RE: ccnp routing [7:54579]
No, we were discussing the BSCI 640-901 exam. You're OK taking the 640-603 until 10/25 providing you registered for it by 9/13. Shawn K. > -Original Message- > From: sisco [SMTP:[EMAIL PROTECTED]] > Sent: Thursday, October 03, 2002 9:37 PM > To: [EMAIL PROTECTED] > Subject: Re: ccnp routing [7:54579] > > is 603 already abolished ?? am planning to take 603 next week, i thought > it'll be change on OCT 25? > > thanks! > > > > ""Kaminski, Shawn G"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > You need to know IS-IS, BGP, EIGRP, and OSPF equally well for the exam > > because each exam will be different. When I took my routing exam (the > old > > one), I had almost all OSPF (I think it was OSPF. I know it was very > > one-sided on one of the routing protocols). Other people I talked with > said > > their exams were very one-sided on different routing protocols (one said > > BGP, the other said EIGRP). I'm sure the new exam is the same way. You > never > > know what you're going to get! > > > > Shawn K. > > > > > -Original Message- > > > From: John Brandis [SMTP:[EMAIL PROTECTED]] > > > Sent: Monday, September 30, 2002 11:49 PM > > > To: [EMAIL PROTECTED] > > > Subject: RE: ccnp routing [7:54579] > > > > > > Wow, I am the opposite. I use OSPF as much as possible here, mainly > due > to > > > the fact I had used it whilst in my early stages of networking. I > really > > > like OSPF and love how it it scales nicely in my networks. I honestly > > > thought that a large portion of the routing test would be focused on > OSPF. > > > Guess I am wrong (again). > > > > > > Good luck and conratulations on your score. > > > > > > Hope the NZ Warriors have similar luck on Sunday night. > > > > > > John > > > > > > > > > -Original Message- > > > From: Simon Dartford [mailto:[EMAIL PROTECTED]] > > > Sent: Tuesday, October 01, 2002 12:24 PM > > > To: [EMAIL PROTECTED] > > > Subject: RE: ccnp routing [7:54579] > > > > > > > > > I sat this yesterday! > > > > > > It is a bit differnet, and in my opinion, better. > > > > > > Better because there is actual router simulation involved. I had to > > > configure OSPF on one! > > > > > > I was caught out on IS-IS as I only started to study that at 6am the > > > morning > > > on the exam. My diligence was rewarded with %20 on IS-IS content. I > fared > > > better overall and go an excellent overall score (considering my > > > performance > > > on IS-IS). > > > > > > It focussed mainly on IS-IS (approx 10 questions), OSPF and BGP. Very > > > little > > > on EIGRP. I have only really ever configured EIGRP and BGP and I still > did > > > ok. Never seen OSPF before or since! > > > > > > I studied for one week beforehand. I used the old Ciscopress 503 exam > > > guide. > > > This was ok and went into more depth than the exam did. I borrowed the > > > course notes for the IS-IS content, but did not retain anything much > in > > > the > > > hour between 6am and 7am! > > > > > > IMHO, you will be fine with having done the course and a bit of > revision. > > > Some have said in cramsession it was way hard - only hard if you have > not > > > prepared well! I relied on my practical experience and just browsed > the > > > book. In the final 10 minutes, I was sure I had failed, as all the > IS-IS > > > questions were at the end. I was running through my head when I should > > > resit, only to be surprised (really surprised...) that I had passed! > > > > > > Hope this info is helpful > > > > > > > > > Simon Dartford > > > Design Engineer > > > Advanced Solutions > > > Telecom New Zealand > > > > > > Internet: [EMAIL PROTECTED] > > > Phone: +64 4 382-5453 > > > Fax: +64 4 385-1223 > > > Mobile: 025 243 7989 > > > > > > Important: This electronic message and attachments (if any) are > > > confidential > > > and may be legally privileged. If you are not the intended recipient > do > > > not > > > copy, disclose or use the contents in any way. Please let us know by > > > return > > > email immediately and then destroy this message. > > > > > > > > > > > > > > > -Original Message- > > > From: Jesus Velazquez [mailto:[EMAIL PROTECTED]] > > > Sent: Tuesday, 1 October 2002 10:35 > > > To: [EMAIL PROTECTED] > > > Subject: ccnp routing [7:54579] > > > > > > > > > i'm sitting in on the routing 901 bsci (new exam) next week...any good > > > advice or look outs for the exam?? i took the global knowledge course > 2 > > > weeks ago and have the older version of the boson routing for exam > 603. > > > should this be suffice. i heard the cisco press routing book is not a > very > > > good book for this course. thanks > > > - > > > "This communication, including any attachments, is confidential. If > you > > > are > > > not the intended recipient, you should not read it - please contact me > > > immediately, destroy it, and do not copy or use any part of this > > > communication or disclose anything about it. Thank you." > > > > > > > > ---
RE: NAT [7:54838]
it's on the router... Check 'nat on the stick' config examples. Traffic HAS to go through a 'ip nat inside' and 'ip nat outside' interfaces to be Natted. If it goes only through "ip nat inside" interface, Nat will not happen... -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brett spunt Sent: Thursday, October 03, 2002 8:44 PM To: [EMAIL PROTECTED] Subject: RE: NAT [7:54838] Hosts files, or local dns server pointing to private ip address, or use a pix firewall with the following command "alias (inside) 255.255.255.255 which will doctor the dns reply for you. check out the following link... http://www.cisco.com/warp/public/110/alias.html Brett spunt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Joe Middleton Sent: Thursday, October 03, 2002 5:23 PM To: [EMAIL PROTECTED] Subject: NAT [7:54838] Hi All, I am trying to set up NAT on a cisco 2600 router. Everything seems to be working except that I can not access resources on the inside using there public IP address from the inside. From the internet the router translates the public addresses to private addresses, but from the inside I have to use the private address to access any resource. How can I get the router to translate requests that originate from the inside? Any help would be greatly appreciated. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54855&t=54838 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Scenerio [7:54824]
Just use "static (inside, outside) 172.16.20.0 172.16.20.0 netmask 255.255.255.0" and then create conduits for the type of traffic you want to allow from the outside to the inside. -- Lidiya White -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Azhar Teza Sent: Thursday, October 03, 2002 1:27 PM To: [EMAIL PROTECTED] Subject: PIX Scenerio [7:54824] In this PIX Scenerio, What will be the best option. Note: PIX is being used between the two Private networks. I am just treating the outside interface as one of the users' subnets. I have 10 users on outside interface (Network 192.168.40.0) want to have an acess to the some resources in the inside (Network 172.16.20.0). Instead of statically mapping each IP address from the users to the inside resources, can I justdo this: static (inside, outside) 192.168.40.0 172.16.20.0 netmask 255.255.255.0, and then apply conduit For Example, conduit permit tcp host 192.168.40.5 (User's IP address) 172.16.20.5 (File Server) and so on, or will it be better to statically map each user ip address to the resource ip address, and then open the conduit static (inside, outside) 192.168.40.5(user's computer) 172.16.20.5 (File Server) netmaks 255.255.255.255. I think I can't statically map the actual user IP address. I am gonna have to use an unused IP address from the user's subnet (192.168.10.0). Please let me know. Thanks, Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54854&t=54824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN Passed. [7:54732]
Cool. cong to you. amir Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54853&t=54732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN Passed. [7:54732]
hi, well as far as simulation Q is concerned .In exam i had only one Q & that was a frame relay question. In routing i had one Question as well & that was OSPF question. I used simulation software at home but in exam it noo it was a bad choice to put that type of format. it doesn't support anything. If cisco want to have simulation questions thay should have a batter simulation software. first in exan computer took long time to load that Q & after that it was working very slow. anyway if you know how to configure.U won't have any problem amir Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54852&t=54732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT [7:54838]
Hi, ip nat inside source static private public ip ./Msava -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Joe Middleton Sent: Friday, October 04, 2002 3:23 AM To: [EMAIL PROTECTED] Subject: NAT [7:54838] Hi All, I am trying to set up NAT on a cisco 2600 router. Everything seems to be working except that I can not access resources on the inside using there public IP address from the inside. From the internet the router translates the public addresses to private addresses, but from the inside I have to use the private address to access any resource. How can I get the router to translate requests that originate from the inside? Any help would be greatly appreciated. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54851&t=54838 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Visio 2k Stencils [7:54804]
The following link may help you on your request. http://www.cisco.com/warp/customer/503/icons1.zip http://www.cisco.com/warp/customer/503/icons2.zip http://www.cisco.com/warp/customer/503/icons3.zip http://www.cisco.com/warp/customer/503/icons4.zip Amnuay Mekchompu Tel : +66 (0) 2937 0800 ext. 494 Fax : +66 (0) 2937 0819 > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > [EMAIL PROTECTED] > Sent: Thursday, October 03, 2002 10:13 PM > To: [EMAIL PROTECTED] > Subject: Visio 2k Stencils [7:54804] > > Anybody got stencils for catalyst 6513s and corresponding cards that they > can send me or know where I could get them? > > > > Thanks, > > Mario Puras > SoluNet Technical Support Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54850&t=54804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Period to take ccnp tests [7:54848]
There are only two other exams for the CIPTS bro, CVOICE and CIPT. no no time limit -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Leonardo Rocha Sent: Thursday, October 03, 2002 11:47 PM To: [EMAIL PROTECTED] Subject: Period to take ccnp tests [7:54848] Guys, if one take a ccnp exam today, is there a time limit to take the other 3 exams or else the exam gets invalid? Can someone help me? tks a lot, leo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54849&t=54848 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Period to take ccnp tests [7:54848]
Guys, if one take a ccnp exam today, is there a time limit to take the other 3 exams or else the exam gets invalid? Can someone help me? tks a lot, leo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54848&t=54848 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN tunnel with IPSec over GRE [7:54634]
10/3/20029:45pm Thursday When I loook @ the link you referenced I can honestly see why I love Cisco & truly regret working on Bay/Nortel routers & switches for 2 1/2 years before ever touching Cisco & letting my ego headed boss bully me into getting the Nortel Networks Certified Support Expert ! Try to find something like this link on Nortel's useless web site. Try to find out how to recover the password on theie ASN router by looking on thier useless web site ! All they have is marketing. Cisco tells us how to do the job. Good Night wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > > I think the following URL could help: > > http://www.cisco.com/warp/public/105/56.html > > Regards, > > Alaerte > > > > > > > "Richard Deal" @groupstudy.com em 01/10/2002 > 13:26:29 > > Favor responder a "Richard Deal" > > Enviado Por: [EMAIL PROTECTED] > > > Para: [EMAIL PROTECTED] > cc: > > Assunto:Re: VPN tunnel with IPSec over GRE [7:54634] > > > It's probably an MTU problem. > > I have an IPSec connection being tunneled via GRE, which in turn, is > tunneled by another IPSec connection. Don't ask why I'm doing this :-) But > we had to set the MTU down to 1320 to prevent fragmentation, and thus > performance, issues. > > In your case, you might want to try using the extended ping with the "no > fragment" option to determine which MTU size will work in your situation. > > Cheers! > > Richarde > ""Thomas N."" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi All, > > > > I am setting up a site-to-site VPN between 2 LANs using Cisco IOS VPN > (Cisco > > 2600 routers). I could get the tunnel up and running between the two > LANs > > with IPSec over GRE so that I can run EIGRP. Data transfer between 2 > LANs > > across the tunnel looks OK, and all dynamic routes learned with EIGRP. > > However, a problem come up when I put a Proxy Server on the first LAN and > > force Internet traffic from workstations from the second LAN to go out > with > > this Proxy server. Workstations from the second LAN could browse > Internet > > across the tunnel to reach the Proxy server then hit the Internet; > however, > > the performance is very poor (seem like browsing over a 56k modem). I am > > thinking this may be because of fragmentation on the 2 routers. Is there > > any work around for this issue? If MTU size needs to be adjusted, what > > would be the ideal MTU size for IPSec over GRE tunnel in "tunnel" mode? > > Again, thank you All for the help! > > > > Thomas N. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54846&t=54634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BVI at OC3 speed [7:54828]
IRB is in CEF path, what pkts size you are expecting for your line rate ;-) However you can get much better perf.with 1483 since it is PXF accelerated, but for that you need NSE1... thanks, rahul. ""MADMAN"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Has anyone out there ever configured a 7200 with a bridged OC3 > interface that is then routed via a BVI?? The config is not the issue > but can the router handle it as this link will be heavily used. Since > the bridged to routed conversion is done in software I don't have a warm > fuzzy about this but the customer doesn't understandably want to buy > another router and just let the 7200 be a bridge. > > If your wondering what the hell, this is for an LSS, LAN Switching > Service, application which by tarriff is a fully meshed, bridged ATM > service that extends 10 or 100M ethernet. > > Thanks > > Dave > -- > David Madland > CCIE# 2016 > Sr. Network Engineer > Qwest Communications > 612-664-3367 > > "You don't make the poor richer by making the rich poorer." --Winston > Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54845&t=54828 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay: connectionless or connection-orie [7:54747]
Howard, I would like to hear your brief arguement on X.25 Fast Select as a connectionless protocol. In (a paltry) defense of it being a connection-oriented, doesn't the fast select option allow for data transfer in the control packets? Just curious as to your input here and sort of playing devil's advocate. Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54844&t=54747 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN Passed. [7:54732]
Congrats, I passed DQoS today! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jimmy Sent: Thursday, October 03, 2002 8:52 PM To: [EMAIL PROTECTED] Subject: Re: BCRAN Passed. [7:54732] How is the simulation question? Easy? How many simulation question altogether? ""Amir Tahir"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > HI, > I used Cisco certification guid, Sybex exam notes and amother book named " > Remote access for cisco networks by bill burton. exam was ok but i had > problems in simulation Question. I could not perform the command > " copy run start" i was keep geeting wrror. then i tried "wr" command to > cave running configuration but could not save it. so i let that Question go > without that. rest was ok not that bad > I spent almost 6-10 hrs a day to review stuff & finish cisco book almost 4 > times, coz i m not working in cisco networks yet so > > thanks for your mail > if U have any Q please feel free to ask. > regards > Amir Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54843&t=54732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT [7:54838]
Hosts files, or local dns server pointing to private ip address, or use a pix firewall with the following command "alias (inside) 255.255.255.255 which will doctor the dns reply for you. check out the following link... http://www.cisco.com/warp/public/110/alias.html Brett spunt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Joe Middleton Sent: Thursday, October 03, 2002 5:23 PM To: [EMAIL PROTECTED] Subject: NAT [7:54838] Hi All, I am trying to set up NAT on a cisco 2600 router. Everything seems to be working except that I can not access resources on the inside using there public IP address from the inside. From the internet the router translates the public addresses to private addresses, but from the inside I have to use the private address to access any resource. How can I get the router to translate requests that originate from the inside? Any help would be greatly appreciated. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54842&t=54838 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ccnp routing [7:54579]
is 603 already abolished ?? am planning to take 603 next week, i thought it'll be change on OCT 25? thanks! ""Kaminski, Shawn G"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > You need to know IS-IS, BGP, EIGRP, and OSPF equally well for the exam > because each exam will be different. When I took my routing exam (the old > one), I had almost all OSPF (I think it was OSPF. I know it was very > one-sided on one of the routing protocols). Other people I talked with said > their exams were very one-sided on different routing protocols (one said > BGP, the other said EIGRP). I'm sure the new exam is the same way. You never > know what you're going to get! > > Shawn K. > > > -Original Message- > > From: John Brandis [SMTP:[EMAIL PROTECTED]] > > Sent: Monday, September 30, 2002 11:49 PM > > To: [EMAIL PROTECTED] > > Subject: RE: ccnp routing [7:54579] > > > > Wow, I am the opposite. I use OSPF as much as possible here, mainly due to > > the fact I had used it whilst in my early stages of networking. I really > > like OSPF and love how it it scales nicely in my networks. I honestly > > thought that a large portion of the routing test would be focused on OSPF. > > Guess I am wrong (again). > > > > Good luck and conratulations on your score. > > > > Hope the NZ Warriors have similar luck on Sunday night. > > > > John > > > > > > -Original Message- > > From: Simon Dartford [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, October 01, 2002 12:24 PM > > To: [EMAIL PROTECTED] > > Subject: RE: ccnp routing [7:54579] > > > > > > I sat this yesterday! > > > > It is a bit differnet, and in my opinion, better. > > > > Better because there is actual router simulation involved. I had to > > configure OSPF on one! > > > > I was caught out on IS-IS as I only started to study that at 6am the > > morning > > on the exam. My diligence was rewarded with %20 on IS-IS content. I fared > > better overall and go an excellent overall score (considering my > > performance > > on IS-IS). > > > > It focussed mainly on IS-IS (approx 10 questions), OSPF and BGP. Very > > little > > on EIGRP. I have only really ever configured EIGRP and BGP and I still did > > ok. Never seen OSPF before or since! > > > > I studied for one week beforehand. I used the old Ciscopress 503 exam > > guide. > > This was ok and went into more depth than the exam did. I borrowed the > > course notes for the IS-IS content, but did not retain anything much in > > the > > hour between 6am and 7am! > > > > IMHO, you will be fine with having done the course and a bit of revision. > > Some have said in cramsession it was way hard - only hard if you have not > > prepared well! I relied on my practical experience and just browsed the > > book. In the final 10 minutes, I was sure I had failed, as all the IS-IS > > questions were at the end. I was running through my head when I should > > resit, only to be surprised (really surprised...) that I had passed! > > > > Hope this info is helpful > > > > > > Simon Dartford > > Design Engineer > > Advanced Solutions > > Telecom New Zealand > > > > Internet: [EMAIL PROTECTED] > > Phone: +64 4 382-5453 > > Fax: +64 4 385-1223 > > Mobile: 025 243 7989 > > > > Important: This electronic message and attachments (if any) are > > confidential > > and may be legally privileged. If you are not the intended recipient do > > not > > copy, disclose or use the contents in any way. Please let us know by > > return > > email immediately and then destroy this message. > > > > > > > > > > -Original Message- > > From: Jesus Velazquez [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, 1 October 2002 10:35 > > To: [EMAIL PROTECTED] > > Subject: ccnp routing [7:54579] > > > > > > i'm sitting in on the routing 901 bsci (new exam) next week...any good > > advice or look outs for the exam?? i took the global knowledge course 2 > > weeks ago and have the older version of the boson routing for exam 603. > > should this be suffice. i heard the cisco press routing book is not a very > > good book for this course. thanks > > - > > "This communication, including any attachments, is confidential. If you > > are > > not the intended recipient, you should not read it - please contact me > > immediately, destroy it, and do not copy or use any part of this > > communication or disclose anything about it. Thank you." > > > > -- > > -- > > - > > - > > > > [GroupStudy.com removed an attachment of type text/x-vcard which had a > > name > > of Simon Dartford (E-mail).vcf] > > ** > > > > visit http://www.solution6.com > > > > UK Customers - http://www.solution6.co.uk > > > > * > > This email message (and attachments) may contain information that is > > confidential to Solution 6. If you are not the intended recipient you > > cannot >
Re: Dual CCIE and Recertification [7:54799]
No, you dont have to re-cert both. thanks, -Brad Ellis CCIE#5796 (R&S / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) ""Jim Haynes"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I know if you have one CCIE and pass a second one it counts as > recertifiying, however does this mean you would have to recertify both in > the future by taking the written for each one, For example, Security and > R&s? > > Jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54815&t=54799 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VWIC 2MFT-T1 [7:54796]
What type of router and IOS? There are/were limitations depending on those, but data is possible. You would set up a channel-group on the controller t1 interface and define the used timeslots. This creates a logical/virtual serial interface which you can configure like any other serial interface cfg is done. sample: controller t1 x/y channel-group 1 timeslots 1-24 int serialx/y:1 ip address x.x.x.x y.y.y.y encaps ppp/frame/whatever The :1 is the channel #, so if your channel-group was 2 this would be serialx/y:2 HTH, Erick --- "[EMAIL PROTECTED]" wrote: > Has any one configured a Data T1 on the following > card (VWIC 2MFT-T1)? This > is very different from what I've seen in the past... > > I've been looking on CCO for data configuration, but > haven't found anything. > They say it's possible. > > Cheers, > mkj > > ~~~ > Michael Jablonski > ABN AMRO Asset Management Holdings, Inc. > 161 North Clark St. > 9th Flr > Chicago, IL 60601-2468 > PH: 312.884.2996 > FAX: 312.278.5550 > ~~~ [EMAIL PROTECTED] __ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54841&t=54796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VWIC 2MFT-T1 [7:54796]
What type of router and IOS? There are/were limitations depending on those, but data is possible. You would set up a channel-group on the controller t1 interface and define the used timeslots. This creates a logical/virtual serial interface which you can configure like any other serial interface cfg is done. sample: controller t1 x/y channel-group 1 timeslots 1-24 int serialx/y:1 ip address x.x.x.x y.y.y.y encaps ppp/frame/whatever The :1 is the channel #, so if your channel-group was 2 this would be serialx/y:2 HTH, Erick --- "[EMAIL PROTECTED]" wrote: > Has any one configured a Data T1 on the following > card (VWIC 2MFT-T1)? This > is very different from what I've seen in the past... > > I've been looking on CCO for data configuration, but > haven't found anything. > They say it's possible. > > Cheers, > mkj > > ~~~ > Michael Jablonski > ABN AMRO Asset Management Holdings, Inc. > 161 North Clark St. > 9th Flr > Chicago, IL 60601-2468 > PH: 312.884.2996 > FAX: 312.278.5550 > ~~~ [EMAIL PROTECTED] __ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54840&t=54796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN Passed. [7:54732]
How is the simulation question? Easy? How many simulation question altogether? ""Amir Tahir"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > HI, > I used Cisco certification guid, Sybex exam notes and amother book named " > Remote access for cisco networks by bill burton. exam was ok but i had > problems in simulation Question. I could not perform the command > " copy run start" i was keep geeting wrror. then i tried "wr" command to > cave running configuration but could not save it. so i let that Question go > without that. rest was ok not that bad > I spent almost 6-10 hrs a day to review stuff & finish cisco book almost 4 > times, coz i m not working in cisco networks yet so > > thanks for your mail > if U have any Q please feel free to ask. > regards > Amir Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54839&t=54732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT [7:54838]
Hi All, I am trying to set up NAT on a cisco 2600 router. Everything seems to be working except that I can not access resources on the inside using there public IP address from the inside. From the internet the router translates the public addresses to private addresses, but from the inside I have to use the private address to access any resource. How can I get the router to translate requests that originate from the inside? Any help would be greatly appreciated. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54838&t=54838 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused about MTU size [7:54689]
You went through the troubleshooting process. You defined the problem and then gathered data. I never said go through the OSI layers as you may be implying. I said to use Cisco's troubleshooting method as taught in CIT and probably still at the bottom of this message. There's no mention of OSI in their method. One piece of data you have to gather is what tends to break in this situation. Knowing what's likely to break is part of proactive network management. I would have also put a Sniffer on it and determined what was actually breaking as part of the gathering data step. I would like to know why just that one part of the application broke, what actually "broke", and why changing the MTU fixed it. I can be a better troubleshooter if I know why I'm making some change. I can get a better idea of what else the change might affect or where else I might run into a similar problem. Why live in the dark like a "user?" Maybe if you didn't spend so much on your credit card, there wouldn't have been an issue? ;-) Serisouly, why would just that part break? Isn't it weird? Did changing the MTU fix the Outlook problem for that other guy? I haven't seen an answer to that. Priscilla Chuck's Long Road wrote: > > While ordinarily I would defer to your extensive experience and > superior > powers of observation, Cil, I'm going to present a real world > situation, and > let's see how what you say below stands up under scrutiny. I am > not saying > your approach and your advice is suspect. It is excellent, and > to be heeded. > > However... > > > Problem description. > > There is a web based application I use for expense reporting. > The > application uses java scripting. This application has two > components. The > first component is for creating cash expense reports. Things > like mileage, > Bridge tolls. Parking. Any business expense for which I pay > with cash. The > other component is for creating credit card expense reports. > Car rental, > hotel, meals, etc. > > While connected to the company VPN, I am able to create my cash > expense > reports with no problem. > > While connected to the company VPN I cannot create credit card > expense > reports. > > So lets go through the troubleshooting methodology. I am going > to blow off > physical, data link, and network layer problems because I have > no problems > using any other application, I have no problem connecting to > what I need to > connect to, etc. > > Transport layer? Well,,, OK I have no way of telling. > Obviously, sniffer > traces would be helpful. So lets keep transport layer ( TCP ) > problems in > mind. Maybe the firewall is blocking a port that the > application uses. > > Layers 5 and 6? Well... let's blow that off too, because I > doubt that anyone > could come up with anything plausible here, particularly in the > IP world. > > That brings us to layer 7 - application layer. > > Now let me state that I appreciate that in the world of OSI, > application > does not mean the same thing that it does in the world of > computer software. > > But if you have a case where everything else is fine, and only > this one > component of this one application is malfunctioning, is it > reasonable to > suspect that the problem lies in the "application"? > > Seems so to me. > > But here is the kicker. > > If I am in the office, connected to the company LAN, the > application works > just fine. I can create the credit card expense report with no > problem. Same > if I am dialed up via ISDN or analogue telephone line. App > works fine. I can > create expense reports just fine. > > So - it is not an "application problem. The only variable here > is the > company VPN > > As I said earlier, given this information, I suspected that a > firewall was > blocking a needed TCP or UDP port. > > When I called the company help desk and described the problem, > and included > the information that the app worked fine where it did, and the > problem was > only when I used the VPN, the immediate answer was to change > the MTU size. > > Now tell me, where in the troubleshooting process does anything > indicate an > MTU problem? It doesn't "sound" like an MTU problem. After all, > everything > else works just fine. > > So I argued a bit, and was told to shut up and change the MTU > size as > controlled by the Cisco VPN software client. > > Grumbling, I did so, tested, and voila I can now create my > credit card > expense reports with no problem. > > I keep beating on this, because I don't know how anyone can > conclude that > something is or is not an MTU problem given that MTU size > adjustments seem > to cure so many of these problems. There seems to be no rhyme > or reason to > it. It is not consistent across application. For example, I > used Outlook > just fine across the VPN prior to this MTU change. Not to > mention every > other app I need. So while the problem does not "LOOK" like an > MTU problem > ( and what exactly in my troubleshooting process
Re: How to dial in & power up home lab?? [7:54768]
In article , [EMAIL PROTECTED] says... > Dear GroupStudy, > > Here is my interesting dilemma. I hope someone can lend some insight... > > 1 - I only have dial-up (no cable modem - i.e. no constant connection to > Internet). > 2 - I travel for work, so I'm not home very often. > 3 - I have a lab that I would like to use rather often. > 4 - I do not want to spend a lot of $$ on long distance to dial up my > lab. > 5 - I also do not want to spend a lot of $$ on electricity if the lab is > not in use. > 6 - I have (will have) an APC MasterSwitch PDU that I know can be used > to remotely power up/power down the lab. > 7 - The lab consists of all 2500 series routers (7 of them). > > I do not know if I can dial in to the PDU in order to power up the lab > (this I can figure out). Once the lab is powered up, is there a way to > have one of the routers dial up my ISP? But then, how would I know what > the IP address of the router is (since the ISP uses DHCP) in order to > telnet to the lab? > > One of the solutions I have thought of is to dial up my PC (with wake on > LAN - if that works on the modem), disconnect. Then the dial up > connection would be in my startup folder so the PC would dial the ISP > automatically. Then I would dial up the ISP from wherever I would be. > Then I still have the problem of knowing my IP address. A friend said > to use ICQ. I don't know how that works, but will try it. > > I think I have covered everything. Thanks in advance for any help. > > Jake Secrist I set a similar thing up at home although it doesn't answer all of your questions it may give you other ideas. Try www.no-ip.com. For simple dynamic DNS they offer a free service. It seems to work fine for me. I use Windows XP remote desktop to a home PC and connect to everything else from there. Bit of a strange set-up, but I use Internet Connection sharing on the XP box and all the routers sit behind that. I suppose the security may not be wonderful?? but to be honest I don't care. The XP machine can be re-built in minutes (ish). I don't have the problem of remote power on, as I have a much more complicated and infinitely more expensive device which powers everything on when needed. Unfortunately she's not always in when I call, but you can't have everything :-) Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54836&t=54768 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need to make an access port very slow on a 2950 [7:54764]
Thanks mate, I will put that config on my managers port this afternoon and have a go at it. -Original Message- From: Vance Krier [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 5:07 PM To: [EMAIL PROTECTED] Subject: Re: Need to make an access port very slow on a 2950 [7:54764] Hey John, One thing that comes to mind is rate-limiting. Do you have L3? Maybe you could create a new vlan (to make all traffic go through the L3 device) with a new subnet and drop that port/pc into that vlan. Then setup an access-list and rate limit commands to throttle that traffic to 9600. Something like this: access-list rate-limit 110 interface rate-limit input access-group rate-limit 110 9600 0 0 conform-action transmit exceed-action drop rate-limit output access-group rate-limit 110 9600 0 0 conform-action transmit exceed-action drop Good luck, Vance ""John Brandis"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi All, > > Without going into it to much, I really would like to set some type of > policy where by a user's PC on port 5 of my 2950 switch, has access to > the rest of the LAN at 9.6kb/s..Can this be done on the switch, or do > I need to > do this on my 4006 ? > > John > Sydney Australia > > > ** > > visit http://www.solution6.com > > UK Customers - http://www.solution6.co.uk > > * > This email message (and attachments) may contain information that is > confidential to Solution 6. If you are not the intended recipient you cannot > use, distribute or copy the message or attachments. In such a case, please > notify the sender by return email immediately and erase all copies of > the message and attachments. Opinions, conclusions and other > information in this message and attachments that do not relate to the > official business of > Solution 6 are neither given nor endorsed by it. > * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54835&t=54764 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Console Connection / Firmware Upgrade via Xmodem on "antique" [7:54834]
The hyperlink below describes my problem exactly. I have an older catalyst 1900 with a DB9 console port rather than the newer RJ45 connector. My rollover cable/DB9 connector won't work. I do get output when I go into the diagnostic console but not when the switch boots. Up until the point when I deleted my firmware I was getting the ATQ0H0 (see link below) garble only. http://www.groupstudy.com/archives/cisco/200101/msg00790.html Too add insult to my injury I tried to upgrade the firmware and it failed. Now, sans any firmware on the switch, I can only get into the diagnostic console but when I try to download the new firmware via XModem it fails. I tried to make new DB9 null modem connectors per the Cisco web site (link in the URL above) but I get nothing when using them. I'm still using a rollover cable but have the pins on the DB9 connectors crossed over per Cisco's website. The body of the message (the part from David) above isn't readable (the formatting didn't get preserved in the post) so I can't try his recommendation. Can someone please help me out with some specific guidance? I could use it. Thanks. Colin Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54834&t=54834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused about MTU size [7:54689]
Let's see the Cisco VPN client gives you four choices - default ( doesn't state size - I assume 1500 ), 572, 1400, and custom. I see I actually lied earlier. I changed the MTU down to 1200, not 600. I must have been thinking "full duplex" ;-> Chuck -- www.chuckslongroad.info like my web site? take the survey! ""Mossburg, Geoff (MAN-Corporate)"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > That's interesting. I have a call center user who uses an ACD client over > VPN and they are having similar problems to what you are describing. I'll > try having them change the MTU size in the VPN client to see what happens. > Out of curiosity, what was your previous MTU size, and what did you end up > changing it to? Also: Although MTU is set at the application level, doesn't > it apply the new setting at the transport level? > Thanks! > GM > > -Original Message- > From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] > Sent: Thursday, October 03, 2002 4:00 PM > To: [EMAIL PROTECTED] > Subject: Re: Confused about MTU size [7:54689] > > > While ordinarily I would defer to your extensive experience and superior > powers of observation, Cil, I'm going to present a real world situation, and > let's see how what you say below stands up under scrutiny. I am not saying > your approach and your advice is suspect. It is excellent, and to be heeded. > > However... > > > Problem description. > > There is a web based application I use for expense reporting. The > application uses java scripting. This application has two components. The > first component is for creating cash expense reports. Things like mileage, > Bridge tolls. Parking. Any business expense for which I pay with cash. The > other component is for creating credit card expense reports. Car rental, > hotel, meals, etc. > > While connected to the company VPN, I am able to create my cash expense > reports with no problem. > > While connected to the company VPN I cannot create credit card expense > reports. > > So lets go through the troubleshooting methodology. I am going to blow off > physical, data link, and network layer problems because I have no problems > using any other application, I have no problem connecting to what I need to > connect to, etc. > > Transport layer? Well,,, OK I have no way of telling. Obviously, sniffer > traces would be helpful. So lets keep transport layer ( TCP ) problems in > mind. Maybe the firewall is blocking a port that the application uses. > > Layers 5 and 6? Well... let's blow that off too, because I doubt that anyone > could come up with anything plausible here, particularly in the IP world. > > That brings us to layer 7 - application layer. > > Now let me state that I appreciate that in the world of OSI, application > does not mean the same thing that it does in the world of computer software. > > But if you have a case where everything else is fine, and only this one > component of this one application is malfunctioning, is it reasonable to > suspect that the problem lies in the "application"? > > Seems so to me. > > But here is the kicker. > > If I am in the office, connected to the company LAN, the application works > just fine. I can create the credit card expense report with no problem. Same > if I am dialed up via ISDN or analogue telephone line. App works fine. I can > create expense reports just fine. > > So - it is not an "application problem. The only variable here is the > company VPN > > As I said earlier, given this information, I suspected that a firewall was > blocking a needed TCP or UDP port. > > When I called the company help desk and described the problem, and included > the information that the app worked fine where it did, and the problem was > only when I used the VPN, the immediate answer was to change the MTU size. > > Now tell me, where in the troubleshooting process does anything indicate an > MTU problem? It doesn't "sound" like an MTU problem. After all, everything > else works just fine. > > So I argued a bit, and was told to shut up and change the MTU size as > controlled by the Cisco VPN software client. > > Grumbling, I did so, tested, and voila I can now create my credit card > expense reports with no problem. > > I keep beating on this, because I don't know how anyone can conclude that > something is or is not an MTU problem given that MTU size adjustments seem > to cure so many of these problems. There seems to be no rhyme or reason to > it. It is not consistent across application. For example, I used Outlook > just fine across the VPN prior to this MTU change. Not to mention every > other app I need. So while the problem does not "LOOK" like an MTU problem > ( and what exactly in my troubleshooting process did I miss that would have > pointed to an MTU problem? ) the fact remains that across VPNs there is now > a wealth of experience that indicates that changing MTU size can and does > solve many problems. > > I return to the layer 4 / TCP issue beca
Three 24 Gbps Switching Engines at 18 Mpps (Layer2)!?! [7:54833]
What does this mean. I was looking at table 21-112. The difference between supervisor engine I and supervisor engine II is that the I has 24 Gbps switching engine and the II has three 24 Gbps. Yet the pps remains the same(18Mpps). Is there a direct correlation between the switching fabric and the switching throughput. If there is reading online that would be great. Here is the link I was referring to. http://www.cisco.com/univercd/cc/td/doc/pcat/ca4000.htm Ryan Newell Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54833&t=54833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BVI at OC3 speed [7:54828]
Interesting. Wish I could provide a direct answer. Aside from NOT using BVI's :) I usually like to just make the assumption bvi's are going to be process switched to be safe which works for the small environments I've used them in. And they usually are process switched for interesting packets like ip options, multicast, ... which are important to many folks. Process switching is just too much work to fill your pipes in both directions. I think you're answer/hope lies in researching the enchancements made to do larger numbers of sessions for DSL agreegation which there have been many changes in the last year. I believe those test results are internal cisco docs, or at least I couldn't find them easily. There might be another saviour if BVI made it into PXF(NSE) too which I doubt it did. http://www.cisco.com/warp/public/794/7200_bdaggreg.html (Cisco 7200 Configuration for RFC1483) Sorry for the vague answer and Good Luck! Let us know what you find, Darrell ""MADMAN"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Has anyone out there ever configured a 7200 with a bridged OC3 > interface that is then routed via a BVI?? The config is not the issue > but can the router handle it as this link will be heavily used. Since > the bridged to routed conversion is done in software I don't have a warm > fuzzy about this but the customer doesn't understandably want to buy > another router and just let the 7200 be a bridge. > > If your wondering what the hell, this is for an LSS, LAN Switching > Service, application which by tarriff is a fully meshed, bridged ATM > service that extends 10 or 100M ethernet. > > Thanks > > Dave > -- > David Madland > CCIE# 2016 > Sr. Network Engineer > Qwest Communications > 612-664-3367 > > "You don't make the poor richer by making the rich poorer." --Winston > Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54831&t=54828 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused about MTU size [7:54689]
Actually the method for detecting that it is an MTU problem is a very simple five step process: 1. Take the first letter of the program manufacturer Microsoft so you get "m" 2. Take the first three letters of program name Outlook becomes - "out" 3. Take the result from step 2 and reverse it so "out" becomes "tuo" 4. Append the result from step 1 to the result from step 3 so "m" + "tuo" = mtuo 5. Truncate the result from step 4 to 3 characters and you get MTU Now wasn't that easy? -Original Message- From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 1:00 PM To: [EMAIL PROTECTED] Subject:Re: Confused about MTU size [7:54689] While ordinarily I would defer to your extensive experience and superior powers of observation, Cil, I'm going to present a real world situation, and let's see how what you say below stands up under scrutiny. I am not saying your approach and your advice is suspect. It is excellent, and to be heeded. However... Problem description. There is a web based application I use for expense reporting. The application uses java scripting. This application has two components. The first component is for creating cash expense reports. Things like mileage, Bridge tolls. Parking. Any business expense for which I pay with cash. The other component is for creating credit card expense reports. Car rental, hotel, meals, etc. While connected to the company VPN, I am able to create my cash expense reports with no problem. While connected to the company VPN I cannot create credit card expense reports. So lets go through the troubleshooting methodology. I am going to blow off physical, data link, and network layer problems because I have no problems using any other application, I have no problem connecting to what I need to connect to, etc. Transport layer? Well,,, OK I have no way of telling. Obviously, sniffer traces would be helpful. So lets keep transport layer ( TCP ) problems in mind. Maybe the firewall is blocking a port that the application uses. Layers 5 and 6? Well... let's blow that off too, because I doubt that anyone could come up with anything plausible here, particularly in the IP world. That brings us to layer 7 - application layer. Now let me state that I appreciate that in the world of OSI, application does not mean the same thing that it does in the world of computer software. But if you have a case where everything else is fine, and only this one component of this one application is malfunctioning, is it reasonable to suspect that the problem lies in the "application"? Seems so to me. But here is the kicker. If I am in the office, connected to the company LAN, the application works just fine. I can create the credit card expense report with no problem. Same if I am dialed up via ISDN or analogue telephone line. App works fine. I can create expense reports just fine. So - it is not an "application problem. The only variable here is the company VPN As I said earlier, given this information, I suspected that a firewall was blocking a needed TCP or UDP port. When I called the company help desk and described the problem, and included the information that the app worked fine where it did, and the problem was only when I used the VPN, the immediate answer was to change the MTU size. Now tell me, where in the troubleshooting process does anything indicate an MTU problem? It doesn't "sound" like an MTU problem. After all, everything else works just fine. So I argued a bit, and was told to shut up and change the MTU size as controlled by the Cisco VPN software client. Grumbling, I did so, tested, and voila I can now create my credit card expense reports with no problem. I keep beating on this, because I don't know how anyone can conclude that something is or is not an MTU problem given that MTU size adjustments seem to cure so many of these problems. There seems to be no rhyme or reason to it. It is not consistent across application. For example,
RE: Confused about MTU size [7:54689]
That's interesting. I have a call center user who uses an ACD client over VPN and they are having similar problems to what you are describing. I'll try having them change the MTU size in the VPN client to see what happens. Out of curiosity, what was your previous MTU size, and what did you end up changing it to? Also: Although MTU is set at the application level, doesn't it apply the new setting at the transport level? Thanks! GM -Original Message- From: Chuck's Long Road [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 4:00 PM To: [EMAIL PROTECTED] Subject: Re: Confused about MTU size [7:54689] While ordinarily I would defer to your extensive experience and superior powers of observation, Cil, I'm going to present a real world situation, and let's see how what you say below stands up under scrutiny. I am not saying your approach and your advice is suspect. It is excellent, and to be heeded. However... Problem description. There is a web based application I use for expense reporting. The application uses java scripting. This application has two components. The first component is for creating cash expense reports. Things like mileage, Bridge tolls. Parking. Any business expense for which I pay with cash. The other component is for creating credit card expense reports. Car rental, hotel, meals, etc. While connected to the company VPN, I am able to create my cash expense reports with no problem. While connected to the company VPN I cannot create credit card expense reports. So lets go through the troubleshooting methodology. I am going to blow off physical, data link, and network layer problems because I have no problems using any other application, I have no problem connecting to what I need to connect to, etc. Transport layer? Well,,, OK I have no way of telling. Obviously, sniffer traces would be helpful. So lets keep transport layer ( TCP ) problems in mind. Maybe the firewall is blocking a port that the application uses. Layers 5 and 6? Well... let's blow that off too, because I doubt that anyone could come up with anything plausible here, particularly in the IP world. That brings us to layer 7 - application layer. Now let me state that I appreciate that in the world of OSI, application does not mean the same thing that it does in the world of computer software. But if you have a case where everything else is fine, and only this one component of this one application is malfunctioning, is it reasonable to suspect that the problem lies in the "application"? Seems so to me. But here is the kicker. If I am in the office, connected to the company LAN, the application works just fine. I can create the credit card expense report with no problem. Same if I am dialed up via ISDN or analogue telephone line. App works fine. I can create expense reports just fine. So - it is not an "application problem. The only variable here is the company VPN As I said earlier, given this information, I suspected that a firewall was blocking a needed TCP or UDP port. When I called the company help desk and described the problem, and included the information that the app worked fine where it did, and the problem was only when I used the VPN, the immediate answer was to change the MTU size. Now tell me, where in the troubleshooting process does anything indicate an MTU problem? It doesn't "sound" like an MTU problem. After all, everything else works just fine. So I argued a bit, and was told to shut up and change the MTU size as controlled by the Cisco VPN software client. Grumbling, I did so, tested, and voila I can now create my credit card expense reports with no problem. I keep beating on this, because I don't know how anyone can conclude that something is or is not an MTU problem given that MTU size adjustments seem to cure so many of these problems. There seems to be no rhyme or reason to it. It is not consistent across application. For example, I used Outlook just fine across the VPN prior to this MTU change. Not to mention every other app I need. So while the problem does not "LOOK" like an MTU problem ( and what exactly in my troubleshooting process did I miss that would have pointed to an MTU problem? ) the fact remains that across VPNs there is now a wealth of experience that indicates that changing MTU size can and does solve many problems. I return to the layer 4 / TCP issue because of course there is no way to eliminate that ( or maybe even an L3 / IP issue ) without a sniffer trace. You are most welcome to join me here in my home office, hook up your EtherPeek, and I will change the MTU back, and you can tell me what you find. There is probably a good reason why this happens, and I too would be curious as to what the reason is. But I can tell you - the same app - just two different links to click, and one works and one doesn't, and the fix is to change MTU. Like I said - go figure. Chuck -- TANSTAAFL There Ain't No Such Thing As A Free Lunch ""Priscilla Opp
BVI at OC3 speed [7:54828]
Has anyone out there ever configured a 7200 with a bridged OC3 interface that is then routed via a BVI?? The config is not the issue but can the router handle it as this link will be heavily used. Since the bridged to routed conversion is done in software I don't have a warm fuzzy about this but the customer doesn't understandably want to buy another router and just let the 7200 be a bridge. If your wondering what the hell, this is for an LSS, LAN Switching Service, application which by tarriff is a fully meshed, bridged ATM service that extends 10 or 100M ethernet. Thanks Dave -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "You don't make the poor richer by making the rich poorer." --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54828&t=54828 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Returned mail--"leftmargin" [7:54827]
The following mail can't be sent to [EMAIL PROTECTED]: From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: leftmargin The file is the original mail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54827&t=54827 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused about MTU size [7:54689]
While ordinarily I would defer to your extensive experience and superior powers of observation, Cil, I'm going to present a real world situation, and let's see how what you say below stands up under scrutiny. I am not saying your approach and your advice is suspect. It is excellent, and to be heeded. However... Problem description. There is a web based application I use for expense reporting. The application uses java scripting. This application has two components. The first component is for creating cash expense reports. Things like mileage, Bridge tolls. Parking. Any business expense for which I pay with cash. The other component is for creating credit card expense reports. Car rental, hotel, meals, etc. While connected to the company VPN, I am able to create my cash expense reports with no problem. While connected to the company VPN I cannot create credit card expense reports. So lets go through the troubleshooting methodology. I am going to blow off physical, data link, and network layer problems because I have no problems using any other application, I have no problem connecting to what I need to connect to, etc. Transport layer? Well,,, OK I have no way of telling. Obviously, sniffer traces would be helpful. So lets keep transport layer ( TCP ) problems in mind. Maybe the firewall is blocking a port that the application uses. Layers 5 and 6? Well... let's blow that off too, because I doubt that anyone could come up with anything plausible here, particularly in the IP world. That brings us to layer 7 - application layer. Now let me state that I appreciate that in the world of OSI, application does not mean the same thing that it does in the world of computer software. But if you have a case where everything else is fine, and only this one component of this one application is malfunctioning, is it reasonable to suspect that the problem lies in the "application"? Seems so to me. But here is the kicker. If I am in the office, connected to the company LAN, the application works just fine. I can create the credit card expense report with no problem. Same if I am dialed up via ISDN or analogue telephone line. App works fine. I can create expense reports just fine. So - it is not an "application problem. The only variable here is the company VPN As I said earlier, given this information, I suspected that a firewall was blocking a needed TCP or UDP port. When I called the company help desk and described the problem, and included the information that the app worked fine where it did, and the problem was only when I used the VPN, the immediate answer was to change the MTU size. Now tell me, where in the troubleshooting process does anything indicate an MTU problem? It doesn't "sound" like an MTU problem. After all, everything else works just fine. So I argued a bit, and was told to shut up and change the MTU size as controlled by the Cisco VPN software client. Grumbling, I did so, tested, and voila I can now create my credit card expense reports with no problem. I keep beating on this, because I don't know how anyone can conclude that something is or is not an MTU problem given that MTU size adjustments seem to cure so many of these problems. There seems to be no rhyme or reason to it. It is not consistent across application. For example, I used Outlook just fine across the VPN prior to this MTU change. Not to mention every other app I need. So while the problem does not "LOOK" like an MTU problem ( and what exactly in my troubleshooting process did I miss that would have pointed to an MTU problem? ) the fact remains that across VPNs there is now a wealth of experience that indicates that changing MTU size can and does solve many problems. I return to the layer 4 / TCP issue because of course there is no way to eliminate that ( or maybe even an L3 / IP issue ) without a sniffer trace. You are most welcome to join me here in my home office, hook up your EtherPeek, and I will change the MTU back, and you can tell me what you find. There is probably a good reason why this happens, and I too would be curious as to what the reason is. But I can tell you - the same app - just two different links to click, and one works and one doesn't, and the fix is to change MTU. Like I said - go figure. Chuck -- TANSTAAFL There Ain't No Such Thing As A Free Lunch ""Priscilla Oppenheimer"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I agree that it doesn't sound like an MTU problem. There are often problems > with MTU when DSL, VPNs, tunnels, etc. are used, so people might jump to > that conclusion. But e-mail messages are often very short and would easily > fit into most MTUs even after overhead. To test whether it's an MTU problem, > try some oversized pings. > > The MTU issue occurs when a full-sized packet arrives at an interface that > needs to squeeze it into an MTU along with the overhead. The interface could > fragment, but maybe the application or transport layer
RE: Study Group in Indianapolis [7:54748]
Is this for the written and practical or just the practical? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54825&t=54748 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX Scenerio [7:54824]
In this PIX Scenerio, What will be the best option. Note: PIX is being used between the two Private networks. I am just treating the outside interface as one of the users' subnets. I have 10 users on outside interface (Network 192.168.40.0) want to have an acess to the some resources in the inside (Network 172.16.20.0). Instead of statically mapping each IP address from the users to the inside resources, can I justdo this: static (inside, outside) 192.168.40.0 172.16.20.0 netmask 255.255.255.0, and then apply conduit For Example, conduit permit tcp host 192.168.40.5 (User's IP address) 172.16.20.5 (File Server) and so on, or will it be better to statically map each user ip address to the resource ip address, and then open the conduit static (inside, outside) 192.168.40.5(user's computer) 172.16.20.5 (File Server) netmaks 255.255.255.255. I think I can't statically map the actual user IP address. I am gonna have to use an unused IP address from the user's subnet (192.168.10.0). Please let me know. Thanks, Changed your e-mail? Keep your contacts! Use this free e-mail change of address service from Return Path. Register now! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54824&t=54824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused about MTU size [7:54689]
You don't mention Exchange server but I assume this is what you are attaching to using Outlook. Is there any NATting involved with Exchange? If so you might have an Exchange port problem. http://support.microsoft.com/default.aspx?scid=kb;en-us;Q155831 "Setting TCP/IP Ports for Exchange and Outlook Client Connections Through a Firewall" -Original Message- From: JohnZ [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 6:55 PM To: [EMAIL PROTECTED] Subject:Confused about MTU size [7:54689] Can some one explain clearly how does MTU size affect windows applications where these applications won't work over a network link. I have a certain home user that can establish a vpn tunnel through a DSL to corporate network and all applications will work except for email. The only difference is a cisco router in between the homeuser and corporate network. Without this cisco router (with homeuser directly attached to DSL modem) there are no problems. Some one mentioned MTU could be the problem, but if the frames are larger then MTU don't they get fragmented and re-assembled at the other end. How could MTU size fail single application while everything else works fine. Thanks for any help. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54823&t=54689 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused about MTU size [7:54689]
Jim Brown wrote: > > I belong to the CheckPoint list server and a very similar > discussion is > happening over there referencing Outlook over a VPN between > CheckPoint > firewalls. > > Could this problem be related to Tunnel overhead and packet > fragmentation? > > I think this might be a problem with Microsoft's implementation > of the > TCP/IP stack and large packets over 1500 MTU. Earlier in the discussion, we doubted this because why would just Outlook have a problem? E-mail is less likely to be large than HTTP, FTP, extended pings, etc. But there does seem to be a lot of anectdotal evidence that MTU is somehow related, so maybe worth testing. More below. > Outlook might not > be very > happy with fragmentation. > > There is a registry setting for the end station that forces the > MTU to > 576 for any packets not destined for the local subnet. > > This is cut and pasted from > http://support.microsoft.com/default.aspx?scid=kb;EN-US;q314053 > > EnablePMTUDiscovery > Key: Tcpip\Parameters > Value Type: REG_DWORD - Boolean > Valid Range: 0,1 (False, True) > Default: 1 (True) Interesting that this is TRUE by default. Explains the fact that most traffic seems to have the DF bit set. They set the DF bit, never get back an ICMP Frag Needed But DF Bit Set, so just keep sending with that size and never bother to unset the DF bit. > Description: Setting this parameter to 1 (True) causes TCP to > attempt to > discover the Maximum Transmission Unit (MTU or largest packet > size) over > the path to a remote host. By discovering the Path MTU and > limiting TCP > segments to this size, TCP can eliminate fragmentation at > routers along > the path that connect networks with different MTUs. > Fragmentation > adversely affects TCP throughput and network congestion. > Setting this > parameter to 0 causes an MTU of 576 bytes to be used for all > connections > that are not to computers on the local subnet. > > EnablePMTUBHDetect > Key: Tcpip\Parameters > Value Type: REG_DWORD - Boolean > Valid Range: 0,1 (False, True) > Default: 0 (False) > Description: Setting this parameter to 1 (True) causes TCP to > try to > detect "Black Hole" routers while doing Path MTU Discovery. A > "Black > Hole" router does not return ICMP Destination Unreachable > messages when > it needs to fragment an IP datagram with the Don't Fragment bit > set. TCP > depends on receiving these messages to perform Path MTU > Discovery. With > this feature enabled, TCP will try to send segments without the > Don't > Fragment bit set if several retransmissions of a segment go > unacknowledged. If the segment is acknowledged as a result, the > MSS will > be decreased and the Don't Fragment bit will be set in future > packets on > the connection. Enabling black hole detection increases the > maximum > number of retransmissions performed for a given segment. > > Anyone willing to modify their end station to force an MTU of > 576 and > discovery of "blackholes" and report the results. That wouldn't be the logical test. There's no need to discover black holes unles MTU discovery IS used. So two tests to try would be: 1) MTU discovery off (which forces all packets to be 576 bytes, which would be awful for performance, but OK for a test) Black hole discovery off (irrelevant, but might as well be off) and MTU disocvery on Black hole discovery on also > > It would be most insightful to see the pre and post registry > network > sniffer traces of Outlook traffic. I agree that sniffer traces are probably going to be necessary to debug this problem! I look forward to hearing a resolution. Gotta get back to work, myself, though. ;-) ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > I don't have time now, but I think this could be the issue. I > think it > may be an end station problem. > > > -Original Message- > From: Larry Letterman [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 7:58 PM > To: [EMAIL PROTECTED] > Subject: Re: Confused about MTU size [7:54689] > > > I had the same issue with outlook, its real slow when accessing > Imap > mail. I set the MTU, adjusted other > things, etc..nothing seems to fix this issue for me. I set up > Netscape > 6.2x messenger/mail. Installed the > mail client for Imap mail, and it works fine...sometimes it > hangs for a > second or two, but not anything like > outlook > > Larry > > Creighton Bill-BCREIGH1 wrote: > > >I may be way out of line, but there aren't any access lists > which may > be > >prohibiting the IMAP ports used by exchange, are there. I ran > into a > config > >mess with DMZ's and access lists for a beta product test once. > And that > was > >what we saw - all worked (http, proxy, etc.) but Exchange was > gone. > Turned > >out to be some Checkpoint and access-list tweaking. > > > > > >-Original Message- > >From: JohnZ [mailto:[EMAIL PROTECTED]] > >Sent: Wednesday, October 02, 2002 5:
RE: How to force a new DR? [7:54810]
The easiest way I have found to do this is to: ip ospf pri 0 on the DR's interface , this will force a new DR, then no ip ospf pri 0 I would first get the router you wish to be the DR to be the BDR, using the above process on the BDR Jim Fickett -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 12:59 PM To: [EMAIL PROTECTED] Subject: Re: How to force a new DR? [7:54810] At 4:06 PM + 10/3/02, [EMAIL PROTECTED] wrote: >Hello friends, > > I have a question for you, maybe you can help me... > > > Suppose that I have an Ethernet segment with some routers >speaking OSPF, one of them is the DR and other is the BDR. Suppose that I >add a new router to the Ethernet segment. I know that this doesn't start a >new ellection of DR or BDR process, (the normal way is that when the DR >fails, the BDR takes its place and one new BDR is ellected). Now suppose >that I want the new router be the DR... How can I force this?? I know that >I can force the priority in the election process (ip ospf priority >command), but I am not sure that changing this priority will start a new >election. Must I shut down the DR and BDR routers in order to force a >new DR and BDR?? I don't think so Yes you must both: stop OSPF on the existing DR and BDR bring up the new desired DR if there is a router with a better priority still on, it may become DR. the only certain way to make a router interface DR is to have it the only active router bring up the other routers. ISIS does things a different way. Essentially, it doesn't have the BDR concept, and you can force a particular router to be DR equivalent. These are some of the fundamental design differences between OSPF and ISIS. This message may contain information which is private, privileged or confidential and is intended solely for the use of the individual or entity named in the message. If you are not the intended recipient of this message, please notify the sender thereof and destroy / delete the message. Neither the sender nor Sappi Limited (including its subsidiaries and associated companies) shall incur any liability resulting directly or indirectly from accessing any of the attached files which may contain a virus or the like. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54820&t=54810 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ARP -- UNIXWARE servers [7:54778]
They may learn the MAC addresses for all routers on their network segment, but which one do they use when sending non-local traffic? Don't they use the MAC address that maps to the IP address of the configured default gateway? ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Marian Iordanescu wrote: > > I Have an issue I'm curious about. > I've set up HSRP on a 6513. We have more servers with Unixware > O.S. installed. These machines learn all MAC addresses from all > routers not one from active router. > > > Thank you for your input. > > Marian > > > > The IT department of the Romanian Bank for Development > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54819&t=54778 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to force a new DR? [7:54810]
At 4:06 PM + 10/3/02, [EMAIL PROTECTED] wrote: >Hello friends, > > I have a question for you, maybe you can help me... > > > Suppose that I have an Ethernet segment with some routers >speaking OSPF, one of them is the DR and other is the BDR. Suppose that I >add a new router to the Ethernet segment. I know that this doesn't start a >new ellection of DR or BDR process, (the normal way is that when the DR >fails, the BDR takes its place and one new BDR is ellected). Now suppose >that I want the new router be the DR... How can I force this?? I know that >I can force the priority in the election process (ip ospf priority >command), but I am not sure that changing this priority will start a new >election. Must I shut down the DR and BDR routers in order to force a >new DR and BDR?? I don't think so Yes you must both: stop OSPF on the existing DR and BDR bring up the new desired DR if there is a router with a better priority still on, it may become DR. the only certain way to make a router interface DR is to have it the only active router bring up the other routers. ISIS does things a different way. Essentially, it doesn't have the BDR concept, and you can force a particular router to be DR equivalent. These are some of the fundamental design differences between OSPF and ISIS. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54818&t=54810 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused about MTU size [7:54689]
What is LFI? Sorry for my ignorance. Is it an IP thing or a data-link-layer thing?? If it's a data-link-layer thing, then it's not a problem. The DF bit only affects IP fragmentation. As far as what applications set the DF bit, it's more common than you might think. DNS often does. Quite a few HTTP implementations set it. I just ran a capture on the network I'm on today and most of the traffic had it set! You could try a test on your network too? Maybe lots of people could try this so we could get a better idea. I think one reason that setting the DF bit is common is because IP fragmentation and reassembly is a bad idea. It causes extra work on the device doing the fragmentation and the end host that reassembles. Also, the packets remain fragmented until they reach the end host. So even though there may be some Ethernet networks in the path (even Gigabit which has its jumbo frames feature), the packets remain small. Fragmenting at the data-link-layer across a pt-to-pt virtual circuit is more efficient and less problematic. PPP and Frame Relay have features for this. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Schwantz wrote: > > I am interested to know what are the applications out there > that sets the DF > bit . Does anybdy know and common ones ? The reason for this is > because I > want to run LFI on my router for the purpose of VoIP. If I > understand how > LFI works, it will "chop" up large data packets so as to reduce > possible > jitter. If there are critical applications that don't allow > fragmentation, > my guess is LFI would cause the packets to be dropped. I don't > want that to > happen. Any suggestions what I could do besides throwing BW at > the equation > and turning off LFI altogether ? > > Schwantz > > ""Jim Brown"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I belong to the CheckPoint list server and a very similar > discussion is > > happening over there referencing Outlook over a VPN between > CheckPoint > > firewalls. > > > > Could this problem be related to Tunnel overhead and packet > > fragmentation? > > > > I think this might be a problem with Microsoft's > implementation of the > > TCP/IP stack and large packets over 1500 MTU. Outlook might > not be very > > happy with fragmentation. > > > > There is a registry setting for the end station that forces > the MTU to > > 576 for any packets not destined for the local subnet. > > > > This is cut and pasted from > > > http://support.microsoft.com/default.aspx?scid=kb;EN-US;q314053 > > > > EnablePMTUDiscovery > > Key: Tcpip\Parameters > > Value Type: REG_DWORD - Boolean > > Valid Range: 0,1 (False, True) > > Default: 1 (True) > > Description: Setting this parameter to 1 (True) causes TCP to > attempt to > > discover the Maximum Transmission Unit (MTU or largest packet > size) over > > the path to a remote host. By discovering the Path MTU and > limiting TCP > > segments to this size, TCP can eliminate fragmentation at > routers along > > the path that connect networks with different MTUs. > Fragmentation > > adversely affects TCP throughput and network congestion. > Setting this > > parameter to 0 causes an MTU of 576 bytes to be used for all > connections > > that are not to computers on the local subnet. > > > > EnablePMTUBHDetect > > Key: Tcpip\Parameters > > Value Type: REG_DWORD - Boolean > > Valid Range: 0,1 (False, True) > > Default: 0 (False) > > Description: Setting this parameter to 1 (True) causes TCP to > try to > > detect "Black Hole" routers while doing Path MTU Discovery. A > "Black > > Hole" router does not return ICMP Destination Unreachable > messages when > > it needs to fragment an IP datagram with the Don't Fragment > bit set. TCP > > depends on receiving these messages to perform Path MTU > Discovery. With > > this feature enabled, TCP will try to send segments without > the Don't > > Fragment bit set if several retransmissions of a segment go > > unacknowledged. If the segment is acknowledged as a result, > the MSS will > > be decreased and the Don't Fragment bit will be set in future > packets on > > the connection. Enabling black hole detection increases the > maximum > > number of retransmissions performed for a given segment. > > > > Anyone willing to modify their end station to force an MTU of > 576 and > > discovery of "blackholes" and report the results. > > > > It would be most insightful to see the pre and post registry > network > > sniffer traces of Outlook traffic. > > > > I don't have time now, but I think this could be the issue. I > think it > > may be an end station problem. > > > > > > -Original Message- > > From: Larry Letterman [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, October 02, 2002 7:58 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Confused about MTU size [7:54689] > > > > > > I had the same issue with outlook, its real slow when > accessing Imap > > mail. I set the MTU, adjusted other > >
RE: Visio 2k Stencils [7:54804]
If you want powerpoint and other icons, you get them from Cisco directly at the following: (word wrap) http://www.cisco.com/warp/public/503/2.html Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 10:13 AM To: [EMAIL PROTECTED] Subject: Visio 2k Stencils [7:54804] Anybody got stencils for catalyst 6513s and corresponding cards that they can send me or know where I could get them? Thanks, Mario Puras SoluNet Technical Support Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54816&t=54804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Visio 2k Stencils [7:54804]
Here's a mirror site that has just about every Cisco icon you'd ever want. I'm using Visio 2002 pro, but if I'm not mistaken the .vss (stencils) work in all versions. It's a huge file (about 25Mb) so I hope you got a good connection. http://www.ipsyn.net/cisco/icons/ Bill Creighton CCNP Senior System Engineer Motorola iDEN CNRC Packet Data -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 10:13 AM To: [EMAIL PROTECTED] Subject: Visio 2k Stencils [7:54804] Anybody got stencils for catalyst 6513s and corresponding cards that they can send me or know where I could get them? Thanks, Mario Puras SoluNet Technical Support Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54814&t=54804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to force a new DR? [7:54810]
Try 'clear ip ospf proc' -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 10:06 AM To: [EMAIL PROTECTED] Subject: How to force a new DR? [7:54810] Hello friends, I have a question for you, maybe you can help me... Suppose that I have an Ethernet segment with some routers speaking OSPF, one of them is the DR and other is the BDR. Suppose that I add a new router to the Ethernet segment. I know that this doesn't start a new ellection of DR or BDR process, (the normal way is that when the DR fails, the BDR takes its place and one new BDR is ellected). Now suppose that I want the new router be the DR... How can I force this?? I know that I can force the priority in the election process (ip ospf priority command), but I am not sure that changing this priority will start a new election. Must I shut down the DR and BDR routers in order to force a new DR and BDR?? I don't think so Best regards. Miguel Angel Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54812&t=54810 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: When to put a dash [7:54802]
John Huston wrote: > > Does anyone know if there is a rule in Cisco commands that > helps you remember > when to put a dash in a command and when not too? For example > the command IP > RTP HEADER-COMPRESSION. What signals that you need a dash > between header and > compression? I've never figured this out. Nope, there's no logic to it. Other router vendors are critical of Cisco for this, by the way. I used to work with a documentation writer at Cisco who would go back to the engineers and try to get them to be more consistent before she would document a new command, but alas, she manages all documentation at Juniper now. ;-) ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > Thank you in advance for your help. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54813&t=54802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VWIC 2MFT-T1 [7:54796]
I have been using VWIC-1MFT's and VWIC-2MFT's to connect in a data mode to WIC-1DSUs using a cross over T1 cable. When you do this, it is imperative to add the 'speed 64' portion of the channel-group if that is the base speed of the DS0. I am finding that in general, if I want something to work I shouldn't trust default settings :) TTFN, Bill Pearch, Anchorage -Original Message- From: Larry Perdue [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 7:14 AM To: [EMAIL PROTECTED] Subject: RE: VWIC 2MFT-T1 [7:54796] You need to use the "channel-group" command to create the serial interface, it doesn't do this automatically. Here is an example from one that I have done: controller T1 2/1 framing esf clock source internal linecode b8zs cablelength short 133 channel-group 0 timeslots 1-24 speed 64 In this case, the "channel-group" command creates a serial 2/1:0 interface that can then be given an IP address and used accordingly. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 9:42 AM To: [EMAIL PROTECTED] Subject:VWIC 2MFT-T1 [7:54796] Has any one configured a Data T1 on the following card (VWIC 2MFT-T1)? This is very different from what I've seen in the past... I've been looking on CCO for data configuration, but haven't found anything. They say it's possible. Cheers, mkj ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54811&t=54796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How to force a new DR? [7:54810]
Hello friends, I have a question for you, maybe you can help me... Suppose that I have an Ethernet segment with some routers speaking OSPF, one of them is the DR and other is the BDR. Suppose that I add a new router to the Ethernet segment. I know that this doesn't start a new ellection of DR or BDR process, (the normal way is that when the DR fails, the BDR takes its place and one new BDR is ellected). Now suppose that I want the new router be the DR... How can I force this?? I know that I can force the priority in the election process (ip ospf priority command), but I am not sure that changing this priority will start a new election. Must I shut down the DR and BDR routers in order to force a new DR and BDR?? I don't think so Best regards. Miguel Angel Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54810&t=54810 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: When to put a dash [7:54802]
Ha! I have wndered about this in the past also but I think there is no consistency whatsoever. The ? and tab key are your friend. MADMAN John Huston wrote: > > Does anyone know if there is a rule in Cisco commands that helps you remember > when to put a dash in a command and when not too? For example the command > IP > RTP HEADER-COMPRESSION. What signals that you need a dash between header and > compression? I've never figured this out. > > Thank you in advance for your help. -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "You don't make the poor richer by making the rich poorer." --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54809&t=54802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CiscoWorks installation issue [7:54808]
I was wondering if any of the Microsoft experts out there can help me with this one. I am having a problem installing CiscoWorks 2000 3.2 CD one on a Win2k Advanced server. I have installed this same version on other 2k advanced servers in the past with no problem but at the beginning of the installation a dialog box appears with a title of severe and a message of cannot create install dependency file. Can anyone of the Microsoft experts out there shed some light on this. I have installed other applications like Visio2k, Visual Studio and SQL server2k to name a few before the CiscoWorks application, Is one of the other previous application installations blocking or causing this issue? I stick the CD into another Win2k box with the same apps installed and I do not get this message. This is a new server and the apps were just installed. I would hate to blow it away because of an install sequence. I tried looking up the error message for some clues on the Microsoft and Cisco sites but was only able to find this bit of information: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q178354 Any tips or suggestions would be greatly appreciated Thanks . /JS Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54808&t=54808 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN Passed. [7:54732]
HI, I used Cisco certification guid, Sybex exam notes and amother book named " Remote access for cisco networks by bill burton. exam was ok but i had problems in simulation Question. I could not perform the command " copy run start" i was keep geeting wrror. then i tried "wr" command to cave running configuration but could not save it. so i let that Question go without that. rest was ok not that bad I spent almost 6-10 hrs a day to review stuff & finish cisco book almost 4 times, coz i m not working in cisco networks yet so thanks for your mail if U have any Q please feel free to ask. regards Amir Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54807&t=54732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: When to put a dash [7:54802]
For me it usually comes from repetition of the commands and when there is an uncertainty about when to put the dash the old '?' usually works. Hope this helps. M. Michael Greenbaum Senior Cisco Certified Engineer [EMAIL PROTECTED] www.mtcglabs.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Huston Sent: Thursday, October 03, 2002 10:47 AM To: [EMAIL PROTECTED] Subject: When to put a dash [7:54802] Does anyone know if there is a rule in Cisco commands that helps you remember when to put a dash in a command and when not too? For example the command IP RTP HEADER-COMPRESSION. What signals that you need a dash between header and compression? I've never figured this out. Thank you in advance for your help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54806&t=54802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Visio 2k Stencils [7:54804]
Anybody got stencils for catalyst 6513s and corresponding cards that they can send me or know where I could get them? Thanks, Mario Puras SoluNet Technical Support Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54804&t=54804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VWIC 2MFT-T1 [7:54796]
You need to use the "channel-group" command to create the serial interface, it doesn't do this automatically. Here is an example from one that I have done: controller T1 2/1 framing esf clock source internal linecode b8zs cablelength short 133 channel-group 0 timeslots 1-24 speed 64 In this case, the "channel-group" command creates a serial 2/1:0 interface that can then be given an IP address and used accordingly. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 9:42 AM To: [EMAIL PROTECTED] Subject:VWIC 2MFT-T1 [7:54796] Has any one configured a Data T1 on the following card (VWIC 2MFT-T1)? This is very different from what I've seen in the past... I've been looking on CCO for data configuration, but haven't found anything. They say it's possible. Cheers, mkj ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54805&t=54796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused about MTU size [7:54689]
I am interested to know what are the applications out there that sets the DF bit . Does anybdy know and common ones ? The reason for this is because I want to run LFI on my router for the purpose of VoIP. If I understand how LFI works, it will "chop" up large data packets so as to reduce possible jitter. If there are critical applications that don't allow fragmentation, my guess is LFI would cause the packets to be dropped. I don't want that to happen. Any suggestions what I could do besides throwing BW at the equation and turning off LFI altogether ? Schwantz ""Jim Brown"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I belong to the CheckPoint list server and a very similar discussion is > happening over there referencing Outlook over a VPN between CheckPoint > firewalls. > > Could this problem be related to Tunnel overhead and packet > fragmentation? > > I think this might be a problem with Microsoft's implementation of the > TCP/IP stack and large packets over 1500 MTU. Outlook might not be very > happy with fragmentation. > > There is a registry setting for the end station that forces the MTU to > 576 for any packets not destined for the local subnet. > > This is cut and pasted from > http://support.microsoft.com/default.aspx?scid=kb;EN-US;q314053 > > EnablePMTUDiscovery > Key: Tcpip\Parameters > Value Type: REG_DWORD - Boolean > Valid Range: 0,1 (False, True) > Default: 1 (True) > Description: Setting this parameter to 1 (True) causes TCP to attempt to > discover the Maximum Transmission Unit (MTU or largest packet size) over > the path to a remote host. By discovering the Path MTU and limiting TCP > segments to this size, TCP can eliminate fragmentation at routers along > the path that connect networks with different MTUs. Fragmentation > adversely affects TCP throughput and network congestion. Setting this > parameter to 0 causes an MTU of 576 bytes to be used for all connections > that are not to computers on the local subnet. > > EnablePMTUBHDetect > Key: Tcpip\Parameters > Value Type: REG_DWORD - Boolean > Valid Range: 0,1 (False, True) > Default: 0 (False) > Description: Setting this parameter to 1 (True) causes TCP to try to > detect "Black Hole" routers while doing Path MTU Discovery. A "Black > Hole" router does not return ICMP Destination Unreachable messages when > it needs to fragment an IP datagram with the Don't Fragment bit set. TCP > depends on receiving these messages to perform Path MTU Discovery. With > this feature enabled, TCP will try to send segments without the Don't > Fragment bit set if several retransmissions of a segment go > unacknowledged. If the segment is acknowledged as a result, the MSS will > be decreased and the Don't Fragment bit will be set in future packets on > the connection. Enabling black hole detection increases the maximum > number of retransmissions performed for a given segment. > > Anyone willing to modify their end station to force an MTU of 576 and > discovery of "blackholes" and report the results. > > It would be most insightful to see the pre and post registry network > sniffer traces of Outlook traffic. > > I don't have time now, but I think this could be the issue. I think it > may be an end station problem. > > > -Original Message- > From: Larry Letterman [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 7:58 PM > To: [EMAIL PROTECTED] > Subject: Re: Confused about MTU size [7:54689] > > > I had the same issue with outlook, its real slow when accessing Imap > mail. I set the MTU, adjusted other > things, etc..nothing seems to fix this issue for me. I set up Netscape > 6.2x messenger/mail. Installed the > mail client for Imap mail, and it works fine...sometimes it hangs for a > second or two, but not anything like > outlook > > Larry > > Creighton Bill-BCREIGH1 wrote: > > >I may be way out of line, but there aren't any access lists which may > be > >prohibiting the IMAP ports used by exchange, are there. I ran into a > config > >mess with DMZ's and access lists for a beta product test once. And that > was > >what we saw - all worked (http, proxy, etc.) but Exchange was gone. > Turned > >out to be some Checkpoint and access-list tweaking. > > > > > >-Original Message- > >From: JohnZ [mailto:[EMAIL PROTECTED]] > >Sent: Wednesday, October 02, 2002 5:43 PM > >To: [EMAIL PROTECTED] > >Subject: Re: Confused about MTU size [7:54689] > > > >Thanks Priscilla, I definitely don't mind even if it was criticisim > >especially coming from some one of your caliber. Thank you for the > pointers > >and I will do some more deligant troubleshooting. And yes Mike it is > outlook > >that refuses to work properly. There is no problem browsing, home user > is > >able to copy files of all sizes with out any problems. We can ping the > email > >server from the user's workstation heck I am even pc-anwhered into his > >machine. But as soon we start outlook it just hangs. I will further > >investigate the router's confi
When to put a dash [7:54802]
Does anyone know if there is a rule in Cisco commands that helps you remember when to put a dash in a command and when not too? For example the command IP RTP HEADER-COMPRESSION. What signals that you need a dash between header and compression? I've never figured this out. Thank you in advance for your help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54802&t=54802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
r/s study in tallahassee [7:54801]
I am looking for R/S Lab study partner(s) in Tallahassee or surrounding area. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54801&t=54801 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco work 2000 [7:54773]
Hi, The topology service view depends on CDP, not just IP or even SNMP. Please make sure that the CDP between the missing devices and other present devices are enabled. You can verify by checking the 'show cdp neighbor' to see if they see each other. Rico. ""Han Chuan Alex Ang"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have been trying to set up my Cisco work 2000, under resource manager > essential , inventory , check device attribute , I am able to check that all > device are correctly configured. However , when I try extract the topology > service network view on the layer 2 view, I find that some of my switch > discover by the resource manager are missing, anyone has any advice on that > , thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54800&t=54773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Dual CCIE and Recertification [7:54799]
I know if you have one CCIE and pass a second one it counts as recertifiying, however does this mean you would have to recertify both in the future by taking the written for each one, For example, Security and R&s? Jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54799&t=54799 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Recertifications [7:54798]
Hello, I wonder what happens if you don't pass the CCNP recertification ? Say if your CCNP is still valid and you take the recert test early and do not pass, does that mean you cease to be a CCNP ? __ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54798&t=54798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Recert [7:54787]
Personally, I can't imagine being able to pass the CCIE R&S exam and not being able to breeze through the CCNP stuff. It may be different than version 1, but I imagine you've probably been keeping fairly up to date with this stuff since you're attempting your IE cert. ""ccnp ccnp2002"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > It may not work, what with all these new things that have been added. > > But I would imagine that if you have some money and get good practice exams, > it should do the job, especially if you have been working with the > technologies. > > The best thing of all is that knowledge which you stuggled to get... you > just need to refresh, even if you have not been using it! > > Good Luck Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54793&t=54787 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
AUX port PPP dialup link config ? [7:54797]
Hi group, I have a Cisco 2524 connecting my in house network to the Comcast (cable modem network) all works fine. I would like to now add a modem attached to the unused aux port of the 2524, so that I can dial into the router and either get transit out to the internet or access my inside network resources. I have been to the Cisco site, looked through all the Dial up cookbooks, have not found a sample config that suits my needs. Has anyone done this? If so, could you direct me to a link that has a sample config. Thanks!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54797&t=54797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VWIC 2MFT-T1 [7:54796]
Has any one configured a Data T1 on the following card (VWIC 2MFT-T1)? This is very different from what I've seen in the past... I've been looking on CCO for data configuration, but haven't found anything. They say it's possible. Cheers, mkj ~~~ Michael Jablonski ABN AMRO Asset Management Holdings, Inc. 161 North Clark St. 9th Flr Chicago, IL 60601-2468 PH: 312.884.2996 FAX: 312.278.5550 ~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54796&t=54796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Recert [7:54787]
Sorry, I said it may be difficult because I have never looked at the CCIE (R&S) course content! Sorry again, it must be possibel! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54795&t=54787 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: 2500 8mb Flash for sale [7:54794]
Hello Group, I got some 8mb flash memory to sell, pulled from 2500 routers. Looking for $50AUD each. Thanks Albert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54794&t=54794 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unable to telnet on vty ... - cisco1721+NM-BRI [7:54792]
Having problem with telnet on public IP (WAN address for isdn dialin user...). In local network telnet on private ip work fine, but this happens either when there is no access-list applied on any interfaces or line vty 0 4 situation : /** jovam@office:~$ telnet ruter..yy.zz Trying 194.247.xxx.xxx Connected to ruter..yy.zz. Escape character is '^]'. ! <--- 30 sec of delay User Access Verification Password: % Password: timeout expired!Connection closed by foreign host. /** some parts from configuration: /** FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RE: Confused about MTU size [7:54689]
Hi All, A small thing on this. Cross check whenever you are putting that router, what is the default gateway. What I want to indicate over here is, the Microsoft Outlook looks around for the SMTP and POP-3 servers through the default gateway of the machine, so the other applications might work through your Proxy IP or some other solution, but Outlook would always try to go through the Default Gateway of the machine. Hope it helps, Regards, Vikram "Priscilla Oppenheimer" wrote: I agree that it doesn't sound like an MTU problem. There are often problems with MTU when DSL, VPNs, tunnels, etc. are used, so people might jump to that conclusion. But e-mail messages are often very short and would easily fit into most MTUs even after overhead. To test whether it's an MTU problem, try some oversized pings. The MTU issue occurs when a full-sized packet arrives at an interface that needs to squeeze it into an MTU along with the overhead. The interface could fragment, but maybe the application or transport layer set the Don't Fragment bit. Quite a few applications do that as part of their MTU discovery process. The problem is made worse if there's an access list that is blocking the ICMP "Fragmentation required but DF bit set" message. Here's a Cisco article on MTU: http://www.cisco.com/warp/public/105/56.html This isn't a criticism of the original poster, who was already doubting the people who told him it was an MTU problem, but it does give me a chance to get on my soapbox about troubleshooting methods. A lot of people troubleshoot using the technique we learned in grade school to match items from Column A with items from Column B. ;-) Column A has network types and Column B has most common problem for network type. It's important to know about common problems, but it's just as important to gather data, research symptoms, and use logic and reasoning. Cisco's troubleshooting method really does work: 1. Define the problem. 2. Gather facts. 3. Consider possibilities. 4. Create an action plan. 5. Implement the action plan. 6. Observe the results. 7. Do problem symptoms stop? If no, go back to 4 or possibly to 2. If yes, problem resolved, document the results. OK, off my soapbox now! :-) ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com [EMAIL PROTECTED] wrote: > > I found email to be a touchy thing... Especially when dealing > with M$ > 0utlook. Are you sure it's the MTU size that's the problem > with email. > > I know in our situation, I had to add the mail server name & IP > to the host > file of the remote pc. Some times we experience some latency, > but for the > most part it's only been about half a minute. > > Cheers, > mkj > > -Original Message- > From: JohnZ [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, October 01, 2002 8:55 PM > To: [EMAIL PROTECTED] > Subject: Confused about MTU size [7:54689] > > > Can some one explain clearly how does MTU size affect windows > applications > where these applications won't work over a network link. I have > a certain > home user that can establish a vpn tunnel through a DSL to > corporate network > and all applications will work except for email. The only > difference is a > cisco router in between the homeuser and corporate network. > Without this > cisco router (with homeuser directly attached to DSL modem) > there are no > problems. Some one mentioned MTU could be the problem, but if > the frames are > larger then MTU don't they get fragmented and re-assembled at > the other end. > How could MTU size fail single application while everything > else works fine. > Thanks for any help. > > Get Your Private, Free E-mail from Indiatimes at http://email.indiatimes.com Buy Music, Video, CD-ROM, Audio-Books and Music Accessories from http://www.planetm.co.in Change the way you talk. Indiatimes presents "Valufon", Your PC to Phone service with clear voice at rates far less than the normal ISD rates. Go to http://www.valufon.indiatimes.com. Choose your plan. BUY NOW. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54791&t=54689 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BCRAN Passed. [7:54732]
What materials did you use for the BCRAN? How long studying (plus hours/day). Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54790&t=54732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused about MTU size [7:54689]
I belong to the CheckPoint list server and a very similar discussion is happening over there referencing Outlook over a VPN between CheckPoint firewalls. Could this problem be related to Tunnel overhead and packet fragmentation? I think this might be a problem with Microsoft's implementation of the TCP/IP stack and large packets over 1500 MTU. Outlook might not be very happy with fragmentation. There is a registry setting for the end station that forces the MTU to 576 for any packets not destined for the local subnet. This is cut and pasted from http://support.microsoft.com/default.aspx?scid=kb;EN-US;q314053 EnablePMTUDiscovery Key: Tcpip\Parameters Value Type: REG_DWORD - Boolean Valid Range: 0,1 (False, True) Default: 1 (True) Description: Setting this parameter to 1 (True) causes TCP to attempt to discover the Maximum Transmission Unit (MTU or largest packet size) over the path to a remote host. By discovering the Path MTU and limiting TCP segments to this size, TCP can eliminate fragmentation at routers along the path that connect networks with different MTUs. Fragmentation adversely affects TCP throughput and network congestion. Setting this parameter to 0 causes an MTU of 576 bytes to be used for all connections that are not to computers on the local subnet. EnablePMTUBHDetect Key: Tcpip\Parameters Value Type: REG_DWORD - Boolean Valid Range: 0,1 (False, True) Default: 0 (False) Description: Setting this parameter to 1 (True) causes TCP to try to detect "Black Hole" routers while doing Path MTU Discovery. A "Black Hole" router does not return ICMP Destination Unreachable messages when it needs to fragment an IP datagram with the Don't Fragment bit set. TCP depends on receiving these messages to perform Path MTU Discovery. With this feature enabled, TCP will try to send segments without the Don't Fragment bit set if several retransmissions of a segment go unacknowledged. If the segment is acknowledged as a result, the MSS will be decreased and the Don't Fragment bit will be set in future packets on the connection. Enabling black hole detection increases the maximum number of retransmissions performed for a given segment. Anyone willing to modify their end station to force an MTU of 576 and discovery of "blackholes" and report the results. It would be most insightful to see the pre and post registry network sniffer traces of Outlook traffic. I don't have time now, but I think this could be the issue. I think it may be an end station problem. -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 7:58 PM To: [EMAIL PROTECTED] Subject: Re: Confused about MTU size [7:54689] I had the same issue with outlook, its real slow when accessing Imap mail. I set the MTU, adjusted other things, etc..nothing seems to fix this issue for me. I set up Netscape 6.2x messenger/mail. Installed the mail client for Imap mail, and it works fine...sometimes it hangs for a second or two, but not anything like outlook Larry Creighton Bill-BCREIGH1 wrote: >I may be way out of line, but there aren't any access lists which may be >prohibiting the IMAP ports used by exchange, are there. I ran into a config >mess with DMZ's and access lists for a beta product test once. And that was >what we saw - all worked (http, proxy, etc.) but Exchange was gone. Turned >out to be some Checkpoint and access-list tweaking. > > >-Original Message- >From: JohnZ [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, October 02, 2002 5:43 PM >To: [EMAIL PROTECTED] >Subject: Re: Confused about MTU size [7:54689] > >Thanks Priscilla, I definitely don't mind even if it was criticisim >especially coming from some one of your caliber. Thank you for the pointers >and I will do some more deligant troubleshooting. And yes Mike it is outlook >that refuses to work properly. There is no problem browsing, home user is >able to copy files of all sizes with out any problems. We can ping the email >server from the user's workstation heck I am even pc-anwhered into his >machine. But as soon we start outlook it just hangs. I will further >investigate the router's config although it's using a template that's >working elsewhere under different service provider without a hitch. >""Priscilla Oppenheimer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >>I agree that it doesn't sound like an MTU problem. There are often >> >problems > >>with MTU when DSL, VPNs, tunnels, etc. are used, so people might jump to >>that conclusion. But e-mail messages are often very short and would easily >>fit into most MTUs even after overhead. To test whether it's an MTU >> >problem, > >>try some oversized pings. >> >>The MTU issue occurs when a full-sized packet arrives at an interface that >>needs to squeeze it into an MTU along with the overhead. The interface >> >could > >>fragment, but maybe the application or transport layer set the Don't >>Fragment bit. Quite a few applications do t
RE: CCNP Recert [7:54787]
It may not work, what with all these new things that have been added. But I would imagine that if you have some money and get good practice exams, it should do the job, especially if you have been working with the technologies. The best thing of all is that knowledge which you stuggled to get... you just need to refresh, even if you have not been using it! Good Luck Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54788&t=54787 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Recert [7:54787]
I need to recert within a month and don't see any test engines or books. I have passed my R/S CCIE written and now need to recert my CCNP Since my lab is a ways off and was wondering if the IE books help with this ? My CCNP material is out dated since I tested with version 1. Do you think the original ACRC, CLSC, CIT & CMTD will work for the new recert test ? TIA Sean Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54787&t=54787 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Security Specialist 1: To self-study or [7:54767]
Clearly, you cannot do DMZ scenarios, or get a real feel for multiple security levels. Also hot standby is not allowed. However, that said, it is completely compatible with the larger units' IOS, allowing you to use the current version and get hands-on feel for how it differs from the conventional IOS (and how it is evolving to minimize those differences, for that matter). It also supports VPN, the standard gui config tool and other goodies. It was enough for me. Another option might be the FrankenPIX, although I have never personally attempted that. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54785&t=54767 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: switching exam [7:54782]
Here's some advice for the SWTCH 640-604 exam. Read and understand the following link (watch for wrap): http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/campn_wp.htm Shawn K. > -Original Message- > From: Vladimir Rusu [SMTP:[EMAIL PROTECTED]] > Sent: Thursday, October 03, 2002 4:33 AM > To: [EMAIL PROTECTED] > Subject: switching exam [7:54782] > > Hello > > I am going to give the ccnp switching exam. Could anyone help me with some > important notes about the exam or some important advice about practice, > what > simulator to use .. > > Thank you > > > > - > Do you Yahoo!? > New DSL Internet Access from SBC & Yahoo! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54786&t=54782 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Need help on BGP [7:54737]
HI Binoy, Try to get the book "Internet Routing Architectures" by Basam Halabi if you want to study BGP in depth. You can also try the following link. http://www.cisco.com/warp/public/459/bgp-toc.html regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54784&t=54737 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Practical exam question [7:54783]
Does anyone know if the CCIE practical exam is 'regional specific', i.e. will I need in-depth knowledge of T-1 & T-3 services despite living and working in the UK? Many thanks in advance Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54783&t=54783 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
switching exam [7:54782]
Hello I am going to give the ccnp switching exam. Could anyone help me with some important notes about the exam or some important advice about practice, what simulator to use .. Thank you - Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54782&t=54782 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Still worth it ? - was: RE: Lookee Lookie - new [7:54781]
Hi, As you probably noticed that quite a number of CCIEs are jobless in the US, and seems like Cisco professionals has been oversupplied to the market. Since this is the case, I would say the certification is losing its attractiveness. As always, a bit advice. Take and pass the cert only when you know the stuff, and live with the credentials instead of tainting it. A paper cert will last only 5-10 mins in technical interview. My 2 cents Regards, Leonard Ong, CISSP, CSS-1, CCSE, MCSE, MCDBA, CCNP, CCDP, NSA, LCP Network Security Specialist, APAC NOKIA Email. [EMAIL PROTECTED] Mobile. +65 9431 6184 Phone. +65 6723 1724 Fax.+65 6723 1596 -Original Message- From: ext Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 5:03 AM To: [EMAIL PROTECTED] Subject: Re: Lookee Lookie - new certifications [7:54435] Howard C. Berkowitz wrote: > > >Robert Edmonds wrote: > >> > >> Here's another benefit I see from certifications like this: > >> there are > >> things that all of us know how to do, but if asked to walk > >> someone through > >> it over the phone, couldn't do it. For example, for me it > >> would be DNS > >> configuration. I can do it, but I can't tell YOU how to do > >> it. I know it > >> just well enough to kind of stumble through it and get it > >> working. And I > >> can get it working CORRECTLY. It's just that I am weak in > that > >> area. With > >> a performance based test in a lab situation, I could pass by > >> getting it to > >> work, but I may not be able to answer the question > correctly on > >> paper. And, > >> in my opinion, it's more important to be able to "walk the > >> walk" than "talk > >> the talk". What do you think? > > > >Talking the talk is very important too. Think proactively. > Hopefully, before > >long, you'll be moving up in the world. If you can train your > replacement to > >do what you did, then you can move up with fewer impediments. > If you can't > >train a replacement, then you may not be able to move up, or > you may move up > >and continually get calls from your replacement asking for > your help. > > Increasingly, I like my conceit of talking the walk. I should have said talking the walk. That's what I had in mind. > Talking > the talk > may be more characteristic of sales. Remember, some of the > important > distinctions between a seller of used cars and an account > executive > for networking are that the seller of used cars both knows when > he is > lying and how to drive. > > Walking the talk also makes more sense -- it is the ability to > listen > and learn, and can be generalized to researching who has talked > about > what. Or it could be trying to implement what that talkative sales person sold you?? ;-) Priscilla > > > > > > >I have worked with engineers who have never given any thought > to learning, > >training, etc. You know the type who can only work with > concrete things and > >considers any social science like education or psychology to > be hogwash. ;-) > > Were it not for social sciences like anthropology, you and I > couldn't > be tribal elders or shamans. > > >These types get stuck doing all sorts of mundane things that > are beneath > >them because they can't explain to someone else how to do it. > This probably > >doesn't apply to you, but it's just something to think about. > > > >It's funny that you use DNS as an example. I'm working with an > engineer > >right now who has said he will show me his DNS tasks but he > has failed to do > >this. I wonder if it's because he only does it once in a while > and is afraid > >that he won't be able to explain it to me. I'll try to go easy > on him, now > >that you have helped me see his side of the story. :-) > > > >Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54781&t=54781 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Security Specialist 1: To self-study or not to [7:54780]
Hi, As usual, if you have chance to practice hand-ons alot, you may pass with self-study and vice versa. Regards, Leonard Ong, CISSP, CSS-1, CCSE, MCSE, MCDBA, CCNP, CCDP, NSA, LCP Network Security Specialist, APAC NOKIA Email. [EMAIL PROTECTED] Mobile. +65 9431 6184 Phone. +65 6723 1724 Fax.+65 6723 1596 -Original Message- From: ext Eric Mwambaji [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 4:35 AM To: [EMAIL PROTECTED] Subject: Cisco Security Specialist 1: To self-study or not to [7:54756] I am interested in pursuing the CSS1 designation. Can anyone tell me if this cert is a bear without the necessary training. There is a slight chance I may be able to get my employer to spring for the classes but I need to find out more before I start 'pulling teeth'. I have self-studied up to the CCNP level but I'm not sure I'll be able to get to all gear I need for this cert. Any input is appreciated. Thanks Eric CCNP __ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54780&t=54780 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE R&S Written Study Partner in Stockton,CA [7:54599]
There is gotta be someone near Stockton!!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54779&t=54599 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ARP -- UNIXWARE servers [7:54778]
I Have an issue I'm curious about. I've set up HSRP on a 6513. We have more servers with Unixware O.S. installed. These machines learn all MAC addresses from all routers not one from active router. Thank you for your input. Marian The IT department of the Romanian Bank for Development Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54778&t=54778 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
