RE: Pix logging to a Freebsd syslog server [7:51124]
Hello! To GAZ: Yes 514 is both the source and the destination port. See: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/gl.htm#xtocid15 I dont't know why the source port is important, maybe security reason. Best regards, Tamas Horvath network engineer Tel.: +36 22/515-452, Fax: +36 22/327-532 E-Mail: [EMAIL PROTECTED] -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 10, 2002 8:02 PM To: [EMAIL PROTECTED] Subject: Re: Pix logging to a Freebsd syslog server [7:51124] Is it really the source port? Normally the destination port is UDP 514. Does it care what the source port is? Gaz HORVATH TAMAS wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Helo! To Neal Rauhauser : If you don't specify source port, the PIX (OS 6.x) will send syslog messages from UDP port 514!! You can change this to whatever from range 1025-65535 : for example: logging host inside 192.168.11.4 udp/1025 So I think this is not a problem, if the FreeBSD syslogd expects the packets to be sourced from UDP port 514. To Elijah Savage: Did you checked the connections among syslog host and PIX inside interface, and IP adressess and mask? If they will correct then the problem will be in the FreeBSD syslogd config, because your PIX config is good. BIe, HT! -Original Message- From: Neal Rauhauser [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 10, 2002 11:38 AM To: [EMAIL PROTECTED] Subject: Re: Pix logging to a Freebsd syslog server [7:51124] The Cisco logging facility on a router uses a random high port as the source for the syslog packets. I assume the PIX is the same since you're having trouble. The FreeBSD syslogd expects the packets to be sourced from port 514. You can try the flag that supposedly allows syslogd to take random source ports, but it doesn't work :-( I'd strongly suggest you do what I did - just modify the syslogd source so it doesn't check source port, compile it, then install. If that is beyond your C programming skills drop me a note and I can email you the bungholed syslogd.c file and you can take it from there. Elijah Savage III wrote: Can anyone help me out with a PIX logging to a Freebsd syslog server. I thought I was sure about setting this up but I am not getting any messages on the server, see my configs below. logging on logging timestamp logging trap debugging logging facility 23 logging host inside 192.168.11.4 FreeBSD local7.debug/var/log/cisco.all I also startes syslogd with these parameters 29612 ?? Ss 0:00.03 syslogd -a 192.168.11.2/255.255.255.0 -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd This is my private email devoted to various mailing lists. If you're a twerp with an attorney and someone else's money, don't bother my employer about the things I say, just come see me personally and we'll discuss the situation. No names, you twerps should know who you are. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51219t=51124 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Reverse Telnet on Cisco [7:51218]
hi I am using TeraTermPro as a Terminalsoftware, were u have the possibility to send breaks. greetings andy RAJESH.V.S schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, I have a scenario like this. one 2509 is acting as the console access server for several routers. each of these router's console is connected to a tty line of 2509, and from 2509 I can access any routers console using reverse telnet. Now my problem is that I want send break command to these reverse telnet accessible console, so that I can break the booting of these routers and force them enter ROMMON. Is it possible to send break via reverse telnet ? If yes how ? Thanks in advance. regards Rajesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51220t=51218 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Interesting Situation with a 2948G-L3 and Inter-VL [7:51221]
If that is the case Priscilla, then one might as well enable Port-Fast on a those ports and observe for a few days. If the switch activity stabilizes then it is surely a STP re-convergence problem. Am I on track? Chaoo, Cisco_Maniac Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... You say that the stations connected to the 2948G-L3 stop transmitting for 15 seconds. Could the Spanning Tree be reconverging for some reason? Since you're doing IRB with both bridging and routing, presumably STP is running and 15 seconds sticks out as the Forward Delay timer used by STP. It's also the timer for aging the bridging table when BPDUs arrive with the Topology Change Flag set. I can't see why the change you made would cause a problem, but maybe it did for some reason or maybe it caused you to hit a bug. You may want to try debug span events or the equivalent if that doesn't work on a 2948G-L3. If debug is too risky, show spantree might give you some hints as to when the last topology change occured. It's just a guess but that 15 seconds sure sticks out as a possible clue that something is up with Spanning Tree. Hopefully somebody else will have ideas too! Priscilla Don Pezet wrote: Hey guys, Well, I've been tinkering with the network again, and in search of performance increases I have come across something a little weird. Let me run it by you all and see if anyone can play spot the mistake for me. We have nine separate in house networks in our facility, each with roughly 20 network attached devices (PCs mostly). They are built up as follows: 10.10.10.0/24 - Administrative network (for me) (VLAN 1) 192.168.0.0/24 - Servers and NAS appliances (VLAN 2) 192.168.1.0/24 - Network 1 (VLAN 10) 192.168.2.0/24 - Network 2 (VLAN 20) 192.168.3.0/24 - Network 3 (VLAN 30) 192.168.4.0/24 - Network 4 (VLAN 40) 192.168.5.0/24 - Network 5 (VLAN 50) 192.168.6.0/24 - Network 6 (VLAN 60) 192.168.7.0/24 - Network 7 (VLAN 70) 192.168.8.0/24 - Network 8 (VLAN 80) The physical network is made up of the following: (1) Cisco 3620 with 10/100 Network Module (1) Cisco Catalyst 2948G-L3 (4) Cisco Catalyst 3548XL The physical arrangement is the 3620 connects via the 100MBit module to port F48 of the 2948G-L3. The four 3548XLs are linked via Cisco GigaStack Gbics in a non-clustered arrangement. One of the 3548s links to the 2948G-L3 via a standard 1000MBit Gbic from its G0/2 into the 2948G-L3's G49. The physical configuration is sound, all VLANs are present on all of the cisco equipment, and I have been having no issues from that end. Each network must be able to reach the server network (192.168.0.0/24). Initially, I configured ISL between all of the switches, and since I have the 100Mbit module on the 3620, created an ISL trunk to it with a sub-interface for each VLAN and began providing inter-VLAN routing and internet access through it. Well, on high-speed switches, hitting a 100Mbit bottleneck at the router during inter-VLAN communications was kind of a downer so I began looking for other options. Which is exactly how I ended up where I am now. My idea was, hey, the 2948G-L3 is fully Layer 3 capable, so why not make it do all of the routing so that I do not get the 100Mbit bottleneck created by going through the 3620. Then, the only traffic the 3620 would need to get is internet traffic. So I set it up (configs at the end of the letter, with scattered in-line comments). I configured the 2948G-L3 to do IRB and route between the VLANs using the BVIs. Then, I threw in a static default route so internet traffic would be routed to the 3620. Lastly, I configured OSPF to run between the 2948G-L3 and the 3620 so that the 3620 would know about any existing or new networks that I may create on the 2948G-L3. Now for the problem part. At first, everything was working great, but after a while I began watching performance and noticing that I did not gain that much in the way of improved performance except for machines that were plugged directly into the 2949G-L3. Machines connected to a 3548XL and following the ISL trunk to the 2948G-L3 still performed as if competing for a 100Mbit uplink. I was willing to live with that, even though I should have at least quadrupled my routing bandwidth by switching over to the 2948G-L3, but it was the next symptom that got me. I started getting reports from people who were plugged directly into the 2948G-L3 that occasionally their link would go dead for about 15 seconds and then come back up. About two minutes later it would happen again. Then things would be fine for a while, maybe an hour, and it would repeat. Well, the 2948G-L3 takes longer that 15 seconds to reboot, so it isn't rebooting and I'm kind of stumped as to what is happening. This is not occurring on
Problem with UDP Broadcast/forwarding on cisco 770 and [7:51222]
Hi Does anyone has any idea about how to enable udp broadcast/flooding on cisco 770 From our central site we forward broadcast and at remote end we has cisco IOS router which recives this broadcast in control manner.Now one of my client is having Cisco 770,I am able to get conetinvity but i can't receive any udp packets..may be I need to enable some command on it.Currently it is configured in routing mode with encap ppp. Another problem i am facing is with framerelay encapp.I am dailing from cisco 2610 to 3641 over bri port..config is give below.with this i am able to connet and it show line protocol up but i am not able to ping and if i change encap to ppp it works fine. interface BRI1/0 ip address 12.1.1.1 255.0.0.0 encapsulation frame-relay frame-relay map ip 12.1.1.1 59 broadcast frame-relay map ip 12.1.1.2 59 broadcast frame-relay interface-dlci 59 ! bandwidth 64 ip broadcast-address 172.16.255.255 ip helper-address 172.16.255.255 ip directed-broadcast ip accounting output-packets dialer string 4628429 dialer-group 1 dialer idle-timeout 300 isdn switch-type basic-net3 isdn tei-negotiation first-call Thanks Pravin gade Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51222t=51222 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
new exam 640-604 [7:51223]
Hi, everybody does anybody know if the material for the exam 640-504 is the same for the new exam 640-604 ? This exam has simulators like ccna 607? thank you in advance -- Rommel Rizzato Evolugco Informatica Gerente de Tecnologia da Informagco Coordenador Programa Cisco Academy - CNAP CCDA,CCNA,CCNP,CCAI,MCSE-2k,MCDBA,MCSE+I Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51223t=51223 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT Keyword has me puzzled [7:51122]
Yes, that will work, too. -Art Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51224t=51122 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Traffic geneartor for SNMP [7:51172]
Are your network management people stating that they are experiencing timeouts when attempting to communicate to your 7500, or through your 7500? I doubt the 7500 is going to be upset about passing UDP traffic through it. The router should just forward the traffic, generally speaking, the router doesn't care what kind of traffic it is. However, an SNMP query must be processed by the RSP, and requires an interrupt. A large amount of interrupts is going to cause slowdowns, and SNMP timeouts are possible. If they are doing large amounts of queries on the box, you might want to look into the following links: http://www.cisco.com/warp/public/63/highcpu.html http://www.cisco.com/warp/public/477/SNMP/ipsnmphighcpu.shtml http://www.cisco.com/warp/public/477/SNMP/collect_cpu_util_snmp.html As well as getting with your network management people to see just why in the world they need to pound your 7500 with SNMP queries. If that still doesn't help, it'd be handy to pull out a sniffer, or use tcpdump/snoop on the box making all those SNMP requests. See just what its sending the messages to, etc... hth, -mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 10, 2002 7:16 PM To: [EMAIL PROTECTED] Subject: Traffic geneartor for SNMP [7:51172] Hi, Anybody know any traffic geneartor which is available for testing the snmp traffic. I am having a lab configuration with cisco 7500 router and the network management people are syaing that there are lot of SNMP timeouts. I want to pump in lot of UDP packets on to the network and see whether it's the problem of the network? How can u see the udp problem in Cisco routers? Is there any command to see that? How will you see the CPU utilization of the routers? Is there any command? Any help appreciated. gpj __ Pre-order the NEW Netscape 7.0 browser. Reserve your FREE CD and pay only $2.99 shipping and handling. http://cd.netscape.com/promo_one/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51225t=51172 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Interesting Situation with a 2948G-L3 and Inter-VL [7:51226]
Priscilla and Cisco_Maniac, Well, I have been tinkering around with it a bit more (which is pretty much how I got here) and here are my findings. First, I went ahead and did a 'debug span events' on the 2948G-L3 and noticed no convergence issues... actually no events at all. A quick 'show span' returned the following: Bridge group 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f807 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0 bridge aging time 300 Port 4 (FastEthernet1) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 4, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40808, received 0 ... Removed additional ports (2 - 46) Port 50 (FastEthernet47) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 50, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40865, received 0 Port 54 (FastEthernet48.1 ISL) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 54, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 56 (GigabitEthernet49.1 ISL) of Bridge group 1 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 56, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40874, received 5 Bridge group 2 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f836 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 bridge aging time 300 Port 55 (FastEthernet48.2 ISL) of Bridge group 2 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 55, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 57 (GigabitEthernet49.2 ISL) of Bridge group 2 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 57, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40876, received 6 Bridge group 10 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f907 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0 bridge aging time 300 Port 58 (GigabitEthernet49.10 ISL) of Bridge group 10 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f907 Designated bridge has priority 32768, address 0001.c779.f907 Designated port is 58, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40874, received 4 Bridge group 20 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address .0c97.2af8 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 bridge aging time 300 Port 59 (GigabitEthernet49.20 ISL) of Bridge group 20 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address .0c97.2af8 Designated bridge has priority 32768, address .0c97.2af8 Designated port is 59, path cost 0 Timers:
RE: * Routing/Subnetting question [7:51193]
James, I don't think I'm entirely catching what you're getting at. Probably because I'm a visual guy, and need to see a config. Can you post up an example of this config, and what you're trying to do with inline notes? Here's what it sounds like you're trying to do: int f0/0.1 desc lab net1 ip some ip int f0/0.2 desc lab net2 ip some ip int f0/0.3 desc pacbell's /29 - to dsl modem ip pacbells/29 ip nat outside int f0/0.4 desc dmz ip some.rfc1918.space ip nat inside ! ip nat inside source static rfc1918 someip.in.pacbell/29 Is this correct? Thanks, -Original Message- From: James Wilson [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 11, 2002 3:22 PM To: [EMAIL PROTECTED] Subject: RE: * Routing/Subnetting question [7:51193] Nigel, The router itself calls the 100M interface fastethernet0/0, which is why I referred to it as such, and the trunking was because I am running lab configurations with more than two subnets on the private side and I need to be able to route between them as well as filter between them for security. The ISP is PacBell and for enhanced DSL they only give you a /29, and they take one of the addresses for their side of the connection. The reason I am leaving a host with a public address in the DMZ is because it is a DNS server, and there are issues with BIND and Solaris when the DNS server does not use the same IP address and name as that which is listed as authoritive for the domain (i.e. the domain server knows itself as on 10.50.0.65 in /etc/hosts but has the address 216.103.77.99 as its address within its zone.) If I want to protect that host with CBAC, I need to put the router between it and the ISP. Remember that the traffic is coming from the ISP via a DSL MODEM 10 M ethernet connection and not a WAN connection to the router. The addresses which would be valid in the /29 but not in the /30 would only be referenced as static NAT entries which would be translated on the interface with the /29 which is facing the ISP. Once the traffic for that address enters the Fa0/0 it would be translated to an RFC1918 address and sent out to the host on the 10. net, so the host would not know it is being referenced by the public address. I realize that this is not a standard type configuration for this, but PacBell will only give me a /29, and I'm trying to find a way to meet BIND's requirements for the DNS server and have the server protected by CBAC plus have other public IP addresses for static NAT entries for other servers on my net (I've got a number of different servers on my net and want to have public address to different services i.e. web server, mail server, application servers. Thanks! -- James D. Wilson, CCDA, MCP Sr. Network/Security Engineer non sunt multiplicanda entia praeter necessitatem William of Ockham (1285-1347/49) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nigel Taylor Sent: Sunday, August 11, 2002 11:51 AM To: [EMAIL PROTECTED] Subject: Re: * Routing/Subnetting question [7:51193] James, See Inline.. - Original Message - From: James Wilson To: Sent: Sunday, August 11, 2002 12:34 PM Subject: * Routing/Subnetting question [7:51193] I have a 1750 with a /29 assigned to me, and I need to create a DMZ to put a DNS server on so that I can control access using CBAC. My FastEthernet interface is trunked to a Cat 2924. I'd like to have the /29 on one subinterface which talks to PacBell's router, and take a /30 out of the /29 and put it on another subinterface so that I can hang the DNS server off a port on that VLAN using a public IP address. NT: Why would you vlan traffic from you ISP instead of using the extra interface(eth0/0) You must consider a number of things when using your existing design. Firstly, the interface you're referring to as a FE interface is shown in the cisco catalog as a 10/100 ethernet interface. Secondly, please note that based on your current traffic utilization what kind of performance could be achieved/expected on the physical interface(the subs are technically part of the same physical NIC/transiciever). On the area of addressing you might want to take a look at the following links which could answer some of your questions as they apply to addressing(VLSM in particular). http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf (watch the wrap) http://www.ietf.org/rfc/rfc3021.txt?number=3021 I'd also like to use static NAT addresses out of the /29 including what would be an all zero or all one address out of the /30. My thought is that this would work since the NAT will take place via the subinterface on the /29 (ip nat outside), and the only time the /30 will come into play is with traffic destined to the DNS server, which is not NAT'ed. This would allow me to have routing and CBAC protection for the host on the /30 net and not lose the ability to use those addresses which would normally be lost from the /30 all zeros and
CCM - Product Codes... [7:51228]
Hi, Can anyone point me to the correct URL, as I'm re-installing CCM on a MCS7835 and need a valid product code. thx Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51228t=51228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Notes on salaries [7:51052]
With more applications becoming internet ready everyday. With rapid changed in technology, with companies using the internet in new ways. With files getting larger, requiring more bandwidth, with video apps becoming more commonplace, with common users using and editing streaming video/Tivo. With DSL speed increasing, with the predictions of the 2nd coming of the internet boom. With Voice over IP becoming more standard, with XML ready to come onboard to integrate the web. With handhelds and wirless internet ready to break. Also, thousands of new companies are waiting to implement their internet ideas, the economy is just not stable enough for them right now. Someone needs to support this stuff! Too many new technologies to mention. I would say that the few left standing though the hard times, which we are experiencing now, will be paid seven fold. There are too many reasons to mention why to get Cisco certified. Just like investing, it takes time and patience. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51229t=51052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dial out solution [7:51230]
Hi All, Guys I am currently using a Shiva modem pool for dial out, Is there a Cisco solution for this.The Shiva is not working upto our expectations. Will the Cisco Access Servers or a cisco 3640 with modem card be able to do the same. Any help will be highly apprecisted. Thanks, neiL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51230t=51230 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dial out solution [7:51231]
Hi All, Guys I am currently using a Shiva modem pool for dial out, Is there a Cisco solution for this.The Shiva is not working upto our expectations. Will the Cisco Access Servers or a cisco 3640 with modem card be able to do the same. Any help will be highly apprecisted. Thanks, neiL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51231t=51231 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP virtual lab and CCNP routersim [7:51232]
Dear all, I am planning to buy a CCNP simulation software and i am trying to choose between to available software products which are CCNP Cybex Virtual Lab and CCNP RouterSim. Can you advice or comment on both softwares if you used them before. Many thanks in advance. Fadi Younes IT Team Member ARAMEX International P.O.Box 960913, Amman 11196 Jordan http://www.aramex.com Office: +962 6 552 2192 Fax: +962 6 552 7461 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51232t=51232 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCM - Product Codes... [7:51228]
ml Zhen Cai www.shakespearenetwork.com Cisco IP Telephony Hands-on Training Hi, Can anyone point me to the correct URL, as I'm re-installing CCM on a MCS7835 and need a valid product code. thx Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51233t=51228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dial out solution [7:51231]
We have a 3640 setup for both a dial-in and dial-out solution. We install a device on the PC that basically allows a redirected telnet session to act as an outgoing modem call, so anyone on our network can dial-out or fax from their desktop without a physical modem being connected. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51234t=51231 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSI...Please help... [7:51235]
Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ - Get a bigger mailbox -- choose a size that fits your needs. http://uk.docs.yahoo.com/mail_storage.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51235t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: * Routing/Subnetting question [7:51193]
The problem is you cannot assign the same IP addresses to mulitple interfaces, especially on the same router. From what I'm reading, you are trying to assign a /29 (let's say 209.98.10.160/29, which allows for addresses .161-.166) and a /30 from that same range (like 209.98.10.164/30, which allows for .165 and .166). You must be assuming, incorrectly, that addressing is handled like routing, and the router will follow the most specific address. If the router received routes for both these networks on two different interfaces, this works. However, a router cannot have directly connected interfaces that share IP addresses. For instance, in the above example, if allowed (which is why you are getting the overlapping error), the router would have to send packets addressed to 209.98.10.165 out both interfaces, which it can't.James Wilson wrote: I have a 1750 with a /29 assigned to me, and I need to create a DMZ to put a DNS server on so that I can control access using CBAC. My FastEthernet interface is trunked to a Cat 2924. I'd like to have the /29 on one subinterface which talks to PacBell's router, and take a /30 out of the /29 and put it on another subinterface so that I can hang the DNS server off a port on that VLAN using a public IP address. I'd also like to use static NAT addresses out of the /29 including what would be an all zero or all one address out of the /30. My thought is that this would work since the NAT will take place via the subinterface on the /29 (ip nat outside), and the only time the /30 will come into play is with traffic destined to the DNS server, which is not NAT'ed. This would allow me to have routing and CBAC protection for the host on the /30 net and not lose the ability to use those addresses which would normally be lost from the /30 all zeros and all ones addresses by using them for static NAT entries for hosts on the private IP side of my network. When I go to assign an address out of the /30 to the subinterface facing the DMZ I get a message stating that the addresses overlap the other interface. Will this still work the way I believe it will? Would it make a difference if I use my currently shut down Eth0/0 interface instead of the trunked Fa0/0? Thanks for your time/help! -- James D. Wilson, CCDA, MCP Sr. Network/Security Engineer non sunt multiplicanda entia praeter necessitatem William of Ockham (1285-1347/49) [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51237t=51193 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCM - Product Codes... [7:51228]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED] Sent: Monday, August 12, 2002 9:05 AM To: [EMAIL PROTECTED] Subject: Re: CCM - Product Codes... [7:51228] ml Zhen Cai www.shakespearenetwork.com Cisco IP Telephony Hands-on Training Hi, Can anyone point me to the correct URL, as I'm re-installing CCM on a MCS7835 and need a valid product code. thx Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51236t=51228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IDS [7:51147]
Joe, The Cisco Press book has material to help you with both tests. Boson and I use the book to teach our CSS1 bootcamp classes. Cheers! -- Richard Deal * Author of the ebook CCNA Secrets Revealed! and Exam Cram and Exam Prep books from the Coriolis Group * Test author for QuizWare (www.quizware.com) Joe Rubino wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am on the trail of the last test for CSS1 Cert - The IDS test. From what I gather on their website; Cisco is phasing out CSIDS and replacing it with IDSPM. There are no books titled IDSPM. So I have 2 questions: A) is the CSIDS book a valid study guide for IDSPM? B) If they are phasing it out how long do I have to take the CSIDS? Thanks in advance JDR Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51156t=51147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: T1 interface type compatibility [7:51137]
You need a T1 CSU/DSU to translate from the T1 to the serial. In T1, you only have 2 pair, 2 wire Tx, 2 wire Rx. In serial, you will have alot more pairs, which means some pairs can be used for control. That's what the DCD, DSR, DTR, RTS, and CTS are. They are individual wires (5 wires) that are either on or off. T1 simply doesn't have the parallel bandwidth for that. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51238t=51137 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ - Get a bigger mailbox -- choose a size that fits your needs. http://uk.docs.yahoo.com/mail_storage.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51239t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Interesting Situation with a 2948G-L3 and Inter-VLAN routing [7:51240]
Priscilla and Cisco_Maniac, Well, I have been tinkering around with it a bit more (which is pretty much how I got here) and here are my findings. First, I went ahead and did a 'debug span events' on the 2948G-L3 and noticed no convergence issues... actually no events at all. A quick 'show span' returned the following: Bridge group 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f807 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0 bridge aging time 300 Port 4 (FastEthernet1) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 4, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40808, received 0 ... Removed additional ports (2 - 46) Port 50 (FastEthernet47) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 50, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40865, received 0 Port 54 (FastEthernet48.1 ISL) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 54, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 56 (GigabitEthernet49.1 ISL) of Bridge group 1 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 56, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40874, received 5 Bridge group 2 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f836 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 bridge aging time 300 Port 55 (FastEthernet48.2 ISL) of Bridge group 2 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 55, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 57 (GigabitEthernet49.2 ISL) of Bridge group 2 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 57, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40876, received 6 Bridge group 10 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f907 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0 bridge aging time 300 Port 58 (GigabitEthernet49.10 ISL) of Bridge group 10 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f907 Designated bridge has priority 32768, address 0001.c779.f907 Designated port is 58, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40874, received 4 Bridge group 20 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address .0c97.2af8 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 bridge aging time 300 Port 59 (GigabitEthernet49.20 ISL) of Bridge group 20 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address .0c97.2af8 Designated bridge has priority 32768, address .0c97.2af8 Designated port is 59, path cost 0 Timers:
OSPF lab in CCIE practical studies pg 786. [7:51241]
Hi all, I was trying to setup this network in fig 12-9. I got stuck in one particular route. I am not able to view the route 172.16.10.0/24 on the router peter which is running RIP and got to see this route as redistributed one. The question is in which router do I need to give the area range command in order to see this route appear on router peter. I tried several options of giving in the router john which is ABR -as this area 10 range 172.16.10.0 255.255.255.0, but this summarised route is not advertised back to the same area for the ASBR router ( mark ) to redistribute to RIP. Any workaround to overcome this? PS : Sample output of sh ip route for router peter shows this route, but my setup doesn't = So I am trying to get some idea of how to make available this route. Thanks, Rajesh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51241t=51241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSI...Please help... [7:51235]
=?iso-8859-1?q?maine=20dude?= wrote: Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftp access-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? They refer to the protocols. Don't worry too much about the stack. The TCP/IP stack is just as elusive and harmful to learning as the OSI stack. (Just kidding. I think they are good for learning, actually, but you have to go beyond them, as you know.) I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ The statement at the end (access-list 101 permit ip any any) is to avoid problems with the implicit deny at the end of every access list. If you don't put something like that, everything will be denied as soon as you have any access list. The good news is that you don't really have to be specific in that final statement if you don't want to be. You don't have to specify any IP addresses and you don't have to specify anything above IP. The other good news is that essentially everything (except ARP and IS-IS) in an IP network runs above IP. When you want to be more specific then you'll have to know things like the following info. The following protocols run directly above IP Protocol Protocol Number in Decimal ICMP 1 IGMP 2 IP 4 (IP-in-IP tunneling) TCP 6 IGRP 9 UDP 17 GRE 47 ESP 50 AH 51 EIGRP88 OSPF 89 The following protocols run above TCP Service Port Number in Decimal FTP 21 for control, 20 for data Telnet 23 SMTP 25 DNS 53* Gopher 70 Finger 79 HTTP 80 POP 110 NNTP 119 NetBIOS 139* (Session) BGP 179 LDAP 389 SSL 443 NCP 524* AFP 548 * DNS uses TCP for large transfers, but otherwise uses UDP. * NCP and NetBIOS also use UDP for some purposes The following protocols use UDP: Service Port Number in Decimal DNS 53 DHCP 67 for the DHCP server, 68 for the DHCP client TFTP 69 RPC 111 NetBIOS 138 (Datagram) SNMP 161 AURP 387 SLP 427 RIP 520 NCP 524 One place to go to learn protocol types and port numbers is the Internet Assigned Numbers Authority documents. Unfortunatley, they tend to list every protocol as using TCP and UDP, since theoretically they could. So it takes experience to learn which one is really used in the real world. (Experience or reading my books! ;-) The IANA documents are here: http://www.iana.org And it also takes experience to learn about the protocols that misbehave in various ways. FTP is especially ugly. There's more info FTP here: http://www.troubleshootingnetworks.com/ftpinfo.html TFTP is almost impossible to permit, although possible to deny. This is because only the first packet uses a well-known port number (69). After that the packets go to and come from non well-known port numbers, meaning that you can't do a good permit access list. Deny works because TFTP won't work if you deny the first packet, which does use the well-known port number I'll have to do a white paper on that too, at some point! That's all for now! Good luck. Try to see it as fun, not frustrating! Priscilla Oppenheimer http://www.priscilla.com - Get a bigger mailbox -- choose a size that fits your needs. http://uk.docs.yahoo.com/mail_storage.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51242t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
the first one specifies tcp and the second one includes any upper protocols encapsulated in ip packets. - Original Message - From: maine dude To: Sent: Monday, August 12, 2002 12:16 PM Subject: OSI...Please help... [7:51235] Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ - Get a bigger mailbox -- choose a size that fits your needs. http://uk.docs.yahoo.com/mail_storage.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51243t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: load balance/share [7:50988]
Mark, I have looked EIGRP in this regard. My issue seems to be with the default route. If put it in statically there is no failover if one link goes down, and I can't figure out another way to get it in. I have looked at bgp to resolve this as well (both routers need it to peer with the PER anyway), however since the connection between Rtr A and B is IBGP, the EBGP route from the PER takes precedence and there is no load sharing. Turpin, Mark wrote: Jason, Lots! Basically your network looks like this: PER m10/ \m10 AB m10 Let's say a metric of 10 for each link for example? A-PER = 10 A-B-PER = 20 Before we get really far into this, have you looked into EIGRP's capability to load balance across unequal cost paths? Modifying the variance on your CE routers should do the trick. http://www.cisco.com/warp/public/103/eigrp1.html http://www.cisco.com/warp/public/103/eigrp9.html http://www.cisco.com/warp/public/103/19.html One question though when you do this: I have not tried a HSRP impelmentation like this. Variance should be local to the router. Please let me know if Router A changes the way it advertises its metrics to router B once variance is implemented. Thanks, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 11:05 AM To: [EMAIL PROTECTED] Subject: RE: load balance/share [7:50988] Mark, Your diagram is correct. I am trying to load balance/share across the links to the PER (per-packet preferably). The clients are behind Rtr A B using an HSRP address. So say Rtr A is the active router. I want to load balance across both links (half of the traffic needs to traverse out Rtr A's ser0 and the other half across the link to Rtr B and then out it's ser0). If I use a static and one link goes down, half of my traffic becomes blackholed. I was trying to find a way to have a default route put into a routing protocol so the routing process would recognize that if one link was down that it needed to send all traffic out the remaining link. Is this clearer? Turpin, Mark wrote: Jason, Is this your lab network? + PE Rtr + / \ / \ + + RtrA +--+ Rtr B + + \- Client Networks With that diagram, or a revised one, can you clarify your question? You mention statics; what routers are you trying to advertise statics to, and from what router are you wishing to advertise them? In regards to load balancing, are you asking if you can load balance clients to router A and router B? Or do you want to load balance the PE router to AB? Thanks, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: load balance/share [7:50988] I am trying to lab up a scenario where I can load balance/share across two routers (for redundancy) connected into an MPLS cloud. Additionally, I have HSRP running between the two (I don't want to use MHSRP because I don't want two gateways on the LAN). There is a direct connection between the routers. I know I can use statics, however I want all traffic to be able to failover to the remaining link if one goes down, instead of being being blackholed. | | | | Router 1---Router 2 activestandby I have tried with EIGRP, however I was having trouble with getting a default route injected in (without using statics). Is there any way to do this? The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51244t=50988 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Interesting Situation with a 2948G-L3 and Inter-VL [7:51240]
It doesn't sound like it's an STP problem then. And I don't think it could have been a portfast problem anyway, since the symptoms aren't that the stations can't transmit after a switch reboot. The symptom is that they can't transmit for about 15 seconds every once in a while after they have been running for while, n'est-ce pas? Have you been able to check what the switch port status is during that time? I think you implied that there wasn't even a link light during that time. What else would cause a port to swoon for 15 seconds?? Can you put a Sniffer on it? That's always my answer. ;-) I think you'll want to do more than just throughput tests. Obviously the throughput is going to suck if nothing happens for 15 seconds every so often. There's nothing obviously wrong with your configs Sorry I can't think of anything else. Please keep us posted. It would be pretty important for all of us to know if you get better throughput doing inter-VLAN routing with the 3600 on the 100 Mbps interface than you do with the 2948G-L3 and Gig Ethernet!? Priscilla Don Pezet wrote: Priscilla and Cisco_Maniac, Well, I have been tinkering around with it a bit more (which is pretty much how I got here) and here are my findings. First, I went ahead and did a 'debug span events' on the 2948G-L3 and noticed no convergence issues... actually no events at all. A quick 'show span' returned the following: Bridge group 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f807 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0 bridge aging time 300 Port 4 (FastEthernet1) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 4, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40808, received 0 ... Removed additional ports (2 - 46) Port 50 (FastEthernet47) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 50, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40865, received 0 Port 54 (FastEthernet48.1 ISL) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 54, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 56 (GigabitEthernet49.1 ISL) of Bridge group 1 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 56, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40874, received 5 Bridge group 2 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f836 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 bridge aging time 300 Port 55 (FastEthernet48.2 ISL) of Bridge group 2 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 55, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 57 (GigabitEthernet49.2 ISL) of Bridge group 2 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 57, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40876, received 6 Bridge group 10 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f907 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15
Re: OSI...Please help... [7:51235]
At 4:35 PM + 8/12/02, John Neiberger wrote: You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ Trust me. IP designers did not have OSI compliance in mind. And to be picky, John, ICMP isn't a transport protocol. It is a control/management protocol at the network layer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51247t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Interesting Situation with a 2948G-L3 and Inter-VL [7:51240]
I am not sure about the 2948, however with the 2950T it is spanning-tree portfast applied from the interface. 2840-1st-sw1(config-if)#int fa0/1 2840-1st-sw1(config-if)#spanning-tree portfast %Warning: portfast enabled on FastEthernet0/1. Usually portfast should be enabled on ports connected to a single host. When portfast is enabled, connecting hubs, concentrators, switches, bridges, etc. to this interface may cause temporary spanning tree loops. Use with CAUTION. Don Pezet wrote: Priscilla and Cisco_Maniac, Well, I have been tinkering around with it a bit more (which is pretty much how I got here) and here are my findings. First, I went ahead and did a 'debug span events' on the 2948G-L3 and noticed no convergence issues... actually no events at all. A quick 'show span' returned the following: Bridge group 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f807 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0 bridge aging time 300 Port 4 (FastEthernet1) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 4, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40808, received 0 ... Removed additional ports (2 - 46) Port 50 (FastEthernet47) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 50, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40865, received 0 Port 54 (FastEthernet48.1 ISL) of Bridge group 1 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 54, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 56 (GigabitEthernet49.1 ISL) of Bridge group 1 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f807 Designated bridge has priority 32768, address 0001.c779.f807 Designated port is 56, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40874, received 5 Bridge group 2 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f836 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 bridge aging time 300 Port 55 (FastEthernet48.2 ISL) of Bridge group 2 is forwarding Port path cost 19, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 55, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40867, received 0 Port 57 (GigabitEthernet49.2 ISL) of Bridge group 2 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f836 Designated bridge has priority 32768, address 0001.c779.f836 Designated port is 57, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40876, received 6 Bridge group 10 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0001.c779.f907 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag not set, detected flag not set Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 1, topology change 0, notification 0 bridge aging time 300 Port 58 (GigabitEthernet49.10 ISL) of Bridge group 10 is forwarding Port path cost 4, Port priority 128 Designated root has priority 32768, address 0001.c779.f907 Designated bridge has priority 32768, address 0001.c779.f907 Designated port is 58, path cost 0 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 40874, received 4 Bridge group 20 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address .0c97.2af8 Configured
RE: Interesting Situation with a 2948G-L3 and Inter-VLAN [7:51249]
I ran a bandwidth monitor between six stations on one VLAN and six stations on a second VLAN to see what kind of latency, packet loss, and throughput I could get on the stations. I found I could easily get six separate communication streams going with each absorbing 25Mbits of bandwidth which would have more than saturated the 3620 so I am definitely seeing performance improvements over the old configuration. Now it's just a matter of tracking down my dropped link issue. Don Pezet Enterprise Technology Solutions [EMAIL PROTECTED] (352) 248-1010 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51249t=51249 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ADSL routers [7:51250]
Can anyone suggest a good router to get for ADSL? I want to utilize a full IOS, and not a dumbed down version. Or should I just go with a 2600 with an ADSL card. This firewall will be for a home connection, but I am the type to mess around with the routers, try to do different things with Pix firewalls, security, servers and whatnot. I know netgear routers work well for some people, but I want to use my router as something functional and as educational at the same time. What would be the cheapest way to go for an ADSL router, with full IOS capabilities. Thanks in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51250t=51250 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
scariest IOS image name [7:51251]
Yes, this is a real image that I downloaded for real work - can anyone top it? c1700-bk8no3r2sy7-mz.122-8.T5.bin -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd I've seen the angels wearing their disguise, ordinary people leading ordinary lives - Tracy Chapman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51251t=51251 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: scariest IOS image name [7:51251]
How about xp9040.939 ... Enterasys code :) -Original Message- From: Neal Rauhauser [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 2:03 PM To: [EMAIL PROTECTED] Subject: scariest IOS image name [7:51251] Yes, this is a real image that I downloaded for real work - can anyone top it? c1700-bk8no3r2sy7-mz.122-8.T5.bin -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd I've seen the angels wearing their disguise, ordinary people leading ordinary lives - Tracy Chapman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51252t=51251 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
Good point! Forgive me, I'd only had one cup of coffee when I wrote that. Usually I need at least three before my explainer works correctly. John Howard C. Berkowitz 8/12/02 11:39:12 AM At 4:35 PM + 8/12/02, John Neiberger wrote: You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ Trust me. IP designers did not have OSI compliance in mind. And to be picky, John, ICMP isn't a transport protocol. It is a control/management protocol at the network layer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51253t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CSPFA Beta Exams [7:51246]
I am scheduled for all three, VPN, MCNS, and CSPFA. I scheduled them the 20th, 21st, and 22nd. Because I needed a few days to study for these suckers. I cant go wrong for free! Here is my trick, I have all 3 CSS1 books, I just go to the back of the book and look at all the question an answers. Starting with chapter 1, and go to the end. If I don't understand what they are talking about, or a term, like ACS, I just look it up. I pretty much did this in a few hours. I did this for all 3 CSS1 books so far, then I took a look at the Boson exams, they were a no-brainer for the most part. Besides this, I am familiar with networking and security. Some of the new technology, like the 3005 concentrator is in your VPN book, if you opened it. With the pix, there is a lot of common sense questions I am sure they will ask like how many interfaces does a pix have?. Ans: depends on the model. Wow, how hard! I usually would give these exams a lot more time, if I was actually paying for it. The time from the announcement, until the time you needed to register, was only seconds. These free beta exams fill up quick. I remember the CCNA 2.0 beta which was cheap, or free. It filled up from all the other countries in the world registering first, by the time it came to the USA, for VUE to open its lines, all the seats were filled. They made a special exception for loud mouth people like me though. I think the masses are taking MCNS, I don't think that many are taking VPN and CSPFA. But if you waited til now, they are probably filled by people who just wanted to say they took these. Note: I have not taken any of the exams yet, so I am not breaking any NDA. -Original Message- From: Roberts, Larry [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 4:33 PM To: Cisco CCIE Mailing List ([EMAIL PROTECTED]); Cisco Security Mailing List ([EMAIL PROTECTED]) Subject: CSPFA Beta Exams Just curious if anyone else has taken this exam yet? Wanted to see if your opinion of it is the same as mine! This being the first beta I have taken for Cisco, I can only hope the other 2 are better! Thanks Larry __ To unsubscribe from the SECURITY list, send a message to [EMAIL PROTECTED] with the body containing: unsubscribe SECURITY Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51246t=51246 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Using QoS to Control Utilization [7:51254]
Hi Group I need your suggestions regarding the following Scenario.A company's main Branch is having 1M Internet and inturn it is providing Internet/Connectivity between 4 branches using a hub--spoke topology over another 1M.The client requirments are as follows1) Frame Relay is used to acheive connectivity between branches and the main office2) Main Branch is feeding the 4 branches with a total bandwidth of 1M3) Each Branch will have 1M connecting it to the main branch. (Over-Booking )4) Any branch can burst traffic up to the 1M if working alone.5) Traffic of any branch should fall to a pre-defined value incase more than one branch trying to access the main branch at the same time to either have Internet or to reach another branch through the hub. I thought about QoS and I guess this target can be acheived using it. Haven't digged enough yet to figure out how this could be done and thought about hearing from you about it. Thanks for your feedback. Regards,Yasser Send and receive Hotmail on your mobile device: Click Here Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51254t=51254 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
At 6:16 PM + 8/12/02, John Neiberger wrote: Good point! Forgive me, I'd only had one cup of coffee when I wrote that. Usually I need at least three before my explainer works correctly. John You bring up an interesting question. Could we have predicted our industry crash by monitoring coffee consumption by accountants, vendors, or venture capitalists, etc.? There _ought_ to be a correlation. Howard C. Berkowitz 8/12/02 11:39:12 AM At 4:35 PM + 8/12/02, John Neiberger wrote: You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ Trust me. IP designers did not have OSI compliance in mind. And to be picky, John, ICMP isn't a transport protocol. It is a control/management protocol at the network layer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51255t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: scariest IOS image name [7:51251]
Can't get this off of CCO but I guess it's kinda scary;) c1700-bk2no3r2sv3y-mz.intercooler-beta.1122 Dave Neal Rauhauser wrote: Yes, this is a real image that I downloaded for real work - can anyone top it? c1700-bk8no3r2sy7-mz.122-8.T5.bin -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd I've seen the angels wearing their disguise, ordinary people leading ordinary lives - Tracy Chapman -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51257t=51251 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
Did you see the movie Pi? :) Howard C. Berkowitz To: [EMAIL PROTECTED] Subject: Re: OSI...Please help... [7:51235] Sent by: nobody@groupst udy.com 08/12/2002 03:02 PM Please respond to Howard C. Berkowitz At 6:16 PM + 8/12/02, John Neiberger wrote: Good point! Forgive me, I'd only had one cup of coffee when I wrote that. Usually I need at least three before my explainer works correctly. John You bring up an interesting question. Could we have predicted our industry crash by monitoring coffee consumption by accountants, vendors, or venture capitalists, etc.? There _ought_ to be a correlation. Howard C. Berkowitz 8/12/02 11:39:12 AM At 4:35 PM + 8/12/02, John Neiberger wrote: You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ Trust me. IP designers did not have OSI compliance in mind. And to be picky, John, ICMP isn't a transport protocol. It is a control/management protocol at the network layer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51259t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3550 EMI [7:50103]
What happens if the switch receives an IPX packet? Will it try to route it or drop the packet or will it handle the packet at layer 2 only? I have a customer that interested in using the 3550 but they have Novell servers. Of course using Novell IP shouldn't be a problem but they're still running IPX. - Original Message - From: Chuck To: Sent: Tuesday, July 30, 2002 9:28 AM Subject: Re: 3550 EMI [7:50103] just getting into it. 1500 pages of documentation to read :-O They do IGRP, EIGRP, RIPv1, RIPv2, and OSPF. Don't believe the output of the router ? BGP is expected to be released real soon now, but according to Cisco people I've spoken to, it will not be a full featured release. Limitations as to the number of routes processed and stored, for example ( due to the physical limitations of the switch ) I.e. don't expect to get full BGP routes over your DSL connection. Chuck Symon Thurlow wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone played with the new 3550 EMI switches? They report layer 3 routing etc. Symon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51260t=50103 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
Hmmm, that explains why my explianer is unexplainable, I don't like coffee :) Dave Howard C. Berkowitz wrote: At 6:16 PM + 8/12/02, John Neiberger wrote: Good point! Forgive me, I'd only had one cup of coffee when I wrote that. Usually I need at least three before my explainer works correctly. John You bring up an interesting question. Could we have predicted our industry crash by monitoring coffee consumption by accountants, vendors, or venture capitalists, etc.? There _ought_ to be a correlation. Howard C. Berkowitz 8/12/02 11:39:12 AM At 4:35 PM + 8/12/02, John Neiberger wrote: You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ Trust me. IP designers did not have OSI compliance in mind. And to be picky, John, ICMP isn't a transport protocol. It is a control/management protocol at the network layer. -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51261t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
At 4:14 PM -0400 8/12/02, [EMAIL PROTECTED] wrote: Did you see the movie Pi? :) No, but I like pi with coffee. It's just rarely on my blueprint...I mean, diet. At 6:16 PM + 8/12/02, John Neiberger wrote: Good point! Forgive me, I'd only had one cup of coffee when I wrote that. Usually I need at least three before my explainer works correctly. John You bring up an interesting question. Could we have predicted our industry crash by monitoring coffee consumption by accountants, vendors, or venture capitalists, etc.? There _ought_ to be a correlation. Howard C. Berkowitz 8/12/02 11:39:12 AM At 4:35 PM + 8/12/02, John Neiberger wrote: You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ Trust me. IP designers did not have OSI compliance in mind. And to be picky, John, ICMP isn't a transport protocol. It is a control/management protocol at the network layer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51262t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: load balance/share [7:50988]
Jason, Where are you trying to advertise a default route from? The PER? If so, check out http://www.cisco.com/warp/public/103/eigrp8.html where it discusses using a summary per interface to advertise a default to neighbors. You could stick this on your PER's interfaces towards RtrA and RtrB. If we're talking about BGP, you can have your PER advertise a default with 'neighbor x.x.x.x default-originate' http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr rp_r/bgp_r/1rfbgp1.htm#xtocid46 (wrap there) Let me know if this is what you meant, or if this works out for you. hth, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 12:29 PM To: [EMAIL PROTECTED] Subject: RE: load balance/share [7:50988] Mark, I have looked EIGRP in this regard. My issue seems to be with the default route. If put it in statically there is no failover if one link goes down, and I can't figure out another way to get it in. I have looked at bgp to resolve this as well (both routers need it to peer with the PER anyway), however since the connection between Rtr A and B is IBGP, the EBGP route from the PER takes precedence and there is no load sharing. Turpin, Mark wrote: Jason, Lots! Basically your network looks like this: PER m10/ \m10 AB m10 Let's say a metric of 10 for each link for example? A-PER = 10 A-B-PER = 20 Before we get really far into this, have you looked into EIGRP's capability to load balance across unequal cost paths? Modifying the variance on your CE routers should do the trick. http://www.cisco.com/warp/public/103/eigrp1.html http://www.cisco.com/warp/public/103/eigrp9.html http://www.cisco.com/warp/public/103/19.html One question though when you do this: I have not tried a HSRP impelmentation like this. Variance should be local to the router. Please let me know if Router A changes the way it advertises its metrics to router B once variance is implemented. Thanks, -Mark -Original Message- From: Jason Owens [mailto:[EMAIL PROTECTED]] Sent: Friday, August 09, 2002 11:05 AM To: [EMAIL PROTECTED] Subject: RE: load balance/share [7:50988] Mark, Your diagram is correct. I am trying to load balance/share across the links to the PER (per-packet preferably). The clients are behind Rtr A B using an HSRP address. So say Rtr A is the active router. I want to load balance across both links (half of the traffic needs to traverse out Rtr A's ser0 and the other half across the link to Rtr B and then out it's ser0). If I use a static and one link goes down, half of my traffic becomes blackholed. I was trying to find a way to have a default route put into a routing protocol so the routing process would recognize that if one link was down that it needed to send all traffic out the remaining link. Is this clearer? Turpin, Mark wrote: Jason, Is this your lab network? + PE Rtr + / \ / \ + + RtrA +--+ Rtr B + + \- Client Networks With that diagram, or a revised one, can you clarify your question? You mention statics; what routers are you trying to advertise statics to, and from what router are you wishing to advertise them? In regards to load balancing, are you asking if you can load balance clients to router A and router B? Or do you want to load balance the PE router to AB? Thanks, -Mark The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51264t=50988 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSI...Please help... [7:51235]
Howard C. Berkowitz wrote: At 6:16 PM + 8/12/02, John Neiberger wrote: Good point! Forgive me, I'd only had one cup of coffee when I wrote that. Usually I need at least three before my explainer works correctly. John You bring up an interesting question. Could we have predicted our industry crash by monitoring coffee consumption by accountants, vendors, or venture capitalists, etc.? There _ought_ to be a correlation. How about caffeine consumption by gamers (i.e. programmers, Web designers, etc. at dot coms? ;-) Did you happen to see the article from the Mercury News yesterday about a drink favored by gamers called BAWLS (seriously). It's a sweet drink with 80 milligrams of caffeine in a 12-ounce bottle. More here: http://www.bayarea.com/mld/bayarea/business/technology/3842507.htm Priscilla Howard C. Berkowitz 8/12/02 11:39:12 AM At 4:35 PM + 8/12/02, John Neiberger wrote: You're putting too much thought into this. :-) The ip keyword will match any ip packet regardless of the transport layer protocol being used. You use the tcp, udp, and icmp keywords when you want to be even more specific. HTH, John maine dude 8/12/02 10:16:19 AM Please help... In the example :access-list 101 deny tcp host 172.16.3.10 172.16.1.0 0.0.0.255 eq ftpaccess-list 101 permit ip any any Do the terms tcp and ip refer to the individual protocols or the stack ? I assume they refer to the individual protocols as you could substitute them with udp or icmp but then surely the last statement would allow only the individual ip protocol and therefore all other packets such as tcp , udp, icmp would be filtered. Or does tcp , udp , icmp get through because it is encapsulated in ip ? ( I hate the OSI model ) -DJ Trust me. IP designers did not have OSI compliance in mind. And to be picky, John, ICMP isn't a transport protocol. It is a control/management protocol at the network layer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51263t=51235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dial out solution [7:51230]
We replaced our Shiva LanRover with a Cisco AS5300. We then purchased a software product called DialOut EZ that allowed for clients to do a remote reverse telnet session and associate it with a com port. It was actually very easy to set up and it was recommended by cisco so the support is there. Thanks, Benjamin Pierce --- neil K. wrote: Hi All, Guys I am currently using a Shiva modem pool for dial out, Is there a Cisco solution for this.The Shiva is not working upto our expectations. Will the Cisco Access Servers or a cisco 3640 with modem card be able to do the same. Any help will be highly apprecisted. Thanks, neiL [EMAIL PROTECTED] __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51265t=51230 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3550 EMI [7:50103]
It will work fine at layer 2 you just can't route IPX with a 3550. Dave Don Queen wrote: What happens if the switch receives an IPX packet? Will it try to route it or drop the packet or will it handle the packet at layer 2 only? I have a customer that interested in using the 3550 but they have Novell servers. Of course using Novell IP shouldn't be a problem but they're still running IPX. - Original Message - From: Chuck To: Sent: Tuesday, July 30, 2002 9:28 AM Subject: Re: 3550 EMI [7:50103] just getting into it. 1500 pages of documentation to read :-O They do IGRP, EIGRP, RIPv1, RIPv2, and OSPF. Don't believe the output of the router ? BGP is expected to be released real soon now, but according to Cisco people I've spoken to, it will not be a full featured release. Limitations as to the number of routes processed and stored, for example ( due to the physical limitations of the switch ) I.e. don't expect to get full BGP routes over your DSL connection. Chuck Symon Thurlow wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone played with the new 3550 EMI switches? They report layer 3 routing etc. Symon -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51267t=50103 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP virtual lab and CCNP routersim [7:51232]
Fadi I used CCNP SwitchSIM, it was crap. I felt like i wasted my money on it. I wont recommend this to any one. Fadi Younes wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear all, I am planning to buy a CCNP simulation software and i am trying to choose between to available software products which are CCNP Cybex Virtual Lab and CCNP RouterSim. Can you advice or comment on both softwares if you used them before. Many thanks in advance. Fadi Younes IT Team Member ARAMEX International P.O.Box 960913, Amman 11196 Jordan http://www.aramex.com Office: +962 6 552 2192 Fax: +962 6 552 7461 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51269t=51232 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dial out solution [7:51230]
In article , [EMAIL PROTECTED] says... We replaced our Shiva LanRover with a Cisco AS5300. We then purchased a software product called DialOut EZ that allowed for clients to do a remote reverse telnet session and associate it with a com port. It was actually very easy to set up and it was recommended by cisco so the support is there. Thanks, Benjamin Pierce --- neil K. wrote: Hi All, Guys I am currently using a Shiva modem pool for dial out, Is there a Cisco solution for this.The Shiva is not working upto our expectations. Will the Cisco Access Servers or a cisco 3640 with modem card be able to do the same. Any help will be highly apprecisted. Thanks, neiL [EMAIL PROTECTED] __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com This is probably a more recent version of the one I mentioned a couple of weeks ago Cisco Dialout. Cisco Dialout became a free download, before it disappeared. Although it's no longer supported it may give you an idea if it's what you want. I don't think I'm doing anybody out of business with this. If you want support, etc, you're going to have to pay for an up to date 3rd party version. A few people asked me for a copy last time and my dial-up connection got hammered, so if you'd like a copy I dumped it on an old web page. This is not a plug, it's just a page I used to sell my road bike and it's gone. Go to www.bikespace.co.uk and click on the download button. Please use at your own risk. Cheers, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51270t=51230 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: scariest IOS image name [7:51251]
Neal Rauhauser wrote: Yes, this is a real image that I downloaded for real work - can anyone top it? c1700-bk8no3r2sy7-mz.122-8.T5.bin -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd I've seen the angels wearing their disguise, ordinary people leading ordinary lives - Tracy Chapman Cool Tracy Chapman quote, though. . . 8^) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51271t=51251 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multilayer Switching, CCO contradicts itself? [7:51272]
Hello all. In the below quote from CCO, is Cisco contradicting themselves in the 2nd paragraph regarding each transport-layer session being a different flow? Or do they mean that IF only the destination IP is used to ID a flow, THEN all diff transport-layer sessions are the same flow? Thanks! URL is: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/layer3/mls.htm Quote is here: A flow is a unidirectional sequence of packets between a particular source and destination that share the same protocol and transport-layer information. Communication from a client to a server and from the server to the client are separate flows. For example, Telnet traffic transferred from a particular source to a particular destination comprises a separate flow from File Transfer Protocol (FTP) packets between the same source and destination. Flows are based only on Layer 3 addresses, which allow IP traffic from multiple users or applications to a particular destination to be carried on a single flow if only the destination IP address is used to identify a flow. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51272t=51272 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RTS down, interface up/up [7:50911]
Too bad nobody else is participating in this interesting thread. I changed the title. Mabye that will help! ;-) Your question boils down to: Does it matter that RTS is down on a serial interface acting as DCE on a router acting as a Frame Relay switch? The interface is connected to the DCE side of a cross-over cable. Your testing reveals that it doesn't matter. The interface is up/up and passing traffic. So you're wondering if RTS really matters. There's a good chance it doesn't matter in this situation. Consider what it stands for: Request to Send. On a full-duplex point-to-point serial interface, the DTE shouldn't have to send RTS before the DCE side asserts Clear to Send (CTS) and accepts incoming data. That stuff was used on old RS-232 multidrop lines, as far as I know. On a multidrop line, it's important that only one station send at a time. So that station has to assert RTS. The DCE side then asserts CTS. When the DTE sees Clear To Send (CTS) it knows it can send. See here for more info on RS-232 and V.35 specifications: http://www.sangoma.com/signal.htm Just out of curiousity, does it work even if that router with the problem is the DTE side? Turn the cross-over cable the other way so that DTE is on the Frame Relay switch side. (That will still work by the way. The side that is doing FR DCE doesn't have to be the 'physical-layer' DCE.) On the new DCE router, specify the clocking. Does the interface still come up/up? If not, then you would have a problem in the real world. In the lab, though, there's no problem. You can just make sure that you connect the DCE side to the interface that seems to have a problem with this signal. Priscilla He Shuchen wrote: Thank you again. Here is the detail information about RTS=down I have 5 routers, and configured the 2520 as Frame Relay Switch. Four 2501 routers connected to it. All other three serial interfaces's singal of 2520 are DCD=up DSR=up DTR=up RTS=up CTS=up, only serial 1's interface status is DCD=up DSR=up DTR=up RTS=down CTS=up. and I have changed cable and routers to the s1, The RTS still down. But it did and do work well. So I want to know Is RTS meaningless? The configuration and show output of 2520's serial 1 R7#sh ru in s1 Building configuration... Current configuration: ! interface Serial1 no ip address no ip directed-broadcast encapsulation frame-relay clockrate 125000 frame-relay lmi-type ansi frame-relay intf-type dce frame-relay route 501 interface Serial0 105 end R7# Serial1 is up, line protocol is up Hardware is HD64570 MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) LMI enq sent 0, LMI stat recvd 0, LMI upd recvd 0 LMI enq recvd 105, LMI stat sent 105, LMI upd sent 0, DCE LMI up LMI DLCI 0 LMI type is ANSI Annex D frame relay DCE Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 Last input 00:00:01, output 00:00:01, output hang never Last clearing of show interface counters 00:17:24 Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 148 packets input, 4350 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 168 packets output, 5832 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=down CTS=up R7# R7# sh fr pvc PVC Statistics for interface Serial0 (Frame Relay DCE) DLCI = 102, DLCI USAGE = SWITCHED, PVC STATUS = ACTIVE, INTERFACE = Serial0 input pkts 41output pkts 211 in bytes 2624 out bytes 79455 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0Num Pkts Switched 41 pvc create time 00:51:45, last time pvc status changed 00:51:35 DLCI = 103, DLCI USAGE = SWITCHED, PVC STATUS = ACTIVE, INTERFACE = Serial0 input pkts 133 output pkts 102 in bytes 10216 out bytes 7776 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0Num Pkts Switched 133 pvc create time 00:51:48, last time pvc status changed 00:38:08 DLCI = 105, DLCI USAGE = SWITCHED, PVC
RE: NAT Keyword has me puzzled [7:51122]
Kelly Cobean wrote: Art, Thanks for the clarification! Can this keyword also be used to map multiple inside LOCAL addresses to a single inside GLOBAL address on different ports? Example follows... Isn't this just asking to do standard overloading onto a single global IP? Or is this a way to do both static one-to-one NAT and also have some overloading as well? I seem to remember on a Cisco router you can do either one-to-one OR overloading but not both at the same time. . .? -Sean. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51274t=51122 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3550 EMI [7:50103]
Thanks, that's what I needed to know. - Original Message - From: MADMAN To: Sent: Monday, August 12, 2002 4:12 PM Subject: Re: 3550 EMI [7:50103] It will work fine at layer 2 you just can't route IPX with a 3550. Dave Don Queen wrote: What happens if the switch receives an IPX packet? Will it try to route it or drop the packet or will it handle the packet at layer 2 only? I have a customer that interested in using the 3550 but they have Novell servers. Of course using Novell IP shouldn't be a problem but they're still running IPX. - Original Message - From: Chuck To: Sent: Tuesday, July 30, 2002 9:28 AM Subject: Re: 3550 EMI [7:50103] just getting into it. 1500 pages of documentation to read :-O They do IGRP, EIGRP, RIPv1, RIPv2, and OSPF. Don't believe the output of the router ? BGP is expected to be released real soon now, but according to Cisco people I've spoken to, it will not be a full featured release. Limitations as to the number of routes processed and stored, for example ( due to the physical limitations of the switch ) I.e. don't expect to get full BGP routes over your DSL connection. Chuck Symon Thurlow wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone played with the new 3550 EMI switches? They report layer 3 routing etc. Symon -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51275t=50103 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multilayer Switching, CCO contradicts itself? [7:51272]
There types of flows: Destination - per {dest} flow Source Destination - per {source/dest address} pair IP (aka Full) Flow - per {source, dest, protocol and port} set Look under the section labeled Flow Mask Modes hth, -mark -Original Message- From: Sean Wolfe [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 4:51 PM To: [EMAIL PROTECTED] Subject: Multilayer Switching, CCO contradicts itself? [7:51272] Hello all. In the below quote from CCO, is Cisco contradicting themselves in the 2nd paragraph regarding each transport-layer session being a different flow? Or do they mean that IF only the destination IP is used to ID a flow, THEN all diff transport-layer sessions are the same flow? Thanks! URL is: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/layer3/m ls.htm Quote is here: A flow is a unidirectional sequence of packets between a particular source and destination that share the same protocol and transport-layer information. Communication from a client to a server and from the server to the client are separate flows. For example, Telnet traffic transferred from a particular source to a particular destination comprises a separate flow from File Transfer Protocol (FTP) packets between the same source and destination. Flows are based only on Layer 3 addresses, which allow IP traffic from multiple users or applications to a particular destination to be carried on a single flow if only the destination IP address is used to identify a flow. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51277t=51272 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CSPFA exam [7:51278]
What is the passing score for the CSPFA exam? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51278t=51278 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: 802.1t extensions to spanning tree [7:51280]
Having done a bit of research here on CCO, I am curious about something. the information regarding number of vlans supported in the Cisco Products Quick Reference Guide seem to have been hastily done. For example, the 6000 series states 4000 vlans are supported, the 4000 series states 1000 vlans are supported, and the 3500 and 3550 series gives no info. Some CCO switch documentation states that there can be 4096 vlans, 4095 vlans, or 4094 vlans, depending upon the particular switch documentation one looks at. On the other hand, it looks to me like the 802.1t extensions to spanning tree reserve 12 bits for vlan identification, meaning that there can be values of zero ( all bits zero ) through 4095 ( all bits set to one ) Since there is no vlan zero that I have ever seen anywhere, I presume that is by standard. One of the CCO documents states that the 4095 value is reserved, meaning that one may have vlans numbered 1 through 4094 Is this the correct conclusion to jump to? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51280t=51280 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: scariest IOS image name [7:51251]
Lets see: b - appletalk k8 - IPSec 56-bit encryption n - Novell o3 - Firewall r2 - IBM sy7 - IP+, reduced from normal IP feature set Sasa CCIE 8635 Neal Rauhauser wrote: Yes, this is a real image that I downloaded for real work - can anyone top it? c1700-bk8no3r2sy7-mz.122-8.T5.bin -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd I've seen the angels wearing their disguise, ordinary people leading ordinary lives - Tracy Chapman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51281t=51251 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Local Cisco office and CCIE [7:51282]
I thought I read once on cisco.com (can not find now) that once you pass the CCIE written your local cisco office will help you prepare for the lab portion with local lab/resources. Was this wishful thinking or do they help? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51282t=51282 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Local Cisco office and CCIE [7:51282]
I work for EDS and our Cisco rep has told me that we are able to use their local lab for CCIE preparation. However, this is only because I work for EDS and we do a lot of business with Cisco. If the company you work for has a Cisco rep, ask them and they should be able to give you an answer. Shawn K. -Original Message- From: NetEng [SMTP:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 8:00 PM To: [EMAIL PROTECTED] Subject: Local Cisco office and CCIE [7:51282] I thought I read once on cisco.com (can not find now) that once you pass the CCIE written your local cisco office will help you prepare for the lab portion with local lab/resources. Was this wishful thinking or do they help? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51283t=51282 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Local Cisco office and CCIE [7:51282]
I believe this is only true for Silver and up if the local Cisco CAM will sponsor you to the ASET program, which has been on, off, on, off... You can contact your local Cisco office to see if the in-house lab engineer will let you practice on their equipment. Last time I checked, the SE was real friendly, as long as he thinks you won't damage anything on the racks. Elmer -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of NetEng Sent: Monday, August 12, 2002 8:00 PM To: [EMAIL PROTECTED] Subject: Local Cisco office and CCIE [7:51282] I thought I read once on cisco.com (can not find now) that once you pass the CCIE written your local cisco office will help you prepare for the lab portion with local lab/resources. Was this wishful thinking or do they help? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51284t=51282 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GBIC's - Cisco and otherwise [7:51148]
When I was learning a bit about SAN's and Fibre Channel, one of my instructors mentioned that there were only 3 manufacturers of GBICs (couple years ago, may have changed by now). I have put GBICs (no long haul stuff) obtained from Nortel, IBM, Compaq, Brocade, Cisco, and unknown into a 3500, a 2950, a Nortel 420, Dell and a couple others just to see if they would work. They did. Fibre Channel GBICs, GigE GBICs, all seemed to work just fine. I'll try it in a 3550 later this month, and it will probably seem to work just fine also. SEEMED to work just fine. I wouldn't do that on a production network, but on a 'oh s$!%' or a giggles and grin basis, yea - no worries. YMMV, VWPBL, OSTCAAT... TTFN, Bill Pearch, Anchorage -Original Message- From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 10, 2002 9:27 AM To: [EMAIL PROTECTED] Subject: OT: GBIC's - Cisco and otherwise [7:51148] I took a bit of a risk, and purchased some GBIC;s off That Auction Site. Of the four, three are Cisco branded, and the fourth is labeled Agilent ( used to be HP ) I had done a bit of investigation prior to purchase. I see that the Auction Site has listings for Agilent, IBM, and Extreme GBIC's, as well as Cisco. However, I was unable to find any direct and clearly stated indication that all GBIC's are interchangeable. IBM and Agilent GBIC's cost few pretty pennies less than Cisco BTW, although I suspect now that the same source OEM's for all these manufacturers. So I paid my money, took my chance, and have an Agilent GBIC on one switch connected to a Cisco GBIC on another. No connectivity problems. Came right up. Is passing traffic even as I write. Thinking logically, why should GBIC's be any different that NIC's or patch cables, transceivers of various sorts and brands, or CSU/DSU's? They are all build to industry specifications and industry standards. They all do the same thing. Just thought I'd pass that along to those trying to stretch their practice lab or network upgrade dollars. [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51285t=51148 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
flash RAM upgrade for WS-X5550 Sup III G [7:51286]
8/12/20029:02pm Monday Anyone know a CHEAP source for flash RAM for above ? I want to upgrade my home lab RLP_NIU_5505 (enable) RLP_NIU_5505 (enable) sho version WS-C5505 Software, Version McpSW: 6.3(8) NmpSW: 6.3(8) Copyright (c) 1995-2002 by Cisco Systems NMP S/W compiled on Jul 30 2002, 22:35:56 MCP S/W compiled on Jul 30 2002, 22:21:10 System Bootstrap Version: 5.1(1) Hardware Version: 1.0 Model: WS-C5505 Serial #: 6304970035 Mod Port Model Serial # Versions Mod Port Model Serial # Versions 1 2WS-X5550 024411176 Hw : 1.2 Fw : 5.1(1) Fw1: 5.2(1) Sw : 6.3(8) 2 12 WS-X5203 00949 Hw : 1.1 Fw : 3.1(1) Sw : 6.3(8) 3 24 WS-X5224 40740 Hw : 1.4 Fw : 3.1(1) Sw : 6.3(8) 4 24 WS-X5224 00072 Hw : 1.4 Fw : 3.1(1) Sw : 6.3(8) 5 24 WS-X5224 06090 Hw : 1.4 Fw : 3.1(1) Sw : 6.3(8) DRAMFLASH NVRAM Module Total UsedFreeTotal UsedFreeTotal Used Free -- --- --- --- --- --- --- - - - 1 32768K 18998K 13770K 8192K 3923K 4269K 512K 187K 325K Uptime is 0 day, 0 hour, 30 minutes RLP_NIU_5505 (enable) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51286t=51286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ATM Emulator ? [7:50990]
Couldn't you use FUNI for this, in some weird twisted way. I've never tried this, but it may work. David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 08, 2002 5:19 PM To: [EMAIL PROTECTED] Subject: ATM Emulator ? [7:50990] Anyone know of any way to emulate a ATM link? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51287t=50990 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: New CCIE RS Exam thoughts... [7:51130]
Hi Raj I would like to know what books you use to prepare for new CCIE RS. thanks regards jagan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51288t=51130 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Solution to: Redistributing BGP into OSPF [7:51289]
Hello all, thank you for your help with the problem I was having. I am responding to let you know what the solution was. There is a restriction in BGP that prevents it from redistributing Ibgp routes into any other routing protocol. You can over come this limitation using the following commands. router bgp nnn bgp redistribute-internal This is a command that was introduced in a 12.x ios. If you use this solution, you must have filtering in place to prevent routing loops. -Ejay _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51289t=51289 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Off Topic - First Look - Troubleshooting Campus Networks [7:51290]
Folks, it is always a pleasure to read a well written technical book, and Troubleshooting Campus Networks is no exception. Priscilla Oppenheimer and co-author Joseph Bardwell have created an outstanding book, one which will occupy a place of honor on my bookshelf, right next to Top Down Network Design. This book goes into a lot of detail, making it an excellent choice for study and for life with real networks. Examples abound. As does good advice for design and troubleshooting. For example, in the chapter on switching, the authors point out good reasons why one should NOT directly link two core switches in a typical core / distribution / access design. Having seen many such designs where high level engineers with years of good experience have done just that, with the belief that more redundancy is better, it is nice to read a solid explanation of the opposite. From what I have read so far, I am guessing that the actual writing was locked down six months ago. There is no discussion of the Cisco 3550 line of switches, no discussion of 802.1t STP extensions, and no discussion of 802.1q tunneling, for example, which if nothing else serves to show how fast this business continues to change. For those who think I am sucking up, you are absolutely right. I am. But only because I am thankful for the advice and guidance that PO has given to me and to many others on this list, both directly and indirectly. I want to ensure that the flow of good advice continues. :- So check it out http://www.amazon.com/exec/obidos/ASIN/0471210137/ref=pd_rhf_p_1/002-3394114 -4544058 watch the wrap This is most definitely a book for those looking for good solid information for work and for study. You will most definitely find both here. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51290t=51290 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ADSL routers [7:51250]
define full the 827 can do many things, including 3DES and firewall feature set, but supports only RIP and EIGRP. no fun finding that out the hard way. :- I like your idea about the 26xx with the DSL WIC. I've used the DSL WICs in production for customer networks ( on the 1720 series ) and have been quite pleased, except for that one hardware failure in Fresno. And Cisco TAC identified the problem as hardware and replaced the card very quickly indeed. Chuck -- TANSTAAFL there ain't no such thing as a free lunch Robert A. Heinlein may his soul grumble in peace Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can anyone suggest a good router to get for ADSL? I want to utilize a full IOS, and not a dumbed down version. Or should I just go with a 2600 with an ADSL card. This firewall will be for a home connection, but I am the type to mess around with the routers, try to do different things with Pix firewalls, security, servers and whatnot. I know netgear routers work well for some people, but I want to use my router as something functional and as educational at the same time. What would be the cheapest way to go for an ADSL router, with full IOS capabilities. Thanks in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51291t=51250 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RS Lab Study Partner in Hampton Roads, VA [7:51292]
Hi, If you are scheduled for the lab and live in the Hampton Roads Or Tidewater, VA area, please contact me offline if you are Interested in a study partner. [EMAIL PROTECTED] Elmer Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51292t=51292 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]