Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
I concur, even if you are a consarned top poster. ;- As I understand it, the IOS version chosen for the CCIE Lab is done so for the purpose of allowing for the possibility of testing certain features. The proctors ( or at least those with whom I had my discussions ) are adamant that any given lab can be configured using the particular IOS, and that there are no bugs involving features that are tested. That said, this newsgroup also serves as a general Cisco informational group. Non lab topics have always been a part of the thrill of this group, or at least it has been for me, for the last 4 years or so. There is a list dedicated to CCIE study, which has a different tone, and it a bit less free form ( and a lot less fun, IMHO ) than this one. You can check the groupstudy web site for the archives to get an idea of the flavor. Reimer, Fred wrote in message news:[EMAIL PROTECTED] Let me set the record straight. My only goal here is to prepare and succeed in passing the Cisco CCIE written and lab exams. I know that there are features and options that are available in certain versions of IOS, and those options can be, and are likely un-useful, to CCIE candidates. However, it should be the focus of this group to understand and comprehend the specific feature available in the IOS releases that are used in the written and lab exams. It makes no sense, and in a certain view is detrimental, to bring up features that are only available in versions of IOS that will not be used in the testing criteria. If there have been any features that are available in the exams that I incorrectly misrepresented, then please correct me. I will be taking the written and lab exams in the near future, and would definitely benefit from the feedback of this group. I don't think it is useful to inject features that are available in IOS versions that will not be used in the testing into this discussion. Again, correct me if I'm wrong. I'm new to this group, so this may be out of line... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: Luan Nguyen; 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported
Re: running GRE/IPSEC between PE routers [7:72764]
tunnel? what tunnel? your show ip int brief does not reveal a tunnel. your provider is where the tunnel is? So PE1 and PE2 are your CE peers? I've done GRE tunnels across the internet with study partners, and it works just fine. can your CE routers ping eachother? If not, where does the routing break down. traceroute is useful here. What are the default routes that your Sun machines are using? troubleshooting 101. Luan Nguyen wrote in message news:[EMAIL PROTECTED] Hello, Anyone knows if you need to do anything special on the tunnel link for this to work? Like run tag-switching there for example? I have 2 cisco 2651xm acting as PE and have a GRE with IPSEC transport mode between them. The CE has all the routes to the other CE, mBGP look good, everything look good from the show perspective, but I just can't source ping or ping from one sun box behind one CE to the other one. Any help would be greatly appreciated. -luan I have a set up like this: cisco2621Aethernet/BGPPE1GRE/IPSEC---PE2Ethernet /BGP---cisco2621C running eigrp inside the tunnel to advertise the loopback. PEs = 2651xm running 12.3.1a enterprise 3DES. Traceroute die at the PE. Here are some show routes 2621A#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.1.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets C 10.242.1.0 is directly connected, FastEthernet0/1 B 10.242.2.0 [20/0] via 192.168.1.1, 00:27:08 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.1.1 2621A#show ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0192.168.1.2 YES manual up up FastEthernet0/110.242.1.1 YES manual up up 2621C#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.2.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.2.1, 00:23:37 C 10.242.2.0 is directly connected, Ethernet0/1 192.168.2.0/30 is subnetted, 1 subnets C 192.168.2.0 is directly connected, Ethernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.2.1 2651XM1#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.1.2, 00:29:08 B 10.242.2.0 [200/0] via 204.177.181.252, 00:17:55 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 2651XM2#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [200/0] via 204.177.181.253, 00:15:45 B 10.242.2.0 [20/0] via 192.168.2.2, 00:15:13 192.168.2.0/30 is subnetted, 1 subnets C 192.168.2.0 is directly connected, FastEthernet0/0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72773t=72764 -- FAQ, list
CCIE required in UAE [7:72776]
A CCIE is required for a senior network consultation position in UAE. Contact: [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72776t=72776 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT - Ethernet Fire Alarm [7:72749]
First thought. A fire breaks out in the Core network area. Perhaps a 6509 bursts into flames. That brings the network down or at the very least makes the spanning tree crap the bed for a good minute and a half. The alarm doesn't go off (at least not in a timely manner) and people die. Looking back do you wish you had just nodded when they said someone was cabling the building for fire/emergency alarms? Just my thought. David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72772t=72749 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BCRAN 640-605 V.S. 505 ?'s [7:72774]
I've looked at some of the listed requirements for the 605 and 505 BCRAN exams and they look almost identical. The list for the newer exam 642-821 has dsl and cable modem stuff. I'm using the 505 study material..I'm taking the 605 and wondering if I might see DSL stuff anyway. Anyone take 605 recently? David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72774t=72774 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Fred, A few years ago this list was opened up to questions and discussions that aren't necessarily related to certification. In fact, discussions don't even have to be Cisco-related, although they usually are. You'll quite often see stuff like this around here, and many times people simply want to know if something can be done, not whether it's a good idea for it to be done. :-) I have my doubts that this could be configured in such a way as to be reliable and stable, but who knows. I even gave a suggestion earlier that I now think won't work. I'm too tired at the moment to try it out, though. John - Original Message - From: Reimer, Fred To: Sent: Tuesday, July 22, 2003 9:29 PM Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe
Re: a song for all of us [7:72729]
At 10:06 PM + 7/22/03, annlee wrote: You're feeling better now, eh? Or is it the medications? Howard C. Berkowitz wrote: Don't forget relevant folk: Pete Seeger: This LAN is Your LAN Kingston Trio: MTA (triple duty for email, token management, and looping) Peter Paul Mary: If I had a token, I'd ring it in the morning And surely there must be a version of Alice's Restaurant sung by Cisco Sales. My central air conditioning works again...and the pain pills do help the twinge left in my leg. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72778t=72729 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ios upgrade... [7:72779]
Hi, I tried upgrading IOS on a 3620 via the console (about 1.75 hours!) Now there's some ugliness in the boot. I verified the flash and it seems ok. Boot and sho ver follows. Just seeing if anyone had any input... Thanks Rusty System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFT WARE (fc2) Copyright (c) 1994-1996 by cisco Systems, Inc. C3600 processor with 65536 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0x843438 Self decompressing the image : #.##[OK] %ERR-1-GT64010: Fatal error, PCI Master abort cause=0x0300E483, mask=0x0CD01F00, real_cause=0x0400 bus_err_high=0x, bus_err_low=0x3100, addr_decode_err=0x1FEE Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! 00:00:06: %LINK-4-NOMAC: A random default MAC address of .0c86.2235 has been chosen. Ensure that this address is unique, or specify MAC addresses for commands (such as 'novell routing') that allow the use of this address as a default. 00:00:07: %SYS-5-CONFIG_I: Configured from memory by console 00:00:10: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Router Router Routersho ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) Router uptime is 0 minutes System returned to ROM by power-on System image file is flash:c3620-is-mz.121-20.bin cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72779t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN 640-605 V.S. 505 ?'s [7:72774]
Yes, for 640-605, the DSL and cable modem not include yet thanks David Vital wrote in message news:[EMAIL PROTECTED] I've looked at some of the listed requirements for the 605 and 505 BCRAN exams and they look almost identical. The list for the newer exam 642-821 has dsl and cable modem stuff. I'm using the 505 study material..I'm taking the 605 and wondering if I might see DSL stuff anyway. Anyone take 605 recently? David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72781t=72774 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ios upgrade... [7:72779]
I had the same problem with my 3620 although I am using a different IOS. It throws up this error and then re-boots. After that it seems to boot up okay the second time. Functionality too is normal. I did not really have much time to figure it out since had to place this router in the network immediately. Since you have higlighted it, any views would be great. // Bosco -Original Message- From: Wilmes, Rusty [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:36 PM To: [EMAIL PROTECTED] Subject: ios upgrade... [7:72779] Hi, I tried upgrading IOS on a 3620 via the console (about 1.75 hours!) Now there's some ugliness in the boot. I verified the flash and it seems ok. Boot and sho ver follows. Just seeing if anyone had any input... Thanks Rusty System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFT WARE (fc2) Copyright (c) 1994-1996 by cisco Systems, Inc. C3600 processor with 65536 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0x843438 Self decompressing the image : #.##[OK] %ERR-1-GT64010: Fatal error, PCI Master abort cause=0x0300E483, mask=0x0CD01F00, real_cause=0x0400 bus_err_high=0x, bus_err_low=0x3100, addr_decode_err=0x1FEE Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! 00:00:06: %LINK-4-NOMAC: A random default MAC address of .0c86.2235 has been chosen. Ensure that this address is unique, or specify MAC addresses for commands (such as 'novell routing') that allow the use of this address as a default. 00:00:07: %SYS-5-CONFIG_I: Configured from memory by console 00:00:10: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Router Router Routersho ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) Router uptime is 0 minutes System returned to ROM by power-on System image file is flash:c3620-is-mz.121-20.bin cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72780t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ios upgrade... [7:72779]
Rusty, Not sure about it. Why don't you try to load the image again from a TFTP and see if you getting this error again. Thanks Ganesh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wilmes, Rusty Sent: Wednesday, July 23, 2003 12:36 PM To: [EMAIL PROTECTED] Subject: ios upgrade... [7:72779] Hi, I tried upgrading IOS on a 3620 via the console (about 1.75 hours!) Now there's some ugliness in the boot. I verified the flash and it seems ok. Boot and sho ver follows. Just seeing if anyone had any input... Thanks Rusty System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFT WARE (fc2) Copyright (c) 1994-1996 by cisco Systems, Inc. C3600 processor with 65536 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0x843438 Self decompressing the image : #.##[OK] %ERR-1-GT64010: Fatal error, PCI Master abort cause=0x0300E483, mask=0x0CD01F00, real_cause=0x0400 bus_err_high=0x, bus_err_low=0x3100, addr_decode_err=0x1FEE Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! 00:00:06: %LINK-4-NOMAC: A random default MAC address of .0c86.2235 has been chosen. Ensure that this address is unique, or specify MAC addresses for commands (such as 'novell routing') that allow the use of this address as a default. 00:00:07: %SYS-5-CONFIG_I: Configured from memory by console 00:00:10: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Router Router Routersho ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) Router uptime is 0 minutes System returned to ROM by power-on System image file is flash:c3620-is-mz.121-20.bin cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72782t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How difference in Layer2 and Layer3 interface [7:72784]
Hi I configure vlan 100 at vlan data mode,when I exit from vlan database mode, sh run inter vlan 100, but I cant see any thing about vlan100, But sh vlan bri is ok. So I think the Vlan100 is Layer2 interface now. The next, Configure term inter vlan 100 end and now,the vlan100 was became layer3 interface? But I not configure any IP address at vlan100,is true? Thanks softmap Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72784t=72784 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MPLS simulated lab at home [7:72759]
I like the starting point in Stephen Hutnik and Michael Satterlee book (All in One CCIE. MPLS and VPN worked great in our lab, with 2500 routers. Unfortunately, it is impossible to reproduce MPLS Traffic Engineering on 2500. The router crashes. Hope Helps. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72789t=72759 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Exam retires [7:72785]
Retired Exam Last Day to Register Related Certification(s) Current (Replacement) Exam 640-841 Foundation 30Sep03 CCNP, CCDP 642-891 COMP 640-589 CCNP Recertification 30Sep03 CCNP 642-891 COMP 640-529 CCDP Recertification 30Sep03 CCDP 642-891 COMP 640-607 CCNA 30Sep03 CCNA 640-801 CCNA 640-100 MCNS 30Sep03 CCSP, CCIP-elective, Cisco Firewall, VPN, IDS Specialist 642-501 SECUR 9E0-111 CSPFA 30Sep03 CCSP, CCIP-elective, Cisco Firewall Specialist 642-521 CSPFA 9E0-121 CSVPN 30Sep03 CCSP, CCIP-elective, Cisco VPN Specialist 642-511 CSVPN 9E0-131 CSI 30Sep03 CCSP, CCIP-elective 642-541 CSI South afrika contact 0721194098 for Practice Exams -Original Message- From: afshin mehrpouya [mailto:[EMAIL PROTECTED] Sent: 23 July 2003 07:17 To: [EMAIL PROTECTED] Subject: CCIE required in UAE [7:72776] A CCIE is required for a senior network consultation position in UAE. Contact: [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72785t=72785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
certification expire [7:72786]
Dear All, I would like to know what happen if my CCNA expire but i have two passed exams of the CCNP. Do you loose all these exams and redo the whole thing ? or can I continue with the CCNP once I redo my CCNA exam ? or even if you know any email of cisco that I can ask this question is also good. Much appreciate. Justin Vo [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72786t=72786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCRAN 640-605 V.S. 505 ?'s [7:72774]
A. Thanks. That's good to know. David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72787t=72774 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Starting off towards a CCNP [7:72734]
I'm gonna deviate from the norm on this. I have taken the BSCI and Switching exams in the last month. I think the study material you have would likely be fine for those except you need to add Is-Is to the routing info. I think that you could hunker down and get ready for the switching exam before they change it September 7. once they change it You will have to either get new study material or supplement it more than for the current set of exams. But like I said, I would knock off the Swiitching one first since (my opinion) it is easier. Get it out of the way before it changes. The Routing exam isn't supposed to change all that much. David Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72788t=72734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Hello, Didn't mean anything - just some information in case you guys not just study but doing work for your company also. And like John said, I was curious to see if you could do broadcast over the tunnel since when talk about GRE, mostly it could implement multicast and not a mention of broadcast. There's no right or wrong - just information. Didn't mean to upset anyone Guess I am a bit different, I don't want to take the ccie lab any more :) too tired of that - just want to learn more about tech in general 12.2.15T5 is fine - we were using that T train anyway, just ran across some bugs that prompt us to go with 12.3.1. If you are in the vpn business, then this 12.3 code is quite good since it supports vam2 card...etc To me personally, those kind of questions sometime good - since those could be asked by the customers -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Neiberger Sent: Wednesday, July 23, 2003 1:46 AM To: [EMAIL PROTECTED] Subject: Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Fred, A few years ago this list was opened up to questions and discussions that aren't necessarily related to certification. In fact, discussions don't even have to be Cisco-related, although they usually are. You'll quite often see stuff like this around here, and many times people simply want to know if something can be done, not whether it's a good idea for it to be done. :-) I have my doubts that this could be configured in such a way as to be reliable and stable, but who knows. I even gave a suggestion earlier that I now think won't work. I'm too tired at the moment to try it out, though. John - Original Message - From: Reimer, Fred To: Sent: Tuesday, July 22, 2003 9:29 PM Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE;
RE: 3com and catalyst trunk [7:72654]
I'm not entirely certain SuperStack III's can be managed in this fashion? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72795t=72654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Which is more CPU intensive? [7:72792]
Which is more CPU intensive. Using set ip dscp with CBWFQ or policing to mark traffic dscp values with CBWFQ? Muhtari Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72792t=72792 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ios upgrade... [7:72779]
Here u go! Bus Error Crashes The system encounters a bus error when the processor tries to access a memory location that either does not exist (a software error) or does not respond properly (a hardware problem). A bus error can be identified by looking at the output of the show version command provided by the router (if not power-cycled or manually reloaded). Raj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72797t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: certification expire [7:72786]
as far as my understanding goes you need to finish a higher certification before the expiry of you CCNA to be automatically renewed. Or you will need to re-certify yourself for CCNA also in order to complete CCNP. Do you loose all these exams and redo the whole thing ? No U don't loose all the exams, you will need to re-certify at certifiction levels only, For eg: If u have completed 2 papers but ur ccna is not valid then u can re-certify CCNA and complete rest to get a valid CCNP. can I continue with the CCNP once I redo my CCNA exam ? YES. if you know any email of cisco that I can ask this question is also good www.cisco.com/go/ccnp search for FAQ's and u sud find them there. (i have not been there lately, don't blame me if it is changed). HTH, Murali -Original Message- From: Justin Vo [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 4:06 PM To: [EMAIL PROTECTED] Subject: certification expire [7:72786] Dear All, I would like to know what happen if my CCNA expire but i have two passed exams of the CCNP. Do you loose all these exams and redo the whole thing ? or can I continue with the CCNP once I redo my CCNA exam ? or even if you know any email of cisco that I can ask this question is also good. Much appreciate. Justin Vo [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72796t=72786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Oops, I was typing bridge? And it wasn't showing up, so I assumed that it was not available in 12.2(15)T5. It appears that it is, but you have to type out the whole command. Still, I wouldn't use it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 8:50 AM To: 'Reimer, Fred' Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, I was just trying to suggest maybe put the command bridge-group there to see if 12.2.15T5 takes it or not - whether that will work...etc, is a different story - just for information - didn't mean it in the context of ccie lab -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer.
Re: Starting off towards a CCNP [7:72734]
This is the way I did it. My own humble opinion is that this way scales down in the degree of difficulty, hardest first, easiest last, and the order seemed to sit nicely in terms of what you learned serving you well for the next exam and so on. James. Nakul Malik wrote: I would recommend the following order: Routing -- Switching -- Remote access -- Support -Nakul wrote in message news:[EMAIL PROTECTED] hi ppl, Im planning to start on my ccnp--- first step joined groupstudy (as i did for my ccna ;-) ). Just have a few queries regarding the certification. 1. I have the CCNP materials dated 2000. do they still hold good for the current certifications? 2. Im planning to start of with the BCRAN certification first. Any opinions on that? thanks in advance... regards, aj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72791t=72734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Ah O.K. My apologies then. It slipped my mind that there is a separate group for the CCIE lab and that this was more of a general group. Sorry for the inappropriate post. The question is still out there though, although it may me possible to configure a bridge-group on a tunnel interface in 12.3.1, would anyone recommend it? Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 1:46 AM To: [EMAIL PROTECTED] Subject: Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Fred, A few years ago this list was opened up to questions and discussions that aren't necessarily related to certification. In fact, discussions don't even have to be Cisco-related, although they usually are. You'll quite often see stuff like this around here, and many times people simply want to know if something can be done, not whether it's a good idea for it to be done. :-) I have my doubts that this could be configured in such a way as to be reliable and stable, but who knows. I even gave a suggestion earlier that I now think won't work. I'm too tired at the moment to try it out, though. John - Original Message - From: Reimer, Fred To: Sent: Tuesday, July 22, 2003 9:29 PM Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone:
RE: ios upgrade... [7:72779]
Hi, are you sure that the image that crashes and the one that then boots up properly is the same one? Isn't it possible that you have two images, and the second one is booted up after the booting of the first failed? A full boot-log would help to answer these questions. If you indeed have two images, then simply make sure that the boot variable points to it (see 'boot system flash' command). Thanks, Zsombor Wilmes, Rusty wrote: Hi, I tried upgrading IOS on a 3620 via the console (about 1.75 hours!) Now there's some ugliness in the boot. I verified the flash and it seems ok. Boot and sho ver follows. Just seeing if anyone had any input... Thanks Rusty System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFT WARE (fc2) Copyright (c) 1994-1996 by cisco Systems, Inc. C3600 processor with 65536 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0x843438 Self decompressing the image : #.##[OK] %ERR-1-GT64010: Fatal error, PCI Master abort cause=0x0300E483, mask=0x0CD01F00, real_cause=0x0400 bus_err_high=0x, bus_err_low=0x3100, addr_decode_err=0x1FEE Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! 00:00:06: %LINK-4-NOMAC: A random default MAC address of .0c86.2235 has been chosen. Ensure that this address is unique, or specify MAC addresses for commands (such as 'novell routing') that allow the use of this address as a default. 00:00:07: %SYS-5-CONFIG_I: Configured from memory by console 00:00:10: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Router Router Routersho ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) Router uptime is 0 minutes System returned to ROM by power-on System image file is flash:c3620-is-mz.121-20.bin cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72808t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: running GRE/IPSEC between PE routers [7:72764]
Hello, Yeah. The GRE thing is fine. I am doing mpls. Instead of mpls in the core - I try to use GRE tunnel between the Provider Edge. From the Customer Edge to the Provider Edge I am not doing tunnel so you won't see tunnel there - it just doing BGP. CE can't ping each other even though they have the route in the routing tables Traceroute dies at the PE Default routes for the suns are just the CE LAN ip address. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:35 AM To: [EMAIL PROTECTED] Subject: Re: running GRE/IPSEC between PE routers [7:72764] tunnel? what tunnel? your show ip int brief does not reveal a tunnel. your provider is where the tunnel is? So PE1 and PE2 are your CE peers? I've done GRE tunnels across the internet with study partners, and it works just fine. can your CE routers ping eachother? If not, where does the routing break down. traceroute is useful here. What are the default routes that your Sun machines are using? troubleshooting 101. Luan Nguyen wrote in message news:[EMAIL PROTECTED] Hello, Anyone knows if you need to do anything special on the tunnel link for this to work? Like run tag-switching there for example? I have 2 cisco 2651xm acting as PE and have a GRE with IPSEC transport mode between them. The CE has all the routes to the other CE, mBGP look good, everything look good from the show perspective, but I just can't source ping or ping from one sun box behind one CE to the other one. Any help would be greatly appreciated. -luan I have a set up like this: cisco2621Aethernet/BGPPE1GRE/IPSEC---PE2Ethern et /BGP---cisco2621C running eigrp inside the tunnel to advertise the loopback. PEs = 2651xm running 12.3.1a enterprise 3DES. Traceroute die at the PE. Here are some show routes 2621A#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.1.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets C 10.242.1.0 is directly connected, FastEthernet0/1 B 10.242.2.0 [20/0] via 192.168.1.1, 00:27:08 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.1.1 2621A#show ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0192.168.1.2 YES manual up up FastEthernet0/110.242.1.1 YES manual up up 2621C#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.2.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.2.1, 00:23:37 C 10.242.2.0 is directly connected, Ethernet0/1 192.168.2.0/30 is subnetted, 1 subnets C 192.168.2.0 is directly connected, Ethernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.2.1 2651XM1#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.1.2, 00:29:08 B 10.242.2.0 [200/0] via 204.177.181.252, 00:17:55 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 2651XM2#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i -
RE: MPLS simulated lab at home [7:72759]
Cisco site has a decent set of configuration samples (as usual). MPLS and VPN architectures (cisco press) is a great starting point and you can go from there. hth, Mark. -Original Message- From: Eyabane Patasse [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 10:27 AM To: [EMAIL PROTECTED] Subject: MPLS simulated lab at home [7:72759] I am looking for sample MPLS scenarios that i can reproduce on my home lab to create an MPLS network, just for the knowledge of the technology. if anyone has some good links, or sample configs, please be kind to share. Regards Thanks _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72803t=72759 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
running GRE/IPSEC between PE routers [7:72764]
Hello, Anyone knows if you need to do anything special on the tunnel link for this to work? Like run tag-switching there for example? I have 2 cisco 2651xm acting as PE and have a GRE with IPSEC transport mode between them. The CE has all the routes to the other CE, mBGP look good, everything look good from the show perspective, but I just can't source ping or ping from one sun box behind one CE to the other one. Any help would be greatly appreciated. -luan I have a set up like this: cisco2621Aethernet/BGPPE1GRE/IPSEC---PE2Ethernet /BGP---cisco2621C running eigrp inside the tunnel to advertise the loopback. PEs = 2651xm running 12.3.1a enterprise 3DES. Traceroute die at the PE. Here are some show routes 2621A#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.1.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets C 10.242.1.0 is directly connected, FastEthernet0/1 B 10.242.2.0 [20/0] via 192.168.1.1, 00:27:08 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.1.1 2621A#show ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0192.168.1.2 YES manual up up FastEthernet0/110.242.1.1 YES manual up up 2621C#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.2.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.2.1, 00:23:37 C 10.242.2.0 is directly connected, Ethernet0/1 192.168.2.0/30 is subnetted, 1 subnets C 192.168.2.0 is directly connected, Ethernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.2.1 2651XM1#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.1.2, 00:29:08 B 10.242.2.0 [200/0] via 204.177.181.252, 00:17:55 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 2651XM2#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [200/0] via 204.177.181.253, 00:15:45 B 10.242.2.0 [20/0] via 192.168.2.2, 00:15:13 192.168.2.0/30 is subnetted, 1 subnets C 192.168.2.0 is directly connected, FastEthernet0/0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72807t=72764 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Superstitious Switches? [7:72746]
There is a reason many hotels don't have a 13th floor;) Dave John Neiberger wrote: This is not a joke, I promise, but it is very strange. Have any of you noticed that by far the most problematic port on the Catalyst 2950 switches is port 13? I'd bet money that at least 20% of the time we have a problem with a device connected to these switches they're connected to port 13. Just in the last two days we've had to troubleshoot *three* separate instances of users in port 13 on these switches, and I can think of at least three more in the past. I once had to RMA a 2950 because port 13 died. Doesn't this seem a little odd? I think I'm going to stop walking underneath ladders until I get this resolved! John -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72798t=72746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MPLS simulated lab at home [7:72759]
I would try the cisco web site first. http://www.cisco.com/en/US/partner/tech/tk436/tk428/tech_configuration_e xamples_list.html http://www.cisco.com/en/US/partner/tech/tk436/tk428/tech_tech_notes_list html Well, I guess just go to the website (cisco, juniper redback...etc) and do a search on mpls, and you would have plenty to go by. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eyabane Patasse Sent: Tuesday, July 22, 2003 8:27 PM To: [EMAIL PROTECTED] Subject: MPLS simulated lab at home [7:72759] I am looking for sample MPLS scenarios that i can reproduce on my home lab to create an MPLS network, just for the knowledge of the technology. if anyone has some good links, or sample configs, please be kind to share. Regards Thanks _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72802t=72759 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72805t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IOS upgrade [7:72799]
Hi, Have a couple of ws-c2950 and ws-c2912xl switches running IOS 12.0(5.3)WC1 version. Recent Cisco vulnarabilty recommends upgrade but for this version it recommends 12.0T or 12.1 What version will be best suited for upgrading these swicthes? anyone knows whether 12.1(19) will be ok for these switch upgrades? thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72799t=72799 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Yep, I would agree with Fred unless I tested it thoroughly. This may be one of those situations where it might seem to work but I wouldn't trust it in production. If it's simply an intellectual exercise it would be interesting to mock it up and see what happens when user traffic actually starts to cross the network. However, if this is for a production environment--or even for lab study--I don't know that I'd spend much time on it. Find a different way to do it! :-) John Reimer, Fred 7/23/03 7:48:37 AM Oops, I was typing bridge? And it wasn't showing up, so I assumed that it was not available in 12.2(15)T5. It appears that it is, but you have to type out the whole command. Still, I wouldn't use it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 8:50 AM To: 'Reimer, Fred' Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, I was just trying to suggest maybe put the command bridge-group there to see if 12.2.15T5 takes it or not - whether that will work...etc, is a different story - just for information - didn't mean it in the context of ccie lab -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA
Re: running GRE/IPSEC between PE routers [7:72764]
tunnel? what tunnel? your show ip int brief does not reveal a tunnel. your provider is where the tunnel is? So PE1 and PE2 are your CE peers? I've done GRE tunnels across the internet with study partners, and it works just fine. can your CE routers ping eachother? If not, where does the routing break down. traceroute is useful here. What are the default routes that your Sun machines are using? troubleshooting 101. Luan Nguyen wrote in message news:[EMAIL PROTECTED] Hello, Anyone knows if you need to do anything special on the tunnel link for this to work? Like run tag-switching there for example? I have 2 cisco 2651xm acting as PE and have a GRE with IPSEC transport mode between them. The CE has all the routes to the other CE, mBGP look good, everything look good from the show perspective, but I just can't source ping or ping from one sun box behind one CE to the other one. Any help would be greatly appreciated. -luan I have a set up like this: cisco2621Aethernet/BGPPE1GRE/IPSEC---PE2Ethernet /BGP---cisco2621C running eigrp inside the tunnel to advertise the loopback. PEs = 2651xm running 12.3.1a enterprise 3DES. Traceroute die at the PE. Here are some show routes 2621A#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.1.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets C 10.242.1.0 is directly connected, FastEthernet0/1 B 10.242.2.0 [20/0] via 192.168.1.1, 00:27:08 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.1.1 2621A#show ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0192.168.1.2 YES manual up up FastEthernet0/110.242.1.1 YES manual up up 2621C#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.2.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.2.1, 00:23:37 C 10.242.2.0 is directly connected, Ethernet0/1 192.168.2.0/30 is subnetted, 1 subnets C 192.168.2.0 is directly connected, Ethernet0/0 S* 0.0.0.0/0 [1/0] via 192.168.2.1 2651XM1#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [20/0] via 192.168.1.2, 00:29:08 B 10.242.2.0 [200/0] via 204.177.181.252, 00:17:55 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.0 is directly connected, FastEthernet0/0 2651XM2#show ip route vrf customer1 Routing Table: customer1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 2 subnets B 10.242.1.0 [200/0] via 204.177.181.253, 00:15:45 B 10.242.2.0 [20/0] via 192.168.2.2, 00:15:13 192.168.2.0/30 is subnetted, 1 subnets C 192.168.2.0 is directly connected, FastEthernet0/0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72806t=72764 -- FAQ, list
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
When I first triggered this question, certainly I took advantage of having a forum full of creative techie people. Why would I need to bridge 2 LANs, separated from a couple of routers or so, using a tunnel? Well, that question, indeed, came from one of our customers, and then my coming to think of ...why not. Like some guys said, if GRE tunnels can transport multicast traffic, why not broadcast traffic? I'll try out some guidelines you guys wrote earlier, like using IRB and so. I would like to think that this forum was created not only for asking certification questions but also for learning. I strongly believe that what technology can't do now, will do tomorrow. Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72801t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which is more CPU intensive? [7:72792]
I would guess that using policing to set the dscp is more intensive as all the token bucket counters need to be taken into account. This is just my guess though. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 23 July 2003 13:57 To: [EMAIL PROTECTED] Subject: Which is more CPU intensive? [7:72792] Which is more CPU intensive. Using set ip dscp with CBWFQ or policing to mark traffic dscp values with CBWFQ? Muhtari Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72810t=72792 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ios upgrade... [7:72779]
Hi, I tried upgrading IOS on a 3620 via the console (about 1.75 hours!) Now there's some ugliness in the boot. I verified the flash and it seems ok. Boot and sho ver follows. Just seeing if anyone had any input... Thanks Rusty System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFT WARE (fc2) Copyright (c) 1994-1996 by cisco Systems, Inc. C3600 processor with 65536 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0x843438 Self decompressing the image : #.##[OK] %ERR-1-GT64010: Fatal error, PCI Master abort cause=0x0300E483, mask=0x0CD01F00, real_cause=0x0400 bus_err_high=0x, bus_err_low=0x3100, addr_decode_err=0x1FEE Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! 00:00:06: %LINK-4-NOMAC: A random default MAC address of .0c86.2235 has been chosen. Ensure that this address is unique, or specify MAC addresses for commands (such as 'novell routing') that allow the use of this address as a default. 00:00:07: %SYS-5-CONFIG_I: Configured from memory by console 00:00:10: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Router Router Routersho ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) Router uptime is 0 minutes System returned to ROM by power-on System image file is flash:c3620-is-mz.121-20.bin cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72804t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ios upgrade... [7:72779]
even though it was throwing the error it seemed to function normally and recognized the nm-1fe (hence the need for the upgrade). I put it on the network and started a tftp upgrade (as later suggested by Ganesh) and went home and slept. It finished okay but this morning is still throwing the same error. :( I doubt it's hardware because it wasnt throwing the error on 11.whateveritwas and it does it whether the nm-2fe is in there or not. It seems to work fine but i HATE having machines with those errors that you always have to tell people dont worry about that... -Original Message- From: Raj Singh [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 6:35 AM To: [EMAIL PROTECTED] Subject: RE: ios upgrade... [7:72779] Here u go! Bus Error Crashes The system encounters a bus error when the processor tries to access a memory location that either does not exist (a software error) or does not respond properly (a hardware problem). A bus error can be identified by looking at the output of the show version command provided by the router (if not power-cycled or manually reloaded). Raj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72813t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS upgrade [7:72799]
Ants 7/23/03 8:27:03 AM Hi, Have a couple of ws-c2950 and ws-c2912xl switches running IOS 12.0(5.3)WC1 version. Recent Cisco vulnarabilty recommends upgrade but for this version it recommends 12.0T or 12.1 What version will be best suited for upgrading these swicthes? anyone knows whether 12.1(19) will be ok for these switch upgrades? thanks in advance. At this very moment I'm wrestling with a 2950-24 that is running 12.0(5.3)WC1 and I'm trying to upgrade it to 12.1(13)EA1b. Is 12.1(19) available for them? As of yesterday, 12.1(13)EA1c was the latest available for the 2950. I seem to be running into a bug that is causing excessive CPU usage on the switch, so much so that it's not letting me download a new image successfully. To make matters worse, to personally tend to this switch I'd have to hop on a plane and go to California. I *really* hope I don't mess this thing up! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72812t=72799 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Superstitious Switches? [7:72746]
Anybody knows when and how did the number 13 get so unpopular? Whats the story behind it? MADMAN wrote in message news:[EMAIL PROTECTED] There is a reason many hotels don't have a 13th floor;) Dave John Neiberger wrote: This is not a joke, I promise, but it is very strange. Have any of you noticed that by far the most problematic port on the Catalyst 2950 switches is port 13? I'd bet money that at least 20% of the time we have a problem with a device connected to these switches they're connected to port 13. Just in the last two days we've had to troubleshoot *three* separate instances of users in port 13 on these switches, and I can think of at least three more in the past. I once had to RMA a 2950 because port 13 died. Doesn't this seem a little odd? I think I'm going to stop walking underneath ladders until I get this resolved! John -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72816t=72746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ios upgrade... [7:72779]
only one image in flash.. outer#dir flash: Directory of flash:/ 1 -rw- 8664404c3620-is-mz.121-20.bin 16777216 bytes total (8112748 bytes free) It can ping itself just fine w/ a 1475 datagram size. I guess the drops might be a problem between this interface and the gateway. -Original Message- From: Zsombor Papp [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 7:18 AM To: [EMAIL PROTECTED] Subject: RE: ios upgrade... [7:72779] Hi, are you sure that the image that crashes and the one that then boots up properly is the same one? Isn't it possible that you have two images, and the second one is booted up after the booting of the first failed? A full boot-log would help to answer these questions. If you indeed have two images, then simply make sure that the boot variable points to it (see 'boot system flash' command). Thanks, Zsombor Wilmes, Rusty wrote: Hi, I tried upgrading IOS on a 3620 via the console (about 1.75 hours!) Now there's some ugliness in the boot. I verified the flash and it seems ok. Boot and sho ver follows. Just seeing if anyone had any input... Thanks Rusty System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFT WARE (fc2) Copyright (c) 1994-1996 by cisco Systems, Inc. C3600 processor with 65536 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0x843438 Self decompressing the image : #.##[OK] %ERR-1-GT64010: Fatal error, PCI Master abort cause=0x0300E483, mask=0x0CD01F00, real_cause=0x0400 bus_err_high=0x, bus_err_low=0x3100, addr_decode_err=0x1FEE Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! 00:00:06: %LINK-4-NOMAC: A random default MAC address of .0c86.2235 has been chosen. Ensure that this address is unique, or specify MAC addresses for commands (such as 'novell routing') that allow the use of this address as a default. 00:00:07: %SYS-5-CONFIG_I: Configured from memory by console 00:00:10: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Router Router Routersho ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) Router uptime is 0 minutes System returned to ROM by power-on System image file is flash:c3620-is-mz.121-20.bin cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72814t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: certification expire [7:72786]
From the CISCO site: - Currently there are seven beta exams that can be used to recertify both CCDA and CCNA certifications: BGP 641-661 ARCH 641-871 QoS 643-641 BCRAN 643-821 BCMSN 643-811 CIT 643-831 BSCI 643-801 Passing any of these exams will count towards recertification of the CCNA or CCDA certifications. Other 642 series exams will be available over the course of the next 90 to 120 days --- There are 3 new-curriculum CCNP papers in here. taking any one of them should take care of the re-cert i guess. If your cert is not expiring before Sep 7 i think you can wait till then when the above certs will upgrade from beta Regards, Ajay Chenampara DealerCONNECT Hosting Team --- Daimler Chrysler Corporation ( 248-944-2769 [EMAIL PROTECTED] [EMAIL PROTECTED] Muralidhar A cc: Sent by: Subject: RE: certification expire [7:72786] [EMAIL PROTECTED] com 07/23/2003 09:25 AM Please respond to Muralidhar A as far as my understanding goes you need to finish a higher certification before the expiry of you CCNA to be automatically renewed. Or you will need to re-certify yourself for CCNA also in order to complete CCNP. Do you loose all these exams and redo the whole thing ? No U don't loose all the exams, you will need to re-certify at certifiction levels only, For eg: If u have completed 2 papers but ur ccna is not valid then u can re-certify CCNA and complete rest to get a valid CCNP. can I continue with the CCNP once I redo my CCNA exam ? YES. if you know any email of cisco that I can ask this question is also good www.cisco.com/go/ccnp search for FAQ's and u sud find them there. (i have not been there lately, don't blame me if it is changed). HTH, Murali -Original Message- From: Justin Vo [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 4:06 PM To: [EMAIL PROTECTED] Subject: certification expire [7:72786] Dear All, I would like to know what happen if my CCNA expire but i have two passed exams of the CCNP. Do you loose all these exams and redo the whole thing ? or can I continue with the CCNP once I redo my CCNA exam ? or even if you know any email of cisco that I can ask this question is also good. Much appreciate. Justin Vo [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72811t=72786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: certification expire [7:72786]
You can continue to complete your CCNP exams, but you will not be CCNP certified until you recertify your CCNA. Normally, successfully completing a higher level exam would recertify your lower level certification. However, if it has already expired then you must take that recert exam. If you have any other questions you can contact Cisco at: www.cisco.com/go/certsupport HTH, Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy Cunctando restituit rem Justin Vo wrote: Dear All, I would like to know what happen if my CCNA expire but i have two passed exams of the CCNP. Do you loose all these exams and redo the whole thing ? or can I continue with the CCNP once I redo my CCNA exam ? or even if you know any email of cisco that I can ask this question is also good. Much appreciate. Justin Vo [EMAIL PROTECTED] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72815t=72786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which is more CPU intensive? [7:72792]
Depending on platform, all of this may be done in hardware. Doesn't the PFC in a 6500 handle this? If so, it would not be CPU intensive at all... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Dom [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 10:33 AM To: [EMAIL PROTECTED] Subject: RE: Which is more CPU intensive? [7:72792] I would guess that using policing to set the dscp is more intensive as all the token bucket counters need to be taken into account. This is just my guess though. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 23 July 2003 13:57 To: [EMAIL PROTECTED] Subject: Which is more CPU intensive? [7:72792] Which is more CPU intensive. Using set ip dscp with CBWFQ or policing to mark traffic dscp values with CBWFQ? Muhtari Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72819t=72792 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PCMCIA Hard Disk on 7500? [7:72820]
Hi Has anyone tried using the 2 and 5 gigabyte PCMCIA hard disks from Toshiba on a 7500? As far as I can see it should work, and it would be nice to have one uber flash card will all of the possible IOS versions I want to play with, but obviously I dont want to buy one and find out its useless. Im loathed to buy a smaller flash card for twice the price if the hard disk would work. TTFN Lauren Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72820t=72820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Error on an interface FastEthernet of a router 3745 [7:72817]
cut and pasted from: Error Message Decoder Transmit underflow on int [chars] While a frame was being transmitted, the local buffer of the GT96K controller chip received insufficient data because data could not be transferred to the chip fast enough to keep pace with its output rate. Normally, such a prob lem is temporary, depending on transient peak loads within the system. Recommended Action: The system should recover. No action is required. Related documents: No specific documents apply to this error message. Joseba Izaga wrote in message news:[EMAIL PROTECTED] Hi, Do you now the reason of the folowing message: 11:31:40: %GT96K_FEWAN-5-UNDERFLOW: Transmit underflow on int FastEthernet0/0 11:31:40: %GT96K_FEWAN-5-UNDERFLOW: Transmit underflow on int FastEthernet0/0 This is configuration I have on the interface interface FastEthernet0/0 ip address 63.80.132.16 255.255.255.0 ip route-cache same-interface ip policy route-map mail speed 100 full-duplex Regards, Joseba Izaga Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72817t=72817 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: certification expire [7:72786]
Thank you for the info. This make my life a bit easier Muralidhar A wrote in message news:[EMAIL PROTECTED] as far as my understanding goes you need to finish a higher certification before the expiry of you CCNA to be automatically renewed. Or you will need to re-certify yourself for CCNA also in order to complete CCNP. Do you loose all these exams and redo the whole thing ? No U don't loose all the exams, you will need to re-certify at certifiction levels only, For eg: If u have completed 2 papers but ur ccna is not valid then u can re-certify CCNA and complete rest to get a valid CCNP. can I continue with the CCNP once I redo my CCNA exam ? YES. if you know any email of cisco that I can ask this question is also good www.cisco.com/go/ccnp search for FAQ's and u sud find them there. (i have not been there lately, don't blame me if it is changed). HTH, Murali -Original Message- From: Justin Vo [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 4:06 PM To: [EMAIL PROTECTED] Subject: certification expire [7:72786] Dear All, I would like to know what happen if my CCNA expire but i have two passed exams of the CCNP. Do you loose all these exams and redo the whole thing ? or can I continue with the CCNP once I redo my CCNA exam ? or even if you know any email of cisco that I can ask this question is also good. Much appreciate. Justin Vo [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72818t=72786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Superstitious Switches? [7:72746]
It's a long story... http://www.naplesnews.com/today/restate/a120401k.htm -Kent On Wed, 2003-07-23 at 11:28, Raj wrote: Anybody knows when and how did the number 13 get so unpopular? Whats the story behind it? MADMAN wrote in message news:[EMAIL PROTECTED] There is a reason many hotels don't have a 13th floor;) Dave John Neiberger wrote: This is not a joke, I promise, but it is very strange. Have any of you noticed that by far the most problematic port on the Catalyst 2950 switches is port 13? I'd bet money that at least 20% of the time we have a problem with a device connected to these switches they're connected to port 13. Just in the last two days we've had to troubleshoot *three* separate instances of users in port 13 on these switches, and I can think of at least three more in the past. I once had to RMA a 2950 because port 13 died. Doesn't this seem a little odd? I think I'm going to stop walking underneath ladders until I get this resolved! John -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72822t=72746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Microsoft VPN through a router [7:72824]
I was wondering what ports I would need to have open for a Microsoft VPN connection on my router. If I have done my home work correctly I think IPSec port: 50 L2TP port : 1701 PPTP port : 1723 Are these all TCP, UDP??? I don't really have a full understanding of how the protocal and port process of a VPN works. I understand the theroy; how IPSec incryptes the info in a tunnel data portion of another IP packet blaa blaa blaa. But any more aditional detailed info would be great. Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72824t=72824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cat 4000 Connectivity Issues! [7:72823]
Hey All, I have a Cat 4006 running in native mode (running IOS 12.1(13) and can not ping or telnet to it anymore. It is passing traffic just fine however the only way I can connect to it is to ping it FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Catalyst 2950: The Spawn of the Devil? [7:72821]
All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72821t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Superstitious Switches? [7:72746]
As far as I can tell there is no one definitive known reason but several plausible reasons. I also understand some cultures like the Chinese consider 13 lucky:) Dave Raj wrote: Anybody knows when and how did the number 13 get so unpopular? Whats the story behind it? MADMAN wrote in message news:[EMAIL PROTECTED] There is a reason many hotels don't have a 13th floor;) Dave John Neiberger wrote: This is not a joke, I promise, but it is very strange. Have any of you noticed that by far the most problematic port on the Catalyst 2950 switches is port 13? I'd bet money that at least 20% of the time we have a problem with a device connected to these switches they're connected to port 13. Just in the last two days we've had to troubleshoot *three* separate instances of users in port 13 on these switches, and I can think of at least three more in the past. I once had to RMA a 2950 because port 13 died. Doesn't this seem a little odd? I think I'm going to stop walking underneath ladders until I get this resolved! John -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72825t=72746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: certification expire [7:72786]
Thank you for the info. This make my life a bit easier Muralidhar A wrote in message news:[EMAIL PROTECTED] as far as my understanding goes you need to finish a higher certification before the expiry of you CCNA to be automatically renewed. Or you will need to re-certify yourself for CCNA also in order to complete CCNP. Do you loose all these exams and redo the whole thing ? No U don't loose all the exams, you will need to re-certify at certifiction levels only, For eg: If u have completed 2 papers but ur ccna is not valid then u can re-certify CCNA and complete rest to get a valid CCNP. can I continue with the CCNP once I redo my CCNA exam ? YES. if you know any email of cisco that I can ask this question is also good www.cisco.com/go/ccnp search for FAQ's and u sud find them there. (i have not been there lately, don't blame me if it is changed). HTH, Murali -Original Message- From: Justin Vo [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 4:06 PM To: [EMAIL PROTECTED] Subject: certification expire [7:72786] Dear All, I would like to know what happen if my CCNA expire but i have two passed exams of the CCNP. Do you loose all these exams and redo the whole thing ? or can I continue with the CCNP once I redo my CCNA exam ? or even if you know any email of cisco that I can ask this question is also good. Much appreciate. Justin Vo [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72826t=72786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PCMCIA Hard Disk on 7500? [7:72820]
Hi Has anyone tried using the 2 and 5 gigabyte PCMCIA hard disks from Toshiba on a 7500? As far as I can see it should work, and it would be nice to have one uber flash card will all of the possible IOS versions I want to play with, but obviously I dont want to buy one and find out its useless. Im loathed to buy a smaller flash card for twice the price if the hard disk would work. TTFN Lauren Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72827t=72820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 4000 Connectivity Issues! [7:72823]
Stevo 7/23/03 12:02:28 PM Hey All, I have a Cat 4006 running in native mode (running IOS 12.1(13) and can not ping or telnet to it anymore. It is passing traffic just fine however the only way I can connect to it is to ping it I'm confused. Can you ping it or not? :-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72828t=72823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SRC and DST NAT problem [7:72783]
Problem description: Problem when NATing both source and destination addresses based on an route-map Diagram: _ | R1| | | - | | Fa0/0.1 Fa0/0.2 | | | | __ 1.1.1.0/24 LAN | |2.2.2.0/24 LAN | | | | - - | | || - - PC1:1.1.1.10PC2:2.2.2.10 Actual PhysicalActual Physical ip addressip address Setup description: Cisco 2600 router connected to a Cisco 2950 switch using Fa0/0 port. We have created subinterface on F0/0. The subinterface F0/0.1 connects to 1.1.1.0/24 LAN. The subinterface F0/0.2 connects to 2.2.2.0/24 LAN. The router routes traffic between these subnets.Int f0/0.1 is the nat inside interface.Int f0/0.2 is the nat outside interface. Requirement: 1) When telnet traffic(identified by a route-map) from 1.1.1.0/24 LAN needs to flow to the 2.2.2.0/24 LAN (which actually appears as 11.11.10.0/24 LAN to the 1.1.1.0 network) , the source address should be NATed as 1.1.1.0/24 172.16.1.0/24 and the destination should be NATed as 11.11.10.0/242.2.2.0/24. 2) When certain other type of traffic from 1.1.1.0/24 LAN needs to flow to the 2.2.2.0/24 LAN , the source address and destination address should not be NATed. Problem: Requirement no.2 is working fine. For Requirement no.1 : The source IP address of the Inside-to-outside packets is being NATed. But not the destination address. Below is the expected sequence. i.e. 1)PC1 sends a telnet packet to PC2. src ip: 1.1.1.10 ,dst ip:11.11.2.10 2)R1 nats the source ip properly. ie. src ip :1.1.1.10 172.16.1.10 . I also want R1 to NAT the destination ip address . i.e i want dst ip:11.11.2.102.2.2.10. The packet should then hit PC2. Similar reverse translation is need on the reverse path for the return packet. Below is the sh runn for R1 R1#sh run ! interface FastEthernet0/0.1 encapsulation dot1Q 4 ip address 1.1.1.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0.2 encapsulation dot1Q 5 ip address 2.2.2.1 255.255.255.0 ip nat outside ! ip nat pool IN2OUTNATPOOL 172.16.1.1 172.16.1.254 prefix-length 24 type match-host ip nat pool OUT2INNATPOOL 10.10.0.1 10.10.0.254 prefix-length 16 type match-host ip nat inside source route-map IN2OUT pool IN2OUTNATPOOL ip nat outside source route-map OUT2IN pool OUT2INNATPOOL ip classless ip route 11.11.2.0 255.255.255.0 FastEthernet0/0.2 ip route 172.16.1.0 255.255.255.0 FastEthernet0/0.1 ! access-list 188 permit tcp any any eq telnet access-list 188 permit tcp any eq telnet any access-list 188 deny ip any any ! route-map IN2OUT permit 10 match ip address 188 ! route-map OUT2IN permit 10 match ip address 188 ! Thanks and Regards Simon K. Carvalho RMC Support Engineer (Senior Member) Network Solutions Ltd. , Bangalore Email: :[EMAIL PROTECTED] Web : www.netsol.co.in Phone : +91 80 5535228 ext 433 Mobile : +91 9845349843 Tomorrow's Networks.Today. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72783t=72783 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Microsoft VPN through a router [7:72824]
For IPSec I believe you need protocolsport 500. The 50 is a protocol number, like UDP is 17 and TCP is what? 6? It is not a TCP or UDP port number... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Steven Aiello [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 1:32 PM To: [EMAIL PROTECTED] Subject: Microsoft VPN through a router [7:72824] I was wondering what ports I would need to have open for a Microsoft VPN connection on my router. If I have done my home work correctly I think IPSec port: 50 L2TP port : 1701 PPTP port : 1723 Are these all TCP, UDP??? I don't really have a full understanding of how the protocal and port process of a VPN works. I understand the theroy; how IPSec incryptes the info in a tunnel data portion of another IP packet blaa blaa blaa. But any more aditional detailed info would be great. Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72833t=72824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Microsoft VPN through a router [7:72824]
Steve, You need to open GRE to from any source to your VPN server and then depending on whether you're using PPTP or L2TP make sure you have either tcp/1723 or tcp/1701 open. My ACL looks like this for PPTP access... access-list 101 permit tcp any host eq 1723 access-list 101 permit gre any host Stevo Steven Aiello wrote in message news:[EMAIL PROTECTED] I was wondering what ports I would need to have open for a Microsoft VPN connection on my router. If I have done my home work correctly I think IPSec port: 50 L2TP port : 1701 PPTP port : 1723 Are these all TCP, UDP??? I don't really have a full understanding of how the protocal and port process of a VPN works. I understand the theroy; how IPSec incryptes the info in a tunnel data portion of another IP packet blaa blaa blaa. But any more aditional detailed info would be great. Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72831t=72824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Microsoft VPN through a router [7:72824]
Steven Aiello wrote: I was wondering what ports I would need to have open for a Microsoft VPN connection on my router. If I have done my home work correctly I think IPSec port: 50 This is protocol number (as in protocol above IP). You will also need 51 I think. L2TP port : 1701 UDP PPTP port : 1723 TCP Are these all TCP, UDP??? I don't really have a full understanding of how the protocal and port process of a VPN works. I understand the theroy; how IPSec incryptes the info in a tunnel data portion of another IP packet blaa blaa blaa. But any more aditional detailed info would be great. The RFCs are pretty detailed. Thanks, Zsombor Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72830t=72824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72832t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Link flapping PagP 3550 and 1912 frozen [7:72829]
-- Original Message -- From: pierreg Reply-To: Date: Wed, 23 Jul 2003 13:25:32 -0500 A- Situation: I am using a 3550 and a 1912 to do PAgp. B- The problem: flapping links on the 3550, frozen 1912 (1) Cat3550# 09:43:40: PAgP: Fa0/1 is coming Up 09:43:40: PAgP: Fa0/2 is coming Up 09:43:42: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 09:43:42: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up Cat3550# 09:43:43: PAgP - Fa0/1 failed - not my device_id. .. 000a.8aac.b100 09:43:43: PAgP - Fa0/2 failed - not my device_id. .. 000a.8aac.b100 09:43:44: PAgP - Fa0/1 failed - not my device_id. .. 000a.8aac.b100 09:43:44: PAgP - Fa0/2 failed - not my device_id. .. 000a.8aac.b100 09:43:45: PAgP - Fa0/1 failed - not my device_id. .. 000a.8aac.b100 Cat3550# 09:43:45: PAgP - Fa0/2 failed - not my device_id. .. 000a.8aac.b100 09:43:48: PAgP: Fa0/1 action_a7 is entered 09:43:48: PAgP: Fa0/2 action_a7 is entered 09:43:49: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up 09:43:49: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up 09:43:50: %LINK-3-UPDOWN: Interface Port-channel13, changed state to up 09:43:51: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel13, changed state to up 9:44:18: PAgP: Fa0/1 is going Down 09:44:18: PAgP: Fa0/1 action_a1 is entered 09:44:18: PAgP: Fa0/2 is going Down 09:44:18: PAgP: Fa0/2 action_a1 is entered 09:44:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down 09:44:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down 09:44:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel13, changed state to down 09:44:20: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down 09:44:20: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to down (2) As soon as the pagp negotiation starts, the 1912 is unaccessible and the only way to get to it is to shut down the port on the 3550. When this is done the switch is still unaccessible for another 30 seconds. C- The configurations == The 3550 == ... ! interface Port-channel13 switchport access vlan 13 switchport mode access no ip address ! interface FastEthernet0/1 switchport access vlan 13 switchport mode access no ip address shutdown duplex full speed 100 pagp learn-method physical-port channel-group 13 mode auto ! interface FastEthernet0/2 switchport access vlan 13 switchport mode access no ip address shutdown duplex full speed 100 pagp learn-method physical-port channel-group 13 mode auto ! . --- The 1912 --- Cat1912#sh run Building configuration... Current configuration: ! ! port-channel preserve-order port-channel mode desirable ... interface FastEthernet 0/26 duplex full ! ! vlan-membership static 13 ! interface FastEthernet 0/27 duplex full ! ! vlan-membership static 13 ! line console - Any suggestions? Pierre-Alex = Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72829t=72829 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS upgrade [7:72799]
where's the switch and what are your passwords, John? if it's close enough, I'll be happy to help you out ;- John Neiberger wrote in message news:[EMAIL PROTECTED] Ants 7/23/03 8:27:03 AM Hi, Have a couple of ws-c2950 and ws-c2912xl switches running IOS 12.0(5.3)WC1 version. Recent Cisco vulnarabilty recommends upgrade but for this version it recommends 12.0T or 12.1 What version will be best suited for upgrading these swicthes? anyone knows whether 12.1(19) will be ok for these switch upgrades? thanks in advance. At this very moment I'm wrestling with a 2950-24 that is running 12.0(5.3)WC1 and I'm trying to upgrade it to 12.1(13)EA1b. Is 12.1(19) available for them? As of yesterday, 12.1(13)EA1c was the latest available for the 2950. I seem to be running into a bug that is causing excessive CPU usage on the switch, so much so that it's not letting me download a new image successfully. To make matters worse, to personally tend to this switch I'd have to hop on a plane and go to California. I *really* hope I don't mess this thing up! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72840t=72799 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Superstitious Switches? [7:72746]
MADMAN wrote in message news:[EMAIL PROTECTED] There is a reason many hotels don't have a 13th floor;) problem is that 13 is unlucky only among western eurtopeans or those who have been subsumed in our culture. perhaps some from other parts of the world on this list have experience with other unlucky ports. for example, IIRC, among those of middle eastern heritage, 13 is OK but I believe that 14 may not be. I'm sure someone will point out my ignorance and my poor memory. It's been a long time since I've read the Fletch books, which is my source. :- Dave John Neiberger wrote: This is not a joke, I promise, but it is very strange. Have any of you noticed that by far the most problematic port on the Catalyst 2950 switches is port 13? I'd bet money that at least 20% of the time we have a problem with a device connected to these switches they're connected to port 13. Just in the last two days we've had to troubleshoot *three* separate instances of users in port 13 on these switches, and I can think of at least three more in the past. I once had to RMA a 2950 because port 13 died. Doesn't this seem a little odd? I think I'm going to stop walking underneath ladders until I get this resolved! John -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72836t=72746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 2950: The Spawn of the Devil? [7:72821]
lazy boy. upgrade your NIC drivers. :- NIC problems with Cisco switches have been issues for several years that I can think of. ;- John Neiberger wrote in message news:[EMAIL PROTECTED] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72839t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Superstitious Switches? [7:72746]
Kent Hundley wrote in message news:[EMAIL PROTECTED] It's a long story... http://www.naplesnews.com/today/restate/a120401k.htm in a way, that validates the Christian tradion, because Christianity assumed and consumed an awful lot of pieces from the native european pagan religions and traditions as it became more powerful during the early middle ages. many european cathedrals were build on the sites of pagan cult centers. -Kent On Wed, 2003-07-23 at 11:28, Raj wrote: Anybody knows when and how did the number 13 get so unpopular? Whats the story behind it? MADMAN wrote in message news:[EMAIL PROTECTED] There is a reason many hotels don't have a 13th floor;) Dave John Neiberger wrote: This is not a joke, I promise, but it is very strange. Have any of you noticed that by far the most problematic port on the Catalyst 2950 switches is port 13? I'd bet money that at least 20% of the time we have a problem with a device connected to these switches they're connected to port 13. Just in the last two days we've had to troubleshoot *three* separate instances of users in port 13 on these switches, and I can think of at least three more in the past. I once had to RMA a 2950 because port 13 died. Doesn't this seem a little odd? I think I'm going to stop walking underneath ladders until I get this resolved! John -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72838t=72746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
I don't have any routers on line at the moment, but you can bridge across any interface, physical or virtual, so far as I know. I have a customer network bridging over RLAN ( ATM host, DSL spokes ) working fine except once in a while the customer has to reload the host router because connectivity is mysteriously lost. Like about once every 14 months or so. clearing the cache does not help. restarting the interfaces does not help. only a reload does it. in defense of the design, the customer did not want to renumber when we upgraded from an ISDN dial up network to an RLAN John Neiberger wrote in message news:[EMAIL PROTECTED] Yep, I would agree with Fred unless I tested it thoroughly. This may be one of those situations where it might seem to work but I wouldn't trust it in production. If it's simply an intellectual exercise it would be interesting to mock it up and see what happens when user traffic actually starts to cross the network. However, if this is for a production environment--or even for lab study--I don't know that I'd spend much time on it. Find a different way to do it! :-) John Reimer, Fred 7/23/03 7:48:37 AM Oops, I was typing bridge? And it wasn't showing up, so I assumed that it was not available in 12.2(15)T5. It appears that it is, but you have to type out the whole command. Still, I wouldn't use it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 8:50 AM To: 'Reimer, Fred' Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, I was just trying to suggest maybe put the command bridge-group there to see if 12.2.15T5 takes it or not - whether that will work...etc, is a different story - just for information - didn't mean it in the context of ccie lab -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
Actually, Fred, the problem is that some NICs will check for an autonegotiating partner even if they are hard coded, while other NICs do not. Newer Cisco switches completely disable autonegotiation if you hardset the speed and duplex, while many NIC manufacturers decided it was a great idea to still check for an autonegotiating partner regardless of speed/duplex setting. These NICs *will* fall back to half duplex if they do not detect autonegotiation on the wire. I've seen the documentation that proves this and I've seen it demonstrated almost daily for months now. The problem arose when Cisco changed their switch behavior. The 2924XL used to behave the same way as most NICs do now. Even if you hard set the speed and duplex they would be friendly with other NICs that checked for autonegotiation. In other words, they still participated in autonegotiation but they only offered the speed and duplex they were configured for to the link partner. Newer Cisco switches do not do this. Nway (autonegotiation) is disabled completely if you hardset the speed and duplex. If you set the switch to 100/Full it will stay at 100/Full no matter what. If you subsequently attach certain NICs to that port and you hardset the NIC to 100/Full it will still check the link for an autonegotiating partner. When it doesn't detect one it makes the faulty assumption that full duplex is not possible and it falls back to half duplex. To make matters worse, most NICs don't report this. When you check their speed and duplex settings they'll still report 100/Full. Every 2950, 2948G, 2980G, and 6500 in our network behaves in the newer fashion, while probably 98% of the PC and server NICs in our network still check for the presence of Nway signalling. It took months of troubleshooting involving several people of different backgrounds in our department along with resources from Novell and Cisco to figure out what was going on, and the real answer actually came from responses I had on Usenet by people who really understood Nway and the fast ethernet standard. The only method for setting speed and duplex mentioned in the standard is the use of autonegotiation. The behavior of NICs when auto is not used is unspecified. There are basically two common behaviors among NICs when you disable autonegotiation and the real problems occur when you have a mix of NICs with different philosophies. John Reimer, Fred 7/23/03 12:53:14 PM I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. I'd have to disagree with you there. If you hard-code a device it can't fail autonegotiation. The two are diametrically opposed. It's any oxymoron. Illogical to the nth degree. And this behavior is notstay Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. I'd have to disagree with you there. If you hard-code a device it can't fail autonegotiation. The two are diametrically opposed. It's any oxymoron. Illogical to the nth degree. And this behavior is notstay Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72835t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
In many cases they are autonegotiation issues, but those seem to be mostly resolved, especially if your end devices are using newer NICs with updated drivers. In the case of this morning we're dealing with devices that only run 10/half and the switch is hard-coded for 10/half. Quite a mess but it's not consistent and we're still trying to discover all of the commonalities. Out of six or seven locations that were upgraded last night, three reported problems this morning and all problems related to the same type of PC with the same type of NIC. However, none of the other locations that also have this same PC and NIC have problems. To make it more frustrating, the problems often don't show up immediately, but instead show up several days later. Assuming good code, I'm now an advocate of using auto everywhere unless you need to fix a specific problem. In that case, use 100/Half or 10/half. I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. Just last year we added a bunch of newer Cisco switches to our network and it took quite a while to figure out that most of our new connectivity problems were due to this change in philosophy within Cisco switches. John Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72834t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Superstitious Switches? [7:72746]
Raj wrote in message news:[EMAIL PROTECTED] Anybody knows when and how did the number 13 get so unpopular? Whats the story behind it? in the Christian tradition, 13 is unlucky because there were 13 people at the Last Supper. or so I was told by the good nuns when they wren't busy whacking my knuckles with a ruler ;- MADMAN wrote in message news:[EMAIL PROTECTED] There is a reason many hotels don't have a 13th floor;) Dave John Neiberger wrote: This is not a joke, I promise, but it is very strange. Have any of you noticed that by far the most problematic port on the Catalyst 2950 switches is port 13? I'd bet money that at least 20% of the time we have a problem with a device connected to these switches they're connected to port 13. Just in the last two days we've had to troubleshoot *three* separate instances of users in port 13 on these switches, and I can think of at least three more in the past. I once had to RMA a 2950 because port 13 died. Doesn't this seem a little odd? I think I'm going to stop walking underneath ladders until I get this resolved! John -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72837t=72746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS upgrade [7:72799]
Thanks, but I think it would be a bit of a drive for you. Isn't it quite a ways from your place down to Palm Desert? Besides, I wouldn't be able to pay you except perhaps with beer! Anyway, I was finally able to get the switch upgraded and the problem I was seeing went away. I never did figure out exactly what was going on. The switch seemed to think it was suffering from a broadcast storm when it was not. Rebooting to a new image cleared up the problem. However, that led to the problem I'm discussing in the other thread! :-( John Chuck Whose Road is Ever Shorter 7/23/03 1:36:52 PM where's the switch and what are your passwords, John? if it's close enough, I'll be happy to help you out ;- John Neiberger wrote in message news:[EMAIL PROTECTED] Ants 7/23/03 8:27:03 AM Hi, Have a couple of ws-c2950 and ws-c2912xl switches running IOS 12.0(5.3)WC1 version. Recent Cisco vulnarabilty recommends upgrade but for this version it recommends 12.0T or 12.1 What version will be best suited for upgrading these swicthes? anyone knows whether 12.1(19) will be ok for these switch upgrades? thanks in advance. At this very moment I'm wrestling with a 2950-24 that is running 12.0(5.3)WC1 and I'm trying to upgrade it to 12.1(13)EA1b. Is 12.1(19) available for them? As of yesterday, 12.1(13)EA1c was the latest available for the 2950. I seem to be running into a bug that is causing excessive CPU usage on the switch, so much so that it's not letting me download a new image successfully. To make matters worse, to personally tend to this switch I'd have to hop on a plane and go to California. I *really* hope I don't mess this thing up! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72844t=72799 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 2950: The Spawn of the Devil? [7:72821]
Believe me, Chuck, I've harped on our LAN people about this forever and they finally have made great progress in that area. Today's problems arise from some P133s with 10baseT ISA cards in them. With previous versions of the 2950 IOS we'd hardset the ports to 10/half and then reboot the PC about five times (yes, I said five times!) and from that point on they'd have no problems. I have no explanation. As of the latest version of software, the connections to these NICs seem to be on even shakier ground but we seem to be getting them under control. The real solution is to upgrade the NICs in all of those machines but that's easier said than done consider the locations of these machines relative to ours. :-) John Chuck Whose Road is Ever Shorter 7/23/03 1:35:37 PM lazy boy. upgrade your NIC drivers. :- NIC problems with Cisco switches have been issues for several years that I can think of. ;- John Neiberger wrote in message news:[EMAIL PROTECTED] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72843t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
I understand all that, but like I said, to each his own. My recommendation would be to not use any NIC that does not properly set the speed and duplex. We don't sell them, to my knowledge, and will not support them. Others may not have the same flexibility. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 3:23 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: Catalyst 2950: The Spawn of the Devil? [7:72821] Actually, Fred, the problem is that some NICs will check for an autonegotiating partner even if they are hard coded, while other NICs do not. Newer Cisco switches completely disable autonegotiation if you hardset the speed and duplex, while many NIC manufacturers decided it was a great idea to still check for an autonegotiating partner regardless of speed/duplex setting. These NICs *will* fall back to half duplex if they do not detect autonegotiation on the wire. I've seen the documentation that proves this and I've seen it demonstrated almost daily for months now. The problem arose when Cisco changed their switch behavior. The 2924XL used to behave the same way as most NICs do now. Even if you hard set the speed and duplex they would be friendly with other NICs that checked for autonegotiation. In other words, they still participated in autonegotiation but they only offered the speed and duplex they were configured for to the link partner. Newer Cisco switches do not do this. Nway (autonegotiation) is disabled completely if you hardset the speed and duplex. If you set the switch to 100/Full it will stay at 100/Full no matter what. If you subsequently attach certain NICs to that port and you hardset the NIC to 100/Full it will still check the link for an autonegotiating partner. When it doesn't detect one it makes the faulty assumption that full duplex is not possible and it falls back to half duplex. To make matters worse, most NICs don't report this. When you check their speed and duplex settings they'll still report 100/Full. Every 2950, 2948G, 2980G, and 6500 in our network behaves in the newer fashion, while probably 98% of the PC and server NICs in our network still check for the presence of Nway signalling. It took months of troubleshooting involving several people of different backgrounds in our department along with resources from Novell and Cisco to figure out what was going on, and the real answer actually came from responses I had on Usenet by people who really understood Nway and the fast ethernet standard. The only method for setting speed and duplex mentioned in the standard is the use of autonegotiation. The behavior of NICs when auto is not used is unspecified. There are basically two common behaviors among NICs when you disable autonegotiation and the real problems occur when you have a mix of NICs with different philosophies. John Reimer, Fred 7/23/03 12:53:14 PM I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. I'd have to disagree with you there. If you hard-code a device it can't fail autonegotiation. The two are diametrically opposed. It's any oxymoron. Illogical to the nth degree. And this behavior is notstay Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains
Re: Cat 4000 Connectivity Issues! [7:72823]
John Neiberger wrote: Stevo 7/23/03 12:02:28 PM Hey All, I have a Cat 4006 running in native mode (running IOS 12.1(13) and can not ping or telnet to it anymore. It is passing traffic just fine however the only way I can connect to it is to ping it Are you sure you haven't used all your VTY's? Do you get a connection refused when trying to connect? You could be so low on memory that it's unable to create and exec and will crash on it's own in time. Dave I'm confused. Can you ping it or not? :-) -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72848t=72823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
Man, someone remind me not to use the greater than and less than symbols on this list! Apparently they are striped out as some type of evil HTML code or something by the software... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 2:53 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 2950: The Spawn of the Devil? [7:72821] I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. I'd have to disagree with you there. If you hard-code a device it can't fail autonegotiation. The two are diametrically opposed. It's any oxymoron. Illogical to the nth degree. And this behavior is notstay Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72850t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
Yep, that will happen. Paul (the list owner) said that he thinks there is a bug in the anti-mime software but he hasn't had time to check into it yet. So, word to the wise: don't use greater-than or less-than signs in your emails for a while! It definitely mangles posts if you use those symbols. John Reimer, Fred 7/23/03 3:15:06 PM Man, someone remind me not to use the greater than and less than symbols on this list! Apparently they are striped out as some type of evil HTML code or something by the software... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 2:53 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 2950: The Spawn of the Devil? [7:72821] I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. I'd have to disagree with you there. If you hard-code a device it can't fail autonegotiation. The two are diametrically opposed. It's any oxymoron. Illogical to the nth degree. And this behavior is notstay Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72857t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Routers and Switches [7:72852]
Hi there, Can you please advise any good resource to buy used/refurbished/cheap Cisco gear? Thanks. Bharat Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72852t=72852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 4000 Connectivity Issues! [7:72823]
LOL - I just re-read my post... to clarify - I can not ping it, but I can console to it... And none of the VTYs are in use. In fact, when I'm consoled into the device it can telnet itself just fine! Really bizarre... MADMAN wrote in message news:[EMAIL PROTECTED] John Neiberger wrote: Stevo 7/23/03 12:02:28 PM Hey All, I have a Cat 4006 running in native mode (running IOS 12.1(13) and can not ping or telnet to it anymore. It is passing traffic just fine however the only way I can connect to it is to ping it Are you sure you haven't used all your VTY's? Do you get a connection refused when trying to connect? You could be so low on memory that it's unable to create and exec and will crash on it's own in time. Dave I'm confused. Can you ping it or not? :-) -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72856t=72823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Link flapping PagP 3550 and 1912 frozen - SO [7:72854]
PROBLEM SOLVED: I added the keyword non-silent on the 3550 in the line channel-group 13 mode auto non-silent Thanks for the suggestions though, Pierre-Alex -- Original Message -- From: Jonathan V Hays Reply-To: Jonathan V Hays Date: Wed, 23 Jul 2003 14:46:18 -0400 Have you verified that it is an etherchannel problem and not a link problem or a cable problem? Remove the etherchannel stuff on both ends and verify each of the 3550-1912 links is stable. Have you seen this? I have excerpted part of it below. http://www.cisco.com/univercd/cc/td/doc/product/lan/28201900/1928v9x/ee_ scg/2addlfet.htm#xtocid11611 Fast EtherChannel Example This example shows how to enable the Fast EtherChannel feature in desirable mode, specifies port 27 or port B as the template port for member-port configuration, and configures the hot-standby port priority of Fast Ethernet port B to 100. switch(config)# port-channel mode desirable switch(config)# port-channel template port fastethernet 0/27 switch(config)# interface fastethernet 0/27 switch(config-if)# pagp-port-priority 100 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of pierreg Sent: Wednesday, July 23, 2003 2:25 PM To: [EMAIL PROTECTED] Subject: Link flapping PagP 3550 and 1912 frozen A- Situation: I am using a 3550 and a 1912 to do PAgp. B- The problem: flapping links on the 3550, frozen 1912 (1) Cat3550# 09:43:40: PAgP: Fa0/1 is coming Up 09:43:40: PAgP: Fa0/2 is coming Up 09:43:42: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 09:43:42: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up Cat3550# 09:43:43: PAgP - Fa0/1 failed - not my device_id. .. 000a.8aac.b100 09:43:43: PAgP - Fa0/2 failed - not my device_id. .. 000a.8aac.b100 09:43:44: PAgP - Fa0/1 failed - not my device_id. .. 000a.8aac.b100 09:43:44: PAgP - Fa0/2 failed - not my device_id. .. 000a.8aac.b100 09:43:45: PAgP - Fa0/1 failed - not my device_id. .. 000a.8aac.b100 Cat3550# 09:43:45: PAgP - Fa0/2 failed - not my device_id. .. 000a.8aac.b100 09:43:48: PAgP: Fa0/1 action_a7 is entered 09:43:48: PAgP: Fa0/2 action_a7 is entered 09:43:49: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up 09:43:49: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up 09:43:50: %LINK-3-UPDOWN: Interface Port-channel13, changed state to up 09:43:51: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel13, changed state to up 9:44:18: PAgP: Fa0/1 is going Down 09:44:18: PAgP: Fa0/1 action_a1 is entered 09:44:18: PAgP: Fa0/2 is going Down 09:44:18: PAgP: Fa0/2 action_a1 is entered 09:44:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down 09:44:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down 09:44:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel13, changed state to down 09:44:20: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down 09:44:20: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to down (2) As soon as the pagp negotiation starts, the 1912 is unaccessible and the only way to get to it is to shut down the port on the 3550. When this is done the switch is still unaccessible for another 30 seconds. C- The configurations == The 3550 == ... ! interface Port-channel13 switchport access vlan 13 switchport mode access no ip address ! interface FastEthernet0/1 switchport access vlan 13 switchport mode access no ip address shutdown duplex full speed 100 pagp learn-method physical-port channel-group 13 mode auto ! interface FastEthernet0/2 switchport access vlan 13 switchport mode access no ip address shutdown duplex full speed 100 pagp learn-method physical-port channel-group 13 mode auto ! . --- The 1912 --- Cat1912#sh run Building configuration... Current configuration: ! ! port-channel preserve-order port-channel mode desirable ... interface FastEthernet 0/26 duplex full ! ! vlan-membership static 13 ! interface FastEthernet 0/27 duplex full ! ! vlan-membership static 13 ! line console - Any suggestions? Pierre-Alex = ___ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html ___ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html ___ You are subscribed
Re: Microsoft VPN through a router [7:72824]
VPN ProtocolPort GRE Not usedNot used PPTPTCP 1723 L2F UDP 1701 L2TPUDP 1701 IKE UDP 500 ESP 50 AH 51 Note that AH and ESP are protocol numbers, not port numbers (though you can refere tot hem by name in Access Lists, just as you do telnet or ftp, etc.). Annlee Steven Aiello wrote: I was wondering what ports I would need to have open for a Microsoft VPN connection on my router. If I have done my home work correctly I think IPSec port: 50 L2TP port : 1701 PPTP port : 1723 Are these all TCP, UDP??? I don't really have a full understanding of how the protocal and port process of a VPN works. I understand the theroy; how IPSec incryptes the info in a tunnel data portion of another IP packet blaa blaa blaa. But any more aditional detailed info would be great. Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72851t=72824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
Larry Letterman wrote: All of our cisco campus devices work just fine with auto/auto and Multiple hardware types with various nics don't have any issues... If your nics are not auto/auto capable or it does not work well, then as Fred Says, hard code it...However I use auto/auto in my data center on campus and See no reason to hard code 2000 devices and maintain that many different settings.. Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Wednesday, July 23, 2003 11:31 AM To: [EMAIL PROTECTED] Subject: RE: Catalyst 2950: The Spawn of the Devil? [7:72821] They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72849t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
I agree with Larry. We support 6500 + devices and have had our far share of connectivity issues. Last year we had a few NICs that generated lots of errors when they were hard set to match the switch. We tried every combination of negotiation and the only setting the eliminated the errors was auto/auto on both the switch PCs. Cheers, Mike Larry Letterman wrote: All of our cisco campus devices work just fine with auto/auto and Multiple hardware types with various nics don't have any issues... If your nics are not auto/auto capable or it does not work well, then as Fred Says, hard code it...However I use auto/auto in my data center on campus and See no reason to hard code 2000 devices and maintain that many different settings.. Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Wednesday, July 23, 2003 11:31 AM To: [EMAIL PROTECTED] Subject: RE: Catalyst 2950: The Spawn of the Devil? [7:72821] They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72853t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: List of Vulnerable IOS Versions?? [7:72758]
So no one has any info for me on this?? Hey All, I'm doing an audit on my Cisco gear and wondered if Cisco has a list of IOS versions that had security holes in them. I don't care about what the hole is, but I do care that I'm running a vulnerable IOS version! Let me know Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72858t=72758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: List of Vulnerable IOS Versions?? [7:72758]
Stevo wrote in message news:[EMAIL PROTECTED] So no one has any info for me on this?? what, we don't have better things to do? sounds like a job for your local Cisco account team. :- Hey All, I'm doing an audit on my Cisco gear and wondered if Cisco has a list of IOS versions that had security holes in them. I don't care about what the hole is, but I do care that I'm running a vulnerable IOS version! Let me know Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72862t=72758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 4000 Connectivity Issues! [7:72823]
I'd reset the mask on the sc0 int (regardless of what it shows in the config) assuming you can't telnet to it from a workstation attached to the 4k (if you can it sounds like a native mismatch on your trunk). I saw this once on a 2948 at a remote location, it went weeks passing traffic o.k. but I couldn't telnet or ping until it could be rebooted. - Original Message - From: Stevo To: Sent: Wednesday, July 23, 2003 4:05 PM Subject: Re: Cat 4000 Connectivity Issues! [7:72823] LOL - I just re-read my post... to clarify - I can not ping it, but I can console to it... And none of the VTYs are in use. In fact, when I'm consoled into the device it can telnet itself just fine! Really bizarre... MADMAN wrote in message news:[EMAIL PROTECTED] John Neiberger wrote: Stevo 7/23/03 12:02:28 PM Hey All, I have a Cat 4006 running in native mode (running IOS 12.1(13) and can not ping or telnet to it anymore. It is passing traffic just fine however the only way I can connect to it is to ping it Are you sure you haven't used all your VTY's? Do you get a connection refused when trying to connect? You could be so low on memory that it's unable to create and exec and will crash on it's own in time. Dave I'm confused. Can you ping it or not? :-) -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72863t=72823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Routers and Switches [7:72852]
www.ebay.com wrote in message news:[EMAIL PROTECTED] Hi there, Can you please advise any good resource to buy used/refurbished/cheap Cisco gear? Thanks. Bharat Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72859t=72852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Score scaling on exams [7:72867]
When you sit an exam, the score is between 300 and 1000. I assume that this means that if you got every question incorrect, you would recieve a 300, and if you got every question correct you would recieve a 1000. If this logic holds true, then answering half the questions correctly would produce a mark of 650 ( discounting weighting of questions ). Again, if this holds true, then the stated pass mark of say 700 would equate to only 57% of questions answered correctly. If this is right, then the pass marks required on most of the cisco exams seems incredibly low. Is this a correct summation of the scoring, or am I missing something? Cheers Greg Kirkness Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72867t=72867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 2950: The Spawn of the Devil? [7:72821]
only the leftward pointing one ( greater than ) - anything after such a symbol is deleted. becomes a problem when discussing prefix lists. Reimer, Fred wrote in message news:[EMAIL PROTECTED] Man, someone remind me not to use the greater than and less than symbols on this list! Apparently they are striped out as some type of evil HTML code or something by the software... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 2:53 PM To: [EMAIL PROTECTED] Subject: RE: Catalyst 2950: The Spawn of the Devil? [7:72821] I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. I'd have to disagree with you there. If you hard-code a device it can't fail autonegotiation. The two are diametrically opposed. It's any oxymoron. Illogical to the nth degree. And this behavior is notstay Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72861t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PCMCIA Hard Disk on 7500? [7:72820]
i think you'll find that the 7500 won't recognise it, or will only see 64/128M of it. i know they don't work with 7200's, anyway. /thomas Hi Has anyone tried using the 2 and 5 gigabyte PCMCIA hard disks from Toshiba on a 7500? As far as I can see it should work, and it would be nice to have one uber flash card will all of the possible IOS versions I want to play with, but obviously I dont want to buy one and find out its useless. Im loathed to buy a smaller flash card for twice the price if the hard disk would work. TTFN Lauren Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72864t=72820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: List of Vulnerable IOS Versions?? [7:72758]
try here http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_tech_note0918 6a0080132a8a.shtml this may also be of use. need cco login http://www.cisco.com/cgi-bin/Support/Bugtool/home.pl /thomas So no one has any info for me on this?? Hey All, I'm doing an audit on my Cisco gear and wondered if Cisco has a list of IOS versions that had security holes in them. I don't care about what the hole is, but I do care that I'm running a vulnerable IOS version! Let me know Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72866t=72758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 2950: The Spawn of the Devil? [7:72821]
We've had issues with desktop machines and new switches. Have a look at this document and see if it helps: http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af0.shtml I searched for NIC PROBLEMS. Ken John Neiberger 07/23/03 11:40AM In many cases they are autonegotiation issues, but those seem to be mostly resolved, especially if your end devices are using newer NICs with updated drivers. In the case of this morning we're dealing with devices that only run 10/half and the switch is hard-coded for 10/half. Quite a mess but it's not consistent and we're still trying to discover all of the commonalities. Out of six or seven locations that were upgraded last night, three reported problems this morning and all problems related to the same type of PC with the same type of NIC. However, none of the other locations that also have this same PC and NIC have problems. To make it more frustrating, the problems often don't show up immediately, but instead show up several days later. Assuming good code, I'm now an advocate of using auto everywhere unless you need to fix a specific problem. In that case, use 100/Half or 10/half. I never recommend hard-coding 100/Full on newer switches like the 2950 and 6500. It might work but you're just asking for problems. With the majority of the NICs in our PCs, if you hardset both sides to 100/full you will get a duplex mismatch when the PC NIC falls back to half duplex when autonegotiation fails. This behavior is relatively new, and was not present in the 2924XL, the forerunner of the 2950. Just last year we added a bunch of newer Cisco switches to our network and it took quite a while to figure out that most of our new connectivity problems were due to this change in philosophy within Cisco switches. John Reimer, Fred 7/23/03 12:31:16 PM They don't happen to be autonegotiation issues, do they? Cisco used to have a nice write-up on autonegotiation troubleshooting and best practices that recommended hard-coding everything except for transient devices. Some crack-head at Cisco decided to update that recently and now I suppose their official stance is to use autonegotiation, ostensibly because they follow the standard correctly, so as long as everyone else does it should work! I have not met a Cisco engineer yet that agrees with that though. Hard-code your speed and duplex, unless it is for ports in an area like a conference room where you will have transient devices. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 12:58 PM To: [EMAIL PROTECTED] Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72868t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Frame Relay Back To Back Static PVC [7:72869]
Per these instructions, I am able to bring my frame connection online: http://www.cisco.com/warp/public/125/frbacktoback.html However when I intentionally break the connection (Pull the Cable) the PVC doesn't automatically come back up. Is it because its static to begin with? I know I'm probably missing something very obvious but could you explain why the interface does not come back online after being reconnected? So far, the only way I can get the connection back online is by using a hard/software configured loopback and removing it at which point I'm up, up. Thanks. BTW Using IOS versions 12.1(20) and 11.2(26)P4. Configs are identical to the instructions. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72869t=72869 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 2950: The Spawn of the Devil? [7:72821]
Hi, Is there any particular symptom for this?. I am going install lots of 2950 48 EA switch to a mix off old and new NIC. Thanks - Original Message - From: John Neiberger To: Sent: Thursday, July 24, 2003 12:58 AM Subject: Catalyst 2950: The Spawn of the Devil? [7:72821] All those who consider any version of this platform beware. As far as I can tell there are no reliable software versions for this switch that do not suffer from connectivity bugs. We thought 12.1(13)EA1b solved our problems so we started rolling out this version. Upon reloading we have a number of users complaining and we're not able to resolve the connectivity issue. Granted, this particular problem is between the 2950 and an old NIC but I'm sure we're not the only company with a few older NICs in the network. If you're considering replacing existing switches with the 2950 prepare yourself for deluge of conenctivity problems. You have been warned! [Side note to Cisco: How hard is it to build an access switch that works?? We're on 12.1(13)EA1b and we still have BASIC connectivity bugs??? This is ridiculous. Bugs in the more obscure portions of the code are to be expected, but shouldn't the connectivity bugs be given a little higher priority? When we buy a new switch it would be nice if *all* of our end users could actually connect to the network. Maybe we'll go back to using Nortel switches. ] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72871t=72821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
640-606 Support Exam [7:72870]
Hi all, I was wondering if anybody had any suggestions on study material for the 606-606 Support exam? Thanks Richard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72870t=72870 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ios upgrade... [7:72779]
Rusty, Not sure about it. Why don't you try to load the image again from a TFTP and see if you getting this error again. Thanks Ganesh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wilmes, Rusty Sent: Wednesday, July 23, 2003 12:36 PM To: [EMAIL PROTECTED] Subject: ios upgrade... [7:72779] Hi, I tried upgrading IOS on a 3620 via the console (about 1.75 hours!) Now there's some ugliness in the boot. I verified the flash and it seems ok. Boot and sho ver follows. Just seeing if anyone had any input... Thanks Rusty System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFT WARE (fc2) Copyright (c) 1994-1996 by cisco Systems, Inc. C3600 processor with 65536 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0x843438 Self decompressing the image : #.##[OK] %ERR-1-GT64010: Fatal error, PCI Master abort cause=0x0300E483, mask=0x0CD01F00, real_cause=0x0400 bus_err_high=0x, bus_err_low=0x3100, addr_decode_err=0x1FEE Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Press RETURN to get started! 00:00:06: %LINK-4-NOMAC: A random default MAC address of .0c86.2235 has been chosen. Ensure that this address is unique, or specify MAC addresses for commands (such as 'novell routing') that allow the use of this address as a default. 00:00:07: %SYS-5-CONFIG_I: Configured from memory by console 00:00:10: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Router Router Routersho ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IS-M), Version 12.1(20), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2003 by cisco Systems, Inc. Compiled Thu 29-May-03 17:29 by kellythw Image text-base: 0x60008940, data-base: 0x60EB4000 ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) Router uptime is 0 minutes System returned to ROM by power-on System image file is flash:c3620-is-mz.121-20.bin cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 06072235 R4700 CPU at 80Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72873t=72779 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay Back To Back Static PVC [7:72869]
Make sure lmi is being exchanged. Turn on keepalives for the pvc. -Original Message- From: Maximus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2003 11:13 AM To: [EMAIL PROTECTED] Subject: Frame Relay Back To Back Static PVC [7:72869] Per these instructions, I am able to bring my frame connection online: http://www.cisco.com/warp/public/125/frbacktoback.html However when I intentionally break the connection (Pull the Cable) the PVC doesn't automatically come back up. Is it because its static to begin with? I know I'm probably missing something very obvious but could you explain why the interface does not come back online after being reconnected? So far, the only way I can get the connection back online is by using a hard/software configured loopback and removing it at which point I'm up, up. Thanks. BTW Using IOS versions 12.1(20) and 11.2(26)P4. Configs are identical to the instructions. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72872t=72869 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF Neighbor State is Flapping [7:72874]
Hi all, I have 3 devices on an ethernet segment where all ethernet interfaces are in the same vlan and ospf area 0 catalyst 3550priority 0rid 1.1.1.1 router5priority 2 rid 55.55.55.55BDR router1priority 3 rid 11.11.11.11DR The problem is that the switch keeps changing it's state. For example, from the router 1 perspective I get the following: ( sh ip ospf nei command ) Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:35150.50.15.5 Ethernet0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:35150.50.15.8 Ethernet0 55.55.55.55 2 FULL/BDR00:00:38150.50.15.5 Ethernet0 and on and on, back and forth etc. router 5 perspective: Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 EXSTART/DROTHER 00:00:38150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:30150.50.15.1 Ethernet0/0 Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 0 DOWN/DROTHER -150.50.15.8 Ethernet0/0 11.11.11.11 3 FULL/DR 00:00:32150.50.15.1 Ethernet0/0 ..switch perspective: Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:33150.50.15.5 Vlan15 11.11.11.11 3 INIT/DROTHER00:00:39150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 INIT/DROTHER00:00:37150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:36150.50.15.1 Vlan15 Neighbor ID Pri State Dead Time Address Interface 55.55.55.55 2 EXCHANGE/BDR00:00:39150.50.15.5 Vlan15 11.11.11.11 3 EXCHANGE/DR 00:00:39150.50.15.1 Vlan15 So...it seems as though r1 and r5 are recognizing eachother's roles as dr and bdr correctly. But they see the switch as down or init or exchange DROTHER. The switch however, sees itelf as DROTHER and r1/r5 as DROTHER or init/exchange dr and bdr. Here is the output from sh ip ospf int vlan15 on the switch: Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Then two seconds laterit changes... Vlan15 is up, line protocol is up Internet Address 150.50.15.8/24, Area 0 Process ID 100, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DROTHER, Priority 0 Designated Router (ID) 11.11.11.11, Interface address 150.50.15.1 Backup Designated router (ID) 55.55.55.55, Interface address 150.50.15.5 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:05 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 2, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Any ideas? Thanks, -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. -- Dain Deutschman CCNP, CSS-1, MCP, CNA Data Communications Manager New Star Sales and Service, Inc. 800.261.0475 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72874t=72874 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]