Cisco BGP Exam [7:73516]
Hi, Can anyone recommend a good book for the BGP exam Mark Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73516t=73516 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Wed funny [7:73629]
From a post on NANOG: quote: Are there any XXX employees here? There exists an intermittent problem on your network which occurs every night at 12:04am central time. I've pinned it down to where it lies, but everytime I call your support department, I just get someone who does not understand. In fact, one lady told me sternly Sir, we do not have any routers. Please contact me off list and I'll shoot you the relevant info (background, traceroutes, etc). end quote I guess that would explain many problems... Annlee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73629t=73629 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Networkers 2002 PDFs [7:73522]
Dear All, Anybody knows the URL to download Cisco networkers 2002 PDFs Are PDFs for 2003 available for download ? Regards, Yasser _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73522t=73522 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IPv6 in the Enterprise Network [7:73667]
One reason is if you work with the US DoD or interconnect with them in any way: http://www.fcw.com/fcw/articles/2003/0609/web-dodip-06-13-03.asp Annlee John Neiberger wrote: And I don't mean the Starship Enterprise. :-) I'm pretty sure they do use IPng, though. Seriously, regarding IPv6. Who's currently migrating to it? Any enterprise networks that aren't providers of some sort? I'm going to assume that at some unknown point in the future IPv6 will finally push IPv4 completely off the radar. Any guesses about how long we'll be waiting for that day to come? Other than for the intellectual enjoyment of it, is there any reason why Joe or Jane Engineer should really start learning IPv6 right now? Regards, John **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73670t=73667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX License upgrade procedure [7:73769]
h - how long has it been free ? -Original Message- From: Joshua Vince To: [EMAIL PROTECTED] Sent: 8/11/2003 4:04 AM Subject: RE: PIX License upgrade procedure [7:73769] It is free now. http://www.cisco.com/cgi-bin/Software/FormManager/formgenerator.pl You will need a CCO login. Josh -Original Message- From: Hitesh Pathak R [mailto:[EMAIL PROTECTED] Sent: Saturday, August 09, 2003 6:58 AM To: [EMAIL PROTECTED] Subject: PIX License upgrade procedure [7:73769] Hi , I just need to know what is the procedure if I want to upgrade my PIX license to enable VPN-3DES feature (which is presently disabled). Either thru CCO or by the mean of TAC case with Cisco ?? Is it free from Cisco or chargeable ?? Many thanks in advance Thnx Hitesh **Disclaimer Information contained in this E-MAIL being proprietary to Wipro Limited is 'privileged' and 'confidential' and intended for use only by the individual or entity to which it is addressed. You are notified that any use, copying or dissemination of the information contained in the E-MAIL in any manner whatsoever is strictly prohibited. *** [GroupStudy removed an attachment of type image/jpeg which had a name of Glacier Bkgrd.jpg] **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73870t=73769 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: what are ip directed-broadcast and ip mroute-c [7:73808]
Thanks Fred, your explanation is very clear. Lesly Reimer, Fred wrote: IP Directed Broadcast - used to send a directed broadcast packet, or a packet to a whole remote subnet. For instance, say you have your workstation management software on subnet 10.1.1.0/24, and you have three remote subnets 10.1.2.0/24, 10.1.3.0/24, and 10.1.4.0/24. The workstations have client software on them, so that the management software can poll for configuration changes, push registry entries, etc. You could have all of the clients poll the server, but you may want to push a change also. How could you do this? Well, you could ping all ~ 768 IP addresses to find each client, or you could send a directed broadcast to each of the three subnets, 10.1.2.255, 10.1.3.255, and 10.1.4.255, and all workstations would receive it (and hopefully reply). IP mroute cache - well, that would be the multicast routing table cache, just like the ip-route-cache unicast cache. Kind of like fast switching for multicast traffic... HTH, Fred Reimer - CCNA -Original Message- From: Iwan Hoogendoorn [mailto:[EMAIL PROTECTED] Sent: Sunday, August 10, 2003 9:25 AM To: [EMAIL PROTECTED] Subject: what are ip directed-broadcast and ip mroute-cache [7:73800] Can someone explain me what this is for and what is does? ip directed-broadcast ip mroute-cache Thank You Iwan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73811t=73808 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: what are ip directed-broadcast and ip mroute-c [7:73808]
Thanks Fred, your explanation is very clear. Lesly Reimer, Fred wrote: IP Directed Broadcast - used to send a directed broadcast packet, or a packet to a whole remote subnet. For instance, say you have your workstation management software on subnet 10.1.1.0/24, and you have three remote subnets 10.1.2.0/24, 10.1.3.0/24, and 10.1.4.0/24. The workstations have client software on them, so that the management software can poll for configuration changes, push registry entries, etc. You could have all of the clients poll the server, but you may want to push a change also. How could you do this? Well, you could ping all ~ 768 IP addresses to find each client, or you could send a directed broadcast to each of the three subnets, 10.1.2.255, 10.1.3.255, and 10.1.4.255, and all workstations would receive it (and hopefully reply). IP mroute cache - well, that would be the multicast routing table cache, just like the ip-route-cache unicast cache. Kind of like fast switching for multicast traffic... HTH, Fred Reimer - CCNA -Original Message- From: Iwan Hoogendoorn [mailto:[EMAIL PROTECTED] Sent: Sunday, August 10, 2003 9:25 AM To: [EMAIL PROTECTED] Subject: what are ip directed-broadcast and ip mroute-cache [7:73800] Can someone explain me what this is for and what is does? ip directed-broadcast ip mroute-cache Thank You Iwan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73835t=73808 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: multiple ospf processes route insertion [7:73727]
Here's some more detail. Yes, assume the destination address (networks) represent the corresponding service. This is an existing production network where OSPF and iBGP are already in use for the existing (single) service. OSPF carries p2p and loopbacks; iBGP carries customer end-point networks. We want to overlay two other services. The paths the packets take to their destination, even if hosted on the same router, will be different. Further, when there's a failure in the network, the manner in which traffic gets re-routed will be specific to each service. An example might help. Consider some router R1 in this network. It has several connections to other routers in the network. It also has three interfaces each with a network assigned to it. Lets call these networks A, B and C and each is for a different service. Under normal conditions, traffic to A comes in via interface I1 and traffic to B and C comes in via interface I2. Now assume I2 fails. Traffic for A and B should come in over I1 and traffic to C stops being delivered. ACLs won't work in this situation for a number of reasons. Besides the configuration and operational issues, another requirement is that the end-points generating traffic to destinations in C will want to know when C is unavailable via I2. They'll want to know this so they can stop generating traffic or leverage some higher level (service specific) mechanism to address the failure. Running BGP as the IGP might work, but I'm not sure. I think it might need to operate in iBGP mode and I think it would require lots of policy filters on all outgoing advertisements and would probably require setting the next hop at each router. These are both typically not done when operating in iBGP mode. Further, I think one would lose the concept of IGP cost; the iBGP mechanism might allow one to construct a path between two end-points which satisfies the service policy, but if multiple paths exist, the concept of link cost would not be available.I guess running eBGP as the IGP could also work, but now we're talking configuring a unique AS for each router (which doesn't scale). One could see the path selected through the network via the AS_PATH attribute, but there still would be no concept of IGP cost. I've not come up with a way to solve this without moving to a model where theres an IGP and thus SPT for each service, which implies multiple OSPF processes. But I'm interested in other thoughts or options on this... Zsombor Papp wrote: Since you say you want to run one OSPF process for each traffic type, I assume the type of the traffic is defined by destination IP address. If this is not correct, then I would be curious to know what a traffic type is and how you will associate a traffic type with an OSPF process. If however my assumption is correct, then I can see several ways to solve the problem you cited as an example, with BGP or with a single OSPF process. Let me restate the problem for N=1: suppose there are 3 routers, R1, R2, R3, connected in a triangle. Both traffic A and B usually go directly from R1 to R2, but when that link fails, traffic A should go from R1 to R3 to R2, and traffic B should be dropped at R1. Solution with BGP: run BGP between R1-R2 and R1-R3, make the routes coming from R2 preferred, and filter out the routes corresponding to traffic B from the advertisements R3 sends to R1. Solution with single OSPF process: configure an access list on the link between R1-R3 that drops traffic B. :) Of course I might be missing something, so feel free to point out why these wouldn't work in your case. Thanks, Zsombor p b wrote: Using multiple processes might provide a way to implement policy at the link level. Typically, when one thinks of policy, one thinks of BGP. But what if your policy requires the ability to control what traffic can or can't go over a particular link? For example, consider two routers, that are interconnected by a direct link and a N-hop L3 path. Suppose traffic types A and B should typically go over the direct link but, if the direct link fails, traffic type A should be routed over the N-hop L3 path and traffic type B should not be forwarded. I don't believe there's a way to get this level of policy from a single OSPF process or a single OSPF process coupled with BGP. However, if you run multiple OSPF processes, say one for each interesting traffic type, and if you use BGP to set a network's next-hop to match the right OSPF RID, and for each link define a sub-interface (or not) for each OSPF process, then I think the above routing requirements might be supported. MPLS might work here, but I'm not sure. Suppose you have certain types of traffic that Zsombor Papp wrote: What are you trying to achieve with these ~3 OSPF routing processes? Thanks, Zsombor p b wrote:
RE: VPN Best Hardware to use? [7:73793]
I'd consider the 3005 at the remote sites. It has the capability to do a LAN-to-LAN NAT, where if you had customer A and customer B that both used 10.1.x you could map them to 45.1 and 45.2 respectively, or any other equal-mask network. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Ryan Finnesey [mailto:[EMAIL PROTECTED] Sent: Saturday, August 09, 2003 10:36 PM To: [EMAIL PROTECTED] Subject: VPN Best Hardware to use? [7:73793] I need to setup VPNs to about 2000 sites. Each site will have an IDSL line installed that will be used to connect to monitor network devices and servers. Some of the remote networks will be using the same network block. I am looking to know what the best hardware to use on each end is. On my end, would it be better to use a PIX or a 3030? On the remote end, I was looking at a PIX 501, SOHO 91 or the 831? Thank you Ryan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73837t=73793 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: How to study..Self or Classes [7:73624]
I'm taking the KnowledgeNet courses (Express /w mentor). Spent about a week on each of the routing and switching courses in my spare time and passed both. I got hung up in other work stuff for the remote access and troubleshooting courses, so have not taken those tests yet. The material is good, but there are errors in it. 90% of the questions I had for mentors were corrections to the material... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Paul Ingram [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 06, 2003 3:24 PM To: [EMAIL PROTECTED] Subject: How to study..Self or Classes [7:73624] Hello, I have a simple question. Has anyone used Knowledgenet for thee CCNP cert? I have put together the following lab and I am not sure I should go for the classes or just do the self pace thing. Also if I self pace I am not sure I will be able to get the new exam materal. Does anyone know if CISCo Press is going to put it out? I heard they where not. I guess there is SYBEX. Are they good? Lab and thing i have missed please let me know: 2 - Cisco 2610 Router, 64/16 2 - Cisco NM-1V 1-Slot Voice Network Module 2 - VIC-2FXS 2-Port Voice Interface Card 1 - WIC-1B-S/T 1-Port ISDN/BRI WAN Interface Card (for the 2610) 1 - WIC-1B-U 1-Port ISDN/BRI WAN Interface Card (for the 2610) 1 - Vconsole 4 port 2S/T-2U ISDN Simulator (all 4 can be used at once) 1 - 2511 16/16 1 - 2503 16/16 1 - 2507 16/16 2 - Cisco 4500M Router 2 - Cisco NP-1A One-Port OC3 ATM Module 2 - Cisco NP-4T Four-Port Serial Module 2 - Cisco NP-2E One-Port Ethernet Module 2 - AGS+ with 6 Ethernet, 4 serial, 2 token ring, 2 FDDI ports each (still trying to fiuge out the type of DCE DTE cables to use on the AGS+..Any Help?) 1 - Cisco WS-C1912 Switch 1 - 3550 1 - 2950 1 - 1201 7 - PII 400 256mb ram 10gb HDD systems. OS anything from Windows 2003 Adv Server to Linux. 1 - System config with Smoothwall as a firewall (3 Nics) Thanks, ~Paul~ **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73631t=73624 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: CCDA (DESGN 640-861) ....... A BEAST ???? [7:73770]
Just so you know, there are companies out there that refund your money if you don't pass the first time. Shawn K. -Original Message- From: Kevin Wigle [mailto:[EMAIL PROTECTED] Sent: Saturday, August 09, 2003 10:35 AM To: [EMAIL PROTECTED] Subject: Re: CCDA (DESGN 640-861) ... A BEAST [7:73770] Boson's guarantee is if you fail Twice within 90 days after purchasing the practice exam. So if you fail once and pass the second time you won't get you $40 back. I didn't do the new CCDA but I did the CCDP/CCNP recerts just a while ago. As the CCDA is only an one exam test, it might not bother you if you miss your deadline. However, if your company needs your certification for their Partner designation then I would suggest studying for a week, taking it around the 21st and if you fail you have time to recover, study the material you think you had issues with and then retake the exam. Cisco exam retakes require a 72 hour wait so in your case don't take the exam on the 26th since that would take you into the weekend. We don't have any exam centers here that are open on the weekend. If you do then your latest date for a first attempt would be the 27th. Best call Prometric to confirm when a retake is possible. As I said, taking an $150 test just to see it might seem more expensive than the Boson but if you need it then in my opinion its a cost of doing business - and besides you would have to spend $300 anyway to get your $40 back from Boson. If this is a personal cert then I wouldn't personally worry about it. Take it when you feel that you're prepared. (unless you don't want to change your resume...) Kevin Wigle - Original Message - From: Cisco Nuts To: Sent: Saturday, August 09, 2003 8:10 AM Subject: CCDA (DESGN 640-861) ... A BEAST [7:73770] Group, Have been reading a lot lately on this new CCDA exam here and on brainbuzz.com? Is it really a beast? Can any one concur? Most seemed to have failed the first time even though they had all the right materials/books? What is the reason? I myself need to take this exam before Sept.1st and kind of getting scared regarding this exam.!! Why should it be more difficult than the CID exam? The CID exam was pretty straighforward. Can Boson help here.?? Boson guarantees that you will pass the exam if you buy their exam?? Any one?? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73887t=73770 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BGP and QOS Beta exams [7:73599]
--On 07 August 2003 02:50 + Mwalie W wrote: Yes, you will have to begin chasing VUE and Cisco. Thanks, that is what I thought Good Luck! You must be a very patient person:-) And this is also the reason I do not like Beta exams now. Actually, I am very impatient. Which is why I try to make a point of only doing Beta's when I dont need the exam, and then trying to ensure I forget about the exam. I really had put the exams out of my mind until I saw a couple of groupstudy messages in which people mentioned the results. I dont think there is a problem with my address as I have received results for CCIE Beta qualification exams I took before and after the QOS and BGP exams. Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73759t=73599 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: VPN Best Hardware to use? [7:73793] LITTLE OT: [7:73793]
Advantis is actually now called AGNS for ATT Global Network (Was the IBM Global Network after it was Advantis). You can get VPN's on just about any remote client you like, from Cisco to Nortel to Checkpoint to ATT proprietary Netgate boxes which are derived from Linux OS. You also can run the VPN over the IP backbone for dedicated or DSL connections. AGNS is mainly a dial/ISDN/Broadband platform now. We actually don't support 83x Cisco boxes yet because the Netgates have been so popular, but it's under development. Massive IOS upgrades were already done because pretty much everything we do is automated because of scale requirements. Personally speaking, I like the 3000 Concentrator at the headend with Netgate at the client site. that is the most flexible and affordable configuration. Michelle Michelle Truman CCIE # 8098 Principal Technical Consultant ATT Solutions Center mailto:[EMAIL PROTECTED] Work: 651-998-0949 -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 10:18 AM To: [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] LITTLE OT: [7:73883] Why thanks! I only have a CCNA now because I had to get it for our partner level, and I'm supposed to get much more. And I only have it on my sig because I use the same sig for work and work-related lists. You are correct that we would need more details if it is anything other than what I think it is. If it is just a small service, cookie cutter type deal, then I don't see why they can't use a cookie cutter type solution. Being in healthcare, I envision something like Blue Cross/ Blue Shield payer connections, where I think they use the IBM Advantis network (is that what it was called? Who owns them now, ATT? Yep, they purchased them in 1999 for $5B) and have routers at each customer site. Why not replace them with a cookie cutter type connection? They already have connections to each customer, likely on a DMZ. The communication is just patient financial information (claims) between one host system at a hospital and a system at BC/BS. ATT certainly uses a cookie-cutter type connection for all of their connections (wonder if they upgraded all of those thousands of routers for the IOS patch). There may be a one-off here and there, but for the VAST majority of situations it's the same. Same for ISP's. You think they have custom connections for each T1 line they install? Stick a this type router here and a that type router there? No, unless a customer has a special need, like shadow T3's as we do, then you're not going to get special treatment. At least that's my take on it. So as to reduce complexity, administration, maintenance, and increase scalability, security, stability, I'd attempt at all cost to have a standard configuration. Even if it cost a bit more. The 3000 series may not be the answer, because we don't know the true requirements, but whatever the answer is I'd attempt to standardize on it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 10:51 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] LITTLE OT: Fred, I respect you. You are one of the top repliers at the moment, terms of qual and freq. I am learning a lot from you, between work en heavy (i mean heavy) cramming an typing for my coming lab. And I mean it. I get a laugh out of your, Fred, (ccna) and answering ccie level qa! More than one platform depending on req's MAYBE also deployment costs, EOL (800 806-820's-830's series spinning like crazy, 501 here to stay, vpn hw client okay.) Please stop because we're fishing, we need facts. RYAN, Please give us a list of req's. When you design 10-20 sites you ask for a box. When you design 2000 sites you design a total solution. Management of - config, - change, - security, - availability, - performance and - capacity. I am sure I forgot one. You catch my drift? I am also curious about service offered, need front-end? back-end? DMZ's? etc. Learnt as designer consultant etc that if you make a quicky of business req's you'll pay afterwards, because it is not what customer had hoped for Trusted -untrusted client sites. Martijn -Oorspronkelijk bericht- Van: Reimer, Fred [mailto:[EMAIL PROTECTED] Verzonden: maandag
RE: VPN Best Hardware to use? [7:73793] LITTLE OT: [7:73793]
Wow, I guess I'm dating myself a little there if that many changes have happened. I don't believe there were that many options, if any, in the original network. Glad to see things have changed. More on-topic, I just took the CSVPN test and just squeezed by. Note to self, make sure you study for a test before taking one ;-) I went through the KnowledgeNet Express course like a week or two ago, but didn't study this weekend. Probably not a good practice. I'll have to remember that one later... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Truman, Michelle, RTSLS [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 12:57 PM To: Reimer, Fred; [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] LITTLE OT: [7:73883] Advantis is actually now called AGNS for ATT Global Network (Was the IBM Global Network after it was Advantis). You can get VPN's on just about any remote client you like, from Cisco to Nortel to Checkpoint to ATT proprietary Netgate boxes which are derived from Linux OS. You also can run the VPN over the IP backbone for dedicated or DSL connections. AGNS is mainly a dial/ISDN/Broadband platform now. We actually don't support 83x Cisco boxes yet because the Netgates have been so popular, but it's under development. Massive IOS upgrades were already done because pretty much everything we do is automated because of scale requirements. Personally speaking, I like the 3000 Concentrator at the headend with Netgate at the client site. that is the most flexible and affordable configuration. Michelle Michelle Truman CCIE # 8098 Principal Technical Consultant ATT Solutions Center mailto:[EMAIL PROTECTED] Work: 651-998-0949 -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 10:18 AM To: [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] LITTLE OT: [7:73883] Why thanks! I only have a CCNA now because I had to get it for our partner level, and I'm supposed to get much more. And I only have it on my sig because I use the same sig for work and work-related lists. You are correct that we would need more details if it is anything other than what I think it is. If it is just a small service, cookie cutter type deal, then I don't see why they can't use a cookie cutter type solution. Being in healthcare, I envision something like Blue Cross/ Blue Shield payer connections, where I think they use the IBM Advantis network (is that what it was called? Who owns them now, ATT? Yep, they purchased them in 1999 for $5B) and have routers at each customer site. Why not replace them with a cookie cutter type connection? They already have connections to each customer, likely on a DMZ. The communication is just patient financial information (claims) between one host system at a hospital and a system at BC/BS. ATT certainly uses a cookie-cutter type connection for all of their connections (wonder if they upgraded all of those thousands of routers for the IOS patch). There may be a one-off here and there, but for the VAST majority of situations it's the same. Same for ISP's. You think they have custom connections for each T1 line they install? Stick a this type router here and a that type router there? No, unless a customer has a special need, like shadow T3's as we do, then you're not going to get special treatment. At least that's my take on it. So as to reduce complexity, administration, maintenance, and increase scalability, security, stability, I'd attempt at all cost to have a standard configuration. Even if it cost a bit more. The 3000 series may not be the answer, because we don't know the true requirements, but whatever the answer is I'd attempt to standardize on it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL
Re: CCDA (DESGN 640-861) ....... A BEAST ???? [7:73770]
from the source. http://www.cisco.com/en/US/learning/le3/learning_recertification_training.htm l Renewal requires certification holders to register for - and pass - the appropriate Cisco recertification exams. CCNA and CCDA recertification takes place when a candidate passes the current certification exam or any new exam, bearing the prefix 642, at the Professional or Cisco Qualified Specialist level. in an Adobe file FAQ the following is said: FAQs-RECERTIFICATION EXAMS AND AGREEMENT 18. When will the recertification exams be available? The CCNA, CCDA, CCNP, CCDP, CCIE, and Cisco Qualified Specialist designation recertification exams are available now. CCIP recertification requirements are in the process of being defined and will be announced by the end of 2003. Candidates may renew their Associate level exams by passing any Cisco Qualified Specialist or Professional level exam with a 642 prefix or by obtaining a higher level certification. Having recently recertified both my CCDP/CCNP, my CCNA and CCDA have been extended to the dates that my CCDP/CCNP expire. Unfortunately it says 642 exam, the poster below completed a 641 exam was that a typo? I can't find 641-511. An interesting question is how long say, is CCNA extended? Completing one 642 exam doesn't make a CCNP. It has not been the case that an individual exam had a life except when a new version is trotted out. None of the print I've read so far says that the CCNA would be upgraded for 3 years - but that seems to be the only timeframe. Kevin Wigle - Original Message - From: Annlee To: Sent: Monday, August 11, 2003 8:07 PM Subject: RE: CCDA (DESGN 640-861) ... A BEAST [7:73770] I've never seen that kind of question...so I don't know. Anybody from Cisco want to take a crack at the fundamental question -- if you have an Associate-level cert, and pass one of the designated Professional-level exams, does your Associate-level cert get updated, even if it hasn't expired? Or does it update iff it has already expired? Annlee -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 19:02 To: annlee; [EMAIL PROTECTED] Subject: RE: CCDA (DESGN 640-861) ... A BEAST [7:73770] FWIW, I just ran into the following: when you take the SECUR 642-501, CSPFA 642-521, or CSVPN 642-511 exams and you are a CCNA or CCDA recert candidate, if you pass the exam your NA or DA is recertified. I haven't got the time to chase other exams, but somebody else might. What exactly does this mean? I got my CCNA last fall. Does this mean the recert date has been moved up to today, plus 3 years, since I just passed the CSVPN 641-511 exam? Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: annlee [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 3:28 PM To: [EMAIL PROTECTED] Subject: Re: CCDA (DESGN 640-861) ... A BEAST [7:73770] FWIW, I just ran into the following: when you take the SECUR 642-501, CSPFA 642-521, or CSVPN 642-511 exams and you are a CCNA or CCDA recert candidate, if you pass the exam your NA or DA is recertified. I haven't got the time to chase other exams, but somebody else might. Annlee **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html [GroupStudy removed an attachment of type image/gif which had a name of bullet.gif] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73903t=73770 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
7206 T1 Interface Cards [7:73739]
Quick question, does anyone know off the top of their head if you can hot swap cards in a 7206? Has anyone done it? TIA Patrick **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73747t=73739 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Can 802.1q isl co-exist on same network?? [7:73511]
can coexist. -Nakul dj wrote in message news:[EMAIL PROTECTED] Have a production campus LAN network primarily running with 3508Gs and 3524XL data switches with gigabit fiber uplinks. All switches are currently running ISL Vlan trunking between the uplink ports. There's also a 2620 router running ISL fastethernet subinterfaces configured with encapsulation ISL. I have some non-cisco network devices that only support 802.1q vlan trunking. I already know the 802.1q trunking on non-cisco equipment works ok with cisco devices running 802.1q trunking. However, when I deploy the non-cisco equipment in the production campus LAN, can I have some trunk ports running 802.1q trunking and other trunk ports running ISL. Bottom line: Can ISL and 802.1q co-exist or do I have to migrate entire LAN to 802.1q vlan trunking?? regards, dj **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73583t=73511 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: multiple ospf processes route insertion [7:73727]
Here's some more detail. Yes, assume the destination address (networks) represent the corresponding service. This is an existing production network where OSPF and iBGP are already in use for the existing (single) service. OSPF carries p2p and loopbacks; iBGP carries customer end-point networks. We want to overlay two other services. The paths the packets take to their destination, even if hosted on the same router, will be different. Further, when there's a failure in the network, the manner in which traffic gets re-routed will be specific to each service. An example might help. Consider some router R1 in this network. It has several connections to other routers in the network. It also has three interfaces each with a network assigned to it. Lets call these networks A, B and C and each is for a different service. Under normal conditions, traffic to A comes in via interface I1 and traffic to B and C comes in via interface I2. Now assume I2 fails. Traffic for A and B should come in over I1 and traffic to C stops being delivered. ACLs won't work in this situation for a number of reasons. Besides the configuration and operational issues, another requirement is that the end-points generating traffic to destinations in C will want to know when C is unavailable via I2. They'll want to know this so they can stop generating traffic or leverage some higher level (service specific) mechanism to address the failure. Running BGP as the IGP might work, but I'm not sure. I think it might need to operate in iBGP mode and I think it would require lots of policy filters on all outgoing advertisements and would probably require setting the next hop at each router. These are both typically not done when operating in iBGP mode. Further, I think one would lose the concept of IGP cost; the iBGP mechanism might allow one to construct a path between two end-points which satisfies the service policy, but if multiple paths exist, the concept of link cost would not be available.I guess running eBGP as the IGP could also work, but now we're talking configuring a unique AS for each router (which doesn't scale). One could see the path selected through the network via the AS_PATH attribute, but there still would be no concept of IGP cost. I've not come up with a way to solve this without moving to a model where theres an IGP and thus SPT for each service, which implies multiple OSPF processes. But I'm interested in other thoughts or options on this... Zsombor Papp wrote: Since you say you want to run one OSPF process for each traffic type, I assume the type of the traffic is defined by destination IP address. If this is not correct, then I would be curious to know what a traffic type is and how you will associate a traffic type with an OSPF process. If however my assumption is correct, then I can see several ways to solve the problem you cited as an example, with BGP or with a single OSPF process. Let me restate the problem for N=1: suppose there are 3 routers, R1, R2, R3, connected in a triangle. Both traffic A and B usually go directly from R1 to R2, but when that link fails, traffic A should go from R1 to R3 to R2, and traffic B should be dropped at R1. Solution with BGP: run BGP between R1-R2 and R1-R3, make the routes coming from R2 preferred, and filter out the routes corresponding to traffic B from the advertisements R3 sends to R1. Solution with single OSPF process: configure an access list on the link between R1-R3 that drops traffic B. :) Of course I might be missing something, so feel free to point out why these wouldn't work in your case. Thanks, Zsombor p b wrote: Using multiple processes might provide a way to implement policy at the link level. Typically, when one thinks of policy, one thinks of BGP. But what if your policy requires the ability to control what traffic can or can't go over a particular link? For example, consider two routers, that are interconnected by a direct link and a N-hop L3 path. Suppose traffic types A and B should typically go over the direct link but, if the direct link fails, traffic type A should be routed over the N-hop L3 path and traffic type B should not be forwarded. I don't believe there's a way to get this level of policy from a single OSPF process or a single OSPF process coupled with BGP. However, if you run multiple OSPF processes, say one for each interesting traffic type, and if you use BGP to set a network's next-hop to match the right OSPF RID, and for each link define a sub-interface (or not) for each OSPF process, then I think the above routing requirements might be supported. MPLS might work here, but I'm not sure. Suppose you have certain types of traffic that Zsombor Papp wrote: What are you trying to achieve with these ~3 OSPF routing processes? Thanks, Zsombor p b wrote:
Re: OSPF summary address with Null 0 [7:73500]
Good question. Null0 will only be used if it can't find a particular address. It's used to prevent routing loops essentially. Shab Hanon wrote in message news:[EMAIL PROTECTED] Hi everybody The case .. OSPF summary address with Null 0 In all the case studies for CCIE R S we told don't use static routes! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IPv6 in the Enterprise Network [7:73667]
Howard C. Berkowitz wrote: Significant interest in Asia. Selected industries: HDTV, 3G wireless, new generation air traffic control HDTV? Do you have any thoughts or pointers as to why HDTV would be looking at v6? When I was at Nortel, we were told by the HDTV people that they planned to use V6 for their infrastructure. Don't have more specifics--it was a future capabilities of a IP/CATV design. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73841t=73667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
