Re: no remote authentication for call out? trouble shoot this
How about sending the config for the 2503 to the list. although i don't have any experience with ddr and isdn stuff, if i had to guess, i would say there appears to be a chap conflict with your isp brent On 11/01/01 14:01 -0600, Jerry Deer wrote: >for some reason the last message didnt make it so: > > >below is the debug message i get when trying to connect to SWBs internet >with cisco 2503 router using isdn. The connection stays up for a few seconds >then drops , this has SWB tech perplexed ... does anyone here have any ideas >as to what this might indicate ??? >Thank you, >Jerry >... >00:31:54: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up. >00:31:54: BR0:1 PPP: Treating connection as a callout >00:31:54: BR0:1 PPP: Phase is ESTABLISHING, Active Open >00:31:54: BR0:1 PPP: No remote authentication for call-out > >any help would be appreciated! > > > > >-Original Message- >From: Jerry Deer [mailto:[EMAIL PROTECTED]] >Sent: Thursday, January 11, 2001 11:15 AM >To: '[EMAIL PROTECTED]' >Subject: no remote authentication for call out? trouble shoot this > > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:4973]
The question I have is: is the class A address space you're using on your LAN private? (10/8,192.168/16,etc)? Perhaps the tech was explaining why he would not route your space because it is prohibited per RFC 1918. In other words, if you have numbered your network with the 10/8 network space, your ISP will not (re: SHOULD NOT) allow you to announce that space to them. But if you have a legitimate IP space that has been swip'd to you from your provider or ARIN, then your provider should announce that for you. brent On 18/05/01 11:36 -0400, Circusnuts wrote: >Hmm... > >> > >I would venture to say this fellow is not all that up on BGP either. We >have an entire class B running in BGP. The only thing this fellow could be >remotely referring to, is the MAX hop command on EBGP that allows only up to >255 hops to connect to an external BGP neighbor. > >http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/icsbgp4.htm#41454 > >The syntax this link does not explain is the hop count limit... > ># Router BGP ># Neighbor ebgp-multihop > >All the best >Phil > >- Original Message - >From: Rizzo Damian >To: >Sent: Friday, May 18, 2001 9:38 AM >Subject: BGP question [7:4973] > > >> Hey folks, I have a quick question regarding BGP. We are looking for an >> alternative ISP for our Internet. One company we spoke with that offers a >> 100MB connection, said that in order to use their services we need to >> implement BGP on our Internet router. We currently utilize a class A >address >> on our Internet router, and they said BGP will only work with Class C >> addresses. I don't know enough about BGP yet to argue this fact, so I turn >> to you to ask if you agree or disagree with this comment? Thanks a lot! >> >> >> -Rizzo >> FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=5010&t=4973 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: frame relay Down [7:8648]
Chris, In order to see a telco provided loop towards your CPE, you will need to change your encap. to HDLC. I don't think Frame-Relay enap has the capability to see loops. Also, try a 'sho cont serial 0/1'. Look for the various alarms on the card; AIS, LOS, etc. And make sure that your local loopback passes as well. change the encap to hdlc, number your int, and enable 'loopback local'. Your interface should be up,up (looped) and you can then run a extended ping to your interface. That should at least prove connectivity between your csu and interface. 'no loop local' will drop the loop. Then ask AT&T to put a loop up towards your site again. brent On 14/06/01 21:17 -0400, Christopher D. Buzby wrote: >I have a frame relay site that is down, yesterday the other end was down >with a blown CSU (I know this really should not effect it after all the CSU >is only used for telco loop and act as a surge for electrical impulses) >Anyhow the other end is down and this is my INT > >Serial0/1 is down, line protocol is down > Hardware is QUICC with integrated T1 CSU/DSU > Description: AT&T t1 to carlisle > MTU 1500 bytes, BW 768 Kbit, DLY 2 usec, > reliability 255/255, txload 1/255, rxload 1/255 > Encapsulation FRAME-RELAY, loopback not set > Keepalive set (10 sec) > LMI enq sent 60, LMI stat recvd 59, LMI upd recvd 0, DTE LMI down > LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 > LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE > Broadcast queue 0/64, broadcasts sent/dropped 119/0, interface broadcasts >38 > Last input 17:18:28, output 17:18:28, output hang never > Last clearing of "show interface" counters 5w6d > Input queue: 0/75/0 (size/max/drops); Total output drops: 0 > Queueing strategy: weighted fair > Output queue: 0/1000/64/0 (size/max total/threshold/drops) > Conversations 0/1/256 (active/max active/max total) > Reserved Conversations 0/0 (allocated/max allocated) > 5 minute input rate 0 bits/sec, 0 packets/sec > 5 minute output rate 0 bits/sec, 0 packets/sec > 74 packets input, 4791 bytes, 0 no buffer > Received 0 broadcasts, 0 runts, 0 giants, 0 throttles > 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort > 185 packets output, 34289 bytes, 0 underruns > 0 output errors, 0 collisions, 119106 interface resets > 0 output buffer failures, 0 output buffers swapped out > 54 carrier transitions > DCD=down DSR=up DTR=up RTS=up CTS=down > >I have read that 99.9% percent of the time with down, up,up,up, Down, >situations it is the telco. At&t have claimed that they can loop the CSU >but when they loop I don't see anything in the sh int that indicates >loopback, shouldn't the first line say up, loop or something? Also they say >they can't loop the SmartJack which already makes it sound weird to me. I >have been preaching to my customer that it is the Telco, should I try >something else, Note I would put a loop on the module and see if it goes up >up but there is no one at the location capable of making a cable and I don't >feel like driving 10hrs. round trip to plug it in. Any other ideas, I have >the telco dispatching in the AM and I wanted to have the Telco loop and have >the customer pull the line and see if they still see it in loop but that was >not possible either cause the Telco, cough AT&T cough cough, took 5 hours to >get a tech assigned to the case. Thanks in advance for all your ideas. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8731&t=8648 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bandwidth monitoring [7:27289]
Brian, Cricket and RRD might be what you are looking for. I've only used it on a very small network and it's a pretty versatile tool. http://cricket.sourceforge.net/ Brent Wrisley 2FB6 85AD 7084 80A0 8381 C116 CDE5 78B5 E959 C536 PGP Key ID: 0xE959C536 (us.pgp.net) On 25/11/01 22:14 -0500, brian wrote: :I am looking for an app that does detailed bandwidth monitoring. I have :used cw2000 and it really doesn't do what we need. Nothing come to mind :from cisco, so I started using SolarWinds Advanced Bandwidth monitor. I :had a guy write some perl scripts for me..but it doesnt work that well :and he is gone. : :I basically have customers hanging from a 6509 on different vlan's. :They come into the data center and go out one of our two t-3's. Does :anyone have any recommendations on bandwidth tools? : :Thanks, :bk : : : : Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27291&t=27289 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: honey pot help [7:27465]
Rodney, This is a good reference: http://project.honeynet.org/ Also, this same group wrote a book about their experiences, it's pretty good (except for the last 100+ pages which are just script kiddies IRC session.) http://www.amazon.com/exec/obidos/ASIN/0201746131/qid=1006878122/sr=8-1/ref=sr_8_67_1/107-7473042-9090104 One caveat, be careful on allowing this sort activity on your network. If a cracker 'pulls a fast one' they may cause much more of a headache than it's worth. Brent Wrisley 2FB6 85AD 7084 80A0 8381 C116 CDE5 78B5 E959 C536 PGP Key ID: 0xE959C536 (us.pgp.net) On 27/11/01 10:40 -0500, Rodney Jackson wrote: :I'm wanting to install a honey pot on my network but don't know where to :start. Has anyone out done this and if so would please help me out? : :[GroupStudy.com removed an attachment of type application/octet-stream which :had a name of Rodney Jackson.vcf] : : : : Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27473&t=27465 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: T-1 Encap Preference [7:27637]
Although intf's won't combine packets, I usually set higher MTU's so that larger packets with the DF flag on will be allowed through. Brent On 29/11/01 21:16 -0500, Priscilla Oppenheimer wrote: : [...] A lot of novices think that having a large interface :MTU is going to make a big difference, but I'm not convinced. The interface :isn't going to combine packets it receives into larger packets just because :of the larger MTU. Packets can't grow!? [...] : :I'll have to look into this. Thoughts? Comments? : :Priscilla : :At 05:26 PM 11/29/01, Howard C. Berkowitz wrote: :> >Found this in RFC 1661 which documents PPP: :> > :> >The maximum length for the Information field, including Padding, but not :> >including the Protocol field, is termed the Maximum Receive Unit (MRU), :> >which defaults to 1500 octets. By negotiation, consenting PPP :> >implementations may use other values for the MRU. :> > :> >P. :> :>Hmmm...I definitely am aware of providers using 4470 on POS links, :>and a general trend in the gigabit-plus world to use larger MTUs. Is :>this simply industry practice, I wonder, or are there some overriding :>IEEE or IETF documents? Perhaps in the sub-IP area, such as IP over :>Optical? :> :> > :> >At 03:05 PM 11/29/01, Howard C. Berkowitz wrote: :> >> >Howard, :> >> > :> >> >Correct me if am wrong but, the HDLC advantage over PPP is the MTU :size. :> >> >PPP supports 1500 while HDLC 4xxx (can't remember the exact number), :> >> >this might be helpful in situations where DF bit is set. :> >> > :> >> >Nabil :> >> :> >>I'd have to research this -- I don't offhand remember PPP (as the :> >>protocol) having a MTU limit that small. It would surprise me, given :> >>the interest in POS. :> > :> > :> >Priscilla Oppenheimer :> >http://www.priscilla.com : : :Priscilla Oppenheimer :http://www.priscilla.com : : : : Brent Wrisley 2FB6 85AD 7084 80A0 8381 C116 CDE5 78B5 E959 C536 PGP Key ID: 0xE959C536 (us.pgp.net) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27828&t=27637 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
