Re: CCIE Security vs Routing Switching [7:74664]
Dear Friend I would say Security would be better , since security plays a major role in network these days , more over there are very less not of security certified people around the globe, but one info security is not as easy as R S , any thing , wish you all the best Bani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74673t=74664 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Amazing Spanning Tree [7:74594]
Think of it like this. Each switch is supposed to block redundant ports leading to the root bridge. Say Switch1 and Switch2 are interlinked, and also have downlink connections to the root bridge, like this: Switch1 -- Switch2 | | | | Core1 -- Core2 Say Core1 is the root bridge. Assuming equal cost links (All Gigabit ports) and no tweaking, what link would be blocked? It should be the inter-link port between Switch1 and Switch2 on Switch1's side. Now, this is not exactly how it works, but if it helps you can think of it like, since Switch1 blocked its port going to Switch2, Switch2 can't See the root bridge on that port, so it keeps it open. Like I said, that's not exactly how it works, but if it helps you understand what port gets blocked then so be it. I'd suggest reading the IEEE docs though. They are a little hard to follow, because of the similar terms it uses (too many Designated for my taste), but it is the definitive text on the topic. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Curious [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 12:02 PM To: [EMAIL PROTECTED] Subject: RE: Amazing Spanning Tree [7:74594] Hello friends, I want to thank every answer to this post. I knew that a port with spanning tree in blockin state has not any relation with being down, I was surprised with some answers. What surprised me, is that one port were in forwarding state and the port in front be in blocking state. For me, there is no sense in having one port in forwarding state when the port in front is in blocking state, why not both in blocking state?? I know that RFC's stablish the rules but I want to understand the sense. Thanks again!! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74674t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Amazing Spanning Tree [7:74594]
There could be hosts inbetween (think hub). Thanks, Zsombor Curious wrote: Hello friends, I want to thank every answer to this post. I knew that a port with spanning tree in blockin state has not any relation with being down, I was surprised with some answers. What surprised me, is that one port were in forwarding state and the port in front be in blocking state. For me, there is no sense in having one port in forwarding state when the port in front is in blocking state, why not both in blocking state?? I know that RFC's stablish the rules but I want to understand the sense. Thanks again!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74672t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Question regarding dialer-watch [7:74667]
What are you trying to accomplish? A configuration using specific protocols for some lab, or are you just trying to get some connectivity up and running? Why don't you just use backup interface? Ah, it looks like you are doing this for a lab, and not a real-life reason. O.K., is your IPsec connection up after the ISDN kicks in? Since it's for a lab, it really can't hurt security wise to send the configs for both sides, so send them. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Jens Petter Eikeland [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 12:16 PM To: [EMAIL PROTECTED] Subject: Question regarding dialer-watch [7:74667] I have put up a solution with isdn backup to a primary Frame-Relay link. This is set up with Tacacs callback solution. The link seems to function fine. Then I try to put on dialer-watch on the client side of this link. When I shall test this by bringing sown the primary, everything looks fine. The backup is coming up, the routes ar prefered over isdn. But when I try to send any trafic I form of pings or telnet nothing happens Even when the link are up my packet wont go over the link. I have also a friend that is having the same problem, and then I guess There will be other that has experienced this.. Please help, I have only days before my lab attempt Jens P **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74675t=74667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Slow Browsing via 500 Pix firewall [7:74583]
Try turning off the port 80 inspecting with the no fixup protocol http 80 command -Original Message- From: Faisal [mailto:[EMAIL PROTECTED] Sent: Monday, September 01, 2003 1:38 AM To: [EMAIL PROTECTED] Subject: Slow Browsing via 500 Pix firewall [7:74583] Hi All, I am having problem of slow or interminnent browsing through pix firewall. If I bypass the traffic speeds are fine. But if all that traffic is going via firewall then it becomes extremely slow. Please anybody can help me how to sort this out. Regards Faisal **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74676t=74583 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: in FECN [7:74642]
set the FECN bit in packet. This is use to inform RECIPENT ( Destination ) that congestion occur. BECN : Detect congestion in path from source to destination, it set the BECN bit in packet that travel opposite direction of the frame encounter the congestion. This will inform the ORINATOR ( Source ) that congestion occur. If you experiment the FECN increase the network will slow down, you may need to take a look at your CIR on your network if the FECN happen more often That was my thought, hope it will help Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74678t=74642 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
Reimer, Fred wrote: Think of it like this. Each switch is supposed to block redundant ports leading to the root bridge. Say Switch1 and Switch2 are interlinked, and also have downlink connections to the root bridge, like this: Switch1 -- Switch2 | | | | Core1 -- Core2 Say Core1 is the root bridge. Assuming equal cost links (All Gigabit ports) and no tweaking, what link would be blocked? It should be the inter-link port between Switch1 and Switch2 on Switch1's side. Now, this is not exactly how it works, but if it helps you can think of it like, since Switch1 blocked its port going to Switch2, Switch2 can't See the root bridge on that port, so it keeps it open. Like I said, that's not exactly how it works, but if it helps you understand what port gets blocked then so be it. I'd suggest reading the IEEE docs though. They are a little hard to follow, because of the similar terms it uses (too many Designated for my taste), but it is the definitive text on the topic. Another more readable doc on spanning would be Radia Perlman's Interconnections. Dave Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Curious [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 12:02 PM To: [EMAIL PROTECTED] Subject: RE: Amazing Spanning Tree [7:74594] Hello friends, I want to thank every answer to this post. I knew that a port with spanning tree in blockin state has not any relation with being down, I was surprised with some answers. What surprised me, is that one port were in forwarding state and the port in front be in blocking state. For me, there is no sense in having one port in forwarding state when the port in front is in blocking state, why not both in blocking state?? I know that RFC's stablish the rules but I want to understand the sense. Thanks again!! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74679t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
isdn question [7:74677]
what happen if ISDN received the setup but not responded to connect ? IS the problem pointing to layer 1 , 2 or 3 ? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74677t=74677 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PPP authentication [7:74551]
From the Cisco Security Configuration Guide: When CHAP is enabled on an interface and a remote device attempts to connect to it, the access server sends a CHAP packet to the remote device. The CHAP packet requests or challenges the remote device to respond. The challenge packet consists of an ID, a random number, and the host name of the local router. When the remote device receives the challenge packet, it concatenates the ID, the remote device's password, and the random number, and then encrypts all of it using the remote device's password. The remote device sends the results back to the access server, along with the name associated with the password used in the encryption process. When the access server receives the response, it uses the name it received to retrieve a password stored in its user database. The retrieved password should be the same password the remote device used in its encryption process. The access server then encrypts the concatenated information with the newly retrieved password-if the result matches the result sent in the response packet, authentication succeeds. Both routers authenticate each other; it's not just a one-way authentication. So, Router2 would send its name, ID, and random number to Router 3. Router3 NEEDS a username Router2 entry so that it can encrypt the response. It uses the password to encrypt, and then sends the response back to Router2. Router2 then NEEDS a username Router2 to check to make sure that Router3 had the right password. Then, Router3 sends its ID, random number, and hostname to Router2. Router2 NEEDS a username Router3 entry to encrypt the packet and send it back to Router3. Router3 then NEEDS a username Router3 to check to make sure that Router2 used the correct password to encrypt the data. I don't see how you can get away with only providing one username on each router. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Kenneth [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 12:10 PM To: [EMAIL PROTECTED] Subject: PPP authentication [7:74551] Hiyah everyone, I have two routers, Router2 and Router3, one a 2500 and the other a 2600. Configuring CHAP on the link, I just need (supposedly) to include these lines on the global config Router2(config)# username Router3 password abc Router3(config)# username Router2 password abc And apply ppp auth chap to the interfaces. However, when doing this, the link becomes more of a flapping link, and, running debug ppp auth, there is no authentication success. However, if I were to do this: Router2(config)# username Router3 password abc Router2(config)# username Router2 password abc Router3(config)# username Router2 password abc Router3(config)# username Router3 password abc and apply CHAP on the respective interfaces, the link just comes up! From the various sources that I checked, the former implementation would've worked, but in my case, the latter works, not the former. I'm wondering whether this is due to IOS version issues or not. I'm not in the office now, so I can't check the versions atm. Any comments on this matter would be appreciated. Thanks. Kenneth **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74671t=74551 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: CCIE Security vs Routing amp; Switching [7:74664]
Typically, you'd do the RS ccie first. You'd need to know most of the RS stuff anyhow to do the security exam. The only way I'd suggest going for the security exam first is if you're already a master of the security topics (PIX, IDS, VPN, etc). If you feel confident that you can totally master the security topics w/o much further study into security, then you might consider going after the security ccie exam first since you'll already have a thorough understanding of about half of the exam. Generally speaking, go for the RS ccie first. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.ccbootcamp.com (Cisco training) manny colon wrote in message news:[EMAIL PROTECTED] Any suggestions on which path to follow? Is it recommended to follow the routing and switching path first? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74669t=74664 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Urgent [7:74682]
Dear Reader Does unmanaged switches have MAC Address , because we have some unmanaged switches which uses the concept of Store and Forward for handling the frames if it is there , what is the simple way to find the MAC address of the switch Thanks in advance Bani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74682t=74682 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Amazing Spanning Tree [7:74594]
i think he has... forw. \ /blked /---\ switch1 switch2 \/ blked/ \forw. not that it makes any sense to me either. it would seem logical that one entire link would be blocked and one forwarding. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 10:48 AM To: [EMAIL PROTECTED] Subject: RE: Amazing Spanning Tree [7:74594] Think of it like this. Each switch is supposed to block redundant ports leading to the root bridge. Say Switch1 and Switch2 are interlinked, and also have downlink connections to the root bridge, like this: Switch1 -- Switch2 | | | | Core1 -- Core2 Say Core1 is the root bridge. Assuming equal cost links (All Gigabit ports) and no tweaking, what link would be blocked? It should be the inter-link port between Switch1 and Switch2 on Switch1's side. Now, this is not exactly how it works, but if it helps you can think of it like, since Switch1 blocked its port going to Switch2, Switch2 can't See the root bridge on that port, so it keeps it open. Like I said, that's not exactly how it works, but if it helps you understand what port gets blocked then so be it. I'd suggest reading the IEEE docs though. They are a little hard to follow, because of the similar terms it uses (too many Designated for my taste), but it is the definitive text on the topic. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Curious [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 12:02 PM To: [EMAIL PROTECTED] Subject: RE: Amazing Spanning Tree [7:74594] Hello friends, I want to thank every answer to this post. I knew that a port with spanning tree in blockin state has not any relation with being down, I was surprised with some answers. What surprised me, is that one port were in forwarding state and the port in front be in blocking state. For me, there is no sense in having one port in forwarding state when the port in front is in blocking state, why not both in blocking state?? I know that RFC's stablish the rules but I want to understand the sense. Thanks again!! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74681t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Urgent [7:74680]
Dear Reader Does unmanaged switches have MAC Address , because we have some unmanaged switches which uses the concept of Store and Forward for handling the frames if it is there , what is the simple way to find the MAC address of the switch Thanks in advance Bani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74680t=74680 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Amazing Spanning Tree [7:74594]
As Zsombor pointed out, the link in between the switches is a segment. It could contain hosts. Remember that Spanning Tree was created way before there was anything like a switch (which is just a fast multi-port bridge). Think of ThickNet Ethernet with DEC DELNIs and vampire clamps. If both switches blocked on that port then no hosts on that segment (granted there are none in this specific example, but there could be) would be able to communicate. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Wilmes, Rusty [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 2:59 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: Amazing Spanning Tree [7:74594] i think he has... forw. \ /blked /---\ switch1 switch2 \/ blked/ \forw. not that it makes any sense to me either. it would seem logical that one entire link would be blocked and one forwarding. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 10:48 AM To: [EMAIL PROTECTED] Subject: RE: Amazing Spanning Tree [7:74594] Think of it like this. Each switch is supposed to block redundant ports leading to the root bridge. Say Switch1 and Switch2 are interlinked, and also have downlink connections to the root bridge, like this: Switch1 -- Switch2 | | | | Core1 -- Core2 Say Core1 is the root bridge. Assuming equal cost links (All Gigabit ports) and no tweaking, what link would be blocked? It should be the inter-link port between Switch1 and Switch2 on Switch1's side. Now, this is not exactly how it works, but if it helps you can think of it like, since Switch1 blocked its port going to Switch2, Switch2 can't See the root bridge on that port, so it keeps it open. Like I said, that's not exactly how it works, but if it helps you understand what port gets blocked then so be it. I'd suggest reading the IEEE docs though. They are a little hard to follow, because of the similar terms it uses (too many Designated for my taste), but it is the definitive text on the topic. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Curious [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 12:02 PM To: [EMAIL PROTECTED] Subject: RE: Amazing Spanning Tree [7:74594] Hello friends, I want to thank every answer to this post. I knew that a port with spanning tree in blockin state has not any relation with being down, I was surprised with some answers. What surprised me, is that one port were in forwarding state and the port in front be in blocking state. For me, there is no sense in having one port in forwarding state when the port in front is in blocking state, why not both in blocking state?? I know that RFC's stablish the rules but I want to understand the sense. Thanks again!! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74683t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Amazing Spanning Tree [7:74594]
Brave!! This is exactly the kind of answer I was waiting for. Just common sense, now I understand it, and I feel like a stupid because the answer is obvious. Thanks Zsombor Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74685t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
New Switching Exam [7:74684]
Please someone could comment what differences and new topics are included in the new 642-811 exam versus the old version (640-604). What new topics are not included in the Cisco Press book ? Where could I find good info about these new topics ? Regards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74684t=74684 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Urgent [7:74680]
Is is a truly unmanaged switch that can not be addressed whatsoever, or is a switch that can be assigned an IP address and managed, but just hasn't been done yet??? I believe that 99.44% of Cisco switches are all manageable (have a MAC associated with them). Persausions and dissausions for this statement are welcome... Cheap and easy rule of thumb...if it supports SNMP, it has a MAC address. As to how to determine the MACshow interface on the newer switches, or on CATOS switches, show module (shows addresses for a module), and show mac to view MAC addresses of whatever is connected to a particular port). Bharani wrote in message news:[EMAIL PROTECTED] Dear Reader Does unmanaged switches have MAC Address , because we have some unmanaged switches which uses the concept of Store and Forward for handling the frames if it is there , what is the simple way to find the MAC address of the switch Thanks in advance Bani **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74687t=74680 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Slow Browsing via 500 Pix firewall [7:74583]
Hi, I have had similar problems in the past when one person was downloading several Linux ISO's from there PC all at once !!! They had come in early to do so. After doing a clear xlate the problem was resolved and everyone could browse at the normal speed. The person started their ISO donwloads again but at a slower speed and one at a time. If you know of a user similiar to this you can clear only their xlate and leave everyone elses alone. Hope this helps. Regards Paul ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jurkouich, Brett, CNTR, DCAA Sent: 02 September 2003 19:20 To: [EMAIL PROTECTED] Subject: RE: Slow Browsing via 500 Pix firewall [7:74583] Try turning off the port 80 inspecting with the no fixup protocol http 80 command -Original Message- From: Faisal [mailto:[EMAIL PROTECTED] Sent: Monday, September 01, 2003 1:38 AM To: [EMAIL PROTECTED] Subject: Slow Browsing via 500 Pix firewall [7:74583] Hi All, I am having problem of slow or interminnent browsing through pix firewall. If I bypass the traffic speeds are fine. But if all that traffic is going via firewall then it becomes extremely slow. Please anybody can help me how to sort this out. Regards Faisal **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74688t=74583 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Urgent [7:74682]
I would hope so, especially if they support Spanning Tree. It would be kind of hard to run the Spanning Tree protocol without a MAC address... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Bharani [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 3:00 PM To: [EMAIL PROTECTED] Subject: Urgent [7:74682] Dear Reader Does unmanaged switches have MAC Address , because we have some unmanaged switches which uses the concept of Store and Forward for handling the frames if it is there , what is the simple way to find the MAC address of the switch Thanks in advance Bani **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74689t=74682 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: CCIE Security vs Routing Switching [7:74664]
Hi there, If I wanted to be a CCIE, I would go for Security track or maybe the voice track, but I think the latter is too specialized. Security is something you need to know anyway, if you want to be a good and respected network professional. Companies will understand that you know the most important concepts of routing and switching when you pass your exam. I believe 50% of the CCIE security exam is still RS related, isn't it? Personnally I wouldn't go for a CCIE exam (yet). I'm working as a self-employed consultant, I've got my CCNP and CCDP and in my opinion studying for CCIE takes too much effort for something, which doesn't bring me much additional value. If you look to the network market (here in Europe), companies don't necessarily need CCIEs, they prefer people with a much broader view. Maybe I would like to be a CCIE, but I don't want to go that Long-and-windy-road now. If you look to the market for the coming 2-3 years, you need to have (most of) folllowing skills, besides basic (CCNP/CCDP) RS: - security, at least PIX or Checkpoint; basics of intrusion detection systems; - wireless, - VoIP, - SANs, - MPLS, - QoS, - Unix/Linux and Microsoft networking and server skills; - Know the basics of (how to configure) DNS, Radius, LDAP, Web servers, etc.; - Load balancers and other content related stuff. This list is far from exhaustive, but hey, you can't know everything. It also depends in which market you want to work. The SME market for example, loves people who have both networking and operating systems skills. Big companies, carriers or ISPs like it when you as a network professional can speak with and understand the server/system administrators or the service designers. If you want to go for the money, you should specialize in one or two topics, for example choose a hype like SAN, learn the systems of one or two vendors and there you go... I'm concentrating now on security. Next thing will be VoIP/QoS or more Linux/Microsoft networking and server skills. By the way, reading books or documentation from other network vendors like Juniper or Nortel, is also recommended. Then you will see that it is 'all the same' ... at least you could tell that to the HR people or managers... My two cents, Eric Brouwers - Original Message - From: Bharani To: Sent: Tuesday, September 02, 2003 7:37 PM Subject: Re: CCIE Security vs Routing Switching [7:74664] Dear Friend I would say Security would be better , since security plays a major role in network these days , more over there are very less not of security certified people around the globe, but one info security is not as easy as R S , any thing , wish you all the best Bani **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74690t=74664 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: PRI to PRI - HELP !!! [7:74433]
Of course, if you're in the UK, you are (I think) probably using ETSI ISDN, so the physical config would actually be something like... controller E1 0 clock source line primary pri-group timeslots 1-31 interface Serial0:15 isdn switch-type primary-net5 ! rest of interface config... That's from an AS5300 running 12.2 - you may want to check that the defaults for framing etc match the 2611XM and your IOS. Dunno about the UK, but here it's possible to purchase PRI services in 10, 20 or 30 channels. I assume that's what you're referring to with 15 channels? JMcL Dave Madland wrote: Robert Bentley wrote: Hi I'm slowly getting my teeth into the world of cisco - but I am struggling to set up the following. I have two Cisco 2611XM routers, each with a serial card and a PRI card. I have set up the serial interfaces with a 30 bit IP address range, and the 2Mb serial link works well. I would now like to setup the PRI interfaces, to connect if ever the serial link fails. I have done this before with BRI ISDN, but not with PRI. The plan is to get all 15 channels to come into use, giving me 15x64k=1Mb link (approx) I can't find any examples on the cisco site - they all talk about a PRO dialling multiple BRI's. Can anyone assist with two sample configurations, showing the simplest way to achieve this? Many Thanks, Rob Bentley Bournemouth, UK You configure the PRI's roughly the same as two BRI's. You won't find it on CCO, at least I didn't either a few years back when I multilinked 4 PRI'a together. Also you have 24 channels in a PRI not 15. controller T1 1/0 framing esf linecode b8zs pri-group timeslots 1-24 ! interface Serial1/0:23 ip address 4.1.1.1 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer idle-timeout 300 dialer string 3599327 dialer load-threshold 3 either dialer-group 1 isdn switch-type primary-ni fair-queue 64 256 0 ppp authentication chap ppp multilink no ppp multilink fragmentation OTHER SIDE: controller T1 1/0 framing esf linecode b8zs pri-group timeslots 1-24 ! interface Serial1/0:23 ip address 4.1.1.2 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer load-threshold 3 either dialer-group 1 isdn switch-type primary-ni fair-queue 64 256 0 ppp authentication chap ppp multilink no ppp multilink fragmentation Dave -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74692t=74433 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: RE: Slow Browsing via 500 Pix firewall [7:74583]
Is the problem related to a slow initial connection to a Web Server? If so then it could be an IDENT protocol problem (TCP port 113 connection coming back to you from the server). Try putting service resetoutside on the PIX and see if the problem still persists. Mark CCIE RS, Security Lab Technician GigaVelocity.com - Original Message - From: Jurkouich, Brett, CNTR, DCAA Reply-To: Jurkouich, Brett, CNTR, DCAA To: [EMAIL PROTECTED] Subject: RE: Slow Browsing via 500 Pix firewall [7:74583] Date: Tue, 2 Sep 2003 18:20:06 GMT Try turning off the port 80 inspecting with the no fixup protocol http 80 command -Original Message- From: Faisal [mailto:[EMAIL PROTECTED] Sent: Monday, September 01, 2003 1:38 AM To: [EMAIL PROTECTED] Subject: Slow Browsing via 500 Pix firewall [7:74583] Hi All, I am having problem of slow or interminnent browsing through pix firewall. If I bypass the traffic speeds are fine. But if all that traffic is going via firewall then it becomes extremely slow. Please anybody can help me how to sort this out. Regards Faisal **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74694t=74583 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: RE: PIX Firewal Software Version [7:73894]
In 6.2(2) version of software you might think of turning off the ILS and SIP fixups. These are known for reloading the PIX for no reason. There are bugs listed on Cisco's website about it. Mark CCIE RS, Security Lab Technician GigaVelocity.com - Original Message - From: Deepali S Reply-To: Deepali S To: [EMAIL PROTECTED] Subject: RE: PIX Firewal Software Version [7:73894] Date: Tue, 2 Sep 2003 07:27:31 GMT Hi , I would suggest you to use PIX 6.2 software rather than 6.3.1 , since this has a lot of BUGs , you can download the latest PIX software version 6.3.2 Let me know if you have any queries. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74693t=73894 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
6509 Power Supply Swap -- No Swap? [7:74695]
Has anyone successfully HOT-SWAP-upgraded power supplies on a 6509s. In other words::: Pwr-A is 1300 watts Pwr-B is 1300 watts Pull out Pwr-A; XXX Pwr-B is 1300 watts replace it w/ a 2500 watt pwr supply; so you now have::: Pwr-A is 2500 watts Pwr-B is 1300 watts Now pull out Pwr-B; Pwr-A is 2500 watts XXX replace it w/ a 2500 watt pwr supply; so you now have::: Pwr-A is 2500 watts Pwr-B is 2500 watts And all without any downtime Thanks TroyC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74695t=74695 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 6509 Power Supply Swap -- No Swap? [7:74695]
The last time we tried that it bounced the switch, especially if you Running redundant power... Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of COULOMBE, TROY Sent: Tuesday, September 02, 2003 5:57 PM To: [EMAIL PROTECTED] Subject: 6509 Power Supply Swap -- No Swap? [7:74695] Has anyone successfully HOT-SWAP-upgraded power supplies on a 6509s. In other words::: Pwr-A is 1300 watts Pwr-B is 1300 watts Pull out Pwr-A; XXX Pwr-B is 1300 watts replace it w/ a 2500 watt pwr supply; so you now have::: Pwr-A is 2500 watts Pwr-B is 1300 watts Now pull out Pwr-B; Pwr-A is 2500 watts XXX replace it w/ a 2500 watt pwr supply; so you now have::: Pwr-A is 2500 watts Pwr-B is 2500 watts And all without any downtime Thanks TroyC **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74696t=74695 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 6509 Power Supply Swap -- No Swap? [7:74695]
No, what was your experience??? I expect from your question that you had issues... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: COULOMBE, TROY [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 8:57 PM To: [EMAIL PROTECTED] Subject: 6509 Power Supply Swap -- No Swap? [7:74695] Has anyone successfully HOT-SWAP-upgraded power supplies on a 6509s. In other words::: Pwr-A is 1300 watts Pwr-B is 1300 watts Pull out Pwr-A; XXX Pwr-B is 1300 watts replace it w/ a 2500 watt pwr supply; so you now have::: Pwr-A is 2500 watts Pwr-B is 1300 watts Now pull out Pwr-B; Pwr-A is 2500 watts XXX replace it w/ a 2500 watt pwr supply; so you now have::: Pwr-A is 2500 watts Pwr-B is 2500 watts And all without any downtime Thanks TroyC **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74697t=74695 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
640-604 Passing Score? [7:74698]
Does anybody know the passing score for the 640-604 switching exam? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74698t=74698 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: ospf type 5 lsas [7:74699]
someone requested the configs; i'm sorry, i'm not sure who. and the links are numbered, btw. 7500: interface atm 0/1/0.101 ip address 192.168.10.1 255.255.255.252 ! ! router ospf 120 network 192.168.10.0 0.0.0.3 area 0 network 10.64.0.0 0.0.0.255 area 14 ! 2500: interface ethernet 0 ip address 172.16.10.5 255.255.255.252 ! interface serial 0/0.101 point-to-point ip address 192.168.10.2 255.255.255.252 ! ! router ospf 120 network 192.168.10.0 0.0.0.3 area 0 network 172.16.10.4 0.0.0.3 area 15 area 15 nssa no-summary ! the only other router in area 15 is at 172.16.10.6, and is configured as an nssa asbr. the 7500 has all the type 5 lsas in its database, but none entered in its route table. eg: 7500#show ip ospf database external 200.88.200.220 OSPF Router with ID (200.55.10.244) (Process ID 20) Type-5 AS External Link States LS age: 2576 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 200.88.200.220 (External Network Number ) Advertising Router: 200.27.100.154 LS Seq Number: 8008 Checksum: 0x1A8B Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 2 Forward Address: 0.0.0.0 External Route Tag: 3221225472 7500#show ip route | include 200.88.200.220 7500# thomas - Original Message - From: Thomas Salmen To: [EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 3:43 PM Subject: ospf type 5 lsas i have a problem with ospf that someone may be able to help with. i have a 2500 connected to a 7500 via a frame (2500 end) to atm (7500 end) link. the 2500 is an abr for area 15 (serial area 0, ethernet area 15); the 7500 is an abr for area 14 (atm area 0, other interfaces area 14). area 15 is configured as an nssa, as it is attached to another router which is redistributing static routes. area 14 is a standard ospf area, not stub or nssa. the 2500 (abr) is recieving type 7 lsas and converting them to type 5 and flooding them into area 0, no problems. the 7500 has them in its lsa database. the problem is that none of the type 5 lsas are being entered in the 7500s route table. i have run through everything i can think of, and i'm a bit stuck. the forwarding address of each lsa is 0.0.0.0. the network type is correct (ptp). the 7500 can reach the abr and the asbr. subnet masks are all correct. i'm not sure what to look for next... anyone? thomas Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74699t=74699 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Question regarding dialer-watch [7:74667]
Jens, Assuming this is legacy DDR, do you have a static layer 3 to layer 2 resolution (dialer map) for the IP of the remote end? Post your config if you're still having trouble. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jens Petter Eikeland Sent: Tuesday, September 02, 2003 11:16 AM To: [EMAIL PROTECTED] Subject: Question regarding dialer-watch [7:74667] I have put up a solution with isdn backup to a primary Frame-Relay link. This is set up with Tacacs callback solution. The link seems to function fine. Then I try to put on dialer-watch on the client side of this link. When I shall test this by bringing sown the primary, everything looks fine. The backup is coming up, the routes ar prefered over isdn. But when I try to send any trafic I form of pings or telnet nothing happens Even when the link are up my packet wont go over the link. I have also a friend that is having the same problem, and then I guess There will be other that has experienced this.. Please help, I have only days before my lab attempt Jens P **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html [GroupStudy removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74700t=74667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
ping cisco@groupstudy.com [7:74702]
.!!! Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74702t=74702 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Question regarding dialer-watch [7:74667]
Jens, Assuming this is legacy DDR, do you have a static layer 3 to layer 2 resolution (dialer map) for the IP of the remote end? Post your config if you're still having trouble. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jens Petter Eikeland Sent: Tuesday, September 02, 2003 11:16 AM To: [EMAIL PROTECTED] Subject: Question regarding dialer-watch [7:74667] I have put up a solution with isdn backup to a primary Frame-Relay link. This is set up with Tacacs callback solution. The link seems to function fine. Then I try to put on dialer-watch on the client side of this link. When I shall test this by bringing sown the primary, everything looks fine. The backup is coming up, the routes ar prefered over isdn. But when I try to send any trafic I form of pings or telnet nothing happens Even when the link are up my packet wont go over the link. I have also a friend that is having the same problem, and then I guess There will be other that has experienced this.. Please help, I have only days before my lab attempt Jens P **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74701t=74667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
mpls fragmentation [7:74577]
does anyone know if using frame-mode mpls affects the mtu on an interface? i can't help thinking that sticking in an extra 32-bit header would mean reducing the amount of user data that could be carried by 32 bits - causing fragmentation if the data field is already at its max for a given interface... apologies if the question is an inane one, but i'm just starting to get into this ls thang thomas Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74577t=74577 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
CCIE changes [7:74580]
Dear Friends I heard from september end CCIE RS is going to change , does any one aware of the changes , what and how the changes are going to be thanks in advance Bani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74580t=74580 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: CCIE changes [7:74580]
The new exams will include features that are available in the 12.2 version of code Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Bharani [mailto:[EMAIL PROTECTED] Sent: Sunday, August 31, 2003 9:32 PM To: [EMAIL PROTECTED] Subject: CCIE changes [7:74580] Dear Friends I heard from september end CCIE RS is going to change , does any one aware of the changes , what and how the changes are going to be thanks in advance Bani **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74581t=74580 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Slow Browsing via 500 Pix firewall [7:74583]
Hi All, I am having problem of slow or interminnent browsing through pix firewall. If I bypass the traffic speeds are fine. But if all that traffic is going via firewall then it becomes extremely slow. Please anybody can help me how to sort this out. Regards Faisal Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74583t=74583 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PPTP win98 to PIX not working [7:74521]
You also need this command: sysopt connection permit-pptp This is my working config: vpdn group 1 accept dialin pptp vpdn group 1 ppp authentication mschap vpdn group 1 ppp encryption mppe auto vpdn group 1 client configuration address local pptp vpdn group 1 client configuration dns ProxySvr vpdn group 1 client configuration wins ProxySvr vpdn group 1 pptp echo 60 vpdn group 1 client authentication local -Original Message- From: Michael Barnhart [mailto:[EMAIL PROTECTED] Sent: 29 August 2003 21:11 To: [EMAIL PROTECTED] Subject: PPTP win98 to PIX not working [7:74521] Hello all. I have a problem with pptp to pix. Client has win98 machines on their network, all behind a DSL router. They connect via MS PPTP to my PIX box. The connection is fine, without errors. Problem is, they cannot do anything on my network. If they disconnect from their network, dial up to Internet, they connect fine and can do everything they should be expected to do. Windows 2000 and up machines seem to work fine, though. I am more than a little stumped. Below, please find a brief setup: client (192.168.0.x) - DSL Router - Internet - DSL Router - PIX )with live IP address on outside interface) (VPN Pool is 172.16.0.x) - Internal Network (10.1.1.x). vpdn group klr accept dialin pptp vpdn group klr ppp authentication pap vpdn group klr ppp authentication chap vpdn group klr ppp authentication mschap vpdn group klr client configuration address local klrpool vpdn group klr pptp echo 60 vpdn group klr client authentication local vpdn username some-name password some-password vpdn enable outside Any help would be muchly appreciated! Thanks! Michael Barnhart **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74584t=74521 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
What is the difference between 100BaseT and 100BaseTx [7:74586]
Hello SOunds to be a silly question,but I want to know the basic difference between 100baseT and 100BaseTx. Same applies to even 10baset ,10BaseTx also Thanks in advance. Piyush Yahoo! India Promos: Win TVs, Bikes, DVD players more! Go to http://in.promos.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74586t=74586 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
What is the difference between 100BaseT and 100BaseTx [7:74585]
Hello SOunds to be a silly question,but I want to know the basic difference between 100baseT and 100BaseTx. Same applies to even 10baset ,10BaseTx also Thanks in advance. Piyush Yahoo! India Promos: Win TVs, Bikes, DVD players more! Go to http://in.promos.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74585t=74585 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: What is the difference between 100BaseT and 100BaseTx [7:74587]
Nice question. Things like that are normally taken for granted. Rgds, Ak Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74587t=74587 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
End to End / Local VLAN's [7:74593]
Hello Forum Please can any body explain to me what are End to end Vlan and Local VLAN in a concept, if there is any diagram of this on Cisco web Site and why end to end vlans are 80/20 and local VLAN are 80/20 I know that traffic flows can be distinguee in Local Traffic Remote Traffic Enterprose Traffic I am just looking for this two concepts at Cisco site. Regards VĆctor Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74593t=74593 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
2514 router [7:74592]
anyone can help with a configuration for dsl to a 2514? I just got the router and having a hell of time with it. thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74592t=74592 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Amazing Spanning Tree [7:74594]
Hello friends, I have an spanning tree question for you! I have a lot of switches connected between them, but I have seen something that I can not explain very well. Two of these switches are connected using two cables: Switch1 Switch2 Port 29 - Port 29 Port 30 - Port 30 I expected to see one port in blocking state (spanning-tree) and the other in forwarding state, but suprisingly I have seen that port 30 is in blocking state in Switch1 but it is in forwarding state in Switch 2. Let's see these outputs: Switch1#sh spanning-tree interface FastEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 0, forward delay 0, hold 0 Switch1#sh spanning-tree interface FastEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 264503, received 2 Switch2#sh spanning-tree interface FAstEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 4, forward delay 0, hold 0 BPDU: sent 2, received 264561 Switch2#sh spanning-tree interface FAstEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is BLOCKING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 3, forward delay 0, hold 0 BPDU: sent 2, received 264573 Why a port is in blocking state and the other is in forwarding??? I expected to see both ports in blocking, but one forwarding and the other blocking doesn't make sense!!! Thanks a lot! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74594t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: IS-IS [7:74508]
Yes it is live and well! if you look at the Cisco's blueprint under all the routing protocols yes it is tested if I were you I would get me an IS-IS book..from Amazon. COM used one...IS-IS is a very interesting link-state protocol with respect to OSPF similarities and differences.Believe it or not it is being used by some ISPs right nowso that's another reason for Cisco to explore that market if you will. Thank you Ollie ATT Common Backbone 866-397-7309 Opt 1 -Original Message- From: PPC-DAT Ep-Ng-Ist [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 7:55 PM To: [EMAIL PROTECTED] Subject: IS-IS [7:74508] Is IS-IS tested on the ccie lab exam? Rgds, Akpome. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74595t=74508 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Amazing Spanning Tree [7:74594]
I know this do not answer your question but did you saw the timers of Forwarding Delay in the Switches?? Regards Victor. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74596t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
I expected to see one port in blocking state (spanning-tree) and the other in forwarding state, but suprisingly I have seen that port 30 is in blocking state in Switch1 but it is in forwarding state in Switch 2. I might be giving you wrong answer, but if one port is in blocking and the other one in blocking state, link is down in any case. The whole point of STP is acomplished. If you recreate te connection scenario, I wouldn't be too surprised if the situation is the other way round (depending on the entire topology, of course). This might just mean that one switch finished STP faster than the other one. I think this behaviour is perfectly fine. Marko. P.S. As usual, if I'm horribly wrong, I'd like to be corrected. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74597t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
I might be giving you wrong answer, but if one port is in blocking and the other one in blocking state, link is down in any case. The whole point of STP is acomplished. Should be read as: I might be giving you wrong answer, but if one port is in blocking and the other one in forwarding state, link is down in any case. The whole point of STP is acomplished. ;-) Marko. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74598t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PPTP win98 to PIX not working [7:74521]
Sorry, I have that line but forgot to post it. The only thing I can think of, is that Win98 gets confused as to where to send the packets. It only has one default gateway (the one on the network adapter for the local network). I am curious how the TCP/IP Stack knows to send items destined for the network inside the VPN lan through the virtual adapter. Do I need manual router statements on the Win98 PC? Any ideas how to make them without knowing that IP address the PPTP adapter will get? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74600t=74521 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
I always like to think of Spanning Tree in respect to the numbers on a clock. If the information goes around in a circle, you only need 1 blocking port to disrupt the circle. You don't need to block in two parts of the circle. The Sybex CCNA book had an excellent example of this (I got my CCNA June 30th, 911/1000)... they had the explaination on one page, then you turn the page and they had 5 switches. The diagram made all the sense in the world. Which is kind of where I got my clock analogy. If you're disrupting the loop at the 12 spot on the clock, you don't need to disrupt it anywhere else. -- Fred Curious wrote: Hello friends, I have an spanning tree question for you! I have a lot of switches connected between them, but I have seen something that I can not explain very well. Two of these switches are connected using two cables: Switch1 Switch2 Port 29 - Port 29 Port 30 - Port 30 I expected to see one port in blocking state (spanning-tree) and the other in forwarding state, but suprisingly I have seen that port 30 is in blocking state in Switch1 but it is in forwarding state in Switch 2. Let's see these outputs: Switch1#sh spanning-tree interface FastEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 0, forward delay 0, hold 0 Switch1#sh spanning-tree interface FastEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 264503, received 2 Switch2#sh spanning-tree interface FAstEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 4, forward delay 0, hold 0 BPDU: sent 2, received 264561 Switch2#sh spanning-tree interface FAstEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is BLOCKING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 3, forward delay 0, hold 0 BPDU: sent 2, received 264573 Why a port is in blocking state and the other is in forwarding??? I expected to see both ports in blocking, but one forwarding and the other blocking doesn't make sense!!! Thanks a lot! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74602t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: What is the difference between 100BaseT and 100Bas [7:74585]
They are the same thing. The X refers to pair, the T refers to twisted. It is assumed you are talking about pair when you use just the T. Hope that helps! Michael Barnhart Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74599t=74585 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
I always like to think of Spanning Tree in respect to the numbers on a clock. If the information goes around in a circle, you only need 1 blocking port to disrupt the circle. You don't need to block in two parts of the circle. The Sybex CCNA book had an excellent example of this (I got my CCNA June 30th, 911/1000)... they had the explaination on one page, then you turn the page and they had 5 switches. The diagram made all the sense in the world. Which is kind of where I got my clock analogy. If you're disrupting the loop at the 12 spot on the clock, you don't need to disrupt it anywhere else. -- Fred Curious wrote: Hello friends, I have an spanning tree question for you! I have a lot of switches connected between them, but I have seen something that I can not explain very well. Two of these switches are connected using two cables: Switch1 Switch2 Port 29 - Port 29 Port 30 - Port 30 I expected to see one port in blocking state (spanning-tree) and the other in forwarding state, but suprisingly I have seen that port 30 is in blocking state in Switch1 but it is in forwarding state in Switch 2. Let's see these outputs: Switch1#sh spanning-tree interface FastEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 0, forward delay 0, hold 0 Switch1#sh spanning-tree interface FastEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 264503, received 2 Switch2#sh spanning-tree interface FAstEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 4, forward delay 0, hold 0 BPDU: sent 2, received 264561 Switch2#sh spanning-tree interface FAstEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is BLOCKING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 3, forward delay 0, hold 0 BPDU: sent 2, received 264573 Why a port is in blocking state and the other is in forwarding??? I expected to see both ports in blocking, but one forwarding and the other blocking doesn't make sense!!! Thanks a lot! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74601t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: End to End / Local VLAN's [7:74593]
Dear Friend END-TO-END VLAN is where the switches are connected together remotely under the same vlan , where the traffic is flowing through your wan link where 80 percent of traffic is running on WAN link the Local VLAN is within the same building are (just for EG)where the 80 percent traffic runs on the LAN link Enjoy Bani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74604t=74593 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
Hello Marko, you said: I might be giving you wrong answer, but if one port is in blocking and the other one in blocking state, link is down in any case. The whole point of STP is acomplished But this is not right, my ports are up/up, but one of them is in forwarding state and the other in blocking :) :) I expected to see both ports in blocking, not one in forwarding and the other in blocking! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74605t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
Dear Friend Its the basics of STP Root Bridge - 29 30 - | | | | | | | X - 29 30 - 1) All the Ports in the root bridge will be in the forwarding state 2) When you have the parallel connection the first priority goes to the Path COST then to the Designated Cost then Port Priority 3) In your case all are same so they take the lowest port number internally to assign the forwarding state Hope this will help you Enjoy Regards Bani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74603t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
Thanks bharani, I thought this, but neither Switch1 or Switch2 is the root bridge: Switch1:#sh spanning-tree Spanning tree 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0005.5e0c.57b6 Configured hello time 2, max age 20, forward delay 15 Current root has priority 32768, address 0002.fd3c.18c1 Root port is 40, cost of root path is 23 Topology change flag not set, detected flag not set, changes 113816 Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 Switch2: Switch2#sh spanning-tree Spanning tree 1 is executing the IEEE compatible Spanning Tree protocol Bridge Identifier has priority 32768, address 0005.5e0c.c5b5 Configured hello time 2, max age 20, forward delay 15 Current root has priority 32768, address 0002.fd3c.18b5 Root port is 35, cost of root path is 42 Topology change flag not set, detected flag not set, changes 113815 Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hello 0, topology change 0, notification 0 what do you think?? One of them could be the designated bridge, but it doesn't explain why one port is in forwarding and the port in front of it is in blockin. I think that our friend Fred is right. If you can break the ring in one point, why break it in two points?? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74606t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: mpls fragmentation [7:74577]
At 10:37 PM 8/31/2003 +, Thomas Salmen wrote: does anyone know if using frame-mode mpls affects the mtu on an interface? i can't help thinking that sticking in an extra 32-bit header would mean reducing the amount of user data that could be carried by 32 bits - causing fragmentation if the data field is already at its max for a given interface... MPLS headers, 802.1q tags and all similar encap overhead certainly add size to frames and are certainly things one needs to be mindful of from an mtu perspective. apologies if the question is an inane one, but i'm just starting to get into this ls thang thomas **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74607t=74577 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
CCIE Lab date swap in San Jose [7:74611]
I'm scheduled to take the CCIE RS lab on 9/15. I would like to exchange with any later lab date. Please contact me asap if you're interested in swapping the lab date. James Pham Network Engineer MAINTECH 714-283-7358 (Work) 714-401-1435 (Mobil) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74611t=74611 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Amazing Spanning Tree [7:74594]
The root switch will always be in forwarding. The downstream switch will Always be in blocking mode ...thats why the link is up/up... Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, September 01, 2003 8:21 AM To: [EMAIL PROTECTED] Subject: Re: Amazing Spanning Tree [7:74594] Hello Marko, you said: I might be giving you wrong answer, but if one port is in blocking and the other one in blocking state, link is down in any case. The whole point of STP is acomplished But this is not right, my ports are up/up, but one of them is in forwarding state and the other in blocking :) :) I expected to see both ports in blocking, not one in forwarding and the other in blocking! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74612t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
failure notice [7:74614]
Hi. This is the qmail-send program at casper.sri.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. : 130.107.1.30 does not like recipient. Remote host said: 550 5.1.1 ... User unknown Giving up on 130.107.1.30. --- Below this line is a copy of the message. Return-Path: Received: (qmail 26216 invoked from network); 1 Sep 2003 19:37:06 - Received: from localhost (HELO casper.SRI.COM) (127.0.0.1) by casper.sri.com with SMTP; 1 Sep 2003 19:37:06 - Received: (from ALI-PC-1 [213.84.176.225]) by casper.SRI.COM (SAVSMTP 3.1.0.29) with SMTP id M2003090112363730932 for ; Mon, 01 Sep 2003 12:36:41 -0700 From: To: Subject: Re: Approved Date: Mon, 1 Sep 2003 21:36:36 +0200 X-MailScanner: Found to be clean Importance: Normal X-Mailer: Microsoft Outlook Express 6.00.2600. X-MSMail-Priority: Normal X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=_NextPart_000_005E25B0 This is a multipart message in MIME format --_NextPart_000_005E25B0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit See the attached file for details --_NextPart_000_005E25B0 Content-Type: text/plain; name=DELETED0.TXT Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=DELETED0.TXT RmlsZSBhdHRhY2htZW50OiB3aWNrZWRfc2NyLnNjcgpBIGZpbGUgYXR0YWNoZWQgdG8gdGhp cyBlbWFpbCB3YXMgcmVtb3ZlZA0KYmVjYXVzZSBpdCB3YXMgaW5mZWN0ZWQgd2l0aCBhIHZp cnVzLg0KDQpSZXN1bHQ6IFZpcnVzIERldGVjdGVkDQpWaXJ1cyBOYW1lOiBXMzIuU29iaWcu RkBtbQ0KRmlsZSBBdHRhY2htZW50OiB3aWNrZWRfc2NyLnNjcg0KQXR0YWNobWVudCBTdGF0 dXM6IGRlbGV0ZWQNCg== --_NextPart_000_005E25B0-- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74614t=74614 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: What is the difference between 100BaseT and 100Bas [7:74616]
Hai They dont make any difference , Bani Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74616t=74616 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IS-IS [7:74508]
The simple answer is that yes, ISIS is a possible topic for the R/S exam. The better question to ask is why? The R/S is supposed to be an enterprise-networking oriented exam. Those who are interested in carrier routing where ISIS is most commonly found should be looking at the C/S. Let's face it, at this time ISIS is not exactly a particularly common enterprise technology, so why test such an obscure enterprise protocol on a supposedly enterprise-oriented test? I suppose a tenuous case could be made if it was surmised that ISIS was destined to expand its presence in the enterprise, but honestly now, does anybody seriously think this is going to happen? For example, does anybody seriously believe that in say, 10 years, there is going to be more ISIS in real-world networks as a percentage of total usage? Especially in the enterprise? Right. So again, on a supposedly enterprise-oriented test, why test a technology that is rare in the enterprise and getting rarer every day? Chibwe, Oliver J, NEO wrote in message news:[EMAIL PROTECTED] Yes it is live and well! if you look at the Cisco's blueprint under all the routing protocols yes it is tested if I were you I would get me an IS-IS book..from Amazon. COM used one...IS-IS is a very interesting link-state protocol with respect to OSPF similarities and differences.Believe it or not it is being used by some ISPs right nowso that's another reason for Cisco to explore that market if you will. Thank you Ollie ATT Common Backbone 866-397-7309 Opt 1 -Original Message- From: PPC-DAT Ep-Ng-Ist [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 7:55 PM To: [EMAIL PROTECTED] Subject: IS-IS [7:74508] Is IS-IS tested on the ccie lab exam? Rgds, Akpome. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74615t=74508 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: mpls fragmentation [7:74577]
hmm, cheers any idea if there is any documentation regarding this? seems to me that with all these sites these days mucking around with df bits and filtering icmp that it's a wonder that any link with an odd pmtu works at all. not to mention qos getting all upset with fragmented packets. thomas At 10:37 PM 8/31/2003 +, Thomas Salmen wrote: does anyone know if using frame-mode mpls affects the mtu on an interface? i can't help thinking that sticking in an extra 32-bit header would mean reducing the amount of user data that could be carried by 32 bits - causing fragmentation if the data field is already at its max for a given interface... MPLS headers, 802.1q tags and all similar encap overhead certainly add size to frames and are certainly things one needs to be mindful of from an mtu perspective. apologies if the question is an inane one, but i'm just starting to get into this ls thang thomas **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74617t=74577 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IS-IS [7:74508]
nrf wrote in message news:[EMAIL PROTECTED] The simple answer is that yes, ISIS is a possible topic for the R/S exam. The better question to ask is why? The R/S is supposed to be an enterprise-networking oriented exam. Those who are interested in carrier routing where ISIS is most commonly found should be looking at the C/S. Let's face it, at this time ISIS is not exactly a particularly common enterprise technology, so why test such an obscure enterprise protocol on a supposedly enterprise-oriented test? I suppose a tenuous case could be made if it was surmised that ISIS was destined to expand its presence in the enterprise, but honestly now, does anybody seriously think this is going to happen? For example, does anybody seriously believe that in say, 10 years, there is going to be more ISIS in real-world networks as a percentage of total usage? Especially in the enterprise? Right. So again, on a supposedly enterprise-oriented test, why test a technology that is rare in the enterprise and getting rarer every day? the answer is simple and practical. What with the one day lab and the speed with which cheats get circulated, lab scenarios are revised much more often than they used to. Adding IS-IS allows for more permutations to add to the mix. Especially now that IGRP is no longer there. The proctors still need lots of ways to screw you with redistribution. IS-IS redfistribution gives them that in spades. ;- Chibwe, Oliver J, NEO wrote in message news:[EMAIL PROTECTED] Yes it is live and well! if you look at the Cisco's blueprint under all the routing protocols yes it is tested if I were you I would get me an IS-IS book..from Amazon. COM used one...IS-IS is a very interesting link-state protocol with respect to OSPF similarities and differences.Believe it or not it is being used by some ISPs right nowso that's another reason for Cisco to explore that market if you will. Thank you Ollie ATT Common Backbone 866-397-7309 Opt 1 -Original Message- From: PPC-DAT Ep-Ng-Ist [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 7:55 PM To: [EMAIL PROTECTED] Subject: IS-IS [7:74508] Is IS-IS tested on the ccie lab exam? Rgds, Akpome. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74619t=74508 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Amazing Spanning Tree [7:74594]
That seems right to be. The link should not go down just because spanning tree is blocking a port. Curious wrote in message news:[EMAIL PROTECTED] Hello friends, I have an spanning tree question for you! I have a lot of switches connected between them, but I have seen something that I can not explain very well. Two of these switches are connected using two cables: Switch1 Switch2 Port 29 - Port 29 Port 30 - Port 30 I expected to see one port in blocking state (spanning-tree) and the other in forwarding state, but suprisingly I have seen that port 30 is in blocking state in Switch1 but it is in forwarding state in Switch 2. Let's see these outputs: Switch1#sh spanning-tree interface FastEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 0, forward delay 0, hold 0 Switch1#sh spanning-tree interface FastEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 264503, received 2 Switch2#sh spanning-tree interface FAstEthernet 0/29 Interface Fa0/29 (port 35) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 35, path cost 23 Timers: message age 4, forward delay 0, hold 0 BPDU: sent 2, received 264561 Switch2#sh spanning-tree interface FAstEthernet 0/30 Interface Fa0/30 (port 36) in Spanning tree 1 is BLOCKING Port path cost 19, Port priority 128 Designated root has priority 32768, address 0002.fd3c.18b5 Designated bridge has priority 32768, address 0005.5e0c.57b6 Designated port is 36, path cost 23 Timers: message age 3, forward delay 0, hold 0 BPDU: sent 2, received 264573 Why a port is in blocking state and the other is in forwarding??? I expected to see both ports in blocking, but one forwarding and the other blocking doesn't make sense!!! Thanks a lot! **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74618t=74594 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Console port now working on 4000 [7:74489]
Cosmic radiation Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of nettable_walker Sent: 30 August 2003 19:27 To: [EMAIL PROTECTED] Subject: Re: Console port now working on 4000 [7:74489] I see what you are describing about one router every six months. I am assuming the power supply is on. I would recommend you open an TAC case RMA the router. The two biggest problems Cisco has with the 4000 router chassis are 1] memory stops working because of the seats where the memory fit into the motherboard give out 2] the problem you are describing. Richard // Rohit-Sundriyal(CCNA) wrote in message news:[EMAIL PROTECTED] I Cannot even Access it after a restart. no display at all William Lijewski wrote in message news:[EMAIL PROTECTED] Does it display anything when you powercycle the router? Does it display the bootup information and then freeze? If it displays the bootup information and then freezes you may have accidentally put 'no exec' under the console port. You would need to break into the router, just like you would if you were resetting the password. -- Bill Lijewski CCIE #8642 Rohit-Sundriyal(CCNA) wrote in message news:[EMAIL PROTECTED] Hi All My Cisco 4000 consol port is not work any idea what whent wrong or how to make it work. Thanks in advance **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74562t=74489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
PPP Question [7:74568]
Hiyah guys, I have a question on PPP CHAP. From the various sources, we just need to declare the remote router's username and have the same password, apply CHAP on the PPP serial interfaces and the link will be up. In my case, it doesn't work. It became a flapping link. I am using a 2500 and 2600 router to run PPP. Instead, I have to configure this: Router1 Username Router2 password abc Username Router1 password abc Router2 Username Router1 password abc Username Router2 password abc Applying CHAP now will have the link up. Any comments on this matter would be appreciated. Thanks. Kenneth Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74568t=74568 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 802.3x switch traffic disruption [7:74455] [7:74455]
But you always have to consider caveat lector Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: annlee [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 2:25 PM To: [EMAIL PROTECTED] Subject: Re: 802.3x switch traffic disruption [7:74455] Netgear does have its problems... http://www.dslreports.com/shownews/31774?mode=flat That said, all the inexpensive devices have problems of one sort or another. I think it's a case of getting what you paid for / caveat emptor. For small networks clients, I always try to get them to buy one step higher quality than they wanted to pay for (since if they understood the ramifications, they wouldn't need me). It rarely works though ... which does tend to lead to repeat business... Annlee Priscilla Oppenheimer wrote: It sounds like the Netgear Layer 2 802.3 flow control is buggy. It sounds like you can't turn it off, though, because it's not a managed switch. Should have bought Cisco!? :-) You can turn it off on the workstations, though, and I would somewhat hesitantly recomment that. You might risk other problems by disabling it. Flow control should be negotiated with autonegotiation, but we know how well that works for duplex mode. Nontheless, if it were me, I think I would turn it off on the workstations carefully, as a test to start with. I'd be interested in other people's opinions, but I think flow control at the data-link-layer is risky and unnecessary anyway. No offence to Netgear (really!) but I'm not sure I would trust them to do it right, especially on a low-end switch. So, let's say a switch port has been flow controlled and told not to send any packets for a while. What does it do with the packets? How much buffering can it support? Does it have features to avoid head-of-the-line blocking? Will the flow control on that interface cause problems for other interfaces? TCP already does end-to-end flow control. Of course, not every application uses TCP, but a lot do. I think that's a better way to handle it. And one final comment, if you really need to be flow controlling traffic, perhaps you should just upgrade the bandwidth? Ethernet flow control sounds like a bandaid over a design problem to me What do others think? Do you use 802.3x flow control? Thanks. Priscilla [EMAIL PROTECTED] wrote: I need some expert option on the following matter: I have a Netgear Fast Ethernet Switch FS608 (which does 802.3x Flow control) connected to a DLink 5 port switch (no flow control) Twice this week, the FS608 locked itself causing ALL traffic in the company to be disrupted. The problem was solved by power cycling the switch. All the clients on the FS608 have 3Com network cards that support flow control. Here are my questions: 1) Are there some caviat in running 802.3x I am not aware of? I did extensive research before implementing this and did not find any issues with the implementation of the technology? 2) Is there an issue of running 802.3x on one switch and not on the other? 3) I could turn off the 802.3x feature on all the workstations but I can't turn it off on the FS608. This is NOT a managed switch. Any suggestion on how to troubleshoot this problem? Thank you, Pierre-Alex **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74569t=74455 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PPP Question [7:74568]
The way chap works is one router has to challenge the other for Shared secret. If you look at it this way then you see the solutions If you do not want one router to challenge the other you can delete the Ppp authe chap or you can use ppp authe chap callin where you can say: I will challenge the other just fo incoming calls and if he calls me I will not challenge him.. this way you need his username Bu you do not need your router's username in his database Try it! -Original Message- From: Kenneth [mailto:[EMAIL PROTECTED] Sent: Sunday, August 31, 2003 5:02 AM To: [EMAIL PROTECTED] Subject: PPP Question [7:74568] Hiyah guys, I have a question on PPP CHAP. From the various sources, we just need to declare the remote router's username and have the same password, apply CHAP on the PPP serial interfaces and the link will be up. In my case, it doesn't work. It became a flapping link. I am using a 2500 and 2600 router to run PPP. Instead, I have to configure this: Router1 Username Router2 password abc Username Router1 password abc Router2 Username Router1 password abc Username Router2 password abc Applying CHAP now will have the link up. Any comments on this matter would be appreciated. Thanks. Kenneth **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74571t=74568 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Cisco ICS 7750 experiences [7:74481]
Hello, I will be rolling out IPCC express and the 7750 in early Nov. at our call center (65 agents) and HQ 27 VP exec types. These two sites will be contacted by a PtP T1 just for voice. I am a little worried about call quality; did you get the echo taken care of? Any other tips you can pass on would be great. We have very simple call flow so the IPCC I am not to worried about but the whole project could effect 70% of our revenue (the call center) which equals about 80 million so I am stressed. :( I have decide to have 1 7940 on each desk and media termination points installed on the PCs for the CC agents to use. I feel this gives them the opportunity to use basically the soft phone but not relying on the PC for the sound card. Also not all desk our on the generator so if we lose power everyone will still have a phone. All network equipment will be on the generator. I am hoping by not using the PC sound card some of the voice quality problems will not be an issue. Let me know how it goes. ~Paul~ -Original Message Snip- got it configured pretty quick and, once it was up and I was making calls across my PSTN, the only issues I had were a little echo. Other than that, it is a good system. VERY SCALABLE, yet compact. I like it. Rob Hugo Senior Network Engineer STL Technology Partners --- {This E-mail scanned for viruses by Declude Virus/McAfee} Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74574t=74481 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: PPP Question [7:74568]
This should work. You can be overriding the hostname and the password by using the interface commands: ppp chap hostname ... ppp chap password ... also one more thing that you can be aware: in an outgoing call, if you do not want to send an OUTGOING CHALLENGE you can be using the callin option like: ppp authen chap callin To: Sent: Sunday, August 31, 2003 5:02 AM Subject: PPP Question [7:74568] Hiyah guys, I have a question on PPP CHAP. From the various sources, we just need to declare the remote router's username and have the same password, apply CHAP on the PPP serial interfaces and the link will be up. In my case, it doesn't work. It became a flapping link. I am using a 2500 and 2600 router to run PPP. Instead, I have to configure this: Router1 Username Router2 password abc Username Router1 password abc Router2 Username Router1 password abc Username Router2 password abc Applying CHAP now will have the link up. Any comments on this matter would be appreciated. Thanks. Kenneth **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74572t=74568 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ooking for CCIE practice test. What boson test [7:74274]
Actually, I just purchased CCIE Test #3 by Dennis. I was having a little bit of trouble with the older version so I installed the latest version of the software, 5.10 I think, and everything was fixed. Not only that, but in Dennis's test, he has multimedia tutorials as well. I only saw one of them, How to hack a 2500. Really cool study material. I swear, Boson just keeps getting better and better. If you have the money, about $40 per test, I would highly recommend you get both Bernard and Dennis. :) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74575t=74274 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: 802.1x authentication - minimal requirements? [7:74563]
Use the Doc CD online... it has a wealth of information: http://www.cisco.com/univercd/home/home.htm 2950: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12114ea1/2950scg/sw8021x.htm 3550: http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12114ea1/3550scg/sw8021x.htm Cheers, Jeff Jsnatan ^. Jsnasson wrote in message news:[EMAIL PROTECTED] Hi, Im new to this list(first post, been watching it for a while though) I'm having a hard time trying to find the minimal requirements for 802.1x authentication. Like what version of Cisco Secure ACS do I need (is 3.0 enough?) Are all switches supported (like 3500XL for example) And what would be the minimal iso requirements for the 3500 (if supported) and 2950... Does anyone of you know this? Thanks in Advance - Jsnatan ^sr Jsnasson Net Admin [EMAIL PROTECTED] - **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74576t=74563 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Serial line problem [7:74530]
Hi all, Small problem We got an update today from 128kb to 512kb leased line. We got 2 3640 routers, 1 on each end off the leased line . IOS on first 3640 12.0(13) on second 3640 router 12.0(4). Both routers have a NM-4T module. On first router: All is up, DCD=up DSR=up DTR=up RTS=up CTS=up and Serial3/0 is up. Only problem : line protocol is down. When we check the controller .. sh controller serial 3/0 : M4T: show controller: PAS unit 4, subunit 0, f/w version 1-45, rev ID 0x281, version 3 idb = 0x6100B4F0, ds = 0x6100CDD0, ssb=0x6100D0A0 Clock mux=0x0, ucmd_ctrl=0xC, port_status=0x74 Serial config=0x8, line config=0x200 maxdgram=1608, bufpool=48Kb, 31 particles DCD=up DSR=up DTR=up RTS=up CTS=up line state: up cable type : V.35 DTE cable, received clockrate 246 base0 registers=0x3D80, base1 registers=0x3D802000 mxt_ds=0x6138C950, rx ring entries=40, tx ring entries=128 rxring=0x25F34A0, rxr shadow=0x61010CD4, rx_head=0 txring=0x25F3620, txr shadow=0x61010EE0, tx_head=47, tx_tail=47, tx_count=0 throttled=0, enabled=0 rx_no_eop_err=0, rx_no_stp_err=0, rx_no_eop_stp_err=0 rx_no_buf=0, rx_soft_overrun_err=0, dump_err= 0, bogus=0, mxt_flags=0x0 tx_underrun_err=0, tx_soft_underrun_err=0, tx_limited=1(2) tx_fullring=362444708, tx_started=1033135562 Now when i look at the second router : cable type : V.35 DTE cable, received clockrate 511680 Don't those 2 clockrates have to be the same, 511680 looks good to me for a 512kb line? And does this problem point to the Telco who has a problem with their clockrate ?? Anyone with a clew ? Cause i think that when line protocol is down, that the problems mostly is on the Telco's site. Thnx in advance, JT ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74530t=74530 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Console port now working on 4000 [7:74489]
Does it display anything when you powercycle the router? Does it display the bootup information and then freeze? If it displays the bootup information and then freezes you may have accidentally put 'no exec' under the console port. You would need to break into the router, just like you would if you were resetting the password. -- Bill Lijewski CCIE #8642 Rohit-Sundriyal(CCNA) wrote in message news:[EMAIL PROTECTED] Hi All My Cisco 4000 consol port is not work any idea what whent wrong or how to make it work. Thanks in advance **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74531t=74489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Serial line problem [7:74530]
Jeroen Timmer wrote: Don't those 2 clockrates have to be the same, 511680 looks good to me for a 512kb line? And does this problem point to the Telco who has a problem with their clockrate ?? Yeah, that's what it looks like. Your first router isn't getting a clock from the line. Assuming it was an in-place upgrade (so you didn't toch anything) that looks like a telco problem. If you did swap cables or router ports, you might want to look at those first... Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74532t=74530 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
IS-IS [7:74508]
Is IS-IS tested on the ccie lab exam? Rgds, Akpome. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74535t=74508 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Catalyst 6500 Architecture [7:74460]
The SFM is a piece of junk...and not as useful as you might seem... The new Supervisor 720 has the SFM built-in...which greatly enhances its use.. -Original Message- From: neil K [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 5:31 AM To: [EMAIL PROTECTED] Subject: Catalyst 6500 Architecture [7:74460] Folks, The Catalyst 6500 uses a Shared bus Architecture and to increase the Backplane capacity you have to have Switch fabric module (SFM) with fabric Enabled modules to make it work. Is there a vendor which has a better architecture or a better solution. Thanks, neil K. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74534t=74460 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: TCP/UDP port for CHAP [7:74480]
CHAP authentication does not use a TCP/UDP port. CHAP is handled in the PPP protocol between the client and the router. The router may use some other type of authentication (RADIUS, TACACS+, etc) to authenticate the user to some outside security server, but the CHAP communications is carried over the PPP connection... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Thomas N [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 5:31 AM To: [EMAIL PROTECTED] Subject: TCP/UDP port for CHAP [7:74480] I got SOHO sites with PPPoE connection to the Internet. They use CHAP for authentication. I would like to setup an ACL to filter out traffic on the outside interface. I am wondering what TCP/UDP port CHAP protocol use? Thanks! Thomas **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74536t=74480 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: 802.3x switch traffic disruption [7:74455]
[EMAIL PROTECTED] wrote: No, I don't think I have a design issue: the network has 7 clients and 1 server so the architecture is very simple. Maybe the architecture is simple. That wasn't my point. My point was that a network design that includes a switch that can't keep up with a client NIC, or vice versa, is a bad design. And that's the only problem that 802.3x Ethernet flow control can fix. My client was complaining of slow speed when opening files. How would 802.3x flow control help with slow speed when accessing files? It tells the other side to Pause. It could slow things down. I guess maybe in a good implementation, where the paused device has enough buffers, doesn't have head-of-the-line blocking problems, doesn't have bugs, etc, it could help, but many experts would agree with me that flow control is usually better handled by upper layers. TCP does a great job with it, for example. Also, you're the one that suspected flow control was the problem. You brought it up. What made you suspect it in the first place? Have you tried turning it off? I would trust your instincts on this and try disabling it and see if it helps the Netgear not to freeze. You asked if a sniffer would help in another message. I don't think a lot of sniffers can decode the Pause message. Also, they may not be able to explain why a device crashes. Looking at statistics would help with that, but you can't because it's an unmanaged device. A sniffer might help you figure out why file access is slow, though. Watch the access and the delay between packets. Do you see TCP ACKs quickly but don't see the application-layer reply quickly? That's pretty common and points to a server problem, not a problem with the network or internetworking devices in the network. If the ACK can get through, the network is fine. Or, possibly you see TCP ACKs, but the next packet from the client is delayed. That points to a client problem. Or maybe the client uses a small window size, etc. That kind of stuff you can see with an analyzer. Actually is it still slow since you did all those upgrades you mention below? It shouldn't be... I see below that you replaced the Netgear temporarily with Cisco. That's a good idea. :-) But seriously, the Netgear should work. The basic jobs of a Layer 2 switch, especially in an architecture as simple as what you have, shouldn't be hard to implement. It should just work. Disabling risky features like 802.3x sounds like a good test, though. Also, search the net for other causes of Netgear switches freezing? Does anyone on this list successfully use 802.3x? It would be nice to hear from someone how acutally uses it. Good luck with it. Please keep up posted on what you find out. Thanks. Priscilla Oppenheimer My approach was to optimize at every layer possible. Choosing 802.3x feature was just one thing among others I did to speed up file access. 1) I moved them from a bus architecture, to a switched architecture, replacing all the coax cabling with twisted pair. 2) When I replaced the NICs I went for NIC that could do flow control and chose a brand name switch that supported the same feature. (Yes I should have chosen Cisco for the Switch, but how do you convince you client to pay more for something that appears to do the same thing?). 3) I replaced the OS on the clients (Windows Millennium) with Windows XP professional. Optimized the page file (and removed it from the system/boot partition). Disabled unnecessary services. 4) On the server side, I used SCSI hard disks and the fastest SCSI controller I could find on the market. Optimized the server to death. 5) I did not mess-up with modifying TCP Window parameters because I thought that was not necessary. The speed increase is visible, but with the network freezing up twice this week, all my work has taken a serious credibility hit. I have replaced their Switch with one of my personal Cisco switches after the second incident. My plan is to leave the switch ( a Cisco 2924XL) there for a week or two so I can monitor network activity and gather statistics . Then I don't know... The switch belongs to my CCIE rack so I will either have to sell it to them or buy them another inexpensive switch. :) - Original Message - From: annlee To: Sent: Friday, August 29, 2003 7:24 PM Subject: Re: 802.3x switch traffic disruption [7:74455] Netgear does have its problems... http://www.dslreports.com/shownews/31774?mode=flat That said, all the inexpensive devices have problems of one sort or another. I think it's a case of getting what you paid for / caveat emptor. For small networks clients, I always try to get them to buy one step higher quality than they wanted to pay for (since if they understood the ramifications, they wouldn't need me). It rarely works though ... which does tend to lead to repeat business... Annlee Priscilla Oppenheimer wrote: It sounds like
RE: Erasing IOS from FLash [7:74459]
Go ahead issue command squeez should delete all files in flashremember whenever you delete a file you must issue squeez too or else the router gives you another chance see if you really want to do that.Just a safety catch I guess... Thank you Ollie ATT Common Backbone 866-397-7309 Opt 1 -Original Message- From: Curious [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 4:31 AM To: [EMAIL PROTECTED] Subject: Erasing IOS from FLash [7:74459] Hi I have 3 IOS images on my Cisco 2600 Router. 1 5742076 c2600-d-mz.121-5.t9.bin [deleted] 2 10574412 c2600-ds-mz.122-7.bin 3 7411544 c2600-i-mz.123-1a.bin I want to delete 2 of them. I issued the command delete flash:c2600-d-mz.121-5.t9.bin , after that i can see word deleted appearing in front of this IOS but i can still see its in the flash. I rebooted the router but it is still here. I want to keep c2600-ds-mz.122-7.bin thanks, -- Curious **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74537t=74459 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
SOS:Load Balance with CSS 11500 [7:74538]
Hi, I am sorry for such long E-mail, but I have to figure out this for work and don't know anyone to ask. While searching Internet found this forum. I am a CCNA and have been working with routers and switches for over 4 years, but recently at work was introduced to Cisco load Balancing switch 11500. This is a situation where I don't really have time to learn ..just need to do it. I hope, someone in this list can help me to figure this out. Here is the scenario: Client sends a request to the web server ( public url) , web server has two other servers ( with the application running) that he sends the requests to. The task is to make the CSS balance load these two app. server , but when the request comes to one server make it stay there until the session is over. The Cisco consultant was hired previously to help with the configuration. He configured web service and the apps service. Two application servers that need to be load balanced are parts of the apps service. He used arrow-point advanced load method.. here is how it specified in the content rule for the apps service. Ex: Owner Boston Content APPS VIP address x.x.x.xfor the apps servers belongs to web server's subnet. Protocol TCP Port 80 URL /* Advanced-balance arrowpoint-cookies Active The initial request comes from client to the web server and web server passes the request to CSS ( that how this Internet application works). CSS needs to load balance request between two application servers to process the request. The persistent part works o'k. When the request comes from the web server to CSS it returns the Arrowpoint cookie to one of the application servers and stays there until the session is over. No problem,, should be that way... The problem is that the next brand new request comes to the same server, and then next new request again to the same server... Then randomly, next time it can go to the other server and all the new connections again to that server... So it's not really load balancing between two servers What needs to be added?I wasn't present when this consultant was doing final testing and I was told that it worked. Now, it doesn't. Show configs are the same with what he put in... What can I check ? Why it's not doing balancing ... At first I thought that it should come from different clients, but it really doesn't matter as all requests come to web server first and them should go to different app servers from the same web server. So during this testing , I was initiating requests from the web server itself. I really need help... I need to present a solution after labor day weekend... Thank you in advance if anyone can help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74538t=74538 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
PPTP win98 to PIX not working [7:74521]
Hello all. I have a problem with pptp to pix. Client has win98 machines on their network, all behind a DSL router. They connect via MS PPTP to my PIX box. The connection is fine, without errors. Problem is, they cannot do anything on my network. If they disconnect from their network, dial up to Internet, they connect fine and can do everything they should be expected to do. Windows 2000 and up machines seem to work fine, though. I am more than a little stumped. Below, please find a brief setup: client (192.168.0.x) - DSL Router - Internet - DSL Router - PIX )with live IP address on outside interface) (VPN Pool is 172.16.0.x) - Internal Network (10.1.1.x). vpdn group klr accept dialin pptp vpdn group klr ppp authentication pap vpdn group klr ppp authentication chap vpdn group klr ppp authentication mschap vpdn group klr client configuration address local klrpool vpdn group klr pptp echo 60 vpdn group klr client authentication local vpdn username some-name password some-password vpdn enable outside Any help would be muchly appreciated! Thanks! Michael Barnhart **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74541t=74521 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Flash [7:74491]
First you need to upgrade all of the 2500s 16/16 for 12.2 by that flash/DRAM...check for flash/Dram on E.bay good deals.. Thank you Ollie ATT Common Backbone 866-397-7309 Opt 1 -Original Message- From: PPC-DAT Ep-Ng-Ist [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 5:29 AM To: [EMAIL PROTECTED] Subject: Flash [7:74491] We want to set up lab with 2500s but the flash size is 8M and 4M read-only and we want to load 12.2 IOS.Does anyone have an idea on how we should go about it ? Rgds, Akpome **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74540t=74491 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Flash [7:74491]
You have to upgrade the 2500's to 16MB Memory and 16MB Flash to put 12.2 IOS on them. However, to do this you need to make sure the Boot ROM version in each router is at least 10.2(8a). Do a show version on the router to see what version the Boot ROM is. You can buy memory and flash on many of the auction sites. There are also many Cisco retailers that sell memory and flash and are part of this group. They may be contacting you! Shawn K. -Original Message- From: PPC-DAT Ep-Ng-Ist [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2003 6:29 AM To: [EMAIL PROTECTED] Subject: Flash [7:74491] We want to set up lab with 2500s but the flash size is 8M and 4M read-only and we want to load 12.2 IOS.Does anyone have an idea on how we should go about it ? Rgds, Akpome **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74539t=74491 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
IBGP and syn [7:74542]
Hi, I am getting ready to take my lab on my own. I have a practice lab I wanted to know what is the alternate to using the no sync command for ibgp to propagate in igp. My routes are showing up but they are not the best routes. Thanks Sincerely, Kiaser A Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74542t=74542 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Console port now working on 4000 [7:74489]
I Cannot even Access it after a restart. no display at all William Lijewski wrote in message news:[EMAIL PROTECTED] Does it display anything when you powercycle the router? Does it display the bootup information and then freeze? If it displays the bootup information and then freezes you may have accidentally put 'no exec' under the console port. You would need to break into the router, just like you would if you were resetting the password. -- Bill Lijewski CCIE #8642 Rohit-Sundriyal(CCNA) wrote in message news:[EMAIL PROTECTED] Hi All My Cisco 4000 consol port is not work any idea what whent wrong or how to make it work. Thanks in advance **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74544t=74489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IBGP and syn [7:74542]
have a full mesh network -Nakul kaiser anwar wrote in message news:[EMAIL PROTECTED] Hi, I am getting ready to take my lab on my own. I have a practice lab I wanted to know what is the alternate to using the no sync command for ibgp to propagate in igp. My routes are showing up but they are not the best routes. Thanks Sincerely, Kiaser A **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74545t=74542 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IBGP and syn [7:74542]
Hi Nakul, What I have is Three routers A - B - C B is a route-reflector A and C are clients b has neigbhor statements for A and C. but A and C has only one neigbhor towards B which is a route reflector. A is advertising a netwrok. which is showing up best route in A but shows up on B but not as best route. My igp is ospf also knows about the network.I am noy using no sync command. If I do everything is fine. Thanks for your help. Sincerely, Kaiser Anwar Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74552t=74542 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IBGP and syn [7:74542]
kaiser anwar wrote in message news:[EMAIL PROTECTED] Hi Nakul, What I have is Three routers A - B - C B is a route-reflector A and C are clients b has neigbhor statements for A and C. but A and C has only one neigbhor towards B which is a route reflector. A is advertising a netwrok. which is showing up best route in A but shows up on B but not as best route. My igp is ospf also knows about the network.I am noy using no sync command. If I do everything is fine. Thanks for your help. you may need to revise your thinking about this. from your description, it appears that you are looking at routing tables and seeing the results as indicated there. is this correct? on the OSPF side of things, are all three routers interconnected ( full mesh ) ? how are your BGP routes getting into the BGP tables? redistribution? I'm assuming your BGP tables do not contain all the routes that your OSPF database contain. what is the admin distance of iBGP? OSPF? if two identical routes are received by a router, what are the rules regarding which goes into the routing table? then ask yourself - what is the purpose of the no synch command? what does it accomplish? your ability to success in your CCIE lab will hinge more on your ability to spot issues like these as you read your lab assignment and draw your working diagram than it will on just configuring things. Take it from me, the lab is no place to be trying things :- this problem you pose is a good example. understanding the implications of sync and no synch going in can save you some grief and maybe even get you a few points. Sincerely, Kaiser Anwar **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74555t=74542 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Console port now working on 4000 [7:74489]
Hi, if you are using Hypertrm make sure its using the default Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74554t=74489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IS-IS [7:74508]
If you have not takes the CCIE R/S written you might want to study up on IS-IS (and of course IS_NT-IS_NT ) PPC-DAT Ep-Ng-Ist wrote in message news:[EMAIL PROTECTED] Is IS-IS tested on the ccie lab exam? Rgds, Akpome. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74553t=74508 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IBGP and syn [7:74542]
Thanks for your reply. I know exactly what you are saying about the lab. when I do sh ip bgp for any network. Origin incomplete, metric 0, localpref 100, valid, internal, not synchronized when it says not synchronized. thats when the whole issue starts it does not matter how the network is injected into bgp whether it is the net command or route-map or redistribution. If you are not using no sync commnad under bgp.it will be advertised to Internal peer but it will show up as not best route. and when you issue an sh ip bgp for that route its says not synchronised. On the other hand if you use the no sync command it works fine. Thanks in advance. Sincerely, Kaiser A Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74557t=74542 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Console port now working on 4000 [7:74489]
I see what you are describing about one router every six months. I am assuming the power supply is on. I would recommend you open an TAC case RMA the router. The two biggest problems Cisco has with the 4000 router chassis are 1] memory stops working because of the seats where the memory fit into the motherboard give out 2] the problem you are describing. Richard // Rohit-Sundriyal(CCNA) wrote in message news:[EMAIL PROTECTED] I Cannot even Access it after a restart. no display at all William Lijewski wrote in message news:[EMAIL PROTECTED] Does it display anything when you powercycle the router? Does it display the bootup information and then freeze? If it displays the bootup information and then freezes you may have accidentally put 'no exec' under the console port. You would need to break into the router, just like you would if you were resetting the password. -- Bill Lijewski CCIE #8642 Rohit-Sundriyal(CCNA) wrote in message news:[EMAIL PROTECTED] Hi All My Cisco 4000 consol port is not work any idea what whent wrong or how to make it work. Thanks in advance **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74558t=74489 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
VACL, ACL or ???? [7:74559]
I have a question regarding L3 switches and security If I have for example an catalyst 3550 swithc with 30 vlans, and donĀ“t want traffif flowing from vlan to vlan, I just want to allow traffic from the vlans to go to a special server vlan, and then the internet, but there are also some groups of vlans that are allowd to send traffic to each other. what is the best way to do this ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74559t=74559 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Quick clarifications [7:74560]
Hi, I found the following lines at one of the website givings tips for preparing for CCIE written In CCIE written exam the multiple choices questions are of 2 types - Select the best answer or Select all the right answers (They do not explicitly tell you how many are correct) I am particularly interested to know how genuine is the statement they don't explicitily tell you how many are correct TIA, PK Petr Jambor wrote:Hi, I noticed the same behavior with EIGRP and ISIS. The explanation I made is that the router is right. Indeed, the directly connected route is not learned by ISIS (because it is directly connected :-)). This is always a question, if to redistribute directly connected subnets or to include the ISIS interface also under OSPF and make it passive. In the latter case, no redistribution is necessary, but there are other issues... that must be resolved bu manipulating the distance of some networks. As a conclusion, I prefer redistributing connected subnets. Am I right? Mojza Jason Viera wrote: I have searched high and low for an explanation as to why I occasionally have problems when redistributing, if I don't use a redistribute connected statement and try to use the IGP to advertise a connected network. Hopefully I don't confuse anyone or myself, but here is the issue I ran into yesterday. This is a small part of the topology where I was having the issue. OSPF OSPF R1-R2 ISIS ISIS So basically I have two routers that I have both OSPF and ISIS running on, after completing my mutual redistribution I noticed that the OSPF database did not contain a Type 5 LSA for the physical interface that is connected to the ISIS domain(on R1 and R2), I falsely assumed that by mutually redistributing I would have no problem passing that network into the OSPF domain, but it didn't work. So I used the redistribute connected with a route map on both routers and I then had the route. I have seen this before, but am perplexed by the fact that I don't understand why the initial redistribution didn't work in this case. Please enlighten me! Thanks, Jason **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Win TVs, Bikes, DVD players and more!Click onYahoo! India Promos Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74560t=74560 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: IBGP and syn [7:74542]
What do 'show ip route ' and 'show ip bgp ' show? Thanks, Zsombor kaiser anwar wrote: Hi, I am getting ready to take my lab on my own. I have a practice lab I wanted to know what is the alternate to using the no sync command for ibgp to propagate in igp. My routes are showing up but they are not the best routes. Thanks Sincerely, Kiaser A Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74561t=74542 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: IDS Sensors [7:74442]
Lupi, Guy wrote in message ... I am not a security specialist, so please bear with me if this is what every IDS device does. I am looking for advice/opinions on a device that can accomplish the following, I was looking at the Cisco 4250 XL IDS sensor. Inspect over 400 Mbps of traffic from at least 4,000 IP subnets. I think I have said the following on this list several times in the past: There are only two types of packet capture devices (sniffer, IDS, etc): 1) free Unix-based 2) commercial Unix-based In category 1) you have tcpdump, tcptrace, ethereal, snort In category 2) you have Nisksun NetVCR for layers 2-4 performance, security, etc and Unispeed Netlogger for layers 5-7 security, cybergeography, data warehouse, etc Use NetVCR if you want IP/UDP/TCP stats and use Netlogger for HTTP. Identify old worms and viruses, be updated to recognize new ones and generate alarms. Must be configurable so that custom packet combinations and IP's that exceed a certain packets per second threshold can be defined and generate alarms. Use Snort. -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74451t=74442 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
CCNA two step--exam reviews [7:74465]
Are you preparing to take the new CCNA exams 640-821 (INTRO) and 640-811(ICND)? I offer my exam reviews to help you along the way. http://www.tcpmag.com/Exams/article.asp?EditorialsID=79 http://www.tcpmag.com/Exams/article.asp?EditorialsID=80 Good luck! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74465t=74465 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Catalyst 6500 Architecture [7:74460]
Folks, The Catalyst 6500 uses a Shared bus Architecture and to increase the Backplane capacity you have to have Switch fabric module (SFM) with fabric Enabled modules to make it work. Is there a vendor which has a better architecture or a better solution. Thanks, neil K. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74460t=74460 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
TCP/UDP port for CHAP [7:74480]
I got SOHO sites with PPPoE connection to the Internet. They use CHAP for authentication. I would like to setup an ACL to filter out traffic on the outside interface. I am wondering what TCP/UDP port CHAP protocol use? Thanks! Thomas Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74480t=74480 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
802.3x switch traffic disruption [7:74455]
I need some expert option on the following matter: I have a Netgear Fast Ethernet Switch FS608 (which does 802.3x Flow control) connected to a DLink 5 port switch (no flow control) Twice this week, the FS608 locked itself causing ALL traffic in the company to be disrupted. The problem was solved by power cycling the switch. All the clients on the FS608 have 3Com network cards that support flow control. Here are my questions: 1) Are there some caviat in running 802.3x I am not aware of? I did extensive research before implementing this and did not find any issues with the implementation of the technology? 2) Is there an issue of running 802.3x on one switch and not on the other? 3) I could turn off the 802.3x feature on all the workstations but I can't turn it off on the FS608. This is NOT a managed switch. Any suggestion on how to troubleshoot this problem? Thank you, Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74455t=74455 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html