Re: bgp community [7:62326]
Hi Pete, Try clearing the 'set community no-export' command in your route map and see if 22.22.22.22/24 propagates over to 153.153.3.3. I am suspecting maybe tagging the no-export community while redistributing into the bgp process may actually cause the Loopback22 route not to be exported If that works, maybe you may want to try this command as well. 'neighbor 153.153.3.3 route-map out' You can use your 'loops' routemap if you want. Don't forget to issue a 'clear ip bgp 153.153.3.3' command to restart the session. HTH Wes Peter Paul wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... can someone help me? i am currently doing bgp in my test lab. i did a community no-advertise in one of the routes to be advertise by the local as to another as, but i can't see it in that other as. i also did a redistribution from bgp to igp (ospf) in the other as so that both bgp and igp would sync because one of the problems stated that i should not disable sync. did i missed something? here's my config in my test lab: router bgp 2 bgp log-neighbor-changes redistribute connected route-map loops neighbor 153.153.3.3 remote-as 3 neighbor 153.153.3.3 ebgp-multihop 255 neighbor 153.153.3.3 update-source Loopback10 neighbor 153.153.3.3 send-community route-map loops permit 10 match interface Loopback33 Loopback55 set origin igp ! route-map loops permit 20 match interface Loopback22 - loopback 22 is 22.22.22.22/24 set origin igp set community no-export when i did show ip bgp on the 153.153.3.3 router, Network Next HopMetric LocPrf Weight Path *i11.0.0.0 153.153.1.1 100 0 23 111 i * 33.0.0.0 153.153.6.6 1 0 2 i *i44.0.0.0 153.153.1.1 100 0 23 111 i * 55.0.0.0 153.153.6.6 1 0 2 i *i66.0.0.0 153.153.1.1 100 0 23 111 777 i *i77.0.0.0 153.153.1.1 100 0 23 111 444 555 i *i103.103.103.0/24 153.153.1.1 0100 0 23 i *i183.0.0.0/8 153.153.4.4 100 0 65003 i i can't see the 22.0.0.0 network. thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62327t=62326 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Telnet Manipulation [7:62328]
Good Day Ladies and Gents Please could anyone shed some light on the following : What is the term Telnet Manipulation? It would be greatly appreciated, Kind Regards, Serg *** This message contains information intended solely for the addressee, which is confidential or private in nature and subject to legal privilege. If you are not the intended recipient, you may not peruse, use, disseminate, distribute or copy this message or any file attached to this message. Any such unauthorised use is prohibited and may be unlawful. If you have received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and thereafter delete the original message from your machine. Furthermore, the information contained in this message, and any attachments thereto, is for information purposes only and may contain the personal views and opinions of the author, which are not necessarily the views and opinions of Dimension Data (South Africa) (Proprietary) Limited or its subsidiaries and associated companies (Dimension Data). Dimension Data therefore does not accept liability for any claims, loss or damages of whatsoever nature, arising as a result of the reliance on such information by anyone. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information transmitted electronically and to preserve the confidentiality thereof, Dimension Data accepts no liability or responsibility whatsoever if information or data is, for whatsoever reason, incorrect, corrupted or does not reach its intended destination. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62328t=62328 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Redistributing Rip routes into ISIS - AD?? [7:62317]
if u do dual redistribution, and u don't watch after the nets redistributed into is-is from being redistributed back to rip then u'll have problems. Cisco Nuts a icrit dans le message de news: [EMAIL PROTECTED] Hello, Just stumbled upon this on Rip to Isis redistribution? If the source protocol's AD is higher than that of IS-IS, then the originating routes may be over-ridden by the new IS-IS route leading to flapping routes and/or incorrect next-hop addresses What does this actually mean? Does it mean the if netw. 4.0.0.0/8 (lo0 ip=4.4.4.4/24) is being originated by Rip v1 on R1 and passed to R2 running Rip and IS-IS, then when Rip is redistributed into IS-IS on R2, R2 applies it's AD of 115 on this route and passes it upstream to other L-1 and L-2 routers. How would this lead to a flapping route or an unreachable next-hop address? I just cannot seem to find a good example of this on CCO. Does any one have any suggestions on how to clarify this? (This looks like a very likey lab question) !! Thank you. Sincerely, CN Add photos to your e-mail with MSN 8. Get 2 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62329t=62317 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multiflex T1 with AIM-ATM [7:62330]
Hello Group, I have a question about a particular interface card and its sample configurations. I have (or will be having shortly) VWIC-2MFT-T1 card with AIM-ATM. I was told that this card can run ATM encapsulation if used with AIM-ATM. I tried to search CCO for a sample configuration but all I found for this card was related to Voice. I don't want to configure any voice channels etc..on this card. I would like to be able to create a PVC mapping back to our core routers. Could someone please point me to a URL that has a sample config for this combination? Has anyone ever used this before? and if used for ATM, could you please send me relevant config? I don't have the cards in my hands yet so could not try any hands on. Just wanted to prepare for this. Any and all help is appreciated. Warm regards, Vish __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62330t=62330 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BayTech RPC-2 [7:62331]
Hi Group, I am using baytech rpc-2 in my home lab but I could not get it to work with a cisoc 2511 terminal server. I am using the correct cable from baytech. Could some one with a similar experience show me how to configure the 2511 to work with baytech? Thanks in advance John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62331t=62331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IRB Routing IP and Bridging IPX [7:62303]
Thanks for the info. First the command bridge 1 no bridge ip doesn't exist. I assume you mean no bridge 1 bridge ip This command is only available after either IRB or CRB is enabled. Thanks The Long and Winding Road wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Firesox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Folks I am a little stuck in IRB config. I have two 2620 routers connected via T1. I would llike to route IP and bridge IPX. On the routed IP network I need to run OSPF to connect to other networks. first of all, just to correct a misunderstanding, IRB ( integrated routing and bridging ) refers to bridging a given protocol on some interfaces and routing that same protocol on others. to bridge IPX and separately route IP is pretty fundamental. you could complicate it by creating a tunnel, and bridging, say, ipx over the tunnel. but pretty much you can do things on th physical interface just by following the instructions in the docs found on CCO. the one gotcha might be to remember to remove IP from the bridge group for example bridge 1 protocol ieee bridge 1 no bridge ip interface X bridge group 1 ip addr x.x.x.x y.y.y.y etc ip will not be bridged, but IPX ( and any other L2 protocol ) will be bridged. also note that on a bridged interface, no ipx configuration is required. I am looking for a sample config to do this, but cannot find it a good one at Cisco site. Thanks a million in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62333t=62303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
basic bgp questions [7:62334]
Some question I had as I've been reading Doyle V2. 1) Question about next-hop-self. Suppose the router is purely an iBGP router-- it does not have any eBGP connections and is there is no redist into BGP. Does setting this command on a iBGP neighbor have any affect? If this router is a route-reflector does the behavior change? 2) There's mention that when a cluster uses two route reflectors, that the two reflectors must be configured with the same cluster ID (in order to avoid routing loops). If two route reflectors in a cluster use different cluster IDs, how is it that a routing loop can occur? 3) When configuring two route reflectors for a cluster, is it typical to make each reflector a client of the other? Why or why not? What issues, if any, would arise if the RRs are clients of each other? 4) When a route reflector is used and RR clients configured via a peer group, does the RR compute a single set of routes for reflection and sent to all RR clients? Does this mean a RR might reflect back to a client a route the RR learned from the client? 5) When associating a no-export community to an advertisement, is the route-map applied to the network statement or to the neighbor statement? Or can this be done via either mechanism? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62334t=62334 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
bgp received-routes [7:62335]
I'm seeing what looks like inconsistent information being reported by a route reflector client (192.168.100.14). Below are two lines of output from debug ip bgp events and debug ip bgp updates: *Mar 3 09:06:26.265 UTC: BGP: 192.168.100.10 rcv UPDATE about 26.0.0.0/24 -- denied *Mar 3 09:06:26.265 UTC: BGP: 192.168.100.10 Prefix 26.0.0.0/24 rejected by inbound soft reconfiguration Notice that prefix 26.0.0.0/24 is received but is being denied/ rejected. This prefix is being advertised by this router to a route reflector (192.168.100.10), and it's being reflecting back (which appears to violate RFC 1996) Now, CCO reports that running the show ip bgp neighbor received-routes should show: (Optional) Displays all received routes (both accepted and rejected) from the specified neighbor. When I run this command on the RR client and looking for the routes received from the RR, I see the following: rtr-2514#show ip bgp neighbors 192.168.100.10 received-routes BGP table version is 13, local router ID is 192.168.100.14 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *i22.0.0.0/24 192.168.100.10 0100 0 i *i24.0.0.0/24 192.168.100.5 0100 0 i Notice that 26.0.0.0/24 is not present. Is there a difference between denied and rejected routes? If, on the route reflector, I run show ip bgp neighbor 192.168.100.14 advertised- routes, I see that this route is in fact advertised: rtr-2610#show ip bgp neighbors 192.168.100.14 advertised-routes BGP table version is 17, local router ID is 192.168.100.10 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 22.0.0.0/24 0.0.0.0 0 32768 i *i24.0.0.0/24 192.168.100.50100 0 i *i25.0.0.0/24 192.168.100.14 0100 0 i *i26.0.0.0/24 192.168.100.14 0100 0 i In order to be compliant with RFC 1996, when one does a show ip bgp neighbor X advertised-routes, one should never see X as the next hop, right? THanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62335t=62335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Upgrade BootROMs [7:62321]
Yep, you just pull them out and put the new ones in. Be careful to put the correct one in the correct slot. Search google or cco for replace boot roms 2500 there is an excellent cisco doc Infact, I just did it, and this was the first hit: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/cis2500/2 500cfig/bootrom.htm Too easy Symon -Original Message- From: H [mailto:[EMAIL PROTECTED]] Sent: 02 February 2003 02:25 To: [EMAIL PROTECTED] Subject: Upgrade BootROMs [7:62321] Hi Gruop, I want to upgrade my BootROMs for my 2500s routers. Is it easy to do? Any comments will be greatly appreciated. Best Regards, Hunt = This email has been content filtered and subject to spam filtering. If you consider this email is unsolicited please forward the email to [EMAIL PROTECTED] and request that the sender's domain be blocked from sending any further emails. = Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62336t=62321 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: myth about ccna salary??? [7:5925]
For those who came into the IT industry during the mid to late 1990s, these last few years have been eye opening. Let's face it...if you could spell MCSE in 1997, you could easily land a job earning $70k or more per year. This amazing earning power was an anomaly that burst with the dotcom bubble. Historically, jobs that paid significantly more than average (engineering, medicine, law, etc.) required a great deal of study and knowledge in the chosen field. When it got to the point that just about anyone with a heartbeat could pass certain certification tests by rote memorization of braindumps, two things happened: 1) Certified people became a commodity and supply exceeded demand. As anyone who took even an intro economics course can tell you, excess supply leads to falling prices. In this case, the price (salary) required to obtain the commodity (certified persons) took a nose dive. 2) Companies realized that certifications were no predictor of ability or performance. Rather, they are at best a baseline indicator that the person has been exposed to certain ideas and concepts. Today, we're dealing with a slow economy and an excess of qualified IT labor. Those who get jobs in today's market are those with the better qualifications (experience, education, and certifications), those who are willing to work for a salary greatly reduced from what they could expect to earn even two years ago, and those who are lucky. The only places touting the ability of new CCNAs to earn $60k per year are those training centers that base their very existence on luring people to very expensive classes with the illusory promise of graduating with a high-paying job in hand. The bottom line is that there's no substitution for education and hard work when trying to get a job in today's IT world. Are certifications still important? Yes. If for no other reason that many companies use them as a basic screening tool to decide whose resume gets read and whose gets passed. Are certifications enough to guarantee a good job? Absolutely not. Many people don't like to hear this, but the time is approaching when IT workers are going to be held to the same standards as other career fields. You're going to need an education along with the certification if you're going to get your foot in the door in the future. Finally, you want to know how to earn a six figure salary in IT. The way you do this is to love your work. You're dealing with a highly dynamic field where today's hot skill can be tomorrow's ticket to the unemployment line (ask the COBOL programmers). This means that the learning NEVER stops. If you're not studying the latest technology every day, you're going to find yourself useless very quickly. The work can be frustrating and the hours can be very long. Have you ever noticed how the IT guys are often the first in and the last to leave? And when the CEO's car is at the golf course on Saturday, the IT guy's car is at the office working on an upgrade? If you don't love technology, and the challenges that come with it, you're going to have a very hard time staying in the field long enough to reach the six figure mark. On the other hand, if you love technology, and you love your work, you'll find that over the years, your skills and knowledge will increase, and the salary will come. At 04:39 AM 2/2/2003 +, you wrote: Hello, I'm recently taking a ccna course in new york. What I want to know is that I've read in salary reports which state that ccna salary's start at 60k but in message boards such as this one, I'm finding out that a ccna certification alone will get you nothing. Can someone please elaborate on this and if possible tell me which combination of it certifications are necessary for the 6- figure salary range. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62332t=5925 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Telnet Manipulation [7:62328]
Sergio Silva (ZA) wrote: Good Day Ladies and Gents Please could anyone shed some light on the following : What is the term Telnet Manipulation? The term doesn't mean anything out of context. Where did you see the term and in what context? My only guess is that it was referring to using Telnet to read e-mail?? That's sometimes called manual manipulation of the Simple Mail Transfer Protocol (SMTP) with Telnet. You can Telnet to an e-mail server and type the commands that would normally be sent in an SMTP packet. Since SMTP (and some other protocols such as FTP) use ASCII-character-based messages, this works. So you could Telnet to the server and then type stuff like: HELO mail from: soandso rcpt to: soandso DATA blah blah blah Each line must end with a CRLF. The end of the message is signalled by sending a period on a line by itself, in other words CRLF.CRLF. Hey, this is 1970s technology. But I have no idea if that's what you're asking about. Instead of sending a message that has 50 lines of a signature and a one-line question, why not try sending a message that has many lines of information that can help us help you? :-) Priscilla It would be greatly appreciated, Kind Regards, Serg *** This message contains information intended solely for the addressee, which is confidential or private in nature and subject to legal privilege. If you are not the intended recipient, you may not peruse, use, disseminate, distribute or copy this message or any file attached to this message. Any such unauthorised use is prohibited and may be unlawful. If you have received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and thereafter delete the original message from your machine. Furthermore, the information contained in this message, and any attachments thereto, is for information purposes only and may contain the personal views and opinions of the author, which are not necessarily the views and opinions of Dimension Data (South Africa) (Proprietary) Limited or its subsidiaries and associated companies (Dimension Data). Dimension Data therefore does not accept liability for any claims, loss or damages of whatsoever nature, arising as a result of the reliance on such information by anyone. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information transmitted electronically and to preserve the confidentiality thereof, Dimension Data accepts no liability or responsibility whatsoever if information or data is, for whatsoever reason, incorrect, corrupted or does not reach its intended destination. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62338t=62328 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco VLAN Help-Group Study [7:62293]
Ok Karen,Let me make sure I understand you correctly.thank you for your help in advanced This config is what I have on the switch,I have no VLAN attached to it. I understand all your point except your second one.I thought ISL was programmed on the router end and not in the switch.I do have trunking enabled on the switch.Could you please correct any configs I may have in the switch and the router and let me know what they are I am assuming the following command lets me know I am using VLAN 3.correct switchport trunk native 3 interface FastEthernet0/16 switchport mode trunk spanning-tree portfast From: Karen E Young Reply-To: [EMAIL PROTECTED] To: Emile Harding CC: [EMAIL PROTECTED] Subject: Re: Cisco VLAN Help-Group Study [7:62293] Date: Fri, 31 Jan 2003 18:45:00 -0800 MIME-Version: 1.0 Received: from mclean.mail.mindspring.net ([207.69.200.57]) by mc5-f13.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Fri, 31 Jan 2003 18:45:57 -0800 Received: from user-2ini8mv.dialup.mindspring.com ([165.121.34.223] helo=sparky)by mclean.mail.mindspring.net with esmtp (Exim 3.33 #1)id 18enfE-0002R9-00; Fri, 31 Jan 2003 21:45:53 -0500 X-Message-Info: dHZMQeBBv44lPE7o4B5bAg== Message-ID: In-Reply-To: References: X-Mailer: Calypso Version 3.30.00.00 (4) Return-Path: [EMAIL PROTECTED] X-OriginalArrivalTime: 01 Feb 2003 02:45:57.0798 (UTC) FILETIME=[0C48E460:01C2C99C] Emile, Here's what I see right off hand... 1) You aren't trunking. The switch isn't set up for it. Pick a port to connect the switch to the router with and configure it to trunk. Make sure that it isn't set up with a VLAN as this can interfer witht eh trunking. Example, if you want FE0/1 to be your trunk and its native VLAN to be VLAN 3: interface FastEthernet0/1 switchport trunk encapsulation isl switchport mode trunk switchport trunk native 3 this set ts the default (non-trunking) vlan of the port to VLAN 3, sets the trunking encfapsulation to ISL, and tells the port to act as a trunk with the configured encapsulation. 2) You're set up up to run each VLAN into the router via separate links. Kind of negates the idea of using trunking doesn't it? See #1 3) Your switch's IP address is on one of your production VLANs. Not a good idea since high traffic can swamp out control and management traffic between the various switches and the router. *** REPLY SEPARATOR *** On 2/1/2003 at 12:25 AM Emile Harding wrote: I am having a problem getting two VLANS to work.Help, I can't ping I am using ISL as my trunking protocol.As far as I know you have to enable trunking on the switch and use one of the trunking protocols on the router(which I choose ISL)..Please help me and if I have any configs wrong,please let me know. I have a Cisco Catalyst 2900 XL Switch and a Cisco 2600 router with two fastethernet ports. I have the configs for the router and the switch below. I have spanning-tree enabled and I am using VTP in server mode because I plan on adding 8 more swtiches. I have trunking enabled on port 16 of the switch with a straight through cable that is connected to Fast Ethernet 0/0 of the router.I am also using ISL. On the switch I am using port 1-16 on VLAN 3 and ports 17-24 on VLAN 10 Workstation 2 is connected to port 17 which is on VLAN 10 Workstation 1 is connected to port 3 which is on VLAN 3 Workstation 1 Ip address=192.168.1.45 subnet=255.255.255.0 gateway=192.168.1.1 Workstation 2 Ip address=192.168.0.54 subnet=255.255.255.0 gateway=192.168.0.1 _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail Current configuration: ! version 12.0 no service pad service timestamps debug datetime msec localtime service timestamps log datetime msec localtime service password-encryption ! hostname Switch1-1 ! enable secret 5 $1$AppX$lxWOJEnWjeksz3O2bpPvs/ ! ! ip subnet-zero ! cluster commander-address 0001.96b1.0b40 ! ! interface FastEthernet0/1 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/2 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/3 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/4 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/5 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/6 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/7 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/8 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/9 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/10 switchport access vlan 3 spanning-tree portfast ! interface FastEthernet0/11 switchport access vlan 3 spanning-tree portfast ! interface
