 device. If they remain on a large flat L2 network, then they will remain untouched. If the packets have to go through a router of some sort (because they need to be routed to a different network) the L3 device will strip the layer 2 ethernet packet, replace them with it's own l2 packet based on what type of link it's going out of (PPP, HDLC, another ethernet netowrk) and send it on it's merry way. Unfortuately, that L2 packet had your 802.1p bits in it and it was trashed. So you lost them (unless you have the router map l2 to l3). Therefore, it's better to just mark L3. Finally, just because you mark your packets, doesn't mean you'll get any special treatment unles the routers are told to do so (unless you have WFQ enabled on the router, as WFQ automatically classifies based on IP Prec or DiffServ.). Look up MQC to create policies to do things with your marked packets. -- RFC 1149 Compliant. TP wrote in message news:[EMAIL PROTECTED]; I said special switch: it is a switch with ethernet ports and voice ports, with the voice processor and its stack. So, I can program the special switch in order to set the TOS (layer 3) per port basis and the COS (layer 2) per port basis. What happens to my packet (or frames) when I connect this switch to a router (827 per adsl) or to a layer 3 catalyst for different design? - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 01, 2002 6:05 PM Subject: Re: read and not write TOS [7:36946] I don't think you can set the ToS bits on a switch. You can only set the CoS bit and the CoS will not be translated to a ToS on router unless you force it to in the configuration. ToS is a layer 3 function and CoS is a layer 2 function From: TP Reply-To: TP To: [EMAIL PROTECTED] Subject: read and not write TOS [7:36946] Date: Fri, 1 Mar 2002 06:14:30 -0500 Dear group, i have the following situation: a special switch connected to a cisco router via ethernet interface. This switch is enable to set TOS based on its ports. I'd like to configure the router in order to have different queuing based on the TOS (two or three queues). The router should read (and NOT write) the TOS and priorituze the traffic with the higher TOS: is it possible? If yes, maybe with access-list or samething different, can you provide the proper command lines? Thanks in advance Teresa _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37185t=36946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Setting up Catalyst 6500 as a Layer 2 switch [7:37177]
Hi, Have you set the vlan in Vlan Database mode ? Have you set the ports in question to switchport mode access ? Have the ports in question been set to the vlan you want them to be in ? interface FastEthernet5/35 description to Hop-1st floor no ip address udld enable switchport switchport access vlan 171 switchport mode access switchport nonegotiate Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 11:41 AM To: [EMAIL PROTECTED] Subject: Setting up Catalyst 6500 as a Layer 2 switch [7:37177] I'm trying to setup a Cat 6500 running IOS 12.1 (c6sup22-dsv-mz.121-8a.E5) as a layer two switch and I'm running into some issues. I have a group of ports all on the same vlan, with switchport set to enable them as layer 2 switch ports. Directed IP traffic flows fine, but broadcast traffic is not flowing between the ports. The short story of the problem. In this test environment I have 5 NT servers plugged into the Cat 6500 and they can't see each other view Network Neighborhood. My current goal is to just get this switch to act like your basic unmanaged switch (I'll work on the more interesting settings after I get this basic functionality working.) Any ideas what I might be missing? Matt ! Example of the current configuration: interface FastEthernet2/1 no ip address switchport ! interface FastEthernet2/2 no ip address switchport ! interface Vlan1 ip address 192.168.0.1 255.255.255.0 no ip route-cache cef no ip mroute-cache Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37186t=37177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISP Question [7:37006]
OK, well first let me explain my idea for an ISP isn't to sell dial up, or internet access. I already sell devices that use a dial up. If these devices do a specific application, you might be better off thinking of planning an Application Service Provider (ASP) rather than an Internet Service Provider (ISP). I work for a company so they worry about the business plan. I already checked out where to buy a block of IP addresses, the min you can buy direct is /20 or 4096 public IPs. Just to start with, you don't buy them, you have a license for their use for a given time period. You can't just walk up with money, either. You must justify that you have actual hosts in use for 50% of the address space, and you need to keep records to show that you've assigned 80% of the space before you get more. In reality, you are rarely going to have that many addresses when you start, so you are going to have to be assigned space from an upstream provider and eventually renumber into your own space. I know it sounds like a strange idea for you to start my own ISP. Also I wanted to mention that Cisco press is coming out with a new book about Starting an ISP ISP Essentials in April. I am trying to find more out about the book. :-) For that matter, my book, Building Service Provider Networks, also will be out in April. There's a Cisco document called Essential Things Every ISP Should Know that's available online, but unfortunately I don't have the URL handy. Also, there's a lot of material in the Cisco ISP workshops. Early on, you might want to call your local Cisco office and talk to people in the Service Provider team. I know it has a lot of stuff about the features of IOS for ISPs. I guess the book is really what I need. I would also need my own ASN. The /20 block of registered IPs would not be routable, I assume because they are not attached to anyones ASN. So I would have to register my own ASN. And of course I would need a connection to an ISP backbone. At least two, to obtain your own ASN. Please don't think I am Ignorant and think it is as easy as buying a few routers. I am trying to come up with an estimate for how much it would cost to start an ISP. Like for instance the block of IPs would be $3000 a year, another cost would be the modem board, the routers etc. Thanks for your help. -Original Message- From: Schneider, Matt [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 5:49 PM To: [EMAIL PROTECTED] Subject: RE: ISP Question [7:37006] I'm in -Original Message- From: Craig Columbus To: [EMAIL PROTECTED] Sent: 3/3/2002 5:05 PM Subject: Re: ISP Question [7:37006] Ok, I'll bite... Don't start buying equipment yet. The technical component of an ISP is only one very small part of a big picture. If you're seriously thinking about starting an ISP, you first need to write a business plan that delineates your idea, your potential market, your competition, your management team, your organizational structure, your cashflow analysis, your initial funding, and your exit strategy. This includes a full and honest SWOT (strengths, weaknesses, opportunities, and threats) analysis. Once you've refined your plan, show it to people who know a lot more about running a business than you do. Go visit SCORE (look them up in the phone book) and be prepared to rewrite everything you've written. Once you've got a final product, then you're going to need funding. Remember, you need to account for more than the technical equipment. You'll have to consider rents, leases, insurance, utilities, payroll, taxes, etc. Once you've got the funding, you can bring on qualified management and engineers (read experienced in this field) and let them decide on the particular equipment you'll need. If this sounds like too much to tackle, then you're not ready to run your own business. On the other hand, if you're financially well off (rich) and are determined to go forward anyway, I'll be glad to walk you down the path for a fee. ;-) Good luck, Craig At 02:35 PM 3/1/2002 -0500, you wrote: Does anyone have a list of equipment for a company to become and ISP? I also want to buy a class of IP addresses and host them myself. Is there a link on Cisco to help someone like myself get started. Any help on this topic would be appreciated. I really don't know where to start Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37187t=37006 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix Alias - puzzled - Bit long [7:37189]
I've been playing a little with the Pix alias command today on a two interface Pix: A customer was using the alias command to change the content of DNS replies from the registered address to the real internal address of servers, so that users on the local subnet went directly to servers on the same LAN. This seemed to be working (The DNS side of it). alias (inside) 255.255.255.255 Unfortunately the other use for the same alias command seemed to be screwing this up. The other use allows destination NAT of the addresses within the command. Users trying to get to the internal server addresses were timing out intermittently. This turned out to be because of the alias command, which was making the pix reply (proxy arp) and NAT the internal server address to the new destination address (the registered address). I asked the customer to apply 'sysopt noproxy inside' to turn off proxy arp and the problem was cured. Took it off to confirm and problems returned. I've also noticed the command 'sysopt nodnsalias' which seems to do 'roughly' the same thing (I think!!). Can anyone explain this command any better than the couple of lines in the Pix command reference. Also anybody care to detail how they use the alias command for this sort of thing. It seems to me that there are a few ways to use it (And I think even more ways when servers are on the DMZ so that DNS changes or NAT will do the trick) Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37189t=37189 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Setting up Catalyst 6500 as a Layer 2 switch [7:37177]
You need to assign your ports to a vlan based on your configuration below. -Original Message- From: Matt Fisher [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:41 PM To: [EMAIL PROTECTED] Subject: Setting up Catalyst 6500 as a Layer 2 switch [7:37177] I'm trying to setup a Cat 6500 running IOS 12.1 (c6sup22-dsv-mz.121-8a.E5) as a layer two switch and I'm running into some issues. I have a group of ports all on the same vlan, with switchport set to enable them as layer 2 switch ports. Directed IP traffic flows fine, but broadcast traffic is not flowing between the ports. The short story of the problem. In this test environment I have 5 NT servers plugged into the Cat 6500 and they can't see each other view Network Neighborhood. My current goal is to just get this switch to act like your basic unmanaged switch (I'll work on the more interesting settings after I get this basic functionality working.) Any ideas what I might be missing? Matt ! Example of the current configuration: interface FastEthernet2/1 no ip address switchport ! interface FastEthernet2/2 no ip address switchport ! interface Vlan1 ip address 192.168.0.1 255.255.255.0 no ip route-cache cef no ip mroute-cache Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37188t=37177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Setting up Catalyst 6500 as a Layer 2 switch [7:37177]
can you copy and paste the complete config for us to look at? -Original Message- From: Matt Fisher [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:41 PM To: [EMAIL PROTECTED] Subject: Setting up Catalyst 6500 as a Layer 2 switch [7:37177] I'm trying to setup a Cat 6500 running IOS 12.1 (c6sup22-dsv-mz.121-8a.E5) as a layer two switch and I'm running into some issues. I have a group of ports all on the same vlan, with switchport set to enable them as layer 2 switch ports. Directed IP traffic flows fine, but broadcast traffic is not flowing between the ports. The short story of the problem. In this test environment I have 5 NT servers plugged into the Cat 6500 and they can't see each other view Network Neighborhood. My current goal is to just get this switch to act like your basic unmanaged switch (I'll work on the more interesting settings after I get this basic functionality working.) Any ideas what I might be missing? Matt ! Example of the current configuration: interface FastEthernet2/1 no ip address switchport ! interface FastEthernet2/2 no ip address switchport ! interface Vlan1 ip address 192.168.0.1 255.255.255.0 no ip route-cache cef no ip mroute-cache Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37190t=37177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: basic OSPF questions [7:37142]
There is a reason for the first one that I have seen. If for some reason you are using your loopback subnet for a NAT pool, and the NAT pool requires more than one global IP address, you can assign a /29 (or whatever) to the loopback and use that whole range for the NAT pool. That is one instance in which you may want to advertise more than a host route for your loopback. You could have loopback 1 as the RID, and loopback 2 assigned the /29 for NAT, loopback 2 would have the ip ospf network point-to-point command to advertise the /29. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:48 PM To: [EMAIL PROTECTED] Subject: Re: basic OSPF questions [7:37142] At 08:59 AM 3/4/02, bergenpeak wrote: 1) A loopback address is normally advertised by OSPF as a host route. The command ip ospf network point-to-point enables one to specify that the interface should be advertised as a subnet route. What are the benefits for doing this? I can't imagine any benefits. Where did you find this info?? I do see some mention in RFC 2328 of using a host versus a subnet for the Link ID. On point-to-point networks, if the neighbor's IP address is known, set the Link ID of the Type 3 link to the neighbor's IP address, and the Link Data to the mask 0x (indicating a host route) If a subnet has been assigned to the point-to-point link, set the Link ID of the Type 3 link to the subnet's IP address, and the Link Data to the subnet's mask... 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? I couldn't find anything in RFC 2328 that says that two routers connected to a link MUST agree on the cost. The RFC writers use the term MUST carefully. If it were required, they would put it in the RFC. I think it would be a good idea to make them agree, though 3) In the Exstart phase, how is the master selected? Chappel's book says RID while Doyle's say highest interface IP address. Which is it? The router with the higher Router ID becomes the master. 4) I'm somewhat unclear on the Exchange and the Loading states. When a router goes into Exchange state, does it send all DDPs it knows about before processing any DDPs received from other adjancent neighbors? I think so, but I've never thought about the database synchronization issues associated with a router that is a neighbor to many routers. My guess is that it can only be in the exchange state with one router at a time. Otherwise it would be exchanging database info with one router as the info was being updated by another router?? Thus, a router goes into Exchange state, sends all DDPs it knows about, then goes into Loading state, where it issues LSRs for LSAs it wants more details on? Is this the process? Sounds right. See the RFC for the details. 5) Is there a difference between DBD and DDP packets? I would avoid the term DDP, since it means Datagram Delivery Protocol to AppleTalk people. ;-) Thanks Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37191t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix NAT - Two to one [7:37179]
what is the overall goal? Gaz 03/04/02 03:06PM Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37192t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix NAT - Two to one [7:37179]
Eventually, two separate static commands for two separate outside addresses going to two separate DMZ addresses. At the moment there is just one machine inside. Possibility of putting multiple addresses on the server but preferred option is not to do this. What I would like to miss out is the time required to wait for DNS to propagate when I split the single outside address to two. If I can leave the DNS pointing to two addresses and make the changes at the required time, there is no delay involved. Thanks, Gaz Patrick Ramsey wrote in message news:[EMAIL PROTECTED]; what is the overall goal? Gaz 03/04/02 03:06PM Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Confidentiality DisclaimerThis email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37193t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pix NAT - Two to one [7:37179]
On a cisco router, you use the Extendable command. not sure about the pix. -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:07 PM To: [EMAIL PROTECTED] Subject: Pix NAT - Two to one [7:37179] Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37194t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: basic OSPF questions [7:37142]
I have a question regarding # 2. let's say both routera and router b are connected and advertising the link between them to router c. The connection from routera to routerc is a 64k frame circuit. The link betwen routerb and routerc is a 64k ISDN (1 b). If routera advertises the network between itself and routerb with a cost of 10, and routerb advertises that same network with a cost of 100. All other things being equal when routerc gets the two updates, he will prefer to take the frame circuit towards routera to get to that network. Why would anyways want this? What if the circuit between routerb and routerc was a backup ISDN that you had to pay extra for to bring up during normal business hours or something like that. I guess it all comes down to what your network is doing. Whether two boxes advertise the same cost to a network is really only dependent upon which path you want to take to get there. If they both advertise the same, you may potentially load balance. If that's not desired, crank up the cost of one of those boxes so it's path is less-desirable. router a --- routerb \/ \ / \/ routerc Was I just rambling? Did that make sense. Tim -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:48 PM To: [EMAIL PROTECTED] Subject: Re: basic OSPF questions [7:37142] At 08:59 AM 3/4/02, bergenpeak wrote: 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? I couldn't find anything in RFC 2328 that says that two routers connected to a link MUST agree on the cost. The RFC writers use the term MUST carefully. If it were required, they would put it in the RFC. I think it would be a good idea to make them agree, though Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37195t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: basic OSPF questions [7:37142]
I believe Rc would know the network to be equal cost between the two routers. -- RFC 1149 Compliant. Ouellette, Tim wrote in message news:[EMAIL PROTECTED]; I have a question regarding # 2. let's say both routera and router b are connected and advertising the link between them to router c. The connection from routera to routerc is a 64k frame circuit. The link betwen routerb and routerc is a 64k ISDN (1 b). If routera advertises the network between itself and routerb with a cost of 10, and routerb advertises that same network with a cost of 100. All other things being equal when routerc gets the two updates, he will prefer to take the frame circuit towards routera to get to that network. Why would anyways want this? What if the circuit between routerb and routerc was a backup ISDN that you had to pay extra for to bring up during normal business hours or something like that. I guess it all comes down to what your network is doing. Whether two boxes advertise the same cost to a network is really only dependent upon which path you want to take to get there. If they both advertise the same, you may potentially load balance. If that's not desired, crank up the cost of one of those boxes so it's path is less-desirable. router a --- routerb \/ \ / \/ routerc Was I just rambling? Did that make sense. Tim -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:48 PM To: [EMAIL PROTECTED] Subject: Re: basic OSPF questions [7:37142] At 08:59 AM 3/4/02, bergenpeak wrote: 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? I couldn't find anything in RFC 2328 that says that two routers connected to a link MUST agree on the cost. The RFC writers use the term MUST carefully. If it were required, they would put it in the RFC. I think it would be a good idea to make them agree, though Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37196t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Setting up Catalyst 6500 as a Layer 2 switch [7:37177]
I am setting this up in VLAN 1. So the vlan was already setup in the VLAN database. I do have the ports in question set to switchport mode access. All of the ports are in the same vlan. Matt -- Author: Larry Letterman (---.cisco.com) Date: 03-04-02 15:21 Hi, Have you set the vlan in Vlan Database mode ? Have you set the ports in question to switchport mode access ? Have the ports in question been set to the vlan you want them to be in ? interface FastEthernet5/35 description to Hop-1st floor no ip address udld enable switchport switchport access vlan 171 switchport mode access switchport nonegotiate Larry Letterman Cisco Systems [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37197t=37177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix NAT - Two to one [7:37179]
Why not add an additional ip to the internal host and have two nats? - Original Message - From: Gaz To: Sent: Monday, March 04, 2002 3:06 PM Subject: Pix NAT - Two to one [7:37179] Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37199t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Written - ATM Questions [7:37176]
I think we should not be talking about the contents of the exams or how much of this or that. Doesn't do anyone any good. No offense please. Tarek -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Woods, Randall, SOLCM Sent: Monday, March 04, 2002 2:15 PM To: [EMAIL PROTECTED] Subject: RE: CCIE Written - ATM Questions [7:37176] I think I had about 2 maybe 3 questions last Thursday. Woody CCNP -Original Message- From: Audy Bautista [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:38 PM To: [EMAIL PROTECTED] Subject: CCIE Written - ATM Questions [7:37176] Hi all. I'm taking my CCIE written this afternoon and I'm wondering if there's a lot of ATM questions on the exam? I'm doing some heavy cramming so I just want to know if I should concentrate on ATM. Any other tips would be appreciated. Thanks. Audy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37201t=37176 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hey norco [7:37146]
hey man don't mention it...! wrote in message news:[EMAIL PROTECTED]; hey norco...that was a great post..ye..those guys who brought up the term lab rats really think that you should have been born with that knowledge. apart from that, yes its all about improving your standard of living and a lot more things exterior to one's work. cya. norco wrote: i agree. that 'lab rat' bullshit has been created by cisco engineers fearful of their status/positions because nowadays anyone get reasonable proficient at cisco routing and switching - which SHOULD be the case!! I remember people (and they still do) cryin' the frickin' blues beacuse people were paper certified, and that they had no hands-on experience. Well, now that they are getting hands-on experience albeit in a lab environment (which is in some cases presents a more convoluted routing and switching environment because it allows them to set the level of complexity depending on the amount and type of lab equipment...phew - long comment) - they have the audacity to label them 'lab rats' - honestly i think these fucks expect you to be born with this knowledge!! By all means get stuck into your lab - get your CCNP, go for the CCIE and improve your standard of living - after all that's what this is all about - don't let a bunch of narrow-minded, paranoid, tall-poppy syndrome minded dicks dictate what you should or should not do. B Rudy wrote in message news:[EMAIL PROTECTED]; Hey guys, I have been looking for a job for the past 8 months. I decided to get some professional Cisco training since the market was doing so badly. I have read some message boards talking about CCIE lab rats, and how they are a disgrace.. I dont want to be looked at like that. I have purchased a year of training where I can utilize all the Cisco equipment they have on their premises. I am going to be a lab rat for a while.. Will i be able to find a job once i am a ccnp and proficcient with Cisco and their equipment?? That lab rat being a disgrace comment is totally absurd my bio: B.S in Telecommunications No experience in the field-but a lot in the labs CCDA CCNA Network+ MCSE 2k LPI 1 A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37202t=37146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Well it's my turn...CCIE#8878 [7:37145]
Well done...very well done. Let us know how it changes your life!!! :) Richard Newman wrote in message news:[EMAIL PROTECTED]; With many hours of reading and hands on, not to mention all the OTJT (sometimes that's the best) I succeeded in passing on my first attempt. Thanks to all those who helped along the way. Richard Newman, CCIE#8878 Alltel Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37203t=37145 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Lab Rat [7:37130]
Look. There's nothing wrong with increasing your knowledge. Everybody has to start somewhere. The problem arises when guys who are certified, but have little experience, still expect to get the same pay and respect as somebody who's been doing it for awhile. Or worse, they try to fake their way around by claiming knowledge they don't have. Then they inevitably screw something up, which not only means more work for the other guys because they have to clean up the mess, but also means that hiring managers get suspicious of everybody because they don't know who's good and who isn't. The fact is, all of Cisco's cert exams, even the CCIE, can only cover a small subset of what a network engineer really needs to know. One prime example is the ability to troubleshoot layer-1 WAN problems. This topic is not covered at all in the lab, because you obviously are not going to have any layer-1 problems using back2back serial connections. But layer-1 WAN problems happen all the time in the real world. So a guy who knows all about route redistribution, but doesn't know what to do when the T-1 line goes down is not a particularly useful employee. That's just one example, but there are many others. Now, like I said, there's nothing wrong with getting a cert, as long as you are willing to admit (especially to yourself) the things you know and don't know, and that you're still willing to learn. Again, the problem comes when a guy obtains a cert and believes he is now great and doesn't need to learn more, and deserves the same stature as others with the same cert (but have been around the industry a lot longer). norco wrote in message news:[EMAIL PROTECTED]; i agree. that 'lab rat' bullshit has been created by cisco engineers fearful of their status/positions because nowadays anyone get reasonable proficient at cisco routing and switching - which SHOULD be the case!! I remember people (and they still do) cryin' the frickin' blues beacuse people were paper certified, and that they had no hands-on experience. Well, now that they are getting hands-on experience albeit in a lab environment (which is in some cases presents a more convoluted routing and switching environment because it allows them to set the level of complexity depending on the amount and type of lab equipment...phew - long comment) - they have the audacity to label them 'lab rats' - honestly i think these fucks expect you to be born with this knowledge!! By all means get stuck into your lab - get your CCNP, go for the CCIE and improve your standard of living - after all that's what this is all about - don't let a bunch of narrow-minded, paranoid, tall-poppy syndrome minded dicks dictate what you should or should not do. B Rudy wrote in message news:[EMAIL PROTECTED]; Hey guys, I have been looking for a job for the past 8 months. I decided to get some professional Cisco training since the market was doing so badly. I have read some message boards talking about CCIE lab rats, and how they are a disgrace.. I dont want to be looked at like that. I have purchased a year of training where I can utilize all the Cisco equipment they have on their premises. I am going to be a lab rat for a while.. Will i be able to find a job once i am a ccnp and proficcient with Cisco and their equipment?? That lab rat being a disgrace comment is totally absurd my bio: B.S in Telecommunications No experience in the field-but a lot in the labs CCDA CCNA Network+ MCSE 2k LPI 1 A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37204t=37130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF Network Types [7:37205]
I've been reading the CCO configuration guides and I now have a question. What is the difference between the following: ip ospf network point-to-multipoint and ip ospf network point-to-multipoint non-broadcast ?? More specifically, I really want to know when you would use the latter command. The example given on CCO is if we have excluded the broadcast keyword from a frame relay map. I don't think I've ever seen anyone configure a frame map without that keyword so I don't know why you'd ever want to do that. Any thoughts here? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37205t=37205 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Lab Rat [7:37130]
Wow I never participate in these kinds of discussions because its a waste of bandwidth and time, and most of us know we don't know everything and the more you know, the more you know you don't know! You just have to have know where and what resources to turn to when needed, and I wanted to say that sakky hit the nail right on the head. Scott -Original Message- From: sakky [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:53 PM To: [EMAIL PROTECTED] Subject: Re: CCNP Lab Rat [7:37130] Look. There's nothing wrong with increasing your knowledge. Everybody has to start somewhere. The problem arises when guys who are certified, but have little experience, still expect to get the same pay and respect as somebody who's been doing it for awhile. Or worse, they try to fake their way around by claiming knowledge they don't have. Then they inevitably screw something up, which not only means more work for the other guys because they have to clean up the mess, but also means that hiring managers get suspicious of everybody because they don't know who's good and who isn't. The fact is, all of Cisco's cert exams, even the CCIE, can only cover a small subset of what a network engineer really needs to know. One prime example is the ability to troubleshoot layer-1 WAN problems. This topic is not covered at all in the lab, because you obviously are not going to have any layer-1 problems using back2back serial connections. But layer-1 WAN problems happen all the time in the real world. So a guy who knows all about route redistribution, but doesn't know what to do when the T-1 line goes down is not a particularly useful employee. That's just one example, but there are many others. Now, like I said, there's nothing wrong with getting a cert, as long as you are willing to admit (especially to yourself) the things you know and don't know, and that you're still willing to learn. Again, the problem comes when a guy obtains a cert and believes he is now great and doesn't need to learn more, and deserves the same stature as others with the same cert (but have been around the industry a lot longer). norco wrote in message news:[EMAIL PROTECTED]; i agree. that 'lab rat' bullshit has been created by cisco engineers fearful of their status/positions because nowadays anyone get reasonable proficient at cisco routing and switching - which SHOULD be the case!! I remember people (and they still do) cryin' the frickin' blues beacuse people were paper certified, and that they had no hands-on experience. Well, now that they are getting hands-on experience albeit in a lab environment (which is in some cases presents a more convoluted routing and switching environment because it allows them to set the level of complexity depending on the amount and type of lab equipment...phew - long comment) - they have the audacity to label them 'lab rats' - honestly i think these fucks expect you to be born with this knowledge!! By all means get stuck into your lab - get your CCNP, go for the CCIE and improve your standard of living - after all that's what this is all about - don't let a bunch of narrow-minded, paranoid, tall-poppy syndrome minded dicks dictate what you should or should not do. B Rudy wrote in message news:[EMAIL PROTECTED]; Hey guys, I have been looking for a job for the past 8 months. I decided to get some professional Cisco training since the market was doing so badly. I have read some message boards talking about CCIE lab rats, and how they are a disgrace.. I dont want to be looked at like that. I have purchased a year of training where I can utilize all the Cisco equipment they have on their premises. I am going to be a lab rat for a while.. Will i be able to find a job once i am a ccnp and proficcient with Cisco and their equipment?? That lab rat being a disgrace comment is totally absurd my bio: B.S in Telecommunications No experience in the field-but a lot in the labs CCDA CCNA Network+ MCSE 2k LPI 1 A+ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37206t=37130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Snapshot routing Not working? [7:37207]
Hello, Have 2 routers, Remote and Central configed for Snapshot routing over a BRI line using Dialer profiles and Rip. Remote is the client and Central the server. When the active timer expires, I thought that the routing tables would stay 'frozen' meaning that the Rip learned routes would still show up in the routing table of either router. But infact, it disappears!! Is this how snapshot routing supposed to work? I basically took the example from CCO. Please advise. Thank you. Here is the config on router Remote, the client and also the sequence of events before the routes disappear!! Remote#sh ru int b0/0 interface BRI0/0 no ip address no ip directed-broadcast encapsulation ppp no ip route-cache no ip mroute-cache dialer pool-member 1 isdn switch-type basic-ni isdn spid1 055531 5553000 isdn spid2 055521 5552000 end Remote#sh ru int d 1 interface Dialer1 ip unnumbered Loopback0 no ip directed-broadcast encapsulation ppp dialer remote-name TS-Central dialer idle-timeout 140 dialer string 5551000 dialer load-threshold 2 either dialer snapshot 1 dialer pool 1 dialer-group 1 snapshot client 5 8 dialer ppp authentication chap ppp multilink end Remote#sh ip route 17.0.0.0/32 is subnetted, 1 subnets C 17.17.17.17 is directly connected, Loopback17 R16.0.0.0/8 [120/1] via 1.1.1.1, Dialer1 1.0.0.0/32 is subnetted, 1 subnets Remote#sh snap Current state: active, remaining/exchange time: 1/5 minutes Remote# 1d12h: SNAPSHOT: Dialer1[1]: moving to client post active-quiet queue Remote#sh snap Current state: client post active-quiet, remaining time: 2 minutes Remote# 1d12h: %ISDN-6-DISCONNECT: Interface BRI0/0:1 disconnected from 5551000 5551000, call lasted 4 25 seconds 1d12h: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down Remote# 1d12h: %DIALER-6-UNBIND: Interface BRI0/0:1 unbound from profile Dialer1 Remote# 1d12h: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1, changed state to down Remote# 1d12h: %ISDN-6-DISCONNECT: Interface BRI0/0:2 disconnected from 5552000 , call lasted 483 seco nds 1d12h: %LINK-3-UPDOWN: Interface BRI0/0:2, changed state to down Remote#sh ip route 1d12h: %DIALER-6-UNBIND: Interface BRI0/0:2 unbound from profile Dialer1 Remote# 1d12h: SNAPSHOT: Dialer1[1]: moving to quiet queue Remote#sh snap Current state: quiet, remaining: 7 minutes Remote#sh ip route 17.0.0.0/32 is subnetted, 1 subnets C 17.17.17.17 is directly connected, Loopback17 2.0.0.0/32 is subnetted, 1 subnets C 2.2.2.2 is directly connected, Loopback0 Remote# What happened to the Rip learned route?? Thank you. _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37207t=37207 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Network Types [7:37205]
Here's what I found on CCO: The non-broadcast keyword used with the point-to-multipoint keyword first appeared in Cisco IOS Release 11.3 AA. Using this feature, you can configure broadcast networks as nonbroadcast multiaccess (NBMA) networks when, for example, you have routers in your network that do not support multicast addressing. -- RFC 1149 Compliant. John Neiberger wrote in message news:[EMAIL PROTECTED]; I've been reading the CCO configuration guides and I now have a question. What is the difference between the following: ip ospf network point-to-multipoint and ip ospf network point-to-multipoint non-broadcast ?? More specifically, I really want to know when you would use the latter command. The example given on CCO is if we have excluded the broadcast keyword from a frame relay map. I don't think I've ever seen anyone configure a frame map without that keyword so I don't know why you'd ever want to do that. Any thoughts here? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37208t=37205 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Network Types [7:37205]
I had a hard time believing that there would be a router that didn't support multicast until I looked up some old UseNet articles: From: Nick Filimonov Subject: Non-multicast point-to-point and OSPF Date: 1997/04/06 Message-ID: #1/1 Organization: IREX/Moscow Newsgroups: comp.dcom.sys.cisco Hello, I have a Cisco 2501 with 11.2(4) connected to the PC (running gated) with a synchronous serial. I'm trying to make OSPF work over this link. Both routers are in the same area. The problem is that synchronous port within PC does not support multicasting. After some experiments, we've made both routers to be ajacent, using ip ospf network non-broadcast statement. But, in this case, Cisco assumes, that Serial0 is not point-to-point, reports that Link connected to: Transit network, and finally declares Adv. router is not-reachable, preventing direct routes from gated to be installed in the database. Declaring PC as a neighbor does not help. If I declare ip ospf network point-to-multipoint, Cisco reports Serial0 as connected to: Another router (point-to-point), temporary gets FULL state, get routes installed, and after dead time losts adjacency (since PC can't hear multicasts). THE QUESTION IS: Is there any way to tell Cisco, that Serial0 is point-to-point NON-MULTICAST interface, OR to tell OSPF that neighboring router is reachable via specific interface? -- Nikolas S. Filimonov, System Administrator, IREX/Moscow -- RFC 1149 Compliant. Steven A. Ridder wrote in message news:[EMAIL PROTECTED]; Here's what I found on CCO: The non-broadcast keyword used with the point-to-multipoint keyword first appeared in Cisco IOS Release 11.3 AA. Using this feature, you can configure broadcast networks as nonbroadcast multiaccess (NBMA) networks when, for example, you have routers in your network that do not support multicast addressing. -- RFC 1149 Compliant. John Neiberger wrote in message news:[EMAIL PROTECTED]; I've been reading the CCO configuration guides and I now have a question. What is the difference between the following: ip ospf network point-to-multipoint and ip ospf network point-to-multipoint non-broadcast ?? More specifically, I really want to know when you would use the latter command. The example given on CCO is if we have excluded the broadcast keyword from a frame relay map. I don't think I've ever seen anyone configure a frame map without that keyword so I don't know why you'd ever want to do that. Any thoughts here? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37210t=37205 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: WHERE CAN I FIND AN ISDN SIMULATOR [7:37125]
www.arcatech.com www.teltone.com www.cheapisdn.com mindiani mindiani wrote in message news:[EMAIL PROTECTED]; Where can I buy an ISDN simulator for my home LAB ?. MSN Photos is the easiest way to share and print your photos: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37209t=37125 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: encapsulation failed on ISDN line [7:37119]
thanks, good going. Always good to get otjt answers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37211t=37119 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Best CVoice on the west coast [7:37212]
I'm looking for information on training providers that do an excellent job of delivering the CVOICE class. I finally work for a company that wants to invest in my skill set! TIA, Bill Pearch, Anchorage AK Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37212t=37212 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLSM and CIDR [7:37031]
If you do ip summary-address rip n.n.n.n m.m.m.m on an interface, this will work as CIDR. -- RFC 1149 Compliant. Andrew Cook wrote in message news:[EMAIL PROTECTED]; I duplicated this effect. It seems the whole problem lies with RIP network statements. Although RIPv2 itself can carry classless info, the network statement to turn RIP on for an interface is classful. Until Cisco allows the inclusion of netmask info in the network statement as they do for other routing protocols, I would guess that redistribution is the only way to make this work - and I'd wager that they aren't really devoting a lot of development time to RIP anymore! Incidentally, I created a supernet on a loopback with a /22 and then tried putting all 4 class Cs into RIP as networks to see if that would magically fix it - it did not. Can anyone confirm RIPv2 operation on other vendor equipment? Does anyone allow a CIDR netblock as a native RIP interface without redistribution? PS - as to the need for RIPv2 on a modern network, I am still forced to use it in many cases for MPLS/VPN. The only routing choices to a CE router are static, RIPv2, BGP, and OSPF. OSPF is limited because each instance uses up one protocol descriptor block (PDB), of which you can only have 32. Static is easy for small customers, but larger ones will almost certainly require dynamic routing. That leaves us the choice of BGP or RIPv2. It all depends on whether the end user is comfortable using BGP. Almost everyone has set up RIP before, so it seems to be the catchall. Andrew Cook Chuck wrote in message news:[EMAIL PROTECTED]; well, to continue to beat this dead horse ( like anyone cares about RIPv2 CIDR anyway ) Gateway of last resort is not set 172.17.0.0/24 is subnetted, 1 subnets C 172.17.1.0 is directly connected, TokenRing0 173.4.0.0/24 is subnetted, 1 subnets C 173.4.57.0 is directly connected, Loopback0 161.52.0.0/24 is subnetted, 1 subnets R 161.52.1.0 [120/1] via 132.31.99.8, 00:00:24, Virtual-Access1 132.31.0.0/16 is variably subnetted, 2 subnets, 2 masks C 132.31.99.8/32 is directly connected, Virtual-Access1 C 132.31.99.0/24 is directly connected, Virtual-Access1 C192.168.0.0/24 is directly connected, Serial0 C192.168.1.0/24 is directly connected, Serial1 C200.0.0.0/8 is directly connected, Loopback101 R201.0.0.0/15 [120/5] via 132.31.99.8, 00:00:11, Virtual-Access1 R96.0.0.0/4 [120/5] via 132.31.99.8, 00:00:00, Virtual-Access1 R203.0.0.0/8 [120/5] via 132.31.99.8, 00:00:00, Virtual-Access1 R129.0.0.0/12 [120/5] via 132.31.99.8, 00:00:00, Virtual-Access1 C181.48.0.0/13 is directly connected, Loopback201 R7# note all the CIDR routes in the routing table, all learned via RIP. How? interface Loopback101 ip address 201.0.0.1 255.254.0.0 ! interface Loopback1001 ip address 203.0.0.1 255.0.0.0 ! interface Loopback1002 ip address 129.1.1.1 255.240.0.0 ! interface Loopback1003 ip address 100.1.1.1 240.0.0.0 ! router rip version 2 redistribute connected metric 5 network 132.31.0.0 network 161.52.0.0 network 201.0.0.0 no auto-summary you apparently do have to redistribute the CIDR routes into RIPv2. Silly me. Why wouldn't that be obvious? Chuck Chuck wrote in message news:[EMAIL PROTECTED]; kinda in answer to your private message: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c /ipcprt2/1cdrip.htm watch the wrap according to this, Cisco's implementation of Ripv2 does indeed support CIDR On the other hand, getting this to work appears to be problematic. A check of Doyle shows no CIDR example for Ripv2 A look though Large Scale IP Network Solutions yields this interesting sentence: RIPV2 is able to support classless interdomain routes. It can propagate a classless route through redistribution I can't get a damn CIDR route to show up in the RIPv2 table no matter how many hokey pokies I do. At this point I'm going to assume you have tried RipV2 and have had the same frustration I just had - seeing no CIDR routes. This calls for a bit more research. Chuck Chuck wrote in message news:[EMAIL PROTECTED]; I think you're trying to outsmart yourself. Can't be done!!! ;- I showed you in my private reply the result of the EIGRP test I set up. The answer was no problem I also know from long lab rat experience that it is not a problem with OSPF. I have not tried with either IS-IS or Ripv2, but again, why not? there may be issues with older IOS code. Some vendor older models may not support it. But I have no reason based on my experience, to believe that it is an issue with current IOS code. Chuck Pierre-Alex Guanel wrote in message
AUX TTY [7:37214]
Whats a Technical Difference b/w AUX and TTY ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37214t=37214 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hey norco [7:37146]
hey I'm just amazed that all these responses with the f* word got through the list's amazing filters - Original Message - From: norco To: Sent: Monday, 04 March, 2002 17:34 Subject: Re: hey norco [7:37146] hey man don't mention it...! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37215t=37146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: basic OSPF questions [7:37142]
One thing to remember is that OSPF costs are calculated unidirectionally. For example, A's cost to C could be very different from C's cost to A. In general, IP traffic has to be engineered in both directions and it for some networks asymmetry in flow might make sense. I can't think of a reason off hand while watching a hockey game, but experience has taught me that many odd looking designs are rooted in rational, informed theory. Pete At 04:05 PM 3/4/2002 -0500, Ouellette, Tim wrote: I have a question regarding # 2. let's say both routera and router b are connected and advertising the link between them to router c. The connection from routera to routerc is a 64k frame circuit. The link betwen routerb and routerc is a 64k ISDN (1 b). If routera advertises the network between itself and routerb with a cost of 10, and routerb advertises that same network with a cost of 100. All other things being equal when routerc gets the two updates, he will prefer to take the frame circuit towards routera to get to that network. Why would anyways want this? What if the circuit between routerb and routerc was a backup ISDN that you had to pay extra for to bring up during normal business hours or something like that. I guess it all comes down to what your network is doing. Whether two boxes advertise the same cost to a network is really only dependent upon which path you want to take to get there. If they both advertise the same, you may potentially load balance. If that's not desired, crank up the cost of one of those boxes so it's path is less-desirable. router a --- routerb \/ \ / \/ routerc Was I just rambling? Did that make sense. Tim -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:48 PM To: [EMAIL PROTECTED] Subject: Re: basic OSPF questions [7:37142] At 08:59 AM 3/4/02, bergenpeak wrote: 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? I couldn't find anything in RFC 2328 that says that two routers connected to a link MUST agree on the cost. The RFC writers use the term MUST carefully. If it were required, they would put it in the RFC. I think it would be a good idea to make them agree, though Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37217t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written - ATM Questions [7:37176]
Doesn't hurt. No one is telling the actual questions. It is far less helpful than practice exams... Tarek Sabry wrote: I think we should not be talking about the contents of the exams or how much of this or that. Doesn't do anyone any good. No offense please. Tarek -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Woods, Randall, SOLCM Sent: Monday, March 04, 2002 2:15 PM To: [EMAIL PROTECTED] Subject: RE: CCIE Written - ATM Questions [7:37176] I think I had about 2 maybe 3 questions last Thursday. Woody CCNP -Original Message- From: Audy Bautista [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:38 PM To: [EMAIL PROTECTED] Subject: CCIE Written - ATM Questions [7:37176] Hi all. I'm taking my CCIE written this afternoon and I'm wondering if there's a lot of ATM questions on the exam? I'm doing some heavy cramming so I just want to know if I should concentrate on ATM. Any other tips would be appreciated. Thanks. Audy -- Ishrat Nadeem Zahid CCNP Cisco Systems,Inc. Chelmsford, MA 01824 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37216t=37176 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 3508G XL , 2950T-24 [7:37098]
You will need the updated IOS for this GBIC. Being a newer GBIC, the older IOS won't recognize it so run the upgrade and it will work. To confirm this, type sh int g0/1 (g0/2, etc..) and the output will tell you if the GBIC is recognized or not. Rik -Original Message- From: Chuck Collins [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 8:22 AM To: [EMAIL PROTECTED] Subject: RE: Catalyst 3508G XL , 2950T-24 [7:37098] I wouldn't upgrade the IOS. We had a 3550 that was doing the same thing (GBIC not blinking at all). We called into TAC and got a replacement. We did the upgrade first and when the switch would boot it would no recognize the Ethernet controller. It may be different for you since you have a 3508. I guess you would need to ask yourself do I feel lucky? Good Luck, Chuck Collins -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 10:33 AM To: [EMAIL PROTECTED] Subject: Catalyst 3508G XL , 2950T-24 [7:37098] Dear all I need clarification regarding these two points thanking your help in proceed, First point: We have Catalyst 3508G XL , 8 GBIC slots , 12.0(5.2)XU IOS software. We tried to make operate it but the GBIC was not blinking at all , as I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/ins tnot e.htm , I got conclusion that the switches detect and enable the GBIC only when they are running the minimum software releases which in case of Catalyst 3508G XL Cisco the minimum IOS Release is 12.0(5)XW , so in order to enable the GBIC we have to upgrade the IOS software from 12.0(5.2)XU to 12.0(5)XW . Second point: we have Catalyst 2950T-24 Switch-24 10/100 ports and 2 fixed 10/100/1000BaseT uplink ports, IOS available 12.0(5.3)WC(1). As I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/2950_wc/1169 303. htm , I got conclusion that we do not have to upgrade the ios image because the ios will support the following: Catalyst 2950T-24 24 fixed autosensing 10/100 ports and 2 fixed autosensing 10/100/1000 Ethernet ports. please tell me if there is something missing here , the equipment is placed far away from our office we need to put the network on there as soon as possible , in case we have to upgrade the ios of the any platform then please let us go ahead solving this issue. Warm regards, Ismail Al-shelh Network Engineer [GroupStudy.com removed an attachment of type application/ms-tnef] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37218t=37098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 3508G XL , 2950T-24 [7:37098]
That's not good advice. An LX GBIC uses a laser transmitter, which is powerful enough to burn a hole in your retina as a coworker of mine found out. Besides, this is a copper GBIC so no light to see. 12.0(5.3) is a new enough IOS to recognize the copper GBIC so this version will work on all of your 3500 switches. Rik -Original Message- From: Kaminski, Shawn G [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 10:07 AM To: [EMAIL PROTECTED] Subject: RE: Catalyst 3508G XL , 2950T-24 [7:37098] I don't believe that it's the IOS on the 3508. First, check to make sure your fiber is connected correctly. When the switch is powered up, you can see which side the laser is on in the GBIC connector. Then, if you cup the fiber in your hands, briefly (very briefly) look to see which connector the laser is on. Then make sure that the connector with the laser goes to the connector on the switch without the laser. If this isn't the problem, there's a good chance it's probably a bad GBIC. Shawn K. -Original Message- From: Chuck Collins [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 8:22 AM To: [EMAIL PROTECTED] Subject: RE: Catalyst 3508G XL , 2950T-24 [7:37098] I wouldn't upgrade the IOS. We had a 3550 that was doing the same thing (GBIC not blinking at all). We called into TAC and got a replacement. We did the upgrade first and when the switch would boot it would no recognize the Ethernet controller. It may be different for you since you have a 3508. I guess you would need to ask yourself do I feel lucky? Good Luck, Chuck Collins -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 10:33 AM To: [EMAIL PROTECTED] Subject: Catalyst 3508G XL , 2950T-24 [7:37098] Dear all I need clarification regarding these two points thanking your help in proceed, First point: We have Catalyst 3508G XL , 8 GBIC slots , 12.0(5.2)XU IOS software. We tried to make operate it but the GBIC was not blinking at all , as I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/1000gbic/ins tnot e.htm , I got conclusion that the switches detect and enable the GBIC only when they are running the minimum software releases which in case of Catalyst 3508G XL Cisco the minimum IOS Release is 12.0(5)XW , so in order to enable the GBIC we have to upgrade the IOS software from 12.0(5.2)XU to 12.0(5)XW . Second point: we have Catalyst 2950T-24 Switch-24 10/100 ports and 2 fixed 10/100/1000BaseT uplink ports, IOS available 12.0(5.3)WC(1). As I had read this document http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/2950_wc/1169 303. htm , I got conclusion that we do not have to upgrade the ios image because the ios will support the following: Catalyst 2950T-24 24 fixed autosensing 10/100 ports and 2 fixed autosensing 10/100/1000 Ethernet ports. please tell me if there is something missing here , the equipment is placed far away from our office we need to put the network on there as soon as possible , in case we have to upgrade the ios of the any platform then please let us go ahead solving this issue. Warm regards, Ismail Al-shelh Network Engineer [GroupStudy.com removed an attachment of type application/ms-tnef] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37219t=37098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: hey norco [7:37146]
Well i'm glad they did make it through - the f* word is indeed an effective form of punctuation - the next generation exclamation point. Kevin Wigle wrote in message news:[EMAIL PROTECTED]; hey I'm just amazed that all these responses with the f* word got through the list's amazing filters - Original Message - From: norco To: Sent: Monday, 04 March, 2002 17:34 Subject: Re: hey norco [7:37146] hey man don't mention it...! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37220t=37146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP Bandwidth statements [7:37221]
Hi All Can someone clarify the rules for EIGRP bandwidth statements in a frame relay environment with point to point subinterfaces?? Is it more preferred to place the statement on the port itself or each subinterface? Assuming equal and unequal CIR's Thank You MikeD. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37221t=37221 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Snapshot routing Not working? [7:37207]
where's ur dialer map snapshot ?? Nick Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37222t=37207 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: basic OSPF questions [7:37142]
One thing to remember is that OSPF costs are calculated unidirectionally. For example, A's cost to C could be very different from C's cost to A. In general, IP traffic has to be engineered in both directions and it for some networks asymmetry in flow might make sense. I can't think of a reason off hand while watching a hockey game, but experience has taught me that many odd looking designs are rooted in rational, informed theory. Pete There's a whole class of applications for this sort of thing, and indeed there is a Unidirectional Link Routing group in the IETF for dealing with them. Much of the leading research work is in France, where practical applications deal with using high-bandwidth satellite links in one direction to deliver educational content to Africa, and a low-speed terrestrial return link for acknowledgements. At 04:05 PM 3/4/2002 -0500, Ouellette, Tim wrote: I have a question regarding # 2. let's say both routera and router b are connected and advertising the link between them to router c. The connection from routera to routerc is a 64k frame circuit. The link betwen routerb and routerc is a 64k ISDN (1 b). If routera advertises the network between itself and routerb with a cost of 10, and routerb advertises that same network with a cost of 100. All other things being equal when routerc gets the two updates, he will prefer to take the frame circuit towards routera to get to that network. Why would anyways want this? What if the circuit between routerb and routerc was a backup ISDN that you had to pay extra for to bring up during normal business hours or something like that. I guess it all comes down to what your network is doing. Whether two boxes advertise the same cost to a network is really only dependent upon which path you want to take to get there. If they both advertise the same, you may potentially load balance. If that's not desired, crank up the cost of one of those boxes so it's path is less-desirable. router a --- routerb \/ \ / \/ routerc Was I just rambling? Did that make sense. Tim -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 2:48 PM To: [EMAIL PROTECTED] Subject: Re: basic OSPF questions [7:37142] At 08:59 AM 3/4/02, bergenpeak wrote: 2) Must a link cost be the same on for all routers that share the link? Is there a protocol reason for this? Some other reason? I couldn't find anything in RFC 2328 that says that two routers connected to a link MUST agree on the cost. The RFC writers use the term MUST carefully. If it were required, they would put it in the RFC. I think it would be a good idea to make them agree, though Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37223t=37142 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: hey norco [7:37146]
I'll bet the people you work with are really impressed when you use the F* word in meetings at work Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of norco Sent: Monday, March 04, 2002 7:17 PM To: [EMAIL PROTECTED] Subject: Re: hey norco [7:37146] Well i'm glad they did make it through - the f* word is indeed an effective form of punctuation - the next generation exclamation point. Kevin Wigle wrote in message news:[EMAIL PROTECTED]; hey I'm just amazed that all these responses with the f* word got through the list's amazing filters - Original Message - From: norco To: Sent: Monday, 04 March, 2002 17:34 Subject: Re: hey norco [7:37146] hey man don't mention it...! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37224t=37146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix NAT - Two to one [7:37179]
Adding a second IP to the internal host is the only way I know of useing the PIX. Rich wrote in message news:[EMAIL PROTECTED]; Why not add an additional ip to the internal host and have two nats? - Original Message - From: Gaz To: Sent: Monday, March 04, 2002 3:06 PM Subject: Pix NAT - Two to one [7:37179] Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37225t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
LRE Switch Configuration [7:37226]
Looking for LRE Configuration Documentation. Anyone? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37226t=37226 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Network Types [7:37205]
John, For Frame-Relay PVCs, you would use: ip ospf network point-to-multipoint But for Frame-Relay SVCs or ATM SVCs, you would use: ip ospf network point-to-multipoint non-broadcast Best Regards, Hunt Lee John Neiberger wrote in message news:[EMAIL PROTECTED]; I've been reading the CCO configuration guides and I now have a question. What is the difference between the following: ip ospf network point-to-multipoint and ip ospf network point-to-multipoint non-broadcast ?? More specifically, I really want to know when you would use the latter command. The example given on CCO is if we have excluded the broadcast keyword from a frame relay map. I don't think I've ever seen anyone configure a frame map without that keyword so I don't know why you'd ever want to do that. Any thoughts here? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37227t=37205 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF Question [7:37228]
I believe someone might have mentioned this already but since I'm studying it right now I thought I'd ask again... It would be greatly appreciated if someone can shed some light on this. For OSPF, I understand that a flapping subnet will cause LSAs to be flooded throughout the internetwork at each state transition. However, my question is: TCP / IP Vol1 by Jeff Doyle says if a subnet is summarized by a summary address, the subnet's instability will no longer be advertised. But if this is the case, then what happens if:- e.g. Router A advertised a summary route (advertising subnet 172.20.10.0 /24 to Router B. Now if a host in that subnet (say 172.20.10.1 is bouncing) - if this instability is hidden by the summary route, does it mean that Router B wouldn't realized that 172.20.10.1 is flapping, and continues to forward packets to it? Please help... Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37228t=37228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ATM SVCs, was Re: OSPF Network Types [7:37205]
This brings up another point that's been bugging me lately. When would you ever implement ATM SVCs? It seems that modern networks tend to be very chatty and there's generally a lot going on, especially if you're running a routing protocol. This would tend to keep the SVC up all or most of the time. If that's the case, why not just nail up PVCs and be done with it? I can't think of a good example off the top of my head where it would be a _Really Good Idea_ to implement SVCs. I suppose it's possible to have networks where connections aren't up all the time, but when they are you need the capabilities inherent in ATM. However, I just can't think of a really good example where SVCs would be a superior choice vs. PVCs. Any thoughts? John On Mon, 4 Mar 2002, Hunt Lee ([EMAIL PROTECTED]) wrote: John, For Frame-Relay PVCs, you would use: ip ospf network point-to-multipoint But for Frame-Relay SVCs or ATM SVCs, you would use: ip ospf network point-to-multipoint non-broadcast Best Regards, Hunt Lee John Neiberger wrote in message news:[EMAIL PROTECTED]; I've been reading the CCO configuration guides and I now have a question. What is the difference between the following: ip ospf network point-to-multipoint and ip ospf network point-to-multipoint non-broadcast ?? More specifically, I really want to know when you would use the latter command. The example given on CCO is if we have excluded the broadcast keyword from a frame relay map. I don't think I've ever seen anyone configure a frame map without that keyword so I don't know why you'd ever want to do that. Any thoughts here? Thanks, John [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37229t=37205 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Security Lab [7:17848]
really? -- I have an official statement from Cisco that says that there will be no UNIX, only NT. I was there and it's true. MS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37230t=17848 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Question [7:37228]
unless you are advertising a host route, I don't think there would be any effect here. and to be truthful, I'm not sure that the routing process cares one way or another so long as the particular router's LAN port is functional. the routing table would show that host route 172.20.10.1 is reachable via network 172.20.10.0 as long as the router interface in network 172.20.10.0 is operational. haven't tested, just thinking out loud. Chuck Hunt Lee wrote in message news:[EMAIL PROTECTED]; I believe someone might have mentioned this already but since I'm studying it right now I thought I'd ask again... It would be greatly appreciated if someone can shed some light on this. For OSPF, I understand that a flapping subnet will cause LSAs to be flooded throughout the internetwork at each state transition. However, my question is: TCP / IP Vol1 by Jeff Doyle says if a subnet is summarized by a summary address, the subnet's instability will no longer be advertised. But if this is the case, then what happens if:- e.g. Router A advertised a summary route (advertising subnet 172.20.10.0 /24 to Router B. Now if a host in that subnet (say 172.20.10.1 is bouncing) - if this instability is hidden by the summary route, does it mean that Router B wouldn't realized that 172.20.10.1 is flapping, and continues to forward packets to it? Please help... Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37231t=37228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Time based ACL on PIX? [7:37198]
Hi all- I sent this out earlier but it didn't seem to post?? Anyway...I was wondering if it is possible to have services behind a PIX restricted to time?? Kinda like how you can with a Checkpoint. Initially I was thinking this was not possible as I have conduit based configurations on all the PIX's I maintainand am unaware of any such option on a conduit. But then I saw the time-range option for an extended ACL. So, my question: Can this be used on a PIX to limit access to a service to say 1 ipand only between certain hours? Has anyone does this...or is it even possible? I hope this makes sense. thanks, matt __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37198t=37198 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix NAT - Two to one [7:37179]
When the two outside addresses are resolved to the single inside address (port 80) everything is OK but when the web server sends back a reply which of the address translations with be used? If the wrong one is picked any firewall will choke on it, and if no firewall, the other end of the connection may get traffic from a source address it doesn't know anything about. End result is that the two outside addresses need to be associated with two distict inside addresses. Hope this helps, Scott --- On Mon 03/04, Gaz wrote: Eventually, two separate static commands for two separate outside addresses going to two separate DMZ addresses. At the moment there is just one machine inside. Possibility of putting multiple addresses on the server but preferred option is not to do this. What I would like to miss out is the time required to wait for DNS to propagate when I split the single outside address to two. If I can leave the DNS pointing to two addresses and make the changes at the required time, there is no delay involved. Thanks, Gaz Patrick Ramsey wrote in message news:[EMAIL PROTECTED]; what is the overall goal? Gaz 03/04/02 03:06PM Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37232t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pix NAT - Two to one [7:37179]
pix will respond with error if you do more than 1 static command (specify more than one public private translation, using the static command). Pix dosent offer extendable either (im running 6 train on the pix) Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Hire, Ejay [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:52 PM To: [EMAIL PROTECTED] Subject: RE: Pix NAT - Two to one [7:37179] On a cisco router, you use the Extendable command. not sure about the pix. -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:07 PM To: [EMAIL PROTECTED] Subject: Pix NAT - Two to one [7:37179] Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37200t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN [7:37123]
ebay.com. mindiani mindiani wrote in message news:[EMAIL PROTECTED]; Where can I buy an ISDN simulator for my home LAB ?. Chat with friends online, try MSN Messenger: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37169t=37123 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CIT Support Passing Score [7:37113]
My first post was changed somehow. Here is what I wrote: Varies. 690 to 710 out of 1000. Through Complexity there is Simplicity, Through Simplicity there is Complexity David L. Blair - CCNP, CCNA, MCSE, CBE, CIW Associate, A+, 3Wizard john jones wrote in message news:[EMAIL PROTECTED]; All, What's the passing score for the 640-506 support exam. Thanks, John __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37138t=37113 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CIT Support Passing Score [7:37113]
once again, if your prepared for the test and know the subject matter, the score to pass isn't an issue. Larry Letterman Cisco Systems [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of David L. Blair Sent: Sunday, March 03, 2002 5:13 PM To: [EMAIL PROTECTED] Subject: Re: CIT Support Passing Score [7:37113] -dlb john jones wrote in message news:[EMAIL PROTECTED]; All, What's the passing score for the 640-506 support exam. Thanks, John __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37121t=37113 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
lab equipment recommendation [7:37172]
I'm looking for suggestions as to what equipment might be useful in training for the ccie lab. I have developed what I believe would be a good lab (listed below), however, I'm trying to put together a definitive list as asking more than once for a budget is not easy. Also, if anyone that has already completed their ccie and have a comprehensive lab for sale, I would be interested in talking with you prior to going to ebay. Current idea list: 2501 2504 2511 3900 5002 2600 with fxs, t1, isdn bri 1750 with fxs and t1 nt server netware server What is immediately lacking in my mind is dslw and atm abilities. Thank you for any and all suggestions. rich. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37172t=37172 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: WHERE CAN I FIND AN ISDN SIMULATOR [7:37125]
www.ebay.com www.cheapisdn.com HTH Jeff mindiani mindiani wrote: Where can I buy an ISDN simulator for my home LAB ?. MSN Photos is the easiest way to share and print your photos: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37151t=37125 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Timed ACL on PIX? [7:37152]
Hello all- I was wondering if it is possible to have time restricted ACL's on a PIX...similiar to what you can do on a Checkpoint? Something that can restrict access to services depending on what time it is. My initial thoughts were NO...as we use conduits on our PIX fleet and I am unaware of any such conduit based command...but then I started looking and noticed the time-range command and am wondering if it is possible to use this feature on an ACL based PIX configuration? Any help is appreciated, thanks - matt __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37152t=37152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CIT Support Passing Score [7:37113]
It's a pass or fail test. You either pass or you do not pass. tm Tim Medley - CCNP+Voice, CCDP Sr. Network Architect VoIP Group iReadyWorld -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of john jones Sent: Sunday, March 03, 2002 6:20 PM To: [EMAIL PROTECTED] Subject: CIT Support Passing Score [7:37113] All, What's the passing score for the 640-506 support exam. Thanks, John __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37126t=37113 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: WHERE CAN I FIND AN ISDN SIMULATOR [7:37125]
I got my Teltone Demonstrator from Bruce 1 800 444 5217 Very satisfied. The beaty of Teltone compared to other simulators is that it is plug and forget. You can concentrate on your scenario instead of tweaking a non-Cisco box. HTH A. Strobel Quoting MJ : www.arcatech.com www.teltone.com www.cheapisdn.com mindiani mindiani wrote in message news:[EMAIL PROTECTED]; Where can I buy an ISDN simulator for my home LAB ?. MSN Photos is the easiest way to share and print your photos: Click Here -_-_-_ Mail3000 gives you 30 Megs of Email space free -_-_- This mail sent through http://mail3000.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37233t=37125 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Question [7:37228]
Comments below On Tue, 5 Mar 2002, Hunt Lee ([EMAIL PROTECTED]) wrote: I believe someone might have mentioned this already but since I'm studying it right now I thought I'd ask again... It would be greatly appreciated if someone can shed some light on this. For OSPF, I understand that a flapping subnet will cause LSAs to be flooded throughout the internetwork at each state transition. However, my question is: TCP / IP Vol1 by Jeff Doyle says if a subnet is summarized by a summary address, the subnet's instability will no longer be advertised. But if this is the case, then what happens if:- e.g. Router A advertised a summary route (advertising subnet 172.20.10.0 /24 to Router B. Now if a host in that subnet (say 172.20.10.1 is bouncing) - if this instability is hidden by the summary route, does it mean that Router B wouldn't realized that 172.20.10.1 is flapping, and continues to forward packets to it? That's exactly right. Router B has no knowledge whatsoever of any hosts in this case. It is only aware of the existence of the /24 being advertised by router A. This isn't quite what Doyle is referring to, though. Let's use a different example. 172.16.1.0/24\ 172.16.2.0/24 --- RA ---(172.16.0.0/22) --- RB 172.16.3.0/24/ Not a great drawing, but here's what's going on. Router A is aware of three /24 networks and it summarizes them to a single /22 before advertising them to Router B. Typically, as long as any one of those /24 prefixes is up Router A will advertise the aggregate. Unless all three routes go down the aggregate--or summary-- gets announced, thus making Router B blissfully unaware of any flapping of individual routes. And you're right, since it would not be aware of the state of any given /24, it would continue to forward traffic for that prefix to Router A. HTH, John Please help... Best Regards, Hunt Lee [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37234t=37228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]