STUDY MATERIALS [7:46975]

2002-06-18 Thread e lee 

HI 

JUST CLICK ON THE LINK 

http://www.mcmi.com/forums/aplus/index.cgi?read=33 

LEE


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46975&t=46975
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

GOOD LINK [7:46974]

2002-06-18 Thread e lee 

JUST TRY THIS LINK

http://www.mcmi.com/forums/aplus/index.cgi?read=33

LEE


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46974&t=46974
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confreg [7:46924]

2002-06-18 Thread Frank Merrill 

Tim Potier wrote:
> 
> I understand the bit significance for the 16-bit confreg, but I
> am confused about the SEQUENCE of the boot and the issue with
> netboot.  Assume confreg 0x2102, what is the correct boot
> sequence?  Where does the flash overide (0x2-0xF) come into
> play i.e. does it replace the need to boot from the network
> or simply step in line before the attempt to netboot?
> 

You called it 'flash overide' but I'm not certain why.
This isn't an override of booting via netboot necessarily, but it can be. 
It may be used to specify the exact name of the image to boot via netboot or
any other means the router can boot by.

When the config register boot field has a value between 0x2 and 0xF then the
router will, by defualt, try and do a netboot and constructing a name of
'cisco' the octal equiv of the boot field value, a dash and then the
processor type.
If it's a 2500 it'd be cisco4-igs for a boot register value of 0x4.

If you in addition have a boot command that specifies a netboot filename,
then that will be used instead.  For example, if you had this in your config:
'boot system ftp myimage.bin 10.0.0.100'
It would try the netboot using that name, via FTP and to that host address. 
It would not construct the name as indicated above because you have
specified it.

If you instead want to boot from flash, it will also not construct the
netboot filename automatically because once again, you have specified your
boot location and it will attempt to load the image from there.

I'm not certain that that answered anything at all for you

Good Luck!



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46971&t=46924
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT - Mega, Kilo etc [7:46940]

2002-06-18 Thread Dorsett Andrew 

On Tue, 18 Jun 2002, Priscilla Oppenheimer wrote:

> I wonder if memory and storage are different because the memory is
> addressable? Dividing it into logical chunks with power of two numbers was
> probably easier for the OS developers. With transmissions speeds, we're

For memory and harddrives it is a power of two because the number of address
lines and
i/o lines into the memory segment are a power of two.  It was done this way
because of the hardware implementation required to address each memory
segment.  Somewhere in my boxes of college stuff I have my book from last
falls Comp. Engineering course which explained all the requirements and
math for addressing memory (along with the hardware implementation).

- Andrew



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46970&t=46940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HSRP on 6509 with Hybrid into PIX's in failover mo [7:46929]

2002-06-18 Thread John McCartney 

I had a customer that did the same thing you described on our 6509's with
only 1 sup eng (don't ask me why there was no redundancy - big mistake)that
were going into a PIX 510. The cfg is below, and what the standby group info
looked like. That was before they shut down and gave us good net guys the
boot. The names hav been removed to protect the innocent.

HTH's...


#show standby
FastEthernet4/26 - Group 30
  Local state is Active, priority 150, may preempt
  Preemption delayed for at least 300 secs
  Hellotime 3 holdtime 10
  Next hello sent in 00:00:00.098
  Hot standby IP address is 128.242.170.1 configured
  Active router is local
  Standby router is unknown expired
  Standby virtual mac address is .0c07.ac1e
  61 state changes, last state change 18:27:52  

6509 #1

!
interface FastEthernet4/26
 description AC: XXX -local wire
 ip address 128.242.170.3 255.255.255.240
 no ip redirects
 no ip proxy-arp
 ip route-cache same-interface
 duplex full
 speed 10
 no cdp enable
 standby 30 priority 150 preempt delay 300
 standby 30 ip 128.242.170.1

6509 #2
=
!
interface FastEthernet4/26
 description AC:  -local wire
 ip address 128.242.170.3 255.255.255.240
 no ip redirects
 no ip proxy-arp
 ip route-cache same-interface
 duplex full
 speed 10
 no cdp enable
 standby 30 priority 100 preempt delay 300
 standby 30 ip 128.242.170.1





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46969&t=46929
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confreg [7:46924]

2002-06-18 Thread Tim Potier 

No takers on this one?  I am really trying to pinpoint whether a device will
look to the network for a valid IOS if no valid IOS is found in flash with
the confreg set at 0x2102 and the boot statement is listed in the config
pointing to flash.

Thanks


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46968&t=46924
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT - Mega, Kilo etc [7:46940]

2002-06-18 Thread Paul Borghese 

Ugh. I hate the fact that disk-drive manufacturers get away with re-defining
the definition of a MegaByte and GigaByte.  Other manufactures do not have
luxury.  Think about the auto industry.  If they would just redefine a mile
to be 5000 ft, they could increase the average fuel efficiency of the
fleet.  Why not, 5000 is a nice round number.

Here is what the values should be:
1 KiloByte = 1024 Bytes
1 MegaByte = 1024 KiloBytes
1 GigaByte = 1024 MegaBytes

So 1 GigaByte is 1024x1024x1024 or 1,073,741,824 bytes.  By redefining the
definition, they are giving you 6.9% less disk space then advertised.  This
is why my 30GB disk drive only shows 28.5 GB in Windows 98.

With regards to data networks the metric is different.  We are talking about
"bits" not "bytes".  So:
1 kilobit = 1000 bits
1 Megabit = 1000 kilobits
1 GigaBit = 1000 Megabits

When someone says "1 Gigabit" they are talking about 1 Billion Bits.  When
someone says "1 GigaByte" they are saying 1,073,741,824 Bytes or (for most
computers) 8,589,934,592 bits.

Well I am going to go jogging now.  I can run a one minute mile*!

Paul Borghese

* Paul defines 1 mile = 1000 ft.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46967&t=46940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Combining T1's into one pipe [7:46942]

2002-06-18 Thread Brunner Joseph 

true- cef if the best for most situations, certainly at the 7500 and gsr
levels where mlppp is a joke.. i m just saying for 2600 with 2 t's, also i
have experienced lots of cef problems with NAT, which you would normally do
on a little 2600. mlppp for me has not had these issues.. but i agree if you
can use cef, the it is much better on bigger interfaces.

and the only time i would really avoid mlppp is with an isp that does not
advertise the vanilla "NXDS1" solutions. (people like me who want 8 to 11
Mbps, but dont want to put all my eggs on a single DS-3 loop)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46966&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Combining T1's into one pipe [7:46942]

2002-06-18 Thread Frank Merrill 

> Yes I would use mlppp and ios in the same sentence, as I have
> been running it without a hitch on a 7200 for 6 months. also,
> you guys are missing his point (t-1's to the internet) what ISP
> is going to run
> OSPF or EIGRP with a customer ? please.

I don't see anything in the original post about an ISP or the Internet. 
Just a mention that these 2 T1's terminate at the same router at each end.
I've personally used both, and don't necessarily have a preference.
Both CEF and MPPP worked absolutely fine for me in every case.

Good Luck!



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46965&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Real ZOO web site, welcome! ID

2002-06-18 Thread Paul Borghese 

Oops, looks as if I will need to add a few additional keywords for the
moderators queue :-).

I am still trying to figure out how this message bypassed the Anti-Spam
mechanisms of the site.

Paul Borghese






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46964&t=46951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IDSPM [7:46928]

2002-06-18 Thread Bernard 

I have not seen any hardcopy official courseware for IDS Policy Manager
yet, but there is a CBT CD by Cisco that serves the same purpose and is
interactive with animation and videos.

If you are studying for IDSPM, I would highly recommend the CBT CD.

HTH

Bernard Omrani
 
 

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> Emmanuel Ezeonu
> Sent: Tuesday, June 18, 2002 3:27 PM
> To: [EMAIL PROTECTED]
> Subject: Re: IDSPM [7:46928]
> 
> Hi,
> 
> Can someone advice me on which book to use for this study[IDSPM -9E0-
> 572]?. I
> am not too sure if Cisco has a courseware for this course.
> 
> Secondly, among the 3 boson practise test on this course, which one do
you
> consider the best for preparing for this exams.
> 
> Will CSIDS courseware from cisco be of any help to me in preparing for
> this
> exam even though I do not know anything in UNIX.
> 
> Thanks very much for your response
> 
> Emeka Ezeonu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46945&t=46928
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: IDSPM [7:46928]

2002-06-18 Thread Larry Perdue 

I used Cisco Secure Intrusion Detection System (Cisco Press) by Earl Carter,
ISBN 1-58705-034-X.  I found that it covered the topics pretty well.  Since
there is not an official study guide for the test (that I am aware of), this
is probably the best reference for getting a foundation on IDS.  If you can,
I would also recommend downloading the 90-day evaluation version of CSPM
from CCO and getting to know it fairly well.  As far as Unix goes, I don't
think it is listed in the objectives for the exam but you may want to make
sure.  Good luck.


 -Original Message-
From:   Emmanuel Ezeonu [mailto:[EMAIL PROTECTED]] 
Sent:   Tuesday, June 18, 2002 6:27 PM
To: [EMAIL PROTECTED]
Subject:Re: IDSPM [7:46928]

Hi,

Can someone advice me on which book to use for this study[IDSPM -9E0-572]?.
I
am not too sure if Cisco has a courseware for this course.

Secondly, among the 3 boson practise test on this course, which one do you
consider the best for preparing for this exams.

Will CSIDS courseware from cisco be of any help to me in preparing for this
exam even though I do not know anything in UNIX.

Thanks very much for your response

Emeka Ezeonu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46946&t=46928
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Combining T1's into one pipe [7:46942]

2002-06-18 Thread nrf 

""Brunner Joseph""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Yes I would use mlppp and ios in the same sentence, as I have been running
> it without a hitch on a 7200 for 6 months. also, you guys are missing his
> point (t-1's to the internet) what ISP is going to run
> OSPF or EIGRP with a customer ? please.


Well I'll put it to you this way.  I have a bunch of 7500's that have been
running CEF for years without a hitch.  On the other hand, I have also done
MPPP.  Yes, I agree, most of the time it works.  But you do get those
instances where  this one time, at band camp.

That's what I'm saying.  Both technologies are actually fairly stable.  But
in my experience, CEF is more stable.  That's not to say that MPPP will
always fall down every single time.  I didn't say that.  But in situations
like this, you would want to go with what offers you the most stability, if
possible.

>
> Maybe, if they managed the router, but he didnt say that.. its T-1's
> (very low bandwidth) even a 2600 can handle the CPU for a measily 3Mbps.
>
> If he was running high power DS-3's or something then yes CEF would be
> better, but keep in mind if it was say BGP, then it would be two peering
> sessions (memory and cpu hog thing happening) or 1 peering session to the
> loopbacks. (not bad). but for T-1 speeds MLPPP with your provider is the
way
> to go. Not to mention I dont have any funky 40/60 or 30/70 load balancing
> going on - pure 50/50 on 2 T-1's. Its very easy, seemless thing to do for
> layer 3.

On the other hand, you can get very very funky CPU spikes and router
reboots.  I'd rather have unequal balancing than to have those kinds of
things happening.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46963&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

accounting and billing [7:46962]

2002-06-18 Thread Dwayne Saunders 

Hi all,
I was just wondering on what sort of accounting and billing systems
people use. I have been given the task of finding a product that will be
able to do billing for hotel rooms and a convention centre.
any help would be greatly appreciated

Regards

D'Wayne Saunders
Network Administrator
CCNP.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46962&t=46962
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Combining T1's into one pipe [7:46942]

2002-06-18 Thread Brunner Joseph 

Yes I would use mlppp and ios in the same sentence, as I have been running
it without a hitch on a 7200 for 6 months. also, you guys are missing his
point (t-1's to the internet) what ISP is going to run
OSPF or EIGRP with a customer ? please.

Maybe, if they managed the router, but he didnt say that.. its T-1's
(very low bandwidth) even a 2600 can handle the CPU for a measily 3Mbps. 

If he was running high power DS-3's or something then yes CEF would be
better, but keep in mind if it was say BGP, then it would be two peering
sessions (memory and cpu hog thing happening) or 1 peering session to the
loopbacks. (not bad). but for T-1 speeds MLPPP with your provider is the way
to go. Not to mention I dont have any funky 40/60 or 30/70 load balancing
going on - pure 50/50 on 2 T-1's. Its very easy, seemless thing to do for
layer 3.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46961&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT - Mega, Kilo etc [7:46940]

2002-06-18 Thread Priscilla Oppenheimer 

I don't think it's codified anywhere. It's just a convention that when 
referring to speed or frequency, you use powers of 10, and when referring 
to memory, you use powers of 2. I checked some IEEE docs and they don't 
even spell out Mbps, let alone explain that it means millions of bits per 
second, not 1024x1024 bits per second.

I wonder if memory and storage are different because the memory is 
addressable? Dividing it into logical chunks with power of two numbers was 
probably easier for the OS developers. With transmissions speeds, we're 
just talking about bits flying out; we don't have a map of the bits and 
they aren't divided into evenly-sized chunks. The logical meaning of the 
bits is defined with variable-size packet fields. That's pretty different 
from what an OS has to do with memory maps.

Priscilla

At 07:17 PM 6/18/02, [EMAIL PROTECTED] wrote:
>This is not specifically related to Cisco, but is a networking question.
>
>I was having a mild argument yesterday with a PC/server type guy who was
>very irate at an ISP for using "gigabyte" to mean "1000 Megabytes" instead
>of "1024 Megabytes".  He appeared to think that throughout the IT
>industry, "K" always means 2 ^ 10, "M" always means 2 ^ 20, etc etc.  I
>pointed out that this is not always the case (64kbps = 64000 bps, for
>example), and haven't yet had a reply (I actually agree with him that the
>ISP is using the wrong definition, but I can see why they are).
>
>However, it got me curious.  After a quick squizz through various sources,
>I couldn't find any that define the prefixes for networking usage.
>
>www.whatis.com has an interesting page on the prefixes, which basically
>backs up what I thought - roughly, storage (memory sizes etc) usually uses
>prefixes calculated in powers of two, while data transfer usually uses
>prefixes calculated in powers of ten.
>
>But is this codified anywhere?  For example, do the ethernet standards
>define "10 Mbps", or "1 Gbps" (Yes, I know about the IEEE site, but the
>standards don't seem to be currently downloadable)?
>
>JMcL
>
>
>Important:  This e-mail is intended for the use of the addressee and may
>contain information that is confidential, commercially valuable or subject
>to legal or parliamentary privilege.  If you are not the intended recipient
>you are notified that any review, re-transmission, disclosure, use or
>dissemination of this communication is strictly prohibited by several
>Commonwealth Acts of Parliament.  If you have received this communication in
>error please notify the sender immediately and delete all copies of this
>transmission together with any attachments.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46960&t=46940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Real ZOO web site, welcome! ID [7:46951]

2002-06-18 Thread [EMAIL PROTECTED] 

Because Sick-Os pay for it.

I hate these sites so much that I won't even hack them to get rid of them. 
 I don't want to see the images on my computer even for a second. 

Moderator dude!  Yo!  Ban this stuff please!

Theo






"Michael L. Williams" 
Sent by: [EMAIL PROTECTED]
06/19/2002 09:32 AM
Please respond to "Michael L. Williams"

 
To: [EMAIL PROTECTED]
cc: 
Subject:Re: Real ZOO web site, welcome! ID [7:46951]


WOOHOO!!  I've have been DYING for a site like this to FINALLY appear on 
the
internet!!!

Why do these lamers even bother to advertise their crap?!?!?

LOL!

Mike W.

"Farmgirl17085"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The BEST zoo site on the @net!
> Sex With Dogs
> Horse Blow Jobs.
> Snake @!#$.
> REAL ANIMAL FUCKING!
> 100% HARDCORE!
> ww1.only-beasts.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46959&t=46951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: can a 8 port pix act as 4 firewall? [7:46873]

2002-06-18 Thread [EMAIL PROTECTED] 

Yeah you can do this.

You will need a 525 though.  However, you only said 3 vlans but in your 
heading you have 8 port.  If the firewall is truly only checking the vlan 
traffic and not performing any other routing, then you would only need 6 
ports and can use a PIX 515E. 

Theo






"Timo Graser" 
Sent by: [EMAIL PROTECTED]
06/19/2002 07:22 AM
Please respond to "Timo Graser"

 
To: [EMAIL PROTECTED]
cc: 
Subject:Re: can a 8 port pix act as 4 firewall? [7:46873]


U can do it without any problems, just use the outside
Interface(ethernet0) for the connection to the internet.
The other interfaces to the vlans should have higher security levels.
It is no difference than configuring with just one inside network.
Just remember Interfaces with the same Security Level cannot communicate.

It makes sense if u need higher security than just accesslists.

Kevin Banifaz wrote:

>Why would each vlan need it's own firewall.  In what scheme are you using
>this?  Why not use access-lists on your vlan router or RSM
>
>
>
>
>>From: "Manchu Warrior"
>>Reply-To: "Manchu Warrior"
>>To: [EMAIL PROTECTED]
>>Subject: can a 8 port pix act as 4 firewall? [7:46873]
>>Date: Tue, 18 Jun 2002 04:18:49 -0400
>>
>>a switch have 3 vlan,each vlan need a firewall,than i need 3 
firewall,can i
>>use pix525 with 6 ports to do this,if yes,then how to do it? thank you!
>>
>>
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46958&t=46873
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Combining T1's into one pipe [7:46942]

2002-06-18 Thread nrf 

I didn't say that all MPPP bundles were flaky.  The majority are not.  But
on the whole, it seems that there is a greater chance of flakiness within
bundles than in CEF implementations.


When I say flakiness, it generally boils down to what you had said before -
lots of overhead and buffering involves.  I've seen CPU's spike to 100% when
processing lots of MPPP traffic.  I've also seen bundles/links that bounce
until the end of time.  Things like that.

""Michael L. Williams""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Okay. perhaps I don't monitor my bundles as close are y'all do, but
> we're running quite a few sites using multiple T1s bonded with MLPPP, and
we
> don't have any stability problems (as far as dropping traffic and EIGRP
> neighbor changes, etc) that I'm aware of  nrf, tell me more about what
> to look for or beware of when using MLPPP as far as flakines..
>
> I haven't used any of the CEF configs, so I can't comment on that.
>
> Mike W.
>
> "nrf"  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Uh, really?  You sure about that.
> >
> > From my experience, when you're talking about IOS, you should never ever
> use
> > the terms MPPP and stable in the same sentence.
> >
> > I recommend CEF not because it's not flaky, because it is, but because
> it's
> > a lot less flaky than Cisco's MPPP implementation.
> >
> >
> > ""Brunner Joseph""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > its definately worth it.. combine multiple pipes at layer 2. I use
MLPPP
> > > with my ISP and it rocks.. forget all those shaky stupid CEF
> > > and PER-PACKET configurations.. if you can get PPP going between your
> > > carrier and you, you can get it all going to one router on their side,
> > then
> > > you should run MLPPP.
> > >
> > > It makes multiple physical pipes seem like one pipe to the IP process
> and
> > if
> > > one pipe flaps, the others get the load seemlessly.. used for along
time
> > now..
> > >
> > > see
> > >
> > > this thread (and watch the wrap)
> > >
> > >
> >
>
http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5
> > 7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46957&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Combining T1's into one pipe [7:46942]

2002-06-18 Thread [EMAIL PROTECTED] 

I wouldn't use IOS MPPP either.  Too many horror stories.  I thought it 
was dead until I saw it on the CID. 

If other engineers are acutally using MPPP please do tell of your 
experiences.   I would like to hear more stories.

Theo






"nrf" 
Sent by: [EMAIL PROTECTED]
06/19/2002 09:04 AM
Please respond to "nrf"

 
To: [EMAIL PROTECTED]
cc: 
Subject:Re: Combining T1's into one pipe [7:46942]


Uh, really?  You sure about that.

>From my experience, when you're talking about IOS, you should never ever 
use
the terms MPPP and stable in the same sentence.

I recommend CEF not because it's not flaky, because it is, but because 
it's
a lot less flaky than Cisco's MPPP implementation.


""Brunner Joseph""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> its definately worth it.. combine multiple pipes at layer 2. I use MLPPP
> with my ISP and it rocks.. forget all those shaky stupid CEF
> and PER-PACKET configurations.. if you can get PPP going between your
> carrier and you, you can get it all going to one router on their side,
then
> you should run MLPPP.
>
> It makes multiple physical pipes seem like one pipe to the IP process 
and
if
> one pipe flaps, the others get the load seemlessly.. used for along time
now..
>
> see
>
> this thread (and watch the wrap)
>
>
http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5
7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46955&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Real ZOO web site, welcome! ID [7:46951]

2002-06-18 Thread Michael L. Williams 

WOOHOO!!  I've have been DYING for a site like this to FINALLY appear on the
internet!!!

Why do these lamers even bother to advertise their crap?!?!?

LOL!

Mike W.

"Farmgirl17085"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The BEST zoo site on the @net!
> Sex With Dogs
> Horse Blow Jobs.
> Snake @!#$.
> REAL ANIMAL FUCKING!
> 100% HARDCORE!
> ww1.only-beasts.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46956&t=46951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Combining T1's into one pipe [7:46942]

2002-06-18 Thread Michael L. Williams 

Okay. perhaps I don't monitor my bundles as close are y'all do, but
we're running quite a few sites using multiple T1s bonded with MLPPP, and we
don't have any stability problems (as far as dropping traffic and EIGRP
neighbor changes, etc) that I'm aware of  nrf, tell me more about what
to look for or beware of when using MLPPP as far as flakines..

I haven't used any of the CEF configs, so I can't comment on that.

Mike W.

"nrf"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Uh, really?  You sure about that.
>
> From my experience, when you're talking about IOS, you should never ever
use
> the terms MPPP and stable in the same sentence.
>
> I recommend CEF not because it's not flaky, because it is, but because
it's
> a lot less flaky than Cisco's MPPP implementation.
>
>
> ""Brunner Joseph""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > its definately worth it.. combine multiple pipes at layer 2. I use MLPPP
> > with my ISP and it rocks.. forget all those shaky stupid CEF
> > and PER-PACKET configurations.. if you can get PPP going between your
> > carrier and you, you can get it all going to one router on their side,
> then
> > you should run MLPPP.
> >
> > It makes multiple physical pipes seem like one pipe to the IP process
and
> if
> > one pipe flaps, the others get the load seemlessly.. used for along time
> now..
> >
> > see
> >
> > this thread (and watch the wrap)
> >
> >
>
http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5
> 7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46954&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT - Mega, Kilo etc [7:46940]

2002-06-18 Thread Michael L. Williams 

Interesting you ask.. I've had a similar conversation and my thoughts
were always the same... (that each power of 10 was equated to 2^10 more than
the previous), but it seems to vary alot.  I've found that with memory
(RAM), they stick to the hard core "binary metric" system where 1K always =
1024, 1M = 1024 * 1024 and 1 Gig = 1024 * 1024 * 1024.  But with network
bandwidth it seems that 1K = 1000, 1M = 1,000,000 and 1G = 1,000,000,000
(good old metric, not "binary metric").  Hard drives (strangely enough)
usually use 1024 for K, but then 1M = 1024 * 1000 and Gig = 1024 * 1000 *
1000..  (then again I've seen some hard drives that specifically say
1Megabyte = 1,000,000, etc..)

It's a strange thing that happens...  we just have to live with it =)

Mike W.

 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> This is not specifically related to Cisco, but is a networking question.
>
> I was having a mild argument yesterday with a PC/server type guy who was
> very irate at an ISP for using "gigabyte" to mean "1000 Megabytes" instead
> of "1024 Megabytes".  He appeared to think that throughout the IT
> industry, "K" always means 2 ^ 10, "M" always means 2 ^ 20, etc etc.  I
> pointed out that this is not always the case (64kbps = 64000 bps, for
> example), and haven't yet had a reply (I actually agree with him that the
> ISP is using the wrong definition, but I can see why they are).
>
> However, it got me curious.  After a quick squizz through various sources,
> I couldn't find any that define the prefixes for networking usage.
>
> www.whatis.com has an interesting page on the prefixes, which basically
> backs up what I thought - roughly, storage (memory sizes etc) usually uses
> prefixes calculated in powers of two, while data transfer usually uses
> prefixes calculated in powers of ten.
>
> But is this codified anywhere?  For example, do the ethernet standards
> define "10 Mbps", or "1 Gbps" (Yes, I know about the IEEE site, but the
> standards don't seem to be currently downloadable)?
>
> JMcL




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46953&t=46940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Combining T1's into one pipe [7:46942]

2002-06-18 Thread Michael L. Williams 

If you're running a dynamic routing protocol (i.e. RIP, IGRP, EIGRP, or
OSPF), they should see the two T1s as equal cost paths and automatically do
per-destination load balancing (if you're running CEF, then that can be
per-packet, at least with EIGRP, but I would suspect the same no matter now
the route was learned).  But you need to disable fast-switching because that
will only switch out of a single interface and not load balance.  If you
don't want per-destination load balancing or can't run CEF to allow
per-packet, you can run Multilink PPP and bundle the two T1's into a single
channel.  Either way, if one of the T1s, goes down, the other will still
carry the traffic (at the single T1 bandwidth) and it's automatic.
MultilinkPPP, however, is more processor intensive than letting the routing
protocl handle it (although if you have to disable fast-switching and don't
have CEF (i.e. enable process switching)) then that'll be pretty CPU
intensive anyway)

Here's an article about letting the router load balancing automatically:

http://www.cisco.com/warp/public/105/46.html

Here's an page about Multilink PPP: (watch for URL wrap)

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial
ts_c/dtsprt4/dcdppp.htm

I'd like to see the page on Cisco's site that says this process is complex,
because the first method I spoke of it automatic and the Multilink PPP
method is a piece of cake, even if you've never done it before.

HTH,
Mike W.

"Doug Korell"  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have two point to point T1's that I'm thinking about combining (known as
> NxT1). Both connections are going through the same routers at each end
(4700
> and 2600). I found some information on Cisco's website but they mention
that
> it can be complex and talk about alternatives.
>
> Is anyone else doing this and if so, it is worth it? If you have any Cisco
> links that describe the setup process, I would appreciate posting them. I
> was also wondering if one of the T1's goes down, will it bring the whole
> pipe down or will your bandwith just decrease?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46952&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Real ZOO web site, welcome! ID [7:46951]

2002-06-18 Thread Farmgirl17085 

The BEST zoo site on the @net!
Sex With Dogs
Horse Blow Jobs.
Snake @!#$.
REAL ANIMAL FUCKING!
100% HARDCORE!
ww1.only-beasts.com



unsub
Good luck, .




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46951&t=46951
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VPN connection from local lan to wireless lan [7:46916]

2002-06-18 Thread Brunner Joseph 

try funky MTU settings.. also if your using the AERONET solution let them
worry about it.. open a tac case.. this product is supposed to deliver lan
quality connections over wireless.. the medium should not matter here.. i
have connected to the vpn 3015 from cable, dsl, t-1, dialup, almost
everything you can think of.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46950&t=46916
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Combining T1's into one pipe [7:46942]

2002-06-18 Thread Brunner Joseph 

its definately worth it.. combine multiple pipes at layer 2. I use MLPPP
with my ISP and it rocks.. forget all those shaky stupid CEF
and PER-PACKET configurations.. if you can get PPP going between your
carrier and you, you can get it all going to one router on their side, then
you should run MLPPP.

It makes multiple physical pipes seem like one pipe to the IP process and if
one pipe flaps, the others get the load seemlessly.. used for along time now..

see

this thread (and watch the wrap)

http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd57&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46948&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Combining T1's into one pipe [7:46942]

2002-06-18 Thread nrf 

Uh, really?  You sure about that.

>From my experience, when you're talking about IOS, you should never ever use
the terms MPPP and stable in the same sentence.

I recommend CEF not because it's not flaky, because it is, but because it's
a lot less flaky than Cisco's MPPP implementation.


""Brunner Joseph""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> its definately worth it.. combine multiple pipes at layer 2. I use MLPPP
> with my ISP and it rocks.. forget all those shaky stupid CEF
> and PER-PACKET configurations.. if you can get PPP going between your
> carrier and you, you can get it all going to one router on their side,
then
> you should run MLPPP.
>
> It makes multiple physical pipes seem like one pipe to the IP process and
if
> one pipe flaps, the others get the load seemlessly.. used for along time
now..
>
> see
>
> this thread (and watch the wrap)
>
>
http://groups.google.com/groups?hl=en&lr=&ie=UTF8&oe=UTF8&th=bd690292e362dd5
7&seekm=3BC60D43.B4B83DAB%40webmaster.com&frame=off




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46949&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OT - Mega, Kilo etc [7:46940]

2002-06-18 Thread Brunner Joseph 

i dont think ISP's care about the BYTES part of it. their services are sold
in bits (as you know 1/8 of a byte) the difference in 1024 (power of 2) and
the 1000Mbps is so insignificant,, like once a teacher i had said "its like
arguing which one of us is closer to japan".

and even though its not prefixes see this.. it will help him understand why
what we do has nothing to do with what western digital does..

http://www.ertyu.org/~steven_nikkel/netspeeds.html


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46947&t=46940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: STP BPDUs [7:46839]

2002-06-18 Thread Brian Backer 

Priscilla,

Quite defensive.  Calm down... I was just explaining where I found my
information from.  I know they are no idiots and that they know exactly
what they are talking about and I certainly wasn't trying to defame them
then in any way.

However, you are wrong about you generalization statement.  If they were
generalizing, they would have put those in the section titled "IP
Multicasting" regardless if it's "IP" or not.  I personally think it was
a mistake which really doesn't warrant any further discussion, however,
according to their reply in an email I sent them, I wonder
B


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Priscilla Oppenheimer
Sent: Tuesday, June 18, 2002 6:49 PM
To: [EMAIL PROTECTED]
Subject: Re: STP BPDUs [7:46839]

At 05:58 PM 6/18/02, nrf wrote:
>There it is, I did not engage in a rush to judgment

It was still a rush. ;-)

>, PMG really are idiots.

Why don't you both take the class and see for yourselves? Judging
someone 
on an outline is awfully superficial. The founder of Pine Mountain Group

has been doing protocol analysis since the early 1980s. I'm sure he
knows 
what he's doing.

Many experts would bundle multicasts and broadcasts together in an 
informal, overview discussion. I'm sure if you take the class, they will

explain that CDP, BPDU, and HSRP Hellos are really sent to a multicast 
destination, and that should improve performance. Since their classes
are 
protocol analysis classes, you'll see for yourself what is used in the 
destination MAC address field.

By the way, I say "should improve performance," but it might not. A lot
of 
NICs are stupid about multicasts and take them all in even if the 
applications have not registered to receive them. In other words, they 
interrupt the host CPU for irrelevant multicasts. So when talking about 
network performance in a non-detailed fashion, it's OK to group
broadcasts 
and multicasts.

Priscilla



>""Brian Backer""  wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Priscilla,
> >
> > Please see:
> >
> > http://www.pmg.com/nai_wireless.htm
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
Of
> > Priscilla Oppenheimer
> > Sent: Tuesday, June 18, 2002 5:06 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: STP BPDUs [7:46839]
> >
> > At 04:43 PM 6/18/02, nrf wrote:
> > >""Brian Backer""  wrote in message
> > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > I totally believe you all...just I used to Think that Pine
> > > >  Mountain group knew what they were talking about and their
> > > >  web site classifies all of the below as bcast.  perhaps
> > > >  I'll let them know :)
> > > > thanks
> > >
> > >Well, then the Pine Mountain Group are a bunch of incompetent
idiots.
> >
> > I've been running into Pine Mountain Group for many years and
slightly
> > know
> > the founder Bill Alderson. They do good work and they do know their
> > stuff.
> > I doubt they actually made this mistake, but if they did, then it's
just
> > a
> > mistake of overgeneralizing. Perhaps they only have 2 categories,
> > broadcast
> > and unicast, and don't consider multicasts.
> >
> > I know I'm normally the one to get all outraged by stupid mistakes,
but
> > until we can actually see a URL that points to a mistake made by
Pine
> > Mountain Group, we should reserve judgement. I can't find anything
on
> > their
> > Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast
> > rather
> > than a multicast. In fact, I can't find anything on their site at
all
> > that
> > doesn't require a login! ;-)
> >
> > Priscilla
> >
> >
> > >I don't want to be mean and harsh.  But any company that claims to
> > provide
> > >expert network services, especially expert training, really should
know
> > >their protocols.   Or at least have the decency to admit that they
> > don't
> > >know.  Stating something that is just flatly wrong is simply
> > unforgiveable,
> > >especially when it's so easy to look up.
> > 
> >
> > Priscilla Oppenheimer
> > http://www.priscilla.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46944&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Howard C. Berkowitz 

At 5:35 PM -0400 6/18/02, John Neiberger wrote:
>  >>> "Priscilla Oppenheimer"  6/18/02 3:06:26 PM

>At 04:43 PM 6/18/02, nrf wrote:
>>""Brian Backer""  wrote in message
>>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
>>  > I totally believe you all...just I used to Think that Pine
>>  >  Mountain group knew what they were talking about and their
>>  >  web site classifies all of the below as bcast.  perhaps
>>  >  I'll let them know :)
>>  > thanks
>>
>>Well, then the Pine Mountain Group are a bunch of incompetent idiots.
>
>>I've been running into Pine Mountain Group for many years and slightly
>know
>>the founder Bill Alderson. They do good work and they do know their
>stuff.
>>I doubt they actually made this mistake, but if they did, then it's
>just a
>>mistake of overgeneralizing. Perhaps they only have 2 categories,
>broadcast
>>and unicast, and don't consider multicasts.
>
>Isn't it Cisco that requires the 'broadcast' keyword in many cases to
>pass _multicast_ traffic?  ;-)
>
>John

Since all broadcasts are multicasts, but not all multicasts are 
broadcasts, the keyword "multicast" really would make more sense. I 
can see it as being historical, as multicasting is newer than 
broadcasting.

I think Groucho Marx captured the spirit of broadcasting when he said 
he wouldn't be a member of any club that would have him as a member.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46943&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Combining T1's into one pipe [7:46942]

2002-06-18 Thread Doug Korell 

I have two point to point T1's that I'm thinking about combining (known as
NxT1). Both connections are going through the same routers at each end (4700
and 2600). I found some information on Cisco's website but they mention that
it can be complex and talk about alternatives.

Is anyone else doing this and if so, it is worth it? If you have any Cisco
links that describe the setup process, I would appreciate posting them. I
was also wondering if one of the T1's goes down, will it bring the whole
pipe down or will your bandwith just decrease?


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46942&t=46942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: authentication and router [7:46932]

2002-06-18 Thread Shawn Heisey 

George,

Make sure that you have an enable secret defined.  It SHOULD work with
the enable password, but you never know.

You might see something useful in the following debugs:

debug aaa authen
debug aaa author
debug tacacs
debug aaa subsys !! not supported by all releases
debug tacacs authentication !! not supported by all releases
debug tacacs authorization !! not supported by all releases
debug tacacs events !! not supported by all releases

If you are running a 12.2 non-mainline version (has letters after the
right parenthesis in show ver), it's not very stable - AAA was
rewritten.

Thanks,
Shawn

GEORGE wrote:
> 
> I just configured my router to authenticate with cisco secure every
> works ok, except if I try to
> Console I get a password promt, and I stop cisco secure I get a password
> promt
> Now I tried to enter my enable password and wont work
> Am I missing something here
> 
> 
> 
> aaa new-model
> aaa authentication login default group tacacs+ enable
> aaa authentication login local local
> aaa authentication login no_tacacs enable
> aaa authentication ppp default if-needed group tacacs+
> aaa authorization exec default group tacacs+ local
> aaa authorization network default group tacacs+
> aaa accounting exec default start-stop group tacacs+
> aaa accounting network default start-stop group tacacs+
> 
> 
> 
> line con0
> line authentication no_tacacs




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46941&t=46932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT - Mega, Kilo etc [7:46940]

2002-06-18 Thread [EMAIL PROTECTED] 

This is not specifically related to Cisco, but is a networking question.

I was having a mild argument yesterday with a PC/server type guy who was 
very irate at an ISP for using "gigabyte" to mean "1000 Megabytes" instead 
of "1024 Megabytes".  He appeared to think that throughout the IT 
industry, "K" always means 2 ^ 10, "M" always means 2 ^ 20, etc etc.  I 
pointed out that this is not always the case (64kbps = 64000 bps, for 
example), and haven't yet had a reply (I actually agree with him that the 
ISP is using the wrong definition, but I can see why they are).

However, it got me curious.  After a quick squizz through various sources, 
I couldn't find any that define the prefixes for networking usage. 

www.whatis.com has an interesting page on the prefixes, which basically 
backs up what I thought - roughly, storage (memory sizes etc) usually uses 
prefixes calculated in powers of two, while data transfer usually uses 
prefixes calculated in powers of ten. 

But is this codified anywhere?  For example, do the ethernet standards 
define "10 Mbps", or "1 Gbps" (Yes, I know about the IEEE site, but the 
standards don't seem to be currently downloadable)?

JMcL


Important:  This e-mail is intended for the use of the addressee and may
contain information that is confidential, commercially valuable or subject
to legal or parliamentary privilege.  If you are not the intended recipient
you are notified that any review, re-transmission, disclosure, use or
dissemination of this communication is strictly prohibited by several
Commonwealth Acts of Parliament.  If you have received this communication in
error please notify the sender immediately and delete all copies of this
transmission together with any attachments.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46940&t=46940
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread [EMAIL PROTECTED] 

Maybe a bit harsh.
It's only a course outline - playing devil's advocate, perhaps in the 
course they contrast CDP and other multicast traffic with broadcasts.  I 
expect that whoever wrote the web page hasn't done the course - it's 
probably taken straight from the table of contents.  Just because the 
topic is called "broadcast analysis" doesn't mean they can't analyse and 
contrast multicast in that topic as well.

Or, perhaps they really are idiots.

JMcL
- Forwarded by Jenny Mcleod/NSO/CSDA on 19/06/2002 08:51 am -


"nrf" 
Sent by: [EMAIL PROTECTED]
19/06/2002 07:58 am
Please respond to "nrf"

 
To: [EMAIL PROTECTED]
cc: 
Subject:Re: STP BPDUs [7:46839]
Is this part of a business decision process?: 


There it is, I did not engage in a rush to judgment, PMG really are 
idiots.


""Brian Backer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Priscilla,
>
> Please see:
>
> http://www.pmg.com/nai_wireless.htm
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Priscilla Oppenheimer
> Sent: Tuesday, June 18, 2002 5:06 PM
> To: [EMAIL PROTECTED]
> Subject: Re: STP BPDUs [7:46839]
>
> At 04:43 PM 6/18/02, nrf wrote:
> >""Brian Backer""  wrote in message
> >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I totally believe you all...just I used to Think that Pine
> > >  Mountain group knew what they were talking about and their
> > >  web site classifies all of the below as bcast.  perhaps
> > >  I'll let them know :)
> > > thanks
> >
> >Well, then the Pine Mountain Group are a bunch of incompetent idiots.
>
> I've been running into Pine Mountain Group for many years and slightly
> know
> the founder Bill Alderson. They do good work and they do know their
> stuff.
> I doubt they actually made this mistake, but if they did, then it's just
> a
> mistake of overgeneralizing. Perhaps they only have 2 categories,
> broadcast
> and unicast, and don't consider multicasts.
>
> I know I'm normally the one to get all outraged by stupid mistakes, but
> until we can actually see a URL that points to a mistake made by Pine
> Mountain Group, we should reserve judgement. I can't find anything on
> their
> Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast
> rather
> than a multicast. In fact, I can't find anything on their site at all
> that
> doesn't require a login! ;-)
>
> Priscilla
>
>
> >I don't want to be mean and harsh.  But any company that claims to
> provide
> >expert network services, especially expert training, really should know
> >their protocols.   Or at least have the decency to admit that they
> don't
> >know.  Stating something that is just flatly wrong is simply
> unforgiveable,
> >especially when it's so easy to look up.
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com
Important:  This e-mail is intended for the use of the addressee and may
contain information that is confidential, commercially valuable or subject
to legal or parliamentary privilege.  If you are not the intended recipient
you are notified that any review, re-transmission, disclosure, use or
dissemination of this communication is strictly prohibited by several
Commonwealth Acts of Parliament.  If you have received this communication in
error please notify the sender immediately and delete all copies of this
transmission together with any attachments.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46939&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Priscilla Oppenheimer 

At 05:58 PM 6/18/02, nrf wrote:
>There it is, I did not engage in a rush to judgment

It was still a rush. ;-)

>, PMG really are idiots.

Why don't you both take the class and see for yourselves? Judging someone 
on an outline is awfully superficial. The founder of Pine Mountain Group 
has been doing protocol analysis since the early 1980s. I'm sure he knows 
what he's doing.

Many experts would bundle multicasts and broadcasts together in an 
informal, overview discussion. I'm sure if you take the class, they will 
explain that CDP, BPDU, and HSRP Hellos are really sent to a multicast 
destination, and that should improve performance. Since their classes are 
protocol analysis classes, you'll see for yourself what is used in the 
destination MAC address field.

By the way, I say "should improve performance," but it might not. A lot of 
NICs are stupid about multicasts and take them all in even if the 
applications have not registered to receive them. In other words, they 
interrupt the host CPU for irrelevant multicasts. So when talking about 
network performance in a non-detailed fashion, it's OK to group broadcasts 
and multicasts.

Priscilla



>""Brian Backer""  wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Priscilla,
> >
> > Please see:
> >
> > http://www.pmg.com/nai_wireless.htm
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> > Priscilla Oppenheimer
> > Sent: Tuesday, June 18, 2002 5:06 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: STP BPDUs [7:46839]
> >
> > At 04:43 PM 6/18/02, nrf wrote:
> > >""Brian Backer""  wrote in message
> > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > I totally believe you all...just I used to Think that Pine
> > > >  Mountain group knew what they were talking about and their
> > > >  web site classifies all of the below as bcast.  perhaps
> > > >  I'll let them know :)
> > > > thanks
> > >
> > >Well, then the Pine Mountain Group are a bunch of incompetent idiots.
> >
> > I've been running into Pine Mountain Group for many years and slightly
> > know
> > the founder Bill Alderson. They do good work and they do know their
> > stuff.
> > I doubt they actually made this mistake, but if they did, then it's just
> > a
> > mistake of overgeneralizing. Perhaps they only have 2 categories,
> > broadcast
> > and unicast, and don't consider multicasts.
> >
> > I know I'm normally the one to get all outraged by stupid mistakes, but
> > until we can actually see a URL that points to a mistake made by Pine
> > Mountain Group, we should reserve judgement. I can't find anything on
> > their
> > Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast
> > rather
> > than a multicast. In fact, I can't find anything on their site at all
> > that
> > doesn't require a login! ;-)
> >
> > Priscilla
> >
> >
> > >I don't want to be mean and harsh.  But any company that claims to
> > provide
> > >expert network services, especially expert training, really should know
> > >their protocols.   Or at least have the decency to admit that they
> > don't
> > >know.  Stating something that is just flatly wrong is simply
> > unforgiveable,
> > >especially when it's so easy to look up.
> > 
> >
> > Priscilla Oppenheimer
> > http://www.priscilla.com


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46938&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Interesting traffic problem ..... [7:46761]

2002-06-18 Thread [EMAIL PROTECTED] 

OK, your failed ping just shows that something is wrong in layer 1, 2 or 
3.  That doesn't narrow it down a lot yet.
However, the fact that you don't see anything from a debug isdn q931 when 
calling from main to remote indicates that the call isn't being initiated. 
 Since you can call successfully from remote to main, it appears that your 
ISDN is OK.

Try "debug dialer" at the main office when you try to get a connection. If 
there's not a lot of traffic, you could try "debug dialer packet". 
What does it show?  Are any packets being seen as interesting?

What is your dialer-list configuration?  Have you applied it to an 
interface?

JMcL

- Forwarded by Jenny Mcleod/NSO/CSDA on 19/06/2002 08:40 am -


"Paul" 
Sent by: [EMAIL PROTECTED]
18/06/2002 08:16 pm
Please respond to "Paul"

 
To: [EMAIL PROTECTED]
cc: 
Subject:Re: Interesting traffic problem . [7:46761]
Is this part of a business decision process?: 


Hiya Jenny 

When I try to ping, tracert, ftp or telnet to the remote router from 
the
main office.. I just get 'Request time out' etc. However, when I try this
from the remote router to the main office ... I get connectivity !!!

I am using debug isdn q931  when I try to connect from the main
office to the remote router the debug does not show anything . and 
when
I try to connect from the remote router to the main office I get what
appears to be good debug  then after several minutes the BRI interface
brings itself down again ...

I really have no idea what to do next  :)   Any help would be greatly
appreciated ...

Thanks again ...

Regards ..

Paul ...
- Original Message -
From: 
To: 
Sent: Monday, June 17, 2002 11:46 PM
Subject: Re: Interesting traffic problem . [7:46761]


> Einstooge makes some good points.
> Also, when you say you can't initiate a connection from the main office 
to
> the remote site, what do you really mean?
> 1) Does the main office never try to connect?
> 2) Does the main office try to connect but fail?
> 3) Does the connection happen but drop out?
>
> Debug dialer could give some useful information, especially if it really
> is an interesting traffic problem (in which case I would expect the
> symptom to be the first above, or possibly the third).
>
> JMcL
>
> - Forwarded by Jenny Mcleod/NSO/CSDA on 18/06/2002 08:41 am -
>
>
> "Paul"
> Sent by: [EMAIL PROTECTED]
> 17/06/2002 08:38 pm
> Please respond to "Paul"
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject:Re: Interesting traffic problem . [7:46761]
> Is this part of a business decision process?:
>
>
> Sorry .. when I said European ISDN I meant Basic Net 3 
> - Original Message -
> From: "Paul"
> To:
> Sent: Monday, June 17, 2002 9:54 AM
> Subject: Interesting traffic problem . [7:46761]
>
>
> > Hi ...  I'm quite new to ISDN  I have configured a 1603 for a 
remote
> > site.
> > However, I cannot initiate a connection from the main office to the
> remote
> > site !! the connection has to be initiated at the remote site !!! The
> remote
> > site uses European ISDN, there are no SPID's involved as it is point 
to
> point
> > ... I think this might be something to do with interesting traffic 
?
> >
> > Can anyone plase offer any advice 
> >
> > Regards ..
> >
> > Paul ..
> Important:  This e-mail is intended for the use of the addressee and may
> contain information that is confidential, commercially valuable or 
subject
> to legal or parliamentary privilege.  If you are not the intended
recipient
> you are notified that any review, re-transmission, disclosure, use or
> dissemination of this communication is strictly prohibited by several
> Commonwealth Acts of Parliament.  If you have received this 
communication
in
> error please notify the sender immediately and delete all copies of this
> transmission together with any attachments.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46937&t=46761
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP on 6509 with Hybrid into PIX's in failover mo [7:46929]

2002-06-18 Thread Bates, Steven K HQISEC/SIGNAL 

Does anybody out there have a config of how one would go about setting this
up?  The 6500's are not running with dual sup's.
Have a client that insist on setting something like this up.  Is there
anything that would prevent me from setting something like 
this up?


Kell




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46929&t=46929
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IDSPM [7:46928]

2002-06-18 Thread Emmanuel Ezeonu 

Hi,

Can someone advice me on which book to use for this study[IDSPM -9E0-572]?. I
am not too sure if Cisco has a courseware for this course.

Secondly, among the 3 boson practise test on this course, which one do you
consider the best for preparing for this exams.

Will CSIDS courseware from cisco be of any help to me in preparing for this
exam even though I do not know anything in UNIX.

Thanks very much for your response

Emeka Ezeonu




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46928&t=46928
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: can a 8 port pix act as 4 firewall? [7:46873]

2002-06-18 Thread Timo Graser 

U can do it without any problems, just use the outside 
Interface(ethernet0) for the connection to the internet.
The other interfaces to the vlans should have higher security levels.
It is no difference than configuring with just one inside network.
Just remember Interfaces with the same Security Level cannot communicate.

It makes sense if u need higher security than just accesslists.

Kevin Banifaz wrote:

>Why would each vlan need it's own firewall.  In what scheme are you using 
>this?  Why not use access-lists on your vlan router or RSM
>
>
>  
>
>>From: "Manchu Warrior" 
>>Reply-To: "Manchu Warrior" 
>>To: [EMAIL PROTECTED]
>>Subject: can a 8 port pix act as 4 firewall? [7:46873]
>>Date: Tue, 18 Jun 2002 04:18:49 -0400
>>
>>a switch have 3 vlan,each vlan need a firewall,than i need 3 firewall,can i
>>use pix525 with 6 ports to do this,if yes,then how to do it? thank you!
>>
>>
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46936&t=46873
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Any Europeans here? [7:46816]

2002-06-18 Thread nrf 

The latest:

http://news.com.com/2100-1033-937195.html?legacy=cnet&tag=lthd


""Andy""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I've read one report that KPNQwest is so big there aren't many others
> could pick it up and those that are big enough have their own problems
> right now and so won't be in a position to anyway.
>
> I'm in UK and our provider has said there will be problems but not for us
> in the UK, however "some mainland european 'sites' will disappear".
>
> ""nrf""  wrote in message
> news:[EMAIL PROTECTED]...
> > Well, I think so too.  But that's no guarantee that customers won't be
> left
> > hanging.  For example, AT&T bought Northpoint's infrastructure, but
didn't
> > buy their customers, so as I'm sure you're aware, lots of customers were
> cut
> > off abruptly.
> >
> > And besides, there's no guarantee they'll be bought.  Look at
Excite@Home.
> > They didn't get bought and the whole network was liquidated, resulting
in
> > widespread service outages.
> >
> >
> >
> >
> > ""Steven A. Ridder""  wrote in message
> > news:[EMAIL PROTECTED]...
> > > I think someone will buy them.
> > >
> > > --
> > >
> > > RFC 1149 Compliant.
> > >
> > >
> > >
> > > ""nrf""  wrote in message
> > > news:[EMAIL PROTECTED]...
> > > > Yeah but what about the rest of KPNQwest?  Ebone was just a subset.
> > > >
> > > >
> > > > ""Steven A. Ridder""  wrote in message
> > > > news:[EMAIL PROTECTED]...
> > > > > I think ebone will be fine on their own.
> > > > >
> > > > > --
> > > > >
> > > > > RFC 1149 Compliant.
> > > > >
> > > > >
> > > > >
> > > > > ""nrf""  wrote in message
> > > > > news:[EMAIL PROTECTED]...
> > > > > > You don't know?
> > > > > >
> > > > > > KPNQwest is going bankrupt.
> > > > > >
> > > > > >
> > > > > > Here's a quote from their own press office.
> > > > > >
> > > > > > "The Company is working with its customers to facilitate the
> > > > > implementation
> > > > > > of contingency plans, should the current situation result in
> > > > instablility
> > > > > or
> > > > > > a total shut-down of the KPNQwest EuroRings network"
> > > > > >
> > > > > > http://www.kpnqwest.com/html/records.asp?record_id=883
> > > > > >
> > > > > > Here's some other disturbing news:
> > > > > >
> > > > > > "An Internet performance-monitoring company says KPNQwest's
> > > fiber-optic
> > > > > > network has been losing track of the data it delivers at
"alarming
> > > > rates"
> > > > > > since Friday.
> > > > > > Since early Friday, KPNQwest's networks have been losing an
> average
> > of
> > > 4
> > > > > > percent to 5 percent of all data, said Tom Ohlsson, vice
president
> > of
> > > > > > marketing and business development for Matrix NetSystems, which
> > > monitors
> > > > > > both the health of the Internet and the internal networks of
> > > > corporations.
> > > > > >
> > > > > > By comparison, the monitoring company says, a healthy Internet
> > service
> > > > > will
> > > > > > lose only about one-tenth of a percent of the data it's been
> charged
> > > > with.
> > > > > "
> > > > > >
> > > > > > http://news.com.com/2100-1033-935456.html?tag=rn
> > > > > >
> > > > > >
> > > > > >
> > > > > > As KPNQwest is Europe's biggest provider, I'm just interested in
> how
> > > our
> > > > > > colleagues in the Old World are handling things.
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > ""Hermann, Paul""  wrote in message
> > > > > > news:[EMAIL PROTECTED]...
> > > > > > > What's happening?
> > > > > > >
> > > > > > > -Original Message-
> > > > > > > From: nrf [mailto:[EMAIL PROTECTED]]
> > > > > > > Sent: 17 June 2002 20:36
> > > > > > > To: [EMAIL PROTECTED]
> > > > > > > Subject: Any Europeans here? [7:46816]
> > > > > > >
> > > > > > >
> > > > > > > So, any of you guys being impacted by the goings-on at
KPNQwest?
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>

> > > > > > 
> > > > > > > " This message contains information that may be privileged or
> > > > > confidential
> > > > > > > and
> > > > > > > is the property of the Cap Gemini Ernst & Young Group. It is
> > > intended
> > > > > only
> > > > > > > for
> > > > > > > the person to whom it is addressed. If you are not the
intended
> > > > > recipient,
> > > > > > > you
> > > > > > > are not authorized to read, print, retain, copy, disseminate,
> > > > > distribute,
> > > > > > or
> > > > > > > use
> > > > > > > this message or any part thereof. If you receive this message
in
> > > > error,
> > > > > > > please
> > > > > > > notify the sender immediately and delete all copies of this
> > message
> > > ".
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>

> > > > > > 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46935&t=46816
--
FAQ, list arc

Re: STP BPDUs [7:46839]

2002-06-18 Thread nrf 

There it is, I did not engage in a rush to judgment, PMG really are idiots.


""Brian Backer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Priscilla,
>
> Please see:
>
> http://www.pmg.com/nai_wireless.htm
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Priscilla Oppenheimer
> Sent: Tuesday, June 18, 2002 5:06 PM
> To: [EMAIL PROTECTED]
> Subject: Re: STP BPDUs [7:46839]
>
> At 04:43 PM 6/18/02, nrf wrote:
> >""Brian Backer""  wrote in message
> >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I totally believe you all...just I used to Think that Pine
> > >  Mountain group knew what they were talking about and their
> > >  web site classifies all of the below as bcast.  perhaps
> > >  I'll let them know :)
> > > thanks
> >
> >Well, then the Pine Mountain Group are a bunch of incompetent idiots.
>
> I've been running into Pine Mountain Group for many years and slightly
> know
> the founder Bill Alderson. They do good work and they do know their
> stuff.
> I doubt they actually made this mistake, but if they did, then it's just
> a
> mistake of overgeneralizing. Perhaps they only have 2 categories,
> broadcast
> and unicast, and don't consider multicasts.
>
> I know I'm normally the one to get all outraged by stupid mistakes, but
> until we can actually see a URL that points to a mistake made by Pine
> Mountain Group, we should reserve judgement. I can't find anything on
> their
> Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast
> rather
> than a multicast. In fact, I can't find anything on their site at all
> that
> doesn't require a login! ;-)
>
> Priscilla
>
>
> >I don't want to be mean and harsh.  But any company that claims to
> provide
> >expert network services, especially expert training, really should know
> >their protocols.   Or at least have the decency to admit that they
> don't
> >know.  Stating something that is just flatly wrong is simply
> unforgiveable,
> >especially when it's so easy to look up.
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46934&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: STP BPDUs [7:46839]

2002-06-18 Thread Brian Backer 

Priscilla,

Please see:

http://www.pmg.com/nai_wireless.htm

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Priscilla Oppenheimer
Sent: Tuesday, June 18, 2002 5:06 PM
To: [EMAIL PROTECTED]
Subject: Re: STP BPDUs [7:46839]

At 04:43 PM 6/18/02, nrf wrote:
>""Brian Backer""  wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I totally believe you all...just I used to Think that Pine
> >  Mountain group knew what they were talking about and their
> >  web site classifies all of the below as bcast.  perhaps
> >  I'll let them know :)
> > thanks
>
>Well, then the Pine Mountain Group are a bunch of incompetent idiots.

I've been running into Pine Mountain Group for many years and slightly
know 
the founder Bill Alderson. They do good work and they do know their
stuff. 
I doubt they actually made this mistake, but if they did, then it's just
a 
mistake of overgeneralizing. Perhaps they only have 2 categories,
broadcast 
and unicast, and don't consider multicasts.

I know I'm normally the one to get all outraged by stupid mistakes, but 
until we can actually see a URL that points to a mistake made by Pine 
Mountain Group, we should reserve judgement. I can't find anything on
their 
Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast
rather 
than a multicast. In fact, I can't find anything on their site at all
that 
doesn't require a login! ;-)

Priscilla


>I don't want to be mean and harsh.  But any company that claims to
provide
>expert network services, especially expert training, really should know
>their protocols.   Or at least have the decency to admit that they
don't
>know.  Stating something that is just flatly wrong is simply
unforgiveable,
>especially when it's so easy to look up.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46933&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread John Neiberger 

>>> "Priscilla Oppenheimer"  6/18/02 3:06:26 PM
>>>
At 04:43 PM 6/18/02, nrf wrote:
>""Brian Backer""  wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I totally believe you all...just I used to Think that Pine
> >  Mountain group knew what they were talking about and their
> >  web site classifies all of the below as bcast.  perhaps
> >  I'll let them know :)
> > thanks
>
>Well, then the Pine Mountain Group are a bunch of incompetent idiots.

>I've been running into Pine Mountain Group for many years and slightly
know 
>the founder Bill Alderson. They do good work and they do know their
stuff. 
>I doubt they actually made this mistake, but if they did, then it's
just a 
>mistake of overgeneralizing. Perhaps they only have 2 categories,
broadcast 
>and unicast, and don't consider multicasts.

Isn't it Cisco that requires the 'broadcast' keyword in many cases to
pass _multicast_ traffic?  ;-)

John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46931&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

authentication and router [7:46932]

2002-06-18 Thread GEORGE 

I just configured my router to authenticate with cisco secure every
works ok, except if I try to
Console I get a password promt, and I stop cisco secure I get a password
promt
Now I tried to enter my enable password and wont work
Am I missing something here
 
 
 
aaa new-model
aaa authentication login default group tacacs+ enable
aaa authentication login local local
aaa authentication login no_tacacs enable
aaa authentication ppp default if-needed group tacacs+
aaa authorization exec default group tacacs+ local
aaa authorization network default group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
 
 
 
line con0 
line authentication no_tacacs




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46932&t=46932
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Priscilla Oppenheimer 

At 04:43 PM 6/18/02, nrf wrote:
>""Brian Backer""  wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I totally believe you all...just I used to Think that Pine
> >  Mountain group knew what they were talking about and their
> >  web site classifies all of the below as bcast.  perhaps
> >  I'll let them know :)
> > thanks
>
>Well, then the Pine Mountain Group are a bunch of incompetent idiots.

I've been running into Pine Mountain Group for many years and slightly know 
the founder Bill Alderson. They do good work and they do know their stuff. 
I doubt they actually made this mistake, but if they did, then it's just a 
mistake of overgeneralizing. Perhaps they only have 2 categories, broadcast 
and unicast, and don't consider multicasts.

I know I'm normally the one to get all outraged by stupid mistakes, but 
until we can actually see a URL that points to a mistake made by Pine 
Mountain Group, we should reserve judgement. I can't find anything on their 
Web site that says that BPDUs, CDP, or HSRP hellos go to a broadcast rather 
than a multicast. In fact, I can't find anything on their site at all that 
doesn't require a login! ;-)

Priscilla


>I don't want to be mean and harsh.  But any company that claims to provide
>expert network services, especially expert training, really should know
>their protocols.   Or at least have the decency to admit that they don't
>know.  Stating something that is just flatly wrong is simply unforgiveable,
>especially when it's so easy to look up.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46930&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread nrf 

""Brian Backer""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I totally believe you all...just I used to Think that Pine
>  Mountain group knew what they were talking about and their
>  web site classifies all of the below as bcast.  perhaps
>  I'll let them know :)
> thanks

Well, then the Pine Mountain Group are a bunch of incompetent idiots.

I don't want to be mean and harsh.  But any company that claims to provide
expert network services, especially expert training, really should know
their protocols.   Or at least have the decency to admit that they don't
know.  Stating something that is just flatly wrong is simply unforgiveable,
especially when it's so easy to look up.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46927&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE-Written [7:46741]

2002-06-18 Thread Clayton Dukes 

Are you asking me? (It helps to quote the original email when you reply)

 I'll assume your talking about the CCIE Written Study guide on my website?

 I certainly think it's a great guide, and I've not had a single complaint.
Also, if you stop and compare it to the other guides that cost anywhere
from $50.00-$700.00US, I'd say you definately get more than your money's
worth.

As for the guarantee, it would be silly for me to guarantee that you'll
pass the CCIE written exam based on reading a book, I don't know how much
you know. I can tell you this: No single book is going to make you pass this
test, if the cert. were that easy, we wouldn't need study guides like this
one (and we'd be called MCSE's, heh).

If you need more information, or for a list of Topics covered in the book,
follow this link:

 http://www.gdd.net/html.php?op=tucciesg/moreinfo.html


 Hope that helps :-)

 Clayton Dukes
CCNA, CCDA, CCDP, CCNP, NCC

> > > - Original Message -
> > > From: " Shaheen Gagan" 
> > > To: 
> > > Sent: Monday, June 17, 2002 9:48 AM
> > > Subject: CCIE-Written [7:46741]
> > >
> > >
> > > > How good is this guide?
> > > > Does it come with a guarantee ?
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46926&t=46741
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Needing flash memory EPROMs for a first generatio [7:46925]

2002-06-18 Thread Mike Flanagan 

Hello all,

 I have 2 megs of flash on a first generation 4000 with a daughter
card. I would like to upgrade flash so I can install a more recent
IOS but am having trouble finding a place that sells this old school
memory. From what I understand to upgrade flash memory on this
router I would have to either add Eproms to the current daughter
board or replace the daughter board. Does anyone have any
recommendations on where I can find memory for this router ?


   Thanks in advance,

  Mike


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46925&t=46925
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

confreg [7:46924]

2002-06-18 Thread Tim Potier 

I understand the bit significance for the 16-bit confreg, but I am confused
about the SEQUENCE of the boot and the issue with netboot.  Assume confreg
0x2102, what is the correct boot sequence?  Where does the flash overide
(0x2-0xF) come into play i.e. does it replace the need to boot from the
network or simply step in line before the attempt to netboot?

Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46924&t=46924
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Test Lab(Under construction can anyone re [7:46921]

2002-06-18 Thread Brad Ellis 

What are the specifics on the routers you listed?  (interfaces and memory?)
when are you taking your lab?

thanks,
-Brad Ellis
CCIE#5796 (R&S / Security)
[EMAIL PROTECTED]
Cisco home labs:  www.optsys.net
""Mark Godfrey""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Opps!!!
>
> "Mark Godfrey"  wrote in message news:...
> >
> > R1-2611
> > R2-2611
> > R3-2611
> > R4-2611
> > R5-4000
> > R6-7507
> >
> > Thanks,
> >
> > MG
> >
> >
>
>
> [demime removed a uuencoded section named jpeg.JPG which was 1478 lines]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46921&t=46921
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Test Lab(Under construction can anyone recommend more [7:46923]

2002-06-18 Thread Mark Godfrey 

[GroupStudy.com removed an attachment of type image/jpeg which had a name of
jpeg.JPG]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46923&t=46923
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Test Lab(Under construction can anyone recommend more [7:46922]

2002-06-18 Thread Mark Godfrey 

""Mark Godfrey""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Opps!!!
>
> "Mark Godfrey"  wrote in message news:...
> >
> > R1-2611
> > R2-2611
> > R3-2611
> > R4-2611
> > R5-4000
> > R6-7507
> >
> > Thanks,
> >
> > MG
> >
> >
>
>
> [demime removed a uuencoded section named jpeg.JPG which was 1478 lines]
[demime removed a uuencoded section named jpeg1.dat which was 1478 lines]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46922&t=46922
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Test Lab(Under construction can anyone recommend more [7:46920]

2002-06-18 Thread Mark Godfrey 

Opps!!!

"Mark Godfrey"  wrote in message news:...
>
> R1-2611
> R2-2611
> R3-2611
> R4-2611
> R5-4000
> R6-7507
>
> Thanks,
>
> MG
>
>


[demime removed a uuencoded section named jpeg.JPG which was 1478 lines]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46920&t=46920
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE Test Lab(Under construction can anyone recommend more or [7:46919]

2002-06-18 Thread Mark Godfrey 

R1-2611
R2-2611
R3-2611
R4-2611
R5-4000
R6-7507

Thanks,

MG


[demime removed a uuencoded section named jpeg.JPG which was 1478 lines]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46919&t=46919
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX SQLNET question [7:46918]

2002-06-18 Thread Brian Zeitz 

I opened a TAC case to ask what the difference was between the SQLNET
command and opening a port for Microsoft SQL. Here is what the reply
was.





The reason there is a SQLNET command is because Oracle traffic is not
NAT compliant and Microsoft SQL 2000 traffic is NAT compliant



Just figured I would share.



Brian




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46918&t=46918
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Howard C. Berkowitz 

>At 08:34 AM 6/18/02, Brian Backer wrote:
>>that was a typo... meant igmp
>
>IGMP isn't relevant either. IGMP doesn't do multicast routing. It's just
>used by an end host to register with a local router to receive an IP
>multicast stream. For multicast routing, you would use PIM, MOSPF, DVMRP.
>
>Plus, IGMP has to do with IP multicast, whereas we were talking about the
>more fundamental concept of sending to a MAC multicast destination address.
>
>Cisco tries to teach IP multicast without teaching people about basic MAC
>layer concepts, causing them to think IP multicast is all there is. It's
sad.
>
>Priscilla

I like using the relationship between IGMP and PIM as a good example 
of C- versus M-plane.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46917&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VPN connection from local lan to wireless lan [7:46916]

2002-06-18 Thread Naomi James 

I have a Cisco vpn 3015.  I am trying to set it up where I can have a secure
connection from my local LAN to my wireless LAN in the same location.  The
VPN connection works as long as I am coming in from off campus.  I can't get
it to work from LAN (local) to LAN (wireless).
Thanks for any help you can provide.
 
 
Naomi James
Computer Services and Information Technology
Savannah State University
912-356-2509

[GroupStudy.com removed an attachment of type image/gif which had a name of
Mabelt.gif]

[GroupStudy.com removed an attachment of type image/gif which had a name of
Mabelb.gif]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46916&t=46916
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: [nsp] DS3 vs. Multiple DSL [7:46915]

2002-06-18 Thread Brian Zeitz 

Save a lot of money and go with 180 modems at 56k!

ADSL is no where near as stable; I don't think they make a device that
does combines then 2 ADSL lines. 

Depends what your doing, this is probably not a good idea. Especially if
you doing VPN, or any other kinds of 2 way communications.

Cisco has just come out with a new DSL router, but the features for ADSL
are still very new. You need a modem for each line, Maybe you could use
a switch with layer 3 capabilities to do routing.

A lot of times when you get ADSL you don't get an real IP, but a
dynamicly assigned IP. Some ISP don't let you use 2 IPs on the same
line. DNS is an issue.

There are too many reasons to mention not to do this. But a good idea
would be to get 1 ADSL line, and test your applications.

I have 2 ADSL lines, and personally I would trade them in for a T1 any
day of the week. ADSL is good for home users, and for maybe like a
development environment. 

If you try to combine ADSL lines on 1 router, I think your going to come
into even more issues. Again, depending on what you're doing at your
site. What type of traffic you have, like is it time sensitive etc.


Brian

-Original Message-
From: Hassan, Shehzad [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, June 18, 2002 12:36 PM
To: Cisconsp (E-mail)
Subject: [nsp] DS3 vs. Multiple DSL

Would appreciate if  anyone help me understand or point to links
(technical/design issues) if someone opts to replace his DS3 with scores
of
ADSL lines (cost is a major factor, router interfaces etc)

Thanks

SH




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46915&t=46915
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Security Specialist?? [7:46910]

2002-06-18 Thread John Golovich 

CCNP - Security has been retired.

They are trying to say that if you were a CCNP -
Specialist, you can upgrade to the CSS1

--- "[EMAIL PROTECTED]"
 wrote:
> I saw this under Cisco's Qualified Specialist
> website...  
> 
>
http://www.cisco.com/warp/public/10/wwtraining/certprog/cqs/security/
> 
> "Security Specialist certifications are valid for
> two years. To recertify,
> take and pass the current version of appropriate
> security exams. (For a
> limited time, candidates holding an active CCNP
> Security Specialization may
> obtain a Cisco Security Specialist 1 certification
> by passing the 9E0-571
> CSPFA and 9E0- 570 CSVPN exams.)"
> 
> What exams are required for the CCNP Security
> Specialization?  I couldn't
> find any info on their site...
> 
> Thanx,
> mikej
> 
> ~~~
> Michael Jablonski
> ABN AMRO Asset Management Holdings, Inc.
> 161 North Clark St.
> 9th Flr
> Chicago, IL  60601-2468
> PH: 312.884.2996 
> FAX: 312.278.5550
> ~~~
> [EMAIL PROTECTED]
> 
> 


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46914&t=46910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Priscilla Oppenheimer 

At 08:37 AM 6/18/02, Tim Potier wrote:

> > Unicast means a specific address. The first bit of the
> > destination MAC
> > address (which is the first bit transmitted) is a zero.
> >
>
>In terms of the definitions, I was reading through the Perlman book and
>noted question of the "necessity to distinguish between multicast and
>broadcast".  I agree that the terms a concretely defined, but whether Cisco
>subscribes to those definitions might be in question

The terms are well defined and Cisco uses them correctly in the documents I 
have seen.

Perlman doesn't argue with the definitions, but she does make the point 
that broadcasts are kind of silly since they go to every station regardless 
of the protocols running on that station. The station takes in the 
broadcast and looks at the EtherType or SAP to see if the frame really 
needs to be accepted. If the sender had used a protocol-specific multicast, 
then this could be avoided. Since there are no protocols in existence that 
really need to go to all stations, broadcasts are theoretically not 
necessary. BPDUs can just go to bridges and switches. CDP can go to just 
Cisco devices. NetBIOS could just go to NetBIOS stations. ARP could go to 
just IP stations, etc.

She also has an interesting discussion on why it's necessary to identify 
multicast addresses. She says that theoretically it's not necessary to 
reserve a bit in the address to differentiate group and individual 
addresses. Ideally, the software would tell the chip all the different 
addresses to listen for. But what would be the max number of these? The 
chips are designed such that they look for a set of multicasts, but they 
may actually receive more than the applications registered for.

But note that she isn't discussing the terminology. She's discussing 
protocol and chip implementations. That's somewhat valuable to this group, 
whereas arguing about fundamental concepts is not. ;-) Some stuff is black 
and white.

Priscilla



>Thanks again... your info certainly cleared this mess up.


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46912&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Security Specialist?? [7:46910]

2002-06-18 Thread nrf 

wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I saw this under Cisco's Qualified Specialist website...
>
> http://www.cisco.com/warp/public/10/wwtraining/certprog/cqs/security/
>
> "Security Specialist certifications are valid for two years. To recertify,
> take and pass the current version of appropriate security exams. (For a
> limited time, candidates holding an active CCNP Security Specialization
may
> obtain a Cisco Security Specialist 1 certification by passing the 9E0-571
> CSPFA and 9E0- 570 CSVPN exams.)"
>
> What exams are required for the CCNP Security Specialization?  I couldn't
> find any info on their site...


You don't really need exams, you need a time machine. Go talk to H.G. Wells,
I'm sure he would let you borrow his.  You would need to go to about the
year 2000 when the CCNP-security cert was still alive.


>
> Thanx,
> mikej
>
> ~~~
> Michael Jablonski
> ABN AMRO Asset Management Holdings, Inc.
> 161 North Clark St.
> 9th Flr
> Chicago, IL  60601-2468
> PH: 312.884.2996
> FAX: 312.278.5550
> ~~~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46913&t=46910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: dlsw+ bet/ an enet rtr & t/r rtr [7:46896]

2002-06-18 Thread [EMAIL PROTECTED] 

The source-bridge transparent command is only needed if 
you are bridging between the token-ring and ethernet on 
the same router.  It is not needed if you are using 
dlsw to peer between, for instance, R1 token and R2 
ether AND R1 ether and R3 ether/token.

The virtual ring is not required on the EN router.  
Some configs had this on CCO but it doesn't do anything.
If there is no token-ring interface on the router, a 
virtual ring is not needed, but the dlsw bridge-group 
is.


Your understanding is correct.
> two questions...thx in advance!
> 
> 1. is the "source-bridge transparent" command required on the token ring
> router when one dlsw peer is ethernet only & the other dlsw peer is token
> ring only (i.e., bet/ r1-e1 & r2-to1)?
> 
> 2. why is the virtual ring (500) required on the ethernet router in the
> config below?
> 
> finally, i understand that in the following config, the "source-bridge
> transparent" command is required bec/ ethernet & token ring is off the same
> router
> 
> !ethernet router:
> 
> source-bridge ring-group 500
> dlsw local-peer peer-id 1.1.1.1
> dlsw remote-peer 0 tcp 2.2.2.2 lf 1500
> dlsw bridge-group 5
> bridge-group 5 protocol ieee
> !
> int e0
> ip address 1.1.1.1 255.255.255.0
> bridge-group 5
> 
> !ethernet/token ring router:
> 
> source-bridge ring-group 500
> source-bridge transparent 500 1000 1 5
> dlsw local-peer peer-id 2.2.2.2
> dlsw remote-peer 0 tcp 1.1.1.1 lf 1500
> dlsw bridge-group 5
> bridge-group 5 protocol ieee
> !
> int e1/2
> ip address 2.2.2.2 255.255.255.0
> bridge-group 5
> !
> int to0
> ring-speed 16
> source-bridge 7 1 500
> source-bridge spanning
> 
> Timur Mirza
> Principal Network Engineer
> Network Planning & Engineering, West Region
> 15505-B Sand Canyon Avenue
> Irvine, California 92618
> Verizon Wireless
> 949.286.6623 (o)
> 949.697.7964 (c)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46909&t=46896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCNP Security Specialist?? [7:46910]

2002-06-18 Thread [EMAIL PROTECTED] 

I saw this under Cisco's Qualified Specialist website...  

http://www.cisco.com/warp/public/10/wwtraining/certprog/cqs/security/

"Security Specialist certifications are valid for two years. To recertify,
take and pass the current version of appropriate security exams. (For a
limited time, candidates holding an active CCNP Security Specialization may
obtain a Cisco Security Specialist 1 certification by passing the 9E0-571
CSPFA and 9E0- 570 CSVPN exams.)"

What exams are required for the CCNP Security Specialization?  I couldn't
find any info on their site...

Thanx,
mikej

~~~
Michael Jablonski
ABN AMRO Asset Management Holdings, Inc.
161 North Clark St.
9th Flr
Chicago, IL  60601-2468
PH: 312.884.2996 
FAX: 312.278.5550
~~~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46910&t=46910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Priscilla Oppenheimer 

At 08:34 AM 6/18/02, Brian Backer wrote:
>that was a typo... meant igmp

IGMP isn't relevant either. IGMP doesn't do multicast routing. It's just 
used by an end host to register with a local router to receive an IP 
multicast stream. For multicast routing, you would use PIM, MOSPF, DVMRP.

Plus, IGMP has to do with IP multicast, whereas we were talking about the 
more fundamental concept of sending to a MAC multicast destination address.

Cisco tries to teach IP multicast without teaching people about basic MAC 
layer concepts, causing them to think IP multicast is all there is. It's sad.

Priscilla



> > I don't think it can be multicast.  If it were, then it
>  would possibly
> > follow IGRP routes and traverse WAN links... no good.
>
>Uh, how's that?
>
> >
> > Gotta be Broadcast :)
> > B
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
>  [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, June 17, 2002 8:39 PM
> > To: [EMAIL PROTECTED]
> > Subject: STP BPDUs [7:46839]
> >
> > This might be a simple answer, but what type of message
>  is a BPDU:
> > Unicast, Multicast or Broadcast.  I have searched all
>  over Cisco's site,
> > and
> > dug through STP RFC..no luck.  I have come up with the
>  following:
> >
> > "The Destination Address field indicates the destination
>  address as
> > specified in the Bridge Group Address table. For IEEE
>  Spanning-Tree
> > Protocol
> > BPDU frames, the address is 0x80014300. For IBM
>  Spanning-Tree
> > Protocol
> > BPDU frames, the address is 0xC100. For Cisco
>  Spanning-Tree
> > Protocol
> > BPDU frames, the address is 0x800778020200."
> >
> > I guess it also depends on the definition of
>  multi/broad/unicast.
> >
> > Thanks for your help.
>  [EMAIL PROTECTED]


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46911&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MAC Address of 0000:0000:0000 [7:46908]

2002-06-18 Thread Ken Diliberto 

I've been seeing messages from our switches complaining about MAC address of
zero.  Any thoughts on a good search criteria for researching this problem? 
Better yet, anyone found such a problem?

Ken




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46908&t=46908
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Password Discovery on ATM Module [7:46905]

2002-06-18 Thread tu do 

Hi everybody,
Thanks in advance. I am looking for the way how to break password on an ATM
module (WS-X5157) working in a Catalyst 5500 switch.

Also, I need to know if there is any difference in the optical cable to
connect between switch-to-switch and switch-to-router.

Thanks again.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46905&t=46905
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE R&S Lab Locations [7:46904]

2002-06-18 Thread Michael Williams 

Yes.  If you go to schedule the lab on the website, you'll see all cities
that offer the lab.  RTP and SJ, CA are the two in North America.

Mike W.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46906&t=46904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE R&S Lab Locations [7:46904]

2002-06-18 Thread nrf 

It's all on the web:

http://www.cisco.com/warp/public/625/ccie/exam_preparation/lab.html#6

If a certain part of Cisco's site says it is only available in San Jose,
then it is wrong.



""Don Pezet""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Quick question for everyone. In which cities is the CCIE Routing and
> Switching Lab exam offered? I have heard various stories from different
> places and the only official city that I can find on cisco.com is San
Jose.
> Is the exam proctored in RTP, North Carolina also?
>
> Thanks
>
> Don Pezet




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46907&t=46904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIE R&S Lab Locations [7:46904]

2002-06-18 Thread Don Pezet 

Quick question for everyone. In which cities is the CCIE Routing and
Switching Lab exam offered? I have heard various stories from different
places and the only official city that I can find on cisco.com is San Jose.
Is the exam proctored in RTP, North Carolina also?
 
Thanks
 
Don Pezet




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46904&t=46904
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco pakage delivery. [7:46903]

2002-06-18 Thread D'souza, Henry (MED, TCS) 

Hi ,

I have a cisco 2621 with IOS 12.0 (3) T3 , I am trying to upgrade the
IOS to IOS 12.0 (4) T using the Cisco works 2000 .
How do I make a package of this IOS and how do I deliver this package to
this router whose IP is 3.20.79.221.


Henry.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46903&t=46903
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX 6.2 & PDM 2.0 & 640-603 [7:46902]

2002-06-18 Thread [EMAIL PROTECTED] 

Just updated one of our PIX with 6.2 and PDM 2.0

Could they make administration any easier?  I'm very surprised and impressed
the improvements.  Setting up additional VPNs was a breeze!

~side note~
Any advice for taking the 640-603 BSCN exam?  I'm scheduled to take it while
at the networkers conf. next week?

Thanx,
mikej.

~~~
Michael Jablonski
ABN AMRO Asset Management Holdings, Inc.
161 North Clark St.
9th Flr
Chicago, IL  60601-2468
PH: 312.884.2996 
FAX: 312.278.5550
~~~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46902&t=46902
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: rommon mode: why? [7:46818]

2002-06-18 Thread Sean Wolfe 

Thanks for your feedback everybody. 8^) -Sean.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46901&t=46818
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Router 3DES VPN to Pix Failover [7:46813]

2002-06-18 Thread Gaz 

In case anybody is interested:
Managed to find the answer eventually. Stateful failover is not supported
for VPN (from TAC), so the SA's must be cleared every time a change of
active Pix occurs.
Had the right idea with th lifetime of the CA's but applying it incorrectly.
Have managed to get the devices to do this automatically by using isakmp
keepalive 120 (crypto isakmp keepalive 120 for routers).
This means there is some extra overheads as the SA's are cleared every 2
minutes, but at least the VPN re-establishes itself.



Gaz



""Gaz""  wrote in message
news:[EMAIL PROTECTED]...
> Hi all,
>
> Anybody got any experience using 3DES to Pix Failover.
>
> I have a 2621 with 3DES using VPN to Pix 515 Failover bundle.
>
> All works fine after initial boot. Fails over to secondary Pix when I kill
> the Primary.
>
> If I try to fail back to Primary, it does not come back up. Does not seem
to
> pick up the SA. Clear SA on the router brings it back up.
> Knocked the liftime down to 60 seconds in the ISAKMP policy, but seems to
> have no effect.
>
> Failover is working fine, it's just the VPN that doesn't come back up.
>
> Pix is 6.2, router is 12.1(5)T12.
>
> Any similar experiences?
>
> More details to follow if there are any bites  :-)
>
>
> Gaz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46900&t=46813
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: can a 8 port pix act as 4 firewall? [7:46873]

2002-06-18 Thread Kevin Banifaz 

Why would each vlan need it's own firewall.  In what scheme are you using 
this?  Why not use access-lists on your vlan router or RSM


>From: "Manchu Warrior" 
>Reply-To: "Manchu Warrior" 
>To: [EMAIL PROTECTED]
>Subject: can a 8 port pix act as 4 firewall? [7:46873]
>Date: Tue, 18 Jun 2002 04:18:49 -0400
>
>a switch have 3 vlan,each vlan need a firewall,than i need 3 firewall,can i
>use pix525 with 6 ports to do this,if yes,then how to do it? thank you!
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46899&t=46873
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: FW: OSPF Demand Circuit issues [7:46864]

2002-06-18 Thread Chris Harshman 

The OSPF demand circuit command only needs to be placed on the router that
is dialing, unless the ISDN is active, r5 is not receiving hellos, or an LSA
refresh every 30 minutes so the dead timer on the LSAs would expire.  This
is overcome with the OSPF demand circuit command.  From the output of your
dedug dialer, OSPF Hellos are what is causing the link to come every 10
seconds, the default for OSPF point-to-point. Just remove the command from
r3's interface.

To examine the Do Not Age, you can do an ip ospf neighbor command and you
will see a '-' as the value in the dead timer.  I don't see your OSPF
config, but the adjacency issue, if you're doing stub areas make sure both
routers are negotiating the same area type.

Hope this helps.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46898&t=46864
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: dlsw+ bet/ an enet rtr & t/r rtr [7:46896]

2002-06-18 Thread Richard Botham 

Timur,
Firstly, the "source-bridge transparent" is only needed when you have a
router with both Token ring and ethernet interfaces

Secondly, the source-bridge ring-group 500 command on the router with no
token ring interfaces will do nothing - You are transparently bridging on
this router!

Thirdly, to accomodate more than two rings on a router you need this virtual
ring. This is a limitation of the chips used in the routers.
Have a look at this link: (Watch the wrap)
I found this really useful - Solie book has some good srb and dlsw stuff too!

http://www.cisco.com/univercd/cc/td/doc/product/software/ssr83/rpc_r/53999.htm


HTH 
Richard




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46897&t=46896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

dlsw+ bet/ an enet rtr & t/r rtr [7:46896]

2002-06-18 Thread Mirza, Timur 

two questions...thx in advance!

1. is the "source-bridge transparent" command required on the token ring
router when one dlsw peer is ethernet only & the other dlsw peer is token
ring only (i.e., bet/ r1-e1 & r2-to1)?

2. why is the virtual ring (500) required on the ethernet router in the
config below?

finally, i understand that in the following config, the "source-bridge
transparent" command is required bec/ ethernet & token ring is off the same
router

!ethernet router:

source-bridge ring-group 500
dlsw local-peer peer-id 1.1.1.1
dlsw remote-peer 0 tcp 2.2.2.2 lf 1500
dlsw bridge-group 5
bridge-group 5 protocol ieee
!
int e0
ip address 1.1.1.1 255.255.255.0
bridge-group 5

!ethernet/token ring router:

source-bridge ring-group 500
source-bridge transparent 500 1000 1 5
dlsw local-peer peer-id 2.2.2.2
dlsw remote-peer 0 tcp 1.1.1.1 lf 1500
dlsw bridge-group 5
bridge-group 5 protocol ieee
!
int e1/2
ip address 2.2.2.2 255.255.255.0
bridge-group 5
!
int to0
ring-speed 16
source-bridge 7 1 500
source-bridge spanning

Timur Mirza
Principal Network Engineer
Network Planning & Engineering, West Region
15505-B Sand Canyon Avenue
Irvine, California 92618
Verizon Wireless
949.286.6623 (o)
949.697.7964 (c)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46896&t=46896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco ACS db corrupt?? [7:46882]

2002-06-18 Thread Shawn Heisey 

Are you by chance using a UNIX browser to do this?  Only browsers on
Microsoft operating systems will properly enter a password into a user. 
There's a DDTS (CSCdu40827), but it's been postponed.

Other than that -- yes, it's possible for the database to be corrupt. 
To rule this out, I would recommend the following steps.  These are run
from a command prompt in the UTILS directory, with all services running:

csutil -q -b recovery.cab
net stop csauth
csutil -q -d -n -l
net start csauth

This will make a full backup, then do a text dump of the user database,
wipe the user database, and reimport the text dump.

Thanks,
Shawn

Patrick Donlon wrote:
> 
> Patrick Donlon wrote:
> 
> > I have a problem with the local database on a 2.6(6) ACS server. All
> > users use an external database  for authentication (NT or RSA) but I
> > want to create a user with a password stored in the ACS server. I can
> > create a new user and assign all the correct attributes without any
> > errors, however when I try to login with the user they are rejected. The
> > logs show the user is rejected due to the CS password : "CS password
> > invalid" .
> > I have tried to create other users and also to change users account
> > setting so that they authenticate using the CS password, with no luck.
> > So I think there is a problem with the passwords stored in the ACS
> > server
> > We have upgraded the server twice in the past 8 months for new features
> > and bug fixes whether this has caused the problem I don't know. Any
> > ideas on how to verify or fix this?

-- 
Shawn Heisey
Cisco Systems USA
Technical Lead for SLC-SECURITY team
Direct: +1 801 736 3939 ext 55153
Toll Free: +1 800 553 2447
Shift: Mon-Fri 8:30a-5:00p Mountain Daylight Time




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46895&t=46882
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP prefix study [7:46726]

2002-06-18 Thread Howard C. Berkowitz 

At 9:29 AM -0400 6/18/02, Neal Rauhauser 402-301-9555 wrote:
>"Howard C. Berkowitz" wrote:
>
>>  At 4:07 PM -0400 6/16/02, Neal Rauhauser 402-301-9555 wrote:
>>  >My only explanation for this is that there was nothing good on TV on a
>>  >lazy Sunday morning ...
>>  >
>>  >   I am about to start doing some truly gruesome things with IBGP due to
>>  >geographical separate peering points and I've got some internal routers
>>  >that are maxed out at 64 meg, so I spent a little time this AM examining
>>  >the source of this silly 114k+ entry global BGP table. My idea was that
>>  >a carrier stuck smack in the middle of the US could probably ignore
>>  >details about RIPE and APIC address space. Those two authorities turn
>>  >out to be responsible for only about 32k of the total so I am casting
>>  >around for other methods to trim the fat but I thought I'd share the
>>  >results thus far.
>>
>>  You'll find a LARGE part of the routing table still comes from the
>>  Swamp [1] or the Toxic Waste Dump [2], rather than any geographical
>  > region.

I grant your earlier point that many major providers are in the 
Swamp.  Nevertheless, you might consider prefix length filters 
blocking longer than /24 (or even 20) _in the Swamp_, and see if 
there are any connectivity problems.  If you are defaulting to an 
upstream, let them worry about getting to the obscure networks.

>  >
>>  Neal, this is a distinctly nontrivial problem, with no ideal
>>  solution.  Your basic choice is accepting "suboptimal routing [3]" or
>>  upgrading your routers.
>>
>>  Several basic questions come up about what you are trying to do:
>>
>>  1.  Is this for an ISP or an enterprise?
>
>Internet provider, doing wireless, playing with private line replacement
>stuff, too.
>
>>
>>  2.  From a bandwidth standpoint, how many peering points could you
>>  lose and still have acceptable performance?
>
>  I've got a single Sprint T1 at one end of the network, an AT&T and
>UUNet T1 at the
>other end. The Sprint side will grow quickly to more capacity, the AT&T and
>UUNet stuff
>is a colo company, not mine to rule, so they're fussy about how much output
>we
>generate, but don't care much about our input side.


Well, if Sprint is your major provider, one way to reduce routes is 
to make Sprint your primary ISP with most-preferred default.  Take 
partial routes from AT&T and UUnet, give better preference to 
direct-connected or adjacent AS they advertise, and use them as 
secondary defaults.

The colo needs would need more analysis.

>
>>
>>  3.  To how many different AS do you connect, and do they have
>>  approximately
>>  equal connectivity?
>
> Sprint, AT&T, UUNet, probably going to add one more at the end where
the
>Sprint
>circuit is, but I suspect it'll be UUNet there, too.


If availability is the goal, I tend to prefer to have at least two 
geographically dispersed peerings with the same well-connected ISP, 
and get some contractual commitments about route diversity.  The 
latter may cost, but it is a protection against major physical 
failures.

There still is a benefit to connecting to more than one upstream, 
however, as it tends to protect you against failures in the routing 
system.  No one size fits all.

>
>>
>>  4.  What is your IGP?
>
>Today its OSPF and that is the one I know best. There is some cause to
>consider
>replacing OSPF area 0 with EIGRP due to different cost links and varying
>'cleanliness'
>in the wireless layer, but we'll see how that goes - I have enough to do
>without
>worrying about redistribution right now.

Without more specifics, my sense is that converting to EIGRP would 
not be a good idea.  When you talk about different cost links, that 
makes me wonder if area 0.0.0.0 is too complex. Area 0.0.0.0 should 
be, at most, linking your POPs, hosting, and management sites, and 
its behavior is much more predictable with a narrow (or single) range 
of link speeds. Even if you have a complex hosting/management center, 
I'll usually put that in its own nonzero area.

Another alternative is having multiple OSPF domains linked by a BGP 
backbone.  If you have a lot of policy requirements, these domains 
might be confederations.  Otherwise, they are probably clusters.  Do 
be careful to avoid the persistent route oscillation problem, 
especially if you go to multiple levels of reflector, by ensuring 
that intra-cluster metrics are ALWAYS preferred to inter-cluster, 
much as OSPF intra-area routes are ALWAYS preferred to inter-area.

The availability of Type 1 and Type 2 externals also can be very 
helpful in managing defaults and load sharing without the needs for 
full routes.

If you were trying to simplify, I suspect you could get cleaner 
simplification with ISIS than EIGRP. It may not be necessary to 
change.

Another thing worth looking at is running BGP primarily at the edge 
and using MPLS in the middle -- sort of RFC 2547-like but public, not 
VPN. That will positio

RE: Router 3DES VPN to Pix Failover [7:46813]

2002-06-18 Thread Whitis, Drew (SIGNAL) 

Are you doing LAN based failover or using the proprietary heartbeat cable?
There are many undocumented bugs with 6.2 code when using LAN based
failover.  If noone else on the forum can recommend a configuration change,
I would go back to 6.1(3).

Drew

-Original Message-
From: Gaz [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 17, 2002 12:00 PM
To: [EMAIL PROTECTED]
Subject: Router 3DES VPN to Pix Failover [7:46813]


Hi all,

Anybody got any experience using 3DES to Pix Failover.

I have a 2621 with 3DES using VPN to Pix 515 Failover bundle.

All works fine after initial boot. Fails over to secondary Pix when I kill
the Primary.

If I try to fail back to Primary, it does not come back up. Does not seem to
pick up the SA. Clear SA on the router brings it back up.
Knocked the liftime down to 60 seconds in the ISAKMP policy, but seems to
have no effect.

Failover is working fine, it's just the VPN that doesn't come back up.

Pix is 6.2, router is 12.1(5)T12.

Any similar experiences?

More details to follow if there are any bites  :-)


Gaz




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46893&t=46813
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What's DCSP? [7:46851]

2002-06-18 Thread Nick Lesewski 

Thanks guys... You rock...

NIC


>From: "Steven A. Ridder" 
>Reply-To: "Steven A. Ridder" 
>To: [EMAIL PROTECTED]
>Subject: Re: What's DCSP? [7:46851]
>Date: Tue, 18 Jun 2002 06:58:31 -0400
>
>DiffServ is the new IP Precedence of an IP packet.  It uses 6 of the ToS
>bits instead of the 3 for more granular control and more classes in which 
>to
>classify a packet.
>
>--
>
>RFC 1149 Compliant.
>
>
>
>""Nick Lesewski""  wrote in message
>news:[EMAIL PROTECTED]...
> > What the flying heck is DCSP?  Its on the new CCIE Written blueprint, 
>but
>I
> > dont even see where the acronym is defined on the CCO.  Anybody have a
> > place to start figuring this one out?  A google search came up with
>"digital
> > correction signal processor", but not much more then that (if that's 
>even
> > the same thing).
> >
> > Thanks...
> >
> > NIC
> >
> > _
> > Join the worlds largest e-mail service with MSN Hotmail.
> > http://www.hotmail.com
_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46892&t=46851
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cut though proxy on Pix & a Really OT question [7:46887]

2002-06-18 Thread Gibson, Darrin 

No, the PIX does not allow you to save your password. Are you using AAA for
authentication at the PIX? If so, you can have your users enter the AAA
username and password and the username and password for the web server all
in the first authentication box. This will prevent the double login boxs.
AAA will authenticate them and then the PIX will pass the othe information
to the web server. Example below.
aaa_username@Web_username
aaa_password@Web_password

Darrin Gibson
Gibson, Darrin CW2
Network Manager
AL-DCSIM-NOC
CCNP, CSS1, MCSE, MCP+I
(334)213-7551
[EMAIL PROTECTED]




-Original Message-
From: Brian Zeitz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 18, 2002 7:45 AM
To: [EMAIL PROTECTED]
Subject: Cut though proxy on Pix & a Really OT question [7:46887]


Does anyone know if the Cut-though proxy feature on a Pix allows you to
save your username and password. Like in a cookie? I would like to use
this feature for my web servers on the DMZ, they already use a logon and
password. Also, I am not sure how cut-though proxy would work on a
load-balancer configuration.



The really OT question:



Does in the group know if you Chinese windows (any version) has an
option of displaying Pin Yin? I am trying to get up to speed on
Mandarin, and this would help if I could find something to do this.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46890&t=46887
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Odd Emails [7:46804]

2002-06-18 Thread Paul Borghese 

Would someone please send me the complete header.  I will block the abuse
from the server.  Also, now is a good time to talk about this.  How do we
stop people from grabbing our e-mail addresses?

 I have a few things in place to prevent the scanning of the site - but I
would like to do more.  I do have  "traps" placed throughout the site that a
normal user will not fall into but an automated spam sniffing program will.
Currently the trap places the software in an endless loop displaying bad
email addresses.   We should adjust this so after two or three itterations,
the IP address is blocked.  The program is written in Perl - anyone want to
take a shot?

Second we should password protect the newsfeed.  Currently we have a
database of Username/Passwords in a MySQL database on the server.  Let's get
the news server to read the MySQL database.  Anyone volunteers?

Finally while the archives do automatically hide the senders e-mail address,
it does not strip all e-mail addresses in the archives.  So a reply still
contains the valid senders e-mail address.  We need to modify the archives
so all e-mail addresses are blocked.  In fact, this is a part of a bigger
problem where we need to strip out the guts of the search engine because
frankly it can not handle archives of our size.  Anyone want to take on that
task :-).

Any other suggestions for preventing spam?

Also, one final point.  If you post through the e-mail system, you must use
a valid e-mail address.  This is how we filter spam.  But you do not need to
post using a valid e-mail address if you are using the web forum.  There are
two e-mail addresses saved to the server, a public address (which is sent to
the list) and a private address (password recovery, etc).  SImply post from
the website if you do not want to use a valid e-mail address.

Take care,

Paul Borghese


- Original Message -
From: "Leigh Anne Chisholm" 
To: 
Sent: Monday, June 17, 2002 2:14 PM
Subject: RE: Odd Emails [7:46804]


> I did as well.  They're from the same person in fact.  Check the SMTP
> headers...
>
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Rahmlow, Howard F.
> > Sent: Monday, June 17, 2002 11:37 AM
> > To: '[EMAIL PROTECTED]'
> > Subject: Odd Emails
> >
> >
> > Anyone else on the list getting weird e-mail's like the ones below. I
got
> > these 2 today. They were both sent to me not to the list.
> >
> > Howard
> >
> >
> >
> >
> > Saiyan [[EMAIL PROTECTED]]
> > Can you give an idea how you pass CCIE lab? Such as books, tools and
which
> > lab
> > are you getting?
> > (I saw your email in groupstudy)
> >
> > Somchai [[EMAIL PROTECTED]]
> > Hi,
> >
> > I want to upgrade my cisco routers. But don't have new release of the
IOS.
> > Can
> > I just get your cco's logon for a while? I'm use it for my ccie exam.
> >
> > Thanks you,
> > _
> > Commercial lab list: http://www.groupstudy.com/list/commercial.html
> > Please discuss commercial lab solutions on this list.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46889&t=46804
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP prefix study [7:46726]

2002-06-18 Thread Neal Rauhauser 402-301-9555 

"Howard C. Berkowitz" wrote:

> At 4:07 PM -0400 6/16/02, Neal Rauhauser 402-301-9555 wrote:
> >My only explanation for this is that there was nothing good on TV on a
> >lazy Sunday morning ...
> >
> >   I am about to start doing some truly gruesome things with IBGP due to
> >geographical separate peering points and I've got some internal routers
> >that are maxed out at 64 meg, so I spent a little time this AM examining
> >the source of this silly 114k+ entry global BGP table. My idea was that
> >a carrier stuck smack in the middle of the US could probably ignore
> >details about RIPE and APIC address space. Those two authorities turn
> >out to be responsible for only about 32k of the total so I am casting
> >around for other methods to trim the fat but I thought I'd share the
> >results thus far.
>
> You'll find a LARGE part of the routing table still comes from the
> Swamp [1] or the Toxic Waste Dump [2], rather than any geographical
> region.
>
> Neal, this is a distinctly nontrivial problem, with no ideal
> solution.  Your basic choice is accepting "suboptimal routing [3]" or
> upgrading your routers.
>
> Several basic questions come up about what you are trying to do:
>
> 1.  Is this for an ISP or an enterprise?

   Internet provider, doing wireless, playing with private line replacement
stuff, too.

>
> 2.  From a bandwidth standpoint, how many peering points could you
> lose and still have acceptable performance?

 I've got a single Sprint T1 at one end of the network, an AT&T and
UUNet T1 at the
other end. The Sprint side will grow quickly to more capacity, the AT&T and
UUNet stuff
is a colo company, not mine to rule, so they're fussy about how much output
we
generate, but don't care much about our input side.

>
> 3.  To how many different AS do you connect, and do they have
> approximately
> equal connectivity?

Sprint, AT&T, UUNet, probably going to add one more at the end where the
Sprint
circuit is, but I suspect it'll be UUNet there, too.

>
> 4.  What is your IGP?

   Today its OSPF and that is the one I know best. There is some cause to
consider
replacing OSPF area 0 with EIGRP due to different cost links and varying
'cleanliness'
in the wireless layer, but we'll see how that goes - I have enough to do
without
worrying about redistribution right now.

>
> 5.  How much effort, including programming, are you willing to do to
> optimize tables?

   Lots and lots ... keeps me off the street and contributes to passing my
CCIP BSCI
exam I think ...

>
> 6.  Do you have a decent familiarity with RPSL, routing registry, and
> some
> of the freeware tools such as CIDRadvisor and RtConfig?
>

  I've made a few basic entries in the RADB, I've played with cflowd,
and I've not
done much with the automation tools in this area. I'll prefer to hand tune
at first,
until I really understand what I am facing.


>
> Howard
>
> [1] The Swamp is the term used in addressing working groups to refer
> to 192.0.0.0/8, the original Class C space.
>
> [2] The Toxic Waste Dump, which probably is somewhere in Northern New
> Jersey, is that part of the Swamp containing /24 or longer prefixes.
>
> [3] People often worry about suboptimal routing, but the gains of one
> "perfect"
> path may be marginal when compared with the complexity of
> differentiating it from a "decent" route.
>
> --
> "What Problem are you trying to solve?"
> ***send Cisco questions to the list, so all can benefit -- not
> directly to me***
>

> Howard C. Berkowitz  [EMAIL PROTECTED]
> Chief Technology Officer, GettLab/Gett Communications
http://www.gettlabs.com
> Technical Director, CertificationZone.com http://www.certificationzone.com
> "retired" Certified Cisco Systems Instructor (CID) #93005




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46888&t=46726
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cut though proxy on Pix & a Really OT question [7:46887]

2002-06-18 Thread Brian Zeitz 

Does anyone know if the Cut-though proxy feature on a Pix allows you to
save your username and password. Like in a cookie? I would like to use
this feature for my web servers on the DMZ, they already use a logon and
password. Also, I am not sure how cut-though proxy would work on a
load-balancer configuration.



The really OT question:



Does in the group know if you Chinese windows (any version) has an
option of displaying Pin Yin? I am trying to get up to speed on
Mandarin, and this would help if I could find something to do this.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46887&t=46887
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Tim Potier 

Priscilla Oppenheimer wrote:
> 
> >  I have come up with the following:
> >
> >"The Destination Address field indicates the destination
> address as
> >specified in the Bridge Group Address table. For IEEE
> Spanning-Tree Protocol
> >BPDU frames, the address is 0x80014300.
> 
> That is bit-reversed. You must have found a document that
> covers Token Ring.

Indeed, this is a token ring refernce I quote


> 
> >I guess it also depends on the definition of
> multi/broad/unicast.
> 
> It better not depend on that. There shouldn't be any argument
> on those
> definitions. ;-)
> 
> Multicast means a group address. The first bit of the
> destination MAC
> address (which is the first bit transmitted) is a one so that
> every device
> knows to look at the address. A NIC driver software supports an
> application
> telling the NIC which particular multicasts to take in.
> 
> Broadcast means every device in the broadcast domain. The first
> bit and all
> bits in the MAC destination address are ones. Every NIC in the
> broadcast
> domain takes in the frame and interrupts the host CPU to see if
> the rest of
> the frame is interesting.
> 
> Unicast means a specific address. The first bit of the
> destination MAC
> address (which is the first bit transmitted) is a zero.
> 

In terms of the definitions, I was reading through the Perlman book and
noted question of the "necessity to distinguish between multicast and
broadcast".  I agree that the terms a concretely defined, but whether Cisco
subscribes to those definitions might be in question


Thanks again... your info certainly cleared this mess up.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46842&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE-Written [7:46741]

2002-06-18 Thread Clayton Dukes 

Yes, it's in there :-)


Clayton Dukes
CCNA, CCDA, CCDP, CCNP, NCC

- Original Message -
From: "Syed B" 
To: 
Sent: Monday, June 17, 2002 10:02 AM
Subject: RE: CCIE-Written [7:46741]


> What abt Appletalk stuff?
From: "Clayton Dukes" 
To: 
Sent: Sunday, June 16, 2002 11:54 PM
Subject: Re: CCIE written [7:46741]


> Try here:
> http://www.gdd.net
>
> There's a good study guide/cram book for 15 bux on the site.
>
> Disclaimer: It's my website :-)
>
> Clayton Dukes
> CCNA, CCDA, CCDP, CCNP, NCC
>
> - Original Message -
> >From: "Syed B"
> To:
> Sent: Sunday, June 16, 2002 10:26 PM
> Subject: CCIE written [7:46741]
>
>
> > Going for CCIE written in a week time what topics to concentrate on for
> the
> > exam??




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46821&t=46741
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Brian Backer 

I totally believe you all...just I used to Think that Pine
 Mountain group knew what they were talking about and their
 web site classifies all of the below as bcast.  perhaps
 I'll let them know :)
thanks


""Brian Backer""  wrote in message
news:[EMAIL PROTECTED]...
> Priscilla,
>
> Weird... all the documentation I have seen says that a
 BPDU is a
> broadcast just like CDP and HSRP...

My friend, I believe you are mistaken.

"CDP sends packets on LANs using the multicast address
 0100.0CCC."
http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/cisnm.htm#xtocid18
4495
"Each device configured for CDP sends periodic messages,
 known as
advertisements, to a multicast address."
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_
c/fcprt3/fcd301c.htm

"HSRP works by the exchange of multicast messages..."
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs009.htm#xtocid122331

"Routers that are participating in an HSRP group
 communicate to each other
via a multicast User Datagram Protocol (UDP)-based hello
 packet"

http://www.cisco.com/warp/public/cc/so/cuso/epso/entdes/hsrp_wp.htm

"The Destination MAC address uses the well-known STP
 multicast address of
01-80-C2-00-00-00"
- Cisco LAN Switching, Clark and Hamilton, page 184.





> b
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]] On Behalf Of
> Priscilla Oppenheimer
> Sent: Monday, June 17, 2002 9:33 PM
> To: [EMAIL PROTECTED]
> Subject: Re: STP BPDUs [7:46839]
>
> BPDUs are sent to a multicast address that means "all
 bridges." In
> Ethernet, they are sent to 01:80:C2:00:00:00. For the
 destination
> address
> on Token Ring, reverse the bits, one byte at a time to
 get
> 80:01:43:00:00:00.
>
> At 08:39 PM 6/17/02, Tim Potier wrote:
> >This might be a simple answer, but what type of message
 is a BPDU:
> >Unicast, Multicast or Broadcast.  I have searched all
 over Cisco's
> site, and
> >dug through STP RFC..no luck.
>
> It's not an RFC. It's IEEE 802.1D. See here:
>
> http://standards.ieee.org/getieee802/
>
> >  I have come up with the following:
> >
> >"The Destination Address field indicates the destination
 address as
> >specified in the Bridge Group Address table. For IEEE
 Spanning-Tree
> Protocol
> >BPDU frames, the address is 0x80014300.
>
> That is bit-reversed. You must have found a document that
 covers Token
> Ring.
>
> >  For IBM Spanning-Tree Protocol
> >BPDU frames, the address is 0xC100.
>
> IBM had their own version of STP. DEC also had a variety
 of STP. They
> sent
> to the broadcast address (FF:FF:FF:FF:FF:FF).
>
> >For Cisco Spanning-Tree Protocol
> >BPDU frames, the address is 0x800778020200."
>
> Cisco spanning tree? What is that?? Something to do with
 the Per VLAN
> Spanning Tree (PVST) on Token Ring?? (Once again, that
 looks like a
> Token
> Ring multicast address.) On Ethernet, PVST uses the
 standard destination
> I
> think, unless you use PVST+ which tunnels PVST BPDUs
 through an 802.1Q
> Mono
> Spanning Tree implementatoin, thus allowing each VLAN to
 maintain its
> own
> spanning tree. Cisco uses the multicast address
 01:00:0C:CC:CC:CD for
> PVST+
> on Ethernet. Bit reverse that and you don't get
 0x800778020200, however,
> so
> I don't know what that adddress is for.
>
> >I guess it also depends on the definition of
 multi/broad/unicast.
>
> It better not depend on that. There shouldn't be any
 argument on those
> definitions. ;-)
>
> Multicast means a group address. The first bit of the
 destination MAC
> address (which is the first bit transmitted) is a one so
 that every
> device
> knows to look at the address. A NIC driver software
 supports an
> application
> telling the NIC which particular multicasts to take in.
>
> Broadcast means every device in the broadcast domain. The
 first bit and
> all
> bits in the MAC destination address are ones. Every NIC
 in the broadcast
>
> domain takes in the frame and interrupts the host CPU to
 see if the rest
> of
> the frame is interesting.
>
> Unicast means a specific address. The first bit of the
 destination MAC
> address (which is the first bit transmitted) is a zero.
>
> HTH
>
> Priscilla
>
>
> >Thanks for your help.
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46886&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Lab Reading [7:45486]

2002-06-18 Thread Sasa Milic 

I've ordered only CD with documentation, just to check how
it (ordering) works. Got it, with bill for $12. Actually,
it is billed to cisco partner through which we bought all
equipment, but that doesn't mean that we won't have to pay
for it ...

Sasa

"Roberts, Larry" wrote:
> 
> www.cisco.com/upgrade
> 
> Click on Product upgrade, then launch product upgrade.
> Enter your Agreement number...
> I get a message that I have no hardware upgradeable ( or something to that
> affect ) and then an option to select documentation.
> It was so right in front of my face that I missed it...
> 
> Thanks
> 
> Larry
> 
> -Original Message-
> From: Kunal Bhatia [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, June 01, 2002 12:18 PM
> To: Roberts, Larry; [EMAIL PROTECTED]
> Subject: RE: CCIE Lab Reading [7:45486]
> 
> Can you provide some rough idea about where you found this on CCO ?
> 
> -Original Message-
> From: Roberts, Larry [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, June 01, 2002 10:24 PM
> To: [EMAIL PROTECTED]
> Subject: RE: CCIE Lab Reading [7:45486]
> 
> I bet Cisco is scratching their heads trying to find out why the sudden
> demand on IOS manuals... After 45 minutes of searching the Site I found
> where to order. I don't know that I would ever find it again So I started
> ordering things left and right I bet I have 25+ books coming... I
> finally have new books to read!
> 
> Thanks
> 
> Larry
> 
> -Original Message-
> From: Eric Rogers [mailto:[EMAIL PROTECTED]]
> Sent: Friday, May 31, 2002 8:00 PM
> To: [EMAIL PROTECTED]
> Subject: Re: CCIE Lab Reading [7:45486]
> 
> Just ordered the complete copy of manuals for 12.2 IOS Documentation Set
> :-)
> 
> THANKS for that info...I knew there was a reason for being on groupstudy...
> 
> -Eric
> 
> - Original Message -
> From: "Brad Ellis"
> To:
> Sent: Friday, May 31, 2002 10:38 AM
> Subject: Re: CCIE Lab Reading [7:45486]
> 
> > John,
> >
> > I believe if you have a smartnet contract, you can get the IOS manuals
> free
> > from Cisco (at least you could a couple years ago).
> >
> > thanks,
> > -Brad Ellis
> > CCIE#5796 (R&S / Security)
> > Network Learning Inc
> > [EMAIL PROTECTED]
> > www.optsys.net (Cisco hardware)
> >
> > ""[EMAIL PROTECTED] (John Nemeth)""  wrote in
> > message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > On Oct 20,  7:01pm, "Chuck" wrote:
> > > }
> > > } Someone who passed the lab recently advised me ( as have other
> > > folks
> who
> > > } have posted their success here and elsewhere ) that it remains
> CRITICAL
> > > that
> > > } you spend as much time as possible reading the command references
> > > as
> > found
> > > } on CCO. Print as much out as you can. Study them. Knowing the
> > > knobs, knowing } where to find things is very helpful.
> > >
> > >  eBay seller [EMAIL PROTECTED] often has complete sets of
> > > printed 12.2 manuals.  The price seems to range from $100 to $200
> > > (of course, shipping is a killer).  I bought a set and they are
> > > quite nice to use for reference; although, they do take up four feet
> 
> > > of shelf space (I need more book shelves).  They are organised just
> > > like the doc CD, and you quickly learn what is where, since you
> > > can't just type a command name into a search box (I suppose you
> > > could cheat and look it up in the master index, but I haven't
> > > cracked that one open yet).
> > >
> > > }-- End of excerpt from "Chuck"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46808&t=45486
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

2002-06-18 Thread Brian Backer 

that was a typo... meant igmp


> I don't think it can be multicast.  If it were, then it
 would possibly
> follow IGRP routes and traverse WAN links... no good.

Uh, how's that?

>
> Gotta be Broadcast :)
> B
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]
> Sent: Monday, June 17, 2002 8:39 PM
> To: [EMAIL PROTECTED]
> Subject: STP BPDUs [7:46839]
>
> This might be a simple answer, but what type of message
 is a BPDU:
> Unicast, Multicast or Broadcast.  I have searched all
 over Cisco's site,
> and
> dug through STP RFC..no luck.  I have come up with the
 following:
>
> "The Destination Address field indicates the destination
 address as
> specified in the Bridge Group Address table. For IEEE
 Spanning-Tree
> Protocol
> BPDU frames, the address is 0x80014300. For IBM
 Spanning-Tree
> Protocol
> BPDU frames, the address is 0xC100. For Cisco
 Spanning-Tree
> Protocol
> BPDU frames, the address is 0x800778020200."
>
> I guess it also depends on the definition of
 multi/broad/unicast.
>
> Thanks for your help.
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46885&t=46839
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco ACS db corrupt?? [7:46882]

2002-06-18 Thread Patrick Donlon 

Patrick Donlon wrote:

> I have a problem with the local database on a 2.6(6) ACS server. All
> users use an external database  for authentication (NT or RSA) but I
> want to create a user with a password stored in the ACS server. I can
> create a new user and assign all the correct attributes without any
> errors, however when I try to login with the user they are rejected. The
> logs show the user is rejected due to the CS password : "CS password
> invalid" .
> I have tried to create other users and also to change users account
> setting so that they authenticate using the CS password, with no luck.
> So I think there is a problem with the passwords stored in the ACS
> server
> We have upgraded the server twice in the past 8 months for new features
> and bug fixes whether this has caused the problem I don't know. Any
> ideas on how to verify or fix this?
>
> Cheers
>
> Pat
Here's the correct version info

CiscoSecure ACS v2.6 for Windows 2000/NT
Release 2.6(4) Build 4




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46883&t=46882
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco ACS db corrupt?? [7:46882]

2002-06-18 Thread Patrick Donlon 

I have a problem with the local database on a 2.6(6) ACS server. All
users use an external database  for authentication (NT or RSA) but I
want to create a user with a password stored in the ACS server. I can
create a new user and assign all the correct attributes without any
errors, however when I try to login with the user they are rejected. The
logs show the user is rejected due to the CS password : "CS password
invalid" .
I have tried to create other users and also to change users account
setting so that they authenticate using the CS password, with no luck.
So I think there is a problem with the passwords stored in the ACS
server
We have upgraded the server twice in the past 8 months for new features
and bug fixes whether this has caused the problem I don't know. Any
ideas on how to verify or fix this?

Cheers

Pat




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46882&t=46882
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How many H.323 clients can 3640 as gatekeeper handle? [7:46881]

2002-06-18 Thread Steven A. Ridder 

According to the link below, 10,000 is max number of local registrations.




http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fvvf
ax_c/vvf323gk.htm

--

RFC 1149 Compliant.



""TP""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Dear group,
> do you have an answer for the question mentioned in obj?
>
> Thanks in advance!
>
> Teresa




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46881&t=46881
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 3550 features [7:46861]

2002-06-18 Thread Steven A. Ridder 

Probably Queueing, policing and maybe routing.

--

RFC 1149 Compliant.



""Kevin Banifaz""  wrote in message
news:[EMAIL PROTECTED]...
> Does anyone know what additional Cat 3550 features are gonna be tested
after
> Nov. 4th?
>
> _
> Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46878&t=46861
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What's DCSP? [7:46851]

2002-06-18 Thread Steven A. Ridder 

DiffServ is the new IP Precedence of an IP packet.  It uses 6 of the ToS
bits instead of the 3 for more granular control and more classes in which to
classify a packet.

--

RFC 1149 Compliant.



""Nick Lesewski""  wrote in message
news:[EMAIL PROTECTED]...
> What the flying heck is DCSP?  Its on the new CCIE Written blueprint, but
I
> dont even see where the acronym is defined on the CCO.  Anybody have a
> place to start figuring this one out?  A google search came up with
"digital
> correction signal processor", but not much more then that (if that's even
> the same thing).
>
> Thanks...
>
> NIC
>
> _
> Join the worlds largest e-mail service with MSN Hotmail.
> http://www.hotmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46879&t=46851
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: throttles and input drops [7:46406]

2002-06-18 Thread richard bosire 

If you didn't get a solution , there is an issue with  i82543, I got 
this from some gentleman @cisco.com



" CSCdv33209 lots of throttles on the FE interface of C7200-I/O-2FE/E

is DUPed to

CSCdu09746 Add support for dynamic particle pools to i82543 GE/FE/E driver

which is resolved in 12.0(18.3)S.  12.0(21)S3 looks like the latest.

The fix is to make the interface pool management dynamic; it was static. "


cheers

./bosire





cj jung wrote:

>Check to see if you are doing process switching on this router.
>or
>Check the buffers on your router,
>This error comes out normally when you are doing process switching for debug
>and buffer is full.
>
>jin jung
>CCNP, CCDP,,
>
>- Original Message -
>From: "rmart." 
>To: 
>Sent: Wednesday, June 12, 2002 10:36 PM
>Subject: throttles and input drops [7:46406]
>
>
>  
>
>>Hi,
>>
>>My router, cisco 7000 series having problem with a number of throttles and
>>input drops on one of the FastEth interface.
>>cpu utilization seems ok (below 5%).
>>
>>below is the output of sh int :
>>
>>FastEthernet0/1 is up, line protocol is up
>>  Hardware is i82543 (Livengood), address is 0004.9b6e.c406 (bia
>>0004.9b6e.c406)
>>  Description: used by sub-interfaces
>>  Internet address is 212.194.2.3/23
>>  MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, rely 255/255, load 5/255
>>  Encapsulation ARPA, loopback not set
>>  Keepalive set (10 sec)
>>  Full-duplex, 100Mb/s, 100BaseTX/FX
>>  ARP type: ARPA, ARP Timeout 04:00:00
>>  Last input 00:00:00, output 00:00:00, output hang never
>>  Last clearing of "show interface" counters 23:03:59
>>  Queueing strategy: fifo
>>  Output queue 0/40, 0 drops; input queue 0/75, 869280 drops
>>  30 second input rate 3313000 bits/sec, 738 packets/sec
>>  30 second output rate 226 bits/sec, 744 packets/sec
>> 42338355 packets input, 3700449939 bytes
>> Received 0 broadcasts, 0 runts, 0 giants, 1307541 throttles
>> 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
>> 0 watchdog, 0 multicast
>> 0 input packets with dribble condition detected
>> 43216540 packets output, 1919733782 bytes, 0 underruns
>> 0 output errors, 0 collisions, 0 interface resets
>> 0 babbles, 0 late collision, 0 deferred
>> 0 lost carrier, 0 no carrier
>> 0 output buffer failures, 0 output buffers swapped out
>>
>>any ideas?
>>Thanks.
>>
>>Rey




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46880&t=46406
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Interesting traffic problem ..... [7:46761]

2002-06-18 Thread Paul 

Hiya Jenny 

When I try to ping, tracert, ftp or telnet to the remote router from the
main office.. I just get 'Request time out' etc. However, when I try this
from the remote router to the main office ... I get connectivity !!!

I am using debug isdn q931  when I try to connect from the main
office to the remote router the debug does not show anything . and when
I try to connect from the remote router to the main office I get what
appears to be good debug  then after several minutes the BRI interface
brings itself down again ...

I really have no idea what to do next  :)   Any help would be greatly
appreciated ...

Thanks again ...

Regards ..

Paul ...
- Original Message -
From: 
To: 
Sent: Monday, June 17, 2002 11:46 PM
Subject: Re: Interesting traffic problem . [7:46761]


> Einstooge makes some good points.
> Also, when you say you can't initiate a connection from the main office to
> the remote site, what do you really mean?
> 1) Does the main office never try to connect?
> 2) Does the main office try to connect but fail?
> 3) Does the connection happen but drop out?
>
> Debug dialer could give some useful information, especially if it really
> is an interesting traffic problem (in which case I would expect the
> symptom to be the first above, or possibly the third).
>
> JMcL
>
> - Forwarded by Jenny Mcleod/NSO/CSDA on 18/06/2002 08:41 am -
>
>
> "Paul"
> Sent by: [EMAIL PROTECTED]
> 17/06/2002 08:38 pm
> Please respond to "Paul"
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject:Re: Interesting traffic problem . [7:46761]
> Is this part of a business decision process?:
>
>
> Sorry .. when I said European ISDN I meant Basic Net 3 
> - Original Message -
> From: "Paul"
> To:
> Sent: Monday, June 17, 2002 9:54 AM
> Subject: Interesting traffic problem . [7:46761]
>
>
> > Hi ...  I'm quite new to ISDN  I have configured a 1603 for a remote
> > site.
> > However, I cannot initiate a connection from the main office to the
> remote
> > site !! the connection has to be initiated at the remote site !!! The
> remote
> > site uses European ISDN, there are no SPID's involved as it is point to
> point
> > ... I think this might be something to do with interesting traffic ?
> >
> > Can anyone plase offer any advice 
> >
> > Regards ..
> >
> > Paul ..
> Important:  This e-mail is intended for the use of the addressee and may
> contain information that is confidential, commercially valuable or subject
> to legal or parliamentary privilege.  If you are not the intended
recipient
> you are notified that any review, re-transmission, disclosure, use or
> dissemination of this communication is strictly prohibited by several
> Commonwealth Acts of Parliament.  If you have received this communication
in
> error please notify the sender immediately and delete all copies of this
> transmission together with any attachments.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46876&t=46761
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

How many H.323 clients can 3640 as gatekeeper handle? [7:46877]

2002-06-18 Thread TP 

Dear group,
do you have an answer for the question mentioned in obj?

Thanks in advance!

Teresa




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46877&t=46877
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Any Europeans here? [7:46816]

2002-06-18 Thread Andy 

I've read one report that KPNQwest is so big there aren't many others
could pick it up and those that are big enough have their own problems
right now and so won't be in a position to anyway.

I'm in UK and our provider has said there will be problems but not for us
in the UK, however "some mainland european 'sites' will disappear".

""nrf""  wrote in message
news:[EMAIL PROTECTED]...
> Well, I think so too.  But that's no guarantee that customers won't be
left
> hanging.  For example, AT&T bought Northpoint's infrastructure, but didn't
> buy their customers, so as I'm sure you're aware, lots of customers were
cut
> off abruptly.
>
> And besides, there's no guarantee they'll be bought.  Look at Excite@Home.
> They didn't get bought and the whole network was liquidated, resulting in
> widespread service outages.
>
>
>
>
> ""Steven A. Ridder""  wrote in message
> news:[EMAIL PROTECTED]...
> > I think someone will buy them.
> >
> > --
> >
> > RFC 1149 Compliant.
> >
> >
> >
> > ""nrf""  wrote in message
> > news:[EMAIL PROTECTED]...
> > > Yeah but what about the rest of KPNQwest?  Ebone was just a subset.
> > >
> > >
> > > ""Steven A. Ridder""  wrote in message
> > > news:[EMAIL PROTECTED]...
> > > > I think ebone will be fine on their own.
> > > >
> > > > --
> > > >
> > > > RFC 1149 Compliant.
> > > >
> > > >
> > > >
> > > > ""nrf""  wrote in message
> > > > news:[EMAIL PROTECTED]...
> > > > > You don't know?
> > > > >
> > > > > KPNQwest is going bankrupt.
> > > > >
> > > > >
> > > > > Here's a quote from their own press office.
> > > > >
> > > > > "The Company is working with its customers to facilitate the
> > > > implementation
> > > > > of contingency plans, should the current situation result in
> > > instablility
> > > > or
> > > > > a total shut-down of the KPNQwest EuroRings network"
> > > > >
> > > > > http://www.kpnqwest.com/html/records.asp?record_id=883
> > > > >
> > > > > Here's some other disturbing news:
> > > > >
> > > > > "An Internet performance-monitoring company says KPNQwest's
> > fiber-optic
> > > > > network has been losing track of the data it delivers at "alarming
> > > rates"
> > > > > since Friday.
> > > > > Since early Friday, KPNQwest's networks have been losing an
average
> of
> > 4
> > > > > percent to 5 percent of all data, said Tom Ohlsson, vice president
> of
> > > > > marketing and business development for Matrix NetSystems, which
> > monitors
> > > > > both the health of the Internet and the internal networks of
> > > corporations.
> > > > >
> > > > > By comparison, the monitoring company says, a healthy Internet
> service
> > > > will
> > > > > lose only about one-tenth of a percent of the data it's been
charged
> > > with.
> > > > "
> > > > >
> > > > > http://news.com.com/2100-1033-935456.html?tag=rn
> > > > >
> > > > >
> > > > >
> > > > > As KPNQwest is Europe's biggest provider, I'm just interested in
how
> > our
> > > > > colleagues in the Old World are handling things.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > ""Hermann, Paul""  wrote in message
> > > > > news:[EMAIL PROTECTED]...
> > > > > > What's happening?
> > > > > >
> > > > > > -Original Message-
> > > > > > From: nrf [mailto:[EMAIL PROTECTED]]
> > > > > > Sent: 17 June 2002 20:36
> > > > > > To: [EMAIL PROTECTED]
> > > > > > Subject: Any Europeans here? [7:46816]
> > > > > >
> > > > > >
> > > > > > So, any of you guys being impacted by the goings-on at KPNQwest?
> > > > > >
> > > > >
> > > >
> > >
> >
>

> > > > > 
> > > > > > " This message contains information that may be privileged or
> > > > confidential
> > > > > > and
> > > > > > is the property of the Cap Gemini Ernst & Young Group. It is
> > intended
> > > > only
> > > > > > for
> > > > > > the person to whom it is addressed. If you are not the intended
> > > > recipient,
> > > > > > you
> > > > > > are not authorized to read, print, retain, copy, disseminate,
> > > > distribute,
> > > > > or
> > > > > > use
> > > > > > this message or any part thereof. If you receive this message in
> > > error,
> > > > > > please
> > > > > > notify the sender immediately and delete all copies of this
> message
> > ".
> > > > > >
> > > > >
> > > >
> > >
> >
>

> > > > > 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46875&t=46816
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

  1   2   >