Passed DQoS [7:59951]
Hi Group, Today I passed the DQoS exam with this I complete the Cisco IP Telephony Support Certification. About the exam it is the easiest of the 3 exams in this track.You have 90 min to answer 60 questions and passing score is 720. Kind Regards/Thangavel **Disclaimer** Information contained in this E-MAIL being proprietary to Wipro Limited is 'privileged' and 'confidential' and intended for use only by the individual or entity to which it is addressed. You are notified that any use, copying or dissemination of the information contained in the E-MAIL in any manner whatsoever is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59951t=59951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR Low Latency Queuing (LLQ) [7:59820]
Hi Ivan, Comments within lines From: Ivan Yip Hi All, I am a little bit confused about LLQ. Below is my understanding after digesting some documentation and feedback from others. Please correct me if I'm wrong. 1. LLQ=PQ+CBWFQ and PQ is defined by using 'priority' You are correct. 2. if using 'bandwidth', then I'm not using LLQ. What I'm using is CBWFQ. You are only allowed to use the priority keyword with the PQ where its main concern is to forward packets as fast as it can. That's why no queue size is configured for it. As your main concern is latency so once the defined bandwidth you assigned for the PQ using the priority keyword is reached the PQ will start dropping immediately. The point here is: Dropping a voice packet is better than delivering it delayed - from the voice quality prespective - You start using the bandwidth keyword with the rest of the classes defined to indicate the usage of CBWFQ. Also you will need to use WRED in order to define min_threshold, max_threshold, and how fast you drop from each class via the exponentianl value defined. 3. PQ (from LLQ) defines the min. and max. guaranteed bandwidth to the traffic I defined during congestion. Not necessary during congestion. PQ is treated separetly from the CBWFQ to gurantee low latency for this type of traffic even in normal situations. Imagine a voice packet waiting for a long data packet to be transmitted. This will make the voice packet delayed - i.e. degradation in voice quality which we don't want to happen - this will lead to the fact that you will need to configure LFI to avoid long data packets delaying your voice. Also, do I need to define the class-default under policy? eg,policy-map 1 class 1 priority 80 class class-default fair-queue What's the difference if I'm not defining the class-default? Yes you need doing so. But when you do so you will also define the min_threshold, max_threshold of this class default. After all traffic classified in default class is not sentitive at all for delay and more packets could be kept in its queue without a noticable degradation in performance. For example: Policy-map out class A Bandwidth percent 50 random-detect random-detect exponential-weighting-constant 3 random-detect precedence 3 2 5 1 class class-default fair-queue random-detect random-detect exponential-weighting-constant 2 random-detect precedence 0 6 18 1 Yasser misconduct and Nondisclosure violations to [EMAIL PROTECTED] 3 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59952t=59820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DLSW+ Please help!!! [7:59953]
I'm sure this question has been asked a million times, but the archives aren't giving me the answer I'm looking for. I have spent hours on this, yet I still couldn't configured out what went wrong... WorkstationA -- RTA --- Frame-Relay Switch --- RTB -- WorkstationB When I initiate traffic by clicking on Network Neighborhood, I can see the MAC addresses showing up from the show bridge command show dlsw reachability I can also see the DLSW peers' states as Connect. Yet the circuit keeps on getting to the CKT_START state (as shown below), then the circuit will disappear, and I just can't see the other computer via Network Neighborhood. RTB#sh dlsw circuits Index local addr(lsap)remote addr(dsap) state uptime 788529156 000a.5d6e.57fa(F0) 000a.209d.a221(F0) - RTB# On the log, I see this suspicous error message:- Dec 30 21:27:22.323 UTC: CSM: Peer lf 516 less than CUR_cs lf 1500 And I have tried to change the MTU on the main Serial interface to 3000, 4000, 150 on RTA, B Frame Switch, but no luck Anyway, here are some other show outputs... RTA#sh bridge Total of 300 station blocks, 298 free Codes: P - permanent, S - self Bridge Group 1: Address Action Interface Age RX count TX count 0050.ba76.ea5f forward DLSw Port01 4 0 0050.04b9.4584 forward FastEthernet0/0 0 7 0 RTA# RTB#sh bridge Total of 300 station blocks, 298 free Codes: P - permanent, S - self Bridge Group 1: Address Action Interface Age RX count TX count 0050.ba76.ea5f forward Ethernet0 1 4 0 0050.04b9.4584 forward DLSw Port00 4 0 RTB# RTA#sh dlsw peer Peers:state pkts_rx pkts_tx type drops ckts TCP uptime LLC2 Se0/0.1 120 CONNECT174 160 conf 00 - 00:46:53 Total number of connected peers: 1 Total number of connections: 1 RTB#sh dlsw peer Peers:state pkts_rx pkts_tx type drops ckts TCP uptime LLC2 Se0 121 CONNECT159 170 conf 00 - 00:46:14 Total number of connected peers: 1 Total number of connections: 1 Here are the config for my routers... For RTA- dlsw local-peer peer-id 1.1.1.1 promiscuous dlsw remote-peer 0 frame-relay interface Serial0/0.1 120 dlsw bridge-group 1 interface Loopback0 ip address 1.1.1.1 255.255.255.255 interface FastEthernet0/0 no ip address speed 10 half-duplex bridge-group 1 interface Serial0/0 no ip address encapsulation frame-relay no fair-queue frame-relay lmi-type cisco ! interface Serial0/0.1 multipoint ip address 172.16.1.1 255.255.255.0 no ip split-horizon eigrp 2001 frame-relay map llc2 120 broadcast frame-relay map ip 172.16.1.5 110 broadcast frame-relay map ip 172.16.1.6 120 broadcast router eigrp 2001 passive-interface FastEthernet0/0 network 1.0.0.0 network 172.16.0.0 no auto-summary bridge 1 protocol ieee As for RTB:- dlsw local-peer peer-id 3.3.3.3 dlsw remote-peer 0 frame-relay interface Serial0 121 dlsw bridge-group 1 interface Loopback1 ip address 3.3.3.3 255.255.255.255 interface Ethernet0 no ip address bridge-group 1 interface Serial0 ip address 172.16.1.6 255.255.255.0 encapsulation frame-relay no fair-queue clockrate 64000 frame-relay map llc2 121 broadcast frame-relay map ip 172.16.1.5 121 broadcast frame-relay map ip 172.16.1.1 121 broadcast no frame-relay inverse-arp router eigrp 2001 network 3.0.0.0 network 172.16.0.0 no auto-summary no eigrp log-neighbor-changes bridge 1 protocol ieee Did I do anything wrong??? Any comments would be greatly appreciated. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR Low Latency Queuing (LLQ) [7:59820]
Hi, Please encure that LLQ( when u use Priority command) is supported on following IOS LLQ on Frame-Relay supported on Ver 12.1(2)T(Your config has frame-relay) and on other interfaces u need 12.0(7)T... -Original Message- From: Ivan Yip [mailto:[EMAIL PROTECTED]] Sent: Friday, December 27, 2002 12:06 PM To: [EMAIL PROTECTED] Subject: FR Low Latency Queuing (LLQ) [7:59820] Hi, I would like to configure QoS by using FR LLQ. I have the following network test lab. pc1 --| ---router1FR network-router FTP server pc2---| I want to test the LLQ feature, ie, fixed bandwidth allocated to certain taffic. I tested with the following steps 1. upload from pc2 to FTP server to make the FR PVC congested. 2. then upload from pc1 to FTP server If no qos defined, the bandwidth will roughly equally shared. (This was tested and OK) 3. Then I define the LLQ on router1 to guarantee the bandwidth from PC1 by 'bandwidth' or 'priority' and test ftp upload again. Configuration is below: class-map match-all 1 match access-group 20 policy-map 1 class 1 bandwidth 80 or priority 80 (** define 80k to this policy) interface Serial0/0 bandwidth 128 no ip address encapsulation frame-relay IETF load-interval 30 no fair-queue frame-relay traffic-shaping frame-relay lmi-type ansi ! interface Serial0/0.1 point-to-point bandwidth 128 ip address 10.114.0.14 255.255.255.252 frame-relay interface-dlci 200 class llq1 map-class frame-relay llq1 frame-relay traffic-rate 128000 128000 no frame-relay adaptive-shaping frame-relay cir 128000 frame-relay bc 1280 frame-relay be 0 frame-relay mincir 128000 service-policy output 1 access-list 20 permit 192.168.10.2 (ip address of pc1) However, when I use 'bandwidth 80', I found the average throughput from pc1 will have around 80k but the traffic rate is vary from time to time. (somtimes 100k and sometimes 50k). Why? Even worse, if I use 'priority 80', the traffic from pc1 can only have average around 30k during link congestion. Why? Also, the ping delay from pc1 to router2 and pc2 to router2 are almost equal (either bandwidth or priority). I expected that the ping from pc1 will get better response as the bandwidth was guaranteed. Anyone can give me some hints on above questions? Thanks in advance. rgds, ivan **Disclaimer Information contained in this E-MAIL being proprietary to Wipro Limited is 'privileged' and 'confidential' and intended for use only by the individual or entity to which it is addressed. You are notified that any use, copying or dissemination of the information contained in the E-MAIL in any manner whatsoever is strictly prohibited. *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59954t=59820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Query on VOIP [7:59933]
One important info I missed out is that I am making a call from the dialer program on my pc to a regular telephone in the PSTN network.The destination is able to hear my voice on his speaker(PSTN phone) but I am not able to hear his voice on my headset connected to my PC.Hope this gives some clarity... ss ss wrote: Hello all!! I am working for a carrier company who uses ip network consisting of Cisco Routers to transport voice calls.The company deals mainly with pre-paid calling cards.The customer buys the card and dials a toll free no. to make a voice call or makes a call thro a dialer program(Installed on the pc) which sends the calls thro the ip network.When i make a call from a dialer on a pc which has a dialup connection,then absolutely there is no problem. But when I make a call from a pc which is on the Home LAN then only the destination party is able to hear my voice.I am not able to hear their voice.We r not using any firewalls as of now in the home but may go for it in the future.Nat has been configured on our home router and we hv a DSL connection to the ISP.I am not able to figure out the problem.can someone help me in identifying the problem Thanx in advance.. Cheers ss Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59955t=59933 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
STP and CDP Ethernet Frames use 802.3 format - Why? [7:59956]
Can anyone explain the above and why they do not use the Ethernet_II format? Many thx Ken Farrington Global Networks, Barclays Capital, 5 The North Colonnade, Canary Wharf, London, E14 4BB * Tel : 020 7773 3550 * Mob : 07768-866655 * [EMAIL PROTECTED] For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59956t=59956 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: why con 0 password doesn't work?? [7:59938]
Don't use 7 on the password line. You also need a 'login' command. Line con 0 Password xxx login -Original Message- From: Richard Campbell [mailto:[EMAIL PROTECTED]] Sent: Monday, December 30, 2002 12:00 AM To: [EMAIL PROTECTED] Subject: why con 0 password doesn't work?? [7:59938] Hi.. Dear Group, I would like to know why console password doesn't work. I key in my console password in the following manner. But when I plug in the console, it straight away give me a switch prompt. Why it never prompt me passord before showing us switch line con 0 password 7 XXX Thanks a lot _ The new MSN 8: smart spam protection and 3 months FREE*. http://join.msn.com/?page=features/junkmailxAPID=42PS=47575PI=7324DI=7474SU = http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_smartspamprotec tion_3mf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59957t=59938 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: STP and CDP Ethernet Frames use 802.3 format - Why? [7:59958]
At 12:14 PM + 12/30/02, [EMAIL PROTECTED] wrote: Can anyone explain the above and why they do not use the Ethernet_II format? Many thx Well, I can't say exactly why the developers did do it, but it's reasonable to assume that newer protocols are being implemented using the newer 802.3 than the DIX Ethernet specification. The changes in 802.3 (assuming 802.2 is also used, not as in IPX), do clean up a problem or two in Ethernet_II Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59958t=59958 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Problem 7206 PA-A3-OC3 and Multilink E1 [7:59959]
Hello people, I have a problem in my 7206 when I insert a Port Adapter ATM OC3 (PA-A3-OC3) in the chassis, then the Multilink of E1's is down. This device has a PA-8T-V35, in this PA is possible run E1 connections, and PA-FE-TX. In this router there are 5 E1 connections, 3 E1 connections are group in a multilink, and the others 2 E1 aren't group. So the router run perfectly, but the problem take place when I insert the PA-A3-OC3, the Multilink E1 is down. Can anybody help me? Regards to all, and Happy new year. -- -- Alfredo Pulido [EMAIL PROTECTED] Dept. Sistemas, IdecNet S.A. Juan XXIII 44 // E-35004 Las Palmas de Gran Canaria, Las Palmas // SPAIN Tel: +34 828 111 000 Fax: +34 828 111 112 http://www.idecnet.com/ -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59959t=59959 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: coutom queuing [7:59824]
Unfortunatelly I donĀ“t think there is one that do not require a login. Here is an example that summarizes the explanation: For example, there are 3 flows, with the following packet size: A - 1000 bytes B - 1000 bytes C - 1000 bytes The required bandwidth is: A = 20 % B= 50% C= 30% The question is how to convert the percentage bandwidth in Byte Count. Divide the bandwidth by the packet size: 20/1000=0.02 50/1000=0.05 30/1000=0.03 Normalize the numbers: 0.02/0.02 = 1 0.05/0.02 = 2.5 0.03/0.02 = 1.5 Round up the numbers: 1 3 2 Multiple this number by the packet size 1 * 1000 = 1000 3 * 1000 = 3000 2 * 1000 = 2000 These numbers means that the system should transmit 1000, 3000 and 2000 from each queue, respectively, to achieve 20, 50 and 30%. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59960t=59824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: need enable password when have secret pw? [7:59944]
At 5:34 AM + 12/30/02, Kenny Smith wrote: Hi.. When I was setting up my router configuration. It prompts me for secret password and enable password. But I want to how why I still need enable password when I have the enable secret? When I type Enable, i will be required to type in my secret password. Then when the enable password will be used??? Sorry for such a simple question.. Thanks No, it's not a simple question. The two passwords were introduced to deal with some legacy IOS implementations that didn't understand the secret password encryption. The real question is whether any of those implementations are still in use. Now, when I write a lab, I use enable password, because there isn't a security issue and it's useful not to have to memorize the password. Indeed, when I write semi-automated labs, I require standard password strings so the test shell can execute standard scripts. In production networks, however, I only use enable secret. I haven't seen any problems with this in years. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59962t=59944 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson Exam for CIPT [7:59924]
At 5:49 AM + 12/30/02, The Long and Winding Road wrote: Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... At 3:00 AM + 12/29/02, Lan Wong wrote: Greetings, snip some things I'll also throw out a general question. A post not long ago asked to compare the labs of one vendor versus another, and I am affiliated with one of the two. The question was which is better, and, if I responded, I would have said they really can't be compared directly, because they are designed for different learning objectives. Would such a comment from the designer be acceptable? In other words, no direct competitive analysis, but just a statement of the design philosophy? While I think such information would be useful, I'd rather not see it posted that trigering a series of mine is better than yours posts. OK, Howard, I'll bite on this one, especially as seeing we had some conversation off line on this very topic. Actually, I meant it for offline, but as long as it's here, I think it's a worthy discussion. Let me talk about the way I personally design labs that are not labeled CCIE Lab Practice. My approach is to focus on one technology at a time, and then the interactions of that technology with others. This works especially well in a situation where you have additional study material -- and, before anyone jumps to conclusions about commercial products, this is how I developed advanced classes that I did both independently and with training partners. In my classroom advanced routing course (mostly OSPF), I did the bulk labs differently than most Cisco courses. Rather than splitting into teams and doing a reasonably complete scenario, after each lecture concept, I'd have them type a few configuration statements before and after doing show commands, and possibly a debug once they were configuring. Hypothetical example: show routes, show protocols router OSPF with one network statement show routes, show protocols, show ip ospf database and other OSPF displays start debug on the local router and a second router on a second router, bring up OSPF on an interface that doesn't connect to the first router, and do the various displays. start OSPF on an interface that connected to the other router, and watch what happens. While this is going on, display either the live displays or prerecorded ones with comments on the classroom screen. Discuss with the class what they are seeing. - During this exercise, people have been configuring within single areas. I may then ask them, on their own, to establish full connectivity within their areas, but not to bring up backbone interfaces. -- Now, again walk through the process of inter-area connectivity. -- Do some form of summarization -- Take a break or lunch, during which I break some of the configurations and make it a troubleshooting exercise on their return ** Several writers of study guides (e.g., Satterlee and Hutnik) do things along these lines. Other vendors of scenarios provide varying amounts of study materials -- perhaps no more than links to the documentation CD -- but do not immediately start with a CCIE-like multiprotocol lab. ** There is ABSOLUTELY NOTHING WRONG with writing CCIE-like multiprotool labs. Just know they serve a different learning objective than the CCIE practice lab. I for one would love to see some interaction between the various purveyors of CCIE Lab prep materials regarding their products and the thought processess behind them. Not a sales pitch, but rather a discussion of the kinds of things that are included in their labs, why, and what skill set they believe is necssary for the attainment of the CCIE. As I said privately, I don't know how much ice anything I say might cut, as I have not succeeded as yet. But if I were asked today, I would say that there are just a couple of keys - mastery of the core topics which are pretty much discernable from any of the practice lab workbooks, or from Caslow, and then also a GOOD Lab methodology, or game plan. I can't say much about the core topics publicly because it could be construedas an NDA violation, but anything regarding game plan is fair game. Caslow's methodology is brilliant, although, as he suggests, it's much like the organization of a graduate school seminar (flash back to CCIE vs. degree discussion). My approach uses some of those same skills, but also uses a lot of the what problem are you trying to solve. I recognize that CCIE is not a design test, but I do think the ability to abstract the process independently of the configuration is very useful. BTW, I am not so sure I agree that lab writing is a CCIE skill set. I'd like you to elaborate more on why you believe that the ability to write a good lab is indicative of CCIE level skill. Maybe some other folks have some thoughts on this as well. Well,
RE: Possible Attack???? [7:59813]
Unfortunetly I cant share anything else not because I dont want to but because these machines are owned by another customers. I am planning on following up with my customer to see if he can get some info from his customer in regards to what happend. Once I know I will post it. Thanks again. Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, December 27, 2002 7:24 PM To: [EMAIL PROTECTED] Subject: RE: Possible Attack [7:59813] Sounds like you used a good method to track down the compromised machines (Sun Spark Stations.) Can you tell us anything more about what had happened to them? Had someone installed a Trojan Horse or something?? Are there any URLs that describe the attack. I tried to find some last night but didn't, but maybe with more info you have found some. I think it would help us all to know more if you can share more. Thanks for what you've told us so far! Priscilla ([EMAIL PROTECTED] wrote: I was finally able to track down the infected PC's (yes, more than one). Below is a brief description of what occurred and the fix. First, thanks to all that responded to me. As previously mentioned, I had an attack on a customer of mines network that was showing up as follows: SrcIfSrcIPaddressDstIfDstIPaddressPr SrcP DstP Pkts Fa0/1127.0.0.124 Se1/2.500108.122.0.0 00 285 The above capture is just 1 of a few hundred packets similar to it and all coming from a different source address on the 127.0.0.0 network. The amount of traffic was so large that at times it peaked to over 20MB and as a result it overran my WAN interfaces causing BGP to flap / reconverge. Just when BGP got a chance to come back up and learned all 115000 routes, the attack occured again and the links would flap. Pingging the 127.0.0.x IP address from the edge router where the attack was initially spotted did not give me any replies. All I got were U. I was also not able to ping the broadcast address as all it gave me was U (unreachables) as well. There was no ARP entries on that router for that IP. I ended up enabling Netflow on the edge router (what you see above) in order to get more detail of what was going on. I got to see what interface it was coming in on so I applied an access-list on the router to filter out these packets. That allow the router and bgp to stabilize. The next thing was to move on to the switch that was connected to this FA0/1 interface. This switch has a router module, I ended up doing the same thing as I did on the edge router except this time I also connected to the sc0 interface and I enabled one port as the mirroring port on the switch and placed a PC with Etherreal to monitor everything that was destined to 108.122.0.0 and I finally got a MAC address. I issued the show CAM command on the switch and it told me where it came from which was another switch. I moved on to that other switch. The MAC address that was being reported was the MSM route module of that switch. I enabled netflow on it as well and I was able to see the vlan that the attack was coming on and the VLAN where it was destined to. Luckily there were only 2 PCs (Sun Spark Stations) on that vlan and both were compromised. I removed them from the network and all is well. I did also have MRTG which help some with identifying when the attack was going on and what direction it was coming on and with the ports that were being most heavily utilized. This network is pretty big so it was difficult to monitor all the ports that were suspects. Thank you all again for your help. As far as the runt packets are concerned, to tell you the truth, I noticed that but did not pay to much attention to that part of the Netflow output since I was all wrapped up on tracking down where these packets were coming in from. Right now packets with size of 1-32 account for about 50% of all traffic. Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) -Original Message- From: jhodge [mailto:[EMAIL PROTECTED]] Sent: Friday, December 27, 2002 4:34 PM To: [EMAIL PROTECTED] Subject: RE: Possible Attack [7:59813] Not sure if this will help, but you could enable ip accounting on the uplink interface to the switch. Watch for the address that is pouring out the most requests. Then use sho ip arp x.x.x.x to find the mac address. From there you could go to the switch and do a show cam dynamic or if IOS version, show mac-address-table with the mac address found with the most requests. This would hunt down the culprit machine without a person walking to each
Re: Boson Exam for CIPT [7:59924]
Howard, I second the vote for a discussion.. assuming all parties can keep it civil and not have degenerate into the *mine is better then yours*... I know different vendors have different goals and ways to obtain the goals with their products. It would interesting to hear about the differences. MikeS -- Tutorials - Whitepapers - Security - Wireless- News Find me at www-dot-packetattack-dot-com Lan Wong wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greetings, I am currently preparing for the CIPT Exam and was wondering if someone can suggest the best Boson exam to use for this test. Thanks in advance _ The new MSN 8: smart spam protection and 3 months FREE*. http://join.msn.com/?page=features/junkmailxAPID=42PS=47575PI=7324DI=747 4SU= http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_smartspampr otection_3mf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59963t=59924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Group Study [7:59923]
Hi Shahin, My name is Reza and I am also in Northern Virginia area (Reston) and working on my CCIE (RS). I noticed that you want to work with some one who is interested in CCIE Security, Do you have your CCIE RS already or just interested in security?. Look forward to hear from you. Thanks Reza Shahin Ansari wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greetings- I am in Northern Virginia Area and wondering if there is anyone who wants to study for security CCIE? Sincerely, Sean Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59965t=59923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Possible CDP bug? Check it out! [7:59929]
Try setting the speed on the router interfaces. I've run into this before where the Ether ports were still trying to negotiate the speed even though the switchport may be hard set to 10 / full. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59966t=59929 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN over DLSW [7:59967]
Hi Group, I am very very confused about DLSW over ISDN. I tried to simulate the CCO example at:- http://www.cisco.com/en/US/customer/tech/tk331/tk336/technologies_tech_note0 9186a0080093ecb.shtml Firstly, by following the example exactly, I managed to get everything to work. However, according to Solie (p923), I have also read up lots of GroupStudy posts, in order for ISDN to work with DLSW, one would need these keywords on both ISDN routers:- keeplive 0 on Local-peer statement Timeout 90 on Remote-peer statement Yet on this CCO e.g., neither of these are used. Why Second Question, to make matter worse, after I have tried to put these two keywords on the 2 ISDN routers, RTA don't even dial to RTC anymore... Any ideas would be greatly appreciated. On RTA - Tatiasaurus (Loopback int - 1.1.1.1 for simplicity) dlsw local-peer peer-id 1.1.1.1 keepalive 0 dlsw remote-peer 0 tcp 2.2.2.2 timeout 90 dlsw remote-peer 0 tcp 3.3.3.3 backup-peer 2.2.2.2 timeout 90 dlsw bridge-group 1 RTB - Diplodocus (Loopback int - 2.2.2.2) dlsw local-peer peer-id 2.2.2.2 dlsw remote-peer 0 tcp 1.1.1.1 dlsw bridge-group 1 RTC - Tanius (Loopback int - 3.3.3.3) dlsw local-peer peer-id 3.3.3.3 keepalive 0 promiscuous dlsw remote-peer 0 tcp 1.1.1.1 timeout 90 dlsw bridge-group 1 Thanks. H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59967t=59967 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS Feature Codes / Image Naming Convention [7:59907]
Actually several years back the K designation was what is now refered to as J or Enterprise, D was IP, IPX and Appletalk or Deasktop. oh the simple daze... Dave s vermill wrote: Please take special note of the k feature set. Someone had a sense of humor but was apparently found out. a a APPN a2 ATM a3 APPN replacement b b Appletalk boot boot image c c Comm-server/Remote Access Server (RAS) subset (SNMP, IP, Bridging,IPX, Atalk, Decnet, FR, HDLC, PPP, X,25, ARAP, tn3270, PT, XRemote, LAT) (non-CiscoPro) c CommServer lite (CiscoPro) c2 Comm-server/Remote Access Server (RAS) subset (SNMP, IP, Bridging,IPX, Atalk, Decnet, FR, HDLC, PPP, X,25, ARAP, tn3270, PT, XRemote, LAT) (CiscoPro) c3 clustering d d Desktop subset (SNMP, IP, Bridging, WAN, Remote Node, Terminal Services, IPX, Atalk, ARAP) (11.2 - Decnet) d2 reduced Desktop subset(SNMP, IP, IPX, ATALK, ARAP) diag IOS based diagnostic images e e IPeXchange (no longer used in 11.3 and later) - StarPipes DB2 Access - Enables Cisco IOS to act as a Gateway to all IBM DB2 products for downstream clients/servers in 11.3T eboot ethernet boot image for mc3810 platform f f FRAD subset (SNMP, FR, PPP, SDLLC, STUN) f2 modified FRAD subset, EIGRP, Pcbus, Lan Mgr removed, OSPF added g g ISDN subset (SNMP, IP, Bridging, ISDN, PPP, IPX, Atalk) g2 gatekeeper proxy, voice and video g3 ISDN subset for c800 (IP, ISDN, FR) h h For Malibu(2910), 8021D, switch functions, IP Host hdiag Diagnostics image for Malibu(2910) i (used for image names of platforms c2500 and larger) i IP subset (SNMP, IP, Bridging, WAN, Remote Node, Terminal Services) i2 subset similar to IP subset for system controller image (3600) i3 reduced IP subset with BGP/MIB, EGP/MIB, NHRP, DIRRESP removed. i4 subset of IP (5200) ipss7 IP subset with SS7 (2600) j j enterprise subset (formerly bpx, includes protocol translation) *** not used until 10.3 *** k k kitchen sink (enterprise for high-end) (same as bx) (Not used after 10.3) k1 Baseline Privacy key encryption (On 11.3 and up) k2 high-end enterprise w/CIP2 ucode (Not used after 10.3) k2 Triple DES (On 11.3 and up) k3 56bit SSH encryption k4 168bit SSH encryption k5 Reserved for future encryption capabilities (On 11.3 and up) k6 Reserved for future encryption capabilities (On 11.3 and up) k7 Reserved for future encryption capabilities (On 11.3 and up) k8 Reserved for future encryption capabilities (On 11.3 and up) k9 Reserved for future encryption capabilities (On 11.3 and up) l l IPeXchange IPX, static routing, gateway m m RMON (11.1 only) m Catalyst 2820-kernel, parser, ATM signaling, Lane Client, bridging n n IPX o o Firewall (formerly IPeXchange Net Management) o2 Firewall (3xx0) o3 Firewall with ssh (36x0 26x0) p p Service Provider (IP RIP/IGRP/EIGRP/OSPF/BGP, CLNS ISIS/IGRP) p2 Service Provider w/CIP2 ucode p3 as5200 service provider p4 5800 (Nitro) service provider p5 Service Provider (6400 NRP) p7 Service Provider with PT/TARP (2600, 3640) q q Async q2 IPeXchange Async r r IBM base option (SRB, SDLLC, STUN, DLSW, QLLC) - used with i, in, d (See note below.) r2 IBM variant for 1600 images r3 IBM variant for Ardent images (3810) r4 reduced IBM subset with BSC/MIB, BSTUN/MIB, ASPP/MIB, RSRB/MIB removed. s s source route switch (SNMP, IP, Bridging, SRB) (10.2 to 11.1) s Additions by Platform via PLUS packs c1000 (OSPF, PIM, SMRP, NLSP, ATIP, ATAURP, FRSVC, RSVP, NAT) c1005 (X.25, full WAN, OSPF, PIM, NLSP, SMRP, ATIP, ATAURP, FRSVC, RSVP, NAT) c1600 (OSPF, IPMULTICAST, NHRP, NTP, NAT, RSVP, FRAME_RELAY_SVC) AT s images also have: (SMRP,ATIP,AURP) IPX s images also have: (NLSP,NHRP) c2500 (NAT, RMON, IBM, MMP, VPDN/L2F) c2600 (NAT, IBM, MMP, VPDN/L2F, VOIP and ATM) c3620 (NAT, IBM, MMP, VPDN/L2F) In 11.3T added VOIP c3640 (NAT, IBM, MMP, VPDN/L2F) In 11.3T added VOIP c4000 (NAT, IBM, MMP, VPDN/L2F) c4500 (NAT, ISL, LANE, IBM, MMP, VPDN/L2F) c5200 (PT, v.120, managed modems, RMON, MMP, VPDN/L2F) c5300 (MMP, VPDN, NAT, Modem Management, RMON, IBM) c5rsm (NAT, LANE and VLANS) c7000 (ISL, LANE, IBM, MMP, VPDN/L2F) c7200 (NAT, ISL, IBM, MMP, VPDN/L2F) rsp (NAT, ISL, LANE, IBM, MMP, VPDN/L2F) t t AIP w/ modified Ucode to connect to Teralink 1000 Data (11.2) t Telco return (12.0) u u IP with VLAN RIP (Network Layer 3 Switching Software, rsrb, srt, srb, sr/tlb) v v VIP and dual RSP (HSA) support v2 Voice V2D v3 Voice Feature Card v4 Voice (ubr920) w w WBU Feature Sets i IISP l LANE PVC p PNNI v PVC trafffic shaping w2 Cisco Advantage ED train Feature Sets a IPX, static routing, gateway b Net Management c FR/X25 y Async w3 Distributed Director Feature Sets x x X.25 in 11.1 and earlier releases and on c800 in 12.0T x FR/X.25
BCSI/CCNP Study Partner [7:59969]
Looking for a serious, dependable, reliable, honest, smart, literate, etc. study partner with *high* levels of motivation. Think we can do a full CCNP in six months? Looking for BCSI study partner(s), and if it gels well, CCNP study partner(s), in the San Francisco area. Not much into driving in this traffic, so someone in the city would be preferable. You *must* have lab equipment to share. I bring 2x2501, 2x2621, 2x2924, 1x3640, and lots more Cisco and Sun gear to the table. I have ADSL with five static IPs. I am always adding new pieces to my lab. Please have something that adds to the lab besides another 2501, and please have more than just a couple pieces of equipment. I don't like bearing the sole burden of providing equipment for others to practice on. I can host sometimes, but be aware of limited space, a newborn in the house, a wife with some attitude, and horrible street parking availability. You must be able to host at least equal time. Please write and let me know what your goals are, your location and availability, and your equipment list. Looking to start mid- to late-January. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59969t=59969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Study Product Design Discussion [7:59970]
Well, as a first step to civility, I've changed the name of the thread to something neutral. At 3:19 PM + 12/30/02, MikeS wrote: Howard, I second the vote for a discussion.. assuming all parties can keep it civil and not have degenerate into the *mine is better then yours*... I know different vendors have different goals and ways to obtain the goals with their products. It would interesting to hear about the differences. MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59970t=59970 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Laying Cable Accross the Pond [7:59971]
Team, I was just having a discussion with a co-worker about how companies lay cable across the pond and how they troubleshoot cable splices etc. Does anybody have any documentation or Video they can share on this? We're just curious on how all this works. If you do this type of work let me know. Thanks in advance. Travis Bolton Web Media CCNP,CCDA Try not to become a man of success, but rather try to become a man of value. - Albert Einstein Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59971t=59971 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passed DQoS [7:59951]
Sounds like they have cleaned up this exam alot. When I took the exam it was disgusting, full of errors. In a few instances there were questions with no possible correct answers. Congratulations.. on to the next - never ends huh ;) -- Thank you, Colin McNamara Office 925-251-0174 Cell 925-216-0758 CCNP, CCDA CQS IP Telephony Design CQS IP Telephony Support CQS IP Telephony Operations Cisco Wireless Lan Design Specialist Cisco Wireless Lan Support Specialist THANGAVEL VISHNUKUMAR MUDALIAR wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi Group, Today I passed the DQoS exam with this I complete the Cisco IP Telephony Support Certification. About the exam it is the easiest of the 3 exams in this track.You have 90 min to answer 60 questions and passing score is 720. Kind Regards/Thangavel **Disclaimer ** Information contained in this E-MAIL being proprietary to Wipro Limited is 'privileged' and 'confidential' and intended for use only by the individual or entity to which it is addressed. You are notified that any use, copying or dissemination of the information contained in the E-MAIL in any manner whatsoever is strictly prohibited. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59972t=59951 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP and CDP Ethernet Frames use 802.3 format - Why [7:59956]
[EMAIL PROTECTED] wrote: Can anyone explain the above and why they do not use the Ethernet_II format? STP comes from IEEE as does 802.3. It would have been politically messy for IEEE to ask the DIX consortium for an EtherType when they were busy obsoleteing the DEC/Intel/Xerox (DIX) Ethernet standard, with help, of course, from DEC, Intel, and Xerox. Also, the industry thought Ethernet II would go away, just like we thought TCP/IP would be replaced by OSI. We were wrong, of course. It refused to die because IP uses it. Newer protocols don't use it though. 802.3 is considered somewhat superior because it has a length field, which Ethernet II does not have. With Ethernet, the chipset doesn't know it's hit the end of the frame until it hears silence. CDP actually uses 802.3 with 802.2 and SNAP. By the time CDP came out, the IEEE was no longer assigning 802.2 Service Access Points (SAPs). It's a one-byte field, so they were worried about running out. So newer protocol use a SNAP SAP (0xAA) and withing the SNAP header include a two-byte type field. Priscilla Many thx Ken Farrington Global Networks, Barclays Capital, 5 The North Colonnade, Canary Wharf, London, E14 4BB * Tel : 020 7773 3550 * Mob : 07768-866655 * [EMAIL PROTECTED] For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59973t=59956 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT in the Doc CD -- Where?? [7:59811]
Not the Doc CD but it should contain what you need: http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Internetworking:NAT http://www.cisco.com/warp/public/556/12.html#2 Drew -Original Message- From: Cisco Nuts [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 26, 2002 5:58 PM To: [EMAIL PROTECTED] Subject: NAT in the Doc CD -- Where?? [7:59811] Hello, I've been trying to find info. about NAT in the Doc Cd under the Command and Config. Guides. I tried under the Security Section but cannot seem to find any. Is there some other place in the Doc Cd that I could find config. examples on NAT?I am using the Online Doc Cd on CCO.Thank you for your help.Sincerely,CN MSN 8 helps eliminate e-mail viruses. Get 3 months FREE*. 3 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59974t=59811 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco 1700 Access List [7:59975]
Hi Everyone, I have a 1700 Cisco router connected to a T1. I would like to lock it down and only allow port 80 to transmitt data for security purposes. Any suggestions would be great. Thanks [GroupStudy.com removed an attachment of type text/x-vcard which had a name of james.gruggett.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59975t=59975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
help [7:59976]
I am working on my CCNA test and need all the materials/questions regarding to this test. Firass Hadi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59976t=59976 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 1700 Access List [7:59975]
To allow out only traffic sourced from TCP port 80: ! access-list 100 permit tcp any eq 80 any ! interface serial 0 ip access-group 100 out ! That's how you would do it, but it's extremely unusual to suppress traffic based on source ports... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of James Gruggett Sent: Monday, December 30, 2002 12:27 PM To: [EMAIL PROTECTED] Subject: Cisco 1700 Access List [7:59975] Hi Everyone, I have a 1700 Cisco router connected to a T1. I would like to lock it down and only allow port 80 to transmitt data for security purposes. Any suggestions would be great. Thanks [GroupStudy.com removed an attachment of type text/x-vcard which had a name of james.gruggett.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59977t=59975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: help [7:59976]
ALL of the materials?? Wow, that's going to be tough, but here you go: www.cisco.com Good luck, John Hadi, Firass A. 12/30/02 1:54:22 PM I am working on my CCNA test and need all the materials/questions regarding to this test. Firass Hadi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59978t=59976 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 1700 Access List [7:59975]
so, no other outbound traffic at all, nothing else from the corp lan? You want people on the lan to be able to web surf or do you want to run a web server and allow that traffic thru? Just want to dbl check. Bri On Mon, 30 Dec 2002, James Gruggett wrote: Hi Everyone, I have a 1700 Cisco router connected to a T1. I would like to lock it down and only allow port 80 to transmitt data for security purposes. Any suggestions would be great. Thanks [GroupStudy.com removed an attachment of type text/x-vcard which had a name of james.gruggett.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59979t=59975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SNMP on Cisco 2621 [7:59980]
Hi everybody... I configured SNMP in my cisco2621, but I can4t obtain information about it. I have this message... SNMP Error: no response received SNMPv1_Session (remote host: ip.of.remote.host [ip.of.remote.host].161) community: public request ID: 1982719325 PDU bufsize: 8000 bytes timeout: 2s retries: 5 backoff: 1) SNMPGET Problem for sysDescr sysContact sysName sysLocation sysObjectID on [EMAIL PROTECTED]: I have snmp-read port enabled in my firewall. . . in another routers it is working. . . this is my border router and it is in my external net What can I make to solve that problem? Thanks Pedro Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59980t=59980 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Vs. BS or MS dergree [7:59481]
Interesting question. Some thoughts from someone that does have a PhD in CS (dissertation in networking, a dozen or so publications, a handful in IEEE journals). I initially went into gradual school to teach and do research, but after spending two summers during grad school as an intern in industry, realized that I was much more interested in working in industry than staying in academia. When I completed my PhD, I took a job in industry. Much like John mentions, comparing the two is like comparing apples and oranges. The material covered in each area is very different. A PhD is much more theory oriented and there's a lot more of the why types of thinking. Obviously, this sort of questioning is needed and helps lead one to dissertation topics and an actual research question. Besides the initial reading list you get from your advisor, you're on your own to find related research, develop your ideas, verify that your work is unique, and then get it published before someone else stumbles across the same idea. And note, there are several hoops one needs to go through to get a PhD, and failing any one of these can cause you to get booted from your program. In order, these steps are: 1) pass your prelims which are a test of breadth of knowledge in all the main areas in your subject area. The way prelims where structured where I went to school, we had test and pass in 4 of 5 core areas (systems, languages, theory, algorithms, and architecture) and 4 non-core areas (networking fell into this space) 2) pass your comprehensives (comps, test that you have detailed knowledge in the area you intend to do research). The format for comps is often a series of probing verbal questions asked by each member of your comittee that you answer in real-time. 3) pass your proposal (this is where you propose the topic/question you intend to research/solve. Besides a verbal defense, this requires a failry extensive document be written which details the existing research space, and how your work will fit in, etc.) 4) do the research and write up your dissertation 5) defend your dissertation. It's often easiest to prove your dissertation is worthy of a degree if you have many peer reviewed publications, so add lots of publications to step 4 above. I don't have a CCIE, so can't say for sure, but here's my take on doing the exams up to and including the CCIE written. Everyone gets the list of books to read, and if you know the information in these references, you'll pass the tests. Note that with commercial study guides, practice labs, practice tests, and courses geared specifically to pass these tests, there's plenty of external help available to help make it through the CCIE written. As far as I know, as long as your willing to pay, you can take the tests over and over again until you pass. This aspect is not true when working on a PhD. The CCIE lab does seem to be a much more robust evaluation mechanism as it appears to require much more on your own sort of preparation. Using the framework above, the tests up through a CCIE written might fall into something like the prelims. But prelims cover a much wider range of material. One might be able to classify the CCIE lab sort of like the comps one takes in working towards a PhD. I don't think I'd classify the CCIE lab as equivalent to a PhD as there's a lot more required in doing a PhD than knowing a lot about some specific area. So which path should one take? I think it depends. Having a HS diploma and a CCIE most likely will not open doors for one to teach at a univerisity. On the other hand, having a PhD doesn't necessarily mean one can design an enterprise let alone an ISP network. I'd suggest balance. Get a four year degree and supplement with a CCNP. Work for a while. Determine if it makes sense from a job/career perspective to move on to a MS/PhD or onto a CCIE, or neither, or both John Neiberger wrote: MS- or PhD-level coursework is more difficult than what you'll run into studying for the CCIE, but they don't really cover the same subject matter so it's really apples and oranges. I personally don't even have a BS--which I regret--but it wouldn't help much in my current position anyway, except possibly for promotions or raises, which is important, but it wouldn't help me do my job any better. IMO, someone who pursues an MS or PhD is not planning on remaining a network technician for long; they probably have loftier goals. A CCIE with no degree, on the other hand, likely enjoys the technical side of things. I often heard it lamented that many CCIEs who are loving life as senior engineers end up being placed into management positions that they hate. Just because someone is advanced in a technical area does not necessarily make them management material. OTOH, someone with an MS or PhD is quite often management material, but not necessarily the first person you'd call with a general networking question. That
Re: need enable password when have secret pw? [7:59944]
selcuk wrote: Hi if you set the enable secret then enable password is useless regards I think the issue was that you could boot up into an older version of IOS and it wouldn't understand enable secret which is newer than enable. Without the enable password, someone could make changes. For example, you could boot into ROMMON mode which likely does have an older version of IOS. Priscilla Kenny Smith wrote: Hi.. When I was setting up my router configuration. It prompts me for secret password and enable password. But I want to how why I still need enable password when I have the enable secret? When I type Enable, i will be required to type in my secret password. Then when the enable password will be used??? Sorry for such a simple question.. Thanks _ Add photos to your e-mail with MSN 8. Get 3 months FREE*. http://join.msn.com/?page=features/featuredemailxAPID=42PS=47575PI=7324DI=7474SU= http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_addphotos_3mf Virus taramasi Is Net tarafindan yapilmistir. This e-mail is checked by Is Net against all known types of viruses. Is Net'in YILBASI HEDIYE kampanyasini duymus muydunuz? http://www.isnet.net.tr/hediyesepeti/index2.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59982t=59944 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Way OT - help desk [7:59946]
I guess they shouldn't have been running the Simple Network Access Kerberos Emulation (SNAKE) protocol! :-) Priscilla Jenny McLeod wrote: I came across this on a completely non-IT mailing list. Thought some might be amused by it. An interesting tech support problem... The phone rings: tech support: hello computer tech support customer: hello my computer was making a strange hissing noise last night and this morning when I turned it on there was a crackling noise and some smoke then nothing, if I bring it in can you fix it? The problem? See http://www.uq.edu.au/education/extra/all.html ... JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59983t=59946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: help [7:59976]
In that case there are a number of companies from which you can get study materials: Boson (More tests than you can shake a stick at) IPExpert (Mostly CCIE prep but they have some other good stuff) CertificationZone (Good stuff for all levels) Hello Computers (Good stuff for all levels) CCBootcamp (mostly CCIE stuff but they're branching out) CCxxProductions (Lots of stuff for all levels) In addition, just about any study guide in book form includes a CD with study tests on it. Find one of those and go through it. It would be worth the small investment. Regards, John Disclaimer: I have done work for CertificationZone. I'm hoping I've included enough other vendors to avoid being flamed. :-) Hadi, Firass A. 12/30/02 2:24:11 PM may be I should be more cleared in my message but I am looking for sample tests so I know which area i am weak and which area i am strong. thanks. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Monday, December 30, 2002 2:16 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: help [7:59976] ALL of the materials?? Wow, that's going to be tough, but here you go: www.cisco.com Good luck, John Hadi, Firass A. 12/30/02 1:54:22 PM I am working on my CCNA test and need all the materials/questions regarding to this test. Firass Hadi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59984t=59976 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Study Product Design Discussion [7:59970]
Going back to something from the previous thread... (LaWR wrote...) BTW, I am not so sure I agree that lab writing is a CCIE skill set. I'd like you to elaborate more on why you believe that the ability to write a good lab is indicative of CCIE level skill. Maybe some other folks have some thoughts on this as well. (Howard responded...) Well, maybe not commercial-grade lab writing, but if you can't write a lab with functions that build on one another, how are you going to get inside the minds of the lab developers? JMCL: So Howard, does that mean that you feel that lab writing is a skill set required to pass the CCIE lab, rather than necessarily being a skill set that a CCIE should have? Or do you feel that lab writing is a skill set that is also useful in a commercial environment (not a certification-oriented environment, but an enterprise design/troubleshooting environment, say)? Howard C. Berkowitz wrote: Well, as a first step to civility, I've changed the name of the thread to something neutral. At 3:19 PM + 12/30/02, MikeS wrote: Howard, I second the vote for a discussion.. assuming all parties can keep it civil and not have degenerate into the *mine is better then yours*... I know different vendors have different goals and ways to obtain the goals with their products. It would interesting to hear about the differences. MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59986t=59970 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco 1700 Access List [7:59975]
I was running an exchange server and someone hacked in. I am trying to secure the network. What do you reccomed? [GroupStudy.com removed an attachment of type text/x-vcard which had a name of james.gruggett.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59987t=59975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 1700 Access List [7:59975]
If I am thinking of this correctly and thinking from the Point of View of the packet, traffic that leaves my PC leaves with a random source port to a well known (most of the time) port such as port 80. So I think that the eq 80 needs to go after the second any to signify destination port of 80 as such: access-list 100 permit tcp any any eq 80 Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) -Original Message- From: Sabertech Cisco Training [mailto:[EMAIL PROTECTED]] Sent: Monday, December 30, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: RE: Cisco 1700 Access List [7:59975] To allow out only traffic sourced from TCP port 80: ! access-list 100 permit tcp any eq 80 any ! interface serial 0 ip access-group 100 out ! That's how you would do it, but it's extremely unusual to suppress traffic based on source ports... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of James Gruggett Sent: Monday, December 30, 2002 12:27 PM To: [EMAIL PROTECTED] Subject: Cisco 1700 Access List [7:59975] Hi Everyone, I have a 1700 Cisco router connected to a T1. I would like to lock it down and only allow port 80 to transmitt data for security purposes. Any suggestions would be great. Thanks [GroupStudy.com removed an attachment of type text/x-vcard which had a name of james.gruggett.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59988t=59975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RIP holddown timer [7:59989]
Reading Doyle's V1 book. Page 195 mentions that when an update with a hop count higher than that in the routing table is received for a route, the route will go into holddown for 180 [sic] seconds (three update periods). In the cisco page (below) for the timers basic command, the page states that ...A route enters into a holddown state when an update packet is received that indicates the route is unreachable. The route is marked inaccessible and advertised as unreachable... It would seem that the explaination on the cisco site is correct and the Doyle text is incorrect. Could someone confirm or explain what Doyle might be refering too? Thanks http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_command_summary_chapter09186a00800eeae6.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59989t=59989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Study Product Design Discussion [7:59970]
Jenny McLeod formed electrons to say: Going back to something from the previous thread... (LaWR wrote...) BTW, I am not so sure I agree that lab writing is a CCIE skill set. I'd like you to elaborate more on why you believe that the ability to write a good lab is indicative of CCIE level skill. Maybe some other folks have some thoughts on this as well. (Howard responded...) Well, maybe not commercial-grade lab writing, but if you can't write a lab with functions that build on one another, how are you going to get inside the minds of the lab developers? JMCL: So Howard, does that mean that you feel that lab writing is a skill set required to pass the CCIE lab, rather than necessarily being a skill set that a CCIE should have? Or do you feel that lab writing is a skill set that is also useful in a commercial environment (not a certification-oriented environment, but an enterprise design/troubleshooting environment, say)? The former. I'm not saying that you should be able to write commercial study product grade lab scenarios to pass the CCIE exam, but I think it's a very good preparation for the lab test to try to anticipate what the test developers might to. Let me put it this way -- when I was studying for academic tests, one of my tricks was to write what would be the essential material to cheat -- and then leave that sheet at home. It forced me to think in the test designers mind. In contrast, when I do skills testing in a commercial environment, it's completely different. Open-book and indeed open-internet for one. Also, when I interview, I try very hard to pose a question that either is a research problem, or something I would not reasonably expect the applicant to know. I tell them I don't expect an exact answer, but I'd like to discuss the way they would approach coming up with an answer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59990t=59970 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP on Cisco 2621 [7:59980]
Pedro, If you issue show snmp it should indicate snmp packets received and sent. Is the router receiving? The same show command will also show snmp errors. Can you issue the show snmp command and share the results? -Bob - Original Message - From: Pedro do Valle To: Sent: Monday, December 30, 2002 4:25 PM Subject: SNMP on Cisco 2621 [7:59980] Hi everybody... I configured SNMP in my cisco2621, but I can4t obtain information about it. I have this message... SNMP Error: no response received SNMPv1_Session (remote host: ip.of.remote.host [ip.of.remote.host].161) community: public request ID: 1982719325 PDU bufsize: 8000 bytes timeout: 2s retries: 5 backoff: 1) SNMPGET Problem for sysDescr sysContact sysName sysLocation sysObjectID on [EMAIL PROTECTED]: I have snmp-read port enabled in my firewall. . . in another routers it is working. . . this is my border router and it is in my external net What can I make to solve that problem? Thanks Pedro Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59991t=59980 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson Exam for CIPT [7:59924]
We should also ask developers how they test their labs. An untested lab won't work. Most developers learn this the hard way. I've worked with many developers who have learned it the hard way over and over and over again and still insist on creating lab steps that they don't test. It won't work for at least two reasons: The commands won't work as expected. The instructions to the human won't work as expected. In a course development class I took a few years ago, the instructor had us try a fun experiment. We teamed up in pairs. One person in each pair made a snowflake by folding and cutting a piece of paper, like we probably all did in kindergarten. This person also wrote instructions on how the other person could create an identical snowflake. The developer handed over the instructions and was not allowed to say a word while the tester tried it out. As you can imagine, no two snowflakes came out the same! The human tended to do all sorts of things that the course developer didn't expect. Add that to the fact that the hardware and software will do unexpected things also, and you will understand my axiom: An untested lab will not work. Priscilla MikeS wrote: Howard, I second the vote for a discussion.. assuming all parties can keep it civil and not have degenerate into the *mine is better then yours*... I know different vendors have different goals and ways to obtain the goals with their products. It would interesting to hear about the differences. MikeS -- Tutorials - Whitepapers - Security - Wireless- News Find me at www-dot-packetattack-dot-com Lan Wong wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greetings, I am currently preparing for the CIPT Exam and was wondering if someone can suggest the best Boson exam to use for this test. Thanks in advance _ The new MSN 8: smart spam protection and 3 months FREE*. http://join.msn.com/?page=features/junkmailxAPID=42PS=47575PI=7324DI=747 4SU= http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_smartspampr otection_3mf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59985t=59924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIP holddown timer [7:59989]
At 10:51 PM + 12/30/02, bergenpeak wrote: Reading Doyle's V1 book. Page 195 mentions that when an update with a hop count higher than that in the routing table is received for a route, the route will go into holddown for 180 [sic] seconds (three update periods). I agree with you, but there is a special case. If the received route has a maximum metric value, then it's a poison reverse and should force holddown or withdrawal. If the current route were 3 hops and the new one were 4, it should be ignored. In the cisco page (below) for the timers basic command, the page states that ...A route enters into a holddown state when an update packet is received that indicates the route is unreachable. The route is marked inaccessible and advertised as unreachable... I'd interpret unreachable to be a maximum metric. It would seem that the explaination on the cisco site is correct and the Doyle text is incorrect. Could someone confirm or explain what Doyle might be refering too? Thanks http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_command_summary_chapter09186a00800eeae6.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59992t=59989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIP holddown timer [7:59989]
bergenpeak wrote: Reading Doyle's V1 book. Page 195 mentions that when an update with a hop count higher than that in the routing table is received for a route, the route will go into holddown for 180 [sic] seconds (three update periods). That's to avoid the count-to-infinity problem. If the hop count increases, it's often an indication that count-to-infinity is happening and the other methods for avoiding it, such as split horizon and triggered updates with poisoned routes, failed. I thought Cisco's RIP did this, but I may have gotten it from Doyle or confused it with IGRP. Do you have a method for testing it? It's one of those things you may not find authoritative documenation on. Doyle's book has an errata at Cisco Press but it only mentioned 2 errors (neither of which are related to this question). In the cisco page (below) for the timers basic command, the page states that ...A route enters into a holddown state when an update packet is received that indicates the route is unreachable. The route is marked inaccessible and advertised as unreachable... That's probably true. It's not mutually exclusive with the above. I think a route enters into holddown when the local interface fails too, and that's not mentioned either. Priscilla It would seem that the explaination on the cisco site is correct and the Doyle text is incorrect. Could someone confirm or explain what Doyle might be refering too? Thanks http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_command_summary_chapter09186a00800eeae6.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59993t=59989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:Laying Cable Accross the Pond [7:59994]
Travis, I've often wondered the same thing. I dug this up on google. Amazingly it dates back to the 1890s! http://www.atlantic-cable.com/ Chuck Church CCIE #8776, MCNE, MCSE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59994t=59994 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 1700 Access List [7:59975]
[EMAIL PROTECTED] wrote: If I am thinking of this correctly and thinking from the Point of View of the packet, traffic that leaves my PC leaves with a random source port to a well known (most of the time) port such as port 80. So I think that the eq 80 needs to go after the second any to signify destination port of 80 as such: access-list 100 permit tcp any any eq 80 Depends on your security policy. He said he wanted to block port 80 transmitting, implying a source port of 80. This might be a policy for a network where internal users aren't allowed out, but there is a Web site that outside users access. It's sort of far-fetched which is why everyone asked him are you sure this is what you meant. Anyway, securing a network is a big topic. Once he has figured out what his policy is, he should start with Cisco documents such as Cisco IOS Security Config Guide: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/index.htm Cisco Security Architecture for Enterprise Networks: http://www.cisco.com/warp/public/779/largeent/issues/security/safe.html He should also apply all the latest patches on his Exchange Server. Without those, it won't matter what he does on the router. If it's a public server, you have to let people in. But with the latest patches you can hopefully keep them from doing anything other than what you want them to do. A simple access list where the Exchange Server's address is 1.1.1.1 and it runs mail, Web, SSL, and DNS, might look like: access-list 150 remark outgoing traffic on int where server resides access-list 150 permit icmp any any access-list 150 permit tcp any 1.1.1.1 0.0.0.0 eq smtp access-list 150 permit tcp any 1.1.1.1 0.0.0.0 eq www access-list 150 permit tcp any 1.1.1.1 0.0.0.0 eq 443 access-list 150 permit udp any 1.1.1.1 0.0.0.0 eq domain access-list 150 permit tcp any 1.1.1.1 0.0.0.0 eq domain If you also want this server to be able to get out to the Net (like to download those patches), you could add: access-list 150 permit tcp any any established Then, finally add this at the end to log denied packets access-list 150 deny ip any any log So, no traffic is going to this server except services that you allow. There's probably way more than just that you might want to do though, and I did all that off the cuff, so hopefully there aren't mistakes, but you get the gist, hopefully. The bottom line is that you need to figure out your policy, study your protocols, study the options available to you, and then start writing access lists. And do those patches! ;-) Priscilla Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) -Original Message- From: Sabertech Cisco Training [mailto:[EMAIL PROTECTED]] Sent: Monday, December 30, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: RE: Cisco 1700 Access List [7:59975] To allow out only traffic sourced from TCP port 80: ! access-list 100 permit tcp any eq 80 any ! interface serial 0 ip access-group 100 out ! That's how you would do it, but it's extremely unusual to suppress traffic based on source ports... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of James Gruggett Sent: Monday, December 30, 2002 12:27 PM To: [EMAIL PROTECTED] Subject: Cisco 1700 Access List [7:59975] Hi Everyone, I have a 1700 Cisco router connected to a T1. I would like to lock it down and only allow port 80 to transmitt data for security purposes. Any suggestions would be great. Thanks [GroupStudy.com removed an attachment of type text/x-vcard which had a name of james.gruggett.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59996t=59975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:Laying Cable Accross the Pond [7:59994]
On Tue, 31 Dec 2002, Chuck Church wrote: I've often wondered the same thing. I dug this up on google. Amazingly it dates back to the 1890s! http://www.atlantic-cable.com/ Well apparently I failed to send my post to the whole list and I just replied to the original poster. Anyway here are my comments on one of the replies to him. Actually the sled lays on the bottom and is pulled behind the boat. Then it works like a ditchwitch to dig a trench and put the cable inside. The cable is spooled on the deck of the ship (the cable flows down to the sled) and is spliced right there on the deck. When its time to stop for bad weather they will tie bouys to the cable and sled chains and then leave and come back later. How do they lay cable across the ocean? http://ask.yahoo.com/ask/2630.html Undersea Cable Systems http://www.wscr.com/6-7web/tycom2.pdf An Oversimplified Overview of Undersea Cable Systems http://davidw.home.cern.ch/davidw/public/SubCables.html DiveWeb - Subsea Telecom http://www.diveweb.com/telecom/index.shtml Later, Andrew --- http://www.andrewsworld.net/ ICQ: 2895251 Cisco Certified Network Associate Learn from the mistakes of others. You won't live long enough to make all of them yourself. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59997t=59994 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Way OT - help desk [7:59946]
Sorry to disappoint you, but I think they were running a MS SQL server and were hit by the SQL Snake. (A current virus/worm floating around). ;-) Priscilla Oppenheimer 12/30/02 01:44PM I guess they shouldn't have been running the Simple Network Access Kerberos Emulation (SNAKE) protocol! :-) Priscilla Jenny McLeod wrote: I came across this on a completely non-IT mailing list. Thought some might be amused by it. An interesting tech support problem... The phone rings: tech support: hello computer tech support customer: hello my computer was making a strange hissing noise last night and this morning when I turned it on there was a crackling noise and some smoke then nothing, if I bring it in can you fix it? The problem? See http://www.uq.edu.au/education/extra/all.html ... JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59998t=59946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIP holddown timer [7:59989]
You have to keep in mind the fact that Doyle wrote the Vol.1 book based on IOS 11.3. He's supposed to have a second edition in the works with Ciscopress but it's not clear if/when it will get published. For current studies, your best bet is to test out the commands/features in 12.x. HTH. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, December 30, 2002 7:05 PM To: [EMAIL PROTECTED] Subject: RE: RIP holddown timer [7:59989] bergenpeak wrote: Reading Doyle's V1 book. Page 195 mentions that when an update with a hop count higher than that in the routing table is received for a route, the route will go into holddown for 180 [sic] seconds (three update periods). That's to avoid the count-to-infinity problem. If the hop count increases, it's often an indication that count-to-infinity is happening and the other methods for avoiding it, such as split horizon and triggered updates with poisoned routes, failed. I thought Cisco's RIP did this, but I may have gotten it from Doyle or confused it with IGRP. Do you have a method for testing it? It's one of those things you may not find authoritative documenation on. Doyle's book has an errata at Cisco Press but it only mentioned 2 errors (neither of which are related to this question). In the cisco page (below) for the timers basic command, the page states that ...A route enters into a holddown state when an update packet is received that indicates the route is unreachable. The route is marked inaccessible and advertised as unreachable... That's probably true. It's not mutually exclusive with the above. I think a route enters into holddown when the local interface fails too, and that's not mentioned either. Priscilla It would seem that the explaination on the cisco site is correct and the Doyle text is incorrect. Could someone confirm or explain what Doyle might be refering too? Thanks http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_command_ summary_chapter09186a00800eeae6.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5t=59989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: need enable password when have secret pw? [7:59944]
Its unconfirmed, (i.e.: I do not believe it yet) but our CW2000 admin claimed CW2000 needed it for something. Before that came up I assumed that it was no longer needed except on 2500 series and other routers that had an old boot rom that did not support enable secret. Kenny Smith wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi.. When I was setting up my router configuration. It prompts me for secret password and enable password. But I want to how why I still need enable password when I have the enable secret? When I type Enable, i will be required to type in my secret password. Then when the enable password will be used??? Sorry for such a simple question.. Thanks _ Add photos to your e-mail with MSN 8. Get 3 months FREE*. http://join.msn.com/?page=features/featuredemailxAPID=42PS=47575PI=7324D I=7474SU= http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_addphotos_3 mf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6t=59944 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
mc3810 tftp bug? [7:60001]
Hi All, Has anyone experienced the following: mc3810 bootstrap 12.0(6r)T4 IOS: mc3810-a2jk8sv5-mz.122-13.T.bin and mc3810-a2jk8sv5-mz.122-13.bin memory: 64mb dram/16mb flash I upgraded the bootrom to utilise 64mb dram / 16mb flash. I am able to load the above ios code when in rommon mode. However, once I am running the above 12.2 code and want to reload another ios code (any or any file for that matter) into flash, the tftp download stops (.) after approx 10 udp packets have been successful (!) and the tftp server (cisco) application then aborts. Subsequently, the tftp transfer timesout. The only way now to load ios is to get back into rommon mode and copy over the ios image into flash (since the previous flash contents had to be erased to accomodate the to be installed ios). Can anyone else replicate this? Cheers, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60001t=60001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson Exam for CIPT [7:59924]
Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... We should also ask developers how they test their labs. An untested lab won't work. Most developers learn this the hard way. I've worked with many developers who have learned it the hard way over and over and over again and still insist on creating lab steps that they don't test. It won't work for at least two reasons: The commands won't work as expected. The instructions to the human won't work as expected. In a course development class I took a few years ago, the instructor had us try a fun experiment. We teamed up in pairs. One person in each pair made a snowflake by folding and cutting a piece of paper, like we probably all did in kindergarten. This person also wrote instructions on how the other person could create an identical snowflake. The developer handed over the instructions and was not allowed to say a word while the tester tried it out. As you can imagine, no two snowflakes came out the same! The human tended to do all sorts of things that the course developer didn't expect. Add that to the fact that the hardware and software will do unexpected things also, and you will understand my axiom: An untested lab will not work. some of the tested ones don't either, but that's another story! :- Priscilla MikeS wrote: Howard, I second the vote for a discussion.. assuming all parties can keep it civil and not have degenerate into the *mine is better then yours*... I know different vendors have different goals and ways to obtain the goals with their products. It would interesting to hear about the differences. MikeS -- Tutorials - Whitepapers - Security - Wireless- News Find me at www-dot-packetattack-dot-com Lan Wong wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greetings, I am currently preparing for the CIPT Exam and was wondering if someone can suggest the best Boson exam to use for this test. Thanks in advance _ The new MSN 8: smart spam protection and 3 months FREE*. http://join.msn.com/?page=features/junkmailxAPID=42PS=47575PI=7324DI=747 4SU= http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_smartspampr otection_3mf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59995t=59924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Vs. BS or MS dergree [7:59481]
bergenpeak wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Interesting question. Some thoughts from someone that does have a PhD in CS (dissertation in networking, a dozen or so publications, a handful in IEEE journals). I initially went into gradual school to teach and do research, but after spending two summers during grad school as an intern in industry, realized that I was much more interested in working in industry than staying in academia. When I completed my PhD, I took a job in industry. Much like John mentions, comparing the two is like comparing apples and oranges. The material covered in each area is very different. A PhD is much more theory oriented and there's a lot more of the why types of thinking. Obviously, this sort of questioning is needed and helps lead one to dissertation topics and an actual research question. Besides the initial reading list you get from your advisor, you're on your own to find related research, develop your ideas, verify that your work is unique, and then get it published before someone else stumbles across the same idea. And note, there are several hoops one needs to go through to get a PhD, and failing any one of these can cause you to get booted from your program. In order, these steps are: 1) pass your prelims which are a test of breadth of knowledge in all the main areas in your subject area. The way prelims where structured where I went to school, we had test and pass in 4 of 5 core areas (systems, languages, theory, algorithms, and architecture) and 4 non-core areas (networking fell into this space) 2) pass your comprehensives (comps, test that you have detailed knowledge in the area you intend to do research). The format for comps is often a series of probing verbal questions asked by each member of your comittee that you answer in real-time. 3) pass your proposal (this is where you propose the topic/question you intend to research/solve. Besides a verbal defense, this requires a failry extensive document be written which details the existing research space, and how your work will fit in, etc.) 4) do the research and write up your dissertation 5) defend your dissertation. It's often easiest to prove your dissertation is worthy of a degree if you have many peer reviewed publications, so add lots of publications to step 4 above. You forgot to mention another huge requirement to getting a PhD - simply getting admitted in the first place. This encompasses a huge amount of work. You can't just show up to a graduate program and start taking classes - you have to actually win admission first, which requires that you graduate with a bachelor's with decent grades, do well on the GRE, go through the application process, demonstrate a facility for research (probably by undergoing research projects while you're an undergrad), getting good rec's from profs, etc. etc. And of course in order for you to have a bachelor's, you have to win admission to an undergraduate school and all that that entails (doing well in high school, doing well on the SAT, doing extracurriculars, getting teacher rec's, blah blah blah). Therefore, I believe that when you're comparing a HS grad with a CCIE, to somebody with a PhD, then in terms of sheer effort, there's no comparison - it's a no-brainer. I don't have a CCIE, so can't say for sure, but here's my take on doing the exams up to and including the CCIE written. Everyone gets the list of books to read, and if you know the information in these references, you'll pass the tests. Note that with commercial study guides, practice labs, practice tests, and courses geared specifically to pass these tests, there's plenty of external help available to help make it through the CCIE written. As far as I know, as long as your willing to pay, you can take the tests over and over again until you pass. This aspect is not true when working on a PhD. And neither is it true of the bachelor's, or any other part of traditional academia. Almost always, there are actual penalties and restrictions associated with just attempting tests and classes over and over again until you finally pass. I believe Cisco should record on your CCIE number how many times you took to pass it. Is that rough? Yeah. But hey, let's face it, a guy who took the lab 20 times before he finally passed probably isn't as good as the guy who passed it on his first time. Somebody might say that a person might get lucky or unlucky and require more or less attempts to pass (i.e. somebody who's really good might just get unlucky and fail and therefore require a 2nd attempt, somebody who's really bad might get lucky and pass on his first attempt). But hey, this is also true of academia and everybody has learned to accept this. For example, somebody who's really good academically might have a bad day and score poorly on his first shot at the SAT and require another attempt to get the
Re: Christmas non-NDA [7:59800]
Very good :) better then some others I heard this year.. although my daughter's band came up with something like an *twelve days after christmas*.. they had to warn the parents ahead of time so not to offend some.. it was very funny.. but then geeks tend to find humor in the oddest of places ;) MikeS Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... In the first half hour of testing my proctor gave to me A test pod to-pol-o-gee In the second half hour of testing my proctor gave to me Two IGPs And a test pod to-pol-o-gee. In the third half hour of testing my proctor gave to me Three redistribution points Two IGPs And a test pod to-pol-o-gee In the fourth half hour of testing my proctor gave to me Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the fifth half hour of testing my proctor gave not to me Five token rings In the fifth and sixth half hour of testing my proctor gave to me A hurried pizza lunch In the seventh half hour of testing my proctor gave to me Five multilayer switched VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the eighth half hour of testing my proctor gave to me Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the fifth hour/ninth half hour of testing my proctor gave to me Seven routing policies Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the sixth hour of testing my proctor gave to me Eight Seven routing policies Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the sixth hour of testing my proctor gave to me Eight tunnels a-tunneling Seven routing policies Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the sixth hour of testing my proctor gave to me Nine tunnels a-tunneling Eight routing policies Seven OSI layers to confirm Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the sixth hour of testing my proctor gave to me Ten addresses to NAT Nine tunnels a-tunneling Eight routing policies Seven OSI layers to confirm Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the seventh hour of testing I gave to myself Eleven potential bugs Ten addresses to NAT Nine tunnels a-tunneling Eight tunnels a-tunneling Seven routing policies Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee In the last hour of testing I gave to myself Twelve bug fixes, or so I hoped Eleven potential bugs Ten addresses to NAT Nine tunnels a-tunneling Eight tunnels a-tunneling Seven routing policies Six BGP speakers a-speaking Five 802.1q VLANs Four calling voice cards Three redistribution points Two IGPs And a test pod to-pol-o-gee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60003t=59800 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Laying Cable Accross the Pond [7:59971]
On Mon, 30 Dec 2002, Bolton, Travis D [LTD] wrote: I was just having a discussion with a co-worker about how companies lay cable across the pond and how they troubleshoot cable splices etc. Does anybody have any documentation or Video they can share on this? We're just curious on how all this works. If you do this type of work let me know. www.southerncrosscables.com is a cable network between West Coast US, Hawaii, New Zealand and East Coast Australia. Their website shows some pretty flash animations about it all. Not totally related, but pretty cool is http://www.wired.com/wired/archive/4.12/ffglass.html. It describes the laying of FLAG between England and Japan. Great read. Hope everyone has a great new years :) - I. -- Ian Henderson CCNA, CCNP Senior Network Engineer, Chime Communications Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60004t=59971 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
can't console in to Catalyst 5505 [7:60005]
Hi.. I found that I can't console in to my Catalyst 5505 set based switch. I plugged in to console port in the supervisor and used the hyperterminal normal setting 9600-8-N-1-None, but I can't get any output. I also checked the configuration of the catalyst5505 and found nothing about console setting. May I know how to configure the console setting in set based switch in order for it to work?? Thanks _ MSN 8 limited-time offer: Join now and get 3 months FREE*. http://join.msn.com/?page=dept/dialupxAPID=42PS=47575PI=7324DI=7474SU= http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_newmsn8ishere_3mf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60005t=60005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: can't console in to Catalyst 5505 [7:60005]
the 5000's use a regular patch cable, not a rolled cable... make sure thats what you have first Richard Campbell wrote: Hi.. I found that I can't console in to my Catalyst 5505 set based switch. I plugged in to console port in the supervisor and used the hyperterminal normal setting 9600-8-N-1-None, but I can't get any output. I also checked the configuration of the catalyst5505 and found nothing about console setting. May I know how to configure the console setting in set based switch in order for it to work?? Thanks _ MSN 8 limited-time offer: Join now and get 3 months FREE*. http://join.msn.com/?page=dept/dialupxAPID=42PS=47575PI=7324DI=7474SU= http://www.hotmail.msn.com/cgi-bin/getmsgHL=1216hotmailtaglines_newmsn8ishere_3mf Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60006t=60005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]