RE: URGENT: Modem Authentication Failure [7:61292]
Yes, I know. But the problem is that on just one platform I have this problem.(On the 3660s). I have tried replacing the modules (NM-16AMs). Very strange. Any comments? Hamid Wll Hamid , The Local means you must be able to use the Local Username xxx and PAssword yxyxyxyxy on the local router config. as a last resource which is the case now So u shd be able to log in to the router itself, if AAA/ACS is not available. IS this happening on all the routers/Switches or only this router ???/ Thanks Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61329t=61292 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: URGENT: Modem Authentication Failure [7:61292]
The tacacs config has not been changed. Neither on the router, nor the server. Besides on the router, I don't get the Call Handle error. Any comments? Hamid -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I do not have lots of debug experience in that area, but maybe can help a little. The message Call Handle failed for Modem 5/2 Does not seem to worry, see Configuring Dialin with the NM-8AM or NM-16AM Analog Modem Module Sample Debugs Output http://www.cisco.com/warp/public/471/nm-xam_dialin.html#9 Where it is standard debug output for a succeeded call. The message Received authen response status FAIL (3) Does worry me. Triple check that nothing changed in the radius/tacacs config. Common Problems in Debugging TACACS+, PAP and CHAP http://www.cisco.com/warp/public/480/tacacs_pppdebug.html Martijn - -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Hamid Ali Asgari Verzonden: zaterdag 18 januari 2003 8:34 Aan: [EMAIL PROTECTED] Onderwerp: URGENT: Modem Authentication Failure [7:61292] Hi everybody, Today I have encountered a strabge problem. I have a 3660 router with NM-16AM modules. Nothing has been changed. Suddenly we got complains from users tht they cannot connect. I have checked the AAA server. But there is nothing wrong. Here is my debug log: - --- Call Handle failed for Modem 5/2 %LINK-3-UPDOWN: Interface Async163, changed state to up TPLUS: Queuing AAA Authentication request 634 for processing TPLUS: processing authentication start request id 634 TPLUS: Authentication start packet created for 634(testuser) TPLUS: Using server XY.XY.XY.250 TPLUS(027A): connected to server XY.XY.XY.250 TPLUS: response received for AAA request 634 TPLUS: Received authen response status FAIL (3) %LINK-5-CHANGED: Interface Async163, changed state to reset %LINK-3-UPDOWN: Interface Async163, changed state to down Call Handle failed for Modem 5/2 %LINK-3-UPDOWN: Interface Async163, changed state to up TPLUS: Queuing AAA Authentication request 637 for processing TPLUS: processing authentication start request id 637 TPLUS: Authentication start packet created for 637(testuser) TPLUS: Using server XY.XY.XY.250 TPLUS(027D): connected to server XY.XY.XY.250 TPLUS: response received for AAA request 637 TPLUS: Received authen response status FAIL (3) %LINK-5-CHANGED: Interface Async163, changed state to reset - --- Any comments? I couldn't find what the FAIL(13) error code means. And also I don't know what causes Call Handle failed for Modem 5/2. I get this for a lot of my modems on my console.Thanks in advance, Hamid Nondisclosure violations to [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: PGP 8.0 iQA/AwUBPikla3dq56XWk+VyEQKphACfa6B8lpmTQ3Yt6D18Vb8Kxk6aEdUAoNbu ITDsRaSUCQlsXdkQFM5zARCH =EO/E -END PGP SIGNATURE- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61296t=61292 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: URGENT: Modem Authentication Failure [7:61292]
Yes, I have guessed that. I created a local account on the router, and still I had the same problem. (Ihave configured aaa for local authentication). Do you know what error code 13 means? ( FAIL (13) ) HI Hamid, This seems to be a password or Username Authentication Failure) you can try to delete and re-enter the username and password for that group on the ACS/AAA server. Also is there a Firewall before accessing/Authenticating to the ACS server? This is not passing the User Authentication proccess per yr debug. Let us know yr findings Thanks Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61308t=61292 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
URGENT: Modem Authentication Failure [7:61292]
Hi everybody, Today I have encountered a strabge problem. I have a 3660 router with NM-16AM modules. Nothing has been changed. Suddenly we got complains from users tht they cannot connect. I have checked the AAA server. But there is nothing wrong. Here is my debug log: --- Call Handle failed for Modem 5/2 %LINK-3-UPDOWN: Interface Async163, changed state to up TPLUS: Queuing AAA Authentication request 634 for processing TPLUS: processing authentication start request id 634 TPLUS: Authentication start packet created for 634(testuser) TPLUS: Using server XY.XY.XY.250 TPLUS(027A): connected to server XY.XY.XY.250 TPLUS: response received for AAA request 634 TPLUS: Received authen response status FAIL (3) %LINK-5-CHANGED: Interface Async163, changed state to reset %LINK-3-UPDOWN: Interface Async163, changed state to down Call Handle failed for Modem 5/2 %LINK-3-UPDOWN: Interface Async163, changed state to up TPLUS: Queuing AAA Authentication request 637 for processing TPLUS: processing authentication start request id 637 TPLUS: Authentication start packet created for 637(testuser) TPLUS: Using server XY.XY.XY.250 TPLUS(027D): connected to server XY.XY.XY.250 TPLUS: response received for AAA request 637 TPLUS: Received authen response status FAIL (3) %LINK-5-CHANGED: Interface Async163, changed state to reset --- Any comments? I couldn't find what the FAIL(13) error code means. And also I don't know what causes Call Handle failed for Modem 5/2. I get this for a lot of my modems on my console.Thanks in advance, Hamid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61292t=61292 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: rate-limit [7:57604]
As mentioned in the RAte-limit White Paper on CCO, Set the normal burst size to 1.5/8 the trafiic rate. ( devide by 8 for bit to byte conversion, multiply by 1.5 as the white paper says). It almost works fine this way. HTH, Hamid Ismail M Saeed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear All, I am a little bit confused about the calculation criteria used in rate-limit command and the traffic metering function (Bc Be) I need help Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57636t=57604 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Online users on 3600!! [7:57554]
www.cisco.com/go/mib HTH, Hamid Mahmood wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How can I find how many users are online on the 3600 router with snmp.What OID I should use? Mahmood Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57575t=57554 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VoIP+QoS+xDSL+H.323Gatekeeper [7:57121]
Related to the topic, but maybe not to your question. How do you manage the call accounting from the gatekeeper? As far as I know the gatekeeper calculates the AcctSessionTime from the time beetwenn the LCF (Location Confirm) and the Call Disengage Request. Well this results that the call duration logged from the gatekeeper would be longer that the call duration logged from the gateways.(it will include the call setup time as well). I have faced this problem once but didn't find the solution. Thanks, Hamid That is correct--I hear silence when the data pvc is saturated. However, further tests performed just recently indicate that the amount of data saturating the link corresponds to the amount of lost voice packets. That is why I thought this was a QoS issue. It almost appears that some of the call control packets are going down the data pvc instead of the voice pvc. But I don't want to comit to such a statement for fear of biasing other opinions in the newsgroup, as others may have the real cause to the problem already figured out. I did explore an access-list config to match on port 1720 and there were some hits, but again are there other voice payload and/or voice signaling packets traversing the data pvc? I don't know. --Mark Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57142t=57121 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Book Recommendation/Relevance? [7:57131]
Take a look at the following book. Haven't read it myself, but I have heard that's its a great book: Internetworking with TCP/IP: Principles, Protocols, and Architecture (4th Edition)by Douglas Comer Hope this helps, Hamid *** Group, I was contemplating my Christmas list recently. I see that Stevens' TCP Illustrated series is available in box set. Anyone who's read from this series care to comment on the relevance of the material? Obviously, TCP and IP haven't changed all that much since '94, but I was wondering how much coverage was given to recent extensions. I wonder that because the editorial review on bookpool makes reference to several extensions such as window scaling and so forth and also to specific releases of varios OSes. I'm also open to alternative recommendations. Read anything good lately? Thanks all, Scott Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57143t=57131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Multilink [7:55957]
I think you have forgotten to configure the vurtual-template interface and bind it to multilink. Here is a sample: multi-link virtual-template 1 ! Interface virtual-template 1 ip address 1.2.4.3 peer default address pool pppML encapsulatiopn ppp ! Hamed Sedighi wrote in message news:200210200421.EAA09928;groupstudy.com... Hi, As I wanted to enable Multilink, I added PPP Multilink command at the end of a Group-Async in my Router config. But it does not active in my Router. How can I enable Multilink? Please send me a sample of a Router config that is ready to use Multilink. Regards, Hamed Sedighi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56037t=55957 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what program can decrypte secret password? [7:55680]
If you mean the enable secret, no there isn't any program and you can't decrypt it. Hamid Hi.. My network tool (solarwind) can only decrypte the 7 series cisco password but it can't decrypte the secret password? Do you know any program can decrypte it? Besides, do u know we can only issue telnet command on PIX configuration mode not exec mode? _ Internet access plans that fit your lifestyle -- join MSN. http://resourcecenter.msn.com/access/plans/default.asp Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55693t=55680 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FW: URGENT: WRONG IOS-Problem booting a 3662 [7:55504]
I have tried 3 different IOSs. And I also have put out all the modules. Currently there are no modules on the router. But still doesn't work. Hamid The image is working on other 3662 routers, but do are they the EXACT same configuration. Do they all have exactly the same network modules and WIC cards in them? Are all of the module and cards the same code revision? I would try a different version of the IOS. -Original Message- From: Hamid Ali Asgari [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 13, 2002 11:21 PM To: [EMAIL PROTECTED] Subject: Re: FW: URGENT: WRONG IOS-Problem booting a 3662 [7:55504] As I told ALL the images I used, are currently working on other 3662 routers Hamid 3660 uses different ios then the rest of 3600 family. Seem like you have ios for the wrong platform -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Hamid Ali Asgari Sent: Sunday, October 13, 2002 5:04 PM To: [EMAIL PROTECTED] Subject: URGENT: WRONG IOS-Problem booting a 3662 [7:55504] Hi group, I have a Cisco 3662 router with 128 of RAM and 16 Mb of flash memory. The problem is that I cannot make the router boot !!!. Each time I boot the router I get the folowing error. I don't know why this error is displayed. I have tried replacing the IOS several times. I have repleaced the flash memory but still it doesn't work. Does it have anything to do with Smart Init? I don't know what it is and how it can be disabled Any input would be welcome, Thanks, Hamid PS: The IOS that I have tested are currently running on other 3662s. * System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0xc26c18 Self decompressing the image : ###! ### [OK] Smart Init is enabled smart init is sizing iomem IDMEMORY_REQ TYPE B3 0X0009FC00 Dual Port Fast Ethernet 6F 0X00012580 Sixteen port A/D Modem 6F 0X00012580 Sixteen port A/D Modem 0X0028 OIR memory 0X0010A6F8 public buffer pools 0X00211000 public particle pools TOTAL: 0X0065FDF8 If any of the above Memory Requirements are UNKNOWN, you may be using an unsupported configuration or there is a software problem and system operation may be compromised. Rounded IOMEM up to: 7Mb. Using 5 percent iomem. [7Mb/128Mb] Wrong system software for this hardware System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot0: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot1: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled Nondisclosure violations to [EMAIL PROTECTED] Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55626t=55504 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
URGENT: WRONG IOS-Problem booting a 3662 [7:55504]
Hi group, I have a Cisco 3662 router with 128 of RAM and 16 Mb of flash memory. The problem is that I cannot make the router boot !!!. Each time I boot the router I get the folowing error. I don't know why this error is displayed. I have tried replacing the IOS several times. I have repleaced the flash memory but still it doesn't work. Does it have anything to do with Smart Init? I don't know what it is and how it can be disabled Any input would be welcome, Thanks, Hamid PS: The IOS that I have tested are currently running on other 3662s. * System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0xc26c18 Self decompressing the image : ###! ### [OK] Smart Init is enabled smart init is sizing iomem IDMEMORY_REQ TYPE B3 0X0009FC00 Dual Port Fast Ethernet 6F 0X00012580 Sixteen port A/D Modem 6F 0X00012580 Sixteen port A/D Modem 0X0028 OIR memory 0X0010A6F8 public buffer pools 0X00211000 public particle pools TOTAL: 0X0065FDF8 If any of the above Memory Requirements are UNKNOWN, you may be using an unsupported configuration or there is a software problem and system operation may be compromised. Rounded IOMEM up to: 7Mb. Using 5 percent iomem. [7Mb/128Mb] Wrong system software for this hardware * System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot0: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot1: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55504t=55504 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FW: URGENT: WRONG IOS-Problem booting a 3662 [7:55504]
As I told ALL the images I used, are currently working on other 3662 routers Hamid 3660 uses different ios then the rest of 3600 family. Seem like you have ios for the wrong platform -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Hamid Ali Asgari Sent: Sunday, October 13, 2002 5:04 PM To: [EMAIL PROTECTED] Subject: URGENT: WRONG IOS-Problem booting a 3662 [7:55504] Hi group, I have a Cisco 3662 router with 128 of RAM and 16 Mb of flash memory. The problem is that I cannot make the router boot !!!. Each time I boot the router I get the folowing error. I don't know why this error is displayed. I have tried replacing the IOS several times. I have repleaced the flash memory but still it doesn't work. Does it have anything to do with Smart Init? I don't know what it is and how it can be disabled Any input would be welcome, Thanks, Hamid PS: The IOS that I have tested are currently running on other 3662s. * System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0xc26c18 Self decompressing the image : ###! ### [OK] Smart Init is enabled smart init is sizing iomem IDMEMORY_REQ TYPE B3 0X0009FC00 Dual Port Fast Ethernet 6F 0X00012580 Sixteen port A/D Modem 6F 0X00012580 Sixteen port A/D Modem 0X0028 OIR memory 0X0010A6F8 public buffer pools 0X00211000 public particle pools TOTAL: 0X0065FDF8 If any of the above Memory Requirements are UNKNOWN, you may be using an unsupported configuration or there is a software problem and system operation may be compromised. Rounded IOMEM up to: 7Mb. Using 5 percent iomem. [7Mb/128Mb] Wrong system software for this hardware System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot0: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled PCMCIA Slot1: No Card Present System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. C3660 processor with 131072 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55517t=55504 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Sniffing Async/Serial Ports on the Router [7:54919]
Hi group, I am looking for a solution to monitor/sniff the traffic on Serial/Async ports. Any suggestions would be appreciated, Hamid Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54919t=54919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Caslow Book [7:53654]
No third edition and still not published. But there will be a book Called: Bridges, Routers and Switches Illustrated by Caslow on 2003 (not sure about the date). Ben W wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anybody know if Caslow's book Cisco Certification: Bridges, Routers and Switches for CCIE's is going to be updated for new CCIE topics in a 3rd edition? And if so when it will come out? Is the 2nd edition good enough? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53728t=53654 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: priviledge levels [7:53723]
viewing the Running-Config requires level 15 privilege which allows the user to change the config. But try the Startup-Config. You can assign it to any privilege level. If they are not going to change the config, most of times the startup-config and the running are the same. HTH Hamid Adam Hickey wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... All, I want to configure a special priviledge level for our NOC in all our cisco devices to basically have all commands except config. Looking at cco, if you allow sh run at any priv level other than , the user will only be able to see the commands they can configure which defeats the purpose. Anyone know a way around this - so the NOC can have say a level 14 access and be able to see the entire running-config without being able to configure anything? thx Adam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53729t=53723 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bandwith restriction [7:53066]
The access-list defines the group of IP addresses, and the rate-limit limit the bandwidth for all the IPs in that ACL (The aggregate), meaning that if you have defined 4 IPs in that ACL, one of the IPs could reach the BW limit if the other don't transmit. I have used rate-limit for such scenarios many times and it worked fine, the only point was defining the BURST SIZE so that the client could reach its maximum limit. If the Busrt Size is not defined well and you create a limit of 1 Mbps, the client might not even reach 900 Kbps. On my experience, Rate-limit treats the whole ACL and all IPs defined in that ACL as one entity, I don't get what you mean by the amount of bandwidth specified in the statement will be given on a case-by-case basis. HTH Hamid sisco wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... buy sitara network box! great graphical bandwidth usage per ip address and you can even restrict the application ports like kazaa,ftp s vermill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hamid Ali Asgari wrote: Create an access-list and include all the IP addresses of that group in that access-list. Use rate-limit on the interface to limit the BW for that access-list Does rate-limiting work like that? I thought that if the condition is met (i.e. the address is within the range specified in the ACL), the amount of bandwidth specified in the statement will be given on a case-by-case basis. Or does it truly divide the bandwidth amongst all who are allowed by the ACL? We once tried to simulate the throughput of a DS3 by creating a policy for rate-limiting on a 100 Mbps ethernet. Unfortunately, the machine running ttcp to generate the dummy traffic couldn't sustain 45 Mbps. I think they ultimately went with two machines, which resulted in more than 45 Mbps of traffic but less than 90 Mbps. I seem to recall that the policy ended up allowing *each* machine up to 45 Mbps - but I could be wrong. Unfortunately, the engineer responsible for that experiment has left for greener pastures. Anyone refresh my memory? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53192t=53066 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bandwith restriction [7:53066]
Create an access-list and include all the IP addresses of that group in that access-list. Use rate-limit on the interface to limit the BW for that access-list HTH Hamid kaushalender wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hi groupand routers guru's, I have 2610 router.We have coustomer to whom we r providing bandwith.I have a range of ip address for those cutomers.Now we want that we difne a group of ip address and restrict that group to 64 kbps that means any ip from that group start to access the bandwith should not get more than 64kbps if two cutomer are simulteniously browsing than 64 kbps should be diveded in 32+32 so on. How can i do that plz help Thnx in advance Kaushalender Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53075t=53066 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access List Problem!! [7:46262]
The answer is NO. While defining access-lists you have to use wildcards, meaning that the range you are using must be blocks in 2^n (2 powered by n). Wildcards difine the important and non-important bits is the IP address. They use the same method and algorithm subnet masks use but in a reverse manner. In a subnet mask you define the important bits ( the bits which you want to exactly the same the IP address) with ONES, and the non-important bits with ZEROs. In wildcards, you define the important bits with zeros, and the non-important bits with ones. For the same reson you cannot have a network address with 37 hosts, you cannot define a access-list with a wildcard to include 37 contigous addresses. Here is an example: if you want to define an access-list for 11001101.01011101.1110001010.11010111 and you want all the bits to be same but the last 3 bits your mask will be: ...0111 (0.0.0.7) Hope this helps, Hamid Mahmood said: Thanx in advance dear friends, But is there any way to do this in one line? Thanx again - Original Message - From: Daniel Cotts To: 'Mahmood' ; Sent: Tuesday, June 11, 2002 7:17 PM Subject: RE: Access List Problem!! [7:46262] Break it into pieces. Deny the range of 192.168.32.0 to 192.168.32.31 Deny the range of 192.168.32.32 to 192.168.32.36 Deny the host 192.168.32.37 Since 192.168.32.0 is not a valid host address I see no problem with including it. -Original Message- From: Mahmood [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 11, 2002 10:02 AM To: [EMAIL PROTECTED] Subject: Access List Problem!! [7:46262] Hi, My question is taht : How Can I Deny this range: 192.168.32.1 to 192.168.32.37 ? Thanks in advance Mahmood Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46327t=46262 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Book on IPv6 [7:40515]
Hi, I am looking for a book on IPv6. Any suggestions? Thanks Hamid __ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40515t=40515 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP Question: Change of Feasible Distance (FD) - Please [7:39984]
But what if a route's metric changes, so that the minimum distance to the destination increases beyond the FD. In this case will the FD be updated or not? If the answer is yes, (as I assume it to be) why does Dyole say that because the route didn't become active the FD didn't change.(Chapter 8, before figure 8.15) Thanks, Hamid --- Steven A. Ridder wrote: The FD is the lowest distance a router has to a specific network. A router may have more than one path to said network, but the lowest distance is FD and it is entered into the routing table. More than one route to said network can still exist and it will be entered in the EIGRP topology table as a back-up route. Without reading of the examples, I am guesing that a route's metric in the EIGRP topology table has changed. Even if it goes lower than it was previously, if it's not lower than the FD (the route in the routing table) than the FD to that netwtork doesn't change. If it is lower, than it will change the FD as it will become the new FD. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Hamid Ali Asgari wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Studying EIGRP, I got to a question: When is the Feasible Distance (FD) for a destination updated. In Jeff Doyles Routing TCP/IP, chapter 8, it says that as a result of a local computation the following may occur: -If the feasible successor with the lowest distance is different from the existing successor, the feasible successor will become the successor. -If the new distance is lower than the FD, the FD will be updated. -If the new distance is different from the existing distance, updates will be sent to all neighbors. So I asume that as a result of a local computation the FD may be updated (reduced). Later in this chapter, before figure 8.15 it says: Because the distance to 10.1.7.0 has increased and the route did not become active, the FD is unchanged at Lilienthal. In EIGRP's White Paper on cisco's web site, after figure 3 it says: When the link between Routers One and Three goes down, Router One examines each path it knows to Network A and finds that it has a feasible successor through Router Four. Router One uses this route, using the metric through Router Four as the new feasible distance. In the book , Network Design and Case Studies by Cisco , Chapter 3 Designing Large Scale Ip netwoks, Subtitle : Enhanced EIGRP Convergence , It is mentioned that the FD can only change during an active-to-passive transition . I am totally confused about the FD and what triggers an update for it. I don't get it. Is a ROUTE ACTIVATION required for a FD update necessarily? If the router receives a better advertisement , and if the FD is lower , I feel FD can change during a local computation itself . Could any one explain? Thanks in advance, Hamid __ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39984t=39984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP Question: Change of Feasible Distance (FD) - Please [7:39953]
Hi, Studying EIGRP, I got to a question: When is the Feasible Distance (FD) for a destination updated. In Jeff Doyles Routing TCP/IP, chapter 8, it says that as a result of a local computation the following may occur: -If the feasible successor with the lowest distance is different from the existing successor, the feasible successor will become the successor. -If the new distance is lower than the FD, the FD will be updated. -If the new distance is different from the existing distance, updates will be sent to all neighbors. So I asume that as a result of a local computation the FD may be updated (reduced). Later in this chapter, before figure 8.15 it says: Because the distance to 10.1.7.0 has increased and the route did not become active, the FD is unchanged at Lilienthal. In EIGRP's White Paper on cisco's web site, after figure 3 it says: When the link between Routers One and Three goes down, Router One examines each path it knows to Network A and finds that it has a feasible successor through Router Four. Router One uses this route, using the metric through Router Four as the new feasible distance. In the book , Network Design and Case Studies by Cisco , Chapter 3 Designing Large Scale Ip netwoks, Subtitle : Enhanced EIGRP Convergence , It is mentioned that the FD can only change during an active-to-passive transition . I am totally confused about the FD and what triggers an update for it. I don't get it. Is a ROUTE ACTIVATION required for a FD update necessarily? If the router receives a better advertisement , and if the FD is lower , I feel FD can change during a local computation itself . Could any one explain? Thanks in advance, Hamid __ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39953t=39953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP Question: Change of Feasible Distance (FD) - Please [7:39978]
But what if a route's metric changes, so that the minimum distance to the destination increases beyond the FD. In this case will the FD be updated or not? If the answer is yes, (as I assume it to be) why does Dyole say that because the route didn't become active the FD didn't change.(Chapter 8, before figure 8.15) Thanks, Hamid --- Steven A. Ridder wrote: The FD is the lowest distance a router has to a specific network. A router may have more than one path to said network, but the lowest distance is FD and it is entered into the routing table. More than one route to said network can still exist and it will be entered in the EIGRP topology table as a back-up route. Without reading of the examples, I am guesing that a route's metric in the EIGRP topology table has changed. Even if it goes lower than it was previously, if it's not lower than the FD (the route in the routing table) than the FD to that netwtork doesn't change. If it is lower, than it will change the FD as it will become the new FD. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com Hamid Ali Asgari wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Studying EIGRP, I got to a question: When is the Feasible Distance (FD) for a destination updated. In Jeff Doyles Routing TCP/IP, chapter 8, it says that as a result of a local computation the following may occur: -If the feasible successor with the lowest distance is different from the existing successor, the feasible successor will become the successor. -If the new distance is lower than the FD, the FD will be updated. -If the new distance is different from the existing distance, updates will be sent to all neighbors. So I asume that as a result of a local computation the FD may be updated (reduced). Later in this chapter, before figure 8.15 it says: Because the distance to 10.1.7.0 has increased and the route did not become active, the FD is unchanged at Lilienthal. In EIGRP's White Paper on cisco's web site, after figure 3 it says: When the link between Routers One and Three goes down, Router One examines each path it knows to Network A and finds that it has a feasible successor through Router Four. Router One uses this route, using the metric through Router Four as the new feasible distance. In the book , Network Design and Case Studies by Cisco , Chapter 3 Designing Large Scale Ip netwoks, Subtitle : Enhanced EIGRP Convergence , It is mentioned that the FD can only change during an active-to-passive transition . I am totally confused about the FD and what triggers an update for it. I don't get it. Is a ROUTE ACTIVATION required for a FD update necessarily? If the router receives a better advertisement , and if the FD is lower , I feel FD can change during a local computation itself . Could any one explain? Thanks in advance, Hamid __ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39978t=39978 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FD change in EIGRP [7:39918]
Hi group, I was studying EIGRP on Jeff Doyle's Roting TCP/IP and came to a question: When is the FD for a destination updated and what triggeres the FD to be updated? In the followong scenario would FD change or not: In an EIGRP environment, a Router (RTC) has 2 feasible successors to network 10.1.7.0; RTA RTB. Currently RTA is the seccessor so RTC's FD to 10.1.7.0 is the locally calculated metric through RTA. RTA's link to 10.1.7.0 fails and RTB becomes the new successor. Now will the FD on RTC change (increase) or not? Any inputs will be appreciated, Hamid __ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39918t=39918 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FD change in EIGRP [7:39922]
I found the answer on EIGRP's white paper: Yes the FD will be updated. But on Jeff Doyle's Routing TCP/IP, chapter 8 before figure 8.15 it says that the FD will remain unchanged at Lilienthal: Because the distance to 10.1.7.0 has increased and the route did not become active, the FD is unchanged at Lilienthal. Can anybody explain why FD remain's unchanged? Thanks, Hamid __ Do You Yahoo!? Yahoo! Greetings - send holiday greetings for Easter, Passover http://greetings.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39922t=39922 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Strange Problem: Everything works fine but the Router can NOT [7:34170]
Hi group, I have a router which is the main gateway of my network. All the hosts on my network can successfully ping everywhere on the internet, but the ROUTER itself has always a success rate at 50%. Bellow is the ping result: Router#ping Protocol [ip]: Target IP address: 193.0.0.193 Repeat count [5]: 10 Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 10, 100-byte ICMP Echos to 193.0.0.193, timeout is 2 seconds: !.!.!.!.!. Success rate is 50 percent (5/10), round-trip min/avg/max = Same time my computer which is exactly behind the router can ping 193.0.0.193 without any errors. No routing protocol is running on the router and it's using simple static routes and all of its interfaces have VALID IP addresses. Any idea what the problem is ??? Thanks in advance, __ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34170t=34170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Limiting the number of VoIP calls on a per GATEWAY Basis [7:33266]
Hi group, I have a VoIP environment with 10 gateways. The calls are being routed between these gatewats and evrything is working fine. The problem is that I want to limit the number of calls on per gateway basis, that is for example gateway A should only have only 10 active calls from gateway B, leaving the remaining lines for the other gateways. Any idea how this could be done? Thanks, Hamid __ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33266t=33266 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Accounting / Authentication for Voice over IP [7:30581]
Hi group I am new to VoIP. I have configured two voice gateways in my lab adn they are working fine. It's a very simple scenario and the calls are originated from one and terminated on the other one. Currently, everyone who dials the phone number of the voice ports can dial a number and the gateways establish a call. My question is that how can I provide a way of authentocation / accounting (something like asking for a PIN number)? Any inputs would be welcome Thanks is advance, Hamid __ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30581t=30581 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Need Assitance on my Access-Server logs [7:26622]
Hi I have a Cisco 3660 access-server with 6 NM-16AMs. The problem is that my clients are being disconnected too frequently and sometimes their connect-speeds are very low (21600 bps). Here are some of my show command outputs: RamRam#show modem call stats 5 . (the results have been cut out) lostCarr dtrDrop rmtLink retrain Total 300707 863 0 Can everyone tell me what these resukts whould mean (especially DTRDROP and what would cause a DTR DROP)? I have asked for the Tel. lines to be tested and they said that they are OK. Are there any problems with modems or not? Any input would be appreciated. Thanks Hamid __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26622t=26622 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Avoiding IP conflicts in a MULTI-VLAN environment [7:16470]
Hi group I am setting up a network with some NT4 servers, a Catalyst 2948 switch , and a 7204 VXR router and some access servers. The network consists of 7 VLANs, and all the servers and routers are on multi-VLAN or TRUNK interfaces on the switch. The LAN consists of many computers with different operating systems such as UNIX, LINUX and Win2k. Lots of computers that will be connected to this LAN are laptops so I can't implement PORT SECURITY on the Catalyst. The problem is that I want to prevent my clients to make IP Conflicts in my network. Correct me if I am wrong, but someone had told me that when an IP conflict occurs , the computer with the greater ARP version wins (or something like that !), so the RED HAT 7.1 LINUX operating systems would take down my NT servers. Any ideas or soloutions how I could prevent these conflicts? Thanks in advance Hamid - Do You Yahoo!? Make international calls for as low as $0.04/minute with Yahoo! Messenger. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16470t=16470 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]