ACL VS Null Route [7:74267]
I'm curious which one is better to use and why in case I want to filter some IP addresses that I don't want them to talk with my network, by using ACL or by null routing them? Say that I have around 50 to 100 IP addresses. Remember that I just want to filter the IP addresses, so I don't care about extended access-list. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74267&t=74267 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
interesting issue with IPX [7:74266]
here's the issue. From my experience, NT servers show up as a type '4' on the SAP table. We're seeing 2000 machines as type '9604'. Anyone out there running IPX, do a 'sh ipx server', you'll see what I mean. Anyone have any ideas? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74266&t=74266 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ACL VS Null Route [7:74267]
Are they in the same address block or are they in separate blocks? Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Irwan Hadi Sent: 22 August 2003 23:29 To: [EMAIL PROTECTED] Subject: ACL VS Null Route [7:74267] I'm curious which one is better to use and why in case I want to filter some IP addresses that I don't want them to talk with my network, by using ACL or by null routing them? Say that I have around 50 to 100 IP addresses. Remember that I just want to filter the IP addresses, so I don't care about extended access-list. Thanks **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74268&t=74267 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Input errors & interface reset [7:74269]
hi all, we have one frame relay link to customer with the following connection router -csu/dsu(lease line)frame relay node/cloud the problem is on serial0/0(connected to csu/dsu) the input errors and interface reset is increasing tremendously, ping test resulted in 6 packets dropped out of 1000. service provider isolation test on the lease line found no error detected. then we did a loopback on csu/dsu facing router, the result is as below, where after a while we still receive input errors and interface reset. could it be because router problem or csu/dsu..? prompt response needed since this customer is currently running on ISDN backup. thanks CustomerA#sh int s0/0 Serial0/0 is up, line protocol is down (looped) Hardware is PowerQUICC Serial MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, reliability 254/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, loopback not set Keepalive set (10 sec) LMI enq sent 5, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down LMI enq recvd 5, LMI stat sent 0, LMI upd sent 0 LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 Last input 00:00:04, output 00:00:04, output hang never Last clearing of "show interface" counters 00:00:50 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/255/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 96 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 5 packets input, 70 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort 5 packets output, 70 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up CustomerA#sh int s0/0 Serial0/0 is up, line protocol is down (looped) Hardware is PowerQUICC Serial MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, reliability 251/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, loopback not set Keepalive set (10 sec) LMI enq sent 6, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down LMI enq recvd 6, LMI stat sent 0, LMI upd sent 0 LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 Last input 00:00:05, output 00:00:05, output hang never Last clearing of "show interface" counters 00:01:01 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/255/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 96 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 6 packets input, 84 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 2 input errors, 0 CRC, 2 frame, 0 overrun, 0 ignored, 0 abort 6 packets output, 84 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up CustomerA#sh int s0/0 Serial0/0 is up, line protocol is down (looped) Hardware is PowerQUICC Serial MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, reliability 252/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, loopback not set Keepalive set (10 sec) LMI enq sent 12, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down LMI enq recvd 12, LMI stat sent 0, LMI upd sent 0 LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 Last input 00:00:06, output 00:00:06, output hang never Last clearing of "show interface" counters 00:02:02 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/255/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 96 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 12 packets input, 168 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 3 input errors, 0 CRC, 3 frame, 0 overrun, 0 ignored, 0 abort 12 packets output, 168 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 output buffer failures, 0 output buffers swapped out 0
traffic through a PIX [7:74270]
Good Afternoon, I have a continues traffic going through my pix about 128 K but I can not pin point the source and destination of it. Anyone knows what is the easiest tool or method to use to trace this traffic? Thanks Moe Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74270&t=74270 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Data Center Design [7:74126]
These days, when anyone talks about data center design, you can't go terribly far without stating your availability and security policy. These will be basic drivers. Indeed, for a sufficiently high level of availability, you have to have more than one data center (or backup at a colocation facility). One of my pet peeves -- everyone talks about fire protection, but very few people talk about protection from fire protection. In my career, I've never had a data center fire (well, magic smoke pouring once, several in network labs, and lots in medical labs), but I have experienced four center failures due to firefighting water cascading down from elsewhere in the building. You need experienced people for electrical as well as electronic design. I like the term POES -- Plain Old Electrical Service -- to contrast with Plain Old Telephone Service. POES isn't adequate for data centers. A nice paper: [Budenski] Dale Budenski, SR RCDD / MEC, The Wiremold Company. "Electrical Considerations for Telecommunications" http://www.wiremold.com/commercial/onlinesupport/technical/papers/telecommunications.html Annlee Hines and I address different aspects of availability and data center design in our books. Annlee's _Planning for Survivable Networks_ is definitive on establishing requirements for the data center and network. My _Building Service Provider Networks_ discusses building ISP facilities, and my _WAN Survival Guide_ gets into network availability and server failover models. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74272&t=74126 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ACL VS Null Route [7:74267]
I believe that it is best practice to block them via an ACL inbound before they enter the router. If you route them to a Null interface the router has to further process them. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74273&t=74267 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: ACL VS Null Route [7:74267]
On Fri, Aug 22, 2003 at 11:48:59PM +, Dom wrote: > Are they in the same address block or are they in separate blocks? separate blocks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74271&t=74267 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Input errors & interface reset [7:74269]
To test a looped line change your encapsulation from Frame Relay to HDLC. You can then ping the ip address of your own interface. The CSU/DSU may have the ability to loopback to the router. You might also wish to create a loopback plug to use at the Telco side of the CSU/DSU. Also consider a loopback plug/jack to use at the cable end where the telephone company's demark point is located. The cable between the CSU/DSU and the demark may be defective. Try different bit patterns in the pings - you can create them if you used extended ping. All ones Ox, all zeros Ox, alternating ones and zeros 0x. Check CCO for several pages: One is troubleshooting serial lines, http://www.cisco.com/warp/public/112/chapter15.htm the other troubleshooting T-1s - you'll have to find the URL. > -Original Message- > From: Md Nazri [mailto:[EMAIL PROTECTED] > Sent: Friday, August 22, 2003 7:21 PM > To: [EMAIL PROTECTED] > Subject: Input errors & interface reset [7:74269] > > > hi all, > > we have one frame relay link to customer with the following connection > > router -csu/dsu(lease line)frame relay node/cloud > > the problem is on serial0/0(connected to csu/dsu) the input errors and > interface reset is increasing tremendously, ping test > resulted in 6 packets > dropped out of 1000. > service provider isolation test on the lease line found no > error detected. > then we did a loopback on csu/dsu facing router, the result > is as below, > where > after a while we still receive input errors and interface reset. > > could it be because router problem or csu/dsu..? > prompt response needed since this customer is currently > running on ISDN > backup. > > thanks > > CustomerA#sh int s0/0 > Serial0/0 is up, line protocol is down (looped) > Hardware is PowerQUICC Serial > MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, > reliability 254/255, txload 1/255, rxload 1/255 > Encapsulation FRAME-RELAY, loopback not set > Keepalive set (10 sec) > LMI enq sent 5, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down > LMI enq recvd 5, LMI stat sent 0, LMI upd sent 0 > LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE > Broadcast queue 0/64, broadcasts sent/dropped 0/0, > interface broadcasts 0 > Last input 00:00:04, output 00:00:04, output hang never > Last clearing of "show interface" counters 00:00:50 > Input queue: 0/75/0/0 (size/max/drops/flushes); Total > output drops: 0 > Queueing strategy: weighted fair > Output queue: 0/1000/64/0 (size/max total/threshold/drops) > Conversations 0/255/256 (active/max active/max total) > Reserved Conversations 0/0 (allocated/max allocated) > Available Bandwidth 96 kilobits/sec > 5 minute input rate 0 bits/sec, 0 packets/sec > 5 minute output rate 0 bits/sec, 0 packets/sec > 5 packets input, 70 bytes, 0 no buffer > Received 0 broadcasts, 0 runts, 0 giants, 0 throttles > 1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort > 5 packets output, 70 bytes, 0 underruns > 0 output errors, 0 collisions, 1 interface resets > 0 output buffer failures, 0 output buffers swapped out > 0 carrier transitions > DCD=up DSR=up DTR=up RTS=up CTS=up > > CustomerA#sh int s0/0 > Serial0/0 is up, line protocol is down (looped) > Hardware is PowerQUICC Serial > MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, > reliability 251/255, txload 1/255, rxload 1/255 > Encapsulation FRAME-RELAY, loopback not set > Keepalive set (10 sec) > LMI enq sent 6, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down > LMI enq recvd 6, LMI stat sent 0, LMI upd sent 0 > LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE > Broadcast queue 0/64, broadcasts sent/dropped 0/0, > interface broadcasts 0 > Last input 00:00:05, output 00:00:05, output hang never > Last clearing of "show interface" counters 00:01:01 > Input queue: 0/75/0/0 (size/max/drops/flushes); Total > output drops: 0 > Queueing strategy: weighted fair > Output queue: 0/1000/64/0 (size/max total/threshold/drops) > Conversations 0/255/256 (active/max active/max total) > Reserved Conversations 0/0 (allocated/max allocated) > Available Bandwidth 96 kilobits/sec > 5 minute input rate 0 bits/sec, 0 packets/sec > 5 minute output rate 0 bits/sec, 0 packets/sec > 6 packets input, 84 bytes, 0 no buffer > Received 0 broadcasts, 0 runts, 0 giants, 0 throttles > 2 input errors, 0 CRC, 2 frame, 0 overrun, 0 ignored, 0 abort > 6 packets output, 84 bytes, 0 underruns > 0 output errors, 0 collisions, 2 interface resets > 0 output buffer failures, 0 output buffers swapped out > 0 carrier transitions > DCD=up DSR=up DTR=up RTS=up CTS=up > > CustomerA#sh int s0/0 > Serial0/0 is up, line protocol is down (looped) > Hardware is PowerQUICC Serial > MTU 1500 bytes, BW 128 Kbit, DLY 2 usec, > reliability 252/255, txload 1/255, rxload 1/255 > Encapsulation F
ooking for CCIE practice test. What boson test is the best ? [7:74274]
Looking for CCIE routing & switching practice exam test. What boson test is the best ? _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74274&t=74274 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
