RE: VOIP billing [7:38756]

[George Siaw]

Check out the Avvid product line. I think Cisco Call manager has some
functionality for billing.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Kiran Kumar M
Sent: 19 March 2002 05:43
To: [EMAIL PROTECTED]
Subject: VOIP billing [7:38756]

Hai,

Is there any billing solution available for VOIP in cisco products.??

Thanks,
Kiran




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38759t=38756
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VOIP billing [7:38756]

[Kiran Kumar M]

Thanks for your reply. Any other external software that will compatible
with cisco products also ??

Thanks,
Kiran


On Tue, 19 Mar 2002, George Siaw wrote:

 Check out the Avvid product line. I think Cisco Call manager has some
 functionality for billing.
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
 Kiran Kumar M
 Sent: 19 March 2002 05:43
 To: [EMAIL PROTECTED]
 Subject: VOIP billing [7:38756]
 
 Hai,
 
 Is there any billing solution available for VOIP in cisco products.??
 
 Thanks,
 Kiran




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38760t=38756
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP billing [7:38756]

[Patrick Donlon]

You can use a radius platform for billing in your VoIP network. For small
scale you can use the CallManager or Cisco ACS server billing, for the
larger stuff you need to use Radius accounting and develop your own scripts
to process the records

Cheers
Pat


Kiran Kumar M  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Thanks for your reply. Any other external software that will compatible
 with cisco products also ??

 Thanks,
 Kiran


 On Tue, 19 Mar 2002, George Siaw wrote:

  Check out the Avvid product line. I think Cisco Call manager has some
  functionality for billing.
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
  Kiran Kumar M
  Sent: 19 March 2002 05:43
  To: [EMAIL PROTECTED]
  Subject: VOIP billing [7:38756]
 
  Hai,
 
  Is there any billing solution available for VOIP in cisco products.??
 
  Thanks,
  Kiran




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38761t=38756
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VOIP billing [7:38756]

[TP]

you can see www.netcentrex.net
It is a softswitch solution for billing, tracing and so on in a cisco voip
enviroment.
It is designed for H323 routed gatekeeper.
And it works perfectly with cisco devices.
Hope it helps.
Teresa

  - Original Message -
  From: Kiran Kumar M
  To: [EMAIL PROTECTED]
  Sent: Tuesday, March 19, 2002 9:22 AM
  Subject: RE: VOIP billing [7:38756]


  Thanks for your reply. Any other external software that will compatible
  with cisco products also ??

  Thanks,
  Kiran


  On Tue, 19 Mar 2002, George Siaw wrote:

   Check out the Avvid product line. I think Cisco Call manager has some
   functionality for billing.
  
  
   -Original Message-
   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
   Kiran Kumar M
   Sent: 19 March 2002 05:43
   To: [EMAIL PROTECTED]
   Subject: VOIP billing [7:38756]
  
   Hai,
  
   Is there any billing solution available for VOIP in cisco products.??
  
   Thanks,
   Kiran




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38762t=38756
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Where to find Protocol Type Code in Cisco CD ? [7:38763]

[Ruen-Chze Loh]

 Hi,
 
 I tried searching the Cisco CD for the table of
 Protocol Type Code used in Source Route Bridge
 administrative filter, but could not find any of the
 table. Can someone indicate to me where to find it
 in
 Cisco CD?
 
 What I need is a table for example:
 
 8137-8138   Novell
 80D5IBM SNA Service over Ethernet
 
  Thank-you.
 
 
 
 =
 Thank-you. 
 Regards,
 Paul
 


__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38763t=38763
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

NAT questions-will overlap occur? [7:38764]

[Sim, CT (Chee Tong)]

I found my previous administrator configured the following NAT for my router
(shown below). Our network is in 50.100.X.X and we need to contact a
workstation in 192.168.3.X network (192.168.3.1-192.168.3.100). That's why
he defined the source pool to be from 192.168.3.101 192.168.3.240
  

interface Ethernet0
 description Interface facing Financial Service Provider
 ip address 192.168.3.1 255.255.255.0
 ip nat outside

interface Ethernet1
 description Interface facing Rabobank (Trusted) network
 ip address 50.100.165.240 255.255.255.0
 ip nat inside

ip nat pool XXY 192.168.3.101 192.168.3.240 netmask 255.255.255.0
ip nat inside source list 1 pool XXY

##

Q1)But, when I show IP nat trans. I saw the following, I understand the
first two, but not line 3.  the 192.168.3.118 should be the source address
of returning packet, what is 192.168.3.119 ? 

RBFW2514#sh ip nat trans
Inside global Inside local  Outside localOutside global
--- 192.168.3.117  50.100.165.81 ---   ---
--- 192.168.3.118  50.100.165.210---   ---
--- 192.168.3.119  192.168.3.118


Q2)I understand there is another kind of NAT which work like the following.
Inside global Inside local  Outside localOutside global
192.168.2.2:1234  10.0.0.1:1234  172.21.3.1:23
192.168.2.2:  10.0.0.2:  172.21.3.2:23
192.168.2.2:  10.0.0.3:  172.21.3.4:23

What is the difference these method.  I think both NAT can work.  Why we
don't use these one?

Q3)But in this method, I found a problem what if 10.0.0.1 and 10.0.0.2 use
the same port .  There will be 2X 192.168.2.2: in the inside global.
Will be 192.168.2.2: have problem identify which to be NAT back to
10.0.0.1 or 10.0.0.2.

Thanks a lot
Tong






==
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en 
is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht 
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en 
de afzender direct te informeren door het bericht te retourneren. 
==
The information contained in this message may be confidential 
and is intended to be exclusively for the addressee. Should you 
receive this message unintentionally, please do not use the contents 
herein and notify the sender immediately by return e-mail.


==




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38764t=38764
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Default-information originate [7:38757]

[Steven A. Ridder]

because the always keyword will make the router advertise the default route
even if the link is down. giving false info to rest of network.  It be
better to let the good router handle default traffic.

--

RFC 1149 Compliant.
Get in my head:
http://sar.dynu.com


Hunt Lee  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi,

 Regarding the command default-information originate, I understand that
it
 will cause the router to advertise the default route into OSPF / IS-IS
 domain.  Without this, by default, OSPF / IS-IS will not advertise the
 default route to the other routers.

 As for the [always] keyword for the default-information originate
command,
 I know that it only works for OSPF, but not IS-IS.  Is this the only
 difference? Is there anything else that I may be missing?

 I read up in Jeff Doyle (TCP/IP Vol 1), but it confuses me even more...

 Jeff states that if there's more than one default router, you definitely
 don't want the [always] keyword. but why?

 Best Regards,
 Hunt Lee
 System Engineer
 WebCentral




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38765t=38757
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IP accounting..... [7:38766]

[[EMAIL PROTECTED]]

I was just wondering if I could look at specific protocol types leaving a
specific interfaces(?)

Best Regards
Scott Forbes
www.invsat.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38766t=38766
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IOS MD5 checksum against router checksum. Who to believe? [7:38767]

[George Siaw]

Hi guys,

 

I have a bit problem with this dilemma and just wondering whether
something is out of place. The MD5 checksum on an IOS was calculated
correctly to that on display on Cisco's web site. However, when the file
was loaded on the router its checksum was different.

 

 

Verifying checksum...  invalid (expected 0x7081, computed 0x5944)

 

Now would anybody know whether these checksums are suppose to compliment
each other? 

 

Other defiling factors:

 

Just loaded another image from the same source, link etc (everything
same as previous and all went well). 

 

 

Any ideas guys or is this just one of those wieldos?

 

Regards,

George.

[GroupStudy.com removed an attachment of type image/jpeg which had a name of
image001.jpg]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38767t=38767
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco LRE ( Long Reach Ethernet ) [7:30553]

[Phil Williams]

We just did our first install of LRE for a hotel in North West Florida.
Works great.  The only big issue was the integration of the LRE splitter box
in between the PBX and the hotel wiring.  Having someone who can work the
frame room is a plus.

Phil

Chuck Larrieu  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Is it slow at work today or what?

 I was browsing CCO and ran across something called long reach ethernet

 http://newsroom.cisco.com/dlls/ts_122701.html

 http://www.cisco.com/warp/public/779/servpro/solutions/long_ethernet/

 lots more.

 Interesting product and market. Interesting, because on the surface, it
 doesn't seem like it would be less expensive than re-wiring, but if one
 looks at someplace like a hotel, where ripping walls out to string a new
 wiring infrastructure would be exceedingly disruptive, it makes sense.

 Anyone looked into this? done it? this appears to be a very new product to
 Cisco. the web docs are dated within the last few weeks.

 Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38768t=30553
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Where to find Protocol Type Code in Cisco CD ? [7:38763]

[Robertson, Douglas]

Try this link   http://www.iana.org/assignments/ethernet-numbers

Doug

-Original Message-
From: Ruen-Chze Loh [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 4:56 AM
To: [EMAIL PROTECTED]
Subject: Where to find Protocol Type Code in Cisco CD ? [7:38763]


 Hi,
 
 I tried searching the Cisco CD for the table of
 Protocol Type Code used in Source Route Bridge
 administrative filter, but could not find any of the
 table. Can someone indicate to me where to find it
 in
 Cisco CD?
 
 What I need is a table for example:
 
 8137-8138   Novell
 80D5IBM SNA Service over Ethernet
 
  Thank-you.
 
 
 
 =
 Thank-you. 
 Regards,
 Paul
 


__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38769t=38763
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: compress command unavailable on FR or hdlc intf??.....Why? [7:38770]

[Robert Fowler]

Page 314 Remote Access Book. - For HDLC links, STAC is the only available
choice.

Page 316 - For FRame RElay deployments, use the frame-relay payload-compress
command to enable STAC compression on an interface or a subinterface.

The reason that you can only use payload compression on a framer-relay
interface is becuase the header information needs to remain intact so it can
be read by the switches that the transmission crosses.

Robert

-Original Message-
From: Cisco Nuts [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 18, 2002 9:50 PM
To: [EMAIL PROTECTED]
Subject: compress command unavailable on FR or hdlc intf??.Why?
[7:38746]


Hello,Can't seem to get the compress command to work on Fr intfsAlso
on hdlc inft. only the stac compression shows up Any reason as to
why?? Ex. On a FR inft.RTD(config)#int s0/0
RTD(config-if)#compress ?
% Unrecognized command On a PPP intf.OKRTB(config-if)#compress ?
  mppc   MPPC compression type
  predictor  predictor compression type
  stac   stac compression algorithm
   On a HDLC intf.RTC(config)#int s 0
RTC(config-if)#compress ?
  stac  stac compression algorithm  Thank you for your help.  



Join the worlds largest e-mail service with MSN Hotmail. Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38770t=38770
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: NAT questions-will overlap occur? [7:38764]

[Marc Thach Xuan Ky]

Hi Tong,
The second method you use is twice-NAT, both source and destination
addresses are converted.  This does not work well on Cisco routers
unless all NAT entries are defined statically.  This is sometimes a good
policy anyway where there are only a small number of known connections,
which is often the case when connecting to exchange feeds for instance.

You have an address clash.  Note that a NAT router has only one IP stack
and one routing table.  You cannot have the same network on both sides
of the NAT router.  In your case it might be possible to use a /25 mask
and use .129-.254 for the pool, however, I would not recommend this
without further information from you.

Normally I would want to use a NAT pool that was not present on either
side of the router.  Is there a reason that you are using that pool
anyway?  Is this dictated by the provider, or are they happy to route to
a network that you specify?
You need to know how many servers will be contacted within the financial
services provider, and how many clients on your network, also which way
is the connection made?  Is it a persistent connection?  Is there any
name resolution across the router?

rgds
Marc TXK


Sim, CT (Chee Tong) wrote:
 
 I found my previous administrator configured the following NAT for my
router
 (shown below). Our network is in 50.100.X.X and we need to contact a
 workstation in 192.168.3.X network (192.168.3.1-192.168.3.100). That's why
 he defined the source pool to be from 192.168.3.101 192.168.3.240
 


 interface Ethernet0
  description Interface facing Financial Service Provider
  ip address 192.168.3.1 255.255.255.0
  ip nat outside
 
 interface Ethernet1
  description Interface facing Rabobank (Trusted) network
  ip address 50.100.165.240 255.255.255.0
  ip nat inside
 
 ip nat pool XXY 192.168.3.101 192.168.3.240 netmask 255.255.255.0
 ip nat inside source list 1 pool XXY
 
 ##
 
 Q1)But, when I show IP nat trans. I saw the following, I understand the
 first two, but not line 3.  the 192.168.3.118 should be the source address
 of returning packet, what is 192.168.3.119 ?
 
 RBFW2514#sh ip nat trans
 Inside global Inside local  Outside localOutside global
 --- 192.168.3.117  50.100.165.81 ---   ---
 --- 192.168.3.118  50.100.165.210---   ---
 --- 192.168.3.119  192.168.3.118


 
 Q2)I understand there is another kind of NAT which work like the following.
 Inside global Inside local  Outside localOutside global
 192.168.2.2:1234  10.0.0.1:1234  172.21.3.1:23
 192.168.2.2:  10.0.0.2:  172.21.3.2:23
 192.168.2.2:  10.0.0.3:  172.21.3.4:23
 
 What is the difference these method.  I think both NAT can work.  Why we
 don't use these one?
 
 Q3)But in this method, I found a problem what if 10.0.0.1 and 10.0.0.2 use
 the same port .  There will be 2X 192.168.2.2: in the inside
global.
 Will be 192.168.2.2: have problem identify which to be NAT back to
 10.0.0.1 or 10.0.0.2.
 
 Thanks a lot
 Tong
 
 ==
 De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
 is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
 onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
 de afzender direct te informeren door het bericht te retourneren.
 ==
 The information contained in this message may be confidential
 and is intended to be exclusively for the addressee. Should you
 receive this message unintentionally, please do not use the contents
 herein and notify the sender immediately by return e-mail.
 
 ==




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38771t=38764
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ATM for CCIE [7:38772]

[Persio Pucci]

Folks,

I'm reading the CCIE Resource Kit 2001 Ed., and I think that the amount of
information about ATM that the book covers is just insufficient for the test.
Anybody feels like this? Or is it just enough? Any recommendation for ATM?

Regards,

Persio




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38772t=38772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Who is Priscilla Oppenheimer ? [7:38662]

[Logan, Harold]

No kidding, the art on the ciscopress books doesn't do networkers any
justice at all. If nothing else, they should draw the guy on the copvers so
he fits the techy demographic better: He should have some form of facial
hair, he should be slightly overweight, he should have a cigarette in one
hand and coffee (or mountain dew) in the other, and there's no way he should
be wearing a tie, especially while trying to troubleshoot a connectivity
problem. (Possible exception: the Ties Suck tie on thinkgeek.com)

As for the women on the covers, they should somehow be depicted as
presenting the solution for whatever problem the guy is working on, with the
alpha male stubbornly ignoring them.

(Wonder how many flames I'll get for this one?)

Cheers,
Hal

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Monday, March 18, 2002 5:14 PM
To: [EMAIL PROTECTED]
Subject: RE: Who is Priscilla Oppenheimer ? [7:38662]


I hear that in addition to her network
design work and training she's also doing some modeling for book covers
on the side.  ;-)

Oh good, I am *so* sick of all those chunky men with rolled-up sleeves on 
the Cisco Press books.  Priscilla - even a digitised and modified version 
- has *got* to be better.   ;-)

(Priscilla's going to be doing a lot of paying out...)

JMcL
- Forwarded by Jenny Mcleod/NSO/CSDA on 19/03/2002 09:08 am -


John Neiberger 
Sent by: [EMAIL PROTECTED]
19/03/2002 04:11 am
Please respond to John Neiberger

 
To: [EMAIL PROTECTED]
cc: 
Subject:RE: Who is Priscilla Oppenheimer ? [7:38662]


For a real insight into Priscilla, take a look at her interview with
Fabio at www.routergod.com.  I hear that in addition to her network
design work and training she's also doing some modeling for book covers
on the side.  ;-)

(I know I'm going to pay for that later)

John

 William Gragido  3/18/02 9:50:10 AM 
LOL.  Hey Priscilla, who are you anyways ;-)  What was the name of that
book
you authored? 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
dk
Sent: Monday, March 18, 2002 9:51 AM
To: [EMAIL PROTECTED] 
Subject: Who is Priscilla Oppenheimer ? [7:38662]


Who is this mystery woman .. who seems to know everything !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38773t=38662
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Pix 520 Flash Upgrade [7:38774]

I need to find a pix 520 flash upgrade.  Can anybody point me in the right
direction.  I know I can go to Cisco but they're gonna charge an arm and a
leg for the upgrade.  All ideas are appreciated.

Jason Pehrson
Systems Administrator
Information Systems Department
Naval Support Activity Naples, Italy
[EMAIL PROTECTED]
Work:   (39) 081-568-4316 
Cell:   (39) 347-381-1060
Fax:(39) 081-568-5689
  

[GroupStudy.com removed an attachment of type application/octet-stream which
had a name of Pehrson, Jason Contractor (NSANAP N63).vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38774t=38774
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to monitor the bridging traffic at routers [7:38758]

[John Green]

can someone explain what does this statement mean ?
(with an example of a non-routable protocol)

As we need to cater some non-routable protocols,
bridging is also enabled at all routers.

and how is bridging enabled at a router ? (is this
referring to switching being enabled ?)


--- dovelet  wrote:
 Hi all,
 
 Our company's network are connected using some Cisco
 2500 and Cisco 4000
 routers. As we need to cater some non-routable
 protocols, bridging is also
 enabled at all routers. I would like to know, is
 there any methods to
 monitor which hosts are using bridging through the
 routers? Of course, I can
 use a sniffer to capture the traffic, but the
 network is too large for us to
 do so.
 
 Please advise.
 
 Regards,
 Dovelet
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38775t=38758
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CIT question [7:38776]

[Sergio]

Hi all.

I'm taking the CIT exam on next week. I'm working with the CiscoPress book.

Do I have to know all the outputs of the commands?

I mean, must I know the meaning of each of the parameters shown after you
enter a command?

Thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38776t=38776
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Appreciate Your Expertise On This Strange ARP Problem [7:38778]

[Logan, Harold]

Did you get a chance to take a look at the IP configuration of your DHCP
clients? Router A could have been sending out proxy ARP's (like you already
mentioned) and possibly ICMP redirects to your workstations.

Without the default route, and with the wrong subnet mask, the A router's
routing table looks like this:

C 10.67.2.0/24
S 10.67.1.0/24

Without the default route, the A router doesn't have routes for 10.67.7.x or
10.67.8.x. If the A router is replying when your workstations ARP for your
servers, then your workstations are sending out packets with a destination
IP address of your server, but with a destination MAC of the A router's
ethernet interface. The A router has routes to your servers, so there's no
problem there, except of course for inefficiency. When your servers send
replies back to router A however, the router has no route back to your
workstations. It did when the default route was in place, but without it the
A router has no return path.

That sounds far fetched, but I can't think of another explanation that fits
your description of the problem. If you find yourself in such a situation
again, fire up a protocol analyzer and compare destination MACs with
destination IP addresses, and you'll get a better picture of what's going on.

hth,
Hal

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 18, 2002 7:42 PM
To: [EMAIL PROTECTED]
Subject: Appreciate Your Expertise On This Strange ARP Problem [7:38738]


Hi there 

This is my first time to post a question.

Here is a real scenario which happened a few days ago. Though the problem
has been resolved, i still cannot understand what the cause is.

Customer A has a partner connection to B's network. due to lack of
capability on B's Router/Firewall, one of A's router is plugged directly
onto B's internal LAN(sounds silly, but it is true). 

B's LAN use 10.67.0.0/16 address, of which 10.67.1.x is for servers,
10.67.2.x for routers/switches, 10.67.7.x and 10.67.8.x for DHCP clients.
B's router has 10.67.2.1 addr. 

A's router on B's LAN gets assigned an ip addr 10.67.2.2,but a wrong /24
mask was given by B. since A's users need to talk to B's server, a static
route(ip route 10.67.1.0 255.255.255.0 10.67.2.1) was added. 

A default route is also configured(ip route 0.0.0.0 0.0.0.0 10.67.2.1) on
the A's router.

when this default route was taken off(no obvious reason to point a default
route to B's default router), all B's dhcp clients cannot talk to their own
servers(10.67.1.x) any more even they are on the same subnet.

B's network support was called in, and they found that the A's router is
incorrectly answering ARP requests(by default ip proxy-arp is enabled on the
LAN interface). and somehow the arp respone reaches the client before the
server's, so the client cannot talk to the servers.

the problem later was resolved by rectifying the subnet mask on A's router.
but i still cannot figure out what went wrong when the default route on A's
router was removed.

I'll be much appreciated if anyone can shed some lights on this.

regards

Alec Shi


Senior Support Engineer
Axon Computertime
Auckland
NZ



-- 
The information contained in this e-mail message is intended only for the
use of the person or entity to whom it is addressed and may contain
information that is CONFIDENTIAL and may be exempt from disclosure under
applicable laws.

If you read this message and are not the addressee you are notified that
use, dissemination, distribution, or reproduction of this message is
prohibited. If you have received this message in error, please notify us
immediately and delete the original message. You should scan this message
and any attached files for viruses.

Axon Computertime accepts no liability for any loss caused either directly
or indirectly by a virus arising from the use of this message or any
attached file.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38778t=38778
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

7204 vxr boot rom [7:38777]

[Patrick Donlon]

Hi All

just wondered if anyone knows where I can find some information about boot
rom versions. I'm looking at loading an  image of IOS on a new 7204 and I'd
like to know what version I should use for the boot rom

cheers

Pat

--

email me on : [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38777t=38777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Who is Priscilla Oppenheimer ? [7:38662]

[Ty King]

Hal, I agree with you...except he should have pez dispensers and post-it
notes everywhere...


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38780t=38662
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

NAT with printer [7:38781]

[Zolla Zimmerman]

Hi All,

I really have a problem. I have enabled NAT on the router. I am able to
reach all PCs but the printer. Here is the senario:


192.168.1.0192.168.3.0
 | |
 | |
  --Router1-Router2--
   |
   |
   192.168.3.252
(Printer)

1. We have enabled NAT on router2 to translate 192.168.3.0 0.0.0.250 to a
pool 192.168.8.0
2. Enabled static NAT for printer to 192.168.8.252

Please help

Zolla


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38781t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IPSEC UDP [7:38782]

[Brian Zeitz]

I want to create an IPSEC UDP from one Lan to another via the internet.
Going across both firewall and routers, possibly though NAT. I am trying
to find out more information on this. I read that some cheap routers
using NAT, you can only have 1 IPSEC UDP session, from 1 client at a
time, and that is all. Are there any issues like this with a Pix? Is
running IP SEC UPD as simple as opening UDP Port 500, and that's all I
have to do? Does the 3DES license on a pix come in to play at all when
doing this? How secure is 3DES UDP, I know this is a lot of questions,
but I just wondered if someone could suggest a book or site...





Thanks in Advance,



Brian




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38782t=38782
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM for CCIE [7:38772]

[Matthew Meiers]

Anyone know any good ATM books?

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Persio Pucci
Sent: Tuesday, March 19, 2002 6:57 AM
To: [EMAIL PROTECTED]
Subject: ATM for CCIE [7:38772]

Folks,

I'm reading the CCIE Resource Kit 2001 Ed., and I think that the amount
of
information about ATM that the book covers is just insufficient for the
test.
Anybody feels like this? Or is it just enough? Any recommendation for
ATM?

Regards,

Persio




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38783t=38772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Steve Smith]

Is this a Network printer with a card or jet direct box?

-Original Message-
From: Zolla Zimmerman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 8:04 AM
To: [EMAIL PROTECTED]
Subject: NAT with printer [7:38781]


Hi All,

I really have a problem. I have enabled NAT on the router. I am able to
reach all PCs but the printer. Here is the senario:


192.168.1.0192.168.3.0
 | |
 | |
  --Router1-Router2--
   |
   |
   192.168.3.252
(Printer)

1. We have enabled NAT on router2 to translate 192.168.3.0 0.0.0.250 to
a
pool 192.168.8.0
2. Enabled static NAT for printer to 192.168.8.252

Please help

Zolla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38784t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Zolla Zimmerman]

Yes. This is a network printer with a card.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38785t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IP accounting..... [7:38766]

[suaveguru]

Plug in a sniffer !!!

regards,
suaveguru
--- [EMAIL PROTECTED]
 wrote:
 I was just wondering if I could look at specific
 protocol types leaving a
 specific interfaces(?)
 
 Best Regards
 Scott Forbes
 www.invsat.com
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38786t=38766
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is cable network really a shared medium? [7:38705]

[bergenpeak]

Hi Sam,

The shared vs non-shared issue DSL providers mention is somewhat
misleading.   In any residential cable or DSL network, you will
have stat muxing.   In a cable network, this happens on the HFC
network.  In a DSL network, this happens at the Agg router (the
one that terminates all of those DSL connections).   The Internet
is one big stat mux.  In either the DSL or Cable approach, the 
customer observed performance will be a result of many factors,
including access network design (how many subs share the cable
or agg router), the behaviors of these other users, the regional
network design, the size and types of peering connections, and
where the users are actually surfing too.  

My house has a long driveway that only I use.  Does that mean
I'll get to work faster than the neighbors down the street
which live in an apartment complex and share a driveway with
other folks?

In both approaches, one can prioritize traffic or partition bandwidth
to certain groups of users.

The current standard for how IP/ethernet frames are transmitted over
an HFC network is defined via the DOCSIS 1.0 spec.  This specification
is available at www.cablelabs.com.   This spec defines how to
support best-effort IP transport.

Support for additional features, include QoS, is defined in the
DOCSIS 1.1 spec.  This document is also available at the above
web site.


Some details about DOCSIS cable networks:

* On the HFC network, a single downstream channel can support
  ~25-35 Mb/s (depending on the modulation being used).

*  The upstream connection typically can support between 5-10 Mb/s
  (depending on modulation and the size of the channel).  

* The cable operator can opt, based on RF combining, how many homes
  (fiber nodes) share a downstream or upstream.When service is
initially
  launched in an area, an operator might combine several nodes together
  and as the take rate increases, reduce the amount of combining
  (which effectovely reduces the number of customers who share the
   bandwidth).

* When a cable modem is brought online, it gets an IP address via
  DHCP and then is loaded with configuration information (IP, L2,
  and L4 filters), network management, etc information.   These
  filters prevent issues which arise when  DHCP servers are
  running in a customer's home, prevents my NETBIOS traffic from being
  seen by neighbors, etc.  

There are other technologies still deployed by cable operators to
support
HSD (LanCity, Motorola CDLP, Com21, etc.) which may not operate the same
as DOCSIS.  

Hope this helps.
  


sam sneed wrote:
 
 I just changed services from DSL to cable modem. I have heard from people,
 including verizon, that cable is not as secure as DSL becuase it is over a
 shared medium. I connected to my cable modem and fired up my packet
sniffer.
 I did not see anyone elses traffic on the line so i am assuming the
bandwith
 is shared( a known fact about cable access) but is somehow filtered at the
 cable modem(bridge). Does anyone know if this assumption is true and the
 inside details of the how data is transmitted over the cable network? A
link
 to a whitepaer would be great.
 
 thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38787t=38705
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ospf and sub-interfaces [7:38788]

[bergenpeak]

I'm looking at an design where there's a hub-spoke network
based on 802.1q.   Specifically, there will be a number of routers
connect back via FE/GE into a central router through an 802.1q
trunked interface.  Each remote router will run OSPF and thus
should form an OSPF adjancency with the central router over its
respective sub-interface.

Any issues or gotchas with this?  I've not gotten a chance to
test this out yet.

Thanks much.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38788t=38788
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM for CCIE [7:38772]

[Moffett, Ryan]

Cisco ATM Solutions, Cisco Press, by Galina Pildush.  She also contributed
to CCIE Practical Studies, Volume 1 by Cisco Press.   ATM Theory and
Applications by Spohn and McDysan is also a good reference.

-Original Message-
From: Matthew Meiers [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 9:26 AM
To: [EMAIL PROTECTED]
Subject: RE: ATM for CCIE [7:38772]


Anyone know any good ATM books?

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Persio Pucci
Sent: Tuesday, March 19, 2002 6:57 AM
To: [EMAIL PROTECTED]
Subject: ATM for CCIE [7:38772]

Folks,

I'm reading the CCIE Resource Kit 2001 Ed., and I think that the amount
of
information about ATM that the book covers is just insufficient for the
test.
Anybody feels like this? Or is it just enough? Any recommendation for
ATM?

Regards,

Persio




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38789t=38772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Arjen Dragt]

What does your access list look like that controls what gets NAT'd to the
192.168.8.0 pool?
Is the printer excluded from this NAT list?
What is the default gateway of the printer?


Arjen

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: March 19, 2002 9:44 AM
To: [EMAIL PROTECTED]
Subject: RE: NAT with printer [7:38781]


Yes. This is a network printer with a card.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38790t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ppp and aaa [7:38665]

[NetEng]

Thanks for the info. I used a vitual-template for the t-1's and a
group-async for the modems and enabled multli-link for them. I'm not sure if
that will work for ISDN, I'm using analog only.

Michael Williams  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Yes.  Setup your AAA like so:

 aaa new-model
 aaa authentication login default group radius enable
 aaa authentication ppp use-radius group radius

 When configuring the interface, say Dialer1, you configure the
 encapsulation, then configure the authentication like so:

 interface Dialer1
  description Interface for dial-in users
  encapsulation ppp
  ppp authentication [chap | pap] use-radius

 This will tell the incoming ppp dial-up to authenticate using radius.  By
 simply not including the ppp authentication command on the T1s interface
 configuration, that should make it where the T1s don't require any
 authentication, thus the AAA authentication we defined in AAA doesn't
affect
 those interfaces.

 I don't know if you're using a Virtual-Template to form your multilink or
if
 you're configuring your multilink bundle (T1s) manually.  A problem I
 haven't been able to solve is this:  I'm using Virtual-Template to
multilink
 my two T1s, but I'd also like to configure a different Virtual-Template
(if
 that's even possible) for the Dialer interface to use so that people
dialing
 in with ISDN (BRI) can bond their B channels together for 128K pipe. But I
 haven't found a way to use virtual-templates in a way that lets you define
 more than one use for it.

 I've got a config of a 3640 I setup with two T1s using PPP Multilink on
the
 same router that's also configured with 18 MICA digital modems with T1-PRI
 w/built-in CDU (only 18 lines active tho) to accept either analog or ISDN
 BRI digital calls.  If you would like, I can e-mail a copy.

 HTH,
 Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38791t=38665
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Ole Drews Jensen]

When you say that you cannot reach the printer, do you mean:

- you cannot see it from your JetAdmin?

- you cannot telnet to it?

- you cannot ping it?

- ?

Have you set the default gateway to Router2 on the printer?

Have you verified the correct subnet mask on the printer?

Hth,

Ole

~
 Ole Drews Jensen
 Systems Network Manager
 CCNP, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
~
 http://www.RouterChief.com
~
 Need a Job?
 http://www.OleDrews.com/job
~





-Original Message-
From: Zolla Zimmerman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 8:04 AM
To: [EMAIL PROTECTED]
Subject: NAT with printer [7:38781]


Hi All,

I really have a problem. I have enabled NAT on the router. I am able to
reach all PCs but the printer. Here is the senario:


192.168.1.0192.168.3.0
 | |
 | |
  --Router1-Router2--
   |
   |
   192.168.3.252
(Printer)

1. We have enabled NAT on router2 to translate 192.168.3.0 0.0.0.250 to a
pool 192.168.8.0
2. Enabled static NAT for printer to 192.168.8.252

Please help

Zolla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38792t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Zolla Zimmerman]

Hi,

I have excluded the printer from the NAT pool through access-list only. Here
is what I have for the configuration:

ip nat pool ippool 192.168.8.1 192.168.8.254 netmask 255.255.255.0
ip nat inside source list 7 pool ippool

access-list 7 permit 192.168.3.0 0.0.0.255
access-list 7 deny host 192.168.3.252

The gateway on the printer points to a server which has the routing to the
other network.

Thanks


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38793t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Zolla Zimmerman]

Hi

I can not ping, traceroute, add the printer.

Thanks




When you say that you cannot reach the printer, do you mean: 

- you cannot see it from your JetAdmin? 

- you cannot telnet to it? 

- you cannot ping it? 

- ? 

Have you set the default gateway to Router2 on the printer? 

Have you verified the correct subnet mask on the printer? 



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38794t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Arjen Dragt]

The ACL is backwards.
Is the server running a routing engine?

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: March 19, 2002 10:16 AM
To: [EMAIL PROTECTED]
Subject: RE: NAT with printer [7:38781]


Hi,

I have excluded the printer from the NAT pool through access-list only. Here
is what I have for the configuration:

ip nat pool ippool 192.168.8.1 192.168.8.254 netmask 255.255.255.0
ip nat inside source list 7 pool ippool

access-list 7 permit 192.168.3.0 0.0.0.255
access-list 7 deny host 192.168.3.252

The gateway on the printer points to a server which has the routing to the
other network.

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38795t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 7204 vxr bootflash [7:38777]

[MADMAN]

Not all the images have a parallel boot image.  I just try and insure
that the boot image is current enough to recognize all the PA's so that
if you end up in boot mode you'll have a chance to access the router and
download new IOS in necessary.

  Dave

Patrick Donlon wrote:
 
 Whoops just read my post, I meant to say bootflash not bootrom
 
 Cheers
 
 --
 
 email me on : [EMAIL PROTECTED]
 
 Patrick Donlon  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi All
 
  just wondered if anyone knows where I can find some information about
boot
  rom versions. I'm looking at loading an  image of IOS on a new 7204 and
 I'd
  like to know what version I should use for the boot rom
 
  cheers
 
  Pat
 
  --
 
  email me on : [EMAIL PROTECTED]
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38797t=38777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Rack [7:38796]

[Woods, Randall, SOLCM]

Hi all,
I'm trying to find a rack for my routers. Does anyone have a good source?

Woody
CCNP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38796t=38796
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Zolla Zimmerman]

What do you mean by routing engine? I can ping the server from the other
network. The server has routing information. Do I have to change the gateway
on the printer to point the router?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38798t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Bond, Jeffrey T]

Is it possible for you to update the firmware on your card

-Original Message-
From: Zolla Zimmerman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 9:44 AM
To: [EMAIL PROTECTED]
Subject: RE: NAT with printer [7:38781]


Yes. This is a network printer with a card.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38799t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ATM for CCIE [7:38772]

[Tom Scott]

The one book I'm reading is from ciscopress: Cisco ATM
Solutions, by Galina Pildush

The next question is, How does a cash-challenged individual
such as myself set up an ATM lab in his basement? Someone
mentioned the LS-100 in a previous message. What are the
going prices on that? Also, can I find affordable cards for
a low-end router (say, a 2500/2600) to turn it into an ATM
switch as we can do for a FR switch. The FR switch command
is frame-relay route; is there something like atm route
that enables the switching of ATM circuits from one
interface (or subinterface) to another? If so, then we could
emulate a service-provider cloud, which we then could access
across a standard UNI.

The bottom line here is the bottom line: Can it be done
affordably in our practice labs?

-- TT

 Original Message 
Subject: RE: ATM for CCIE [7:38772]
Date: Tue, 19 Mar 2002 09:25:46 -0500
From: Matthew Meiers 
Reply-To: Matthew Meiers 
To: [EMAIL PROTECTED]

Anyone know any good ATM books?

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
On Behalf Of
Persio Pucci
Sent: Tuesday, March 19, 2002 6:57 AM
To: [EMAIL PROTECTED]
Subject: ATM for CCIE [7:38772]

Folks,

I'm reading the CCIE Resource Kit 2001 Ed., and I think that
the amount
of information about ATM that the book covers is just
insufficient for
the test. Anybody feels like this? Or is it just enough? Any

recommendation for ATM?

Regards,

Persio




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38801t=38772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Steve Smith]

have you done this for the HP card?

ip nat pool pool 64.64.64.64 64.64.64.64 netmask 255.255.255.252
ip nat inside source static tcp 192.168.1.1 9100 64.64.64.64 9150
extendable


-Original Message-
From: Zolla Zimmerman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 8:44 AM
To: [EMAIL PROTECTED]
Subject: RE: NAT with printer [7:38781]


Yes. This is a network printer with a card.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38802t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: NAT with printer [7:38781]

[Marc Thach Xuan Ky]

Have you disallowed the printer address with an acl for the pool?
Marc

Zolla Zimmerman wrote:
 
 Hi All,
 
 I really have a problem. I have enabled NAT on the router. I am able to
 reach all PCs but the printer. Here is the senario:
 
 192.168.1.0192.168.3.0
  | |
  | |
   --Router1-Router2--
|
|
192.168.3.252
 (Printer)
 
 1. We have enabled NAT on router2 to translate 192.168.3.0 0.0.0.250 to a
 pool 192.168.8.0
 2. Enabled static NAT for printer to 192.168.8.252
 
 Please help
 
 Zolla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38800t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Zolla Zimmerman]

No. I can not do this.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38803t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX [7:38804]

[sparks eric]

Does anyone know how one goes about tftp'ing a config file to a PIX520
running 6.1.1 code?  Is it the same as bringing a new image in?  Also, how
is the memory structured in a PIX.  I just can't find this info in the 6.1
docs.  duhh!


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38804t=38804
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Zolla Zimmerman]

No it is Lexmark printer. I do not know the printer has a card or a print
server.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38805t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Eigrp not responding to bandwidth commands [7:38744]

[MADMAN]

In the diagram and configs it's not clear where exactly nw 1, 2 and 3
are, you cut that part of the config out.  I know changing the bandwidth
works well and quite fast.  I have done so in the past for a customer
running a 6M ATM pipe and T1 frame relay for redundancy.  We needed to
work on the router that terminated the ATM so I simply changed the
bandwidth to 100 and with a couple seconds all the traffic reverted to
frame.

  If you really only want to test whether changing the bandwidth works
simply connect two routers back to back with two serial connections,
equal clocks, no distribute lists and then change the bandwidth.

  Dave

V patankar wrote:
 
 Hi,
 
 I have a very simple three router scenario, using 12.0(10) IOS on 1200
 platform, and configured to run EIGRP.
 
 
RB
S0/   \ s1
(nw 1) bw=512/  \   bw=1024  (nw  2)
 s1 /\ s1
   RC --- RA
  bw=512
  nw 3
 
 All the three links are serial links connected by using a back-to-back X.21
 cables.
 
 Looking at the above diagram you would expect the following
 
 RB
 
 all traffic will be send over interface S1 to reach nw 3, and no load
 balancing should take place.
 
 RC
 
 Two routes, to reach network nw 2, load balancing should take place, and
two
 routes should be seen in the routing tabel.
 
 RA
 
 All traffic should leave via interface S1 to reach the nw 1 and no load
 balancing should take place.
 
 Problem:
 
 All the routers are showing that two paths exist to reach the destination
 networks.
 
 Please check the outputs:
 ---
 ra#
 interface Serial0
 bandwidth 512
 ip address 172.16.91.21 255.255.255.252
 no fair-queue
 !
 interface Serial1
 bandwidth 1024
 ip address 172.16.91.25 255.255.255.252
 !
 router eigrp 1
 passive-interface Ethernet0
 network 172.16.0.0
 distribute-list 1 out Serial0
 distribute-list 1 out Serial1
 auto-summary
 no eigrp log-neighbor-changes
 !
 D   172.16.91.28/30 [90/6023936] via 172.16.91.26,  Serial1
 [90/6023936] via 172.16.91.22,  Serial0
 C   172.16.91.24/30 is directly connected, Serial1
 ra#
 
 
 interface Serial0
 bandwidth 512
 ip address 172.16.91.30 255.255.255.252
 no ip directed-broadcast
 no ip mroute-cache
 no fair-queue
 clockrate 38400
 !
 interface Serial1
 bandwidth 1024
 ip address 172.16.91.26 255.255.255.252
 no ip directed-broadcast
 clockrate 38400
 !
 router eigrp 1
 passive-interface Ethernet0
 network 172.16.0.0
 distribute-list 1 out Serial0
 distribute-list 1 out Serial1
 rb#
 
 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
 C   172.16.15.0/24 is directly connected, Ethernet0
 D   172.16.91.20/30 [90/6023936] via 172.16.91.25, Serial1
 [90/6023936] via 172.16.91.29, Serial0
 C   172.16.91.28/30 is directly connected, Serial0
 C   172.16.91.24/30 is directly connected, Serial1
 -
 rc#
 
 interface Serial0
 bandwidth 512
 ip address 172.16.91.22 255.255.255.252
 no ip directed-broadcast
 no ip mroute-cache
 delay 2000
 no fair-queue
 clockrate 38400
 !
 interface Serial1
 bandwidth 512
 ip address 172.16.91.29 255.255.255.252
 no ip directed-broadcast
 !
 router eigrp 1
 passive-interface Ethernet0
 network 172.16.0.0
 distribute-list 1 out Serial0
 distribute-list 1 out Serial1
 !
 
 Gateway of last resort is not set
 
 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
 C   172.16.14.0/24 is directly connected, Ethernet0
 C   172.16.91.20/30 is directly connected, Serial0
 C   172.16.91.28/30 is directly connected, Serial1
 D   172.16.91.24/30 [90/6023936] via 172.16.91.21,  Serial0
 [90/6023936] via 172.16.91.30,  Serial1
 rc#
 -
 P.S. By changing the delay parameter on rb for inteface s0 (2 - 20001)
 will for the traffic to go via interface s1.
 
 Has anyone seen this behaviour before, is it normal for Eigrp to behave in
 such a way ?
 
 Note: All the Ethernet networks are 172.16.15.0, 172.16.14.0 and
172.16.90.0
 all using a 24 bit mask, the distribute list was used to stop these updates
 from entering the eigrp routing table.
 
 The main focus here is to find out why the bandwidth command when used in
 EIGRP is not effective. I hope I have not confussed anyone.
 
 Thanks in Advance.
 vp
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38807t=38744
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Arjen Dragt]

Yes, change the default gateway of the printer to be router2.
And before you go too far with this NAT/printer thing, make sure that you
can ping the printer from its local network.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: March 19, 2002 10:34 AM
To: [EMAIL PROTECTED]
Subject: RE: NAT with printer [7:38781]


What do you mean by routing engine? I can ping the server from the other
network. The server has routing information. Do I have to change the gateway
on the printer to point the router?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38806t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rack [7:38796]

[[EMAIL PROTECTED]]

Hello all,

I am looking for a rack with shelves as well, any advice would be
appreciated.  Cheap would be good too!   :-)





Kevin McCarty
Computer Sciences Corporation
Defense Sector
618 622 4757


   

   
Woods,
Randall, To:
[EMAIL PROTECTED]
SOLCM  
cc:
   
   
Sent
by:
   
nobody
   

   

   
03/19/2002
09:32
AM
   
Please
respond
to
   
Woods,
   
Randall,
   
SOLCM
   

   





Hi all,
I'm trying to find a rack for my routers. Does anyone have a good
source?

Woody
CCNP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38808t=38796
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Ole Drews Jensen]

Yes, the printer needs to know where to send traffic that is not on the
local network.

Telnet into the printer from a computer on the local network, and setup it's
default gateway.

Ole

~
 Ole Drews Jensen
 Systems Network Manager
 CCNP, MCSE, MCP+I
 RWR Enterprises, Inc.
 [EMAIL PROTECTED]
~
 http://www.RouterChief.com
~
 Need a Job?
 http://www.OleDrews.com/job
~




-Original Message-
From: Zolla Zimmerman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 9:34 AM
To: [EMAIL PROTECTED]
Subject: RE: NAT with printer [7:38781]


What do you mean by routing engine? I can ping the server from the other
network. The server has routing information. Do I have to change the gateway
on the printer to point the router?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38811t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rack [7:38796]

[Patrick Ramsey]

I didn't see any with shelves but this is what all my buddies say is good
stuff!

http://www.geocities.com/Yosemite/Geyser/9050/

 [EMAIL PROTECTED]  03/19/02 10:57AM 
Hello all,

I am looking for a rack with shelves as well, any advice would be
appreciated.  Cheap would be good too!   :-)





Kevin McCarty
Computer Sciences Corporation
Defense Sector
618 622 4757


   

   
Woods,
Randall, To:
[EMAIL PROTECTED] 
SOLCM  
cc:
   
   
Sent
by:
   
nobody
   

   

   
03/19/2002
09:32
AM
   
Please
respond
to
   
Woods,
   
Randall,
   
SOLCM
   

   





Hi all,
I'm trying to find a rack for my routers. Does anyone have a good
source?

Woody
CCNP
  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38810t=38796
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 7204 vxr bootflash [7:38777]

[Maccubbin, Duncan]

Another issue is that Cisco has several images out there that are too big
for the bootflash: directory. If you want them to fit they need to be about
2.9MB or less.

Duncan

-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, March 19, 2002 10:34 AM
To: [EMAIL PROTECTED]
Subject: Re: 7204 vxr bootflash [7:38777]

Not all the images have a parallel boot image.  I just try and insure
that the boot image is current enough to recognize all the PA's so that
if you end up in boot mode you'll have a chance to access the router and
download new IOS in necessary.

  Dave

Patrick Donlon wrote:
 
 Whoops just read my post, I meant to say bootflash not bootrom
 
 Cheers
 
 --
 
 email me on : [EMAIL PROTECTED]
 
 Patrick Donlon  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi All
 
  just wondered if anyone knows where I can find some information about
boot
  rom versions. I'm looking at loading an  image of IOS on a new 7204 and
 I'd
  like to know what version I should use for the boot rom
 
  cheers
 
  Pat
 
  --
 
  email me on : [EMAIL PROTECTED]
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38809t=38777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

AW: NAT with printer [7:38781]

[Stuart Laubstein]

Well I would change your ACL--switch order of the lines. I would then
suggest you take a labtop and give it the ip address of the printer and plug
it in and see if you can recieve and send pings with the labtop. I always
test printer problems like this. Of course the printer must be offline for
the test.

stuart




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38812t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is cable network really a shared medium? [7:38705]

[Mike Mandulak]

Good post. One minor correction, the COM21 modems are DOCSIS 1.1 certified.

- Original Message -
From: bergenpeak 
To: 
Sent: Tuesday, March 19, 2002 9:53 AM
Subject: Re: Is cable network really a shared medium? [7:38705]


 Hi Sam,

 The shared vs non-shared issue DSL providers mention is somewhat
 misleading.   In any residential cable or DSL network, you will
 have stat muxing.   In a cable network, this happens on the HFC
 network.  In a DSL network, this happens at the Agg router (the
 one that terminates all of those DSL connections).   The Internet
 is one big stat mux.  In either the DSL or Cable approach, the
 customer observed performance will be a result of many factors,
 including access network design (how many subs share the cable
 or agg router), the behaviors of these other users, the regional
 network design, the size and types of peering connections, and
 where the users are actually surfing too.

 My house has a long driveway that only I use.  Does that mean
 I'll get to work faster than the neighbors down the street
 which live in an apartment complex and share a driveway with
 other folks?

 In both approaches, one can prioritize traffic or partition bandwidth
 to certain groups of users.

 The current standard for how IP/ethernet frames are transmitted over
 an HFC network is defined via the DOCSIS 1.0 spec.  This specification
 is available at www.cablelabs.com.   This spec defines how to
 support best-effort IP transport.

 Support for additional features, include QoS, is defined in the
 DOCSIS 1.1 spec.  This document is also available at the above
 web site.


 Some details about DOCSIS cable networks:

 * On the HFC network, a single downstream channel can support
   ~25-35 Mb/s (depending on the modulation being used).

 *  The upstream connection typically can support between 5-10 Mb/s
   (depending on modulation and the size of the channel).

 * The cable operator can opt, based on RF combining, how many homes
   (fiber nodes) share a downstream or upstream.When service is
 initially
   launched in an area, an operator might combine several nodes together
   and as the take rate increases, reduce the amount of combining
   (which effectovely reduces the number of customers who share the
bandwidth).

 * When a cable modem is brought online, it gets an IP address via
   DHCP and then is loaded with configuration information (IP, L2,
   and L4 filters), network management, etc information.   These
   filters prevent issues which arise when  DHCP servers are
   running in a customer's home, prevents my NETBIOS traffic from being
   seen by neighbors, etc.

 There are other technologies still deployed by cable operators to
 support
 HSD (LanCity, Motorola CDLP, Com21, etc.) which may not operate the same
 as DOCSIS.

 Hope this helps.



 sam sneed wrote:
 
  I just changed services from DSL to cable modem. I have heard from
people,
  including verizon, that cable is not as secure as DSL becuase it is over
a
  shared medium. I connected to my cable modem and fired up my packet
 sniffer.
  I did not see anyone elses traffic on the line so i am assuming the
 bandwith
  is shared( a known fact about cable access) but is somehow filtered at
the
  cable modem(bridge). Does anyone know if this assumption is true and the
  inside details of the how data is transmitted over the cable network? A
 link
  to a whitepaer would be great.
 
  thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38813t=38705
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

tacacs+ ports [7:38814]

[NetEng]

Does anyone know what ports tacacs+ uses? I'm looking for what ports
Authentication uses, which ports Authorization uses, and what port
Accounting uses. If there are any additional ports it uses, I would
appreciate that info as well. I can't seem to find much on tacacs+, does it
use the same ports as radius? TIA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38814t=38814
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IPSEC UDP [7:38782]

[Ladrach, Daniel E.]

I PIX 515 can terminate 2,000 IPsec tunnels. Read Cisco Secure PIX Firewalls
by CISCO Press.

Daniel Ladrach
CCNA, CCNP
WorldCom


-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 9:12 AM
To: [EMAIL PROTECTED]
Subject: IPSEC UDP [7:38782]


I want to create an IPSEC UDP from one Lan to another via the internet.
Going across both firewall and routers, possibly though NAT. I am trying
to find out more information on this. I read that some cheap routers
using NAT, you can only have 1 IPSEC UDP session, from 1 client at a
time, and that is all. Are there any issues like this with a Pix? Is
running IP SEC UPD as simple as opening UDP Port 500, and that's all I
have to do? Does the 3DES license on a pix come in to play at all when
doing this? How secure is 3DES UDP, I know this is a lot of questions,
but I just wondered if someone could suggest a book or site...





Thanks in Advance,



Brian




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38815t=38782
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM for CCIE [7:38772]

[Daniel Cotts]

Older boxes such as the 4500/4700 and 7000 support ATM interfaces. When I
was paying attention, it seemed that they were more readily available for
the 7000s. Downside to the 7000s is that they max out at 11.2? code unless
one buys a RSP7000 card set.
LS100s are cheaper than LS1010s. I have seen quite a range of prices for
LS100s from over $3k to $1k. I bought one with three OC-3 MM interfaces for
$1,500. It is for sale as I built a LS1010 from parts. (i.e. Bought a
chassis, then bought card(s), Then bought ASP.)
Let's just say that you can buy a heck of a lot of rack time for the same
money.

 -Original Message-
 From: Tom Scott [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, March 19, 2002 9:48 AM
 To: [EMAIL PROTECTED]
 Subject: Re: ATM for CCIE [7:38772]
 
 
 The one book I'm reading is from ciscopress: Cisco ATM
 Solutions, by Galina Pildush
 
 The next question is, How does a cash-challenged individual
 such as myself set up an ATM lab in his basement? Someone
 mentioned the LS-100 in a previous message. What are the
 going prices on that? Also, can I find affordable cards for
 a low-end router (say, a 2500/2600) to turn it into an ATM
 switch as we can do for a FR switch. The FR switch command
 is frame-relay route; is there something like atm route
 that enables the switching of ATM circuits from one
 interface (or subinterface) to another? If so, then we could
 emulate a service-provider cloud, which we then could access
 across a standard UNI.
 
 The bottom line here is the bottom line: Can it be done
 affordably in our practice labs?
 
 -- TT
 
  Original Message 
 Subject: RE: ATM for CCIE [7:38772]
 Date: Tue, 19 Mar 2002 09:25:46 -0500
 From: Matthew Meiers 
 Reply-To: Matthew Meiers 
 To: [EMAIL PROTECTED]
 
 Anyone know any good ATM books?
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 On Behalf Of
 Persio Pucci
 Sent: Tuesday, March 19, 2002 6:57 AM
 To: [EMAIL PROTECTED]
 Subject: ATM for CCIE [7:38772]
 
 Folks,
 
 I'm reading the CCIE Resource Kit 2001 Ed., and I think that
 the amount
 of information about ATM that the book covers is just
 insufficient for
 the test. Anybody feels like this? Or is it just enough? Any
 
 recommendation for ATM?
 
 Regards,
 
 Persio




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38816t=38772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: tacacs+ ports [7:38814]

[bob smith]

port 49
both TACACS  TACACS +

NetEng  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Does anyone know what ports tacacs+ uses? I'm looking for what ports
 Authentication uses, which ports Authorization uses, and what port
 Accounting uses. If there are any additional ports it uses, I would
 appreciate that info as well. I can't seem to find much on tacacs+, does
it
 use the same ports as radius? TIA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38817t=38814
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Home Network [7:38818]

[James Gruggett]

Hello everyone,

I am in the process of setting up a home lab and I have a few questions.

I will be running 2000 advanced server with various clients, I have a
1900, 2900 series switches and two 2501 routers.

My first question is how can I provide internet access to all my clients
( will I have to use a proxy server for my clients) I have DSL (
internal PCI modem) which I guess I will run on my 2000 server.

Also, how could I add in my routers?

Thanks in advance

--



James E. Gruggett MCSE
Network Administrator
Fedex Services
901-263-7595

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of james.gruggett.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38818t=38818
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: NAT with printer [7:38781]

[Zolla Zimmerman]

I changed the gateway to point to the router and it worked.

Thanks everybody. I and my boss really appreciate everybodies help in this
matter.

Zolla


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38819t=38781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is cable network really a shared medium?(more [7:38718]

[Fraasch James]

You guys are both right.  Cable modem plants are a broadcast network.  All
packets are sent down the line and you have the ability to see everyone's
traffic 'IF' you could sniff the cable line and not sniff the ethernet cable
going to your PC.  Most cable modems are simply mini-routers so if packets
are not destined for you then they are dropped.  However, if you could
console into your modem (depending on brand) you could change the thing to a
bridge.  So if your modem was set up as a bridge then you could see all the
traffic.

And baseline privacy it's great in theory yes.  But think about this:  When
subcribers first get their equipment installed there is no software added to
their PC that allows them to de-encrypt the data traveling around the
network. So where does the de-encryption happen?  The modem and CMTS are
what de-encyrpt the data.  And in order for your modem to know if a packet
is destined for you on this broadcast network it needs to de-encrypt the
packet and then drop it.

So you are on a broadcast network where all cable modems can de-encrypt all
data.  If the modem was configured as a bridge and simply forwarded all data
to the ethernet port, then you could sniff til the cows come home.

Understand that I am a HUGE fan of cable modem services.  There are just
some small holes that need to be filled. Security is one issue and quality
of service at the cable modem level is another- although this can be
addressed a little bit by playing with the bandwidth settings in the
cmconfig files that are downloaded when the thing boots up.

James

www.itpapers.com has about 85 papers on Cable Modems. Registration is
required and free- except for the occasional email.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38820t=38718
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CEF/MLS, IOS SLB Win2K [7:38821]

[Michael Williams]

Hey all.  This really a three parter:

1) This may sound stupid, but can you use CEF and MLS at the same time? 
Reason I ask is because we're using CEF on our 6500s right now, but to
configure IOS Server Load Balancing (SLB) one must enable the MLS Flow cache
to full (which I did).  I recall reading that the MLS flow cache can be used
for other (accounting?) purposes while CEF actually handles the forwarding
of packets.  But I'd like to get some input from others about if this is
indeed the case.  Even with the MLS flow cache on full, one can do a show
mlw cef and still see that CEF (seems to be) working.

2) Has anyone here had the chance to work with and configure IOS SLB?  I've
recently configured it, and it's pretty straight-forward.  It seems to work,
but I was wondering if anyone had any had any suggestions for tweaking the
faildetect and reassign values.  We were trying to test it's ability to
recognize when a real server is down by disconnecting the ethernet
connection to that server, but it didn't seem to take the server out of
service after the appropriate number of failed SYNs (we have it set for
4).  I also have it setup to reassign an IP session to another real server
after 2 failed connections but that didn't seem to be the case either.

3) The servers I'm trying to load balance are Win2K servers.  One of the
configuration requirements for SLB is that you install and configure a
loopback adapter at the Win2K machine.  The problem is when you do that it
creates an bad route (i.e. if the NIC is on a 10.1.1.x network, installing
the loopback creates an entry in the Win2K routing table that routes all
10.0.0.0 traffic to the loopback adapter, which keeps the Win2K machine from
communicating at all).  We can remove the route manually, but it keeps
popping back up, so I was wondering if anyone had a method to keep that bad
route from coming up.

Any input on any of these questions is greatly appreciated!

Thanks!
Mike W.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38821t=38821
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Bit Swapping [7:38823]

[Mckenzie Bill]

Can anyone give me an easy explain how to figure out bit swapping from Token
Ring to Ethernet?

I reviewed the Token Ring Whitepaper, but there is such a short section on
it.

Thanks,
Bill


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38823t=38823
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

SNMP Packet question [7:38824]

[sam sneed]

Hello group,

I am trying to write a script in perl to monitor interface errors and total
traffic during work hours. I'm doing an snmpwalk to get the info. I want the
total amount of packets in and out of an interface so I can calculate the %
of errors on the line.

Cisco says on their site : http://www.cisco.com/warp/public/477/SNMP/5.html

that
  ifInNUcastPkts (.1.3.6.1.2.1.2.2.1.12) are counts of inbound broadcast
and multicast packets

  ifOutUcastPkts (.1.3.6.1.2.1.2.2.1.17) are counts of outbound
broadcast and multicast packets


besides In and Out whats the difference? I thought Ucast meant unicast and
NUcast meant broadcast and multicast.
When queried, every int gives NUcast and Ucast which are different values.
How could Cisco define them as the same.

Is this a misprint?
Lastly I'm assuming that total packets would be the sum of the 2(unicast +
multicast/broadcast).
Is this assumption correct?


ps i don't want ifOutOctets  because i want the # of packets not bytes.

thankd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38824t=38824
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Home Network [7:38818]

[Daniel Cotts]

Your home network will depend on whether you use the Cisco solution or the
MS solution. May I suggest that you purchase an external DSL modem. Here's
one possible scheme. Connect the DSL modem to one of your switches, SW1.
Connect some of your MS boxes to SW1. Connect the ethernet port of a router,
R1, to SW1. Connect R1 to R2 via a back-to-back serial cable. Connect the
second switch, SW2, to the ethernet port of R2. Connect other MS boxes to
SW2.
DSL...SW1...R1...R2...SW2
   :   :
  PC(s)   PC(s) 

 -Original Message-
 From: James Gruggett [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, March 19, 2002 10:46 AM
 To: [EMAIL PROTECTED]
 Subject: Home Network [7:38818]
 
 
 Hello everyone,
 
 I am in the process of setting up a home lab and I have a few 
 questions.
 
 I will be running 2000 advanced server with various clients, I have a
 1900, 2900 series switches and two 2501 routers.
 
 My first question is how can I provide internet access to all 
 my clients
 ( will I have to use a proxy server for my clients) I have DSL (
 internal PCI modem) which I guess I will run on my 2000 server.
 
 Also, how could I add in my routers?
 
 Thanks in advance
 
 --
 
 
 
 James E. Gruggett MCSE
 Network Administrator
 Fedex Services
 901-263-7595
 
 [GroupStudy.com removed an attachment of type text/x-vcard 
 which had a name
 of james.gruggett.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38825t=38818
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Home Network [7:38818]

[Matt Meiers]

Go buy a cheap DSl router from one of those chain stores.  You can get one
for $100.00 or so.  It will do PPoE and simple NAT.  Then just put your
routers behind them.

Matthew Meiers, MCSA, MCSA, CCNA, CCDA
Senior Systems Engineer

-- Original Message --
From: James Gruggett 
Reply-To: James Gruggett 
Date:  Tue, 19 Mar 2002 11:45:48 -0500

Hello everyone,

I am in the process of setting up a home lab and I have a few questions.

I will be running 2000 advanced server with various clients, I have a
1900, 2900 series switches and two 2501 routers.

My first question is how can I provide internet access to all my clients
( will I have to use a proxy server for my clients) I have DSL (
internal PCI modem) which I guess I will run on my 2000 server.

Also, how could I add in my routers?

Thanks in advance

--



James E. Gruggett MCSE
Network Administrator
Fedex Services
901-263-7595

[GroupStudy.com removed an attachment of type text/x-vcard which had a name
of james.gruggett.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38827t=38818
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 7204 vxr bootflash [7:38777]

[MADMAN]

Yes I have run into 4M boot images in which case you can put the boot
image on a PCMCIA flash card but you must use the boot bootldr
slot0:bigbootimage.bin command.

  Dave

Maccubbin, Duncan wrote:
 
 Another issue is that Cisco has several images out there that are too big
 for the bootflash: directory. If you want them to fit they need to be about
 2.9MB or less.
 
 Duncan
 
 -Original Message-
 From: MADMAN [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, March 19, 2002 10:34 AM
 To: [EMAIL PROTECTED]
 Subject: Re: 7204 vxr bootflash [7:38777]
 
 Not all the images have a parallel boot image.  I just try and insure
 that the boot image is current enough to recognize all the PA's so that
 if you end up in boot mode you'll have a chance to access the router and
 download new IOS in necessary.
 
   Dave
 
 Patrick Donlon wrote:
 
  Whoops just read my post, I meant to say bootflash not bootrom
 
  Cheers
 
  --
 
  email me on : [EMAIL PROTECTED]
 
  Patrick Donlon  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Hi All
  
   just wondered if anyone knows where I can find some information about
 boot
   rom versions. I'm looking at loading an  image of IOS on a new 7204 and
  I'd
   like to know what version I should use for the boot rom
  
   cheers
  
   Pat
  
   --
  
   email me on : [EMAIL PROTECTED]
 --
 David Madland
 Sr. Network Engineer
 CCIE# 2016
 Qwest Communications Int. Inc.
 [EMAIL PROTECTED]
 612-664-3367
 
 Emotion should reflect reason not guide it
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38826t=38777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Appreciate Your Expertise On This Strange ARP Problem [7:38828]

[Rob Webber]

Alec,

This is quite an interesting scenario you ran into. I think I can explain
what happened.

As you mentioned Cisco enables proxy-arp by default. Usually this is a good
thing - in this case it was the cause of the problems.

Before the change when a 10.67.7.* DHCP client wanted to connect to a
10.67.1.* server, the client would issue an ARP request for the 10.67.1.*
address. This ARP request would reach the actual server as well as the A
router. The A router would see that the request was for an address that it
believed was on a completely different subnet (10.67.1.0). Since proxy ARP
was enabled (by default), the router would answer the ARP request using its
own mac address as the destination mac address. At this point there would be
a race between the server responding (correctly) to the ARP request and the
A router responding to the ARP request.

When the server's ARP response won that race, everything worked fine. When
the A router won the ARP response race, it would receive the packets
destined for the server from the client. The A router would then attempt to
route those packets to the correct destination. Its default route said to
route them to router B, which it would do. Router B would then know to
forward those packets right back out the same interface to the server. In
this scenario traffic was taking a strange path, but still working (its
likely router B would actually also send an ICMP packet which may have taken
router A out of the loop).

When the default route for router A was removed, the same race still
occurred. Except now when router A won the race it had no route to correctly
send the packet. Thus the packets would never make it to router B and/or the
server and communication was lost.

You correctly fixed the problem, though it would have been interesting to
see if disabling proxy arp on router A also would have fixed the problem. My
guess is it would have...

Rob.
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi there

 This is my first time to post a question.

 Here is a real scenario which happened a few days ago. Though the problem
 has been resolved, i still cannot understand what the cause is.

 Customer A has a partner connection to B's network. due to lack of
 capability on B's Router/Firewall, one of A's router is plugged directly
 onto B's internal LAN(sounds silly, but it is true).

 B's LAN use 10.67.0.0/16 address, of which 10.67.1.x is for servers,
 10.67.2.x for routers/switches, 10.67.7.x and 10.67.8.x for DHCP clients.
 B's router has 10.67.2.1 addr.

 A's router on B's LAN gets assigned an ip addr 10.67.2.2,but a wrong /24
 mask was given by B. since A's users need to talk to B's server, a static
 route(ip route 10.67.1.0 255.255.255.0 10.67.2.1) was added.

 A default route is also configured(ip route 0.0.0.0 0.0.0.0 10.67.2.1) on
 the A's router.

 when this default route was taken off(no obvious reason to point a default
 route to B's default router), all B's dhcp clients cannot talk to their
own
 servers(10.67.1.x) any more even they are on the same subnet.

 B's network support was called in, and they found that the A's router is
 incorrectly answering ARP requests(by default ip proxy-arp is enabled on
the
 LAN interface). and somehow the arp respone reaches the client before the
 server's, so the client cannot talk to the servers.

 the problem later was resolved by rectifying the subnet mask on A's
router.
 but i still cannot figure out what went wrong when the default route on
A's
 router was removed.

 I'll be much appreciated if anyone can shed some lights on this.

 regards

 Alec Shi


 Senior Support Engineer
 Axon Computertime
 Auckland
 NZ



 --
 The information contained in this e-mail message is intended only for the
 use of the person or entity to whom it is addressed and may contain
 information that is CONFIDENTIAL and may be exempt from disclosure under
 applicable laws.

 If you read this message and are not the addressee you are notified that
 use, dissemination, distribution, or reproduction of this message is
 prohibited. If you have received this message in error, please notify us
 immediately and delete the original message. You should scan this message
 and any attached files for viruses.

 Axon Computertime accepts no liability for any loss caused either directly
 or indirectly by a virus arising from the use of this message or any
 attached file.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38828t=38828
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

wan home lab [7:38829]

[v s]

I am setting up a home lab. I have a Cisco 2600 with a T1 csu/dsu and 2
Ethernet connections

I want to simulate a wan environment with a 2500 with 2 serial connections
and 1 aui Ethernet.
 

What type of cabling do I need to establish a connection between the 2
routers?

 
If the T1 csu/dsu takes rj48 ? how do I connect that to the serial 

connection on the 2500?
 




DTE/DCE  v.35


Will I need a CSU/DSU ?



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38829t=38829
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Flapping [7:38822]

[Matthew Meiers]

Just use the shutdown command

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
PING
Sent: Tuesday, March 19, 2002 11:12 AM
To: [EMAIL PROTECTED]
Subject: Flapping [7:38822]

I am looking for some tool which can generate hardware line flaps.  I
have been doing this by going into the lab and manually jiggling the
interface cable at various intervals and watching the debug output on
the console.
I was wondering if there were any tools that would help me do this in a
smarter way?

Nadeem




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38830t=38822
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Flapping [7:38822]

[Bill Carter]

Screwdriver, wrench, hammer  do they cable need to work afterwards.

Sorry, couldn't help it..

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
PING
Sent: Tuesday, March 19, 2002 11:12 AM
To: [EMAIL PROTECTED]
Subject: Flapping [7:38822]


I am looking for some tool which can generate hardware line flaps.  I
have been doing this by going into the lab and manually jiggling the
interface cable at various intervals and watching the debug output on
the console.
I was wondering if there were any tools that would help me do this in a
smarter way?

Nadeem




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38831t=38822
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Flapping [7:38822]

[timothy thielen]

The truly fabulous way would be to wire in a toggle switch into the cable...
preferably with a large wad of electrical tape.

It should flap like a champ then.

-T

PING wrote:
 
 I am looking for some tool which can generate hardware line
 flaps.  I
 have been doing this by going into the lab and manually
 jiggling the
 interface cable at various intervals and watching the debug
 output on
 the console.
 I was wondering if there were any tools that would help me do
 this in a
 smarter way?
 
 Nadeem
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38832t=38822
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: SNMP Packet question [7:38824]

[Patrick Ramsey]

I think the rrdtool has some of this built into it...it's a great spinoff of
mrtg... (it's bascialy the engine and you do with it as you please 
check out this link.

http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/ 

and look at so of the graphs people are doing there are also some sample
scripts there!

hth,

-Patrick

 sam sneed  03/19/02 12:33PM 
Hello group,

I am trying to write a script in perl to monitor interface errors and total
traffic during work hours. I'm doing an snmpwalk to get the info. I want the
total amount of packets in and out of an interface so I can calculate the %
of errors on the line.

Cisco says on their site : http://www.cisco.com/warp/public/477/SNMP/5.html 

that
  ifInNUcastPkts (.1.3.6.1.2.1.2.2.1.12) are counts of inbound broadcast
and multicast packets

  ifOutUcastPkts (.1.3.6.1.2.1.2.2.1.17) are counts of outbound
broadcast and multicast packets


besides In and Out whats the difference? I thought Ucast meant unicast and
NUcast meant broadcast and multicast.
When queried, every int gives NUcast and Ucast which are different values.
How could Cisco define them as the same.

Is this a misprint?
Lastly I'm assuming that total packets would be the sum of the 2(unicast +
multicast/broadcast).
Is this assumption correct?


ps i don't want ifOutOctets  because i want the # of packets not bytes.

thankd
  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and may
subject you to criminal and/or civil liability. If you have received this
email in error, please notify the sender by reply email and then delete this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38833t=38824
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rack [7:38796]

[Larry Youngquist]

I found a small 19 rack that is intended for audio gear at Radio Shack.
It's about 3' tall and the top half is angled at about 30 degrees.
Great for a few routers and switches. It was a discontinued item and
they sold it off of the floor for $50.

My wife wasn't going for the 7' model for a couple 2501's!

Larry
CISSP, CCNA, MCSE

Woods, Randall, SOLCM  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi all,
 I'm trying to find a rack for my routers. Does anyone have a good
source?

 Woody
 CCNP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38837t=38796
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

NAT overlapping example....Does not work? [7:38838]

[Cisco Nuts]

Hello,
Does anyone know of any links or examples for NAT overlapping? I tried to 
use the one in the CCNP Remote Access Support Book exactly as it was shown 
but looks like the author might have missed somethingas it's not 
working...Basically pings don't work.
Thank you.


_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38838t=38838
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to monitor the bridging traffic at routers [7:38758]

[Kent Hundley]

Some protocols don't have a layer 3 address, examples of this would be LAT
and SNA.  Since they have no layer 3 address, you must bridge them.  The
docs on CCO show how to enable bridging on a router:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/ibm_c
/index.htm

HTH,
Kent

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
John Green
Sent: Tuesday, March 19, 2002 5:16 AM
To: [EMAIL PROTECTED]
Subject: Re: How to monitor the bridging traffic at routers [7:38758]


can someone explain what does this statement mean ?
(with an example of a non-routable protocol)

As we need to cater some non-routable protocols,
bridging is also enabled at all routers.

and how is bridging enabled at a router ? (is this
referring to switching being enabled ?)


--- dovelet  wrote:
 Hi all,

 Our company's network are connected using some Cisco
 2500 and Cisco 4000
 routers. As we need to cater some non-routable
 protocols, bridging is also
 enabled at all routers. I would like to know, is
 there any methods to
 monitor which hosts are using bridging through the
 routers? Of course, I can
 use a sniffer to capture the traffic, but the
 network is too large for us to
 do so.

 Please advise.

 Regards,
 Dovelet
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38839t=38758
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is cable network really a shared medium? [7:38705]

[Priscilla Oppenheimer]

At 08:05 PM 3/18/02, John Green wrote:
i guess you are right that there is some sort of
filtering being done.
because the arp command gives the same physical
address of the hosts in my subnet.

Where are you running this ARP command? On a router, on a workstation? What 
does your network look like?


Internet Address  Physical Address  Type
211.16.12.1  00-05-5f-ee-e0-54 dynamic
211.16.13.14 00-05-5f-ee-e0-54 dynamic

00-05-5F is Cisco's vendor code. Perhaps it's your default gateway? What 
are the 211.16 addresses? Are they your local machines?

I think we need more info to answer the question But perhaps knowing 
that the MAC address is a Cisco device will help. It could be the default 
gateway or the UBR at the service provider's network. But with no more info 
about your topology, I'm just guessing.

Priscilla


for all other hosts as well the physical address is
same as above. I guess the physical address is of the
access server that out host is connecting to (or
rather for the same subnet all hosts connect to this
same access server, could be a dhcp server as well).

i guess it is a switched environment. but still the
physical address for different hosts should show up as
different.
anyone knows what is going on here 



--- sam sneed  wrote:
  I just changed services from DSL to cable modem. I
  have heard from people,
  including verizon, that cable is not as secure as
  DSL becuase it is over a
  shared medium. I connected to my cable modem and
  fired up my packet sniffer.
  I did not see anyone elses traffic on the line so i
  am assuming the bandwith
  is shared( a known fact about cable access) but is
  somehow filtered at the
  cable modem(bridge). Does anyone know if this
  assumption is true and the
  inside details of the how data is transmitted over
  the cable network? A link
  to a whitepaer would be great.
 
  thanks
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38840t=38705
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Bit Swapping [7:38823]

[Kaminski, Shawn G]

Here is how I understand it:

Let's say 0110.1234.5678 is represented on the Token Ring side. Then,
8008.482c.6a1e is the source MAC address as it would be represented on the
Ethernet segment. This is because you're going from Token Ring to Ethernet
and bit (opposite or reverse) swapping takes place. How is this done? First
write out the source MAC address in binary (hopefully, this shows up like I
typed it):

  011   0  1 23   4   56   78
 0001 0001    0001 0010 0011 0100   0101 0110 0111 1000
  \ / \   /
   \ /   \ /
\ \
   / \   / \
  /   \ /   \
1000   1000   0100 1000 0010 1100   0110 1010 0001 1110
  800   8   482   C   6a1e


As shown above, bit swap each bit shown by the arrows. So, for example, 0001
becomes 1000 after the swap, 0011 becomes 1100, 0111 becomes 1110, etc.
You'll notice that 0110 and  stay the same because writing them
backwards gives you the same result.


Shawn K.



-Original Message-
From: Mckenzie Bill [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, March 19, 2002 12:31 PM
To: [EMAIL PROTECTED]
Subject: Bit Swapping [7:38823]


Can anyone give me an easy explain how to figure out bit swapping from Token
Ring to Ethernet?

I reviewed the Token Ring Whitepaper, but there is such a short section on
it.

Thanks,
Bill




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38841t=38823
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is cable network really a shared medium?(more [7:38718]

[Priscilla Oppenheimer]

At 11:50 AM 3/19/02, Fraasch James wrote:
You guys are both right.  Cable modem plants are a broadcast network.  All
packets are sent down the line and you have the ability to see everyone's
traffic 'IF' you could sniff the cable line and not sniff the ethernet cable
going to your PC.  Most cable modems are simply mini-routers so if packets
are not destined for you then they are dropped.  However, if you could
console into your modem (depending on brand) you could change the thing to a
bridge.  So if your modem was set up as a bridge then you could see all the
traffic.

Just changing the cable modem to bridging mode wouldn't mean you could see 
everyone else's traffic, would it? It doesn't cause the cable modem to act 
like a hub. You could see broadcasts, but not everyone else's traffic, 
don't you think?

Priscilla


And baseline privacy it's great in theory yes.  But think about this:  When
subcribers first get their equipment installed there is no software added to
their PC that allows them to de-encrypt the data traveling around the
network. So where does the de-encryption happen?  The modem and CMTS are
what de-encyrpt the data.  And in order for your modem to know if a packet
is destined for you on this broadcast network it needs to de-encrypt the
packet and then drop it.

So you are on a broadcast network where all cable modems can de-encrypt all
data.  If the modem was configured as a bridge and simply forwarded all data
to the ethernet port, then you could sniff til the cows come home.

Understand that I am a HUGE fan of cable modem services.  There are just
some small holes that need to be filled. Security is one issue and quality
of service at the cable modem level is another- although this can be
addressed a little bit by playing with the bandwidth settings in the
cmconfig files that are downloaded when the thing boots up.

James

www.itpapers.com has about 85 papers on Cable Modems. Registration is
required and free- except for the occasional email.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38842t=38718
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: wan home lab [7:38829]

[Guy]

You will need a CSU/DSU, for one of the 2500 routers... then a loopback line
cable (easy to make). then you could do what you are wanting... But to
behonest with you, when you hook up 2 serials together, you are simulating a
wan connection, default is T1 unless you change the bandwidth command...

- Original Message -
From: v s 
To: 
Sent: Tuesday, March 19, 2002 12:04 PM
Subject: wan home lab [7:38829]


 I am setting up a home lab. I have a Cisco 2600 with a T1 csu/dsu and 2
 Ethernet connections

 I want to simulate a wan environment with a 2500 with 2 serial connections
 and 1 aui Ethernet.


 What type of cabling do I need to establish a connection between the 2
 routers?


 If the T1 csu/dsu takes rj48 ? how do I connect that to the serial

 connection on the 2500?





 DTE/DCE  v.35


 Will I need a CSU/DSU ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38843t=38829
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Flapping [7:38822]

[Bill Carter]

shutting down the interface doesn't work when testing backup interface.  The
router is pretty smart and can tell the difference between Admin down and
down.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Matthew Meiers
Sent: Tuesday, March 19, 2002 12:06 PM
To: [EMAIL PROTECTED]
Subject: RE: Flapping [7:38822]


Just use the shutdown command

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
PING
Sent: Tuesday, March 19, 2002 11:12 AM
To: [EMAIL PROTECTED]
Subject: Flapping [7:38822]

I am looking for some tool which can generate hardware line flaps.  I
have been doing this by going into the lab and manually jiggling the
interface cable at various intervals and watching the debug output on
the console.
I was wondering if there were any tools that would help me do this in a
smarter way?

Nadeem




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38844t=38822
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Home Network [7:38818]

[Guy]

You have several choices...

Choice 1 (low budget...) have 2 nics in the 200 server... One nic goes to
your DSL modem, one to a switch
Setup NAT for translation between them (already included in 2000 server...)
If your 200 Serv er is the AD Server, and your clients are part of the 2000
domain, then your 2000 server must be the DNS server... Go into the DNS
properties, make sure there is no folder in the root called root ( a yellow
folder named . ((Yes called dot but with a . not the words))) if this
exists, simply delete it... Then go into the properties of DNS and check
enable forwarding, and set the DNS of your ISP. This will keep your DNS
environment intact for Active directory, and still allow everyone to connect
to websites...

Option 2, buy a DSL router $99.99 with 4 switchports at best buy... And
follow the picture on the box for setup... do the same thing for the DNS
info I supplied, and make sure your clients are using your 2000 DNS and let
the 2000 DNS server forward requests out of the domain...


As far as your routers etc.. place them wherever...


- Original Message -
From: James Gruggett 
To: 
Sent: Tuesday, March 19, 2002 10:45 AM
Subject: Home Network [7:38818]


 Hello everyone,

 I am in the process of setting up a home lab and I have a few questions.

 I will be running 2000 advanced server with various clients, I have a
 1900, 2900 series switches and two 2501 routers.

 My first question is how can I provide internet access to all my clients
 ( will I have to use a proxy server for my clients) I have DSL (
 internal PCI modem) which I guess I will run on my 2000 server.

 Also, how could I add in my routers?

 Thanks in advance

 --



 James E. Gruggett MCSE
 Network Administrator
 Fedex Services
 901-263-7595

 [GroupStudy.com removed an attachment of type text/x-vcard which had a
name
 of james.gruggett.vcf]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38845t=38818
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is cable network really a shared medium?(more [7:38718]

[Fraasch James]

My bad.  True, you would see broadcasts but not all traffic.  


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38846t=38718
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Rack [7:38796]

[Woods, Randall, SOLCM]

The rack I would really like would cost me a couple of dinners and a
night at the movies but I'll have to be content with what I have right
now. :P

Woody

-Original Message-
From: Patrick Ramsey [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 19, 2002 11:08 AM
To: [EMAIL PROTECTED]
Subject: Re: Rack [7:38796]


I didn't see any with shelves but this is what all my buddies say is
good
stuff!

http://www.geocities.com/Yosemite/Geyser/9050/

 [EMAIL PROTECTED]  03/19/02 10:57AM 
Hello all,

I am looking for a rack with shelves as well, any advice would be
appreciated.  Cheap would be good too!   :-)





Kevin McCarty
Computer Sciences Corporation
Defense Sector
618 622 4757


 

   
Woods,
Randall, To:
[EMAIL PROTECTED] 
SOLCM  
cc:
 

Sent
by:
   
nobody
 

 

   
03/19/2002
09:32
AM
   
Please
respond
to
   
Woods,
   
Randall,
   
SOLCM
 

 





Hi all,
I'm trying to find a rack for my routers. Does anyone have a good
source?

Woody
CCNP
  Confidentiality Disclaimer   
This email and any files transmitted with it may contain confidential
and
/or proprietary information in the possession of WellStar Health System,
Inc. (WellStar) and is intended only for the individual or entity to
whom
addressed.  This email may contain information that is held to be
privileged, confidential and exempt from disclosure under applicable
law. If
the reader of this message is not the intended recipient, you are hereby
notified that any unauthorized access, dissemination, distribution or
copying of any information from this email is strictly prohibited, and
may
subject you to criminal and/or civil liability. If you have received
this
email in error, please notify the sender by reply email and then delete
this
email and its attachments from your computer. Thank you.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38847t=38796
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to monitor the bridging traffic at routers [7:38758]

[Priscilla Oppenheimer]

You could make use of the fact that a bridge just forwards traffic without 
changing the MAC address, whereas a router decapsulates the packet from the 
Layer 2 header and re-encapsulates, using its own MAC address. Assuming you 
have a topology like this:

hosts-2500e0--e04000-hosts

Do a show arp on the 2500 and 4000. In a routed network, you would just see 
the other router on the e0 interfaces. In a bridged network, you'll see the 
hosts' MAC addresses.

Priscilla

At 02:56 AM 3/19/02, dovelet wrote:
Hi all,

Our company's network are connected using some Cisco 2500 and Cisco 4000
routers. As we need to cater some non-routable protocols, bridging is also
enabled at all routers. I would like to know, is there any methods to
monitor which hosts are using bridging through the routers? Of course, I can
use a sniffer to capture the traffic, but the network is too large for us to
do so.

Please advise.

Regards,
Dovelet


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38848t=38758
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to monitor the bridging traffic at routers [7:38758]

[Priscilla Oppenheimer]

To reply to my own post ;-), I must mention that the show arp is a good 
solution in theory, but in practice, it only works with protocols that use 
ARP (such as IP), and you're probably routing those protocols?

Are you on Token Ring?

If yes, the show lnm station command might help. If you had something like:

hosts-2500to0---to04000---hosts

Same theory as before: If routing, show lnm station on the to0 interfaces 
would just show each other. If bridging, you would see the hosts.

Is NetBIOS one of your non-routed protocols? The show netbios name-cache 
command might help.

Are you using transparent bridging?

If yes, the show bridge command might help. It shows you the MAC addresses 
that the bridging software has learned.

So, bottom line: learn more about the protocols in use and which ones are 
routed/bridged. Use appropriate commands based on additional knowledge 
gained.. Of course, the real answer is the one that you mentioned: get 
a Sniffer! ;-) You say the network is too large, but with good knowledge of 
your topology, you might be able to identify a backbone or server LAN where 
you could place a single Sniffer and get a lot of info.

Priscilla

At 02:32 PM 3/19/02, Priscilla Oppenheimer wrote:
You could make use of the fact that a bridge just forwards traffic without
changing the MAC address, whereas a router decapsulates the packet from the
Layer 2 header and re-encapsulates, using its own MAC address. Assuming you
have a topology like this:

hosts-2500e0--e04000-hosts

Do a show arp on the 2500 and 4000. In a routed network, you would just see
the other router on the e0 interfaces. In a bridged network, you'll see the
hosts' MAC addresses.

Priscilla

At 02:56 AM 3/19/02, dovelet wrote:
 Hi all,
 
 Our company's network are connected using some Cisco 2500 and Cisco 4000
 routers. As we need to cater some non-routable protocols, bridging is also
 enabled at all routers. I would like to know, is there any methods to
 monitor which hosts are using bridging through the routers? Of course, I
can
 use a sniffer to capture the traffic, but the network is too large for us
to
 do so.
 
 Please advise.
 
 Regards,
 Dovelet


Priscilla Oppenheimer
http://www.priscilla.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38850t=38758
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

isdn inbound [7:38851]

[Michael Kelker]

I'm trying to setup a ISDN inbound interface so that up to 3 people can call
in and specify how many channels of this PRI line they take up.

so, for example :  caller 1 may only have 1 or 2 channels.
caller 2 may take up 12
caller 3 may have 4

so the point is, can it be configured so this can be caller-directed
regarding things like bandwidth, etc?  Any ideas?  or does anyone know where
to look for this sort of stuff.. Everywhere always talks about DDR or
outbound.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38851t=38851
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: wan home lab [7:38829]

[Kelly Cobean]

Given that you are sending channelized data from the 2600, you will need an
external CSU for the 2500 to return the channelized data from the 2600 back
to serialized data.  The cabling between the two CSU's is a simple crossover
cable where the pinout is:

1  --  4
2  --  5
4  --  1
5  --  2

Then you'd need a V.35 to (presumably) DB-60 for the connection from the CSU
to the 2500.  Configure the CSU's to utilize all 24 channels, and
POOF...Simulated T-1...

Hope this helps.

Kelly Cobean, CCNP, CCSA, ACSA, MCSE, MCP+I
Network Engineer
GRC International, Inc., an ATT company


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of v
s
Sent: Tuesday, March 19, 2002 1:04 PM
To: [EMAIL PROTECTED]
Subject: wan home lab [7:38829]


I am setting up a home lab. I have a Cisco 2600 with a T1 csu/dsu and 2
Ethernet connections

I want to simulate a wan environment with a 2500 with 2 serial connections
and 1 aui Ethernet.


What type of cabling do I need to establish a connection between the 2
routers?


If the T1 csu/dsu takes rj48 ? how do I connect that to the serial

connection on the 2500?





DTE/DCE  v.35


Will I need a CSU/DSU ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38852t=38829
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: SNMP Packet question [7:38824]

[John Danner]

You should take a look at Cricket. 
http://cricket.sourceforge.net/

We use it to monitor traffic on links, router memory/cpu usage.

Here's an example of what it can create:
http://cricket.sourceforge.net/support/talks/cricket-examples/route-flap/

It uses the RddTool that someone already mentioned.

-John


sam sneed wrote:
 
 Hello group,
 
 I am trying to write a script in perl to monitor interface
 errors and total
 traffic during work hours. I'm doing an snmpwalk to get the
 info. I want the
 total amount of packets in and out of an interface so I can
 calculate the %
 of errors on the line.
 
 Cisco says on their site :
 http://www.cisco.com/warp/public/477/SNMP/5.html
 
 that
   ifInNUcastPkts (.1.3.6.1.2.1.2.2.1.12) are counts of
 inbound broadcast
 and multicast packets
 
   ifOutUcastPkts (.1.3.6.1.2.1.2.2.1.17) are counts of
 outbound
 broadcast and multicast packets
 
 
 besides In and Out whats the difference? I thought Ucast meant
 unicast and
 NUcast meant broadcast and multicast.
 When queried, every int gives NUcast and Ucast which are
 different values.
 How could Cisco define them as the same.
 
 Is this a misprint?
 Lastly I'm assuming that total packets would be the sum of the
 2(unicast +
 multicast/broadcast).
 Is this assumption correct?
 
 
 ps i don't want ifOutOctets  because i want the # of packets
 not bytes.
 
 thankd
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38853t=38824
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rack [7:38796]

[Guy Russell]

I use music racks... they are designed for amps, and mixers etc... usually
for DJs. They have a good counterbalance system, and are on rollers... They
come in 2 standards... europe and american... the american standard is the
same peg spacing as network equipment. and they look sharp

They are under 100.00 usually and stand about 4.5 feet or so.
- Original Message -
From: Woods, Randall, SOLCM 
To: 
Sent: Tuesday, March 19, 2002 1:25 PM
Subject: RE: Rack [7:38796]


 The rack I would really like would cost me a couple of dinners and a
 night at the movies but I'll have to be content with what I have right
 now. :P

 Woody

 -Original Message-
 From: Patrick Ramsey [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, March 19, 2002 11:08 AM
 To: [EMAIL PROTECTED]
 Subject: Re: Rack [7:38796]


 I didn't see any with shelves but this is what all my buddies say is
 good
 stuff!

 http://www.geocities.com/Yosemite/Geyser/9050/

  [EMAIL PROTECTED]  03/19/02 10:57AM 
 Hello all,

 I am looking for a rack with shelves as well, any advice would be
 appreciated.  Cheap would be good too!   :-)





 Kevin McCarty
 Computer Sciences Corporation
 Defense Sector
 618 622 4757





 Woods,
 Randall, To:
 [EMAIL PROTECTED]
 SOLCM
 cc:


 Sent
 by:

 nobody





 03/19/2002
 09:32
 AM

 Please
 respond
 to

 Woods,

 Randall,

 SOLCM








 Hi all,
 I'm trying to find a rack for my routers. Does anyone have a good
 source?

 Woody
 CCNP
   Confidentiality DisclaimerThis email and any files
transmitted with it may contain confidential
 and
 /or proprietary information in the possession of WellStar Health System,
 Inc. (WellStar) and is intended only for the individual or entity to
 whom
 addressed.  This email may contain information that is held to be
 privileged, confidential and exempt from disclosure under applicable
 law. If
 the reader of this message is not the intended recipient, you are hereby
 notified that any unauthorized access, dissemination, distribution or
 copying of any information from this email is strictly prohibited, and
 may
 subject you to criminal and/or civil liability. If you have received
 this
 email in error, please notify the sender by reply email and then delete
 this
 email and its attachments from your computer. Thank you.

 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38854t=38796
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Whats the difference between Classful Classless??? [7:38856]

[Matt Saunders]

Hi Group,

Im really struggling to understand the requirement in using the ip classless
command when you are configuring a default route.

I noticed that RIP 2 is a classless protocol  RIP ver 1 is a classfull.

Can anyone help me understand what the difference is (in simple terms!!) as
i want to move on with my studies though im sure this is something thats
going to come up again

Cheers

Matt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38856t=38856
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP Question [7:38858]

[Alejandro Acosta]

Hi all,
  I am having a BGP problem, and I am not sure how to solve it. Like Jeff
Doyle's book says: BGP is not a difficult problem, the problem is the
scenario. This is the scenario that I have:



   ---
   | I N T E R N E T  |
   ---
   |Link A  |Link B
   ||
---  Link E   ---
| AS 1 |  -- | AS 3 |
 
   |Link C | Link D
   |   |
   
   | I am here|
   




When all links are up everything works fine.

The problem is: When Link B goes down, there is not any traffic on Link D.
In this case Link C gets full and my customer start to call me!. I know it
is because there is one more AS hop to reach AS 1, one of the BGP metrics is
the amount of AS hops between links. I can manually add one or two prepends
for AS 3 and the traffic goes ok, I am taking advantage of Link E

My question is: Is there any way that this can be done automaticly?, do I
have to use BGP communities?

Thanks in advanced, any approach is appreciated.

Alejandro Acosta




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38858t=38858
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Hybrid to Native IOS conversion [7:38859]

[[EMAIL PROTECTED]]

This is the first question I have posted, I appreciate any ideas or
suggestions
you can provide.

We are following the steps outlined at:
http://www.cisco.com/warp/public/473/81.shtml
to do the software conversion from Hybrid to Native IOS on our Cat 6506. 
After
step 18 (if you have the instructions to reference) and we tell it to boot
from
the Native IOS, it comes back up saying that the RP is starting as secondary
processor and it is changing console ownership to switch processor.  It is
supposed
to start as primary processor and console ownership should be changed to the
RP.

All the steps to this point have gone smooth, but it comes up in the SP and
we can't continue with the procedures.  This process is a first for us and we
are still playing with it, but any suggestions/experience you have to share
would be appreciated.

Thanks,
Aaron




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38859t=38859
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Appreciate Your Expertise On This Strange ARP Problem [7:38860]

[[EMAIL PROTECTED]]

Hi Rob and Logan

thanks much for your time and expertise.. 

I belive you both have given the right answers. sicne i only manage A's
network, i didn't realy have a chance to see what was really happening. 

Yes, according to B's network support, A router's arp reply won the race. so
the client will send packet destinated to servers  to A router. when the
default route was removed, a returning route to the client was not there any
more.

Thank again.

regard
alec

-Original Message-
From: Rob Webber [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 20 March 2002 5:53AM
To: [EMAIL PROTECTED]
Subject: Re: Appreciate Your Expertise On This Strange ARP Problem
[7:38828]


Alec,

This is quite an interesting scenario you ran into. I think I can explain
what happened.

As you mentioned Cisco enables proxy-arp by default. Usually this is a good
thing - in this case it was the cause of the problems.

Before the change when a 10.67.7.* DHCP client wanted to connect to a
10.67.1.* server, the client would issue an ARP request for the 10.67.1.*
address. This ARP request would reach the actual server as well as the A
router. The A router would see that the request was for an address that it
believed was on a completely different subnet (10.67.1.0). Since proxy ARP
was enabled (by default), the router would answer the ARP request using its
own mac address as the destination mac address. At this point there would be
a race between the server responding (correctly) to the ARP request and the
A router responding to the ARP request.

When the server's ARP response won that race, everything worked fine. When
the A router won the ARP response race, it would receive the packets
destined for the server from the client. The A router would then attempt to
route those packets to the correct destination. Its default route said to
route them to router B, which it would do. Router B would then know to
forward those packets right back out the same interface to the server. In
this scenario traffic was taking a strange path, but still working (its
likely router B would actually also send an ICMP packet which may have taken
router A out of the loop).

When the default route for router A was removed, the same race still
occurred. Except now when router A won the race it had no route to correctly
send the packet. Thus the packets would never make it to router B and/or the
server and communication was lost.

You correctly fixed the problem, though it would have been interesting to
see if disabling proxy arp on router A also would have fixed the problem. My
guess is it would have...

Rob.
 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi there

 This is my first time to post a question.

 Here is a real scenario which happened a few days ago. Though the problem
 has been resolved, i still cannot understand what the cause is.

 Customer A has a partner connection to B's network. due to lack of
 capability on B's Router/Firewall, one of A's router is plugged directly
 onto B's internal LAN(sounds silly, but it is true).

 B's LAN use 10.67.0.0/16 address, of which 10.67.1.x is for servers,
 10.67.2.x for routers/switches, 10.67.7.x and 10.67.8.x for DHCP clients.
 B's router has 10.67.2.1 addr.

 A's router on B's LAN gets assigned an ip addr 10.67.2.2,but a wrong /24
 mask was given by B. since A's users need to talk to B's server, a static
 route(ip route 10.67.1.0 255.255.255.0 10.67.2.1) was added.

 A default route is also configured(ip route 0.0.0.0 0.0.0.0 10.67.2.1) on
 the A's router.

 when this default route was taken off(no obvious reason to point a default
 route to B's default router), all B's dhcp clients cannot talk to their
own
 servers(10.67.1.x) any more even they are on the same subnet.

 B's network support was called in, and they found that the A's router is
 incorrectly answering ARP requests(by default ip proxy-arp is enabled on
the
 LAN interface). and somehow the arp respone reaches the client before the
 server's, so the client cannot talk to the servers.

 the problem later was resolved by rectifying the subnet mask on A's
router.
 but i still cannot figure out what went wrong when the default route on
A's
 router was removed.

 I'll be much appreciated if anyone can shed some lights on this.

 regards

 Alec Shi


 Senior Support Engineer
 Axon Computertime
 Auckland
 NZ



 --
 The information contained in this e-mail message is intended only for the
 use of the person or entity to whom it is addressed and may contain
 information that is CONFIDENTIAL and may be exempt from disclosure under
 applicable laws.

 If you read this message and are not the addressee you are notified that
 use, dissemination, distribution, or reproduction of this message is
 prohibited. If you have received this message in error, please notify us
 immediately and delete the original message. You should scan this message
 and any attached files for viruses.

 Axon Computertime accepts no liability for any loss caused 

Re: Whats the difference between Classful Classless??? [7:38861]

[MADMAN]

Lets say your network is 170.10.0.0/16.  You have a router with a
default route pointing at your ISP.  Someone finger checks their telnet
and tries to connect to 170.10.200.1 and this subnet doesn't exist
within your network.  With no ip classless the router drops packet. 
With ip classless the packet will follow default until it gets to your
provider who promptly sends it back to you until the TTL expires.

  You can also do this with ip classless

  inter e0
  ip add 192.168.1.1 255.255.0.0

  classful would not recognize the /16 mask as being valid for 192.168.

  Dave
  

Matt Saunders wrote:
 
 Hi Group,
 
 Im really struggling to understand the requirement in using the ip
classless
 command when you are configuring a default route.
 
 I noticed that RIP 2 is a classless protocol  RIP ver 1 is a classfull.
 
 Can anyone help me understand what the difference is (in simple terms!!) as
 i want to move on with my studies though im sure this is something thats
 going to come up again
 
 Cheers
 
 Matt
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38861t=38861
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE Token Ring [7:38863]

[James]

Hello

I have read in a previous post that the CCIE R/S
program is dropping token ring stuff. Is that true or
does anyone know when will that be effective ?
Does anyone with experience with the lab know how much
does the token ring stuff is needed ? Is it worth
buying a Cat 3900 for a home lab or would getting
online rack access work as fine ?
any information is greatly appreciated.

Thank you.

__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38863t=38863
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Whats the difference between Classful Classless??? [7:38862]

[Steven A. Ridder]

In the simplest terms, one carries a mask (RIP 2, the classless) and one
dosen't.  If it has a mask, the router knows which part of address is
network and which is host.  Also, the classful protocol has to rely on the
class of the protocol (A, B, C, D, E) to derive the network and host, unless
the router has an interface attached to a subnetted network.  The best book
to learn this is CCIE Practical Studies, Vol 1, as the author does a good
job explaining it.

Also classless and classful protocols look up routes in the rouing table
differently.  A classless use the longest match (most subnet bits in mask)
to determine best route to destination and the classfull looks up by major
network first, then works it's way down til it finds the best match.  Also
with classless, you can use ip route 0.0.0.0 0.0.0.0 to create a gateway
of last resort.

--

RFC 1149 Compliant.
Get in my head:
http://sar.dynu.com


Matt Saunders  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi Group,

 Im really struggling to understand the requirement in using the ip
classless
 command when you are configuring a default route.

 I noticed that RIP 2 is a classless protocol  RIP ver 1 is a classfull.

 Can anyone help me understand what the difference is (in simple terms!!)
as
 i want to move on with my studies though im sure this is something thats
 going to come up again

 Cheers

 Matt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38862t=38862
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Whats the difference between Classful Classless??? [7:38864]

[Steven A. Ridder]

--

RFC 1149 Compliant.
Get in my head:
http://sar.dynu.com


Steven A. Ridder  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 In the simplest terms, one carries a mask (RIP 2, the classless) and one
 dosen't.  If it has a mask, the router knows which part of address is
 network and which is host.

Also, the classful protocol has to rely on the
 class of the protocol (A, B, C, D, E) to derive the network and host,
unless
 the router has an interface attached to a subnetted network.

Above should read:  ..The classful protocl has to rely on the class of the
ADDRESS (A,B,C,D,E) to derive..


The best book
 to learn this is CCIE Practical Studies, Vol 1, as the author does a good
 job explaining it.

 Also classless and classful protocols look up routes in the rouing table
 differently.  A classless use the longest match (most subnet bits in mask)
 to determine best route to destination and the classfull looks up by major
 network first, then works it's way down til it finds the best match.  Also
 with classless, you can use ip route 0.0.0.0 0.0.0.0 to create a gateway
 of last resort.

 --

 RFC 1149 Compliant.
 Get in my head:
 http://sar.dynu.com


 Matt Saunders  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Hi Group,
 
  Im really struggling to understand the requirement in using the ip
 classless
  command when you are configuring a default route.
 
  I noticed that RIP 2 is a classless protocol  RIP ver 1 is a classfull.
 
  Can anyone help me understand what the difference is (in simple terms!!)
 as
  i want to move on with my studies though im sure this is something thats
  going to come up again
 
  Cheers
 
  Matt




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38864t=38864
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Who is Priscilla Oppenheimer ? [7:38662]

[[EMAIL PROTECTED]]

Hmm, obviously a couple of minor cultural differences.  Comments inline.
JMcL
- Forwarded by Jenny Mcleod/NSO/CSDA on 20/03/2002 08:51 am -


Logan, Harold 
Sent by: [EMAIL PROTECTED]
20/03/2002 12:08 am
Please respond to Logan, Harold

 
To: [EMAIL PROTECTED]
cc: 
Subject:RE: Who is Priscilla Oppenheimer ? [7:38662]


No kidding, the art on the ciscopress books doesn't do networkers any
justice at all. If nothing else, they should draw the guy on the copvers 
so
he fits the techy demographic better: He should have some form of facial
hair, JMcL: Facial hair isn't so popular around here - can't say I was 
specifically checking, but I can't remember too many beards at Networkers, 
and not many hairy upper lips either.  Receding hairlines, however, are a 
different matter - I notice that not many of the CiscoPress guys suffer 
from that though /JMcL, he should be slightly overweight, JMcL: Only 
slightly.  A lot of networkers around here are nerdy but fit - perhaps 
from lugging around those heavy routers? /JMcL 
he should have a cigarette in one hand JMcL: In the workplace?  You've got 
to be kidding.  Serious social (and often legal) faux pas. /JMcL and 
coffee (or mountain dew) in the other  JMcL: or Coke (the drink, not the 
drug :-).  I'm abnormal - I drink strong black tea. /JMcL, and there's no 
way he should be wearing a tie, especially while trying to troubleshoot a 
connectivity problem. (Possible exception: the Ties Suck tie on 
thinkgeek.com)  JMcL: Agreed, unless it's to be used as an emergency strap 
for securing equipment in place. /JMcL

As for the women on the covers, they should somehow be depicted as
presenting the solution for whatever problem the guy is working on, with 
the
alpha male stubbornly ignoring them.
JMcL: Naturally!  Getting back (sort of) on the original thread, I notice 
that the (rare) woman on the cover of Priscilla's TDND is the only one 
RTFM'ing.  I'll bet she comes up with a working solution first ;-)  I have 
a sneaky suspicion that the bloke at the laptop is about to start drawing 
on the screen with his felt-tip pen, but at least he doesn't have a tie. 
/JMcL

(Wonder how many flames I'll get for this one?)
JMcL: probably fewer than me!  /JMcL

Cheers,
Hal

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Monday, March 18, 2002 5:14 PM
To: [EMAIL PROTECTED]
Subject: RE: Who is Priscilla Oppenheimer ? [7:38662]


I hear that in addition to her network
design work and training she's also doing some modeling for book covers
on the side.  ;-)

Oh good, I am *so* sick of all those chunky men with rolled-up sleeves on 
the Cisco Press books.  Priscilla - even a digitised and modified version 
- has *got* to be better.   ;-)

(Priscilla's going to be doing a lot of paying out...)

JMcL
- Forwarded by Jenny Mcleod/NSO/CSDA on 19/03/2002 09:08 am -


John Neiberger 
Sent by: [EMAIL PROTECTED]
19/03/2002 04:11 am
Please respond to John Neiberger

 
To: [EMAIL PROTECTED]
cc: 
Subject:RE: Who is Priscilla Oppenheimer ? [7:38662]


For a real insight into Priscilla, take a look at her interview with
Fabio at www.routergod.com.  I hear that in addition to her network
design work and training she's also doing some modeling for book covers
on the side.  ;-)

(I know I'm going to pay for that later)

John

 William Gragido  3/18/02 9:50:10 AM 
LOL.  Hey Priscilla, who are you anyways ;-)  What was the name of that
book
you authored? 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
dk
Sent: Monday, March 18, 2002 9:51 AM
To: [EMAIL PROTECTED] 
Subject: Who is Priscilla Oppenheimer ? [7:38662]


Who is this mystery woman .. who seems to know everything !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38865t=38662
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE Token Ring [7:38863]

[Jim Brown]

Get online access for the 3900 it is enough. Be very sad they are removing
Token Ring from the lab, there are the easiest points you will receive on
the lab.

-Original Message-
From: James [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, March 19, 2002 2:42 PM
To: [EMAIL PROTECTED]
Subject: CCIE Token Ring [7:38863]


Hello

I have read in a previous post that the CCIE R/S
program is dropping token ring stuff. Is that true or
does anyone know when will that be effective ?
Does anyone with experience with the lab know how much
does the token ring stuff is needed ? Is it worth
buying a Cat 3900 for a home lab or would getting
online rack access work as fine ?
any information is greatly appreciated.

Thank you.

__
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38866t=38863
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]