Re: PIX PDM [7:74758]

2003-09-04 Thread Jason Viera 
"Our security group is recommending not to use PDM to
configure our Pix firewalls.  They did not give any
reason for their recommendation.  Does anyone know why
PDM should not be used?"

From what I understand there are a few commands that can't be used from
the PDM (they require the use of the CLI), also using a web-based
configuration tool seems to undermine the very premise of network security,
if you think about it how many companies use the other web-based software
(for configuration) that Cisco has made available. Also , if you look at the
software that Cisco has produced in the past it hasn't been very reliable
(due to the fact that it is freely available and gives no ROI) an example
would be their TFTP server software or the Cisco Configmaker. From what I
understand the PDM was made available to compete with the other vendors web
based configuration software, obviously there is a demand from the customers
for such software(So it could be possible that Cisco is actually making am
attempt on this one), but whether or not PDM is just a marketing tool or a
viable configuration solution I don't know. What is the reason that you are
considering using the PDM software in the first place???
HTH,  Jason

""Gary Leong""  wrote in message
news:[EMAIL PROTECTED]
> Our security group is recommending not to use PDM to
> configure our Pix firewalls.  They did not give any
> reason for their recommendation.  Does anyone know why
> PDM should not be used?
>
> __
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74769&t=74758
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Ip snooping in cisco routers [7:74708]

2003-09-04 Thread ramesh_cisco 
friends ,


 


Any one can give me clue on how to configure ip snooping in cisco routers???


 


thanks


ramesh 


 
Get Your Private, Free E-mail from Indiatimes at  http://email.indiatimes.com
Buy The Best In BOOKS at http://www.bestsellers.indiatimes.com
Bid for Air Tickets on Air Sahara Flights at Prices Lower Than Before. Just
log on to http://airsahara.indiatimes.com and Bid Now !
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74774&t=74708
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Ip snooping in cisco routers [7:74708]

2003-09-04 Thread ramesh_cisco 
friends ,


 


Any one can give me clue on how to configure ip snooping in cisco routers???


 


thanks


ramesh 


 
Get Your Private, Free E-mail from Indiatimes at  http://email.indiatimes.com
Buy The Best In BOOKS at http://www.bestsellers.indiatimes.com
Bid for Air Tickets on Air Sahara Flights at Prices Lower Than Before. Just
log on to http://airsahara.indiatimes.com and Bid Now !
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74770&t=74708
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Cisco ATM module [7:74707]

2003-09-04 Thread [EMAIL PROTECTED] 
Hi,

Were interested in buying some used Cisco equipment.

Specifically we are interested in ATM modules for the Cisco 4500/4700 router.
Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules.

Please let us know if you have anything available.

Thanks

[EMAIL PROTECTED]


Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat
60 Minuten.
http://internet.sunrise.ch/de/wireline/wir_plus.asp
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74772&t=74707
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Cisco ATM module [7:74707]

2003-09-04 Thread [EMAIL PROTECTED] 
Hi,

Were interested in buying some used Cisco equipment.

Specifically we are interested in ATM modules for the Cisco 4500/4700 router.
Either the NP-1A-MM (multi mode) or NP-1A-SM (single mode) modules.

Please let us know if you have anything available.

Thanks

[EMAIL PROTECTED]


Neu: Stundenlang gratis telefonieren! sunrise schenkt Ihnen jeden Monat
60 Minuten.
http://internet.sunrise.ch/de/wireline/wir_plus.asp
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74773&t=74707
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Re: Ip snooping in cisco routers [7:74708]

2003-09-04 Thread ramesh_cisco 
thanks for all for your inputs


ramesh

"dre" wrote:



""Reimer, Fred"" wrote in message ...
> E gads! All hacks because even at this time Cisco can't manage to write
the
> little code necessary to create a buffer in memory where packets can be
> stored, and then transferred via TFTP. With today's routers that have
more
> than enough processing power and memory, there's just no excuse, IMO.

I, personally, prefer ERSPAN to most other methods. Being able to
have an encapsulated stream of capture data available from any available
IP routed path (could be the whole Internet), and able to export to your
personal workstation, e.g., running tcpdump or Ethereal, is definitely the
proper way to be sniffing.

OTOH, Junipers should be able to do what you are talking about in some
(but not all) cases. Depends on how much traffic you are talking about.

The RSPAN+VACL method described on CCO is just as valid as
anything else, but requires Cisco Catalyst switches with some type of
Layer-3 functionality (e.g. Cat3550, some Cat6k, some Cat4k, others).
In the case of a 6500 it requires a PFC card, of which all Sup2 and Sup720
modules include. Sup1/Sup1a needs PFC to do RSPAN.

-dre
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

Get Your Private, Free E-mail from Indiatimes at  http://email.indiatimes.com
Buy The Best In BOOKS at http://www.bestsellers.indiatimes.com
Bid for Air Tickets on Air Sahara Flights at Prices Lower Than Before. Just
log on to http://airsahara.indiatimes.com and Bid Now !




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74775&t=74708
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 6509 Power Supply Swap -- No Swap? [7:74695]

2003-09-04 Thread Reimer, Fred 
No, what was your experience???  I expect from your question that you had
issues...


Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: COULOMBE, TROY [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, September 02, 2003 8:57 PM
To: [EMAIL PROTECTED]
Subject: 6509 Power Supply Swap -- No Swap? [7:74695]

Has anyone successfully HOT-SWAP-upgraded power supplies on a 6509s.

In other words:::

Pwr-A is 1300 watts Pwr-B is 1300 watts

Pull out Pwr-A; 

XXX Pwr-B is 1300 watts

replace it w/ a 2500 watt pwr supply; so you now have:::

Pwr-A is 2500 watts Pwr-B is 1300 watts

Now pull out Pwr-B; 

Pwr-A is 2500 watts XXX

replace it w/ a 2500 watt pwr supply; so you now have:::


Pwr-A is 2500 watts Pwr-B is 2500 watts


And all without any downtime

Thanks
TroyC
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74771&t=74695
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

OT: Cable Lengths [7:74776]

2003-09-04 Thread [EMAIL PROTECTED] 
I have a question regarding the max length for a 100BaseT cable. Granted I
haven't done a wealth of research on this so feel free to point me to
google if the answer is mind numbingly simple, which it probably is

I have always understood the 100M limitation on 10BaseT ethernet cable to
be attributable to the time it would take a collision signal - assuming you
are running at half duplex - to be returned in time to prevent the next
packet from being sent. In other words any longer than 100M and the sending
station would not get the message in time that there had been a collision
and thus continue sending packets instead of backing off. I have heard
attenuation mentioned, but not as the "real" reason for the distance limit.

My question is given that many stations are running 100 full duplex these
days - thus removing the collision concerns - does this effectively change
the maximum distance for cable runs? Or is attenuation truly a factor in
anything over 100M?

In general I am referring to standard Cat5 cabling

Just curious...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74776&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: NM-8AM synch. support [7:74648]

2003-09-04 Thread WilliamR 
No.

William

 wrote in message
news:[EMAIL PROTECTED]
> Hi,
> Does NM-8AM or WIC-1AM modules support sync. Connection?
> Thanks
> regards
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74777&t=74648
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: PIX- DMZ [7:74422]

2003-09-04 Thread zak spaniol 
Yes, I would like syntax.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74778&t=74422
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Cable Lengths [7:74776]

2003-09-04 Thread Dom 
The following link may help a little

http://www.sysdom.org/html/ethernet_faq.htm

Best regards,

Dom Stocqueler
SysDom Technologies
Visit our website - www.sysdom.org


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: 04 September 2003 11:37
To: [EMAIL PROTECTED]
Subject: OT: Cable Lengths [7:74776]


I have a question regarding the max length for a 100BaseT cable. Granted
I haven't done a wealth of research on this so feel free to point me to
google if the answer is mind numbingly simple, which it probably is

I have always understood the 100M limitation on 10BaseT ethernet cable
to be attributable to the time it would take a collision signal -
assuming you are running at half duplex - to be returned in time to
prevent the next packet from being sent. In other words any longer than
100M and the sending station would not get the message in time that
there had been a collision and thus continue sending packets instead of
backing off. I have heard attenuation mentioned, but not as the "real"
reason for the distance limit.

My question is given that many stations are running 100 full duplex
these days - thus removing the collision concerns - does this
effectively change the maximum distance for cable runs? Or is
attenuation truly a factor in anything over 100M?

In general I am referring to standard Cat5 cabling

Just curious...
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74779&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Cable Lengths [7:74776]

2003-09-04 Thread Nakul Malik 
looking at it practically, you can run cable at 150 m and still make it
work. but the question is, will it meet the reference crieteria. there are a
lot of things to be looked at here of which an important factor is
attentuation.
-Nakul

""[EMAIL PROTECTED]""  wrote in
message news:[EMAIL PROTECTED]
> I have a question regarding the max length for a 100BaseT cable. Granted I
> haven't done a wealth of research on this so feel free to point me to
> google if the answer is mind numbingly simple, which it probably is
>
> I have always understood the 100M limitation on 10BaseT ethernet cable to
> be attributable to the time it would take a collision signal - assuming
you
> are running at half duplex - to be returned in time to prevent the next
> packet from being sent. In other words any longer than 100M and the
sending
> station would not get the message in time that there had been a collision
> and thus continue sending packets instead of backing off. I have heard
> attenuation mentioned, but not as the "real" reason for the distance
limit.
>
> My question is given that many stations are running 100 full duplex these
> days - thus removing the collision concerns - does this effectively change
> the maximum distance for cable runs? Or is attenuation truly a factor in
> anything over 100M?
>
> In general I am referring to standard Cat5 cabling
>
> Just curious...
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74780&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

3640 Router [7:74783]

2003-09-04 Thread Cappuccio Victor 
Hello people

I what to know if a Cisco 3640 Router can support a E3 connection ??

Regards
Victor.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74783&t=74783
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

NAT and DNS [7:74781]

2003-09-04 Thread alaerte Vidali 
Should a static NAT translate embeded IP inside a DNS answer (not zone
transfer)?

Host(eth0)R1 (serial0)R4(eth0)(eth0)R2(eth1)---DNS server

R4
Int ser 0
 Ip ad 172.1.14.2 255.255.255.0
 Ip nat outside
!
int eth0
 ip ad 172.2.24.2 255.255.255.0
 ip nat inside

I found an answer on Cisco pages saying yes, but Sniffer showed that it is
not happening.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74781&t=74781
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: End to End / Local VLAN's [7:74593]

2003-09-04 Thread Cappuccio Victor 
Bani, Lookin at the Book i found this
There is a difference of what you say ??

Regards
Victor. 

106 Chapter 4: VLANs and Trunking
End-to-End VLANs
End-to-end VLANs, also called campus-wide VLANs, span the entire switch
fabric of a network. They are positioned to support maximum flexibility and
mobility of end devices. Users are assigned to VLANs regardless of physical
location. As a user moves around the campus, that userÂ’s VLAN membership
stays the same. This means that each VLAN must be made available at the
access layer in every switch block.
End-to-end VLANs should group users according to common requirements. All
users in a VLAN should have roughly the same traffic flow patterns,
following the 80/20 rule. Recall that this rule estimates that 80 percent of
user traffic stays within the local workgroup, while 20 percent is destined
for a remote resource in the campus network. Although only 20 percent of the
traffic in a VLAN is expected to cross the network core, end-to-end VLANs
make it possible
for all traffic within a single VLAN to cross the core. Because all VLANs
must be available at each access layer switch, VLAN trunking must be used to
carry all VLANs between the access and distribution layer switches.
(Trunking is discussed in later sections of this chapter.)
Local VLANs
Because most enterprise networks have moved toward the 20/80 rule (where
server and intranet/Internet resources are centralized), end-to-end VLANs
have become cumbersome and difficult to maintain. The 20/80 rule is
reversed—only 20 percent of traffic is local, while 80
percent is destined to a remote resource across the core layer. End users
require access to central resources outside their VLAN. Users must cross
into the network core more frequently. In this type of network, VLANs are
designed to contain user communities based on geographic boundaries, with
little regard to the amount of traffic leaving the VLAN. Local or geographic
VLANs range in size from a single switch in a wiring closet to an entire
building. Arranging VLANs in this fashion enables the Layer 3 function in
the campus network to intelligently handle the inter-VLAN traffic loads.
This scenario provides maximum availability by using multiple paths to
destinations, maximum scalability by keeping the VLAN within a switch block,
and maximum manageability.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74782&t=74593
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: RE: Slow Browsing via 500 Pix firewall [7:74583]

2003-09-04 Thread Wilmes, Rusty 
this may be silly but did you do a "sho debug" to see if any debugs were
running?  I had accidentally left a debug crypto ipsec running after trouble
shooting a vpn. that drastically slowed down everything.


-Original Message-
From: Mark
To: [EMAIL PROTECTED]
Sent: 9/3/2003 8:46 PM
Subject: Re: RE: Slow Browsing via 500 Pix firewall [7:74583]

Is the problem related to a slow initial connection to a Web Server? If
so
then it could be an IDENT protocol problem (TCP port 113 connection
coming
back to you from the server). Try putting "service resetoutside" on the
PIX
and see if the problem still persists.

Mark
CCIE R&S, Security
Lab Technician
GigaVelocity.com

- Original Message -
>From: "Jurkouich, Brett, CNTR, DCAA" 
>Reply-To: "Jurkouich, Brett, CNTR, DCAA" 
>To: [EMAIL PROTECTED]
>Subject: RE: Slow Browsing via 500 Pix firewall [7:74583]
>Date: Tue, 2 Sep 2003 18:20:06 GMT
>
>Try turning off the port 80 inspecting with the "no fixup protocol http
>80" command
>
>-Original Message-
>From: Faisal [mailto:[EMAIL PROTECTED]
>Sent: Monday, September 01, 2003 1:38 AM
>To: [EMAIL PROTECTED]
>Subject: Slow Browsing via 500 Pix firewall [7:74583]
>
>
>Hi All,
>I am having problem of slow or interminnent browsing through pix
>firewall. If I bypass the traffic speeds are fine. But if all that
>traffic is going via firewall then it becomes extremely slow. Please
>anybody can help me how to sort this out.
>
>Regards
>Faisal
>**Please support GroupStudy by purchasing from the GroupStudy Store:
>http://shop.groupstudy.com FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>**Please support GroupStudy by purchasing from the GroupStudy Store:
>http://shop.groupstudy.com
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74784&t=74583
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Calls made by DNS [7:74785]

2003-09-04 Thread Wayne Brewster 
Hello group,

I have an 802 ISDN router connected to the internet. The firewall is a
PIX506. I want to stop DNS queries from the Win200 Servers from bring up
the channels after work hours or any other technique that will eliminate
DNS calls but still maintain the proper functionality of the network. I
am trying to reduce the cost of the ISDN monthly billing. Please give me
your input.

Wayne




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74785&t=74785
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: NM-1CT1 or WIC-1DSU-T1 [7:74741]

2003-09-04 Thread MADMAN 
NM-1CT1 terminates a PRI and obviously a channelized T1.

  Dave

neil K wrote:

>Can somebody explain when I can use WIC-1DSU-T1 over NM-1CT1 or what exactly
>are the difference except that WIC-1DSU-T1 has a built-in DSU/CSU where as
>NM-1CT1 is a T1 Module.
>
>Thanks in advance.
>
>neil
>**Please support GroupStudy by purchasing from the GroupStudy Store:
>http://shop.groupstudy.com
>FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
>
>  
>

-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

"Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74787&t=74741
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: 3640 Router [7:74783]

2003-09-04 Thread M.C. van den Bovenkamp 
Cappuccio Victor wrote:

> I what to know if a Cisco 3640 Router can support a E3 connection ??

'Support' as in 'connect to': Yes. There are E3 ATM and HSSI NMs for it.

'Support' as in 'run at line speed': Doubtful. A 3640 will do something 
like 60Kps flat out. Which is enough to fill an E3 at average packet 
sizes, but you don't have much oomph left.

Regards,

Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74786&t=74783
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

??? Layer 2 routing ??? [7:74788]

2003-09-04 Thread Steven Aiello 
Ok all I have a question on this subject.  I know routing takes place at 
the network layer, and switching takes place at the data link layer 
because it works based on physical addresses.  So how do we get route 
switching?  I've just started my CCNP and we were learning about 
different cache methods to speed up performance, is this how route 
switching is done, is the routing calculation be performed on a per 
packet basis?  I was reading that by default, Cisco routers only perform 
a routing calculation on the first packet for a destination network and 
then on less the no route-cache option is set all the rest of the 
packets are really only "switched" to the correct interface.  Am I 
missing something?  I would invision that a router would by default 
perform a lookup for each connection sequence.  does layer 3 routing not 
do a look up for each sequence of packet?  Does is look at an address 
and use an "old" pre say route that was cached in memory?  If some one 
can give a good explanation I would greatly appreciate it.

Thanks,
Steve




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74788&t=74788
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ping cisco@groupstudy.com [7:74702]

2003-09-04 Thread Reimer, Fred 
Wow!  Given your CCIE number you must be using a REALLY old router for that
ping.  Most newer models send five echo requests, not three.  Either that or
some packets got lost somewhere...

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Brian McGahan [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, September 03, 2003 10:39 PM
To: [EMAIL PROTECTED]
Subject: ping [EMAIL PROTECTED] [7:74702]

!!!

Brian McGahan, CCIE #8593
[EMAIL PROTECTED] 

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-334-8987
Direct: 708-362-1418 (Outside the US and Canada)
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74789&t=74702
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: NM-1CT1 or WIC-1DSU-T1 [7:74741]

2003-09-04 Thread [EMAIL PROTECTED] 
Along similar lines - can you directly interconnect two WIC-1DSU-T1
interfaces via serial cable?


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
neal rauhauser
Sent: Wednesday, September 03, 2003 6:55 PM
To: [EMAIL PROTECTED]
Subject: Re: NM-1CT1 or WIC-1DSU-T1 [7:74741]

The WIC-1DSU-T1 is a service module - it always appear as serial0/0 or
whatever, and if you do anything with timeslots you are just adjusting
the number used for this one serial interface.

  The NM-1CT1 is a channelized T1 interface. You must configure one or
more channels in a channel group, then they get assigned to a virtual
serial interface.

  In the bad old days before frame relay people used to get 56k leased
lines for remote offices and aggregate them all by having a channelized
T1 delivered with each DS0 being a separate circuit to a remote.

  One additional use for the channelized interfaces that I am aware of
is attachment to digital modem modules like the NM-xxDM. There may be
others, but that is the one that comes to mind first.


  If you don't know why you might want an NM-1CT1, you need a
WIC-1DSU-T1 :-)



neil K wrote:
> 
> Can somebody explain when I can use WIC-1DSU-T1 over NM-1CT1 or what
exactly
> are the difference except that WIC-1DSU-T1 has a built-in DSU/CSU
where as
> NM-1CT1 is a T1 Module.
> 
> Thanks in advance.
> 
> neil
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74756&t=74741
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Wicked screensaver [7:74792]

2003-09-04 Thread [EMAIL PROTECTED] 
Please see the attached file for details.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74792&t=74792
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OT Gibberish in email [7:74740]

2003-09-04 Thread Reimer, Fred 
Must not be listening to Doug on the nmsusers.org site lists.  He plans on
using Bayesian filters on network management events to predict causal
effects of network issues.  Considering that AOL must have boat loads of
events, from syslogs, to SNMP traps, to events generated by network
management systems, it may help break down the deluge into a manageable
amount.  Bayesian filters have been around for a while, and are used in
bunches of different applications.  It's just recently over the last few
years that they have been applied to SPAM identification.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, September 03, 2003 5:36 PM
To: [EMAIL PROTECTED]
Subject: RE: OT Gibberish in email [7:74740]

Reimer, Fred wrote:
> 
> It is an attempt by the SPAMers to avoid SPAM software that
> takes a hash of
> the SPAM and blocks SPAM on machines based on these hash
> values.  There are
> some anti-SPAM "solutions" out there that basically relies on
> the users to
> mark email as SPAM.  When they do, the client machines send the
> hash of the
> SPAM up to the service provider, which shares these hashes with
> all other
> subscribers.  So, if the same exact SPAM is sent to another
> user it would
> automatically get blocked.  These random characters change the
> hash value,
> and hence this method of blocking SPAM is ineffective.
> 
> Use a Bayesian filter program for your SPAM.  I have 3755
> emails in my "Junk
> Mail" folder now, and I empty it out last on July 18th.  Check
> out
> www.Junk-Out.com.
> 
> Fred Reimer - CCNA

Someone should develop a SPAM filter that looks for certain types of
randomness within a message. This would be difficult, but certainly not
impossible. You'd have to be pretty creative about it but it ought to be
possible to devise an algorithm that could detect that sort of random
line--often found in the subject line--and flag it as SPAM.

I haven't heard of a Bayesian filter before. I'm going to go find out more
about that right now.

John
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74753&t=74740
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Electrical Loads -> WAS RE: 6509 Power Supply Swap -- No Swap? [7:74791]

2003-09-04 Thread Daniel Cotts 
Check out the "National Electrical Code Handbook" from the National Fire
Protection Agency. The "handbook" has some explanations - making it a little
more readable than the "code" alone. IIRC the handbook is about $75.

The big issue with a computing environment is the sizing of the neutral
conductor. In normal installations the neutral current to ground should be
less than that on any of the "hot" legs. Ideally it should be close to zero.
As such the neutral conductor is often sized smaller than the hot legs. The
switching power supplies of computer gear change all that. Due to harmonics
the current on the neutral can be 150% of that on the hot legs. In a
computing environment the neutral should be oversized and particular
attention should be made that it has a low resistance path to ground. My
source for this is documentation from Chloride UPSs and field measurements.
The above is true for the US. If you live elsewhere YMMV. 

> -Original Message-
> From: "Chuck Whose Road is Ever Shorter" 

> what amperage were your circuits? were the two power supplies 
> plugged into
> different circuits?
> 
> a 2500 watt PS requires a 20 amp circuit, while the 1300 can run on a
> standard 15 amp circuit. If you were to plug your 2500 watt 
> supply into the
> same 15 amp circuit as your 1300, I can see problems developing.
> 
> Can you tell I've been reading up on electricity in response 
> to a customer
> who apparently doesn't trust his electricians?
> 
> in any case I would bet there is some connection with the 
> reload and the
> numbers and draws of your line cards as well.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74791&t=74791
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OT Gibberish in email [7:74740]

2003-09-04 Thread Wilmes, Rusty 
I've been trying to scrounge up the time to build one of these...

http://lawmonkey.org/anti-spam.html

combination of bayesian and razor on openbsd acting as an MTA.

About 1/2 our staff installed freeware screensaver (read: gator) on their
computers and our spam has gone through the roof.



-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 03, 2003 2:36 PM
To: [EMAIL PROTECTED]
Subject: RE: OT Gibberish in email [7:74740]


Reimer, Fred wrote:
> 
> It is an attempt by the SPAMers to avoid SPAM software that
> takes a hash of
> the SPAM and blocks SPAM on machines based on these hash
> values.  There are
> some anti-SPAM "solutions" out there that basically relies on
> the users to
> mark email as SPAM.  When they do, the client machines send the
> hash of the
> SPAM up to the service provider, which shares these hashes with
> all other
> subscribers.  So, if the same exact SPAM is sent to another
> user it would
> automatically get blocked.  These random characters change the
> hash value,
> and hence this method of blocking SPAM is ineffective.
> 
> Use a Bayesian filter program for your SPAM.  I have 3755
> emails in my "Junk
> Mail" folder now, and I empty it out last on July 18th.  Check
> out
> www.Junk-Out.com.
> 
> Fred Reimer - CCNA

Someone should develop a SPAM filter that looks for certain types of
randomness within a message. This would be difficult, but certainly not
impossible. You'd have to be pretty creative about it but it ought to be
possible to devise an algorithm that could detect that sort of random
line--often found in the subject line--and flag it as SPAM.

I haven't heard of a Bayesian filter before. I'm going to go find out more
about that right now.

John
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74752&t=74740
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Calls made by DNS [7:74785]

2003-09-04 Thread Reimer, Fred 
A dial-list can specify an extended access list, why don't you just create
one with time ranges.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Wayne Brewster [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 04, 2003 9:56 AM
To: [EMAIL PROTECTED]
Subject: Calls made by DNS [7:74785]

Hello group,

I have an 802 ISDN router connected to the internet. The firewall is a
PIX506. I want to stop DNS queries from the Win200 Servers from bring up
the channels after work hours or any other technique that will eliminate
DNS calls but still maintain the proper functionality of the network. I
am trying to reduce the cost of the ISDN monthly billing. Please give me
your input.

Wayne
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74793&t=74785
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 3640 Router [7:74783]

2003-09-04 Thread [EMAIL PROTECTED] 
The 3640 can in theory but cannot really support a DS3 circuit at full
speed..hence the 3745s will quickly take over the market for 3640s..

-Original Message-
From: Cappuccio Victor [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 04, 2003 8:46 AM
To: [EMAIL PROTECTED]
Subject: 3640 Router [7:74783]


Hello people

I what to know if a Cisco 3640 Router can support a E3 connection ??

Regards
Victor.
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html



For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays 
Group does not accept legal responsibility for the contents of this 
message.  Although the Barclays Group operates anti-virus programmes, 
it does not accept responsibility for any damage whatsoever that is 
caused by viruses being passed.  Any views or opinions presented are 
solely those of the author and do not necessarily represent those of the 
Barclays Group.  Replies to this email may be monitored by the Barclays 
Group for operational or business reasons.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74790&t=74783
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

??? Cisco Express Forwarding ??? [7:74794]

2003-09-04 Thread Steven Aiello 
Another question,

  in CEF is the whole routing table held in a cache?  If so what is the 
diffrence between this and the routing table held in RAM?  Is the cache 
faster than the regular RAM in the router?

Thanks,
Steve




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74794&t=74794
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Calls made by DNS [7:74785]

2003-09-04 Thread Daniel Cotts 
Sounds like a timed access-list would help. Watch the wrap:
pad
pad
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c
/ipcprt1/1cdip.htm#1001432

> -Original Message-
> From: Wayne Brewster [mailto:[EMAIL PROTECTED]
> Sent: Thursday, September 04, 2003 8:56 AM
> To: [EMAIL PROTECTED]
> Subject: Calls made by DNS [7:74785]
> 
> 
> Hello group,
> 
> I have an 802 ISDN router connected to the internet. The firewall is a
> PIX506. I want to stop DNS queries from the Win200 Servers 
> from bring up
> the channels after work hours or any other technique that 
> will eliminate
> DNS calls but still maintain the proper functionality of the 
> network. I
> am trying to reduce the cost of the ISDN monthly billing. 
> Please give me
> your input.
> 
> Wayne
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info: 
> http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74795&t=74785
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ??? Layer 2 routing ??? [7:74788]

2003-09-04 Thread Reimer, Fred 
I'm sure this HAS to be somewhere on Cisco's web site, but a brief general
explanation is this:  Cisco, and most other vendor's hardware now-adays, has
ASIC chips that inspect ingress traffic coming into the switch.  It also has
a shared memory buffer that it stores cached route-switch information.  This
information generally contains all of the information necessary, in the
proper format, that the ASIC needs to re-write the packet on the outbound
interface (which is usually part of the cached information).  If a new flow
is being established, there obviously won't be any information in the cache
on how to re-write that packet in hardware (ASIC).  So, the "switch" has to
send the packet to the "routing engine" to have it layer-3 routed.  The
router makes the usual routing decisions, and stores the information
necessary for the ASIC to handle future packets between this
source-destination pair in the shared memory cache.  Any future packets are
handled "in hardware" by the ASIC, and don't need to go back to the route
engine.

The specific architecture obviously depends on what specific hardware you
are talking about.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Steven Aiello [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 04, 2003 10:05 AM
To: [EMAIL PROTECTED]
Subject: ??? Layer 2 routing ??? [7:74788]

Ok all I have a question on this subject.  I know routing takes place at 
the network layer, and switching takes place at the data link layer 
because it works based on physical addresses.  So how do we get route 
switching?  I've just started my CCNP and we were learning about 
different cache methods to speed up performance, is this how route 
switching is done, is the routing calculation be performed on a per 
packet basis?  I was reading that by default, Cisco routers only perform 
a routing calculation on the first packet for a destination network and 
then on less the no route-cache option is set all the rest of the 
packets are really only "switched" to the correct interface.  Am I 
missing something?  I would invision that a router would by default 
perform a lookup for each connection sequence.  does layer 3 routing not 
do a look up for each sequence of packet?  Does is look at an address 
and use an "old" pre say route that was cached in memory?  If some one 
can give a good explanation I would greatly appreciate it.

Thanks,
Steve
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74797&t=74788
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

3640 Router E3 support (maybe) [7:74800]

2003-09-04 Thread neal rauhauser 
You can install an NM-HSSI and an external E3 CSU/DSU or use an
internal NM-1TE3 to terminate a clear channel link.

  Cisco also built an NM-1A-E3 ATM card as well. In the US the DS3
counterpart to this card was typically used for DSL providers, while the
clear channel card or HSSI + external CSU/DSU was used for internet
connectivity.

 
  So the machine can physically terminate the link and it can stand a
full circuit worth of traffic, but if you're considering running BGP *BE
CAREFUL*.


  A little while ago I was working on a 128 meg Cisco 7206 connected to
Sprint via a DS3. IOS grabbed 16 meg for packet buffer in the presence
of the high speed interface and the 122k BGP routes from Sprint were too
much for the remaining memory. A Cisco 2650 with 128 meg can still take
full routes from Sprint because it has much less buffer space allocated,
but in general I'm treating 128 meg boxes as ticking bombs if they're
connected to Tier 1 providers - its just a matter of time - maybe this
time next year - before they just stop working due to memory issues.




Cappuccio Victor wrote:
> 
> Hello people
> 
> I what to know if a Cisco 3640 Router can support a E3 connection ??
> 
> Regards
> Victor.
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74800&t=74800
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: OT: Cable Lengths [7:74776]

2003-09-04 Thread neal rauhauser 
I've seen situations where the legal length has been nearly doubled
on full duplex connections without much apparent trouble. I don't know
if I'd trust a Windoze box in this kind of configuration, but routers,
unix hosts, etc, don't seem to mind too much.


"[EMAIL PROTECTED]" wrote:
> 
> I have a question regarding the max length for a 100BaseT cable. Granted I
> haven't done a wealth of research on this so feel free to point me to
> google if the answer is mind numbingly simple, which it probably is
> 
> I have always understood the 100M limitation on 10BaseT ethernet cable to
> be attributable to the time it would take a collision signal - assuming you
> are running at half duplex - to be returned in time to prevent the next
> packet from being sent. In other words any longer than 100M and the sending
> station would not get the message in time that there had been a collision
> and thus continue sending packets instead of backing off. I have heard
> attenuation mentioned, but not as the "real" reason for the distance limit.
> 
> My question is given that many stations are running 100 full duplex these
> days - thus removing the collision concerns - does this effectively change
> the maximum distance for cable runs? Or is attenuation truly a factor in
> anything over 100M?
> 
> In general I am referring to standard Cat5 cabling
> 
> Just curious...
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74799&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

What am I missing? HELP [7:74803]

2003-09-04 Thread Hyman, Craig 
All-

I have a CBOS IOS on a CISCO Router ( 600 series).  I am trying to make this
router a filter router. When I implement the rules below, nothing comes
across. I have checked the documentation, but still can't find the solution.
Does anybody have any ideas?

Your help is well appreciated..




set filter 0 on allow incoming eth0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol tcp

set filter 1 on allow incoming eth0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol udp

set filter 2 on allow incoming eth0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol
icmp

set filter 3 on allow outgoing all 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol tcp

set filter 4 on allow outgoing all 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol icmp

set filter 5 on allow outgoing all 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 
protocol udp

set filter 6 on allow incoming wan0-0 192.18.42.16 255.255.255.0 0.0.0.0 
0.0.0.0
protocol tcp srcport 1024-65535 destport 23

set filter 7 on allow incoming wan0-0 192.18.42.16 255.255.255.0 0.0.0.0
0.0.0.0 protocol tcp srcport 1024-65535 destport 20

set filter 8 on allow incoming wan0-0 192.18.42.16 255.255.255.0 0.0.0.0
0.0.0.0 protocol icmp

set filter 9 on allow incoming wan0-0 192.18.42.17 255.255.255.0 0.0.0.0
0.0.0.0 protocol tcp srcport 1024-65535 destport 23

set filter 10 on allow incoming wan0-0 192.18.42.17 255.255.255.0 0.0.0.0
0.0.0.0 protocol tcp srcport 1024-65535 destport 20

set filter 11 on allow incoming wan0-0 192.18.42.17 255.255.255.0 0.0.0.0
0.0.0.0 protocol icmp




SRS Level 2
SRS Implementation Team 
Cell phone# 720-840-4887
SUN PH# 303-272-2661
Virtual Office# 303-604-0037
[EMAIL PROTECTED]
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74803&t=74803
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Calls made by DNS [7:74785]

2003-09-04 Thread [EMAIL PROTECTED] 
The simplest method is to buy a plug in timer switch from radio shack and
connect the router through this to the power socket on the wall. Otherwise
you could use a time-based access control list to assist in defining the
interesting traffic that causes the ISDN calls to be made. Check out the
Cisco.com web page for the commands and the IOS revision needed.

Cheers,
Steve Wilson CCNP CCDA
Network Engineer

-Original Message-
From: Wayne Brewster [mailto:[EMAIL PROTECTED] 
Sent: 04 September 2003 14:56
To: [EMAIL PROTECTED]
Subject: Calls made by DNS [7:74785]

Hello group,

I have an 802 ISDN router connected to the internet. The firewall is a
PIX506. I want to stop DNS queries from the Win200 Servers from bring up
the channels after work hours or any other technique that will eliminate
DNS calls but still maintain the proper functionality of the network. I
am trying to reduce the cost of the ISDN monthly billing. Please give me
your input.

Wayne
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74798&t=74785
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

IOS BUG??? [7:74804]

2003-09-04 Thread Jens Petter Eikeland 
Hi group ,

I have been working on a backup solution with isdn and the primary is a
frame link
I am running on an  2500 with 12.1(18) and a 2500 with 12.(18)

Thi is my net.

R6-R1==R5--R4R2-

R6r4

 is frame-relay net

== is isdn link

Area 0 is R6 to R1,
Area 1 is from r6down to r4
Area 2 is from R4 and to R2

My primary virtual link is from R6 to R4
My backup primary is from R1 to R4

What happens her is that the backup virtual link wont come up over the isdn
link.
I have tested this both with and without demand circuit, dialer watch and
without any of them.

My config is correct and my authentication is correct. I have also tested
this without authentication.

The strange thing is that this has happen to me on two different rack. I
have had several people go
Over this, but they cant find any thing wrong

Is there anywon hwo knows if there is an bug in this software with regards
to this.??

JP




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74804&t=74804
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: ??? Cisco Express Forwarding ??? [7:74794]

2003-09-04 Thread Marko Milivojevic 
>   in CEF is the whole routing table held in a cache?  If so what is the
> diffrence between this and the routing table held in RAM?  Is the cache
> faster than the regular RAM in the router?

There are few excellent documents about this on our favourite website.

Watch for wrap.

[Cisco IOS Switching Paths]
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fswtch_c/swprt1/


[How to Choose the Best Router Switching Path for Your Network]
http://www.cisco.com/en/US/tech/tk827/tk831/technologies_white_paper09186a00800a62d9.shtml


Marko.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74805&t=74794
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ping cisco@groupstudy.com [7:74702]

2003-09-04 Thread Brian McGahan 
Fred,

Yeah, I'm still using IOS 3.11, IOS for workgroups.  I refuse to
upgrade.

Brian McGahan, CCIE #8593
[EMAIL PROTECTED] 

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-334-8987
Direct: 708-362-1418 (Outside the US and Canada)


-Original Message-
From: Reimer, Fred [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 04, 2003 9:26 AM
To: Brian McGahan; [EMAIL PROTECTED]
Subject: RE: ping [EMAIL PROTECTED] [7:74702]

Wow!  Given your CCIE number you must be using a REALLY old router for
that
ping.  Most newer models send five echo requests, not three.  Either
that or
some packets got lost somewhere...

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information
which
may be legally privileged. It is intended only for the named
recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy,
print
or rely on this email, and should immediately delete it from your
computer.


-Original Message-
From: Brian McGahan [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, September 03, 2003 10:39 PM
To: [EMAIL PROTECTED]
Subject: ping [EMAIL PROTECTED] [7:74702]

!!!

Brian McGahan, CCIE #8593
[EMAIL PROTECTED] 

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-334-8987
Direct: 708-362-1418 (Outside the US and Canada)
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74810&t=74702
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ??? Layer 2 routing ??? [7:74788]

2003-09-04 Thread Brian McGahan 
Steve,

What you are referring to is called Multi-Layered Switching
(MLS).  MLS uses a unicast and multicast cache to keep state information
on flows passing through the layer 3 switch.

The following demonstrates layer 2 and layer 3 lookup end to end.  Take
the following situation:

HostA---Router1---HostB

HostA and HostB are on separate layer 3 segments.  HostA
attempts to send a packet to HostB.  

HostA looks in its local ARP cache to see if there is already a
layer 3 to layer 2 mapping for HostB's IP address.  If there is not,
HostA does a logical AND with the destination IP address and the local
subnet mask.  If the result shows that HostB is on HostA's local
network, HostA ARPs for HostB.  Since in this case they are not on the
same subnet, HostA must now resolve the layer 2 address of its default
gateway.  

HostA now checks its ARP cache for the layer 2 address of
Router1.  If the mapping is already in the cache, HostA does not ARP for
Router1, if the mapping is not already in the cache, HostA ARPs for
Router1.  After the layer 2 address of the gateway is returned, HostA
encapsulates a packet with the destination layer 3 address of HostB, and
the destination layer 2 address of Router1.

Router1 now receives the packet from HostA destined to HostB.
Router1 does a layer 3 routing lookup for HostB's IP address.  Router1
sees that HostB is directly connected.  Router1 rewrites the layer 2
header of the packet, putting its own layer 2 address as the source, and
HostB's layer 2 address as the destination.  Router1 sends the packet,
and it is received by HostB.

The above process repeats on a per packet basis.  MLS is meant
to optimize the layer 3 routing lookup phase done on Router1.

When a packet comes to the MSFC (layer 3 engine), the MLS cache
is checked to see if there is a flow for this packet already cached.  If
the flow does not previously exist, a routing lookup is done, the layer
2 header is rewritten, a new entry in the MLS cache is created, and the
packet is switched.  If there is a preexisting entry in the MLS cache,
the layer 2 header is immediately rewritten without having to do a
routing lookup.  

The optimization is that the routing lookup is skipped if it was
already previously performed, hence Multi-Layered Switching.


HTH,

Brian McGahan, CCIE #8593
[EMAIL PROTECTED] 

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-334-8987
Direct: 708-362-1418 (Outside the US and Canada)


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Steven Aiello
Sent: Thursday, September 04, 2003 9:05 AM
To: [EMAIL PROTECTED]
Subject: ??? Layer 2 routing ??? [7:74788]

Ok all I have a question on this subject.  I know routing takes place at

the network layer, and switching takes place at the data link layer 
because it works based on physical addresses.  So how do we get route 
switching?  I've just started my CCNP and we were learning about 
different cache methods to speed up performance, is this how route 
switching is done, is the routing calculation be performed on a per 
packet basis?  I was reading that by default, Cisco routers only perform

a routing calculation on the first packet for a destination network and 
then on less the no route-cache option is set all the rest of the 
packets are really only "switched" to the correct interface.  Am I 
missing something?  I would invision that a router would by default 
perform a lookup for each connection sequence.  does layer 3 routing not

do a look up for each sequence of packet?  Does is look at an address 
and use an "old" pre say route that was cached in memory?  If some one 
can give a good explanation I would greatly appreciate it.

Thanks,
Steve
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74809&t=74788
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Network Benchmarking/Performance Analysis [7:74808]

2003-09-04 Thread Lupi, Guy 
I would like recommendations on distributed network benchmarking and
performance analysis systems.  I would like to place sensors/collectors at
various points on the network to collect data on and give detailed reports
on items like, but not limited to:

Packet loss
Latency
Jitter
Throughput

If someone could recommend some companies I would appreciate it.

Guy H. Lupi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74808&t=74808
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ??? Cisco Express Forwarding ??? [7:74794]

2003-09-04 Thread Brian McGahan 
Steve,

There are a few reasons why a lookup through the CEF table is
faster than a lookup in the IP routing table.

A lookup in the IP routing table is done top down until a match
is found, much like how an access-list is processed.  The problem,
however, is that the IP table is not in any specific order, therefore,
the worst case lookup for a route is directly proportional to how many
prefixes exist in the IP routing table.  

The CEF table, on the other hand, takes a maximum of four
lookups before a match is found.  CEF uses four data structures, each
with 256 children, with each child having 256 children, etc.  This gives
us a maximum entry size of 2^32 (all IP address space).  These
structures are divided as follows:

Root
-0.0.0.0
-1.0.0.0
-2.0.0.0
..
-255.0.0.0

Suppose we're doing a lookup on the prefix 1.2.3.4.  First we
find the 1st child under the root (1.0.0.0)

Root
-1.0.0.0
--1.0.0.0
--1.1.0.0
--1.2.0.0
--...
--1.255.0.0

Under the child 1.0.0.0, we now find the 2nd child (1.2.0.0).
Next, we find the 3rd child under 1.2.0.0 (1.2.3.0), and finally the
fourth child under 1.2.3.0, (1.2.3.4).  Our final lookup is now as
follows:

Root
-1.0.0.0
--1.2.0.0
---1.2.3.0
1.2.3.4

As you can see, no matter which prefix we are doing a lookup on,
we have to do a maximum of 4 lookups in order to find it, unlike the
normal IP routing table, where our worst case lookup time is
proportional to the amount of prefixes in the table.

The next reason that CEF is faster than a normal lookup is the
adjacency table.  Every time a lookup is done in the IP routing table,
an addition lookup (recursive lookup) must be done to find the outgoing
interface for the next hop IP address.  In the case of CEF, this lookup
is already done for you in the adjacency table.  The adjacency table
provides us with the outgoing interface, and the destination layer 2
address that must be encapsulated in order to send the packet out said
interface.

Lastly, the main advantage of CEF is that the above mentioned
lookups are done *before* any traffic is sent.  In the case of the other
caching mechanisms, a cached entry is not created until the first packet
in the flow is fast-switched.  This follows the paradigm of route once,
switch many.  CEF on the other hand is just switch many, since the
routing lookup is already performed.


HTH,

Brian McGahan, CCIE #8593
[EMAIL PROTECTED] 

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-334-8987
Direct: 708-362-1418 (Outside the US and Canada)


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Steven Aiello
Sent: Thursday, September 04, 2003 10:06 AM
To: [EMAIL PROTECTED]
Subject: ??? Cisco Express Forwarding ??? [7:74794]

Another question,

  in CEF is the whole routing table held in a cache?  If so what is the 
diffrence between this and the routing table held in RAM?  Is the cache 
faster than the regular RAM in the router?

Thanks,
Steve
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74811&t=74794
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OT Gibberish in email [7:74740]

2003-09-04 Thread Brian 
There's a compelling argument for scheduled virus and spyware
scans/updates..


Brian

The path to a desireable destination
is often more difficult than the path to stay where you are.

On Thu, 4 Sep 2003, Wilmes, Rusty wrote:

> I've been trying to scrounge up the time to build one of these...
>
> http://lawmonkey.org/anti-spam.html
>
> combination of bayesian and razor on openbsd acting as an MTA.
>
> About 1/2 our staff installed freeware screensaver (read: gator) on their
> computers and our spam has gone through the roof.
>
>
>
> -Original Message-
> From: John Neiberger [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, September 03, 2003 2:36 PM
> To: [EMAIL PROTECTED]
> Subject: RE: OT Gibberish in email [7:74740]
>
>
> Reimer, Fred wrote:
> >
> > It is an attempt by the SPAMers to avoid SPAM software that
> > takes a hash of
> > the SPAM and blocks SPAM on machines based on these hash
> > values.  There are
> > some anti-SPAM "solutions" out there that basically relies on
> > the users to
> > mark email as SPAM.  When they do, the client machines send the
> > hash of the
> > SPAM up to the service provider, which shares these hashes with
> > all other
> > subscribers.  So, if the same exact SPAM is sent to another
> > user it would
> > automatically get blocked.  These random characters change the
> > hash value,
> > and hence this method of blocking SPAM is ineffective.
> >
> > Use a Bayesian filter program for your SPAM.  I have 3755
> > emails in my "Junk
> > Mail" folder now, and I empty it out last on July 18th.  Check
> > out
> > www.Junk-Out.com.
> >
> > Fred Reimer - CCNA
>
> Someone should develop a SPAM filter that looks for certain types of
> randomness within a message. This would be difficult, but certainly not
> impossible. You'd have to be pretty creative about it but it ought to be
> possible to devise an algorithm that could detect that sort of random
> line--often found in the subject line--and flag it as SPAM.
>
> I haven't heard of a Bayesian filter before. I'm going to go find out more
> about that right now.
>
> John
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74807&t=74740
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

2600 3600 3700 series routers [7:74812]

2003-09-04 Thread Dave Williams 
Group,

 

I'm currently studying for the CCIE lab exam. My lab consists of 2500 -
2600 series routers. My question is if there is a difference in IOS
features between the 3600s and the 3700s. I'm trying to decide if I need
some rack time playing around with the 3700s or if the 2600s and 3600s
will do everything the 3700s will do.

 

 

Thanks,

dave




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74812&t=74812
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: IOS BUG??? [7:74804]

2003-09-04 Thread William Lijewski 
Can you post your configurations for this?  What area is R5 in?  Why are you
skipping over R5 as the end of the virtual-link?

-- 
Bill Lijewski
CCIE #8642


""Jens Petter Eikeland""  wrote in message
news:[EMAIL PROTECTED]
> Hi group ,
>
> I have been working on a backup solution with isdn and the primary is a
> frame link
> I am running on an  2500 with 12.1(18) and a 2500 with 12.(18)
>
> Thi is my net.
>
> R6-R1==R5--R4R2-
>
> R6r4
>
>  is frame-relay net
>
> == is isdn link
>
> Area 0 is R6 to R1,
> Area 1 is from r6down to r4
> Area 2 is from R4 and to R2
>
> My primary virtual link is from R6 to R4
> My backup primary is from R1 to R4
>
> What happens her is that the backup virtual link wont come up over the
isdn
> link.
> I have tested this both with and without demand circuit, dialer watch and
> without any of them.
>
> My config is correct and my authentication is correct. I have also tested
> this without authentication.
>
> The strange thing is that this has happen to me on two different rack. I
> have had several people go
> Over this, but they cant find any thing wrong
>
> Is there anywon hwo knows if there is an bug in this software with regards
> to this.??
>
> JP
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74814&t=74804
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Router Simulator [7:74816]

2003-09-04 Thread Reimer, Fred 
With some prodding by Doug Stevenson, and probably in the wrong direction,
I'm working on a router simulator in my spare time.  It's written in Perl
using POE.  So far you can add interfaces, assign addresses, enable RIP, add
networks to RIP, connect interfaces together.  The RIP "process" (POE
session) will automatically determine what interfaces are active depending
on the list of networks, and send out RIP updates (version 1 or version 2)
on a regular basis (including the Cisco 0-15% jitter in the update process).
I don't have the part that actually transfers the RIP packet to the other
connected router, accepts the packet, or updates a routing table (there is
none yet).

 

If anyone's interested just send me an email.  I hope to get the basic RIP
functionality done first, then branch off into other routing protocols.
Since it will only be simulating routing protocols and not actually handing
user traffic in real-time, I figure it could be 10's of times slower than
the "real" IOS implementation and still be able to handle a significant
number of virtual routers.  The ultimate goal would be to be able to parse
actual IOS configuration files and program the virtual routers
automagically.  The only thing the user would need to do is connect
interfaces together.

 

Fred Reimer - CCNA

Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050

NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74816&t=74816
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Network Benchmarking/Performance Analysis [7:74808]

2003-09-04 Thread Reimer, Fred 
How about Cisco Systems?  Just use their SAA.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Lupi, Guy [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 04, 2003 1:17 PM
To: [EMAIL PROTECTED]
Subject: Network Benchmarking/Performance Analysis [7:74808]

I would like recommendations on distributed network benchmarking and
performance analysis systems.  I would like to place sensors/collectors at
various points on the network to collect data on and give detailed reports
on items like, but not limited to:

Packet loss
Latency
Jitter
Throughput

If someone could recommend some companies I would appreciate it.

Guy H. Lupi
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74817&t=74808
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ??? Layer 2 routing ??? [7:74788]

2003-09-04 Thread Zsombor Papp 
Steven,

as Fred and Brian alluded to, some of the Cisco routers use hardware
acceleration to speed up the packet switching. I suspect however that your
question was a more generic one, so I would suggest that you check this out:

http://www.cisco.com/en/US/tech/tk827/tk831/technologies_white_paper09186a00800a62d9.shtml

I will also note that understanding the place of MLS might be a bit
difficult without knowning the (rather horrifying :) details of the Catalyst
architecture and its development history. It might help maintain your mental
balance if you first gain a good understanding of how a router is supposed
to work, and only then take a look at what the Catalyst is doing. :)))

Thanks,

Zsombor

Steven Aiello wrote:
> 
> Ok all I have a question on this subject.  I know routing takes
> place at
> the network layer, and switching takes place at the data link
> layer
> because it works based on physical addresses.  So how do we get
> route
> switching?  I've just started my CCNP and we were learning
> about
> different cache methods to speed up performance, is this how
> route
> switching is done, is the routing calculation be performed on a
> per
> packet basis?  I was reading that by default, Cisco routers
> only perform
> a routing calculation on the first packet for a destination
> network and
> then on less the no route-cache option is set all the rest of
> the
> packets are really only "switched" to the correct interface. 
> Am I
> missing something?  I would invision that a router would by
> default
> perform a lookup for each connection sequence.  does layer 3
> routing not
> do a look up for each sequence of packet?  Does is look at an
> address
> and use an "old" pre say route that was cached in memory?  If
> some one
> can give a good explanation I would greatly appreciate it.
> 
> Thanks,
> Steve
> 
> 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74819&t=74788
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: ??? Cisco Express Forwarding ??? [7:74794]

2003-09-04 Thread Zsombor Papp 
Just for the sake of clarity: "cache" in this context doesn't refer to a
faster-than-usual memory. The route cache is in the exact same RAM as the
routing table. For more details, see the documents Marko mentioned.

Thanks,

Zsombor

Steven Aiello wrote:
> 
> Another question,
> 
>   in CEF is the whole routing table held in a cache?  If so
> what is the
> diffrence between this and the routing table held in RAM?  Is
> the cache
> faster than the regular RAM in the router?
> 
> Thanks,
> Steve
> 
> 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74821&t=74794
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OT: Cable Lengths [7:74776]

2003-09-04 Thread Zsombor Papp 
The diameter of a 10Mbps Ethernet collision domain is much bigger than 100m
(you can calculate it from the smallest allowed frame size, the transmission
speed, and the signal propagation speed), so that limit is most definitely
not based on collisions.

Thanks,

Zsombor

[EMAIL PROTECTED] wrote:
> 
> I have a question regarding the max length for a 100BaseT
> cable. Granted I
> haven't done a wealth of research on this so feel free to point
> me to
> google if the answer is mind numbingly simple, which it
> probably is
> 
> I have always understood the 100M limitation on 10BaseT
> ethernet cable to
> be attributable to the time it would take a collision signal -
> assuming you
> are running at half duplex - to be returned in time to prevent
> the next
> packet from being sent. In other words any longer than 100M and
> the sending
> station would not get the message in time that there had been a
> collision
> and thus continue sending packets instead of backing off. I
> have heard
> attenuation mentioned, but not as the "real" reason for the
> distance limit.
> 
> My question is given that many stations are running 100 full
> duplex these
> days - thus removing the collision concerns - does this
> effectively change
> the maximum distance for cable runs? Or is attenuation truly a
> factor in
> anything over 100M?
> 
> In general I am referring to standard Cat5 cabling
> 
> Just curious...
> 
> 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74833&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: 2600 3600 3700 series routers [7:74812]

2003-09-04 Thread Brian McGahan 
Dave,

The quick answer, no, you will not need the 37xx series to
prepare for the CCIE R&S exam.

The long answer, to see what features are unique to an image,
platform, or release, use the feature navigator located at
http://www.cisco.com/go/fn

Here's the output of a 3640 running 12.2(15)T7 (latest 12.2T
train) vs a 3725 running 12.2(15)T7, both feature sets are Enterprise
Plus.  The features unique to the 3725 are as follows:

Auditing Raw Buffers on a Channel Associated Signaling Interface 
BGP Increased Support of Numbered as-path Access Lists 
Cisco Discovery Protocol (CDP) over ATM 
CNS Flow-Through Provisioning 
Contact Closure Network Module 
DHCP Accounting 
DHCP Server - On Demand Address Pool Manager 
DHCP Server - Option to Ignore all BOOTP Requests 
DTMF Relay for SIP Calls Using Named Telephone Events (NTE) 
Enhanced Debug Capabilities for Cisco Voice Gateways 
Enhanced G.168 Echo Cancellation 
Enhanced Packet Marking 
Frame Relay PVC Bundles with IP QoS Support 
Frame Relay PVC Bundles with MPLS QoS Support 
G.SHDSL Symmetric DSL Support 
Gateway Support for Advanced Busy Out for Gatekeeper Registration 
Globalized Cadence and Tone for Cisco IOS Gateways 
H.323v4 - Enhanced Call Usage Reporting 
IPv6 Provider Edge Router over MPLS 
L2TP Redirect 
MGCP support for CallManager (IP-PBX) 
MPLS LDP - MIB Notifications 
MPLS VPN - MIB Notifications 
MS-CHAP Version 2 
Multicast-VPN: Multicast Support for MPLS VPN 
MultiNode Load Balancing (MNLB) Forwarding Agent 
NAT Integration with MPLS VPNs 
QSIG Backhaul (TCP based) for Cisco IOS Gateways 
RADIUS EAP Support 
Session Limit Per VRF 
SIP Gateway Support of 'tel' URL 
SIP Gateway Support of RSVP 
SIP Transfer Using the Refer Method and Call Forwarding 
SLB (Server Load Balancing) 
SLB: Alternate IP Addresses 
SLB: Automatic Server Failure Detection 
SLB: Automatic Unfail 
SLB: Bind ID Support 
SLB: Client-Assigned Load Balancing 
SLB: Delayed Removal of TCP Connection Context 
SLB: Dynamic Feedback Protocol (DFP) 
SLB: Maximum Connections 
SLB: Port-Bound Servers 
SLB: Server NAT 
SLB: Slow Start 
SLB: Stateless Backup 
SLB: Sticky Connections 
SLB: SynGuard 
SLB: TCP Session Reassignment 
SLB: Weighted Least Connections 
SLB: Weighted Round Robin 
SRST: Survivable Remote Site Telephony Version 1.0 
Subscriber Service Switch 
VoiceXML For Cisco IOS 
VoiceXML Transfer Enhancements 
VoiceXML Voice Store and Forward 
VoIP Trunk Group Label Routing Enhancement 
VPDN Default Group Template 
VPDN Multihop by DNIS 
 AAA Resource Accounting 
AAA-PPP-VPDN Non-Blocking 
Accounting of VPDN Disconnect Cause 
ACL Default Direction 
Clear Channel T3/E3 with Integrated CSU/DSU 
Connect-Info RADIUS Attribute 77 
Distributed Director - Multiple DNS record 
Distributed Director - Multiple port test 
Distributed Director - Syslog Info 
Distributed Management Event MIB Persistence 
DNS Server Support for NS Records 
Enhanced Test Command 
Fast Fragmentation (Fast-Switched Fragmented IP Packets) 
Fax Relay Packet Loss Concealment 
Frame Relay 64-bit Counters 
FUNI Support for Routers 
HSRP support for MPLS VPNs 
ICMP ECHO-based RTT probing by DRP agents 
Interactive Voice Response (IVR) Version 2.0 
IP Precedence Accounting 
IP to ATM CoS, per-VC WFQ and CBWFQ 
ISDN Advice of Charge (AOC) 
LANE dCEF 
LANE Optimum Switching 
MGCP 1.0 Including NCS 1.0 and TGCP 1.0 Profiles 
MGCP Based Fax (T.38) and DTMF Relay 
MGCP VoIP Call Admission Control 
MGCP VoIP Signaling 
Modem over BRI 
MPLS over ATM: Virtual Circuit (VC) Merge 
MPLS Scalability Enhancements for LSC and ATM LSR 
MPLS Traffic Engineering (TE) - Automatic bandwidth adjustment for TE
tunnels 
MPLS Traffic Engineering (TE) - OSPF Support 
MPLS VPN - OSPF PE-CE Support 
Multilink PPP Enable/Disable via Radius for Preauthentication User 
Multiprotocol over ATM (MPOA) 
Multiprotocol over ATM for Token Ring (MPOA) 
Offload Server Accounting Enhancement 
PPP over ATM (IETF-Compliant) 
PPPoA/PPPoE autosense for ATM PVCs 
PPPoE over Gigabit Ethernet interface 
PPPoE Session limit 
Preauthentication with ISDN PRI and Channel-Associated Signalling
Enhancements 
RADIUS Attribute 66 (Tunnel-Client-Endpoint) Enhancements 
RADIUS Attribute Value Screening 
RADIUS Progress Codes 
RADIUS Tunnel Attribute Extensions 
Redundant Link Manager (RLM) 
Remote Source-Route Bridging (RSRB) 
Resource Pool Management with Direct Remote Services 
RFC 1483 for Token Ring Networks 
RSVP - ATM Quality of Service (QoS) Interworking 
Service Assurance Agent (SAA) Distribution of Data 
Service Assurance Agent (SAA) History Statistics 
Service Assurance Agent (SAA) ICMP Echo Operation 
Service Assurance Agent (SAA) ICMP Path Echo Operation 
Service Assurance Agent (SAA) Reaction Threshold 
Service Assurance Agent (SAA) Scheduling Operation 
Service Assurance Agent (SAA) SNA LU2 Echo 
Service Assurance Agent (SAA) TCP Connect Operation 
Service Assurance Agent (SAA) UDP Echo Operation 
Stream Control Transmission Protoco

Off topic. Non Jet direct printers [7:74831]

2003-09-04 Thread David Vital 
I'm trying to come up with a solution for centrally manageing and
configuring non jet direct printers.  Example would be lexmark or canon.  I
havn't been able to find a product that will let me consolidate their
administration on one box. I'm not so much worried about managing print jobs
as their network setup and config.

Thanks, 

David


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74831&t=74831
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OT Gibberish in email [7:74740]

2003-09-04 Thread Wilmes, Rusty 
compelling indeed!  I wish someone would make an enterprise level spyware
remover (or integrate one into virus scanning).  The best one I've seen is
spybot but it's not exactly something I'd rollout in a business environment
(of course, it might be easier to manage that than to manage gator on every
9x client.

-Original Message-
From: Brian [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 04, 2003 10:55 AM
To: [EMAIL PROTECTED]
Subject: RE: OT Gibberish in email [7:74740]


There's a compelling argument for scheduled virus and spyware
scans/updates..


Brian

The path to a desireable destination
is often more difficult than the path to stay where you are.

On Thu, 4 Sep 2003, Wilmes, Rusty wrote:

> I've been trying to scrounge up the time to build one of these...
>
> http://lawmonkey.org/anti-spam.html
>
> combination of bayesian and razor on openbsd acting as an MTA.
>
> About 1/2 our staff installed freeware screensaver (read: gator) on their
> computers and our spam has gone through the roof.
>
>
>
> -Original Message-
> From: John Neiberger [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, September 03, 2003 2:36 PM
> To: [EMAIL PROTECTED]
> Subject: RE: OT Gibberish in email [7:74740]
>
>
> Reimer, Fred wrote:
> >
> > It is an attempt by the SPAMers to avoid SPAM software that
> > takes a hash of
> > the SPAM and blocks SPAM on machines based on these hash
> > values.  There are
> > some anti-SPAM "solutions" out there that basically relies on
> > the users to
> > mark email as SPAM.  When they do, the client machines send the
> > hash of the
> > SPAM up to the service provider, which shares these hashes with
> > all other
> > subscribers.  So, if the same exact SPAM is sent to another
> > user it would
> > automatically get blocked.  These random characters change the
> > hash value,
> > and hence this method of blocking SPAM is ineffective.
> >
> > Use a Bayesian filter program for your SPAM.  I have 3755
> > emails in my "Junk
> > Mail" folder now, and I empty it out last on July 18th.  Check
> > out
> > www.Junk-Out.com.
> >
> > Fred Reimer - CCNA
>
> Someone should develop a SPAM filter that looks for certain types of
> randomness within a message. This would be difficult, but certainly not
> impossible. You'd have to be pretty creative about it but it ought to be
> possible to devise an algorithm that could detect that sort of random
> line--often found in the subject line--and flag it as SPAM.
>
> I haven't heard of a Bayesian filter before. I'm going to go find out more
> about that right now.
>
> John
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74822&t=74740
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: OT: Cable Lengths [7:74776]

2003-09-04 Thread Dom 
>>I've seen situations where the legal length has been nearly doubled on
full duplex connections without much apparent 
>>trouble. I don't know if I'd trust a Windoze box in this kind of
configuration, but routers, unix hosts, etc, don't seem 
>>to mind too much.

What is the difference between a Windoze box with a PCI card in it, a
Solaris Box with the same PCI card in it or even a router with the same
card in it? It all goes up the stack and if the drivers are OK it all
works fine.


Best regards,

Dom Stocqueler
SysDom Technologies
Visit our website - www.sysdom.org




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74832&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

backup interface [7:74836]

2003-09-04 Thread kaiser anwar 
Hi,
   I am having issue with backup interface with isdn. I can ping
   my directly connected bri interface. but as soos as I hit my
   serial backup interface bri 0/0. Bri goes down. i do show isdn
   staus it says layer one deactived. this what it shows for sh ip int
   
Interface  IP-Address  OK? Method Status   
Protocol
Ethernet0/0unassigned  YES NVRAM  up   
up
Ethernet0/0.4  130.4.34.3  YES NVRAM  up   
up
Ethernet0/0.6  130.4.36.3  YES NVRAM  up   
up
BRI0/0 130.4.113.3 YES NVRAM  standby mode 
down
Serial0/0  130.4.100.3 YES NVRAM  up   
up
BRI0/0:1   unassigned  YES unset  administratively down
down
BRI0/0:2   unassigned  YES unset  administratively down
down
Virtual-Access1unassigned  YES TFTP   down 
down
Loopback0  130.4.3.3   YES manual up   
up

Thanks in advance for eveyone's help.

Sincerely,
Kaiser A 



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74836&t=74836
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: IS-IS [7:74508]

2003-09-04 Thread Zsombor Papp 
I think Dom is referring to the adoption process, not the protocol
definition/development. IS-IS was defined before OSPF, IMHO.

On the other hand, I would be interested to hear why IS-IS was (is?) more
scalable. In particular, what are those 3 largish tables and why would OSPF
need to scale to multiple AS's?

Thanks,

Zsombor

Reimer, Fred wrote:
> 
> You wrote:
> 
> " A few years ago we were all (well some of us) scared about the
> scalability of OSPF - how much memory, processing power and how
> many
> AS's could it scale to. This is why IS-IS was looked at by tier
> 1 and 2
> carriers. In those days, a 7206 with a 150MHz proc was common
> place, and
> we were running out of space for the 3 tables (largish)
> required and
> looking for something new."
> 
> I'm a little confused by that.  I always thought that IS-IS was
> old as dirt,
> and that OSPF was based on IS-IS.  You make it sound like OSPF
> was around
> first, and that IS-IS was the "something new" that was designed
> due to
> OSPF's scalability issues.  What is the correct order?
> 
> Fred Reimer - CCNA
> 
> 
> Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA
> 30338
> Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050
> 
> 
> NOTICE; This email contains confidential or proprietary
> information which
> may be legally privileged. It is intended only for the named
> recipient(s).
> If an addressing or transmission error has misdirected the
> email, please
> notify the author by replying to this message. If you are not
> the named
> recipient, you are not authorized to use, disclose, distribute,
> copy, print
> or rely on this email, and should immediately delete it from
> your computer.
> 
> 
> -Original Message-
> From: Dom [mailto:[EMAIL PROTECTED] 
> Sent: Monday, September 01, 2003 6:46 PM
> To: [EMAIL PROTECTED]
> Subject: RE: IS-IS [7:74508]
> 
> >the answer is simple and practical. What with the one day lab
> and the
> speed with which cheats get circulated,  lab
> >scenarios are revised much more often than they used to.
> Adding IS-IS
> allows for more permutations to add to the mix. 
> >Especially now that IGRP is no longer there. The proctors
> still need
> lots of ways to screw you with redistribution. IS-IS 
> >redfistribution gives them that in spades. ;->
> 
> A few years ago we were all (well some of us) scared about the
> scalability of OSPF - how much memory, processing power and how
> many
> AS's could it scale to. This is why IS-IS was looked at by tier
> 1 and 2
> carriers. In those days, a 7206 with a 150MHz proc was common
> place, and
> we were running out of space for the 3 tables (largish)
> required and
> looking for something new.
> 
> 
> Best regards,
> 
> Dom Stocqueler
> SysDom Technologies
> Visit our website - www.sysdom.org
> **Please support GroupStudy by purchasing from the GroupStudy
> Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> 
> 


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74835&t=74508
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: OT: Cable Lengths [7:74776]

2003-09-04 Thread neal rauhauser 
Windows *sucks*. I've seen it act stupid in lots of situations where a
FreeBSD laptop with the exact same configuration works just fine. I
don't have a technical explanation - I'm attributing it to excessive bad
karma.

Dom wrote:
> 
> >>I've seen situations where the legal length has been nearly doubled on
> full duplex connections without much apparent
> >>trouble. I don't know if I'd trust a Windoze box in this kind of
> configuration, but routers, unix hosts, etc, don't seem
> >>to mind too much.
> 
> What is the difference between a Windoze box with a PCI card in it, a
> Solaris Box with the same PCI card in it or even a router with the same
> card in it? It all goes up the stack and if the drivers are OK it all
> works fine.
> 
> Best regards,
> 
> Dom Stocqueler
> SysDom Technologies
> Visit our website - www.sysdom.org

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74837&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: IS-IS [7:74508]

2003-09-04 Thread Dom 
Thanks Zsombor,

Having reflected on the matter, it was not the number of ASs which were
thought to be the problem, but the number of ASBRs within a AS. IIRC
Cisco warned that more than 40 may cause problems.

Best regards,

Dom Stocqueler
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: 04 September 2003 22:14
To: [EMAIL PROTECTED]
Subject: RE: IS-IS [7:74508]


I think Dom is referring to the adoption process, not the protocol
definition/development. IS-IS was defined before OSPF, IMHO.

On the other hand, I would be interested to hear why IS-IS was (is?)
more scalable. In particular, what are those 3 largish tables and why
would OSPF need to scale to multiple AS's?

Thanks,

Zsombor

Reimer, Fred wrote:
> 
> You wrote:
> 
> " A few years ago we were all (well some of us) scared about the 
> scalability of OSPF - how much memory, processing power and how many
> AS's could it scale to. This is why IS-IS was looked at by tier
> 1 and 2
> carriers. In those days, a 7206 with a 150MHz proc was common
> place, and
> we were running out of space for the 3 tables (largish)
> required and
> looking for something new."
> 
> I'm a little confused by that.  I always thought that IS-IS was old as

> dirt, and that OSPF was based on IS-IS.  You make it sound like OSPF
> was around
> first, and that IS-IS was the "something new" that was designed
> due to
> OSPF's scalability issues.  What is the correct order?
> 
> Fred Reimer - CCNA
> 
> 
> Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
> Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050
> 
> 
> NOTICE; This email contains confidential or proprietary information 
> which may be legally privileged. It is intended only for the named
> recipient(s).
> If an addressing or transmission error has misdirected the
> email, please
> notify the author by replying to this message. If you are not
> the named
> recipient, you are not authorized to use, disclose, distribute,
> copy, print
> or rely on this email, and should immediately delete it from
> your computer.
> 
> 
> -Original Message-
> From: Dom [mailto:[EMAIL PROTECTED]
> Sent: Monday, September 01, 2003 6:46 PM
> To: [EMAIL PROTECTED]
> Subject: RE: IS-IS [7:74508]
> 
> >the answer is simple and practical. What with the one day lab
> and the
> speed with which cheats get circulated,  lab
> >scenarios are revised much more often than they used to.
> Adding IS-IS
> allows for more permutations to add to the mix.
> >Especially now that IGRP is no longer there. The proctors
> still need
> lots of ways to screw you with redistribution. IS-IS
> >redfistribution gives them that in spades. ;->
> 
> A few years ago we were all (well some of us) scared about the 
> scalability of OSPF - how much memory, processing power and how many
> AS's could it scale to. This is why IS-IS was looked at by tier
> 1 and 2
> carriers. In those days, a 7206 with a 150MHz proc was common
> place, and
> we were running out of space for the 3 tables (largish)
> required and
> looking for something new.
> 
> 
> Best regards,
> 
> Dom Stocqueler
> SysDom Technologies
> Visit our website - www.sysdom.org
> **Please support GroupStudy by purchasing from the GroupStudy
> Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info: 
> http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74840&t=74508
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Diagnostic [7:74839]

2003-09-04 Thread Pintens, Koen 
Hi
How do you exit the diagnostic IOS image on a Catalyst 2950?  ie so it
uses the normal IOS
Thanks

Koen


**
This electronic message together with any attachments is confidential. If
you receive it in error: (i) you must not use, disclose, copy or retain
it; (ii) please contact the sender immediately by reply email and then
delete the emails. Views expressed in this email may not be those of the
Airways Corporation of New Zealand Limited
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74839&t=74839
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

2950 problem (see my previous post) [7:74842]

2003-09-04 Thread Pintens, Koen 
Hi
here is an extract from a test we are able to run

C3 System IO Registers test

CALHOUN SKU id 0: 24 Fast Ethernet Ports, 0 Gigabit ports

cmic_read_miim ERROR: timeout (addr=0x01 id=0x00)

cmic_read_miim: error (could not read MII register #1).

ERROR: CALHOUN SKU id 0: 0 ports found, 24 ports expected.

ERROR: SKU id 0 found, expected SKU id -1

Board claims to be a Calhoun 24 (24 FE) instead of a Unknown Platform

FAILED

C4 LED Test

cmic_write_miim ERROR: timeout (addr=0x14 id=0x00 data=0x9900)

SetLedColor: cmic_write_miim() failed!

cmic_write_miim ERROR: timeout (addr=0x14 id=0x01 data=0x9900)

SetLedColor: cmic_write_miim() failed!





Anybody has any ideas?



Thanks in advance



Koen



**
This electronic message together with any attachments is confidential. If
you receive it in error: (i) you must not use, disclose, copy or retain
it; (ii) please contact the sender immediately by reply email and then
delete the emails. Views expressed in this email may not be those of the
Airways Corporation of New Zealand Limited
**




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74842&t=74842
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: OT Gibberish in email [7:74740]

2003-09-04 Thread Brad Dodds 
why not roll it out in a business environment?
IS put it on my production workstation in conjunction with newest ad aware,
I also use it on my test box at work (State ISP) and all my boxes at home.
I have even started putting it on anyones machines I do work on, and
recommend it to anyone who asks.
As for mail, I have been moderately satisfied with mailwasher
www.mailwasher.com which is another freeware program you can use to bounce
and blacklist emails back at offending spam servers-and now supports web
based mail clients like hotmail.  When I first started using mailwasher, it
DRASTICALLY reduced the number of spam messages I got everyday. (from about
70+ to less than 30)

""Wilmes, Rusty""  wrote in message
news:[EMAIL PROTECTED]
> compelling indeed!  I wish someone would make an enterprise level spyware
> remover (or integrate one into virus scanning).  The best one I've seen is
> spybot but it's not exactly something I'd rollout in a business
environment
> (of course, it might be easier to manage that than to manage gator on
every
> 9x client.
>
> -Original Message-
> From: Brian [mailto:[EMAIL PROTECTED]
> Sent: Thursday, September 04, 2003 10:55 AM
> To: [EMAIL PROTECTED]
> Subject: RE: OT Gibberish in email [7:74740]
>
>
> There's a compelling argument for scheduled virus and spyware
> scans/updates..
>
>
> Brian
>
> The path to a desireable destination
> is often more difficult than the path to stay where you are.
>
> On Thu, 4 Sep 2003, Wilmes, Rusty wrote:
>
> > I've been trying to scrounge up the time to build one of these...
> >
> > http://lawmonkey.org/anti-spam.html
> >
> > combination of bayesian and razor on openbsd acting as an MTA.
> >
> > About 1/2 our staff installed freeware screensaver (read: gator) on
their
> > computers and our spam has gone through the roof.
> >
> >
> >
> > -Original Message-
> > From: John Neiberger [mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, September 03, 2003 2:36 PM
> > To: [EMAIL PROTECTED]
> > Subject: RE: OT Gibberish in email [7:74740]
> >
> >
> > Reimer, Fred wrote:
> > >
> > > It is an attempt by the SPAMers to avoid SPAM software that
> > > takes a hash of
> > > the SPAM and blocks SPAM on machines based on these hash
> > > values.  There are
> > > some anti-SPAM "solutions" out there that basically relies on
> > > the users to
> > > mark email as SPAM.  When they do, the client machines send the
> > > hash of the
> > > SPAM up to the service provider, which shares these hashes with
> > > all other
> > > subscribers.  So, if the same exact SPAM is sent to another
> > > user it would
> > > automatically get blocked.  These random characters change the
> > > hash value,
> > > and hence this method of blocking SPAM is ineffective.
> > >
> > > Use a Bayesian filter program for your SPAM.  I have 3755
> > > emails in my "Junk
> > > Mail" folder now, and I empty it out last on July 18th.  Check
> > > out
> > > www.Junk-Out.com.
> > >
> > > Fred Reimer - CCNA
> >
> > Someone should develop a SPAM filter that looks for certain types of
> > randomness within a message. This would be difficult, but certainly not
> > impossible. You'd have to be pretty creative about it but it ought to be
> > possible to devise an algorithm that could detect that sort of random
> > line--often found in the subject line--and flag it as SPAM.
> >
> > I haven't heard of a Bayesian filter before. I'm going to go find out
more
> > about that right now.
> >
> > John
> > **Please support GroupStudy by purchasing from the GroupStudy Store:
> > http://shop.groupstudy.com
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > **Please support GroupStudy by purchasing from the GroupStudy Store:
> > http://shop.groupstudy.com
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74838&t=74740
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: backup interface [7:74836]

2003-09-04 Thread neal rauhauser 
I think there are some implications with the ISDN interface being in
backup mode - like IOS idling the interface. You could just use a
floating static route to dodge that issue - works as long as you don't
mind the ISDN not being tied to the serial interface and the effect
should be the same - works whether you're looking for dial backup or you
can leave ISDN up all the time.

kaiser anwar wrote:
> 
> Hi,
>I am having issue with backup interface with isdn. I can ping
>my directly connected bri interface. but as soos as I hit my
>serial backup interface bri 0/0. Bri goes down. i do show isdn
>staus it says layer one deactived. this what it shows for sh ip int
> 
> Interface  IP-Address  OK? Method Status
> Protocol
> Ethernet0/0unassigned  YES NVRAM  up
> up
> Ethernet0/0.4  130.4.34.3  YES NVRAM  up
> up
> Ethernet0/0.6  130.4.36.3  YES NVRAM  up
> up
> BRI0/0 130.4.113.3 YES NVRAM  standby mode
> down
> Serial0/0  130.4.100.3 YES NVRAM  up
> up
> BRI0/0:1   unassigned  YES unset  administratively down
> down
> BRI0/0:2   unassigned  YES unset  administratively down
> down
> Virtual-Access1unassigned  YES TFTP   down
> down
> Loopback0  130.4.3.3   YES manual up
> up
> 
> Thanks in advance for eveyone's help.
> 
> Sincerely,
> Kaiser A
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74841&t=74836
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: backup interface [7:74836]

2003-09-04 Thread Brian McGahan 
Kaiser,

Your primary interface is up, so your backup interface is in
standby mode.  This is normal behavior.  What are you trying to
accomplish?

HTH,

Brian McGahan, CCIE #8593
[EMAIL PROTECTED] 

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-334-8987
Direct: 708-362-1418 (Outside the US and Canada)


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 04, 2003 4:20 PM
To: [EMAIL PROTECTED]
Subject: backup interface [7:74836]

Hi,
   I am having issue with backup interface with isdn. I can ping
   my directly connected bri interface. but as soos as I hit my
   serial backup interface bri 0/0. Bri goes down. i do show isdn
   staus it says layer one deactived. this what it shows for sh ip int
   
Interface  IP-Address  OK? Method Status

Protocol
Ethernet0/0unassigned  YES NVRAM  up

up
Ethernet0/0.4  130.4.34.3  YES NVRAM  up

up
Ethernet0/0.6  130.4.36.3  YES NVRAM  up

up
BRI0/0 130.4.113.3 YES NVRAM  standby mode

down
Serial0/0  130.4.100.3 YES NVRAM  up

up
BRI0/0:1   unassigned  YES unset  administratively
down
down
BRI0/0:2   unassigned  YES unset  administratively
down
down
Virtual-Access1unassigned  YES TFTP   down

down
Loopback0  130.4.3.3   YES manual up

up

Thanks in advance for eveyone's help.

Sincerely,
Kaiser A 
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74845&t=74836
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

IP expert's R&S workbook [7:74849]

2003-09-04 Thread Raj Singh 
Anyone willing to share there IP experts R&S workbook or pitch in to get it
together?

Raj


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74849&t=74849
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Returned mail: see transcript for details [7:74852]

2003-09-04 Thread Mail Delivery Subsystem 
The original message was received at Thu, 4 Sep 2003 22:51:45 -0400 (EDT)
from localhost [127.0.0.1]

   - The following addresses had permanent fatal errors -

(reason: 550 Host unknown)

   - Transcript of session follows -
550 5.1.2 ... Host unknown (Name server: secola.columbia.ncr.com.: host not
found)

   - Message header follows -

Return-Path: 
Received: from ncrgw2.NCR.COM (localhost [127.0.0.1])
by ncrhub5.NCR.COM (8.11.2/8.11.2) with ESMTP id h852pjM20215
for ; Thu, 4 Sep 2003 22:51:45 -0400 (EDT)
Received: from ROBERT-CHANG (12-235-96-252.client.attbi.com [12.235.96.252])
by ncrgw2.NCR.COM (8.11.2/8.11.2) with ESMTP id h852pY902435
for ; Thu, 4 Sep 2003 22:51:35 -0400 (EDT)
Message-Id: 
From: 
To: 
Subject: Your details
Date: Thu, 4 Sep 2003 19:51:35 --0700
X-MailScanner: Found to be clean
Importance: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.
X-MSMail-Priority: Normal
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="_NextPart_000_0290BF9F"

   - Message body suppressed -




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74852&t=74852
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Stuck on Subinterfaces - HELP! [7:74854]

2003-09-04 Thread Rich 
Could someone help a CCNP student who is really confused?  I am currently 
studying for the BSCI Routing Exam using the Sybex Books on a home Lab of 4 
2500's and 1 2600.  It has been working great and I have always been very 
pleased with the Sybex Series.  Unfortunately they have never covered 
Subinterfaces well enough and many of the Labs In the CCNP BSCI book are
using
them without much explanation.  They have various Labs that use OSPF, IS-IS, 
BGP etc. to route IP over Serial Subinterfaces on what I see as just a
"Plain
old LAN".  All they do is show the IP Addresses and Networks already
arranged,
some on Serial Subinterfaces, and go right into the Routing Protocol 
configurations.  They don't say anything at this point about using a Frame 
Relay, ATM, IPX, or ISL for VLAN's on them in this book.  Those topics are 
covered in the Remote Access and Switching Books.  My problem is:  when I
set
up Subinterfaces on the Serial Ports with IP Addresses, set the clocking,
and
then bring up the interfaces, they all show as Interface Up and Line
Protocol
up - But I just can't seem to Ping any of the IP's on the Serial ports if
they,
or the other end they are attached to, are Subinterfaces.  If I can't Ping I 
sure can't route right?  When I stick to regular physical interfaces, 
everything works great.  Am I missing something important?  If any of you
Cisco
Experts out there could offer any suggestions, I would hugely appreciate
it.
I'm kind of stuck on Stall right now and can't move on to any of the other
Labs
until I resolve this.  Thanks.

Rich.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74854&t=74854
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

route redistribution [7:74856]

2003-09-04 Thread John Jones 
I am studying for CCIE Written and lately have been concentrating on
redistribution.

I have come across two statements in Doyle's V.1 that I am a bit confused
about. On page 698 under the Metric section, he states that a cost must be
assigned to each EIGRP route **BEFORE** passing it into OSPF and vice versa.
What confuses me is that on page 712 under Configuring Redistribution it
states under #1 that the redistribution configuration command and
information is placed on the protocol that is to **RECEIVE** the distibuted
routes, which I assume will be applied **AFTER** the route has been
received. This seems to contradict to me.

Could anyone shed some light on this? It would help my understanding...

Thanks.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74856&t=74856
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Stuck on Subinterfaces - HELP! [7:74854]

2003-09-04 Thread Raj Singh 
Use the frame relay for subinterfaces. You use subinterfaces to connect
multiple frame relay location to the hub.

Raj


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74857&t=74854
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: backup interface [7:74836]

2003-09-04 Thread Andrew Larkins 
This is normal for a backup interface. If you want the ISDN to show active
as well you need to configure dialer interfaces and place them in backup
mode

-Original Message-
From: kaiser anwar [mailto:[EMAIL PROTECTED] 
Sent: 04 September 2003 23:20
To: [EMAIL PROTECTED]
Subject: backup interface [7:74836]


Hi,
   I am having issue with backup interface with isdn. I can ping
   my directly connected bri interface. but as soos as I hit my
   serial backup interface bri 0/0. Bri goes down. i do show isdn
   staus it says layer one deactived. this what it shows for sh ip int
   
Interface  IP-Address  OK? Method Status   
Protocol
Ethernet0/0unassigned  YES NVRAM  up   
up
Ethernet0/0.4  130.4.34.3  YES NVRAM  up   
up
Ethernet0/0.6  130.4.36.3  YES NVRAM  up   
up
BRI0/0 130.4.113.3 YES NVRAM  standby mode 
down
Serial0/0  130.4.100.3 YES NVRAM  up   
up
BRI0/0:1   unassigned  YES unset  administratively down
down
BRI0/0:2   unassigned  YES unset  administratively down
down
Virtual-Access1unassigned  YES TFTP   down 
down
Loopback0  130.4.3.3   YES manual up   
up

Thanks in advance for eveyone's help.

Sincerely,
Kaiser A 
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74861&t=74836
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: route redistribution [7:74856]

2003-09-04 Thread Zsombor Papp 
That description on page 698 sounds like as if there was a thing called
"router" between EIGRP and OSPF. In reality, the redistribution is handled
by the (code that belongs to the) receiving protocol.

Thanks,

Zsombor

John Jones wrote:
> 
> I am studying for CCIE Written and lately have been
> concentrating on redistribution.
> 
> I have come across two statements in Doyle's V.1 that I am a
> bit confused about. On page 698 under the Metric section, he
> states that a cost must be assigned to each EIGRP route
> **BEFORE** passing it into OSPF and vice versa. What confuses
> me is that on page 712 under Configuring Redistribution it
> states under #1 that the redistribution configuration command
> and information is placed on the protocol that is to
> **RECEIVE** the distibuted routes, which I assume will be
> applied **AFTER** the route has been received. This seems to
> contradict to me.
> 
> Could anyone shed some light on this? It would help my
> understanding...
> 
> Thanks.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74863&t=74856
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

RE: Stuck on Subinterfaces - HELP! [7:74854]

2003-09-04 Thread Larry Letterman 
Not necessarily...you can also use point-point frame 
With sub-interfaces...


Larry Letterman
Cisco Systems




-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Raj Singh
Sent: Thursday, September 04, 2003 9:00 PM
To: [EMAIL PROTECTED]
Subject: RE: Stuck on Subinterfaces - HELP! [7:74854]


Use the frame relay for subinterfaces. You use subinterfaces to connect
multiple frame relay location to the hub.

Raj
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74866&t=74854
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html