STUDY MATERIALS [7:46975]
HI JUST CLICK ON THE LINK http://www.mcmi.com/forums/aplus/index.cgi?read=33 LEE Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46975&t=46975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
GOOD LINK [7:46974]
JUST TRY THIS LINK http://www.mcmi.com/forums/aplus/index.cgi?read=33 LEE Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46974&t=46974 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: confreg [7:46924]
Tim Potier wrote: > > I understand the bit significance for the 16-bit confreg, but I > am confused about the SEQUENCE of the boot and the issue with > netboot. Assume confreg 0x2102, what is the correct boot > sequence? Where does the flash overide (0x2-0xF) come into > play i.e. does it replace the need to boot from the network > or simply step in line before the attempt to netboot? > You called it 'flash overide' but I'm not certain why. This isn't an override of booting via netboot necessarily, but it can be. It may be used to specify the exact name of the image to boot via netboot or any other means the router can boot by. When the config register boot field has a value between 0x2 and 0xF then the router will, by defualt, try and do a netboot and constructing a name of 'cisco' the octal equiv of the boot field value, a dash and then the processor type. If it's a 2500 it'd be cisco4-igs for a boot register value of 0x4. If you in addition have a boot command that specifies a netboot filename, then that will be used instead. For example, if you had this in your config: 'boot system ftp myimage.bin 10.0.0.100' It would try the netboot using that name, via FTP and to that host address. It would not construct the name as indicated above because you have specified it. If you instead want to boot from flash, it will also not construct the netboot filename automatically because once again, you have specified your boot location and it will attempt to load the image from there. I'm not certain that that answered anything at all for you Good Luck! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46971&t=46924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT - Mega, Kilo etc [7:46940]
On Tue, 18 Jun 2002, Priscilla Oppenheimer wrote: > I wonder if memory and storage are different because the memory is > addressable? Dividing it into logical chunks with power of two numbers was > probably easier for the OS developers. With transmissions speeds, we're For memory and harddrives it is a power of two because the number of address lines and i/o lines into the memory segment are a power of two. It was done this way because of the hardware implementation required to address each memory segment. Somewhere in my boxes of college stuff I have my book from last falls Comp. Engineering course which explained all the requirements and math for addressing memory (along with the hardware implementation). - Andrew Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46970&t=46940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP on 6509 with Hybrid into PIX's in failover mo [7:46929]
I had a customer that did the same thing you described on our 6509's with only 1 sup eng (don't ask me why there was no redundancy - big mistake)that were going into a PIX 510. The cfg is below, and what the standby group info looked like. That was before they shut down and gave us good net guys the boot. The names hav been removed to protect the innocent. HTH's... #show standby FastEthernet4/26 - Group 30 Local state is Active, priority 150, may preempt Preemption delayed for at least 300 secs Hellotime 3 holdtime 10 Next hello sent in 00:00:00.098 Hot standby IP address is 128.242.170.1 configured Active router is local Standby router is unknown expired Standby virtual mac address is .0c07.ac1e 61 state changes, last state change 18:27:52 6509 #1 ! interface FastEthernet4/26 description AC: XXX -local wire ip address 128.242.170.3 255.255.255.240 no ip redirects no ip proxy-arp ip route-cache same-interface duplex full speed 10 no cdp enable standby 30 priority 150 preempt delay 300 standby 30 ip 128.242.170.1 6509 #2 = ! interface FastEthernet4/26 description AC: -local wire ip address 128.242.170.3 255.255.255.240 no ip redirects no ip proxy-arp ip route-cache same-interface duplex full speed 10 no cdp enable standby 30 priority 100 preempt delay 300 standby 30 ip 128.242.170.1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46969&t=46929 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: confreg [7:46924]
No takers on this one? I am really trying to pinpoint whether a device will look to the network for a valid IOS if no valid IOS is found in flash with the confreg set at 0x2102 and the boot statement is listed in the config pointing to flash. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46968&t=46924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT - Mega, Kilo etc [7:46940]
Ugh. I hate the fact that disk-drive manufacturers get away with re-defining the definition of a MegaByte and GigaByte. Other manufactures do not have luxury. Think about the auto industry. If they would just redefine a mile to be 5000 ft, they could increase the average fuel efficiency of the fleet. Why not, 5000 is a nice round number. Here is what the values should be: 1 KiloByte = 1024 Bytes 1 MegaByte = 1024 KiloBytes 1 GigaByte = 1024 MegaBytes So 1 GigaByte is 1024x1024x1024 or 1,073,741,824 bytes. By redefining the definition, they are giving you 6.9% less disk space then advertised. This is why my 30GB disk drive only shows 28.5 GB in Windows 98. With regards to data networks the metric is different. We are talking about "bits" not "bytes". So: 1 kilobit = 1000 bits 1 Megabit = 1000 kilobits 1 GigaBit = 1000 Megabits When someone says "1 Gigabit" they are talking about 1 Billion Bits. When someone says "1 GigaByte" they are saying 1,073,741,824 Bytes or (for most computers) 8,589,934,592 bits. Well I am going to go jogging now. I can run a one minute mile*! Paul Borghese * Paul defines 1 mile = 1000 ft. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46967&t=46940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Combining T1's into one pipe [7:46942]
true- cef if the best for most situations, certainly at the 7500 and gsr levels where mlppp is a joke.. i m just saying for 2600 with 2 t's, also i have experienced lots of cef problems with NAT, which you would normally do on a little 2600. mlppp for me has not had these issues.. but i agree if you can use cef, the it is much better on bigger interfaces. and the only time i would really avoid mlppp is with an isp that does not advertise the vanilla "NXDS1" solutions. (people like me who want 8 to 11 Mbps, but dont want to put all my eggs on a single DS-3 loop) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46966&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Combining T1's into one pipe [7:46942]
> Yes I would use mlppp and ios in the same sentence, as I have > been running it without a hitch on a 7200 for 6 months. also, > you guys are missing his point (t-1's to the internet) what ISP > is going to run > OSPF or EIGRP with a customer ? please. I don't see anything in the original post about an ISP or the Internet. Just a mention that these 2 T1's terminate at the same router at each end. I've personally used both, and don't necessarily have a preference. Both CEF and MPPP worked absolutely fine for me in every case. Good Luck! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46965&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Real ZOO web site, welcome! ID
Oops, looks as if I will need to add a few additional keywords for the moderators queue :-). I am still trying to figure out how this message bypassed the Anti-Spam mechanisms of the site. Paul Borghese Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46964&t=46951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IDSPM [7:46928]
I have not seen any hardcopy official courseware for IDS Policy Manager yet, but there is a CBT CD by Cisco that serves the same purpose and is interactive with animation and videos. If you are studying for IDSPM, I would highly recommend the CBT CD. HTH Bernard Omrani > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Emmanuel Ezeonu > Sent: Tuesday, June 18, 2002 3:27 PM > To: [EMAIL PROTECTED] > Subject: Re: IDSPM [7:46928] > > Hi, > > Can someone advice me on which book to use for this study[IDSPM -9E0- > 572]?. I > am not too sure if Cisco has a courseware for this course. > > Secondly, among the 3 boson practise test on this course, which one do you > consider the best for preparing for this exams. > > Will CSIDS courseware from cisco be of any help to me in preparing for > this > exam even though I do not know anything in UNIX. > > Thanks very much for your response > > Emeka Ezeonu Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46945&t=46928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IDSPM [7:46928]
I used Cisco Secure Intrusion Detection System (Cisco Press) by Earl Carter, ISBN 1-58705-034-X. I found that it covered the topics pretty well. Since there is not an official study guide for the test (that I am aware of), this is probably the best reference for getting a foundation on IDS. If you can, I would also recommend downloading the 90-day evaluation version of CSPM from CCO and getting to know it fairly well. As far as Unix goes, I don't think it is listed in the objectives for the exam but you may want to make sure. Good luck. -Original Message- From: Emmanuel Ezeonu [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 18, 2002 6:27 PM To: [EMAIL PROTECTED] Subject:Re: IDSPM [7:46928] Hi, Can someone advice me on which book to use for this study[IDSPM -9E0-572]?. I am not too sure if Cisco has a courseware for this course. Secondly, among the 3 boson practise test on this course, which one do you consider the best for preparing for this exams. Will CSIDS courseware from cisco be of any help to me in preparing for this exam even though I do not know anything in UNIX. Thanks very much for your response Emeka Ezeonu Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46946&t=46928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Combining T1's into one pipe [7:46942]
""Brunner Joseph"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Yes I would use mlppp and ios in the same sentence, as I have been running > it without a hitch on a 7200 for 6 months. also, you guys are missing his > point (t-1's to the internet) what ISP is going to run > OSPF or EIGRP with a customer ? please. Well I'll put it to you this way. I have a bunch of 7500's that have been running CEF for years without a hitch. On the other hand, I have also done MPPP. Yes, I agree, most of the time it works. But you do get those instances where this one time, at band camp. That's what I'm saying. Both technologies are actually fairly stable. But in my experience, CEF is more stable. That's not to say that MPPP will always fall down every single time. I didn't say that. But in situations like this, you would want to go with what offers you the most stability, if possible. > > Maybe, if they managed the router, but he didnt say that.. its T-1's > (very low bandwidth) even a 2600 can handle the CPU for a measily 3Mbps. > > If he was running high power DS-3's or something then yes CEF would be > better, but keep in mind if it was say BGP, then it would be two peering > sessions (memory and cpu hog thing happening) or 1 peering session to the > loopbacks. (not bad). but for T-1 speeds MLPPP with your provider is the way > to go. Not to mention I dont have any funky 40/60 or 30/70 load balancing > going on - pure 50/50 on 2 T-1's. Its very easy, seemless thing to do for > layer 3. On the other hand, you can get very very funky CPU spikes and router reboots. I'd rather have unequal balancing than to have those kinds of things happening. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46963&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
accounting and billing [7:46962]
Hi all, I was just wondering on what sort of accounting and billing systems people use. I have been given the task of finding a product that will be able to do billing for hotel rooms and a convention centre. any help would be greatly appreciated Regards D'Wayne Saunders Network Administrator CCNP. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46962&t=46962 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Combining T1's into one pipe [7:46942]
Yes I would use mlppp and ios in the same sentence, as I have been running it without a hitch on a 7200 for 6 months. also, you guys are missing his point (t-1's to the internet) what ISP is going to run OSPF or EIGRP with a customer ? please. Maybe, if they managed the router, but he didnt say that.. its T-1's (very low bandwidth) even a 2600 can handle the CPU for a measily 3Mbps. If he was running high power DS-3's or something then yes CEF would be better, but keep in mind if it was say BGP, then it would be two peering sessions (memory and cpu hog thing happening) or 1 peering session to the loopbacks. (not bad). but for T-1 speeds MLPPP with your provider is the way to go. Not to mention I dont have any funky 40/60 or 30/70 load balancing going on - pure 50/50 on 2 T-1's. Its very easy, seemless thing to do for layer 3. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46961&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT - Mega, Kilo etc [7:46940]
I don't think it's codified anywhere. It's just a convention that when referring to speed or frequency, you use powers of 10, and when referring to memory, you use powers of 2. I checked some IEEE docs and they don't even spell out Mbps, let alone explain that it means millions of bits per second, not 1024x1024 bits per second. I wonder if memory and storage are different because the memory is addressable? Dividing it into logical chunks with power of two numbers was probably easier for the OS developers. With transmissions speeds, we're just talking about bits flying out; we don't have a map of the bits and they aren't divided into evenly-sized chunks. The logical meaning of the bits is defined with variable-size packet fields. That's pretty different from what an OS has to do with memory maps. Priscilla At 07:17 PM 6/18/02, [EMAIL PROTECTED] wrote: >This is not specifically related to Cisco, but is a networking question. > >I was having a mild argument yesterday with a PC/server type guy who was >very irate at an ISP for using "gigabyte" to mean "1000 Megabytes" instead >of "1024 Megabytes". He appeared to think that throughout the IT >industry, "K" always means 2 ^ 10, "M" always means 2 ^ 20, etc etc. I >pointed out that this is not always the case (64kbps = 64000 bps, for >example), and haven't yet had a reply (I actually agree with him that the >ISP is using the wrong definition, but I can see why they are). > >However, it got me curious. After a quick squizz through various sources, >I couldn't find any that define the prefixes for networking usage. > >www.whatis.com has an interesting page on the prefixes, which basically >backs up what I thought - roughly, storage (memory sizes etc) usually uses >prefixes calculated in powers of two, while data transfer usually uses >prefixes calculated in powers of ten. > >But is this codified anywhere? For example, do the ethernet standards >define "10 Mbps", or "1 Gbps" (Yes, I know about the IEEE site, but the >standards don't seem to be currently downloadable)? > >JMcL > > >Important: This e-mail is intended for the use of the addressee and may >contain information that is confidential, commercially valuable or subject >to legal or parliamentary privilege. If you are not the intended recipient >you are notified that any review, re-transmission, disclosure, use or >dissemination of this communication is strictly prohibited by several >Commonwealth Acts of Parliament. If you have received this communication in >error please notify the sender immediately and delete all copies of this >transmission together with any attachments. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46960&t=46940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Real ZOO web site, welcome! ID [7:46951]
Because Sick-Os pay for it. I hate these sites so much that I won't even hack them to get rid of them. I don't want to see the images on my computer even for a second. Moderator dude! Yo! Ban this stuff please! Theo "Michael L. Williams" Sent by: [EMAIL PROTECTED] 06/19/2002 09:32 AM Please respond to "Michael L. Williams" To: [EMAIL PROTECTED] cc: Subject:Re: Real ZOO web site, welcome! ID [7:46951] WOOHOO!! I've have been DYING for a site like this to FINALLY appear on the internet!!! Why do these lamers even bother to advertise their crap?!?!? LOL! Mike W. "Farmgirl17085" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The BEST zoo site on the @net! > Sex With Dogs > Horse Blow Jobs. > Snake @!#$. > REAL ANIMAL FUCKING! > 100% HARDCORE! > ww1.only-beasts.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46959&t=46951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: can a 8 port pix act as 4 firewall? [7:46873]
Yeah you can do this. You will need a 525 though. However, you only said 3 vlans but in your heading you have 8 port. If the firewall is truly only checking the vlan traffic and not performing any other routing, then you would only need 6 ports and can use a PIX 515E. Theo "Timo Graser" Sent by: [EMAIL PROTECTED] 06/19/2002 07:22 AM Please respond to "Timo Graser" To: [EMAIL PROTECTED] cc: Subject:Re: can a 8 port pix act as 4 firewall? [7:46873] U can do it without any problems, just use the outside Interface(ethernet0) for the connection to the internet. The other interfaces to the vlans should have higher security levels. It is no difference than configuring with just one inside network. Just remember Interfaces with the same Security Level cannot communicate. It makes sense if u need higher security than just accesslists. Kevin Banifaz wrote: >Why would each vlan need it's own firewall. In what scheme are you using >this? Why not use access-lists on your vlan router or RSM > > > > >>From: "Manchu Warrior" >>Reply-To: "Manchu Warrior" >>To: [EMAIL PROTECTED] >>Subject: can a 8 port pix act as 4 firewall? [7:46873] >>Date: Tue, 18 Jun 2002 04:18:49 -0400 >> >>a switch have 3 vlan,each vlan need a firewall,than i need 3 firewall,can i >>use pix525 with 6 ports to do this,if yes,then how to do it? thank you! >> >> >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46958&t=46873 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Combining T1's into one pipe [7:46942]
I didn't say that all MPPP bundles were flaky. The majority are not. But on the whole, it seems that there is a greater chance of flakiness within bundles than in CEF implementations. When I say flakiness, it generally boils down to what you had said before - lots of overhead and buffering involves. I've seen CPU's spike to 100% when processing lots of MPPP traffic. I've also seen bundles/links that bounce until the end of time. Things like that. ""Michael L. Williams"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Okay. perhaps I don't monitor my bundles as close are y'all do, but > we're running quite a few sites using multiple T1s bonded with MLPPP, and we > don't have any stability problems (as far as dropping traffic and EIGRP > neighbor changes, etc) that I'm aware of nrf, tell me more about what > to look for or beware of when using MLPPP as far as flakines.. > > I haven't used any of the CEF configs, so I can't comment on that. > > Mike W. > > "nrf" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Uh, really? You sure about that. > > > > From my experience, when you're talking about IOS, you should never ever > use > > the terms MPPP and stable in the same sentence. > > > > I recommend CEF not because it's not flaky, because it is, but because > it's > > a lot less flaky than Cisco's MPPP implementation. > > > > > > ""Brunner Joseph"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > its definately worth it.. combine multiple pipes at layer 2. I use MLPPP > > > with my ISP and it rocks.. forget all those shaky stupid CEF > > > and PER-PACKET configurations.. if you can get PPP going between your > > > carrier and you, you can get it all going to one router on their side, > > then > > > you should run MLPPP. > > > > > > It makes multiple physical pipes seem like one pipe to the IP process > and > > if > > > one pipe flaps, the others get the load seemlessly.. used for along time > > now.. > > > > > > see > > > > > > this thread (and watch the wrap) > > > > > > > > > http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5 > > 7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46957&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Combining T1's into one pipe [7:46942]
I wouldn't use IOS MPPP either. Too many horror stories. I thought it was dead until I saw it on the CID. If other engineers are acutally using MPPP please do tell of your experiences. I would like to hear more stories. Theo "nrf" Sent by: [EMAIL PROTECTED] 06/19/2002 09:04 AM Please respond to "nrf" To: [EMAIL PROTECTED] cc: Subject:Re: Combining T1's into one pipe [7:46942] Uh, really? You sure about that. >From my experience, when you're talking about IOS, you should never ever use the terms MPPP and stable in the same sentence. I recommend CEF not because it's not flaky, because it is, but because it's a lot less flaky than Cisco's MPPP implementation. ""Brunner Joseph"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > its definately worth it.. combine multiple pipes at layer 2. I use MLPPP > with my ISP and it rocks.. forget all those shaky stupid CEF > and PER-PACKET configurations.. if you can get PPP going between your > carrier and you, you can get it all going to one router on their side, then > you should run MLPPP. > > It makes multiple physical pipes seem like one pipe to the IP process and if > one pipe flaps, the others get the load seemlessly.. used for along time now.. > > see > > this thread (and watch the wrap) > > http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5 7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46955&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Real ZOO web site, welcome! ID [7:46951]
WOOHOO!! I've have been DYING for a site like this to FINALLY appear on the internet!!! Why do these lamers even bother to advertise their crap?!?!? LOL! Mike W. "Farmgirl17085" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > The BEST zoo site on the @net! > Sex With Dogs > Horse Blow Jobs. > Snake @!#$. > REAL ANIMAL FUCKING! > 100% HARDCORE! > ww1.only-beasts.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46956&t=46951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Combining T1's into one pipe [7:46942]
Okay. perhaps I don't monitor my bundles as close are y'all do, but we're running quite a few sites using multiple T1s bonded with MLPPP, and we don't have any stability problems (as far as dropping traffic and EIGRP neighbor changes, etc) that I'm aware of nrf, tell me more about what to look for or beware of when using MLPPP as far as flakines.. I haven't used any of the CEF configs, so I can't comment on that. Mike W. "nrf" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Uh, really? You sure about that. > > From my experience, when you're talking about IOS, you should never ever use > the terms MPPP and stable in the same sentence. > > I recommend CEF not because it's not flaky, because it is, but because it's > a lot less flaky than Cisco's MPPP implementation. > > > ""Brunner Joseph"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > its definately worth it.. combine multiple pipes at layer 2. I use MLPPP > > with my ISP and it rocks.. forget all those shaky stupid CEF > > and PER-PACKET configurations.. if you can get PPP going between your > > carrier and you, you can get it all going to one router on their side, > then > > you should run MLPPP. > > > > It makes multiple physical pipes seem like one pipe to the IP process and > if > > one pipe flaps, the others get the load seemlessly.. used for along time > now.. > > > > see > > > > this thread (and watch the wrap) > > > > > http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5 > 7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46954&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT - Mega, Kilo etc [7:46940]
Interesting you ask.. I've had a similar conversation and my thoughts were always the same... (that each power of 10 was equated to 2^10 more than the previous), but it seems to vary alot. I've found that with memory (RAM), they stick to the hard core "binary metric" system where 1K always = 1024, 1M = 1024 * 1024 and 1 Gig = 1024 * 1024 * 1024. But with network bandwidth it seems that 1K = 1000, 1M = 1,000,000 and 1G = 1,000,000,000 (good old metric, not "binary metric"). Hard drives (strangely enough) usually use 1024 for K, but then 1M = 1024 * 1000 and Gig = 1024 * 1000 * 1000.. (then again I've seen some hard drives that specifically say 1Megabyte = 1,000,000, etc..) It's a strange thing that happens... we just have to live with it =) Mike W. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > This is not specifically related to Cisco, but is a networking question. > > I was having a mild argument yesterday with a PC/server type guy who was > very irate at an ISP for using "gigabyte" to mean "1000 Megabytes" instead > of "1024 Megabytes". He appeared to think that throughout the IT > industry, "K" always means 2 ^ 10, "M" always means 2 ^ 20, etc etc. I > pointed out that this is not always the case (64kbps = 64000 bps, for > example), and haven't yet had a reply (I actually agree with him that the > ISP is using the wrong definition, but I can see why they are). > > However, it got me curious. After a quick squizz through various sources, > I couldn't find any that define the prefixes for networking usage. > > www.whatis.com has an interesting page on the prefixes, which basically > backs up what I thought - roughly, storage (memory sizes etc) usually uses > prefixes calculated in powers of two, while data transfer usually uses > prefixes calculated in powers of ten. > > But is this codified anywhere? For example, do the ethernet standards > define "10 Mbps", or "1 Gbps" (Yes, I know about the IEEE site, but the > standards don't seem to be currently downloadable)? > > JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46953&t=46940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Combining T1's into one pipe [7:46942]
If you're running a dynamic routing protocol (i.e. RIP, IGRP, EIGRP, or OSPF), they should see the two T1s as equal cost paths and automatically do per-destination load balancing (if you're running CEF, then that can be per-packet, at least with EIGRP, but I would suspect the same no matter now the route was learned). But you need to disable fast-switching because that will only switch out of a single interface and not load balance. If you don't want per-destination load balancing or can't run CEF to allow per-packet, you can run Multilink PPP and bundle the two T1's into a single channel. Either way, if one of the T1s, goes down, the other will still carry the traffic (at the single T1 bandwidth) and it's automatic. MultilinkPPP, however, is more processor intensive than letting the routing protocl handle it (although if you have to disable fast-switching and don't have CEF (i.e. enable process switching)) then that'll be pretty CPU intensive anyway) Here's an article about letting the router load balancing automatically: http://www.cisco.com/warp/public/105/46.html Here's an page about Multilink PPP: (watch for URL wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial ts_c/dtsprt4/dcdppp.htm I'd like to see the page on Cisco's site that says this process is complex, because the first method I spoke of it automatic and the Multilink PPP method is a piece of cake, even if you've never done it before. HTH, Mike W. "Doug Korell" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have two point to point T1's that I'm thinking about combining (known as > NxT1). Both connections are going through the same routers at each end (4700 > and 2600). I found some information on Cisco's website but they mention that > it can be complex and talk about alternatives. > > Is anyone else doing this and if so, it is worth it? If you have any Cisco > links that describe the setup process, I would appreciate posting them. I > was also wondering if one of the T1's goes down, will it bring the whole > pipe down or will your bandwith just decrease? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46952&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Real ZOO web site, welcome! ID [7:46951]
The BEST zoo site on the @net! Sex With Dogs Horse Blow Jobs. Snake @!#$. REAL ANIMAL FUCKING! 100% HARDCORE! ww1.only-beasts.com unsub Good luck, . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46951&t=46951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN connection from local lan to wireless lan [7:46916]
try funky MTU settings.. also if your using the AERONET solution let them worry about it.. open a tac case.. this product is supposed to deliver lan quality connections over wireless.. the medium should not matter here.. i have connected to the vpn 3015 from cable, dsl, t-1, dialup, almost everything you can think of. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46950&t=46916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Combining T1's into one pipe [7:46942]
its definately worth it.. combine multiple pipes at layer 2. I use MLPPP with my ISP and it rocks.. forget all those shaky stupid CEF and PER-PACKET configurations.. if you can get PPP going between your carrier and you, you can get it all going to one router on their side, then you should run MLPPP. It makes multiple physical pipes seem like one pipe to the IP process and if one pipe flaps, the others get the load seemlessly.. used for along time now.. see this thread (and watch the wrap) http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd57&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46948&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Combining T1's into one pipe [7:46942]
Uh, really? You sure about that. >From my experience, when you're talking about IOS, you should never ever use the terms MPPP and stable in the same sentence. I recommend CEF not because it's not flaky, because it is, but because it's a lot less flaky than Cisco's MPPP implementation. ""Brunner Joseph"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > its definately worth it.. combine multiple pipes at layer 2. I use MLPPP > with my ISP and it rocks.. forget all those shaky stupid CEF > and PER-PACKET configurations.. if you can get PPP going between your > carrier and you, you can get it all going to one router on their side, then > you should run MLPPP. > > It makes multiple physical pipes seem like one pipe to the IP process and if > one pipe flaps, the others get the load seemlessly.. used for along time now.. > > see > > this thread (and watch the wrap) > > http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5 7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46949&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT - Mega, Kilo etc [7:46940]
i dont think ISP's care about the BYTES part of it. their services are sold in bits (as you know 1/8 of a byte) the difference in 1024 (power of 2) and the 1000Mbps is so insignificant,, like once a teacher i had said "its like arguing which one of us is closer to japan". and even though its not prefixes see this.. it will help him understand why what we do has nothing to do with what western digital does.. http://www.ertyu.org/~steven_nikkel/netspeeds.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46947&t=46940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP BPDUs [7:46839]
Priscilla, Quite defensive. Calm down... I was just explaining where I found my information from. I know they are no idiots and that they know exactly what they are talking about and I certainly wasn't trying to defame them then in any way. However, you are wrong about you generalization statement. If they were generalizing, they would have put those in the section titled "IP Multicasting" regardless if it's "IP" or not. I personally think it was a mistake which really doesn't warrant any further discussion, however, according to their reply in an email I sent them, I wonder B -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Priscilla Oppenheimer Sent: Tuesday, June 18, 2002 6:49 PM To: [EMAIL PROTECTED] Subject: Re: STP BPDUs [7:46839] At 05:58 PM 6/18/02, nrf wrote: >There it is, I did not engage in a rush to judgment It was still a rush. ;-) >, PMG really are idiots. Why don't you both take the class and see for yourselves? Judging someone on an outline is awfully superficial. The founder of Pine Mountain Group has been doing protocol analysis since the early 1980s. I'm sure he knows what he's doing. Many experts would bundle multicasts and broadcasts together in an informal, overview discussion. I'm sure if you take the class, they will explain that CDP, BPDU, and HSRP Hellos are really sent to a multicast destination, and that should improve performance. Since their classes are protocol analysis classes, you'll see for yourself what is used in the destination MAC address field. By the way, I say "should improve performance," but it might not. A lot of NICs are stupid about multicasts and take them all in even if the applications have not registered to receive them. In other words, they interrupt the host CPU for irrelevant multicasts. So when talking about network performance in a non-detailed fashion, it's OK to group broadcasts and multicasts. Priscilla >""Brian Backer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Priscilla, > > > > Please see: > > > > http://www.pmg.com/nai_wireless.htm > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > > Priscilla Oppenheimer > > Sent: Tuesday, June 18, 2002 5:06 PM > > To: [EMAIL PROTECTED] > > Subject: Re: STP BPDUs [7:46839] > > > > At 04:43 PM 6/18/02, nrf wrote: > > >""Brian Backer"" wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I totally believe you all...just I used to Think that Pine > > > > Mountain group knew what they were talking about and their > > > > web site classifies all of the below as bcast. perhaps > > > > I'll let them know :) > > > > thanks > > > > > >Well, then the Pine Mountain Group are a bunch of incompetent idiots. > > > > I've been running into Pine Mountain Group for many years and slightly > > know > > the founder Bill Alderson. They do good work and they do know their > > stuff. > > I doubt they actually made this mistake, but if they did, then it's just > > a > > mistake of overgeneralizing. Perhaps they only have 2 categories, > > broadcast > > and unicast, and don't consider multicasts. > > > > I know I'm normally the one to get all outraged by stupid mistakes, but > > until we can actually see a URL that points to a mistake made by Pine > > Mountain Group, we should reserve judgement. I can't find anything on > > their > > Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast > > rather > > than a multicast. In fact, I can't find anything on their site at all > > that > > doesn't require a login! ;-) > > > > Priscilla > > > > > > >I don't want to be mean and harsh. But any company that claims to > > provide > > >expert network services, especially expert training, really should know > > >their protocols. Or at least have the decency to admit that they > > don't > > >know. Stating something that is just flatly wrong is simply > > unforgiveable, > > >especially when it's so easy to look up. > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46944&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
At 5:35 PM -0400 6/18/02, John Neiberger wrote: > >>> "Priscilla Oppenheimer" 6/18/02 3:06:26 PM >At 04:43 PM 6/18/02, nrf wrote: >>""Brian Backer"" wrote in message >>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >> > I totally believe you all...just I used to Think that Pine >> > Mountain group knew what they were talking about and their >> > web site classifies all of the below as bcast. perhaps >> > I'll let them know :) >> > thanks >> >>Well, then the Pine Mountain Group are a bunch of incompetent idiots. > >>I've been running into Pine Mountain Group for many years and slightly >know >>the founder Bill Alderson. They do good work and they do know their >stuff. >>I doubt they actually made this mistake, but if they did, then it's >just a >>mistake of overgeneralizing. Perhaps they only have 2 categories, >broadcast >>and unicast, and don't consider multicasts. > >Isn't it Cisco that requires the 'broadcast' keyword in many cases to >pass _multicast_ traffic? ;-) > >John Since all broadcasts are multicasts, but not all multicasts are broadcasts, the keyword "multicast" really would make more sense. I can see it as being historical, as multicasting is newer than broadcasting. I think Groucho Marx captured the spirit of broadcasting when he said he wouldn't be a member of any club that would have him as a member. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46943&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Combining T1's into one pipe [7:46942]
I have two point to point T1's that I'm thinking about combining (known as NxT1). Both connections are going through the same routers at each end (4700 and 2600). I found some information on Cisco's website but they mention that it can be complex and talk about alternatives. Is anyone else doing this and if so, it is worth it? If you have any Cisco links that describe the setup process, I would appreciate posting them. I was also wondering if one of the T1's goes down, will it bring the whole pipe down or will your bandwith just decrease? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46942&t=46942 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: authentication and router [7:46932]
George, Make sure that you have an enable secret defined. It SHOULD work with the enable password, but you never know. You might see something useful in the following debugs: debug aaa authen debug aaa author debug tacacs debug aaa subsys !! not supported by all releases debug tacacs authentication !! not supported by all releases debug tacacs authorization !! not supported by all releases debug tacacs events !! not supported by all releases If you are running a 12.2 non-mainline version (has letters after the right parenthesis in show ver), it's not very stable - AAA was rewritten. Thanks, Shawn GEORGE wrote: > > I just configured my router to authenticate with cisco secure every > works ok, except if I try to > Console I get a password promt, and I stop cisco secure I get a password > promt > Now I tried to enter my enable password and wont work > Am I missing something here > > > > aaa new-model > aaa authentication login default group tacacs+ enable > aaa authentication login local local > aaa authentication login no_tacacs enable > aaa authentication ppp default if-needed group tacacs+ > aaa authorization exec default group tacacs+ local > aaa authorization network default group tacacs+ > aaa accounting exec default start-stop group tacacs+ > aaa accounting network default start-stop group tacacs+ > > > > line con0 > line authentication no_tacacs Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46941&t=46932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT - Mega, Kilo etc [7:46940]
This is not specifically related to Cisco, but is a networking question. I was having a mild argument yesterday with a PC/server type guy who was very irate at an ISP for using "gigabyte" to mean "1000 Megabytes" instead of "1024 Megabytes". He appeared to think that throughout the IT industry, "K" always means 2 ^ 10, "M" always means 2 ^ 20, etc etc. I pointed out that this is not always the case (64kbps = 64000 bps, for example), and haven't yet had a reply (I actually agree with him that the ISP is using the wrong definition, but I can see why they are). However, it got me curious. After a quick squizz through various sources, I couldn't find any that define the prefixes for networking usage. www.whatis.com has an interesting page on the prefixes, which basically backs up what I thought - roughly, storage (memory sizes etc) usually uses prefixes calculated in powers of two, while data transfer usually uses prefixes calculated in powers of ten. But is this codified anywhere? For example, do the ethernet standards define "10 Mbps", or "1 Gbps" (Yes, I know about the IEEE site, but the standards don't seem to be currently downloadable)? JMcL Important: This e-mail is intended for the use of the addressee and may contain information that is confidential, commercially valuable or subject to legal or parliamentary privilege. If you are not the intended recipient you are notified that any review, re-transmission, disclosure, use or dissemination of this communication is strictly prohibited by several Commonwealth Acts of Parliament. If you have received this communication in error please notify the sender immediately and delete all copies of this transmission together with any attachments. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46940&t=46940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
Maybe a bit harsh. It's only a course outline - playing devil's advocate, perhaps in the course they contrast CDP and other multicast traffic with broadcasts. I expect that whoever wrote the web page hasn't done the course - it's probably taken straight from the table of contents. Just because the topic is called "broadcast analysis" doesn't mean they can't analyse and contrast multicast in that topic as well. Or, perhaps they really are idiots. JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 19/06/2002 08:51 am - "nrf" Sent by: [EMAIL PROTECTED] 19/06/2002 07:58 am Please respond to "nrf" To: [EMAIL PROTECTED] cc: Subject:Re: STP BPDUs [7:46839] Is this part of a business decision process?: There it is, I did not engage in a rush to judgment, PMG really are idiots. ""Brian Backer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Priscilla, > > Please see: > > http://www.pmg.com/nai_wireless.htm > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Priscilla Oppenheimer > Sent: Tuesday, June 18, 2002 5:06 PM > To: [EMAIL PROTECTED] > Subject: Re: STP BPDUs [7:46839] > > At 04:43 PM 6/18/02, nrf wrote: > >""Brian Backer"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > I totally believe you all...just I used to Think that Pine > > > Mountain group knew what they were talking about and their > > > web site classifies all of the below as bcast. perhaps > > > I'll let them know :) > > > thanks > > > >Well, then the Pine Mountain Group are a bunch of incompetent idiots. > > I've been running into Pine Mountain Group for many years and slightly > know > the founder Bill Alderson. They do good work and they do know their > stuff. > I doubt they actually made this mistake, but if they did, then it's just > a > mistake of overgeneralizing. Perhaps they only have 2 categories, > broadcast > and unicast, and don't consider multicasts. > > I know I'm normally the one to get all outraged by stupid mistakes, but > until we can actually see a URL that points to a mistake made by Pine > Mountain Group, we should reserve judgement. I can't find anything on > their > Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast > rather > than a multicast. In fact, I can't find anything on their site at all > that > doesn't require a login! ;-) > > Priscilla > > > >I don't want to be mean and harsh. But any company that claims to > provide > >expert network services, especially expert training, really should know > >their protocols. Or at least have the decency to admit that they > don't > >know. Stating something that is just flatly wrong is simply > unforgiveable, > >especially when it's so easy to look up. > > > Priscilla Oppenheimer > http://www.priscilla.com Important: This e-mail is intended for the use of the addressee and may contain information that is confidential, commercially valuable or subject to legal or parliamentary privilege. If you are not the intended recipient you are notified that any review, re-transmission, disclosure, use or dissemination of this communication is strictly prohibited by several Commonwealth Acts of Parliament. If you have received this communication in error please notify the sender immediately and delete all copies of this transmission together with any attachments. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46939&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
At 05:58 PM 6/18/02, nrf wrote: >There it is, I did not engage in a rush to judgment It was still a rush. ;-) >, PMG really are idiots. Why don't you both take the class and see for yourselves? Judging someone on an outline is awfully superficial. The founder of Pine Mountain Group has been doing protocol analysis since the early 1980s. I'm sure he knows what he's doing. Many experts would bundle multicasts and broadcasts together in an informal, overview discussion. I'm sure if you take the class, they will explain that CDP, BPDU, and HSRP Hellos are really sent to a multicast destination, and that should improve performance. Since their classes are protocol analysis classes, you'll see for yourself what is used in the destination MAC address field. By the way, I say "should improve performance," but it might not. A lot of NICs are stupid about multicasts and take them all in even if the applications have not registered to receive them. In other words, they interrupt the host CPU for irrelevant multicasts. So when talking about network performance in a non-detailed fashion, it's OK to group broadcasts and multicasts. Priscilla >""Brian Backer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Priscilla, > > > > Please see: > > > > http://www.pmg.com/nai_wireless.htm > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > > Priscilla Oppenheimer > > Sent: Tuesday, June 18, 2002 5:06 PM > > To: [EMAIL PROTECTED] > > Subject: Re: STP BPDUs [7:46839] > > > > At 04:43 PM 6/18/02, nrf wrote: > > >""Brian Backer"" wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I totally believe you all...just I used to Think that Pine > > > > Mountain group knew what they were talking about and their > > > > web site classifies all of the below as bcast. perhaps > > > > I'll let them know :) > > > > thanks > > > > > >Well, then the Pine Mountain Group are a bunch of incompetent idiots. > > > > I've been running into Pine Mountain Group for many years and slightly > > know > > the founder Bill Alderson. They do good work and they do know their > > stuff. > > I doubt they actually made this mistake, but if they did, then it's just > > a > > mistake of overgeneralizing. Perhaps they only have 2 categories, > > broadcast > > and unicast, and don't consider multicasts. > > > > I know I'm normally the one to get all outraged by stupid mistakes, but > > until we can actually see a URL that points to a mistake made by Pine > > Mountain Group, we should reserve judgement. I can't find anything on > > their > > Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast > > rather > > than a multicast. In fact, I can't find anything on their site at all > > that > > doesn't require a login! ;-) > > > > Priscilla > > > > > > >I don't want to be mean and harsh. But any company that claims to > > provide > > >expert network services, especially expert training, really should know > > >their protocols. Or at least have the decency to admit that they > > don't > > >know. Stating something that is just flatly wrong is simply > > unforgiveable, > > >especially when it's so easy to look up. > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46938&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Interesting traffic problem ..... [7:46761]
OK, your failed ping just shows that something is wrong in layer 1, 2 or 3. That doesn't narrow it down a lot yet. However, the fact that you don't see anything from a debug isdn q931 when calling from main to remote indicates that the call isn't being initiated. Since you can call successfully from remote to main, it appears that your ISDN is OK. Try "debug dialer" at the main office when you try to get a connection. If there's not a lot of traffic, you could try "debug dialer packet". What does it show? Are any packets being seen as interesting? What is your dialer-list configuration? Have you applied it to an interface? JMcL - Forwarded by Jenny Mcleod/NSO/CSDA on 19/06/2002 08:40 am - "Paul" Sent by: [EMAIL PROTECTED] 18/06/2002 08:16 pm Please respond to "Paul" To: [EMAIL PROTECTED] cc: Subject:Re: Interesting traffic problem . [7:46761] Is this part of a business decision process?: Hiya Jenny When I try to ping, tracert, ftp or telnet to the remote router from the main office.. I just get 'Request time out' etc. However, when I try this from the remote router to the main office ... I get connectivity !!! I am using debug isdn q931 when I try to connect from the main office to the remote router the debug does not show anything . and when I try to connect from the remote router to the main office I get what appears to be good debug then after several minutes the BRI interface brings itself down again ... I really have no idea what to do next :) Any help would be greatly appreciated ... Thanks again ... Regards .. Paul ... - Original Message - From: To: Sent: Monday, June 17, 2002 11:46 PM Subject: Re: Interesting traffic problem . [7:46761] > Einstooge makes some good points. > Also, when you say you can't initiate a connection from the main office to > the remote site, what do you really mean? > 1) Does the main office never try to connect? > 2) Does the main office try to connect but fail? > 3) Does the connection happen but drop out? > > Debug dialer could give some useful information, especially if it really > is an interesting traffic problem (in which case I would expect the > symptom to be the first above, or possibly the third). > > JMcL > > - Forwarded by Jenny Mcleod/NSO/CSDA on 18/06/2002 08:41 am - > > > "Paul" > Sent by: [EMAIL PROTECTED] > 17/06/2002 08:38 pm > Please respond to "Paul" > > > To: [EMAIL PROTECTED] > cc: > Subject:Re: Interesting traffic problem . [7:46761] > Is this part of a business decision process?: > > > Sorry .. when I said European ISDN I meant Basic Net 3 > - Original Message - > From: "Paul" > To: > Sent: Monday, June 17, 2002 9:54 AM > Subject: Interesting traffic problem . [7:46761] > > > > Hi ... I'm quite new to ISDN I have configured a 1603 for a remote > > site. > > However, I cannot initiate a connection from the main office to the > remote > > site !! the connection has to be initiated at the remote site !!! The > remote > > site uses European ISDN, there are no SPID's involved as it is point to > point > > ... I think this might be something to do with interesting traffic ? > > > > Can anyone plase offer any advice > > > > Regards .. > > > > Paul .. > Important: This e-mail is intended for the use of the addressee and may > contain information that is confidential, commercially valuable or subject > to legal or parliamentary privilege. If you are not the intended recipient > you are notified that any review, re-transmission, disclosure, use or > dissemination of this communication is strictly prohibited by several > Commonwealth Acts of Parliament. If you have received this communication in > error please notify the sender immediately and delete all copies of this > transmission together with any attachments. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46937&t=46761 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
HSRP on 6509 with Hybrid into PIX's in failover mo [7:46929]
Does anybody out there have a config of how one would go about setting this up? The 6500's are not running with dual sup's. Have a client that insist on setting something like this up. Is there anything that would prevent me from setting something like this up? Kell Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46929&t=46929 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IDSPM [7:46928]
Hi, Can someone advice me on which book to use for this study[IDSPM -9E0-572]?. I am not too sure if Cisco has a courseware for this course. Secondly, among the 3 boson practise test on this course, which one do you consider the best for preparing for this exams. Will CSIDS courseware from cisco be of any help to me in preparing for this exam even though I do not know anything in UNIX. Thanks very much for your response Emeka Ezeonu Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46928&t=46928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: can a 8 port pix act as 4 firewall? [7:46873]
U can do it without any problems, just use the outside Interface(ethernet0) for the connection to the internet. The other interfaces to the vlans should have higher security levels. It is no difference than configuring with just one inside network. Just remember Interfaces with the same Security Level cannot communicate. It makes sense if u need higher security than just accesslists. Kevin Banifaz wrote: >Why would each vlan need it's own firewall. In what scheme are you using >this? Why not use access-lists on your vlan router or RSM > > > > >>From: "Manchu Warrior" >>Reply-To: "Manchu Warrior" >>To: [EMAIL PROTECTED] >>Subject: can a 8 port pix act as 4 firewall? [7:46873] >>Date: Tue, 18 Jun 2002 04:18:49 -0400 >> >>a switch have 3 vlan,each vlan need a firewall,than i need 3 firewall,can i >>use pix525 with 6 ports to do this,if yes,then how to do it? thank you! >> >> >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46936&t=46873 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Any Europeans here? [7:46816]
The latest: http://news.com.com/2100-1033-937195.html?legacy=cnet&tag=lthd ""Andy"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I've read one report that KPNQwest is so big there aren't many others > could pick it up and those that are big enough have their own problems > right now and so won't be in a position to anyway. > > I'm in UK and our provider has said there will be problems but not for us > in the UK, however "some mainland european 'sites' will disappear". > > ""nrf"" wrote in message > news:[EMAIL PROTECTED]... > > Well, I think so too. But that's no guarantee that customers won't be > left > > hanging. For example, AT&T bought Northpoint's infrastructure, but didn't > > buy their customers, so as I'm sure you're aware, lots of customers were > cut > > off abruptly. > > > > And besides, there's no guarantee they'll be bought. Look at Excite@Home. > > They didn't get bought and the whole network was liquidated, resulting in > > widespread service outages. > > > > > > > > > > ""Steven A. Ridder"" wrote in message > > news:[EMAIL PROTECTED]... > > > I think someone will buy them. > > > > > > -- > > > > > > RFC 1149 Compliant. > > > > > > > > > > > > ""nrf"" wrote in message > > > news:[EMAIL PROTECTED]... > > > > Yeah but what about the rest of KPNQwest? Ebone was just a subset. > > > > > > > > > > > > ""Steven A. Ridder"" wrote in message > > > > news:[EMAIL PROTECTED]... > > > > > I think ebone will be fine on their own. > > > > > > > > > > -- > > > > > > > > > > RFC 1149 Compliant. > > > > > > > > > > > > > > > > > > > > ""nrf"" wrote in message > > > > > news:[EMAIL PROTECTED]... > > > > > > You don't know? > > > > > > > > > > > > KPNQwest is going bankrupt. > > > > > > > > > > > > > > > > > > Here's a quote from their own press office. > > > > > > > > > > > > "The Company is working with its customers to facilitate the > > > > > implementation > > > > > > of contingency plans, should the current situation result in > > > > instablility > > > > > or > > > > > > a total shut-down of the KPNQwest EuroRings network" > > > > > > > > > > > > http://www.kpnqwest.com/html/records.asp?record_id=883 > > > > > > > > > > > > Here's some other disturbing news: > > > > > > > > > > > > "An Internet performance-monitoring company says KPNQwest's > > > fiber-optic > > > > > > network has been losing track of the data it delivers at "alarming > > > > rates" > > > > > > since Friday. > > > > > > Since early Friday, KPNQwest's networks have been losing an > average > > of > > > 4 > > > > > > percent to 5 percent of all data, said Tom Ohlsson, vice president > > of > > > > > > marketing and business development for Matrix NetSystems, which > > > monitors > > > > > > both the health of the Internet and the internal networks of > > > > corporations. > > > > > > > > > > > > By comparison, the monitoring company says, a healthy Internet > > service > > > > > will > > > > > > lose only about one-tenth of a percent of the data it's been > charged > > > > with. > > > > > " > > > > > > > > > > > > http://news.com.com/2100-1033-935456.html?tag=rn > > > > > > > > > > > > > > > > > > > > > > > > As KPNQwest is Europe's biggest provider, I'm just interested in > how > > > our > > > > > > colleagues in the Old World are handling things. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ""Hermann, Paul"" wrote in message > > > > > > news:[EMAIL PROTECTED]... > > > > > > > What's happening? > > > > > > > > > > > > > > -Original Message- > > > > > > > From: nrf [mailto:[EMAIL PROTECTED]] > > > > > > > Sent: 17 June 2002 20:36 > > > > > > > To: [EMAIL PROTECTED] > > > > > > > Subject: Any Europeans here? [7:46816] > > > > > > > > > > > > > > > > > > > > > So, any of you guys being impacted by the goings-on at KPNQwest? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > " This message contains information that may be privileged or > > > > > confidential > > > > > > > and > > > > > > > is the property of the Cap Gemini Ernst & Young Group. It is > > > intended > > > > > only > > > > > > > for > > > > > > > the person to whom it is addressed. If you are not the intended > > > > > recipient, > > > > > > > you > > > > > > > are not authorized to read, print, retain, copy, disseminate, > > > > > distribute, > > > > > > or > > > > > > > use > > > > > > > this message or any part thereof. If you receive this message in > > > > error, > > > > > > > please > > > > > > > notify the sender immediately and delete all copies of this > > message > > > ". > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46935&t=46816 -- FAQ, list arc
Re: STP BPDUs [7:46839]
There it is, I did not engage in a rush to judgment, PMG really are idiots. ""Brian Backer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Priscilla, > > Please see: > > http://www.pmg.com/nai_wireless.htm > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Priscilla Oppenheimer > Sent: Tuesday, June 18, 2002 5:06 PM > To: [EMAIL PROTECTED] > Subject: Re: STP BPDUs [7:46839] > > At 04:43 PM 6/18/02, nrf wrote: > >""Brian Backer"" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > I totally believe you all...just I used to Think that Pine > > > Mountain group knew what they were talking about and their > > > web site classifies all of the below as bcast. perhaps > > > I'll let them know :) > > > thanks > > > >Well, then the Pine Mountain Group are a bunch of incompetent idiots. > > I've been running into Pine Mountain Group for many years and slightly > know > the founder Bill Alderson. They do good work and they do know their > stuff. > I doubt they actually made this mistake, but if they did, then it's just > a > mistake of overgeneralizing. Perhaps they only have 2 categories, > broadcast > and unicast, and don't consider multicasts. > > I know I'm normally the one to get all outraged by stupid mistakes, but > until we can actually see a URL that points to a mistake made by Pine > Mountain Group, we should reserve judgement. I can't find anything on > their > Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast > rather > than a multicast. In fact, I can't find anything on their site at all > that > doesn't require a login! ;-) > > Priscilla > > > >I don't want to be mean and harsh. But any company that claims to > provide > >expert network services, especially expert training, really should know > >their protocols. Or at least have the decency to admit that they > don't > >know. Stating something that is just flatly wrong is simply > unforgiveable, > >especially when it's so easy to look up. > > > Priscilla Oppenheimer > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46934&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP BPDUs [7:46839]
Priscilla, Please see: http://www.pmg.com/nai_wireless.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Priscilla Oppenheimer Sent: Tuesday, June 18, 2002 5:06 PM To: [EMAIL PROTECTED] Subject: Re: STP BPDUs [7:46839] At 04:43 PM 6/18/02, nrf wrote: >""Brian Backer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I totally believe you all...just I used to Think that Pine > > Mountain group knew what they were talking about and their > > web site classifies all of the below as bcast. perhaps > > I'll let them know :) > > thanks > >Well, then the Pine Mountain Group are a bunch of incompetent idiots. I've been running into Pine Mountain Group for many years and slightly know the founder Bill Alderson. They do good work and they do know their stuff. I doubt they actually made this mistake, but if they did, then it's just a mistake of overgeneralizing. Perhaps they only have 2 categories, broadcast and unicast, and don't consider multicasts. I know I'm normally the one to get all outraged by stupid mistakes, but until we can actually see a URL that points to a mistake made by Pine Mountain Group, we should reserve judgement. I can't find anything on their Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast rather than a multicast. In fact, I can't find anything on their site at all that doesn't require a login! ;-) Priscilla >I don't want to be mean and harsh. But any company that claims to provide >expert network services, especially expert training, really should know >their protocols. Or at least have the decency to admit that they don't >know. Stating something that is just flatly wrong is simply unforgiveable, >especially when it's so easy to look up. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46933&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
>>> "Priscilla Oppenheimer" 6/18/02 3:06:26 PM >>> At 04:43 PM 6/18/02, nrf wrote: >""Brian Backer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I totally believe you all...just I used to Think that Pine > > Mountain group knew what they were talking about and their > > web site classifies all of the below as bcast. perhaps > > I'll let them know :) > > thanks > >Well, then the Pine Mountain Group are a bunch of incompetent idiots. >I've been running into Pine Mountain Group for many years and slightly know >the founder Bill Alderson. They do good work and they do know their stuff. >I doubt they actually made this mistake, but if they did, then it's just a >mistake of overgeneralizing. Perhaps they only have 2 categories, broadcast >and unicast, and don't consider multicasts. Isn't it Cisco that requires the 'broadcast' keyword in many cases to pass _multicast_ traffic? ;-) John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46931&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
authentication and router [7:46932]
I just configured my router to authenticate with cisco secure every works ok, except if I try to Console I get a password promt, and I stop cisco secure I get a password promt Now I tried to enter my enable password and wont work Am I missing something here aaa new-model aaa authentication login default group tacacs+ enable aaa authentication login local local aaa authentication login no_tacacs enable aaa authentication ppp default if-needed group tacacs+ aaa authorization exec default group tacacs+ local aaa authorization network default group tacacs+ aaa accounting exec default start-stop group tacacs+ aaa accounting network default start-stop group tacacs+ line con0 line authentication no_tacacs Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46932&t=46932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
At 04:43 PM 6/18/02, nrf wrote: >""Brian Backer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I totally believe you all...just I used to Think that Pine > > Mountain group knew what they were talking about and their > > web site classifies all of the below as bcast. perhaps > > I'll let them know :) > > thanks > >Well, then the Pine Mountain Group are a bunch of incompetent idiots. I've been running into Pine Mountain Group for many years and slightly know the founder Bill Alderson. They do good work and they do know their stuff. I doubt they actually made this mistake, but if they did, then it's just a mistake of overgeneralizing. Perhaps they only have 2 categories, broadcast and unicast, and don't consider multicasts. I know I'm normally the one to get all outraged by stupid mistakes, but until we can actually see a URL that points to a mistake made by Pine Mountain Group, we should reserve judgement. I can't find anything on their Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast rather than a multicast. In fact, I can't find anything on their site at all that doesn't require a login! ;-) Priscilla >I don't want to be mean and harsh. But any company that claims to provide >expert network services, especially expert training, really should know >their protocols. Or at least have the decency to admit that they don't >know. Stating something that is just flatly wrong is simply unforgiveable, >especially when it's so easy to look up. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46930&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
""Brian Backer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I totally believe you all...just I used to Think that Pine > Mountain group knew what they were talking about and their > web site classifies all of the below as bcast. perhaps > I'll let them know :) > thanks Well, then the Pine Mountain Group are a bunch of incompetent idiots. I don't want to be mean and harsh. But any company that claims to provide expert network services, especially expert training, really should know their protocols. Or at least have the decency to admit that they don't know. Stating something that is just flatly wrong is simply unforgiveable, especially when it's so easy to look up. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46927&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE-Written [7:46741]
Are you asking me? (It helps to quote the original email when you reply) I'll assume your talking about the CCIE Written Study guide on my website? I certainly think it's a great guide, and I've not had a single complaint. Also, if you stop and compare it to the other guides that cost anywhere from $50.00-$700.00US, I'd say you definately get more than your money's worth. As for the guarantee, it would be silly for me to guarantee that you'll pass the CCIE written exam based on reading a book, I don't know how much you know. I can tell you this: No single book is going to make you pass this test, if the cert. were that easy, we wouldn't need study guides like this one (and we'd be called MCSE's, heh). If you need more information, or for a list of Topics covered in the book, follow this link: http://www.gdd.net/html.php?op=tucciesg/moreinfo.html Hope that helps :-) Clayton Dukes CCNA, CCDA, CCDP, CCNP, NCC > > > - Original Message - > > > From: " Shaheen Gagan" > > > To: > > > Sent: Monday, June 17, 2002 9:48 AM > > > Subject: CCIE-Written [7:46741] > > > > > > > > > > How good is this guide? > > > > Does it come with a guarantee ? [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46926&t=46741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Needing flash memory EPROMs for a first generatio [7:46925]
Hello all, I have 2 megs of flash on a first generation 4000 with a daughter card. I would like to upgrade flash so I can install a more recent IOS but am having trouble finding a place that sells this old school memory. From what I understand to upgrade flash memory on this router I would have to either add Eproms to the current daughter board or replace the daughter board. Does anyone have any recommendations on where I can find memory for this router ? Thanks in advance, Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46925&t=46925 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
confreg [7:46924]
I understand the bit significance for the 16-bit confreg, but I am confused about the SEQUENCE of the boot and the issue with netboot. Assume confreg 0x2102, what is the correct boot sequence? Where does the flash overide (0x2-0xF) come into play i.e. does it replace the need to boot from the network or simply step in line before the attempt to netboot? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46924&t=46924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Test Lab(Under construction can anyone re [7:46921]
What are the specifics on the routers you listed? (interfaces and memory?) when are you taking your lab? thanks, -Brad Ellis CCIE#5796 (R&S / Security) [EMAIL PROTECTED] Cisco home labs: www.optsys.net ""Mark Godfrey"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Opps!!! > > "Mark Godfrey" wrote in message news:... > > > > R1-2611 > > R2-2611 > > R3-2611 > > R4-2611 > > R5-4000 > > R6-7507 > > > > Thanks, > > > > MG > > > > > > > [demime removed a uuencoded section named jpeg.JPG which was 1478 lines] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46921&t=46921 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Test Lab(Under construction can anyone recommend more [7:46923]
[GroupStudy.com removed an attachment of type image/jpeg which had a name of jpeg.JPG] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46923&t=46923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Test Lab(Under construction can anyone recommend more [7:46922]
""Mark Godfrey"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Opps!!! > > "Mark Godfrey" wrote in message news:... > > > > R1-2611 > > R2-2611 > > R3-2611 > > R4-2611 > > R5-4000 > > R6-7507 > > > > Thanks, > > > > MG > > > > > > > [demime removed a uuencoded section named jpeg.JPG which was 1478 lines] [demime removed a uuencoded section named jpeg1.dat which was 1478 lines] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46922&t=46922 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Test Lab(Under construction can anyone recommend more [7:46920]
Opps!!! "Mark Godfrey" wrote in message news:... > > R1-2611 > R2-2611 > R3-2611 > R4-2611 > R5-4000 > R6-7507 > > Thanks, > > MG > > [demime removed a uuencoded section named jpeg.JPG which was 1478 lines] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46920&t=46920 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Test Lab(Under construction can anyone recommend more or [7:46919]
R1-2611 R2-2611 R3-2611 R4-2611 R5-4000 R6-7507 Thanks, MG [demime removed a uuencoded section named jpeg.JPG which was 1478 lines] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46919&t=46919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX SQLNET question [7:46918]
I opened a TAC case to ask what the difference was between the SQLNET command and opening a port for Microsoft SQL. Here is what the reply was. The reason there is a SQLNET command is because Oracle traffic is not NAT compliant and Microsoft SQL 2000 traffic is NAT compliant Just figured I would share. Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46918&t=46918 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
>At 08:34 AM 6/18/02, Brian Backer wrote: >>that was a typo... meant igmp > >IGMP isn't relevant either. IGMP doesn't do multicast routing. It's just >used by an end host to register with a local router to receive an IP >multicast stream. For multicast routing, you would use PIM, MOSPF, DVMRP. > >Plus, IGMP has to do with IP multicast, whereas we were talking about the >more fundamental concept of sending to a MAC multicast destination address. > >Cisco tries to teach IP multicast without teaching people about basic MAC >layer concepts, causing them to think IP multicast is all there is. It's sad. > >Priscilla I like using the relationship between IGMP and PIM as a good example of C- versus M-plane. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46917&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN connection from local lan to wireless lan [7:46916]
I have a Cisco vpn 3015. I am trying to set it up where I can have a secure connection from my local LAN to my wireless LAN in the same location. The VPN connection works as long as I am coming in from off campus. I can't get it to work from LAN (local) to LAN (wireless). Thanks for any help you can provide. Naomi James Computer Services and Information Technology Savannah State University 912-356-2509 [GroupStudy.com removed an attachment of type image/gif which had a name of Mabelt.gif] [GroupStudy.com removed an attachment of type image/gif which had a name of Mabelb.gif] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46916&t=46916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: [nsp] DS3 vs. Multiple DSL [7:46915]
Save a lot of money and go with 180 modems at 56k! ADSL is no where near as stable; I don't think they make a device that does combines then 2 ADSL lines. Depends what your doing, this is probably not a good idea. Especially if you doing VPN, or any other kinds of 2 way communications. Cisco has just come out with a new DSL router, but the features for ADSL are still very new. You need a modem for each line, Maybe you could use a switch with layer 3 capabilities to do routing. A lot of times when you get ADSL you don't get an real IP, but a dynamicly assigned IP. Some ISP don't let you use 2 IPs on the same line. DNS is an issue. There are too many reasons to mention not to do this. But a good idea would be to get 1 ADSL line, and test your applications. I have 2 ADSL lines, and personally I would trade them in for a T1 any day of the week. ADSL is good for home users, and for maybe like a development environment. If you try to combine ADSL lines on 1 router, I think your going to come into even more issues. Again, depending on what you're doing at your site. What type of traffic you have, like is it time sensitive etc. Brian -Original Message- From: Hassan, Shehzad [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 18, 2002 12:36 PM To: Cisconsp (E-mail) Subject: [nsp] DS3 vs. Multiple DSL Would appreciate if anyone help me understand or point to links (technical/design issues) if someone opts to replace his DS3 with scores of ADSL lines (cost is a major factor, router interfaces etc) Thanks SH Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46915&t=46915 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Security Specialist?? [7:46910]
CCNP - Security has been retired. They are trying to say that if you were a CCNP - Specialist, you can upgrade to the CSS1 --- "[EMAIL PROTECTED]" wrote: > I saw this under Cisco's Qualified Specialist > website... > > http://www.cisco.com/warp/public/10/wwtraining/certprog/cqs/security/ > > "Security Specialist certifications are valid for > two years. To recertify, > take and pass the current version of appropriate > security exams. (For a > limited time, candidates holding an active CCNP > Security Specialization may > obtain a Cisco Security Specialist 1 certification > by passing the 9E0-571 > CSPFA and 9E0- 570 CSVPN exams.)" > > What exams are required for the CCNP Security > Specialization? I couldn't > find any info on their site... > > Thanx, > mikej > > ~~~ > Michael Jablonski > ABN AMRO Asset Management Holdings, Inc. > 161 North Clark St. > 9th Flr > Chicago, IL 60601-2468 > PH: 312.884.2996 > FAX: 312.278.5550 > ~~~ > [EMAIL PROTECTED] > > __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46914&t=46910 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
At 08:37 AM 6/18/02, Tim Potier wrote: > > Unicast means a specific address. The first bit of the > > destination MAC > > address (which is the first bit transmitted) is a zero. > > > >In terms of the definitions, I was reading through the Perlman book and >noted question of the "necessity to distinguish between multicast and >broadcast". I agree that the terms a concretely defined, but whether Cisco >subscribes to those definitions might be in question The terms are well defined and Cisco uses them correctly in the documents I have seen. Perlman doesn't argue with the definitions, but she does make the point that broadcasts are kind of silly since they go to every station regardless of the protocols running on that station. The station takes in the broadcast and looks at the EtherType or SAP to see if the frame really needs to be accepted. If the sender had used a protocol-specific multicast, then this could be avoided. Since there are no protocols in existence that really need to go to all stations, broadcasts are theoretically not necessary. BPDUs can just go to bridges and switches. CDP can go to just Cisco devices. NetBIOS could just go to NetBIOS stations. ARP could go to just IP stations, etc. She also has an interesting discussion on why it's necessary to identify multicast addresses. She says that theoretically it's not necessary to reserve a bit in the address to differentiate group and individual addresses. Ideally, the software would tell the chip all the different addresses to listen for. But what would be the max number of these? The chips are designed such that they look for a set of multicasts, but they may actually receive more than the applications registered for. But note that she isn't discussing the terminology. She's discussing protocol and chip implementations. That's somewhat valuable to this group, whereas arguing about fundamental concepts is not. ;-) Some stuff is black and white. Priscilla >Thanks again... your info certainly cleared this mess up. Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46912&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Security Specialist?? [7:46910]
wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I saw this under Cisco's Qualified Specialist website... > > http://www.cisco.com/warp/public/10/wwtraining/certprog/cqs/security/ > > "Security Specialist certifications are valid for two years. To recertify, > take and pass the current version of appropriate security exams. (For a > limited time, candidates holding an active CCNP Security Specialization may > obtain a Cisco Security Specialist 1 certification by passing the 9E0-571 > CSPFA and 9E0- 570 CSVPN exams.)" > > What exams are required for the CCNP Security Specialization? I couldn't > find any info on their site... You don't really need exams, you need a time machine. Go talk to H.G. Wells, I'm sure he would let you borrow his. You would need to go to about the year 2000 when the CCNP-security cert was still alive. > > Thanx, > mikej > > ~~~ > Michael Jablonski > ABN AMRO Asset Management Holdings, Inc. > 161 North Clark St. > 9th Flr > Chicago, IL 60601-2468 > PH: 312.884.2996 > FAX: 312.278.5550 > ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46913&t=46910 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dlsw+ bet/ an enet rtr & t/r rtr [7:46896]
The source-bridge transparent command is only needed if you are bridging between the token-ring and ethernet on the same router. It is not needed if you are using dlsw to peer between, for instance, R1 token and R2 ether AND R1 ether and R3 ether/token. The virtual ring is not required on the EN router. Some configs had this on CCO but it doesn't do anything. If there is no token-ring interface on the router, a virtual ring is not needed, but the dlsw bridge-group is. Your understanding is correct. > two questions...thx in advance! > > 1. is the "source-bridge transparent" command required on the token ring > router when one dlsw peer is ethernet only & the other dlsw peer is token > ring only (i.e., bet/ r1-e1 & r2-to1)? > > 2. why is the virtual ring (500) required on the ethernet router in the > config below? > > finally, i understand that in the following config, the "source-bridge > transparent" command is required bec/ ethernet & token ring is off the same > router > > !ethernet router: > > source-bridge ring-group 500 > dlsw local-peer peer-id 1.1.1.1 > dlsw remote-peer 0 tcp 2.2.2.2 lf 1500 > dlsw bridge-group 5 > bridge-group 5 protocol ieee > ! > int e0 > ip address 1.1.1.1 255.255.255.0 > bridge-group 5 > > !ethernet/token ring router: > > source-bridge ring-group 500 > source-bridge transparent 500 1000 1 5 > dlsw local-peer peer-id 2.2.2.2 > dlsw remote-peer 0 tcp 1.1.1.1 lf 1500 > dlsw bridge-group 5 > bridge-group 5 protocol ieee > ! > int e1/2 > ip address 2.2.2.2 255.255.255.0 > bridge-group 5 > ! > int to0 > ring-speed 16 > source-bridge 7 1 500 > source-bridge spanning > > Timur Mirza > Principal Network Engineer > Network Planning & Engineering, West Region > 15505-B Sand Canyon Avenue > Irvine, California 92618 > Verizon Wireless > 949.286.6623 (o) > 949.697.7964 (c) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46909&t=46896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Security Specialist?? [7:46910]
I saw this under Cisco's Qualified Specialist website... http://www.cisco.com/warp/public/10/wwtraining/certprog/cqs/security/ "Security Specialist certifications are valid for two years. To recertify, take and pass the current version of appropriate security exams. (For a limited time, candidates holding an active CCNP Security Specialization may obtain a Cisco Security Specialist 1 certification by passing the 9E0-571 CSPFA and 9E0- 570 CSVPN exams.)" What exams are required for the CCNP Security Specialization? I couldn't find any info on their site... Thanx, mikej ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46910&t=46910 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
At 08:34 AM 6/18/02, Brian Backer wrote: >that was a typo... meant igmp IGMP isn't relevant either. IGMP doesn't do multicast routing. It's just used by an end host to register with a local router to receive an IP multicast stream. For multicast routing, you would use PIM, MOSPF, DVMRP. Plus, IGMP has to do with IP multicast, whereas we were talking about the more fundamental concept of sending to a MAC multicast destination address. Cisco tries to teach IP multicast without teaching people about basic MAC layer concepts, causing them to think IP multicast is all there is. It's sad. Priscilla > > I don't think it can be multicast. If it were, then it > would possibly > > follow IGRP routes and traverse WAN links... no good. > >Uh, how's that? > > > > > Gotta be Broadcast :) > > B > > > > > > -Original Message- > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] > > Sent: Monday, June 17, 2002 8:39 PM > > To: [EMAIL PROTECTED] > > Subject: STP BPDUs [7:46839] > > > > This might be a simple answer, but what type of message > is a BPDU: > > Unicast, Multicast or Broadcast. I have searched all > over Cisco's site, > > and > > dug through STP RFC..no luck. I have come up with the > following: > > > > "The Destination Address field indicates the destination > address as > > specified in the Bridge Group Address table. For IEEE > Spanning-Tree > > Protocol > > BPDU frames, the address is 0x80014300. For IBM > Spanning-Tree > > Protocol > > BPDU frames, the address is 0xC100. For Cisco > Spanning-Tree > > Protocol > > BPDU frames, the address is 0x800778020200." > > > > I guess it also depends on the definition of > multi/broad/unicast. > > > > Thanks for your help. > [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46911&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MAC Address of 0000:0000:0000 [7:46908]
I've been seeing messages from our switches complaining about MAC address of zero. Any thoughts on a good search criteria for researching this problem? Better yet, anyone found such a problem? Ken Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46908&t=46908 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Password Discovery on ATM Module [7:46905]
Hi everybody, Thanks in advance. I am looking for the way how to break password on an ATM module (WS-X5157) working in a Catalyst 5500 switch. Also, I need to know if there is any difference in the optical cable to connect between switch-to-switch and switch-to-router. Thanks again. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46905&t=46905 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE R&S Lab Locations [7:46904]
Yes. If you go to schedule the lab on the website, you'll see all cities that offer the lab. RTP and SJ, CA are the two in North America. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46906&t=46904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE R&S Lab Locations [7:46904]
It's all on the web: http://www.cisco.com/warp/public/625/ccie/exam_preparation/lab.html#6 If a certain part of Cisco's site says it is only available in San Jose, then it is wrong. ""Don Pezet"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Quick question for everyone. In which cities is the CCIE Routing and > Switching Lab exam offered? I have heard various stories from different > places and the only official city that I can find on cisco.com is San Jose. > Is the exam proctored in RTP, North Carolina also? > > Thanks > > Don Pezet Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46907&t=46904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE R&S Lab Locations [7:46904]
Quick question for everyone. In which cities is the CCIE Routing and Switching Lab exam offered? I have heard various stories from different places and the only official city that I can find on cisco.com is San Jose. Is the exam proctored in RTP, North Carolina also? Thanks Don Pezet Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46904&t=46904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco pakage delivery. [7:46903]
Hi , I have a cisco 2621 with IOS 12.0 (3) T3 , I am trying to upgrade the IOS to IOS 12.0 (4) T using the Cisco works 2000 . How do I make a package of this IOS and how do I deliver this package to this router whose IP is 3.20.79.221. Henry. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46903&t=46903 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX 6.2 & PDM 2.0 & 640-603 [7:46902]
Just updated one of our PIX with 6.2 and PDM 2.0 Could they make administration any easier? I'm very surprised and impressed the improvements. Setting up additional VPNs was a breeze! ~side note~ Any advice for taking the 640-603 BSCN exam? I'm scheduled to take it while at the networkers conf. next week? Thanx, mikej. ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46902&t=46902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: rommon mode: why? [7:46818]
Thanks for your feedback everybody. 8^) -Sean. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46901&t=46818 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router 3DES VPN to Pix Failover [7:46813]
In case anybody is interested: Managed to find the answer eventually. Stateful failover is not supported for VPN (from TAC), so the SA's must be cleared every time a change of active Pix occurs. Had the right idea with th lifetime of the CA's but applying it incorrectly. Have managed to get the devices to do this automatically by using isakmp keepalive 120 (crypto isakmp keepalive 120 for routers). This means there is some extra overheads as the SA's are cleared every 2 minutes, but at least the VPN re-establishes itself. Gaz ""Gaz"" wrote in message news:[EMAIL PROTECTED]... > Hi all, > > Anybody got any experience using 3DES to Pix Failover. > > I have a 2621 with 3DES using VPN to Pix 515 Failover bundle. > > All works fine after initial boot. Fails over to secondary Pix when I kill > the Primary. > > If I try to fail back to Primary, it does not come back up. Does not seem to > pick up the SA. Clear SA on the router brings it back up. > Knocked the liftime down to 60 seconds in the ISAKMP policy, but seems to > have no effect. > > Failover is working fine, it's just the VPN that doesn't come back up. > > Pix is 6.2, router is 12.1(5)T12. > > Any similar experiences? > > More details to follow if there are any bites :-) > > > Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46900&t=46813 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: can a 8 port pix act as 4 firewall? [7:46873]
Why would each vlan need it's own firewall. In what scheme are you using this? Why not use access-lists on your vlan router or RSM >From: "Manchu Warrior" >Reply-To: "Manchu Warrior" >To: [EMAIL PROTECTED] >Subject: can a 8 port pix act as 4 firewall? [7:46873] >Date: Tue, 18 Jun 2002 04:18:49 -0400 > >a switch have 3 vlan,each vlan need a firewall,than i need 3 firewall,can i >use pix525 with 6 ports to do this,if yes,then how to do it? thank you! _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46899&t=46873 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FW: OSPF Demand Circuit issues [7:46864]
The OSPF demand circuit command only needs to be placed on the router that is dialing, unless the ISDN is active, r5 is not receiving hellos, or an LSA refresh every 30 minutes so the dead timer on the LSAs would expire. This is overcome with the OSPF demand circuit command. From the output of your dedug dialer, OSPF Hellos are what is causing the link to come every 10 seconds, the default for OSPF point-to-point. Just remove the command from r3's interface. To examine the Do Not Age, you can do an ip ospf neighbor command and you will see a '-' as the value in the dead timer. I don't see your OSPF config, but the adjacency issue, if you're doing stub areas make sure both routers are negotiating the same area type. Hope this helps. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46898&t=46864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dlsw+ bet/ an enet rtr & t/r rtr [7:46896]
Timur, Firstly, the "source-bridge transparent" is only needed when you have a router with both Token ring and ethernet interfaces Secondly, the source-bridge ring-group 500 command on the router with no token ring interfaces will do nothing - You are transparently bridging on this router! Thirdly, to accomodate more than two rings on a router you need this virtual ring. This is a limitation of the chips used in the routers. Have a look at this link: (Watch the wrap) I found this really useful - Solie book has some good srb and dlsw stuff too! http://www.cisco.com/univercd/cc/td/doc/product/software/ssr83/rpc_r/53999.htm HTH Richard Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46897&t=46896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
dlsw+ bet/ an enet rtr & t/r rtr [7:46896]
two questions...thx in advance! 1. is the "source-bridge transparent" command required on the token ring router when one dlsw peer is ethernet only & the other dlsw peer is token ring only (i.e., bet/ r1-e1 & r2-to1)? 2. why is the virtual ring (500) required on the ethernet router in the config below? finally, i understand that in the following config, the "source-bridge transparent" command is required bec/ ethernet & token ring is off the same router !ethernet router: source-bridge ring-group 500 dlsw local-peer peer-id 1.1.1.1 dlsw remote-peer 0 tcp 2.2.2.2 lf 1500 dlsw bridge-group 5 bridge-group 5 protocol ieee ! int e0 ip address 1.1.1.1 255.255.255.0 bridge-group 5 !ethernet/token ring router: source-bridge ring-group 500 source-bridge transparent 500 1000 1 5 dlsw local-peer peer-id 2.2.2.2 dlsw remote-peer 0 tcp 1.1.1.1 lf 1500 dlsw bridge-group 5 bridge-group 5 protocol ieee ! int e1/2 ip address 2.2.2.2 255.255.255.0 bridge-group 5 ! int to0 ring-speed 16 source-bridge 7 1 500 source-bridge spanning Timur Mirza Principal Network Engineer Network Planning & Engineering, West Region 15505-B Sand Canyon Avenue Irvine, California 92618 Verizon Wireless 949.286.6623 (o) 949.697.7964 (c) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46896&t=46896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco ACS db corrupt?? [7:46882]
Are you by chance using a UNIX browser to do this? Only browsers on Microsoft operating systems will properly enter a password into a user. There's a DDTS (CSCdu40827), but it's been postponed. Other than that -- yes, it's possible for the database to be corrupt. To rule this out, I would recommend the following steps. These are run from a command prompt in the UTILS directory, with all services running: csutil -q -b recovery.cab net stop csauth csutil -q -d -n -l net start csauth This will make a full backup, then do a text dump of the user database, wipe the user database, and reimport the text dump. Thanks, Shawn Patrick Donlon wrote: > > Patrick Donlon wrote: > > > I have a problem with the local database on a 2.6(6) ACS server. All > > users use an external database for authentication (NT or RSA) but I > > want to create a user with a password stored in the ACS server. I can > > create a new user and assign all the correct attributes without any > > errors, however when I try to login with the user they are rejected. The > > logs show the user is rejected due to the CS password : "CS password > > invalid" . > > I have tried to create other users and also to change users account > > setting so that they authenticate using the CS password, with no luck. > > So I think there is a problem with the passwords stored in the ACS > > server > > We have upgraded the server twice in the past 8 months for new features > > and bug fixes whether this has caused the problem I don't know. Any > > ideas on how to verify or fix this? -- Shawn Heisey Cisco Systems USA Technical Lead for SLC-SECURITY team Direct: +1 801 736 3939 ext 55153 Toll Free: +1 800 553 2447 Shift: Mon-Fri 8:30a-5:00p Mountain Daylight Time Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46895&t=46882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP prefix study [7:46726]
At 9:29 AM -0400 6/18/02, Neal Rauhauser 402-301-9555 wrote: >"Howard C. Berkowitz" wrote: > >> At 4:07 PM -0400 6/16/02, Neal Rauhauser 402-301-9555 wrote: >> >My only explanation for this is that there was nothing good on TV on a >> >lazy Sunday morning ... >> > >> > I am about to start doing some truly gruesome things with IBGP due to >> >geographical separate peering points and I've got some internal routers >> >that are maxed out at 64 meg, so I spent a little time this AM examining >> >the source of this silly 114k+ entry global BGP table. My idea was that >> >a carrier stuck smack in the middle of the US could probably ignore >> >details about RIPE and APIC address space. Those two authorities turn >> >out to be responsible for only about 32k of the total so I am casting >> >around for other methods to trim the fat but I thought I'd share the >> >results thus far. >> >> You'll find a LARGE part of the routing table still comes from the >> Swamp [1] or the Toxic Waste Dump [2], rather than any geographical > > region. I grant your earlier point that many major providers are in the Swamp. Nevertheless, you might consider prefix length filters blocking longer than /24 (or even 20) _in the Swamp_, and see if there are any connectivity problems. If you are defaulting to an upstream, let them worry about getting to the obscure networks. > > >> Neal, this is a distinctly nontrivial problem, with no ideal >> solution. Your basic choice is accepting "suboptimal routing [3]" or >> upgrading your routers. >> >> Several basic questions come up about what you are trying to do: >> >> 1. Is this for an ISP or an enterprise? > >Internet provider, doing wireless, playing with private line replacement >stuff, too. > >> >> 2. From a bandwidth standpoint, how many peering points could you >> lose and still have acceptable performance? > > I've got a single Sprint T1 at one end of the network, an AT&T and >UUNet T1 at the >other end. The Sprint side will grow quickly to more capacity, the AT&T and >UUNet stuff >is a colo company, not mine to rule, so they're fussy about how much output >we >generate, but don't care much about our input side. Well, if Sprint is your major provider, one way to reduce routes is to make Sprint your primary ISP with most-preferred default. Take partial routes from AT&T and UUnet, give better preference to direct-connected or adjacent AS they advertise, and use them as secondary defaults. The colo needs would need more analysis. > >> >> 3. To how many different AS do you connect, and do they have >> approximately >> equal connectivity? > > Sprint, AT&T, UUNet, probably going to add one more at the end where the >Sprint >circuit is, but I suspect it'll be UUNet there, too. If availability is the goal, I tend to prefer to have at least two geographically dispersed peerings with the same well-connected ISP, and get some contractual commitments about route diversity. The latter may cost, but it is a protection against major physical failures. There still is a benefit to connecting to more than one upstream, however, as it tends to protect you against failures in the routing system. No one size fits all. > >> >> 4. What is your IGP? > >Today its OSPF and that is the one I know best. There is some cause to >consider >replacing OSPF area 0 with EIGRP due to different cost links and varying >'cleanliness' >in the wireless layer, but we'll see how that goes - I have enough to do >without >worrying about redistribution right now. Without more specifics, my sense is that converting to EIGRP would not be a good idea. When you talk about different cost links, that makes me wonder if area 0.0.0.0 is too complex. Area 0.0.0.0 should be, at most, linking your POPs, hosting, and management sites, and its behavior is much more predictable with a narrow (or single) range of link speeds. Even if you have a complex hosting/management center, I'll usually put that in its own nonzero area. Another alternative is having multiple OSPF domains linked by a BGP backbone. If you have a lot of policy requirements, these domains might be confederations. Otherwise, they are probably clusters. Do be careful to avoid the persistent route oscillation problem, especially if you go to multiple levels of reflector, by ensuring that intra-cluster metrics are ALWAYS preferred to inter-cluster, much as OSPF intra-area routes are ALWAYS preferred to inter-area. The availability of Type 1 and Type 2 externals also can be very helpful in managing defaults and load sharing without the needs for full routes. If you were trying to simplify, I suspect you could get cleaner simplification with ISIS than EIGRP. It may not be necessary to change. Another thing worth looking at is running BGP primarily at the edge and using MPLS in the middle -- sort of RFC 2547-like but public, not VPN. That will positio
RE: Router 3DES VPN to Pix Failover [7:46813]
Are you doing LAN based failover or using the proprietary heartbeat cable? There are many undocumented bugs with 6.2 code when using LAN based failover. If noone else on the forum can recommend a configuration change, I would go back to 6.1(3). Drew -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, June 17, 2002 12:00 PM To: [EMAIL PROTECTED] Subject: Router 3DES VPN to Pix Failover [7:46813] Hi all, Anybody got any experience using 3DES to Pix Failover. I have a 2621 with 3DES using VPN to Pix 515 Failover bundle. All works fine after initial boot. Fails over to secondary Pix when I kill the Primary. If I try to fail back to Primary, it does not come back up. Does not seem to pick up the SA. Clear SA on the router brings it back up. Knocked the liftime down to 60 seconds in the ISAKMP policy, but seems to have no effect. Failover is working fine, it's just the VPN that doesn't come back up. Pix is 6.2, router is 12.1(5)T12. Any similar experiences? More details to follow if there are any bites :-) Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46893&t=46813 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What's DCSP? [7:46851]
Thanks guys... You rock... NIC >From: "Steven A. Ridder" >Reply-To: "Steven A. Ridder" >To: [EMAIL PROTECTED] >Subject: Re: What's DCSP? [7:46851] >Date: Tue, 18 Jun 2002 06:58:31 -0400 > >DiffServ is the new IP Precedence of an IP packet. It uses 6 of the ToS >bits instead of the 3 for more granular control and more classes in which >to >classify a packet. > >-- > >RFC 1149 Compliant. > > > >""Nick Lesewski"" wrote in message >news:[EMAIL PROTECTED]... > > What the flying heck is DCSP? Its on the new CCIE Written blueprint, >but >I > > dont even see where the acronym is defined on the CCO. Anybody have a > > place to start figuring this one out? A google search came up with >"digital > > correction signal processor", but not much more then that (if that's >even > > the same thing). > > > > Thanks... > > > > NIC > > > > _ > > Join the worlds largest e-mail service with MSN Hotmail. > > http://www.hotmail.com _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46892&t=46851 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cut though proxy on Pix & a Really OT question [7:46887]
No, the PIX does not allow you to save your password. Are you using AAA for authentication at the PIX? If so, you can have your users enter the AAA username and password and the username and password for the web server all in the first authentication box. This will prevent the double login boxs. AAA will authenticate them and then the PIX will pass the othe information to the web server. Example below. aaa_username@Web_username aaa_password@Web_password Darrin Gibson Gibson, Darrin CW2 Network Manager AL-DCSIM-NOC CCNP, CSS1, MCSE, MCP+I (334)213-7551 [EMAIL PROTECTED] -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 18, 2002 7:45 AM To: [EMAIL PROTECTED] Subject: Cut though proxy on Pix & a Really OT question [7:46887] Does anyone know if the Cut-though proxy feature on a Pix allows you to save your username and password. Like in a cookie? I would like to use this feature for my web servers on the DMZ, they already use a logon and password. Also, I am not sure how cut-though proxy would work on a load-balancer configuration. The really OT question: Does in the group know if you Chinese windows (any version) has an option of displaying Pin Yin? I am trying to get up to speed on Mandarin, and this would help if I could find something to do this. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46890&t=46887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Odd Emails [7:46804]
Would someone please send me the complete header. I will block the abuse from the server. Also, now is a good time to talk about this. How do we stop people from grabbing our e-mail addresses? I have a few things in place to prevent the scanning of the site - but I would like to do more. I do have "traps" placed throughout the site that a normal user will not fall into but an automated spam sniffing program will. Currently the trap places the software in an endless loop displaying bad email addresses. We should adjust this so after two or three itterations, the IP address is blocked. The program is written in Perl - anyone want to take a shot? Second we should password protect the newsfeed. Currently we have a database of Username/Passwords in a MySQL database on the server. Let's get the news server to read the MySQL database. Anyone volunteers? Finally while the archives do automatically hide the senders e-mail address, it does not strip all e-mail addresses in the archives. So a reply still contains the valid senders e-mail address. We need to modify the archives so all e-mail addresses are blocked. In fact, this is a part of a bigger problem where we need to strip out the guts of the search engine because frankly it can not handle archives of our size. Anyone want to take on that task :-). Any other suggestions for preventing spam? Also, one final point. If you post through the e-mail system, you must use a valid e-mail address. This is how we filter spam. But you do not need to post using a valid e-mail address if you are using the web forum. There are two e-mail addresses saved to the server, a public address (which is sent to the list) and a private address (password recovery, etc). SImply post from the website if you do not want to use a valid e-mail address. Take care, Paul Borghese - Original Message - From: "Leigh Anne Chisholm" To: Sent: Monday, June 17, 2002 2:14 PM Subject: RE: Odd Emails [7:46804] > I did as well. They're from the same person in fact. Check the SMTP > headers... > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Rahmlow, Howard F. > > Sent: Monday, June 17, 2002 11:37 AM > > To: '[EMAIL PROTECTED]' > > Subject: Odd Emails > > > > > > Anyone else on the list getting weird e-mail's like the ones below. I got > > these 2 today. They were both sent to me not to the list. > > > > Howard > > > > > > > > > > Saiyan [[EMAIL PROTECTED]] > > Can you give an idea how you pass CCIE lab? Such as books, tools and which > > lab > > are you getting? > > (I saw your email in groupstudy) > > > > Somchai [[EMAIL PROTECTED]] > > Hi, > > > > I want to upgrade my cisco routers. But don't have new release of the IOS. > > Can > > I just get your cco's logon for a while? I'm use it for my ccie exam. > > > > Thanks you, > > _ > > Commercial lab list: http://www.groupstudy.com/list/commercial.html > > Please discuss commercial lab solutions on this list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46889&t=46804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP prefix study [7:46726]
"Howard C. Berkowitz" wrote: > At 4:07 PM -0400 6/16/02, Neal Rauhauser 402-301-9555 wrote: > >My only explanation for this is that there was nothing good on TV on a > >lazy Sunday morning ... > > > > I am about to start doing some truly gruesome things with IBGP due to > >geographical separate peering points and I've got some internal routers > >that are maxed out at 64 meg, so I spent a little time this AM examining > >the source of this silly 114k+ entry global BGP table. My idea was that > >a carrier stuck smack in the middle of the US could probably ignore > >details about RIPE and APIC address space. Those two authorities turn > >out to be responsible for only about 32k of the total so I am casting > >around for other methods to trim the fat but I thought I'd share the > >results thus far. > > You'll find a LARGE part of the routing table still comes from the > Swamp [1] or the Toxic Waste Dump [2], rather than any geographical > region. > > Neal, this is a distinctly nontrivial problem, with no ideal > solution. Your basic choice is accepting "suboptimal routing [3]" or > upgrading your routers. > > Several basic questions come up about what you are trying to do: > > 1. Is this for an ISP or an enterprise? Internet provider, doing wireless, playing with private line replacement stuff, too. > > 2. From a bandwidth standpoint, how many peering points could you > lose and still have acceptable performance? I've got a single Sprint T1 at one end of the network, an AT&T and UUNet T1 at the other end. The Sprint side will grow quickly to more capacity, the AT&T and UUNet stuff is a colo company, not mine to rule, so they're fussy about how much output we generate, but don't care much about our input side. > > 3. To how many different AS do you connect, and do they have > approximately > equal connectivity? Sprint, AT&T, UUNet, probably going to add one more at the end where the Sprint circuit is, but I suspect it'll be UUNet there, too. > > 4. What is your IGP? Today its OSPF and that is the one I know best. There is some cause to consider replacing OSPF area 0 with EIGRP due to different cost links and varying 'cleanliness' in the wireless layer, but we'll see how that goes - I have enough to do without worrying about redistribution right now. > > 5. How much effort, including programming, are you willing to do to > optimize tables? Lots and lots ... keeps me off the street and contributes to passing my CCIP BSCI exam I think ... > > 6. Do you have a decent familiarity with RPSL, routing registry, and > some > of the freeware tools such as CIDRadvisor and RtConfig? > I've made a few basic entries in the RADB, I've played with cflowd, and I've not done much with the automation tools in this area. I'll prefer to hand tune at first, until I really understand what I am facing. > > Howard > > [1] The Swamp is the term used in addressing working groups to refer > to 192.0.0.0/8, the original Class C space. > > [2] The Toxic Waste Dump, which probably is somewhere in Northern New > Jersey, is that part of the Swamp containing /24 or longer prefixes. > > [3] People often worry about suboptimal routing, but the gains of one > "perfect" > path may be marginal when compared with the complexity of > differentiating it from a "decent" route. > > -- > "What Problem are you trying to solve?" > ***send Cisco questions to the list, so all can benefit -- not > directly to me*** > > Howard C. Berkowitz [EMAIL PROTECTED] > Chief Technology Officer, GettLab/Gett Communications http://www.gettlabs.com > Technical Director, CertificationZone.com http://www.certificationzone.com > "retired" Certified Cisco Systems Instructor (CID) #93005 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46888&t=46726 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cut though proxy on Pix & a Really OT question [7:46887]
Does anyone know if the Cut-though proxy feature on a Pix allows you to save your username and password. Like in a cookie? I would like to use this feature for my web servers on the DMZ, they already use a logon and password. Also, I am not sure how cut-though proxy would work on a load-balancer configuration. The really OT question: Does in the group know if you Chinese windows (any version) has an option of displaying Pin Yin? I am trying to get up to speed on Mandarin, and this would help if I could find something to do this. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46887&t=46887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
Priscilla Oppenheimer wrote: > > > I have come up with the following: > > > >"The Destination Address field indicates the destination > address as > >specified in the Bridge Group Address table. For IEEE > Spanning-Tree Protocol > >BPDU frames, the address is 0x80014300. > > That is bit-reversed. You must have found a document that > covers Token Ring. Indeed, this is a token ring refernce I quote > > >I guess it also depends on the definition of > multi/broad/unicast. > > It better not depend on that. There shouldn't be any argument > on those > definitions. ;-) > > Multicast means a group address. The first bit of the > destination MAC > address (which is the first bit transmitted) is a one so that > every device > knows to look at the address. A NIC driver software supports an > application > telling the NIC which particular multicasts to take in. > > Broadcast means every device in the broadcast domain. The first > bit and all > bits in the MAC destination address are ones. Every NIC in the > broadcast > domain takes in the frame and interrupts the host CPU to see if > the rest of > the frame is interesting. > > Unicast means a specific address. The first bit of the > destination MAC > address (which is the first bit transmitted) is a zero. > In terms of the definitions, I was reading through the Perlman book and noted question of the "necessity to distinguish between multicast and broadcast". I agree that the terms a concretely defined, but whether Cisco subscribes to those definitions might be in question Thanks again... your info certainly cleared this mess up. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46842&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE-Written [7:46741]
Yes, it's in there :-) Clayton Dukes CCNA, CCDA, CCDP, CCNP, NCC - Original Message - From: "Syed B" To: Sent: Monday, June 17, 2002 10:02 AM Subject: RE: CCIE-Written [7:46741] > What abt Appletalk stuff? From: "Clayton Dukes" To: Sent: Sunday, June 16, 2002 11:54 PM Subject: Re: CCIE written [7:46741] > Try here: > http://www.gdd.net > > There's a good study guide/cram book for 15 bux on the site. > > Disclaimer: It's my website :-) > > Clayton Dukes > CCNA, CCDA, CCDP, CCNP, NCC > > - Original Message - > >From: "Syed B" > To: > Sent: Sunday, June 16, 2002 10:26 PM > Subject: CCIE written [7:46741] > > > > Going for CCIE written in a week time what topics to concentrate on for > the > > exam?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46821&t=46741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
I totally believe you all...just I used to Think that Pine Mountain group knew what they were talking about and their web site classifies all of the below as bcast. perhaps I'll let them know :) thanks ""Brian Backer"" wrote in message news:[EMAIL PROTECTED]... > Priscilla, > > Weird... all the documentation I have seen says that a BPDU is a > broadcast just like CDP and HSRP... My friend, I believe you are mistaken. "CDP sends packets on LANs using the multicast address 0100.0CCC." http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/cisnm.htm#xtocid18 4495 "Each device configured for CDP sends periodic messages, known as advertisements, to a multicast address." http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_ c/fcprt3/fcd301c.htm "HSRP works by the exchange of multicast messages..." http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs009.htm#xtocid122331 "Routers that are participating in an HSRP group communicate to each other via a multicast User Datagram Protocol (UDP)-based hello packet" http://www.cisco.com/warp/public/cc/so/cuso/epso/entdes/hsrp_wp.htm "The Destination MAC address uses the well-known STP multicast address of 01-80-C2-00-00-00" - Cisco LAN Switching, Clark and Hamilton, page 184. > b > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Priscilla Oppenheimer > Sent: Monday, June 17, 2002 9:33 PM > To: [EMAIL PROTECTED] > Subject: Re: STP BPDUs [7:46839] > > BPDUs are sent to a multicast address that means "all bridges." In > Ethernet, they are sent to 01:80:C2:00:00:00. For the destination > address > on Token Ring, reverse the bits, one byte at a time to get > 80:01:43:00:00:00. > > At 08:39 PM 6/17/02, Tim Potier wrote: > >This might be a simple answer, but what type of message is a BPDU: > >Unicast, Multicast or Broadcast. I have searched all over Cisco's > site, and > >dug through STP RFC..no luck. > > It's not an RFC. It's IEEE 802.1D. See here: > > http://standards.ieee.org/getieee802/ > > > I have come up with the following: > > > >"The Destination Address field indicates the destination address as > >specified in the Bridge Group Address table. For IEEE Spanning-Tree > Protocol > >BPDU frames, the address is 0x80014300. > > That is bit-reversed. You must have found a document that covers Token > Ring. > > > For IBM Spanning-Tree Protocol > >BPDU frames, the address is 0xC100. > > IBM had their own version of STP. DEC also had a variety of STP. They > sent > to the broadcast address (FF:FF:FF:FF:FF:FF). > > >For Cisco Spanning-Tree Protocol > >BPDU frames, the address is 0x800778020200." > > Cisco spanning tree? What is that?? Something to do with the Per VLAN > Spanning Tree (PVST) on Token Ring?? (Once again, that looks like a > Token > Ring multicast address.) On Ethernet, PVST uses the standard destination > I > think, unless you use PVST+ which tunnels PVST BPDUs through an 802.1Q > Mono > Spanning Tree implementatoin, thus allowing each VLAN to maintain its > own > spanning tree. Cisco uses the multicast address 01:00:0C:CC:CC:CD for > PVST+ > on Ethernet. Bit reverse that and you don't get 0x800778020200, however, > so > I don't know what that adddress is for. > > >I guess it also depends on the definition of multi/broad/unicast. > > It better not depend on that. There shouldn't be any argument on those > definitions. ;-) > > Multicast means a group address. The first bit of the destination MAC > address (which is the first bit transmitted) is a one so that every > device > knows to look at the address. A NIC driver software supports an > application > telling the NIC which particular multicasts to take in. > > Broadcast means every device in the broadcast domain. The first bit and > all > bits in the MAC destination address are ones. Every NIC in the broadcast > > domain takes in the frame and interrupts the host CPU to see if the rest > of > the frame is interesting. > > Unicast means a specific address. The first bit of the destination MAC > address (which is the first bit transmitted) is a zero. > > HTH > > Priscilla > > > >Thanks for your help. > > > Priscilla Oppenheimer > http://www.priscilla.com [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46886&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab Reading [7:45486]
I've ordered only CD with documentation, just to check how it (ordering) works. Got it, with bill for $12. Actually, it is billed to cisco partner through which we bought all equipment, but that doesn't mean that we won't have to pay for it ... Sasa "Roberts, Larry" wrote: > > www.cisco.com/upgrade > > Click on Product upgrade, then launch product upgrade. > Enter your Agreement number... > I get a message that I have no hardware upgradeable ( or something to that > affect ) and then an option to select documentation. > It was so right in front of my face that I missed it... > > Thanks > > Larry > > -Original Message- > From: Kunal Bhatia [mailto:[EMAIL PROTECTED]] > Sent: Saturday, June 01, 2002 12:18 PM > To: Roberts, Larry; [EMAIL PROTECTED] > Subject: RE: CCIE Lab Reading [7:45486] > > Can you provide some rough idea about where you found this on CCO ? > > -Original Message- > From: Roberts, Larry [mailto:[EMAIL PROTECTED]] > Sent: Saturday, June 01, 2002 10:24 PM > To: [EMAIL PROTECTED] > Subject: RE: CCIE Lab Reading [7:45486] > > I bet Cisco is scratching their heads trying to find out why the sudden > demand on IOS manuals... After 45 minutes of searching the Site I found > where to order. I don't know that I would ever find it again So I started > ordering things left and right I bet I have 25+ books coming... I > finally have new books to read! > > Thanks > > Larry > > -Original Message- > From: Eric Rogers [mailto:[EMAIL PROTECTED]] > Sent: Friday, May 31, 2002 8:00 PM > To: [EMAIL PROTECTED] > Subject: Re: CCIE Lab Reading [7:45486] > > Just ordered the complete copy of manuals for 12.2 IOS Documentation Set > :-) > > THANKS for that info...I knew there was a reason for being on groupstudy... > > -Eric > > - Original Message - > From: "Brad Ellis" > To: > Sent: Friday, May 31, 2002 10:38 AM > Subject: Re: CCIE Lab Reading [7:45486] > > > John, > > > > I believe if you have a smartnet contract, you can get the IOS manuals > free > > from Cisco (at least you could a couple years ago). > > > > thanks, > > -Brad Ellis > > CCIE#5796 (R&S / Security) > > Network Learning Inc > > [EMAIL PROTECTED] > > www.optsys.net (Cisco hardware) > > > > ""[EMAIL PROTECTED] (John Nemeth)"" wrote in > > message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > On Oct 20, 7:01pm, "Chuck" wrote: > > > } > > > } Someone who passed the lab recently advised me ( as have other > > > folks > who > > > } have posted their success here and elsewhere ) that it remains > CRITICAL > > > that > > > } you spend as much time as possible reading the command references > > > as > > found > > > } on CCO. Print as much out as you can. Study them. Knowing the > > > knobs, knowing } where to find things is very helpful. > > > > > > eBay seller [EMAIL PROTECTED] often has complete sets of > > > printed 12.2 manuals. The price seems to range from $100 to $200 > > > (of course, shipping is a killer). I bought a set and they are > > > quite nice to use for reference; although, they do take up four feet > > > > of shelf space (I need more book shelves). They are organised just > > > like the doc CD, and you quickly learn what is where, since you > > > can't just type a command name into a search box (I suppose you > > > could cheat and look it up in the master index, but I haven't > > > cracked that one open yet). > > > > > > }-- End of excerpt from "Chuck" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46808&t=45486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP BPDUs [7:46839]
that was a typo... meant igmp > I don't think it can be multicast. If it were, then it would possibly > follow IGRP routes and traverse WAN links... no good. Uh, how's that? > > Gotta be Broadcast :) > B > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, June 17, 2002 8:39 PM > To: [EMAIL PROTECTED] > Subject: STP BPDUs [7:46839] > > This might be a simple answer, but what type of message is a BPDU: > Unicast, Multicast or Broadcast. I have searched all over Cisco's site, > and > dug through STP RFC..no luck. I have come up with the following: > > "The Destination Address field indicates the destination address as > specified in the Bridge Group Address table. For IEEE Spanning-Tree > Protocol > BPDU frames, the address is 0x80014300. For IBM Spanning-Tree > Protocol > BPDU frames, the address is 0xC100. For Cisco Spanning-Tree > Protocol > BPDU frames, the address is 0x800778020200." > > I guess it also depends on the definition of multi/broad/unicast. > > Thanks for your help. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46885&t=46839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco ACS db corrupt?? [7:46882]
Patrick Donlon wrote: > I have a problem with the local database on a 2.6(6) ACS server. All > users use an external database for authentication (NT or RSA) but I > want to create a user with a password stored in the ACS server. I can > create a new user and assign all the correct attributes without any > errors, however when I try to login with the user they are rejected. The > logs show the user is rejected due to the CS password : "CS password > invalid" . > I have tried to create other users and also to change users account > setting so that they authenticate using the CS password, with no luck. > So I think there is a problem with the passwords stored in the ACS > server > We have upgraded the server twice in the past 8 months for new features > and bug fixes whether this has caused the problem I don't know. Any > ideas on how to verify or fix this? > > Cheers > > Pat Here's the correct version info CiscoSecure ACS v2.6 for Windows 2000/NT Release 2.6(4) Build 4 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46883&t=46882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco ACS db corrupt?? [7:46882]
I have a problem with the local database on a 2.6(6) ACS server. All users use an external database for authentication (NT or RSA) but I want to create a user with a password stored in the ACS server. I can create a new user and assign all the correct attributes without any errors, however when I try to login with the user they are rejected. The logs show the user is rejected due to the CS password : "CS password invalid" . I have tried to create other users and also to change users account setting so that they authenticate using the CS password, with no luck. So I think there is a problem with the passwords stored in the ACS server We have upgraded the server twice in the past 8 months for new features and bug fixes whether this has caused the problem I don't know. Any ideas on how to verify or fix this? Cheers Pat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46882&t=46882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How many H.323 clients can 3640 as gatekeeper handle? [7:46881]
According to the link below, 10,000 is max number of local registrations. http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fvvf ax_c/vvf323gk.htm -- RFC 1149 Compliant. ""TP"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Dear group, > do you have an answer for the question mentioned in obj? > > Thanks in advance! > > Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46881&t=46881 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3550 features [7:46861]
Probably Queueing, policing and maybe routing. -- RFC 1149 Compliant. ""Kevin Banifaz"" wrote in message news:[EMAIL PROTECTED]... > Does anyone know what additional Cat 3550 features are gonna be tested after > Nov. 4th? > > _ > Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46878&t=46861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What's DCSP? [7:46851]
DiffServ is the new IP Precedence of an IP packet. It uses 6 of the ToS bits instead of the 3 for more granular control and more classes in which to classify a packet. -- RFC 1149 Compliant. ""Nick Lesewski"" wrote in message news:[EMAIL PROTECTED]... > What the flying heck is DCSP? Its on the new CCIE Written blueprint, but I > dont even see where the acronym is defined on the CCO. Anybody have a > place to start figuring this one out? A google search came up with "digital > correction signal processor", but not much more then that (if that's even > the same thing). > > Thanks... > > NIC > > _ > Join the worlds largest e-mail service with MSN Hotmail. > http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46879&t=46851 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: throttles and input drops [7:46406]
If you didn't get a solution , there is an issue with i82543, I got this from some gentleman @cisco.com " CSCdv33209 lots of throttles on the FE interface of C7200-I/O-2FE/E is DUPed to CSCdu09746 Add support for dynamic particle pools to i82543 GE/FE/E driver which is resolved in 12.0(18.3)S. 12.0(21)S3 looks like the latest. The fix is to make the interface pool management dynamic; it was static. " cheers ./bosire cj jung wrote: >Check to see if you are doing process switching on this router. >or >Check the buffers on your router, >This error comes out normally when you are doing process switching for debug >and buffer is full. > >jin jung >CCNP, CCDP,, > >- Original Message - >From: "rmart." >To: >Sent: Wednesday, June 12, 2002 10:36 PM >Subject: throttles and input drops [7:46406] > > > > >>Hi, >> >>My router, cisco 7000 series having problem with a number of throttles and >>input drops on one of the FastEth interface. >>cpu utilization seems ok (below 5%). >> >>below is the output of sh int : >> >>FastEthernet0/1 is up, line protocol is up >> Hardware is i82543 (Livengood), address is 0004.9b6e.c406 (bia >>0004.9b6e.c406) >> Description: used by sub-interfaces >> Internet address is 212.194.2.3/23 >> MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, rely 255/255, load 5/255 >> Encapsulation ARPA, loopback not set >> Keepalive set (10 sec) >> Full-duplex, 100Mb/s, 100BaseTX/FX >> ARP type: ARPA, ARP Timeout 04:00:00 >> Last input 00:00:00, output 00:00:00, output hang never >> Last clearing of "show interface" counters 23:03:59 >> Queueing strategy: fifo >> Output queue 0/40, 0 drops; input queue 0/75, 869280 drops >> 30 second input rate 3313000 bits/sec, 738 packets/sec >> 30 second output rate 226 bits/sec, 744 packets/sec >> 42338355 packets input, 3700449939 bytes >> Received 0 broadcasts, 0 runts, 0 giants, 1307541 throttles >> 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored >> 0 watchdog, 0 multicast >> 0 input packets with dribble condition detected >> 43216540 packets output, 1919733782 bytes, 0 underruns >> 0 output errors, 0 collisions, 0 interface resets >> 0 babbles, 0 late collision, 0 deferred >> 0 lost carrier, 0 no carrier >> 0 output buffer failures, 0 output buffers swapped out >> >>any ideas? >>Thanks. >> >>Rey Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46880&t=46406 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Interesting traffic problem ..... [7:46761]
Hiya Jenny When I try to ping, tracert, ftp or telnet to the remote router from the main office.. I just get 'Request time out' etc. However, when I try this from the remote router to the main office ... I get connectivity !!! I am using debug isdn q931 when I try to connect from the main office to the remote router the debug does not show anything . and when I try to connect from the remote router to the main office I get what appears to be good debug then after several minutes the BRI interface brings itself down again ... I really have no idea what to do next :) Any help would be greatly appreciated ... Thanks again ... Regards .. Paul ... - Original Message - From: To: Sent: Monday, June 17, 2002 11:46 PM Subject: Re: Interesting traffic problem . [7:46761] > Einstooge makes some good points. > Also, when you say you can't initiate a connection from the main office to > the remote site, what do you really mean? > 1) Does the main office never try to connect? > 2) Does the main office try to connect but fail? > 3) Does the connection happen but drop out? > > Debug dialer could give some useful information, especially if it really > is an interesting traffic problem (in which case I would expect the > symptom to be the first above, or possibly the third). > > JMcL > > - Forwarded by Jenny Mcleod/NSO/CSDA on 18/06/2002 08:41 am - > > > "Paul" > Sent by: [EMAIL PROTECTED] > 17/06/2002 08:38 pm > Please respond to "Paul" > > > To: [EMAIL PROTECTED] > cc: > Subject:Re: Interesting traffic problem . [7:46761] > Is this part of a business decision process?: > > > Sorry .. when I said European ISDN I meant Basic Net 3 > - Original Message - > From: "Paul" > To: > Sent: Monday, June 17, 2002 9:54 AM > Subject: Interesting traffic problem . [7:46761] > > > > Hi ... I'm quite new to ISDN I have configured a 1603 for a remote > > site. > > However, I cannot initiate a connection from the main office to the > remote > > site !! the connection has to be initiated at the remote site !!! The > remote > > site uses European ISDN, there are no SPID's involved as it is point to > point > > ... I think this might be something to do with interesting traffic ? > > > > Can anyone plase offer any advice > > > > Regards .. > > > > Paul .. > Important: This e-mail is intended for the use of the addressee and may > contain information that is confidential, commercially valuable or subject > to legal or parliamentary privilege. If you are not the intended recipient > you are notified that any review, re-transmission, disclosure, use or > dissemination of this communication is strictly prohibited by several > Commonwealth Acts of Parliament. If you have received this communication in > error please notify the sender immediately and delete all copies of this > transmission together with any attachments. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46876&t=46761 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How many H.323 clients can 3640 as gatekeeper handle? [7:46877]
Dear group, do you have an answer for the question mentioned in obj? Thanks in advance! Teresa Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46877&t=46877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Any Europeans here? [7:46816]
I've read one report that KPNQwest is so big there aren't many others could pick it up and those that are big enough have their own problems right now and so won't be in a position to anyway. I'm in UK and our provider has said there will be problems but not for us in the UK, however "some mainland european 'sites' will disappear". ""nrf"" wrote in message news:[EMAIL PROTECTED]... > Well, I think so too. But that's no guarantee that customers won't be left > hanging. For example, AT&T bought Northpoint's infrastructure, but didn't > buy their customers, so as I'm sure you're aware, lots of customers were cut > off abruptly. > > And besides, there's no guarantee they'll be bought. Look at Excite@Home. > They didn't get bought and the whole network was liquidated, resulting in > widespread service outages. > > > > > ""Steven A. Ridder"" wrote in message > news:[EMAIL PROTECTED]... > > I think someone will buy them. > > > > -- > > > > RFC 1149 Compliant. > > > > > > > > ""nrf"" wrote in message > > news:[EMAIL PROTECTED]... > > > Yeah but what about the rest of KPNQwest? Ebone was just a subset. > > > > > > > > > ""Steven A. Ridder"" wrote in message > > > news:[EMAIL PROTECTED]... > > > > I think ebone will be fine on their own. > > > > > > > > -- > > > > > > > > RFC 1149 Compliant. > > > > > > > > > > > > > > > > ""nrf"" wrote in message > > > > news:[EMAIL PROTECTED]... > > > > > You don't know? > > > > > > > > > > KPNQwest is going bankrupt. > > > > > > > > > > > > > > > Here's a quote from their own press office. > > > > > > > > > > "The Company is working with its customers to facilitate the > > > > implementation > > > > > of contingency plans, should the current situation result in > > > instablility > > > > or > > > > > a total shut-down of the KPNQwest EuroRings network" > > > > > > > > > > http://www.kpnqwest.com/html/records.asp?record_id=883 > > > > > > > > > > Here's some other disturbing news: > > > > > > > > > > "An Internet performance-monitoring company says KPNQwest's > > fiber-optic > > > > > network has been losing track of the data it delivers at "alarming > > > rates" > > > > > since Friday. > > > > > Since early Friday, KPNQwest's networks have been losing an average > of > > 4 > > > > > percent to 5 percent of all data, said Tom Ohlsson, vice president > of > > > > > marketing and business development for Matrix NetSystems, which > > monitors > > > > > both the health of the Internet and the internal networks of > > > corporations. > > > > > > > > > > By comparison, the monitoring company says, a healthy Internet > service > > > > will > > > > > lose only about one-tenth of a percent of the data it's been charged > > > with. > > > > " > > > > > > > > > > http://news.com.com/2100-1033-935456.html?tag=rn > > > > > > > > > > > > > > > > > > > > As KPNQwest is Europe's biggest provider, I'm just interested in how > > our > > > > > colleagues in the Old World are handling things. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ""Hermann, Paul"" wrote in message > > > > > news:[EMAIL PROTECTED]... > > > > > > What's happening? > > > > > > > > > > > > -Original Message- > > > > > > From: nrf [mailto:[EMAIL PROTECTED]] > > > > > > Sent: 17 June 2002 20:36 > > > > > > To: [EMAIL PROTECTED] > > > > > > Subject: Any Europeans here? [7:46816] > > > > > > > > > > > > > > > > > > So, any of you guys being impacted by the goings-on at KPNQwest? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > " This message contains information that may be privileged or > > > > confidential > > > > > > and > > > > > > is the property of the Cap Gemini Ernst & Young Group. It is > > intended > > > > only > > > > > > for > > > > > > the person to whom it is addressed. If you are not the intended > > > > recipient, > > > > > > you > > > > > > are not authorized to read, print, retain, copy, disseminate, > > > > distribute, > > > > > or > > > > > > use > > > > > > this message or any part thereof. If you receive this message in > > > error, > > > > > > please > > > > > > notify the sender immediately and delete all copies of this > message > > ". > > > > > > > > > > > > > > > > > > > > > > > > > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46875&t=46816 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]