Re: Cisco VS Foundry Networks.. [7:36448]

[Gregg Malcolm]

I've read a few of the responses to this question and haven't seen anyone 
mention the lack of debug support on Foundry equipment.  Has Foundry added 
debug support yet ?  If not, that alone is a compelling reason to buy from 
cisco.  One of many reasons, but to me, debug is virtually mandatory in a 
real, production network.

My 2 cents,  Gregg


From: Washington Rico 
Reply-To: Washington Rico 
To: [EMAIL PROTECTED]
Subject: Cisco VS Foundry Networks.. [7:36448]
Date: Mon, 25 Feb 2002 19:02:54 -0500

Cisco people I would like to know your impression of Foundry Networks.  Are
they something to worry about?

Regards,
Eric Washington

_
$B$+$o(B 
$B;H$($k%V%i%%6$G!%$%s%?!http://explorer.msn.co.jp/
_
Chat with friends online, try MSN Messenger: http://messenger.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36581t=36448
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Why use wildcard mask [7:30473]

[Gregg Malcolm]

For some reason, this thread makes me think about the all zeros broadcast.
And how glad I am that it's not used anymore.  That would confuse the hell
outta me.  Wonder if Howard's explanation might be the reason why all zero's
was done at one time.  Oh well, just another item to think about.


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi All,

 I am trying to find out why we do an inverse/wildcard
 masks while using access lists?

 For example, if I want to deny 192.168.1.0 255.255.255.0
 network, on the access list, we configure this
 as 192.168.1.0 0.0.0.255, but why do we do it this
 way instead of 255.255.255.0.

 All this seems to be is just an inverse relationship pointing back at the
 same thing?  Even if I want to get specific and deny 192.168.1.0
 255.255.255.192, this translates to 192.168.1.0 0.0.0.63, which seems to
be
 just the standard mask and subtract 255.255.255.255.

 Is there a specific reason why we do inverse mask?  It seems to be easier
 just to configure it with normal masks.  This way, we skip on an extra
 procedure.

 thanks
 Mike




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=30491t=30473
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Basic NLSP problem... [7:30206]

[Gregg Malcolm]

One other issue to look at besides IPXWAN;  make sure that you use 'ipx nlsp
rip off' and 'ipx nlsp sap off'  on the serial int's to turn off  RIP/SAP
updates.  I would also configure IPX on local int's on each router just to
make troubleshooting easier.  Add them to ipx router rip with no network as
you have for the serial int.

Scott Meeuwsen  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I seem to be having a problem with a very simple NLSP setup across an HDLC
 serial link.  For some reason I don't get any adjacencies no matter what I
 do.  Debugs are showing one of the routers not receiving the others NLSP
IIH
 packets.  Please let me know if you have any ideas...thx!

 -

 IOS Version: 12.1.9 Enterprise on both routers

 What works:
 -IP and IPX across the link (small pings, large pings, and anything else)
 -IP routing (any sort)
 -IPX RIP routing (haven't tried EIGRP yet)

 What I have tried:
 -New serial cable
 -Different serial ports on same routers
 -IPXWAN
 -encapsulation ppp
 -More precise area definitions
 -Different internal #'s
 -Power cycling routers
 -Different clock rates

 -

 Router 1:

 ipx routing ..0001
 ipx internal-network 10
 !
 interface Serial0
  ip address 192.168.21.2 255.255.255.0
  ipx network 12
  ipx nlsp enable
  no fair-queue
 !
 ipx router nlsp
  area-address 0 0
  log-adjacency-changes
 !
 ipx router rip
  no network 12

 --

 Router 2:

 ipx routing ..0002
 ipx internal-network 20
 !
 interface Serial0
  ip address 192.168.21.1 255.255.255.0
  ipx network 12
  ipx nlsp enable
  no fair-queue
  clockrate 64000
 !
 ipx router nlsp
  area-address 0 0
  log-adjacency-changes
 !
 ipx router rip
  no network 12

 --

 Debug ipx nlsp adj on Router 1 (Repeats approx. every 10 seconds):

 01:38:02: NLSP-Adj: Sending serial IIH on Serial0, length 36

 --

 Debug ipx nlsp adj on Router 2 (Repeats approx. every 10 seconds):

 01:36:16: NLSP-Adj: Sending serial IIH on Serial0, length 36
 01:36:17: NLSP-Adj: Rec serial IIH from *HDLC* (Serial0), cir type L1, cir
 id 03, length 36
 01:36:17: NLSP-Adj: old state INIT, new state INIT




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=30230t=30206
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: WAN sniffer patch panel [7:30238]

[Gregg Malcolm]

There used to be a company called Spectron that was the most popular
manufacturer of serial patch panels.  I can no longer find them on the web,
but found an alternate source :  http://www.pulsewan.com/vir/  I've
personally used Spectron many times and can say that they had? a good
product.  Using monitoring port on an active WAN does not  impact WAN
connection.

Another option would be to look into distributed sniffer.  NA had a good
distributed WAN sniffer albeit somewhat pricey.

Hope this helps.


 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi everyone,

 Sorry if this is inappropriate.I am looking for a kind of  box or
patch
 panel which provides a sniffer port per WAN circuit, then you can plug in
 your WAN sniffer whenever you want without interrupting the circuit.

 If someone know who makes this type of stuff, please e-mail me the name of
 company.

 Thanks in advance!

 Debbie


 
 For more information about Barclays Capital, please
 visit our web site at http://www.barcap.com.


 Internet communications are not secure and therefore the Barclays
 Group does not accept legal responsibility for the contents of this
 message.  Although the Barclays Group operates anti-virus programmes,
 it does not accept responsibility for any damage whatsoever that is
 caused by viruses being passed.  Any views or opinions presented are
 solely those of the author and do not necessarily represent those of the
 Barclays Group.  Replies to this email may be monitored by the Barclays
 Group for operational or business reasons.

 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=30240t=30238
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RRs and Confeds as they relate to IE studies [7:29968]

[Gregg Malcolm]

Good question.  I don't claim to be an expert on BGP and will not comment on
the advantages and disadvantages of RR/Confeds in large/small environments.
I've only config'ed BGP once in a prod net.  Seems to me tho that there is
an important distinction between the two as they might pertain to the lab
test.  Both allow the use of weight and local preference (IBGP).  Confeds
allow the use of MED since the connections between the confeds is EBGP.  You
could also config multiple RR's (clusters) to allow the use of the MED
between the clusters but to me, confeds are easier.   I'm sure that there
are other reasons to use one or the other as they relate to the lab, but I
haven't run into it yet.

Maybe I'm wrong, but this is my take on RR's/confeds.  Would love to hear
comments to enlighten me.

Kane, Christopher A.  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I'm currently tearing apart BGP as part of my IE studies. It's not too bad
 since I come from a Network Service Provider background. But, I have run
 into a conflict in regards to RRs vs. Confeds. I probably don't need to
 straighten this out for the Written but when it comes to the lab I'd like
to
 know which route to go down. I have no idea how the lab poses it's
topology
 but if given the requirement to configure a simulated large network and
 then having to choose whether to implement RRs or Confeds I wonder which
one
 Cisco prefers. I'm assuming that as part of the lab, the idea is to create
 solutions that work and in doing so, solutions that are as simple as
 possible and as short as possible.

 I'd like to hear comments about the pros and cons of each option in
regards
 to how Cisco might prefer to see implementation. Meanwhile, I'm going to
 review all available case studies on CCO.

 Thanks,
 Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29986t=29968
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF acting funky [7:29896]

[Gregg Malcolm]

Try doing 'sh ip ospf nei' to see if you have any neighbors.  DBD is
database descriptor.  Looks like you have interfaces going up and down.
Here's a decent link : http://www.cisco.com/warp/public/104/29.html


mike rose  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I have a buring question. Have you guys seen this error before? I set ospf
 b/w two sites and the following happened.

 *Dec 21 14:42:56: %OSPF-5-ADJCHG: Process 100, Nbr xxx.xx.xx.2 on Vlan115
 from DOWN to DOWN, Neighbor Down: Dead timer expired
 *Dec 21 14:43:14: %OSPF-5-ADJCHG: Process 100, Nbr xxx.xx.xx.121 on
Vlan115
 from EXSTART to DOWN, Neighbor Down: Too many DBD retransmitions
 *Dec 21 14:44:08: %OSPF-5-ADJCHG: Process 100, Nbr xxx.xx.xx.2 on Vlan115
 from EXSTART to DOWN, Neighbor Down: Too many DBD retransmitions
 *Dec 21 14:44:14: %OSPF-5-ADJCHG: Process 100, Nbr xxx.xx.xx.121 on
Vlan115
 from DOWN to DOWN, Neighbor Down: Dead timer expired
 *Dec 21 14:45:08: %OSPF-5-ADJCHG: Process 100, Nbr xxx.xx.xx.2 on Vlan115
 from DOWN to DOWN, Neighbor Down: Dead timer expired

 Does anyone know how to resolve this issue?


 Thanks


 Mike




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29899t=29896
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Help with remote access [7:29826]

[Gregg Malcolm]

Have a really, really dumb question.  I'm trying to help out a former
co-worker who's studying to be a CCIE but doesn't have access to an ISDN
sim.  I'm working on granting him access to my home lab.  I have DSL with a
lame Home Portal combo F/W, USB and Enet hub, can opener and toaster.  I
have permitted telnet thru this cheapo box.  I'm using Exceed on my laptop.
Problem is, when I telnet into my laptop, then try to open a telnet from
there into my lab, the telnet window only opens up locally on the laptop
(I.E - from his host all he will see is DOS prompt - my laptop will have
telnet window opened).  Tried messing with comspec in Exceed to run
telnet.exe instead of command.com (found it to be a reliable way to lock up
my laptop).

I know I could set up X and export my display, but it's a lot of work and
I'm a little leery of security (xhost +  :(  )  Anybody have any ideas ?
Other than loading Linux on my laptop (which of course makes way too much
sense).

Thanks in advance,  Gregg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29826t=29826
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Help with remote access [7:29826]

[Gregg Malcolm]

Thanks Nick.  I used VNC quite a bit in my previous job, but I was hoping
not to have to use it again.  Seems a shame to use it for a character based
app like telnet.  Oh well, it does work and you're right, not a bad little
app.  Did a port scan and found that it uses 5800 and 5900 ports in case
anyone needs to allow it thru a firewall.

Gregg

Nick S.  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 obvious solution would be setting up *nix, or else try the VNC
 (client/server), simple to set up, very compact, has basic security
 features,works like a charm from as lite as dialups (obviously very little
 overhead). I use it to access lab setup in my office (from home) to save
the
 costs of installing a dedicated term serv. box.


 Nick S.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29841t=29826
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

More Friday Follies [7:29659]

[Gregg Malcolm]

I was able to get tunnels with secondary addresses to work.  Config looked
like this :

lo0
172.16.80.1/27 --R1--162.16.1.x/27 --R3--172.16.20.x/28 --R4--172.16.50.x/28
 --R5--E0 172.16.100.5/28
lo1 172.16.80.33/27--R1-- 

IGRP/OSPF Redist was at R3.  2 tunnels between R3 and R4 for the 2 .80
subnets on R1 with /28 mask.  Tunnel source and dest inside the .80 subnet.
Works great; can ping from R5 to both 80.1 and 80.5.  IGRP routes appear as
they should on R5.

Found a good reference on CCO re: split horizon and IGRP/RIP w/ secondary
addresses.

http://www.cisco.com/warp/public/105/41.html

Regards,  Gregg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29659t=29659
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: More Friday Follies [7:29659]

[Gregg Malcolm]

Whoops.. R1 to R3 is 172.16.1.x not 162.16.1.x

Gregg Malcolm  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I was able to get tunnels with secondary addresses to work.  Config looked
 like this :

 lo0

172.16.80.1/27 --R1--162.16.1.x/27 --R3--172.16.20.x/28 --R4--172.16.50.x/28
  --R5--E0 172.16.100.5/28
 lo1 172.16.80.33/27--R1-- 

 IGRP/OSPF Redist was at R3.  2 tunnels between R3 and R4 for the 2 .80
 subnets on R1 with /28 mask.  Tunnel source and dest inside the .80
subnet.
 Works great; can ping from R5 to both 80.1 and 80.5.  IGRP routes appear
as
 they should on R5.

 Found a good reference on CCO re: split horizon and IGRP/RIP w/ secondary
 addresses.

 http://www.cisco.com/warp/public/105/41.html

 Regards,  Gregg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29663t=29659
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: More Friday Follies [7:29659]

[Gregg Malcolm]

John,  First off I noticed many errors in my lame schematic.  I was able to
ping both 80.1 and 80.33.  These are the 2 loops on R1 (OSPF router).  There
weren't 2 tunnels, there were two secondary address instead (sorry, but I
was trying to remember from Sat).  Need a secondary for each /28 subnet that
you want to see on R1 (even tho R1 has /27's).  Secondary addresses were
inside the 80 subnet (not the tunnel source and dest as I said.  Shows how
bad my memory really is). I added R5 just to make sure that the
advertisements would go beyond the tunnel (to prove that it's really an IGRP
route).  I don't see the stability prob that you have spoken of.  Here is
the important stuff :

 On R3
interface Tunnel0

 ip address 172.16.80.3 255.255.255.240 secondary

 ip address 172.16.80.34 255.255.255.240 secondary

 ip address 172.16.1.33 255.255.255.240

 tunnel source Serial1

 tunnel destination 172.16.20.4

Works fine.  I really wish someone would verify it for me.  I'm a little
leery after seeing Chuck's post.  Can send you the complete configs of all 4
routers if you'd like.

Gregg






John Neiberger  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Why did you need two tunnels?  It seems that you need one tunnel for
 each mask length but you mention two tunnels for two /28 prefixes.  How
 did that work out?

 thanks,
 John

  Gregg Malcolm  12/19/01 11:26:29 AM 
 I was able to get tunnels with secondary addresses to work.  Config
 looked
 like this :

 lo0
 172.16.80.1/27 --R1--162.16.1.x/27 --R3--172.16.20.x/28
 --R4--172.16.50.x/28
  --R5--E0 172.16.100.5/28
 lo1 172.16.80.33/27--R1-- 

 IGRP/OSPF Redist was at R3.  2 tunnels between R3 and R4 for the 2 .80
 subnets on R1 with /28 mask.  Tunnel source and dest inside the .80
 subnet.
 Works great; can ping from R5 to both 80.1 and 80.5.  IGRP routes
 appear as
 they should on R5.

 Found a good reference on CCO re: split horizon and IGRP/RIP w/
 secondary
 addresses.

 http://www.cisco.com/warp/public/105/41.html

 Regards,  Gregg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29670t=29659
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DHCP, WK2 and default gateway PROBLEMMM + [7:29732]

[Gregg Malcolm]

If you do decide to use secondaries with DHCP, be forewarned that some
strange behavior can occur with ip helpers.  It's been a few years since
I've done it, but I seem to remember that a secondary will not forward
(help) the broadcast from the client when it's trying to obtain it's IP
address.  Could be wrong, but it is probably worth looking up.

Gregg

Juan Blanco  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Team,
 I am working in a project for a company that has almost 600 users with
 static ip. What I have to do is move everyone to a dynamic ip environment,
 without affecting the current network functionality. The problem that I am
 having is when I created my new scope in wk2 I am not able to provide the
 default gateway to my clients because the DG is not the same network like
 the one in the scope

 DHCP server(w2k) which is not able to provide my default
 My scope = 192.168.40.50 .. 100
 New segment ip is 192.168.40
 DG for the segment is the DG for the others users in the same segment
 MY DG = 192.168.50.7

 How will I be able to define two IP address to the same interface in which
 both IP address can be define as the DG

 Thanks,

 JB




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29756t=29732
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Friday Follies Returns: WAS The old how to get routes [7:29259]

[Gregg Malcolm]

Chuck,

Seems appropriate that you are due for some pain from the dentist after
screwing up my day (and more than likely, my weekend) with this question.
It is a very good question tho. Have been thinking about it for awhile and
have it set up on my home lab.  Obviously, if the masks were reversed on the
routing protocols, it with be a trivial matter w/ an OSPF summary.

How many routers are you using in this scenario?  I am currently using three
with the middle being the re-dist point (have 6 in my lab so I can make in
larger).  I recall the post from John N regarding the use of a tunnel for a
situation like this.  I believe the problem is that in this case it would
require using a /27 mask in the IGRP domain.  If the scenario calls for only
/28 masks in IGRP, then this would be a violation.

So, are the rules :
1. No default-network
2. No static
3. No policy routing
4. Only /28 in IGRP, /27 in OSPF

Thanks,  Gregg

Chuck Larrieu  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 It occurs to me that there is another answer to this problem.

 So as a Friday Follies question: what is the other answer I came up with?

 Remember, the IGRP domain is /28 the OSPF domain contains routes /27 and
 shorter. You must assure reachability to all interfaces in the OSPF
domain.
 You are not allowed to use a default network or any static routes to
attain
 this end.

 for extra credit - make it funny. I will be needing a good laugh after the
 dentist is through with me this afternoon. :-O

 Chuck

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Chuck Larrieu
 Sent: Wednesday, December 12, 2001 7:56 PM
 To: [EMAIL PROTECTED]
 Subject: The old how to get routes into IGRP question again - possible
 [7:29021]


 (REPOST)

 I've been fighting with one of my practice labs the last couple of days.
The
 problem is one of those OSPF to IGRP redistribution with a twist. The IGRP
 domain is /28. So how to get those shorter /24 prefixes advertised. Oh
yeah,
 you can't use the default-network command to create an IGRP default route.

 So let me offer this possibility.

 IP local policy route-map

 the route map then goes something like this:

 route-map igrp-default permit 10
 set default interface [whatever the interface is]

 I also suspect that set ip default next-hop x.x.x.x works also, but at the
 time I was testing I hadn't thought through all the implications, and my
 test failed.

 In any case, the local policy would have to be implemented on all routers
in
 the IGRP domain. A bit of planning, then, is required.

 I found out something else that was interesting. Local policy packets seem
 to have a particular way they are constructed. the first time I looked at
my
 debug ip packet, the source address was one of my loopback addresses,
which
 I was not advertising under IGRP. So of course my pings failed, because
the
 distant end did not have a route back. So I deleted the loopback, tried
 again, and this time the source address was a LAN interface, this too not
 advertised under IGRP. I am assuming that Cisco has a hierarchy of
 interfaces. Usually a ping is sourced at the interface out which the
packets
 are headed. But for local policy, it was different.

 Any case, I am offering these observations for consideration.

 Wish I hadn't turned my routers off last night. Or I could gather some
 screen shots.

 Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29259t=29259
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Friday Follies Returns: WAS The old how to get routes [7:29275]

[Gregg Malcolm]

Thought we were down for the count tonite.  Good to see a few new messages.
John, by stability w/ secondaries did you mean re-loads?  My config is
working fine w/ secondaries on the tunnels even after I reload.  I'll admit
that the routing table is a little strange tho.  IGRP only router has IGRP
routes w/ both /27 and /28 masks as well as a directly connected route to
get to the OSPF only router via the tunnel.

Gregg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=29275t=29275
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF or EIGRP [7:28966]

[Gregg Malcolm]

Rob,

Few questions. What routed protocols you plan to run?  Just IP or
IP/IPX/AT,etc.?  Any other vendor equipment other than cisco?  Firewalls
running OSPF for failover?  Why did you initially choose EIGRP?  Does the
network design lend itself well to a backbone area?  Redundant links
(including DDR) ?

I think if you can answer some of these questions, it will help the group
give you a better response.

Gregg


Mears, Rob  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Hi all,

 We are in the middle of building out a new ATM network for the Core and on
 the outside we are going to be running about 80 3640 or 2600.  We are in a
 big debate about the routing protocol, we are currently EIGRP.

 I have collected lots of info off Cisco's Web site about the two but
wanted
 to hear it from the Engineers in the trenches.
 What's your take on it? If it were you what would you run (EIGRP, OSPF)
and
 why?



 Thanks
 Rob




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28974t=28966
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP and ip load-sharing [7:28960]

[Gregg Malcolm]

Dave,

I have a dumb question regarding multiple defaults.  Lets say that you had a
multihomed BGP config connected to 2 different providers.  Lets say that you
had 2 routers below the firewalls sourcing the default.  Then take a look at
the routing tables below these 2 routers. Wouldn't nearly every routing
proto (other than RIP assuming the hop counts were the same) only list 1
default? Wouldn't it be true that outbound traffic patterns would be based
upon metrics from the routers sourcing the default?  If this is true, then
it's not really load balancing.  I can think of scenarios were nearly all
outbound traffic would be destined for only 1 of the 2 links.  I'm sure I'm
missing something dumb, but figured it was worth asking anyway.

Gregg
MADMAN  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 First problem, BGP doesn't load share but with IOS you can source an
 interface like a loopback, see BGP and loadsharing.

   If you have two parallel paths to a single provider why are you doing
 BGP???  Since you choose BGP I'll assume this is an Internet connection,
 set up two default routes, ip cef global command and the configs you
 have sent and you will have symetrical outgoing loadsharing.

   Dave

 Alejandro Acosta wrote:
 
  Hi All,
This is my first message in the list.
I am running a BGP session with a customer. It has 2 serial links with
us
  (Each link of 2 Mbps). The customer and me have selected per-packet
sharing
  in order to balanced the link.
In this moment, the traffic that comes from the customer is very
simetric
  in both links, however, the traffic that is sent to the customer from us
is
  not simetric. As far as I know (if I am not wrong), if we are using load
  balacing per-packet, the incoming and outgoing traffic should be very
very
  similar, right?. Why only the incoming traffic is simetric in this
moment.
 
  This is the configuration for both interfaces in my router:
 
  interface Serial2/0
   description Link 1
   bandwidth 2048
   ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
   no ip directed-broadcast
   ip load-sharing per-packet
   no ip mroute-cache
   load-interval 30
   no cdp enable
   hold-queue 1024 out
  !
 
  interface Serial2/4
   description Link number 2
   bandwidth 2048
   ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
   no ip directed-broadcast
   ip load-sharing per-packet
   no ip mroute-cache
   load-interval 30
   no fair-queue
   no cdp enable
 
  Any ideas?
 
  Thanks
 
  Alejandro Acosta
 
  P.D. I am using IOS 12.0(7)T
 --
 David Madland
 Sr. Network Engineer
 CCIE# 2016
 Qwest Communications Int. Inc.
 [EMAIL PROTECTED]
 612-664-3367

 Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28979t=28960
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT:Group Study LAB Board Question [7:28863]

[Gregg Malcolm]

I recently passed my CCIE written.  I am hoping for a Mid March lab date. 
Currently, cisco is showing only earliest available dates in June.  I'd like
to join the lab discussion group, but I have not yet schdeluded the lab
since I don't want to wait until June to take it.  Would it be an error in
protocol to join the group saying that I have a mid March date?  I'm am
going to try very hard to get a mid March date (hopefully a swap).

Thank you,  Gregg


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28863t=28863
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Group Study LAB Board Question [7:28863]

[Gregg Malcolm]

Thanks Jim.  Just wanted to make sure I wasn't breaking any rule.  I've
taken the lab once (failed and written expired).  I am familiar with how
dates become open within a couple of weeks of when someone is ready for the
test.  Key is to be ready then start looking for swaps.  Looks like a lot of
folks are trying for March tho.
Thanks again.


Jim Brown  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Join the board and use whatever date you feel comfortable with. As far as
 the date is concerned, if you can leave on a weeks notice, there will be a
 seat available.

 Dates are always opening up. Just study with a March date in mind and you
 should be able to grab one within two weeks of the test. I'm pretty
certain
 about this.

 Look at the scheduler and you probably will see Jan dates open. If I
 remember correctly Cisco testing is closed for testing from around the
20th
 till the new year. This might affect the availability of Jan dates in
 regards to my earlier statement.

 Just keep an eye open study your buns off and you should be able to grab
the
 desired date as it approaches.


 -Original Message-
 From: Gregg Malcolm [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, December 11, 2001 11:02 AM
 To: [EMAIL PROTECTED]
 Subject: OT:Group Study LAB Board Question [7:28863]


 I recently passed my CCIE written.  I am hoping for a Mid March lab date.
 Currently, cisco is showing only earliest available dates in June.  I'd
like
 to join the lab discussion group, but I have not yet schdeluded the lab
 since I don't want to wait until June to take it.  Would it be an error in
 protocol to join the group saying that I have a mid March date?  I'm am
 going to try very hard to get a mid March date (hopefully a swap).

 Thank you,  Gregg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28887t=28863
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ATM circuit [7:28774]

[Gregg Malcolm]

Priscilla,

I have to agree with you on this.  I know of no method to carry ATM over an
Ethernet.  The opposite of course, is true.  If the author would have said
that ATM can run over chicken wire, I would find that much more
believeable.  ATM can run over nearly any phyiscal media.

BTW - Do you encounter service providers at all?  A Tranparent LAN (TLAN) is
quite a popular term with them.  Just a bridged 1483 PVC.  Until I worked
with that sector, never heard of it.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28777t=28774
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Lab Attempt #2 - no go :- [7:28142]

[Gregg Malcolm]

Chuck,

Thanks for the great feedback.  Sounds like a killer.  I'm taking the lab in
a couple of months (failed my 1st attempt) and it was very helpful to hear
your take.  My question for you is, how much were you able to eat at lunch? 
Tests scores are directly proportional to the amount of food you consume at
lunch.  Correct this and you will pass next time.

Regards,  Gregg


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28150t=28142
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Serial Line is up and line protocol is up ANSW [7:27930]

[Gregg Malcolm]

Anil,

I'm sorry, my explaination wasn't very good.  The answer can't be B since
you have no information saying data is being sent and received.  The answer
A does fit since a frame relay connection is active if int status is UP/UP.

As far as the 2nd part, AFAIK not every encap uses keepalives.  Frame Relay
is somewhat special in that an UP/UP status really means that data COULD be
xfer'ed.  The case of the broken remote CSU/DSU does not fit this scenarios
since keepalives would not be received.  The question seems geared toward
trying to trick the engineer into thinking that data is being xfered vs.
could be.  Many encap use keepalives.  A few are F/R, ATM, PPP and HDLC (PPP
uses an echo).  Not sure if all do (probably not).  Hope that helps.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27949t=27930
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Serial Line is up and line protocol is up ANSWER [7:27930]

[Gregg Malcolm]

Maybe this will explain it..Just because a serial int is UP/UP, it doesn't
necessarily mean that data is able to be xfered.  The serial int could be
connected to a CSU/DSU which might give the int the correct control signal
states to make the serial int appear to be up (example would be that the
remote CSU/DSU is broken but carrier signal is up on local int).  In this
case, since it's frame relay, the 2nd up would not occur unless LMI
keepalives were occuring.  What cisco is saying is UP/UP is just the int
status.  Doesn't mean that data is being xfered. The most popular way to
know that an interface is in use is to watch in/out stats (via sh int). 
Clear counters is another usefull cmd.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27932t=27930
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Variance [7:27882]

[Gregg Malcolm]

Gaz  Howard,

Thanks for the input.  I really appreciate it.  I'm still a little curious. 
Based upon the link Gaz included, we know that variance is factor based. 
Consider the following. 3 paths; 56 Kbps, 128 Kbps and 256 Kbps.  If we use
variance of 2, the 128K and 256K paths will be used in a load balancing
fashion.  I'm still wondering (and need to research cisco.com) about how it
done.  More than likely, it's something like CEF based (by dest).

Thanks again and I'll post something about this when I find out.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27937t=27882
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Variance [7:27882]

[Gregg Malcolm]

I have a question about variance that's been bugging me.  I know that metric
based routing proto's (IGRP, EIGRP and OSPF) will not load balance across
unequal cost links by default.  We must use that variance cmd. The variance
has a multiplier.  1 is equal cost.  I assume that variance is done per
packet (as opposed to session).  Is this true?  If variance is set to 2 does
it mean 2 packets would be sent out high bandwidth link and 1 packet out the
low bandwidth link?






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27882t=27882
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Variance [7:27882]

[Gregg Malcolm]

One note - I also wonder if 'no ip route-cache' might force variance to
balance per packet if that's not already the default.  Just curious.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27893t=27882
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OT - Emergency [7:27627]

[Gregg Malcolm]

Try both the ami and asx logins.  If these do not work, do the following
(Should be same procedure in FT 7.x).

1) Reset the SCP with the paperclip. 

2) Depress both the 'Next' and 'Select' buttons after 'decompressing'
scrolls (before 'done' appears).

3) Enter 'N' when the console message asks to boot without reading from
flash.

4) Clear the ami password (Y/N)?  Y 

It's been awhile since I've done it, but this should work.  Post another
message if you have problems.  I have a Marconi TAC account.



 



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27636t=27627
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]