RE: best practice
JMcL - I can think of a few that are standard here. These may be more basic than you are asking for, but it's a start: service timestamps debug datetime localtime show-timezone // who needs milliseconds anyway?? service password-encryption logging buffered 4096 debugging // keep the log locally ip subnet-zero // a default I think clock timezone PST -8 // ymmv clock summer-time PDT recurring // ymmv On each interface: no ip directed-broadcast On a Frame Relay interface, I put the port speed as the bandwidth, and the sub-interfaces get their respective PVC CIR as the bandwidth. eigrp calculations use the subs, and the other is there for documentation only. (Although I think Concord uses it for graphs.) In the router eigrp section eigrp log-neighbor-changes ip classless // defaults ip http server // defaults logging trap debugging // lots of detail logging source-interface Loopback0 // all log messages sourced from lo0 logging 10.2.1.20 // our syslog server snmp-server chassis-id JAB0332A3Q5 // so I have the serial number documented banner exec ^C// so I "remember" the model version as I log in Model 2610, Version 12.0(3c) ^C ntp server 10.252.1.1 prefer // centralized time server I hope this is a start. I welcome any feedback. bv Buddy Venne WAN/LAN Specialist Onyx Acceptance (949) 465-3775 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, September 04, 2000 11:01 PM To: [EMAIL PROTECTED] Subject: best practice This question is sort of off topic (and very broad) but it could start up all sorts of interesting on-topic threads so I'll ask it anyway. And anyway, groupstudy's quiet - does the US have a holiday yesterday or something (timezones do funny things to sentences :-)? I'm doing a clean up and general revision of some of our router configs - removing stuff that is no longer needed, changing parameters that are no longer appropriate, etc etc. What commands/configurations are viewed as current general 'best practice'? I'm thinking of things like 'no ip directed-broadcast', 'ip classless' and 'no service blah blah', that have become defaults in later IOS versions, and also more specific stuff like when to use which form of route caching, or guidelines from presentations/remote corners of CCO (e.g. I've got some configuration guidelines for configuring frame relay traffic shaping which come from a Networker's presentation - I've posted them before but let me know if anyone wants them posted again). I know the ultimate answer will be 'it depends' (after all, if there was a single 'best way' the parameters wouldn't have to be user-configurable) - I'm more looking for things to consider. To restrict it a bit, some of the things I am running on the routers include... IOS 11.2 frame relay (using sub-interfaces and frame relay traffic shaping) ISDN (natively and using an external TA) IPX (with IPX RIP) IP (with OSPF and statics) prioritisation access lists for filtering and prioritisation SNMP/RMON NTP HSRP Thanks, JMcL ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Can't connect to a Cisco/Grand Junction 2800 Switch via serial
Group - At last a question I can answer! You can 1.) Build a custom db9 adapter that raises CD toward the 2800 and does the null-modem functions, or 2.) force an arp entry into a router on the same Ethernet segment. To get access I used method #2 which is described in the attached text file. Later I built the adapter which I still have. If you need the pin out: rj45 - db9 18 21,6 32 45 55 63 74 87 happy hacking Buddy Venne, CCNP, CCIE written, MCSE WAN/LAN Specialist Onyx Acceptance (949) 465-3775 -Original Message- From: Clay Stuckey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 30, 2000 8:38 PM To: group study Subject: Can't connect to a Cisco/Grand Junction 2800 Switch via serial I have tried several serial cables. I can connect to other cisco equipment fine. My terminal program says it is connected but no response from key strokes. I move the cable to a router and hit enter and I get a login. I move it back to the switch and nada Any ideas. I did try a null modem cable and at least got one wierd ATxxx thingy in the screen. When I go back to a standard serial cable - nothing. I would love any advice. Clay ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Journal entry October 9, 1999: The problem: Catalyst 2800 and we can't access the cli. We don't know the MAC, or the ip it used to have. Console port communicates but does not seem to be of use. It sends AT command strings which would be to configure a modem if one was on there. no menu prompts. I got on to the 1605 that is on the same ethernet segment as one of the switch ports. I tried a ping 255.255.255.255 and then look at the arp table, but no luck I tried to get the serial port running, but no luck I got 2 modems back to back, a sportster on the switch and a courier on the attacker I used c0 to tell the modem to ignore CD, and d0 to ignore DTR, that way I can plug and unpluig I used one terminal and ste it all up. I kept moving the terminal from the sportster to the courier I set the courier to go into "Originate mode from the front switch. I plugged into the sport and issued ata to start answering I plugged the sport to the switch and then put the terminal cable in the courier, and as I was doing that I pressed the front switch and it went into training. this was all for nought, because the serial port was not responding to my a enter, b enter, c enter, d. . . . on through h or so. I did not get as far as M, which may have been the one that would have worked. but anyway at labb I got into config t mode and tried to add an arp entry with arp 2.2.2.2 00c0.id80.29ac arpa ethernet 0 adn the same alias at the end no luck because the router said invalid arp command, must be bridging. I tried several modes of bridge group 1 which enables it and then go to the interface and issue ip bridge-group 1 and other commands, but these did not work. I then thought, why not add an address that would be valid if there was a lan on E0? so I gave it 219.17.100.5, and put that in an arp command. still error. Then I went to global conmfig mode and issued ip host-routing and then tried to add the arp entry, and it worked. then I pinged and it worked and then I did telnet and it worked. voila! menus and such. I could not find a place to set a fixed ip address. but in VLAN 1 we put 219.17.100.5 255.255.255.0 and this may be where it is put in. It is not clear. I felt good. * for a textbook description of the procedures used, see ref. 1. For a general overview, see #2. 1. Hunt, Craig. TCP/IP Network Administration. 2d ed. Sebastopol, CA: O'Reilly Associates,1998. 2. NAF Personnel. NAF Notes, Network Analysis Forum - 1997. Groveland, CA: Pine Mountain Group.
Sub-interface access-list question
All- Can I apply an access list to a sub-interface? Background: Generally a hub and spoke network. Company "A" at central site, company "X" 15 miles away. Central site router is a 7204, need to have only company "X" network _not_ learn our routes, but still have 2 dynamic routes back to us. All other remote sites can learn all routes. The routing protocol is eigrp, and the two paths between company "X" and central are point-point T1 and Frame Relay. Remote router is a 3640. The frame relay connection is multipoint frame relay on a subinterface here. thanks Bud Venne ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: routing protocol
fanj - in a short summary: Name Protocol Number Port BGP 6(TCP)179 IGRP9 n/a (it _is_ prot 9) RIP 17(UDP) 520 EIGRP 88 n/a (it _is_ prot 88) OSPF 89 n/a (it _is_ prot 89) hth Buddy Venne -Original Message- From: Jorge Rodriguez [mailto:[EMAIL PROTECTED]] Sent: Sunday, May 28, 2000 8:24 PM To: fanj; [EMAIL PROTECTED] Subject: Re: routing protocol Try www.netsys.com http://www.netsys.com go to technical library . You can find TCP/UDP port numbers by protocol Jorge Rodriguez /CCNA Network Services Analyst RS Networks Inc 1112 Boylston Street #222 Boston, MA 02115 1-781-614-1294 http://www.netwire.n3.net/ http://www.netwire.n3.net/ http://www.learncisco.n3.net/ http://www.learncisco.n3.net/ - Original Message - From: fanj mailto:[EMAIL PROTECTED] To: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Sent: Saturday, May 27, 2000 10:18 PM Subject: routing protocol can someone tell me which port the routing protocols are using ? where can I get the details of all the protocols ? Thanks in advance ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
