RE: Windows 2000 and NAT [7:43635]
James, Just go into the properties for NAT in RRAS and cut on the DNS service. Point the NAT box to the ISP's DNS, and point your internal clients to the NAT box as both thier DNS server and Default Gateway. Alternatively, you could just cut the NAT DHCP allocator on and set all of the clients to get an IP through DHCP. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member), MCSE+I (NT4.0), MCSA (Charter Member), MCT, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43786&t=43635 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Different Cat 1912's [7:43609]
The main differences are in the port types (fiber or copper) and the software. The Enterprise software on the 1900 is needed if you want to do any VLANs or actually have a "pseudo-IOS". The standard edition only comes with the menu system. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member), MCSE+I (NT4.0), MCSA (Charter Member), MCT, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43787&t=43609 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID Test wonderings [7:43678]
I took the test about 2 months ago, and I thought it was very easy, even cold. I haven't read any of the study guides, so I can't tell you how close they match, but I can tell you the things that stood out to me: -No configuration questions -Some basic troubleshooting -Mostly design (i.e. what is best in this situation) questions -Lots of Token Ring stuff -Some rough PPP questions (read the RFCs) -Some ancient (SNA and X.25) stuff -A decent amount of fairly easy routing questions, mostly OSPF, EIGRP and RIP -Surprisingly, some network tools questions where the answer was NOT the Cisco product (Openview, Sniffer, etc.) Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member), MCSE+I (NT4.0), MCSA (Charter Member), MCT, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43810&t=43678 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Reg: OSPF [7:43726]
OSPF isn't as hard on routers as you might think, as long as the network is reasonably well designed and the IP structure is hierarcical (SP?). The worst part of OSPF is the CPU utilization under a diffusing computation, but if your network is fairly stable, diffusing computations shouldn't happen very often. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member), MCSE+I (NT4.0), MCSA (Charter Member), MCT, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43811&t=43726 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Reg: OSPF [7:43726]
Oops, just realized I said "diffusing computation", when I meant "SPF computation"Sorry, diffusing comps are EIGRP :( Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43814&t=43726 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID Test wonderings [7:43678]
I would assume it was the most recent version, but I really don't know, as I wasn't aware that they had changed the CCDP exams. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member), MCSE+I (NT4.0), MCSA (Charter Member), MCT, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43953&t=43678 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Designing a enterprise ,by Application not use [7:43614]
For quantifying traffic based on user and application, there are several tools you could use. SMNP management suites (Openview, Unicenter, etc.) would be the easiest, but that requires that you already have SNMP in place. If not, I would suggest lumping the individual user types into different VLANS, then spanning ports on the switch, and taking Sniffer and reducing the packet size to just capture the headers of each packet while increasing the buffer size to allow you to capture LOTS of packets. Then sniff the wire for a week or so. Sniffer will quantify how much of the traffic belongs to a given protocol for you, as well as which hosts are the noisiest :) Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member), MCSE+I (NT4.0), MCSA (Charter Member), MCT, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43954&t=43614 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PVCs vs. SVCs - puzzling me. [7:44117]
Kevin, The primary difference between PVC's and SVC's are that PVC's are "always on" connections and SVC's are "established upon need". Think of it like the difference between the batphone and a regular phone. The batphone always reaches a single destination and never dials. This is like a PVC. A standard phone can call one of several destinations, but each connection must be established beforehand, and only exists until it is no longer needed. This is like an SVC. As for the switching path through the cloud, as far as I know (keep in mind that I do not work for a telco), both VC's normally have a static path through the cloud once established. ATM can also make use of a special type of connection, known as a SPVC, which has a permanent connection from the client to provider, but a dynamic connection from switch to switch inside the cloud. Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44129&t=44117 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Which Catalyst uses CatOS [7:44107]
Don, Current switches that support CatOS are (taken from my book): Catalyst 2900, 4000, 5000, 5500, 6000 and 6500 series switches Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44132&t=44107 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DNS - Unicast or Broadcast? [7:44060]
Patrick Ramsey wrote: > > windows clients will actualy send unicast to ALL listed dns > servers... Instead of quearying the first, timeout, second, > timeout, etc They just assume all will time out and send it > to all listed. but it is definately unicast. > > -Patrick Patrick, Unless you can back this up with a sniff or Q article, I am going to strongly disagree with this one. To my knowledge, windows clients actually just send to the first server listed. If that server NEVER responds, it sends to the second. But if that server responds negatively (i.e. "I can't find the host"), the client will never query any other servers, due to the fact that the other servers SHOULD (assuming root hints and forwarding are correctly configured) respond with the same answer. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44133&t=44060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP and 7 hops [7:44408]
Steven, The 7 hop limit is from the root bridge, as STP calculates the tree from the root. Historically, I am not sure why it's 7, but Ethernet has a base hop "limit" of 4 switches (5-4-3 rule), so it doesn't really matter so much. The reason for the 4 hop limit in Ethernet is simple: For 10 Mb or full duplex 100 Mb connections, the limit is mostly to reduce noise from the amplification of the signal as it passes through the switches/hubs, where as in 100Mb half-duplex connections, it is mostly to keep the propogation delay within specs. Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44427&t=44408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP and 7 hops [7:44408]
HmmmFor the 7 hop from edge thing, I stand corrected. Now that you mention "radius vs. diameter", I see what you mean. My thinking was that the diameter was calculated with the root at the center (3 switches to either side for 7 switches total). The problem with that is that it doesn't necessarily have to be three per side, it could be 6 on one and none on the other :( Just poor analysis on my part. As for the 5-4-3 rule, I am going to disagree on a few counts. Here's how I remember it (from an admittedly long time ago): First, the slot time (64 byte time) isn't much of an issue unless running at 100Mbps or faster, and isn't an issue at all running full duplex. As I remember it, the problem with the slot time is that at 100Mbps, the slot time drops to something like 5.12 ms, which necessarily reduces the repeated network's diameter, as if a packet collides after the slot time it becomes a late collision, and the original host may not properly detect the collision. I seem to remember that there always being a recommendation, however, not to repeat the packet more than 5 times due to S/N Ratio problems creeping in after amplification. As for the switch vs. hub thing, I seem to remember based on the S/N thing that anything that amplified the original signal caused this problem. I also remember the distinction that under normal circumstances, the switch does not modify the packet in any way (L3/4 switches and trunking excluded). However, thinking about it, based solely on the switching mode, it seems that all switches (and even a lot of hubs now) buffer the packet in RAM and then forward it, which means, as someone stated, that the packet is "rebuilt". So, I agree with most of what you have said after all, with the exception of the S/N ratio having nothing to do with it. I do remember reading that the S/N ratio degradation was an issue after many amplifications of the original signal. As for me drinking by the pool, no, I am out of town at present, and just rattled off the reply. As I hope I have shown, I did have reasons for what I said, just perhaps the weren't thought out well enough. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44460&t=44408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: STP and 7 hops [7:44408]
Look Priscilla, I am not trying to get in a pissing contest here, and I am not trying to "waste bandwidth" (though I don't know if I would worry about that, considering all of the things that flow through the Internet). All I was attempting to do was clarify what I was thinking, and I ADMITTED that you were correct on most of the issues. However, I also know what I have read and been told through the years, and while that doesn't include the original IEEE documents, it DOES include quite a few books, including a number of Cisco books. Perhaps they are wrong and you are rightI am fine with that, but I would like to clarify my understanding if that is the case. Therefore, I will (try) to make some succinct comments on your statements below: Priscilla Oppenheimer wrote: > > At 07:29 PM 5/18/02, Brian Hill wrote: > > >First, the slot time (64 byte time) isn't much of an issue > unless running at > >100Mbps or faster, and isn't an issue at all running full > duplex. > > Slot time is an issue for all CSMA/CD networks, regardless of > transmission > speed. It is certainly discussed as a fundamental issue in all > versions of > IEEE 802.3 from the first in January 1985. This would be the first time I have heard this statement. I was under the impression that the slot time's primary purpose was to facilitate collision detection. In other words, that the slot time represented the length of time an Ethernet host listened to it's own packet to detect a collision. Is this not true? If it is true, how does the slot time have anything to do with full duplex Ethernet? > >, which necessarily reduces the repeated > >network's diameter, as if a packet collides after the slot > time it becomes a > >late collision, and the original host may not properly detect > the collision. > >I seem to remember that there always being a recommendation, > however, not to > >repeat the packet more than 5 times due to S/N Ratio problems > creeping in > >after amplification. > > I can't find any mention of what you're saying, and I also > question the > premise. Ethernet repeaters do digital regeneration of the > signal. I don't > think they amplify noise. They clean up the digital signal. > Ahah, then I stand corrected yet again. I did a search on this, and found out that an analog repeater simply amplifies the signal, thus retaining any noise caused by attenuation, while a digital repeater actually regenerates the signal, essentially recreating the packet in the process. In most of the books I have read regarding basic Ethernet functionality, they simplify it by claiming that all repeaters simply amplify the original signal, which would retain any noise already present in the original. However, this new information regarding repeating is according to BICSI, which I would assume is correct, and matches up with your statements. > > >As for the switch vs. hub thing, I seem to remember based on > the S/N thing > >that anything that amplified the original signal caused this > problem. > > Regardless, it's completely out of the realm of a discussion on > how > switches behave. Agreed, I was simply trying to explain my original thinking. The thought process was that a switch simply operated on the same principle as a hub, with the exception of the fact that it recognizes and forwards based on MAC. In other words, my thinking was that a switch amplified the signal like a hub, when in truth, neither do...They both rebuild the signal. > > >I also > >remember the distinction that under normal circumstances, the > switch does > >not modify the packet in any way (L3/4 switches and trunking > excluded). > > True, but think about the meaning of the sentence. Layer 2 > switches don't > modify the packet (frame). We aren't talking about signals > here. We're > miles above that. Yes, but I was thinking of the easiest way to do this electrically, again, by amplifying. > > >However, thinking about it, based solely on the switching > mode, it seems > >that all switches (and even a lot of hubs now) buffer the > packet in RAM and > >then forward it, which means, as someone stated, that the > packet is "rebuilt". > > A hub that did that wouldn't really be a hub. The extra delay > would cause a > problem, for one thing. Priscilla, I can't find the logic in this. If the hub doesn't buffer the frame, I don't see any way it could possibly rebuild it. I mean, from what I can tell, either the hub amplifies the original signal (which you and documentation state is untrue), or it has to somehow record the incoming signal (into RAM?) and then send the regenerated signal back out, doesn't it? I am not
RE: STP and 7 hops [7:44408]
Priscilla Oppenheimer wrote: > > The IEEE annex that covered full-duplex (802.3x) probably > didn't mention > slot time. That annex was rolled into the 802.3 2000 edition, > however, > which of course does cover slot time since it still covers > CSMA/CD, > repeaters, etc. (in addition to full-duplex operation.) > Thanks, I was beginning to think I had bad info on slot time as well. It turns out you were saying that all devices that use CSMA/CD (i.e. multiaccess), not all Ethernet devices, use the slot time, which is how I understood it in the first place, I just misunderstood what you were saying :( > Well, now we are getting into EE talk. ;-) Everything is analog > at some > level, isn't it? But an Ethernet repeater works on a Manchester > encoded > digital signal. (MLT-3 encoding for 100 Mbps). I think your > second > statement is closest to the truth (that the repeater converts > the analog > signal into a digital representation and creates a new analog > signal). But > I don't know the exact details. Great, that makes perfect sense :) There is that Manchester encoding again. Do you know where I can find good documentation on it? > > I'm sorry I was so punchy in the previous message. > No problem Priscilla :) You guys (and gals) actually cleared up a lot of old misconceptions in this whole long list of stuff, which is great considering that documents on the dirty inner workings of Ethernet are hard to find unless you happen to be an IEEE member. :P Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44508&t=44408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP NACK problems [7:44671]
Is it always NACKing for the same IP lease? Normally, the DHCP process works like this: The client sends a DHCPDISCOVER to find a DHCP server, the server responds with a DHCPOFFER, offering the client an IP, the client responds with a DHCPREQUEST to choose the IP address (in case it gets an offer for more than 1), and the server responds with a DHCPACK, sealing the deal. However, MS DHCP servers have a "feature" that allows them to detect IP address conflicts before responding with an ACK. What I would check is a few things: First, if this is happening due to a conflict detection, you should see under active leases in DHCP a "BAD ADDRESS" listed by the IP. If you see that, ping the IP in question. If you get a response, track down the PC, and do an ipconfig to find it's DHCP server. Then track down that server and kill it :) Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44699&t=44671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dumb Access-List question [7:44588]
There are two differences. The first is that in the first example you are using a standard ACL, and in the second you are using an extended ACL. The second is that in the first example, you are using a numbered ACL, while in the second, you are using a named ACL. The primary differences in the two are that a numbered ACL has a finite number of ACL's you can create, while a named ACL (supposedly) has no such limit. The second is that you can remove individual lines from a named ACL. Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44700&t=44588 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and MS Active Directory [7:44797]
Pat, Are the clients having the problem, or are the servers having the problem? If it's the servers, it's probably just RPC, but if it's the clients, it could be lots of things. What exactly "isn't working"? Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44808&t=44797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and MS Active Directory [7:44797]
John, SMTP only works if you have two sites in two different domains. In addition, you have to have an exchange server with KMS and a CA to encrypt. Pat, I would suggest creating a tunnel from pix to pix and running the replication through there. AD uses RPC, which doesn't translate due to the fact that it uses random port numbers after the initial session establishment. Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44874&t=44797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Check My EIGRP Configuration [7:45065]
Ismail, I hate to be the devil's advocate, but why are you even using a routing protocol if you don't have any redundant links? Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45079&t=45065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
