RE: Check Here for the Beta BCRAN [7:66382]
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66429&t=66382 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF BGP redistiribution question [7:66430]
NLI ( b..o..o..t..c..a..m..p.. lab 8 ) redistribution of OSPF and BGP I checked CCO and the "answer" key everything "appears" to be correct. So why is it that half my OSPF routes do not show up in the BGP table??? *> 137.20.0.0 0.0.0.0 0 32768 ? * i137.20.40.16/28 137.20.25.2164100 0 i *> 0.0.0.0110 32768 i *> 137.20.100.33/32 0.0.0.0138 32768 i *> 137.20.100.34/32 0.0.0.0 74 32768 i *> 137.20.100.35/32 0.0.0.0 74 32768 i *>i172.168.70.0/24 137.20.10.70 170100 0 3 i *> 172.168.80.0/24 137.20.86.1 0 0 1 i R# O IA 200.200.200.0/24 [110/75] via 137.20.64.5, 02:27:46, Ethernet0 137.20.0.0/16 is variably subnetted, 12 subnets, 4 masks O E1137.20.200.16/28 [110/110] via 137.20.64.5, 02:27:46, Ethernet0 O IA137.20.30.0/24 [110/84] via 137.20.64.5, 02:27:46, Ethernet0 O IA137.20.25.0/24 [110/74] via 137.20.64.5, 02:27:46, Ethernet0 O IA137.20.20.0/24 [110/84] via 137.20.64.5, 02:27:46, Ethernet0 O E1137.20.40.16/28 [110/110] via 137.20.64.5, 02:27:46, Ethernet0 O IA137.20.88.0/24 [110/75] via 137.20.64.5, 02:27:46, Ethernet0 O IA137.20.100.33/32 [110/138] via 137.20.64.5, 02:19:42, Ethernet0 O IA137.20.100.35/32 [110/74] via 137.20.64.5, 02:19:42, Ethernet0 O IA137.20.100.34/32 [110/74] via 137.20.64.5, 02:19:42, Ethernet0 O IA137.20.100.0/24 [110/10] via 137.20.64.5, 02:19:42, Ethernet0 O IA 200.200.100.0/24 [110/75] via 137.20.64.5, 02:27:46, Ethernet0 lest you wonder, I am using the proper ( so I think ) form of the redistribute comand, covering OSPF internal and external ) router bgp 2 no synchronization bgp log-neighbor-changes network 137.20.20.0 mask 255.255.255.0 backdoor network 137.20.25.0 mask 255.255.255.0 backdoor network 137.20.30.0 mask 255.255.255.0 backdoor network 137.20.40.16 mask 255.255.255.240 network 137.20.88.0 mask 255.255.255.0 backdoor network 137.20.100.33 mask 255.255.255.255 network 137.20.100.34 mask 255.255.255.255 network 137.20.100.35 mask 255.255.255.255 network 137.20.100.0 mask 255.255.255.0 backdoor network 137.20.200.16 mask 255.255.255.240 backdoor network 200.200.100.0 backdoor network 200.200.200.0 backdoor redistribute ospf 239 match internal external 1 external 2 ((( ---SEE I told you so! neighbor 137.20.25.1 remote-as 2 neighbor 137.20.25.1 ebgp-multihop 3 neighbor 137.20.86.1 remote-as 1 any help appreciated Chuck! -- TANSTAAFL "there ain't no such thing as a free lunch" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66430&t=66430 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab study group in Cincinnati? [7:66431]
Anyone interested? Timothy T. Lewis CCNP, CCDP, MCDBA, MCSE (2000) 1771 West Mason Morrow Rd. Lebanon, OH 45036 X Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66431&t=66431 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
allowing telnet to the outside pix interface [7:66433]
Hi all How can I let peoples outside the pix firewall to telnet my outside Pix firewall IP address which is 212.121.211.123 ? ---212.121.211.123(515E-PIX)-10.1.1.1-- I have PIX Firewall Version 6.1(4). Regards, Ismail Al-Shelh Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66433&t=66433 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP exam in prep. for the CCIE Lab!! [7:66432]
Hello,The new BGP exam(beta) for the CCIP exam is a great one (imho) in prep. for the actual CCIE Lab.It really tests your skill and deep understanding of your BGP knowledge..133 questions in 250 minutes (slightly less than 2 minutes per question), which I think was not enough.Diagrams after diagrams.The testing site refused to give me just plain white sheets of paper and also refused for me to take my color pens, even my normal pens!!.. So it was a real 'drag' trying to draw diagrams in the provided "plastic sheets" as it smudges and no place to write but on my knees!!. Reminded me so much of that 'dreaded place' that many us have been or will be soon ;-> since I had the similiar experience there!!!Uuh!! how my wrists hurt since they are hanging on the edge of that stupid desk!! I have taken over 30 exams in my professional career starting with the CNA/CNE 3 way back in 1995 with no problem in acquiring generous sheets of white paper and plenty of space to write...But this one??Anyways, the results are going to be mailed in a couple of weeks. Just prep'd. for a week since someone last week posted this new exam info. on this site...And as Monday the 31st was the last day, I decided to take it on Friday (lest I failed and could retake it on Monday again!!) But since I am going to know the results in a couple of weeks, I might just chill for now and pray I passedhopefully I did ;->Anyone else who has taken the exam, any feedback?Sincerely,CN The new MSN 8: smart spam protection and 2 months FREE* Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66432&t=66432 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66438]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Orlando Palomar Jr CCIE#11206 Sent: Friday, March 28, 2003 10:28 PM To: [EMAIL PROTECTED] Subject: RE: Multicasting Test Plan [7:66326] Hmm.. For software, you can get a demo copy of Cisco's IP/TV. It's a working demo of both server and client. Best of all, it's free. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66438&t=66438 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66443]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Orlando Palomar Jr CCIE#11206 Sent: Friday, March 28, 2003 6:07 PM To: [EMAIL PROTECTED] Subject: RE: EIGRP route to IGRP table [7:66391] On R4, go to OSPF router config and use summary-address. Like so: router ospf summary-address 170.100.40.0 255.255.255.0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66443&t=66443 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66437]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Orlando Palomar Jr CCIE#11206 Sent: Friday, March 28, 2003 10:13 PM To: [EMAIL PROTECTED] Subject: RE: SPAN on 2948G [7:66403] I would presume that the "2948G" you mentioned is the L2-only model. The Catalyst 2948G-L2 runs the same software as the Cat5000/5500, otherwise known as the CatOS. The Monitor command works only for IOS-based switches. The 2948G-L3 (L-3 switch running IOS) would probably use the Monitor command. Thought I'd clarify that. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66437&t=66437 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66442]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kazan, Naim Sent: Friday, March 28, 2003 8:19 PM To: [EMAIL PROTECTED] Subject: RE: Console management [7:66405] I take it that either the 2509 or 2511 will work for me. -Original Message- From: Orlando Palomar Jr CCIE#11206 [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2003 6:13 PM To: [EMAIL PROTECTED] Subject: Re: Console management [7:66405] I'm using a Cisco 2509-RJ. You can control up to 8 devices on it's async ports (9 if you'll be using the AUX port also). As the async prots are already RJ-45, you can connect Cisco's console cable directly. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66442&t=66442 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66445]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Orlando Palomar Jr CCIE#11206 Sent: Friday, March 28, 2003 6:13 PM To: [EMAIL PROTECTED] Subject: Re: Console management [7:66405] I'm using a Cisco 2509-RJ. You can control up to 8 devices on it's async ports (9 if you'll be using the AUX port also). As the async prots are already RJ-45, you can connect Cisco's console cable directly. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66445&t=66445 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Studying for the written CCIE [7:66450]
I passed the CCNP last week and I wanted to start studying for the CCIE "written" this weekend. I have looked at various WebPages including cisco and groupstudy. The amount of material for the test is amazing, so I'm at a lost here, especially with so many books. Does anyone have any suggestions on what book should I start with? Is there a book that contains most of the material for the test, and I can use other books to reference materials that I would not find on that one book? I guess every person is different, but is there a plan study for the test? Besides the exam blueprint off-course =) Thank you, Tommy Bartus Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66450&t=66450 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66439]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Orlando Palomar Jr CCIE#11206 Sent: Friday, March 28, 2003 10:01 PM To: [EMAIL PROTECTED] Subject: RE: Console management [7:66405] Yes. The 2511 can also be used. Though, you need an octal cable (8-async lines) or two (up to 16 asyncs) for it to be useful. However, in a practice lab environment, I'm sure you won't be configuring more than 8 or 9 devices. So a 2509-RJ is much more practical at least for me. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66439&t=66439 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66440]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, March 29, 2003 1:25 AM To: [EMAIL PROTECTED] Subject: RE: Solie Lab Solutions [7:66349] >In case anyone was wondering, there is a set of solutions for the >Solie CCIE Practice labs ( just the big ones at the end of the >book ) found at: Chuck, I'm not sure the solutions on that web link are "the latest." I can forward what I have to you if you like. I got these from Solie a while back... Regards, Eric Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66440&t=66440 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66444]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Orlando Palomar Jr CCIE#11206
Sent: Friday, March 28, 2003 6:32 PM
To: [EMAIL PROTECTED]
Subject: RE: SPAN on 2948G [7:66403]
Here's the command structure:
set span {_mod/src_ports | src_vlan | sc0} dest_mod/dest_port [rx | tx |
both] [inpkts {enable | disable}] [learning {enable | disable}]
[multicast
{enable | disable}] [create]
Ex. You want ports 3/1 to be the source and 2/4 to be the monitoring
port:
set span 3/1 2/4
Also, you can set the whole VLAN to be the SPAN source:
set span 12 2/4
where "12" is the VLAN number.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66444&t=66444
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66441]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Orlando Palomar Jr CCIE#11206 Sent: Friday, March 28, 2003 10:22 PM To: [EMAIL PROTECTED] Subject: RE: Speed Duplex Talk again [7:66402] Well said, John. I guess we'll still be seeing a lot of these until they standardize auto-negotiation accross all vendors. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66441&t=66441 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66436]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Neiberger Sent: Friday, March 28, 2003 10:53 PM To: [EMAIL PROTECTED] Subject: RE: Speed Duplex Talk again [7:66402] Orlando Palomar Jr CCIE#11206 wrote: > > Well said, John. I guess we'll still be seeing a lot of these > until they standardize auto-negotiation accross all vendors. And that's the funny thing. Autonegotiation *is* the standard! ;-) It's when you don't use auto that you've strayed from the standard. However, I still find about <5% of the time I run into situations where I just cannot get auto to work right. Most of those I suspect bad cabling but it would have been too difficult to fix at the time. Here's a tip that I've found helpful, even if things seem to be running fairly well after you upgrade to a newer switch. From time to time, clear the counters and wait a while, then check for alignment errors, late collisions, and CRC errors. Any of those are a good sign that you might have a speed and/or duplex mismatch. I've been using this technique to slowly fix the connections to some of our servers. Quite often the servers will appear to be working just fine but they still need to be fixed. Other times, our LAN group spends weeks of intermittent troubleshooting trying to solve a problem and it never occurs to them that it might be a speed/duplex issue. They're always looking for application or OS problems and they sometimes don't think to ask me about it until they've run out of ideas. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66436&t=66436 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Speed Duplex Talk again [7:66402]
I don't think we can stress enough how important the speed/duplex mismatch and autonegotiation problems are. If you are having a LAN problem, this is one of the first things you should consider. The interesting thing thing about duplex mismatch errors is that things can seem like they are working okay, but you notice problems once in a while. Every day, probably hundreds of thousands of users and servers are experiencing less-than-optimal performance because of this kind of problem. Are some or all of your IP phones rebooting every once in a while? Even this could have something to do with a duplex mismatch problem somewhere between your IP phones and your Call Manager. One question I have for folks is is whether duplex mismatch errors between a switch and one device on a segment (network printer, PC, server, etc.) could substantially degrade performance on the switch so that other links would be impacted in a noticeable way. Tom Larus ""John Neiberger"" wrote in message news:[EMAIL PROTECTED] > Orlando Palomar Jr CCIE#11206 wrote: > > > > Well said, John. I guess we'll still be seeing a lot of these > > until they standardize auto-negotiation accross all vendors. > > And that's the funny thing. Autonegotiation *is* the standard! ;-) It's > when you don't use auto that you've strayed from the standard. However, I > still find about get auto to work right. Most of those I suspect bad cabling but it would > have been too difficult to fix at the time. > > Here's a tip that I've found helpful, even if things seem to be running > fairly well after you upgrade to a newer switch. From time to time, clear > the counters and wait a while, then check for alignment errors, late > collisions, and CRC errors. Any of those are a good sign that you might > have a speed and/or duplex mismatch. > > I've been using this technique to slowly fix the connections to some of our > servers. Quite often the servers will appear to be working just fine but > they still need to be fixed. Other times, our LAN group spends weeks of > intermittent troubleshooting trying to solve a problem and it never occurs > to them that it might be a speed/duplex issue. They're always looking for > application or OS problems and they sometimes don't think to ask me about it > until they've run out of ideas. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66448&t=66402 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66435]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael W. Oliver Sent: Saturday, March 29, 2003 12:35 AM To: [EMAIL PROTECTED] Subject: Re: Console management [7:66405] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 +--- On Friday, March 28, 2003 22:01, Orlando Palomar Jr proclaimed: | | Yes. The 2511 can also be used. Though, you need an octal cable (8-async | lines) or two (up to 16 asyncs) for it to be useful. However, in a | practice lab environment, I'm sure you won't be configuring more than 8 | or 9 devices. So a 2509-RJ is much more practical at least for me. | I am using a cisco 500-CS that I picked up on ebay for about $200, and it is GREAT! It has 16 async ports and one AUI interface. It is an old box, but stable as all hell, especially for use in a lab. If you can find one, grab it quick! - -- +---+--+ |Michael W. Oliver, CCNP| "The tree of liberty must be | | IPv6 & FreeBSD mark | refreshed from time to time | |[EMAIL PROTECTED] | with the blood of patriots | |http://michael.gargantuan.com/ | and tyrants."| | ASpath-tree, Looking Glass, etc.| - President Thomas Jefferson | | +--+ | gpg key - http://michael.gargantuan.com/gnupg/pubkey.asc | +--+ -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+hTB/sWv7q8X6o8kRAt/SAJ4m+wrCjB9K0W32JsRRa8m2YmrcmgCfUVaX 6jJxoUImy7e0N4j7DhSCAg0= =nqf6 -END PGP SIGNATURE- Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66435&t=66435 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66449]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott Roberts Sent: Friday, March 28, 2003 5:54 PM To: [EMAIL PROTECTED] Subject: Re: Console management [7:66405] I should warn you about my last response regarding the 'Digi portserver', I had to make my own custom cables though, the regular cisco rollover doesn't work. so if you're not used to crimping your own cables, I wouldn't go with the portserver. scott ""Kazan, Naim"" wrote in message news:[EMAIL PROTECTED] > Hi Guys > > I am looking for a not so expensive device to manage my routers for my lab > at home via the console. Any suggestions will be greatly appreciated. > > > Thanks > > Naim Kazan > FISC-SDS Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66449&t=66449 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66447]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, March 29, 2003 9:02 AM To: [EMAIL PROTECTED] Subject: allowing telnet to the outside pix interface [7:66433] Hi all How can I let peoples outside the pix firewall to telnet my outside Pix firewall IP address which is 212.121.211.123 ? ---212.121.211.123(515E-PIX)-10.1.1.1-- I have PIX Firewall Version 6.1(4). Regards, Ismail Al-Shelh Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66447&t=66447 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66446]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Cisco Nuts Sent: Saturday, March 29, 2003 8:58 AM To: [EMAIL PROTECTED] Subject: BGP exam in prep. for the CCIE Lab!! [7:66432] Hello,The new BGP exam(beta) for the CCIP exam is a great one (imho) in prep. for the actual CCIE Lab.It really tests your skill and deep understanding of your BGP knowledge..133 questions in 250 minutes (slightly less than 2 minutes per question), which I think was not enough.Diagrams after diagrams.The testing site refused to give me just plain white sheets of paper and also refused for me to take my color pens, even my normal pens!!.. So it was a real 'drag' trying to draw diagrams in the provided "plastic sheets" as it smudges and no place to write but on my knees!!. Reminded me so much of that 'dreaded place' that many us have been or will be soon ;-> since I had the similiar experience there!!!Uuh!! how my wrists hurt since they are hanging on the edge of that stupid desk!! I have taken over 30 exams in my professional career starting with the CNA/CNE 3 way back in 1995 with no problem in acquiring generous sheets of white paper and plenty of space to write...But this one??Anyways, the results are going to be mailed in a couple of weeks. Just prep'd. for a week since someone last week posted this new exam info. on this site...And as Monday the 31st was the last day, I decided to take it on Friday (lest I failed and could retake it on Monday again!!) But since I am going to know the results in a couple of weeks, I might just chill for now and pray I passedhopefully I did ;->Anyone else who has taken the exam, any feedback?Sincerely,CN The new MSN 8: smart spam protection and 2 months FREE* Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66446&t=66446 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unsubscribe cisco j@juggler.net [7:66434]
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Larry Letterman Sent: Saturday, March 29, 2003 1:37 AM To: [EMAIL PROTECTED] Subject: Re: Console management [7:66405] I have a lab with a 2511 and the older ones dont need an octal cable..they have 16 RJ ports that connect the console cables that come with cisco gear just fine..and I am using 14 of those ports with my lab.. Larry Letterman Network Engineer Cisco Systems - Original Message - From: Orlando Palomar Jr CCIE#11206 To: [EMAIL PROTECTED] Sent: Friday, March 28, 2003 7:01 PM Subject: RE: Console management [7:66405] Yes. The 2511 can also be used. Though, you need an octal cable (8-async lines) or two (up to 16 asyncs) for it to be useful. However, in a practice lab environment, I'm sure you won't be configuring more than 8 or 9 devices. So a 2509-RJ is much more practical at least for me. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66434&t=66434 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Studying for the written CCIE [7:66450]
Try this http://home.attbi.com/~blaga/Written.htm Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66451&t=66450 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP exam in prep. for the CCIE Lab!! [7:66432]
Willy. Wow!! you teach the BGP and MPLS courses!! Where??? Awesome!! I've just begun my MPLS study which will be the last exam for the CCIP...Then I am going to head back to study for the CCIE Lab which I will take once Mr. Solie comes out with his PSV II .. When Mr. Solie ?? :-) I have 2 study guides from Cisco for the MPLS: one that says MPLS Concepts and the other that says MPLS/VPNDo I need to study both of these for the MPLS exam or just the first one will suffice? If both, then do I need any additional books from Cisco Press to supplement what I have? Like Advanced VPN by Allwyn or MPLS Traffic Engineering book?? Thank you for your help. Sincerely, CN >From: "Willy Schoots" >To: "'Cisco Nuts'" >Subject: RE: BGP exam in prep. for the CCIE Lab!! [7:66432] >Date: Sat, 29 Mar 2003 17:03:12 +0100 > >Hi CN, > >I took the beta exam some while back (begin of February). I found it a >relatively easy exam for someone that has followed the course (CBCR / >BGP 3.0). The reason that I found it easy is because there are no >questions not covered in the course and also not too many >strange/unclear questions. > >I agree with you that it had a lot of questions with diagrams and that >therefore the time was a constraint. > >Cheers, > >Willy Schoots > >PS: My judgment may colored by the fact that I teach this course and >that it is one of my favorite courses to teach (together with the MPLS >course). > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of >Cisco Nuts >Sent: zaterdag 29 maart 2003 14:58 >To: [EMAIL PROTECTED] >Subject: BGP exam in prep. for the CCIE Lab!! [7:66432] > >Hello,The new BGP exam(beta) for the CCIP exam is a great one (imho) in >prep. for the actual CCIE Lab.It really tests your skill and deep >understanding of your BGP knowledge..133 questions in 250 minutes >(slightly less than 2 minutes per question), which I think was not >enough.Diagrams after diagrams.The testing site refused to give >me just plain white sheets of paper and also refused for me to take my >color pens, even my normal pens!!.. So it was a real 'drag' trying >to >draw diagrams in the provided "plastic sheets" as it smudges and no >place >to write but on my knees!!. Reminded me so much of that 'dreaded >place' that many us have been or will be soon ;-> since I had >the similiar experience there!!!Uuh!! how my wrists hurt since they are >hanging on the edge of that stupid desk!! I have taken over 30 exams in >my professional career starting with the CNA/CNE 3 way back in 1995 with >no problem in acquiring generous sheets of white paper and plenty of >space to write...But this one??Anyways, the results are going to be >mailed in a couple of weeks. Just prep'd. for a week since someone last >week posted this new exam info. on this site...And as Monday the >31st >was the last day, I decided to take it on Friday (lest I failed and >could retake it on Monday again!!) But since I am going to know the >results in a couple of weeks, I might just chill for now and pray I >passedhopefully I did ;->Anyone else who has taken the exam, any >feedback?Sincerely,CN > > > >The new MSN 8: smart spam protection and 2 months FREE* > > > > misconduct and Nondisclosure violations to [EMAIL PROTECTED] > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66452&t=66432 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: This is even better - RIP / OSPF redistribution [7:66057]
Real world I had to deal with this to add 'legacy' Motorola equipment attached to a larger Cisco network. The business unit never bought the OSPF license for the Motorolas. ""The Long and Winding Road"" wrote in message news:[EMAIL PROTECTED] Again, a CCIE practice lab - R5 - the task calls for mutual redistribution of OSPF and RIP The next task says that no routes are to be advertised out the RIP interface - only in. So tell me, why are we even bothering with the OSPF into RIP redistribution? I'm not sure I can fall asleep tonight, I'm laughing so hard. Goodnight. -- TANSTAAFL "there ain't no such thing as a free lunch" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66453&t=66057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Looking for errata files for Routing TCP/IP vol 2 and CCIE [7:66455]
S! ALL, I have been to the Cisco Press site but I cannot find them there. It looks like both books have been updated to newer editions. Does anyone have these errata files? I have found that without these errata files the lab exercises are near to useless due to the printing (and err..umm..just plain bad answers) mistakes in the answers. Thanks in advance! Brian --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66455&t=66455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Speed Duplex Talk again [7:66402]
Thomas Larus wrote: > > I don't think we can stress enough how important the > speed/duplex mismatch > and autonegotiation problems are. If you are having a LAN > problem, this is > one of the first things you should consider. The interesting > thing thing > about duplex mismatch errors is that things can seem like they > are working > okay, but you notice problems once in a while. > > Every day, probably hundreds of thousands of users and servers > are > experiencing less-than-optimal performance because of this kind > of problem. > Are some or all of your IP phones rebooting every once in a > while? Even > this could have something to do with a duplex mismatch problem > somewhere > between your IP phones and your Call Manager. > > One question I have for folks is whether duplex mismatch > errors between a > switch and one device on a segment (network printer, PC, > server, etc.) could > substantially degrade performance on the switch so that other > links would be > impacted in a noticeable way. Hmmm. That's an interesting question: does a duplex mismatch on one port degrade performance on the switch in general? I'm thinking out loud here, but I think it's unlikely. It would depend on the the duplex mode that the switch port ended up in, though, and the architecture of the switch. If the switch port ended up in half duplex, and the port has a lot of frames to send, the port could end up doing lots of retransmissions. It would retransmit every time it received while sending. (That would be true for any half-duplex environment, even without a mismatch, actually.) If the switch isn't a non-blocking switch, the port that is busy retransmitting could cause problems for other ports that have something to send out that port. With head-of-the-line blocking, a frame at the front of an input queue on some other port could be holding up every frame behind it because the half-duplex output port is busy retransmitting and can't accept another frame. Cisco high-end switches don't have this problem. Switches based on the 5000 architecture have shared buffers where they can ship frames to get them out of the way of frames behind them. Now, let's say that the switch port decided it was full duplex but the other side deciced it was half. That wouldn't cause a serious performance problem at the switch. The switch port would see lots of runts and CRCs and have to report them to management, but that shouldn't cause a significant performance problem. Priscilla > > Tom Larus > > > ""John Neiberger"" wrote in > message > news:[EMAIL PROTECTED] > > Orlando Palomar Jr CCIE#11206 wrote: > > > > > > Well said, John. I guess we'll still be seeing a lot of > these > > > until they standardize auto-negotiation accross all vendors. > > > > And that's the funny thing. Autonegotiation *is* the > standard! ;-) It's > > when you don't use auto that you've strayed from the > standard. However, I > > still find about I just cannot > > get auto to work right. Most of those I suspect bad cabling > but it would > > have been too difficult to fix at the time. > > > > Here's a tip that I've found helpful, even if things seem to > be running > > fairly well after you upgrade to a newer switch. From time > to time, clear > > the counters and wait a while, then check for alignment > errors, late > > collisions, and CRC errors. Any of those are a good sign > that you might > > have a speed and/or duplex mismatch. > > > > I've been using this technique to slowly fix the connections > to some of > our > > servers. Quite often the servers will appear to be working > just fine but > > they still need to be fixed. Other times, our LAN group > spends weeks of > > intermittent troubleshooting trying to solve a problem and it > never occurs > > to them that it might be a speed/duplex issue. They're > always looking for > > application or OS problems and they sometimes don't think to > ask me about > it > > until they've run out of ideas. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66454&t=66402 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 1720 crashing every week [7:66080]
I had the same model and the same problem in 2001. I was doing prettyt much the same setup also, however I had PAT in use. For some reason (which was reoslved with an IOS upgrade), the box would die but luckily I would get a dump at that time of the memory etc. I got onto the TAC and they had a newer mid release IOS that solved my problem, however I did look stupid as my router would die in the middle of the day, right when net usage was at its highest. Possibly the router/IOS could not handle the PAT to well.. Hope this helps you. jb -Original Message- From: neil K. [mailto:[EMAIL PROTECTED] Sent: Tuesday, 25 March 2003 10:22 PM To: [EMAIL PROTECTED] Subject: 1720 crashing every week [7:66080] Hi Folks, I got two 1720's connected with a two bri's. I am running PPP multilink on them, it is basic ISDN setup with PPP Multilink,Also I have set up a very high idle-timer on the dialer interface just to keep them up indefinitely, but the routers crash every week and I have to manually reset them and, then they work fine for a week.Any help will be highly appreciated. Thanks, neil ** This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66456&t=66080 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3550s and L3 rate-limit (second attempt) [7:66291]
Mario, The first part looks exactly right to me. You have used a class-map/access-list duple to ID the traffic to be affected, put it into a policy-map that defines the action to be taken, and then assigned it to an interface via the service-policy statement. Exactly correct. You win the CAR :) I have never put both ingress and egress service-policy statements on an interface though, so I cannot say why one would wipe out the other. It would seem logical that you should be able to do 1 of each. You do not really specify what you mean by "playing with the ingress/egress filtering statements" so I cannot comment about what you may have affected except to say that it might be possible that if you reference a non-existing access list the service-policy doesn't show because the configuration isn't complete..this is a total guess though :) Do your "show" commands reveal that your policies are in effect even when the statements are not visible? S! Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link, LLC. wrote in message news:[EMAIL PROTECTED] > Hi. I have a few questions that I need clarification on: > > > 1) Is this the correct method to do L3 rate-limiting on a 3550? > > access-list 101 permit ip any xxx.xxx.xxx.0 0.0.0.255 > ! > class-map match-any 768k_traffic > match access-group 101 > ! > policy-map 768k-DSL > class 768k_traffic > police 768000 768000 exceed-action drop > ! > interface FastEthernet0/3 > no switchport > ip address xxx.xxx.xxx.1 255.255.255.252 > service-policy output 768k-DSL > > > > 2) After playing with the ingress/egress filtering statements, f0/3 accepts > the service-policy command but it does not show up in the config (the > original tests did show up) > > interface FastEthernet0/3 > no switchport > ip address xxx.xxx.xxx.1 255.255.255.252 > no cdp enable > > > > > 3) Can I not do L3 rate-limiting on the 3550 for both ingress and egress > rate-limiting (if "input" is specified and an "output" command is entered, > it wipes the "input" statement). > > On the 2948G-L3s, I would use the rate-limit command and specify both input > and output per interface. > > > Thanks, > Mario Puras > SoluNet Technical Support Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66458&t=66291 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP SUMMARY ROUTE METRIC [7:66344]
XY, I would think that the metrics of the summarized routes do NOT affect the summary route because the summary route originates on the router doing the summarization. Therfore it would be advertised "clean" to the next router, i.e. using only the default EIGRP metrics. So a router 3 hops away from the router doing the summarization would see the summary route as having a metric affected only by the links it had to cross to get to that router. This would be the same as if the router doing the summarization were originating any other route. The fact that it is a summarization does not affect the metric. AFAIK, of course! :) S! (Salute!) Brian ""XY HIEN LE"" wrote in message news:[EMAIL PROTECTED] > Hi, > I have a question that need to be clarified regarding the metric of > EIGRP summary metric: > The metric of EIGRP summarized route derived from the component route > that has the biggest or smallest metric? > Any clarification on this matter is much appreciated. I could not find > answer in any of the Cisco Press books or any web site at all. > Thanks in advance. > Xy Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66457&t=66344 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Would these two configs have the same result? [7:66462]
S! ALL! The desired result is to allow only the default route to be sent to a neighbor in AS2. First way I did it: router bgp 1 nei 192.168.100.10 remote-as 2 nei 192.168.100.10 default-originate nei 192.168.100.10 distribute-list 1 out access-list 1 permit 0.0.0.0 access-list 1 deny any Second Way: Note that AS1 is a transit AS that has NO network statements. Therefore the only update with a path of ^$ would be the path created by the "nei 192.168.100.2 default-originate" statement. router bgp 1 nei 192.168.100.2 remote-as 2 nei 192.168.100.2 default-originate nei 192.168.100.2 route-map default-only out ip as-path access-list 1 permit ^$ route-map default-only permit 10 match as-path 1 I do see that the first way would be less prone (actaully..fault proof ) to errors going forward, i.e. were AS1 to originate another network it would match as-path list 1. Still, for the situation as stated, either of these ways of doing it meets the desired result, yes? Thanks! Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link LLC. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66462&t=66462 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP SUMMARY ROUTE METRIC [7:66344]
On 27 Mar 2003 at 21:53, XY HIEN LE wrote: > Hi, > I have a question that need to be clarified regarding the metric of > EIGRP summary metric: > The metric of EIGRP summarized route derived from the component route > that has the biggest or smallest metric? > Any clarification on this matter is much appreciated. I could not find > answer in any of the Cisco Press books or any web site at all. > Thanks in advance. > Xy Hi! "The metric is the best metric from among the summarized routes" http://www.cisco.com/warp/public/103/eigrp-toc.html#summarization Bertalan Dergez CCNP, CCDP Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66459&t=66344 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ASET [7:66460]
Does anyone know if there is a way to obtain the ASET labs apart from being a Cisco partner ? Thx. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66460&t=66460 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
UDLD Questions [7:66461]
Will UDLD prevent duplex mismatches from occurring on end user devices? (Disabling a ports that are detected to be mismatched) Or does UDLD only work between switches? Thanks in Advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66461&t=66461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MLS and access lists [7:66464]
With Multilayer Switching (MLS), how does the MLS Switch (MLS-SE) know that the router (MLS-RP) has an access list? In other words, how does the switch know that it should use a destination flow mask, a destination-source flow mask, or a full-flow mask? The access list, afterall, is on the router, not the switch, according to descriptions of MLS. The switch definitely knows, because you see different output with the "show mls" command, but how does it know? Does the router pass it to the switch in MLSP messages, or is there something more obvious that I'm missing. With some access lists, an enable packet would never come back from the router. Is that what triggers the switch to use the more advanced flow masks? This would imply that the switch is always looking at upper layers and knows that Telnet between 2 hosts results in an enable packet but FTP (or whatever) does not. That seems like a lot of burden to put on a switch. I checked Clark and Hamilton "Cisco LAN Switching," and the Ethernet LAN switching papers at CertificationZone, but am still left wondering Thanks for your help. Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66464&t=66464 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Does LAN to LAN VPN ever timeout? [7:66465]
A friend of mine and I had a discussion on this topic. 2 PIX LAN-LAN VPN. He said that by default, VPN will terminate in 24 hours if no traffic. When bringing VPN up, the first packet always gets lost. Is this true? Thanks. Yoshi Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66465&t=66465 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: UDLD Questions [7:66461]
Charlie Wehner wrote: > > Will UDLD prevent duplex mismatches from occurring on end user > devices? (Disabling a ports that are detected to be mismatched) Cisco's Unidirectional Link Detection protocol requires the two ends of the link to send UDLD messages to each other. An end-user device wouldn't understand the protocol and wouldn't send the messages. > > Or does UDLD only work between switches? It only works between switches, unless NIC vendors have implemented it, but I haven't heard that any have. UDLD probably won't help detect a duplex mismatch anyway. A link that has a duplex mismatch problem isn't unidirectional. It's bidirectional but hampered by errors and collisions, depending on traffic flow, rates, and load. For UDLD to help with a duplex mismatch problem, the message interval would have to be extremely small. The default for the interval is 15 seconds. Unfortunately, the lowest you can set it is 7 seconds. With UDLD aggressive mode, if one side detects a problem it does start sending UDLD packets every second, which could help, but probably wouldn't help on most links. When there's a duplex mismatch, the side using half duplex will have problems sending, but the problem probably won't last for an entire second. Ethernet retransmissions occur in milliseconds, not seconds. UDLD helps with wiring faults, such as the receive and transmit fibers not being connected to the same port on the remote side, and misbehaving ports that can send but not receive or vice versa, but it's not much help with a duplex mismatch problem on a link with typical traffic characteristics. Priscilla > > Thanks in Advance > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66463&t=66461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: UDLD Questions [7:66461]
I was just reading about UDLD and it said if its not enabled on both ends, it may not work correctly. I think you'd be taking a chance enabling UDLD on an access port. Some CATOS switches have the errdisable function enabled by default. When we installed our first few 6509's, ports were being disabled automatically with any errors. Since mis-matched duplex causes errors, the errdisable function is what you need.. http://www.cisco.com/en/US/tech/tk389/tk214/technologies_tech_note09186a0080 093dcb.shtml#ed_platforms Jeffrey Reed Classic Networking, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, March 29, 2003 3:51 PM To: [EMAIL PROTECTED] Subject: UDLD Questions [7:66461] Will UDLD prevent duplex mismatches from occurring on end user devices? (Disabling a ports that are detected to be mismatched) Or does UDLD only work between switches? Thanks in Advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66467&t=66461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: UDLD Questions [7:66461]
Very good explanation Priscilla. Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66466&t=66461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wireless AP Chaining [7:66270]
S! ALL! Here's my experience with trying to pass VLANS over Aeronet 350 bridges...this ties into this thread because we ran into issues when we tried to link bridges... glossary: trunk = "switchport mode trunk" with ALL VLANS allowed. 802.1q encapsulation. I run a single DS1 into an office park. There I have a 2620 terminating the DS1 and using FE subinterfaces trunked to a 2950. This 2950 then has a trunk to the root 350 Bridge. Then from there we link to other Bridges (currently 6 others in hub-spoke) in other buildings. Each building has a 350 bridge trunked to a 2950. Clients then have Cat5 run to thier office CPE, usually a firewall. Each client has thier own unique VLAN. There may be more than 1 client per building (in fact, the most populous building currently has 4 clients, and there are over 15 in all). Like so: DS1---2620--[trunk]--2950--[trunk]--ROOT 350Br350Br--[trunk]--2950--[VLAN x]--CPE So this is a hub and spoke with one "ring" around the hub. As long as we stay at this one "ring" level things are just fine. BUT if I do this: DS1---2620---2950---ROOT 350Br---350BR---350BR---2950---CPE A client signed on with us last summer in a building that had no line of sight to the root bridge's omidirectional antennae. So we tried to link them to the root by passing them through an existing bridge, thus creating a second "ring" tier. We tried it both using an existing bridge (that serviced a building through a 2950 etc) and a dedicated bridge we mounted just for this purpose. The result? SEGV whenever anything was plugged into the switch at "ring" level 2 (far end away from the root site). As soon as the interface in the client VLAN came up...POW...SEGV. The router would crash with a SEGV error. It would reboot and immediately crash again...and again...ad infinitum The output was run through Cisco's output interpreter...sent to TAC along with all configs...nada. Note that "VLAN1" was able to traverse the network just fine. I could console into the switch at ring-level 2 and go to any other switch in the office park. Once anything went across in an 802.1q tagged frame though, indeed as soon as an interface in the far switch NOT in VLAN1 came up, the router crashed. Notes of interest: 2620 was using 12.2.5d originally. I could get it to NOT crash if I went to 12.1.17 BUT no traffic would cross to the far switch AND the router and its local switch would not talk on VLAN 1. Unacceptable. All switches were VTP clients except the root, which is in server mode. All VLANS showed up on all switches including the far switch. I set the MTU to a low value, to no effect, thinking maybe the 802.1q tags (4 extra bytes) could be an issue. Nada. No VLAN capability was configured on the 350 bridges. The far 350 cannot communicate with the root 350 so it is not looping anything. All associations seemed proper, i.e. far-to-middle, middle-to-root. All "parent" listings seemed proper. Bridge "IOS" was everything from 11.23 up (we tried em all in matched sets, i.e. all 11.23 or all 12.0 etc). The only interfaces assigned to the VLAN in question were the FE subinterface on the 2620 and a single port on the far switch. No other switches had any ports in this VLAN (trunk ports excepted, of course). All links are at 60% level or greater and are supporting a full 11Mbps. A port on the "middle" switch was configured to be in the same VLAN as the client and it could NOT talk to the client. The middle bridge has an omnidirectional antennae, so the "one at a time" rule does not apply...or does it? Still, we did use a separate dedicated bridge as the middle of the chain to no avail. TAC swears that this should work because the 350 bridge is functionally a hub. GIGO rules apply. It is unaware, nor does it care about the VLAN tagging or anything else. It should just relay anything and everything. Anyone got any suggestions? I'm open :) Oh yeah...I "fixed" it by placing the far 350 at the other end of the building where it could get LOS to the root...once the leaves fell off the trees on the intervening ridge. Spring is coming though and with it, certain loss of LOS. Short of a "chainsaw-in-the-night" approach, it seems a DS1 to the client is my only answer. S! (Salute!) Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link LLC. ""Williamson, Paul"" wrote in message news:[EMAIL PROTECTED] > Anyone know the maximum number of Wireless AP's you can chain of a single > wireless bridge > ie > > Switch ---copper---> AP ~~~air~~~> AP ~~~air~~~> AP > > Does cisco make an AP that supports this > Thanks > -Paul > > > PLEASE READ: The information contained in this email is confidential > and intended for the named recipient(s) only. If you are not an intended > recipient of this email you must not copy, distribute or take any > further action in reliance on it and you should delete it and notify the > sender immediately. Email is not a secure method of communication and > Nomura Internationa
RE: MLS and access lists [7:66464]
Hi Priscilla, Quoting Multilayer Switching Companion Guide on p. 340... MLS creates flows based on access lists configured on the MLS-RP...the MLS-SE handles standard and extended access list PERMIT traffic...Route topology changes and the addition or modification of access lists are reflected in the IP MLS switching path automatically on the MLS-SE...the MLS-SE learns of the change through MLSP and immediately enforces security. I believe this is the reason why you need a L3 switch to do MLS. HTH. Elmer -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, March 29, 2003 7:10 PM To: [EMAIL PROTECTED] Subject: MLS and access lists [7:66464] With Multilayer Switching (MLS), how does the MLS Switch (MLS-SE) know that the router (MLS-RP) has an access list? In other words, how does the switch know that it should use a destination flow mask, a destination-source flow mask, or a full-flow mask? The access list, afterall, is on the router, not the switch, according to descriptions of MLS. The switch definitely knows, because you see different output with the "show mls" command, but how does it know? Does the router pass it to the switch in MLSP messages, or is there something more obvious that I'm missing. With some access lists, an enable packet would never come back from the router. Is that what triggers the switch to use the more advanced flow masks? This would imply that the switch is always looking at upper layers and knows that Telnet between 2 hosts results in an enable packet but FTP (or whatever) does not. That seems like a lot of burden to put on a switch. I checked Clark and Hamilton "Cisco LAN Switching," and the Ethernet LAN switching papers at CertificationZone, but am still left wondering Thanks for your help. Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66471&t=66464 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Any suggestions for buying equipment for a home lab? [7:66468]
Anyone lease equipment? Best prices, ebay? Anyone have examples of a good home lab equipment list? Should I spend the extra couple grand on 2 3550s? How many of the routers should be 26XX? Should I purchase a set based switch? Timothy T. Lewis CCNP, CCDP, MCDBA, MCSE (2000) 1771 West Mason Morrow Rd. Lebanon, OH 45036 X Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66468&t=66468 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MLS and access lists [7:66464]
Hi Priscilla, Your suspicion is 100% correct: the flow mask is signaled from the router (RP) to the switch (SE) via the MLSP protocol. Take care, Kennedy Priscilla Oppenheimer wrote: > > With Multilayer Switching (MLS), how does the MLS Switch > (MLS-SE) know that the router (MLS-RP) has an access list? In > other words, how does the switch know that it should use a > destination flow mask, a destination-source flow mask, or a > full-flow mask? The access list, afterall, is on the router, > not the switch, according to descriptions of MLS. > > The switch definitely knows, because you see different output > with the "show mls" command, but how does it know? Does the > router pass it to the switch in MLSP messages, or is there > something more obvious that I'm missing. > > With some access lists, an enable packet would never come back > from the router. Is that what triggers the switch to use the > more advanced flow masks? This would imply that the switch is > always looking at upper layers and knows that Telnet between 2 > hosts results in an enable packet but FTP (or whatever) does > not. That seems like a lot of burden to put on a switch. > > I checked Clark and Hamilton "Cisco LAN Switching," and the > Ethernet LAN switching papers at CertificationZone, but am > still left wondering > > Thanks for your help. > > Priscilla > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66469&t=66464 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
