Re: Router IOS Upgrade bug in 12.1 images [7:52489]
Ran into this one again on a router I recently purchased. In searching the archives for the methodology, I realized I had not documented the procedure anyplace last time I ran into this last September of so. The bug: with versions of IOS 12.0, upgrade is impossible. Copy TFTP flash fails The fix: 1) boot to rommon this is done using the password recovery process - hit control-break key a few times during the 1st 30 seconds of the boot process 2) this places you into the prompt 3) enter the command 0x2101 ( not 0x2142, as is done during the normal password recover process ) 4) reload. this gets you to a Router(boot) prompt 5) erase the flash 6) now the copy tftp flash command works. ( maybe you can skip step 5 ) 7) when done, enter config mode, and enter the command config-reg 0x2102 8) reload the router 9) life is good. 10) curse Cisco under your breath, but not too loudly, not in public, particularly when your lab date is close HTH Chuck -- TANSTAAFL there ain't no such thing as a free lunch Chuck's Long Road wrote in message news:[EMAIL PROTECTED] painful process. I'm more concerned that a technique that I've used successfully many times on these routers suddenly stops working. This is a by the book technique that I haven't had problems with before, and is supposed to work. Given that I have better things to do ( going to the config(boot) mode and working through is pretty time consuming ) The fact that neither RSL or the manual process works correctly tells me this might have more serious ramifications So thanks for the suggestions. this one does work. But I think I'll make Cisco take some responsibility here. Folks will be back to work Tuesday and I'll get the inform I need to pursue this ticket. Chuck -- www.chuckslongroad.info still a work in progress, but on line for your enjoyment z Dan Penn wrote in message news:[EMAIL PROTECTED] Did you try booting directly to rommon and erasing the flash manually first? Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chuck's Long Road Sent: Sunday, September 01, 2002 2:01 PM To: [EMAIL PROTECTED] Subject: Router IOS Upgrade bug in 12.1 images [7:52489] I've done this before, and it's not like it's real tough, but. I am trying to upgrade my IOS images. Neither the Router Software Loader, not the good old copy tftp: flash: is working. RSL gives me some odd message the copy function never asks if I want to erase the current image on the flash - it just starts to copy, then stops, with a message that there is not enough rook on the destination device. sample output of my process: Router_7#copy tftp flash: NOTICE Flash load helper v1.0 This process will accept the copy options and then terminate the current system image to use the ROM based image for the copy. Routing functionality will not be available during that time. If you are logged in via telnet, this connection will terminate. Users with console access can see the results of the copy operation. Proceed? [confirm] Address or name of remote host []? 192.168.1.49 Source filename []? c2500-js56i-l.121-5.T10.bin Destination filename [c2500-js56i-l.121-5.T10.bin]? %FR-5-DLCICHANGE: Interface Serial0 - DLCI 201 state changed to DELETED %FR-5-DLCICHANGE: Interface Serial0 - DLCI 202 state changed to DELETED %FLH: c2500-js56i-l.121-5.T10.bin from 192.168.1.49 to flash ... System flash directory: File Length Name/status 1 16294768 c2500-jos56i-l.121-11.bin [16294832 bytes used, 482384 available, 16777216 total] Accessing file 'c2500-js56i-l.121-5.T10.bin' on 192.168.1.49... Loading c2500-js56i-l.from 192.168.1.49 (via Ethernet0): ! [OK] %Error: Image size exceeds free space %FLH: Flash download failed F3: 16002988+291748+1049272 at 0x360 As you can see - no asking to erase. I suspect this is a problem with the particular image. I had no problem upgrading a different router with a different image. Unfortunately, just about all my routers have this identical image in place. Anyone seen this? got a fix? CCO searches have not been regarding. TAC won't talk to me even though I work for a major partner. Apparently my management made some procedural changes, and I can't locate anyone internally who can help me out. They apparently have lives :- thanks much -- www.chuckslongroad.info still a work in progress, but on line for your enjoyment Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64880t=52489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question on a particular ISDN simulator [7:64814]
Thanks to the folks who responded, and who have shared a number of files. I recently purchased the ISDN package from o..p..t..s..y..s.net - consists of 2x2503 routers and the B-link-2 ISDN sim. I checked prices versus what I was seeing on the auction site, and the price seemed reasonable all things considered. ( side note - anthonypanda.com is advertising an isdn sim for a few bucks less than B..r..a.dis ) ( no I don't get anything out of saying nice things about you-know-where. I would, however, appreciate someone buying my token ring routers as advertised on the auction site so I can reduce my credit card debt :- ) In any case, experiments have shown that using the UK format ( isdn switch basic-net3 ) I experience none of the problems that basic-ni1 cause. I look forward to the firmware upgrade so I can use basic-ni1. F***ing A, three weeks and my life is a mess... goodnight, all. -- TANSTAAFL there ain't no such thing as a free lunch The Long and Winding Road wrote in message news:[EMAIL PROTECTED] been fooling around with the B-Link 2 that a particular someone ( whose name is not supposed to be mentioned here on this list ) sells at what seems to be a reasonable price. not looking for specific answers - just a general question - ever get both B channels to come up? just a yes or no. ( ISDN is not my strongest point, but when working with unfamiliar equipment, it helps to know the high level answer so I know whether or not to go back to the seller or hit the books a little harder. ) Thanks -- TANSTAAFL there ain't no such thing as a free lunch Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64881t=64814 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Last topic for tonight - Soltie's Book [7:64882]
I've waffled on this one before. But lately I've been spending more time with Soltie ( CCIE Practical Studies, Volume 1 ) Previously, I've said the jury is still out on this one. Now that I've given Mr. Soltie his due, I am finding this is a very good book, and well worth considering when choosing CCIE prep books. In fact, if I dare say so, I am finding that Mr. Soltie is much more effective than is Mr. Caslow. Anyone else finding the same? Good night, everyone. Chuck -- TANSTAAFL there ain't no such thing as a free lunch Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64882t=64882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Any w2k syslog server avaiable? [7:64883]
Hi.. I used to use unix syslog server to log the cisco device event. But there is no unix box in my new company. Only w2k. May I know is there any syslog software avaiable that I can install in W2k? Thanks _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64883t=64883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Any w2k syslog server avaiable? [7:64883]
Richard Campbell wrote in message news:[EMAIL PROTECTED] Hi.. I used to use unix syslog server to log the cisco device event. But there is no unix box in my new company. Only w2k. May I know is there any syslog software avaiable that I can install in W2k? check out Beverly Hills Software - www.bhs.com do a search after clicking on downloads there are a couple available. HTH Thanks _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64884t=64883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MAC Access Lists - Canonical or NonCanonical [7:64754]
I guess this would depend on the media / interface that you are applying the ACL to? EG for TR, you would use non-canonical, and if applying the address to ethernet interface canonical. Presumably, inbound packets from TR pass through any inbound ACL's, then get converted to canonical and passed out ethernet interface (or DLSW etc?? )( [EMAIL PROTECTED] wrote: Today I read two opposite posts about the MAC address format on MAC access-list. The article on 'http://www.netmasterclass.net/site/lib.php' (article Filtering DLSW) says that one should use non canonical format. The link 'http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_r/brprt1/br1dtb.htm#1017750' says the opposite, one should use canonical (Ethernet) format. Any Thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64885t=64754 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Any w2k syslog server avaiable? [7:64883]
This is for Windows: 1. Kiwi www.kiwisyslog.com/ 2. Solarwinds Syslog server www.solarwinds.net Personally I find kiwi is better... From: Richard Campbell Reply-To: Richard Campbell To: [EMAIL PROTECTED] Subject: Any w2k syslog server avaiable? [7:64883] Date: Mon, 10 Mar 2003 09:00:02 GMT Hi.. I used to use unix syslog server to log the cisco device event. But there is no unix box in my new company. Only w2k. May I know is there any syslog software avaiable that I can install in W2k? Thanks _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64886t=64883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Last topic for tonight - Soltie's Book [7:64882]
Its Mr. Solie, Isn't it ? And I am in the middle of that book, in the Eigrp section, and I agree, I like it..I think its a good lab practice book..especially for someone thats just starting on the lab practice, like me...:) Larry Letterman Network Engineer Cisco Systems - Original Message - From: The Long and Winding Road To: [EMAIL PROTECTED] Sent: Monday, March 10, 2003 12:57 AM Subject: Last topic for tonight - Soltie's Book [7:64882] I've waffled on this one before. But lately I've been spending more time with Soltie ( CCIE Practical Studies, Volume 1 ) Previously, I've said the jury is still out on this one. Now that I've given Mr. Soltie his due, I am finding this is a very good book, and well worth considering when choosing CCIE prep books. In fact, if I dare say so, I am finding that Mr. Soltie is much more effective than is Mr. Caslow. Anyone else finding the same? Good night, everyone. Chuck -- TANSTAAFL there ain't no such thing as a free lunch Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64887t=64882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCSP track [7:64735]
i think order of taking tests isn't importent (maybe safe test should be last). i started last week with csvpn, next will do mcns so i get the vpn specialist . problem of ids is, who does isd and when doing, who does it with cisco ;-) tell if you hear other opinions. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64888t=64735 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Compression on 2610 routers [7:64702]
We have typical office-envirement: some word, excel, some host, web. HW-compression brings up to 9:1 (average, i thing 4-5:1). Take attention with SW, even a 72xx can't handle many of SW compressed links. Lupi is right. Before implementing you have to test. Ask your Cisco Provider for AIM Boards to test (and the rigt IOS) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64889t=64702 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Any w2k syslog server avaiable? [7:64883]
syslog,tftp,ftp 3COM windows utilities found here http://support.3com.com/software/utilities_for_windows_32_bit.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Victor Wibawa Sent: Monday, March 10, 2003 4:53 AM To: [EMAIL PROTECTED] Subject: Re: Any w2k syslog server avaiable? [7:64883] This is for Windows: 1. Kiwi www.kiwisyslog.com/ 2. Solarwinds Syslog server www.solarwinds.net Personally I find kiwi is better... From: Richard Campbell Reply-To: Richard Campbell To: [EMAIL PROTECTED] Subject: Any w2k syslog server avaiable? [7:64883] Date: Mon, 10 Mar 2003 09:00:02 GMT Hi.. I used to use unix syslog server to log the cisco device event. But there is no unix box in my new company. Only w2k. May I know is there any syslog software avaiable that I can install in W2k? Thanks _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64890t=64883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ATM [7:64891]
All, A quick question if I may... See below the output from sh atm int atm x/x Router#sh atm int atm x/x Interface ATMx/x: AAL enabled: AAL5 , Maximum VCs: 4096, Current VCCs: 1 Maximum Transmit Channels: 0 Max. Datagram Size: 4528 PLIM Type: E3 - 34000Kbps, Framing is G.832/G.804, TX clocking: LINE Cell-payload scrambling: ON 99283 input, 99276 output, 0 IN fast, 0 OUT fast, 0 out dropVBR-NRT : 28000 Avail bw = 6000 Config. is ACTIVE Can anyone tell me where the Avail bw = 6000 information is coming from ? It is certainly not defined my router so I assuming it's coming from the provider...or am i assuming too much..;) Appreciate any assistance you can offer. Tks, B. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64891t=64891 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DTP and VTP Domain [7:64892]
Is VTP dependent of DTP or is DTP dependent of VTP?. From the following statement I think DTP can still form a trunk even if VTP domain is different on both switches. But I have read opposite statements. Unfortunatelly I can not test it now. Any thoughts? The VTP protocol communicates between switches using an Ethernet destination multicast MAC address (01-00-0c-cc-cc-cc) and SNAP HDLC protocol type Ox2003. It does not work over non-trunk ports (VTP is a payload of ISL or 802.1Q), so messages cannot be sent until DTP has brought the trunk online. http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a0080094713.shtml Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64892t=64892 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DTP and VTP Domain [7:64892]
Found the answer on the same page. In desirable mode, DTP packets transfer the VTP domain name (which must match for a negotiated trunk to come up), plus trunk configuration and admin status. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64893t=64892 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sniffer on Catalyst 6509 [7:64894]
Hi, I have a Catalyst 6509 and need to sniff network. If possible enable one port to read all traffic to sniff ?! Thanks, Eduardo Perestrelo CCNA / CCAI Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64894t=64894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Last topic for tonight - Soltie's Book [7:64882]
Church, I had being eating, drinking, sleeping.Solie, Caslow, Halabi, Parkhurst, Doyle and others books as well for the last two months, and I came to the conclusion that Solie and Caslow book has the same foundation or I will say using the same techniques, both books are great to the point that I may have to buy one of them again because I had used them too many times it is already damage... BTW Jeff Doyle Volume II looks like the continuation of Solie Book (very interesting)... Juan Blanco -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of The Long and Winding Road Sent: Monday, March 10, 2003 3:57 AM To: [EMAIL PROTECTED] Subject: Last topic for tonight - Soltie's Book [7:64882] I've waffled on this one before. But lately I've been spending more time with Soltie ( CCIE Practical Studies, Volume 1 ) Previously, I've said the jury is still out on this one. Now that I've given Mr. Soltie his due, I am finding this is a very good book, and well worth considering when choosing CCIE prep books. In fact, if I dare say so, I am finding that Mr. Soltie is much more effective than is Mr. Caslow. Anyone else finding the same? Good night, everyone. Chuck -- TANSTAAFL there ain't no such thing as a free lunch Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64895t=64882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Any w2k syslog server available? [7:64883]
Kiwi...It is great.you can download a working version. www.kiwisyslog.com/ Juan Blanco -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Richard Campbell Sent: Monday, March 10, 2003 4:00 AM To: [EMAIL PROTECTED] Subject: Any w2k syslog server avaiable? [7:64883] Hi.. I used to use unix syslog server to log the cisco device event. But there is no unix box in my new company. Only w2k. May I know is there any syslog software avaiable that I can install in W2k? Thanks _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64896t=64883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer on Catalyst 6509 [7:64894]
You do this with the span command -Original Message- From: Eduardo Perestrelo [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 7:44 AM To: [EMAIL PROTECTED] Subject: Sniffer on Catalyst 6509 [7:64894] Hi, I have a Catalyst 6509 and need to sniff network. If possible enable one port to read all traffic to sniff ?! Thanks, Eduardo Perestrelo CCNA / CCAI Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64897t=64894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
??? MPLS ??? [7:64898]
Sorry for such a newbe question. But what is MPLS? And what is it? Any one have a link they can point me too? Just trying to learn more. Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64898t=64898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? MPLS ??? [7:64898]
Multiprotocol Label Switching. Can read up on it at Cisco or I believe, whatis.com has a little on it, as well. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64899t=64898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
??? Etherchannel ??? [7:64900]
Ok please don't be annoyed I have another vocab question. I know what Ethernet is and I'm fairly sure fiberchannel is basically some sort of fiber line. What is Ether channel? And where is it commonly used. Any one have a good link? Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64900t=64900 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? MPLS ??? [7:64898]
I found this link to Cisco for MPLS. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 limit/120s/120s5/mpls_te.htm Bon apetit! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64901t=64898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? Etherchannel ??? [7:64900]
The best place in my opinion for definitions and brief descriptions of this sort is http://www.whatis.com I don't believe I've ever not gotten an answer from there. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64902t=64900 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SMTP Time outs and re-transmissions, multiple [7:64617]
It would be nice if we could always return the last condition before the last action. But I rarely do that on production networks, because of the concerns in solve the problems as fast as possible. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64903t=64617 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Load Balancing and NAT [7:64904]
Hello all, I am attempting to setup a Cisco 1721 Router with load balancing and NAT so that we can provide a dual T1 connection to the network. This is the first time I have done anything like this and I was wanting to know if anyone had any good pointers they could give me or any commands that I should beware of or add. Thanks, Terry O Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64904t=64904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Last topic for tonight - Soltie's Book [7:64882]
There are a few minor mistakes in Solie's book, but I have found it to be very useful. I didn't care for the scenarios at the end of his book, but the exercises that accompany each chapter are excellent exercises for a candidate to go through while getting ready for the lab. It's obvious that he put a lot of work into the book. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Juan Blanco Sent: Monday, March 10, 2003 7:53 AM To: [EMAIL PROTECTED] Subject: RE: Last topic for tonight - Soltie's Book [7:64882] Church, I had being eating, drinking, sleeping.Solie, Caslow, Halabi, Parkhurst, Doyle and others books as well for the last two months, and I came to the conclusion that Solie and Caslow book has the same foundation or I will say using the same techniques, both books are great to the point that I may have to buy one of them again because I had used them too many times it is already damage... BTW Jeff Doyle Volume II looks like the continuation of Solie Book (very interesting)... Juan Blanco -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of The Long and Winding Road Sent: Monday, March 10, 2003 3:57 AM To: [EMAIL PROTECTED] Subject: Last topic for tonight - Soltie's Book [7:64882] I've waffled on this one before. But lately I've been spending more time with Soltie ( CCIE Practical Studies, Volume 1 ) Previously, I've said the jury is still out on this one. Now that I've given Mr. Soltie his due, I am finding this is a very good book, and well worth considering when choosing CCIE prep books. In fact, if I dare say so, I am finding that Mr. Soltie is much more effective than is Mr. Caslow. Anyone else finding the same? Good night, everyone. Chuck -- TANSTAAFL there ain't no such thing as a free lunch [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64905t=64882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Load Balancing and NAT [7:64904]
First big question, are your T1's from the same provider, or from a different provider, and thus different public ip address space? If it is from a different provider, you may well run into some problems with NAT. Say for example, client A connects to your webserver (via ISP A's public IP address that is assigned to you, say x.x.x.x) which is then Nat'd to your internal RFC1918 address That will work all fine and dandy, but what about if your default gateway is ISP B's T1. Outbound packets, returning to Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If Client A is behind a stateful firewall, return packets will be dropped, as it will have ISP B's SRC address, and it will be expecting ISP A's. There are a number of ways around this, but I will wait for more detauls before going on. Presumably you are not / will not be running BGP, and have your own AS? Terry Oldham wrote: Hello all, I am attempting to setup a Cisco 1721 Router with load balancing and NAT so that we can provide a dual T1 connection to the network. This is the first time I have done anything like this and I was wanting to know if anyone had any good pointers they could give me or any commands that I should beware of or add. Thanks, Terry O Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64906t=64904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Security News Groups [7:64907]
Hello all, I saw a post a little bit ago about security news groups. I'll ask again because I also have been looking for one. Any one know of a good security news group? If so please share. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64907t=64907 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Last topic for tonight - Soltie's Book [7:64882]
I bet I know which one is damaged. I would put money on the Caslow book. Mine fell apart at the binding in no time flat. Whoever bound the Caslow book did a very poor job. -Original Message- From: Juan Blanco [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 5:53 AM To: [EMAIL PROTECTED] Subject: RE: Last topic for tonight - Soltie's Book [7:64882] Church, I had being eating, drinking, sleeping.Solie, Caslow, Halabi, Parkhurst, Doyle and others books as well for the last two months, and I came to the conclusion that Solie and Caslow book has the same foundation or I will say using the same techniques, both books are great to the point that I may have to buy one of them again because I had used them too many times it is already damage... BTW Jeff Doyle Volume II looks like the continuation of Solie Book (very interesting)... Juan Blanco -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of The Long and Winding Road Sent: Monday, March 10, 2003 3:57 AM To: [EMAIL PROTECTED] Subject: Last topic for tonight - Soltie's Book [7:64882] I've waffled on this one before. But lately I've been spending more time with Soltie ( CCIE Practical Studies, Volume 1 ) Previously, I've said the jury is still out on this one. Now that I've given Mr. Soltie his due, I am finding this is a very good book, and well worth considering when choosing CCIE prep books. In fact, if I dare say so, I am finding that Mr. Soltie is much more effective than is Mr. Caslow. Anyone else finding the same? Good night, everyone. Chuck -- TANSTAAFL there ain't no such thing as a free lunch Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64908t=64882 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
New Catalyst 2955 Switch [7:64909]
I'm sure many of you have already read about this new switch, but these are quite different looking than the normal Cisco switches I'm used to working with. Plus, I even had a dream last night about these silly things, so they were on my mind this morning. Cisco designed these basically for the manufacturing sector or anywhere else that the atmosphere wreaks havoc on networking equipment. I remember some of the switch rooms at GM that I've been into and I was surprised that the fans didn't stop turning because they were so clogged with dust! These new switches don't use fans. Instead, they are internally cooled and are able to operate at extreme temperatures and withstand extreme vibration and shock. Here's some links for those who are interested: http://newsroom.cisco.com/dlls/ts_030303.html http://newsroom.cisco.com/dlls/CiscoCatalyst2955-22.jpg Shawn G. Kaminski EDS - GTO Capability Center Dow Chemical Test Facilities - Network Support Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64909t=64909 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load Balancing and NAT [7:64904]
The T1's are from different providers, Qwest and Sprint. And no we will not be running BGP... Troy Leliard wrote in message news:[EMAIL PROTECTED] First big question, are your T1's from the same provider, or from a different provider, and thus different public ip address space? If it is from a different provider, you may well run into some problems with NAT. Say for example, client A connects to your webserver (via ISP A's public IP address that is assigned to you, say x.x.x.x) which is then Nat'd to your internal RFC1918 address That will work all fine and dandy, but what about if your default gateway is ISP B's T1. Outbound packets, returning to Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If Client A is behind a stateful firewall, return packets will be dropped, as it will have ISP B's SRC address, and it will be expecting ISP A's. There are a number of ways around this, but I will wait for more detauls before going on. Presumably you are not / will not be running BGP, and have your own AS? Terry Oldham wrote: Hello all, I am attempting to setup a Cisco 1721 Router with load balancing and NAT so that we can provide a dual T1 connection to the network. This is the first time I have done anything like this and I was wanting to know if anyone had any good pointers they could give me or any commands that I should beware of or add. Thanks, Terry O Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64910t=64904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network Design - What Priscilla did NOT cover in h [7:64842]
Should have proposed a carrier pidgeon based message system for the wan and soup cans connected with string for the in house phones. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64911t=64842 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load Balancing and NAT [7:64904]
could u give us more info pls, as far as the IP's that you will be using. wasn't it u that wanted to assign 2 ip's for each server you have? if that is so,u can do the following: creat 2 VLAN's on ur switch. creat 2 subinterfaces on the router(must have fast ether) for the vlans. PBR every thing from ISP A to VLAN A, both ways. PBR every thing from ISP B to VLAN B, both ways. make sure the servers don't symetrically route the packets. with the above, u will have control over traffic that crosses ur router, but then which IP will the clients use, depends on the DNS config, wether it will load balance on DNS queries is also another issue, so more or less u will have no control over traffic coming to ur network. if you had ur own net block, it would be easy to load balance, u'd have to call ur ISP's they will give u a community that u will joing from which they will load balance, but you will need BGP, of courrse. but please give more information to further think it out. Terry Oldham a icrit dans le message de news: [EMAIL PROTECTED] The T1's are from different providers, Qwest and Sprint. And no we will not be running BGP... Troy Leliard wrote in message news:[EMAIL PROTECTED] First big question, are your T1's from the same provider, or from a different provider, and thus different public ip address space? If it is from a different provider, you may well run into some problems with NAT. Say for example, client A connects to your webserver (via ISP A's public IP address that is assigned to you, say x.x.x.x) which is then Nat'd to your internal RFC1918 address That will work all fine and dandy, but what about if your default gateway is ISP B's T1. Outbound packets, returning to Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If Client A is behind a stateful firewall, return packets will be dropped, as it will have ISP B's SRC address, and it will be expecting ISP A's. There are a number of ways around this, but I will wait for more detauls before going on. Presumably you are not / will not be running BGP, and have your own AS? Terry Oldham wrote: Hello all, I am attempting to setup a Cisco 1721 Router with load balancing and NAT so that we can provide a dual T1 connection to the network. This is the first time I have done anything like this and I was wanting to know if anyone had any good pointers they could give me or any commands that I should beware of or add. Thanks, Terry O Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64912t=64904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
??? 2 Default Gateways ??? [7:64913]
Hello all I was just wondering if you could have 2 Default gateways, using static routes? If so what would you do just enter the ip default route command twice? Also will the router auto detect if one of those routes goes down and pass traffic only to the active interface. I know you can do load balancing with routing protocols, but it seems to me that if you were on a stub, why would you want to run a routing protocol? I'm interested in this because of a post a while back. Any info would be helpful. Thanks, Steven Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64913t=64913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load Balancing and NAT [7:64904]
Hi Terry, I think I have already responded to a similar, if not the same question. You wont be able to use NAT, as you can have a many-to-one NAT statement on your router. IE Qwest IP and Sprint IP, both NAT to the same server. The only way I can see you getting this working is if you get a /30 or use ip unumbered between yourself and the providers, and then have both public IP ranges on your insider ethernet segment. (Thus your server will have two public IP addresses configured on them). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64914t=64904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? 2 Default Gateways ??? [7:64913]
Hello all I was just wondering if you could have 2 Default gateways, using static routes? If so what would you do just enter the ip default route command twice? Also will the router auto detect if one of those routes goes down and pass traffic only to the active interface. I know you can do load balancing with routing protocols, but it seems to me that if you were on a stub, why would you want to run a routing protocol? I'm interested in this because of a post a while back. Any info would be helpful. Thanks, Steven You're probably thinking of a default route, not a default gateway, per say. The 'ip default-gateway' command on a router is used only when a router is not routing IP, which is probably not the situation you're considering. To statically enter a default route you simply add a static route like this: ip route 0.0.0.0 0.0.0.0 next_hop_address If you have more than one possible default route you can add more than on static route and the router will load balance. If you want to prefer one over the other you can change the administrative distance. ip route 0.0.0.0 0.0.0.0 primary_default_ip ip route 0.0.0.0 0.0.0.0 secondary_default_ip 50 In this example, the primary and secondary default routes have ADs of 1 and 50, respectively. The route with the lowest AD will be prefered as long as it is valid. Should the next hop address not be available the router will begin using the secondary route. Does that answer your question? Regards, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64915t=64913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load Balancing and NAT [7:64904]
More Info: FastEthernet Int0 172.16.100.2/24 Serial0144.228.52.114 255.255.255.252 Sprint IP Block 65.160.124.193 -65.160.124.222 Serial1 65.123.132.166 255.255.255.252 Qwest IP Block 65.120.161.161 - 65.120.161.190 Honestly I have bitten off a little more than I can chew on this one, however I really need to make it work so all and any advice will be taken. I have been talking with Cisco a little and here is the example they sent me: Current configuration : 1941 bytes version 12.2 service timestamps debug uptime service timestamps log datetime msec localtime show-timezone service password-encryption hostname Inet_Router logging buffered 4096 debugging enable secret 5 $1$L3f5$owQH/giYdx/Gui/nASA9F1 enable password 7 13041200045D51 ip subnet-zero ip cef ip name-server 198.6.1.122 interface FastEthernet0/0 ip address 10.30.25.201 255.255.255.0 ip nat inside speed 100 full-duplex interface Serial0/0 description Verio ip address 165.254.203.110 255.255.255.252 ip nat outside interface Serial0/1 description CableWireless ip address 166.63.156.102 255.255.255.252 ip nat outsid ip nat pool Verio 209.139.11.98 209.139.11.98 netmask 255.255.255.224 ip nat pool Cable 208.168.204.2 208.168.204.2 netmask 255.255.255.0 ip nat inside source route-map Cable1 pool Cable overload ip nat inside source route-map Verio1 pool Verio overload ip nat inside source static 10.30.25.27 209.139.11.122 ip nat inside source static 10.30.25.25 209.139.11.120 ip nat inside source static 10.30.25.63 209.139.11.111 ip nat inside source static 10.30.25.62 209.139.11.110 ip nat inside source static 10.30.25.33 208.168.204.6 ip nat inside source static 10.30.25.32 208.168.204.5 ip nat inside source static 10.30.25.31 209.139.11.101 ip nat inside source static 10.30.25.30 209.139.11.100 ip nat inside source static 10.30.25.137 209.139.11.105 ip classless ip route 0.0.0.0 0.0.0.0 165.254.203.109 ip route 0.0.0.0 0.0.0.0 166.63.156.101 ip route 10.0.0.0 255.0.0.0 FastEthernet0/0 ip http server ip pim bidir-enable access-list 10 permit 10.30.25.0 0.0.0.255 route-map Verio1 permit 10 match ip address 10 match interface Serial0/0 route-map Cable1 permit 10 match ip address 10 match interface Serial0/1 line con 0 login line aux 0 line vty 0 3 login line vty 4 login no scheduler allocate end Amar KHELIFI wrote in message news:[EMAIL PROTECTED] could u give us more info pls, as far as the IP's that you will be using. wasn't it u that wanted to assign 2 ip's for each server you have? if that is so,u can do the following: creat 2 VLAN's on ur switch. creat 2 subinterfaces on the router(must have fast ether) for the vlans. PBR every thing from ISP A to VLAN A, both ways. PBR every thing from ISP B to VLAN B, both ways. make sure the servers don't symetrically route the packets. with the above, u will have control over traffic that crosses ur router, but then which IP will the clients use, depends on the DNS config, wether it will load balance on DNS queries is also another issue, so more or less u will have no control over traffic coming to ur network. if you had ur own net block, it would be easy to load balance, u'd have to call ur ISP's they will give u a community that u will joing from which they will load balance, but you will need BGP, of courrse. but please give more information to further think it out. Terry Oldham a icrit dans le message de news: [EMAIL PROTECTED] The T1's are from different providers, Qwest and Sprint. And no we will not be running BGP... Troy Leliard wrote in message news:[EMAIL PROTECTED] First big question, are your T1's from the same provider, or from a different provider, and thus different public ip address space? If it is from a different provider, you may well run into some problems with NAT. Say for example, client A connects to your webserver (via ISP A's public IP address that is assigned to you, say x.x.x.x) which is then Nat'd to your internal RFC1918 address That will work all fine and dandy, but what about if your default gateway is ISP B's T1. Outbound packets, returning to Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If Client A is behind a stateful firewall, return packets will be dropped, as it will have ISP B's SRC address, and it will be expecting ISP A's. There are a number of ways around this, but I will wait for more detauls before going on. Presumably you are not / will not be running BGP, and have your own AS? Terry Oldham wrote: Hello all, I am attempting to setup a Cisco 1721 Router with load balancing and NAT so that we can provide a dual T1 connection to the network. This is the first time I have done anything like this and I was wanting to know if anyone had any good pointers they could give me or any
Re: ??? 2 Default Gateways ??? [7:64913]
yes u can configure 2 default static routes, but it will not load balance, but it will provide redundancy. Steven Aiello a icrit dans le message de news: [EMAIL PROTECTED] Hello all I was just wondering if you could have 2 Default gateways, using static routes? If so what would you do just enter the ip default route command twice? Also will the router auto detect if one of those routes goes down and pass traffic only to the active interface. I know you can do load balancing with routing protocols, but it seems to me that if you were on a stub, why would you want to run a routing protocol? I'm interested in this because of a post a while back. Any info would be helpful. Thanks, Steven Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64918t=64913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? 2 Default Gateways ??? [7:64913]
I don't think you can configure 2 default gateways. I think you can configure two gateways of last resort using floating static routes: ip route 0.0.0.0 0.0.0.0 [destination address] [cost] i.e. ip route 0.0.0.0 0.0.0.0 10.1.1.1 90 ip route 0.0.0.0 0.0.0.0 10.1.2.1 80 It will always use the first one, unless the route is not there. Dave Steven Aiello wrote in message news:[EMAIL PROTECTED] Hello all I was just wondering if you could have 2 Default gateways, using static routes? If so what would you do just enter the ip default route command twice? Also will the router auto detect if one of those routes goes down and pass traffic only to the active interface. I know you can do load balancing with routing protocols, but it seems to me that if you were on a stub, why would you want to run a routing protocol? I'm interested in this because of a post a while back. Any info would be helpful. Thanks, Steven Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64917t=64913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? 2 Default Gateways ??? [7:64913]
This isn't necessarily true. It depends on your configuration and the source of the default routes. Take a look at the note at the bottom of the following page for details: http://www.cisco.com/warp/public/105/default.html Regards, John Amar KHELIFI 3/10/03 9:52:27 AM yes u can configure 2 default static routes, but it will not load balance, but it will provide redundancy. Steven Aiello a icrit dans le message de news: [EMAIL PROTECTED] Hello all I was just wondering if you could have 2 Default gateways, using static routes? If so what would you do just enter the ip default route command twice? Also will the router auto detect if one of those routes goes down and pass traffic only to the active interface. I know you can do load balancing with routing protocols, but it seems to me that if you were on a stub, why would you want to run a routing protocol? I'm interested in this because of a post a while back. Any info would be helpful. Thanks, Steven Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64919t=64913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Security News Groups [7:64907]
Check out www.infosyssec.com Steve, you'll find links to several there. Will Gragido CISSP CCNP CIPTSS CCDA MCP 9450 W. Bryn Mawr Ave. Suite 325 Rosemont, Il 60018 www.ins.com [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steven Aiello Sent: Monday, March 10, 2003 9:56 AM To: [EMAIL PROTECTED] Subject: Security News Groups [7:64907] Hello all, I saw a post a little bit ago about security news groups. I'll ask again because I also have been looking for one. Any one know of a good security news group? If so please share. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64920t=64907 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Basic Frame Relay question [7:64923]
I am looking at frame relay. As I understand it, the frame relay connection goes from the CPE to the service provider CO. My question is, does the destination device on the other side of the CO also need to run frame relay? Could they perhaps run ATM? My CPE CODest. CPE | Frame Relay|ATM | Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64923t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Unexpected behavior of IGRP and EIGRP [7:64625]
i can't figure out why u r using IGRP in R3, since obviously he would know about the routes. Regards, Amar. I was testing auto-summary with different protocols and I ended up in this configuration, before remove one of the protocols. actually it is Eigrp that has a better AD than Igrp, 90 and 100, respectively, the route u see in ur table has 170 as the AD, therefore External EIGRP,caused by the implicit redistribution, imposed when using these routing protocols with the same AS. If I got that right, even if the value used in the routing table (170) is higher than the route from IGRP (100), the process will consider the route better because it is from EIGRP (90). It makes me wonder how the value 170 is applyed to the route (I know it is not sent by R2, or is it, indirectly?). Amar KHELIFI @groupstudy.com em 07/03/2003 21:38:07 Favor responder a Amar KHELIFI Enviado Por: [EMAIL PROTECTED] Para: [EMAIL PROTECTED] cc: Assunto:Re: Unexpected behavior of IGRP and EIGRP [7:64625] Hi, actually it is Eigrp that has a better AD than Igrp, 90 and 100, respectively, the route u see in ur table has 170 as the AD, therefore External EIGRP,caused by the implicit redistribution, imposed when using these routing protocols with the same AS. so u are having normal behavior of the protocols. but i can't figure out why u r using IGRP in R3, since obviously he would know about the routes. Regards, Amar. a icrit dans le message de news: [EMAIL PROTECTED] R1 R2 R3 router R1 is running igrp process 1 router R2 is running igrp process 1 and eigrp process 2 router R3 is running igrp process 1 and eigrp process 2 R1 is running IGRP on network 10.0.0.0. I would expect R1 advertise router 10.0.0.0 to R2 via igrp and R2 advertise 10.0.0.0 via igrp to R3 But this is the result of R3 routing table: R3#sh ip route D192.168.12.0/24 [90/2681856] via 192.168.23.1, 00:04:45, Serial0.32 3.0.0.0/24 is subnetted, 1 subnets C 3.3.3.0 is directly connected, Loopback0 D EX 10.0.0.0/8 [170/2809856] via 192.168.23.1, 00:04:46, Serial0.32 C192.168.23.0/24 is directly connected, Serial0.32 Debug igrp transactions shows R3 receiving news about 10.0.0.0 network, but the route is not installed on the routing table via IGRP; as IGRP has a better administrative cost than redistributed routes via EIGRP, I would expect the IGRP route to be the routing table. R3#debu ip igrp transactions IGRP protocol debugging is on IP routing: IGRP protocol debugging is on 00:24:24: IGRP: sending update to 255.255.255.255 via Serial0.32 (192.168.23.2) - suppressing null update 00:24:56: IGRP: received update from 192.168.23.1 on Serial0.32 00:24:56: network 192.168.12.0, metric 10476 (neighbor 8476) 00:24:56: network 10.0.0.0, metric 10976 (neighbor 8976) R1 interface Loopback1 ip address 10.10.10.10 255.255.255.0 ! interface Serial0.12 point-to-point ip address 192.168.12.1 255.255.255.0 frame-relay interface-dlci 112 ! router igrp 1 network 10.0.0.0 network 192.168.12.0 R2 interface Loopback0 ip address 2.2.2.2 255.255.255.0 ! interface Serial0.21 point-to-point ip address 192.168.12.2 255.255.255.0 no ip directed-broadcast frame-relay interface-dlci 121 ! interface Serial0.23 point-to-point ip address 192.168.23.1 255.255.255.0 no ip directed-broadcast frame-relay interface-dlci 123 ! router eigrp 1 network 192.168.23.0 ! router igrp 1 network 192.168.12.0 network 192.168.23.0 R3 interface Serial0.32 point-to-point ip address 192.168.23.2 255.255.255.0 frame-relay interface-dlci 132 ! router eigrp 1 network 192.168.23.0 no eigrp log-neighbor-changes ! router igrp 1 network 192.168.23.0 Any Thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64925t=64625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? 2 Default Gateways ??? [7:64913]
yes indeed as per the doc, it will load balance. i'll try it out. John Neiberger a icrit dans le message de news: [EMAIL PROTECTED] This isn't necessarily true. It depends on your configuration and the source of the default routes. Take a look at the note at the bottom of the following page for details: http://www.cisco.com/warp/public/105/default.html Regards, John Amar KHELIFI 3/10/03 9:52:27 AM yes u can configure 2 default static routes, but it will not load balance, but it will provide redundancy. Steven Aiello a icrit dans le message de news: [EMAIL PROTECTED] Hello all I was just wondering if you could have 2 Default gateways, using static routes? If so what would you do just enter the ip default route command twice? Also will the router auto detect if one of those routes goes down and pass traffic only to the active interface. I know you can do load balancing with routing protocols, but it seems to me that if you were on a stub, why would you want to run a routing protocol? I'm interested in this because of a post a while back. Any info would be helpful. Thanks, Steven Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64924t=64913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Load Balancing and NAT [7:64904]
I have a question about this setup, but it's more deisgn-oriented than configuration. What's the benefit of having redundant ISPs if they both connect to one router? I realize that a WAN circuit is more likely to have problems than the router hardware is, but it seems like both the configuration problem and the single point of failure can be addressed by adding a second router. From there, I see two options. #1, break up the LAN into two DHCP scopes (if DHCP is used) and assign the IP's of both routers as the default gateway, but alternate them. Scope 1 would have R1's IP as the primary default gateway, and R2's as the secondary, and vice versa for scope 2. #2, Use a layer 3 switch at the core of the LAN, and configure routed ports. Give the switch two default routes with the same AD, and it will load balance between the two routers. Does either of these sound feasible? Hal -Original Message- From: Terry Oldham [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 11:07 AM To: [EMAIL PROTECTED] Subject: Re: Load Balancing and NAT [7:64904] The T1's are from different providers, Qwest and Sprint. And no we will not be running BGP... Troy Leliard wrote in message news:[EMAIL PROTECTED] First big question, are your T1's from the same provider, or from a different provider, and thus different public ip address space? If it is from a different provider, you may well run into some problems with NAT. Say for example, client A connects to your webserver (via ISP A's public IP address that is assigned to you, say x.x.x.x) which is then Nat'd to your internal RFC1918 address That will work all fine and dandy, but what about if your default gateway is ISP B's T1. Outbound packets, returning to Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If Client A is behind a stateful firewall, return packets will be dropped, as it will have ISP B's SRC address, and it will be expecting ISP A's. There are a number of ways around this, but I will wait for more detauls before going on. Presumably you are not / will not be running BGP, and have your own AS? Terry Oldham wrote: Hello all, I am attempting to setup a Cisco 1721 Router with load balancing and NAT so that we can provide a dual T1 connection to the network. This is the first time I have done anything like this and I was wanting to know if anyone had any good pointers they could give me or any commands that I should beware of or add. Thanks, Terry O Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64930t=64904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
10 half or 100 full [7:64931]
To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. thanks Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64931t=64931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Load Balancing and NAT [7:64904]
that will work. every thing going out will overloaded. and an inverse NAT is done for the packets coming in. u will have controll over the traffic getting out, that is on a round robin fashion, one packet out se0 the next out se1. the traffic coming in the links will depend on the IP's u use on the NAT statements(the static ones)thereby giving some sort of control, if you see a link being over utilized, u could use more IP's from the other POOL giving by the seconf ISP, to balance it some what. Terry Oldham a icrit dans le message de news: [EMAIL PROTECTED] More Info: FastEthernet Int0 172.16.100.2/24 Serial0144.228.52.114 255.255.255.252 Sprint IP Block 65.160.124.193 -65.160.124.222 Serial1 65.123.132.166 255.255.255.252 Qwest IP Block 65.120.161.161 - 65.120.161.190 Honestly I have bitten off a little more than I can chew on this one, however I really need to make it work so all and any advice will be taken. I have been talking with Cisco a little and here is the example they sent me: Current configuration : 1941 bytes version 12.2 service timestamps debug uptime service timestamps log datetime msec localtime show-timezone service password-encryption hostname Inet_Router logging buffered 4096 debugging enable secret 5 $1$L3f5$owQH/giYdx/Gui/nASA9F1 enable password 7 13041200045D51 ip subnet-zero ip cef ip name-server 198.6.1.122 interface FastEthernet0/0 ip address 10.30.25.201 255.255.255.0 ip nat inside speed 100 full-duplex interface Serial0/0 description Verio ip address 165.254.203.110 255.255.255.252 ip nat outside interface Serial0/1 description CableWireless ip address 166.63.156.102 255.255.255.252 ip nat outsid ip nat pool Verio 209.139.11.98 209.139.11.98 netmask 255.255.255.224 ip nat pool Cable 208.168.204.2 208.168.204.2 netmask 255.255.255.0 ip nat inside source route-map Cable1 pool Cable overload ip nat inside source route-map Verio1 pool Verio overload ip nat inside source static 10.30.25.27 209.139.11.122 ip nat inside source static 10.30.25.25 209.139.11.120 ip nat inside source static 10.30.25.63 209.139.11.111 ip nat inside source static 10.30.25.62 209.139.11.110 ip nat inside source static 10.30.25.33 208.168.204.6 ip nat inside source static 10.30.25.32 208.168.204.5 ip nat inside source static 10.30.25.31 209.139.11.101 ip nat inside source static 10.30.25.30 209.139.11.100 ip nat inside source static 10.30.25.137 209.139.11.105 ip classless ip route 0.0.0.0 0.0.0.0 165.254.203.109 ip route 0.0.0.0 0.0.0.0 166.63.156.101 ip route 10.0.0.0 255.0.0.0 FastEthernet0/0 ip http server ip pim bidir-enable access-list 10 permit 10.30.25.0 0.0.0.255 route-map Verio1 permit 10 match ip address 10 match interface Serial0/0 route-map Cable1 permit 10 match ip address 10 match interface Serial0/1 line con 0 login line aux 0 line vty 0 3 login line vty 4 login no scheduler allocate end Amar KHELIFI wrote in message news:[EMAIL PROTECTED] could u give us more info pls, as far as the IP's that you will be using. wasn't it u that wanted to assign 2 ip's for each server you have? if that is so,u can do the following: creat 2 VLAN's on ur switch. creat 2 subinterfaces on the router(must have fast ether) for the vlans. PBR every thing from ISP A to VLAN A, both ways. PBR every thing from ISP B to VLAN B, both ways. make sure the servers don't symetrically route the packets. with the above, u will have control over traffic that crosses ur router, but then which IP will the clients use, depends on the DNS config, wether it will load balance on DNS queries is also another issue, so more or less u will have no control over traffic coming to ur network. if you had ur own net block, it would be easy to load balance, u'd have to call ur ISP's they will give u a community that u will joing from which they will load balance, but you will need BGP, of courrse. but please give more information to further think it out. Terry Oldham a icrit dans le message de news: [EMAIL PROTECTED] The T1's are from different providers, Qwest and Sprint. And no we will not be running BGP... Troy Leliard wrote in message news:[EMAIL PROTECTED] First big question, are your T1's from the same provider, or from a different provider, and thus different public ip address space? If it is from a different provider, you may well run into some problems with NAT. Say for example, client A connects to your webserver (via ISP A's public IP address that is assigned to you, say x.x.x.x) which is then Nat'd to your internal RFC1918 address That will work all fine and dandy, but what about if your default gateway is ISP B's T1. Outbound packets, returning to Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If
Re: Basic Frame Relay question [7:64923]
yes there is an FRF8 and FRF5 standards that define that, as so: frf8 fr-CO-atm frf5 fr---ATM cloud--fr DeVoe, Charles (PKI) a icrit dans le message de news: [EMAIL PROTECTED] I am looking at frame relay. As I understand it, the frame relay connection goes from the CPE to the service provider CO. My question is, does the destination device on the other side of the CO also need to run frame relay? Could they perhaps run ATM? My CPE CODest. CPE | Frame Relay|ATM | Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64933t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? Etherchannel ??? [7:64900]
Hi Steve, that can help you: http://www.cisco.com/en/US/tech/tk389/tk213/technologies_configuration_example09186a0080094958.shtml cheers, Orest Steven Aiello schrieb: Ok please don't be annoyed I have another vocab question. I know what Ethernet is and I'm fairly sure fiberchannel is basically some sort of fiber line. What is Ether channel? And where is it commonly used. Any one have a good link? Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64934t=64900 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 10 half or 100 full [7:64931]
Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. I doubt that ipx broadcast-fastswitching will help you unless you are using an ipx helper-address. With ipx helper-address (just like ip helper-address) you can tell a router to forward a broadcast, which it normally doesn't do. This would be useful for some rare IPX application that sent broadcasts that needed to reach the other side of the router. In typical IPX networks, there's no such need. When there is a need, you can speed it up with the ipx broadcast-fastswitching command. You titled your message 10 half or 100 full. I think this was a Freudian slip. I bet your problem is related to a full-duplex mismatch. Perhaps the NICs in the NT servers negotiated correctly but the NICs in the Novell servers did not and you have a mismatch. With a mismatch, the full duplex side will send whenever it wants. The half duplex will get upset if it sees the other side sending while it is also sending and will backoff and retransmist, leaving behind a CRC-errored runt. That side will reports a collision. The other side will report runts and CRC errors. So, look for lots of Ethernet errors when you do a show int or show port. Also feel free to send us the output of various show commands and your router config. There are some IPX gurus on this list. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com thanks Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64935t=64931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Basic Frame Relay question [7:64923]
DeVoe, Charles (PKI) wrote: I am looking at frame relay. As I understand it, the frame relay connection goes from the CPE to the service provider CO. My question is, does the destination device on the other side of the CO also need to run frame relay? Could they perhaps run ATM? My CPE CODest. CPE | Frame Relay|ATM | Good question. Yes, the Frame Relay Forum defines a method for doing this. It's called Frame Relay ATM Interworking. (Yes, the word is really interworking.) I think it's somewhat common. It's been around for a while ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64936t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Configuring 2621 router with G.U.I. [7:64937]
Hi, Can anyone tell me where I may find specific information reguarding cofiguring a 2600 series router with the GUI interface..(through my internet browser). I would like to know what specific softare may be required to do this or what settings I may need. I do have access to it throush CLI mode. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64937t=64937 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Basic Frame Relay question [7:64923]
the standards official names are actually FRF8 and FRF5. Priscilla Oppenheimer a icrit dans le message de news: [EMAIL PROTECTED] DeVoe, Charles (PKI) wrote: I am looking at frame relay. As I understand it, the frame relay connection goes from the CPE to the service provider CO. My question is, does the destination device on the other side of the CO also need to run frame relay? Could they perhaps run ATM? My CPE CODest. CPE | Frame Relay|ATM | Good question. Yes, the Frame Relay Forum defines a method for doing this. It's called Frame Relay ATM Interworking. (Yes, the word is really interworking.) I think it's somewhat common. It's been around for a while ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64938t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EtherChannel - WOW Thats great [7:64940]
That's for all the info on Ether channel. What a wonderful idea. Is Ether channel hard to set up? I don't have the 100 Mb routers to try this at home or even 2 100Mbs switches. Does any one have a sample config file form a router or switch that uses it? Thanks again all you are all great ( especially those who answer my questions! ) Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64940t=64940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: General comments on Cisco Teaching [7:64833]
Cisco Nuts wrote: Howard, Why in the world would Cisco start at 92001 for the CCSI? Any particular reason for such a high number? I think CCSI uses hierarchical addressing unlike the flat addressing used for CCIE. :-) Also, to answer someone else's question, I think you get to keep your number (and use it?) indefinitely. I'm 96110, the 110th one in 1996. Must have been a good year. But as Howard has said, you can't really use the number and be an active CCSI unless you are currently employed at a Cisco Certified Learning Partner (or employed at Cisco itself.) My guess is that if you were inactive for a while and then went to a new learning partner, you would have to go through a barrage of tests again, but probably keep your number. But I don't know for sure Maybe if the economy ever picks up again there will be a lot of people trying to get an answer to that question. Not looking good for now, though. By the way, did y'all see this excellent article about teaching in TCP Magazine. It's called So You Wanna Teach. The comments on the article are worth reading too. http://www.tcpmag.com/linkstate/article.asp?EditorialsID=135 ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Now we all know for a fact why the CCIE # start at 1025? So From: Howard C. Berkowitz Reply-To: Howard C. Berkowitz To: [EMAIL PROTECTED] Subject: RE: General comments on Cisco Teaching [7:64833] Date: Sun, 9 Mar 2003 01:04:28 GMT Howard CSSI 93005 Howard, If you were a Cisco Instructor years ago, is it safe to assume the CSSI number started at 93000?? Just curios. 92001, I believe. Not sure. On a serious note, are you allowed to still add the cert and number after your name if you become inactive? No one ever really came up with a good set of rules. Recertification was never as well defined as it was with CCIE and the like. I have no problem in saying inactive -- the irony being that I'm currently on a subcontract developing internal courseware for Cisco staff. Since a CSSI is not all that meaningful except in the context of a training partner, the active-versus-inactive distinction isn't that significant -- if you are doing approved Cisco training, it will be active with the partner; if you aren't, it won't. It's not as if you can go into business as a Cisco instructor just by having a CSSI. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64854t=64833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Add photos to your messages with MSN 8. Get 2 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64939t=64833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 10 half or 100 full [7:64931]
I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the behavior of the NIC with any other setting is up to the vendor and not everyone handles it the same way. Cisco appears to have changed the way they handle it, which is the cause of a lot of our problems. If you hard-set the speed and duplex there are two ways to handle this: 1. Use the configured settings and still participate in autonegotiation only offering the configured settings. 2. Use the configured settings and do not participate in autonegotiation Cisco's new switches seem to use option #2, while a great number of our end devices use option #1. Why is this a problem? Here's what happens when you connection an option #1 device to an option #2 device: #1 participates in autonegotiation, only offer the configured settings. #2 does not participate in autonegotiation at all and will forcefully use the configured settings. #1, seeing that there's nothing on the other side using auto assumes it is connected to a HUB, and just might set itself to 10/Half regardless of the manually configured settings! As you can guess, this is bad mojo. The moral of the story is that you should try to start using AUTO on BOTH sides if you're using newer Cisco switches, in particular the 2950 series. In some cases this won't work and you'll have to resort to manual settings. HTH, John Priscilla Oppenheimer 3/10/03 10:58:56 AM Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. I doubt that ipx broadcast-fastswitching will help you unless you are using an ipx helper-address. With ipx helper-address (just like ip helper-address) you can tell a router to forward a broadcast, which it normally doesn't do. This would be useful for some rare IPX application that sent broadcasts that needed to reach the other side of the router. In typical IPX networks, there's no such need. When there is a need, you can speed it up with the ipx broadcast-fastswitching command. You titled your message 10 half or 100 full. I think this was a Freudian slip. I bet your problem is related to a full-duplex mismatch. Perhaps the NICs in the NT servers negotiated correctly but the NICs in the Novell servers did not and you have a mismatch. With a mismatch, the full duplex side will send whenever it wants. The half duplex will get upset if it sees the other side sending while it is also sending and will backoff and retransmist, leaving behind a CRC-errored runt. That side will reports a collision. The other side will report runts and CRC errors. So, look for lots of Ethernet errors when you do a show int or show port. Also feel free to send us the output of various show commands and your router config. There are some IPX gurus on this list. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com thanks Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64941t=64931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring 2621 router with G.U.I. [7:64937]
well it's not a web interface, but configmaker will configure it all, from voice to ipsec etc Alan poettker a icrit dans le message de news: [EMAIL PROTECTED] Hi, Can anyone tell me where I may find specific information reguarding cofiguring a 2600 series router with the GUI interface..(through my internet browser). I would like to know what specific softare may be required to do this or what settings I may need. I do have access to it throush CLI mode. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64942t=64937 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EtherChannel - WOW Thats great [7:64940]
le09186a0080094689.shtml Steven Aiello a icrit dans le message de news: [EMAIL PROTECTED] That's for all the info on Ether channel. What a wonderful idea. Is Ether channel hard to set up? I don't have the 100 Mb routers to try this at home or even 2 100Mbs switches. Does any one have a sample config file form a router or switch that uses it? Thanks again all you are all great ( especially those who answer my questions! ) Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64943t=64940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Basic Frame Relay question [7:64923]
Frame Relay connections CAN be fed into an ATM circuit at your provider's end. The translation is done via the telco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64944t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EtherChannel - WOW Thats great [7:64940]
here us are, this doc has the cat ios version of the commands. engoy :) http://www.cisco.com/en/US/tech/tk389/tk213/technologies_configuration_examp le09186a0080094689.shtml Amar KHELIFI a icrit dans le message de news: [EMAIL PROTECTED] le09186a0080094689.shtml Steven Aiello a icrit dans le message de news: [EMAIL PROTECTED] That's for all the info on Ether channel. What a wonderful idea. Is Ether channel hard to set up? I don't have the 100 Mb routers to try this at home or even 2 100Mbs switches. Does any one have a sample config file form a router or switch that uses it? Thanks again all you are all great ( especially those who answer my questions! ) Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64945t=64940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Basic Frame Relay question [7:64923]
indeed, much like what happens with frame relay into x25, which gets encapsulated directely but in the case of FR and ATM there is some mapping to be done, like the DE field mapped to the CLP, and translation etc...; John Hutchison a icrit dans le message de news: [EMAIL PROTECTED] Frame Relay connections CAN be fed into an ATM circuit at your provider's end. The translation is done via the telco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64946t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 10 half or 100 full [7:64931]
if I understand what you're saying, I think its always been like that, cisco hasn't changed it. you're refering to the fact that the IOS switch don't let you change the speed? I think thats strange also, the set based switch can allow you to change speed, but after the IOS upgrading of switches they don't allow you to change a 10/100 at the switch, but rather require you to configure the desktop to 10 or 100 speed manually. I suppose the idea is that everyone should be using autonegotiation according to cisco. scott John Neiberger wrote in message news:[EMAIL PROTECTED] I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the behavior of the NIC with any other setting is up to the vendor and not everyone handles it the same way. Cisco appears to have changed the way they handle it, which is the cause of a lot of our problems. If you hard-set the speed and duplex there are two ways to handle this: 1. Use the configured settings and still participate in autonegotiation only offering the configured settings. 2. Use the configured settings and do not participate in autonegotiation Cisco's new switches seem to use option #2, while a great number of our end devices use option #1. Why is this a problem? Here's what happens when you connection an option #1 device to an option #2 device: #1 participates in autonegotiation, only offer the configured settings. #2 does not participate in autonegotiation at all and will forcefully use the configured settings. #1, seeing that there's nothing on the other side using auto assumes it is connected to a HUB, and just might set itself to 10/Half regardless of the manually configured settings! As you can guess, this is bad mojo. The moral of the story is that you should try to start using AUTO on BOTH sides if you're using newer Cisco switches, in particular the 2950 series. In some cases this won't work and you'll have to resort to manual settings. HTH, John Priscilla Oppenheimer 3/10/03 10:58:56 AM Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. I doubt that ipx broadcast-fastswitching will help you unless you are using an ipx helper-address. With ipx helper-address (just like ip helper-address) you can tell a router to forward a broadcast, which it normally doesn't do. This would be useful for some rare IPX application that sent broadcasts that needed to reach the other side of the router. In typical IPX networks, there's no such need. When there is a need, you can speed it up with the ipx broadcast-fastswitching command. You titled your message 10 half or 100 full. I think this was a Freudian slip. I bet your problem is related to a full-duplex mismatch. Perhaps the NICs in the NT servers negotiated correctly but the NICs in the Novell servers did not and you have a mismatch. With a mismatch, the full duplex side will send whenever it wants. The half duplex will get upset if it sees the other side sending while it is also sending and will backoff and retransmist, leaving behind a CRC-errored runt. That side will reports a collision. The other side will report runts and CRC errors. So, look for lots of Ethernet errors when you do a show int or show port. Also feel free to send us the output of various show commands and your router config. There are some IPX gurus on this list. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com thanks Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64947t=64931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure
RE: DTP and VTP Domain [7:64892]
[EMAIL PROTECTED] wrote: Is VTP dependent of DTP or is DTP dependent of VTP?. From the following statement I think DTP can still form a trunk even if VTP domain is different on both switches. I doubt that DTP can form a trunk if the VTP domains are different, though Cisco's documentation is rather unclear about this: To autonegotiate trunking, the interfaces must be in the same VTP domain. Use the trunk or nonegotiate keywords to force interfaces in different domains to trunk. For more information on VTP domains, see Configuring VTP. Trunk negotiation is managed by the Dynamic Trunking Protocol (DTP). DTP supports autonegotiation of both ISL and 802.1Q trunks. The URL is: cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios127xe/config/layer2.htm I think it's saying that DTP won't trunk if the VTP domains differ, but if you don't negotiate with DTP, and instead use the trunk or nonegotiate keywords, you can get the switches to trunk even if they are in different domains. (I've never heard of that, but that's what they seem to be saying.) I haven't ever sniffed a DTP frame. I have sniffed DISL frames and they have the VTP domain name in them. I bet DTP does too? And if they disagreed, I think the trunking would fail. But I have read opposite statements. Unfortunatelly I can not test it now. Any thoughts? The VTP protocol communicates between switches using an Ethernet destination multicast MAC address (01-00-0c-cc-cc-cc) and SNAP HDLC protocol type Ox2003. Oh, isn't that awful they would call this HDLC. Ouch. The original HDLC protocol architecture didn't even have a method for defining the encapsulated protocol! That was added by many of the derivatives of HDLC, including PPP, Cisco HDLC, and Logical Link Control (LLC), used on LANs. Obviously this is a LAN, so they could have easily said LLC and/or SNAP instead of HDLC. VTP uses an LLC Source Service Access Point (SSAP) and Destination Service Access Point (DSAP) of 0xAA, meaning that the frame has an additional header, called a Subnetwork Access Protocol (SNAP) header. SNAP has a vendor code and two-byte protocol type. For VTP the protocol type is indeed 2003. DISL is 2004. I don't know for DTP? Anyone know? Could we guess 2005? A VTP frame is a difficult frame to sniff, but I have caught one in the wild. The ISL was stripped before the frame was given to my analyzer port. But here's what the rest of the VTP frame looks like: DLC: - DLC Header - DLC: DLC: Destination = Multicast 01000CCC DLC: Source = Station 00B06426795B DLC: 802.3 length = 284 DLC: LLC: - LLC Header - LLC: LLC: DSAP Address = AA, DSAP IG Bit = 00 (Individual Address) LLC: SSAP Address = AA, SSAP CR Bit = 00 (Command) LLC: Unnumbered frame: UI LLC: SNAP: - SNAP Header - SNAP: SNAP: Vendor ID = Cisco1 SNAP: Type = 2003 (VTP) SNAP: VTP: - Cisco Virtual Trunk Protocol (VTP) Packet - VTP: VTP: Version = 1 VTP: Message type = 0x02 (Subset-Advert) VTP: Sequence number = 1 VTP: Management Domain Name length= 3 VTP: Management Domain Name = Lab VTP: Number of Padding bytes = 29 VTP: Configuration revision number= 0x0002 VTP: VTP: VLAN Information Field # 1: VTP: VLAN information field length= 28 VTP: VLAN Status = 00 (Operational) VTP: VLAN type= 1 (Ethernet) VTP: Length of VLAN name = 7 VTP: ISL VLAN-id = 1 VTP: MTU size = 1500 VTP: 802.10 SAID field= 11 VTP: VLAN Name= default VTP: # padding bytes in VLAN Name = 1 VTP: Reserved 8 bytes VTP: VTP: VLAN Information Field # 2: VTP: VLAN information field length= 24 VTP: VLAN Status = 00 (Operational) VTP: VLAN type= 1 (Ethernet) VTP: Length of VLAN name = 11 VTP: ISL VLAN-id = 10 VTP: MTU size = 1500 VTP: 802.10 SAID field= 100010 VTP: VLAN Name= Engineering VTP: # padding bytes in VLAN Name = 1 VTP: VTP: VLAN Information Field # 3: VTP: VLAN information field length= 24 VTP: VLAN Status = 00 (Operational) VTP: VLAN type= 1 (Ethernet) VTP: Length of VLAN name = 10 VTP: ISL VLAN-id = 50 VTP: MTU size = 1500 VTP: 802.10 SAID field= 100050 VTP: VLAN Name= Accounting VTP: # padding bytes
Re: 10 half or 100 full [7:64931]
No, that's not at all what I was referring to. I'm speaking of the behavior of switch interfaces when they're set to AUTO. Nortel switches (at least the ones that we used) and some older Cisco switches like the 2924XL seemed to behave like Option #1 below, while the 2950 behaves like Option #2. If both the switch and the device are using Option #1 you'll be fine. If you then upgrade to a Catalyst 2950 that uses Option #2, you'll have all sorts of issues that need to be resolved. We've had a mixture of 2924XL and Bay 303/310 switches at our branchse for quite a while with no issues. When we started replacing the Bays with Catalyst 2950s we started having all sorts of problems, and it took quite a bit of research into FastEthernet NWAY/Autonegotiation to determine the problem. Just a forewarning. :-) Scott Roberts 3/10/03 12:12:48 PM if I understand what you're saying, I think its always been like that, cisco hasn't changed it. you're refering to the fact that the IOS switch don't let you change the speed? I think thats strange also, the set based switch can allow you to change speed, but after the IOS upgrading of switches they don't allow you to change a 10/100 at the switch, but rather require you to configure the desktop to 10 or 100 speed manually. I suppose the idea is that everyone should be using autonegotiation according to cisco. scott John Neiberger wrote in message news:[EMAIL PROTECTED] I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the behavior of the NIC with any other setting is up to the vendor and not everyone handles it the same way. Cisco appears to have changed the way they handle it, which is the cause of a lot of our problems. If you hard-set the speed and duplex there are two ways to handle this: 1. Use the configured settings and still participate in autonegotiation only offering the configured settings. 2. Use the configured settings and do not participate in autonegotiation Cisco's new switches seem to use option #2, while a great number of our end devices use option #1. Why is this a problem? Here's what happens when you connection an option #1 device to an option #2 device: #1 participates in autonegotiation, only offer the configured settings. #2 does not participate in autonegotiation at all and will forcefully use the configured settings. #1, seeing that there's nothing on the other side using auto assumes it is connected to a HUB, and just might set itself to 10/Half regardless of the manually configured settings! As you can guess, this is bad mojo. The moral of the story is that you should try to start using AUTO on BOTH sides if you're using newer Cisco switches, in particular the 2950 series. In some cases this won't work and you'll have to resort to manual settings. HTH, John Priscilla Oppenheimer 3/10/03 10:58:56 AM Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. I doubt that ipx broadcast-fastswitching will help you unless you are using an ipx helper-address. With ipx helper-address (just like ip helper-address) you can tell a router to forward a broadcast, which it normally doesn't do. This would be useful for some rare IPX application that sent broadcasts that needed to reach the other side of the router. In typical IPX networks, there's no such need. When there is a need, you can speed it up with the ipx broadcast-fastswitching command. You titled your message 10 half or 100 full. I think this was a Freudian slip. I bet your problem is related to a full-duplex mismatch. Perhaps the NICs in the NT servers negotiated correctly but the NICs in the Novell servers did not and you have a mismatch. With a mismatch, the full duplex side will send
Re: 10 half or 100 full [7:64931]
I see what you're saying now. what would be nice to see is what traffic there is on a protocol analyzer. I would think that #2 should be the situation and your #1 is not the proper negotiation. I've never tried to cpature auttonegotiation with an analyzer before, I wonder if you can even capture that stuff? scott John Neiberger wrote in message news:[EMAIL PROTECTED] No, that's not at all what I was referring to. I'm speaking of the behavior of switch interfaces when they're set to AUTO. Nortel switches (at least the ones that we used) and some older Cisco switches like the 2924XL seemed to behave like Option #1 below, while the 2950 behaves like Option #2. If both the switch and the device are using Option #1 you'll be fine. If you then upgrade to a Catalyst 2950 that uses Option #2, you'll have all sorts of issues that need to be resolved. We've had a mixture of 2924XL and Bay 303/310 switches at our branchse for quite a while with no issues. When we started replacing the Bays with Catalyst 2950s we started having all sorts of problems, and it took quite a bit of research into FastEthernet NWAY/Autonegotiation to determine the problem. Just a forewarning. :-) Scott Roberts 3/10/03 12:12:48 PM if I understand what you're saying, I think its always been like that, cisco hasn't changed it. you're refering to the fact that the IOS switch don't let you change the speed? I think thats strange also, the set based switch can allow you to change speed, but after the IOS upgrading of switches they don't allow you to change a 10/100 at the switch, but rather require you to configure the desktop to 10 or 100 speed manually. I suppose the idea is that everyone should be using autonegotiation according to cisco. scott John Neiberger wrote in message news:[EMAIL PROTECTED] I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the behavior of the NIC with any other setting is up to the vendor and not everyone handles it the same way. Cisco appears to have changed the way they handle it, which is the cause of a lot of our problems. If you hard-set the speed and duplex there are two ways to handle this: 1. Use the configured settings and still participate in autonegotiation only offering the configured settings. 2. Use the configured settings and do not participate in autonegotiation Cisco's new switches seem to use option #2, while a great number of our end devices use option #1. Why is this a problem? Here's what happens when you connection an option #1 device to an option #2 device: #1 participates in autonegotiation, only offer the configured settings. #2 does not participate in autonegotiation at all and will forcefully use the configured settings. #1, seeing that there's nothing on the other side using auto assumes it is connected to a HUB, and just might set itself to 10/Half regardless of the manually configured settings! As you can guess, this is bad mojo. The moral of the story is that you should try to start using AUTO on BOTH sides if you're using newer Cisco switches, in particular the 2950 series. In some cases this won't work and you'll have to resort to manual settings. HTH, John Priscilla Oppenheimer 3/10/03 10:58:56 AM Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. I doubt that ipx broadcast-fastswitching will help you unless you are using an ipx helper-address. With ipx helper-address (just like ip helper-address) you can tell a router to forward a broadcast, which it normally doesn't do. This would be useful for some rare IPX application that sent broadcasts that needed to reach the other
Re: 10 half or 100 full [7:64931]
Scott Roberts wrote: if I understand what you're saying, I think its always been like that, cisco hasn't changed it. What he's saying is that if you manually configure the duplex mode, the IEEE standards don't say if the port should participate in autonegotiation or not. Since there's no standard, Cisco and other devices have unpredictable behavior that changes with models, software versions, the whim of the programmer, etc. If a device doesn't participate in autonegotiation, the other end may assume it's too old to do so, and must be an old 10/half device. you're refering to the fact that the IOS switch don't let you change the speed? He didn't mention that, but it's an interesting comment. Is it true? What happened to the speed {auto|10|100) command. That used to be available on IOS switches?? I think thats strange also, the set based switch can allow you to change speed, but after the IOS upgrading of switches they don't allow you to change a 10/100 at the switch, but rather require you to configure the desktop to 10 or 100 speed manually. I suppose the idea is that everyone should be using autonegotiation according to cisco. Many experts are starting to say use autonegotiation. It will avoid lots of problems these days. But it is a lot like the plug and PRAY days of old. :-) ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com scott John Neiberger wrote in message news:[EMAIL PROTECTED] I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the behavior of the NIC with any other setting is up to the vendor and not everyone handles it the same way. Cisco appears to have changed the way they handle it, which is the cause of a lot of our problems. If you hard-set the speed and duplex there are two ways to handle this: 1. Use the configured settings and still participate in autonegotiation only offering the configured settings. 2. Use the configured settings and do not participate in autonegotiation Cisco's new switches seem to use option #2, while a great number of our end devices use option #1. Why is this a problem? Here's what happens when you connection an option #1 device to an option #2 device: #1 participates in autonegotiation, only offer the configured settings. #2 does not participate in autonegotiation at all and will forcefully use the configured settings. #1, seeing that there's nothing on the other side using auto assumes it is connected to a HUB, and just might set itself to 10/Half regardless of the manually configured settings! As you can guess, this is bad mojo. The moral of the story is that you should try to start using AUTO on BOTH sides if you're using newer Cisco switches, in particular the 2950 series. In some cases this won't work and you'll have to resort to manual settings. HTH, John Priscilla Oppenheimer 3/10/03 10:58:56 AM Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. I doubt that ipx broadcast-fastswitching will help you unless you are using an ipx helper-address. With ipx helper-address (just like ip helper-address) you can tell a router to forward a broadcast, which it normally doesn't do. This would be useful for some rare IPX application that sent broadcasts that needed to reach the other side of the router. In typical IPX networks, there's no such need. When there is a need, you can speed it up with the ipx broadcast-fastswitching command. You titled your message 10 half or 100 full. I think this was a Freudian slip. I bet your problem is related to a full-duplex mismatch.
Re: 10 half or 100 full [7:64931]
Scott Roberts wrote: I see what you're saying now. what would be nice to see is what traffic there is on a protocol analyzer. I would think that #2 should be the situation and your #1 is not the proper negotiation. I've never tried to cpature auttonegotiation with an analyzer before, I wonder if you can even capture that stuff? No. It uses link pulses, not frames. Priscilla scott John Neiberger wrote in message news:[EMAIL PROTECTED] No, that's not at all what I was referring to. I'm speaking of the behavior of switch interfaces when they're set to AUTO. Nortel switches (at least the ones that we used) and some older Cisco switches like the 2924XL seemed to behave like Option #1 below, while the 2950 behaves like Option #2. If both the switch and the device are using Option #1 you'll be fine. If you then upgrade to a Catalyst 2950 that uses Option #2, you'll have all sorts of issues that need to be resolved. We've had a mixture of 2924XL and Bay 303/310 switches at our branchse for quite a while with no issues. When we started replacing the Bays with Catalyst 2950s we started having all sorts of problems, and it took quite a bit of research into FastEthernet NWAY/Autonegotiation to determine the problem. Just a forewarning. :-) Scott Roberts 3/10/03 12:12:48 PM if I understand what you're saying, I think its always been like that, cisco hasn't changed it. you're refering to the fact that the IOS switch don't let you change the speed? I think thats strange also, the set based switch can allow you to change speed, but after the IOS upgrading of switches they don't allow you to change a 10/100 at the switch, but rather require you to configure the desktop to 10 or 100 speed manually. I suppose the idea is that everyone should be using autonegotiation according to cisco. scott John Neiberger wrote in message news:[EMAIL PROTECTED] I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the behavior of the NIC with any other setting is up to the vendor and not everyone handles it the same way. Cisco appears to have changed the way they handle it, which is the cause of a lot of our problems. If you hard-set the speed and duplex there are two ways to handle this: 1. Use the configured settings and still participate in autonegotiation only offering the configured settings. 2. Use the configured settings and do not participate in autonegotiation Cisco's new switches seem to use option #2, while a great number of our end devices use option #1. Why is this a problem? Here's what happens when you connection an option #1 device to an option #2 device: #1 participates in autonegotiation, only offer the configured settings. #2 does not participate in autonegotiation at all and will forcefully use the configured settings. #1, seeing that there's nothing on the other side using auto assumes it is connected to a HUB, and just might set itself to 10/Half regardless of the manually configured settings! As you can guess, this is bad mojo. The moral of the story is that you should try to start using AUTO on BOTH sides if you're using newer Cisco switches, in particular the 2950 series. In some cases this won't work and you'll have to resort to manual settings. HTH, John Priscilla Oppenheimer 3/10/03 10:58:56 AM Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On Cisco's web page it mentioned something about enabling ipx broadcast-fastswitching. Any input or comments would be appreciated. I doubt that ipx broadcast-fastswitching will help you unless you are using an ipx
Re: Sniffer on Catalyst 6509 [7:64894]
Yes and here is how you configure it: http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration _guide_chapter09186a00800c65f8.html Eduardo Perestrelo wrote in message news:[EMAIL PROTECTED] Hi, I have a Catalyst 6509 and need to sniff network. If possible enable one port to read all traffic to sniff ?! Thanks, Eduardo Perestrelo CCNA / CCAI Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64953t=64894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 10 half or 100 full [7:64931]
The problem is that neither behavior is proper! :-) The only method mentioned in the standard is autonegotiation. Any other setting, including manually setting the speed and duplex, is non-standard and undefined. I'm not aware of the frame-level details of Nway negotiation so I'm not sure what you'd need specifically to see the traffic but it would probably have to be some sort of transparent device that sits between the NIC and the switch. Scott Roberts 3/10/03 12:31:46 PM I see what you're saying now. what would be nice to see is what traffic there is on a protocol analyzer. I would think that #2 should be the situation and your #1 is not the proper negotiation. I've never tried to cpature auttonegotiation with an analyzer before, I wonder if you can even capture that stuff? scott John Neiberger wrote in message news:[EMAIL PROTECTED] No, that's not at all what I was referring to. I'm speaking of the behavior of switch interfaces when they're set to AUTO. Nortel switches (at least the ones that we used) and some older Cisco switches like the 2924XL seemed to behave like Option #1 below, while the 2950 behaves like Option #2. If both the switch and the device are using Option #1 you'll be fine. If you then upgrade to a Catalyst 2950 that uses Option #2, you'll have all sorts of issues that need to be resolved. We've had a mixture of 2924XL and Bay 303/310 switches at our branchse for quite a while with no issues. When we started replacing the Bays with Catalyst 2950s we started having all sorts of problems, and it took quite a bit of research into FastEthernet NWAY/Autonegotiation to determine the problem. Just a forewarning. :-) Scott Roberts 3/10/03 12:12:48 PM if I understand what you're saying, I think its always been like that, cisco hasn't changed it. you're refering to the fact that the IOS switch don't let you change the speed? I think thats strange also, the set based switch can allow you to change speed, but after the IOS upgrading of switches they don't allow you to change a 10/100 at the switch, but rather require you to configure the desktop to 10 or 100 speed manually. I suppose the idea is that everyone should be using autonegotiation according to cisco. scott John Neiberger wrote in message news:[EMAIL PROTECTED] I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the behavior of the NIC with any other setting is up to the vendor and not everyone handles it the same way. Cisco appears to have changed the way they handle it, which is the cause of a lot of our problems. If you hard-set the speed and duplex there are two ways to handle this: 1. Use the configured settings and still participate in autonegotiation only offering the configured settings. 2. Use the configured settings and do not participate in autonegotiation Cisco's new switches seem to use option #2, while a great number of our end devices use option #1. Why is this a problem? Here's what happens when you connection an option #1 device to an option #2 device: #1 participates in autonegotiation, only offer the configured settings. #2 does not participate in autonegotiation at all and will forcefully use the configured settings. #1, seeing that there's nothing on the other side using auto assumes it is connected to a HUB, and just might set itself to 10/Half regardless of the manually configured settings! As you can guess, this is bad mojo. The moral of the story is that you should try to start using AUTO on BOTH sides if you're using newer Cisco switches, in particular the 2950 series. In some cases this won't work and you'll have to resort to manual settings. HTH, John Priscilla Oppenheimer 3/10/03 10:58:56 AM Mike Momb wrote: To all, We recently replaced our Nortel switches and routers with Cisco 2980 switches and 6509 routers. We have two buildings, 10 floors each and a router in each building. We have a combination of NT and Novell servers. After replacing all this equipment, we have noticed that when we access files on the NT servers, the speed is acceptable. When we access files on the Novell servers, it is very very slow. Could the switches or routers be configured incorrectly for IPX. Is there something that we can change. On
PPP callback [7:64955]
I'm re-reading Cisco Press' Building Cisco Remote Access Networks, edited by Catherine Paquet. It's a great book, but they mangled the discussion of dialer hold-queue and dialer enable-timeout for PPP callback. Do I understand this correctly after reverse engineering what maybe they meant to say: There's a client router and server router when you do PPP callback. The client makes the original call. The routers disconnect that call and the server calls back. That way the server gets charged for the longer conversation that is (possibly) a long-distant call. If the client doesn't get a callback quickly, you don't want it to try again for a while because then the line would be busy when the server does call back. So to avoid the client restarting its initial call too quickly, you configure a relatively long seconds value in this command: dialer enable-timeout seconds. You can also configure dialer hold-queue packets to tell the client to queue up packets for sending once the server calls back and that call gets established. On the server, you can also use dialer enable-timeout so that it doesn't call back too quickly, which would be bad if the client is still hanging up from the first call. The enable-timeout on the client should be approximately 4 times the enable-timeout on the server to minimize problems. That's not exactly what the book says, but the book mangled this section and combined the timeout and queued packets into one incomprehensible discussion. (Otherwise, I really do think the book is very well written with few mistakes. The ISDN and PPP chapters, especially, show that the editor really knows her stuff and that the course developers do too.) Of course, an author with the last name of Paquet had to go into networking! :-) Thanks for your help, Group Study. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64955t=64955 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DTP and VTP Domain [7:64892]
DTP uses protocol type 2004 too, just like DISL. I guess it's just an update to DISL for use with 802.1Q rather than ISL? And, I figured out why you might want to tell DTP not to autonegotiate or be desirable and why in that case no VTP domain name is exchanged and the VTP domain names don't have to match. The main reason is that the other end might not be Cisco and might not care about VTP anyway. Does that make sense? Priscilla Priscilla Oppenheimer wrote: [EMAIL PROTECTED] wrote: Is VTP dependent of DTP or is DTP dependent of VTP?. From the following statement I think DTP can still form a trunk even if VTP domain is different on both switches. I doubt that DTP can form a trunk if the VTP domains are different, though Cisco's documentation is rather unclear about this: To autonegotiate trunking, the interfaces must be in the same VTP domain. Use the trunk or nonegotiate keywords to force interfaces in different domains to trunk. For more information on VTP domains, see Configuring VTP. Trunk negotiation is managed by the Dynamic Trunking Protocol (DTP). DTP supports autonegotiation of both ISL and 802.1Q trunks. The URL is: cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios127xe/config/layer2.htm I think it's saying that DTP won't trunk if the VTP domains differ, but if you don't negotiate with DTP, and instead use the trunk or nonegotiate keywords, you can get the switches to trunk even if they are in different domains. (I've never heard of that, but that's what they seem to be saying.) I haven't ever sniffed a DTP frame. I have sniffed DISL frames and they have the VTP domain name in them. I bet DTP does too? And if they disagreed, I think the trunking would fail. But I have read opposite statements. Unfortunatelly I can not test it now. Any thoughts? The VTP protocol communicates between switches using an Ethernet destination multicast MAC address (01-00-0c-cc-cc-cc) and SNAP HDLC protocol type Ox2003. Oh, isn't that awful they would call this HDLC. Ouch. The original HDLC protocol architecture didn't even have a method for defining the encapsulated protocol! That was added by many of the derivatives of HDLC, including PPP, Cisco HDLC, and Logical Link Control (LLC), used on LANs. Obviously this is a LAN, so they could have easily said LLC and/or SNAP instead of HDLC. VTP uses an LLC Source Service Access Point (SSAP) and Destination Service Access Point (DSAP) of 0xAA, meaning that the frame has an additional header, called a Subnetwork Access Protocol (SNAP) header. SNAP has a vendor code and two-byte protocol type. For VTP the protocol type is indeed 2003. DISL is 2004. I don't know for DTP? Anyone know? Could we guess 2005? A VTP frame is a difficult frame to sniff, but I have caught one in the wild. The ISL was stripped before the frame was given to my analyzer port. But here's what the rest of the VTP frame looks like: DLC: - DLC Header - DLC: DLC: Destination = Multicast 01000CCC DLC: Source = Station 00B06426795B DLC: 802.3 length = 284 DLC: LLC: - LLC Header - LLC: LLC: DSAP Address = AA, DSAP IG Bit = 00 (Individual Address) LLC: SSAP Address = AA, SSAP CR Bit = 00 (Command) LLC: Unnumbered frame: UI LLC: SNAP: - SNAP Header - SNAP: SNAP: Vendor ID = Cisco1 SNAP: Type = 2003 (VTP) SNAP: VTP: - Cisco Virtual Trunk Protocol (VTP) Packet - VTP: VTP: Version = 1 VTP: Message type = 0x02 (Subset-Advert) VTP: Sequence number = 1 VTP: Management Domain Name length= 3 VTP: Management Domain Name = Lab VTP: Number of Padding bytes = 29 VTP: Configuration revision number= 0x0002 VTP: VTP: VLAN Information Field # 1: VTP: VLAN information field length= 28 VTP: VLAN Status = 00 (Operational) VTP: VLAN type= 1 (Ethernet) VTP: Length of VLAN name = 7 VTP: ISL VLAN-id = 1 VTP: MTU size = 1500 VTP: 802.10 SAID field= 11 VTP: VLAN Name= default VTP: # padding bytes in VLAN Name = 1 VTP: Reserved 8 bytes VTP: VTP: VLAN Information Field # 2: VTP: VLAN information field length= 24 VTP: VLAN Status = 00 (Operational) VTP: VLAN type= 1 (Ethernet) VTP: Length of VLAN name = 11 VTP: ISL VLAN-id = 10 VTP: MTU size = 1500 VTP: 802.10 SAID field= 100010 VTP: VLAN Name
Re: General comments on Cisco Teaching [7:64833]
Priscilla Oppenheimer wrote in message ... But as Howard has said, you can't really use the number and be an active CCSI unless you are currently employed at a Cisco Certified Learning Partner (or employed at Cisco itself.) Cisco, CLP's, CLSP's (solutions partner) and ILP's (internal learning partner). I don't know if there are any ILP's, but say -- for example, IBM wanted a bunch of in-house CCSI's to teach official Cisco course material. Of course, they would also have access to buy the instructor and student material for the official courses. If a company is spending greater than, say, a certain amount (ROI in BE, NPV, etc) on training, it might be beneficial to move into an ILP relationship with Cisco (of course, it's probably just as good to move into a full CLP or CLSP relationship, I don't know all the benefits/tradeoffs and Cisco doesn't have any information on even how to start a CLP business or anything about ILP's on their website). Also - to be a CLP, you might also be able to provide online learning only, in which case you could probably still have your employees get CCSI status, and never have them teach a classroom course (although I don't see the point unless you just want the designation for personal growth opportunities), thus avoiding expensive classrooms, facilities, and lab equipment. Check this url for more details on what CLP's/CLSP's are all about: http://www.cisco.com/en/US/learning/le31/le29/learning_about_learning_partne rs.html Claims 120 Learning partners, 1600 certified instructors WW. -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64958t=64833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Design - What Priscilla did NOT cover in her book: [7:64957]
wow, I've never worked on such a large order, but the RFPs I've designed out have never been this much of a joke. it seems that the IT staff of this company had no clue what they wanted or needed and decided to get some free advice! the only similair scenario I can mention is when a small private school was looking to upgrade their network to gigabit (yet never fully utilized the old FE) and were shocked at the cost of the equipment. they dropped the whole upgrade totally at that point. I'm interested in hearing if any others have seen such a poor of a 'scope of work' put out before? scott Symon Thurlow wrote in message news:[EMAIL PROTECTED] Yikes! You must have big plums to persist with a customer like that. It sounds like a disaster waiting to happen! Symon -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED] Sent: 08 March 2003 19:44 To: [EMAIL PROTECTED] Subject: Network Design - What Priscilla did NOT cover in her book: WAS [7:64842] Symon Thurlow wrote in message news:[EMAIL PROTECTED] Hey Chuck, How did that big design go, the one you mentioned on the list a few months ago? Symon You mean the Never Ending Design? The Nightmare before the CCIE Lab? Here is a brief rundown. I will say in advance that as all of you who work in the real world with real world management, real world customers, and real world situations already know, the real work is at layers 8,9, and 10. Project Summary: large organization, 2000+ employees, 10,000 data ports, 3 dozen locations, with each location being a campus of several buildings or several floors within buildings. The project RFP called for a complete forklift of the existing infrastructure - routers, switches, PBX. It also called for wireless for voice and data. The project goal was to create a network fully capable of providing seamless integrated services for data, voice, and video. Oh yes, there was a three week turnaround deadline for the response, and there was no flexibility in this. Meet the customer date or lose the opportunity. On top of that, as is typical with most RFP's, all questions are to be submitted in writing, and all responses go to all bidders. Clues that something is strange: 1) for any wireless response this complex, detailed site surveys are required. there is not time to do this. answer: well then just do a site survey. besides, we have aerial photographs of all of our locations posted on our web site. you can use those to determine what you need. 2) you're RFP provides numbers of IDF's in each location and total number of ports required. e.g. site X has 7 IDF's and 257 data ports. do you have detail as to how many data ports are in each specific closet? answer: use an average, or come out here and do a site survey and figure it out for yourself. 3) you're RFP calls for L3 switching in each and every closet. Is this necessary, given that there is only a single ingress/egress, and that all sites are hub and spoke? plus L3 is more expensive, and I'm not sure there is anything to gain. answer: we want L3 everywhere. are you saying your ( Cisco ) equipment does not do L3? Customer: oh by the way, we will be opening a new location sometime in the next 18 months. I want you to include that location in this response. 4) how many closets? how many phones? how many data ports? answer: just take locations a,b, and c, and average those out to get the numbers. These were the major things, and should give you a pretty good idea of the upper layer issues. Well, I work my ass off to meet the deadlines. We and a couple of other vendors respond. The presentation meeting takes place with all vendors in the same room at the same time. Oh joy, but at least we can see eachothers' hands. All vendors come back with total cost in the 8-9 million range. Now the customer reveals that his budget is 5 million. This is something that was asked, and which the customer refused to discuss previously. I should add that as this is a non profit organization, and some of the funding is from grant money with particular restrictions, this is not as straightforward in terms of budget as might first appear. The grants will pay for some types of equipment and services, but not others. The 5 mil is for a complete package including data circuits, all equipment, and all services. so subtract the total 5 year cost of data circuits from that 5 mil. divvy up what's left between what the grants will buy and what the customer himself will buy. OK, so now we have to scramble. The customer finally gets a clue that things cost money, and the more you want, the more you have to pay. So - trim your proposals, and get back with just what is required for end to end voice over IP plus new WAN equipment. No wireless. No new switches other than those needed to directly support the IP telephones. back to the drawing board. All non-phone switches are out.
Re: Network Design - What Priscilla did NOT cover in her book: [7:64959]
Chuck, Your story illustrates why I wouldn't make a good consultant. In reading your story I found several points where I would have walked out, but only after shoving Tab A (the scope of work) up that guys Slot A. :-) Figuratively speaking, of course. John Scott Roberts 3/10/03 2:52:54 PM wow, I've never worked on such a large order, but the RFPs I've designed out have never been this much of a joke. it seems that the IT staff of this company had no clue what they wanted or needed and decided to get some free advice! the only similair scenario I can mention is when a small private school was looking to upgrade their network to gigabit (yet never fully utilized the old FE) and were shocked at the cost of the equipment. they dropped the whole upgrade totally at that point. I'm interested in hearing if any others have seen such a poor of a 'scope of work' put out before? scott Symon Thurlow wrote in message news:[EMAIL PROTECTED] Yikes! You must have big plums to persist with a customer like that. It sounds like a disaster waiting to happen! Symon -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED] Sent: 08 March 2003 19:44 To: [EMAIL PROTECTED] Subject: Network Design - What Priscilla did NOT cover in her book: WAS [7:64842] Symon Thurlow wrote in message news:[EMAIL PROTECTED] Hey Chuck, How did that big design go, the one you mentioned on the list a few months ago? Symon You mean the Never Ending Design? The Nightmare before the CCIE Lab? Here is a brief rundown. I will say in advance that as all of you who work in the real world with real world management, real world customers, and real world situations already know, the real work is at layers 8,9, and 10. Project Summary: large organization, 2000+ employees, 10,000 data ports, 3 dozen locations, with each location being a campus of several buildings or several floors within buildings. The project RFP called for a complete forklift of the existing infrastructure - routers, switches, PBX. It also called for wireless for voice and data. The project goal was to create a network fully capable of providing seamless integrated services for data, voice, and video. Oh yes, there was a three week turnaround deadline for the response, and there was no flexibility in this. Meet the customer date or lose the opportunity. On top of that, as is typical with most RFP's, all questions are to be submitted in writing, and all responses go to all bidders. Clues that something is strange: 1) for any wireless response this complex, detailed site surveys are required. there is not time to do this. answer: well then just do a site survey. besides, we have aerial photographs of all of our locations posted on our web site. you can use those to determine what you need. 2) you're RFP provides numbers of IDF's in each location and total number of ports required. e.g. site X has 7 IDF's and 257 data ports. do you have detail as to how many data ports are in each specific closet? answer: use an average, or come out here and do a site survey and figure it out for yourself. 3) you're RFP calls for L3 switching in each and every closet. Is this necessary, given that there is only a single ingress/egress, and that all sites are hub and spoke? plus L3 is more expensive, and I'm not sure there is anything to gain. answer: we want L3 everywhere. are you saying your ( Cisco ) equipment does not do L3? Customer: oh by the way, we will be opening a new location sometime in the next 18 months. I want you to include that location in this response. 4) how many closets? how many phones? how many data ports? answer: just take locations a,b, and c, and average those out to get the numbers. These were the major things, and should give you a pretty good idea of the upper layer issues. Well, I work my ass off to meet the deadlines. We and a couple of other vendors respond. The presentation meeting takes place with all vendors in the same room at the same time. Oh joy, but at least we can see eachothers' hands. All vendors come back with total cost in the 8-9 million range. Now the customer reveals that his budget is 5 million. This is something that was asked, and which the customer refused to discuss previously. I should add that as this is a non profit organization, and some of the funding is from grant money with particular restrictions, this is not as straightforward in terms of budget as might first appear. The grants will pay for some types of equipment and services, but not others. The 5 mil is for a complete package including data circuits, all equipment, and all services. so subtract the total 5 year cost of data circuits from that 5 mil. divvy up what's left between what the grants will buy and what the customer himself will buy. OK, so now we have to scramble. The customer finally gets a clue that things cost money, and the more you
Re: Network Design - What Priscilla did NOT cover [7:64959]
OK, I've seen enough of this inaccurate title for a thread. Of course Top-Down Network Design covers Layer 8 and above issues. It's a main focus of the first chapter and one of the reasons the book has done so well. One of my goals was to help newbies, especially, and also the guys (and yes, it's mostly guys who think this way! ;-) who assume network design is a matter of selecting speeds and feeds and cool devices. Chuck confirms that the hardest challenges are dealing with difficult design customers who won't tell you the entire story either because of politics or because they don't the entire story and don't want to look stupd, have ridciulous budgets but won't make any trade-offs, have biases for certain technologies for no technical reason, etc. Those are all discussed in Top-Down Network Design. Of course, reading about it in a book and encountering it for real are two different things. Maybe that's why Chuck forgot that it's in the book. Well, I know he was also just trying to be funny, but the inaccuracy of the thread title bugs me. @:-) Of course, Oscar Wilde did say, There's no such thing as bad press. Priscilla John Neiberger wrote: Chuck, Your story illustrates why I wouldn't make a good consultant. In reading your story I found several points where I would have walked out, but only after shoving Tab A (the scope of work) up that guys Slot A. :-) Figuratively speaking, of course. John Scott Roberts 3/10/03 2:52:54 PM wow, I've never worked on such a large order, but the RFPs I've designed out have never been this much of a joke. it seems that the IT staff of this company had no clue what they wanted or needed and decided to get some free advice! the only similair scenario I can mention is when a small private school was looking to upgrade their network to gigabit (yet never fully utilized the old FE) and were shocked at the cost of the equipment. they dropped the whole upgrade totally at that point. I'm interested in hearing if any others have seen such a poor of a 'scope of work' put out before? scott Symon Thurlow wrote in message news:[EMAIL PROTECTED] Yikes! You must have big plums to persist with a customer like that. It sounds like a disaster waiting to happen! Symon -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED] Sent: 08 March 2003 19:44 To: [EMAIL PROTECTED] Subject: Network Design - What Priscilla did NOT cover in her book: WAS [7:64842] Symon Thurlow wrote in message news:[EMAIL PROTECTED] Hey Chuck, How did that big design go, the one you mentioned on the list a few months ago? Symon You mean the Never Ending Design? The Nightmare before the CCIE Lab? Here is a brief rundown. I will say in advance that as all of you who work in the real world with real world management, real world customers, and real world situations already know, the real work is at layers 8,9, and 10. Project Summary: large organization, 2000+ employees, 10,000 data ports, 3 dozen locations, with each location being a campus of several buildings or several floors within buildings. The project RFP called for a complete forklift of the existing infrastructure - routers, switches, PBX. It also called for wireless for voice and data. The project goal was to create a network fully capable of providing seamless integrated services for data, voice, and video. Oh yes, there was a three week turnaround deadline for the response, and there was no flexibility in this. Meet the customer date or lose the opportunity. On top of that, as is typical with most RFP's, all questions are to be submitted in writing, and all responses go to all bidders. Clues that something is strange: 1) for any wireless response this complex, detailed site surveys are required. there is not time to do this. answer: well then just do a site survey. besides, we have aerial photographs of all of our locations posted on our web site. you can use those to determine what you need. 2) you're RFP provides numbers of IDF's in each location and total number of ports required. e.g. site X has 7 IDF's and 257 data ports. do you have detail as to how many data ports are in each specific closet? answer: use an average, or come out here and do a site survey and figure it out for yourself. 3) you're RFP calls for L3 switching in each and every closet. Is this necessary, given that there is only a single ingress/egress, and that all sites are hub and spoke? plus L3 is more expensive, and I'm not sure there is anything to gain. answer: we want L3 everywhere. are you saying your ( Cisco ) equipment does not do L3? Customer: oh by the way, we will be opening a new location sometime in the next 18 months. I want you to include that location in this response. 4) how many closets? how many phones?
Difficult RFPs [7:64957]
Scott Roberts wrote: wow, I've never worked on such a large order, but the RFPs I've designed out have never been this much of a joke. it seems that the IT staff of this company had no clue what they wanted or needed and decided to get some free advice! the only similair scenario I can mention is when a small private school was looking to upgrade their network to gigabit (yet never fully utilized the old FE) and were shocked at the cost of the equipment. they dropped the whole upgrade totally at that point. I'm interested in hearing if any others have seen such a poor of a 'scope of work' put out before? I think it's pretty typical, although this particular customer is more annoying than most. My favorite one is this, from Chuck's comments: 1) for any wireless response this complex, detailed site surveys are required. there is not time to do this. answer: well then just do a site survey. besides, we have aerial photographs of all of our locations posted on our web site. you can use those to determine what you need. Sure, aerial photos will help a lot!? :-) Priscilla scott Symon Thurlow wrote in message news:[EMAIL PROTECTED] Yikes! You must have big plums to persist with a customer like that. It sounds like a disaster waiting to happen! Symon -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED] Sent: 08 March 2003 19:44 To: [EMAIL PROTECTED] Subject: Network Design - What Priscilla did NOT cover in her book: WAS [7:64842] Symon Thurlow wrote in message news:[EMAIL PROTECTED] Hey Chuck, How did that big design go, the one you mentioned on the list a few months ago? Symon You mean the Never Ending Design? The Nightmare before the CCIE Lab? Here is a brief rundown. I will say in advance that as all of you who work in the real world with real world management, real world customers, and real world situations already know, the real work is at layers 8,9, and 10. Project Summary: large organization, 2000+ employees, 10,000 data ports, 3 dozen locations, with each location being a campus of several buildings or several floors within buildings. The project RFP called for a complete forklift of the existing infrastructure - routers, switches, PBX. It also called for wireless for voice and data. The project goal was to create a network fully capable of providing seamless integrated services for data, voice, and video. Oh yes, there was a three week turnaround deadline for the response, and there was no flexibility in this. Meet the customer date or lose the opportunity. On top of that, as is typical with most RFP's, all questions are to be submitted in writing, and all responses go to all bidders. Clues that something is strange: 1) for any wireless response this complex, detailed site surveys are required. there is not time to do this. answer: well then just do a site survey. besides, we have aerial photographs of all of our locations posted on our web site. you can use those to determine what you need. 2) you're RFP provides numbers of IDF's in each location and total number of ports required. e.g. site X has 7 IDF's and 257 data ports. do you have detail as to how many data ports are in each specific closet? answer: use an average, or come out here and do a site survey and figure it out for yourself. 3) you're RFP calls for L3 switching in each and every closet. Is this necessary, given that there is only a single ingress/egress, and that all sites are hub and spoke? plus L3 is more expensive, and I'm not sure there is anything to gain. answer: we want L3 everywhere. are you saying your ( Cisco ) equipment does not do L3? Customer: oh by the way, we will be opening a new location sometime in the next 18 months. I want you to include that location in this response. 4) how many closets? how many phones? how many data ports? answer: just take locations a,b, and c, and average those out to get the numbers. These were the major things, and should give you a pretty good idea of the upper layer issues. Well, I work my ass off to meet the deadlines. We and a couple of other vendors respond. The presentation meeting takes place with all vendors in the same room at the same time. Oh joy, but at least we can see eachothers' hands. All vendors come back with total cost in the 8-9 million range. Now the customer reveals that his budget is 5 million. This is something that was asked, and which the customer refused to discuss previously. I should add that as this is a non profit organization, and some of the funding is from grant money with particular restrictions, this is not as straightforward in terms of budget as might first appear. The grants will pay for some types of equipment and services, but not others. The 5 mil is
Help In T1 CSU/DSU [7:64962]
Hi all I have T1 Csu/dsu card on 2691 platform Whenever I execute any service module command it gives the following error Example:command given service module t1 clock source internal %Serive moduule command failed,Lock timeout error Can any body guide me out what is this error why I am unable to execute the commands Thanx in advance Monu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64962t=64962 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help In T1 CSU/DSU [7:64962]
Sorry the exact error is %Serive module command failed,Lock obtain timeout Monu Sekhon wrote: Hi all I have T1 Csu/dsu card on 2691 platform Whenever I execute any service module command it gives the following error Example:command given service module t1 clock source internal %Serive moduule command failed,Lock timeout error Can any body guide me out what is this error why I am unable to execute the commands Thanx in advance Monu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64963t=64962 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffer on Catalyst 6509 [7:64894]
yes Port Spanning.. -- Original Message -- From: Eduardo Perestrelo Reply-To: Eduardo Perestrelo Date: Mon, 10 Mar 2003 12:44:29 GMT Hi, I have a Catalyst 6509 and need to sniff network. If possible enable one port to read all traffic to sniff ?! Thanks, Eduardo Perestrelo CCNA / CCAI Sent via the Simlab.net system at cobain.simlab.net Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64984t=64894 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cool Tool Wish List [7:64991]
Here's a tool that would be relatively simple to write for those with good scripting skills (not me), and I'd love to get my hands on it. Wouldn't it be great to have a tool that could look at a switch, determine which interfaces have only a single host attached, and then change the port name or interface description to the hostname of the device? Man, I would love that! Okay, so I didn't really have a point... :-) John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64991t=64991 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
TFTP to Flash or PCMCIA problem - no problem on the opposite [7:64995]
There is an error message on the CiscoTFTP server when trying to copy the IOS from the server to a 3640 router. There is no problem in the opposite way (from the router to the TFTP server). I tryed different PCs and different IOS versions. The same problem happens copying from TFTP server to PCMCIA. The error message in the TFTP server is Failed (Synchronization error) I followed the instruction at 'http://www.cisco.com/warp/public/130/sw_upgrade_proc_ram.shtml#3600' Any Thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64995t=64995 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? MPLS ??? [7:64898]
Converge Network Digest has a few tutorials on MPLS on their web site. Not alot of detail but really good overviews for someone new to the technology. http://www.convergedigest.com/Bandwidth/archive/010910TUTORIAL-rgallaher1.htm Hope this helps, Karen *** REPLY SEPARATOR *** On 3/10/2003 at 2:16 PM Steven Aiello wrote: Sorry for such a newbe question. But what is MPLS? And what is it? Any one have a link they can point me too? Just trying to learn more. Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64986t=64898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PRI [7:64999]
Hi All, Quick question I hope you can help me with. How many D channels does a PRI have? I always thought it was two, but its states 1 in most places. Text taken from the CCNP remote access guide (to make it more confusing): there are 30 timeslots, leaving 2 timeslots for signalling and framing. Timeslot 0 is used for framing and timeslot 16 is used for signalling (counting 0-31). E1 PRI makes use of this same principle. Timeslot 16 is the D channel and timeslot 0 is used for framing information. Please advise. Regards,DJ - With Yahoo! Mail you can get a bigger mailbox -- choose a size that fits your needs Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64999t=64999 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
TFTP to Flash or PCMCIA problem - no problem on the opposite [7:64994]
There is an error message on the CiscoTFTP server when trying to copy the IOS from the server to a 3640 router. There is no problem in the opposite way (from the router to the TFTP server). I tryed different PCs and different IOS versions. The same problem happens copying from TFTP server to PCMCIA. The error message in the TFTP server is Failed (Synchronization error) I followed the instruction at 'http://www.cisco.com/warp/public/130/sw_upgrade_proc_ram.shtml#3600' Any Thoughts? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64994t=64994 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
help to find where it from? [7:65001]
Hi.. We receive a lot of spam mail from digitalpowerfilter.com. I have the following question to ask. 1)I checked on www.dnsstuff.com that the domain owned by ISP in US. But my admin told me that it is with odyssey ISP Bribane, Australia. Which one is true? 2)I found that the owner is [EMAIL PROTECTED], Lee William. How can we check on the hotmail that where is this guy located? 3)Is there anything can be on the PIX firewall to block the spam mail? or Anything can be done on the exchange server to block spam mail? _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65001t=65001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Basic Frame Relay question [7:64923]
Priscilla Oppenheimer wrote: DeVoe, Charles (PKI) wrote: I am looking at frame relay. As I understand it, the frame relay connection goes from the CPE to the service provider CO. My question is, does the destination device on the other side of the CO also need to run frame relay? Could they perhaps run ATM? My CPE CODest. CPE | Frame Relay|ATM | Good question. Yes, the Frame Relay Forum defines a method for doing this. It's called Frame Relay ATM Interworking. (Yes, the word is really interworking.) I think it's somewhat common. It's been around for a while ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Yes it is fairly common. The magic is in the middle. The configs of the frame CPE and the ATM CPE wuld be the same as if you had frame/ATM respectively on the other side. The only caveat is you will most likely need to use IETF encapsulation on the frame since you will most likely not be terminating on a Cisco for the internetworking component. Dave -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 I would rather have a German division in front of me than a French one behind me. --- General George S. Patton Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65003t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? Etherchannel ??? [7:64900]
Etherchannel is a way of bundling together multiple links between switches or between a switch and a router so that they function as a whole. Here's a link to a white paper about it on Cisco's site. http://www.cisco.com/en/US/tech/tk389/tk213/technologies_white_paper09186a0080092944.shtml Hope this helps, Karen *** REPLY SEPARATOR *** On 3/10/2003 at 2:20 PM Steven Aiello wrote: Ok please don't be annoyed I have another vocab question. I know what Ethernet is and I'm fairly sure fiberchannel is basically some sort of fiber line. What is Ether channel? And where is it commonly used. Any one have a good link? Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64998t=64900 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 10 half or 100 full [7:64931]
Hi Mike, all I have come accress this problem when connecting Novell Servers/Clients to Cisco switches, the solution is two things. 1/ enable spantree portfast on these cisco ports by: set spantree portfast 6/3 enable But be carefull this is good idea only for ports connecting to a single host i.e (to a Server or another switch) NOT to a hub.. Also 2/ I disabled Auto-negotiation on Cisco switch ports connecting to Novell or other vendor switches, cause Auto Negotiate does not work with many devices. Hope this helps. Sarkis Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65000t=64931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EtherChannel - WOW Thats great [7:64940]
There are a boatload of examples on CCO and no it's quite easy to configure. If you have access here are a bunch of examples: http://www.cisco.com/en/US/customer/tech/tk389/tk213/tech_configuration_examples_list.html Dave Steven Aiello wrote: That's for all the info on Ether channel. What a wonderful idea. Is Ether channel hard to set up? I don't have the 100 Mb routers to try this at home or even 2 100Mbs switches. Does any one have a sample config file form a router or switch that uses it? Thanks again all you are all great ( especially those who answer my questions! ) Steve -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 I would rather have a German division in front of me than a French one behind me. --- General George S. Patton Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65002t=64940 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuring 2621 router with G.U.I. [7:64937]
see ip http server IOS command. No special software required. IMHO stick to CLI ;) Dave Alan poettker wrote: Hi, Can anyone tell me where I may find specific information reguarding cofiguring a 2600 series router with the GUI interface..(through my internet browser). I would like to know what specific softare may be required to do this or what settings I may need. I do have access to it throush CLI mode. -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 I would rather have a German division in front of me than a French one behind me. --- General George S. Patton Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65004t=64937 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DTP and VTP Domain [7:64892]
Priscilla Oppenheimer wrote: DTP uses protocol type 2004 too, just like DISL. I guess it's just an update to DISL for use with 802.1Q rather than ISL? Yes. Step 1: negotiate whether to trunk. Step 2: if the result is yes, then negotiate which flavor. If both are indifferent, favor ISL. And, I figured out why you might want to tell DTP not to autonegotiate or be desirable and why in that case no VTP domain name is exchanged and the VTP domain names don't have to match. The main reason is that the other end might not be Cisco and might not care about VTP anyway. Does that make sense? Or the other switch is a Cisco one that doesn't speak DTP. The 2900/3500XLs and the 2950 didn't speak DTP until recently. Skipping the DTP negotiation with a device that isn't capable eliminates one source of delay before STP is handed the port. I was told by someone in Cisco that the original reason for nonegotiate was that the early ISL NIC drivers in servers didn't gracefully ignore the DTP multicast, but crashed the server! - Marty Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64985t=64892 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 10 half or 100 full [7:64931]
I have been trying to follow this, and I still do not see why we should get away from the old Cisco switch courses that if you set both sides to 100 full duplex if they are capable you will be fine. I have not seen any situation where hard setting both sides caused problems (am I missing something?). Question I ask is why even fool with the unpredictable auto negotiate. Someone help me out here what am I missing. The problem that you will eventually run into is that there is no standard behavior specified except for autonegotiation. Since we installed over thirty Catalyst 2950s, several 2948Gs, a few 2980Gs, and a 6513 I've started seeing this issue. If you manually set the speed and duplex that results in one of two possible behaviors, neither of which is specified in any standard. Read my explanation below again where I describe the two options. If you start mixing one set of products that picks option #1 with another set that chooses option #2 I guarantee you will see problems and it will drive you crazy. :-) It appears that older Cisco switches utilized option #1, as do the majority of the NICs that we use. When we switched to the newer Cisco switches an avalanche of troubleshooting began, along with our support team being flooded with calls. They usually went something like this: Someone from your department was replacing something in the back room this morning and now everything runs terribly slow. Ugh we must have heard that at least forty times, and just here at our headquarters it seems like we're resolving user and server issues daily by setting the NICs and switches to auto. If hard setting everything is currently working for you, don't change a thing. Just be aware of the issue because it's bound to sneak up on you sooner or later. John -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 2:59 PM To: [EMAIL PROTECTED] Subject: Re: 10 half or 100 full [7:64931] The problem is that neither behavior is proper! :-) The only method mentioned in the standard is autonegotiation. Any other setting, including manually setting the speed and duplex, is non-standard and undefined. I'm not aware of the frame-level details of Nway negotiation so I'm not sure what you'd need specifically to see the traffic but it would probably have to be some sort of transparent device that sits between the NIC and the switch. Scott Roberts 3/10/03 12:31:46 PM I see what you're saying now. what would be nice to see is what traffic there is on a protocol analyzer. I would think that #2 should be the situation and your #1 is not the proper negotiation. I've never tried to cpature auttonegotiation with an analyzer before, I wonder if you can even capture that stuff? scott John Neiberger wrote in message news:[EMAIL PROTECTED] No, that's not at all what I was referring to. I'm speaking of the behavior of switch interfaces when they're set to AUTO. Nortel switches (at least the ones that we used) and some older Cisco switches like the 2924XL seemed to behave like Option #1 below, while the 2950 behaves like Option #2. If both the switch and the device are using Option #1 you'll be fine. If you then upgrade to a Catalyst 2950 that uses Option #2, you'll have all sorts of issues that need to be resolved. We've had a mixture of 2924XL and Bay 303/310 switches at our branchse for quite a while with no issues. When we started replacing the Bays with Catalyst 2950s we started having all sorts of problems, and it took quite a bit of research into FastEthernet NWAY/Autonegotiation to determine the problem. Just a forewarning. :-) Scott Roberts 3/10/03 12:12:48 PM if I understand what you're saying, I think its always been like that, cisco hasn't changed it. you're refering to the fact that the IOS switch don't let you change the speed? I think thats strange also, the set based switch can allow you to change speed, but after the IOS upgrading of switches they don't allow you to change a 10/100 at the switch, but rather require you to configure the desktop to 10 or 100 speed manually. I suppose the idea is that everyone should be using autonegotiation according to cisco. scott John Neiberger wrote in message news:[EMAIL PROTECTED] I wanted to mention that we've been in the process of upgrading our switches, as well, and I discovered that since we've started using the new Cisco switches we've been having all sorts of problems getting the speed and duplex settings set correctly. We've discovered that if you have relatively new NICs with updated drivers, set both sides to AUTO. Never, ever, set only one side to AUTO. I'd also avoid manually configuring the speed and duplex unless you have to do so to fix a specific problem. Here's why: There is no standardized behavior for 100BaseTX when you manually configure settings! The only setting mentioned in the specification is AUTO; the
Re: Basic Frame Relay question [7:64923]
They could. In fact, its quite likely. The link from your CPE goes into a port on one of their WAN switches. from there it goes over a trunk utilizing either Fast Packet (FP) or ATM to another WAN switch. There may be a number of WAN switches between your CPE and the destination CPE. You can get more detail from the documentation on Cisco's WAN switches. Hope this helps, Karen *** REPLY SEPARATOR *** On 3/10/2003 at 5:23 PM DeVoe, Charles (PKI) wrote: I am looking at frame relay. As I understand it, the frame relay connection goes from the CPE to the service provider CO. My question is, does the destination device on the other side of the CO also need to run frame relay? Could they perhaps run ATM? My CPE CODest. CPE | Frame Relay|ATM | Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64992t=64923 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What is different between SIP, MGCP and H.323? [7:64877]
That's a huge subject and one that would require a very long and detailed explaination. In short however the basics are as follows: h.323 has been around awhile and is the basic standard out there. Cisco only made IP phones that supported h.323 for the longest time. They now are into SIP support as well. SIP came along and basically replaces h.323 and is more feature rich and really IMHO the future in comparison to h.323. More and more vendors are working to support SIP in their products, IP phones, firewalls, etc. As for MGCP that's the media gateway control protocol (or something like that) and deals with the communications between media gateways - more ISP related than the typical enterprise. There are tons of documents, rfc's, writeups and so forth on this subject for further research. Good luck, Ian http://www.ccie4u.com Rack rentals and lab scenarios On 10 Mar 2003 at 3:58, Andy Tse wrote: Hi, My boss asks my to setup an VoIP for our own office. While chosing products, I find there have several different protocols in the market. Can anyone explain the different between them? And the difficulty on maintenance, operation and administration of those Products? Thank you very much! Hosui Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64990t=64877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Load Balancing and NAT [7:64904]
At 5:41 PM + 3/10/03, Logan, Harold wrote: I have a question about this setup, but it's more deisgn-oriented than configuration. What's the benefit of having redundant ISPs if they both connect to one router? Single router with multiple ISPs: Protects you against failure in the ISP routing system. Both ISPs still may get bad routing data. No guard against router or local loop failure. Multiple routers to different POPs of the same ISP: Protects you against local loop failure, lets you contract for physical route diversity within the ISP. No guard against ISP-wide routing failure. You may be able to negotiate multiple upstreams. Multiple routers to different ISPs: may or may not protect against local loop failure, depending on how far apart you place the routers. Potentially decent protection against routing failure. Still vulnerable if there is a common upstream. I realize that a WAN circuit is more likely to have problems than the router hardware is, but it seems like both the configuration problem and the single point of failure can be addressed by adding a second router. From there, I see two options. #1, break up the LAN into two DHCP scopes (if DHCP is used) and assign the IP's of both routers as the default gateway, but alternate them. Scope 1 would have R1's IP as the primary default gateway, and R2's as the secondary, and vice versa for scope 2. #2, Use a layer 3 switch at the core of the LAN, and configure routed ports. Give the switch two default routes with the same AD, and it will load balance between the two routers. Does either of these sound feasible? Hal -Original Message- From: Terry Oldham [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 11:07 AM To: [EMAIL PROTECTED] Subject: Re: Load Balancing and NAT [7:64904] The T1's are from different providers, Qwest and Sprint. And no we will not be running BGP... Troy Leliard wrote in message news:[EMAIL PROTECTED] First big question, are your T1's from the same provider, or from a different provider, and thus different public ip address space? If it is from a different provider, you may well run into some problems with NAT. Say for example, client A connects to your webserver (via ISP A's public IP address that is assigned to you, say x.x.x.x) which is then Nat'd to your internal RFC1918 address That will work all fine and dandy, but what about if your default gateway is ISP B's T1. Outbound packets, returning to Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If Client A is behind a stateful firewall, return packets will be dropped, as it will have ISP B's SRC address, and it will be expecting ISP A's. There are a number of ways around this, but I will wait for more detauls before going on. Presumably you are not / will not be running BGP, and have your own AS? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64989t=64904 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: General comments on Cisco Teaching [7:64833]
seeing as the CCSI number uses only 2 digits for the date field, did the program implode as Y2K came and went? ;- -- TANSTAAFL there ain't no such thing as a free lunch Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Cisco Nuts wrote: Howard, Why in the world would Cisco start at 92001 for the CCSI? Any particular reason for such a high number? I think CCSI uses hierarchical addressing unlike the flat addressing used for CCIE. :-) Also, to answer someone else's question, I think you get to keep your number (and use it?) indefinitely. I'm 96110, the 110th one in 1996. Must have been a good year. But as Howard has said, you can't really use the number and be an active CCSI unless you are currently employed at a Cisco Certified Learning Partner (or employed at Cisco itself.) My guess is that if you were inactive for a while and then went to a new learning partner, you would have to go through a barrage of tests again, but probably keep your number. But I don't know for sure Maybe if the economy ever picks up again there will be a lot of people trying to get an answer to that question. Not looking good for now, though. By the way, did y'all see this excellent article about teaching in TCP Magazine. It's called So You Wanna Teach. The comments on the article are worth reading too. http://www.tcpmag.com/linkstate/article.asp?EditorialsID=135 ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Now we all know for a fact why the CCIE # start at 1025? So From: Howard C. Berkowitz Reply-To: Howard C. Berkowitz To: [EMAIL PROTECTED] Subject: RE: General comments on Cisco Teaching [7:64833] Date: Sun, 9 Mar 2003 01:04:28 GMT Howard CSSI 93005 Howard, If you were a Cisco Instructor years ago, is it safe to assume the CSSI number started at 93000?? Just curios. 92001, I believe. Not sure. On a serious note, are you allowed to still add the cert and number after your name if you become inactive? No one ever really came up with a good set of rules. Recertification was never as well defined as it was with CCIE and the like. I have no problem in saying inactive -- the irony being that I'm currently on a subcontract developing internal courseware for Cisco staff. Since a CSSI is not all that meaningful except in the context of a training partner, the active-versus-inactive distinction isn't that significant -- if you are doing approved Cisco training, it will be active with the partner; if you aren't, it won't. It's not as if you can go into business as a Cisco instructor just by having a CSSI. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64854t=64833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Add photos to your messages with MSN 8. Get 2 months FREE*. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65007t=64833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Difficult RFPs [7:64957]
Priscilla Oppenheimer wrote in message news:[EMAIL PROTECTED] Scott Roberts wrote: wow, I've never worked on such a large order, but the RFPs I've designed out have never been this much of a joke. it seems that the IT staff of this company had no clue what they wanted or needed and decided to get some free advice! the only similair scenario I can mention is when a small private school was looking to upgrade their network to gigabit (yet never fully utilized the old FE) and were shocked at the cost of the equipment. they dropped the whole upgrade totally at that point. I'm interested in hearing if any others have seen such a poor of a 'scope of work' put out before? I think it's pretty typical, although this particular customer is more annoying than most. My favorite one is this, from Chuck's comments: 1) for any wireless response this complex, detailed site surveys are required. there is not time to do this. answer: well then just do a site survey. besides, we have aerial photographs of all of our locations posted on our web site. you can use those to determine what you need. Sure, aerial photos will help a lot!? :-) They showed where all the trees were. :- Priscilla scott Symon Thurlow wrote in message news:[EMAIL PROTECTED] Yikes! You must have big plums to persist with a customer like that. It sounds like a disaster waiting to happen! Symon -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED] Sent: 08 March 2003 19:44 To: [EMAIL PROTECTED] Subject: Network Design - What Priscilla did NOT cover in her book: WAS [7:64842] Symon Thurlow wrote in message news:[EMAIL PROTECTED] Hey Chuck, How did that big design go, the one you mentioned on the list a few months ago? Symon You mean the Never Ending Design? The Nightmare before the CCIE Lab? Here is a brief rundown. I will say in advance that as all of you who work in the real world with real world management, real world customers, and real world situations already know, the real work is at layers 8,9, and 10. Project Summary: large organization, 2000+ employees, 10,000 data ports, 3 dozen locations, with each location being a campus of several buildings or several floors within buildings. The project RFP called for a complete forklift of the existing infrastructure - routers, switches, PBX. It also called for wireless for voice and data. The project goal was to create a network fully capable of providing seamless integrated services for data, voice, and video. Oh yes, there was a three week turnaround deadline for the response, and there was no flexibility in this. Meet the customer date or lose the opportunity. On top of that, as is typical with most RFP's, all questions are to be submitted in writing, and all responses go to all bidders. Clues that something is strange: 1) for any wireless response this complex, detailed site surveys are required. there is not time to do this. answer: well then just do a site survey. besides, we have aerial photographs of all of our locations posted on our web site. you can use those to determine what you need. 2) you're RFP provides numbers of IDF's in each location and total number of ports required. e.g. site X has 7 IDF's and 257 data ports. do you have detail as to how many data ports are in each specific closet? answer: use an average, or come out here and do a site survey and figure it out for yourself. 3) you're RFP calls for L3 switching in each and every closet. Is this necessary, given that there is only a single ingress/egress, and that all sites are hub and spoke? plus L3 is more expensive, and I'm not sure there is anything to gain. answer: we want L3 everywhere. are you saying your ( Cisco ) equipment does not do L3? Customer: oh by the way, we will be opening a new location sometime in the next 18 months. I want you to include that location in this response. 4) how many closets? how many phones? how many data ports? answer: just take locations a,b, and c, and average those out to get the numbers. These were the major things, and should give you a pretty good idea of the upper layer issues. Well, I work my ass off to meet the deadlines. We and a couple of other vendors respond. The presentation meeting takes place with all vendors in the same room at the same time. Oh joy, but at least we can see eachothers' hands. All vendors come back with total cost in the 8-9 million range. Now the customer reveals that his budget is 5 million. This is something that was asked, and which the customer refused to discuss previously. I should add that as this is a non
Re: Any w2k syslog server avaiable? [7:64883]
3com (tftp , syslog and ftp all in one program...) - Original Message - From: The Long and Winding Road To: Sent: Monday, March 10, 2003 11:15 AM Subject: Re: Any w2k syslog server avaiable? [7:64883] Richard Campbell wrote in message news:[EMAIL PROTECTED] Hi.. I used to use unix syslog server to log the cisco device event. But there is no unix box in my new company. Only w2k. May I know is there any syslog software avaiable that I can install in W2k? check out Beverly Hills Software - www.bhs.com do a search after clicking on downloads there are a couple available. HTH Thanks _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Virus taramasi Vexira AV programi kullanilarak Is Net tarafindan yapilmistir. This e-mail is checked by Is Net against all known types of viruses using Vexira AV. Is Net'in en ucuz saatlik kullanim paketi Teneffus.Net'i ve en ucuz sinirsiz erisim paketi Taksitli Ekonet'i duymus muydunuz? http://www.isnet.net.tr/teneffusnet/ http://www.isnet.net.tr/taksitliekonet/ -- Virus taramasi Vexira AV programi kullanilarak Is Net tarafindan yapilmistir. This e-mail is checked by Is Net against all known types of viruses using Vexira AV. Is Net'in en ucuz saatlik kullanim paketi Teneffus.Net'i ve en ucuz sinirsiz erisim paketi Taksitli Ekonet'i duymus muydunuz? http://www.isnet.net.tr/teneffusnet/ http://www.isnet.net.tr/taksitliekonet/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65005t=64883 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP Telephony [7:64847]
LWR, Thank you for your input. Yes there is a business plan that needs to get made. I do realize that the 'white collars' want this and that's the primary reason why I emailed the group. I currently don't have access to certain parts of the billing as far as long distance, phone charges, and the like but I am in the process of getting all relevant information on VoIP. I want to get everything in a precise little package with exact pricing (this may change cause we are a rather big company and may have the option of discounts, not sure) and present a project plan. I was just wondering if anyone out there had prior experience and found any bumps that they could warn me about. -Nate - Original Message - From: The Long and Winding Road To: Sent: Saturday, March 08, 2003 10:16 PM Subject: Re: IP Telephony [7:64847] Nate wrote in message news:[EMAIL PROTECTED] Guys, I'm thinking of recommending IP Telephony for our company. I have limited knowledge on the subject and I was wondering if any of you are experts (or fraction thereof) that could help me make out a project plan for this. Any comments would be appreciated. Is there a business case to be made? Do you have PBX's for example, whose leases are going to be up? Will you save money? What is your current infrastructure? Will it support VoIP? Are there features your users have now via the PBX that are not available on Call Manager? Will you save money on your voice trunking? How about your WAN - is it sufficient to support voice and QoS requirements? Will your routers support QoS and voice compression/decompression? Are there applications available via IP phones that will provide better productivity and hence more profit for the company? Does your company have the staff on hand to support IP telephony, especially on top of the other work they do? Hey, I think VoIP is as kewl as any other geek out there. But I wore a white shirt and tie for a long time. Masters degree class 101 taught me lesson number one - what is the business case? What is the ROI? What is the discounted net present value of future cash flows? Not that management listens to us geeks anyway... :- Thanks in advance, -Nate Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64997t=64847 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DTP and VTP Domain [7:64892]
As long as the native VLAN is the same on both ends so that the ends of the prospective trunk link can communicate, DTP will be able to form the trunk. The VTP domain is irrelevant. All DTP needs is layer 2 connectivity and the desire (on both ends) to trunk. :-) In fact, one of the requirements for a VTP domain to exist is that trunking must be enabled between the switches. In light of this, I would say that VTP is dependent on DTP or DISL but DTP and DISL are NOT dependent on VTP. Hope this helps, Karen *** REPLY SEPARATOR *** On 3/10/2003 at 12:30 PM [EMAIL PROTECTED] wrote: Is VTP dependent of DTP or is DTP dependent of VTP?. From the following statement I think DTP can still form a trunk even if VTP domain is different on both switches. But I have read opposite statements. Unfortunatelly I can not test it now. Any thoughts? The VTP protocol communicates between switches using an Ethernet destination multicast MAC address (01-00-0c-cc-cc-cc) and SNAP HDLC protocol type Ox2003. It does not work over non-trunk ports (VTP is a payload of ISL or 802.1Q), so messages cannot be sent until DTP has brought the trunk online. http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a0080094713.shtml Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64996t=64892 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]