RE: ADSL Between Head Office and Remote Branch [7:63711]
As Skarphedinsson told me before about the G.SHDSL 828, he was completely right. Cisco 828 and SOHO 78 G.SHDSL routers offer an affordable broadband WAN access solution that can be carried over existing copper telephone lines (Dry one). The routers provide a symmetrical WAN connection at speeds up to 2.3 Mbps with a 20,000-foot distance limitation. G.SHDSL standard allow two G.SHDSL routers to directly connect with copper wiring in a back-to-back configuration. This back-to-back scenario allows two Cisco 828 or Cisco SOHO 78 G.SHDSL routers to connect without a DSLAM or IP DSL Switch between the units. Ismail Al-Shelh Thanks for to Troy, Skarphedinsson, Steve Wilson and all. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 8:52 AM Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] I have read the MXL-2300 Brochure its really not complicated like Cisco DSL products cause to be honest I have lost in Cisco site searching for the right product to implement my solution , I am still interested to look for the equivalent product from Cisco, but if I did not find it then I will go for MXL-2300. Thanks for help. Ismail Al-Shelh -Original Message- From: Troy Leliard [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 7:31 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] What you want to do is possibleinfact I demo'd something similar. I used the MXL-2300 from tut systems ... http://www.tutsys.com/mtu/products/ethernetworking/mxl_2300/index.cfm at anything under 3.5km you can get about 2MB. I haven't tried it this using any cisco kit, Ismail Al-Shelh wrote: I think I have to refine my question to be clearer Again I want to connect my branch office with my head office (1.5Km) away via DSL without any external service provider (phone company). Two dry copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal: Clients PC--Ethernet-dsl router-dry pair of copper wiresdsl router---Ethernet--Clients PC. Ismail Al-Shelh Thanks for your help. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 4:11 PM To: [EMAIL PROTECTED] Subject: ADSL Between Head Office and Remote Branch [7:63711] I want to connect my branch office with my head office (1.5Km) away via ADSL without any external service provider. Two copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal? Clients PC--Ethernet--837 ADSL-pair of copper wires837 ADSL---Ethernet--Clients PC Ismail Al-Shelh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63842t=63711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer Software [7:63796]
Why not try ethereal .. its free!! PacketEXPERTS wrote: Have anyone gotten NetXray 3.0 or Sniffer Pro 4.5 to work with XP. Thanks ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63844t=63796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bridging over point to point [7:63790]
Is your video delivery method unicast or multicast. If it is multicast you may need to enable m/cast routing. Terry Martin wrote: I have set up in my lab, bridging over a point to point T1. I am now trying to pass video traffic over this link, and it is not working. I can ping from a pc on each side of the bridge, but I am having problems with this specific application. I don't think I need to prioritize anything, since video is the only traffic. I do not have any access lists or firewalls set up. Any suggestions? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63843t=63790 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: REdistrubution - Two way [7:63827]
Redistributing IGP's into EGP's, while possible is not always the best solution. If you IGP (in this case RIP), is not stable it can cause route flapping in BGP (which has greater consequences than for IGP's. in that upstream BGP peers would route dampen your flapping routes.) You would also want to summarise your routes in BGP (help keep the world a smaller place!), and having RIP redistribute into BGP may introduce shorter prefixes (of course this does depend on your exact scenario, as you rip prefix could be a /16 ;) ) Likewise it depends on what you BGP tables are like...if you are taking full BGP routes, and try to distribute this into RIP, you RIP domain would really just fall over. Once again this is all dependent on what you are trying to achieve .. if you where providing a L2 tunnels (over your MPLS) between two sites running rip, (not sure why you would want to redistribute into BGP though), but that could be one scenario. What I have tended to do, is have our IGP (OSPF, and in some places EIGRP), I manually inject our supersets into BGP process using the network command (with a route to null0 for the superset, so that synchronisation is not a problem)! This way BGP only advertises my superset (actually 5 /19 supersets :). That deals with how we advertise our network range to the world. On the edge routers we then have a default originate route that is propogated throughout the IGP, and that is how internal devices get out to the world.. (You can also use HSRP etc) I know I have gone one a bit, but it is quiet difficult to give any advice without knowing what the actual requirements are. As always, this above is just my thoughts! Hope this helps ! Troy Metla Venu Gopal wrote: Hi All In a single router can I redistribute RIP into BGP and BGP into RIP. is this allowed. A explanatory notes is appreciated and links if any to cisco notes or anywhere is highly applauded. thanx venu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63845t=63827 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Conent Switching on LD416's [7:63846]
Hi there all, I've got a couple of Local Director's, and am trying to find a way of doing intelligent layer7) health checks of real servers. eg for ftp, the LD will probe port 21 on eht real server...if this port is not in a listening stated the LD will remove the real server from the binding to the VIP (Virtual IP)? There are built in mechanisms to do this probe for HTTP and DNS, but as yet have not found a way to do it for non-standard services / ports ? I know you can do this on the CSS's, but not sure about the 4216's. I have an open TAC case about this so we'll have a race and see who gets back first :) CHeers Troy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63846t=63846 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP notification message [7:63847]
This is the extract from a show log Feb 26 03:37:28: %BGP-3-NOTIFICATION: received from neighbor 203.162.129.39 4/0 (hold time expired) 0 bytes Feb 26 03:37:28: %BGP-5-ADJCHANGE: neighbor 203.162.129.39 Down BGP Notification received Feb 26 03:46:44: %BGP-5-ADJCHANGE: neighbor 203.162.129.39 Up 1. what is the meaning of BGP-3-notification 2. what is the meaning of BGP-5-adjchange 3. Is there a way to tell what is the error code in this notification message ? Can anyone explain the above to me Thanks a lot kws Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63847t=63847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
New CCDP [7:63848]
Please note that under the new structure, Remote Access exam (640-605) will no longer be a required exam for CCDP. Registration for the current 640-025 exam will end on May 27, 2003, and the existing Cisco Internetwork Design (CID) course will end-of-life on April 28, 2003. For those candidates who have already completed the current CID exam, Cisco will recognize Remote Access and CID exams instead of the ARCH exam until September 1, 2003. I have a CCNP and am taking the CID today, am I reading the cisco text right as to If I complet the requierments for the old CCDP before Sept 1. 2003 I wil be valid as an CCDP and I dont have to recertify until after the normal amount of time ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63848t=63848 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP notification message [7:63847]
Notification is one of the 4 message types used by BGP. The other three are keepalives, open and updates. Notifications are used to inform the receiving router of errors. Looks like neighbor did not respond before hold down time expired and therefore adjacency was lost and then recovered 9 min 16 sec later. Hope this helps. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63849t=63847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP notification message [7:63847]
Hi Fred Thanks for your reply. I am trying to find out what causes the peer to lose connection. By looking at the log,I only know that it was down for 9 mins. No other information is given in the log. I know that the notifications message itself has some kind of error code and sub code that will indicate what is the error for eg error code of 1 refers to message header error error code of 2 refers to open message error error code of 3 refers to update message and so on Is there a way where you can see what is the error code in the notification message ? maybe like doing a debug or something ? Regards kws Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63850t=63847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP notification message [7:63847]
From the cisco website Error Message %BGP-5-ADJCHANGE: neighbor [chars][chars][chars][chars] [chars] Explanation A BGP neighbor has either come up or gone down. This message describes the change for the BGP neighbor and appears only if the log-neighbor-changes command is configured for the BGP process. Recommended Action This informational message normally appears as routers and BGP neighbors go up or down. However, unexpected neighbor loss might indicate high error rates or high packet loss in the network and should be investigated. Error Message %BGP-6-ASPATH: [chars] AS path [chars] received from [chars]: [chars] Explanation The remote BGP peer has sent in an update with an invalid AS path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Error Message %BGP-3-BADROUTEMAP: Bad parameters in the route-map [chars] applied for [chars] Explanation The route map contains parameters that are incompatible with the intended operation. Recommended Action Correct the route map definition. Error Message %BGP-3-BGP_INCONSISTENT: [chars] Inconsistent [chars] Explanation An inconsistency in the data structures has been detected. Recommended Action This is a rare situation and is the result of an internal problem. Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Error Message %BGP-3-DELPATH: Attempted to delete path from an empty net for [chars] Explanation A BGP path could not be deleted because of an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. KW S wrote: This is the extract from a show log Feb 26 03:37:28: %BGP-3-NOTIFICATION: received from neighbor 203.162.129.39 4/0 (hold time expired) 0 bytes Feb 26 03:37:28: %BGP-5-ADJCHANGE: neighbor 203.162.129.39 Down BGP Notification received Feb 26 03:46:44: %BGP-5-ADJCHANGE: neighbor 203.162.129.39 Up 1. what is the meaning of BGP-3-notification 2. what is the meaning of BGP-5-adjchange 3. Is there a way to tell what is the error code in this notification message ? Can anyone explain the above to me Thanks a lot kws Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63851t=63847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ADSL Between Head Office and Remote Branch [7:63711]
Hi, Is this correct? Has anyone tried this before? If it's true, then it will really be great!! Imagine being able to replace frame relay, vpn for a office thats nearby and not have to pay a service provider on a regular basis for port/pvc/cir charges. Albert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 6:32 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] As Skarphedinsson told me before about the G.SHDSL 828, he was completely right. Cisco 828 and SOHO 78 G.SHDSL routers offer an affordable broadband WAN access solution that can be carried over existing copper telephone lines (Dry one). The routers provide a symmetrical WAN connection at speeds up to 2.3 Mbps with a 20,000-foot distance limitation. G.SHDSL standard allow two G.SHDSL routers to directly connect with copper wiring in a back-to-back configuration. This back-to-back scenario allows two Cisco 828 or Cisco SOHO 78 G.SHDSL routers to connect without a DSLAM or IP DSL Switch between the units. Ismail Al-Shelh Thanks for to Troy, Skarphedinsson, Steve Wilson and all. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 8:52 AM Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] I have read the MXL-2300 Brochure its really not complicated like Cisco DSL products cause to be honest I have lost in Cisco site searching for the right product to implement my solution , I am still interested to look for the equivalent product from Cisco, but if I did not find it then I will go for MXL-2300. Thanks for help. Ismail Al-Shelh -Original Message- From: Troy Leliard [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 7:31 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] What you want to do is possibleinfact I demo'd something similar. I used the MXL-2300 from tut systems ... http://www.tutsys.com/mtu/products/ethernetworking/mxl_2300/index.cfm at anything under 3.5km you can get about 2MB. I haven't tried it this using any cisco kit, Ismail Al-Shelh wrote: I think I have to refine my question to be clearer Again I want to connect my branch office with my head office (1.5Km) away via DSL without any external service provider (phone company). Two dry copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal: Clients PC--Ethernet-dsl router-dry pair of copper wiresdsl router---Ethernet--Clients PC. Ismail Al-Shelh Thanks for your help. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 4:11 PM To: [EMAIL PROTECTED] Subject: ADSL Between Head Office and Remote Branch [7:63711] I want to connect my branch office with my head office (1.5Km) away via ADSL without any external service provider. Two copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal? Clients PC--Ethernet--837 ADSL-pair of copper wires837 ADSL---Ethernet--Clients PC Ismail Al-Shelh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63852t=63711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: FW: Ethernet Slot Time and Delay [7:63659]
Ms. Oppenheimer A Collegue of my pointed out to me that my wording my have seemed harsh. And that is why you slammed me for it. I did'nt think of it as a slamming just an expercience tech answering the newbie's questions. But if I offended you in any way, I apologize. I will also try and watch the way I word my questions. I know sometimes it seems I am being argrumentive. Its just when I have an understanding of a certain technology I tend to defend and back what I understand. I geuss I will work on that. Well thank you any way for answering by question! Thanks you too B.A. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 9:21 AM To: [EMAIL PROTECTED] Subject: RE: FW: Ethernet Slot Time and Delay [7:63659] Newell Ryan D SrA 18 CS/SCBT wrote: 500 Meters?? It's 2500 meters. In one example of such a network, there can be 5 segments, 4 repeaters (hubs), but only 3 segments can have end systems. That's the infamous 5-4-3 rule. It makes a lot of assumptions. Really, the size of the network depends on round-trip propagation delay for the particular equipment, cables, and cable lengths. Maybe I was wrong for thinking that. If my net was all 10 Base T, then with max 5 segments...500 meters. That's were I got that number from. Measuring the size of the collision domain is well under slot time. So I could technically extend the size of the network. The segment from the hub to the end station might be 100 meters, as that's how structured cabling is usually done. Between hubs probably isn't 100 meters, for what it's worth. In fact, it might be fiber-optic cabling. One of the things I ran into was the formula to use to calculate the round trip delay. With the formula in your book I came up with 210 bit times round trip for 500 meter 4 hub network. But with the definitive guide's method I got 362 bit times. When I was going back and forth between books I think I got lost somewhere. For a 100 meter cable they suggest 11.3 bit times. While you suggest 5 one-way or 10 round trip...very close. But they start with a base value. Example First segment would be 26.55 bit times instead of 11.3. The base value is 15.25. 15.25+11.3=26.55 bit times for the first segment. Technically, IEEE does say to add some DTE delay time, i.e. time at the stations themselves, both the sender and receiver. This is all documented in IEEE 802.3 documents, which are available for free from IEEE. It's not worth reading though (for this purpose I mean.) I think I understand the theory behind slot time. It takes a station 51.2 micro seconds to transmit the smallest frame. So station a needs to be notified by any other station if a collision was to happen while it was still transmitting. That's it. So when the first bit of station a's preamble hits station z (at the other side of the network) rx pins while station z was transmitting, it's first bit hits the repeater. The repeater is going to use collision enforcement to make all stations including station a is aware of the collision. This must happen before station a finishes transmitting the smallest Ethernet frame. I think that is it. So should bit time be the time it takes to transmit the preamble and 512 bits? The preamble doesn't count. It's used to recover timing. A station or repeater might not catch all of the preamble. It just has to see the pattern and the start of frame delimiter. A repeater regenerates the preamble, by the way. One more thing... A proper preamble should look like 10101010 or AA. I'm sure I read somewhere that a collision would appear with all 5's or C's. We used to see 55s on old coax networks. Never saw Cs though. How would that be possible if as soon as the repeater detects a collision it sends out a jam signal out all its ports? Then you would see alternating ones and zeros on the end of a frame. I have seen this, but not recently. My current NIC won't give me bad frames so even a sniffer doesn't give them to me. Also a frame with a bad CRC is suspect of a collision. The frame got damaged when the collision occured. How? If you know where I could get more reading on this that would be great! IEEE 802.3. Thanks for answering my questions! We are what we repeatedly do. Excellence, then, is not an act, but a habit.--Aristotle Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63853t=63659 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ADSL Between Head Office and Remote Branch [7:63711]
Found it on cisco.com http://www.cisco.com/warp/public/cc/pd/rt/800/prodlit/apcnf_an.htm Sounds great!! If only it could do multipoint rather than only point-to-point, I guess you can't expect too much from a copper pair. Maybe cisco can come out with router with multiple g.shdsl interface. Albert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 6:32 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] As Skarphedinsson told me before about the G.SHDSL 828, he was completely right. Cisco 828 and SOHO 78 G.SHDSL routers offer an affordable broadband WAN access solution that can be carried over existing copper telephone lines (Dry one). The routers provide a symmetrical WAN connection at speeds up to 2.3 Mbps with a 20,000-foot distance limitation. G.SHDSL standard allow two G.SHDSL routers to directly connect with copper wiring in a back-to-back configuration. This back-to-back scenario allows two Cisco 828 or Cisco SOHO 78 G.SHDSL routers to connect without a DSLAM or IP DSL Switch between the units. Ismail Al-Shelh Thanks for to Troy, Skarphedinsson, Steve Wilson and all. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 8:52 AM Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] I have read the MXL-2300 Brochure its really not complicated like Cisco DSL products cause to be honest I have lost in Cisco site searching for the right product to implement my solution , I am still interested to look for the equivalent product from Cisco, but if I did not find it then I will go for MXL-2300. Thanks for help. Ismail Al-Shelh -Original Message- From: Troy Leliard [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 7:31 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] What you want to do is possibleinfact I demo'd something similar. I used the MXL-2300 from tut systems ... http://www.tutsys.com/mtu/products/ethernetworking/mxl_2300/index.cfm at anything under 3.5km you can get about 2MB. I haven't tried it this using any cisco kit, Ismail Al-Shelh wrote: I think I have to refine my question to be clearer Again I want to connect my branch office with my head office (1.5Km) away via DSL without any external service provider (phone company). Two dry copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal: Clients PC--Ethernet-dsl router-dry pair of copper wiresdsl router---Ethernet--Clients PC. Ismail Al-Shelh Thanks for your help. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 4:11 PM To: [EMAIL PROTECTED] Subject: ADSL Between Head Office and Remote Branch [7:63711] I want to connect my branch office with my head office (1.5Km) away via ADSL without any external service provider. Two copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal? Clients PC--Ethernet--837 ADSL-pair of copper wires837 ADSL---Ethernet--Clients PC Ismail Al-Shelh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63854t=63711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ADSL Between Head Office and Remote Branch [7:63711]
NON Cisco, but hey .. tutsytems have a MTU pop (Multi Tenant User), basically its not multipoint but a chasis that can terminate numberous SDSL connections over existing copper pair. The use an eample of puytting one of these in the basement of a tenant appartment, then using the existing copper (telephony), you can provide access to all the users in the block (they need to have a splitter, but thats it!). Then you would have a single WAN (eg T1) from the chassis to a provider. Making use of dark copper / fibre (ie no signalling etc), is a great way to provide cheap point-to-point links between sites (within the distance limitations). Albert Lu wrote: Found it on cisco.com http://www.cisco.com/warp/public/cc/pd/rt/800/prodlit/apcnf_an.htm Sounds great!! If only it could do multipoint rather than only point-to-point, I guess you can't expect too much from a copper pair. Maybe cisco can come out with router with multiple g.shdsl interface. Albert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 6:32 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] As Skarphedinsson told me before about the G.SHDSL 828, he was completely right. Cisco 828 and SOHO 78 G.SHDSL routers offer an affordable broadband WAN access solution that can be carried over existing copper telephone lines (Dry one). The routers provide a symmetrical WAN connection at speeds up to 2.3 Mbps with a 20,000-foot distance limitation. G.SHDSL standard allow two G.SHDSL routers to directly connect with copper wiring in a back-to-back configuration. This back-to-back scenario allows two Cisco 828 or Cisco SOHO 78 G.SHDSL routers to connect without a DSLAM or IP DSL Switch between the units. Ismail Al-Shelh Thanks for to Troy, Skarphedinsson, Steve Wilson and all. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 8:52 AM Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] I have read the MXL-2300 Brochure its really not complicated like Cisco DSL products cause to be honest I have lost in Cisco site searching for the right product to implement my solution , I am still interested to look for the equivalent product from Cisco, but if I did not find it then I will go for MXL-2300. Thanks for help. Ismail Al-Shelh -Original Message- From: Troy Leliard [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 7:31 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] What you want to do is possibleinfact I demo'd something similar. I used the MXL-2300 from tut systems ... http://www.tutsys.com/mtu/products/ethernetworking/mxl_2300/index.cfm at anything under 3.5km you can get about 2MB. I haven't tried it this using any cisco kit, Ismail Al-Shelh wrote: I think I have to refine my question to be clearer Again I want to connect my branch office with my head office (1.5Km) away via DSL without any external service provider (phone company). Two dry copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal: Clients PC--Ethernet-dsl router-dry pair of copper wiresdsl router---Ethernet--Clients PC. Ismail Al-Shelh Thanks for your help. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 4:11 PM To: [EMAIL PROTECTED] Subject: ADSL Between Head Office and Remote Branch [7:63711] I want to connect my branch office with my head office (1.5Km) away via ADSL without any external service provider. Two copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal? Clients PC--Ethernet--837 ADSL-pair of copper wires837 ADSL---Ethernet--Clients PC Ismail Al-Shelh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63855t=63711 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
7204 and 7206 Router Expansion [7:63856]
Hello All, I would like to know the possibility of expanding the Cisco 7204 VXR (NPE-225) - 6 Slot and cisco 7206 VXR Routers with NPE-400 (6 Slots). Base configuration: 1. Cisco 7204 VXR Router with NPE-225 I/O slot with 1 Ethernet Interface with 6 Slots-IOS 12.2.4(T)3. 2. 1. Cisco 7204 VXR Router with NPE-400 I/O slot with 1 Ethernet Interface with 6 Slots-IOS 12.0.4 (XE) I want to use 4 OC-3 Interface,1 Gigabit interface, 2 Fast Ethernet interface. Is this possible to use the above interfaces in both above said router?. If yes what IOS version required. Please mail me how many different type of interfaces can be added to the available maximum of 6 slots. Best Regards, R.S.Sundar SSG Manager *** This message is proprietary to Future Software Limited (FSL) and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. FSL accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63856t=63856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. The network: Host A 10.1.1.2 MAC 00.AA Host B 10.1.2.2 MAC 00.BB |10.1.1.1 MAC 01.AA 10.1.2.1 MAC 02.BB| switch A---Router-switch B 10.1.1.0/2410.1.2.0/24 This is an ethernet network. Both segments are connected by a traditional router say a 2500. In this instance the router interfaces are subnet A 10.1.1.1, and subnet B 10.1.2.1 For simplicity, assume ARP cache is empty. Host A wishes to ping Host B End user on Host A enters - ping 10.1.2.2 The IP packet places the source address 10.1.1.2 and the destination address 10.1.2.2 into the packet. The IP protocol examines the IP address and based on the IP address determines this is in another subnet. An ARP request goes out for 10.1.1.1 (default gateway) and the MAC address is found. The DLL then places the source MAC address 00.AA and the destination MAC 01.AA into the frame. The frame then goes out the wire to the destination MAC. The router interface sees this frame as destined for itself. It de-encapsulates the frame removing the MAC addresses. The router then examines the IP address, based on the routing table it knows the destination port. The router leaves the same IP source (10.1.1.2) and destination (10.1.2.2) in the packet. The frame is rebuilt with the new MAC address of source 02.BB and destination 00.BB Host B grabs this packet and does it's thing. Now, if I replace the router with a 6509 switch, with routing, how does the process change? Said 6509 would be equipped with a 10/100 card so that the hosts are now directly connected. The router interface is now a virtual interface, there is no physical interface. Which is another question. How does the 6509 determine this virtual address? Am I correct? Inter VLAN communication cannot occur without a router. Switching is based on MAC address. Routing is based on IP address. I believe the term layer 3 routing is a marketing term, not scientific or engineering in nature. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63857t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2950 telnet access is lost after vlans [7:63789]
You will need routing between the VLANs. If this is done via the uplink you will also need to do some trunking. Hope this helps. -Original Message- From: J. Johnson [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 5:06 PM To: [EMAIL PROTECTED] Subject: 2950 telnet access is lost after vlans [7:63789] I've lost some telnet access to my 2950 after implementing vlans. Before - Address 10.0.0.6 was available on vlan 1, which was the default vlan for all ports. telnet was possible into the switch from machines connected to any port. After - Created several vlans (5, 6, 7, and 8) and split the ports among them. Now when I do: switch(config)#interface vlan 5 switch(config-if)#ip address 10.0.0.6 255.255.255.0 switch(config-if)#no shutdown the vlan interface that was previously up shuts down and only boxes connected to the ports in vlan 5 are able to telnet into the switch. Is there a way to allow boxes on ports assigned to other vlans to telnet into the switch at 10.0.0.6? James Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63858t=63789 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ADSL Between Head Office and Remote Branch [7:63711]
Sounds interesting. I'm looking at the IntelliPop 5000. It looks like it's doing VDSL, and limited to 4000ft. This is probably only suitable for utilising copper pairs within a building. But it pipes data at up to 26Mbps. Cisco's G.SHDSL goes alot further but with lesser bandwidth. Does anyone know if there's a DSL NIC that can go into your PC, rather than having a CPE device? Also, I'm not too familiar with DSL, but does it allow a splitter facility which you can split your line for voice and data? Any ideas how much the Tutsys product costs? Albert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 9:36 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] NON Cisco, but hey .. tutsytems have a MTU pop (Multi Tenant User), basically its not multipoint but a chasis that can terminate numberous SDSL connections over existing copper pair. The use an eample of puytting one of these in the basement of a tenant appartment, then using the existing copper (telephony), you can provide access to all the users in the block (they need to have a splitter, but thats it!). Then you would have a single WAN (eg T1) from the chassis to a provider. Making use of dark copper / fibre (ie no signalling etc), is a great way to provide cheap point-to-point links between sites (within the distance limitations). Albert Lu wrote: Found it on cisco.com http://www.cisco.com/warp/public/cc/pd/rt/800/prodlit/apcnf_an.htm Sounds great!! If only it could do multipoint rather than only point-to-point, I guess you can't expect too much from a copper pair. Maybe cisco can come out with router with multiple g.shdsl interface. Albert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 6:32 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] As Skarphedinsson told me before about the G.SHDSL 828, he was completely right. Cisco 828 and SOHO 78 G.SHDSL routers offer an affordable broadband WAN access solution that can be carried over existing copper telephone lines (Dry one). The routers provide a symmetrical WAN connection at speeds up to 2.3 Mbps with a 20,000-foot distance limitation. G.SHDSL standard allow two G.SHDSL routers to directly connect with copper wiring in a back-to-back configuration. This back-to-back scenario allows two Cisco 828 or Cisco SOHO 78 G.SHDSL routers to connect without a DSLAM or IP DSL Switch between the units. Ismail Al-Shelh Thanks for to Troy, Skarphedinsson, Steve Wilson and all. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 8:52 AM Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] I have read the MXL-2300 Brochure its really not complicated like Cisco DSL products cause to be honest I have lost in Cisco site searching for the right product to implement my solution , I am still interested to look for the equivalent product from Cisco, but if I did not find it then I will go for MXL-2300. Thanks for help. Ismail Al-Shelh -Original Message- From: Troy Leliard [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 7:31 PM To: [EMAIL PROTECTED] Subject: RE: ADSL Between Head Office and Remote Branch [7:63711] What you want to do is possibleinfact I demo'd something similar. I used the MXL-2300 from tut systems ... http://www.tutsys.com/mtu/products/ethernetworking/mxl_2300/index.cfm at anything under 3.5km you can get about 2MB. I haven't tried it this using any cisco kit, Ismail Al-Shelh wrote: I think I have to refine my question to be clearer Again I want to connect my branch office with my head office (1.5Km) away via DSL without any external service provider (phone company). Two dry copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal: Clients PC--Ethernet-dsl router-dry pair of copper wiresdsl router---Ethernet--Clients PC. Ismail Al-Shelh Thanks for your help. -Original Message- From: Ismail Al-Shelh [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 4:11 PM To: [EMAIL PROTECTED] Subject: ADSL Between Head Office and Remote Branch [7:63711] I want to connect my branch office with my head office (1.5Km) away via ADSL without any external service provider. Two copper wires are laid physically from the Head Office to the Branch office. Is this design going to achieve my goal? Clients PC--Ethernet--837 ADSL-pair of copper wires837 ADSL---Ethernet--Clients PC Ismail Al-Shelh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63859t=63711 -- FAQ, list archives, and
Cisco VPN [7:63860]
I don't believe I'm meant to be able to accept incoming VPN requests and connect to my employer's VPN. Specifically the problem is VPN requests are serviced on the way in and at the same time I can successfully connect to my employer's VPN but I can't decrypt the packets coming back from my employer while I'm configured to accept VPN requests on my external interface (crypto map statement.) ODD or just not meant to be? Maybe its just the level of encryption? Any thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63860t=63860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
If you are using MSFC2/PFC2, the PFC2 (does layer 3 wirespeed 'forwarding' between Vlan) will have a FIB (forwarding information base), which is a copy of the RIB (routing information base). The RIB is built on the MSFC2 (router functions). Even the first packet between Vlan 1 and 2 will be wire speed because the FIB will have an entry saying what is the next hop and the layer 2 header it should use. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63861t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Voice degradation problem in Cisco VoIP networ [7:63823]
If you want, send us the configuration (with fantasy addresses) and the result of show interface and show interface stats. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63862t=63823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 7204 and 7206 Router Expansion [7:63856]
the problem with the 72xx series is the limited backplane. Cisco uses a bandwidth points method for determining numbers and kinds of cards. There is a left half and a right half and it is strongly recommended that you do not exceed the bandwidth points for each side. you may want to try out the Cisco configuration tool, found at: http://www.cisco.com/appcontent/apollo/configureHomeGuest.html try out the cards and see what the validation tells you. so far as I know, the router remains operational if you exceed bandwidth points. However, if you have performance problems, Cisco will not support you. It may be that a 7300 might be more appropriate for your high capacity needs. -- TANSTAAFL there ain't no such thing as a free lunch R.S.Sundar wrote in message news:[EMAIL PROTECTED] Hello All, I would like to know the possibility of expanding the Cisco 7204 VXR (NPE-225) - 6 Slot and cisco 7206 VXR Routers with NPE-400 (6 Slots). Base configuration: 1. Cisco 7204 VXR Router with NPE-225 I/O slot with 1 Ethernet Interface with 6 Slots-IOS 12.2.4(T)3. 2. 1. Cisco 7204 VXR Router with NPE-400 I/O slot with 1 Ethernet Interface with 6 Slots-IOS 12.0.4 (XE) I want to use 4 OC-3 Interface,1 Gigabit interface, 2 Fast Ethernet interface. Is this possible to use the above interfaces in both above said router?. If yes what IOS version required. Please mail me how many different type of interfaces can be added to the available maximum of 6 slots. Best Regards, R.S.Sundar SSG Manager *** This message is proprietary to Future Software Limited (FSL) and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. FSL accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. *** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63863t=63856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cannot ping ospf routes from a rip router? [7:63864]
Hello, I have 3 routers setup, running ospf and rip ver 1 with 2 way redistribution on the middle router.The ospf routers have loopbacks as 10.8.8.8/24 and 10.9.9.9/24The rip router has a loopback of 10.2.2.2/24.The middle router running rip has networks 10 and netw 120 defined.I cannot ping 10.9.9.9 or 10.8.8.8 from the rip routerWithout configuring static routes, how can I ping these networks?Thank you for your help.Sincerely,CN Config. on the middle router running both rip and ospf:R1-E#rbr router ospf 999 log-adjacency-changes redistribute connected subnets redistribute rip subnets network 120.20.30.0 0.0.0.255 area 0 network 120.20.40.0 0.0.0.255 area 0 ! router rip redistribute connected metric 2 redistribute ospf 999 metric 2 network 10.0.0.0 network 120.0.0.0 From the rip router:R2-B#r C192.168.10.0/24 is directly connected, Ethernet0 10.0.0.0/24 is subnetted, 1 subnets C 10.2.2.0 is directly connected, Loopback0 120.0.0.0/24 is subnetted, 3 subnets R 120.20.40.0 [120/1] via 120.20.20.2, 00:00:14, Serial0 R 120.20.30.0 [120/1] via 120.20.20.2, 00:00:14, Serial0 C 120.20.20.0 is directly connected, Serial0 R2-B#ping 10.9.9.9Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.9.9.9, timeout is 2 seconds: . Success rate is 0 percent (0/5) R2-B# Any ideas?? MSN 8 helps ELIMINATE E-MAIL VIRUSES. Get 2 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63864t=63864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
catOS system prompt [7:63865]
in the process of resolving attribute errors in the ciscoworks rme database, I realized that when the system prompt is manually set, it causes a conflict with tacacs user and enable passwords. it appears to be a bug with the latest version of RME. is it possible to clear the system prompt, or set it back to default blank ? _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63865t=63865 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Backup Site - 152Mbps [7:63866]
To build a backup server farm site (22 servers), with maximum requirement of 152Mbps (peak): Economic approach: 3640 with ATM module 3550-48-SMI 3 ATM PVCs, to the major points of the backbone (LS1010 switches and 6509-FlexWan ATM card); each PVC 5 Mbps SCR. Robust and Scalable approach: 6006 with ATM module The peak is considering the maximum rate if all servers were accessed at the same time (based on MRTG daily statistics). Any thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63866t=63866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cannot ping ospf routes from a rip router? [7:63864]
please send the rest of the config so we can have a look. -Original Message- From: Cisco Nuts [mailto:[EMAIL PROTECTED] Sent: 26 February 2003 16:31 To: [EMAIL PROTECTED] Subject: Cannot ping ospf routes from a rip router? [7:63864] Hello, I have 3 routers setup, running ospf and rip ver 1 with 2 way redistribution on the middle router.The ospf routers have loopbacks as 10.8.8.8/24 and 10.9.9.9/24The rip router has a loopback of 10.2.2.2/24.The middle router running rip has networks 10 and netw 120 defined.I cannot ping 10.9.9.9 or 10.8.8.8 from the rip routerWithout configuring static routes, how can I ping these networks?Thank you for your help.Sincerely,CN Config. on the middle router running both rip and ospf:R1-E#rbr router ospf 999 log-adjacency-changes redistribute connected subnets redistribute rip subnets network 120.20.30.0 0.0.0.255 area 0 network 120.20.40.0 0.0.0.255 area 0 ! router rip redistribute connected metric 2 redistribute ospf 999 metric 2 network 10.0.0.0 network 120.0.0.0 From the rip router:R2-B#r C192.168.10.0/24 is directly connected, Ethernet0 10.0.0.0/24 is subnetted, 1 subnets C 10.2.2.0 is directly connected, Loopback0 120.0.0.0/24 is subnetted, 3 subnets R 120.20.40.0 [120/1] via 120.20.20.2, 00:00:14, Serial0 R 120.20.30.0 [120/1] via 120.20.20.2, 00:00:14, Serial0 C 120.20.20.0 is directly connected, Serial0 R2-B#ping 10.9.9.9Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.9.9.9, timeout is 2 seconds: . Success rate is 0 percent (0/5) R2-B# Any ideas?? MSN 8 helps ELIMINATE E-MAIL VIRUSES. Get 2 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63867t=63864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 7204 and 7206 Router Expansion [7:63856]
R.S.Sundar wrote: Hello All, I would like to know the possibility of expanding the Cisco 7204 VXR (NPE-225) - 6 Slot The 7204 has 4 slots and a VXR with a NPE225 does not fully utilize the VXR backplane capabilities, you need at least a NPE300 and cisco 7206 VXR Routers with NPE-400 (6 Slots). Do a search on CCO, keywords bandwidth points and the first hit you will get a very informative powerpoint presentation. With all the high speed inetrfaces your proposing you could easily exceed the recommended points. With the NPE225 instead of calculating points you are limited by the number of high, medium and low PA's. Dave Base configuration: 1. Cisco 7204 VXR Router with NPE-225 I/O slot with 1 Ethernet Interface with 6 Slots-IOS 12.2.4(T)3. 2. 1. Cisco 7204 VXR Router with NPE-400 I/O slot with 1 Ethernet Interface with 6 Slots-IOS 12.0.4 (XE) I want to use 4 OC-3 Interface,1 Gigabit interface, 2 Fast Ethernet interface. Is this possible to use the above interfaces in both above said router?. If yes what IOS version required. Please mail me how many different type of interfaces can be added to the available maximum of 6 slots. Best Regards, R.S.Sundar SSG Manager *** This message is proprietary to Future Software Limited (FSL) and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. FSL accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. *** -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63868t=63856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer Software [7:63796]
Or NGSSniff..also free and works without a driver. -Original Message- From: Troy Leliard [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 3:20 AM To: [EMAIL PROTECTED] Subject: RE: Sniffer Software [7:63796] Why not try ethereal .. its free!! PacketEXPERTS wrote: Have anyone gotten NetXray 3.0 or Sniffer Pro 4.5 to work with XP. Thanks ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63870t=63796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
That all looks pretty good ... On the MSFC/RSM - do a show interface: (edited for length) Vlan8 is up, line protocol is up Hardware is Cat6k RP Virtual Ethernet, address is 00d0.d335.6614 Vlan9 is up, line protocol is up Hardware is Cat6k RP Virtual Ethernet, address is 00d0.d335.6614 So ... each 'router interface' has a MAC. The fact that it is the same is irrelevant as they are on different network/logical segments . So the frame comes in with a destination mac of 00d0.d335.6614, and when forwarded will leave with a source mac of 00d0.d335.6614 (same) ... Does that help? Oh - and I think you meant to say layer 3 switching is a marketing term, not scientific or engineering in nature. ... you said layer 3 routing ... Thanks! TJ [EMAIL PROTECTED] -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 7:45 AM To: [EMAIL PROTECTED] Subject: RE: L3 Switching Huh [7:63728] OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. The network: Host A 10.1.1.2 MAC 00.AA Host B 10.1.2.2 MAC 00.BB |10.1.1.1 MAC 01.AA 10.1.2.1 MAC 02.BB| switch A---Router-switch B 10.1.1.0/2410.1.2.0/24 This is an ethernet network. Both segments are connected by a traditional router say a 2500. In this instance the router interfaces are subnet A 10.1.1.1, and subnet B 10.1.2.1 For simplicity, assume ARP cache is empty. Host A wishes to ping Host B End user on Host A enters - ping 10.1.2.2 The IP packet places the source address 10.1.1.2 and the destination address 10.1.2.2 into the packet. The IP protocol examines the IP address and based on the IP address determines this is in another subnet. An ARP request goes out for 10.1.1.1 (default gateway) and the MAC address is found. The DLL then places the source MAC address 00.AA and the destination MAC 01.AA into the frame. The frame then goes out the wire to the destination MAC. The router interface sees this frame as destined for itself. It de-encapsulates the frame removing the MAC addresses. The router then examines the IP address, based on the routing table it knows the destination port. The router leaves the same IP source (10.1.1.2) and destination (10.1.2.2) in the packet. The frame is rebuilt with the new MAC address of source 02.BB and destination 00.BB Host B grabs this packet and does it's thing. Now, if I replace the router with a 6509 switch, with routing, how does the process change? Said 6509 would be equipped with a 10/100 card so that the hosts are now directly connected. The router interface is now a virtual interface, there is no physical interface. Which is another question. How does the 6509 determine this virtual address? Am I correct? Inter VLAN communication cannot occur without a router. Switching is based on MAC address. Routing is based on IP address. I believe the term layer 3 routing is a marketing term, not scientific or engineering in nature. ** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63869t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
Charles, The 6509 switch needs some configuration in the background to create a virtual router. This virtual router has virtual interfaces that would mimic the default gateways IP addresses of the physical 2500 router and therefore pass traffic between the virtual interfaces. The two subnets that you list would be on different VLANs on the switch. It would look like the packets are only going from one interface on the switch to the other and back again, but in reality they are passing through the virtual router created on a route processing piece of software. This would be on a multi-layer switch module or similar. Layer 2 = MAC addresses, layer 3 = IP addresses. To get between IP subnets you need a routing function which is either provided by a physical router or a virtual router which routes between virtual LANs created by software. This is not the definitive answer but hopefully it clears away some of the mud. Cheers, Steve Wilson Network Engineer -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: 26 February 2003 12:45 To: [EMAIL PROTECTED] Subject: RE: L3 Switching Huh [7:63728] OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. The network: Host A 10.1.1.2 MAC 00.AA Host B 10.1.2.2 MAC 00.BB |10.1.1.1 MAC 01.AA 10.1.2.1 MAC 02.BB| switch A---Router-switch B 10.1.1.0/2410.1.2.0/24 This is an ethernet network. Both segments are connected by a traditional router say a 2500. In this instance the router interfaces are subnet A 10.1.1.1, and subnet B 10.1.2.1 For simplicity, assume ARP cache is empty. Host A wishes to ping Host B End user on Host A enters - ping 10.1.2.2 The IP packet places the source address 10.1.1.2 and the destination address 10.1.2.2 into the packet. The IP protocol examines the IP address and based on the IP address determines this is in another subnet. An ARP request goes out for 10.1.1.1 (default gateway) and the MAC address is found. The DLL then places the source MAC address 00.AA and the destination MAC 01.AA into the frame. The frame then goes out the wire to the destination MAC. The router interface sees this frame as destined for itself. It de-encapsulates the frame removing the MAC addresses. The router then examines the IP address, based on the routing table it knows the destination port. The router leaves the same IP source (10.1.1.2) and destination (10.1.2.2) in the packet. The frame is rebuilt with the new MAC address of source 02.BB and destination 00.BB Host B grabs this packet and does it's thing. Now, if I replace the router with a 6509 switch, with routing, how does the process change? Said 6509 would be equipped with a 10/100 card so that the hosts are now directly connected. The router interface is now a virtual interface, there is no physical interface. Which is another question. How does the 6509 determine this virtual address? Am I correct? Inter VLAN communication cannot occur without a router. Switching is based on MAC address. Routing is based on IP address. I believe the term layer 3 routing is a marketing term, not scientific or engineering in nature. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63871t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 7206 adding VIP cards [7:63673]
One of the Pas did in fact work. The tech I had install them saw the console message that said shutting down all interfaces, but it was on the new card! This was a 100Mb card. The 8 port 10Mb card is the one that gives a console message saying that it needs a HW revision to work in the 7206 VXR. Here are the part numbers (nothing on the front of the card) 73-1391-07 REV A0 (on PCB) I guess this needs the HW rev.. J -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 10:11 AM To: Arnold, Jamie Cc: [EMAIL PROTECTED] Subject: Re: 7206 adding VIP cards [7:63673] I ASSume you mean PA's not VIPs ;) What is the part number of the two PA's? Some PA's that play well with VIPs need a differant HW revision in order to work on a 7200. Other than that you should be able to do OIR but it wouldn't be the first time I have seen OIR not work:( Dave Arnold, Jamie wrote: I have a couple of VIP cards from an old 7010 that are (according to Cisco) compatible with a new 7206. One is a single, copper 100Mb card and the other is a 4 port 10Bt card. I am supposed to be able to add them hot to the new 7206, but when I tried this I got the message on the console that all interfaces are being disabledand they were! I didn't wait very long to see if they would come back upon their own, but this does not seem like the expected behavior. Can anyone comment on this? I plan to try again and try to administratively bring the interfaces back up. Thanks in advance. Jamie -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63872t=63673 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
??? IS-IS ??? [7:63875]
Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? Thanks for brain food, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63875t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Backup Site - 152Mbps [7:63866]
wrote in message news:[EMAIL PROTECTED] To build a backup server farm site (22 servers), with maximum requirement of 152Mbps (peak): Economic approach: 3640 with ATM module 3550-48-SMI 3 ATM PVCs, to the major points of the backbone (LS1010 switches and 6509-FlexWan ATM card); each PVC 5 Mbps SCR. Robust and Scalable approach: 6006 with ATM module The peak is considering the maximum rate if all servers were accessed at the same time (based on MRTG daily statistics). Any thoughts? based on my experience, the 3640 may not give you the performance you require. especially if you are using any access-lists, route-maps, QoS. Also, with your peaks at well over 100 meg, you might want to consider a gig interface on the LAN side. a thought - use a dual ethernet router like a 3745 ( twice the performance of the 3640 ) in combination with the switch ( which can easily handle the load ) put your servers into two subnets / vlans and do quasi-load-sharing across those two ethernet interfaces. depends on your traffic requirements. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63873t=63866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? IS-IS ??? [7:63875]
yes it is a routing protocol. it has been around a while. as good a place as any to start is Radia Perlman's Interconnections book. Cisco's web site has some resources: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c /ipcprt2/1cdisis.htm Doyle's book is OK. Steven Aiello wrote in message news:[EMAIL PROTECTED] Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? Thanks for brain food, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63876t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cannot ping ospf routes from a rip router? [7:63864]
Cisco Nuts wrote in message news:[EMAIL PROTECTED] Hello, I have 3 routers setup, running ospf and rip ver 1 with 2 way redistribution on the middle router.The ospf routers have loopbacks as 10.8.8.8/24 and 10.9.9.9/24The rip router has a loopback of 10.2.2.2/24.The middle router running rip has networks 10 and netw 120 defined.I cannot ping 10.9.9.9 or 10.8.8.8 from the rip routerWithout configuring static routes, how can I ping these networks?Thank you for your help.Sincerely,CN Config. on the middle router running both rip and ospf:R1-E#rbr router ospf 999 log-adjacency-changes redistribute connected subnets redistribute rip subnets network 120.20.30.0 0.0.0.255 area 0 network 120.20.40.0 0.0.0.255 area 0 ! router rip redistribute connected metric 2 redistribute ospf 999 metric 2 network 10.0.0.0 network 120.0.0.0 From the rip router:R2-B#r C192.168.10.0/24 is directly connected, Ethernet0 10.0.0.0/24 is subnetted, 1 subnets C 10.2.2.0 is directly connected, Loopback0 120.0.0.0/24 is subnetted, 3 subnets R 120.20.40.0 [120/1] via 120.20.20.2, 00:00:14, Serial0 R 120.20.30.0 [120/1] via 120.20.20.2, 00:00:14, Serial0 C 120.20.20.0 is directly connected, Serial0 R2-B#ping 10.9.9.9Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.9.9.9, timeout is 2 seconds: . Success rate is 0 percent (0/5) R2-B# Any ideas?? I don't see any OSPF routes anywhere. The redistribution router should have the OSPF routes 10.8.8.8/24 and 10.9.9.9/24, in addition to the RIP routes you are showing. check the OSPF config between the redistribution router and the OSPF router. MSN 8 helps ELIMINATE E-MAIL VIRUSES. Get 2 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63877t=63864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: The CCNP BSIN ( I Think Exam ) [7:63749]
There are two Cisco Press books that cover Semester Five. CCNP Cisco Networking Academy Program: Semester Five Lab Companion ISBN 1578702348 Semester Five Companion Guide Advanced Routing ISBN 1587130114 -Original Message- From: Kaminski, Shawn G [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 8:59 PM To: [EMAIL PROTECTED] Subject: RE: The CCNP BSIN ( I Think Exam ) [7:63749] Where could someone get the Cisco Academy Semester 5 - Advanced Routing materials? I'm curious as to what their labs are like. Shawn K. -Original Message- From: Mark Smith [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 2:39 PM To: [EMAIL PROTECTED] Subject: RE: The CCNP BSIN ( I Think Exam ) [7:63749] It's the BSCI (Building Scalable Cisco Internetworks) exam - 640-901. I took it about three weeks ago. It was tough for me but then I don't get as much real-world hands on experience with routing protocols and such as I'd like. For info check here: http://www.cisco.com/warp/public/10/wwtraining/certprog/testin g/current_exam s/640-901.html There is a new book out for the BSCI test http://www.ciscopress.com/catalog/product.asp?product_id={E9CB CDAF-77DF-468E -B2F6-C902C0B78D6F} but I used the old for the the BSCN test and the info from here at Cisco on IS-IS: http://www.ciscopress.com/content/images/1578702283/downloads/ 2283newchap2.p df?session_id={191E20FE-35FE-420B-94D2-D7BAA31347FC} and it worked out OK for me. I had 57 questions. Passing score was 700 out of 1000. I passed but I ain't bragging about my score. Strange as it might sound, most of my routing test was on routing protocols. It was very pretty evenly spread between OSPF, BGP and IS-IS. Know them. Really know IS-IS. Probably 20% of my test was on IS-IS. I was told to expect 3 or 4 questions max on it but I had a lot more on mine. Understand CLNP and CLNS. Had some questions on VLSM, redistributing and optimizing routes, RIP2, EIGRP too - basically everything in the BSCN book and from the pdf above. If you have access to a real lab or have one of your own (thank you, eBay) you will be way ahead of the game. If you do, get the Cisco Academy Semester 5 - Advanced Routing - info and do all the labs in there. If you can't actually do them then study them. Don't know anything about the router sims available. They may be a decent alternative to having access to routers. Someone else may be able to speak to that. Get familiar with the commands to accomplish tasks within the individual protocols. There's a lot of memorization in this test. It covers a lot of ground. And my test covered a lot of some of it and a little of all of the rest of it. Only surprise I had was how much IS-IS was on the test. Boson, Fravo and TestKing make some decent practice tests too. Any one of them would probably do as they're all pretty similar. Good luck. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Steven Aiello Sent: Tuesday, February 25, 2003 11:23 AM To: [EMAIL PROTECTED] Subject: The CCNP BSIN ( I Think Exam ) [7:63749] I have been readibng through the boards and from what I've seen the new CCNP Routing exam seems to be a bear. This is the next test I am studying for. Any one out there that have passed the test, that can give me a generally study out line? Also what books or test prep did you use. You guys ( and ladies ) are all great, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63874t=63749 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Backup Site - 152Mbps [7:63866]
I'm never a big fan of having backup sites that lie active | standby! You may want to look at getting a CSS and doing GSLB (Global Server Load Balancing!) Anyway, back to your question ...How much of the traffic is local ? You say that you have a peak of 152MB's, but you will only have 3 x 5MB PVC's coming into the server farm? Do you have a lot of traffic between the servers ?? If not a 3620 would even be sufficient, with ATM interface and FE interface. It also depends on how much reslience you would like in this backup site? . I have a similar scenario, where I make use of a 3620, with 100FX, and 100TX interfaces, going to a 3548G-L3, and fom there into server / user vlans etc! Cheers Troy The Long and Winding Road wrote: wrote in message news:[EMAIL PROTECTED] To build a backup server farm site (22 servers), with maximum requirement of 152Mbps (peak): Economic approach: 3640 with ATM module 3550-48-SMI 3 ATM PVCs, to the major points of the backbone (LS1010 switches and 6509-FlexWan ATM card); each PVC 5 Mbps SCR. Robust and Scalable approach: 6006 with ATM module The peak is considering the maximum rate if all servers were accessed at the same time (based on MRTG daily statistics). Any thoughts? based on my experience, the 3640 may not give you the performance you require. especially if you are using any access-lists, route-maps, QoS. Also, with your peaks at well over 100 meg, you might want to consider a gig interface on the LAN side. a thought - use a dual ethernet router like a 3745 ( twice the performance of the 3640 ) in combination with the switch ( which can easily handle the load ) put your servers into two subnets / vlans and do quasi-load-sharing across those two ethernet interfaces. depends on your traffic requirements. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63878t=63866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: REdistrubution - Two way [7:63827]
At 5:14 AM + 2/26/03, Metla Venu Gopal wrote: Its on a real life scenario implementing MPLS Dont you thins there will be any kinda of problems when you redistrubute RIP V2 stuff in BGP and again redistribute the same into RIP. Doesnt that cause any problem taking into consideration the amount of routing table and the process and other issues. thanks venu Could you explain the topology? It's usually very rare to need to redistribute other than the default out of BGP, at least in any plausible scenario where RIP could be making useful contributions. I'd be very worried, due to convergence time characteristics, of using RIP with MPLS. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63880t=63827 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffer Software [7:63796]
Thank for getting back to me, okay this is what I am seeing: NetXray and Sniffer Pro work fine in 98, but when I try to load them onto a coupter running XP, it stops the install dead in its tracks and tell me to get an XP verision of the software. = = = Original message = = = Works fine for me. What is the issue you are having? - Original Message - From: PacketEXPERTS To: Sent: Wednesday, February 26, 2003 7:39 AM Subject: Sniffer Software [7:63796] Have anyone gotten NetXray 3.0 or Sniffer Pro 4.5 to work with XP. Thanks ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ [EMAIL PROTECTED] ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63881t=63796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
At 12:45 PM + 2/26/03, DeVoe, Charles (PKI) wrote: OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. No, it's not you. It's that Cisco marketing (in fairness, in response to competitive marketdroids then at Cabletron, Synoptics, etc.) doesn't care to apply a knowledge of this model and likes the industry flavor of switch fast router slow. Relay destination lookup time simply is not a major problem in router design. At one point, it was, but as router implementers started using faster lookup approaches, the lookup time pales into insignificance compared to things like traffic shaping/policing, accounting, etc. Abraham Lincoln once said, If you call a horse's tail a leg, how many legs does a horse have? The audience mumbled five, and he replied No. Calling a tail a leg does not make it one. Calling a nonspecific family of routing implementation techniques L3 switching doesn't make them anything other than routing. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63882t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DOES MED TRAVEL IN I-BGP?? [7:63884]
Hello folks, I have a question for you about MED. Suppose the following lab: ROUTER A ROUTER B ROUTER C ___ Yahoo! Msviles Personaliza tu msvil con tu logo y melodma favorito en http://moviles.yahoo.es Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63884t=63884 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 7206 adding VIP cards [7:63673]
Jamie wrote: The 8 port 10Mb card is the one that gives a console message saying that it needs a HW revision to work in the 7206 VXR. The PAs have compatible issues with 7200VXR. Only the PAs those said VXR compatible work on 7200VXR. The older's work on 7K, 75xx, or c5rsm only. There are good sources at cisco.com tu do. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63883t=63673 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX [7:63885]
Hello group, This is what I have in my PIX log. The 64.74.xx.xx is a VPN gateway that has an interface on the outside and an interface on the inside. The outside IP is the 64.74.xx.xx and the inside has a 172.xx.xx.xx address. The 24.46.xx.xx is a user trying to connect to the gateway. The traffic should not be hitting the PIX at all since the 64.74.xx.xx address is in front of the PIX. Any ideas? 02-26-2003 09:08:26 Local.Error 172.30.136.140 %PIX-3-106011: Deny inbound (No xlate) udp src outside:64.74.32.227/2233 dst outside:24.46.208.95/2233 02-26-2003 09:08:27 Local4.Error 172.30.136.140 %PIX-3-106011: Deny inbound (No xlate) udp src outside:64.74.32.227/2233 dst outside:24.46.208.95/2233 02-26-2003 09:08:29 Local4.Error 172.30.136.140 %PIX-3-106011: Deny inbound (No xlate) udp src outside:64.74.32.227/2233 dst outside:24.46.208.95/2233 02-26-2003 09:08:33 Local4.Error 172.30.136.140 %PIX-3-106011: Deny inbound (No xlate) udp src outside:64.74.32.227/2233 dst outside:217.34.254.243/2233 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63885t=63885 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Scheduling Timed FTP [7:63886]
We wish to occasionally have a router perform a large FTP download. The router needs to have a low priority applied to this transfer in order to not cause outage to other time sensitive applications that are running concurrently. Obviously we can configure priority queuing or some such similar traffic shaping methodology. However we want to have this scheduled by some sort of timer. I cant think of an IOS based way of doing this but are there any apps or add-ons (Cisco works ?) that could handle the timing side of this problem ? Thanks in advance. Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63886t=63886 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 7204 and 7206 Router Expansion [7:63856]
so far as I know, the router remains operational if you exceed bandwidth points. However, if you have performance problems, Cisco will not support you. You are correct as I have run a 7206 beyond the recommended points, you just have to ignore the error messages and not cry to Cisco if you have issues!! Dave David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63888t=63856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Wildcard Masking on the BSIN Exam [7:63887]
Any one know if they cover wild card masking in depth on the BSIN Exam? Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63887t=63887 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 7204 and 7206 Router Expansion [7:63856]
MADMAN wrote: You are correct as I have run a 7206 beyond the recommended points, you just have to ignore the error messages and not cry to Cisco if you have issues!! Same here. Those 'points' are just guidelines; all that happens if you go over them, is that you run the risk of *potentially* oversubscribing the backplane. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63889t=63856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ??? IS-IS ??? [7:63875]
Check Jeff Doyle's Routing TCP/IP vol I. It has some good information on IS-IS. IS-IS is a link state routing protocol that is very popular with large ISPs. I'm actually a big fan. OSPF is great too though, don't get me wrong. You can also learn more about how ISPs use it at www.nanog.org. Look under I in their presentation topics. -Original Message- From: Steven Aiello [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 9:39 AM To: [EMAIL PROTECTED] Subject: ??? IS-IS ??? [7:63875] Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? Thanks for brain food, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63890t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX question [7:63892]
does someone know what the equivalent of clear counters is on the PIX? i don't know why, but i can't find a thing... thanks, ed Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63892t=63892 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? IS-IS ??? [7:63875]
At 3:38 PM + 2/26/03, Steven Aiello wrote: Hello All, I'm wondering was IS-IS is. No pun intended. Don't be scared of punning in this context. A T-shirt frequently seen at IETF (home of OSPF) meetings read: IS - IS = 0 Both ISIS and OSPF are link state routing protocols, with many high-level similarities and many low-level different assumptions. In general, OSPF is less processor efficient, but gives more traffic control than basic ISIS and tends to be more attractive in enterprises. ISIS gives more stable simple networks and often is more attractive for service providers. A lot of this has historical and political flavor. Both protocols are standard and work well, but have tended to become optimized for different environments--although you could certainly run ISIS in an enterprise and OSPF as an ISP IGP. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Actually, it's slightly older than OSPF, having evolved from the routing protocol in DECnet Phase V, and then the OSI protocol (as distinct from model) world. OSPF started out in the IP world. Again, these are more historical differences than anything else -- OSI protocols are rarely if ever used, although the good features of them have been incorporated into IP protocols. IPv6 is much more OSI-ish than IPv4. Or does someone know where I can find a good over view? Thanks for brain food, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63893t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
At 3:18 PM + 2/26/03, Steve Wilson wrote: Charles, The 6509 switch needs some configuration in the background to create a virtual router. A bit of a heads-up on this term. It's conceptually useful, but be aware that virtual router was considered to be an alternate VPN model to RFC 2547, generally promoted by Nortel and Lucent. There have been LOTS of IETF arguments about the term. I didn't make myself popular at one meeting by mentioning we sure can't define virtual router, but it's nice we have a virtual router redundancy protocol (VRRP is the standards track equivalent to HSRP). I was severely corrected that I needed to distinguish between virtual router and virtual router, depending on whether the emphasis was on virtual or router. In HSRP/VRRP, the virtual router refers to a single conceptual router seen by hosts, but is actually implemented across multiple platforms. The VPN people thought of virtual routers as multiple independent routing (control and forwarding) logical instances on the same platform. VRF is not quite the same concept, as it assumes more shared knowledge between routing instances than does a VR VPN. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63891t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2950 telnet access is lost after vlans [7:63789]
Ugh. I was hoping there would be something obvious. I already have what you suggest - a router on a stick configuration with the vlans combined in an 802.1Q trunk to the router. Here's a picture: |--| |--| | oreilly.net |--|vlan5 | |--| | | | | |--| | | | colophon.net |--|vlan6s| |--| | 2 w| 802.1Q| one interface | 9 i|| router-on-a-stick |--| | 5 t| vlan5-8 | ix86 running linux | zoo.net |--|vlan8 0 c| |--| | h| | | |--| | | | safari.net |--|vlan7 | |--| |--| | - 3600 router loopback address 10.0.0.5 - | | | big network cloud I would like to be able to telnet from any of the networks to maintain the switch, but can't. 10.0.0.6 is the address of the switch, and it is currently assigned to vlan 7. The 3600 router has 10.0.0.6 in its routing table as a directly connected address. The linux router has the four local networks in its routing table, with the 3600 router as the default router. The linux router-on-a-stick can ping 10.0.0.6, presumably because it sends the packet to its default router, the 3600, which then routes the packet back to the switch. The 3600 can also ping 10.0.0.6, as expected. However, when a box on oreilly.net pings 10.0.0.6, a sniffer sees the ping on the vlan5 line, but another sniffer sees nothing on the 802.1Q trunk wire and, of course, the ping is not successful. On the other hand, when a box on oreilly.net pings 10.0.0.5, it does so successfully. Wierd. I've also tried putting 10.0.0.6 in the linux router's table, with no apparent change in behavior. Presumably, the linux router sends packets directly to the switch instead of making one hop through the 3600, but pings still don't get from oreilly.net to the switch. Anyone know why the switch isn't forwarding 10.0.0.6 packets to the linux router? DeVoe, Charles (PKI wrote: You will need routing between the VLANs. If this is done via the uplink you will also need to do some trunking. Hope this helps. -Original Message- From: J. Johnson [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 5:06 PM To: [EMAIL PROTECTED] Subject: 2950 telnet access is lost after vlans [7:63789] I've lost some telnet access to my 2950 after implementing vlans. Before - Address 10.0.0.6 was available on vlan 1, which was the default vlan for all ports. telnet was possible into the switch from machines connected to any port. After - Created several vlans (5, 6, 7, and 8) and split the ports among them. Now when I do: switch(config)#interface vlan 5 switch(config-if)#ip address 10.0.0.6 255.255.255.0 switch(config-if)#no shutdown the vlan interface that was previously up shuts down and only boxes connected to the ports in vlan 5 are able to telnet into the switch. Is there a way to allow boxes on ports assigned to other vlans to telnet into the switch at 10.0.0.6? James Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63894t=63789 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 7206 adding VIP cards [7:63673]
Can you plug the PA back into the VIP card and do a sh diag? I have a PA-8T, (this is what I'm assuming you have), in a 7206VXR that works. It is HW version 1.14 and the router is running 12.2.4T: Slot 5: Ethernet Port adapter, 8 ports Port adapter is analyzed Port adapter insertion time 01:17:17 ago EEPROM contents at hardware discovery: Hardware revision 1.14 Board revision A0 Serial number 2018792 Part number73-1391-08 Test history 0x7 RMA number 09-36-79 EEPROM format version 1 EEPROM contents (hex): 0x20: 01 01 01 0E 00 1E CD E8 49 05 6F 08 07 09 24 4F 0x30: 50 00 00 00 FF FF FF FF FF FF FF FF FF FF FF FF Arnold, Jamie wrote: One of the Pas did in fact work. The tech I had install them saw the console message that said shutting down all interfaces, but it was on the new card! This was a 100Mb card. The 8 port 10Mb card is the one that gives a console message saying that it needs a HW revision to work in the 7206 VXR. Here are the part numbers (nothing on the front of the card) 73-1391-07 REV A0 (on PCB) I guess this needs the HW rev.. J -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 10:11 AM To: Arnold, Jamie Cc: [EMAIL PROTECTED] Subject: Re: 7206 adding VIP cards [7:63673] I ASSume you mean PA's not VIPs ;) What is the part number of the two PA's? Some PA's that play well with VIPs need a differant HW revision in order to work on a 7200. Other than that you should be able to do OIR but it wouldn't be the first time I have seen OIR not work:( Dave Arnold, Jamie wrote: I have a couple of VIP cards from an old 7010 that are (according to Cisco) compatible with a new 7206. One is a single, copper 100Mb card and the other is a 4 port 10Bt card. I am supposed to be able to add them hot to the new 7206, but when I tried this I got the message on the console that all interfaces are being disabledand they were! I didn't wait very long to see if they would come back upon their own, but this does not seem like the expected behavior. Can anyone comment on this? I plan to try again and try to administratively bring the interfaces back up. Thanks in advance. Jamie -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63895t=63673 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 7206 adding VIP cards [7:63673]
MADMAN wrote: Can you plug the PA back into the VIP card and do a sh diag? I have a PA-8T, (this is what I'm assuming you have), in a 7206VXR that works. It is HW version 1.14 and the router is running 12.2.4T: 1.14 is the minimum PA-8E HW revision supported in the VXR, according to http://www.cisco.com/en/US/products/hw/routers/ps341/products_field_notice09186a00800941fa.shtml Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63896t=63673 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer Software [7:63796]
Thanks for the heads-up, it took me like an hour to find the software, like no one had it, finally I found it at: http://omis3.omis.niu.edu/download/SECURITY/ then look for NGSSniff.exe I did not really get the fix that I was looking for, but I guess that this work around should work. Thank = = = Original message = = = Or NGSSniff..also free and works without a driver. -Original Message- From: Troy Leliard [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 3:20 AM To: [EMAIL PROTECTED] Subject: RE: Sniffer Software [7:63796] Why not try ethereal .. its free!! PacketEXPERTS wrote: Have anyone gotten NetXray 3.0 or Sniffer Pro 4.5 to work with XP. Thanks ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ [EMAIL PROTECTED] ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63898t=63796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? IS-IS ??? [7:63875]
Steve, Yes, it is a routing protocol and has just recently been added to the new BSCI (was BSCN) exam. Unfortunately, the folks that make the decisions about what's added to the certification exams didn't give the Academy folks any lead time to change our Advanced Routing curriculum. We should have a new curriculum (hopefully) with IS-IS by the Fall of this year. You can go to www.ciscopress.com and download the chapter on IS-IS from the new BSCI book they are releasing. At least you could a month or so ago. Also, search on CCO for IS-IS and you should get a lot of information about it. HTH, Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy Cunctando restituit rem Steven Aiello wrote: Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? Thanks for brain food, Steve [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63899t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cannot see Rip routes with route-tagging - Why? [7:63900]
Hello,I have R6, R5 and R4 running rip ver 2, network 178.1.10.0 subnetsR5, R4 and R2 running eigrp 2 network 181.16.2.0 subnets.R5 and R4 had mutual redistribution setup using route tagging.R6 correctly sees the eigrp redistributed routes but R2 is NOT seeing any rip redistributed routes. Any help is appreciated. Config. on R5 (ditto config on R4)R5#rbr router eigrp 2 redistribute rip metric 1 1 1 1 1 route-map r2e network 181.16.2.8 0.0.0.3 no auto-summary no eigrp log-neighbor-changes ! router rip version 2 redistribute eigrp 2 metric 2 route-map e2r network 172.31.0.0 network 178.1.0.0 no auto-summary route-map e2r deny 10 match tag 77 ! route-map e2r permit 20 set tag 88 ! route-map r2e deny 10 match tag 88 ! route-map r2e permit 20 set tag 77 Routing table on R2 ( Does not show any Rip routes)R2#r 181.16.0.0/30 is subnetted, 4 subnets C 181.16.2.4 is directly connected, Serial1 C 181.16.2.0 is directly connected, Ethernet0 D 181.16.2.12 [90/679936] via 181.16.2.6, 00:40:47, Serial1 C 181.16.2.8 is directly connected, Serial0.234 Config:R2#rbr router eigrp 2 network 181.16.2.0 0.0.0.3 network 181.16.2.4 0.0.0.3 network 181.16.2.8 0.0.0.3 no auto-summary no eigrp log-neighbor-changes R2 and R5 running FR with ip split-horizon enabled on. Add photos to your e-mail with MSN 8. Get 2 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63900t=63900 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cannot see Rip routes with route-tagging - Config on R6 [7:63901]
Hello,Here is the config on R6 the Rip router receiving the redistributed Eigrp routes: R6#r 178.1.0.0/30 is subnetted, 2 subnets C 178.1.10.0 is directly connected, TokenRing0 C 178.1.10.4 is directly connected, Ethernet0 C192.168.1.0/24 is directly connected, Serial1 181.16.0.0/30 is subnetted, 4 subnets R 181.16.2.4 [120/2] via 178.1.10.5, 00:00:00, Ethernet0 [120/2] via 178.1.10.1, 00:00:06, TokenRing0 R 181.16.2.0 [120/2] via 178.1.10.5, 00:00:00, Ethernet0 [120/2] via 178.1.10.1, 00:00:06, TokenRing0 R 181.16.2.12 [120/2] via 178.1.10.5, 00:00:01, Ethernet0 [120/2] via 178.1.10.1, 00:00:07, TokenRing0 R 181.16.2.8 [120/2] via 178.1.10.5, 00:00:01, Ethernet0 [120/2] via 178.1.10.1, 00:00:07, TokenRing0 R6#ping 181.16.2.10Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 181.16.2.10, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/17/36 ms R6#ping 181.16.2.2Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 181.16.2.2, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/24/40 ms R6#ping 181.16.2.1Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 181.16.2.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/30/64 ms R6#ping 181.16.2.9Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 181.16.2.9, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 8/30/64 ms R6#ping 181.16.2.13Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 181.16.2.13, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 36/69/96 ms R6# Why can't it be the same on R2 the Eigrp router?Thank you for all your help.Sincerely,CN Tired of spam? Get advanced junk mail protection with MSN 8. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63901t=63901 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Practice Labs [7:63902]
Hey there. I have access to a 65xx,55xx and another layer2. I wish to try my hands on sample labs and practice some stuff. I have already done things like end-to-end vlans. What else can I try. Thanks Sam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63902t=63902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
TCP window size - Additive Increase - Slow Start [7:63904]
I am looking at TCP4s Flow Control mechanism. I have found Additive Increase/multiplicative decrease and slow start explanation. What I am looking for is how TCP/IP on our servers behavior when congestion occurs related with the window size. Any Thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63904t=63904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DOES MED TRAVEL IN I-BGP?? [7:63884]
BEST way is to test it out and check the BGPP table. Please note you have several options when dealing with MED attribute. Check the command reference for the 12.2 to see the features. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ciscoGo2002 Sent: Wednesday, February 26, 2003 11:57 AM To: [EMAIL PROTECTED] Subject: DOES MED TRAVEL IN I-BGP?? [7:63884] Hello folks, I have a question for you about MED. Suppose the following lab: ROUTER A ROUTER B ROUTER C ___ Yahoo! Msviles Personaliza tu msvil con tu logo y melodma favorito en http://moviles.yahoo.es Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63907t=63884 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Found Chuck Semeria's IP addressing Paper [7:63906]
For a number of years there was a paper on IP addressing by Chuck Semeria on the 3Com web site. It is no longer there. Just found it on the NANOG site. 63 page pdf. www.nanog.org/isp.html Scroll down to CIDR. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63906t=63906 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffer Software [7:63796]
Ethereal works fine under XP. Rick On Wed, 26 Feb 2003, PacketEXPERTS wrote: Thank for getting back to me, okay this is what I am seeing: NetXray and Sniffer Pro work fine in 98, but when I try to load them onto a coupter running XP, it stops the install dead in its tracks and tell me to get an XP verision of the software. = = = Original message = = = Works fine for me. What is the issue you are having? - Original Message - From: PacketEXPERTS To: Sent: Wednesday, February 26, 2003 7:39 AM Subject: Sniffer Software [7:63796] Have anyone gotten NetXray 3.0 or Sniffer Pro 4.5 to work with XP. Thanks ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ [EMAIL PROTECTED] ___ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63909t=63796 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Practice Labs [7:63902]
Check out www.fatkid.com They have FREE practice labs you can try on your home lab. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.ccbootcamp.com (cisco training) Sam wrote in message news:[EMAIL PROTECTED] Hey there. I have access to a 65xx,55xx and another layer2. I wish to try my hands on sample labs and practice some stuff. I have already done things like end-to-end vlans. What else can I try. Thanks Sam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63905t=63902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Port level / VLAN level bandwidth limit [7:63910]
Does anybody got an idea to control bandwidth on Port level / on VLAN basis on Cat 2912 / Cat 2924 switches running 12.0 IOS. I would like to limit the bandwidth to each PCs in varying limits (Say 128K, 256K, 512K etc). Controlling on the basis of IP address will not solve my problem. If there is a way to set maximum bandwidth on the port / VLAN basis it would be good. Thanks RK __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63910t=63910 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IPSEC question [7:63903]
Hi, Just to confirm, does the PIX support TED ? Regards, BF Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63903t=63903 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Practice Labs [7:63902]
mac address security vlan trunking aux vlans private vlans vacls telnet security bpdu guard root guard port fast Larry Letterman Network Engineer Cisco Systems - Original Message - From: Sam To: Sent: Wednesday, February 26, 2003 12:01 PM Subject: Practice Labs [7:63902] Hey there. I have access to a 65xx,55xx and another layer2. I wish to try my hands on sample labs and practice some stuff. I have already done things like end-to-end vlans. What else can I try. Thanks Sam [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63911t=63902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2950 telnet access is lost after vlans [7:63789]
J. Johnson wrote: Ugh. I was hoping there would be something obvious. I already have what you suggest - a router on a stick configuration with the vlans combined in an 802.1Q trunk to the router. Here's a picture: The picture got a bit munged. I think I understand it, though. The router-on-a stick is the Linux box and it's supposed to be on the right side of the drawing? What do you mean by ix86? It's not a 486 machine is it? Ugh. :-) |--| |--| | oreilly.net |--|vlan5 | |--| | | | | |--| | | | colophon.net |--|vlan6s| |--| | 2 w| 802.1Q| one interface | 9 i|| router-on-a-stick |--| | 5 t| vlan5-8 | ix86 running linux | zoo.net |--|vlan8 0 c| |--| | h| | | |--| | | | safari.net |--|vlan7 | |--| |--| | - 3600 router loopback address 10.0.0.5 - | | | big network cloud I would like to be able to telnet from any of the networks to maintain the switch, but can't. 10.0.0.6 is the address of the switch, and it is currently assigned to vlan 7. The 3600 router has 10.0.0.6 in its routing table as a directly connected address. The linux router has the four local networks in its routing table, with the 3600 router as the default router. The linux router-on-a-stick can ping 10.0.0.6, presumably because it sends the packet to its default router, the 3600, which then routes the packet back to the switch. The 3600 can also ping 10.0.0.6, as expected. However, when a box on oreilly.net pings 10.0.0.6, a sniffer sees the ping on the vlan5 line, What is the MAC destination address in these pings from the oreilly.net box? What is the box on oreilly.net using for its default gateway? It sounds like it should be using the Linux router-on-a-stick. Maybe it's not? I hate to say it, but to debug the problem we would have to see the config of the Linus router-on-a-stick too. You say it's doing 802.1Q? I didn't know it could do that. :-) Are you sure it's a stable and standard implementation? Does it have subinterfaces like a real router would have and an address on all the subnets? Is the Linux box running a firewall that could be blocking traffic? Does the Linux box have some troubleshooting tools you could use to see what traffic it's handling?? but another sniffer sees nothing on the 802.1Q trunk wire and, of course, the ping is not successful. On the other hand, when a box on oreilly.net pings 10.0.0.5, it does so successfully. Wierd. Is that its own subnet, though? That you might expect to work. Well, good luck with the puzzle. Let us know what else you find out. Thanks. Priscilla I've also tried putting 10.0.0.6 in the linux router's table, with no apparent change in behavior. Presumably, the linux router sends packets directly to the switch instead of making one hop through the 3600, but pings still don't get from oreilly.net to the switch. Anyone know why the switch isn't forwarding 10.0.0.6 packets to the linux router? DeVoe, Charles (PKI wrote: You will need routing between the VLANs. If this is done via the uplink you will also need to do some trunking. Hope this helps. -Original Message- From: J. Johnson [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 5:06 PM To: [EMAIL PROTECTED] Subject: 2950 telnet access is lost after vlans [7:63789] I've lost some telnet access to my 2950 after implementing vlans. Before - Address 10.0.0.6 was available on vlan 1, which was the default vlan for all ports. telnet was possible into the switch from machines connected to any port. After - Created several vlans (5, 6, 7, and 8) and split the ports among them. Now when I do: switch(config)#interface vlan 5 switch(config-if)#ip address 10.0.0.6 255.255.255.0 switch(config-if)#no shutdown the vlan interface that was previously up shuts down and only boxes connected to the ports in vlan 5 are able to telnet into the switch. Is there a way to allow boxes on ports assigned to other vlans to telnet into the switch at 10.0.0.6? James Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63912t=63789 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? IS-IS ??? [7:63875]
It is a routing protocol similar to OSPF in some ways. Check out links for IS-IS at www.ccie4u.com/study_guide.htm Thanks, Ian On 26 Feb 2003 at 15:38, Steven Aiello wrote: Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? Thanks for brain food, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63914t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? IS-IS ??? [7:63875]
Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? That reminds me of a famous quote from a couple of years ago: That depends on what your definition of IS-IS. Okay, I modified it slightly :-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63913t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
DeVoe, Charles (PKI) wrote: OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. It sounds like you got it. Don't worry about the terminology so much. You got the concepts and that's what's important. See a few more comments below. The network: Host A 10.1.1.2 MAC 00.AA Host B 10.1.2.2 MAC 00.BB |10.1.1.1 MAC 01.AA 10.1.2.1 MAC 02.BB| switch A---Router-switch B 10.1.1.0/2410.1.2.0/24 This is an ethernet network. Both segments are connected by a traditional router say a 2500. In this instance the router interfaces are subnet A 10.1.1.1, and subnet B 10.1.2.1 For simplicity, assume ARP cache is empty. Host A wishes to ping Host B End user on Host A enters - ping 10.1.2.2 The IP packet places the source address 10.1.1.2 and the destination address 10.1.2.2 into the packet. The IP protocol examines the IP address and based on the IP address determines this is in another subnet. An ARP request goes out for 10.1.1.1 (default gateway) and the MAC address is found. The DLL then places the source MAC address 00.AA and the destination MAC 01.AA into the frame. The frame then goes out the wire to the destination MAC. The router interface sees this frame as destined for itself. It de-encapsulates the frame removing the MAC addresses. The router then examines the IP address, based on the routing table it knows the destination port. The router leaves the same IP source (10.1.1.2) and destination (10.1.2.2) in the packet. The frame is rebuilt with the new MAC address of source 02.BB and destination 00.BB Host B grabs this packet and does it's thing. Now, if I replace the router with a 6509 switch, with routing, how does the process change? The process is logically the same. I'm not familiar enough with the architecture of the 6509 switch to provide the details, but it looks like others have, so that's good. The important thing is that you understand the traffic flow and what goes in the address fields in the packets. That's great. There are senior network admins that don't get that. Seriously. The CCIE written tests this sort of thing and every so often we get clueless questions about it from people who think they are going to jump right into CCIE as long as we force-feed them the fundamentals. You are doing the right thing by getting down the fundamentals while still studying for CCNA. Said 6509 would be equipped with a 10/100 card so that the hosts are now directly connected. The router interface is now a virtual interface, there is no physical interface. Which is another question. How does the 6509 determine this virtual address? Am I correct? Inter VLAN communication cannot occur without a router. Yes. Switching is based on MAC address. Routing is based on IP address. The word switching is used in a more generic way too and has been for hundreds of years. Switching means forwarding, relaying, routing. Please do not insist that it only happens at L2, despite what the stupid books say. As I have already said, it's not true that it's just a marketing term. It is a good engineering term that the marketing people stole. Train tracks have equipment that switches trains. Telephone equipment switches voice conversations. Electrical devices switch current. An internetworking device switches digital data. For years, Cisco tried to get people to see the same thing that Howard is still trying to get people to see, which is that there are two sets of tasks: one related to learning paths to destinations and one related to forwarding data. For years Cisco called this second path switching. I say this just in the hopes that you will see that even Cisco has used the term switching to mean forwarding, long before L2 switches existed or before marketing people made up the L3 switch term. Priscilla I believe the term layer 3 routing is a marketing term, not scientific or engineering in nature. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63915t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RPC Endpoint Mapper [7:63916]
Anyone know of a good resource on RPC endpoint mapper? I trying to find where in the packet the server tells the client which [new] port to come back on. Using a sniffer, but I cant seem to nail down where in the payload the future port is passed to the client. a google search of rpc endpoint mapper sniffer has resulted in a lot of conversations about how RPC works, but not at the packet level :( don't mind RTFMing...but so far I can't find a good URL at least the FTP protocol states which port :) Thanks, TroyC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63916t=63916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
Evans, TJ (BearingPoint) wrote: That all looks pretty good ... On the MSFC/RSM - do a show interface: (edited for length) Vlan8 is up, line protocol is up Hardware is Cat6k RP Virtual Ethernet, address is 00d0.d335.6614 Vlan9 is up, line protocol is up Hardware is Cat6k RP Virtual Ethernet, address is 00d0.d335.6614 So ... each 'router interface' has a MAC. The fact that it is the same is irrelevant as they are on different network/logical segments on different broadcast domains. So the frame comes in with a destination mac of 00d0.d335.6614, and when forwarded will leave with a source mac of 00d0.d335.6614 (same) And that's exactly what would happen if you did the inter-VLAN routing on a router too, using subinterfaces for each VLAN/ IP subnet. :-) And, if it were a high-end router, it could do this at wire speed and would have a RIB and FIB, just like someone else described for the 6500. The 7500 router has had that sort of architecture for years, if I'm not mistaken. Howard has given us lots of examples of other high-end routers that have this sort of architecture. Of course, these high-end routers are probably way more expensive than the so-called L3 switch and probably have all sorts of features that you might not need in a campus network. So, we're back to the first answer. The difference between a router and a L3 switch is marketing. Also economics. Sorry, I just had to play devil's advocate. What a shame that Cisco has mangled this so much in their intro training materials. Priscilla ... Does that help? Oh - and I think you meant to say layer 3 switching is a marketing term, not scientific or engineering in nature. ... you said layer 3 routing ... Thanks! TJ [EMAIL PROTECTED] -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 7:45 AM To: [EMAIL PROTECTED] Subject: RE: L3 Switching Huh [7:63728] OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. The network: Host A 10.1.1.2 MAC 00.AA Host B 10.1.2.2 MAC 00.BB |10.1.1.1 MAC 01.AA 10.1.2.1 MAC 02.BB| switch A---Router-switch B 10.1.1.0/2410.1.2.0/24 This is an ethernet network. Both segments are connected by a traditional router say a 2500. In this instance the router interfaces are subnet A 10.1.1.1, and subnet B 10.1.2.1 For simplicity, assume ARP cache is empty. Host A wishes to ping Host B End user on Host A enters - ping 10.1.2.2 The IP packet places the source address 10.1.1.2 and the destination address 10.1.2.2 into the packet. The IP protocol examines the IP address and based on the IP address determines this is in another subnet. An ARP request goes out for 10.1.1.1 (default gateway) and the MAC address is found. The DLL then places the source MAC address 00.AA and the destination MAC 01.AA into the frame. The frame then goes out the wire to the destination MAC. The router interface sees this frame as destined for itself. It de-encapsulates the frame removing the MAC addresses. The router then examines the IP address, based on the routing table it knows the destination port. The router leaves the same IP source (10.1.1.2) and destination (10.1.2.2) in the packet. The frame is rebuilt with the new MAC address of source 02.BB and destination 00.BB Host B grabs this packet and does it's thing. Now, if I replace the router with a 6509 switch, with routing, how does the process change? Said 6509 would be equipped with a 10/100 card so that the hosts are now directly connected. The router interface is now a virtual interface, there is no physical interface. Which is another question. How does the 6509 determine this virtual address? Am I correct? Inter VLAN communication cannot occur without a router. Switching is based on MAC address. Routing is based on IP address. I believe the term layer 3 routing is a marketing term, not scientific or engineering in nature. ** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be
RE: RPC Endpoint Mapper [7:63916]
In the olden days, in a Unix world, RPC required PortMappter. Maybe you could look that up? Not sure if there's a space, i.e. Port Mapper. I don't think there is. It's a separate protocol for assigning port numbers. You should see evidence of it on your Sniffer if it still exists. What operating system are you talking about? Windows does RPC too but I don't know it very well. Priscilla COULOMBE, TROY wrote: Anyone know of a good resource on RPC endpoint mapper? I trying to find where in the packet the server tells the client which [new] port to come back on. Using a sniffer, but I cant seem to nail down where in the payload the future port is passed to the client. a google search of rpc endpoint mapper sniffer has resulted in a lot of conversations about how RPC works, but not at the packet level :( don't mind RTFMing...but so far I can't find a good URL at least the FTP protocol states which port :) Thanks, TroyC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63918t=63916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPN Client-RAS-VPN-PIX Route Mapping? [7:63919]
This is a classic VPN Gateway behind the PIX question... Can NAT/PAT/Static Routes be used on a Trusted PIX Port to provide Web Access to RAS/VPN Client to VPN3000 Gateway to PIX Trusted Port The VPN Gateway is positioned on a subnet behind the PIX. URL references are appreciated. Thanks. Tim Weil - CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63919t=63919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
eBGP Multi-Hop [7:63920]
I am not sure how to overcome a potential problem. I have a BGP feed from an upstream provider that is a multi-hop. I am concerned that if that neighboring router goes down I will still be sending traffic out to him. The Interface will not go down since the circuit does not term on the BGP router but a colocated router. I do not want to have to wait 3 minutes for the BGP timer to expire. That will be 3 minutes of traffic passed to a dead router. Is there any other method (besides reducing the timer) to overcome this? thanks, jim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63920t=63920 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: New CCDP [7:63848]
From what I can tell, that is correct. Im about to take the CID myself, and it seems that if you complete it before its retired, you are CCDP for 3 more years. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63922t=63848 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CID, No X.25/Microsoft/Appletalk/IPX? [7:63921]
I was reviewing the exam outline on cisco's site for the CID exam and noticed that it did not say anything about X.25, IPX, Appletalk, or Microsoft Networking. Have they removed this from the exam? I got my CCDP 3 years ago and now want to recert (I recerted my CCNP already so all I have left is CID). I have my old book, but it covers these technologies extensively and I dont want to spend extra time on those sections if they wont even be on the exam. I know the CID is about to be retired, so I want to hurry up and take this exam so I dont have to worry about the new one. Please help out if you can! Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63921t=63921 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX without public address translation [7:63908]
I have a two interface PIX in a lab. I am trying to simulate this for a customer. Th PIX will be used between two Private networks in the same campus for some political reason. On a PIX outside Interface the network is 172.16.10.0/24, and inside network is on 192.168.10.0/24. Outside interface is connected to a catalyst switch for 172.16.10.0/24 network, and inside interface is also connected to a 2nd catalyst switch on a inside network 192.168.10.0/24. Here is the issue. For allowing users to access resource from outside to inside. I can simply do: static (inside, outside) 192.168.10.0 192.168.10.0 netmask 255.255.255.0 access-list outside permit ip 172.16.10.0 0.0.0.255 any access-group outside in interface outside. For testing reason, I also want to enable ping from 172.16.10.0 network to 192.168.10.0 network. access-list outside permit icmp any any. The only confusion I have is how do I ping a host which is sitting on an outside network 172.16.10.25 to ping a host on inside network which is sitting on a network 192.168.10.25 because there is no third network segment for natting, and PIX doesn't allow to ping the private addresses from outside. For example, In real world, there is a public address which is natted to a private address, and you ping a public address which is mapped to a private address for testing purpose, but in my case there are only two private networks and there is no public address for natting purpose. One thought I had to use the fake network segment such as 10.0.0.0/24 for natting purpose, but that won't work also I think because then I will have to put my PIX's outside interface on 10.0.0.0/24 segment where as the hosts on outside segment are sitting on 172.16.10.0/24 segment. Here is the config. Please pay attention to following commands: global (outside) 1 192.168.10.0 (Since there is not public addresses for translation, I am using the inside address itself.)nat (inside) 1 192.168.10.0 PIX Version 6.1(4)nameif ethernet0 outside security0nameif ethernet1 inside security100enable password 2KFQnbNIdI.2KYOU encryptedpasswd VlkRecOhbGq/.k3t encryptedhostname Clark-Countyfixup protocol ftp 21fixup protocol http 80fixup protocol h323 1720fixup protocol rsh 514fixup protocol rtsp 554fixup protocol smtp 25fixup protocol sqlnet 1521fixup protocol sip 5060fixup protocol skinny 2000namesaccess-list outside permit ip 172.16.10.0 255.255.255.0 anyaccess-list outside permit icmp any anypager lines 24interface ethernet0 autointerface ethernet1 automtu outside 1500mtu inside 1500ip address outside 172.16.10.1 255.255.255.0ip address inside 192.168.10.1 255.255.255.0ip audit info action alarmip audit attack action alarmpdm history enablearp timeout 14400global (outside) 1 192.168.10.0nat (inside) 1 192.168.10.0 255.255.255.0 0 0static (inside,outside) 192.168.10.0 192.168.10.0 netmask 255.255.255.0 0 0access-group outside in interface outsidetimeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00timeout uauth 0:05:00 absoluteaaa-server TACACS+ protocol tacacs+aaa-server RADIUS protocol radiusno snmp-server locationno snmp-server contactsnmp-server community publicno snmp-server enable trapsfloodguard enableno sysopt route dnattelnet timeout 5ssh timeout 5terminal width 80Cryptochecksum:c9981720a27c052407817428a787baf6: end ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63908t=63908 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Mutual Redistribution - OSPF routes in Eigrp [7:63923]
Is there a defualt orginate command that I need to use to do mutual redistrubtion? I want to redistribute OSPF into EIGRP and EIGRP into OSPF . r1(config-router)#redistribute eigrp 1 metric 20 sub r1(config-router)#redistribute eigrp 1 metric 20 subnets ? metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-mapRoute map reference subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF I need my OSPF routes to show up on my frame switch wich is only running EIGRP, but R1 is connected to OSPF area 0 and has a back to back serial to the frame switch. fr#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 150.100.0.0/24 is subnetted, 4 subnets C 150.100.70.0 is directly connected, Loopback2 C 150.100.68.0 is directly connected, Loopback0 C 150.100.69.0 is directly connected, Loopback1 C 150.100.2.0 is directly connected, Serial0 Thanks, Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63923t=63923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame-Relay issue [7:63446]
Hi Monu I tried the configuration given by you. But i didnt find any problem in bringing up the interface when i cut and paste the configuration. Here is the config when i cut n paste the config from a text file yourname(config)#interface Serial1/1 yourname(config-if)#shut yourname(config-if)#encapsulation frame-relay yourname(config-if)#frame-relay lmi-type cisco yourname(config-if)#no shut yourname(config-if)#exit yourname(config)#interface Serial1/1.1 point-to-point yourname(config-subif)#no shutdown yourname(config-subif)#ip address 20.20.20.11 255.255.255.0 yourname(config-subif)#frame-relay interface-dlci 108 yourname(config-fr-dlci)#exit yourname(config-subif)# yourname(config-subif)# *Mar 1 00:48:19.271: %LINK-3-UPDOWN: Interface Serial1/1, changed state to up yourname(config-subif)# yourname(config-subif)# yourname(config-subif)# yourname(config-subif)#^Z yourname# yourname# *Mar 1 00:48:28.811: %SYS-5-CONFIG_I: Configured from console by console yourname# yourname#sh ip int brief *Mar 1 00:48:30.271: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to up Interface IP-Address OK? Method Status Prot ocol FastEthernet0/0172.20.110.8YES manual up up FastEthernet0/1unassigned YES unset up down ATM0/0 unassigned YES unset up up ATM0/1 unassigned YES unset up up Serial1/0 unassigned YES unset down down Serial1/0.1unassigned YES manual deleted down Serial1/1 unassigned YES unset up up Serial1/1.120.20.20.11 YES manual up up Serial1/2 unassigned YES unset down down FastEthernet1/0unassigned YES unset up down FastEthernet1/1unassigned YES unset up down yourname# Please let me know ur comments Regards Deepak Priscilla Oppenheimer wrote: There's obviously no good answer to why there are no problems bringing the link up/up when you type in the commands one by one but there are problems when you copy and paste them. Here are some suggestions, though: 1) You work for Cisco. Report it as a bug. 2) The copy and paste is corrupting a character, forgetting to do carriage return or something of that nature. Do all the commands end up the in the running config? 3) There's some sort of timing issue. To fix the problem: Don't do copy and paste that fast. :-) Priscilla Monu Sekhon wrote: Hi Mark, Thanx for reply.but I mentioned that when we do shut no shut again link comes up.no dlci, no lmi problem: I am testing in lab setup two rouetrs connnected to frame-relay cloud Please do help anybody in this regard, why the link doesnot come at one instant why it requiers again shut and no shut, when i copy paste the config and when i give command by command then without gving shut and noshut the link comes up. Mark W. Odette II wrote: in show ip interface it shows as protocol down , physical link up. sh frame-relay pvs shows as inactive.no lmi are exchanged. Usually Protocol Down, Link Up indicates that you have mismatched encapsulation, LMI-Type, or even incorrect IP Addressing (wrong Subnet or incorrect Subnet Mask) between your end and the other end of the FR Network. If no LMI is exchanged, then the LMI-Type is incorrect between that Serial Interface and the Service Provider Frame Switch. If this is a Frame Relay LAB setup, double-check your Frame Relay Switch configuration. If this is a Production Setup, contact your ISP and verify your Frame Relay configuration parameters. (LMI-Type, DLCI, etc.) On the No Shut command, I'd use it last on each interface you configure. -Mark -Original Message- From: Monu Sekhon [mailto:[EMAIL PROTECTED] Sent: Thursday, February 20, 2003 7:40 PM To: [EMAIL PROTECTED] Subject: Re: Frame-Relay issue [7:63446] Hi Larry/John, I forgot to mention no shut in the above confif while writing here, Its still there and connection does not come out See I mentioned that while giving command by command manually connection comes out. It seems to me that while the interface is down during that frame-relay LMIs think that interface is down and make the link down. I am rather confused.I dont know but this is happening. again writing config: -- interface Serial0 shut (if i give here no shut then link comes up at one go) encapsulation frame-relay frame-relay lmi-type cisco no shut exit interface Serial0/0.1 point-to-point no
Re: two 1900 catalyst switches cannot exchange VLAN info even [7:63926]
not sure , you mean the code version do play a part? So if it does play a part what code version should I run ? regards, suaveguru --- Larry Letterman wrote: what version of 1900 code are they running.? Larry Letterman Network Engineer Cisco Systems - Original Message - From: suaveguru To: Sent: Sunday, February 23, 2003 11:37 PM Subject: two 1900 catalyst switches cannot exchange VLAN info even [7:63613] all, I have 2 cisco catalyst 1900 switches with VLANS configured on it when I tried to enable trunking on both of the trunk ports and make the two catalyst 1900 switched run VTP vlans information just can't travel across the switches, appreciate if anyone with similar problems tell me what to do suaveguru __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ [EMAIL PROTECTED] [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63926t=63926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Eigrp neighbor loss [7:63925]
I was hoping someone could help out with a problem I am seeing. I just enabled logging of eigrp neighbor changes for the first time and noticed that there are constant neighbor changes going on over our WAN/LAN. First guess was the hello timers but since it is on the LAN this is not the issue. Some vlan interfaces have been up for weeks while others seem to go up and down every few seconds but both are going over the same ATM link between sites. Has anyone seen this behavior before? Code is 12.1(14). Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63925t=63925 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP window size - Additive Increase - Slow Start [7:63904]
[EMAIL PROTECTED] wrote: I am looking at TCP4s Flow Control mechanism. I have found Additive Increase/multiplicative decrease and slow start explanation. What I am looking for is how TCP/IP on our servers behavior when congestion occurs related with the window size. Any Thoughts? I have some thoughts, though not real answers. :-) Slow start has been implemented by most TCP implementations in most operating systems for quite a few years now. You can easily see it in action if you use a protocol analyzer on your system while doing FTP, for example. Watch the start of the data session. Even though the side receiving data will advertise a window of 8,192 bytes, for example, the other side will only send a couple segments, wait for an ACK to make sure there's no congestion, and then speed it up and send about 5 segments at a time, filling the recipient's receive window. If it's Windows, you'll see the recipient open and close its window in very small increments sometimes, for example go from 8,192 to 8,000 and back again. I always thought that was just brain-dead programming, but maybe there's a reason for it. Regarding ddditive increase and multiplicative decrease, I've never heard of any operating system doing that. After a quick Google, I get the impression those may be research projects? Can you tell us more about them? Regardless, if you know how they work, your best bet is to study traffic with an analyzer and see if you see evidence of them. In the case of Windows, I doubt you'll find any documentation that says they are used. In the case of open-source Unix TCP implementations, you might have more luck finding documentation on protocol behavior for specific implementations. Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63927t=63904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
A And that's exactly what would happen if you did the inter-VLAN routing on a router too, using subinterfaces for each VLAN/ IP subnet. :-) And, if it were a high-end router, it could do this at wire speed and would have a RIB and FIB, just like someone else described for the 6500. The 7500 router has had that sort of architecture for years, if I'm not mistaken. Howard has given us lots of examples of other high-end routers that have this sort of architecture. Of course, these high-end routers are probably way more expensive than the so-called L3 switch and probably have all sorts of features that you might not need in a campus network. Last I check, extreme make some pretty cheap bridges with integrated routing :) Naturally, to get a bunch of packet processing without mortgaging forwarding capacity, you'll end up spending more bucks. Howard's point about the relevance of wire speed routing in the enterprise is dead on though - most folks don't need it and wouldn't make use of it even if they had it. So, we're back to the first answer. The difference between a router and a L3 switch is marketing. Also economics. Sorry, I just had to play devil's advocate. What a shame that Cisco has mangled this so much in their intro training materials. Priscilla ... Does that help? Oh - and I think you meant to say layer 3 switching is a marketing term, not scientific or engineering in nature. ... you said layer 3 routing ... Thanks! TJ [EMAIL PROTECTED] -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 7:45 AM To: [EMAIL PROTECTED] Subject: RE: L3 Switching Huh [7:63728] OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. The network: Host A 10.1.1.2 MAC 00.AA Host B 10.1.2.2 MAC 00.BB |10.1.1.1 MAC 01.AA 10.1.2.1 MAC 02.BB| switch A---Router-switch B 10.1.1.0/2410.1.2.0/24 This is an ethernet network. Both segments are connected by a traditional router say a 2500. In this instance the router interfaces are subnet A 10.1.1.1, and subnet B 10.1.2.1 For simplicity, assume ARP cache is empty. Host A wishes to ping Host B End user on Host A enters - ping 10.1.2.2 The IP packet places the source address 10.1.1.2 and the destination address 10.1.2.2 into the packet. The IP protocol examines the IP address and based on the IP address determines this is in another subnet. An ARP request goes out for 10.1.1.1 (default gateway) and the MAC address is found. The DLL then places the source MAC address 00.AA and the destination MAC 01.AA into the frame. The frame then goes out the wire to the destination MAC. The router interface sees this frame as destined for itself. It de-encapsulates the frame removing the MAC addresses. The router then examines the IP address, based on the routing table it knows the destination port. The router leaves the same IP source (10.1.1.2) and destination (10.1.2.2) in the packet. The frame is rebuilt with the new MAC address of source 02.BB and destination 00.BB Host B grabs this packet and does it's thing. Now, if I replace the router with a 6509 switch, with routing, how does the process change? Said 6509 would be equipped with a 10/100 card so that the hosts are now directly connected. The router interface is now a virtual interface, there is no physical interface. Which is another question. How does the 6509 determine this virtual address? Am I correct? Inter VLAN communication cannot occur without a router. Switching is based on MAC address. Routing is based on IP address. I believe the term layer 3 routing is a marketing term, not scientific or engineering in nature. ** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your
RE: Different usename n pwd for PAP and CHAP [7:63442]
HI Troy My question is, suppose as you said, usera and userb have established a connection using chap and Pap, now is it possible to give one set of username for chap and another set for pap? The config looks like this ppp authentication chap pap ppp chap hostname ppp chap password ppp pap sent-username password Is this configuration is valid? if valid how often is it used in customer scenarios. I have observed that when i give the same username n password for both chap n pap( i.e for both), the ios gives the warning message saying may be security hole. Thanks n regards Deepak Troy Leliard wrote: Hi Deepak, I'm not sure if I follow. Say for example you wanted userA to connect via CHAP and userB to connect via PAP, this would indeed be possible, but usera and userb, could not have the same username. Most of the ISP's that i have worked for only accept CHAP since the password is no passed in clear txt, and most dialup clients now support CHAP. Similarly DDR scenarios, when y ou have your router connecting to anotehr router (or ISP), you would also want to implement CHAP, for obvious security reasons. The only time I have use pa is when use legacy dialup clients that don't support CHAP. Hope this helps. Cheers Troy Deepak N wrote: Hi Troy Thanks for the reply So, this would mean, there is no possibility of using one set of username/password for CHAP and another set for PAP, i guess. The same set of username/password for eg: cisco/cisco would be used for both CHAP and PAP. Regards Deepak Troy Leliard wrote: Normally you would only get one username / password., and the ISP would configure CHAP, then PAP authentication, ie if the cllent (user) tries to authenticate, and CHAP fails, it will then authenticate using PAP. (CHAP Should always come first as it is the more secure authentication method). Hope this helps Deepak N wrote: Hi I am having this question. When configuring the username and password for PAP n CHAP, i am giving different username n password. Is there any customer scenario where this kind of situation is there? Also does the ISP provide different username n password for different authentication types i.e, one set of username n password for CHAP and another set of username and password for PAP. i assume that ISP gives only one authentication type either CHAP or PAP not both. I need inputs from all of you Thanks in advance Deepak Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63929t=63442 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RPC Endpoint Mapper [7:63916]
Priscilla, thanks for the quick reply :) yes, so far all 3 sniffers havent revealed much [ethereal, sniffer, my fav: etherpeek-nx] all show the decodes for RPC, but this is a Win2k box talking MS-RPC [port 135, initially] somehow, someway an upper port is getting assigned [4541 for example] from the server anywho, I'm t/s the win2k-box talking to vpn clients [also Wintel] and there seem to be a large number of tcp-rst happening on the higher ports upon initial connection ::: syn, rst, syn, rst I don't think it's black-hat activity as it was the users complaining...so I'm just trying to make sure the client is communicating back on the proper port the server assigned...but I cant seem to nail down where the port is in the payload... I do see the server send to the client the server's IP adder, but in character format [which to me is crazy] so the server sends 31 00 30 00 2e 00 31 00 30 00 2e 00 31 00 30 00 2e 00 33 00 36 00 for 10.10.10.36 31 being the hex equiv of the ascii char 1 00 being the buffer space, 30 being the 0 and 2e being the . of the 10. man, gives new respect to the folks who do reverse eng. :) I'll keep hacking at it... but I'm still hoping for a URL :) TroyC -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 3:10 PM To: [EMAIL PROTECTED] Subject: RE: RPC Endpoint Mapper [7:63916] In the olden days, in a Unix world, RPC required PortMappter. Maybe you could look that up? Not sure if there's a space, i.e. Port Mapper. I don't think there is. It's a separate protocol for assigning port numbers. You should see evidence of it on your Sniffer if it still exists. What operating system are you talking about? Windows does RPC too but I don't know it very well. Priscilla COULOMBE, TROY wrote: Anyone know of a good resource on RPC endpoint mapper? I trying to find where in the packet the server tells the client which [new] port to come back on. Using a sniffer, but I cant seem to nail down where in the payload the future port is passed to the client. a google search of rpc endpoint mapper sniffer has resulted in a lot of conversations about how RPC works, but not at the packet level :( don't mind RTFMing...but so far I can't find a good URL at least the FTP protocol states which port :) Thanks, TroyC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63930t=63916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? IS-IS ??? [7:63875]
At 10:25 PM + 2/26/03, John Neiberger wrote: Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? That reminds me of a famous quote from a couple of years ago: That depends on what your definition of IS-IS. Okay, I modified it slightly :-) Unless Microsoft comes up with its own definition...and we'd have to figure out if ISNT is or is not ISIS. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63931t=63875 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNP Recertification Exam [7:63932]
I have to take a exam of CCNP Recertification in this year. If you know the book to study for CCNP Recertification, please give me an advice. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63932t=63932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RPC Endpoint Mapper [7:63916]
Sorry I don't have a URL that explains how Windows RPC on a server hands out a port number for the client to use. Anyone else? However, I will help you reverse engineer it! ;-) Are you guessing that the port number is in that same packet that has the IP address in ASCII. That would be my guess, if it's anythign like the FTP PORT command. Can you send us the entire packet in hex for the one with port 4541 or some other port you tell us in advance?? Could a firewall or smart IDS be sending back the resets?? Just a thought. Priscilla COULOMBE, TROY wrote: Priscilla, thanks for the quick reply :) yes, so far all 3 sniffers havent revealed much [ethereal, sniffer, my fav: etherpeek-nx] all show the decodes for RPC, but this is a Win2k box talking MS-RPC [port 135, initially] somehow, someway an upper port is getting assigned [4541 for example] from the server anywho, I'm t/s the win2k-box talking to vpn clients [also Wintel] and there seem to be a large number of tcp-rst happening on the higher ports upon initial connection ::: syn, rst, syn, rst I don't think it's black-hat activity as it was the users complaining...so I'm just trying to make sure the client is communicating back on the proper port the server assigned...but I cant seem to nail down where the port is in the payload... I do see the server send to the client the server's IP adder, but in character format [which to me is crazy] so the server sends 31 00 30 00 2e 00 31 00 30 00 2e 00 31 00 30 00 2e 00 33 00 36 00 for 10.10.10.36 31 being the hex equiv of the ascii char 1 00 being the buffer space, 30 being the 0 and 2e being the . of the 10. man, gives new respect to the folks who do reverse eng. :) I'll keep hacking at it... but I'm still hoping for a URL :) TroyC -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 3:10 PM To: [EMAIL PROTECTED] Subject: RE: RPC Endpoint Mapper [7:63916] In the olden days, in a Unix world, RPC required PortMappter. Maybe you could look that up? Not sure if there's a space, i.e. Port Mapper. I don't think there is. It's a separate protocol for assigning port numbers. You should see evidence of it on your Sniffer if it still exists. What operating system are you talking about? Windows does RPC too but I don't know it very well. Priscilla COULOMBE, TROY wrote: Anyone know of a good resource on RPC endpoint mapper? I trying to find where in the packet the server tells the client which [new] port to come back on. Using a sniffer, but I cant seem to nail down where in the payload the future port is passed to the client. a google search of rpc endpoint mapper sniffer has resulted in a lot of conversations about how RPC works, but not at the packet level :( don't mind RTFMing...but so far I can't find a good URL at least the FTP protocol states which port :) Thanks, TroyC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63933t=63916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ping-ICMP question [7:63934]
Is ping/icmp protocol needs to be prioritized on Lan environment just to have a good latency ping result? is it ping a good basis for measuring your network if it is congested? Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63934t=63934 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 7206 adding VIP cards [7:63673]
Tac told us that these were compatible... Imagination is more important than knowledge Albert Einstein -Original Message- From: tu do [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 11:55 AM To: [EMAIL PROTECTED] Subject: RE: 7206 adding VIP cards [7:63673] Jamie wrote: The 8 port 10Mb card is the one that gives a console message saying that it needs a HW revision to work in the 7206 VXR. The PAs have compatible issues with 7200VXR. Only the PAs those said VXR compatible work on 7200VXR. The older's work on 7K, 75xx, or c5rsm only. There are good sources at cisco.com tu do. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63935t=63673 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF and MTU, spawned from the OSPF vs. EIGRP thread [7:63936]
Reviving an oldie but a goodie, based on some work I was doing today. I wanted to check something that required 3 routers, and all I had were 2 routers and the 3550 switch. well, that's ok. L3 and all. BTW, have we decided which is better - an L3 switch or a router? Hint - the L3 switch is FAR superior to a 2503 router :- OK, so I set up ospf among the routers ( switch ports configured as router interfaces ) and no ospf neighbor relationships are forming. this is BS. Done this in my sleep. start looking at the debugs and I keep seeing something weird from the switch side. keeps reporting the interface down. makes no sense. I check the speed and duplex, but you know, I know this has worked in the past. fiddle some more. fiddle some more. finally look at things from one of the routers' perspective, and the debug says something about a mismatched MTU. Oh yeah, I was doing some vlan tunneling practice and to do so, you have to set the switch MTU higher to accommodate the larger 801.q frame. can't change the MTU size on an interface by interface basis. quickly, I issue the interface command ip ospf mtu-ignore ( Cisco proprietary? IIRC? ) on the interfaces in question, and viola! everything is dandy. quick look at the command reference, and I see this command was introduce in 12.0.3 - so that puts it into the time frame of the early days of the 65xx and the MSFC. Dare I hazard a guess that the command was introduced in anticipation of exactly this kind of situation - the L2 part of the switch requiring a larger MTU for whatever reason, and the L3 part of the switch running Ospf and running into exactly this problem? Geez, some days I really appreciate the time I spend on this group. Amazing the stuff I remember. Chuck -- TANSTAAFL there ain't no such thing as a free lunch Kane, Christopher A. wrote in message news:[EMAIL PROTECTED] In an attempt to find out why MTU is examined (more precisely, why it's examined in the Database Description packets instead of the Hello packets) one of my co-workers found this passage in IETF meeting minutes: Editor's note: These minutes have not been edited. The OSPF Working Group met on Wednesday, December 11th from 1300-2500 at the San Jose IETF. Minutes of the meeting follow: The second problem, reported by Dan Senie of Proteon, concerns MTU mismatches between OSPF neighbors. This can cause flooding between the two neighbors to fail, with large Link State Updates being continually retransmitted. To fix this, we will report interface MTU in Database Description packets. A router will discard received Database Description packet which advertise an MTU that is larger than the router can receive. In this way, adjacencies will not form between routers having MTU mismatches. Tony Li expressed a desire for a more general purpose mechanism. There was also a question whether the same thing will have to be done for OSPF for IPv6 (we think so). Very informative. Thank goodness for meeting minutes. Here's the link if anyone is as hung up on this as I seem to be. :) http://www.ietf.org/ietf/ospf/ospf-minutes-96dec.txt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63936t=63936 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: two 1900 catalyst switches cannot exchange VLAN info even [7:63937]
to get all the bells and whistles you need to run Enterprise version of 1900 operating cose. Larry Letterman Network Engineer Cisco Systems - Original Message - From: suaveguru To: Larry Letterman ; Sent: Wednesday, February 26, 2003 4:39 PM Subject: Re: two 1900 catalyst switches cannot exchange VLAN info even [7:63836] not sure , you mean the code version do play a part? So if it does play a part what code version should I run ? regards, suaveguru --- Larry Letterman wrote: what version of 1900 code are they running.? Larry Letterman Network Engineer Cisco Systems - Original Message - From: suaveguru To: Sent: Sunday, February 23, 2003 11:37 PM Subject: two 1900 catalyst switches cannot exchange VLAN info even [7:63613] all, I have 2 cisco catalyst 1900 switches with VLANS configured on it when I tried to enable trunking on both of the trunk ports and make the two catalyst 1900 switched run VTP vlans information just can't travel across the switches, appreciate if anyone with similar problems tell me what to do suaveguru __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ [EMAIL PROTECTED] [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63937t=63937 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
??? IS-IS ??? [7:63938]
Peter van Oene has authored a two-part Study Guide that's been quite well received at CertificationZone. Hello All, I'm wondering was IS-IS is. No pun intended. I'm assuming it's a routing protocol? I've gone through Cisco, CCNA acad. and have my CCNA and I've even started going over Semester 5 for the CCNP, but IS-IS is no where to be found... Is this a new protocol? Or does someone know where I can find a good over view? Thanks for brain food, Steve -- Mike Cinquanti President Genium Publishing Corporation Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63938t=63938 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: two 1900 catalyst switches cannot exchange VLAN info even [7:63939]
ok I will try that out --- Larry Letterman wrote: to get all the bells and whistles you need to run Enterprise version of 1900 operating cose. Larry Letterman Network Engineer Cisco Systems - Original Message - From: suaveguru To: Larry Letterman ; Sent: Wednesday, February 26, 2003 4:39 PM Subject: Re: two 1900 catalyst switches cannot exchange VLAN info even [7:63836] not sure , you mean the code version do play a part? So if it does play a part what code version should I run ? regards, suaveguru --- Larry Letterman wrote: what version of 1900 code are they running.? Larry Letterman Network Engineer Cisco Systems - Original Message - From: suaveguru To: Sent: Sunday, February 23, 2003 11:37 PM Subject: two 1900 catalyst switches cannot exchange VLAN info even [7:63613] all, I have 2 cisco catalyst 1900 switches with VLANS configured on it when I tried to enable trunking on both of the trunk ports and make the two catalyst 1900 switched run VTP vlans information just can't travel across the switches, appreciate if anyone with similar problems tell me what to do suaveguru __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ [EMAIL PROTECTED] to [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63939t=63939 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CiscoSecure Question [7:63941]
All, Does anyone out there have experience with CiscoSecure? I could really use the help! I have over 50 routers that I'm setting up to access through TACACS, and I've been told that I have to make entries in CiscoSecure for every interface on every router to make sure that each router is TACACS accessible from anywhere in the network! Is this true??? Thanks! Geoff Mossburg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63941t=63941 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RPC Endpoint Mapper [7:63916]
COULOMBE, TROY wrote: Priscilla, thanks for the quick reply :) yes, so far all 3 sniffers havent revealed much [ethereal, sniffer, my fav: etherpeek-nx] all show the decodes for RPC, but this is a Win2k box talking MS-RPC [port 135, initially] somehow, someway an upper port is getting assigned [4541 for example] from the server anywho, I'm t/s the win2k-box talking to vpn clients [also Wintel] and there seem to be a large number of tcp-rst happening on the higher ports upon initial connection ::: syn, rst, syn, rst I don't think it's black-hat activity as it was the users complaining...so I'm just trying to make sure the client is communicating back on the proper port the server assigned...but I cant seem to nail down where the port is in the payload... I do see the server send to the client the server's IP adder, but in character format [which to me is crazy] so the server sends 31 00 30 00 2e 00 31 00 30 00 2e 00 31 00 30 00 2e 00 33 00 36 00 for 10.10.10.36 31 being the hex equiv of the ascii char 1 00 being the buffer space, 30 being the 0 and 2e being the . of the 10. That is similar to the FTP PORT command, which puts the IP address in ASCII characters, separated by commas, for some unknown reason. Following the address is the port number in ASCII characters with a comma between the first and second byte. Port number is a 16-bit field. To get it into two bytes, divide the decimal value by 256. Put that it in the first part in ASCII characters. Put the remainder in the second part. So if it were an FTP Port command, 4541 would look like this: 4541/256 = 17 with 189 left over 1 = 31 in ASCII 7 = 37 comma = 2C 1 = 31 8 = 38 9 = 39 so you would see PORT blah blah 31 37 2C 31 38 39 Do you see anyting resembling that?? Maybe with nulls inbetween, since they are doing nulls in between for the IP address, and maybe a period instead of a comma? Priscilla man, gives new respect to the folks who do reverse eng. :) I'll keep hacking at it... but I'm still hoping for a URL :) TroyC -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 3:10 PM To: [EMAIL PROTECTED] Subject: RE: RPC Endpoint Mapper [7:63916] In the olden days, in a Unix world, RPC required PortMappter. Maybe you could look that up? Not sure if there's a space, i.e. Port Mapper. I don't think there is. It's a separate protocol for assigning port numbers. You should see evidence of it on your Sniffer if it still exists. What operating system are you talking about? Windows does RPC too but I don't know it very well. Priscilla COULOMBE, TROY wrote: Anyone know of a good resource on RPC endpoint mapper? I trying to find where in the packet the server tells the client which [new] port to come back on. Using a sniffer, but I cant seem to nail down where in the payload the future port is passed to the client. a google search of rpc endpoint mapper sniffer has resulted in a lot of conversations about how RPC works, but not at the packet level :( don't mind RTFMing...but so far I can't find a good URL at least the FTP protocol states which port :) Thanks, TroyC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63942t=63916 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CiscoSecure Question [7:63941]
You can hardcode the source address of TACACS requests on the routers. This keeps you from needing to define every interface in the TACACS server. The command is ip tacacs source-interface. You can also define network devices in CiscoSecure with wildcards. You could have one entry that maps all routers? If you need more info drop me a line. I've been using it for several years for all my authentication. It isn't cheap but it works great. -Original Message- From: Mossburg, Geoff (MAN-Corporate) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 9:21 PM To: [EMAIL PROTECTED] Subject: CiscoSecure Question [7:63941] All, Does anyone out there have experience with CiscoSecure? I could really use the help! I have over 50 routers that I'm setting up to access through TACACS, and I've been told that I have to make entries in CiscoSecure for every interface on every router to make sure that each router is TACACS accessible from anywhere in the network! Is this true??? Thanks! Geoff Mossburg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63943t=63941 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ping-ICMP question [7:63934]
sisco wrote: gurus, :) Is ping/icmp protocol needs to be prioritized on Lan environment just to have a good latency ping result? is it ping a good basis for measuring your network if it is congested? Thanks! Ping can help you understand if a network is congested if it's just a simple LAN. On a LAN, you probably don't have to worry about prioritization. In fact, there aren't many ways to prioritize a particular traffic type on simple Ethernet LANs. If it were an entire internetwork, then prioritization might be relevant. A switch shouldn't bother with such things, but a complicated switch might. Routers can prioritize traffic and often do. If you ping a Cisco router, it will not prioritize responding and in fact may rate limit ICMP activity. If you ping through a router, you might also see extra delay if the router is implementing some policy regarding ICMP. Firewalls might also add some delay or even stop pings. So on an internetwork, including the Internet, ping isn't really a good test. The other caveat, and this applies to both simple LANs and complex internetworks, is that the end hosts may treat ping differently than the actual applications that get used for real work (or play! ;-) So, to get the best results, you should test with the applications that you are concerned about. On a simple LAN, you can get approximations with ping, though. Gamers always use this! (though they probably consider it more important than they should because they haven't considered the caveats mentioned above.) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63944t=63934 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]