RE: Please Help - CIDR - How the bits work [7:75050]
Funny thing about this is that most experts that I've dealt with working at major ISPs who do nothing but deal with BGP and routing daily still don't get the configurations right the first time. I've never had a BGP neighbor setup go smoothly (i.e. take less than 2 hours), and it was never a problem on my side of the configuration. So don't blame yourself if you don't get it right the first time. And don't be afraid of it... Most experts, in my experiences, still make mistakes with BGP. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 11:26 AM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Yes! Even I would not feel comfortable configuring BGP in a production environment yet, and although I don't have my CCNP yet, I did pass the routing and switching tests. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 7:32 PM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Dom wrote: And one last point, No LAN is an island, why two IG(P) protocols and no EG(P) protocol? A NA should at least a some understanding of how to connect to the outside world - when to use BGP and when not to. Default routing. Wouldn't we all be better off if CCNAs would stay away from BGP?? :-) Priscilla Sorry Fred, not having a go at you personally, but these are points we all need to think about. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: Dom [mailto:[EMAIL PROTECTED] Sent: 09 September 2003 23:37 To: 'Reimer, Fred'; '[EMAIL PROTECTED]' Subject: RE: Please Help - CIDR - How the bits work [7:75050] Oh, and while I'm on the subject - why EIGRP? This is a proprietary Cisco Protocol. OK, I believe that Juniper may have implemented it, but to the best of my knowledge no one else has. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: 09 September 2003 22:03 To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] I guess my expectation and Cisco's, or at least their current expectations as listed on their web site, don't match then. By my definition a beginner should know about CIDR, EIGRP, and OSPF. It's not like they are inherently difficult to understand. People tend to make it sound like rocket science or voodoo magic. It's just a routing protocol folks. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Chuck Whose Road is Ever Shorter [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 3:56 PM To: [EMAIL PROTECTED] Subject: Re: Please Help - CIDR - How the bits work [7:75050] Reimer, Fred wrote in message news:[EMAIL PROTECTED] May be I had advanced access to the new NA material then ;-) In my view, a NA should be able to handle basic RIP, OSPF, EIGRP in a small to medium sized network. That would certainly include CIDR. A NP, IMO, would be for advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a mid-large sized network for connection to the Internet including minimal BGP. IE, IMO, is for ISP engineers that have to deal with extensive IS-IS, BGP using all options, etc, and large to huge (global) networks. May be I'm just expecting too much, but if you don't understand CIDR you shouldn't be allowed anywhere near a router, let alone be responsible for configuring them. with all due respect, I disagree. CCNA is promoted by Cisco as being someone capable of
RE: backup interface [7:74836]
Kaiser, Shutting the local primary interface down will not trigger the backup interface. The line protocol of the primary interface must go down in order to bring the backup interface out of standby. Try shutting down the link from the other side, or just unplug the serial interface. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, September 05, 2003 1:01 AM To: [EMAIL PROTECTED] Subject: RE: backup interface [7:74836] Hi, even when i shut down my serial interface nothing happens. Bri 0/0 stays in standby mode. and sub interfaces in administratively down. one thing to keep in minds that i am using a simmultor. it is not real isdn. show isdn status shows layer 1 deactivated. Thanks kaiser A **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74872t=74836 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ping cisco@groupstudy.com [7:74702]
Fred, Yeah, I'm still using IOS 3.11, IOS for workgroups. I refuse to upgrade. Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 9:26 AM To: Brian McGahan; [EMAIL PROTECTED] Subject: RE: ping [EMAIL PROTECTED] [7:74702] Wow! Given your CCIE number you must be using a REALLY old router for that ping. Most newer models send five echo requests, not three. Either that or some packets got lost somewhere... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Brian McGahan [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 10:39 PM To: [EMAIL PROTECTED] Subject: ping [EMAIL PROTECTED] [7:74702] !!! Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74810t=74702 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ??? Layer 2 routing ??? [7:74788]
Steve, What you are referring to is called Multi-Layered Switching (MLS). MLS uses a unicast and multicast cache to keep state information on flows passing through the layer 3 switch. The following demonstrates layer 2 and layer 3 lookup end to end. Take the following situation: HostA---Router1---HostB HostA and HostB are on separate layer 3 segments. HostA attempts to send a packet to HostB. HostA looks in its local ARP cache to see if there is already a layer 3 to layer 2 mapping for HostB's IP address. If there is not, HostA does a logical AND with the destination IP address and the local subnet mask. If the result shows that HostB is on HostA's local network, HostA ARPs for HostB. Since in this case they are not on the same subnet, HostA must now resolve the layer 2 address of its default gateway. HostA now checks its ARP cache for the layer 2 address of Router1. If the mapping is already in the cache, HostA does not ARP for Router1, if the mapping is not already in the cache, HostA ARPs for Router1. After the layer 2 address of the gateway is returned, HostA encapsulates a packet with the destination layer 3 address of HostB, and the destination layer 2 address of Router1. Router1 now receives the packet from HostA destined to HostB. Router1 does a layer 3 routing lookup for HostB's IP address. Router1 sees that HostB is directly connected. Router1 rewrites the layer 2 header of the packet, putting its own layer 2 address as the source, and HostB's layer 2 address as the destination. Router1 sends the packet, and it is received by HostB. The above process repeats on a per packet basis. MLS is meant to optimize the layer 3 routing lookup phase done on Router1. When a packet comes to the MSFC (layer 3 engine), the MLS cache is checked to see if there is a flow for this packet already cached. If the flow does not previously exist, a routing lookup is done, the layer 2 header is rewritten, a new entry in the MLS cache is created, and the packet is switched. If there is a preexisting entry in the MLS cache, the layer 2 header is immediately rewritten without having to do a routing lookup. The optimization is that the routing lookup is skipped if it was already previously performed, hence Multi-Layered Switching. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steven Aiello Sent: Thursday, September 04, 2003 9:05 AM To: [EMAIL PROTECTED] Subject: ??? Layer 2 routing ??? [7:74788] Ok all I have a question on this subject. I know routing takes place at the network layer, and switching takes place at the data link layer because it works based on physical addresses. So how do we get route switching? I've just started my CCNP and we were learning about different cache methods to speed up performance, is this how route switching is done, is the routing calculation be performed on a per packet basis? I was reading that by default, Cisco routers only perform a routing calculation on the first packet for a destination network and then on less the no route-cache option is set all the rest of the packets are really only switched to the correct interface. Am I missing something? I would invision that a router would by default perform a lookup for each connection sequence. does layer 3 routing not do a look up for each sequence of packet? Does is look at an address and use an old pre say route that was cached in memory? If some one can give a good explanation I would greatly appreciate it. Thanks, Steve **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74809t=74788 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ??? Cisco Express Forwarding ??? [7:74794]
Steve, There are a few reasons why a lookup through the CEF table is faster than a lookup in the IP routing table. A lookup in the IP routing table is done top down until a match is found, much like how an access-list is processed. The problem, however, is that the IP table is not in any specific order, therefore, the worst case lookup for a route is directly proportional to how many prefixes exist in the IP routing table. The CEF table, on the other hand, takes a maximum of four lookups before a match is found. CEF uses four data structures, each with 256 children, with each child having 256 children, etc. This gives us a maximum entry size of 2^32 (all IP address space). These structures are divided as follows: Root -0.0.0.0 -1.0.0.0 -2.0.0.0 .. -255.0.0.0 Suppose we're doing a lookup on the prefix 1.2.3.4. First we find the 1st child under the root (1.0.0.0) Root -1.0.0.0 --1.0.0.0 --1.1.0.0 --1.2.0.0 --... --1.255.0.0 Under the child 1.0.0.0, we now find the 2nd child (1.2.0.0). Next, we find the 3rd child under 1.2.0.0 (1.2.3.0), and finally the fourth child under 1.2.3.0, (1.2.3.4). Our final lookup is now as follows: Root -1.0.0.0 --1.2.0.0 ---1.2.3.0 1.2.3.4 As you can see, no matter which prefix we are doing a lookup on, we have to do a maximum of 4 lookups in order to find it, unlike the normal IP routing table, where our worst case lookup time is proportional to the amount of prefixes in the table. The next reason that CEF is faster than a normal lookup is the adjacency table. Every time a lookup is done in the IP routing table, an addition lookup (recursive lookup) must be done to find the outgoing interface for the next hop IP address. In the case of CEF, this lookup is already done for you in the adjacency table. The adjacency table provides us with the outgoing interface, and the destination layer 2 address that must be encapsulated in order to send the packet out said interface. Lastly, the main advantage of CEF is that the above mentioned lookups are done *before* any traffic is sent. In the case of the other caching mechanisms, a cached entry is not created until the first packet in the flow is fast-switched. This follows the paradigm of route once, switch many. CEF on the other hand is just switch many, since the routing lookup is already performed. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steven Aiello Sent: Thursday, September 04, 2003 10:06 AM To: [EMAIL PROTECTED] Subject: ??? Cisco Express Forwarding ??? [7:74794] Another question, in CEF is the whole routing table held in a cache? If so what is the diffrence between this and the routing table held in RAM? Is the cache faster than the regular RAM in the router? Thanks, Steve **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74811t=74794 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: OT Gibberish in email [7:74740]
There's a compelling argument for scheduled virus and spyware scans/updates.. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Thu, 4 Sep 2003, Wilmes, Rusty wrote: I've been trying to scrounge up the time to build one of these... http://lawmonkey.org/anti-spam.html combination of bayesian and razor on openbsd acting as an MTA. About 1/2 our staff installed freeware screensaver (read: gator) on their computers and our spam has gone through the roof. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 2:36 PM To: [EMAIL PROTECTED] Subject: RE: OT Gibberish in email [7:74740] Reimer, Fred wrote: It is an attempt by the SPAMers to avoid SPAM software that takes a hash of the SPAM and blocks SPAM on machines based on these hash values. There are some anti-SPAM solutions out there that basically relies on the users to mark email as SPAM. When they do, the client machines send the hash of the SPAM up to the service provider, which shares these hashes with all other subscribers. So, if the same exact SPAM is sent to another user it would automatically get blocked. These random characters change the hash value, and hence this method of blocking SPAM is ineffective. Use a Bayesian filter program for your SPAM. I have 3755 emails in my Junk Mail folder now, and I empty it out last on July 18th. Check out www.Junk-Out.com. Fred Reimer - CCNA Someone should develop a SPAM filter that looks for certain types of randomness within a message. This would be difficult, but certainly not impossible. You'd have to be pretty creative about it but it ought to be possible to devise an algorithm that could detect that sort of random line--often found in the subject line--and flag it as SPAM. I haven't heard of a Bayesian filter before. I'm going to go find out more about that right now. John **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74807t=74740 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: 2600 3600 3700 series routers [7:74812]
Protocol (SCTP) T.37/T.38 Fax Gateway Token Ring LANE Trimble Palisade NTP Synchronization Driver Turbo Flooding of UDP Datagrams UDLR Tunnel ARP and IGMP Proxy V.92 Modem on Hold Voice over IP Q.SIG Network Transparency X.25 on ISDN D-Channel HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Williams Sent: Thursday, September 04, 2003 1:00 PM To: [EMAIL PROTECTED] Subject: 2600 3600 3700 series routers [7:74812] Group, I'm currently studying for the CCIE lab exam. My lab consists of 2500 - 2600 series routers. My question is if there is a difference in IOS features between the 3600s and the 3700s. I'm trying to decide if I need some rack time playing around with the 3700s or if the 2600s and 3600s will do everything the 3700s will do. Thanks, dave **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74820t=74812 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: backup interface [7:74836]
Kaiser, Your primary interface is up, so your backup interface is in standby mode. This is normal behavior. What are you trying to accomplish? HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: backup interface [7:74836] Hi, I am having issue with backup interface with isdn. I can ping my directly connected bri interface. but as soos as I hit my serial backup interface bri 0/0. Bri goes down. i do show isdn staus it says layer one deactived. this what it shows for sh ip int Interface IP-Address OK? Method Status Protocol Ethernet0/0unassigned YES NVRAM up up Ethernet0/0.4 130.4.34.3 YES NVRAM up up Ethernet0/0.6 130.4.36.3 YES NVRAM up up BRI0/0 130.4.113.3 YES NVRAM standby mode down Serial0/0 130.4.100.3 YES NVRAM up up BRI0/0:1 unassigned YES unset administratively down down BRI0/0:2 unassigned YES unset administratively down down Virtual-Access1unassigned YES TFTP down down Loopback0 130.4.3.3 YES manual up up Thanks in advance for eveyone's help. Sincerely, Kaiser A **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74845t=74836 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Ip snooping in cisco routers [7:74708]
Just to make sure you're aware, debug ip packet with its options is generally frowned upon in production environments, if you are not specific enough with the debug or hit enter prematurely, well thats a good way to draw the wrath of your coworkers. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Wed, 3 Sep 2003, dre wrote: Reimer, Fred wrote in message ... Cisco routers don't have the ability to capture packets. However, you can use an ACL and the debug ip packet command to get some limited information. Well, you can do debug ip packet dump and get the full payload in both hex and ASCII (like tcpdump). Or, even better, if the device supports SPAN, RSPAN or ERSPAN, you can mirror the traffic from x ports/vlans to y ports/vlans. Or, you can setup a GRE tunnel that copies all traffic from the Cisco to a nearby Unix machine. https://www.phrack.com/show.php?p=56a=10 There are also many other ways to accomplish this, which rely on changing the ways the protocols normally operate. For example, using a tool such a (but clearly not limited to) dsniff or irpas, one can easily create a MITM gateway based on modification of ARP, ICMP redirect, IRDP, STP, HSRP, PBR (using interface, next-hop, etc), or even using generalized proxies (IP NAT, MAC address translation). -dre **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74738t=74708 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Question regarding dialer-watch [7:74667]
Jens, Assuming this is legacy DDR, do you have a static layer 3 to layer 2 resolution (dialer map) for the IP of the remote end? Post your config if you're still having trouble. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jens Petter Eikeland Sent: Tuesday, September 02, 2003 11:16 AM To: [EMAIL PROTECTED] Subject: Question regarding dialer-watch [7:74667] I have put up a solution with isdn backup to a primary Frame-Relay link. This is set up with Tacacs callback solution. The link seems to function fine. Then I try to put on dialer-watch on the client side of this link. When I shall test this by bringing sown the primary, everything looks fine. The backup is coming up, the routes ar prefered over isdn. But when I try to send any trafic I form of pings or telnet nothing happens Even when the link are up my packet wont go over the link. I have also a friend that is having the same problem, and then I guess There will be other that has experienced this.. Please help, I have only days before my lab attempt Jens P **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74760t=74667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
ping cisco@groupstudy.com [7:74702]
!!! Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74761t=74702 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Question regarding dialer-watch [7:74667]
Jens, Assuming this is legacy DDR, do you have a static layer 3 to layer 2 resolution (dialer map) for the IP of the remote end? Post your config if you're still having trouble. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jens Petter Eikeland Sent: Tuesday, September 02, 2003 11:16 AM To: [EMAIL PROTECTED] Subject: Question regarding dialer-watch [7:74667] I have put up a solution with isdn backup to a primary Frame-Relay link. This is set up with Tacacs callback solution. The link seems to function fine. Then I try to put on dialer-watch on the client side of this link. When I shall test this by bringing sown the primary, everything looks fine. The backup is coming up, the routes ar prefered over isdn. But when I try to send any trafic I form of pings or telnet nothing happens Even when the link are up my packet wont go over the link. I have also a friend that is having the same problem, and then I guess There will be other that has experienced this.. Please help, I have only days before my lab attempt Jens P **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html [GroupStudy removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74700t=74667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
ping cisco@groupstudy.com [7:74702]
.!!! Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74702t=74702 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Question regarding dialer-watch [7:74667]
Jens, Assuming this is legacy DDR, do you have a static layer 3 to layer 2 resolution (dialer map) for the IP of the remote end? Post your config if you're still having trouble. HTH, Brian McGahan, CCIE #8593 [EMAIL PROTECTED] Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-334-8987 Direct: 708-362-1418 (Outside the US and Canada) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jens Petter Eikeland Sent: Tuesday, September 02, 2003 11:16 AM To: [EMAIL PROTECTED] Subject: Question regarding dialer-watch [7:74667] I have put up a solution with isdn backup to a primary Frame-Relay link. This is set up with Tacacs callback solution. The link seems to function fine. Then I try to put on dialer-watch on the client side of this link. When I shall test this by bringing sown the primary, everything looks fine. The backup is coming up, the routes ar prefered over isdn. But when I try to send any trafic I form of pings or telnet nothing happens Even when the link are up my packet wont go over the link. I have also a friend that is having the same problem, and then I guess There will be other that has experienced this.. Please help, I have only days before my lab attempt Jens P **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74701t=74667 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
new ccnp test books [7:74463]
how are the books from sybex for the new ccnp test ? switching book is by Terry Jack routing book is by Carl Timm __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74463t=74463 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: PPTP win98 to PIX not working [7:74521]
is there an mtu difference, causing dont fragment failures? Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Fri, 29 Aug 2003, Michael Barnhart wrote: Hello all. I have a problem with pptp to pix. Client has win98 machines on their network, all behind a DSL router. They connect via MS PPTP to my PIX box. The connection is fine, without errors. Problem is, they cannot do anything on my network. If they disconnect from their network, dial up to Internet, they connect fine and can do everything they should be expected to do. Windows 2000 and up machines seem to work fine, though. I am more than a little stumped. Below, please find a brief setup: client (192.168.0.x) - DSL Router - Internet - DSL Router - PIX )with live IP address on outside interface) (VPN Pool is 172.16.0.x) - Internal Network (10.1.1.x). vpdn group klr accept dialin pptp vpdn group klr ppp authentication pap vpdn group klr ppp authentication chap vpdn group klr ppp authentication mschap vpdn group klr client configuration address local klrpool vpdn group klr pptp echo 60 vpdn group klr client authentication local vpdn username some-name password some-password vpdn enable outside Any help would be muchly appreciated! Thanks! Michael Barnhart **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74523t=74521 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Is it possible to upgrade 2500 series to a 2600 series [7:74131]
I can only assume this query was spawned by people running 3000s as 2500s?? Brian - Original Message - From: MADMAN To: Sent: Monday, August 18, 2003 2:43 PM Subject: Re: Is it possible to upgrade 2500 series to a 2600 series [7:74128] Sleek wrote: Hi all, I would like to know if it is possible to upgrade a 2500 series router to a 2600 series router and if it is possible I would also want to know the required materials for upgrade. Regards, Osaz. CCNA Yes. a P.O. or credit card should do the trick ;) Dave **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Government can do something for the people only in proportion as it can do something to the people. -- Thomas Jefferson **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74131t=74131 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: What cables need to be used for an AS2511-rj [7:73987]
Hi Natachaya, Answer to your question: Roll-Over. If you want to connect from a Cisco 2511 Terminal Server to another Cisco device on the console port then you need a Roll-Over cable, 9 times out of ten. A Roll-Over cable is what is sais, it rolls the cable completely over so that if the blue wire started on pin 1 on one side it is now on pin 8 on the other side. If you have any problems with the configuration then give me a shout. Have fun, Brian. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74003t=73987 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: What cables need to be used for an AS2511-rj [7:73987]
Hi Natchaya, Here is an example configuration that should help you out. ! conf t ! ! int e 0 ip address 192.168.0.1 255.255.255.0 no shut no keepalive exit ! ! menu console_menu title / Welcome to the Foo Out Of Band Terminal Server To disconnect a session, please press , enter X and then enter 18 to disconnect. Type a number to select an option; Type 17 to exit the menu. 1. Device A Console 2. Device B Console 3. Device C Console 4. Device D Console 5. Device E Console 6. Device F Console 7. Device G Console 8. Device H Console 9. Device I Console 10. Device J Console 11. Device K Console 12. Device L Console 13. Device M Console 14. Device N Console 15. Device O Console 16. Device P Console 17. Exit 18. Disconnect your present Serial connection / ! ! ! menu console_menu command 1 connect 192.168.0.1 2001 menu console_menu command 2 connect 192.168.0.1 2002 menu console_menu command 3 connect 192.168.0.1 2003 menu console_menu command 4 connect 192.168.0.1 2004 menu console_menu command 5 connect 192.168.0.1 2005 menu console_menu command 6 connect 192.168.0.1 2006 menu console_menu command 7 connect 192.168.0.1 2007 menu console_menu command 8 connect 192.168.0.1 2008 menu console_menu command 9 connect 192.168.0.1 2009 menu console_menu command 10 connect 192.168.0.1 2010 menu console_menu command 11 connect 192.168.0.1 2011 menu console_menu command 12 connect 192.168.0.1 2012 menu console_menu command 13 connect 192.168.0.1 2013 menu console_menu command 14 connect 192.168.0.1 2014 menu console_menu command 15 connect 192.168.0.1 2015 menu console_menu command 16 connect 192.168.0.1 2016 menu console_menu command 17 menu-exit menu console_menu command 18 disconnect menu console_menu clear-screen menu console_menu status-line menu console_menu line-mode menu console_menu single-space ! ! line 1 16 session-timeout 120 no exec exec-timeout 120 0 password cisco login transport input all stopbits 1 exit ! line con 0 login password cisco autocommand menu console_menu exit ! ! It has a bit more than you normally need, but it is also nice and friendly. If I break the configuration down you will see that I have put the IP Address 192.168.0.1 255.255.255.0 on Ethernet 0. In addition I have put in the no keepalive command, which allows you to reverse telnet to the device even though you do not have an actual LINK on Ethernet 0. If you do not use the no keepalive command then you actually have to have a LINK on E0. Then you will see that I have put in a MENU called console_menu. When you connect to the console of the Terminal Server, this menu appears automatically due to the autocommand menu console_menu command. Next you will notice all of the menu console_menu command commands towards the end of the config, which will be executed when you type the corresponding number when the menu has appeared. That means that if you type a 3 when the menu appears then it will execute a connect 192.168.0.1 2003 which means that it does a reverse telnet to port 2003. This connnects you to CONSOLE Port 3 on your Terminal Server. If you have any problems with this configuration, give me a shout. Have fun, Brian. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74009t=73987 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Bad mask /24 for address ???? [7:73801]
In the old classful world, 10. addresses had a class a 255.0.0.0 mask, you tried ip classless in your config? Brian - Original Message - From: Iwan Hoogendoorn To: Sent: Sunday, August 10, 2003 6:27 AM Subject: Bad mask /24 for address [7:73801] I was trying to assign an IP address with an subnetmask to the interface E0 and i got this strange message: Bad mask /24 for address 10.0.0.10 here is what i did: RouterA(config)#int e0 RouterA(config-if)#ip add 10.0.0.10 255.255.255.0 Bad mask /24 for address 10.0.0.10 Can someone tell me what i did wron ...this is suposing to work right? Thank You Iwan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73822t=73801 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Bad mask /24 for address ???? [7:73801]
In the old classful world, 10. addresses had a class a 255.0.0.0 mask, you tried ip classless in your config? Brian - Original Message - From: Iwan Hoogendoorn To: Sent: Sunday, August 10, 2003 6:27 AM Subject: Bad mask /24 for address [7:73801] I was trying to assign an IP address with an subnetmask to the interface E0 and i got this strange message: Bad mask /24 for address 10.0.0.10 here is what i did: RouterA(config)#int e0 RouterA(config-if)#ip add 10.0.0.10 255.255.255.0 Bad mask /24 for address 10.0.0.10 Can someone tell me what i did wron ...this is suposing to work right? Thank You Iwan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73812t=73801 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Bad mask /24 for address ???? [7:73801]
In the old classful world, 10. addresses had a class a 255.0.0.0 mask, you tried ip classless in your config? Brian - Original Message - From: Iwan Hoogendoorn To: Sent: Sunday, August 10, 2003 6:27 AM Subject: Bad mask /24 for address [7:73801] I was trying to assign an IP address with an subnetmask to the interface E0 and i got this strange message: Bad mask /24 for address 10.0.0.10 here is what i did: RouterA(config)#int e0 RouterA(config-if)#ip add 10.0.0.10 255.255.255.0 Bad mask /24 for address 10.0.0.10 Can someone tell me what i did wron ...this is suposing to work right? Thank You Iwan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73833t=73801 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Grand Opening . the GroupStudy.com Store! [7:73353]
I am not paul, but will paste in a previous reply of his re thos oft asked question. Date: Mon, 14 Jul 2003 16:56:31 GMT From: Paul Borghese To: [EMAIL PROTECTED] Subject: RE: We (Cisco mailing list) are moving ... [7:72060] Thanks everyone for your offer ... but as of now I am trying to avoid donations. Frankly I do not think donations will cover the cost of running GroupStudy. Plus it will make my job 10x more difficult. Every day I help people with subscription issues associated with GroupStudy. Most people are pleasant, gracious, and understanding that I do this as a hobby. But two or three times a week I receive an e-mail from someone or some organization demanding I drop everything I am doing and fix whatever problem they are having with GroupStudy. They act as if they are paying a fortune for the service and somehow they have a given right to participate in GroupStudy. In the end it is almost always an internal problem within their organization (i.e. anti-spam filters, firewalling issues, etc.). I can not imagine what it would be like if those people had actually give some token donation to GroupStudy. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Fri, 1 Aug 2003, [EMAIL PROTECTED] wrote: Paul do you also have a paypal account where we can be chipping a $ here and there to help defray some of the cost of hosting this United Nations CCIE virtual classroom ? -Original Message- From: Paul Borghese [mailto:[EMAIL PROTECTED] Sent: Friday, August 1, 2003 03:43 PM To: [EMAIL PROTECTED] Subject: Grand Opening . the GroupStudy.com Store! [7:73353] In order to help pay for the services of GroupStudy.com we are opening a GroupStudy.com store, selling some of the industries best certification products! If you are in the market for some Cisco Certification materials, please check us out at: http://shop.groupstudy.com We have a number of products from Certification Zone including written test practice questions and a CCNA, CCNP lab workbook. IP Expert has offered us an exclusive discount off their CCIE workbooks. Purchase from the store and receive a 5% discount! Besides certification materials, we also have partnered with a company to sell GroupStudy t-shirts, mugs, bags, etc. So please keep us in mind for your next purchase! Paul Borghese **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73374t=73353 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com
Re: Latest Cisco PIX? [7:73084]
There was a 506 that was discontinued.. Brian - Original Message - From: Shawn Xu To: Sent: Sunday, July 27, 2003 2:23 PM Subject: Latest Cisco PIX? [7:73084] Hi, I heard Cisco has PIX 560. However, I couldn't find Cisco PIX 560 from www.cisco.com. The latest one is PIX 535. Is it right? Thanks Shawn Xu _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73085t=73084 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: We (Cisco mailing list) are moving ... [7:72060]
paul, then why not provide for links to cert books, router simulators etc. cert books from sybex and cisco press can be a good start and if you can request the merchant (amazon as you mentioned) to provide a promotion code then during checkout one could put that code and may be (may be) amazon could give some $$ off to us as well, like free shippping (just an example). so its a win-win for all, amazon, groupstudy and us !!! (i am pretty sure amazon could provide that to a site like groupstudy) thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72707t=72060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: want lab mates [7:71980]
I'll ask, since no one else has, city, state, or country please? Brian - Original Message - From: 2000 technologie To: Sent: Monday, July 14, 2003 9:53 AM Subject: Re: want lab mates [7:71980] hi i need some friends for lab [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72283t=71980 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: problem with 7206 router. [7:72177]
hmm wonder if the config specifies a tftp boot of the image specified in that error? Tried removingthe config? Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Sat, 12 Jul 2003, Zsombor Papp wrote: Default solution is to boot up the image on the flash card, format bootflash, and copy a new bootloader image onto it, but you might need just remove a few files from bootflash: so that the bootloader is the first file. What does 'show bootflash:' show? Thanks, Zsombor At 08:23 AM 7/12/2003 +, Xy Hien Le wrote: Hi everyone, I bought a 7206 router and it booted up as follow before booting by the Flash Card contains IOS. I think the internal flash device is missing or corrupted. Anyone have any sugestion how I can fix this? Here is the boot up output: System Bootstrap, Version 11.1(5) [mkamson 5], RELEASE SOFTWARE (fc1) Copyright (c) 1994 by cisco Systems, Inc. C7200 processor with 65536 Kbytes of main memory monlib does not contain a valid magic number boot: cannot open bootflash: an alternate boot helper program is not specified (monitor variable BOOTLDR is not set) and unable to determine first file in bootflash loadprog: error - on file open boot: cannot load cisco2-C7200 And it will booted with the image installed in the Flash Card... Any sugestion is much apreciated. Xy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72190t=72177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Microsoft Netmeeting 2620 w/ NAT [7:72192]
hmm set commands, looks catoslike to me. According to http://www.cisco.com/warp/public/556/nat-faq.html, all platforms other than uBR7200 require either a J or an O image (Enterprise or Cisco IOS Firewall respectively) to obtain support for Microsoft's NetMeeting application within Cisco IOS NAT. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Sun, 13 Jul 2003, Colin Weiner wrote: Hi Im trying to get Microsoft Netmeeting to work through a 2620 w/ NAT. Ive been looking through newsgroups and Ciscos web site but am stumped. Im running IOS Version 12.3(1a) (c2600-ik9o3s3-mz.123-1a) which support H323. I found the following on Cisco went site but I dont think these command are available on the 2600 platform: set nat entry add inside_ip address 1503 outside_ipaddress 1503 tcp set nat entry add inside_ip address 1720 outside_ipaddress 1720 tcp Any ideas would greatly appreciated, Ive got my head up my ass.. Thanks Colin Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72196t=72192 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
pa-fe-fx crc errors [7:72067]
Got a friend messing with a couple of these, I cant find a lot of info on these cards really, anyone got a good troubleshooting site? Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72067t=72067 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Are the system UP - without using ping [7:71920]
Really you have a couple things to worry about, the physical ether link and the service in question. Assuming the device in question connects to a managed switch, syslog, snmp, or something similar can tell you when the port status changes. Re service monitoring, NoCOl used to be a great free option, I'm sure theres several out there now, just google for service monitor. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Mon, 7 Jul 2003, alaerte Vidali wrote: Thanks, I am looking for a program running under Window or Lunix that could automatically indicates when a device goes down. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72001t=71920 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: cisco back to back cable [7:71992]
You need to set clock on one, I leave it as an exercise to the poster to figure out which. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Mon, 7 Jul 2003, KW S wrote: Dear All I have a 2501 and 2505 and I am trying to set up a homelab..These 2 routers come with a cable which is a DB60(DTE) and the other end is a DB60(DCE).This is wat that is label on the cable. Anyway, I try to connect this cable to the serial interface of the 2 routers...and both the routers are showing serial is down and line protocol is down. I guess I have used the wrong cable...or maybe I have missed out something. Please comment.. Regards, kws Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72000t=71992 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ccnp prep ? [7:71660]
how is the tod lammle book set for ccnp tests ? or should one go with the cisco press books ? ccna book by todd was very good, are the ones for ccnp also as informative ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71660t=71660 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tier 1, Tier 2, Tier 3 ISPs [7:71508]
I really hate the tier argument, but to me, a tier 1 originates a large number of ip block announcements. Brian - Original Message - From: fred barreras To: Sent: Thursday, June 26, 2003 11:26 PM Subject: RE: Tier 1, Tier 2, Tier 3 ISPs [7:71508] tier 1 rents facilities from tier 2. Tier 2 rents facilities from tier 3. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71516t=71508 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Store Su**ks Big time [7:71413]
I tried to reply to you directly, that was a nogo. So, here it is, http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItemitem=3031476285category=28034 Brian - Original Message - From: J B To: Sent: Wednesday, June 25, 2003 9:45 PM Subject: Cisco Store Su**ks Big time [7:71413] I ordered a Documentation CD from the Cisco Store more than 2 months ago I'm still waiting. After two months of emails back and forth they told the CD is back ordered. I can believe Cisco service can be so bad. Is anyone out there willing to sell me a doc cd with a recent date. Thanks JB Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71423t=71413 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCDA Study material [7:71111]
I recently used the knowledgenet BSCI course. I used it as a supplement to my studying and not my main source. it was very good in explaining the technology and hands on labs just not sure that it covered all of the details needed to pass the exam. I signed up for the exam at www.computer.org this is the IEEE site. If you join as a member of IEEE $100.00 US fee/yr you get access to the courses that they have available. I paid $44.00 only since it is prorated over the year. I did BSCI they also have Advanced Cisco wireless and other tech courses. It is a very cheap resource for studying $44.00 all you can study not bad. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Lopez, Robert Sent: Wednesday, June 25, 2003 9:12 AM To: [EMAIL PROTECTED] Subject: RE: CCDA Study material [7:7] Group, To answer the question regarding Knowledgenet from thread below...I've recently purchased a few courses from Knowledgenet - cvoice, dqos and evodd. It's basically 6 weeks of self/web-based study with hands on lab scenarios and sample exam questions for each class. My first course was cvoice. I went through the coursework just about everyday for six weeks. At the end of the six weeks I sat the cvoice exam and passed - the only material used was from knowledgenet and the cisco website - a little hand-on experience helped as well. I'm in the process of sitting the exam for dqos - this upcoming Friday... Robert -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 1:33 PM To: [EMAIL PROTECTED] Subject: RE: CCDA Study material [7:7] CiscoNewbie wrote: Great write up. Thanks. So what is the current exam number? 640-861 DESGN Is it just one exam that I have to take? Yes, It's just one exam to get CCDA. Lots of exams to get CCDP. Do you know what the new exam number will be or is? I think it's the same answer as the one above. It just came out but I don't think you can still take the old one, as I implied before. Cisco shouldn't change the exam for a while. It took them years to do the development on this class and test. And they did a great job, from what I can tell. I was looking at taking the following course, what do you think: http://www.knowledgenet.com/courselibrary/cisco/courses/desgn_pf.jsp An advantage to taking the class is that you will get the 1,000s of pages that Cisco wrote for the course manual. I don't know much about Knowledgenet. It appears to not be a real, carbon-based classroom where you go in person to the site and can easily interract with the instructor and other people taking the class, which is a major benefit in a design class. In fact, the exercises for DESGN are designed to be done with a team. Can you do that with this Web-based training? It's possible that they do a good job with their Web-based training and simulate the real world well. I just don't know. Cisco recommends that DESGN be taught with a simulator that will let you do some design tasks. They recommend OPNET. Does Knowledgenet let you use OPNET? I would ask a few questions before shelling out a lot of money for the Knowlegenet course. Has anyone else here on GroupStudy used them? If you do use them, let us know how it goes. Thanks and good luck with your CCDA. Priscilla Thank you! --- Priscilla Oppenheimer wrote: CiscoNewbie wrote: Hi all. I am going up for my CCDA cert and would like to know what are the recommended books and material to study with? Nothing is out yet for the new version of the test, as far as I know. Your best bet would be to take the instructor-led class, if you can afford it. With a good instructor, I think DESGN could be a really great class. It's got tons of meat now, much more than before. It has a big focus on systems analysis as it is taught at universities, as a real discipline, not just a bunch of hand-waving. The class also has a huge scope, covering almost everything you ever wanted to know related to campus and enterprise networks, from business (which they call social or organizational) goals, technical goals, topologies, architectures, modular design, addressing (including IPv6), routing, voice, network management, and security. One focus is on the SAFE architecture, so look that up on Cisco's site and learn it. There's also some AVVID stuff Many of the course modules are partially based on my book Top-Down Network Design. Many of the modules say that Top-Down Network Design is recommended reading. Top-Down Network Design doesn't cover some newer topics, though, such as SAFE and AVVID, although it did cover voice in a limited fashion, since Cisco has been harping on that for years now. DESGN covers voice in gory detail, however. It seems to have all of the old CVOICE course in it. Each module in DESGN has many chapters, each of which is literally hundreds of
Re: how about ccie salary in US? [7:71143]
Theres a survey link on www.tcpmag.com, check it out. Bri - Original Message - From: james kong To: Sent: Monday, June 23, 2003 8:51 AM Subject: how about ccie salary in US? [7:71143] Just the same as the subject,anyone who know it please tell!Thank u! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71212t=71143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QoS - Enabling Traffic Shaping [7:70877]
Jonathan, First let's make sure we're on the same page with definitions. For traffic-shaping (both GTS and FRTS), the terms are as follows: AR = Access Rate (physical clock or rate-limit at local loop) CIR = Average per second Bc = Bits per interval committed Be = Bits per interval excess Tc = Interval in ms The following formula should be used to calculate Bc: Bc = CIR * Tc/1000 The following formula should be used to calculate Be: Be = (AR - CIR) * Tc/1000 In this example, our access-rate is 64000bps. We are trying to average 15% of our access rate for telnet traffic. Average per second is CIR. CIR = 64000 bps X .15 = 9600 bps Let's assume for this example that our Tc is 1/8 second, or 125 ms. Our committed burst size would then be as follows: Bc = CIR * Tc/1000 Bc = 9600 * 125/1000 Bc = 9600 * .125 Bc = 1200 Now let's double check our calculation. We have 125 ms per interval. There are 1000 ms per second. 1 interval | 1000 ms - = 8 intervals per second 125 ms | 1 second If we are sending 1200 bits per interval 8 times per second: 1200 bits | 8 intervals = 1200 * 8 = 9600bps 1 interval | 1 second As a side note, if you want no excess burst, you want the Be value to be zero, not the same as the Bc value. The syntax should then read as follows: traffic-shape group 101 9600 1200 0 HTH Brian McGahan, CCIE #8593 Director of Design and Implementation [EMAIL PROTECTED] CyscoExpert Corporation Internetwork Consulting Training Toll Free: 866.CyscoXP Fax: 847.674.2625 -Original Message- From: Jonathan V Hays [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 11:39 AM To: 'John Smith'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: QoS - Enabling Traffic Shaping John, I assume the '25' after each percentage sign in your original post below is a typo (e.g., 15%25 of bandwidth). Given that assumption, you want to assign traffic to three categories, with 15%, 50%, and 35% of the 64 kbps bandwidth. 64000 x .15 = 9600 bps 64000 x .50 = 32000 bps 64000 x .35 = 22400 bps burst size should 1/8 of the bit rate cfg'd, no excess burst 1/8 = .125 9600 x .125 = 1200 bps 32000 x .125 = 4000 bps 22400 x .125 = 2800 bps However, I question the burst size given in your solution. The definition from the Doc CD states that the burst-size is the Sustained number of bits that can be sent per INTERVAL. On Frame Relay interfaces, this is the Committed Burst size contracted with your service provider. See http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ fqos_r/qrfcmd11.htm#1019905 If the interval is 1/8 second (and it may not be) I would think the correct answer would divide each of 1200, 4000, and 2800 by 8, to get bits per interval. HTH, Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Smith Sent: Wednesday, June 18, 2003 10:21 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: QoS - Enabling Traffic Shaping Somehow I have forgotten how to do math... Can anyone explain to me or point to a doc on figuring out the percentage for the below lab. Enable traffic shaping on int serial 0/0 as follows: Shape Telnet and ICMP traffic to 15%25 of bandwidth Shape FTP traffic to 50%25 of bw Shape all remianing traffic to 35%25 of bw. Remember the total link bw is 64 kbps on this interface. The burst size should 1/8 of the bit rate cfg'd, no excess burst should be allowed. The answer from the lab help are, below can anyone tell me how the number 9600, 32000 and 22400 were arrived at? I can figure out the 1/8th part 1200, 4000 and 2800, but somehow can't remember how to get the original percentage.. traffic-shape group 101 9600 1200 1200 traffic-shape group 102 32000 4000 4000 traffic-shape group 103 22400 2800 2800 Thanks. - Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! __ _ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70877t=70877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: encap for ethernet interface ? [7:70802]
take for example a configuration from a cisco router where is the encapsulation conf ? and for all the confs i have seen for ethernet interfaces there is no encapsulation command. i guess when there is no encap conf for an ethernet interface, the ios assumes it is arpa ? is that correct ? interface eth0 ip address 192.168.1.1 255.255.255.0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70886t=70802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port Adapter [7:70772]
Isnt the default for that b8zs/esf with a full t, it gets interesting with a fractional t. Show controller will give you what it is currently setup, IIRC. Brian - Original Message - From: LIU, JEFF To: Sent: Monday, June 16, 2003 7:53 PM Subject: Port Adapter [7:70772] I have PA-MC-8T1 installed on 7206. What is supposedly correct configuration to support full t1 that is provided my ISP? The thing really gets me is the timeslot and cable-length parameters. Please advise. Thanx in advance! Jeff * This electronic message transmission contains information from the law firm of Dinsmore Shohl which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify us by telephone (1-800-934-3477) or by electronic mail ([EMAIL PROTECTED]) immediately. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70781t=70772 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
question about serial link ? [7:70803]
help with the following: Serial interfaces typically connect to WAN via serial links ? correct ? and once we say serial links we imply bit oriented traffic via these links ? correct ?? if this is correct then what would be non bit oriented traffic or links ? i guess it would the links connected to LAN, like typical connection between, say a Router and a PC (via 10/100 lan connection). (would this be correct ?) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70803t=70803 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
encap for ethernet interface ? [7:70802]
ARPA is the default encapsulation for an ethernet interface ? what are the other encapsulations ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70802t=70802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: encap for ethernet interface ? [7:70802]
say if cdp is enabled for an interface, then since cdp uses sap encapsulation (as Priscilla mentioned), then i don't think one configures encapsulation for that interface as sap ? the question is that why is this statement (encap sap)in the configuration not needed if an interface has cdp enabled ? (i guess encap arpa is by default understood for an ethernet interface ? is that correct ? ) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70826t=70802 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Errors on Ethernet Interfaces [7:70733]
Huge collision number there, is this switched? Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Mon, 16 Jun 2003, Poulin, Darnell wrote: Hey folks. What do you people think about all of the Interface Resets, and Output Errors on this interface, could it be a physical problem? 5 minute output rate 6000 bits/sec, 5 packets/sec 147723073 packets input, 527428115 bytes, 0 no buffer Received 8574309 broadcasts, 0 runts, 0 giants, 0 throttles 89 input errors, 89 CRC, 72 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 180465700 packets output, 4160119128 bytes, 0 underruns 3266629 output errors, 1060615 collisions, 3168706 interface resets 0 babbles, 3266619 late collision, 442865 deferred 10 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70756t=70733 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: mac and IP addresses on a 1900 [7:70514]
Show cam? Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Wed, 11 Jun 2003, Richard Kerschner wrote: I asked the same question of Cisco on a Catalyst 5500. They did not have a command to perform the function. I assume they do not have a command on the 1900 either. Thanks Rich Kerschner, CCNA Sr. Systems Administrator Genesis Financial Solutions, Inc. [EMAIL PROTECTED] (254) 953-2331 Desk (254) 953-2306 Fax (254) 702-2356 Cell -Original Message- From: Ants [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 11, 2003 9:32 AM To: [EMAIL PROTECTED] Subject: mac and IP addresses on a 1900 [7:70514] Hi, anyone knows how i can tel what mac or ip address connects onto a port on a cisco 1900 switch? there's no command line interface only menus thanks in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70527t=70514 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: console server ports [7:70438]
yeah the pm2e-30 would work, but I bet he wants to stay cisco, thanx for the other info. Bri - Original Message - From: Daniel Cotts To: 'Brian W.' ; Sent: Tuesday, June 10, 2003 7:44 AM Subject: RE: console server ports [7:70438] If he wants more ports in Cisco gear I believe that he will have to go with octopus cables. Think NM-async modules for 2600/3600 series. I know 32 port modules exist. Several years ago I bought a 10' octal cable from Robert Lowery [EMAIL PROTECTED] The extra length might help. I don't know if Bob is still selling cables - he also sold back-to-back serial cables. About a month ago there was a post on this list about a Livingston Portmaster being used as a terminal server. Apparently very reasonable on eBay. Think 30 ports. The one I've seen had DB-25 connections. -Original Message- From: Brian W. [mailto:[EMAIL PROTECTED] Sent: Monday, June 09, 2003 10:59 PM To: [EMAIL PROTECTED] Subject: console server ports [7:70438] Got a friend building a lab, and well after hes done with servers and routers and switches, a 2511 will be inadequate. Any other cisco gear with more ports? btw, he is completely opposed to octopus cables, he got the 2511-rj, even though it cost more than the regular 2511. Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70458t=70438 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: No output on show run [7:70461]
ack on my previous reply, saw it was for bootflash after sending.. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Tue, 10 Jun 2003, [EMAIL PROTECTED] wrote: Hi all, I have an issue on a 7200 where it appears that I am running out of memory although none of the show outputs that I have seen tell me that. When I try to issue the show run nothing happens, I get no output. If I try to copy start run it gives me the following error: Router#sh run Router#copy start run Destination filename [running-config]? %Error opening system:/running-config (Not enough space) Router# I was thinking that perhaps this configuration is to large and it needs to be compressed. Perhaps I need to use the command service compress-config but not quite sure since all this is doing is compressing the NVRAM portion. I dont think that that is where my problem is but I could be wrong, please explain. Could someone explain to me what causes this to occur and how to fix it (besides a reboot). Here is the output of the show version. Router#sh ver Cisco Internetwork Operating System Software IOS (tm) 7200 Software (C7200-IO3S-M), Version 12.2(2)T, RELEASE SOFTWARE (fc1) TAC Support: http://www.cisco.com/cgi-bin/ibld/view.pl?i=support Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Sun 03-Jun-01 04:30 by ccai Image text-base: 0x600089C0, data-base: 0x6149E000 ROM: System Bootstrap, Version 12.0(19990210:195103) [12.0XE 105], DEVELOPMENT SOFTWARE BOOTFLASH: 7200 Software (C7200-BOOT-M), Version 12.0(10)S, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) Router uptime is 18 hours, 30 minutes System returned to ROM by power-on System restarted at 15:09:19 cdt Mon Jun 9 2003 System image file is slot0:c7200-io3s-mz.122-2.T.bin cisco 7206VXR (NPE300) processor (revision D) with 122880K/40960K bytes of memory. Processor board ID 20394201 R7000 CPU at 262Mhz, Implementation 39, Rev 2.1, 256KB L2, 2048KB L3 Cache 6 slot VXR midplane, Version 2.0 Last reset from power-on Bridging software. X.25 software, Version 3.0.0. 2 FastEthernet/IEEE 802.3 interface(s) 10 ATM network interface(s) 125K bytes of non-volatile configuration memory. 20480K bytes of Flash PCMCIA card at slot 0 (Sector size 128K). 4096K bytes of Flash internal SIMM (Sector size 256K). Configuration register is 0x102 Router#sh run Router#copy start run Destination filename [running-config]? %Error opening system:/running-config (Not enough space) Router# Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70470t=70461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Simple config issues [7:70482]
Do you have a route to x.x.x.x? If your router does not have a route to x.x.x.x it will not install the static route in the routing table since the next hop is unreachable. As far as RIP goes you are seeing the correct behavior. Remember that RIP is classful. Brian Dennis, CCIE #2210 (RS/ISP-Dial/Security) Anil Gupte wrote: I am trying to configure a 2600 router. I have two problems: 1. I issued the default route command ip route 0.0.0.0 0.0.0.0 x.x.x.x I can see this under ip classless in sh run However, when I do a sh ip route, it does not appear there and in fact says: Gateway of last resort is not set 2. I configured it for RIP using router rip network 63.x.x.0 and it shows as 63.0.0.0 in sh run. Is this correct behavior? Until now I had only dealt with networks in the Class C range. This is a Class C assigned to us but by the first octet you can see that it is from a Class A range. Any help or pointers will be muchly appreciated. Thanx, Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70489t=70482 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Simple config issues [7:70482]
gateway of last resort is not the same as default gateway ciscowise, on the router where you entered the ip route statement, show ip route doesnt list an all zeros route?? Bri - Original Message - From: Anil Gupte To: Sent: Tuesday, June 10, 2003 2:46 PM Subject: Simple config issues [7:70482] I am trying to configure a 2600 router. I have two problems: 1. I issued the default route command ip route 0.0.0.0 0.0.0.0 x.x.x.x I can see this under ip classless in sh run However, when I do a sh ip route, it does not appear there and in fact says: Gateway of last resort is not set 2. I configured it for RIP using router rip network 63.x.x.0 and it shows as 63.0.0.0 in sh run. Is this correct behavior? Until now I had only dealt with networks in the Class C range. This is a Class C assigned to us but by the first octet you can see that it is from a Class A range. Any help or pointers will be muchly appreciated. Thanx, Anil Gupte Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70492t=70482 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem with backup line... [7:70386]
Doesnt the layer 1 failure indicate lack of sync with the isdn switch?? Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Mon, 9 Jun 2003, Iwan Hoogendoorn wrote: These are my show results RouterA### RouterA#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set 193.1.1.0/24 is variably subnetted, 2 subnets, 2 masks C 193.1.1.0/24 is directly connected, Serial0 C 193.1.1.2/32 is directly connected, Serial0 - RouterA#show isdn status The current ISDN Switchtype = basic-net3 ISDN BRI0 interface Layer 1 Status: DEACTIVATED Layer 2 Status: Layer 2 NOT Activated Layer 3 Status: 0 Active Layer 3 Call(s) Activated dsl 0 CCBs = 0 Total Allocated ISDN CCBs = 0 -- RouterA#show interface bri 0 BRI0 is administratively down, line protocol is down Hardware is BRI Internet address is 196.1.1.1/24 MTU 1500 bytes, BW 64 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set Last input never, output never, output hang never Last clearing of show interface counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 10 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions RouterB### RouterB#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set 193.1.1.0/24 is variably subnetted, 2 subnets, 2 masks C 193.1.1.1/32 is directly connected, Serial0 C 193.1.1.0/24 is directly connected, Serial0 -- RouterB#show isdn status The current ISDN Switchtype = basic-net3 ISDN BRI0 interface Layer 1 Status: DEACTIVATED Layer 2 Status: Layer 2 NOT Activated Layer 3 Status: 0 Active Layer 3 Call(s) Activated dsl 0 CCBs = 0 Total Allocated ISDN CCBs = 0 ---RouterB#show interface br0 BRI0 is administratively down, line protocol is down Hardware is BRI Internet address is 196.1.1.2/24 MTU 1500 bytes, BW 64 Kbit, DLY 2 usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set Last input never, output never, output hang never Last clearing of show interface counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 10 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70419t=70386 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
console server ports [7:70438]
Got a friend building a lab, and well after hes done with servers and routers and switches, a 2511 will be inadequate. Any other cisco gear with more ports? btw, he is completely opposed to octopus cables, he got the 2511-rj, even though it cost more than the regular 2511. Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70438t=70438 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Multi-home [7:70243]
Well you could take the easy way out and just get a second e1 with the same provider, assuming your router has an empty serial interface, and default route to both links, that'll usually work fine. Depending on your router youll need to either get a card with an integrated csu, or an external one. If you want to bring in a different provider, that usually entails bgp, see http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt2/1cdbgp.htm for some info if you haven't read up. Bri - Original Message - From: Kengie To: Sent: Thursday, June 05, 2003 9:50 PM Subject: Multi-home [7:70243] Dear All, I have a problem with our ISP link. I am now approaching our E1 bandwidth. How can I upgrade my bandwidth? Do I need to add another CSU/DSU for another E1? And If I apply for another ISP provider, how configure my cisco to switch to the other gateway when the other one is fully utilize. Reason is that the new ISP provider would give me a new set of IP. I only want to use the bandwidth. Many thanks. Regards, Kengie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70248t=70243 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Multi-home [7:70243]
I assume now if you look at your routers config, there is a line that starts with something like: ip route 0.0.0.0 0.0.0.0, and the next argument would either be the interface name the e1 connects to or the ip address on the isp's side of the e1. In the event you get a second e1 from the same provider, the easiest way to do it is to get both e1s on the same router on your side and on the isp's side, then add a second ip route statement like the one above, with the interface you add the second e1 to as the last argument. If you have a 2620 router, they have 2 wic slots, so youd just need to obtain an e1 wic for the other slot, then connect it like you did the first. So, suppose you had 2 e1s hooked up at this point, all you'd need is, assuming the interfaces are serial0 and serial1: ip route 0.0.0.0 0.0.0.0 s0 ip route 0.0.0.0 0.0.0.0 s1 Brian - Original Message - From: Kenny Ho To: ; Sent: Thursday, June 05, 2003 11:31 PM Subject: Re: Multi-home [7:70243] Hi Brian, Sounds like a good solution, but how do split the traffic between the serial ports. How do I split the bandwidth between two 2620 routes? Many thanks! Regards, Kafai From: Brian W. To: Kengie , Subject: Re: Multi-home [7:70243] Date: Thu, 5 Jun 2003 23:20:28 -0700 Well you could take the easy way out and just get a second e1 with the same provider, assuming your router has an empty serial interface, and default route to both links, that'll usually work fine. Depending on your router youll need to either get a card with an integrated csu, or an external one. If you want to bring in a different provider, that usually entails bgp, see http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_ c/ipcprt2/1cdbgp.htm for some info if you haven't read up. Bri - Original Message - From: Kengie To: Sent: Thursday, June 05, 2003 9:50 PM Subject: Multi-home [7:70243] Dear All, I have a problem with our ISP link. I am now approaching our E1 bandwidth. How can I upgrade my bandwidth? Do I need to add another CSU/DSU for another E1? And If I apply for another ISP provider, how configure my cisco to switch to the other gateway when the other one is fully utilize. Reason is that the new ISP provider would give me a new set of IP. I only want to use the bandwidth. Many thanks. Regards, Kengie _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70250t=70243 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Depth of study required for CCIE Written [7:70246]
A lot of people have said that the time to try the written is not long after cc*p completion, all that info is still pretty fresh in your head. Add the few new things that are unique to the IE, and take a whack at it. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Fri, 6 Jun 2003, Rajagopal Iyengar wrote: Hello, Please finish the CCNP Material that is available first.Then start with Lan switching by Kennedy clark,Routing with TCP/IP Vol 1 2 to start with.Then please do get in touch with me. They are decent reading material to start with. -- Regards, Rajagopal. 95250-2463729/02502463729/912502463729. Swapnil Shah wrote in message news:[EMAIL PROTECTED] Dear All I am planning to take my CCIE written exams in near future. I have a few queries regarding the depth of knowledge required for the written exams on certain topics. 1. ATM -- Do they go on for asking on config of ATM on Cisco ATM switches or focus is on using ATM as a layer 2 tech. and configuring the routers to use ATM VC's 2. All Tpoics covered under Multiservice in CCIE Blueprint i.e Voice/Video (H323) codecs SS7 RTP RTCP SIP MPLS As few of this topic requires a five day course in itself esp MPLS I would also like to know any good reference material for following topics covered under WAN WAN 1. ISDN (LAPD, BRI/PRI framing, signaling, mapping, NI1s, dialer map, interface types, B/D channel, channel bonding) 2. Frame Relay (LMIs, DLCI, PVC, framing, traffic shaping, FECN, BECN, CIR, DE, Mapping, compression) 3. X.25 (addressing, routing, LAPB, error control/recovery, windowing, signaling, mapping, SVC/PVC, Protocol Translation) 4. ATM (PVC/SVC, AAL, SSCOP, UNI/NNI, ILMI, Cell format, QoS, RFC 1483, PNNI, mapping) 5. Physical Layer (Synchronization, SONET, T1, E1, encoding) 6. Leased Line Protocols (HDLC, PPP, Async modems, compression) 7. PoS 8. DPT/SRP Your feedback on same would be really helpfull. Regards Swapnil Shah Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70280t=70246 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF over FR [7:70025]
You can not mix point-to-point and non-broadcast network types which is what you are trying to do. You can make them neighbors but they will never install routes into the routing table. Look at their OSPF databases and you will see the LSA's but the routers will not install them in the routing table. Also note the Adv Router is not-reachable error message above each LSA. Network types that use a DR (broadcast and non-broadcast) can be mixed together just as network types that do not use a DR (point-to-point and point-to-multipoint) can mixed but DR types can NOT mix with non-DR types. Brian Dennis, CCIE #2210 (RS/ISP-Dial/Security) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Catherine Wu Sent: Monday, June 02, 2003 2:52 PM To: [EMAIL PROTECTED] Subject: OSPF over FR [7:70025] I am testing Hub-Spoke for OSPF over FR, I verified the neighbor adjacency,but I couldn't see route 2.2.2.2 and 3.3.3.3 in the routing table, RouterA#sh ip ospf nei Neighbor ID Pri State Dead Time Address Interface 3.3.3.3 1 FULL/ -00:01:4110.1.1.6 Serial0/0.2 2.2.2.2 1 FULL/ -00:01:3910.1.1.2 Serial0/0.1 RouterB#sh ip ospf nei Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/BDR00:01:3810.1.1.1 Serial0/0 RouterC#sh ip ospf nei Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/BDR00:01:3410.1.1.5 Serial0/0 RouterA#sh ip ro Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback0 10.0.0.0/30 is subnetted, 2 subnets C 10.1.1.0 is directly connected, Serial0/0.1 C 10.1.1.4 is directly connected, Serial0/0.2 Please help. Thanks Catherine RouterA interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface Serial0/0 no ip address encapsulation frame-relay frame-relay lmi-type ansi no sh ! interface Serial0/0.1 point-to-point ip address 10.1.1.1 255.255.255.252 ip ospf hello-interval 30 frame-relay interface-dlci 101 ! interface Serial0/0.2 point-to-point ip address 10.1.1.5 255.255.255.252 ip ospf hello-interval 30 frame-relay interface-dlci 102 ! router ospf 1 log-adjacency-changes network 1.1.1.1 0.0.0.0 area 1 network 10.1.1.0 0.0.0.3 area 0 network 10.1.1.4 0.0.0.3 area 0 RouterB ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Serial0/0 ip address 10.1.1.2 255.255.255.252 encapsulation frame-relay frame-relay map ip 10.1.1.1 110 broadcast no frame-relay inverse-arp frame-relay lmi-type ansi no sh ! router ospf 1 log-adjacency-changes network 2.2.2.2 0.0.0.0 area 2 network 10.1.1.0 0.0.0.3 area 0 neighbor 10.1.1.1 ! RouterC interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface Serial0/0 ip address 10.1.1.6 255.255.255.252 encapsulation frame-relay frame-relay map ip 10.1.1.5 120 broadcast no frame-relay inverse-arp frame-relay lmi-type ansi no sh ! router ospf 1 log-adjacency-changes network 3.3.3.3 0.0.0.0 area 3 network 10.1.1.4 0.0.0.3 area 0 neighbor 10.1.1.5 [GroupStudy removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70028t=70025 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN client can connect but no traffic can pass [7:70084]
I am always suspicious of mtu differences, or mtu discovery via icmp being blocked.. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Tue, 3 Jun 2003, Steven shinnick wrote: I had installed a VPN client in home PC to connect to PIX in my company. It can connect and get authenticated and login. But I can't ping and talk to any PCs in my company. why?? I specify the IPPOOLS in my PIX config. It means my VPN client will get these IP right? But how about subnet mask? How do PIX know what subnet mask to give? ip local pool IPPOOLS 10.1.1.241-100.1.1.250 - Do you Yahoo!? Free online calendar with sync to Outlook(TM). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70088t=70084 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: rare OSPF question [7:69819]
A common use is to join 2 non connected segments of the same area. A famous interview question will go something like, If I needed to have a discontiguous area zero, could I do it and if so how? http://www.cisco.com/warp/public/104/ospfdb7.html Brian - Original Message - From: Jvrg Buesink To: Sent: Friday, May 30, 2003 4:41 AM Subject: RE: rare OSPF question [7:69819] Do you use virtual links for connecting the two backbone area's? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69880t=69819 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Certification question [7:69898]
I think this answers your question. http://www.cisco.com/warp/public/10/wwtraining/whats_new/recertification/ Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Fri, 30 May 2003, Duncan Wallace wrote: I am searching on the web site, but cannot seem to find an answer...I will continue to look, but figured I would pose the question here in the mean time. I currently hold a CCNA and CCNP, if I pass the CCDA and/or CCDP will that re-up my CCNx Certification ??? Thanks in advance, Duncan Wallace Sr. Systems Engineer Pacific Star Communications 15714 SW 72nd Ave. Portland, OR 97224 Work:503-403-3000 Cell:971-506-8164 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69903t=69898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Am I over my head guys? [7:69746]
I believe that is a Gretzky quote.. Brian - Original Message - From: netman To: Sent: Thursday, May 29, 2003 6:10 AM Subject: Re: Am I over my head guys? [7:69746] When I left my last job (one that I liked) for this one, my boss gave me a nice poster. It is a picture of a basketball court and to the bottom it says: You will always miss 100% of the shots you don't take... I believe that statement says it all. Good Luck and I hope it all works out for you. Don Hickey --- [This E-mail scanned for viruses by Declude Virus] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69782t=69746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Load Balance [7:69611]
heres the cisco guide on it. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/icsbgp4.htm#2351 Bri - Original Message - From: Salvatore De Luca To: Sent: Tuesday, May 27, 2003 7:15 PM Subject: Re: BGP Load Balance [7:69611] I personally prefer Peering with Loops myself.. the EBGP multihop command has absolutley nothing to do with loadbalancing. It it used for peering with neighbors whom are not directly connected.. There are various ways of performing BGP load balancing.. Metric..route-maps.. etc.. Pick your flavor. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69646t=69611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IP Telephony Operations Specialist Question [7:69567]
Not sure what you meant by both exams, per the cisco ccna page, it appears you just need to retake the ccna exam, I didnt see a recert exam for it. Bri - Original Message - From: Stuart Pittwood To: Sent: Tuesday, May 27, 2003 6:17 AM Subject: IP Telephony Operations Specialist Question [7:69567] Would passing both of the exams for the above cert recertify the CCNA Cert? Thanks Stu Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69588t=69567 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catlyst 5505 SUP-III memory [7:69581]
hmm, memoryx.net has mem for everything, assuming you have the III and not IIIg, http://www.memoryx.net/supeniii.html. Brian The path to a desireable destination is often more difficult than the path to stay where you are. On Tue, 27 May 2003, Penn Daniel wrote: Does anyone know specifically what type of memory the SUP-III on the Catalyst 5505 takes? I'm trying to upgrade a lab switch without going broke. TIA, Dan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69598t=69581 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Load Balance [7:69611]
The way I've seen 2 paths used is by peering with a loopback interface and using neighbor peerip ebgp-multihop in the config. Brian - Original Message - From: Azhar Teza To: Sent: Tuesday, May 27, 2003 3:16 PM Subject: BGP Load Balance [7:69611] If BGP route has two equal paths to the same destination, can it do load balance by installing the command? maximum-paths 2 ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69622t=69611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Vs. Linux engineer (not Ph.d) [7:66669]
IMHO if you are studying to get CCIE for money you are doing if for the wrong reasons. Doing a job you enjoy will give you more satisfation than doing a job because the money is good. Thats my $0.02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66696t=9 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Problem with 350 Bridges and VLANS [7:66587]
S! ALL! Anyone have any experience passing 802.1q tagged packets over 350 bridges? Here is my sad sad story... glossary: trunk = switchport mode trunk with ALL VLANS allowed. 802.1q encapsulation. I run a single DS1 into an office park. There I have a 2620 terminating the DS1 and using FE subinterfaces trunked to a 2950. This 2950 then has a trunk to the root 350 Bridge. Then from there we link to other Bridges (currently 6 others in hub-spoke) in other buildings. Each building has a 350 bridge trunked to a 2950. Clients then have Cat5 run to thier office CPE, usually a firewall. Each client has thier own unique VLAN. There may be more than 1 client per building (in fact, the most populous building currently has 4 clients, and there are over 15 in all). Like so: DS1---2620--[trunk]--2950--[trunk]--ROOT 350Br350Br--[trunk]--2950---CPE So this is a hub and spoke with one ring around the hub. As long as we stay at this one ring level things are just fine. BUT if I do this: DS1---2620---2950---ROOT 350Br---350Br---350Br---2950---CPE A client signed on with us last summer in a building that had no line of sight to the root bridge's omidirectional antennae. So we tried to link them to the root by passing them through an existing bridge, thus creating a second ring tier. We tried it both using an existing bridge (that serviced a building through a 2950 etc) and a dedicated bridge we mounted just for this purpose. The result? SEGV whenever anything was plugged into the switch at ring level 2 (far end away from the root site). As soon as the interface in the client VLAN came up...POW...SEGV. The router would crash with a SEGV error. It would reboot and immediately crash again...and again...ad infinitum The output was run through Cisco's output interpreter...sent to TAC along with all configs...nada. Note that VLAN1 was able to traverse the network just fine. I could console (or plug into a port not assigned to any VLAN, ergo, in VLAN 1 and use telnet) into the switch at ring-level 2 and go (telnet) to any other switch in the office park. Once anything went across in an 802.1q tagged frame though, indeed as soon as an interface in the far switch NOT in VLAN1 came up, the router crashed. Notes of interest: 2620 was using 12.2.5d originally. I could get it to NOT crash if I went to 12.1.17 BUT no traffic would cross to the far switch AND the router and its local switch would not talk on VLAN 1. Unacceptable. All switches were VTP clients except the root, which is in server mode. All VLANS showed up on all switches including the far switch. I set the MTU to a low value, to no effect, thinking maybe the 802.1q tags (4 extra bytes) could be an issue. Nada. No VLAN capability was configured on the 350 bridges. The far 350 cannot communicate with the root 350 so it is not looping anything. Spanning-tree was turned off on ALL switches in the park to no effect. All associations seemed proper, i.e. far-to-middle, middle-to-root. All parent listings seemed proper. Bridge IOS was everything from 11.23 up (we tried em all in matched sets, i.e. all 11.23 or all 12.0 etc). The only interfaces assigned to the VLAN in question were the FE subinterface on the 2620 and a single port on the far switch. No other switches had any ports in this VLAN (trunk ports excepted, of course). All radio links are at 60% level or greater and are supporting a full 11Mbps. A port on the middle switch was configured to be in the same VLAN as the client and it could NOT talk to the client. The middle bridge has an omnidirectional antennae, so the one at a time rule does not apply...or does it? Still, we did use a separate dedicated bridge as the middle of the chain to no avail. TAC swears that this should work because the 350 bridge is functionally a hub. GIGO rules apply. It is unaware, nor does it care about the VLAN tagging or anything else. It should just relay anything and everything. Anyone got any suggestions? I'm open :) Oh yeah...I fixed it by placing the far 350 at the other end of the building where it could get LOS to the root...once the leaves fell off the trees on the intervening ridge. Spring is coming though and with it, certain loss of signal. Short of a chainsaw-in-the-night approach, it seems a DS1 to the client is my only answer. S! (Salute!) Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link LLC. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66587t=66587 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE R/S Bootcamp [7:66239]
The current IPexpert CCIE classes are all brand new so there really isn't anyone that can give you a review. The first instructor led class is scheduled for next month and the first CCIE mock lab class is in June. We also are offering a distance learning vClass. Seeing as I'm the developer of the courses and the instructor for them I can answer any questions. If you do have any questions you would like answered, feel free to e-mail me directly or call me. My contact information is below. Brian Dennis, CCIE #2210 (RS/ISP-Dial/Security) Director of CCIE Training and Development - IPexpert, Inc. Mailto: [EMAIL PROTECTED] Toll Free: 866.225.8064 Outside U.S. Canada: 312.321.6924 URL: http://www.IPexpert.NET Self-Paced, Instructor Led Distance Learning (vClass) CCIE Training! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Firesox Sent: Friday, March 28, 2003 7:49 AM To: [EMAIL PROTECTED] Subject: CCIE R/S Bootcamp [7:66239] Folks, In preparation for R/S lab this summer, I am looking to take a bootcamp. I know there are few organizations offering the R/S bootcamps, I was wondering if someone has recommendations. Has anyone taken IPExpert's bootcamp? I would prefer somewhere in east caost, but would appreciate any input. Also looking for some lab materials so practice in my lab. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66412t=66239 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Looking for errata files for Routing TCP/IP vol 2 and CCIE [7:66455]
S! ALL, I have been to the Cisco Press site but I cannot find them there. It looks like both books have been updated to newer editions. Does anyone have these errata files? I have found that without these errata files the lab exercises are near to useless due to the printing (and err..umm..just plain bad answers) mistakes in the answers. Thanks in advance! Brian --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66455t=66455 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 3550s and L3 rate-limit (second attempt) [7:66291]
Mario, The first part looks exactly right to me. You have used a class-map/access-list duple to ID the traffic to be affected, put it into a policy-map that defines the action to be taken, and then assigned it to an interface via the service-policy statement. Exactly correct. You win the CAR :) I have never put both ingress and egress service-policy statements on an interface though, so I cannot say why one would wipe out the other. It would seem logical that you should be able to do 1 of each. You do not really specify what you mean by playing with the ingress/egress filtering statements so I cannot comment about what you may have affected except to say that it might be possible that if you reference a non-existing access list the service-policy doesn't show because the configuration isn't complete..this is a total guess though :) Do your show commands reveal that your policies are in effect even when the statements are not visible? S! Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link, LLC. wrote in message news:[EMAIL PROTECTED] Hi. I have a few questions that I need clarification on: 1) Is this the correct method to do L3 rate-limiting on a 3550? access-list 101 permit ip any xxx.xxx.xxx.0 0.0.0.255 ! class-map match-any 768k_traffic match access-group 101 ! policy-map 768k-DSL class 768k_traffic police 768000 768000 exceed-action drop ! interface FastEthernet0/3 no switchport ip address xxx.xxx.xxx.1 255.255.255.252 service-policy output 768k-DSL 2) After playing with the ingress/egress filtering statements, f0/3 accepts the service-policy command but it does not show up in the config (the original tests did show up) interface FastEthernet0/3 no switchport ip address xxx.xxx.xxx.1 255.255.255.252 no cdp enable 3) Can I not do L3 rate-limiting on the 3550 for both ingress and egress rate-limiting (if input is specified and an output command is entered, it wipes the input statement). On the 2948G-L3s, I would use the rate-limit command and specify both input and output per interface. Thanks, Mario Puras SoluNet Technical Support Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66458t=66291 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP SUMMARY ROUTE METRIC [7:66344]
XY, I would think that the metrics of the summarized routes do NOT affect the summary route because the summary route originates on the router doing the summarization. Therfore it would be advertised clean to the next router, i.e. using only the default EIGRP metrics. So a router 3 hops away from the router doing the summarization would see the summary route as having a metric affected only by the links it had to cross to get to that router. This would be the same as if the router doing the summarization were originating any other route. The fact that it is a summarization does not affect the metric. AFAIK, of course! :) S! (Salute!) Brian XY HIEN LE wrote in message news:[EMAIL PROTECTED] Hi, I have a question that need to be clarified regarding the metric of EIGRP summary metric: The metric of EIGRP summarized route derived from the component route that has the biggest or smallest metric? Any clarification on this matter is much appreciated. I could not find answer in any of the Cisco Press books or any web site at all. Thanks in advance. Xy Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66457t=66344 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Would these two configs have the same result? [7:66462]
S! ALL! The desired result is to allow only the default route to be sent to a neighbor in AS2. First way I did it: router bgp 1 nei 192.168.100.10 remote-as 2 nei 192.168.100.10 default-originate nei 192.168.100.10 distribute-list 1 out access-list 1 permit 0.0.0.0 access-list 1 deny any Second Way: Note that AS1 is a transit AS that has NO network statements. Therefore the only update with a path of ^$ would be the path created by the nei 192.168.100.2 default-originate statement. router bgp 1 nei 192.168.100.2 remote-as 2 nei 192.168.100.2 default-originate nei 192.168.100.2 route-map default-only out ip as-path access-list 1 permit ^$ route-map default-only permit 10 match as-path 1 I do see that the first way would be less prone (actaully..fault proof ) to errors going forward, i.e. were AS1 to originate another network it would match as-path list 1. Still, for the situation as stated, either of these ways of doing it meets the desired result, yes? Thanks! Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link LLC. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66462t=66462 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wireless AP Chaining [7:66270]
S! ALL! Here's my experience with trying to pass VLANS over Aeronet 350 bridges...this ties into this thread because we ran into issues when we tried to link bridges... glossary: trunk = switchport mode trunk with ALL VLANS allowed. 802.1q encapsulation. I run a single DS1 into an office park. There I have a 2620 terminating the DS1 and using FE subinterfaces trunked to a 2950. This 2950 then has a trunk to the root 350 Bridge. Then from there we link to other Bridges (currently 6 others in hub-spoke) in other buildings. Each building has a 350 bridge trunked to a 2950. Clients then have Cat5 run to thier office CPE, usually a firewall. Each client has thier own unique VLAN. There may be more than 1 client per building (in fact, the most populous building currently has 4 clients, and there are over 15 in all). Like so: DS1---2620--[trunk]--2950--[trunk]--ROOT 350Br350Br--[trunk]--2950--[VLAN x]--CPE So this is a hub and spoke with one ring around the hub. As long as we stay at this one ring level things are just fine. BUT if I do this: DS1---2620---2950---ROOT 350Br---350BR---350BR---2950---CPE A client signed on with us last summer in a building that had no line of sight to the root bridge's omidirectional antennae. So we tried to link them to the root by passing them through an existing bridge, thus creating a second ring tier. We tried it both using an existing bridge (that serviced a building through a 2950 etc) and a dedicated bridge we mounted just for this purpose. The result? SEGV whenever anything was plugged into the switch at ring level 2 (far end away from the root site). As soon as the interface in the client VLAN came up...POW...SEGV. The router would crash with a SEGV error. It would reboot and immediately crash again...and again...ad infinitum The output was run through Cisco's output interpreter...sent to TAC along with all configs...nada. Note that VLAN1 was able to traverse the network just fine. I could console into the switch at ring-level 2 and go to any other switch in the office park. Once anything went across in an 802.1q tagged frame though, indeed as soon as an interface in the far switch NOT in VLAN1 came up, the router crashed. Notes of interest: 2620 was using 12.2.5d originally. I could get it to NOT crash if I went to 12.1.17 BUT no traffic would cross to the far switch AND the router and its local switch would not talk on VLAN 1. Unacceptable. All switches were VTP clients except the root, which is in server mode. All VLANS showed up on all switches including the far switch. I set the MTU to a low value, to no effect, thinking maybe the 802.1q tags (4 extra bytes) could be an issue. Nada. No VLAN capability was configured on the 350 bridges. The far 350 cannot communicate with the root 350 so it is not looping anything. All associations seemed proper, i.e. far-to-middle, middle-to-root. All parent listings seemed proper. Bridge IOS was everything from 11.23 up (we tried em all in matched sets, i.e. all 11.23 or all 12.0 etc). The only interfaces assigned to the VLAN in question were the FE subinterface on the 2620 and a single port on the far switch. No other switches had any ports in this VLAN (trunk ports excepted, of course). All links are at 60% level or greater and are supporting a full 11Mbps. A port on the middle switch was configured to be in the same VLAN as the client and it could NOT talk to the client. The middle bridge has an omnidirectional antennae, so the one at a time rule does not apply...or does it? Still, we did use a separate dedicated bridge as the middle of the chain to no avail. TAC swears that this should work because the 350 bridge is functionally a hub. GIGO rules apply. It is unaware, nor does it care about the VLAN tagging or anything else. It should just relay anything and everything. Anyone got any suggestions? I'm open :) Oh yeah...I fixed it by placing the far 350 at the other end of the building where it could get LOS to the root...once the leaves fell off the trees on the intervening ridge. Spring is coming though and with it, certain loss of LOS. Short of a chainsaw-in-the-night approach, it seems a DS1 to the client is my only answer. S! (Salute!) Brian Carroll CCNP, CCSE, MCSE, CCA Director of Professional Services Air Net Link LLC. Williamson, Paul wrote in message news:[EMAIL PROTECTED] Anyone know the maximum number of Wireless AP's you can chain of a single wireless bridge ie Switch ---copper--- AP ~~~air~~~ AP ~~~air~~~ AP Does cisco make an AP that supports this Thanks -Paul PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email you must not copy, distribute or take any further action in reliance on it and you should delete it and notify the sender immediately. Email is not a secure method of communication and Nomura International plc cannot accept responsibility
RE: BGP default-originate crashes the router every [7:66269]
Look into Cisco bug ID CSCdp26660. Basically you'll need to either not use the command or upgrade the IOS. Brian Dennis, CCIE #2210 (RS/ISP-Dial/Security) Director of CCIE Training and Development - IPexpert, Inc. Mailto: [EMAIL PROTECTED] Outside U.S. Canada: 312.321.6924 URL: http://www.IPexpert.NET Self-Paced, Instructor Led Distance Learning (vClass) CCIE Training! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Cisco Nuts Sent: Wednesday, March 26, 2003 7:50 AM To: [EMAIL PROTECTED] Subject: BGP default-originate crashes the router everytime - Why?? [7:66258] Hello, Everytime, I configure #nei a.b.c.d default-originate on my routers, it crashes the router. I have tried this on different routers and it's the same result every time. Is this a problem on 25xx's series? My routers have 16Flash and 16Dram. Anyone with a similar experience? Thank you. Sincerely, CN Excerpt from my router: AS1239-A(config-router)#nei 180.80.10.1 default-originate AS1239-A(config-router)# === Flushing messages (21:04:23 UTC Mon Mar 1 1993) === Buffered messages: 00:00:12: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram 00:00:14: %LINK-3-UPDOWN: Interface Ethernet0, changed state to up 00:00:14: %LINK-3-UPDOWN: Interface Serial0, changed state to up 00:00:14: %LINK-3-UPDOWN: Interface Serial1, changed state to down 00:00:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up 00:00:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up 00:01:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up 00:01:56: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up 00:02:01: %LINK-5-CHANGED: Interface Serial1, changed state to administratively down 00:02:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down 00:02:02: %SYS-5-CONFIG_I: Configured from memory by console 00:02:50: %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-JK8OS-L), Version 12.2(1), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Fri 27-Apr-01 15:20 by cmong 00:03:10: %BGP-5-ADJCHANGE: neighbor 180.80.10.1 Up 01:20:21: %SYS-5-CONFIG_I: Configured from console by console 01:50:45: %SYS-5-CONFIG_I: Configured from console by console 19:09:35: %SYS-5-CONFIG_I: Configured from console by console 19:12:12: %BGP-5-ADJCHANGE: neighbor 160.60.10.1 Up 19:30:06: %SYS-5-CONFIG_I: Configured from console by console 19:52:26: %SYS-5-CONFIG_I: Configured from console by console 20:02:48: %SYS-5-CONFIG_I: Configured from console by console 20:11:47: %SYS-5-CONFIG_I: Configured from console by console 20:35:37: %SYS-5-CONFIG_I: Configured from console by console 20:44:02: %BGP-5-ADJCHANGE: neighbor 180.80.10.1 Down Interface flap 20:44:02: %SYS-5-CONFIG_I: Configured from console by console 20:44:04: %LINK-5-CHANGED: Interface Ethernet0, changed state to administratively down 20:44:05: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to down 20:49:20: %SYS-5-CONFIG_I: Configured from console by console 20:49:21: %LINK-3-UPDOWN: Interface Ethernet0, changed state to up 20:49:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up 20:49:30: %BGP-5-ADJCHANGE: neighbor 180.80.10.1 Up 21:00:44: %BGP-5-ADJCHANGE: neighbor 180.80.10.1 Down Interface flap 21:00:45: %SYS-5-CONFIG_I: Configured from console by console 21:00:46: %LINK-5-CHANGED: Interface Ethernet0, changed state to administratively down 21:00:47: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to down 21:01:19: %SYS-5-CONFIG_I: Configured from console by console 21:01:21: %LINK-3-UPDOWN: Interface Ethernet0, changed state to up 21:01:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up 21:01:47: %BGP-5-ADJCHANGE: neighbor 180.80.10.1 Up Queued messages: Exception: Illegal Instruction at 0x0 (PC) System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE Copyright (c) 1986-1995 by cisco Systems 2500 processor with 14336 Kbytes of main memory F3: 15343148+1154396+1180856 at 0x360 Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-JK8OS-L), Version 12.2(1), RELEASE SOFTWARE (fc2) Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Fri 27-Apr-01 15:20 by cmong Image text-base: 0x0307EE08, data-base: 0x1000 Compliance with U.S
Re: 2950 with EMI any good for studying? [7:66106]
OK..now you guys are confusing me because I have ordered the 2950T-24 with EMI...and your blurb here SEEMS to state that it supports what I THINK I will need...am I missing something? Not that I can afford a 3550 with the EMI, I just wanted to know if there is anything really different between the 2950T with EMI and the 3550 as included in the lab. ..I feel so doomed :) I appreciate all the replies and especially the links! S! Brian Jeffrey Reed wrote in message news:[EMAIL PROTECTED] Larry you are correct. From Cisco Product Bulletin 1855: The SI version is embedded in Cisco Catalyst 2950-12, 2950-24, and 2950SX-24 switches, and supports basic Cisco IOS(r) functionality, Fast Ethernet connectivity, and cluster management. The EI version supports all that and more. The EI version of software is embedded in Cisco Catalyst 2950T-24, 2950C-24, and 2950G-12, 2950G-24, 2950G-48 switches, and supports advanced intelligent services, gigabit connectivity, and a richer set of features. These include Cisco Spanning-Tree Protocol enhancements for high availability, access control parameters (ACPs) for enhanced security, and Differentiated Services Code Point (DCSP) and rate limiting for advanced quality of service. Jeffrey Reed Classic Networking, Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Larry Letterman Sent: Tuesday, March 25, 2003 3:04 AM To: [EMAIL PROTECTED] Subject: Re: 2950 with EMI any good for studying? [7:66106] I dont think it supports the routing functions.. I believe the 3550 with EMI supports the routing... However I may be wrong... Larry Letterman Network Engineer Cisco Systems - Original Message - From: Brian Carroll To: [EMAIL PROTECTED] Sent: Monday, March 24, 2003 6:55 PM Subject: 2950 with EMI any good for studying? [7:66106] S! ALL! I am recieving 2 2950's (WS-2950T-24 as I recall) with the EMI for work at the end of this week. Are they comparable to the 3550 vis MLS capabilities? I need to bone up on the uses of the 3550 vis the CCIE Lab (I take the lab on 4/6 ) and I am hoping these 2950's will do the job. Also...any good links on configuring 3550 would be GREATLY appreciated. Prayers for me would not be refused either :) S! (Salute!) Brian Carroll CCNP, CCSE, MCSE, CCA --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66220t=66106 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2950 with EMI any good for studying? [7:66106]
S! ALL! I am recieving 2 2950's (WS-2950T-24 as I recall) with the EMI for work at the end of this week. Are they comparable to the 3550 vis MLS capabilities? I need to bone up on the uses of the 3550 vis the CCIE Lab (I take the lab on 4/6 ) and I am hoping these 2950's will do the job. Also...any good links on configuring 3550 would be GREATLY appreciated. Prayers for me would not be refused either :) S! (Salute!) Brian Carroll CCNP, CCSE, MCSE, CCA --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.408 / Virus Database: 233 - Release Date: 11/8/02 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66106t=66106 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: eBGP Multi-hop [7:65823]
The 0.0.0.0/1 and 128.0.0.0/1 routes will work for the next hop. Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) [EMAIL PROTECTED] http://www.labforge.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, March 21, 2003 1:42 AM To: [EMAIL PROTECTED] Subject: RE: eBGP Multi-hop [7:65823] A default route, aka a route of last resort. For BGP, route to the next hope must be explicitly in the routing table. This is one of the pre-reqs for BGP to advertise its own routes as well (unless you have synchronisation turned off). In my deployments of BPG, we alway suse the loopbak interface for iBGP peers as this is already distributed using our IGP, and then use the interface address of the peering routing for eBGP, with a atatic route to that IP. Good old bgp :). Right now lets spark of some discussion about the security of BGP peering :) Brian Dennis wrote: Jim, The default route as you've seen won't work but this will: Rack4R2#conf t Enter configuration commands, one per line. End with CNTL/Z. Rack4R2(config)#ip route 0.0.0.0 128.0.0.0 192.168.33.2 Rack4R2(config)#ip route 128.0.0.0 128.0.0.0 192.168.33.2 Rack4R2(config)#^Z Rack4R2#show ip route static S0.0.0.0/1 [1/0] via 192.168.33.2 S128.0.0.0/1 [1/0] via 192.168.33.2 Rack4R2# It's the next best thing to a default route ;-) Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) [EMAIL PROTECTED] http://www.labforge.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Devane Sent: Thursday, March 20, 2003 9:28 AM To: [EMAIL PROTECTED] Subject: Re: eBGP Multi-hop [7:65823] Thanks for the replies so far... Hmm, Well, actually becuase BGP uses TCP 179 is can traverse non-BGP speakers to a router that does speak BGP ( Just like TFTP'ing to another router) I put the config I was testing below. The config works, BGP runs everyone is happy when I have a specific route to the opposite side peer's Loopback address. ip route 172.16.10.1 255.255.255.255 192.168.33.2 but if I remove that and install ip route 0.0.0.0 0.0.0.0 192.168.33.2 then BGP breaks. I don't understand why. There is no IGP. Both routes point to exactly the same place. conf t router bgp 65500 no synchronization bgp log-neighbor-changes network 192.168.47.0 network 192.168.55.0 aggregate-address 192.168.0.0 255.255.0.0 neighbor 172.16.10.1 remote-as 6 neighbor 172.16.10.1 ebgp-multihop5 neighbor 172.16.10.1 update-source Loopback0 neighbor 172.16.10.1 version 4 neighbor 172.16.10.1 soft-reconfiguration inbound neighbor 172.16.10.1 password 7 140705191C117B3821 neighbor 172.16.10.1 filter-list 3 in neighbor 172.16.10.1 filter-list 4 out - Original Message - From: Carroll Kong To: Sent: Thursday, March 20, 2003 6:54 AM Subject: Re: eBGP Multi-hop [7:65823] I guess I am kind of just going to a quick stab. Do you have no synchronization under the BGP configuration? hello all, (Re-post...not sure if original msg made it our not) playing around again and have a question. eBGP multi-hop cannot come up if the peer is known through a default route. Is there a reason why? I mean, what is the point of a static route that causes a recursive lookup or a static route that simply points to the same next hop as a default route? For that matter, I can't see it being a matter of proximity either. If convergence time were not an issue, what is really wrong with having a 10 hop or even 50 hop BGP session? (I know it is unlikely and there are cetainly better ways to handle it (GRE or IPSec tunnel)) but for the sake of argument... Just curious, not able to find much on WHY it is like this... thanks, Jim -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65934t=65823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 2511 Reverse Telnet [7:65819]
Hi Alaerte, Could you paste the configuration of your 2511 so that we can have a look at it. Brian. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65838t=65819 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: eBGP Multi-hop [7:65823]
Jim, The default route as you've seen won't work but this will: Rack4R2#conf t Enter configuration commands, one per line. End with CNTL/Z. Rack4R2(config)#ip route 0.0.0.0 128.0.0.0 192.168.33.2 Rack4R2(config)#ip route 128.0.0.0 128.0.0.0 192.168.33.2 Rack4R2(config)#^Z Rack4R2#show ip route static S0.0.0.0/1 [1/0] via 192.168.33.2 S128.0.0.0/1 [1/0] via 192.168.33.2 Rack4R2# It's the next best thing to a default route ;-) Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) [EMAIL PROTECTED] http://www.labforge.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Devane Sent: Thursday, March 20, 2003 9:28 AM To: [EMAIL PROTECTED] Subject: Re: eBGP Multi-hop [7:65823] Thanks for the replies so far... Hmm, Well, actually becuase BGP uses TCP 179 is can traverse non-BGP speakers to a router that does speak BGP ( Just like TFTP'ing to another router) I put the config I was testing below. The config works, BGP runs everyone is happy when I have a specific route to the opposite side peer's Loopback address. ip route 172.16.10.1 255.255.255.255 192.168.33.2 but if I remove that and install ip route 0.0.0.0 0.0.0.0 192.168.33.2 then BGP breaks. I don't understand why. There is no IGP. Both routes point to exactly the same place. conf t router bgp 65500 no synchronization bgp log-neighbor-changes network 192.168.47.0 network 192.168.55.0 aggregate-address 192.168.0.0 255.255.0.0 neighbor 172.16.10.1 remote-as 6 neighbor 172.16.10.1 ebgp-multihop5 neighbor 172.16.10.1 update-source Loopback0 neighbor 172.16.10.1 version 4 neighbor 172.16.10.1 soft-reconfiguration inbound neighbor 172.16.10.1 password 7 140705191C117B3821 neighbor 172.16.10.1 filter-list 3 in neighbor 172.16.10.1 filter-list 4 out - Original Message - From: Carroll Kong To: Sent: Thursday, March 20, 2003 6:54 AM Subject: Re: eBGP Multi-hop [7:65823] I guess I am kind of just going to a quick stab. Do you have no synchronization under the BGP configuration? hello all, (Re-post...not sure if original msg made it our not) playing around again and have a question. eBGP multi-hop cannot come up if the peer is known through a default route. Is there a reason why? I mean, what is the point of a static route that causes a recursive lookup or a static route that simply points to the same next hop as a default route? For that matter, I can't see it being a matter of proximity either. If convergence time were not an issue, what is really wrong with having a 10 hop or even 50 hop BGP session? (I know it is unlikely and there are cetainly better ways to handle it (GRE or IPSec tunnel)) but for the sake of argument... Just curious, not able to find much on WHY it is like this... thanks, Jim -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65875t=65823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CS ACS - import Utilities? [7:65698]
With Cisco ACS users can be added, updated or deleted manually or by using an external database. Importing User and AAA Client Information: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/ae.htm#687 RDBMS Synchronization Import Definitions: http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/ag.htm Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) [EMAIL PROTECTED] http://www.labforge.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65722t=65698 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to change dial up prompt [7:65712]
Look into using the aaa authentication username-prompt and aaa authentication password-prompt commands. Rack4R1(config)#aaa new-model Rack4R1(config)#aaa authentication ? arap Set authentication lists for arap. banner Message to use when starting login/authentication. enable Set authentication list for enable. fail-message Message to use for failed login/authentication. loginSet authentication lists for logins. nasi Set authentication lists for NASI. password-prompt Text to use when prompting for a password ppp Set authentication lists for ppp. username-prompt Text to use when prompting for a username Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) [EMAIL PROTECTED] http://www.labforge.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65721t=65712 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pinging a Multicast address [7:65132]
John, You can look into using Multicast Routing Monitor (MRM). Here is a working config. R5 ip mrm manager myTest manager Ethernet 0/0 group 226.2.3.4 senders 1 receivers 2 sender-list 1 ! access-list 1 permit 161.1.45.4 access-list 2 permit 161.1.127.1 R4 interface Ethernet0/0 ip address 161.1.45.4 255.255.255.0 ip mrm test-sender R1 interface FastEthernet0/0 ip address 161.1.127.1 255.255.255.252 ip mrm test-receiver R5 mrm myTest start Basically you configure a manager, multicast test sender, and multicast test receiver. In this case R5 is the manager. R4 is the multicast sender and R1 is the multicast receiver. Look at some of the show ip mrm commands to see the results. This can also be used in the real world to monitor a real multicast stream. The config is essentially the same except the multicast test sender isn't needed. Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) CCSI# 98640 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Tafasi Sent: Tuesday, March 11, 2003 10:11 PM To: Cisco Group Study; ccielab Subject: Pinging a Multicast address Hi group, I practicing multicast and I am trying to get the router below to send a continuous multicast stream. I receive response to only the first multicast packet. Can some one give me a solution for this? Thanks John Tafasi r1#ping Protocol [ip]: Target IP address: 225.2.2.2 Repeat count [1]: 100 Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 100, 100-byte ICMP Echos to 225.2.2.2, timeout is 2 seconds: Reply to request 0 from 150.50.7.7, 440 ms.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65132t=65132 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem with Cicso VPN Client 3.6.3.B-k9 connectin [7:65038]
David, I encountered a similar problem.. The VPN client I was using had an intrinsic firewall that was blocking all traffic apart from that belonging to the VPN (even when it wasn't 'live'). To check this, right click on the VPN client icon within your system tray. can you see a 'Stateful Firewall' or 'Firewall' option ??? If so, uncheck this option and try to ping your machine - it should be as expected now. If not then you have a different problem elsewhere Hope this helps, Brian d tran wrote: Hi, I have Cisco VPN client version 3.6.3.B-k-9 (latest version) running windows XP Service Pack 1. The IP address of this window machine is 172.16.1.200. I set up extended authentication on the Pix firewall for remote Cisco VPN users and everything is working great. The outside interface of the firewall is 172.16.1.1 with a netmask of 24 The problem is that whenever the windows is rebooted, no one on the 172.16.1.0/24 network can ping this Windows XP machine. I do have a unix machine on the same network (172.16.1.100). Basically the windows XP machine can not do anything because it has no network connectivity. Even the firewall can not ping the Windows XP machine. The only way for this to work is for me to uninstall Cisco VPN Client and reboot the Windows XP box. After the reboot, windows is working again. Now under Windows XP Task Manager, I do see a process CVPND.exe running that I don't recall with previous versions of Cisco VPN Client. Anyone has run into this problem before? Regards, David - Do you Yahoo!? Yahoo! Web Hosting - establish your business online Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65068t=65038 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem with Lightstream 100, SVC [7:65088]
Looks like you have an NSAP incorrect. 470001000100010001000100001110111000 s): SETUPv2 ci: 0xF3 mp: 0 ei: 0x 04:02:04: ATMSIG: Called len 20 04:02:04: ATMSIG: Calling len 20 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:0) build Setup msg, Null(U0) state 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:0) API - from sig-client ATM_OWNER_SMAP 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Input event : Req Setup in Null(U0) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Output Setup msg(XferAndTx), Null(U0) state 04:02:04: ATMSIG: Called Party Addr: 47.000200020002000200020002.222022202220.00 r6# 04:02:04: ATMSIG: Calling Party Addr: 47.000100010001000100010001.111011101110.00 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Null(U0) - Call Initiated(U1) 04:02:04: E164 NOT Converted 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Input event : Rcvd Release Complete in Call Initiated(U1) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245)cause = mandatory information element is missing, location = User 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Call Initiated(U1) - Null(U0) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) API - notifying Release Complete event to client ATM0.1 04:02:04: ATMAPI: (cs): SETUPv2 ci: 0xE9 mp: 0 ei: 0x 04:01:04: ATMSIG: Called len 20 04:01:04: ATMSIG: Calling len 20 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) build Setup msg, Null(U0) state 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) API - from sig-client ATM_OWNER_SMAP 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Req Setup in Null(U0) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Output Setup msg(XferAndTx), Null(U0) state 04:01:04: ATMSIG: Called Party Addr: 47.000200020002000200020002.222022202220.00 04:01:04: ATMSIG: Calling Party Addr: 47.000200020002000200020002.222022202220.00 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Null(U0) - Call Initiated(U1) 04:01:04: E164 NOT Converted 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Rcvd Release Complete in Call Initiated(U1) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234)cause = mandatory information element is missing, location = User 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Call Initiated(U1) - Null(U0) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) API - notifying Release Complete event to client ATM0.1 04:01:04: ATMAPI: (c To: John Tafasi ; Cisco Group Study ; ccielab Sent: Friday, March 07, 2003 1:18 PM Subject: Re: Problem with Lightstream 100, SVC Your IP addresses are incorrect. It looks like you forgot the 8 in 108 on R6. Tony Schaffran Network Analyst CCIE #11071 CCNP, CCNA, CCDA, NNCSS, NNCDS, CNE, MCSE www.cconlinelabs.com Your #1 choice for Cisco rack rentals. - Original Message - From: John Tafasi To: Cisco Group Study ; ccielab Sent: Friday, March 07, 2003 11:37 AM Subject: Problem with Lightstream 100, SVC Hi Group, I have two atm routers that are connected to a Cisco Lightstream 100 atm switch. I am trying to cause r6 to call r9 but the call does not succeed. I have configured svc routes on the switch and configured the two routers to use svc to reach each other. Below you will find the necessary configurations and output of the debug commands. From the output of the debug commands on the routers I can see that the routers could not register their addresses with the arp server. A r6#show run Building configuration... Current configuration : 883 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname r6 ! ! ip subnet-zero ! ip ssh time-out 120 ip ssh authentication-retries 3 ! ! ! ! interface Ethernet0 no ip address shutdown media-type 10BaseT ! interface Ethernet1 no ip address shutdown media-type 10BaseT ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface ATM0 no ip address atm pvc 1 0 5 qsaal atm pvc 2 0 16 ilmi no atm ilmi-keepalive ! interface ATM0.1 multipoint ip address 138.10.168.1 255.255.255.0 atm nsap-address 47.000100010001000100010001.111011101110.00 atm arp-server nsap 47.000200020002000200020002.222022202220.00 ! ! ip classless no ip http server ip pim bidir-enable ! ! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end r6# === r9ena r9#show run Building configuration... Current configuration : 643 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname r9 ! ! ip subnet-zero ! ip ssh time-out 120 ip ssh authentication-retries 3 ! ! ! ! interface Ethernet0 no ip address shutdown ! interface Ethernet1
ATM [7:64891]
All, A quick question if I may... See below the output from sh atm int atm x/x Router#sh atm int atm x/x Interface ATMx/x: AAL enabled: AAL5 , Maximum VCs: 4096, Current VCCs: 1 Maximum Transmit Channels: 0 Max. Datagram Size: 4528 PLIM Type: E3 - 34000Kbps, Framing is G.832/G.804, TX clocking: LINE Cell-payload scrambling: ON 99283 input, 99276 output, 0 IN fast, 0 OUT fast, 0 out dropVBR-NRT : 28000 Avail bw = 6000 Config. is ACTIVE Can anyone tell me where the Avail bw = 6000 information is coming from ? It is certainly not defined my router so I assuming it's coming from the provider...or am i assuming too much..;) Appreciate any assistance you can offer. Tks, B. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64891t=64891 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Problem with Lightstream 100, SVC [7:64794]
Looks like you have an NSAP incorrect. 470001000100010001000100001110111000 s): SETUPv2 ci: 0xF3 mp: 0 ei: 0x 04:02:04: ATMSIG: Called len 20 04:02:04: ATMSIG: Calling len 20 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:0) build Setup msg, Null(U0) state 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:0) API - from sig-client ATM_OWNER_SMAP 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Input event : Req Setup in Null(U0) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Output Setup msg(XferAndTx), Null(U0) state 04:02:04: ATMSIG: Called Party Addr: 47.000200020002000200020002.222022202220.00 r6# 04:02:04: ATMSIG: Calling Party Addr: 47.000100010001000100010001.111011101110.00 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Null(U0) - Call Initiated(U1) 04:02:04: E164 NOT Converted 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Input event : Rcvd Release Complete in Call Initiated(U1) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245)cause = mandatory information element is missing, location = User 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) Call Initiated(U1) - Null(U0) 04:02:04: ATMSIG(ATM0 0,0 - 0243/00): (vcnum:245) API - notifying Release Complete event to client ATM0.1 04:02:04: ATMAPI: (cs): SETUPv2 ci: 0xE9 mp: 0 ei: 0x 04:01:04: ATMSIG: Called len 20 04:01:04: ATMSIG: Calling len 20 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) build Setup msg, Null(U0) state 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:0) API - from sig-client ATM_OWNER_SMAP 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Req Setup in Null(U0) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Output Setup msg(XferAndTx), Null(U0) state 04:01:04: ATMSIG: Called Party Addr: 47.000200020002000200020002.222022202220.00 04:01:04: ATMSIG: Calling Party Addr: 47.000200020002000200020002.222022202220.00 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Null(U0) - Call Initiated(U1) 04:01:04: E164 NOT Converted 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Input event : Rcvd Release Complete in Call Initiated(U1) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234)cause = mandatory information element is missing, location = User 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) Call Initiated(U1) - Null(U0) 04:01:04: ATMSIG(ATM0 0,0 - 0233/00): (vcnum:234) API - notifying Release Complete event to client ATM0.1 04:01:04: ATMAPI: (c To: John Tafasi ; Cisco Group Study ; ccielab Sent: Friday, March 07, 2003 1:18 PM Subject: Re: Problem with Lightstream 100, SVC Your IP addresses are incorrect. It looks like you forgot the 8 in 108 on R6. Tony Schaffran Network Analyst CCIE #11071 CCNP, CCNA, CCDA, NNCSS, NNCDS, CNE, MCSE www.cconlinelabs.com Your #1 choice for Cisco rack rentals. - Original Message - From: John Tafasi To: Cisco Group Study ; ccielab Sent: Friday, March 07, 2003 11:37 AM Subject: Problem with Lightstream 100, SVC Hi Group, I have two atm routers that are connected to a Cisco Lightstream 100 atm switch. I am trying to cause r6 to call r9 but the call does not succeed. I have configured svc routes on the switch and configured the two routers to use svc to reach each other. Below you will find the necessary configurations and output of the debug commands. From the output of the debug commands on the routers I can see that the routers could not register their addresses with the arp server. A r6#show run Building configuration... Current configuration : 883 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname r6 ! ! ip subnet-zero ! ip ssh time-out 120 ip ssh authentication-retries 3 ! ! ! ! interface Ethernet0 no ip address shutdown media-type 10BaseT ! interface Ethernet1 no ip address shutdown media-type 10BaseT ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface ATM0 no ip address atm pvc 1 0 5 qsaal atm pvc 2 0 16 ilmi no atm ilmi-keepalive ! interface ATM0.1 multipoint ip address 138.10.168.1 255.255.255.0 atm nsap-address 47.000100010001000100010001.111011101110.00 atm arp-server nsap 47.000200020002000200020002.222022202220.00 ! ! ip classless no ip http server ip pim bidir-enable ! ! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end r6# === r9ena r9#show run Building configuration... Current configuration : 643 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname r9 ! ! ip subnet-zero ! ip ssh time-out 120 ip ssh authentication-retries 3 ! ! ! ! interface Ethernet0 no ip address shutdown ! interface Ethernet1
RE: Catalyst 3550 SMI or EMI [7:64450]
If the image name starts with c3550-i5 it's EMI. If it starts with c3550-i9 it's SMI. Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) [EMAIL PROTECTED] http://www.labforge.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Tafasi Sent: Tuesday, March 04, 2003 10:32 PM To: Cisco Group Study; ccielab Subject: Catalyst 3550 SMI or EMI How do I know if a catalyst 3550 is running EMI or SMI image. I tried using show version but that gave me no clue. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64450t=64450 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Certified Cisco System Instructor (CCSI) [7:64319]
In order to become a CCSI you have to be sponsored by a Cisco Training (Learning) Partner. In today's market there aren't a lot of jobs, if any, for CCSIs. I would estimate that about 50% of the CCSIs I know aren't teaching authorized Cisco classes anymore. All the good CCSIs I know are off on there own consulting or teaching private classes. Unless someone can teach a ton of Cisco classes right off the bat (MPLS, CVOICE, CWFUN, MCAST, etc) I would be very surprised if a Cisco training partner was willing to sponsor someone new. Brian Dennis, CCIE #2210 (RS/ISP Dial/Security) CCSI #98640 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Tafasi Sent: Monday, March 03, 2003 7:59 PM To: Cisco Group Study; ccielab Subject: Certified Cisco System Instructor (CCSI) Hi Group, I am interested in becoming a CCSI but i could not find any information regarding procedures for this certification on Cisco's web site. Can some one give me some advice. Thanks John Tafasi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64319t=64319 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Console, Telnet password [7:64184]
ON a PIX you need to use the command enable to modify the enable password usage: enable password [encrypted] There is no console password, remember if you can get physical access to the box then you win. To change to TELNET password use the command passwd usage: passwd encrypted For both of these commands the encrypted implies that you are entering a encrypted version of the password and not the plaintext version. Hope this helps out for the PIX. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64232t=64184 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Console access to 7200VXR [7:63555]
flow control set to none? Bri wrote in message news:[EMAIL PROTECTED] Hmmm, The settings look fine (though sometime 1 stop bit can be tried as well). Also verify flow control is set to none. The cisco rollover cable is 1-8 = 8-1 pinouts. I'm guessing you are using the cisco adapters and cable? www.ccie4u.com On 22 Feb 2003 at 12:49, puro prasad wrote: Hi, Unable to login to 7200vxr series router through console. Port settings on the terminal: 9600 baud, 8 data bits, no parity, 2 stop bits. Tried using other settings too, didn't help. Help!! Regs., Prasad Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63573t=63555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ccnp kit [7:63453]
Location in question is Southern California, thanx though. Bri Troy Leliard wrote in message news:[EMAIL PROTECTED] HI Brian .. Where abouts are you based. If you are based in the EU, I have a may be able to find you some kit ... (give me a kit list and I can get some pricing done.) Everything will come with warranty and support. Otherwise, the other option is just to surf EBAY. Sonic wrote: Got a friend who is looking for a ccnp kit, you know a couple switches, a few routers. It seems he would rather pay a little more for the ability to have some warranty and the convenience of buying it all at once. He already knows about optsys.net and chipsettech.com. Any other recommendations? Brian Why do we reward illegal behavior? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63572t=63453 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Questions [7:63226]
Bill, In reference to your other questions 2) Conceptual questions on PIX (i am learning pix in a lab environment) a)will a higher-security interface always be able to initiate connections to a lower-security interface without configuration of an access-list,etc ? So, with a pix consisting of 8 interfaces, will e7(dmz with security70) be able to initiate a connection to e5(dmz with security50) but not the other way around? The thing to rememeber about PIX's is that to go from a higher to lower security level interface you require NAT (whether it is dynamic or static), and to go from lower to a higher level security interface you need a static translation and a conduit or access-list allowing the traffic. So e7 will be able to communicate with e5 if there is NAT, but for hosts on e5 to communicate with e7 you will need a static and conduits/ACL's. b)access-list 101 permit tcp any host 175.1.1.254 access-list 101 deny tcp any host 175.1.1.254 eq www What is the effect of the above access list in regards to www traffic? Remember that ACL's work in a sequential way. So in regards to yours. All TCP traffic will be allowed to pass through with any source IP address to 175.1.1.254 specifically, the second line is denying any www (port 80) - however, your previous statement has allowed this traffic already so this 'policy' will never be matched. So, web traffic to 175.1.1.254 will be allowed. If its not behaving the way you think it should, remember there is an implicit deny ip any any at the end of any access-list, and that you need a static translation to go from lower to a higher level security interface. c)access-list 1 deny tcp host 10.0.1.2 This access-list is applied to interface e1(ip:10.0.1.1) and thus i expect that 10.0.1.2 cannot initiate any communications. However it could reach internet websites. When I used the same command but with a 'eq www' at the end, the access-list worked and denied the host access to the web. Why is that? I was under the impression that my access-list would simply deny all traffic which would normally be the case on a router, but this seems to be working differently on a pix. Not too sure on this one and no time to investigate... perhaps someone else can answer. Adios, Brian Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63245t=63226 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: AES license [7:62905]
Yea, and in the pix guide it also list proposed part numbers for the AES. It is about as free as 3DES is (which is not free). I wonder if AES is enabled in my 6.3beta version? Hmmm? Probably not... -Original Message- From: Jim [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 21, 2003 5:09 AM To: [EMAIL PROTECTED] Subject: AES license Hi all, With PIXS OS 6.3 coming out with AES does anyone know what the license requirements for it will be? Free for AES or $$ like for 3DES? Any word on this for IOS w/o the need for the AIM? thanks, JT ___ Join Excite! - http://www.excite.com The most personalized portal on the Web! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62905t=62905 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: backup to line ISP [7:61355]
well a quick dirty way is to default to the dsl router with a higher metric.. Bri - Original Message - From: GeorgeB To: Sent: Monday, January 20, 2003 12:44 AM Subject: backup to line ISP [7:61355] Hello I need to find a way if our frame -relay to ISP went down auto switch to DSL for redundency. Thank you for any thoughts, George Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61358t=61355 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP classes in San Diego! [7:60786]
These have the usual 1500-2500 dollar cost?? I'd like to find a modestly priced training solution. Brian - Original Message - From: kris moby To: Sent: Thursday, January 09, 2003 8:46 PM Subject: CCNP classes in San Diego! [7:60786] Mira Costa College is offering CCNP classes at their campus in Oceanside, CA. Semesters 5 (Building Scalable Cisco Internetworks and Advanced Routing) Semester 8 (Cisco Network Troubleshooting and Support) start Jan 21st and they both still have seats open. Registration is open through next Wednesday, Jan. 15th so HURRY! You can apply register for classes online, here is the link; [url]http://www.cccapply.com/AdmissionApp[/url] To sign up for classes or view the catalog; [url]http://surf.miracosta.edu[/url] I am a Student at MCC and I cannot recommend these classes highly enough - and they are only $44/semester! You can't beat that! Application takes only a few minutes, sign up today! Mira Costa College has an excellent lab for CCNA/CCNP. It clean organized with all the equipment you'll need. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60799t=60786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP classes in San Diego! [7:60786]
hmm, yea I do have a cco login, price for this though cheaper, is still outta my reach for now, but I'll keep this in mind. Bri - Original Message - From: The Long and Winding Road To: Sent: Friday, January 10, 2003 8:00 AM Subject: Re: CCNP classes in San Diego! [7:60786] Brian wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... These have the usual 1500-2500 dollar cost?? I'd like to find a modestly priced training solution. Brian, are you a Cisco customer, or work for one? Are you able to get to the Cisco training offerings at http://www.cisco.com/warp/public/10/wwtraining/celc/celclogin.html or http://www.cisco.com/en/US/learning/le31/le46/learning_customer_e-learning_c onnection_tool_launch.html watch the wrap Brian - Original Message - From: kris moby To: Sent: Thursday, January 09, 2003 8:46 PM Subject: CCNP classes in San Diego! [7:60786] Mira Costa College is offering CCNP classes at their campus in Oceanside, CA. Semesters 5 (Building Scalable Cisco Internetworks and Advanced Routing) Semester 8 (Cisco Network Troubleshooting and Support) start Jan 21st and they both still have seats open. Registration is open through next Wednesday, Jan. 15th so HURRY! You can apply register for classes online, here is the link; [url]http://www.cccapply.com/AdmissionApp[/url] To sign up for classes or view the catalog; [url]http://surf.miracosta.edu[/url] I am a Student at MCC and I cannot recommend these classes highly enough - and they are only $44/semester! You can't beat that! Application takes only a few minutes, sign up today! Mira Costa College has an excellent lab for CCNA/CCNP. It clean organized with all the equipment you'll need. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60822t=60786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP classes in San Diego! [7:60786]
The only classes I've taken were either at Ascolta, or self study of various ciscopress titles. My bkgd is almost entirely isp, with very little enterprise, so I need to get those areas up. Brian - Original Message - From: Nathan Nakao To: Sent: Friday, January 10, 2003 9:03 AM Subject: RE: CCNP classes in San Diego! [7:60786] If I plan to be here in San Diego past the 15'th I'm definitely signing up. Brian, have you taken any classes there before? If so, how'd you feel about the environment? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Brian Sent: Friday, January 10, 2003 8:32 AM To: [EMAIL PROTECTED] Subject: Re: CCNP classes in San Diego! [7:60786] hmm, yea I do have a cco login, price for this though cheaper, is still outta my reach for now, but I'll keep this in mind. Bri - Original Message - From: The Long and Winding Road To: Sent: Friday, January 10, 2003 8:00 AM Subject: Re: CCNP classes in San Diego! [7:60786] Brian wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... These have the usual 1500-2500 dollar cost?? I'd like to find a modestly priced training solution. Brian, are you a Cisco customer, or work for one? Are you able to get to the Cisco training offerings at http://www.cisco.com/warp/public/10/wwtraining/celc/celclogin.html or http://www.cisco.com/en/US/learning/le31/le46/learning_customer_e-learni ng_c onnection_tool_launch.html watch the wrap Brian - Original Message - From: kris moby To: Sent: Thursday, January 09, 2003 8:46 PM Subject: CCNP classes in San Diego! [7:60786] Mira Costa College is offering CCNP classes at their campus in Oceanside, CA. Semesters 5 (Building Scalable Cisco Internetworks and Advanced Routing) Semester 8 (Cisco Network Troubleshooting and Support) start Jan 21st and they both still have seats open. Registration is open through next Wednesday, Jan. 15th so HURRY! You can apply register for classes online, here is the link; [url]http://www.cccapply.com/AdmissionApp[/url] To sign up for classes or view the catalog; [url]http://surf.miracosta.edu[/url] I am a Student at MCC and I cannot recommend these classes highly enough - and they are only $44/semester! You can't beat that! Application takes only a few minutes, sign up today! Mira Costa College has an excellent lab for CCNA/CCNP. It clean organized with all the equipment you'll need. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60827t=60786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Checking clocking speed on routers [7:60591]
If we're talkin Frame relay CIR a phone call to telco is sometimes necessary. CIR will often be 50-75% of the purchased bw. Bri - Original Message - From: Andrew Larkins To: Sent: Wednesday, January 08, 2003 3:11 AM Subject: RE: Checking clocking speed on routers [7:60591] some routers you can use a show controller serial x and see the clocks detected -Original Message- From: Marakalas [mailto:[EMAIL PROTECTED]] Sent: 08 January 2003 13:00 To: [EMAIL PROTECTED] Subject: Checking clocking speed on routers [7:60591] Hi All, How does one check the clocking that is provided by the telecommunications company to me. I just established that on one of my links in the network, our company has been paying for a 512kb line, and instead the line we're getting is a 128kb. Any assistance in this regard will be highly appreciated. Marakalas __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60615t=60591 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: icmp messages [7:60602]
there are a ton of icmp message types, the block is likely preventing you from getting some errors. A former coworker had a good idea that went like this, in this order. Permit all icmp from trusted monitoring hosts deny icmp echo/echo-request from all permit icmp from all Its a middle of the road approach, and some folks will tell you its too open. But, I happen to believe that receiving and processing icmp errors is better than putting them in the bit bucket. Brian - Original Message - From: ramesh c To: Sent: Wednesday, January 08, 2003 5:32 AM Subject: icmp messages [7:60602] I got access list as follows on my router access-list 100 permit icmp host any host xyz ttl-exceed access-list 100 deny icmp any any when I do a traceroute from host xyz,I get reply only from some hosts .The Hitcounts on deny icmp icmp increases.the access-group is applied to the in Am I missing any other icmp messages?Is there a way to allow all icmp messages for the host? Cheers _ Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. http://login.mail.lycos.com/brandPage.shtml?pageId=plusref=lmtplus Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60616t=60602 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: will a cisco router work w/ bellsouth dsl? [7:60668]
key question to ask is whats needed, ppoe, rfc1483 or what? I am very happy with my 827 on britsys.com's dsl network. Brian - Original Message - From: Adam Frederick To: Sent: Wednesday, January 08, 2003 5:41 PM Subject: will a cisco router work w/ bellsouth dsl? [7:60668] has anyone had luck using any cisco series (8xx) routers to work with BellSouth's DSL service? It's not listed as a certified router/modem so I just wasn't sure. Any help would be appreciated. Thanks Adam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60673t=60668 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX behind DSL router [7:60307]
pix is a nat box, curious why youre doing that on the router?? double nat can work, havent heard of it with this combo though. Bri - Original Message - From: Andy Barkl To: Sent: Saturday, January 04, 2003 2:45 PM Subject: PIX behind DSL router [7:60307] I'm trying to configure a PIX to sit behind a Cisco 675 DSL router (or is it a modem in this case) and I'm not having much luck. NAT is functioning on the router but I can't get from the LAN through the PIX and router to the Internet. This is a double-NAT scenario. Is this possible? I have tried adding all the usual static routes for the router and PIX with no success. Any first-hand experience or ideas? 10.0.0.0---PIX---192.168.1.0---router---Internet Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60310t=60307 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco career advice needed [7:60013]
lying on a visa app, lovely... bri On Fri, 3 Jan 2003, Marc Thach Xuan Ky wrote: In the last place I worked, rumour has it that one of my colleagues was interviewed and thus obtained a UK visa on the basis of his CCIE, and this later turned out to be written only. HR departments / technical management aren't always as rigorous as you may think :-) If this is true then I think you could definitely say that it can be of benefit. rgds Marc Frank Jimenez wrote: Where I *have* seen it helpful is in specific cases where a company was anticipating needing a CCIE-level applicant at a future date. So the following: CCIE Routing/Switching - Lab Scheduled 6/2003 Might be helpful. The CCIE written qualification alone hasn't helped anybody that I know of. Frank Jimenez, CCIE #5738 Systems Engineer Cisco Systems, Inc. [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of irfan siddiqui Sent: Tuesday, December 31, 2002 3:23 AM To: [EMAIL PROTECTED] Subject: Cisco career advice needed [7:60013] Hi, Does the CCIE qualification exam itself have any worth. I know that your not a CCIE without giving the actual Lab part of the exam, but how does the CCIE written exam scale on its own, career wise. Does it help improve job prospects. What are the benefits of this exam on its own, or is it totally useless without the LAB part. Say if i never appear for the LAB, for any reason, would the written exam be any worth of mention, like say on my resume or as a credential. Thanks for all your advice in advance. Irfan _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60226t=60013 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Is a Virus or Hacker attack?? [7:60114]
hey wasnt there a virus like 3 years ago with fireworks that did that?? Bri On Thu, 2 Jan 2003, Richard Campbell wrote: Hi... Group, I have a friend who received a mail containing screen saver attachment in her yahoo mail account when she is surf net at home. She downloaded the screen saver and install it. After installing , she found that her files in the my document become transparent in color and there are many extra files in many places. Besides, she also found a notepad file in the desktop, stating that she had been hacked, yeah.. (something like that) and it can't be deleted (It will come back after rebooting). And its sound also gone. Anyone encountered this so called Hacker Virus before?? Any solution for me?? Thanks in advanced _ The new MSN 8 is here: Try it free* for 2 months http://join.msn.com/?page=dept/dialup Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60141t=60114 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]