RE: term no mon command [7:33658]

[Baety Wayne A1C 18 CS/SCBX]

There are 4 places logging information is sent; via the monitor, the
console, SNMP, and a buffer.  Each logging destination can be likened to 4
different views.  In each view you can control the amount or severity of the
logging information (debug, informational, notification, warn, errors,
alerts, critical, emergencies).  When you enable a view to have a certain
logging level, it enables all higher logging level messages as well to be
outputted to the view.

  When you plug a terminal into the console port with an async cable this is
called the console view (line con 0).  The command 'logging console '
controls the severity of logging information sent to the console.  You can
totally disable all logging to the console with the command 'no logging
console'.

  When you telnet to an active interface on the router this is called the
monitor view (line vty 0 4 and line aux 0).  The command 'logging monitor
' controls the severity of logging information sent to the monitor.  By
default, you need to type 'terminal monitor' to actually activate this view
when you telnet. You can totally disable all logging to the monitor with the
command 'no logging monitor'.

  When you configure the router to output logging information to a syslog
server with 'logging ' this is called the buffered view.  The
command 'logging trap ' controls the severity of logging information sent
to the buffer. You can totally disable all logging to the console with the
command 'no logging trap'.

  When you configure the router to output logging information to a SNMP
network management station with 'snmp-server host  '
this is called the SNMP view.  The command 'logging history ' controls
the severity of logging information sent via SNMP.  You can totally disable
all logging via SNMP with the command 'no logging history '.  Note: For
the SNMP view you must explicitly disallow the logging severity level.

  If you need more information on the use of all of the logging levels and
what information is actually printed at each level take a look at the
troubleshooting commands guide 

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/fun_r
/frprt3/frtroubl.htm

(watch the line wrap)

Good Luck!

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


 -Original Message-
 From: Stuart Laubstein [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, January 30, 2002 5:12 PM
 To: [EMAIL PROTECTED]
 Subject: term no mon command [7:33658]
 
 I have a 3620 and I have to work on the console port but I am swamped with
 messages every few seconds as people try to log in via the pri. I used the
 term no mon command but it doesnt work--I still get connect messages etc.
 Does anyone have an idea where these message come from and how I can shut
 them off. We are using 12.0(7) XK1 Early Deployment release.
 
 thanks
 
 stuart




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33672t=33658
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RE: Transport Input Telnet and Terminal Servers [7:33511]

[Baety Wayne A1C 18 CS/SCBX]

On Cisco routers, the asynchronous ports by default are set to send traffic
with the TxD (transmit data) pin when activated by a protocol.  As soon as
input is received on the RxD (receive data) pin, the router engages an Exec
process.  I only said this to get a point of reference going.  This is the
natural forward direction of communication flow.  It's more useful to think
of this process by assuming the Cisco router is set up only to receive
traffic and then engaging an exec process to handle the traffic.

The reverse direction is to INITIATE communication by binding the
asynchronous ports to some sort of transport protocol.  This 'transport
protocol' could be any communication capable protocol. Instead of waiting
for an exec process starting because traffic was received on the RxD pins,
the router is set up to activate an exec process as soon as a transport
protocol is initiated by a user.

In the case of the tcp transport protocol the router is set up to initiate
communication whenever a tcp socket (tcp port 2000 + line number for telnet
in Ascii mode) is established from any active IP address on the router.  It
would bring up the async line and send what ever data tcp sends over the
async line.  Telnet is a method as well as an application that manages the
tcp protocol stream from the user perspective.  It resides totally within
the data portion of a tcp segment.  Telnet is active on a tcp stream
whenever you use the telnet application or any application that communicates
with such a protocol. Take a look at RFC 854-856 for a more involved study
of telnet.


WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


 -Original Message-
 From: John Neiberger [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, January 30, 2002 6:15 AM
 To: [EMAIL PROTECTED]
 Subject: RE: RE: Transport Input Telnet and Terminal Servers [7:33511]
 
 That makes sense except for the fact that the telnet protocol
 is *not* running on the console link!  It's called reverse
 telnet but that doesn't describe the protocol that is actually
 on the link itself.  That's why it's curious to me why I would
 have to permit telnet for it to work.
 
 I blame you for getting me on this thread in the first
 place!  :-)  But I'd really like to find an answer.
 
  On Tue, 29 Jan 2002, Ouellette, Tim
 ([EMAIL PROTECTED]) wrote:
 
  Are you still going on about this *grin*
 
  Sure feels weird being call the someone in your earlier
 comment of I
  was
  in a discussion with someone this weekend regarding terminal
 server
  configuration.   Hehhehe. The conclusion I came up with is as
  followings.
  Let's say your on a router and you ping your ethernet
 interface.  The
  pings
  actually goes out on the wire and loops back to test your own
 interface
  (obviously loopbacks are different).  But I would think that
 in the
  concept
  of a telnet, the reverse telnet goes out on the wire to the
 far end and
  then
  loops back establishing a connection?  Also, as an FYI, when
 a do a
  transport input all on my terminal server, it
 substitues transport
  input
  LAT MOP TELNET blah blah for me.  So the telnet is actually
 a subset of
  the
  ALL parameter.?
 
  Did that make any sense or do I need more coffee?
 
  Tim
 
  -Original Message-
  From: John Neiberger [mailto:[EMAIL PROTECTED]]
  Sent: Monday, January 28, 2002 9:59 PM
  To: [EMAIL PROTECTED]
  Subject: Re: RE: Transport Input Telnet and Terminal Servers
 [7:33511]
 
 
  I think, as is often the case, I wasn't clear enough.  Let me
  try to restate the issue another way.
 
  When you connect a terminal server to a console port, the
  telnet protocol is not operating on that link.  That link is
 a
  simple async serial terminal session.  Because of that, I
 don't
  understand why transport input telnet works:  the input is
  *not* telnet, it's async serial!
 
  If you telnet to a terminal server and from there do a
 reverse
  telnet to a device, your actual telnet session--and I'm being
  very specific here--stops at the terminal server.  The
 protocol
  being carried on the async line is *not* telnet.
 
  Does that make more sense?  Okay, back to the coffee for me...
 
  Thanks,
  John
 
   On Mon, 28 Jan 2002, Daniel Cotts
  ([EMAIL PROTECTED]) wrote:
 
   all works because telnet is a subset of all - it is
  included without
   being specifically named. Do a show line to determine the
  mapping of
   line
   numbers to ports - then do a show line 1 or whatever.
 Lots
  more
   output!
   Look on the line that starts Allowed transports
   We are used to configuring terminal servers with ip host
  mapping a name
   to
   an ip and port. A more bare bones implementation would have
  us telnet
   2002
   or whatever port we wished to reach. Try that.
  
-Original Message-
From: John Neiberger
 [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 28, 2002 4:28 PM
To: [EMAIL PROTECTED]
Subject: Transport Input Telnet and Terminal Servers
  [7:33511]
 

RE: Totally OT : Was there a man on the moon ? [7:33465]

[Baety Wayne A1C 18 CS/SCBX]

Because there aren't any stories of balls hitting airplanes in China.

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


 -Original Message-
 From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 29, 2002 5:21 AM
 To: [EMAIL PROTECTED]
 Subject: RE: Totally OT : Was there a man on the moon ? [7:33465]
 
 How about this one:
 
 My theory is that there is no gravity. Everything is growing with the same
 speed. You can't see it or meassure it, because everything, even your
 ruler,
 is growing with the same speed. The light speed is also growing, so the
 speed of light is actually getting faster, but you don't know it.
 
 When you drop a ball and it hits the floor and bounces back up, it's
 actually keeping its position, but the earth and everything on it and
 around
 it are growing, so the floor is actually hitting the ball and not the
 other
 way around.
 
 Prove me wrong :-)
 
 Ole
 
 ~~~
  Ole Drews Jensen
  Systems Network Manager
  CCNP, MCSE, MCP+I
  RWR Enterprises, Inc.
  [EMAIL PROTECTED]
 ~~~
  http://www.RouterChief.com
 ~~~
  NEED A JOB ???
  http://www.oledrews.com/job
 ~~~
 
 
 -Original Message-
 From: Steven A. Ridder [mailto:[EMAIL PROTECTED]]
 Sent: Monday, January 28, 2002 1:45 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Totally OT : Was there a man on the moon ? [7:33465]
 
 
 Tell your friends it called faith.  It's a belief in something without
 being
 able to prove or disprove it.  And if they don't believe it, then that's
 their prerogative.  (Although, with the correct amount of cash, you can
 get
 there and see for yourself, unlike proving the existence of a greater
 being/deity).  Ole Drews Jensen is right, why do they even believe the
 moon
 exists.  Or that the earth is round or that we revolve around the sun and
 not vice-versa.
 
 The best bet in getting a telescope to see the stuff on the moon is to get
 a
 satellite to orbit the moon, like the ones we have in orbit in earth that
 can take 1 m pictures.  It's do-able and reasonably cheap in term of space
 exploration.
 
 sam sneed  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Or are you really someone that didn't believe the hippy down the steet
 when
  he told you not to mix acid with the mushrooms he sold you
 
  Ole Drews Jensen  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Is the moon really there, or is it an optical illusion created by
 former
   pyramid residents now living on the planet Fryslak waiting to
 transmogrify
   our world into a big bowl of risepudding?
  
   Am I really here, or am I a lonely router misconfigured with an A.I.
  image?
  
   Ole
  
   ~~~
Ole Drews Jensen
Systems Network Manager
CCNP, MCSE, MCP+I
RWR Enterprises, Inc.
[EMAIL PROTECTED]
   ~~~
http://www.RouterChief.com
   ~~~
NEED A JOB ???
http://www.oledrews.com/job
   ~~~
  
  
   -Original Message-
   From: Patrick Ramsey [mailto:[EMAIL PROTECTED]]
   Sent: Monday, January 28, 2002 1:09 PM
   To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
   Subject: RE: Totally OT : Was there a man on the moon ? [7:33465]
  
  
   Is the flag really there.
  
   hhh Inquiring minds want to know!
  
Ole Drews Jensen  01/28/02 01:45PM 
   Just a thought...
  
   If they did not land on the moon - who placed the american flag there?
  
   Ole
  
   ~~~
Ole Drews Jensen
Systems Network Manager
CCNP, MCSE, MCP+I
RWR Enterprises, Inc.
[EMAIL PROTECTED]
   ~~~
http://www.RouterChief.com
   ~~~
NEED A JOB ???
http://www.oledrews.com/job
   ~~~
  
  
   -Original Message-
   From: Phil Barker [mailto:[EMAIL PROTECTED]]
   Sent: Monday, January 28, 2002 12:15 PM
   To: [EMAIL PROTECTED]
   Subject: Totally OT : Was there a man on the moon ? [7:33465]
  
  
   Sorry for this waste of b/w but I have two discening
   friends who keep insisting that man never went to the
   moon, instead it was a big stage act. The shadows are
   in the wrong place blah, blah, blah. Unfortunately
   they cannot expand on the shadow theory since they
   don't understand it themselves. They just Want to
   believe in an American etc conspiracy. G.
  
   My initial defence that Man has landed on the moon was
   based on the fact that Russia didn't make any
   complaints which I'm sure they would have done. This
   has been unfortunately dismissed by the same argument
   i.e propaganda, America etc would not allow the
   reporting of such info-.
  
   Okay, now I need Physics to help.
   My hunch is that the radio signal of the 

RE: Fefault route for eigrp? [7:31592]

[Baety Wayne A1C 18 CS/SCBX]

EIGRP understands ip default-network, in fact it's the basis of a very
important function in the configuration of EIGRP: default route filtering.

'ip default-network' is a classful command.  If you use it with prefixes
longer than a classful boundary, you must have the prefix as well as the
classful boundary of the prefix known in the topology table of the routing
protocol in question.  You must then also configure the class boundary with
the 'ip default-network' along with the more specific prefix you really mean
to advertise as the default network.  

Just because a route is in the routing table, doesn't mean its in the
routing protocol topology table.  This is why a static to 0.0.0.0 must be
redistributed into EIGRP in someway, in order to use 'ip default-network
0.0.0.0'. To EIGRP, a route to 0.0.0.0 looks like any other class A network.
Which brings me to another point... Do you really want a default network to
0.0.0.0 floating around your EIGRP domain.  The default-network command is
an enhancement to default routing allowing you to flag any network, not just
0.0.0.0 as a default.  Reconsider your network topology and take a look at
http://www.cisco.com/warp/public/105/default.html 

You could have just put ip default-network 'network of serial interface' and
a default route would have went all through your EIGRP routing domain. 
(Except routers configured to filter the route from being a default. See
'default-information in/out/allowed' under the 'router eigrp ')

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


 -Original Message-
 From: Cisco Nuts [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 11, 2002 10:39 AM
 To: [EMAIL PROTECTED]
 Subject: RE: Fefault route for eigrp? [7:31592]
 
 You are absolutely right, my friend. I bumped into this tech-note from cco
 and it says the same..I tried it and found out that this is the only way
 for
 EIGRP to work!! Very strange!! I have BGP running on the router along with
 EIGRP and also a default route of 0.0.0.0 pointing to my outbound serial.
 Then after redistributing this static under eigrp, all other routers
 inside
 my network can get to outside networks learned via BGP..I wonder why IGRP
 understands the ip default route but not EIGRP...Anyone has any ideas on
 this??
 Thank you for your help. :-)
 
 From: s vermill
 Reply-To: s vermill
 To: [EMAIL PROTECTED]
 Subject: RE: Fefault route for eigrp? [7:31592]
 Date: Thu, 10 Jan 2002 19:37:07 -0500
 
 EIGRP behaves a little differently than all of the other protocols.  You
 first have to define a static 'ip route 0.0.0.0 0.0.0.0 x.x.x.x' and then
 add a 'network 0.0.0.0' to your EIGRP config.  I think you have to
 'redistribute static' as well.  It will not propogate a default as a
 result
 of the 'default-network' command.
 
 Regards
 _
 Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31622t=31592
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DHCP coonection on Cisco Router [7:31559]

[Baety Wayne A1C 18 CS/SCBX]

Also make sure you get IOS 12.1+.  client side DHCP (i.e. 'ip address dhcp')
isn't supported until then.  It's only part of Easy IP Phase 2

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


 -Original Message-
 From: Jim Bond [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 11, 2002 4:20 AM
 To: [EMAIL PROTECTED]
 Subject: Re: DHCP coonection on Cisco Router [7:31559]
 
 Regarding your secondary IP, if you use NAT, this will
 not work because you can't put both ip nat inside
 and ip nat outside under 1 ethernet interface.
 
 A cheaper router will be a 1605, I guess.
 
 Jim
 
 --- Steven A. Ridder
 wrote:
  2514 supports 2 eth ints.
 
  or you may be able to get two cheap 2501's and
  string them together via
  serial.
 
  I've always wanted to try secondary addressing on 1
  interface.  The main
  would get it's IP via DHCP, and the secondary
  address would be the private
  IP.  Always wanted to know if this would work.
 
  --
  RFC 1149 Compliant.
 
 
  FAQ, list archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html
  Report misconduct and Nondisclosure violations to
 [EMAIL PROTECTED]
 
 
 __
 Do You Yahoo!?
 Send FREE video emails in Yahoo! Mail!
 http://promo.yahoo.com/videomail/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31623t=31559
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Frame relay map 0.0.0.0 question, please help! CCIE lab is [7:31624]

[Baety Wayne A1C 18 CS/SCBX]

Use frame-relay map statements on B and C pointing to each other but using
the same DLCI as set to router A. If you want the router to bind
multicasts/broadcast addresses to the DLCI circuit don't forget the
'broadcast' keyword (a common mistake) otherwise OSPF will not be able to
encapsulate and send it's hello packets preventing adjacency.

You can use inverse arp ('frame-relay interface-dlci x') for the connections
to A (inverse-arp is inherently point to point). However, you must use
'frame-relay map' statements for the connections from B to C and C to B.
Mixing inverse-arp and manual map statements is ok as long as you completely
understand the issues involved.

  A
  102 | 103
 / \
201 / X \ 301
   B --/-\-- C
  
Router B
Interface s0
Ip address 1.1.1.2 255.255.255.248
Frame-relay interface-dlci 201
Frame-relay map ip 1.1.1.3 201 broadcast

Router C
Interface s0
Ip address 1.1.1.3 255.255.255.248
Frame-relay interface-dlci 301
Frame-relay map ip 1.1.1.2 301 broadcast

Router A
Interface s0
Ip address 1.1.1.1 255.255.255.248
Frame-relay interface-dlci 102
Frame-relay interface-dlci 103

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer

P.S. Don't laugh at my graphic ;)


 -Original Message-
 From: EA Louie [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 11, 2002 4:12 AM
 To: [EMAIL PROTECTED]
 Subject: Re: Frame relay map 0.0.0.0 question, please help! CCIE lab is
 [7:31575]
 
  Did you change the Hub router's ospf priority so It will become DR?  And
  change The spoke routers' ospf priority to 0 so it will never attempt to
  become DR or bdr?
 
 
 And also, if you have NOT issued the command clear frame inarp (12.1 and
 above) or clear frame-inarp (12.0 and below), the map statements will
 remain
 until you reload the routers.  That will need to be done on router B and
 router C.  Routers B and C do not form adjacencies with each other in this
 topology *unless* you make use of the full mesh, which you've been
 instructed *not* to do.  They both form adjacencies with Router A.  That's
 why you add a map statement to each Router B and Router C to point them to
 each other via their respective DLCI's to Router A, unless you're
 explicitly
 told not to do that.  (Which is whole different can of worms)
 
 My strategy is shut off inverse arp, clear frame inarp, get the map
 statements into the config, write the config, and reload.
 
 You may wish to reschedule your Feb lab date if you're at this point with
 OSPF and frame relay a month or so away from your lab.  It only gets more
 complex than this, and this concept, while not elementary, is 'core' to
 your
 success in the lab exam.
 
  -Original Message-
  From: Wilson, Christian [mailto:[EMAIL PROTECTED]]
  Sent: Thursday, January 10, 2002 12:23 PM
  To: [EMAIL PROTECTED]
  Subject: Frame relay map 0.0.0.0 question, please help! CCIE lab is Feb
  [7:31555]
 
 
  I have a frame switch configured for full mesh connectivity over a 3
 node
  frame relay cloud.  Router A and router B cannot use subinterfaces.
 Router
  B and router C can only use thier dlci that connects them to Router A,
 not
  the dlci that connects them to each other.  Because the frame switch is
 set
  up as a full mesh, I have disabled inverse arp on router A, B, and C and
  have used frame relay map commands with the broadcast parameter on each
  router.  I am able to ping every router just fine using router A as a
 hub.
  Then I need to enable ospf between all of them.  I used the neighbor
 x.x.x.x
  command to enable ospf, but the two spoke routers, B and C, only form
 adj
  with router A, they can not form adj with each other.  When I debug ip
 ospf
  adj, I see that routers B and C are sending their poll-intervals? to
  0.0.0.0.  When I issued a sh frame relay map command, I saw the
 following
  entires:
 
  sh fram map
  Serial0/0 (up): ip 0.0.0.0 dlci 503(0x1F7,0x7C70)
broadcast,
CISCO, status defined, inactive
  Serial0/0 (up): ip 0.0.0.0 dlci 502(0x1F6,0x7C60)
broadcast,
CISCO, status defined, inactive
  Serial0/0 (up): ip 140.4.1.2 dlci 503(0x1F7,0x7C70), static,
broadcast,
CISCO, status defined, inactive
  Serial0/0 (up): ip 140.4.1.3 dlci 503(0x1F7,0x7C70), static,
broadcast,
CISCO, status defined, inactive
 
  I can not seem to loose the frame maps to 0.0.0.0.  They do not show
  themselves as being learned dynamically or statically.  What do they
 mean?
  How do I get rid of them?  How did they get in there?  I can not form
 adj,
  please help!!
 _
 Do You Yahoo!?
 Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31624t=31624

RE: Spanning Tree Protocol [7:26538]

[Baety Wayne A1C 18 CS/SCBX]

Here's a little treat for paying attention to this thread.
Memorize this chart...

1   8
2   4
3   C
4   2
5   A
6   6
7   E
8   1
9   9
A   5
B   D
C   3
D   B
E   7
F   F

And here's why...

Let's take 2 for example. In binary, it is written B'0010'. On
systems that reverse the order of the bits (for reasons that will be
explained later), it is written B'0100', which could be read as 4 in
decimal, depending on how you read it.

The problem with this is that we would still need a point of
reference for how to read the binary digits so that we can compute their
hexadecimal equivalents.  Can you think of any other areas in life where
this could also be a problem?  How about written language?  In some parts of
the world, people read right to left instead of left to right, like how you
are reading this now.  This ambiguity wasn't saved, unfortunately, from
computers.  The single most important thing to understand a computer
protocol is first knowing its bit-wise orientation.  The second most
important thing to understand a protocol is knowing its byte-wise
orientation.

If you haven't guessed already, there are systems that not only
reverse the order of bits, but reverse the order of the bytes as well.  This
is why 4 and 2 are palindromatic.  If I align 4 and 2 as we as English
readers would align them, they would simply be x'42' (in binary this would
be B'0100 0010').  But there are computer systems that align these digits in
reverse, placing the highest order (most significant), that is to say, the
digit that represents the greatest change in value, last.  They come up with
x'24' as the same representation of binary digits.  They believe, what is
written last, is in fact what we would call the 10s column in decimal.  It
would be like writing 17 (seventeen) and having someone else read 71
(seventy-one).  However, those same systems that reverse the order of the
bytes reverse the order of the bits as well.  If I would reverse the order
of the bits in x'2' (in binary, B'0010') it would be read as x'4' (in
binary, B'0100').  So, If we read them in on a computer that reverses the
order of the digits _and_ reverses the order of the bytes, we would read
them in as x'42', exactly how we read them on a system that doesn't, hence,
a palindrome.  If I would write a low level device driver that reads in SAPs
and dishes them out to the corresponding protocol stack, I wouldn't need to
know what the value of a particular SAP would be on a system that reverses
the order of bits and bytes if I pick 2 values that are always going to be
read the same.  There are other palindromatic sequences that can be found in
the chart above.  There are even single digit palindromes.  Exercise 1: What
are they, and how many are there in total?

The chart above helps you to immediately know how a digit would be
computed in hexadecimal if read on a computer that reverses bits and bytes.

This would be useful for computing how a Ethernet multicast address differs
from a token ring multicast address.  Exercise 2: how is an Ethernet address
of 0100.5E00.0001 (IP 224.0.0.1) read in on a token ring machine?  Is the IP
address still read the same?

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


-Original Message-
From: Carroll Kong [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, November 20, 2001 8:52 AM
To: [EMAIL PROTECTED]
Subject: RE: Spanning Tree Protocol [7:26538]

This is a computer architecture topic and it has been a while for 
me, so please feel free to correct me.  Basically, it is how multibyte 
values are stored in a particular computer architecture.  For instance, in 
big endian, the last byte, has the most significant byte, and in little 
endian the last byte, has the least significant byte.

 Given that a byte is 8 bits.
 Given an integer 64932  (2 bytes)
 This converts to

 1101   1010 0100
in binary.

In a little endian architecture, the data would be stored like
 1101   1010 0100

 One machine would store this value from left to right and the 
other would store it from right to left.  In a big endian architecture, 
the data would be stored like

1010 0100    1101

 Needless to say, this has caused much pain in the world.  It is 
purely a big religious war as to which is better.  Also, one might 
quickly add well if this is true, wouldn't all socket programming be 
borked?!?  No.  They force you to convert back to network form vs host 
form.  I believe network form is big endian, but not that it 
matters.  Everyone converts it to this form in C (or any other language) 
before it hits the network, so there is still cross OS
compatibility.

Now, looking at 42, it seems to be this in binary

alone it is 101010, but in a byte, it would look liks

0010 1010

Policy routing BGP Neighbor relationships [7:27976]

[Baety Wayne A1C 18 CS/SCBX]

Is it me or does BGP not allow you to form a peering session unless you have
a route to the host in the routing table, no matter what.  It closes
connected sessions even if I have policy route data forwarding configured
and even if traffic is forwarding correctly.  Is there some knob I'm
forgetting about (other than using a static classful route to null0)?
 
My little diagram...
  
178.24.1.1/32 204.22.10.1/32
  Lo Lo
   ||
R6   R7
  
   ||
 S0  S0
  192.1.1/24   (.3)  (.1)
 
a.  No static routes entered on R6 or R7
b.  BGP peers w/ loopback addresses
 
 
Here's 11.3 (R7) forgetting that it can reach the 12.0 router via policy
(debug output on R7)
3d05h: BGP: 178.24.1.1 remote close, state CLOSEWAIT
3d05h: BGP: 178.24.1.1 closing
 
(This message repeated indefinitely)
3d05h: BGP: 178.24.1.1 multihop open delayed 10112ms (no route)
3d05h: BGP: 178.24.1.1 multihop open delayed 12784ms (no route)
 
(traffic is forwarding!)
r7#ping 178.24.1.1
Sending 5, 100-byte ICMP Echos to 178.24.1.1, timeout is 2 seconds:
!
 
r7#config t
r7(config)#ip route 178.24.1.1 255.255.255.255 192.1.1.3[Ctl-Z]
 
[a few seconds later]
(debug output on R7)
3d05h: BGP: 178.24.1.1 open active, local address 204.22.10.1
 
r7#config t
r7(config)#no ip route 178.24.1.1 255.255.255.255 192.1.1.3[Ctl-Z]
 
[a few seconds later]
(debug output on R7)
3d07h: BGP: 178.24.1.1 multihop open delayed 17648ms (no route)
 
grrr.
 
(configs below)
 
 
Thanks for looking this over.
 
WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer
 
 
ROUTER 6 CONFIG
 
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r6
!
logging buffered warnings
logging console warnings
enable password cisco
!
username cisco password 0 cisco
!
!
!
!
ip subnet-zero
!
!
!
process-max-time 200
!
interface Loopback0
 ip address 178.24.1.1 255.255.255.255
 no ip directed-broadcast
!
interface Ethernet0
 ip address 10.0.0.6 255.255.255.0 secondary
 ip address 6.6.6.6 255.255.255.0
 no ip directed-broadcast
!
interface Serial0
 no ip address
 no ip directed-broadcast
 encapsulation frame-relay
 no ip mroute-cache
 no fair-queue
 clockrate 25
 cdp enable
 frame-relay lmi-type cisco
!
interface Serial0.1 point-to-point
 ip address 10.255.1.2 255.255.255.252
 no ip directed-broadcast
 ip nat inside
 frame-relay interface-dlci 601
!
interface Serial0.2 point-to-point
 ip address 192.1.1.3 255.255.255.0
 no ip directed-broadcast
 ip nat outside
 ip policy route-map ebgp-rehop
 frame-relay interface-dlci 607
!
interface Serial1
 no ip address
 no ip directed-broadcast
 shutdown
!
router bgp 300
 network 178.24.0.0
 neighbor 204.22.10.1 remote-as 100
 neighbor 204.22.10.1 ebgp-multihop 2
 neighbor 204.22.10.1 update-source Loopback0
!
ip local policy route-map ebgp-rehop
ip nat pool dynamic-net-pool 178.24.16.1 178.24.191.254 prefix-length 16
ip nat inside source list 1 pool dynamic-net-pool
ip nat inside source static 178.24.3.13 10.253.1.1
ip classless
no ip http server
!
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 101 permit tcp any host 204.22.10.1 eq bgp
access-list 101 permit icmp any host 204.22.10.1 echo
access-list 101 permit icmp any host 204.22.10.1 echo-reply
route-map ebgp-rehop permit 10
 match ip address 101
 set ip default next-hop 192.1.1.1
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
 transport input none
line aux 0
line vty 0 4
 exec-timeout 0 0
 logging synchronous
 login local
 monitor
 
END ROUTER 6 CONFIG
 
ROUTER 7 CONFIG 
 
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r7
!
enable password cisco
!
username cisco password 0 cisco
ip subnet-zero
ip nat pool dynamic-net-pool 204.22.10.16 204.22.10.191 prefix-length 24
ip nat inside source list 1 pool dynamic-net-pool
ip nat inside source static 204.22.10.13 20.255.1.5
!
!
interface Loopback0
 ip address 204.22.10.1 255.255.255.255
!
interface Ethernet0
 ip address 10.0.0.7 255.255.255.0 secondary
 ip address 7.7.7.7 255.255.255.0
!
interface Serial0
 no ip address
 encapsulation frame-relay
 no ip mroute-cache
 no fair-queue
 clockrate 25
 frame-relay lmi-type cisco
!
interface Serial0.1 point-to-point
 ip address 20.255.1.2 255.255.255.252
 ip nat inside
 no arp frame-relay
 frame-relay interface-dlci 705
!
interface Serial0.2 point-to-point
 ip address 192.1.1.1 255.255.255.0
 ip nat outside
frame-relay interface-dlci 706
!
interface Serial1
 no ip address
 

RE: 2 Line Hit Scenarios... [7:25928]

[Baety Wayne A1C 18 CS/SCBX]

 of
the reasons for the dreaded routing loop is brought about by the fact that a
host could for some reason or another somehow not receive a poison update,
and start a count-to-infinity war.  This means that RIP messages are
inherently unreliable and not acknowledged.  Erred RIP frames are just
'silently discarded'.  The silence is because there is no provision in the
protocol made for acknowledgement and recovery.


Here's a list of cases where a router or bridge would retransmit instead of 
the end host.

BISYNC - YES
X.21 - YES
SDLC - YES
The various LAPs (LAPB, LAPF, etc.) - YES?
Cisco HDLC - NO!! (remember it's Cisco's own variety of HDLC)
PPP - NO
Frame Rely - NO
Ethernet - NO
Token Ring - NO
FDDI - NO
LLC1 - NO
LLC2 - NO, unless you're using DLSw or RSRB with Local ACK
LLC3 - who cares? ;-), but I think the answer is YES

Ethernet causes some confusion for people because a data-link-layer 
interface monitors for collisions while sending and retransmitting if one 
occurs. I don't think this fits into the same category as we're dealing 
with in this question, but the neophytes think it does, so it's worth 
addressing. I consider sending without collisions a basic part of Media 
Access Control, analogous to getting the token on Token Ring. It's not the 
same as monitoring for an ACK and retransmitting if you don't get one, 
which Ethernet NEVER does.

 I thought of this, but then I was thinking that maybe the line hit
doesn't trip the collision detect circuitry, in most cases it won't.  Maybe
the gremlin feels conniving today and feels like letting Ethernet believe
the transmission was a success.  This is true more often than not.


This is an extremely easy Networking 101 question where I come from. It's 
really frustrating that it results in so much confusion.

 Networking 101, but not Networking 303, which is why I included a
paragraph of disclaimer somewhere in the middle.


Priscilla

 I welcome discussions like this on this group.  I wish there were more of
them.  Now the really good stuff comes out.  

Thanks, Priscilla.

Wayne



At 11:21 PM 11/12/01, Baety Wayne   A1C 18 CS/SCBX wrote:
Line hits are caused by physical disturbances, electronic influences
on the transmission medium.  The question draws attention to the serial
connection between B1 and B2, and a possible difference between Ethernet
connections.  Ethernet makes no provision for physical layer protocol
retransmission in the face of erred communications.  An explanation
follows.


 There are different physical layer protocol entities for Ethernet,
notably MLT-3 for fast Ethernet, Manchester for Ethernet, etc.  These are
actual protocols for transferring bit streams over a common medium and only
serve to perform line encoding.  When an error presents itself, most often
these errors register as invalid code signals to the distant end, which
somehow gets translated into a data signal, forcibly in the case of
Ethernet.  After this process is complete the bit streams are compacted and
provisioned into 8-bit boundaries and are passed up to the data link layer.
At this point, the communication enters the prevue of a central processing
unit. The OS controlling the CPU would naturally do a CRC function on the
received data stream and extract the CRC that was computed by the sending
node, and do a comparison of the two.  Actual implementations could vary.
This in essence is an overview of Ethernet Technology.  The important thing
to remember is that there is not a protocol function that occurs at the
point the bit streams are sent from the hardware to the main CPU (channel
access functions are handled in hardware on a NIC).  All communication is
accepted carte blanche, and naturally so.  Ethernet is primarily a LAN
technology were error prone communications (caused by EMI or other
naturally
occurring phenomenon) is tightly controlled and minimized. In serial
communication technology there is such a protocol function because there is
a higher chance of their being electromagnetic influences, propagation
delay, etc.

 In serial communications at the point that the bit streams are
decoded into logical binary words (that 8 bit provisioning scheme
aforementioned).  There is a protocol function implemented to control the
actual reception and healthiness of the bit streams.  HDLC is the default
protocol for Cisco Routers, but there are other notables.  Such as Bi-Sync,
SDLC, LAPB, PPP, etc.  In some of these protocols there are provisions for
the retransmission of frames when errors are detected, channel
multiplexing,
stream windowing as well as frame sequencing and acknowledgements.

 Why this long answer?  Remember the question draws attention to
the
physical layer when 'line hits' are mentioned.  Further clues were given
when the only difference mentioned was a change in physical composition.
It's up to you to decide if the test maker in this instance is testing to
see if you know all of this, judged by the overall difficulty

RE: 2 Line Hit Scenarios... [7:25928]

[Baety Wayne A1C 18 CS/SCBX]

Line hits are caused by physical disturbances, electronic influences
on the transmission medium.  The question draws attention to the serial
connection between B1 and B2, and a possible difference between Ethernet
connections.  Ethernet makes no provision for physical layer protocol
retransmission in the face of erred communications.  An explanation follows.


There are different physical layer protocol entities for Ethernet,
notably MLT-3 for fast Ethernet, Manchester for Ethernet, etc.  These are
actual protocols for transferring bit streams over a common medium and only
serve to perform line encoding.  When an error presents itself, most often
these errors register as invalid code signals to the distant end, which
somehow gets translated into a data signal, forcibly in the case of
Ethernet.  After this process is complete the bit streams are compacted and
provisioned into 8-bit boundaries and are passed up to the data link layer.
At this point, the communication enters the prevue of a central processing
unit. The OS controlling the CPU would naturally do a CRC function on the
received data stream and extract the CRC that was computed by the sending
node, and do a comparison of the two.  Actual implementations could vary.
This in essence is an overview of Ethernet Technology.  The important thing
to remember is that there is not a protocol function that occurs at the
point the bit streams are sent from the hardware to the main CPU (channel
access functions are handled in hardware on a NIC).  All communication is
accepted carte blanche, and naturally so.  Ethernet is primarily a LAN
technology were error prone communications (caused by EMI or other naturally
occurring phenomenon) is tightly controlled and minimized. In serial
communication technology there is such a protocol function because there is
a higher chance of their being electromagnetic influences, propagation
delay, etc.

In serial communications at the point that the bit streams are
decoded into logical binary words (that 8 bit provisioning scheme
aforementioned).  There is a protocol function implemented to control the
actual reception and healthiness of the bit streams.  HDLC is the default
protocol for Cisco Routers, but there are other notables.  Such as Bi-Sync,
SDLC, LAPB, PPP, etc.  In some of these protocols there are provisions for
the retransmission of frames when errors are detected, channel multiplexing,
stream windowing as well as frame sequencing and acknowledgements.

Why this long answer?  Remember the question draws attention to the
physical layer when 'line hits' are mentioned.  Further clues were given
when the only difference mentioned was a change in physical composition.
It's up to you to decide if the test maker in this instance is testing to
see if you know all of this, judged by the overall difficulty of the exam.

To answer your question if there is a line hit between B1 and B2, B1
will always retransmit.  In most serial encapsulations method, the frame
never clears the buffers on B1 until B2 acknowledges reception to B1.

There was an effort to add this amount of reliability to Ethernet
and Token Ring environments, hence LLC which is a spin off of sorts of HDLC
for serial communications.  With LLC there are actually 3 different modes of
communication.  Type 1 is the normal mode that you would normally see in
modern networking environments (Type 2 is more usual for Token Ring).  Type
2 is modeled after communication qualities that serial communications need
to overcome. Type 3 is not commonly used.  To be succinct, it is like
slapping a serial protocol over Ethernet or Token Ring.  When Ethernet is
behaving like a serial interface it will buffer, acknowledge and retransmit
erred frames just like a serial interface (In that case, each intermediate
device is responsible for retransmitting any frames with errors).  Like
everything else in life, the true answer depends on what you are doing.

To be safe, let me point out that all of this nonsense usually is spoken of
in the books as residing at the Data Link layer.  I believe the test
question may also be trying to confuse you with what are the
responsibilities of the Transport layer (TCP to be exact).  But what if you
aren't even using TCP, What if you are using UDP over IP over Ethernet?
There is clearly no retransmission effort going on here.  All confusing
isn't it?  Don't worry in time you'll sort it all out.

Cheers and Good Luck,

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


-Original Message-
From: Todd Carswell [mailto:[EMAIL PROTECTED]] 
Sent: Monday, November 12, 2001 11:09 PM
To: [EMAIL PROTECTED]
Subject: 2 Line Hit Scenarios... [7:25928]

Here's the setup for my 2 questions...

PCA---B1---B2PCB

Bridge 1 and Bridge 2 are running Transparent Bridging between them.

Question 1:  There's a SERIAL connection between B1 and B2.  B1 and B2 are
configured for transparent bridging.  If 

RE: BGP question [7:25130]

[Baety Wayne A1C 18 CS/SCBX]

Useful if you're using private AS addressing (AS 64512-65535) and you want
your customer routes to appear as if they originated from your AS...

I would have used a NO_EXPORT community on the routes being advertised from
the AS and simply just advertised the address space that I own. It's rarely
useful to advertise your own address space with a differing AS number. It's
also more advised to keep advertising the correct AS in cases where this
situation would occur, e.g., a dual-homed customer.

However, to satisfy the question you can use BGP aggregation on R3 which was
specifically designed for this purpose...

router bgp 64512
 aggregate-address 200.200.200.1 255.255.255.0 summary-only as-set

You should only use a set-community conferderation route map when you have
complex business rules that you need implemented.

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


-Original Message-
From: news [mailto:[EMAIL PROTECTED]] 
Sent: Monday, November 05, 2001 2:53 AM
To: [EMAIL PROTECTED]
Subject: Re: BGP question [7:25130]

Hi

what I am trying to achieve is as follow

AS 100 is connected to AS 200.
AS 200 is connected to AS 300

AS 100 has route from AS 300.  So the AS-PATH List is: 200, 300, i
The task is: AS 100 should see all the route from AS 300 as if they came
from AS 100 directly the path will look like 200, i

Faisal


Chuck Larrieu  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 interesting question.  a seach among the command references and
 configuration guides on CCO yields nothing under 12.1, but under 12.2
states
 this command was introduced in 12.0(4.4)S and that in 12.0(5)T
 the address family configuration mode was added.

 I copied this stuff out of CCO, but it is not making sense to me at the
 moment. I can find no reference to the command and function in Parkhurst,
 which carries a 2001 copyright but no telling when the contents were
locked
 down for publishing.

 In re-reading this thread and the documentation below, I'm still a bit
 unclear as to what is being accomplished here. Telling a neighbor you are
AS
 X when you are really AS Y ??

 I'm working on some BGP scenarios now, so I'll try to add this to the list
 and report back.

 Chuck

 --
 stuff from CCO:


 The next example shows how the route map named set-community is applied to
 the outbound updates to neighbor 171.69.232.50 and the local-as community
 attribute is used to filter the routes. The routes that pass access list 1
 have the special community attribute value local-as. The remaining routes
 are advertised normally. This special community value automatically
prevents
 the advertisement of those routes by the BGP speakers outside autonomous
 system 200.

 router bgp 65000
  network 1.0.0.0 route-map set-community
  bgp confederation identifier 200
  bgp confederation peers 65001
  neighbor 171.69.232.50 remote-as 100
  neighbor 171.69.233.2 remote-as 65001
 !
 route-map set-community permit 10
  set community local-as


 neighbor local-as
 To allow customization of the autonomous system number for external Border
 Gateway Protocol (eBGP) peer groupings, use the neighbor local-as command
in
 address family or router configuration mode. To disable this function, use
 the no form of this command.

 Command History  Release  Modification
 12.0(4.4)S
  This command was introduced.

 12.0(5)T
  Address family configuration mode was added.




 Usage Guidelines

 Each BGP peer or peer group can be made to have a local autonomous system
 value for the purpose of peering. In the case of peer groups, the local
 autonomous system value is valid for all peers in the peer group.

 This feature cannot be customized for individual peers in a peer group.

 If this command is configured, you cannot use the local BGP autonomous
 system number or the autonomous system number of the remote peer.

 This command is valid only if the peer is a true eBGP peer. This feature
 does not work for two peers in different subautonomous systems in a
 confederation.

 Examples

 The following address family configuration example shows the customization
 of neighbor 172.20.1.1 configured to have an autonomous system number of
300
 for the purpose of peering:

 router bgp 109
 address-family ipv4 multicast
  network 172.20.0.0
  neighbor 172.20.1.1 local-as 300

 The following router configuration example shows the customization of
 neighbor 172.20.1.1 configured to have autonomous system number of 300 for
 the purpose of peering:

 router bgp 109
  network 172.20.0.0
  neighbor 172.20.1.1 local-as 300


 end of stuff from CCO
 -


 adam lee  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  What version of IOS is that command in? I am using 12.0(9) and it's not
in
  there.
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
  news
  Sent: Saturday, November 03, 2001 12:23 PM
  To: [EMAIL PROTECTED]
  Subject: Re: BGP question [7:25130]
 
 
  

RE: Weirdness with OSPF--IGRP and Default Routes [7:25216]

[Baety Wayne A1C 18 CS/SCBX]

His pings are definetly going to the loopback on Router B (R4) and are
probably being load balanced over the 0/0 [!.!.!.].  Use   ip
default-network   and point it out the interface you really want traffic to
go to by default.  If you don't want R4 to use the default, then apply a
static default on all your other routers.  Otherwise you run the risk of
load balancing through the loopback (?).  I'm not near any routers atm so I
can not verify this.

Ip default-network 152.1.3.0

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


-Original Message-
From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] 
Sent: Monday, November 05, 2001 8:09 AM
To: [EMAIL PROTECTED]
Subject: Re: Weirdness with OSPF--IGRP and Default Routes [7:25216]

John, it occurs to me that the other possibility is that your pings are
getting out, but not getting back. On the surface, it would appear that is
not the case because in part one of your scenario, you can successfully
ping.

However, it is possible that in doing what you did in setting up the default
network, you broke something else such that the return route does not exist?

just because you can see me, it does not automatically follow that I can see
you.

what do traceroutes reveal about where the breakdown occurs? How about an
extended ping, using a different interface as the source address?

Chuck


John Neiberger  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 You're reading it correctly.  The real problem isn't with router C.  Using
 either of the methods I tried it learns a default route from B.  The real
 problem is that as soon as I add a default-network command to router B (so
 that it originates a default to C) default routing breaks.

 Others keep pointing out that having a loopback address as a default
network
 creates a blackhole.  In this case I'm using a dummy network that does not
 exist elsewhere so it won't create a black hole.

 In fact, when ip packet debugging is turned on the packets are unroutable.
 This makes no sense to me since a quad-zero default exists in the routing
 table.  With ip classless nothing should be unroutable.  Very weird.  I
must
 be missing something...

 You think this is weird, though, you ought to see the lab setup I'm using
to
 test this.  At the moment I have six routers running a combination of
IS-IS,
 BGP, OSPF, and IGRP.  :-)   I'm a glutton for punishment!

 Regards,
 John

 On Sun, 4 Nov 2001 11:52:26 -0500, Chuck Larrieu wrote:

 |  if I am not mistaken, the default network has to be learned via IGRP,
 and
 |  cannot be a connected interface.  If I am reading your outputs
correctly,
 |  your default network is a connected interface.
 |
 |  am I misreading which router is the source of the pings?
 |
 |  Chuck
 |
 |
 |  John Neiberger  wrote in message
 |  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 |   I posted this to the ccie list as well.  I'm hoping someone has run
 across
 |   this before.
 |  
 |   I'll start with the original scenario that worked so I can show you
 where
 |  I
 |   began before I show you what I'm trying to accomplish now.  There are
 |  three
 |   relevant routers here:
 |  
 |   A(ospf)B(rip)-C
 |  
 |   A originates a default route to B and I use default-information
 originate
 |  in
 |   the RIP config to pass 0.0.0.0/0 to C.  This works well.  Then I took
 RIP
 |   away and tried this with IGRP and ip default-network.
 |  
 |   This took some tweaking before I could get B to originate  default
 route
 |  to
 |   C with IGRP. Is it just me or did Cisco seem to make this very
 |   user-unfriendly??  Unbelievable.  This is *so* easy with other
 protocols.
 |   Anyway...
 |  
 |   In the first scenario, B has a single gateway of last resort:
 0.0.0.0/0
 |  via
 |   router A.  Beautiful.  In the second scenario I end up with two
 candidate
 |   GOLRs but neither is picked and routing breaks!
 |  
 |   This makes *zero* sense to me.  If ip classless is configured and
 still
 |   have 0.0.0.0/0 in my routing table then B should route all packets
with
 |   unknown destinations to A, right??  Well, it's not working and I can
 |   consistently recreate it.
 |  
 |   If I remove the ip default-network statement routing works but then C
 has
 |  no
 |   default route.
 |  
 |   What could be wrong here?  For grins, I'll paste in some command
output
 to
 |   show you what I mean.  R4 is Router B in the above scenario.
 |  
 |   Gateway of last resort is 152.1.3.2 to network 0.0.0.0
 |  
 |  152.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
 |   O IA152.1.1.0/25 [110/74] via 152.1.3.2, 05:19:53, Serial0
 |   C   152.1.3.0/30 is directly connected, Serial0
 |  130.1.0.0/16 is variably subnetted, 9 subnets, 2 masks
 |   I   130.1.3.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0
 |   I   130.1.2.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0
 |   I   130.1.1.0/24 [100/1188] via 130.1.4.2, 00:00:28, TokenRing0
 |   O   

RE: What do you cats do for motivation? [7:24549]

[Baety Wayne A1C 18 CS/SCBX]

Ever make a puzzle?  Ever since a kid I used to be fascinated by puzzles.
First you find the corners and edges and work your way in, was a trick I
used to use.  I believe it still applies to learning about all of this
stuff.  

  If you find yourself unmotivated, then go out and buy a 50 piece puzzle
and work your way up to 1000 pieces or even 5000 pieces.  Mix this in with
your studying time.  The goal of course is to condition your mind to
complexity, and accomplishment.  This is similar to reading first the
marketing literature about a networking topic, and then, working your way up
to the approved standards, RFCs, etc.  Start out light...  You can't solve a
puzzle w/o the corners.

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


-Original Message-
From: Ouellette, Tim [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, October 30, 2001 4:52 AM
To: [EMAIL PROTECTED]
Subject: What do you cats do for motivation? [7:24549]

Man O Man. I'm finding it super-tough to stay motivated with all of this
super-duper-heavy-geeky CCIE studying that I have to do. How do you guys
keep your mind focused and your eyes straight ahead?  I find it really easy
to answer my phone on a friday night and talk to my buddies, next thing you
know i'm at the local pub forgetting my name.  I've got soo many books to
ready, and soo man labs that I want to do.  The light at the end of the
tunnel isn't even close to being visable and it's tough. Can anyone help?  

btw, anyone used any audio tapes/cd's to listen to cisco type stuff during
the commute to work? I was thinking about doing something like that but I
think hearing my own voice speak would be enough to drive me insane. Any
thoughtS?

Tim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=24597t=24549
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAC address and VLANs [7:23950]

[Baety Wayne A1C 18 CS/SCBX]

As well as it should when you're transferring 100's of megabytes of data;
it's not exactly like downloading a web page.  That's where CAR rears its
ugly face, no?

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Friday, October 26, 2001 1:52 AM
To: [EMAIL PROTECTED]
Subject: Re: MAC address and VLANs [7:23950]

I couldn't agree more on this issue, Jeff.  Norton's Ghost is Notorius for
hogging much of the backplane bandwidth on CAT5500s during a unicast TCP
session.

John Squeo
Technical Specialist
Papa John's Corporation
(502) 261-4035


 

jeffrey
wang
  
cc:
Sent by: Subject: Re: MAC address and
VLANs [7:23950]
   
nobody@groupst
   
udy.com
 

 

10/25/01
12:08
   
PM
Please
respond
to
jeffrey
   
wang
 

 





Not only VLAN helped solving broadcast problem, but also helped unicast
problem. I used
to run into problem with some UDP application on a pretty large flat
network. When some
100M/full-duplex start talking, 10M workstations were freeze. Sniffer
showed
me that
caused by a unicast storm. Eventually, I learned that if a unicast is sent
while switch
didn't have or forgot its destination's MAC, it flood. No 100M workstation
been
affected, but all 10's died. couple second later, it calmed down. (switches
started to
know where the destination's MAC). However, it happened again and again.
VLAN helps
first to restrict problem in ONE VLAN, second prevent the switches don't
have the VLAN
from being affected.

Priscilla Oppenheimer wrote:

 The multi-VLAN feature that Leigh Anne mentioned might solve your
problem.
 The Cisco switch port could be associated with two VLANs that way. You
 didn't say which switch you have, and this feature may not be available
on
 all Cisco switches, though.

 Assuming that you don't want to upgrade the little switch to one that
does
 802.1Q or ISL, another somewhat radical fix to the problem might be to
not
 use VLANs. My philosophy is that once VLANs get to the point of causing
 more problems then they fix, I eliminate them. ;-)

 One of the main things VLANs were supposed to fix was excessive
broadcasts
 causing too many CPU interruptions on numerous workstations in a large,
 flat, switched network.

 Lately I have taken to making the controversial statement that this
problem
 doesn't exist on many modern networks. These days workstations have
 amazingly fast CPUs. They are not bogged down by processing broadcasts.
 Also, as we eliminate older desktop protocols such as AppleTalk and
IPX,
 what is still sending broadcasts? An ARP here or there is not a big
 problem. And ARPs don't actually happen that often. A PC keeps the
 data-link-layer address of its default gateway and other communication
 partners for a long time.

 Also, a lot of PC NICs used to be stupid about multicasts and interrupt
the
 CPU for irrelevant multicasts for which the PC was not registered to
 listen. I bet that bug has been fixed by now.

 VLANs have other benefits (security, dividing up management and
 administrative domains, etc.) But if broadcasts are the issue, one should
 ask:

 Which protocol send broadcasts and how often?
 How fast are the CPUs?

 And that is my latest harangue against my least favorite LAN technology
 (VLANs!)

 Priscilla

 At 09:52 AM 10/24/01, NetEng wrote:
 Thanks for the replies. The two MAC addresses would come from the two
PC's
 in an office. The would both connect in to a hub and then the hub would
 uplink to the cisco switch. I need one pc in VLAN1 and one pc in VLAN2,
from
 what you and Dennis stated this will not work. I appreciate the comments
 though.
 
 Collin
 
 Leigh Anne Chisholm  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Actually, that's not correct.  The original specification for VLANs
from
   what I understand mandates that only one VLAN can be assigned to a
port,
 but
   manufacturers such as 3COM decided to do otherwise and support
multiple
   VLANs per port.  Cisco responded by creating (on certain switches
such
as
   the Catalyst 2900XL) an administrator to configure a port to be a
member
 of
   more than one VLAN at a time when using a membership mode known as
   Multi-VLAN. A Multi-VLAN port can belong to up to 250 VLANs; the
actual
   number of VLANs to which the port can belong depends on the
capability
of
   the switch itself. Although the concept is similar, this membership
mode
 is
   different than trunking.  The caveat to this feature is that the
   Multi-VLAN membership mode cannot be configured on a switch if one or
 more
   ports on the switch have been configured to trunk.
  
   For more information on this feature, search Cisco's website using
the
   keyword phrase switchport multi.
  
   As for answering NetEng's 

RE: MAC address and VLANs [7:23950]

[Baety Wayne A1C 18 CS/SCBX]

Oops, I forgot to complete that thought

Hence, the second most important reason for routingdrum roll
Traffic Policing.  Is this the start of another Dave's Top Ten?

Essentially, large flat networks probably also have no internal security and
no internal traffic cops.  Now that's ugly.


-Original Message-
From: Baety Wayne A1C 18 CS/SCBX 
Sent: Friday, October 26, 2001 11:14 AM
To: '[EMAIL PROTECTED]'
Cc: '[EMAIL PROTECTED]'
Subject: RE: MAC address and VLANs [7:23950]

As well as it should when you're transferring 100's of megabytes of data;
it's not exactly like downloading a web page.  That's where CAR rears its
ugly face, no?

WAYNE BAETY, MCSE, A1C, USAF
Network Systems Trainer


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Friday, October 26, 2001 1:52 AM
To: [EMAIL PROTECTED]
Subject: Re: MAC address and VLANs [7:23950]

I couldn't agree more on this issue, Jeff.  Norton's Ghost is Notorius for
hogging much of the backplane bandwidth on CAT5500s during a unicast TCP
session.

John Squeo
Technical Specialist
Papa John's Corporation
(502) 261-4035


 

jeffrey
wang
  
cc:
Sent by: Subject: Re: MAC address and
VLANs [7:23950]
   
nobody@groupst
   
udy.com
 

 

10/25/01
12:08
   
PM
Please
respond
to
jeffrey
   
wang
 

 





Not only VLAN helped solving broadcast problem, but also helped unicast
problem. I used
to run into problem with some UDP application on a pretty large flat
network. When some
100M/full-duplex start talking, 10M workstations were freeze. Sniffer
showed
me that
caused by a unicast storm. Eventually, I learned that if a unicast is sent
while switch
didn't have or forgot its destination's MAC, it flood. No 100M workstation
been
affected, but all 10's died. couple second later, it calmed down. (switches
started to
know where the destination's MAC). However, it happened again and again.
VLAN helps
first to restrict problem in ONE VLAN, second prevent the switches don't
have the VLAN
from being affected.

Priscilla Oppenheimer wrote:

 The multi-VLAN feature that Leigh Anne mentioned might solve your
problem.
 The Cisco switch port could be associated with two VLANs that way. You
 didn't say which switch you have, and this feature may not be available
on
 all Cisco switches, though.

 Assuming that you don't want to upgrade the little switch to one that
does
 802.1Q or ISL, another somewhat radical fix to the problem might be to
not
 use VLANs. My philosophy is that once VLANs get to the point of causing
 more problems then they fix, I eliminate them. ;-)

 One of the main things VLANs were supposed to fix was excessive
broadcasts
 causing too many CPU interruptions on numerous workstations in a large,
 flat, switched network.

 Lately I have taken to making the controversial statement that this
problem
 doesn't exist on many modern networks. These days workstations have
 amazingly fast CPUs. They are not bogged down by processing broadcasts.
 Also, as we eliminate older desktop protocols such as AppleTalk and
IPX,
 what is still sending broadcasts? An ARP here or there is not a big
 problem. And ARPs don't actually happen that often. A PC keeps the
 data-link-layer address of its default gateway and other communication
 partners for a long time.

 Also, a lot of PC NICs used to be stupid about multicasts and interrupt
the
 CPU for irrelevant multicasts for which the PC was not registered to
 listen. I bet that bug has been fixed by now.

 VLANs have other benefits (security, dividing up management and
 administrative domains, etc.) But if broadcasts are the issue, one should
 ask:

 Which protocol send broadcasts and how often?
 How fast are the CPUs?

 And that is my latest harangue against my least favorite LAN technology
 (VLANs!)

 Priscilla

 At 09:52 AM 10/24/01, NetEng wrote:
 Thanks for the replies. The two MAC addresses would come from the two
PC's
 in an office. The would both connect in to a hub and then the hub would
 uplink to the cisco switch. I need one pc in VLAN1 and one pc in VLAN2,
from
 what you and Dennis stated this will not work. I appreciate the comments
 though.
 
 Collin
 
 Leigh Anne Chisholm  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Actually, that's not correct.  The original specification for VLANs
from
   what I understand mandates that only one VLAN can be assigned to a
port,
 but
   manufacturers such as 3COM decided to do otherwise and support
multiple
   VLANs per port.  Cisco responded by creating (on certain switches
such
as
   the Catalyst 2900XL) an administrator to configure a port to be a
member
 of
   more than one VLAN at a time when using a membership mode known as
   Multi-VLAN. A Multi-VLAN port can belong to up to 250 VLANs; the
actual
 

RE: Password recovery when console it hosed [7:17743]

[Baety Wayne A1C 18 CS/SCBX]

You said they download from a TFTP?
well snoop the Ethernet packets and
look for what file they are requesting.  store
that file on your ftp server and just add
a config file with the same name and...

config-register 0x2102

or

confreg 0x2102

or better yet make it
boot into rom mode


Some times the trees are better to look at
than the forest ;-}


Wayne


-Original Message-
From: Adam Luy [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, August 30, 2001 5:37 AM
To: [EMAIL PROTECTED]
Subject: Password recovery when console it hosed [7:17743]

Hey everybody,

I have a couple of 3102 routers at home that I can not get into. The console
ports have been set to some strange setting I can not seem to figure out.
I've tried what seems to be an endless combination of speeds, parity, stop
bits, data bits, etc..., but still get garbled data out the console. I have
other 3102s in my lab, so I know I've got good cables and all that. Plus, if
I have a TFTP server going when I power them up they will download IOS from
it, so I know they are working, just can't get into the damn console!

Is there anyway to manually/physically clear NVRAM so the console is set
back to 9600,n,8,1?

Help!

-Adam




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17822t=17743
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Yet another silly CCIE lab prep question [7:17716]

[Baety Wayne A1C 18 CS/SCBX]

Id also add a NP-2T (2 Port Serial Network Processor Module)
to that 4000 so that you can practice a point-to-point
and point-to-multipoint OSPF over frame relay scenario.
Using the 4000 as a Frame Relay Switch. These NPMs sell
for about 100-200 on Ebay.  If you get a NP-4T (4 Port 
Serial Network Processor Module) you've just turned that
4000 in to 2 Routers, ideally.  It then can double as a
Frame Relay Switch and still have 2 Serial ports and
what ever Ethernet ports left over to do some other nice
config scenarios.  The NP-4T sell for about 300-400 on Ebay
and only require the cable types that come with the 25XX
anyway.  If you get the NP-2T then you'll need 4 60pin/dte
to 50pin/dce cables (These sell for about 35 new/used on ebay
and about 80 used elsewhere).

Adding a Frame Relay Switch to your lab setup is a great way
to connect all those 25XX together and still have a lot
of fluidity in lab scenario cable-ups.

Wayne

-Original Message-
From: EA Louie [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, August 30, 2001 5:10 AM
To: [EMAIL PROTECTED]
Subject: Re: Yet another silly CCIE lab prep question [7:17716]

Nah, that's a great setup John.  You have 5 routers there, and a possible
6th with the 4000.  Start looking at fatkid.com and his smaller labs (400
and below), and see how well you line up with those (we're forever
substituting Ethernet for Token Ring and vice-versa in my partner's lab
setups to make due with our equipment on those labs)

The 2522 is a great frame relay switch and can double as a 1E/2T/1BRI
router...

2513 give you SR/TLB

You can add some NPs to your 4000 (I'd suggest the NP-2E and NP-2R)

You'll need a bunch of DTE/DCE cables (mostly 60-pin variety...and a couple
of 60-pin to 50-pin for the NP-2T in the 4000)

If trunking is only worth one or two points on the exam, it's worth knowing
but not sweating - just think sub-interfaces on the router, and know the
encapsulation commands on the router and switch interfaces

I'd be a bit more concerned with flash/DRAM - 12.1 Enterprise requires
16/16, and you could use mzmaker if you have 8/16, but we've run into a few
problems with that lately (routers crashing because of MALLOC problems)

- Original Message -
From: John Neiberger 
To: 
Sent: Wednesday, August 29, 2001 11:41 AM
Subject: Yet another silly CCIE lab prep question [7:17716]


 I apologize in advance for posting this.  I know we get a couple of
 these a week, it seems, but I don't want to leave any bases uncovered.
 Here is what it looks like I'm going to end up with at home:

 (2) 2501
 2504
 2513
 2522
 4000 (with two serial interfaces)
 Catalyst 1200  (yes, that's right, I said a 1200!!)
 Token Ring MAU
 Blackbox switch (instead of 2509 or 2511)

 I'm hoping that the 1200 will be able to handle most of the switching
 chores.  It can't do ISL trunking and it's only low speed, but I get
 experience with that kind of stuff at work.  I won't be able to do
 etherchannel, but I don't have any routers or other switches so that's
 not relevant here.

 I still plan on getting a day or two of lab time up at University of
 Colorado at $500/day.  I also may get in a day or two at the local Cisco
 office (keep your fingers crossed).

 For my home lab, though, if I manage to find some lab scenarios to
 study with that only use a few routers, have I already shot myself in
 the foot?  Will I *need* to get more or will this suffice?

 I will also be getting an ISDN simulator but that's going to have to
 wait for a few months.

 Any advice?

 Thanks!

 John
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17981t=17716
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BPDUs [7:17607]

[Baety Wayne A1C 18 CS/SCBX]

BPDUs are sent out multicasted using an Ethernet multicast
address of 01-80-C2-XX-XX-XX and a SAP of 42 (bridging SAP).
They are sourced from what ever private mac address pool
the vendor chooses.

e.g. (Ethernet SAP)

Dest Source   Ln DSAP SSAP CNTL  INFOPAD  FCS
0180C200 0010E7123456 26  42   42  03[BPDU]   

Since BPDUs (both TCN and Configs) are always 35 Bytes long add
3 for the SAP Header to get a total length of 38 (hex 0x26) for Length
40 for SNAP, although I do not believe there is a SNAP formation for
BPDUs.  Perhaps Frame Relay bridging?

By simply looking at the destination address you should be able to
determine that it is in fact a multicast address by looking at the the
second nibble in the first octet.  If it is odd (1,3,5,7,9,B,D,F) it is a
multicast address.

Interconnections: Routers, Bridges, and Switches by Radia Perlman is
suggested reading.

Ref: RFC 1700

Wayne


-Original Message-
From: Christopher Supino [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 29, 2001 10:04 AM
To: [EMAIL PROTECTED]
Subject: BPDUs [7:17607]

All ,

I came across this question while studying: How are BPDU's propagated
amongst switches? Broadcast, multicast, or unicast? Anyone have an
explanation?

Christopher Supino
CCNP, CCDP, MCSE, CNA5, ASE
Senior System Engineer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17804t=17607
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Logging traffic [7:17559]

[Baety Wayne A1C 18 CS/SCBX]

I would add the syn predicate to cut down on
logging traffic.  This will only log the first
TCP segment, but it will still contain the source
IP address, Time of Day, etc. 

access-list 101 permit tcp any any lt 100 syn log

Since syslog traffic is sent on the data link in
human readable form I would use an IPSec tunnel, or
a standalone Ethernet interface to actually handle
the traffic. Logging data can be very sensitive.

Wayne

-Original Message-
From: Tony van Ree [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, August 30, 2001 8:39 AM
To: [EMAIL PROTECTED]
Subject: Re: Logging traffic [7:17559]

Hi,

Depends on what your are really trying to achieve.  If you have plenty of
head room in your router you could just add stuuf to an access-list and send
the list to a syslog.  Cheap nasty but a good way to solve issues.

access-list 101 permit icmp any any log
access-list 101 permit tcp any any lt 100 log
access-list 101 permit tcp any any gt 99 log
access-list 101 permit udp any any lt 100 log
access-list 101 permit udp any any gt 99 log

The trick is to put the port numbers in (lt 100 etc) this will then tell you
what address/port is talking to address/port.

If you put this at the end of an existing access-list in place of the permit
ip any any you should get what you need.

On a busy link however this generates heaps of information but it is a nice
way to find what you don't want on your network

BE AWARE OF ANY PRIVACY ISSUES THAT MIGHT ARISE DOING THIS SORT OF STUFF.

Just a thought,

Teunis,
Hobart, Tasmania
Australia

On Tuesday, August 28, 2001 at 03:03:47 PM, cisco skin wrote:

 Here's what I want to do:
 
 Log all traffic (source/destination ip address/port #) from a specific
 subnet (our HQ) to see what's passing through our external router, and
where
 they're going.
 
 Any suggestions?
 
 Thanks,
 Jeff
--
www.tasmail.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17806t=17559
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Work-related ACL problem [7:17695]

[Baety Wayne A1C 18 CS/SCBX]

Is 167.216.138.4 a proxy server? is there another proxy
server in the midst perhaps using another tcp port number?
Proxy servers usually use 8080 but I've seen some (Squid, a
Unix Proxy Server) for example at other port ids.  Keep in mind
that there are anonymous proxy services out there that aren't
using standard port numbers and your users can still use those.
But lets take proxies out of the equation for a moment.
As soon as you use a deny rule you prohibit any further processing for
the predicates the deny rule uses. So put your permits first in
the greedy-eye format, that is place your unrestricted
largest permitted access first.

permit ip any 172.0.0.0 0.255.255.255
permit tcp any host 2.2.2.2 eq www
deny tcp any any eq www

Wayne


-Original Message-
From: Wilson, Bradley [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, August 30, 2001 1:04 AM
To: [EMAIL PROTECTED]
Subject: Work-related ACL problem [7:17695]

Okay gang, this one's work-related so don't feel obligated to help. ;-)  I
think it's an interesting thought problem though:

The Problem I'm Trying To Solve: allow access to a particular website
(2.2.2.2) from users on a particular subnet.  Do NOT allow them to access
any *other* website.  Allow them to access other resources within your
internal network (172.0.0.0).

Here's the ACL I came up with:

access-list 101 permit ip any host 167.216.138.4
access-list 101 deny tcp any eq www any
access-list 101 permit ip any 172.0.0.0 0.255.255.255
access-list 101 permit ip any any

This list was created on an MSFC card running in a 6509 chassis, and has
been applied to interface Vlan1 inbound (I tried outbound as well just for
kicks).  The (unintended) result is that users can access both the target
website, as well as other websites on the Internet.  Any ideas?



Bradley J. Wilson
CCNP CCDP MCSE NNCSS CNX MCT CTT
EDS/Boston Scientific Account
(508) 650-8739
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17810t=17695
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: I HAVE QUESTION How can i know who conn to my rout [7:17608]

[Baety Wayne A1C 18 CS/SCBX]

logging 1.2.3.5
logging buffered 1 debugging
logging trap debugging

access-list 101 permit tcp any host 1.2.3.4 eq 23 syn log
access-list 101 permit ip any any

interface fast0/0
ip access-group 101 in


This config snippet will log all port 23 connects to host 1.2.3.4 which
should be an interface on your local router. You'll have to make a rule to
match and log each interface on your router for this to match all possible
paths to your router.  The logging  global config command sends
syslog messages to a syslog server (There are daemons for WinNT).

You can set up a crontab on a Unix server to grep the syslog for
IPACCESSLOGP and mail this output to yourself for a more complete solution.

In Windows a Windows Scripting Host script, or Perl for Windows script can
be created to the same effect.

Caveats:

Input access lists break certain flow enhancement features in certain
routers, I'd suggest you fully research the impact an input access list will
have on your router before implementing this.

Every interface on your router would need to have the first rule in the
above access list changed to its respective network layer address (1.2.3.4)
in this case.

Wayne

-Original Message-
From: Bolton, Travis [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 29, 2001 7:33 AM
To: [EMAIL PROTECTED]
Subject: RE: I HAVE QUESTION How can i know who conn to my rout [7:17585]

Show arp will show you all the IP's on the router with their MAC
addresses.  Hope this is what you want.

-Original Message-
From: PHIMHONGKONG [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 28, 2001 5:14 PM
To: [EMAIL PROTECTED]
Subject: Re: I HAVE QUESTION How can i know who conn to my rout
[7:17581]


but those command is only show you a telnet session or soem one currently
log in router

i would like to kow the command like show all ip connecting to the router

Thanks all
Shojayi Joe  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Try a
 router show sessions

 show sessions is the command




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17608t=17608
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Boson Test Question [7:16895]

[Baety Wayne A1C 18 CS/SCBX]

Very Slimy question, but...

A (MAC) is never used to choose the DR.

If two routers are configured with the same priority
Then C (Priority) is not used to choose the DR, if they 
do not have the same priority then D (IP address) is
not use to choose the DR.  In either case C, and D are
not true in every situation.  Only answer B is true
in every situation.  It is true even we are only
considering point-to-point links, because the question
specifically asks for the cases in which a DR IS chosen.

Wayne


-Original Message-
From: Wright, Jeremy [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, August 23, 2001 6:42 AM
To: [EMAIL PROTECTED]
Subject: Boson Test Question [7:16895]

In OSPF, the DR is chosen by
A.  MAC
B.  Hello Protocol
C.  Priority
D.  IP

I chose C but Boson says B. Obviously I have read a 1000 times that the DR
is elected by highest priority, so is Boson wrong here or am I
mis-interpreting the way the question is worded (typical Cisco)..




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=16914t=16895
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Quick CCIE Written Question [7:16891]

[Baety Wayne A1C 18 CS/SCBX]

Even with no IP classless the longest match
rule still applies and the longest match for
a destination is always chosen, regardless of
the administrative distance of the learning
protocol.  The reason for this is to avoid
global routing loops. This has been clearly
stated in rfcs, even before things like
'administrative distance' were invented.

When two networks are being advertised to the
same router, the router must ALWAYS use the
more precise of the two networks to make its
forwarding decision.  This rule may or may not be
a crutch, but its still the rule.  However, this
rule is usually applied at the end of the routing
decision in Cisco Routers anyway.  Things like,
NAT and Policy Routing preempt this decision.
It's entirely possible to policy route to a
destination, only to have that destination referred
back simply because the longest match rule has
been violated. Playing with fire if you ask me.

Wayne



-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, August 23, 2001 6:10 AM
To: [EMAIL PROTECTED]
Subject: Re: Quick CCIE Written Question [7:16891]

Yes, the presence of 'no ip classless' (or ip clueless as I like to call
it) can have an effect.  For the purposes of our discussion I was
assuming ip classless.  Assuming 'no ip classless' needlessly muddies
the waters, in my opinion.

However, point taken.  We all should be aware of the difference in
classfull and classless lookups.  then, always use classless routing and
forget out about it.  ;-)

John

 John Nenye  8/22/01 2:05:23 PM 
John,
Considering the question ip forwarding varies if you are deling with 
classful or classless addressing.

check this link from cisco out
http://www.cisco.com/warp/public/105/21.html 


- Original Message -
From: John Neiberger 
To: 
Sent: Wednesday, August 22, 2001 12:37 PM
Subject: RE: Quick CCIE Written Question [7:16797]


Assume the following prefixes available in your routing table (taken
from original example):
10.1.1.0/28   OSPF
10.1.0.0/24   EIGRP
10.1.1.0/26   Static

All three would be entered into the table since they have different
mask lengths.  If a packet destined for 10.1.1.1 were to hit the
router,
which route would it choose?  The /28 would be used because it is the
matching prefix with the longest mask length.

To the person who contends that the /26 would be chosen, can you
explain your reasoning?

Regards,
John

  Fomes Iain  8/22/01 10:10:13 AM 
The most specific route- mask wise. Easy peasy lemon squeezy. Ask me
another
Bamber.




  -Original Message-
  From: Teresa Presutto [SMTP:[EMAIL PROTECTED]] 
  Sent: 22 August 2001 16:50
  To: [EMAIL PROTECTED] 
  Subject: Re: Quick CCIE Written Question [7:16797]
 
  I bet 1$ on the static /26
 
  Teresa
- Original Message -
From: Peter Slow
To: [EMAIL PROTECTED] 
Sent: Wednesday, August 22, 2001 5:16 PM
Subject: RE: Quick CCIE Written Question [7:16797]
 
 
you're wrong.
the /28 will be chosen.
-humboldt
 
-Original Message-
From: Ednilson Rosa [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 22, 2001 10:51 AM
To: [EMAIL PROTECTED] 
Subject: Re: Quick CCIE Written Question [7:16797]
 
 
In this case, if you want to communicate with the host 10.1.1.1,
for
instance, the route chosen will be the static...
 
Regards,
 
Ednilson Rosa
 
- Original Message -
From: Wright, Jeremy
To:
Sent: Wednesday, August 22, 2001 11:17 AM
Subject: RE: Quick CCIE Written Question [7:16797]
 
 
So for example, if you have the following   10.1.1.0/28   OSPF
   10.1.0.0/24   EIGRP
   10.1.1.0/26   Static
Which route will be chosen?  Thanks for the help.
 
-Original Message-
From: McCallum, Robert
[mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 22, 2001 8:32 AM
To: 'Wright, Jeremy'; [EMAIL PROTECTED] 
Subject: RE: Quick CCIE Written Question [7:16797]
 
In a nut shell yes and no.  i.e.
 
Admin distance is the winner by means that the lower the
admin distance the better, so a route learned from EIGRP will
get
into
  the
routing table despite having a longer match route which was
learned
from
  say
OSPF.  BUT if you have two routes learned from the same admin
distance
  then
the longest
match ALWAYS wins.
 
Basically once the route is in the routing table then the
longest match is the outmost winner.
 
-Original Message-
From: Wright, Jeremy [mailto:[EMAIL PROTECTED]] 
Sent: 22 August 2001 14:19
To: [EMAIL PROTECTED] 
Subject: Quick CCIE Written Question [7:16797]
 
 
Does the longest match rule always override administrative
distance??
[EMAIL PROTECTED] 
*
DISCLAIMER:   The information contained in this e-mail may be
confidential
and is intended solely for the use of the named addressee.  Access,
copying
or re-use 

RE: Avoiding IP conflicts in a MULTI-VLAN environment [7:16470]

[Baety Wayne A1C 18 CS/SCBX]

If your critical servers are in there own subnet/VLAN, this is a natural
barrier to even a misconfigured static.  A client pc can't speak to a router
not on its own subnet, therefore is forced to maintain any topology you
devise. (i.e. the answer is strict addressing rules, and hierarchical
designing)  However there still isn't a good way to limit someone from using
the address of the gateway statically and creating a mess.  One solution I
came up with is to write a custom application to send an arp probe every so
often.  If any MAC (both cases of the term) other than your router responds
to the arp, have that port shut down via SNMP or a telnet script on your
switch. Depending on your topology this may affect only 1 or possibly
several client machines, but at least the whole VLAN will not be blocked out
of the zone. It depends on your resolve, but truly anything can be
accomplished with computers.  Don't take NO for an answer.
WAYNE A. BAETY, A1C, MCSE, USAF
18th Communications Squadron/SCBX
632-6211


-Original Message-
From: dan snyder [mailto:[EMAIL PROTECTED]] 
Sent: Monday, August 20, 2001 10:23 AM
To: [EMAIL PROTECTED]
Subject: Re: Avoiding IP conflicts in a MULTI-VLAN environment [7:16470]

as long as there are others that have the ability to connect workstations or

servers to your network, the potential is there for address conflicts.  we 
eliminate these by the users requesting addresses and to have server (or 
workstation) patched into the network.  it is more work initially, but in 
the long run creates audit trails and prevents unauthorized ip address 
assignments.  good luck.

From: Kevin Wigle 
Reply-To: Kevin Wigle 
To: [EMAIL PROTECTED]
Subject: Re: Avoiding IP conflicts in a MULTI-VLAN environment [7:16470]
Date: Sat, 18 Aug 2001 17:26:36 -0400

It depends on the kind of environment you have and how much control you
have - that is to say, do people who break the rules get in trouble or just
get their hands slapped? (or nothing)

Anyway, DHCP will definitely fix this problem but only if users don't 
change
the IP configuration on their PCs from DHCP to static.

I once worked in an environment that consisted of 10 floors of engineers.
We got IP conflicts all the time because people didn't want to go through
the process of asking for an address - especially if they thought they
needed it only for a little while to test something out.  At the time we
were using static addressing which was handed out by a bootp server

Once we installed switches and HP Openview and implemented DHCP, we could
track down the offenders fairly quickly and then yank their connection (or
shut the port)  and wait for the phone to ring.  After awhile, the
engineers finally figured out that we could catch them and things cooled
down.  Also, because the DHCP pools had enough addresses to handle 
temporary
requirements.

I haven't heard about the issue about greater ARP version.  Usually whoever
has the address first wins and the second PC to attempt the address loses.
Usually an error is reported back on the second PC with the MAC address of
the PC that has the address already - which can be traced.

Good user policies that are enforced and DHCP should prevent IP conflict
problems.


Kevin Wigle


- Original Message -
From: Hamid Ali Asgari
To:
Sent: Saturday, 18 August, 2001 15:22
Subject: Avoiding IP conflicts in a MULTI-VLAN environment [7:16470]


  Hi group
 
  I am setting up a network with some NT4 servers, a Catalyst 2948 switch 
,
  and a 7204 VXR router and some access servers. The network consists of  
7
  VLANs, and all the servers and routers are on multi-VLAN or TRUNK
interfaces
  on the switch. The LAN consists of many computers with different 
operating
  systems such as UNIX, LINUX and  Win2k. Lots of computers that will be
  connected to this LAN are laptops so I can't implement PORT SECURITY on
the
  Catalyst.
 
  The problem is that I want to prevent my clients to make IP Conflicts in
my
  network. Correct me if I am wrong, but someone had told me that when an 
IP
  conflict occurs , the computer with the greater ARP version wins (or
  something like that !), so the RED HAT 7.1 LINUX operating systems would
  take down my NT servers.
 
  Any ideas or soloutions  how I could prevent these conflicts?
 
  Thanks in advance
 
  Hamid
 
 
 
 
 
 
 
 
  -
  Do You Yahoo!?
  Make international calls for as low as $0.04/minute with Yahoo! 
Messenger.
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=16626t=16470
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: BGP Alarms? [7:15148]

[Baety Wayne A1C 18 CS/SCBX]

I think the correct way to use this command is 
to set the upper threshold to an absurdly high amount
based on a calculation of your memory capability.  And the
warning threshold to an amount that you start to turn in
your grave, if you had one.  If it gets to to the upper
threshold level you have bigger problems to worry about
than a loss of a peer session.

(Fried NPMs w/ barbecue sauce anyone?)

my .01 (I'm a cheapo)

Wayne

-Original Message-
From: John Neiberger [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 08, 2001 7:59 AM
To: [EMAIL PROTECTED]
Subject: Re: BGP Alarms? [7:15148]

You're absolutely correct!  :-)  I did not RTFM, and I soon discovered
that I should have.  But, I just removed that statement since it really
wasn't necessary.  I was just playing around and got burned.As
you can tell, I still have not RTFM about that particular command since
I did not know there was a warning-only keyword.

The moral of the story? RTFM!!  ;-)  (Can you tell I love that
acronym?)

John

 dre  8/7/01 4:34:20 PM 
maybe you forgot to RTFM and missed that
warning-only part.  Check it again ;

Of course, it may have been a good thing
if you were to get the entirety of the IPv4
prefixes as /32's from your peer.  I bet
you wouldn't like that.  I think I'd rather
have the session go down.

-dre

John Neiberger  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 When I tried this method, there was a time when our provider
 accidentally sent too many prefixes and it hit the maximum limit
which
 shutdown the session.  I had to manually restart the session, and I
 wouldn't consider that to be a good thing.

 My $.02
 John

  dre  8/7/01 1:37:17 PM 
 neighbor maximum-prefix

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_r


 /iprprt2/1rdbgp.htm#xtocid142343

 -dre

 Chris  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  I was told that there is a criteria to set BGP alarms so that when
 the
  routing table reaches a certain number of routes, you get
 notification,
  does anyone know the answer to this question
 
  Thanks
 
  Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=15196t=15148
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CID test question [7:15131]

[Baety Wayne A1C 18 CS/SCBX]

If you look at this question one way, one 
Answer sticks out like a swore thumb.

When deciding on a particular routing protocol
(one vs. another) What protocol considerations for
routing are most likely to be made?

A) resource utilization
   (Does the impact to a router's resource utililization for a particular  
protocol significant. i.e. OSPF is resource intensive during SPF
calculations)

b) address flexibility
   (Is address flexibility significant in protocol selection.
i.e. RIPv1 allows no flexibility in address assignment beyond
initially choosing a default subnet mask used throughout
The contingent domain)

c) convergence time
   (Does the impact on how fast a protocol views the entire network
consistently at all points of routing decision significant in
protocol selection.  EIGRP has extremely fast convergence 
characteristics in the face of redundant links and )

d) bandwidth utilization
   (Does the impact on how well one routing protocol vs another manages
available bandwidth for forwarding traffic significant in routing  
protocol selection? i.e. Does one routing protocol forward traffic 
faster than another?)


in that case choice d is more a switching method design choice, I'd bet
there are other questions on this test dealing with switching methods, 
therefore this question acts as a primer for those.

Of course, if I was taking this test I would have wanted to click all the
answers, but since I know test makers always put a All above at the end
for the questions they want answered in that fashion, I would have been this
critical in deciding the answers.  In test taking, repeat the question, (or
questionize the statement) for each answer and usually you'll see the light
8)

IMHO

Wayne


-Original Message-
From: Stephen Skinner [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 08, 2001 2:41 AM
To: [EMAIL PROTECTED]
Subject: CID test question [7:15131]

howdy...

do you chaps agree or disagreei personally think it should be ABD

indetify the considerations for routing protocol selection
A) resource utilization
b) address Flexibilty
c) convergence time
d) bandwidth utilization

it says A,B,C i say A,C,D.your thought please

steve

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=15200t=15131
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CCIE Written [7:9091]

[Baety Wayne A1C 18 CS/SCBX]

Blah, the second edition is just fine.  You did
know there was a second edition right?  If for
any other reason, its a good study aid to know
what to study.  Coupled with the internet its invaluable
(always verify what you read anyway w/ RFCs, Company White
papers, Standards documents, etc.)

He's a very enlightened fellow Mr. Giles, but has a
tendency to ramble.  For instance, you'll be talking
about a topic in the application layer, and within
the same paragraph he's encapsulated himself all
the way down to the LLC sublayer.

-Original Message-
From: Dennis H [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 22, 2001 4:12 AM
To: [EMAIL PROTECTED]
Subject: Re: CCIE Written [7:9091]


I would scrap the Guiles book... it's crap and full of errors...


Ken Browne  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hello.  I'm getting ready for my CCIE written examination on the
 26th of June.  I've recently gotten my NP and DP, and I'm studying
 for the CCIE written by reading the entire book of All-In-One
 CCIE Study guide by Roosevelt Giles.  After I read the book, I'm going
 to take Boson tests and any other test or questions I can to prepare.
 Any other suggestions?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=12433t=9091
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: how to check statistics on a single nat entry [7:748]

[Baety Wayne A1C 18 CS/SCBX]

Well,

   Since ip nat is accomplished through the use of access lists,
you can log the rule hits/misses or view the statics on the number of
matches with the _show access-lists_.  Logging can be used to analyze
traffic going through your access lists (and thus, nat'ed) so that you can
obtain more specific information.  I wouldn't recommend logging all your
filters, but picking one that you are curious about and logging that. I
don't believe there is an IOS command to show the statistics of a particular
rule beyond the amount of times it was matched.

Since 11.3 logging can be used with standard access lists as well
as extended access lists.

Example:

(1)
addresses you: _access-list 1 permit 192.168.100.0 0.0.0.255 log_
want nat'ed

(2)
addresses to : _ip nat pool nsub100 1.1.1.2 1.1.1.254 prefix 24_
which you nat

(3)
linking the  : _ip nat inside source list 1 pool nsub100_
two together

(3) Translates packets from interfaces marked as inside (inside initiates
the NAT translation) that match rule (1), their respective ip source
address, to a random address (one that is available) in the range specified
in (2)

(3) Also works in the opposite direction. It translates packets from
interfaces marked as outside, their respective ip destination address that
fits in the range specified in (2), and that was setup as a translation as
outlined above, until the NAT translation timeout timer expires.  This part
is first routed and then NATed. Which means, if the destination address
isn't configured on an interface on the router, it will be looked up in the
routing table and will bypass NAT entirely.  If the destination address is
configured on an interface it will then be passed to the NAT engine for
processing. This "feature" could be exploited (i mean used) to offload NAT
processing to multiple routers (by dividing (2) into subnets and using a
routing process).

In either case, coming in or going out, permitted or denied the results are
logged (and sent to the console)

From EXEC mode:

_show access-lists 1_

OUTPUT:
access-list 1 permit 192.168.100.0 0.0.0.255 log (3 matches)
 
This will show you the configured access rules for 1 and the number
of times each rule was matched (rudimentary statistics) with
logging information going to the console (more elaborate statistics).

I hope I've answered your question, and perhaps enlightened you on the
innerworkings of NAT a little bit more ;-)

(Of course you will need the requisite IOS feature pack loaded for any of
this to work)

ciao

Wayne A. Baety, A1C, USAF, MCSE
Network Operations Support, Kadena AB
[EMAIL PROTECTED]



-Original Message-
From: Adam Wang [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 21, 2001 7:20 AM
To: [EMAIL PROTECTED]
Subject: how to check statistics on a single nat entry


Hi group

How would I check statistics on a single nat entry
show ip nat statistics will give me the whole picture,
not individual entries.

Thanks

Adam




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=748t=748
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]