RE: DDR logging line opening ? [7:44798]
Use a sniffer in combination with this log. This will help you identify which traffic opens the DDR link and which not. If there are any other ways, let me know. Rgds, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44815&t=44798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Telnet Session Traces....Needing help! [7:44793]
Hey Mark, First thing to do is use filters. Personally I use NAI's Sniffer Pro, which quickly allows you to select a session based on IP addresses and/or protocol. Ethereal should have this functionality as well. First create a filter based on the server's IP address, and look for any broadcast-traffic. This should quickly let you determine wether it's keepalives are send as broadcast or unicast. If you can't find any broadcast keep-alives (i.e. this is not the problem), enhance your filter to show you one specific session. Check the entire packetflow step-by-step and determine the set-up of the connection, data transfer and finally the termination of the connection. This should give you a better idea of what's going on. I'd recommend taking traces on both sides of the connection (so both server and client side) and compare them. Personally I don't think broadcast keep-alives are the problem, since keep-alives imply terminating a connection after a certain amount of missed keep-alives. And you already stated your server does not terminate the session. Anyway, hope this helps. Rgds, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44814&t=44793 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fwd: no lmi - dlci inactive - telco says my proble [7:44774]
Hmmmwho is your telco? For the old Concert network (now BT Ignite) I know they use ANSI LMI with a keep-alive interval of 10 secs. Make sure your settings match your telco's. What I always advise to do is to use a sniffer to see what's actually going on on the line. This way you can quickly identify if your router is receiving the right LMI type at the interval the telco states. Hth, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44812&t=44774 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token ring Question. [7:44805]
Hi Ivan, Mac addresses only have local significance. So for your scenario, host X sends a packet with it's own MAC address as the source and the router TR interface as the destination MAC address. The router then rebuilds the packet and sends it out the ethernet interface with the Ethernet interface as the source MAc address and host Y as the destination MAC address. Hth, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44809&t=44805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: accessing server slow over t1 [7:44355]
Hey George, Before you start taking any actions, first use a Sniffer to see what is causing the delay. It's no use implementing anything unless you know it's going to be effective. Hth, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44604&t=44355 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: bit time [7:44144]
For 16Mb Token Ring that would lead to 1 bit per 62.5 nanoseconds. I.e. one bit-time is 62.5 nanoseconds. Rgds, Remmert >From: "Pierre-Alex Guanel" >To: "C restion" , >Subject: RE: bit time [7:44144] >Date: Tue, 14 May 2002 09:47:44 -0500 > >Thank you Remmert. Can I assume that with a 16 Mb Token ring a bit time >would be 16 bits per seconds? > >Pierre-Alex > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of C >restion >Sent: Tuesday, May 14, 2002 6:32 AM >To: [EMAIL PROTECTED] >Subject: RE: bit time [7:44144] > > >Hi Pierre, > >A bit-time is the time it takes to send a bit. > >For 10Mb Ethernet a bit-time is a 100 nanoseconds (10 Megabit per second, >so >1 bit per 100 nanoseconds), for Fast Ethernet it is 10 nanoseconds and so >on. > >So if a workstation on a Fast Ethernet network were to wait 5 bit-times, it >actually waits 50 nanoseconds. > >Hth, >Remmert _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44269&t=44144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Slow Links. [7:44141]
Hi Murali, With Etherpeek you can only examine the ethernet sides of your connection (which in this case should probably enough since the problem seems to be on the Ethernet-segment between router C and the Win98 client). As far as I'm aware you can only sniff serial links with a professional package like Sniffer Pro. Should anybody know of a freeware tool, let me know. Hth, Crestion >From: [EMAIL PROTECTED] >To: [EMAIL PROTECTED], [EMAIL PROTECTED] >Subject: RE: Slow Links. [7:44141] >Date: Tue, 14 May 2002 18:20:33 +0400 > >Hi.. > >I have a small improvement on the problem.. now this is what i did.. on rtr >C i put access-lists such that only reqd data passes through.. and this >resulted in clients logging without any problems.. also the users there >said >that after this was put the client part of this foxpro based application >would not display errors of no connection or connection timing out.. all >that i could see was there was a lot of activity on the RTR 805. > >Can this be due to excessive broadcast of the netbios ?? that >helper-address >has opened the ports for..? if so which ports and protocols to permit. > >i want to remove the access-list since 805 is really a small router to do >too much of packet processing.. > >i would like to know if i am going in the right direction. > >Crestion --thanks for the mail.. i shall do that and let me see what it has >to say ? > >can Etherpeek monitor serial links across on router ? > >thanks, >Murali > > > >-Original Message- >From: C restion [mailto:[EMAIL PROTECTED]] >Sent: Tuesday, May 14, 2002 3:39 PM >To: [EMAIL PROTECTED] >Subject: RE: Slow Links. [7:44141] > > >Hi Murali, > >This definitely is a strange problem. I would advise to put sniffers on >both >ends of the connection (so one between the NT Server and Router A and one >between router C and the Win98 client), try to logon and than watch the >packet flow for any anomalies. Especially keep an eye on the 'delta time' >column and watch for a sudden increase in time. This usually points to >where >the connection gets 'stuck' and will help you pinpoint the problem. > >If your company doesn't have professional sniffers, you could probably get >the same result with one of the freeware sniffers (Etherpeek, etherreal). > >Hth, >Crestion _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44268&t=44141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Securing a Aironet 350 [7:44152]
Btwthere's a great article on Wireless security on http://www.networkcomputing.com/1303/1303ws2.html This article also shows the importance of finding the right balance between risk assessment, cost and convenience. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44219&t=44152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Securing a Aironet 350 [7:44152]
Steven, Way off Hmmmthe only thing I indeed forgot to mention is the directional antenna-danger, but to say I'm way off...that's a strong statement. First of all let me clarify myself. My final comment, "Again, which solution to go for depends on your security needs and how much you're willing to spend." basically says it all. As much as we techies would love to be in the ideal networking world where everything came free, this is NOT reality. Networking is here to support business and not the other way around. If in this case the signal stays within the building and our friend is the only one with a wireless card, basic WEP and access-control are all you need. There is no business need or potential risk whatsoever to justify purchasing expensive VPN-equipment. Again, you are right about the directional antenna danger, but if the AP is placed on the 48th floor of a building withouth any adjacent buildings even those won't help you too much. So you're right about WEP not being safe, I never claimed it to be safe. WEP does exactly what it's designed to do, namely provide minimum level security to get the efforts off getting on a Wireless network about as high as the efforts to get on a wired network. The rule that additonal security is required applies to both the wired as the wireless network. To summarise: ideally you would use all the security measures available to secure your wireless network. In reality you decide what measures to take based upon business needs (i.e. what costs are justifyable). Rgds, R Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44214&t=44152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: bit time [7:44144]
Hi Pierre, A bit-time is the time it takes to send a bit. For 10Mb Ethernet a bit-time is a 100 nanoseconds (10 Megabit per second, so 1 bit per 100 nanoseconds), for Fast Ethernet it is 10 nanoseconds and so on. So if a workstation on a Fast Ethernet network were to wait 5 bit-times, it actually waits 50 nanoseconds. Hth, Remmert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44203&t=44144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Slow Links. [7:44141]
Hi Murali, This definitely is a strange problem. I would advise to put sniffers on both ends of the connection (so one between the NT Server and Router A and one between router C and the Win98 client), try to logon and than watch the packet flow for any anomalies. Especially keep an eye on the 'delta time' column and watch for a sudden increase in time. This usually points to where the connection gets 'stuck' and will help you pinpoint the problem. If your company doesn't have professional sniffers, you could probably get the same result with one of the freeware sniffers (Etherpeek, etherreal). Hth, Crestion Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44204&t=44141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Securing a Aironet 350 [7:44152]
Hi Rich, First thing to do is to trace the signal. I.e. what are the physical limits of the RF. Special wireless tools (like the Sniffer Wireless) are available to help you with this, but the software delivered with your Aironet can tell you a lot as well. If the signal stays within the building, 128-bits WEP and an access-control list (i.e. which MAC-addresses are allowed and which not) should be sufficient. If the signal spreads to for example the car-park, additional security measures are advisable. Depending on how much you're willing to spend, several options are available. A firewall behind the AP, VPN-tunnels, etc. are all expensive, but secure solutions. Again, which solution to go for depends on your security needs and how much you're willing to spend. Hth, Remmert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44201&t=44152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]